abizer
commented
6 years ago I wonder if it would be better to have this as a independent script in utils, for example, rather than adding another dependency to ocflib
Closed dkess closed 5 years ago
abizer
commented
6 years ago I wonder if it would be better to have this as a independent script in utils, for example, rather than adding another dependency to ocflib
dkess
commented
6 years ago This won't ever get run by a human, so it didn't seem correct to put it in utils.
abizer
commented
6 years ago That's true. However, it seems heavy to add two more dependencies that will get installed on all of our hosts for something that we will probably only want to run as a cronjob on a single host. Perhaps we should add an independent script to puppet instead?
kpengboy
commented
6 years ago One thing I'm not sure about in this commit is the way I handle authentication. My current plan is to have the credentials file get saved in the Puppet private share, and then have scripts provide that filename when constructing a GAppsAdmin object. But if there's a more idiomatic way to do this, I'd like to change it.
FYI the way we do this in things like ircbot is to have the constructor take a bunch of passwords as string arguments. (But if we move this to an independent script it would be a moot point.)
chriskuehl
commented
6 years ago +1 for keeping out of ocflib; this is logically more of a single-use application, so you could use dh-virtualenv, a service, etc.
unfortunately there is not a super straightforward way currently of having a "cronjob with python dependencies" besides dh-virtualenv (but there is prior art for this at the ocf)
dkess
commented
6 years ago Sounds good. Which prior art are you referring to that uses dh-virtualenv?
chriskuehl
commented
6 years ago https://github.com/ocf/approve is one example, not sure if we have others nowdays (create used to also work this way, but we turned it into a marathon service).
Would be nice if we had some kind of batch framework to use with mesos... not sure if we really want to invest in chronos at this point though, when the future of mesos at ocf seems unclear.
kpengboy
commented
6 years ago On the subject of chronos, it's half-dead too.
dkess
commented
5 years ago Closing, since this doesn't belong in ocflib.
This adds tools for interacting with our groups on GApps using the Google Admin API, and should lay the groundwork for eventually syncing LDAP groups and Google Groups.
One thing I'm not sure about in this commit is the way I handle authentication. My current plan is to have the credentials file get saved in the Puppet private share, and then have scripts provide that filename when constructing a
GAppsAdminobject. But if there's a more idiomatic way to do this, I'd like to change it.