Page MenuHomePhabricator
Create Task
Maniphest T202072

Requesting Access to view EventLogging data for gabriel-wmde / gbirke
Closed, ResolvedPublic
Actions

Assigned To
MoritzMuehlenhoff
Authored By
gabriel-wmde
Aug 16 2018, 4:35 PM
Tags
Referenced Files
F25224449: wikimedia_prod.pub
Aug 22 2018, 3:50 PM
Subscribers
Addshore
Aklapper
ArielGlenn
daniel
Dzahn
gabriel-wmde
gerritbot
View All 12 Subscribers
Tokens
"Like" token, awarded by Addshore.

Description

Hello,

as an employee of WMDE, I would like to request access to query EventLogging data (esp. https://meta.wikimedia.org/wiki/Schema:WMDEBannerEvents) in order for us to analyze our banner / fundraising campaigns.

I have had a look at the[[ https://wikitech.wikimedia.org/wiki/Analytics/Data_access#Access_Groups | Access Groups ]] but I am unsure which group is the appropriate one, please advise on this.

Please let me know what pieces of information you need for this.

Ldap User: https://tools.wmflabs.org/ldap/user/gbirke
Groups requested: researchers & analytics-users per T202072#4514570

SRE Clinic Duty Checklist for Access Requests

Most requirements are outlined on https://wikitech.wikimedia.org/wiki/Requesting_shell_access

This checklist should be used on all access requests to ensure that all steps are covered. This includes expansion to access. Please do not check off items on the list below unless you are in Ops and have confirmed the step.

  • - User has signed the L3 Acknowledgement of Wikimedia Server Access Responsibilities Document.
  • - User has a valid NDA on file with WMF legal. (This can be checked by Operations via the NDA tracking sheet & is included in all WMF Staff/Contractor hiring.)
  • - User has provided the following: wikitech username, preferred shell username, email address, and full reasoning for access (including what commands and/or tasks they expect to perform.
  • - User has provided a public SSH key. This ssh key pair should only be used for WMF cluster access, and not share with any other service (this includes not sharing with WMCS access, no shared keys.)
  • - access request (or expansion) has sign off of WMF sponsor/manager (sponser for volunteers, manager for wmf staff)
  • - non-sudo requests: 3 business day wait must pass with no objections being noted on the task
  • - Patchset for access request (first adds user, second adds them to groups)

Details

SubjectRepoBranchLines +/-
add Gabriel Birke to analytics-users and researchers groupsoperations/puppetproduction+2 -2
Add gbirke to researchers and analytics-usersoperations/puppetproduction+2 -6
add Gabriel Birke to shell usersoperations/puppetproduction+9 -0
Customize query in gerrit

Related Objects

Event Timeline

gabriel-wmde created this task.Aug 16 2018, 4:35 PM
Restricted Application added a subscriber: Aklapper. ยท View Herald TranscriptAug 16 2018, 4:35 PM
Addshore awarded a token.Aug 16 2018, 9:55 PM
Addshore added a project: User-Addshore.
Addshore moved this task from Unsorted ๐Ÿ’ฃ to Watching ๐Ÿ‘€ on the User-Addshore board.Aug 17 2018, 8:12 AM
Dzahn subscribed.EditedAug 17 2018, 2:49 PM

Hi,

You need to (digitally) sign the NDA, please write to Rachel Stallman <rstallman@wikimedia.org> (@RStallman-legalteam ) and she'll prepare it for you. This also needs to be signed off by your manager at WMDE.

I am assuming your request is for the group called "analytics-wmde" but it's purely based on the existing members and description:

analytics-wmde-users:
  description: Group of WMDE analytics users
  gid: 784
  members: [addshore, goransm]
  privileges: ['ALL = (analytics-wmde) NOPASSWD: ALL']

Does that seem right, is what you want the same access that the 2 users above have now? cc: @Addshore

Dzahn added a subscriber: RStallman-legalteam.Aug 17 2018, 2:50 PM
Addshore added a subscriber: Ottomata.EditedAug 17 2018, 2:53 PM

analytics-wmde-users only provides a very limited set of access, and that does not include access to EventLogging data afaik.

They need something else listed on https://wikitech.wikimedia.org/wiki/Analytics/Data_access#Access_Groups

Ping @Ottomata or someone else from Analytics

Addshore renamed this task from Requesting Access to view EventLogging data to Requesting Access to view EventLogging data for gabriel-wmde.Aug 17 2018, 2:58 PM
Addshore mentioned this in T202069: Requesting access to view EventLogging data for Tonina WMDE.
Addshore mentioned this in T202063: Requesting access to view EventLogging data for Tim WMDE.
RStallman-legalteam added a comment.Aug 17 2018, 4:08 PM

If this is for Tim Fabian Eulitz, we have a current NDA on file.

