Not reproducible now.

I've hacked a fix for this into the live pod, but a rebuild of the image is necessary for persistence.

Invited @Bstorm as an admin.

I think I'm not familiar enough with toolforge ingress to comment on that part.

No. Automation seems broken due to the movement in repo and to travis.com. Probably all that is necessary is to regenerate a .travis.yml with encrypted secrets.

The current images are in https://quay.io/organization/wikimedia-paws-prod/ I can give access to users there, or we can move to a different registry.

@RhinosF1 precisely, but the code should only hit wikidata and nl wikipedia.

@SandraF_WMF I would love to help onboard more contributors to PAWS and help with technical scoping of this contribution, sorry it took me a while to notice the comment.

PAWS-public seems to be erroring out with all usernames that go outside ascii.

@MichaelSchoenitzer_WMDE In the meantime you can go to https://paws-public.wmflabs.org/paws-public/47694471/ to see your public notebooks.

I can reproduce this https://paws-public.wmflabs.org/paws-public/User:chicocvenancio/T252306.ipynb it tells me I don't have an account in az:wikibooks.

My best guess is this is this is similar to T168222
Not PAWS related but pywikibot hitting other wikis from the wikidata item.

https://paws-public.wmflabs.org/paws-public/User:Michael_Sch%C3%B6nitzer_(WMDE)/ Triggers a 500 by itself.

Is this still ongoing?

I can take a crack this week.

Taking the @bd808 bump on this to help move it forward.

It was https://tools.wmflabs.org/wikiloves/monuments/2019/Brazil/users

Thanks for the reminders, I have signed up as a co-mentor.

I don't see T245012, T226942 as blockers for PAWS.

FYI, as @srishakatux suggested last year, discussed in IRC, and discussed with @bd808, @yuvipanda has moved the main repo to the toolforge github organization at my request. https://github.com/toolforge/paws is where the production PAWS code lives in now.

In T51541#5847780, @Juandev wrote:

Hey, is it set for whole wiki or is it just a user script? If there are people, who think its not worth coding, why not to have it as an option. I would love to use it on cs.pw, commons, cs.wv etc.

Setting up the Wiki-Loves-Love bot for this year I decided to take advantage of CronJobs. I placed my example CronJob yaml definition and some notes on how to debug it in the Wikitech page.

yeah, my plan then was to actually go the full k8s route with prometheus-operator and such. Have not gotten around to implementing it yet.

Does this include updates to the toolforge prometheus instance? I wanted to funnel PAWS metrics there but it was such an old version when I tried it I gave up on getting it to work.

After being properly informed of the differences in GSCO and Outreachy I am very much considering it a better solution that we focus on Outreachy. The deadline alone means we'd have very little time to plan for GSOC but it seems to may Outreachy stipend for the intern makes it a program I can support more easily.

FYI: mentioned this in https://discourse.jupyter.org/t/planning-to-mentor-a-project-in-outreachy/3191 to try to better coordinate all communities involved.

In T243459#5836621, @Bstorm wrote:

Sorry, All Hands isn't helping me focus on this. I'll check on how it relates to T241019 today (and talk to people on that who might help me know what to do next here). I am finding my limited involvement in PAWS is not helping me scope these tasks out.

No problem @aborrero alerted me to All Hands on IRC.

When is the deadline for GSOC submission again? If it is right after this week, we might want to focus on Outreachy. Travel is getting in the way of things quite a bit for me.

February 5 19:00 UTC

For options:
In a way, I like the second option most because it isn't quite as dependent on building workarounds to the Kubernetes user security model. I think WMCS could deliver a service account appropriately limited to the task in a rebuilt PAWS cluster in coming quarters that would open that option nicely...but will it be in time?
It is harder to do damage to a cluster with volumes than it is with spinning up pods directly via crons.

Overall, I think with all of this I need to clarify my own understanding a bit to really say anything intelligent, and I'm not sure I have the time to dig in deeply this week. I will try a bit and talk to folks here.

Unless you feel otherwise I think we should hold this until y'all are back from All Hands. That likely means we go with Outreachy but it seems fine to me.

In T236446#5750583, @zhuyifei1999 wrote:

Google isn't responding (they probably don't have the incentive to), gonna wait for a few more days. If it stays like this, I'm gonna get a massive overhaul to how v2c download from YouTube. sneek peek: slimerjs + x11vnc

should this be a subtask of T241019?

Regarding the task idea:

In T243459#5826072, @aborrero wrote:

Also, to take into account: there are strong chances that I will be on vacations during next north hemisphere summer (Jun,Jul, Aug, Sept?) for a yet to be specified period of time, between 1 and 3 weeks.
We should make sure the relevant student aren't left "unattended" during that period.

That should not be an issue. I'm planning to be off for a two week period in May (around Wikimedia-Hackathon-2020), so we need to have plans ready before that, interns should not have started yet if I'm understanding the timeline correctly.

