GitLab Support Operations, 16 Aug 2021

Previous Meeting Next Meeting

⏯

youtube image

►

From YouTube: Support Ops - Audits - Pagerduty

Description

Jason Colyer, Support Operations Manager, takes us through how to do Pagerduty Audits

A

Greetings all my name is jason collins, the support operations manager here at git lab and today we're going to go over doing a pagerduty product. Let me go ahead and share my screen and we'll get started now, everything's going to start from an audit issue. If you see the other audit videos, you'll know this is nothing new you'll uh go to your issues here we wanted to like new issue, find the template for pagerduty and apply it it'll tell you, you know, put your name in put the date at the corner.

A

Here's the title for this issue. You should use, assign it to yourself, send it to the ops manager complete the audit. uh Then you have your notes section here: that's where you're basically going to go through and put the output from the script or your manual review. If that is how you so choose to do it, there is kind of a lot to look over here.

A

So honestly, I would recommend using the script we'll go over, that real, quick, essentially we're going to require the faraday, the page of duty connection and open your eye and the yaml gyms libraries. However, you want to call them we're going to set up a client function which is just making a pagerduty connection.

A

We're going to set up a function called pagerduty schedule, users and we're going to pass this to page duty id. All this is going to do is grab a schedule based on the id and give us back the users from that. It's actually just going to pluck out the id number, because that's all we really need for this, the pagerduty user we're going to pass it the agent and what that will do is go grab that page your duty agent, that page duty user from the page of duty api and give us information about them.

A

The gitlab client function is just making a request to the get lab. Your request is url coded. The adapter is a faraday default adapter. Whatever the system has and the headers we're going to set the private token to the gitlab token, we pass through the environment, there's the support team yaml function. All that does is request the support team animal file and then respond give it back to us. It's going to use the ammo to safe load it so that we can really parse it see.

A

What's going on, the agent's function is just setting the agent's global variable to the value that we got from the support team, the apple file. We also pulled the static data file from the support team repo. The reason for this is it contains a lot of ids and schedules and all that fun stuff that we really it makes it a lot easier than having to script out tons of lines of information.

A

We already have a static data file that contains it and that's also going to be pulled via the gitlab api and then is going to parse that and vote it for us and we're setting the schedules function, which is just making the global variable schedules and setting it to the value from the static data file, but, namely the on call section of the static data file.

A

Now from there we're basically going to go through these schedules using each with index. So we have that index value and all we're going to do is call the pagerduty schedule. Users using that id number to get all the ids of the users and we're basically just going to set that in the schedule to say: hey, here's, the id values of the users.

A

Now, what we're going to do, then, is go through all the agents. We're skipping it if it's tom, because tom is not in page of duty by intention and what we're going to have them do is it's going to print out their name and their username username and then it'll tell us if there's any issues like the the page of duty id is not the support team yaml or uh there's a bad pager duty, id present or they're set in this schedule in the supports enamel, but not pagerduty.

A

That's all this is really gonna do and it's going to output. All of us all that for us now, when you get to your uh get to your command line, what you're going to need is ruby installed and right now we're using ruby, 2.6, that's coming from the dot ruby file, the dot, ruby version file.

A

It could change so make sure you keep on top of that and beyond that, we're going to need to make sure that the bundler gym is installed. So we can do gym list local graph bundle. There's bundler from there just run bundle. This will install every gem. You need for all the audits beyond that you're just going to do dot, slash bin and unity audit.

A

This will run. It does take a little bit to run, but this will output everything that you're going to paste into your notes. Section of that issue we made you know that we looked into earlier.

A

You can see how it's going through each person and so far it's not finding issues. That's good! We don't want it to find issues, but should it find any issues you know you'll address those you know in the issue itself. Now, let's look at a previously done issue, so we can kind of see what kind of stuff we're looking at here.

A

So I can go into this page review audit we did for q4 of the 21st fiscal year. We can see how one example was like this is before we added the tom exception. It told us tom doesn't have a page duty id well. That was intentional. That's what we wanted. We can also see how like dan and neville didn't hit. It uh wrote, knock, wasn't in there. We saw how like julian had they were in one schedule, but not actually in pagerduty.

A

These are all the things we would ping these people for, to talk to them and figure out what's going on and get it fixed. Normally, this is just a merge request of the support team yaml and that's all we really need to get it fixed.

A

um That's all there is to running a pagestudy audit beyond that, it's just a lot of async communication via the issue. I hope you found this educational and I look forward to seeing you in the next video.