Project:Infrastructure/Infra Role Based Access

Gentoo Infrastructure Role-based access
The followup action items from the GitHub incident post-mortem included reviewing Infra access controls, and retiring and/or restricting access of inactive infra members.

As a general principles:
 * Infra members should have the access necessary to do perform their role
 * Roles should be well-defined
 * Access required by roles should be well-defined
 * No access beyond what's required by roles

TODO

 * What constitutes inactive?
 * Disambiguate: working well enough that no interventions or changes are needed vs outstanding changes needed and overdue

General: LDAP

 * Repos: puppet, cfengine, dns
 * Root access to all LDAP servers & clients
 * Local users to fix broken LDAP

General: DNS

 * Repos: puppet, cfengine, dns
 * Root: DNS servers

Service: VCS

 * Repos: puppet, cfengine, various hooks
 * Root: access on Git primary & replicas

Service: cgit.g.o

 * Repos: puppet, cfengine
 * Root: access

Service: ganeti

 * Repos: puppet, cfengine
 * Root: Ganeti nodes
 * What about root on the VMs?