Use an LDAP group to define QA admin_users

RESOLVED FIXED

Status

Infrastructure & Operations
RelOps: Puppet
RESOLVED FIXED
3 years ago
3 years ago

People

(Reporter: dustin, Assigned: whimboo)

Tracking

({regression})

Details

(Whiteboard: [kanban:engops:https://mozilla.kanbanize.com/ctrl_board/6/4063] )

Attachments

(1 attachment, 1 obsolete attachment)

(Reporter)

Description

3 years ago
You may want to add or select an LDAP group to represent the people who should have access, like we do:

https://github.com/mozilla/build-puppet/blob/master/manifests/moco-config.pp#L151
 default => hiera('ldap_admin_users',
   # backup to ensure access in case the sync fails:
   ['arr', 'dmitchell', 'jwatkins'])

that way changes to the LDAP group are automatically reflected in the config.  vpn_qa_scl3 might be a good place to start.

Updated

3 years ago
Whiteboard: [kanban:engops:https://mozilla.kanbanize.com/ctrl_board/6/4063]
(Assignee)

Updated

3 years ago
Depends on: 1095150
(Assignee)

Comment 1

3 years ago
Created attachment 8518494 [details] [diff] [review]
ldap_group v1
Attachment #8518494 - Flags: review?(dustin)
(Assignee)

Comment 2

3 years ago
Created attachment 8518496 [details] [diff] [review]
ldap_group v1.1

Missed to remove a closing bracket.
Attachment #8518494 - Attachment is obsolete: true
Attachment #8518494 - Flags: review?(dustin)
Attachment #8518496 - Flags: review?(dustin)
(Reporter)

Updated

3 years ago
Attachment #8518496 - Flags: review?(dustin) → review+
(Assignee)

Comment 3

3 years ago
http://hg.mozilla.org/qa/puppet/rev/a34a295df66b (default)
http://hg.mozilla.org/qa/puppet/rev/0a6e2e7a985f (production)
Status: NEW → RESOLVED
Last Resolved: 3 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.