Page MenuHomePhabricator

Requesting access to production shell for Denny Vrandecic
Closed, ResolvedPublic


Username: DVrandecic
Full name: Denny Vrandečić
Add to groups: analytics-privatedata-users

  • Wikitech username: dvrandecic
  • Preferred shell username: dvrandecic
  • Email address:
  • Ssh public key (must be dedicated key for wmf production): ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCiiWPaPdEGsyjzpM2nzJjH7Mu9vMCqdhKFcdpbHu/UeiXKhAwUdy6prPkLlSwO69KKr2DUGAwgPforDxSEJ9UdaWlXmmDkxNlYo9htryusAMwRJKPXB7VaRWogek/eIvBzI1H2KNTD1Zc0PEVcD+b0wdwlaJWpWo/X5vPVQl5utbmW7EOjqwl79kqv43O4dcH2RsT9+jjRdDMNRV9EfL2mLZ2ZvypqHafxLNUukZMCGaTD7ToFgvjpwcXtshOJVE438uvk74nVmgDlEgvLyHRE5rwcO/uJMR7mFDikVxo1j9zmg3So9ug5iqYzgzBhKOhIcFWxmmP199FiE2WVdMoBMMLIaeOoLZ4HXarwSATQGEuhNu2lt2uO/0ZBJa44yE14T6Wwdw/or/ux4TA3vrnK95SEuwSYiHnWyzzQAnUJpST6fR3RMDysRxIYIGQLdDlyi9Z9qs7k/vxwZ0wFPnvoI5eXDaAcxEO7Ncm9tMG2GmGL9utRuL4qSuUWzbfVW28=
  • Requested group membership: analytics-privatedata-users
  • Reason for access: Denny is a full time WMF employee that should have access to data infrastructure, he already has access to turnilo/superset
  • Name of approving party (hiring manager, for WMF staff): Tnegrin (Toby Negrin)
    • - User has signed the L3 Acknowledgement of Wikimedia Server Access Responsibilities Document.
    • - User has a valid NDA on file with WMF legal. (This can be checked by Operations via the NDA tracking sheet & is included in all WMF Staff/Contractor hiring.)
    • - User has provided the following: wikitech username, preferred shell username, email address, and full reasoning for access (including what commands and/or tasks they expect to perform).
    • - User has provided a public SSH key. This ssh key pair should only be used for WMF cluster access, and not shared with any other service (this includes not sharing with WMCS access, no shared keys.)
    • - access request (or expansion) has sign off of WMF sponsor/manager (sponsor for volunteers, manager for WMF staff)
    • - Patchset for access request

Event Timeline

Nuria updated the task description. (Show Details)
Nuria updated the task description. (Show Details)

FYi that @DVrandecic 's manager needs to approve this request , is this @dr0ptp4kt ?

herron added a subscriber: herron.

@Nuria could you please review and give a thumbs up/down on the request for analytics-privatedata-users membership?

@DVrandecic could you please review and sign the L3 document?

Once those two are complete we'll be ready to move on with the patchset. Thanks in advance!

@herron: approved on my end.

@DVrandecic please be so kind to read the quite important data access guidelines (to summarize: data cannot leave WMF premises)

Change 618243 had a related patch set uploaded (by Alexandros Kosiaris; owner: Alexandros Kosiaris):
[operations/puppet@production] admin: Add dvrandecic to analytics-privatedata-users

akosiaris added a subscriber: akosiaris.

@DVrandecic The patchset is ready to be merged, but we can't proceed without your signature on the L3 document. Could you please review and sign it? Thanks in advance!

akosiaris triaged this task as Medium priority.Aug 6 2020, 11:11 AM

I think L3 doc is signed now so we can proceeed?

Change 618243 merged by Vgutierrez:
[operations/puppet@production] admin: Add dvrandecic to analytics-privatedata-users

@DVrandecic will also need a kerberos password

Change 619325 had a related patch set uploaded (by Vgutierrez; owner: Vgutierrez):
[operations/puppet@production] admin: Set krb flag for dvrandecic

Change 619325 merged by Vgutierrez:
[operations/puppet@production] admin: Set krb flag for dvrandecic

@DVrandecic will also need a kerberos password

vgutierrez@krb1001:~$ sudo -i create dvrandecic
Principal successfully created. Make sure to update data.yaml in Puppet.
Successfully sent email to

done. has been merged as well.