Can we get rid of Ansible after moving the digital collections to Heroku? What’s standing in our way?
Things we have to keep
Building ArchivesSpace (details).
Things we can eliminate
S3 bucket management (see issue #1023). We may want to use are using Terraform for this instead.
Notably, we need to keep
create_kithe_s3.yml.
Building ArchivesSpace (details).
...
Encrypted information
We’ve used Ansible (specifically, the vault files) as a default place to store encrypted information (e.g. ssl certs, etc.). playbooks can then copy that info onto new servers.
We can and should move sensitive information that is no longer required by any playbooks to a secure spot on a shared drive, so we aren’t relying on Ansible for that function anymore. That information should then be deleted from the Ansible codebase altogether.
...