This access will allow to read Orbeon Forms data.
Ref T2160
Details
Details
- Reviewers
- None
- Maniphest Tasks
- T2160: Read from Orbeon Forms and annotate with an Obsidian collection
- Deploy to db-A-001
- Deploy vault policy
Diff Detail
Diff Detail
- Repository
- rOPS Nasqueron Operations
- Lint
Lint Passed - Unit
No Test Coverage - Branch
- obsidian-orbeon
- Build Status
Buildable 6103 Build 6387: arc lint + arc unit
Event Timeline
Comment Actions
Policy deployment
Complector
$ salt-call --local state.sls_id salt-node-windriver roles/vault/policies /usr/local/lib/python3.11/site-packages/salt/ext/tornado/netutil.py:493: DeprecationWarning: ssl.PROTOCOL_TLS is deprecated context = ssl.SSLContext( [ERROR ] You have set "proxy_return" to "True" but you have not set the platform in NetBox for "complector" local: ---------- ID: salt-node-windriver Function: vault.policy_present Result: True Comment: Policy was updated Started: 22:12:44.472738 Duration: 26.842 ms Changes: ---------- salt-node-windriver: ---------- change: --- +++ @@ -51,6 +51,10 @@ capabilities = [ "read" ] } +path "ops/data/secrets/dbserver/cluster-A/users/obsidian" { + capabilities = [ "read" ] +} + path "ops/data/secrets/dbserver/cluster-B/users/dereckson_www51" { capabilities = [ "read" ] } Summary for local ------------ Succeeded: 1 (changed=1) Failed: 0 ------------ Total states run: 1 Total run time: 26.842 ms
Complector
$ salt db-A-001 state.apply roles/dbserver-pgsql/server […] ---------- ID: /var/db/postgres/data/pg_hba.conf Function: file.managed Result: True Comment: File /var/db/postgres/data/pg_hba.conf updated Started: 22:13:51.763741 Duration: 74.91 ms Changes: ---------- diff: --- +++ @@ -26,6 +26,7 @@ host airflow airflow 172.27.27.0/28 scram-sha-256 host corspat corspat 172.27.27.5/32 scram-sha-256 host fantoir fantoir 172.27.27.0/28 scram-sha-256 +host forms obsidian 172.27.27.35/32 password host forms orbeon 172.27.27.4/32 password host mail dovecot 172.27.27.3/32 password host mail mailManagement 172.27.27.3/32 password ---------- […] ID: dbserver_pgsql_user_obsidian Function: postgres_user.present Name: obsidian Result: True Comment: The user obsidian has been created Started: 22:13:53.836377 Duration: 408.946 ms Changes: ---------- obsidian: Present ---------- […] ID: dbserver_pgsql_user_obsidian_privilege_1_orbeon_form_data Function: postgres_privileges.present Name: obsidian Result: True Comment: The privilege(s): SELECT have been granted to obsidian Started: 22:13:57.911158 Duration: 434.126 ms Changes: ---------- obsidian: Present ---------- ID: dbserver_pgsql_user_obsidian_privilege_1_orbeon_f_nasqueron_j_contact_1 Function: postgres_privileges.present Name: obsidian Result: True Comment: The privilege(s): SELECT have been granted to obsidian Started: 22:13:58.346915 Duration: 377.837 ms Changes: ---------- obsidian: Present