Lcarr has submitted this change and it was merged.
Change subject: Allow jenkins admins to manage replicated git repos
......................................................................
Allow jenkins admins to manage replicated git repos
We replicate all repositories from manganese to gallium, and if
a repository becomes corrupted (or renamed, or has other maintenance)
we currently have to bug a root user to handle this.
The gerritslave user only has access to these repos in /var/lib/git/*,
so there's no other files or services we could use.
Change-Id: I71837aa8cd6759a03fac3619a1e366b8fe16246c
---
M manifests/site.pp
1 file changed, 1 insertion(+), 0 deletions(-)
Approvals:
Lcarr: Verified; Looks good to me, approved
jenkins-bot: Verified
diff --git a/manifests/site.pp b/manifests/site.pp
index a4fc2e1..a89357b 100644
--- a/manifests/site.pp
+++ b/manifests/site.pp
@@ -903,6 +903,7 @@
$gid=500
sudo_user { [ "demon", "krinkle", "reedy", "dsc", "mholmquist" ]:
privileges => [
'ALL = (jenkins) NOPASSWD: ALL'
+ ,'ALL = (gerritslave) NOPASSWD: ALL'
,'ALL = NOPASSWD: /etc/init.d/jenkins'
,'ALL = (testswarm) NOPASSWD: ALL'
,'ALL = NOPASSWD: /etc/init.d/postgresql-8.4'
--
To view, visit https://gerrit.wikimedia.org/r/58692
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I71837aa8cd6759a03fac3619a1e366b8fe16246c
Gerrit-PatchSet: 4
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Demon <ch...@wikimedia.org>
Gerrit-Reviewer: Hashar <has...@free.fr>
Gerrit-Reviewer: Lcarr <lc...@wikimedia.org>
Gerrit-Reviewer: jenkins-bot
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