Addshore added a comment.Aug 17 2018, 4:10 PM
In T202072#4510187, @RStallman-legalteam wrote:

If this is for Tim Fabian Eulitz, we have a current NDA on file.

I think your looking for T202063: Requesting access to view EventLogging data for Tim WMDE ;)
But yes, that ticket is for Tim Eulitz :)

RStallman-legalteam added a comment.Aug 17 2018, 4:16 PM

Sorry, I responded to the wrong ticket for Tim! I can't find a Gabriel in our NDA records for WMDE staff.

Addshore renamed this task from Requesting Access to view EventLogging data for gabriel-wmde to Requesting Access to view EventLogging data for gabriel-wmde / gbirke.Aug 17 2018, 4:18 PM
Addshore updated the task description. (Show Details)
RStallman-legalteam added a comment.Aug 17 2018, 4:24 PM

Will send an email to gabriel.birke@wikimedia.de about signing the NDA. Thanks.

Dzahn triaged this task as Medium priority.Aug 17 2018, 6:45 PM
Dzahn moved this task from Untriaged to Awaiting User Input on the SRE-Access-Requests board.Aug 17 2018, 8:51 PM
Dzahn added a comment.Aug 17 2018, 10:36 PM

Hi @gabriel-wmde ! We'll need an SSH key from you. Could you create one and paste it here?

Also, could you read and sign L3 unless you already have in the past? Thanks

Ottomata added a comment.Aug 20 2018, 12:56 PM

To access EventLogging data in MySQL, you should be in the researchers group, and access it from stat1006. To access EventLogging data in Hive (recommended (by me)), you should be in the analytics-users group, and access it from stat1005. Both is fine.

Addshore updated the task description. (Show Details)Aug 20 2018, 3:19 PM
โ€ข Nuria subscribed.Aug 20 2018, 3:52 PM

You will need to sign an NDA regardless @gabriel-wmde you please start doing that.

RobH updated the task description. (Show Details)Aug 21 2018, 6:52 PM
RobH updated the task description. (Show Details)Aug 21 2018, 6:56 PM
RobH assigned this task to gabriel-wmde.Aug 21 2018, 6:59 PM
RobH moved this task from Awaiting User Input to Manager/NDA Approval/Confirmation on the SRE-Access-Requests board.
RobH subscribed.

@gabriel-wmde:

The following steps must be done by you for us to process this request:

  • You must have an NDA on file with WMF Legal. You should be able to work with someone within WMDE on this, as these NDAs for WMDE are pretty common. Also @RStallman-legalteam states they've sent over the info:
In T202072#4510302, @RStallman-legalteam wrote:

Will send an email to gabriel.birke@wikimedia.de about signing the NDA. Thanks.

  • You need to provide a dedicated public ssh key for WMF production shell access. This ssh key should not be used for anything else (not even WMF cloud services.)

Once we have those updated and commented on task, please unassign it from yourself, and someone on SRE clinic duty will pick it back up for processing!

gabriel-wmde added a comment.Aug 22 2018, 3:50 PM

wikimedia_prod.pub752 BDownload
This is my public SSH key

โ€ข Tim_WMDE removed gabriel-wmde as the assignee of this task.Aug 27 2018, 11:57 AM
RStallman-legalteam added a comment.Aug 27 2018, 4:38 PM

The NDA is fully signed and on file with legal. Thanks!

ArielGlenn updated the task description. (Show Details)Aug 28 2018, 10:00 AM
ArielGlenn subscribed.Aug 28 2018, 11:18 AM

We just need the manager/sponsor sign-off and then this can go ahead.

Addshore added a comment.Aug 28 2018, 11:22 AM
In T202072#4538007, @ArielGlenn wrote:

We just need the manager/sponsor sign-off and then this can go ahead.

It looks like @RobH marked the other 2 tickets as signed off, I wonder if this one was missed / who signed off (I don't see it in the comments)

ArielGlenn added a comment.Aug 28 2018, 11:27 AM
In T202072#4538020, @Addshore wrote:

...

It looks like @RobH marked the other 2 tickets as signed off, I wonder if this one was missed / who signed off (I don't see it in the comments)

Yeah I looked at them earlier and didn't see it there either.

