RelEng is working on a new deployment system, initially focusing on RESTBase T102667: Create or improve the RESTBase deploy method. This is a team goal for the next quarter. It will be good to move away from the current split method of using trebuchet + ansible. Additionally, it's a complex deployment that should utilize many of the new features we want to develop.
This task exists to solicit feedback, especially from the SRE team regarding our plan to use SSH for the control channel. We evaluated a lot of options and the least controversial choice seems to be ssh. Salt could work but in it's current state we don't feel that it is reliable enough to depend on for this mission critical system.
SSH is currently used for MediaWiki deploy triggering and remote execution (scap)—the overhead of SSH is not currently a pain-point for MediaWiki deploys.
Using SSH for a RESTBase deploy will likely require some sudoers tweaks.
Before work is started on the new deployment tool, I want to make sure moving away from a salt-backed deploy towards an ssh-backed deploy doesn't interfere with any long-term ops plans.