Closed
Bug 1491726
Opened 6 years ago
Closed 5 years ago
Tighten up allowed IPs for signing
Categories
(Release Engineering :: General, enhancement)
Release Engineering
General
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: nthomas, Assigned: nthomas)
References
Details
Attachments
(1 file)
While reviewing https://github.com/mozilla-releng/build-puppet/pull/213 I noticed we can cleanup signing_allowed_ips and signing_new_token_allowed_ips to remove all buildbot slaves and masters, etc so it's just the signing scriptworkers left.
Looks like we also removed the signingworker nodes instances, so those definitions and module could got too.
Flags: needinfo?(aki)
|
Assignee | |
Comment 1•6 years ago
|
||
ni? is a sanity check on the plan.
|
||
Comment 2•6 years ago
|
||
That sounds sane :)
dev-master2, partner-repack1 can go as well.
Flags: needinfo?(aki)
|
|
Assignee | |
Comment 3•6 years ago
|
||
|
|
Assignee | |
Comment 4•6 years ago
|
||
Landed as https://github.com/mozilla-releng/build-puppet/commit/3b60f69b1e767f967d98b62935090881ca472261 on Sep 25.
There's some followup cleanup for unused subnets in https://github.com/mozilla-releng/build-cloud-tools/blob/master/configs/subnets.yml and in AWS. See also bug 1495917 for some securitygroup cleanup.
|
|
Assignee | |
Comment 5•6 years ago
|
||
|
|
Assignee | |
Comment 6•5 years ago
|
||
(In reply to Nick Thomas [:nthomas] (UTC+12) from comment #5)
WIP:
https://github.com/mozilla-releng/build-cloud-tools/compare/master...nthomas-
mozilla:scl3-subnet-cleanup?expand=1
I'm abandoning this, piecemeal cleanup of dying configs is silly.
Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•