Page MenuHomePhabricator

MoritzMuehlenhoff (Moritz Mühlenhoff)
User

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Thursday

  • Clear sailing ahead.

User Details

User Since
Apr 1 2015, 4:33 PM (290 w, 5 d)
Availability
Available
LDAP User
Moritz Mühlenhoff
MediaWiki User
MMuhlenhoff (WMF) [ Global Accounts ]

Recent Activity

Today

MoritzMuehlenhoff added a comment to T266086: Nuria's volunteer account.

@gsingers We have three major types of NDA/MOU under which people get access to PII-sensitive data on our servers:

  • Everyone who's WMF staff has signed an NDA as part of their work contract
  • Researchers get access to some data after signing a MOU (with a person on the WMF side being a point of contact and time-limited until the research is completed)
  • Some people from the community have signed an NDA (called the Volunteer NDA in contrast to the NDA which applies to staff) which allows them to e.g. debug problems in production, deploy code changes, review Logstash/Turnilo etc.
Tue, Oct 27, 10:01 AM · Analytics-Radar, SRE-Access-Requests, Operations

Yesterday

MoritzMuehlenhoff renamed T266479: Puppet Proposal to remove require_package from Puppet Proposal to remove require_packages to Puppet Proposal to remove require_package.
Mon, Oct 26, 3:30 PM · Operations, Puppet
MoritzMuehlenhoff created T266467: Check home/HDFS leftovers of rodolfovalentim.
Mon, Oct 26, 12:43 PM · Analytics
MoritzMuehlenhoff added a comment to T248168: Upgrade Puppet to 5.5.21.

Debian unstable was updated to 5.5.22:
https://packages.qa.debian.org/p/puppet/news/20201025T173952Z.html

Mon, Oct 26, 12:13 PM · Puppet, Operations
MoritzMuehlenhoff closed T164819: reprepro: Support for buildinfo files / dbgsym packages as Resolved.

dbgsym files are supported in reprepro for quite a while now and as of today, we can also install dbgsym packages from the Debian archive. Closing.

Mon, Oct 26, 12:03 PM · Patch-For-Review, Operations
MoritzMuehlenhoff added a comment to T266086: Nuria's volunteer account.

Mentioned in SAL (#wikimedia-operations) [2020-10-23T22:56:29Z] <mutante> added Nuria to "nda" LDAP group - leaving her in "wmf" until the actual last day - shell account remains so no puppet change needed in ldap_only_admins (T266086)

cc: @KFrancis You have it on file in the right system as well?

Mon, Oct 26, 8:02 AM · Analytics-Radar, SRE-Access-Requests, Operations

Fri, Oct 23

MoritzMuehlenhoff claimed T264605: Apereo CAS expose CASCookieSameSite via profile::idp::client::http .

I've built an updated mod_cas package with SameSite cookie support for buster-wikimedia (not imported yet to apt.wikimedia.org), will run some tests next week.

Fri, Oct 23, 1:10 PM · Operations, User-jbond, CAS-SSO
MoritzMuehlenhoff added a project to T266314: Decom cookbook should also remove keytabs: User-MoritzMuehlenhoff.
Fri, Oct 23, 8:19 AM · User-MoritzMuehlenhoff, Operations
MoritzMuehlenhoff created T266314: Decom cookbook should also remove keytabs.
Fri, Oct 23, 8:19 AM · User-MoritzMuehlenhoff, Operations
MoritzMuehlenhoff closed T158562: Manage apt sources via puppet as Resolved.

/etc/apt/sources.list is managed by Puppet since a few weeks in production, closing the task (for Cloud VPS it's being considered to also enabled it in a separate task).

Fri, Oct 23, 7:27 AM · Patch-For-Review, User-jbond, Operations

Thu, Oct 22

MoritzMuehlenhoff added a comment to T264388: Migrate LDAP replicas to Buster.

All new buster replicas are now pooled and the stretch ones have been depooled. I'll keep them around for another week just in case, then they are going to be removed.

