SOP: Mattermost and RAS Group Sync

This SOP covers how the Rocky Enterprise Software Foundation (RESF) and Rocky Linux Infrastructure handles group syncing between the Rocky Account Services and Mattermost Channels. It contains information about how System Administrators will create groups, the templates, and how to setup syncing within Mattermost.

Note: This assumes the user is logging in with their RAS credentials to Mattermost.

Contact Information

Owner	Infrastructure Team & Identity Management Team
Email Contact	infrastructure@rockylinux.org
Email Contact	identitymanagement@rockylinux.org
Mattermost Contacts	@label
Mattermost Contacts	@neil
Mattermost Channels	~Infrastructure

Creating the necessary group

This section covers how a system administrator will create a group Rocky Account Services using ansible. The playbook utilized will be adhoc-ipagroup.yml.

1. First, determine where and how the group will be utilized. The starting template will be mm_X_name. mm is for mattermost, X will be for the designated part of Mattermost (e.g., resf, rl, and so on), and name will be the name of the group in question.

2. On the ansible host, run the necessary ansible playbook: ansible-playbook -i inventories/production/hosts.ini ansible-ipa-management/adhoc-ipagroup.yml --extra-vars='ipa_group=<GROUP> ipa_description="<DESC>" ipa_nonposix=false ipa_fas=true ipa_group_manager_user=<OWNER>'

   • Ensure that the description is set in a way that it explains what it is for
   • It is unlikely the group will need to have a GID assigned. Assigning the group as nonposix should be sufficient.
   • Setting the group with ipa_fas=true ensures that the group will appear in Rocky Account Services and can be managed there.
   • Setting ipa_group_manager_user will set a user in RAS that can manage the group without requesting for an administrator to do so.

Syncing in Mattermost

Within mattermost's administration console, apply the group to the channel as necessary.

Resources

Account ServicesGit (RESF Git Service)Git (Rocky Linux GitHub)Git (Rocky Linux GitLab)Mail ListsContacts

URL: https://accounts.rockylinux.org

Purpose: Account Services maintains the accounts for almost all components of the Rocky ecosystem

Technology: Noggin used by Fedora Infrastructure

Contact: ~Infrastructure in Mattermost and #rockylinux-infra in Libera IRC

URL: https://git.resf.org

Purpose: General projects, code, and so on for the Rocky Enterprise Software Foundation.

Technology: Gitea

Contact: ~Infrastructure, ~Development in Mattermost and #rockylinux-infra, #rockylinux-devel in Libera IRC

URL: https://github.com/rocky-linux

Purpose: General purpose code, assets, and so on for Rocky Linux. Some content is mirrored to the RESF Git Service.

Technology: GitHub

Contact: ~Infrastructure, ~Development in Mattermost and #rockylinux-infra, #rockylinux-devel in Libera IRC

URL: https://git.rockylinux.org

Purpose: Packages and light code for the Rocky Linux distribution

Technology: GitLab

Contact: ~Infrastructure, ~Development in Mattermost and #rockylinux-infra, #rockylinux-devel in Libera IRC

URL: https://lists.resf.org

Purpose: Users can subscribe and interact with various mail lists for the Rocky ecosystem

Technology: Mailman 3 + Hyper Kitty

Contact: ~Infrastructure in Mattermost and #rockylinux-infra in Libera IRC

Name	Email	Mattermost Name	IRC Name
Neil Hanlon	neil@resf.org	@neil	neil
Taylor Goodwill	tg@resf.org	@tgo	tg
Louis Abel	label@rockylinux.org	@nazunalika	Sokel/label/Sombra