Page MenuHomeDevCentral

Deploy account is defined in saltmaster role but used in devserver role too
Open, Needs TriagePublic


To provide software in devserver role, some Git repositories are cloned using the SSH key belonging to the deploy account.

But this deploy account is defined in saltmaster role, as the intended workflow was:

  1. declare your repository to deploy as a submodule of rSTAGING
  2. update repo in /opt/salt/staging
  3. deploy from there

The current trend is to clone repository directly on the server to avoid IO performance issues with large amount of files.

A solution has to be found to this problem, for example:

  • investigate if gitfs performs well (but why to have every file on every server?)
  • create deploy as a part of the core

Same problem for webserver-wwwroot51 unit (roles/devserver/webserver-wwwroot51/).

Event Timeline

Furthermore, Jenkins CD uses the deploy account to publish static website updates on Ysul through:

stage('Publish') {
    steps {
        echo 'Deploying....'
            failOnError: true,
            publishers: [
                    configName: 'ysul-deploy',
                    verbose: true,
                    transfers: [
                            sourceFiles: '**',
                            remoteDirectory: '',
                            cleanRemote: true,