| • nray | |
| Jul 20 2018, 8:14 PM |
| F23931558: Screen Shot 2018-07-20 at 2.42.38 PM.png | |
| Jul 20 2018, 8:44 PM |
Hello,
I (Nicholas Ray) am a new software engineer for the Reader's Web team. Would it be possible to be placed in the ldap/wmf group?
My wikitech user is nray and, as far as I know, I do not currently have shell access. Please let me know if you need anything else!
| Subject | Repo | Branch | Lines +/- | |
|---|---|---|---|---|
| adding Nicholas Ray to ldap users section | operations/puppet | production | +5 -1 |
That doesn't need ldap access
Have you created an account on wikitech and then logged into gerrit with you?
Yes, I have created a wikitech account (username: nray) and logged into gerrit with it, but I can only +1, not +2.
I believe the following is where I would do the majority of work:
https://gerrit.wikimedia.org/r/#/admin/projects/mediawiki/skins/MinervaNeue
https://gerrit.wikimedia.org/r/#/admin/projects/mediawiki/extensions/MobileFrontend
https://gerrit.wikimedia.org/r/#/admin/projects/mediawiki/extensions/Popups
Hi @nray (and welcome!): This makes me wonder what made you think that CR+2 is related to being in the ldap/wmf group. :) If there is some document that you followed it would be great if you could point that out so it can be corrected.
(And https://www.mediawiki.org/wiki/Gerrit/%2B2 does not explain how to potentially get CR+2 rights in Gerrit. Meh.)
That page does indeed (implicitly) tell Nick to make this request:
For a list of people with +2 rights across mediawiki/*, see https://gerrit.wikimedia.org/r/#/admin/groups/11,members and the wmf LDAP group. There are people outside this list with +2 rights to specific repositories used on Wikimedia sites.
ldap/wmf unfortunately does include some code review privileges but is massively overkill for someone who just wants the code review parts.
I'm not really sure why this has come up on this ticket, but this should be an extremely straightforward process. New WMF employees who are engineers are typically added to the wmf ldap group. For example, T199493.
Yes, ldap/wmf grants +2 in multiple repositories, including mediawiki/*. That has its own ticket, but as it stands, that's the current policy.
I assume that by Monday someone from ops will be able to fullfill this request.
First, hi and thank you @Aklapper :) I am following a google doc that is (mostly) copied from https://www.mediawiki.org/wiki/Reading/Web/Team/Onboarding. In it, it says:
"Set up your LDAP account (used for Wikitech and Gerrit) following How to become a MediaWiki hacker instructions. Commonly, the username you use is your internet handle (i.e., not a (WMF) username), but you will want to use your @wikimedia.org email address for the email address to receive Gerrit email notifications. Also, request access to the group ldap/wmf, adding your manager to the access request task and emailing your manager with this task's URL to notify about needing approval for this ID if you are a software engineer; this LDAP group gives you more code review approval rights in the system."
I assumed that "code review approval rights" meant the ability to +2. I should clarify that there may be other things that I need that are part of the wmf ldap group. My on-boarding doc also instructs me to request access to these things:
Does the ldap/wmf relate to any of those?
Thanks everyone!
Yes I think ldap/wmf lets you into logstash which will give you access to various logs.
Change 447475 had a related patch set uploaded (by RobH; owner: RobH):
[operations/puppet@production] adding Nicholas Ray to ldap users section
Change 447475 merged by RobH:
[operations/puppet@production] adding Nicholas Ray to ldap users section
@nray: Please note that I've gone ahead and added you to the ldap/wmf group. This will give you some rights (as others have outlined above) but may not give you all the repo rights you intended.
The ldap/wmf group lets you login to the web interfaces of a number of services. However, it does NOT include shell access (to ssh into servers). That requires a bit more setup, and an SRE-Access-Requests task. (For info on how to file these, please see https://wikitech.wikimedia.org/wiki/SRE_Team_requests#Access_requests)
For now though, this specific request to be added to ldap/wmf group has been granted, and I'm resolving this task.