[MediaWiki-commits] [Gerrit] operations/puppet[production]: Remove access credentials for ironholds
Muehlenhoff has submitted this change and it was merged. Change subject: Remove access credentials for ironholds .. Remove access credentials for ironholds Initially aimed for continuing access via MOU, but the process stalled. Change-Id: Ib8d266b8d5e6f314648c39312b3e030baadf7792 --- M modules/admin/data/data.yaml 1 file changed, 10 insertions(+), 11 deletions(-) Approvals: Muehlenhoff: Looks good to me, approved jenkins-bot: Verified diff --git a/modules/admin/data/data.yaml b/modules/admin/data/data.yaml index ce1cc9c..9daceae 100644 --- a/modules/admin/data/data.yaml +++ b/modules/admin/data/data.yaml @@ -5,7 +5,7 @@ handrade, howief, jdouglas, jgonera, jsahleen, mah, maryana, mglaser, mvolz, mwalker, nimishg, rainman, ssmith, swalling, sumanah, werdna, rmoen, johnflewis, marc, jkrauska, akumar, mnoushad, spage, tnegrin, msyed, kleduc, - manybubbles, haithams, jzerebecki, ashwinpp] + manybubbles, haithams, jzerebecki, ashwinpp, ironholds] wikidev: gid: 500 description: container group for primary user groups. @@ -68,7 +68,7 @@ restricted folks use sudo to access apache / www-data resources members: [daniel, dartar, ellery, bearloga, ezachte, hoo, jamesur, jdlrobson, khorn, tparscal, ssastry, - ironholds, nuria, leila, santhosh, amire80, legoktm, addshore, foks, chelsyx] + nuria, leila, santhosh, amire80, legoktm, addshore, foks, chelsyx] privileges: ['ALL = (www-data,apache) NOPASSWD: ALL'] cassandra-test-roots: gid: 708 @@ -103,7 +103,7 @@ credentials on stat1003 (currently the only such host) members: [awight, bmansurov, catrope, dartar, declerambaul, deskana, dduvall, ellery, ezachte, gilles, halfak, - ironholds, jforrester, jkatz, jmorgan, kaldari, + jforrester, jkatz, jmorgan, kaldari, leila, mattflaschen, milimetric, nettrom, bearloga, nuria, ori, otto, springle, yurik, yuvipanda, mforns, jdlrobson, dr0ptp4kt, tgr, marktraceur, jhernandez, joal, @@ -177,13 +177,13 @@ you should put them in the analytics-privatedata-users group. members: [ezachte, milimetric, dartar, yurik, halfak, awight, dr0ptp4kt, nuria, - leila, ironholds, ellery, nettrom, mforns, bmansurov, tbayer, joal, + leila, ellery, nettrom, mforns, bmansurov, tbayer, joal, madhuvishy, tjones, legoktm, dcausse, bearloga, dpatrick, atgomez, dstrine, joewalsh, marktraceur, mtizzoni, panisson, paolotti, ciro] statistics-users: gid: 726 description: Access statistics number crunching hosts. NO PRIVS. -members: [dartar, halfak, ironholds, jdlrobson, jmorgan, bearloga, +members: [dartar, halfak, jdlrobson, jmorgan, bearloga, mattflaschen, mhurd, yurik, awight, jforrester, marktraceur, nuria, leila, gilles, dbrant, tgr, dr0ptp4kt, brion, bsitzmann, amire80, @@ -194,7 +194,7 @@ statistics-admins: posix_name: stats description: access files created by stats user cron jobs -members: [ezachte, ironholds, milimetric, joal, mforns, bearloga, nuria] +members: [ezachte, milimetric, joal, mforns, bearloga, nuria] privileges: ['ALL = (stats) NOPASSWD: ALL'] oit: gid: 727 @@ -220,7 +220,7 @@ Hadoop NameNodes. Some files in HDFS have sensitive data in them. Those files are group readable by the analytics-privatedata-users group. members: [dartar, milimetric, yurik, dfoy, aude, jforrester, - halfak, dr0ptp4kt, ironholds, bearloga, cwdent, elukey, + halfak, dr0ptp4kt, bearloga, cwdent, elukey, nuria, otto, deskana, zhousquared, bsitzmann, dbrant, declerambaul, ellery, nettrom, leila, ezachte, mforns, reedy, west1, phuedx, awight, junikowski, @@ -461,7 +461,7 @@ analytics-search-users: gid: 771 description: Group of users for managing search related analytics jobs -members: [ebernhardson, smalyshev, dcausse, gehel, ironholds, bearloga] +members: [ebernhardson, smalyshev, dcausse, gehel, bearloga] privileges: ['ALL = (analytics-search) NOPASSWD: ALL'] parsoid-test-roots: gid: 772 @@ -1193,12 +1193,11 @@ ssh_keys: [] uid: 3558 ironholds: -ensure: present +ensure: absent gid: 500 name: ironholds realname: Oliver Keyes -ssh_keys: [ssh-rsa B3NzaC1yc2EDAQABAAABAQC0xcNFDy6ewrEloABYeO5FQGpHNGkPA5KajTFMv4r85xGeICZwQPUojxedyOHpbleTfhwTAtZdLEozMeDYwXSmkaK2UL5g8ZhljgAF9dUkWhwBY7MXvz8rpfOP6oZPIbdd3AfdWNbAfi9TRqJnVFwUJc3vKgQBxKAKuYCCx0Q0pERE8n5phBYuam2KVvygk0Er/rR2nBnk3i3K8mHss5IHQbWbgWZGjZ/HODTvBKX47/S/J2WY+06omxY0c3C7qBjybXkGSHKcoi