Thu, Oct 22, 2:58 PM · Patch-For-Review, Operations
MoritzMuehlenhoff added a comment to T266023: orchestrator: Get packages into WMF apt.

@MoritzMuehlenhoff: Is it acceptable to download the pre-build .debs, and upload them into our apt repo?

Thu, Oct 22, 8:54 AM · Operations, User-Kormat, DBA

Wed, Oct 21

MoritzMuehlenhoff closed T259519: Integrate Buster 10.5 point release as Resolved.

This is complete

Wed, Oct 21, 3:00 PM · Operations
MoritzMuehlenhoff updated the task description for T259519: Integrate Buster 10.5 point release.
Wed, Oct 21, 3:00 PM · Operations
MoritzMuehlenhoff created T266147: Port prometheus-openldap-exporter to Python 3.
Wed, Oct 21, 2:51 PM · Python3-Porting, LDAP, Operations
MoritzMuehlenhoff created T266118: Revisit use of swap and related kernel settings.
Wed, Oct 21, 11:59 AM · User-MoritzMuehlenhoff, Operations
MoritzMuehlenhoff added a project to T266106: orchestrator: Support SSO: CAS-SSO.
Wed, Oct 21, 10:21 AM · CAS-SSO, Operations, User-Kormat, DBA

Mon, Oct 19

MoritzMuehlenhoff updated the task description for T265147: Offboard Chase Pettet from Security Team.
Mon, Oct 19, 4:24 PM · Operations, Security-Team
MoritzMuehlenhoff added a comment to T265147: Offboard Chase Pettet from Security Team.

I've removed Chase from SRE-Access-Requests

Mon, Oct 19, 4:23 PM · Operations, Security-Team
MoritzMuehlenhoff removed a member for SRE-Access-Requests: chasemp.
Mon, Oct 19, 4:23 PM
MoritzMuehlenhoff updated the task description for T263974: Integrate Buster 10.6 point update.
Mon, Oct 19, 3:11 PM · Operations
MoritzMuehlenhoff updated the task description for T263974: Integrate Buster 10.6 point update.
Mon, Oct 19, 11:26 AM · Operations
MoritzMuehlenhoff added a comment to T264255: Review request for data export.

@MoritzMuehlenhoff, would it be ok to temporarily re-add @Groceryheist's access while he copies out some data?

Mon, Oct 19, 10:27 AM · Analytics-Kanban, Security, Analytics
MoritzMuehlenhoff closed T159750: E-mail for people in different OIT LDAP object unit as Declined.

We can close this task given that the OpenLDAP mirror in going away in favour of JumpCloud

Mon, Oct 19, 10:23 AM · WMF-Office-IT, Operations, Mail
MoritzMuehlenhoff closed T262647: Provide failover capacity for package installations from main mirror as Resolved.

This is complete: The package mirror can now be set via profile::base::mirror_server (and still defaults to mirrors.wikimedia.org)

Mon, Oct 19, 9:55 AM · Operations
MoritzMuehlenhoff created T265857: Update CAS to 6.2.
Mon, Oct 19, 6:48 AM · CAS-SSO, Operations
MoritzMuehlenhoff closed T264472: Requesting access to researchers and analytics-privatedata-users for Leila Zia as Resolved.

For the followup work with the old home there's T264994, so we can close this.

Mon, Oct 19, 6:45 AM · SRE-Access-Requests, Operations

Fri, Oct 16

MoritzMuehlenhoff added a comment to T253377: WMF deployed EasyTimeline extension depends on Ploticus package which is not available in Debian Buster (but available again in Debian Bullseye).

I've uploaded an NMU (2.42-4.2) for ploticus which correctly enables the toolchain hardening (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=967239), we can import that version to buster-wikimedia for the mw migration of the app servers.

