Page MenuHomePhabricator
Create Task
Maniphest T398875

Publish updated wmf/next container when deploying config backport or security patch
Closed, ResolvedPublicFeature
Actions

Description

Adopt the behavior described in the design agreements that came out of T379683: [FY24-25 WE6.2.6] Create design document for Pretrain (née Group -1) deployment.

Deployment of both MediaWiki configuration (operations/mediawiki-config.git) and security patches done via scap from a deployment server will also trigger new pretrain deployments. These deployments will not happen in-process with the other wiki updates. Instead they will trigger an asynchronous build and deployment workflow. We may choose to de-duplicate triggering events so that we only deploy pretrain once as the result of a typical backport or security window.

This first step is only concerned with publishing an updated container. We will be working on actually deploying this container in a future hypothesis.

Details

Related Changes in GitLab:
TitleReferenceAuthorSource BranchDest Branch
config.py: Reenable build_mw_next_container_imagerepos/releng/scap!936dancymaster-Iea03955c84676a9bac90b9dc00b4af385409e72amaster
kubernetes: Use separate image repo for single version image buildrepos/releng/scap!935dancymaster-I2107eb9d4c1e5eee389662547598eec702ff3169master
config.py: Disable build_mw_next_container_imagerepos/releng/scap!929dancymaster-I6cff04283e850b595c8fff0af5716ed71b2b83c2master
AbstractSync: Build "next" image when building regular imagesrepos/releng/scap!925dancymaster-I2aeb31d412a7268bda538ccd4dcc77f8d135e3c0master
Customize query in GitLab

Related Objects
Search...

Event Timeline

bd808 created this task.Jul 7 2025, 9:07 PM
bd808 triaged this task as High priority.
bd808 changed the subtype of this task from "Task" to "Feature Request".
CodeReviewBot added a project: Patch-For-Review.Jul 30 2025, 8:33 PM

dancy opened https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/925

sync: Build "next" image when building regular images

CodeReviewBot added a comment.Jul 30 2025, 10:26 PM

dancy merged https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/925

AbstractSync: Build "next" image when building regular images

Maintenance_bot removed a project: Patch-For-Review.Jul 30 2025, 10:31 PM
Stashbot added a comment.Jul 31 2025, 4:21 PM

Mentioned in SAL (#wikimedia-operations) [2025-07-31T16:21:13Z] <dancy@deploy1003> Started scap sync-world: Testing T398875

Stashbot added a comment.Jul 31 2025, 4:24 PM

Mentioned in SAL (#wikimedia-operations) [2025-07-31T16:24:56Z] <dancy@deploy1003> Finished scap sync-world: Testing T398875 (duration: 03m 43s)

dancy closed this task as Resolved.Jul 31 2025, 4:26 PM
dancy claimed this task.
dancy subscribed.

This change is live!

The impact of building the next image during build-and-push-container-images is not noticeable:

16:21:36 Started build-and-push-container-images
16:21:36 K8s images build/push output redirected to /home/dancy/scap-image-build-and-push-log
16:21:36 K8s images build/push output redirected to /home/dancy/scap-image-build-and-push-log.next
16:21:55 Finished build-and-push-container-images (duration: 00m 18s)

(that was from a scap sync-world with no changes)

Should something go wrong, set build_mw_next_container_image to False in scap.cfg to disable this functionality.

dancy reopened this task as Open.Jul 31 2025, 9:16 PM

Looks like the changes caused a deployment problem so I rolled back scap.

CodeReviewBot added a project: Patch-For-Review.Jul 31 2025, 10:19 PM

dancy opened https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/929

config.py: Disable build_mw_next_container_image

CodeReviewBot added a comment.Jul 31 2025, 10:22 PM

dancy merged https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/929

config.py: Disable build_mw_next_container_image

Maintenance_bot removed a project: Patch-For-Review.Jul 31 2025, 10:31 PM
Maryann-Onyinye subscribed.Aug 5 2025, 1:41 AM
CodeReviewBot added a project: Patch-For-Review.Aug 5 2025, 4:46 PM

dancy opened https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/935

kubernetes: Use separate image repo for single version image build

CodeReviewBot added a comment.Aug 5 2025, 4:50 PM

dancy merged https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/935

kubernetes: Use separate image repo for single version image build

CodeReviewBot added a comment.Aug 5 2025, 4:53 PM

dancy opened https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/936

config.py: Reenable build_mw_next_container_image

CodeReviewBot added a comment.Aug 5 2025, 4:54 PM

dancy merged https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/936

config.py: Reenable build_mw_next_container_image

Maintenance_bot removed a project: Patch-For-Review.Aug 5 2025, 5:31 PM
Stashbot added a comment.Aug 5 2025, 6:37 PM

Mentioned in SAL (#wikimedia-operations) [2025-08-05T18:37:00Z] <dancy@deploy1003> Started scap sync-world: testing T398875

Stashbot added a comment.Aug 5 2025, 6:39 PM

Mentioned in SAL (#wikimedia-operations) [2025-08-05T18:39:54Z] <dancy@deploy1003> Finished scap sync-world: testing T398875 (duration: 02m 54s)

dancy closed this task as Resolved.Aug 5 2025, 9:25 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits