Wikimedia Release Engineering Team/Onboarding
Copy/paste into onboarding task
This is your primary onboarding document for the team. You --- [ ] Get access to your `@wikimedia.org` email (should happen before your first day). [ ] IRC [ ] Follow the [[ https://meta.wikimedia.org/wiki/IRC/Instructions | IRC guide on meta wiki ]] [ ] If you choose to use [[ https://www.irccloud.com/ | IRCCloud ]] (recommended if you are unfamiliar with IRC), get added to the Wikimedia group account by emailing email@example.com with the email you used to register (your `@wikimedia.org` email). [ ] Join public IRC channels (`#wikimedia-releng`, `#wikimedia-operations`, `#wikimedia-pipeline`, `#wikimedia-cloud`, `#wikimedia-cloud-admin` ). [ ] Note the [[ https://www.mediawiki.org/wiki/Wikimedia_Release_Engineering_Team/Onboarding#IRC_Channel_descriptions | channel descriptions ]]. [ ] Private message `thcipriani` when the above is complete. [ ] Mailing lists and Google Groups ([[ https://www.mediawiki.org/wiki/Wikimedia_Release_Engineering_Team/Onboarding#Mailing_lists_descriptions | descriptions of the lists ]]) [ ] Subscribe to [[ https://lists.wikimedia.org/mailman/listinfo/ops | ops@ ]] [ ] Subscribe to [[ https://lists.wikimedia.org/mailman/listinfo/qa | qa@ ]] [ ] Subscribe to [[ https://lists.wikimedia.org/mailman/listinfo/wikitech-l | wikitech-l@ ]] [ ] Verify you are subscribed to Foundation Official and tech-all Google Groups. You may need to ask for assistance from Tyler for Foundation Official, or verify with someone in Office IT when you talk to them about comms. [ ] Development accounts [ ] Create a [[ https://wikitech.wikimedia.org/wiki/Help:Create_a_Wikimedia_developer_account | Wikimedia developer account ]] (aka: "LDAP account" or "wikitech account"). Follow the "VPS and General users" process. [ ] [[ https://wikitech.wikimedia.org/wiki/Special:Preferences | Add 2factor ]] to your Wikimedia developer account [ ] [[ https://www.mediawiki.org/wiki/Wikimedia_Release_Engineering_Team/Onboarding#SSH_keys_generation | Generate two ssh keys ]]. One for production and one for your Wikimedia developer account. [ ] [[ https://wikitech.wikimedia.org/wiki/Special:Preferences#mw-prefsection-openstack | Add the `wmfdev` ssh public key ]] to your Wikimedia developer account. [ ] [[ https://www.mediawiki.org/wiki/Phabricator/Help#Creating_your_account_and_notifications | Register in Phabricator ]] using your Wikimedia developer account. [ ] Associate your Wikimedia wiki account (created by OIT at https://meta.wikimedia.org/) with your Phabricator user account (**hack this url:** https://phabricator.wikimedia.org/settings/user/YOURUSERNAMEHERE/page/external/) [ ] Add 2factor to Phabricator login. [ ] Add the `wmfdev` ssh public key to Phabricator. [ ] Follow the [[ https://www.mediawiki.org/wiki/Gerrit/Tutorial | Gerrit tutorial ]]. Add your `wmfdev` ssh key in Gerrit. [ ] Server access [ ] [[ https://wikitech.wikimedia.org/wiki/Production_shell_access | Request access to production servers ]] in these groups: `deployment`, `contint-admins`, and `contint-docker`. Use your `wmfprod` ssh public key. [ ] Add that request task a subtask to this one. [ ] Shared password management [ ] [[ https://www.mediawiki.org/wiki/Wikimedia_Release_Engineering_Team/Onboarding#Generating_a_GPG_key | Create GPG key ]] for use with [[ https://phabricator.wikimedia.org/source/releng-secrets/repository/master/ | our pwstore ]] (if you don't already have one). [ ] Ask