[06:39:08] <wm-bb>	 <gopavasanth> @bd808 , @blancadesal Hiii 👋 we are currently working on fetching the tool maintainers' usernames but are only able to retrieve their full names. In many cases, the full name and username are different (e.g., my full name is Gopa Vasanth, but my username is gopavasanth). This variation applies to other users as well. Could you please guide us on how to retrieve
[06:39:08] <wm-bb>	 the correct us <clipped message>
[06:39:09] <wm-bb>	 <gopavasanth> ername details for the respective tools? This is a blocker for testing and rolling out the alerting feature in case of downtimes.
[06:39:10] <wm-bb>	 <gopavasanth> Link: https://github.com/gopavasanth/ToolWatch/pull/24
[06:39:53] <wm-bb>	 <gopavasanth> cc: @moltenlava16 thanks for the PR!!! 🙂 (re @gopavasanth: @bd808 , @blancadesal  Hiii 👋 we are currently working on fetching the tool maintainers' usernames but are only able to retrieve...)
[10:50:20] <wm-bb>	 <blancadesal> I don't know of a way to do this off the top of my head. Why not have the user supply their username as part of the opt-in process? (re @gopavasanth: @bd808 , @blancadesal  Hiii 👋 we are currently working on fetching the tool maintainers' usernames but are only able to retrieve...)
[13:48:34] <wm-bb>	 <bd808> @gopavasanth I would suggest emailing the Toolforge tool directly rather than trying to email each maintainer individually. https://wikitech.wikimedia.org/wiki/Help:Toolforge/Email#Mail_to_a_Tool
[13:51:38] <wm-bb>	 <bd808> The mapping from a Toolforge tool to its maintainers is stored in the LDAP directory that tracks Developer accounts. You can see that in the ldap tool among other places: https://ldap.toolforge.org/group/tools.stashbot
[13:52:34] <wm-bb>	 <gopavasanth> Yeah we are planning to do the same. But for the users to allow opting in and out we have integrated with Oauth where we get username as a part of auth. So wondering how could we map that with editing the opt in and out feature. (re @bd808: @gopavasanth I would suggest emailing the Toolforge tool directly rather than trying to email each maintainer individually.
[13:52:34] <wm-bb>	 http...)
[14:07:49] <wm-bb>	 <bd808> OAuth will get you SUL account information. You would then need to map from the SUL account to the Developer account which is not a guaranteed process. If we have a mapping it would exist in one of 3 places: ldap, Phabricator, or Striker’s database. The ldap mapping can be seen at https://ldap.toolforge.org/user/bd808 as an example. The backing attribute is
[14:07:49] <wm-bb>	 ``wikimediaGlobalAcc <clipped message>
[14:07:49] <wm-bb>	 <bd808> ountName``. The Phabricator mapping is exposed with APIs designed to go the other direction, mapping a Developer or SUL account to a Phabricator account. New code would be needed at phabricator.wikimedia.org to get from SUL to Developer account. Striker’s mapping is in an internal database that has no exposed API.
[18:36:23] <wm-bb>	 <gopavasanth> Thanks for this info Bryan, will explore further on the same. (re @bd808: OAuth will get you SUL account information. You would then need to map from the SUL account to the Developer account which is no...)
[18:59:06] <wm-bb>	 <moltenlava16> LDAP looks promising, Striker is responsible for making sure that the maintainer list for the tool in the LDAP directory is up to date. I could not find much documentation for connecting to this directory, is it possible/allowed? If not, i could just scrape the output of the LDAP browser tool. (re @bd808: OAuth will get you SUL account information. You would
[18:59:06] <wm-bb>	 then need to map from <clipped message>
[18:59:07] <wm-bb>	 <moltenlava16>  the SUL account to the Developer account which is no...)
[19:06:13] <wm-bb>	 <bd808> We probably don’t have great docs on how to connect to the LDAP directory as a tool, but there are a number of tools like https://gitlab.wikimedia.org/toolforge-repos/gitlab-account-approval/-/blob/main/src/glaab/ldap.py?ref_type=heads that you can look at to see how it is possible.
[19:07:25] <wm-bb>	 <bd808> https://wikitech.wikimedia.org/wiki/Tool:Gitlab-account-approval#Use_an_SSH_tunnel_to_access_LDAP describes a way to make the directory accessible for local development too.
[19:07:29] <wm-bb>	 <jeremy_b> or see footer of ldap tool (linked from footer) to see another way (re @bd808: OAuth will get you SUL account information. You would then need to map from the SUL account to the Developer account which is no...)
[19:08:26] <wm-bb>	 <jeremy_b> ironic that trying to type ldap this phone keyboard thought I said Idaho. in a conversation with bd808
[19:10:35] <wm-bb>	 <moltenlava16> oh yep, looks like I'm able to access it via ldaps://ldap-ro.eqiad.wikimedia.org:636 when connected to toolforge. Thanks for the help!
[19:11:37] <wm-bb>	 <moltenlava16> Maybe i'll try to contribute some docs for this, once i get a bit more familiar with LDAP :) (re @bd808: We probably don’t have great docs on how to connect to the LDAP directory as a tool, but there are a number of tools like https:...)