Page MenuHomePhabricator
Create Task
Maniphest T347979

Remove wmcs-admin access from production cumin hosts
Open, Stalled, LowPublic
Actions

Description

Now that cloudcumin hosts are available, we should remove the wmcs-admin group from hieradata/role/common/cluster/management.yaml.

Before we want to make sure the members of that group can use cloudcumins to run the same commands they can now run from production cumin hosts: T347977: cloudcumin: allow wmcs-admin to run wikireplicas cookbooks and scripts.

Another reason why members of wmcs-admin might need to SSH to production cumin hosts is to downtime alerts through the alertmanager API. So we should also complete T347490: [wmcs-cookbooks] Downtime alerts from cloudcumins before this task can be started.

Related Objects
Search...

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL