Commit 2eb8ef71 authored by Craig Miskell's avatar Craig Miskell

Merge branch 'manual-step-for-onboarding' into 'master'

Note a manual step required by the onboarded after the new SRE adds their user data bag json file

See merge request gitlab-com/gl-infra/infrastructure!130
parents a05856f8 d8f2e4cd
......@@ -66,7 +66,8 @@ N - note there is a lot of good onboarding info in [the handbook](https://about.
1. [ ] N: Add your public key to the path `ansible/roles/base/files/authorized_keys/<username>` and submit an MR
1. [ ] O: Ensure a successful ansible run to install the users key into the infrastructure
1. [ ] SSH:
1. [ ] N: [create a SSH user](https://ops.gitlab.net/gitlab-cookbooks/chef-repo/blob/master/README.md#add-a-new-system-admin) and send an MR to [chef-repo](https://ops.gitlab.net/gitlab-cookbooks/chef-repo) - ensure you are providing the ssh key from the yubikey setup
1. [ ] N: [create an SSH user](https://ops.gitlab.net/gitlab-cookbooks/chef-repo/blob/master/README.md#add-a-new-system-admin) and send an MR to [chef-repo](https://ops.gitlab.net/gitlab-cookbooks/chef-repo) - ensure you are providing the ssh key from the yubikey setup
1. [ ] O: Merge the MR, and then run `knife data bag from file users <username>.json`
2. [ ] N: wait for chef to propagate your public key to the bastion servers and all the rest of the infrastructure nodes
1. [ ] Bastion setup for SSH:
1. [ ] N: obtain a base known-good SSH config for GitLab infrastructure: `curl https://gitlab.com/gitlab-com/gl-infra/infrastructure/raw/master/onboarding/ssh-config >> $HOME/.ssh/config`
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment