Page MenuHomePhabricator
Create Task
Maniphest T299519

systemd job "Sync keys for Keystone fernet tokens to ${thishost}" potentially broken
Closed, ResolvedPublic
Actions

Description

While working on T299358: dumps.wikimedia.org access logs on stat1007 are incomplete since May 2021 (possibly earlier), in the #wikimedia-analytics channel, we noticed that the problem is possibly caused by neither systemd nor rsync expanding the glob pattern * in the job command.

Quoting from my local rsync man-page:

Note that the expansion of wildcards on the command-line (*.c) into a list of files is handled by the shell before it runs rsync and not by rsync itself (exactly the same as all other Posix-style programs).

Looking through puppet for more instances of this pattern, this came up:

https://gerrit.wikimedia.org/r/plugins/gitiles/operations/puppet/+/refs/heads/production/modules/profile/manifests/openstack/base/keystone/fernet_keys.pp#39

I have no idea what it does, but it might be broken and should probably be checked.

Details

SubjectRepoBranchLines +/-
P:openstack::base::keystone::fernet_keys: drop use of '*' in rsyncoperations/puppetproduction+1 -1
Customize query in gerrit

Related Objects

Event Timeline

Michael created this task.Jan 19 2022, 1:44 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJan 19 2022, 1:44 PM
jbond edited projects, added Cloud-Services; removed SRE.Jan 19 2022, 2:25 PM
taavi edited projects, added Cloud-VPS, cloud-services-team (Kanban); removed Cloud-Services.Jan 19 2022, 2:25 PM
gerritbot added a comment.Jan 19 2022, 2:56 PM

Change 755396 had a related patch set uploaded (by Jbond; author: jbond):

[operations/puppet@production] P:openstack::base::keystone::fernet_keys: drop use of '*' in rsync

https://gerrit.wikimedia.org/r/755396

gerritbot added a project: Patch-For-Review.Jan 19 2022, 2:56 PM
jbond subscribed.Jan 19 2022, 2:56 PM

Simlar to T299510, this one shuold also be fine as is but have also sent a PS to update this, thanks

gerritbot added a comment.Jan 24 2022, 4:35 PM

Change 755396 merged by Andrew Bogott:

[operations/puppet@production] P:openstack::base::keystone::fernet_keys: drop use of '*' in rsync

https://gerrit.wikimedia.org/r/755396

Maintenance_bot removed a project: Patch-For-Review.Jan 24 2022, 5:10 PM
taavi closed this task as Resolved.Jan 25 2022, 4:53 PM
taavi assigned this task to jbond.
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits