Page MenuHomePhabricator

Requesting access to deployment for gengh
Closed, ResolvedPublicRequest


Requestor provided information and prerequisites

This section is to be completed by the individual requesting access.

  • Wikitech username: Genoveva Galarza (Shell username gengh)
  • Email address:
  • SSH public key (must be a separate key from Wikimedia cloud SSH access):
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG+gpsvUfDGDcdWnSuKxPPwZflAsuftXM25lb4TRDtfL
  • Requested group membership: deployment
  • Reason for access: preparing for Wikifunctions launch (T339936)
  • Name of approving party (manager for WMF/WMDE staff): @Jdforrester-WMF
  • Ensure you have signed the L3 Wikimedia Server Access Responsibilities document: ✅
  • Please coordinate obtaining a comment of approval on this task from the approving party.

SRE Clinic Duty Confirmation Checklist for Access Requests

This checklist should be used on all access requests to ensure that all steps are covered, including expansion to existing access. Please double check the step has been completed before checking it off.

This section is to be confirmed and completed by a member of the SRE team.

  • - User has signed the L3 Acknowledgement of Wikimedia Server Access Responsibilities Document.
  • - User has a valid NDA on file with WMF legal. (All WMF Staff/Contractor hiring are covered by NDA. Other users can be validated via the NDA tracking sheet)
  • - User has provided the following: wikitech username, email address, and full reasoning for access (including what commands and/or tasks they expect to perform)
  • - User has provided a public SSH key. This ssh key pair should only be used for WMF cluster access, and not shared with any other service (this includes not sharing with WMCS access, no shared keys.)
  • - The provided SSH key has been confirmed out of band and is verified not being used in WMCS.
  • - access request (or expansion) has sign off of WMF sponsor/manager (sponsor for volunteers, manager for wmf staff)
  • - access request (or expansion) has sign off of group approver indicated by the approval field in data.yaml

For additional details regarding access request requirements, please see

Event Timeline

@thcipriani Can I safely assume this already has your go ahead since the same user is listed on (T339936) and you already approved on that ticket?

Change 934389 had a related patch set uploaded (by AOkoth; author: AOkoth):

[operations/puppet@production] admin: add new member to deployment group

@thcipriani Never mind. I had not noticed that this is a subtask. :)

Change 934389 merged by AOkoth:

[operations/puppet@production] admin: add gengh to deployment group

@gengh This should be all good now. Merged in gerrit and puppet too.

Dzahn subscribed.

Wanna try it out?

Optimistically resolving it. If you run into any problems with this, just comment / reopen the ticket. Thank you!

@Arnoldokoth: I'd say in such cases it makes more sense if you resolved and ask folks to reopen if something is wrong. Time and attention are limited. Thanks! :)