move icinga contacts file to public repo
Open, LowPublic

Description

i'd like to suggest we move the Icinga contacts.cfg file from the private to the public repo.

reasons:

  • It's always been confusing that contacts are in private repo while contactgroups are in public repo. you really need to know this to find your way around adding new people and groups
  • Users always need a root to create new contacts for them and can't just upload changes to Gerrit themselves.
  • Users can't easily check which notification options, timezones and email address is configured for them and can't upload changes like "change my timezone while travelling".
  • The only reason we put it in private repo are the phone numbers in there and those should simply be treated like passwords.

So what i would do is move contacts.cfg to a template in public repo while replacing the actual phone numbers with variables, just like we do for any config file that includes passwords / secrets.

The part that would become public that was not public before is email addresses, timezones for notifications and notification options (who gets email and who gets sms and email).


I mailed the ops list to see if we have any objections. There was response that we should also treat non-wikimedia.org email addresses as secrets. (or all?).

Dzahn created this task.May 2 2017, 1:13 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMay 2 2017, 1:13 AM
Dzahn updated the task description. (Show Details)May 2 2017, 1:14 AM
Dzahn added a project: Icinga.
Dzahn added a subscriber: RobH.
RobH awarded a token.May 2 2017, 1:47 AM
Paladox added a subscriber: Paladox.May 2 2017, 6:27 AM

Assigning to Daniel, since he's working on that already.

Change 391980 had a related patch set uploaded (by Dzahn; owner: Dzahn):
[operations/puppet@production] icinga: test creating individual contact secrets

https://gerrit.wikimedia.org/r/391980

Dzahn triaged this task as Low priority.Oct 23 2018, 7:21 PM
Dzahn removed Dzahn as the assignee of this task.Thu, Dec 6, 11:45 PM

Change 391980 abandoned by Dzahn:
icinga: test creating individual contact secrets

https://gerrit.wikimedia.org/r/391980

Change 478118 had a related patch set uploaded (by Dzahn; owner: Dzahn):
[operations/puppet@production] nagios_common: remove commented section about contacts test file

https://gerrit.wikimedia.org/r/478118

Dzahn edited projects, added monitoring; removed Patch-For-Review.Thu, Dec 6, 11:48 PM

Change 478118 merged by Dzahn:
[operations/puppet@production] nagios_common: remove commented section about contacts test file

https://gerrit.wikimedia.org/r/478118