Page MenuHomePhabricator
Create Task
Maniphest T379432

Create a way to temporarily bypass the results cache on production
Closed, ResolvedPublic
Actions

Description

What/Why:
There are times we need to turn off the caching functionality in WikiLambda when invoking functions in Production. The argument $bypassCache stored in extensions/WikiLambda/includes/OrchestratorRequest.php ~L51. It would be useful to have a way to do this via an environment variable or something.

How:

  1. Find best way to to do this and figure out implementation details
  2. Add to doc or create a patch to introduce new env var or config/script.

Resources: https://wikitech.wikimedia.org/wiki/Wikifunctions/Runbook#Add_a_new_pre-defined_Object_in_production

Details

Related Changes in Gerrit:
SubjectRepoBranchLines +/-
[wikifunctionswiki] Give wikilambda-bypass-cache to staffoperations/mediawiki-configmaster+1 -0
Add a way to toggle caching for testing purposesmediawiki/extensions/WikiLambdamaster+30 -2
Customize query in gerrit

Related Objects
Search...

Event Timeline

ecarg created this task.Nov 8 2024, 9:58 PM
Jdforrester-WMF renamed this task from Create a way to toggle cache in Production to Create a way to bypass the results cache, even in production.Nov 13 2024, 5:36 PM
Jdforrester-WMF added a project: Design.
Jdforrester-WMF moved this task from To Triage to No current plans / External on the Abstract Wikipedia team board.
Jdforrester-WMF subscribed.

I'm extremely uneasy about creating things kind of security vector, and would need quite a lot of product/design work to decide how to expose it and explain how dangerous it was to use.

DMartin-WMF added a comment.EditedNov 19 2024, 3:24 AM

@Jdforrester-WMF - Thanks for commenting. Understood about the security concerns, of course. Grace and I were thinking this might be acceptable if it's set up as a maintenance script, similar to loadPreDefinedObject.php, and requires shelling into a development server to run it. Also, it could be coded in such a way that it would never take effect more than, say, 15 minutes at a time. Also, I wonder if maybe the script could bypass caching only for requests coming from one specified user.

DMartin-WMF renamed this task from Create a way to bypass the results cache, even in production to Create a way to temporarily bypass the results cache on production.Nov 19 2024, 3:25 AM
ecarg added a parent task: T383157: [25Q3] Improve performance and drive down tech debt & developer inhibitors.Jan 14 2025, 9:22 PM
ecarg claimed this task.Jan 15 2025, 2:16 AM
ecarg added a comment.EditedJan 15 2025, 5:02 AM

note/ideas:

  • create/add an env var to pass as boolean value to the $bypassCache argument in orchestrate() function in /WikiLambda/includes/OrchestratorRequest.php
  • make boolean pass-able during a function call/request6
  • good to add a time limit?
  • permissions: local wikifunctions-staff group (not global staff)
gerritbot added a comment.Jan 16 2025, 4:54 AM

Change #1111736 had a related patch set uploaded (by Ecarg; author: Ecarg):

[mediawiki/extensions/WikiLambda@master] Add a way to toggle caching for testing purposes

https://gerrit.wikimedia.org/r/1111736

gerritbot added a project: Patch-For-Review.Jan 16 2025, 4:54 AM
sbassett added a project: Security-Team.Jan 16 2025, 2:36 PM
sbassett subscribed.Jan 16 2025, 2:42 PM

@ecarg and I talk about this a bit on Slack. Could we protect this behind the global staff group or a similar, internal right/group? I know that's probably a bit ugly, but it's a battle-tested and auditable approach.

sbassett moved this task from Incoming to Watching on the Security-Team board.Jan 21 2025, 4:35 PM
sbassett added a project: SecTeam-Processed.

Per discussion on the AW-Sec call this morning, the Security-Team would currently rate the new, time-limited right/role solution as low risk.

ecarg changed the task status from Open to In Progress.Jan 27 2025, 9:07 PM
DSantamaria added a project: Wikifunctions Improve performance.Jan 31 2025, 12:31 PM
ecarg triaged this task as Medium priority.Jan 31 2025, 5:41 PM
ecarg moved this task from No current plans / External to 25Q3 (Jan–Mar) on the Abstract Wikipedia team board.
ecarg edited projects, added Abstract Wikipedia team (25Q3 (Jan–Mar)); removed Abstract Wikipedia team.
ecarg moved this task from Incoming to In Engineering on the Abstract Wikipedia team (25Q3 (Jan–Mar)) board.Jan 31 2025, 5:45 PM
ecarg moved this task from In Engineering to In Code review on the Abstract Wikipedia team (25Q3 (Jan–Mar)) board.Feb 5 2025, 5:05 AM
Jdforrester-WMF moved this task from In Code review to Ready to deploy on the Abstract Wikipedia team (25Q3 (Jan–Mar)) board.Feb 12 2025, 1:20 PM
gerritbot added a comment.Feb 12 2025, 1:26 PM

Change #1111736 merged by jenkins-bot:

[mediawiki/extensions/WikiLambda@master] Add a way to toggle caching for testing purposes

https://gerrit.wikimedia.org/r/1111736

Maintenance_bot removed a project: Patch-For-Review.Feb 12 2025, 1:31 PM
ReleaseTaggerBot added a project: MW-1.44-notes (1.44.0-wmf.17; 2025-02-18).Feb 12 2025, 2:00 PM
Jdforrester-WMF moved this task from Ready to deploy to Needs Sign-off on the Abstract Wikipedia team (25Q3 (Jan–Mar)) board.Feb 20 2025, 2:44 PM
gerritbot added a comment.Feb 20 2025, 3:33 PM

Change #1121385 had a related patch set uploaded (by Jforrester; author: Jforrester):

[operations/mediawiki-config@master] [wikifunctionswiki] Give wikilambda-bypass-cache to staff

https://gerrit.wikimedia.org/r/1121385

gerritbot added a project: Patch-For-Review.Feb 20 2025, 3:33 PM
gerritbot added a comment.Feb 20 2025, 9:23 PM

Change #1121385 merged by jenkins-bot:

[operations/mediawiki-config@master] [wikifunctionswiki] Give wikilambda-bypass-cache to staff

https://gerrit.wikimedia.org/r/1121385

Stashbot added a comment.Feb 20 2025, 9:23 PM

Mentioned in SAL (#wikimedia-operations) [2025-02-20T21:23:49Z] <jforrester@deploy2002> Started scap sync-world: Backport for [[gerrit:1121385|[wikifunctionswiki] Give wikilambda-bypass-cache to staff (T379432)]]

Stashbot added a comment.Feb 20 2025, 9:26 PM

Mentioned in SAL (#wikimedia-operations) [2025-02-20T21:26:34Z] <jforrester@deploy2002> jforrester: Backport for [[gerrit:1121385|[wikifunctionswiki] Give wikilambda-bypass-cache to staff (T379432)]] synced to the testservers (https://wikitech.wikimedia.org/wiki/Mwdebug)

Maintenance_bot removed a project: Patch-For-Review.Feb 20 2025, 9:31 PM
Stashbot added a comment.Feb 20 2025, 9:33 PM

Mentioned in SAL (#wikimedia-operations) [2025-02-20T21:33:24Z] <jforrester@deploy2002> Finished scap sync-world: Backport for [[gerrit:1121385|[wikifunctionswiki] Give wikilambda-bypass-cache to staff (T379432)]] (duration: 09m 34s)

Jdforrester-WMF added a comment.Feb 20 2025, 9:43 PM

Tested in production and this works well. Thanks, all!

DSantamaria subscribed.Feb 25 2025, 6:20 AM

@Jdforrester-WMF If it has already been tested, can we sign off, or do you need @ecarg to do so?

Jdforrester-WMF closed this task as Resolved.Feb 27 2025, 2:38 PM

Yeah, let's declare this Resolved.

sbassett moved this task from Watching to Our Part Is Done on the Security-Team board.Feb 27 2025, 4:10 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits