Requestor provided information and prerequisites

Complete ALL items below as the individual person who is requesting access:

• Wikimedia developer account username: novemlinguae
• Email address: novemlinguae@gmail.com
• SSH public key (must be a separate key from Wikimedia cloud SSH access): https://en.wikipedia.org/w/index.php?title=User:Novem_Linguae/sandbox&oldid=1303853373
  • ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJTBtHO6i59hR97f9/ZtugA/p8LTv2GD8+oTx8Tz6OQ8 novemlinguae@gmail.com
• Requested group membership: analytics-privatedata-users SSH (no kerberos)
• Reason for access: I am a volunteer developer with MediaWiki +2 that works on multiple extensions. Gerrit patches. Lately I have been helping with the SecurePoll extension, and I have encountered several tickets where MediaWiki replica access would have been useful in order to read private securepoll_* MariaDB tables.
  • T396347#10907802 - Would like to have checked if securepoll_log existed on fawiki, to give better code review.
  • T380020 - Would like to have checked if securepoll_log existed on zhwiki, to give better code review.
  • T395928#11046636 and T395928#11121946 - Would like to have helped troubleshoot this new SecurePoll maintenance script that deletes unused SecurePoll tables on certain wikis. It was finding data in tables we expected to be empty, and being able to look at those table's data would have helped me troubleshoot.
• Name of approving party (manager for WMF/WMDE staff): @Dreamy_Jazz from Product Safety & Integrity team, the team that is the code steward of SecurePoll
• Ensure you have signed the L3 Wikimedia Server Access Responsibilities document: Done
• Please coordinate obtaining a comment of approval on this task from the approving party.

Requesting no expiration date. If you could use realname: (known to Legal) in data.yaml to preserve my privacy, I'd appreciate it. I have an existing entry in the ldap_only_users section that you'll probably want to move up to the users section.

Thank you for your consideration.

SRE Clinic Duty Confirmation Checklist for Access Requests

This checklist should be used on all access requests to ensure that all steps are covered, including expansion to existing access. Please double check the step has been completed before checking it off.

This section is to be confirmed and completed by a member of the SRE team.

• - User has signed the L3 Acknowledgement of Wikimedia Server Access Responsibilities Document.
• - User has a valid NDA on file with WMF legal. (All WMF Staff/Contractor hiring are covered by NDA. Other users can be validated via the NDA tracking sheet)
• - User has provided the following: developer account username, email address, and full reasoning for access (including what commands and/or tasks they expect to perform)
• - User has provided a public SSH key. This ssh key pair should only be used for WMF cluster access, and not shared with any other service (this includes not sharing with WMCS access, no shared keys.)
• - The provided SSH key has been confirmed out of band and is verified not being used in WMCS.
• - access request (or expansion) has sign off of WMF sponsor/manager (sponsor for volunteers, manager for wmf staff)
• - access request (or expansion) has sign off of group approver indicated by the approval field in data.yaml

For additional details regarding access request requirements, please see https://wikitech.wikimedia.org/wiki/Requesting_shell_access