Various services may need a minimally privileged bugzilla login just to run queries, since unprivileged queries cannot see email addresses. I happen to need this for the PackageReviewStatus script.
I could set up another bugzilla account for myself, then generate a cookie file and push it via puppet, but that seems hackish, ties it to my personal email address, makes everyone who wants to do this maintain their own account and cookie file and requires that every one of them be manually refreshed in case those cookies ever expire. Plus I don't know if it's smart to even put that cookie file into puppet.
Is it possible to have a single system-wide setup for this kind of thing?
In case it wasn't obvious, I'm happy to do the legwork here but I'm not really sure of the best way to go about this, or even if anyone else thinks this is a good idea.
I think it sounds reasonable...
would the account need fedorabugs? or just a normal run of the mill account?
I think the way to do it is for us to create the account with a @fedoraproject.org address, and then store the login/pass in our private puppet repo. Then you can refer to the login/pass via puppet templates.
So we've gone ahead and used the package-review bugzilla account for this, which makes sense for at least my script. Not quite as simple as just pointing at a cookie file but at least there's no chance that it would need to be refreshed.
Sounds good. Please let us know if you need anything more on this.
Login to comment on this ticket.