Tyler to setup a team [[ https://en.wikipedia.org/wiki/Key_signing_party | signing party ]]. [ ] Add yourself to the [[ https://office.wikimedia.org/wiki/Contact_list | Contact List on officewiki ]]: [ ] [[ https://www.mediawiki.org/wiki/Wikimedia_Release_Engineering_Team/Onboarding#Readings | Read the readings ]] [ ] [[ https://www.mediawiki.org/wiki/Wikimedia_Release_Engineering_Team/Onboarding#People_to_meet_and_things_to_do_with_them | Meet the rest of the team individually ]]. Somebody else (default: Tyler) -------------------- [ ] Add to weekly team meeting as soon as the Google account is created [ ] Have first day meeting with Tyler [ ] Schedule weekly 1:1 with Tyler [ ] Add to [[ https://lists.wikimedia.org/mailman/admin/releng | releng@ private team mailing list ]] [ ] IRC [ ] [[ https://www.mediawiki.org/wiki/Wikimedia_Release_Engineering_Team/Onboarding#Team-related_IRC_access_additions | Add to team relate IRC access lists ]]. [ ] Request addition to the other private IRC channels (`#wikimedia-staff`, `#mediawiki_security`) [ ] Tyler [[ https://www.mediawiki.org/wiki/Wikimedia_Release_Engineering_Team/Onboarding#People_to_meet_and_things_to_do_with_them | schedules 1:1s with everyone on the team ]]. [ ] Add to relevant Team Drives in Google Drive: [[ https://drive.google.com/drive/folders/0AHezJ5RWTtIZUk9PVA | RelEng ]], [[ https://drive.google.com/drive/folders/0AF6uUvbeFIMIUk9PVA | Pipeline ]], [[ https://drive.google.com/drive/folders/0AGBFN6_lJ-r5Uk9PVA | Code Health ]] [ ] File an LDAP-Access-Requests for `wmf`, `releng`, `ciadmin` (link as subtask) [ ] Add to [[ https://gerrit.wikimedia.org/r/admin/groups/1484,members | RelEng's Gerrit group]] (which gives Administrator and wmf-deployments by inheritance) [ ] Phabricator [ ] Add to Phabricator groups: #WMF-NDA, #trusted-contributors, #acl_releng, #acl_repository-admins, #acl_project-admins, #acl_phabricator [ ] Add to the [[ https://phabricator.wikimedia.org/project/2769/item/configure/global/ | kanban board's sidebar ]] [ ] Add to kanban Herald rule: H229 [ ] [[ https://www.mediawiki.org/wiki/Wikimedia_Security_Team/Policy/Access_to_security_issues | Request addition to #Security phabricator group ]] (link as subtask) [ ] Add to our [[ https://horizon.wikimedia.org/project/member/ | Cloud VPS projects ]]: `deployment-prep` and `integration` [ ] Setup a [[ https://en.wikipedia.org/wiki/Zimmermann%E2%80%93Sassaman_key-signing_protocol | keysigning party ]] [ ] Add GPG key to [[ https://phabricator.wikimedia.org/source/releng-secrets/repository/master/ | our pwstore ]] [ ] Add to [[ https://www.mediawiki.org/wiki/Wikimedia_Release_Engineering_Team | team page on mediawiki.org ]] (team members and timezone). // Source: https://www.mediawiki.org/wiki/Wikimedia_Release_Engineering_Team/Onboarding //
SSH keys generation
Generate two new SSH keys, be sure to use a memorable passphrase.
- For your WIkimedia developer account use:
ssh-keygen -f ~/.ssh/id_ed25519.wmfdev -t ed25519 -C "firstname.lastname@example.org"
- For your production account use:
ssh-keygen -f ~/.ssh/id_ed25519.wmfprod -t ed25519 -C "email@example.com"
You will now have 4 files in your
~/.ssh directory as follows:
id_ed25519.wmfdev - Wikimedia developer account private key id_ed25519.wmfdev.pub - Wikimedia developer account public key id_ed25519.wmfprod - Wikimedia production account private key id_ed25519.wmfprod.pub - Wikimedia production account public key
We have a recommended .ssh/config to use.
Generating a GPG key
gpg2 --full-generate-keyand follow the prompts. Defaults are usually good, but use a 4096 bit length.
gpg2 --keyserver pool.sks-keyservers.net --send-keyuploads public key to key server
- Reach out to Tyler to see about getting it signed. Requires two signatures.
Mailing lists descriptions
- firstname.lastname@example.org - Private team list
- email@example.com - Private ops list, includes all deployers
- firstname.lastname@example.org - public list
- email@example.com - (if appropriate) private alias for security issue reporting and follow-up
- firstname.lastname@example.org - public list for all things Wikimedia development
IRC Channel descriptions
- #wikimedia-releng - team channel with task, code review, and monitoring bot announcements
- #wikimedia-staff - private WMF staff and contractors only channel, useful backchannel for staff-only meetings
- #wikimedia-releng-team - private team IRC channel
- #wikimedia-operations - most production server discussion happens here
- #wikimedia-pipeline - focused on the cross-team Deployment Pipeline project
- #wikimedia-tech - general Wikimedia tech discussion
- #wikimedia-dev - Wikimedia dev related bot announcements (tasks and code review)
- #wikimedia-cloud and #wikimedia-cloud-admin - Cloud VPS (much of our CI infrastructure depends on Wikimedia Cloud VPS)
- Prerequisite: the user's nick must be registered with nick enforcement set to
on. They should follow the IRC tutorial on meta.
- Add the user to the access list for our private team channel using the
/msg ChanServ access #wikimedia-releng-team ADD NEWPERSON member
- Then add to invite list (so they don't have to invite themselves each time):
/mode #wikimedia-releng-team +I NEWPERSON
- Give the user +v (voice) in #wikimedia-releng
/msg ChanServ access #wikimedia-releng add NEWPERSON team-member
People to meet and things to do with them
The goal is to meet your team mates and learn how the team fits together. Hopefully you'll talk to everyone on the team one on one for about thirty minutes over the first week or two.
- Tyler Cipriani (
thcipriani), manager of the Release Engineering team. He is normally in the US Mountain timezone.
- Tell him everything is going great and that the instructions are easy to follow but you are still overwhelmed by the reading you have to do.
- Tell him that you found some errors in the instruction and fixed the template. :P
- Ask him to give you an overview of how the foundation is organized, what teams do what, and all that.
- Make sure he adds you to any relevant team meetings.
- He'll want to talk to you one on one a few times in the first week.
First couple of weeks
Meet the whole team:
- Antoine Musso (
hashar) - Central European timezone
- Ask him to tell you the origin story of our Continuous Integration infrastructure, including Beta Cluster.
- Ask him all about French cooking and why it's the best country to live in.
- Brennen Bearnes (
brennen) - Mountain timezone
- Ask him about Vim.
- Dan Duvall (
marxarelli) - Pacific timezone
- Ask him about the Deployment Pipeline.
- Ask him about maintaining the infrastructure for a website that got 99% of it's traffic in one month.
- Lars Wirzenius (
liw) - Eastern European timezone
- Ask him about being the other new person on the team.
- Ask him about his obsession with backups.
- Mukunda Modell (
twentyafterfour) - Central timezone
- Ask him about Phabricator and why it's a game.
- Ask him about his RX7.
More widely, Release Engineering is part of Engineering Productivity:
- Engineering Productivity
- Greg Grossmeier (
greg-g) - Pacific timezone (Director of Engineering)
- Quality & Test Engineering
- Jean-Rene Branaa (
jrbranaa) - Pacific timezone (Engineer Manager)
- Ask him about Code Health and what it means here.
- Ask him to tell you all about gaming.
- Zeljko Filipin (
zeljkof) - Central European timezone
- Performance Engineering
- Gilles Dubuc (
gilles) - Central European timezone (Engineering Manager)
- https://office.wikimedia.org/wiki/New_tech_employee_orientation <-- important
- From SRE:
- Life of a request presentation
- Application layer deeper dive presentation
- The "Kubernetes" (2018-11-16) presentation from https://office.wikimedia.org/wiki/Operations/Ops_sessions
- http://www.aosabook.org/en/mediawiki.html <-- lower priority, but interesting