When a tool is created we have a service that runs on labstore1001 that creates a mysql user/pass combination and writes it to a file within the tools home directory.
This has a lot of downsides at the moment:
- It can be a real pain figuring out when it hasn't worked for a user. We essentially rely on users telling us when our own job has failed and then there is a manual process for fixup. (https://phabricator.wikimedia.org/search/query/c1Q_IyHJcLyt/#R)
- This job is detached from tool creation or any user insight. It runs every 5m trying to figure out what it should do. The lack of visibility leaves tool owners and volunteers without debug options and fixup has to wait for a member of ops who understands the setup.
- We grant access universally (when it works!) leaving lots of unused / abandoned accounts in the wild.
- This does not lend itself to credential rotation ever.
Striker (http://striker.wmflabs.org/) is a Tools management interface spearheaded by @bd808 to make targeted aspects of Tools more friendly for users (T136256). I think it may make sense for this interface to include credential management logic for the replicas and any user accessible DB's for tool consumption.
Thoughts on why:
- We already expect users of Tools to need to use this application
- From what I can tell it is meant to be modular in a way that facilitates integration of this nature
- It would be in every way superior to our current process if it gave users any information at all beyond "it's there or it's not"