Fri, Oct 16, 3:00 PM · Operations, EasyTimeline, Packaging
MoritzMuehlenhoff added a project to T253377: WMF deployed EasyTimeline extension depends on Ploticus package which is not available in Debian Buster (but available again in Debian Bullseye): Operations.
Fri, Oct 16, 2:58 PM · Operations, EasyTimeline, Packaging
MoritzMuehlenhoff added a comment to T256367: WMF-NDA access for DannyS712.

Let me clarify this and then I'll report back to this task in the next days.

Fri, Oct 16, 10:47 AM · User-DannyS712, WMF-NDA-Requests
MoritzMuehlenhoff added a comment to T265590: ulog: filter out diffscan from ulog.

The servers with a public IP already have lots of noise from random bots/portscans (e.g. on bast3004 40kish log per day), so this doesn't make too much of a difference.

Fri, Oct 16, 7:42 AM · observability, Security, Operations, netops, User-jbond
MoritzMuehlenhoff closed T264182: Migrate Gerrit to profile::java, a subtask of T264174: Migrate remaining services using Java to profile::java , as Resolved.
Fri, Oct 16, 7:24 AM · Operations
MoritzMuehlenhoff closed T264182: Migrate Gerrit to profile::java as Resolved.

The Gerrit servers have been switched to profile::java (which allowed for quite a few cleanups)

Fri, Oct 16, 7:24 AM · Release-Engineering-Team-TODO (2020-10-01 to 2020-12-31 (Q2)), Release-Engineering-Team (Development services), Gerrit, Operations
MoritzMuehlenhoff added a comment to T265689: Requesting adding rust-ripgrep and rust-fd-find on the gridengine nodes.

FWIW, the dependencies on a Buster system look fine to me and are fulfilled in stretch as well (Stretch has libgcc1 6.3.0 and libc6 2.24):

Fri, Oct 16, 7:20 AM · cloud-services-team (Kanban), Patch-For-Review, Toolforge (Software install/update)

Wed, Oct 14

MoritzMuehlenhoff created T265447: Check home/HDFS leftovers of joewalsh.
Wed, Oct 14, 7:17 AM · Analytics

Tue, Oct 13

MoritzMuehlenhoff added a comment to T256367: WMF-NDA access for DannyS712.

From what I can tell the procedure described in https://wikitech.wikimedia.org/wiki/Volunteer_NDA is outdated and no longer accurate. All current NDA access requires an NDA signed with the Legal department (it's still a digital signture, but different from clicking https://phabricator.wikimedia.org/L2.

Tue, Oct 13, 8:56 AM · User-DannyS712, WMF-NDA-Requests

Mon, Oct 12

MoritzMuehlenhoff added a comment to T253377: WMF deployed EasyTimeline extension depends on Ploticus package which is not available in Debian Buster (but available again in Debian Bullseye).

FWIW ploticus was fixed and will be in the next Debian stable release (bullseye), but it missed buster. In theory we could maintain our own backport of it, but obviously sunsetting EasyTimeline is a better long term solution.

Mon, Oct 12, 8:02 AM · Operations, EasyTimeline, Packaging
MoritzMuehlenhoff claimed T250515: Please provide our special component/php72 in buster-wikimedia.

realistically we'll only approach this once we move production to Buster.

Mon, Oct 12, 7:21 AM · Patch-For-Review, Packaging, serviceops
MoritzMuehlenhoff added a comment to T264991: Upgrade the MediaWiki appservers to debian buster, icu63.

ii prometheus-nutcracker-exporter 0.2+nmu1 all Prometheus exporter for Nutcracker

Mon, Oct 12, 7:18 AM · Operations, serviceops
MoritzMuehlenhoff added a comment to T264991: Upgrade the MediaWiki appservers to debian buster, icu63.

Should this task be merged with T245757: upgrade MediaWiki appservers to Debian 10 (buster) somehow?

Mon, Oct 12, 7:17 AM · Operations, serviceops

Fri, Oct 9

MoritzMuehlenhoff added a comment to T265147: Offboard Chase Pettet from Security Team.