ArielGlenn added a comment.EditedAug 29 2018, 9:05 AM

@gabriel-wmde Are you working with someone in analytics on this, could their manager sign off? @daniel any thoughts about who can approve so we can get this moving?

ArielGlenn added a subscriber: daniel.Aug 29 2018, 9:11 AM
โ€ข Nuria added a comment.Aug 29 2018, 2:58 PM

Approving access to EL data store

ArielGlenn updated the task description. (Show Details)Aug 29 2018, 3:10 PM
gerritbot subscribed.Aug 29 2018, 3:17 PM

Change 456160 had a related patch set uploaded (by ArielGlenn; owner: ArielGlenn):
[operations/puppet@production] add Gabriel Birke to shell users

https://gerrit.wikimedia.org/r/456160

gerritbot added a project: Patch-For-Review.Aug 29 2018, 3:17 PM
gerritbot added a comment.Aug 29 2018, 3:28 PM

Change 456160 merged by ArielGlenn:
[operations/puppet@production] add Gabriel Birke to shell users

https://gerrit.wikimedia.org/r/456160

gerritbot added a comment.Aug 29 2018, 3:32 PM

Change 456161 had a related patch set uploaded (by ArielGlenn; owner: ArielGlenn):
[operations/puppet@production] add Gabriel Birke to analytics-users and researchers groups

https://gerrit.wikimedia.org/r/456161

ArielGlenn added a comment.Aug 29 2018, 3:36 PM

Before i actually add you to both groups, @gabriel-wmde , do you want to choose (sql or hive) or do you want the option of both formats?

ArielGlenn moved this task from Manager/NDA Approval/Confirmation to Awaiting User Input on the SRE-Access-Requests board.Aug 29 2018, 3:39 PM
Dzahn assigned this task to gabriel-wmde.Aug 31 2018, 10:55 PM
ArielGlenn added a comment.Sep 10 2018, 10:18 AM

Pinging @gabriel-wmde, this is just waiting on your input.

RobH added a comment.EditedSep 18 2018, 4:36 PM

@gabriel-wmde,

This has been pending your answer to the below question since August 27th:

In T202072#4542510, @ArielGlenn wrote:

Before i actually add you to both groups, @gabriel-wmde , do you want to choose (sql or hive) or do you want the option of both formats?

Please address the above question, and then unassign the task from yourself so our clinic duty person picks it up for processing!

(If we don't see any movement on this within a week, I'll likely reject/close it so it doesn't sit open on the workboard. Then it can be reopened at any time when we have user feedback.)

RobH closed this task as Declined.Sep 20 2018, 7:08 PM
gabriel-wmde reopened this task as Open.Sep 28 2018, 9:40 AM

Sorry I totally missed this. I would like to have the option of both formats.

gerritbot added a comment.Sep 28 2018, 11:41 AM

Change 463456 had a related patch set uploaded (by Muehlenhoff; owner: Muehlenhoff):
[operations/puppet@production] Add gbirke to researchers and analytics-users

https://gerrit.wikimedia.org/r/463456

gerritbot added a comment.Sep 28 2018, 11:42 AM

Change 463456 merged by Muehlenhoff:
[operations/puppet@production] Add gbirke to researchers and analytics-users

https://gerrit.wikimedia.org/r/463456

MoritzMuehlenhoff closed this task as Resolved.Sep 28 2018, 11:45 AM
MoritzMuehlenhoff claimed this task.
MoritzMuehlenhoff subscribed.

@gabriel-wmde I've enabled your access (but it can take up to 30 minutes until it's available on all servers). If you have further any analytics-related questions, best to ask in the #wikimedia-analytics IRC channel.

gerritbot added a comment.Sep 28 2018, 11:45 AM

Change 456161 abandoned by Muehlenhoff:
add Gabriel Birke to analytics-users and researchers groups

Reason:
duplicate

https://gerrit.wikimedia.org/r/456161

CorinnaHillebrand_WMDE mentioned this in T234429: Requesting access to view EventLogging data for Co_WMDE.Oct 2 2019, 12:40 PM
Maintenance_bot removed a project: Patch-For-Review.Oct 2 2019, 1:10 PM
WMDE-leszek mentioned this in T358578: Add WMDE staff who have signed the NDA with the WMF to the WMF-NDA phabricator policy group.Feb 27 2024, 12:55 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. ยท Wikimedia Foundation ยท Privacy Policy ยท Code of Conduct ยท Terms of Use ยท Disclaimer ยท CC-BY-SA ยท GPL ยท Credits
  NODES
Note 2
Project 3
USERS 15