[MediaWiki-commits] [Gerrit] operations/puppet[production]: Remove access credentials for ironholds
Muehlenhoff has uploaded a new change for review. https://gerrit.wikimedia.org/r/311095 Change subject: Remove access credentials for ironholds .. Remove access credentials for ironholds Initially aimed for continuing access via MOU, but the process stalled. Change-Id: Ib8d266b8d5e6f314648c39312b3e030baadf7792 --- M modules/admin/data/data.yaml 1 file changed, 10 insertions(+), 11 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/operations/puppet refs/changes/95/311095/1 diff --git a/modules/admin/data/data.yaml b/modules/admin/data/data.yaml index ce1cc9c..9daceae 100644 --- a/modules/admin/data/data.yaml +++ b/modules/admin/data/data.yaml @@ -5,7 +5,7 @@ handrade, howief, jdouglas, jgonera, jsahleen, mah, maryana, mglaser, mvolz, mwalker, nimishg, rainman, ssmith, swalling, sumanah, werdna, rmoen, johnflewis, marc, jkrauska, akumar, mnoushad, spage, tnegrin, msyed, kleduc, - manybubbles, haithams, jzerebecki, ashwinpp] + manybubbles, haithams, jzerebecki, ashwinpp, ironholds] wikidev: gid: 500 description: container group for primary user groups. @@ -68,7 +68,7 @@ restricted folks use sudo to access apache / www-data resources members: [daniel, dartar, ellery, bearloga, ezachte, hoo, jamesur, jdlrobson, khorn, tparscal, ssastry, - ironholds, nuria, leila, santhosh, amire80, legoktm, addshore, foks, chelsyx] + nuria, leila, santhosh, amire80, legoktm, addshore, foks, chelsyx] privileges: ['ALL = (www-data,apache) NOPASSWD: ALL'] cassandra-test-roots: gid: 708 @@ -103,7 +103,7 @@ credentials on stat1003 (currently the only such host) members: [awight, bmansurov, catrope, dartar, declerambaul, deskana, dduvall, ellery, ezachte, gilles, halfak, - ironholds, jforrester, jkatz, jmorgan, kaldari, + jforrester, jkatz, jmorgan, kaldari, leila, mattflaschen, milimetric, nettrom, bearloga, nuria, ori, otto, springle, yurik, yuvipanda, mforns, jdlrobson, dr0ptp4kt, tgr, marktraceur, jhernandez, joal, @@ -177,13 +177,13 @@ you should put them in the analytics-privatedata-users group. members: [ezachte, milimetric, dartar, yurik, halfak, awight, dr0ptp4kt, nuria, - leila, ironholds, ellery, nettrom, mforns, bmansurov, tbayer, joal, + leila, ellery, nettrom, mforns, bmansurov, tbayer, joal, madhuvishy, tjones, legoktm, dcausse, bearloga, dpatrick, atgomez, dstrine, joewalsh, marktraceur, mtizzoni, panisson, paolotti, ciro] statistics-users: gid: 726 description: Access statistics number crunching hosts. NO PRIVS. -members: [dartar, halfak, ironholds, jdlrobson, jmorgan, bearloga, +members: [dartar, halfak, jdlrobson, jmorgan, bearloga, mattflaschen, mhurd, yurik, awight, jforrester, marktraceur, nuria, leila, gilles, dbrant, tgr, dr0ptp4kt, brion, bsitzmann, amire80, @@ -194,7 +194,7 @@ statistics-admins: posix_name: stats description: access files created by stats user cron jobs -members: [ezachte, ironholds, milimetric, joal, mforns, bearloga, nuria] +members: [ezachte, milimetric, joal, mforns, bearloga, nuria] privileges: ['ALL = (stats) NOPASSWD: ALL'] oit: gid: 727 @@ -220,7 +220,7 @@ Hadoop NameNodes. Some files in HDFS have sensitive data in them. Those files are group readable by the analytics-privatedata-users group. members: [dartar, milimetric, yurik, dfoy, aude, jforrester, - halfak, dr0ptp4kt, ironholds, bearloga, cwdent, elukey, + halfak, dr0ptp4kt, bearloga, cwdent, elukey, nuria, otto, deskana, zhousquared, bsitzmann, dbrant, declerambaul, ellery, nettrom, leila, ezachte, mforns, reedy, west1, phuedx, awight, junikowski, @@ -461,7 +461,7 @@ analytics-search-users: gid: 771 description: Group of users for managing search related analytics jobs -members: [ebernhardson, smalyshev, dcausse, gehel, ironholds, bearloga] +members: [ebernhardson, smalyshev, dcausse, gehel, bearloga] privileges: ['ALL = (analytics-search) NOPASSWD: ALL'] parsoid-test-roots: gid: 772 @@ -1193,12 +1193,11 @@ ssh_keys: [] uid: 3558 ironholds: -ensure: present +ensure: absent gid: 500 name: ironholds realname: Oliver Keyes -ssh_keys: [ssh-rsa B3NzaC1yc2EDAQABAAABAQC0xcNFDy6ewrEloABYeO5FQGpHNGkPA5KajTFMv4r85xGeICZwQPUojxedyOHpbleTfhwTAtZdLEozMeDYwXSmkaK2UL5g8ZhljgAF9dUkWhwBY7MXvz8rpfOP6oZPIbdd3AfdWNbAfi9TRqJnVFwUJc3vKgQBxKAKuYCCx0Q0pERE8n5phBYuam2KVvygk0Er/rR2nBnk3i3K8mHss5IHQbWbgWZGjZ/
