Page MenuHomePhabricator
Create Task
Maniphest T218597

Work out how we are going to cut deploy branches without gerrit HTTP Token
Closed, ResolvedPublicSecurity
Actions

Related Objects
Search...

Event Timeline

Jdforrester-WMF removed zeljkofilipin as the assignee of this task.Mar 18 2019, 4:21 PM
Jdforrester-WMF created this task.
Jdforrester-WMF created this object with visibility "Public (No Login Required)".
Jdforrester-WMF created this object with edit policy "Custom Policy".
Jdforrester-WMF added subscribers: zeljkofilipin, thcipriani.
zeljkofilipin raised the priority of this task from Medium to Unbreak Now!.Mar 18 2019, 4:29 PM

Train blockers are UBN!

Restricted Application added subscribers: Liuxinyu970226, TerraCodes. · View Herald TranscriptMar 18 2019, 4:29 PM
zeljkofilipin moved this task from Backlog 🪒 to Project ♟ on the User-zeljkofilipin board.Mar 18 2019, 4:29 PM
Krenair subscribed.Mar 18 2019, 4:32 PM
thcipriani added a comment.EditedMar 19 2019, 12:36 AM

I've edited the setup section of the train docs to use ssh rather than http token auth. https://wikitech.wikimedia.org/wiki/Heterogeneous_deployment/Train_deploys#Setup

I think that after doing the key setup make-wmf-branch should work once again.

The key changes are

  1. Make a new key on the deployment host
  2. git config --global url.ssh://[GERRIT-USERNAME]@gerrit.wikimedia.org:29418.pushInsteadOf https://gerrit.wikimedia.org/r
Legoktm subscribed.Mar 19 2019, 1:05 AM

Just to be clear, is the removal of the Gerrit HTTP token feature going to be a permanent change or just temporary? If this is a permanent thing I'll have to figure out how to modify libraryupgrader as well...

brennen subscribed.Mar 19 2019, 3:46 AM
zeljkofilipin moved this task from Project ♟ to Deep work 🌊 on the User-zeljkofilipin board.Mar 19 2019, 11:16 AM
In T218597#5034575, @thcipriani wrote:

I've edited the setup section of the train docs to use ssh rather than http token auth. https://wikitech.wikimedia.org/wiki/Heterogeneous_deployment/Train_deploys#Setup

Thanks! As soon as Gerrit is up again, I'll test the documentation and resolve the task.

zeljkofilipin claimed this task.Mar 19 2019, 11:26 AM
zeljkofilipin moved this task from Backlog to In-progress on the Release-Engineering-Team (Kanban) board.
mmodell added a comment.Mar 19 2019, 11:40 AM
In T218597#5034638, @Legoktm wrote:

Just to be clear, is the removal of the Gerrit HTTP token feature going to be a permanent change or just temporary? If this is a permanent thing I'll have to figure out how to modify libraryupgrader as well...

I hope not. We definitely don't want to lose gerrit rest api in the long run.

zeljkofilipin closed this task as Resolved.Mar 20 2019, 12:02 AM
zeljkofilipin reassigned this task from zeljkofilipin to thcipriani.

Assigning to @thcipriani because he did all the work and resolving, because the documentation is now up to date. I was able to cut the branch.

Legoktm mentioned this in T218750: Re-enable use of Gerrit HTTP token to push patchsets.Mar 20 2019, 12:06 AM
Liuxinyu970226 unsubscribed.Mar 26 2019, 12:14 AM
Aklapper removed a subscriber: Anomie.Oct 16 2020, 5:38 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL