Tue, Feb 11
My GPG key ID is 0x63514D67ADFD2615, fp is B858 7E40 78C9 95C4 AAF0 1CFC 6351 4D67 ADFD 2615 (on keyservers here). It doesn't have any signatures yet, don't think people have gotten to those post all-hands
Mon, Feb 10
This has been rolled out to all profile::mediawiki hosts as check_mw_wikiversion_difference in nrpe and Ensure local MW versions match expected deployment in Icinga.
Thu, Feb 6
Moritz clarified how case sensitive logins affect Icinga - I've since logged in as Hnowlan and I can confirm I can run commands successfully.
Is it safe to add the hosts to conftool and to hiera at the same time? Seems like we should add them to hiera in order to receive deployments via scap and then configure them in conftool, but I'm still getting familiar with how interactions between puppet, conftool and scap work and are ordered.
Unfortunately it seems I don't have permissions to issue commands. I attempted to downtime a service on a host that's not yet in use (restbase2023) and received a "Not Authorized" error. And yeah, I don't think people have signed things since all-hands yet.
Fri, Jan 31
Main blocker on this alert being useful is detecting when a scap deployment is currently underway so as to avoid false criticals. Not sure how best to do this - one simpler way would be checking Last-Modified on the upstream file and not alerting within a window of however long a deploy takes plus some additional wait factor. Is it likely that there would be an update on the deploy server but not on the app servers for a long period of time?
Interestingly there is already a packaging script in the repo for the driver, we can either reuse or adapt this - there doesn't seem to be much custom stuff in it https://github.com/datastax/cpp-driver/blob/master/packaging/build_deb.sh
Jan 13 2020
Thanks Daniel! I've created a new key and uploaded it here http://keys.gnupg.net/pks/lookup?op=vindex&fingerprint=on&search=0x63514D67ADFD2615