Seems to be missing a few edits I made a few hours ago with my bot https://xtools.wmflabs.org/autoedits-contributions/pt.wikipedia.org/ChicoBot v https://pt.wikipedia.org/wiki/Especial:Contribui%C3%A7%C3%B5es/ChicoBot

https://meta.wikimedia.org/w/index.php?title=Special:OAuthListConsumers/view/bf7eb39a895d1987ef9300b782fc948b&name=PAWS&publisher=&stage=-1 is the last one, probably not a lot of edits there though

How do we get the CIDs?
How to translate 0a73e346a40b07262b6e36bdba01cba4 to 429?

Maybe add PAWS and the OAuth consumer version as the client in the meantime?
BTW, there are 5 past PAWS OAuth consumers and I will (hopefully) soon move it to a sixth one (T243200).

This does not seem to be the underlying issue here, but PAWS will not have admin permissions. T192237

It has been a while, but I have a working script to add thanks links over at https://github.com/chicocvenancio/wiki_scripts/blob/gh-pages/thankLinksInWatchlist-pt.js It is localized to portuguese and doesn't quite handle genders properly right now, but if there is interest I could clean it up and add i18n for it.
I copied a few of the functions from ext.thanks and added the links manually to the dom.

Sure, makes sense.

@bd808 I don't think these are duplicates. As I understand T174469 is a backend problem that makes accounts that are not attached to Wikitech not have a way to reset passwords. This is more of a feature request to have some indication in Striker of how to reset passwords.

Adding a link to https://wikitech.wikimedia.org/wiki/Special:PasswordReset might be good enough to avoid confusion.

Thanks @Krenair

That was it, thanks @Phamhi.

having a separate OAuth flow

This is the part that is complicated in my view, specially doing this securely and with a good UX in PAWS.

Hey @Tgr, I'm not sure setting up automatic OAuth with the beta cluster is straightforward. The reason we can do it with the production wikis is we authenticate the user with them and just use the same OAuth tokens to pass to Pywikibot. As I understand it, there is no way to authenticate with production wikis and use that session with the beta-cluster, so we would need to setup a different authenticator for PAWS specifically for the beta-cluster, this is not impossible but I fear it is a significant amount of development and may create confusion for normal users.

Thanks for creating this ticket. The pod was stuck in terminating state in the node tools-paws-worker-1007 for the past couple of days. I removed it with kubectl -n prod delete pod jupyter--43riscod --force grace-period=0 perhaps someone with root access should check docker to see if/why the container is still running.

@Dominicbm I agree this is a great improvement for PAWS. Unfortunately I do not have the bandwidth to develop this for the foreseeable future and no other volunteers have stepped up.

@Kymybot ?

In T228500#5350594, @bd808 wrote:

I really want to get to <tool>.toolforge.org (T125589: Allow each tool to have its own subdomain for browser sandbox/cookie isolation), but we will still need to support tools.wmflabs.org/<tool> somehow. This might be something that we continue to do in a layer in front of the Kubernetes ingress though.

I've tested with and without the UserAgent, it sometimes works when defaulting to the SPARQLWrapper agent, but without looking at server logs and configuration I don't have much clue on why this is happening. Perhaps someone can investigate and tell us.

In T230135#5403134, @OlafJanssen wrote:

@Chicocvenancio Thanks for elegant your solution. I looked at https://stackoverflow.com/questions/10606133/sending-user-agent-using-requests-library-in-python

I added this the notebook, is that a valid approach as well? (I'm not experienced with this sort of stuff yet)

---

import requests

url = 'http://www.kb.nl'

headers = {

'User-Agent': 'My User Agent 1.0',
'From': 'olaf.janssen@kb.nl'  # This is another valid field

}

response = requests.get(url, headers=headers)

Indeed setting a different agent works. https://paws-public.wmflabs.org/paws-public/User:chicocvenancio/T230135.ipynb

This seems relevant https://github.com/RDFLib/sparqlwrapper/issues/139

BTW you can use a ! to run commands directly from the notebooks. IE use !pip install sparqlwrapper instead of using the terminal every server start. see https://paws-public.wmflabs.org/paws-public/User:chicocvenancio/T230135.ipynb

This seems to be an HTTP response from https://query.wikidata.org/

@Mohinem how are you trying to login? There is no login required for Wikimedia wikis.

It seems this is an artifact of the packages installed in the singleuser image clashing in some way. I don't know what packages are the source of this error and have not had the time to investigate this more closely.

In short, currently, don't.

@bd808 should we ask for a VPS project to have a subdomain we can verify ourselves or is there a way to verify tools.wmflabs.org itself?
I would think of having a simple proxy to Toolforge with nginx if a project is indeed necessary.

Not quite sure what happened, while it still shows up on @Jampo001's notebook. Trying again from PAWS just now got me no errors.

Sorry, this was in PAWS, so maybe something we're doing with Auth there is messing this up.

Finally tracked this being due to helm attempting to talk directly to k8s with the pod's serviceAccount instead of the Tiller one.
It works again.

Where are the project rooms?
The project rooms are on the 4th floor.