I have taken care of removing SSH access, LDAP, Networking, Icinga pwstore and some of the mail aliases configured in SRE (root@ etc.). earlier today.

Fri, Oct 9, 2:41 PM · Operations, Security-Team
MoritzMuehlenhoff updated the task description for T265147: Offboard Chase Pettet from Security Team.
Fri, Oct 9, 2:38 PM · Operations, Security-Team
MoritzMuehlenhoff added a comment to T264991: Upgrade the MediaWiki appservers to debian buster, icu63.

After a lot of fist shaking and head scratching I think I've found a workable solution, to the problem that PHP build depends on ICU 63 (for intl) and indirectly to ICU57 via libxml: I tried a few hacks with double-building (exploiting the fact the icu 63 uses pkgconfig, while ICU 57 still uses the old-school "icu-config", but it didn't work out, too complex and too many corner cases. Rebuilding all the libxml2 reverse deps with ICU 63 is also a fragile/error-prone undertaking since there's multiple levels of dependencies in the reverse deps.

Fri, Oct 9, 1:34 PM · Operations, serviceops
MoritzMuehlenhoff removed a member for acl*sre-team: chasemp.
Fri, Oct 9, 9:38 AM
MoritzMuehlenhoff created T265121: Check home/HDFS leftovers of rush.
Fri, Oct 9, 9:16 AM · Analytics
MoritzMuehlenhoff added a comment to T264888: Review default ferm INPUT policy.

however i, like @BBlack, prefer reject to drop if possible. As such it would be nice to be good internet citizens and move ahead with the initial proposal even if we can get diffscan to work with a default drop.

Fri, Oct 9, 7:31 AM · Patch-For-Review, Security, Operations, netops, User-jbond
MoritzMuehlenhoff added a comment to T264472: Requesting access to researchers and analytics-privatedata-users for Leila Zia.

The "leila" account also needs to be removed from the wmf LDAP group.

Fri, Oct 9, 7:26 AM · SRE-Access-Requests, Operations

Thu, Oct 8

MoritzMuehlenhoff created T265038: Jenkins plugins security advisory - 2020-10-08.
Thu, Oct 8, 1:02 PM · Continuous-Integration-Infrastructure, Jenkins, Security
MoritzMuehlenhoff updated subscribers of T264888: Review default ferm INPUT policy.
Thu, Oct 8, 12:13 PM · Patch-For-Review, Security, Operations, netops, User-jbond
MoritzMuehlenhoff added a comment to T264991: Upgrade the MediaWiki appservers to debian buster, icu63.

I've created a standalone backport of icu63 in the component/icu63. Rebuilding PHP 7.2 with it is a little tricky, since PHP build-depends on libxml2 (for php7.2-xml), which in itself uses ICU. Also rebuilding libxml2 with ICU would require to test/adapt/rebuild a long list of reverse dependencies (and possible second order dependencies). Ideally this can be avoided, I'm testing a few options today and tomorrow.

Thu, Oct 8, 8:17 AM · Operations, serviceops

Wed, Oct 7

MoritzMuehlenhoff added a comment to T264888: Review default ferm INPUT policy.

Agreed, the service enumation/information disclosure angle is moot for us, so let's give this a shot. If we make it configurable via Hiera we can also test it beforehand on a few hosts.

Wed, Oct 7, 2:52 PM · Patch-For-Review, Security, Operations, netops, User-jbond
MoritzMuehlenhoff updated subscribers of T264889: Degraded RAID on wdqs1009.
Wed, Oct 7, 2:24 PM · ops-eqiad, Operations

Tue, Oct 6

Dzahn awarded T210993: Deprecate Diamond collectors in Cloud VPS a Orange Medal token.
Tue, Oct 6, 9:04 PM · Patch-For-Review, cloud-services-team (Kanban), observability, Operations
MoritzMuehlenhoff added a comment to T264546: parsoid apt repo rolled back breaks updates.

Are you saying we should release a new deb with 0.11.1? Or are you saying you can bump the version in the index to 0.11.1?

Tue, Oct 6, 3:10 PM · serviceops, Parsing-Team--ARCHIVED, Parsoid
MoritzMuehlenhoff updated the task description for T210993: Deprecate Diamond collectors in Cloud VPS.
Tue, Oct 6, 8:19 AM · Patch-For-Review, cloud-services-team (Kanban), observability, Operations

Mon, Oct 5

MoritzMuehlenhoff added a comment to T264546: parsoid apt repo rolled back breaks updates.

@Dzahn @MoritzMuehlenhoff something you can fix?

Mon, Oct 5, 6:33 PM · serviceops, Parsing-Team--ARCHIVED, Parsoid
MoritzMuehlenhoff added a comment to T264546: parsoid apt repo rolled back breaks updates.

Is this really worth fixing? jessie is totally end-of-life by Debian, not even Debian LTS covers it, so let's rather retire the repo for jessie for good.

Mon, Oct 5, 5:46 PM · serviceops, Parsing-Team--ARCHIVED, Parsoid
MoritzMuehlenhoff added a comment to T264182: Migrate Gerrit to profile::java.

We need the dbg package in order to have symbols resolved when taking stacktraces or heap informations T231872

Mon, Oct 5, 1:24 PM · Release-Engineering-Team-TODO (2020-10-01 to 2020-12-31 (Q2)), Release-Engineering-Team (Development services), Gerrit, Operations
MoritzMuehlenhoff added a comment to T264605: Apereo CAS expose CASCookieSameSite via profile::idp::client::http .

The patch to support the setting is not yet in the released or packaged versions of libapache2-mod-auth-cas, but if it works for us, I can reach out to the maintainer to cherrypick the patch

Mon, Oct 5, 12:56 PM · Operations, User-jbond, CAS-SSO
MoritzMuehlenhoff closed T264177: Switch cergen to profile::java, a subtask of T264174: Migrate remaining services using Java to profile::java , as Resolved.
Mon, Oct 5, 11:56 AM · Operations
MoritzMuehlenhoff closed T264177: Switch cergen to profile::java as Resolved.

cergen is now using profile::java.

Mon, Oct 5, 11:56 AM · Operations
MoritzMuehlenhoff closed T264390: Site: 4 VM request for LDAP replicas as Resolved.

VMs have been created

Mon, Oct 5, 10:32 AM · vm-requests, Operations

Fri, Oct 2

MoritzMuehlenhoff updated the task description for T263974: Integrate Buster 10.6 point update.
Fri, Oct 2, 2:00 PM · Operations
MoritzMuehlenhoff added a comment to T264409: makevm cookbook fails get_vm() call.

So, I've created three VMs and this happened in one out of three cases only.

Fri, Oct 2, 11:32 AM · SRE-tools, Operations
MoritzMuehlenhoff created T264409: makevm cookbook fails get_vm() call.
Fri, Oct 2, 9:59 AM · SRE-tools, Operations
MoritzMuehlenhoff added a comment to T264182: Migrate Gerrit to profile::java.

We need the dbg package in order to have symbols resolved when taking stacktraces or heap informations T231872

Fri, Oct 2, 8:49 AM · Release-Engineering-Team-TODO (2020-10-01 to 2020-12-31 (Q2)), Release-Engineering-Team (Development services), Gerrit, Operations
MoritzMuehlenhoff updated the task description for T263974: Integrate Buster 10.6 point update.
Fri, Oct 2, 8:26 AM · Operations
MoritzMuehlenhoff assigned T264392: Update public key for production shell for dedcode to herron.

This got added in T263692, also assigning to Keith.

