In order to test changes to the phabricator puppet classes and deployment repo scap configuration (now and going forward), we'll need a fully functioning scap3 deployment for phabricator in devtools.
See the scap3 documentation for setting up ssh access via puppet.
| Status | Subtype | Assigned | Task | ||
|---|---|---|---|---|---|
| Resolved | Dzahn | T280597 move phabricator to new hardware generation | |||
| Resolved | brennen | T313259 Deploy Phabricator with scap | |||
| Resolved | • dduvall | T314195 Configure keyholder on devtools deploy host for phabricator deployment |
Change 819193 had a related patch set uploaded (by Dduvall; author: Dduvall):
[operations/puppet@production] devtools: Configure keyholder for scap3 deployment of phabricator
Change 819194 had a related patch set uploaded (by Dduvall; author: Dduvall):
[phabricator/deployment@wmf/stable] Add scap.cfg section for devtools environment
Change 819194 merged by Brennen Bearnes:
[phabricator/deployment@wmf/stable] Add scap.cfg section for devtools environment
Change 819193 merged by Dzahn:
[operations/puppet@production] devtools: Configure keyholder for scap3 deployment of phabricator
Change 820220 had a related patch set uploaded (by Dduvall; author: Dduvall):
[operations/puppet@production] devtools: Allow for scap deployment of scap
Change 820221 had a related patch set uploaded (by Dduvall; author: Dduvall):
[labs/private@master] scap: Provide a working SSH key pair for the scap keyholder agent
Change 820220 merged by Dzahn:
[operations/puppet@production] devtools: Allow for scap deployment of scap
Change 820221 merged by Dzahn:
[labs/private@master] scap: Provide a working SSH key pair for the scap keyholder agent
@dduvall In the merged change above I amended to adjust the key comment (from root@puppetmaster-1001 to /etc/keyholder.d/scap). That is to match how it's done for the real secret and I think keyholder does rely on the key comments (or at least it once did, so just in case).
Related commit f1ae5aab pushed by brennen (author: Dan Duvall):
[ repos/phabricator/deployment@wmf/stable ] Add scap.cfg section for devtools environment