Page MenuHomePhabricator

Request access to data for citation usage research
Closed, ResolvedPublic


Michele Catasta

Access Group



SRE Clinic Duty Checklist for Access Requests

Most requirements are outlined on

This checklist should be used on all access requests to ensure that all steps are covered. This includes expansion to access. Please do not check off items on the list below unless you are in Ops and have confirmed the step.

  • - User has signed the L3 Acknowledgement of Wikimedia Server Access Responsibilities Document.
  • - User has a valid NDA on file with WMF legal. (This can be checked by Operations via the NDA tracking sheet & is included in all WMF Staff/Contractor hiring.)
  • - User has provided the following: wikitech username, preferred shell username, email address, and full reasoning for access (including what commands and/or tasks they expect to perform. :

pirroh is username on wikitech, will match it here. No actual review of what user will be doing other than link provided, so it is assumed that the requested analytics-privatedata-users will cover it.

  • - User has provided a public SSH key. This ssh key pair should only be used for WMF cluster access, and not share with any other service (this includes not sharing with WMCS access, no shared keys.)
  • - access request (or expansion) has sign off of WMF sponsor/manager (sponser for volunteers, manager for wmf staff)
  • - non-sudo requests: 3 business day wait must pass with no objections being noted on the task
  • - Patchset for access request

Event Timeline

leila triaged this task as High priority.Jul 2 2018, 9:22 PM
leila created this task.

@Miriam Please link to the task that captures the NDA request. Once all steps are done, please add Operations tag to this task and someone from SRE will pick it up to process it. If you have questions, just ping.

Thanks @leila and @Miriam!
I've completed all the steps in your checklist. In attachment you can find the public SSH key I've just generated exclusively for the Wikimedia servers.
My login name of choice is pirroh

leila updated the task description. (Show Details)

Thanks @Pirroh,
@RobH could you please add @Pirroh's key to the system?
Many thanks!

Please note this task was NOT filed in the proper manner, so it has not been picked up by Operations until I noticed it via ping.

All access requests should be tagged with SRE-Access-Requests and they will be triaged by the clinic duty person for the week. I've also added the checklists for the clinic duty person.

Also please note there is no no bastiononly group, its now a default that users get bastion access with shell access, thanks!

@Miriam & @Pirroh: We cannot add your key until all of the steps/requirements have been met, and at this time they have not.

Please note that I do not see any NDA confirmation for @Pirroh on the WMF legal NDA tracking sheet. Please note the NDA required is NOT on phabricator, but must be filed directly with WMF Legal. I see someone entered and checked off ' Researchers, the WMF, and the POC to Sign NDA and MOU' but I don't see any such confirmation on the google sheet.

We will need to either see the entry on the sheet (controlled by legal) or have @RStallman-legalteam confirm that @Pirroh has a valid NDA on file.

I can confirm that there is a valid NDA on file for Michele Catasta. This info is also on the sheet in the "research collaborators" tab. Thanks!

@DarTar could sign off here to give @Pirroh access to the data?
(See task description)

@RobH this is approved on my end. @Miriam is the official point of contact on this collaboration.

@RStallman-legalteam: the spreadsheet doesn't mention that Michele has a valid NDA on file, can you update it to reflect this?


My bad, Michele has a valid NDA in the sheet, see column I.

Change 445153 had a related patch set uploaded (by Muehlenhoff; owner: Muehlenhoff):
[operations/puppet@production] Add Michele Catasta to users

Change 445154 had a related patch set uploaded (by Muehlenhoff; owner: Muehlenhoff):
[operations/puppet@production] Add pirroh to analytics-privatedata-users

Thanks all. We have all the needed pieces together, once the three day waiting/objection period has passed (tomorrow), I'll merge the changes.

Change 445153 merged by Muehlenhoff:
[operations/puppet@production] Add Michele Catasta to users

Change 445351 had a related patch set uploaded (by Muehlenhoff; owner: Muehlenhoff):
[operations/puppet@production] Add pirroh to analytics-privatedata-users

Change 445351 merged by Muehlenhoff:
[operations/puppet@production] Add pirroh to analytics-privatedata-users

Change 445154 abandoned by Muehlenhoff:
Add pirroh to analytics-privatedata-users

@Pirroh: You should be able to login now, if you run into any issues best to ping the #wikimedia-operations IRC channel on Freenode or simply reopen this task.

@MoritzMuehlenhoff: I've accessed one of the analytics servers today (under the guidance of @Miriam) and everything seems to work perfectly -- thanks a lot!