Page MenuHomePhabricator
Create Task
Maniphest T360634

Bitu not importing key changes directly in LDAP
Closed, ResolvedPublicBUG REPORT
Actions

Description

Steps to replicate the issue (include links if applicable):

What happens?:
Newly added key is missing.

What should have happened instead?:
Newly added key shows up.

Software version (skip for WMF-hosted wikis like Wikipedia):

Other information (browser name/version, screenshots, etc.):

Details

Related Changes in Gerrit:
SubjectRepoBranchLines +/-
Keymanagement: Bypass job queue for ssh key operations.operations/software/bitumaster+1 -1
Let Bitu be a little more aggressive with loading SSH keys from LDAP.operations/software/bitumaster+40 -20
Customize query in gerrit

Related Objects
Search...

Event Timeline

taavi created this task.Mar 21 2024, 1:42 PM
taavi edited projects, added Bitu; removed cloud-services-team, wikitech.wikimedia.org.Mar 21 2024, 1:53 PM
Restricted Application added a project: Infrastructure-Foundations. · View Herald TranscriptMar 21 2024, 1:53 PM
SLyngshede-WMF changed the task status from Open to In Progress.Mar 21 2024, 2:09 PM
SLyngshede-WMF claimed this task.
SLyngshede-WMF triaged this task as High priority.
SLyngshede-WMF added a comment.Mar 21 2024, 2:29 PM

Okay, I see the issue. In order to not hit LDAP to much, keys are cached, but that's honestly no good as that gives the users a false impression of what keys are active.

gerritbot added a comment.Mar 22 2024, 7:15 AM

Change #1013442 had a related patch set uploaded (by Slyngshede; author: Slyngshede):

[operations/software/bitu@master] Let Bitu be a little more aggressive with loading SSH keys from LDAP.

https://gerrit.wikimedia.org/r/1013442

gerritbot added a project: Patch-For-Review.Mar 22 2024, 7:15 AM
gerritbot added a comment.Mar 22 2024, 8:09 AM

Change #1013442 merged by jenkins-bot:

[operations/software/bitu@master] Let Bitu be a little more aggressive with loading SSH keys from LDAP.

https://gerrit.wikimedia.org/r/1013442

SLyngshede-WMF added a comment.Mar 22 2024, 8:29 AM

That fixed the synchronization with other services, but makes it slightly trigger to actually delete keys.

There will be a followup patch.

gerritbot added a comment.Mar 22 2024, 9:48 AM

Change #1013507 had a related patch set uploaded (by Slyngshede; author: Slyngshede):

[operations/software/bitu@master] Keymanagement: Bypass job queue for ssh key operations.

https://gerrit.wikimedia.org/r/1013507

gerritbot added a comment.Mar 22 2024, 11:18 AM

Change #1013507 merged by jenkins-bot:

[operations/software/bitu@master] Keymanagement: Bypass job queue for ssh key operations.

https://gerrit.wikimedia.org/r/1013507

bd808 mentioned this in T360966: The workflow for managing an ssh key via Bitu is cumbersome.Mar 26 2024, 12:10 AM
SLyngshede-WMF moved this task from Backlog to Pending Release on the Bitu board.Mar 26 2024, 11:24 AM
SLyngshede-WMF closed this task as Resolved.Apr 11 2024, 10:41 AM
SLyngshede-WMF moved this task from Pending Release to Resolved on the Bitu board.
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits