Page MenuHomePhabricator
Create Task
Maniphest T158946

Update gerrit to 2.13.8
Closed, ResolvedPublic
Actions

Description

The release notes are at https://www.gerritcodereview.com/releases/2.13.md#2.13.8

It includes submodules updates which is the main fix for us as it would have helped me catch problems with submodule problems when we first upgraded to gerrit 2.13.

It also include "Don't truncate long lines in diff screens" fix, though it dosent fix the problem in all cases as I found, but still an improvement to diffs.

"Allow user with "Maintain Server" permission to find all changes."

"Allow to continue reindex despite failures."

"Be more consistent about object ids used in ref operation validation." <-- that one is a major bug fix we want. Though we did not experience it it can happen at any time preventing branches from being created through web ui (maybe also through git too). That bug was exposed when they updated the hooks plugin on master.

Also another fix is "Upgrade JGit to 4.5.1.201703201650-r."

"Among other bug fixes, this version includes a fix for packfile list

inconsistency in memory due to temporary lack of system resources during
read, which caused transient "file not found" errors."

Details

SubjectRepoBranchLines +/-
Gerrit: Add systemd service to base::service_unitoperations/puppetproduction+30 -1
Customize query in gerrit

Related Objects

Event Timeline

Paladox created this task.Feb 24 2017, 8:29 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptFeb 24 2017, 8:29 AM
Paladox moved this task from Bugs & stuff to WMF customizations on the Gerrit board.Feb 27 2017, 3:45 PM
Paladox added a comment.Mar 1 2017, 5:30 PM

We will not want to do "Allow HTTP password when using LDAP and basic authentication." as in gerrit 2.13 passwords are not hashed for git cloning over http.

But is now hashed in gerrit 2.14.

demon added a comment.Mar 1 2017, 6:37 PM
In T158946#3064994, @Paladox wrote:

We will not want to do "Allow HTTP password when using LDAP and basic authentication." as in gerrit 2.13 passwords are not hashed for git cloning over http.

The passwords are over HTTPS, so it's not a huge deal. But this doesn't impact us I don't think. The key word here is and. The second line of that changelog entry is a little more telling (emphasis mine):

"It was not possible to use HTTP password to validate git over HTTP and REST API requests if LDAP was used along with HTTP basic authentication."

We don't use HTTP basic auth :)

But is now hashed in gerrit 2.14.

How can the HTTP passwords be hashed. The user wouldn't be able to view their own random password anymore...

Paladox added a comment.Mar 1 2017, 6:40 PM

Oh it's hashed so it isn't shown as plain text in the git repo.

demon added a comment.Mar 1 2017, 6:41 PM

That still doesn't make sense. How is it shown in the UI if it's hashed?

Paladox added a comment.Mar 1 2017, 6:46 PM
In T158946#3065318, @demon wrote:

That still doesn't make sense. How is it shown in the UI if it's hashed?

It seems to show for me. But according to https://gerrit-review.googlesource.com/#/c/96370/ it's hashed. So maybe the backend?

demon added a comment.Mar 1 2017, 6:59 PM
In T158946#3065333, @Paladox wrote:
In T158946#3065318, @demon wrote:

That still doesn't make sense. How is it shown in the UI if it's hashed?

It seems to show for me. But according to https://gerrit-review.googlesource.com/#/c/96370/ it's hashed. So maybe the backend?

This is fucking bizarre...

Paladox added a comment.EditedMar 6 2017, 10:52 AM

@demon scratch that it seems the ui is broken now, see https://gerrit-review.googlesource.com/#/c/96370/ (bottom).

So we doint want to enable that config we should continue using ldap passwords for git clone over http.

See https://bugs.chromium.org/p/gerrit/issues/detail?id=5716

But apparently it is fixed in polygerrit or at least it works there but in gwt it seems broken.

Paladox added a comment.Mar 7 2017, 4:03 PM

I think there planing a .7 release this month.

Paladox added a comment.EditedMar 22 2017, 1:13 AM

Looks like 2.13.7 will be released really soon with some fixes for :)

https://gerrit-review.googlesource.com/#/c/100810/

demon added a comment.Mar 22 2017, 1:36 AM

The 2.13.4..2.13.7 diff looks good, we'll target it after I'm back from vacation.

Paladox renamed this task from Update gerrit to 2.13.6 to Update gerrit to 2.13.7.Mar 22 2017, 10:15 AM
Paladox updated the task description. (Show Details)
Paladox updated the task description. (Show Details)Mar 22 2017, 11:39 AM
Paladox added a comment.Mar 31 2017, 12:16 AM

@demon Upstream have a performance patch in 2.13 (merged after 2.13.7 was released) Should we cherry pick that when we upgrade to 2.13.7?

demon added a comment.Apr 1 2017, 9:36 PM

No.

Paladox added a comment.Apr 9 2017, 10:31 AM

Looks like they are about to release gerrit 2.13.7

Paladox added a comment.Apr 19 2017, 1:03 PM

There looks to be a schema upgrade in the next 2.13.x release which might be 2.13.7. But it will be a performance upgrade as the h2 database is known to be slow if you keep opening connections to it they are now going to allow us to use the db :). https://gerrit-review.googlesource.com/#/c/103373/

Paladox renamed this task from Update gerrit to 2.13.7 to Update gerrit to 2.13.8.Apr 26 2017, 10:52 AM
Paladox updated the task description. (Show Details)

2.13.8 includes a schema upgrade + an performance improvement if we switch from h2 to mysql.