Fri, Oct 2, 8:01 AM · Operations, SRE-Access-Requests
MoritzMuehlenhoff triaged T264388: Migrate LDAP replicas to Buster as Medium priority.
Fri, Oct 2, 7:53 AM · Patch-For-Review, Operations
MoritzMuehlenhoff triaged T264390: Site: 4 VM request for LDAP replicas as Medium priority.
Fri, Oct 2, 7:52 AM · vm-requests, Operations
MoritzMuehlenhoff created T264390: Site: 4 VM request for LDAP replicas.
Fri, Oct 2, 7:52 AM · vm-requests, Operations
MoritzMuehlenhoff created T264388: Migrate LDAP replicas to Buster.
Fri, Oct 2, 7:50 AM · Patch-For-Review, Operations
MoritzMuehlenhoff updated the task description for T263974: Integrate Buster 10.6 point update.
Fri, Oct 2, 7:40 AM · Operations
MoritzMuehlenhoff added a comment to T264311: Prepare for puppetizing /etc/apt/sources.list.

I wonder if there are CloudVPS VMs in which the admin hand-edited the file. The moment we enable this, the changes would be lost, right?

Yes. This task is about detecting and counting those VMs and moving the customisations out of the way of the puppet management.

Fri, Oct 2, 7:11 AM · cloud-services-team (Kanban)

Thu, Oct 1

MoritzMuehlenhoff added a comment to T264311: Prepare for puppetizing /etc/apt/sources.list.

For a Buster system, the puppetised sources.list looks like this:

Thu, Oct 1, 1:58 PM · cloud-services-team (Kanban)
MoritzMuehlenhoff created T264292: Migrate maps to Buster.
Thu, Oct 1, 9:50 AM · Maps, Operations
MoritzMuehlenhoff created T264276: Migrate puppetboard to Buster.
Thu, Oct 1, 8:30 AM · Operations
MoritzMuehlenhoff created T264269: Check home/HDFS leftovers of shiladsen.
Thu, Oct 1, 7:13 AM · Analytics
MoritzMuehlenhoff created T264268: Check home/HDFS leftovers of nathante.
Thu, Oct 1, 7:12 AM · Analytics
MoritzMuehlenhoff closed T258768: Move Hue to a Buster VM as Resolved.

Ack, closing this task.

Thu, Oct 1, 7:03 AM · Analytics-Radar, Patch-For-Review, Operations

Wed, Sep 30

MoritzMuehlenhoff created T264182: Migrate Gerrit to profile::java.
Wed, Sep 30, 12:17 PM · Release-Engineering-Team-TODO (2020-10-01 to 2020-12-31 (Q2)), Release-Engineering-Team (Development services), Gerrit, Operations
MoritzMuehlenhoff created T264181: Migrate WDQS to profile::java.
Wed, Sep 30, 12:16 PM · Wikidata-Query-Service, Wikidata, Operations
MoritzMuehlenhoff created T264178: Switch puppetdb to profile::java.
Wed, Sep 30, 11:23 AM · Puppet, Operations
MoritzMuehlenhoff created T264177: Switch cergen to profile::java.
Wed, Sep 30, 11:23 AM · Operations
MoritzMuehlenhoff created T264176: Switch Zookeeper to profile::java.
Wed, Sep 30, 11:22 AM · Analytics-Clusters, Operations
MoritzMuehlenhoff renamed T261966: Move cassandra puppet code (used by Restbase, Sessionstore, AQS, maps) to profile::java from Move cassandra puppet code (used by Restbase, Sessionstore, AQS) to profile::java to Move cassandra puppet code (used by Restbase, Sessionstore, AQS, maps) to profile::java.
Wed, Sep 30, 11:12 AM · Patch-For-Review, Cassandra, Operations
MoritzMuehlenhoff added a parent task for T261966: Move cassandra puppet code (used by Restbase, Sessionstore, AQS, maps) to profile::java: T264174: Migrate remaining services using Java to profile::java .
Wed, Sep 30, 11:12 AM · Patch-For-Review, Cassandra, Operations
MoritzMuehlenhoff added a subtask for T264174: Migrate remaining services using Java to profile::java : T261966: Move cassandra puppet code (used by Restbase, Sessionstore, AQS, maps) to profile::java.
Wed, Sep 30, 11:12 AM · Operations
MoritzMuehlenhoff renamed T261966: Move cassandra puppet code (used by Restbase, Sessionstore, AQS, maps) to profile::java from Move cassandra puppet code to profile::java to Move cassandra puppet code (used by Restbase, Sessionstore, AQS) to profile::java.
Wed, Sep 30, 11:11 AM · Patch-For-Review, Cassandra, Operations
MoritzMuehlenhoff created T264174: Migrate remaining services using Java to profile::java .
Wed, Sep 30, 11:10 AM · Operations
MoritzMuehlenhoff added a comment to T251540: Also use java::security on elasticsearch/relforge.

