Page MenuHomePhabricator
Create Task
Maniphest T185493

Onboard bstorm to WMF
Closed, ResolvedPublic1 Estimated Story Points
Actions

Description

We have a running doc here: https://www.mediawiki.org/wiki/Wikimedia_Cloud_Services_team/Onboarding_Brooke

[ongoing / incomplete] list of things remaining:

Details

SubjectRepoBranchLines +/-
icinga: Add MST to timeperiods.cfg for monitoringoperations/puppetproduction+24 -0
onboarding: Add bstorm to sms contact groupoperations/puppetproduction+1 -1
onboarding: Add Bstorm as prod icinga contactoperations/puppetproduction+5 -5
Add bstorm to cloud-wide rootlabs/privatemaster+2 -0
cloud: add bstorm to shinken instanceoperations/puppetproduction+10 -3
Customize query in gerrit

Related Objects
Search...

StatusSubtypeAssignedTask
 Resolved BstormT185493 Onboard bstorm to WMF
 ResolvedRequest madhuvishyT185591 Requesting access to ops group in admin for bstorm

Event Timeline

There are a very large number of changes, so older changes are hidden. Show Older Changes
chasemp updated the task description. (Show Details)Jan 22 2018, 10:41 PM
Bstorm updated the task description. (Show Details)Jan 22 2018, 10:41 PM
chasemp updated the task description. (Show Details)Jan 22 2018, 11:03 PM
chasemp updated the task description. (Show Details)Jan 22 2018, 11:07 PM
chasemp updated the task description. (Show Details)Jan 22 2018, 11:09 PM
Bstorm updated the task description. (Show Details)Jan 23 2018, 12:16 AM
bd808 subscribed.Jan 23 2018, 1:36 AM
bd808 added a comment.Jan 23 2018, 1:56 AM
chasemp updated the task description. (Show Details)Jan 23 2018, 1:53 PM
chasemp updated the task description. (Show Details)Jan 23 2018, 3:21 PM
gerritbot subscribed.Jan 23 2018, 3:26 PM

Change 405886 had a related patch set uploaded (by Rush; owner: cpettet):
[operations/puppet@production] cloud: add bstorm to shinken instance

https://gerrit.wikimedia.org/r/405886

gerritbot added a project: Patch-For-Review.Jan 23 2018, 3:26 PM
gerritbot added a comment.Jan 23 2018, 3:30 PM

Change 405886 merged by Rush:
[operations/puppet@production] cloud: add bstorm to shinken instance

https://gerrit.wikimedia.org/r/405886

chasemp updated the task description. (Show Details)Jan 23 2018, 3:34 PM
chasemp updated the task description. (Show Details)
chasemp added a comment.Jan 23 2018, 3:39 PM

@Bstorm for Add to cloud-wide root you can put up a patchset to this file modules/passwords/templates/root-authorized-keys.erb in this repo https://gerrit.wikimedia.org/r/#/admin/projects/labs/private as a gerrit test :)

chasemp updated the task description. (Show Details)Jan 23 2018, 3:41 PM
chasemp updated the task description. (Show Details)
Bstorm updated the task description. (Show Details)Jan 23 2018, 3:48 PM
Bstorm updated the task description. (Show Details)Jan 23 2018, 3:53 PM
Bstorm updated the task description. (Show Details)Jan 23 2018, 3:56 PM
Bstorm updated the task description. (Show Details)Jan 23 2018, 3:59 PM
chasemp updated the task description. (Show Details)Jan 23 2018, 4:11 PM
chasemp updated the task description. (Show Details)Jan 23 2018, 4:13 PM
Bstorm updated the task description. (Show Details)Jan 23 2018, 5:38 PM
Bstorm updated the task description. (Show Details)Jan 23 2018, 6:30 PM
Dzahn updated the task description. (Show Details)Jan 23 2018, 7:01 PM
Dzahn subscribed.Jan 23 2018, 7:24 PM
  • subscribed to ops mailing list, invited to private mailing list
madhuvishy mentioned this in T185591: Requesting access to ops group in admin for bstorm.Jan 23 2018, 7:37 PM
madhuvishy updated the task description. (Show Details)Jan 23 2018, 7:41 PM
madhuvishy updated the task description. (Show Details)Jan 23 2018, 7:43 PM
madhuvishy added a subtask: T185591: Requesting access to ops group in admin for bstorm.Jan 23 2018, 7:46 PM
Bstorm updated the task description. (Show Details)Jan 23 2018, 8:13 PM
chasemp awarded a token.Jan 23 2018, 8:37 PM
Paladox subscribed.Jan 24 2018, 2:53 PM
chasemp added a subscriber: Andrew.Jan 29 2018, 9:11 PM

