Bonjour,
At the moment {forum,lab,weblate}.securedrop.club are deployed in the GRA3 region of an OpenStack project provided by OVH. In the OVH parlance, a project is like having a different account name: two projects share nothing, only they are billed to the same person. We conduct all our testing with molecule on separate regions (DE1 for @fpoulain, WAW1 for myself) so we don’t risk accidentally destroying a production VM when we mess up.
This separation is good but it makes me nervous. When we deploy weblate using ansible, OS_REGION_NAME=GRA3 molecule destroy could wipe out the entire production. This is not intended but we’re one environment variable away from Armageddon and it does not feel right.
I propose we use a separate OVH project for production. It means that credentials we use for testing do not have access to production. Destroying production by accident would be more difficult: one would have to run molecule destroy after setting the credentials used for production. It still is a risk but not so easy to make.
What do you think ?