This is now a parameter of the java profile, so once Elastic* are migrated to that, it can easily be flipped on via Hiera for a single host.

Wed, Sep 30, 11:04 AM · User-MoritzMuehlenhoff, Discovery-Search, Operations
MoritzMuehlenhoff added a comment to T262162: Upgrade to Superset 0.37.x.

New version is out: 0.37.2

The new code is currently deployed on an-tool1005 (staging instance) for further testing. As soon as the Analytics team is done we'll also upgrade the production instance.

Wed, Sep 30, 10:56 AM · Analytics-Kanban, Analytics-Clusters
MoritzMuehlenhoff added a comment to T258768: Move Hue to a Buster VM.

Currently two outstanding UI issues:
In theory those are not blocking the migration of Hue, so this task could probably be closed and Analytics can keep working on these issues separately.

@MoritzMuehlenhoff thoughts?

Wed, Sep 30, 9:11 AM · Analytics-Radar, Patch-For-Review, Operations
MoritzMuehlenhoff reopened T263868: Access to Superset for Jack Rabah as "Open".

Reopening, this needs an update in data.yaml as well (in the ldap users table).

Wed, Sep 30, 8:57 AM · Operations, LDAP-Access-Requests
MoritzMuehlenhoff updated the task description for T263974: Integrate Buster 10.6 point update.
Wed, Sep 30, 7:27 AM · Operations

Tue, Sep 29

MoritzMuehlenhoff updated the task description for T263974: Integrate Buster 10.6 point update.
Tue, Sep 29, 2:07 PM · Operations
MoritzMuehlenhoff added a comment to T260282: Review process to fetch Jenkins Debian package from upstream.

I think the exceptional case of double LTS release is rare enough, can you update the wikitech with the steps above and then we can call this resolved from my PoV?

Tue, Sep 29, 12:42 PM · Release-Engineering-Team-TODO (2020-07-01 to 2020-09-30 (Q1)), User-MoritzMuehlenhoff, Release-Engineering-Team (CI & Testing services), Operations, Jenkins, Continuous-Integration-Infrastructure

Mon, Sep 28

MoritzMuehlenhoff updated the task description for T259519: Integrate Buster 10.5 point release.
Mon, Sep 28, 3:17 PM · Operations
MoritzMuehlenhoff updated the task description for T259519: Integrate Buster 10.5 point release.
Mon, Sep 28, 2:45 PM · Operations
MoritzMuehlenhoff added a comment to T158562: Manage apt sources via puppet.

I did a test installation with the new setting as I had a hunch there would be issues in early install and turns out I was right: The installer writes out an initial /etc/apt/sources.list and the puppetised /etc/apt/sources.list does not contain apt.wikimedia.org (it's handled via /etc/apt/sources.list.d/wikimedia). Then there's some Puppet logic to comment out entries from /etc/apt/sources.list in the apt::repository define once the sub sources list is added and the current processing order installation ferm and librdkafka in the stock Debian versions instead of the customised ones from apt.wikimedia.org

Mon, Sep 28, 2:24 PM · Patch-For-Review, User-jbond, Operations