Page MenuHomePhabricator
Create Task
Maniphest T348486

Migrate CentralAuth to use a virtual database domain
Closed, ResolvedPublic
Actions

Description

See T330590: External LBs should not be exposed to developers (introduce virtual domains) for context.

Details

Related Changes in Gerrit:
SubjectRepoBranchLines +/-
Derive session keys from db name using virtual db domain configmediawiki/extensions/CentralAuthmaster+19 -7
Temporarily restore $wgCentralAuthDatabasemediawiki/extensions/CentralAuthmaster+28 -1
Move fallback initialization of virtual db domain setting to onRegistrationmediawiki/extensions/CentralAuthmaster+8 -24
Temporarily restore $wgCentralAuthDatabasemediawiki/extensions/CentralAuthwmf/1.43.0-wmf.6+28 -1
Use virtual db domains for CentralAuthmediawiki/extensions/CentralAuthmaster+53 -181
centralauth: Add virtual domainmediawiki/vagrantmaster+4 -6
use virtual db domain for GlobalBlocking databasemediawiki/extensions/GlobalBlockingmaster+49 -43
use virtual db domain for CentralAuth and GlobalBlockingoperations/mediawiki-configmaster+4 -0
Use virtual domain for OATHAuth databasemediawiki/extensions/OATHAuthmaster+53 -31
Customize query in gerrit

Related Objects
Search...

Event Timeline

Tgr created this task.Oct 10 2023, 12:14 AM
Restricted Application added a project: MediaWiki-Platform-Team. · View Herald TranscriptOct 10 2023, 12:15 AM
Restricted Application added a subscriber: Aklapper. · View Herald Transcript
Tgr added a parent task: T348573: All Wikimedia extensions that store their data outside the main database should use a virtual database domain.Oct 10 2023, 7:11 PM
larissagaulia assigned this task to ArielGlenn.Oct 16 2023, 3:13 PM
larissagaulia moved this task from Inbox, needs triage to In progress (DO NOT USE) on the MediaWiki-Platform-Team board.
Ladsgroup subscribed.Oct 31 2023, 10:18 AM
gerritbot added a comment.Nov 6 2023, 2:57 PM

Change 971967 had a related patch set uploaded (by ArielGlenn; author: ArielGlenn):

[operations/mediawiki-config@master] use virtual db domain for CentralAuth

https://gerrit.wikimedia.org/r/971967

gerritbot added a project: Patch-For-Review.Nov 6 2023, 2:57 PM

Change 971971 had a related patch set uploaded (by ArielGlenn; author: ArielGlenn):

[mediawiki/extensions/GlobalBlocking@master] use virtual db domain for CentralAuth database

https://gerrit.wikimedia.org/r/971971

ArielGlenn added a comment.EditedNov 6 2023, 2:59 PM

Took a stab at the GlobalBlocking change first, as it's smaller and simpler to my eyes. Not tested whatsoever.

gerritbot added a comment.Nov 13 2023, 2:41 PM

Change 973812 had a related patch set uploaded (by ArielGlenn; author: ArielGlenn):

[mediawiki/extensions/CentralAuth@master] Use virtual db domains for CentralAuth

https://gerrit.wikimedia.org/r/973812

gerritbot added a comment.Nov 13 2023, 6:38 PM

Change 973857 had a related patch set uploaded (by ArielGlenn; author: ArielGlenn):

[mediawiki/extensions/OATHAuth@master] Use virtual domain for OATHAuth database

https://gerrit.wikimedia.org/r/973857

gerritbot added a comment.Nov 14 2023, 8:36 AM

Change 973857 abandoned by ArielGlenn:

[mediawiki/extensions/OATHAuth@master] Use virtual domain for OATHAuth database

Reason:

Abandoned in favour of https://gerrit.wikimedia.org/r/c/mediawiki/extensions/OATHAuth/+/966600

https://gerrit.wikimedia.org/r/973857

gerritbot added a comment.Dec 14 2023, 8:07 AM

Change 971967 merged by jenkins-bot:

[operations/mediawiki-config@master] use virtual db domain for CentralAuth and GlobalBlocking

https://gerrit.wikimedia.org/r/971967

Stashbot added a comment.Dec 14 2023, 8:10 AM

Mentioned in SAL (#wikimedia-operations) [2023-12-14T08:10:15Z] <ariel@deploy2002> Started scap: Backport for [[gerrit:971967|use virtual db domain for CentralAuth and GlobalBlocking (T348486)]]

Stashbot added a comment.Dec 14 2023, 8:11 AM

Mentioned in SAL (#wikimedia-operations) [2023-12-14T08:11:42Z] <ariel@deploy2002> ariel: Backport for [[gerrit:971967|use virtual db domain for CentralAuth and GlobalBlocking (T348486)]] synced to the testservers (https://wikitech.wikimedia.org/wiki/Mwdebug)

Stashbot added a comment.Dec 14 2023, 8:20 AM

Mentioned in SAL (#wikimedia-operations) [2023-12-14T08:20:48Z] <ariel@deploy2002> Finished scap: Backport for [[gerrit:971967|use virtual db domain for CentralAuth and GlobalBlocking (T348486)]] (duration: 10m 33s)

gerritbot added a comment.Dec 14 2023, 7:18 PM

Change 971971 merged by jenkins-bot:

[mediawiki/extensions/GlobalBlocking@master] use virtual db domain for GlobalBlocking database

https://gerrit.wikimedia.org/r/971971

ReleaseTaggerBot added a project: MW-1.42-notes (1.42.0-wmf.10; 2023-12-19).Dec 14 2023, 9:00 PM
Umherirrender mentioned this in T348573: All Wikimedia extensions that store their data outside the main database should use a virtual database domain.Jan 12 2024, 3:49 PM
gerritbot added a comment.Mar 10 2024, 8:57 PM

Change 1009904 had a related patch set uploaded (by Gergő Tisza; author: Gergő Tisza):

[mediawiki/vagrant@master] centralauth: Add virtual domain

https://gerrit.wikimedia.org/r/1009904

gerritbot added a comment.Mar 10 2024, 9:30 PM

Change 1009904 merged by jenkins-bot:

[mediawiki/vagrant@master] centralauth: Add virtual domain

https://gerrit.wikimedia.org/r/1009904

matmarex subscribed.Mar 27 2024, 10:03 PM
matmarex mentioned this in T358985: Admin account created by the installer isn't made global by CentralAuth.Mar 27 2024, 10:58 PM
matmarex added a parent task: T358985: Admin account created by the installer isn't made global by CentralAuth.Apr 2 2024, 8:58 PM
Krinkle awarded a token.Apr 23 2024, 3:17 PM
larissagaulia moved this task from In progress (DO NOT USE) to Waiting on the MediaWiki-Platform-Team board.Apr 29 2024, 2:43 PM
Tgr mentioned this in T364435: Drop gu_salt from globaluser.May 16 2024, 8:03 PM
gerritbot added a comment.May 16 2024, 9:25 PM

Change #973812 merged by jenkins-bot:

[mediawiki/extensions/CentralAuth@master] Use virtual db domains for CentralAuth

https://gerrit.wikimedia.org/r/973812

Maintenance_bot removed a project: Patch-For-Review.May 16 2024, 9:31 PM
ReleaseTaggerBot added a project: MW-1.43-notes (1.43.0-wmf.6; 2024-05-21).May 16 2024, 10:00 PM
Tgr added a comment.May 19 2024, 10:45 AM

Done in production but we'll need to either notify third-party users or provide fallback behavior for old-style configuration.

Krinkle subscribed.EditedMay 20 2024, 5:12 PM

I was looking at this search result, and thought there'd be no results, but there still are a few:

https://codesearch.wmcloud.org/deployed/?q=CentralAuthDatabase%5Cb&files=&excludeFiles=&repos=

The ones for Quibble and testing seem harmless/unused, but the SessionManager usage looks suspicious to me. That appears to be unconditionally reading CentralAuthDatabase from GlobalVarConf a key that, despite per extension.json, this no longer existing. I guess that passes in CI because for Quibble, we re-create it with the value of wgDBname, but without it, I would expect a ConfigException for unset config key. Or alternatively, a PHP Notice for passing null into BagOStuff::makeKey().

Do we need something else there, in order to ensure the session keys remain set the same?

My understanding is that, while a bit unlikely to be used in practice, is that CentralAuth allows multiple instances of itself within the same set of servers that share a Memcached cluster. As it will put the database domain in the cache/session key to vary it that way explicitly. We might not need to continue supporting that, though. But, we do probably need some kind of patch to fix single-instance way that we use it in production.

gerritbot added a comment.May 20 2024, 7:21 PM

Change #1034142 had a related patch set uploaded (by Gergő Tisza; author: Gergő Tisza):

[mediawiki/extensions/CentralAuth@master] Temporarily restore $wgCentralAuthDatabase

https://gerrit.wikimedia.org/r/1034142

gerritbot added a project: Patch-For-Review.May 20 2024, 7:21 PM
Tgr added a comment.May 20 2024, 7:21 PM

Thanks for catching that!

DAlangi_WMF awarded a token.May 20 2024, 8:05 PM
Tgr added a subtask: T361400: 1.43.0-wmf.6 deployment blockers.May 20 2024, 10:07 PM
Aklapper removed a subtask: T361400: 1.43.0-wmf.6 deployment blockers.May 21 2024, 7:34 AM
Aklapper added a parent task: T361400: 1.43.0-wmf.6 deployment blockers.
gerritbot added a comment.May 21 2024, 8:10 AM

Change #1034142 merged by jenkins-bot:

[mediawiki/extensions/CentralAuth@master] Temporarily restore $wgCentralAuthDatabase

https://gerrit.wikimedia.org/r/1034142

gerritbot added a comment.May 21 2024, 8:11 AM

Change #1034173 had a related patch set uploaded (by Gergő Tisza; author: Gergő Tisza):

[mediawiki/extensions/CentralAuth@wmf/1.43.0-wmf.6] Temporarily restore $wgCentralAuthDatabase

https://gerrit.wikimedia.org/r/1034173

gerritbot added a comment.May 21 2024, 8:43 AM

Change #1034173 merged by jenkins-bot:

