Page MenuHomePhabricator
Create Task
Maniphest T357227

Elasticsearch credential request for capacity-exchange
Closed, ResolvedPublic
Actions

Description

Elasticsearch will be used to internally search for profiles and skills registered on the platform.

More info:

Event Timeline

Albertoleoncio created this task.Feb 11 2024, 1:54 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptFeb 11 2024, 1:54 AM
taavi subscribed.Feb 11 2024, 11:25 AM

Hi. How is this tool different from the Cloud VPS project of the same name?

Albertoleoncio added a comment.Feb 11 2024, 2:47 PM
Em T357227#9531879, @taavi escreveu:

Hi. How is this tool different from the Cloud VPS project of the same name?

The committee has decided to migrate the project to Python, and the instance has been maintained on the VPS to enable this migration. It should be deactivated in the near future (although it is currently unavailable and I don't know why).

taavi added a project: cloud-services-team.Feb 12 2024, 12:25 PM
taavi moved this task from Inbox to Clinic Duty on the cloud-services-team board.
Slst2020 claimed this task.Feb 19 2024, 10:22 AM
Slst2020 changed the task status from Open to In Progress.Feb 19 2024, 10:52 AM
Slst2020 added a comment.Feb 19 2024, 11:43 AM

@Albertoleoncio Your tool has been granted write access to Elasticsearch now. The credentials are available to your tool as envvars. When logged into Toolforge as your tool, you can see them by running toolforge envvars list:

tools.capacity-exchange@tools-sgebastion-10:~$ toolforge envvars list
name                         value
TOOL_ELASTICSEARCH_PASSWORD  redacted
TOOL_ELASTICSEARCH_USER      redacted
TOOL_REPLICA_PASSWORD        redacted
TOOL_REPLICA_USER            redacted
TOOL_TOOLSDB_PASSWORD        redacted
TOOL_TOOLSDB_USER            redacted
Slst2020 closed this task as Resolved.Feb 19 2024, 11:44 AM
Albertoleoncio added a comment.Feb 21 2024, 5:52 PM

@Slst2020 I'm having a problem with credentials. I don't know if I'm running it incorrectly, or if I'm missing some permission.

tools.capacity-exchange@tools-sgebastion-10:~$ toolforge envvars show TOOL_ELASTICSEARCH_PASSWORD
name                         value
TOOL_ELASTICSEARCH_PASSWORD  <redacted + copied>
tools.capacity-exchange@tools-sgebastion-10:~$ curl -u tools.capacity-exchange -X POST http://elasticsearch.svc.tools.eqiad1.wikimedia.cloud:80
Enter host password for user 'tools.capacity-exchange': <paste>
<html><body><h1>403 Forbidden</h1>
Request forbidden by administrative rules.
</body></html>
taavi added a comment.Feb 22 2024, 2:04 PM
tools.capacity-exchange@tools-sgebastion-11:~$ toolforge envvars show TOOL_ELASTICSEARCH_PASSWORD
name                         value
TOOL_ELASTICSEARCH_PASSWORD  $6$EhKG5NUX/[...]

That's a password hash, not a password...

I regenerated the credentials and copied the correct password to the envvar.

Slst2020 added a comment.Feb 22 2024, 2:15 PM
In T357227#9567723, @taavi wrote:

That's a password hash, not a password...

I regenerated the credentials and copied the correct password to the envvar.

Oops, sorry about that! Thank you @taavi

Albertoleoncio added a project: Capacity Exchange.Mar 4 2024, 8:34 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL