open-source Socorro puppet

RESOLVED WONTFIX

Status

Socorro
Infra
RESOLVED WONTFIX
4 years ago
3 years ago

People

(Reporter: rhelmer, Assigned: rhelmer)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Assignee)

Description

4 years ago
We should have open-source puppet manifests and configs that live in our Socorro repo, in the top-level ./puppet/ subdir.

I don't think it's appropriate to just drop-ship our internal Mozilla IT puppet repo for several reasons - size/complexity, style, hardcoded secrets being top-of-mind.

I have been working on a do-over in https://github.com/rhelmer/socorro-puppet/ that's based on our Vagrant manifests - needs more work obviously, but it's so far very simple and passes puppet-lint (last I checked). We can take code and/or learnings from Mozilla IT puppet repo of course! It uses hiera + templates to deal with secrets.

This has been very helpful to me in spinning up test environments - all you need to do is:

* customize common.yaml
* copy files and run per README.md
* run deploy.sh with latest socorro tarball

I think once bug 1039876 lands and moves the vagrant stuff out of the way, we could use this as a starting point towards having public puppet+configs that live in the repo (except for actual secrets in common.yaml and friends)

Thoughts?
Given that we're moving to AWS, and quite possibly away from Puppet (or, at least, a Puppet-centric system), this bug may soon become irrelevant.  I propose that we close it WONTFIX for now, and re-open if we're still Puppet-centric going forward.  Rob?
Flags: needinfo?(rhelmer)

Comment 2

3 years ago
just 'wontfix' it
Status: NEW → RESOLVED
Last Resolved: 3 years ago
Flags: needinfo?(rhelmer)
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.