Page MenuHomePhabricator
Create Task
Maniphest T415632

Requesting access to deployment for trueg
Closed, ResolvedPublicRequest
Actions

Description

Requestor provided information and prerequisites

Complete ALL items below as the individual person who is requesting access:

  • Wikimedia developer account username: trueg
  • Email address: trueg@wikimedia.org
  • SSH public key (must be a separate key from Wikimedia cloud SSH access): "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICg3DeStj3WEkY0iGCuJG4d+AGYO4DnxWW6moTdTNJIw trueg@wikimedia.org DataPlatform"
  • Requested group membership: deployer
  • Reason for access: Need to be able to browse Wikidata deployments on wikikube
  • Name of approving party (manager for WMF/WMDE staff): @DSantamaria @gmodena
  • Ensure you have signed the L3 Wikimedia Server Access Responsibilities document: yes
  • Please coordinate obtaining a comment of approval on this task from the approving party.

SRE Clinic Duty Confirmation Checklist for Access Requests

This checklist should be used on all access requests to ensure that all steps are covered, including expansion to existing access. Please double check the step has been completed before checking it off.

This section is to be confirmed and completed by a member of the SRE team.

  • - User has signed the L3 Acknowledgement of Wikimedia Server Access Responsibilities Document.
  • - User has a valid NDA on file with WMF legal. (All WMF Staff/Contractor hiring are covered by NDA. Other users can be validated via the NDA tracking sheet)
  • - User has provided the following: developer account username, email address, and full reasoning for access (including what commands and/or tasks they expect to perform)
  • - User has provided a public SSH key. This ssh key pair should only be used for WMF cluster access, and not shared with any other service (this includes not sharing with WMCS access, no shared keys.)
  • - The provided SSH key has been confirmed out of band and is verified not being used in WMCS.
  • - access request (or expansion) has sign off of WMF sponsor/manager (sponsor for volunteers, manager for wmf staff)
  • - access request (or expansion) has sign off of group approver indicated by the approval field in data.yaml

For additional details regarding access request requirements, please see https://wikitech.wikimedia.org/wiki/Requesting_shell_access

Details

Related Changes in Gerrit:
SubjectRepoBranchLines +/-
admin: add trueg to deployersoperations/puppetproduction+1 -1
Customize query in gerrit

Event Timeline

trueg created this task.Jan 27 2026, 9:15 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJan 27 2026, 9:15 AM
Novem_Linguae renamed this task from Requesting access to deployer for trueg to Requesting access to deployment for trueg.Jan 27 2026, 9:58 AM
Dzahn assigned this task to thcipriani.Jan 27 2026, 3:21 PM
Dzahn subscribed.

Hi Tyler, what do you think?

Dzahn added a comment.Jan 27 2026, 3:22 PM

@gmodena or @DSantamaria do you approve?

DSantamaria added a comment.Jan 29 2026, 9:05 AM

Approved!

elukey subscribed.Feb 2 2026, 9:41 AM

@thcipriani Hi! When you have a moment, please review this request :)

@trueg Hi! One follow up question - I noticed that you already have an account and an ssh key registered in puppet, so the new one that you added to the task's description is not needed. We just need to add your user to the deployment posix group (I see deployer in the request but IIUC it should be a typo). Is it the right understanding?

thcipriani added a comment.Feb 2 2026, 4:03 PM

sorry for the delay, approved for the deployment group.

gerritbot added a comment.Feb 2 2026, 8:42 PM

Change #1235879 had a related patch set uploaded (by Dzahn; author: Dzahn):

[operations/puppet@production] admin: add trueg to deployers

https://gerrit.wikimedia.org/r/1235879

gerritbot added a project: Patch-For-Review.Feb 2 2026, 8:42 PM
Dzahn moved this task from Untriaged to Patch in Review on the SRE-Access-Requests board.Feb 2 2026, 8:42 PM
Dzahn removed thcipriani as the assignee of this task.Feb 2 2026, 8:45 PM
Dzahn added a subscriber: thcipriani.
gerritbot added a comment.Feb 3 2026, 10:02 AM

Change #1235879 merged by Elukey:

[operations/puppet@production] admin: add trueg to deployers

https://gerrit.wikimedia.org/r/1235879

elukey added a comment.Feb 3 2026, 10:03 AM

The change is merged and it will be propagated by puppet during the next 30 mins :)

elukey closed this task as Resolved.Feb 3 2026, 10:04 AM
elukey updated the task description. (Show Details)
Maintenance_bot removed a project: Patch-For-Review.Feb 3 2026, 10:36 AM
trueg added a comment.Feb 9 2026, 8:25 AM

@elukey sorry for the late reply. Yes, indeed, there is no need for a new account. In fact I thought I did attach the existing ssh key for completeness sake. Maybe I mis-copy-and-pasted...

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits