Deployment tooling/Cabal/2016-05-09
Automation of key generation
edit
- Two related tasks, each have patches that are needed to streamline the scap3 migration:
- T133211 - Automate the generation deployment keys (keyholder-managed ssh keys)
- https://gerrit.wikimedia.org/r/#/c/284418/
- TODOs
- Ensure scap key cannot be redefined in scap::target - https://phabricator.wikimedia.org/T132747
- Only specify deployment user, scap::target takes care of keys
- Keep keyholder puppet functions, remove ssh-keygen
- Possible keyholder fixups
- Lots of open solutions
- TODOs
- Checklist: https://phabricator.wikimedia.org/T93428
- Config deploys (haven't done it in production)
- Some puppet refactoring needed for ownership
- Untangle the scap deployment pieces of puppet
- Config --diff
- New package tagged
- Filippo working on it this week \o/
- Migration continues