@Andrew when you have a chance can you do whatever cloud admin portion exists on wikitech please?

Dzahn added a comment.Jan 29 2018, 9:31 PM

@Bstorm feel free to ping me about the Icinga contact part, happy to do it together or show you where to do it self-service. you can pick your own phone number, time zone etc and also use it as the example "ops/puppet" change to confirm you have +2 and can merge.

Andrew added a comment.Jan 29 2018, 10:59 PM
In T185493#3929231, @chasemp wrote:

@Andrew when you have a chance can you do whatever cloud admin portion exists on wikitech please?

Done!

Dzahn changed the status of subtask T185591: Requesting access to ops group in admin for bstorm from Open to Stalled.Jan 30 2018, 12:35 AM
Bstorm added a comment.Jan 30 2018, 12:50 AM
In T185493#3929298, @Dzahn wrote:

@Bstorm feel free to ping me about the Icinga contact part, happy to do it together or show you where to do it self-service. you can pick your own phone number, time zone etc and also use it as the example "ops/puppet" change to confirm you have +2 and can merge.

Thanks!

chasemp updated the task description. (Show Details)Jan 30 2018, 3:58 PM
gerritbot added a comment.Jan 30 2018, 6:00 PM

Change 406842 had a related patch set uploaded (by Bstorm; owner: Bstorm):
[labs/private@master] Add bstorm to cloud-wide root

https://gerrit.wikimedia.org/r/406842

gerritbot added a comment.Jan 30 2018, 6:26 PM

Change 406842 merged by Rush:
[labs/private@master] Add bstorm to cloud-wide root

https://gerrit.wikimedia.org/r/406842

chasemp updated the task description. (Show Details)Jan 30 2018, 7:51 PM
chasemp updated the task description. (Show Details)Jan 31 2018, 10:59 PM
Dzahn added a comment.Jan 31 2018, 11:51 PM

racktables not worth it anymore? almost replaced by netbox. Netbox access should automatically come with the LDAP groups. (https://netbox.wikimedia.org/login/?next=/)

chasemp added a comment.Feb 1 2018, 3:55 PM
In T185493#3935805, @Dzahn wrote:

racktables not worth it anymore? almost replaced by netbox. Netbox access should automatically come with the LDAP groups. (https://netbox.wikimedia.org/login/?next=/)

I would still like to grant access when the general approval for root come in on the grounds that until it's actually gone who knows what the timeline for racktables will be.

Dzahn added a subscriber: RobH.Feb 1 2018, 3:56 PM

@RobH could you do the racktables part? ^

RobH updated the task description. (Show Details)Feb 1 2018, 4:00 PM

Emailed it to her just now to update and change once she logs in.