[mediawiki/extensions/CentralAuth@wmf/1.43.0-wmf.6] Temporarily restore $wgCentralAuthDatabase

https://gerrit.wikimedia.org/r/1034173

Stashbot added a comment.May 21 2024, 8:47 AM

Mentioned in SAL (#wikimedia-operations) [2024-05-21T08:47:30Z] <tgr@deploy1002> Started scap: Backport for [[gerrit:1034173|Temporarily restore $wgCentralAuthDatabase (T348486)]]

Stashbot added a comment.May 21 2024, 8:50 AM

Mentioned in SAL (#wikimedia-operations) [2024-05-21T08:50:25Z] <tgr@deploy1002> tgr: Backport for [[gerrit:1034173|Temporarily restore $wgCentralAuthDatabase (T348486)]] synced to the testservers (https://wikitech.wikimedia.org/wiki/Mwdebug)

ReleaseTaggerBot edited projects, added MW-1.43-notes (1.43.0-wmf.7; 2024-05-28); removed MW-1.43-notes (1.43.0-wmf.6; 2024-05-21).May 21 2024, 9:00 AM
Stashbot added a comment.May 21 2024, 9:05 AM

Mentioned in SAL (#wikimedia-operations) [2024-05-21T09:05:16Z] <tgr@deploy1002> Finished scap: Backport for [[gerrit:1034173|Temporarily restore $wgCentralAuthDatabase (T348486)]] (duration: 17m 45s)

Maintenance_bot removed a project: Patch-For-Review.May 21 2024, 9:31 AM
Jdforrester-WMF subscribed.May 21 2024, 1:53 PM

No longer a train blocker, I assume?

Tgr removed a parent task: T361400: 1.43.0-wmf.6 deployment blockers.May 21 2024, 2:05 PM

Yeah this was resolved. Still needs some (non-urgent) follow-up per https://gerrit.wikimedia.org/r/c/mediawiki/extensions/CentralAuth/+/1034142/comment/ee84ebf5_8960026c/.

Jdforrester-WMF added a comment.May 21 2024, 3:33 PM
In T348486#9816627, @Tgr wrote:

Yeah this was resolved. Still needs some (non-urgent) follow-up per https://gerrit.wikimedia.org/r/c/mediawiki/extensions/CentralAuth/+/1034142/comment/ee84ebf5_8960026c/.

Thanks. Though presumably following the completion of this train that patch will be reverted, which will complete it?

Tgr added a comment.May 21 2024, 3:42 PM

No, the patch is needed until we figure out what to do about the usage of the DB name in the cache keys. Reverting it would be less bad than having it deployed only to a subset of the servers, but it would still log people out one time.

gerritbot added a comment.May 24 2024, 7:54 AM

Change #1035722 had a related patch set uploaded (by ArielGlenn; author: ArielGlenn):

[mediawiki/extensions/CentralAuth@master] move fallback initialization of vitual db domain setting to onRegistration

https://gerrit.wikimedia.org/r/1035722

gerritbot added a project: Patch-For-Review.May 24 2024, 7:54 AM
gerritbot added a comment.May 25 2024, 2:13 PM

Change #1035853 had a related patch set uploaded (by ArielGlenn; author: ArielGlenn):

[mediawiki/extensions/CentralAuth@master] Introduce a new config var for Central Auth session keys

https://gerrit.wikimedia.org/r/1035853

ArielGlenn moved this task from Waiting to In progress (DO NOT USE) on the MediaWiki-Platform-Team board.May 26 2024, 2:46 PM
gerritbot added a comment.May 28 2024, 6:10 PM

Change #1035722 merged by jenkins-bot:

[mediawiki/extensions/CentralAuth@master] Move fallback initialization of virtual db domain setting to onRegistration

https://gerrit.wikimedia.org/r/1035722

ReleaseTaggerBot edited projects, added MW-1.43-notes (1.43.0-wmf.8; 2024-06-04); removed MW-1.43-notes (1.43.0-wmf.7; 2024-05-28).May 28 2024, 7:00 PM
gerritbot added a comment.Jul 8 2024, 9:11 PM

Change #1035853 merged by jenkins-bot:

[mediawiki/extensions/CentralAuth@master] Derive session keys from db name using virtual db domain config

https://gerrit.wikimedia.org/r/1035853

ReleaseTaggerBot edited projects, added MW-1.43-notes (1.43.0-wmf.13; 2024-07-09); removed MW-1.43-notes (1.43.0-wmf.8; 2024-06-04).Jul 8 2024, 10:00 PM
matmarex closed this task as Resolved.Jul 8 2024, 10:03 PM
matmarex removed a project: Patch-For-Review.
Daimona mentioned this in T373447: CentralAuth no longer uses `centralauth` as default database name, but the on-wiki docs haven't been updated yet.Aug 27 2024, 2:39 PM
Daimona subscribed.

This seems to have caused T373447: CentralAuth no longer uses `centralauth` as default database name, but the on-wiki docs haven't been updated yet.

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits