Infrastructure Team Meeting - Feb. 08 2022


Damien Duportal (@dduportal ), Hervé Le Meur (@hlemeur ), Stephane Merle (@smerle), Mark Waite (@MarkEWaite ), Tim Jacomb (@timja )

Official minutes on GitHub.


  • Security releases

  • Digital Ocean:

    • WiP by @lemeurherve , it’s going well (fighting with the Terraform process that need to have an improved documentation + updated, and it’s the first time that it is used outside jenkins-infra/aws so need some fixes)
    • Status: Works locally, CI job ready, CI builds to be fixed
      • Credentials for the backend configuration file not interpreted
        • Places the credential name instead of value into config file
        • Each configuration reload requires an interactive update
        • Required to set multiline content separately
          • Easier to use string variables rather than file content
          • File is needed for the DigitalOcean docs
  • Updatecli:

    • WiP by @smerle on Docker image updates (hashicorp-tools, jenkins-infra/aws) and on kubernetes-management (AWS EC2 agent template updates directly from packer)
  • Private AKS cluster:

    • WiP by @dduportal , back from holidays. Focus on the groovy pipeline library
  • Service

    • Plain HTTP only, legacy service, running on the VM
    • Pager duty alert the 07th of Feb. about bad TLS certificats: but no HTTPS on it: we removed the alert as it make no sense
    • TODO: decommission this service

    • WiP by Jeremy Playout (@jplayout)
    • Status: PR opened with the helm chart (from @halkeye’s work :heart:)
    • Todo: validate helm chart, and then open PR for installation in kubernetes-management
    • Might need to create a Postgres DB in Azure + migrate data