Bstorm added a comment.Feb 1 2018, 5:02 PM

I'm in racktables! :)

Dzahn changed the status of subtask T185591: Requesting access to ops group in admin for bstorm from Stalled to Open.Feb 5 2018, 5:56 PM
madhuvishy closed subtask T185591: Requesting access to ops group in admin for bstorm as Resolved.Feb 5 2018, 6:27 PM
madhuvishy updated the task description. (Show Details)
Stashbot subscribed.Feb 5 2018, 6:31 PM

Mentioned in SAL (#wikimedia-operations) [2018-02-05T18:31:08Z] <mutante> added bstorm to the 'wmf' and 'ops' LDAP groups (modify-ldap-groups on terbium) (T185493)

madhuvishy updated the task description. (Show Details)Feb 5 2018, 6:32 PM
Stashbot added a comment.Feb 5 2018, 6:37 PM

Mentioned in SAL (#wikimedia-operations) [2018-02-05T18:37:09Z] <mutante> added bstorm to acl*operations-team (project 29) on Phabricator (T185493)

Dzahn updated the task description. (Show Details)Feb 5 2018, 6:37 PM
gerritbot added a comment.Feb 5 2018, 6:41 PM

Change 408327 had a related patch set uploaded (by Madhuvishy; owner: Madhuvishy):
[operations/puppet@production] onboarding: Add Bstorm as prod icinga contact

https://gerrit.wikimedia.org/r/408327

gerritbot added a comment.Feb 5 2018, 6:43 PM

Change 408328 had a related patch set uploaded (by Madhuvishy; owner: Madhuvishy):
[operations/puppet@production] onboarding: Add bstorm to sms contact group

https://gerrit.wikimedia.org/r/408328

gerritbot added a comment.Feb 5 2018, 7:05 PM

Change 408327 merged by Madhuvishy:
[operations/puppet@production] onboarding: Add Bstorm as prod icinga contact

https://gerrit.wikimedia.org/r/408327

gerritbot added a comment.Feb 5 2018, 7:11 PM

Change 408328 merged by Bstorm:
[operations/puppet@production] onboarding: Add bstorm to sms contact group

https://gerrit.wikimedia.org/r/408328

madhuvishy updated the task description. (Show Details)Feb 5 2018, 7:22 PM
chasemp updated the task description. (Show Details)Feb 5 2018, 7:44 PM
chasemp updated the task description. (Show Details)
chasemp updated the task description. (Show Details)
chasemp set the point value for this task to 1.Feb 5 2018, 8:08 PM
chasemp added a comment.Feb 5 2018, 10:01 PM

I see a PGP key for bstorm@wikimedia.org. Let's sign during teh team meeting and f2f tomorrow :)

gerritbot added a comment.Feb 5 2018, 10:48 PM

Change 408445 had a related patch set uploaded (by Bstorm; owner: Bstorm):
[operations/puppet@production] Add MST to timeperiods.cfg for monitoring

https://gerrit.wikimedia.org/r/408445

gerritbot added a comment.Feb 5 2018, 11:02 PM

Change 408445 merged by Bstorm:
[operations/puppet@production] icinga: Add MST to timeperiods.cfg for monitoring

https://gerrit.wikimedia.org/r/408445

chasemp added a subscriber: MoritzMuehlenhoff.Feb 6 2018, 8:04 PM

@MoritzMuehlenhoff when you get a chance can you help @Bstorm get setup with pwstore? She has a key in the public registery and confirmed during a hangout today for me it was the correct key.

Dzahn added a comment.Feb 6 2018, 8:33 PM

@chasemp Adding the key to pwstore requires that it has at least 2 signatures on it. Since you already confirmed the key during hangout, could you add one of those? Like sign the key and then upload the signed version to keyserver? Then it should show signatures with gpg --list-sigs 2051251AF5172F75 I could then do the second one.

Dzahn added a comment.Feb 6 2018, 8:49 PM

get key:

gpg --search-keys bstorm@wikimedia.org
gpg --recv-keys 2051251AF5172F75

show fingerprint: (verified against a file on bast1001 that Brooke uploaded)
gpg --list-fingerprint 2051251AF5172F75

signed key:
gpg --sign-key 2051251AF5172F75

uploaded key:
gpg --send-keys 2051251AF5172F75
gpg: sending key 2051251AF5172F75 to hkps://hkps.pool.sks-keyservers.net
gpg --keyserver pgp.mit.edu --send-keys 2051251AF5172F75
gpg: sending key 2051251AF5172F75 to hkp://pgp.mit.edu