Paladox added a comment.Apr 26 2017, 11:29 AM

See http://gerrit-documentation.storage.googleapis.com/Documentation/2.13.8/pgm-MigrateAccountPatchReviewDb.html

TerraCodes subscribed.May 18 2017, 9:44 PM

Should this task be closed in favor of T156120?

Paladox added a comment.May 18 2017, 9:46 PM

Nope, since i think they are going to upgrade to 2.13.8 then to 2.14.1 (when that's released, includes many, many bug fixes.)

gerritbot subscribed.May 19 2017, 1:58 PM

Change 354485 had a related patch set uploaded (by Chad; owner: Chad):
[operations/debs/gerrit@master] gerrit (2.13.8 git1-wmf.1) jessie-wikimedia; urgency=medium

https://gerrit.wikimedia.org/r/354485

gerritbot added a project: Patch-For-Review.May 19 2017, 1:58 PM
greg moved this task from INBOX to Kanban on the Release-Engineering-Team board.May 20 2017, 12:00 PM
greg edited projects, added Release-Engineering-Team (Kanban); removed Release-Engineering-Team.
gerritbot added a comment.May 22 2017, 7:39 PM

Change 354485 merged by Muehlenhoff:
[operations/debs/gerrit@master] gerrit (2.13.8 git1-wmf.1) jessie-wikimedia; urgency=medium

https://gerrit.wikimedia.org/r/354485

Stashbot subscribed.May 31 2017, 8:17 PM

Mentioned in SAL (#wikimedia-operations) [2017-05-31T20:17:12Z] <RainbowSprinkles> gerrit: bringing offline for a few minutes for point release (2.13.4 -> 2.13.8, T158946)

EddieGP subscribed.May 31 2017, 9:14 PM
gerritbot added a comment.May 31 2017, 10:59 PM

Change 356480 had a related patch set uploaded (by Paladox; owner: Paladox):
[operations/debs/gerrit@master] Gerrit: Set ulimit's in gerrit.service

https://gerrit.wikimedia.org/r/356480

gerritbot added a comment.Jun 1 2017, 1:37 AM

Change 356518 had a related patch set uploaded (by Paladox; owner: Paladox):
[operations/puppet@production] Gerrit: Add systemd service to base::service_unit

https://gerrit.wikimedia.org/r/356518

gerritbot added a comment.Jun 1 2017, 1:40 AM

Change 356518 abandoned by Paladox:
Gerrit: Add systemd service to base::service_unit

https://gerrit.wikimedia.org/r/356518

gerritbot added a comment.Jun 2 2017, 5:06 AM

Change 356480 merged by Muehlenhoff:
[operations/debs/gerrit@master] Gerrit: Set ulimit's in gerrit.service

https://gerrit.wikimedia.org/r/356480

demon closed this task as Resolved.Jun 6 2017, 10:01 PM
demon claimed this task.
Paladox removed a project: Patch-For-Review.Jun 6 2017, 10:04 PM
Paladox removed a subscriber: gerritbot.
demon reopened this task as Open.Jun 7 2017, 12:26 AM

Rolled back because T152640.

gerritbot added a comment.Jun 7 2017, 12:39 AM

Change 357524 had a related patch set uploaded (by Chad; owner: Chad):
[operations/debs/gerrit@master] gerrit (2.13.8 git1-wmf.5) jessie-wikimedia; urgency=medium

https://gerrit.wikimedia.org/r/357524

gerritbot added a project: Patch-For-Review.Jun 7 2017, 12:39 AM
gerritbot added a comment.Jun 7 2017, 12:44 AM

Change 357524 merged by Dzahn:
[operations/debs/gerrit@master] gerrit (2.13.8 git1-wmf.5) jessie-wikimedia; urgency=medium

https://gerrit.wikimedia.org/r/357524

Stashbot added a comment.Jun 8 2017, 6:42 PM

Mentioned in SAL (#wikimedia-operations) [2017-06-08T18:42:52Z] <mutante> built gerrit_2.13.8+git1-wmf.5 on copper (T158946)

Stashbot added a comment.Jun 8 2017, 8:12 PM

Mentioned in SAL (#wikimedia-operations) [2017-06-08T20:12:27Z] <mutante> imported gerrit_2.13.8+git1-wmf.5_amd64 on apt.wikimedia.org (T158946)

Dzahn subscribed.Jun 8 2017, 9:45 PM

The .5 version can now be installed. I simulated install on gerrit2001 and cobalt to confirm it's available but did not actually do it.

Inst gerrit [2.13.8+git1-wmf.4] (2.13.8+git1-wmf.5 Wikimedia:8/jessie-wikimedia [all])
Conf gerrit (2.13.8+git1-wmf.5 Wikimedia:8/jessie-wikimedia [all])
Paladox added a comment.Jun 8 2017, 9:47 PM

@Dzahn thanks, @demon did the upgrade on gerrit2001 pending to do it on cobalt :)

demon closed this task as Resolved.Jun 13 2017, 11:31 PM
Phabricator_maintenance edited projects, added RelEng-Archive-FY201718-Q1; removed Release-Engineering-Team (Kanban).Sep 26 2017, 11:46 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL