Enable TLS termination on the mwdebug deployment. fix the service definition in the chart
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	Joe
	Jun 7 2021, 5:02 AM

Description

We're in a strange situation where the mediawiki chart defines a service that uses port 443 as a backend, even when tls is disabled. Thus:

Fix the service definition so that it works under no-tls as well
Add a certificate to the mwdebug deployment and enable tls

Details

	Subject	Repo	Branch	Lines +/-
	mediawiki: fix ports and enable TLS on staging	operations/deployment-charts	master	+7 -11

Customize query in gerrit

Related Objects
Search...

Status	Assigned	Task
Stalled	None	T255792 Quibble runs core:unit tests twice!
Open	None	T328919 Upgrade to PHPUnit 10
Open	None	T338103 Micro-optimize ApiResult::isMetadataKey with str_starts_with once we support PHP8+
Open	None	T328921 Drop PHP 7.4 support from MediaWiki
Stalled	None	T334726 Use return type `never` in Wikibase
Open	None	T328922 Drop PHP 8.0 support from MediaWiki
Stalled	None	T319055 Upgrade to psr/container 2.x
Stalled	Krinkle	T319432 Migrate WMF production from PHP 7.4 to PHP 8.1
Open	None	T291916 Tracking task for Bullseye migrations in production
Stalled	None	T356293 Migrate MW appservers' base images to bullseye
Open	None	T290536 Serve production traffic via Kubernetes
Resolved	Joe	T283056 Create a mwdebug deployment for mediawiki on kubernetes
Resolved	jijiki	T284421 Enable TLS termination on the mwdebug deployment. fix the service definition in the chart

Event Timeline

Joe created this task.Jun 7 2021, 5:02 AM

Joe renamed this task from Enable TLS termination on the mwdebug deployment. fix the service definition to Enable TLS termination on the mwdebug deployment. fix the service definition in the chart.Jun 7 2021, 5:04 AM

Joe triaged this task as High priority.

Joe updated the task description. (Show Details)

Change 698454 had a related patch set uploaded (by Effie Mouzeli; author: Effie Mouzeli):

[operations/deployment-charts@master] mediawiki: fix ports

https://gerrit.wikimedia.org/r/698454

gerritbot added a project: Patch-For-Review.Jun 7 2021, 7:29 AM

I have enabled TLS on staging for now, which will use some default certs

Change 698454 merged by jenkins-bot:

[operations/deployment-charts@master] mediawiki: fix ports and enable TLS on staging

https://gerrit.wikimedia.org/r/698454

Maintenance_bot removed a project: Patch-For-Review.Jun 7 2021, 11:10 AM

jijiki claimed this task.Jun 24 2021, 3:48 PM