show signatures:

gpg --list-sigs 2051251AF5172F75

pub   rsa4096 2018-01-29 [SC] [expires: 2022-01-29]
      117337F5D48C4CFF8909CD9C2051251AF5172F75
uid           [ unknown] Brooke Storm <bstorm@wikimedia.org>
sig 3        2051251AF5172F75 2018-01-29  Brooke Storm <bstorm@wikimedia.org>
sig          37E9B5C6F5F6A067 2018-02-06  Daniel Zahn (WMF) <dzahn@wikimedia.org>
sub   rsa4096 2018-01-29 [E] [expires: 2022-01-29]
sig          2051251AF5172F75 2018-01-29  Brooke Storm <bstorm@wikimedia.org>
chasemp added a comment.Feb 6 2018, 9:44 PM
In T185493#3950325, @Dzahn wrote:

@chasemp Adding the key to pwstore requires that it has at least 2 signatures on it. Since you already confirmed the key during hangout, could you add one of those? Like sign the key and then upload the signed version to keyserver? Then it should show signatures with gpg --list-sigs 2051251AF5172F75 I could then do the second one.

Apologies, I thought I had already :D Should be gtg now?

Dzahn added a comment.Feb 6 2018, 10:15 PM

I can't see your signature yet. I tried my default keyserver (hkps://hkps.pool.sks-keyservers.net) and pgp.mit.edu. Depending on which keyserver you used it might just take a while until they have synced.

Bstorm added a comment.Feb 6 2018, 10:46 PM

It's on there, now.

Dzahn added a comment.Feb 7 2018, 12:14 AM

Confirmed i saw the new signature now.

I added bstorm to the .users file and then gpg --clearsign'ed the .users file

Then i re-encrypted all (ops) files with pws.rb rc $file and a bash loop.

You should be able to use pwstore now.

Dzahn closed this task as Resolved.Feb 7 2018, 12:18 AM
Dzahn updated the task description. (Show Details)

Looks like we are all done. If there are any issues or things missing, please just reopen it.

chasemp updated the task description. (Show Details)Feb 23 2018, 7:34 PM
chasemp updated the task description. (Show Details)Mar 13 2018, 2:04 PM
Bstorm updated the task description. (Show Details)Mar 13 2018, 4:39 PM
bd808 moved this task from Doing to Done on the cloud-services-team (Kanban) board.Mar 19 2018, 9:46 PM
Andrew mentioned this in T203489: Onboard gtirloni to WMF.Sep 4 2018, 5:35 PM
bd808 mentioned this in T224192: Onboard jhedden to Wikimedia Foundation as SRE in Cloud Services.May 22 2019, 10:27 PM
bd808 mentioned this in T228942: Onboard Hieu Pham to Wikimedia Foundation as SRE in Cloud Services.Jul 24 2019, 9:43 PM
Maintenance_bot removed a project: Patch-For-Review.Jul 24 2019, 10:10 PM
bd808 mentioned this in T255220: Onboard Nicholas Skaggs as Engineering Manager in Cloud Services.Jun 12 2020, 12:25 AM
nskaggs mentioned this in T266068: Onboard David Caro to Wikimedia Foundation as SRE in Cloud Services.Oct 20 2020, 8:18 PM
nskaggs mentioned this in T287287: Onboard Michael DiPietro to Wikimedia Foundation as SRE in Cloud Services.Jul 23 2021, 8:25 PM
nskaggs mentioned this in T294663: Onboard Raymond Olisaemeka to Wikimedia Foundation as SWE in Cloud Services.Oct 29 2021, 7:04 PM
nskaggs mentioned this in T295404: Onboard Slavina Stefanova as a SWE in Cloud Services.Jul 7 2022, 9:29 PM
nskaggs mentioned this in T312597: Onboard Francesco Negri as a SRE in Cloud Services.Jul 7 2022, 9:32 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL