Access
Note the Github team @csesoc/infrastructure is representative of:
Projects Directors
1 member of the exec (e.g. Secretary) - as a backup
The Github team @csesoc/projects-team-leads is representative of:
All CURRENT project team leads
The team has a sub-team for each Project Lead(s)
What? | Who? | Access level | Why? | Granting access |
---|---|---|---|---|
SSH access to Wheatley | Root access to host | Occasionally you may need to access the underlying host to perform maintenance (e.g. restart the Rancher container or cycle SSH certificates) | Ask the Technical Projects Director to add your SSH key to the csesoc/infrastructure repo. The Director will need to apply the Ansible playbook to deploy the changes to Wheatley. | |
Admin access to github.com/csesoc/infrastructure | Access to modifying infrastructure level code | Occasionally you may need to update the documentation by adding in a new Project etc. | Ask a Github owner (e.g. Projects Directors or a member of the Exec team) to add you to the @csesoc/infrastructure team | |
Access to csesoc/infrastructure git secrets | Access to ALL projects secrets | Occasionally you may need to rotate the certificates in the repo or rotate other secrets | Ask the Technical Projects Director to add your GPG key to the | |
Admin access to Rancher (orchestration tool) via Github OAuth | Access to Rancher and kubectl | As part of the infrastructure team you may need to modify the Kubernetes cluster or onboard new Projects This level of access can modify the underlying host - so treat it like root access | Ask a Github owner (e.g. Projects Directors or a member of the Exec team) to add you to the @csesoc/infrastructure team. | |
Standard user access to Rancher (orchestration tool) via Github OAuth | Access to Rancher and any projects that they have access granted to | Project Team Leads can manage their own infrastructure for their Projects. For Rancher admins:
| Ask one of the Projects Directors to add you to the @csesoc/projects-team-leads team. | |
Docker Hub Organisation: csesoc | Admin access to all the public images of csesoc | You may need to modify how leads upload their images to the Docker Hub or onboard a new project. | Ask one of the Projects Directors to add you to the Docker Hub. Do NOT give access to Project Leads. | |
Projects Slack (#directors) | Projects Directors | Access to cluster-level alerts | You probably want to know when the cluster is failing | Ask a CSESoc Projects Slack admin (e.g. on of the Projects Directors/exec) to grant you access to the channel. |