Page MenuHomePhabricator
Create Task
Maniphest T330364

Requesting access to analytics-privatedata-users for Bruno Scarone
Closed, ResolvedPublic
Actions

Description

(If the history of access request for Bruno is helpful, please refer to T310021.)

Requestor provided information and prerequisites

This section is to be completed by the individual requesting access.

  • Wikitech username: Bruno Scarone
  • Email address: scarone.b@northeastern.edu
  • SSH public key (must be a separate key from Wikimedia cloud SSH access): ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIElXAh+NueiIvNo55Qv8+Mm4GVx7A7KiOSdMiS/AIX6J scarone.b@northeastern.edu
  • Requested group membership: analytics-privatedata-users
  • Reason for access: research intern with Research (for search research) who will work on Research:Understanding search behavior of users (Note: Bruno has signed a Contractor Confidentiality agreement)
  • Name of approving party (manager for WMF): @leila
  • Ensure you have signed the L3 Wikimedia Server Access Responsibilities document: I have read and signed the L3 document.
  • Please coordinate obtaining a comment of approval on this task from the approving party.

SRE Clinic Duty Confirmation Checklist for Access Requests

This checklist should be used on all access requests to ensure that all steps are covered, including expansion to existing access. Please double check the step has been completed before checking it off.

This section is to be confirmed and completed by a member of the SRE team.

  • - User has signed the L3 Acknowledgement of Wikimedia Server Access Responsibilities Document.
  • - User has a valid NDA on file with WMF legal. (All WMF Staff/Contractor hiring are covered by NDA. Other users can be validated via the NDA tracking sheet)
  • - User has provided the following: wikitech username, email address, and full reasoning for access (including what commands and/or tasks they expect to perform)
  • - User has provided a public SSH key. This ssh key pair should only be used for WMF cluster access, and not shared with any other service (this includes not sharing with WMCS access, no shared keys.)
  • - access request (or expansion) has sign off of WMF sponsor/manager (sponsor for volunteers, manager for wmf staff)
  • - access request (or expansion) has sign off of group approver indicated by the approval field in data.yaml

For additional details regarding access request requirements, please see https://wikitech.wikimedia.org/wiki/Requesting_shell_access

Details

SubjectRepoBranchLines +/-
Readd email address for reactivated bscarone accountoperations/puppetproduction+1 -0
Access to analytics-privatedata-users for bscaroneoperations/puppetproduction+9 -6
Customize query in gerrit

Related Objects

Event Timeline

leila created this task.Feb 23 2023, 1:13 AM
leila added a project: SRE-Access-Requests.Feb 23 2023, 2:04 AM

This request is approved on my end.
The access expiry date (in-line with the contract expiry date) is June 30, 2023.

Thanks for your work on this in advance and please let me know if you need anything else from Bruno or myself.

Maintenance_bot added a project: SRE.Feb 23 2023, 2:29 AM
SLyngshede-WMF triaged this task as Medium priority.Feb 24 2023, 8:36 AM
SLyngshede-WMF updated the task description. (Show Details)
gerritbot added a comment.Feb 24 2023, 8:38 AM

Change 891798 had a related patch set uploaded (by Slyngshede; author: Slyngshede):

[operations/puppet@production] Access to analytics-privatedata-users for bscarone

https://gerrit.wikimedia.org/r/891798

gerritbot added a project: Patch-For-Review.Feb 24 2023, 8:38 AM
SLyngshede-WMF added subscribers: odimitrijevic, Ottomata, SLyngshede-WMF.Feb 24 2023, 8:49 AM

Approval required by: @Ottomata or @odimitrijevic

SLyngshede-WMF added a subscriber: KFrancis.Feb 24 2023, 8:54 AM

@KFrancis Given that this is a reactivation of an account, I would assume that Bruno at some point signed an NDA, but I don't see it in the NDA tracking sheet.

MoritzMuehlenhoff subscribed.Feb 24 2023, 10:05 AM
In T330364#8643473, @SLyngshede-WMF wrote:

@KFrancis Given that this is a reactivation of an account, I would assume that Bruno at some point signed an NDA, but I don't see it in the NDA tracking sheet.

Not needed, Bruno is working as a contractor until end of June, these are not tracked in the NDA tracking sheet (only for volunteers with an NDA and researchers with a MOU).

SLyngshede-WMF updated the task description. (Show Details)Feb 24 2023, 10:08 AM
Ottomata added a comment.Feb 24 2023, 3:02 PM

Approved.

gerritbot added a comment.Feb 27 2023, 7:57 AM

Change 891798 merged by Muehlenhoff:

[operations/puppet@production] Access to analytics-privatedata-users for bscarone

https://gerrit.wikimedia.org/r/891798

gerritbot added a comment.Feb 27 2023, 8:05 AM

Change 892355 had a related patch set uploaded (by Muehlenhoff; author: Muehlenhoff):

[operations/puppet@production] Readd email address for reactivated bscarone account

https://gerrit.wikimedia.org/r/892355

gerritbot added a comment.Feb 27 2023, 8:36 AM

Change 892355 merged by Muehlenhoff:

[operations/puppet@production] Readd email address for reactivated bscarone account

https://gerrit.wikimedia.org/r/892355

MoritzMuehlenhoff closed this task as Resolved.Feb 27 2023, 8:45 AM
MoritzMuehlenhoff claimed this task.

@bscarone I have activated your access. You should have also gotten an email with instructions how to setup your Kerberos account. If you run into any issue, please just reopen the task.

Maintenance_bot removed a project: Patch-For-Review.Feb 27 2023, 9:10 AM
bscarone added a comment.Feb 27 2023, 6:56 PM

Thanks @MoritzMuehlenhoff, I am not being able to log in to JupyterHub, who should I contact regarding this issue?

Urbanecm reopened this task as Open.Feb 27 2023, 6:58 PM
Urbanecm subscribed.

According to LDAP tool, this is missing the nda LDAP group, which is required for JupyterHub logins.

KFrancis added a comment.Feb 27 2023, 7:02 PM
In T330364#8643699, @MoritzMuehlenhoff wrote:
In T330364#8643473, @SLyngshede-WMF wrote:

@KFrancis Given that this is a reactivation of an account, I would assume that Bruno at some point signed an NDA, but I don't see it in the NDA tracking sheet.

Not needed, Bruno is working as a contractor until end of June, these are not tracked in the NDA tracking sheet (only for volunteers with an NDA and researchers with a MOU).

Thanks for your response! If you haven't done so already, please proceed with the request.

MoritzMuehlenhoff added a comment.Feb 27 2023, 7:16 PM
In T330364#8650188, @Urbanecm wrote:

According to LDAP tool, this is missing the nda LDAP group, which is required for JupyterHub logins.

@bscarone I've just added you to the cn=nda LDAP group, please try again.

bscarone added a comment.Feb 27 2023, 7:18 PM

@MoritzMuehlenhoff works now, thanks for the quick response!

MoritzMuehlenhoff closed this task as Resolved.Feb 27 2023, 10:35 PM

Great :-) Closing the task, then.

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL