Page MenuHomePhabricator

bd808 (Bryan Davis)
Principal Software Engineer, Technical EngagementAdministrator

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Wednesday

  • Clear sailing ahead.

User Details

User Since
Oct 3 2014, 2:36 PM (442 w, 2 d)
Roles
Administrator
Availability
Available
IRC Nick
bd808
LDAP User
BryanDavis
MediaWiki User
BDavis (WMF) [ Global Accounts ]

I'm BDavis (WMF) on wiki, bd808 on irc, and BryanDavis on Gerrit and Wikitech.

I've got a thing for ๐Ÿฆ„s. Don't judge.

I work for or provide services to the Wikimedia Foundation, but this is my only Phabricator account. Edits, statements, or other contributions made from this account are my own, and may not reflect the views of the Foundation.

Recent Activity

Fri, Mar 24

bd808 awarded T332955: [maintain-dbusers] Generate prometheus metrics a Love token.
Fri, Mar 24, 9:08 AM ยท Patch-For-Review, cloud-services-team (FY2022/2023-Q3), Cloud-VPS

Thu, Mar 23

bd808 added a comment to T332906: Cloud Services: introduce feedback in webpages for some of our services.

The footer for Striker is:

Screen Shot 2023-03-23 at 4.51.22 PM.png (160ร—1 px, 31 KB)

I would consider "Issues" to be the equivalent of "feedback". Is that an incorrect assumption? If so could there be a bit more detail provided on what would satisfy this task?

Thu, Mar 23, 3:53 PM ยท Cloud Services Proposals
bd808 added a comment to T332904: Toolforge: consider introducing some kind of CLI feedback reporting tool.

Do we have any known requests from the community for such a tool as a replacement/enhancment for irc + mailing list + phabricator?

Thu, Mar 23, 3:50 PM ยท Toolforge
bd808 added a project to T332777: Request creation of "dump-references-processor" VPS project: cloud-services-team.

+1 from me as a Cloud VPS admin to proceed with creating this project

Thu, Mar 23, 9:21 AM ยท cloud-services-team, WMDE-TechWish, Cloud-VPS (Project-requests)
bd808 moved T332777: Request creation of "dump-references-processor" VPS project from Inbox to Clinic Duty on the cloud-services-team board.
Thu, Mar 23, 9:21 AM ยท cloud-services-team, WMDE-TechWish, Cloud-VPS (Project-requests)
bd808 added a comment to T332777: Request creation of "dump-references-processor" VPS project.

My expectation of continuing to reuse the allocation was based on real-world observation of other projects I'm involved in, but it makes sense that there's a trade-off between hardware resources and staff overhead...

Thu, Mar 23, 9:17 AM ยท cloud-services-team, WMDE-TechWish, Cloud-VPS (Project-requests)

Wed, Mar 22

bd808 added a comment to T332798: [maintain-dbusers] When creating accounts, the script bails out processing other accounts if one of them fails in an unexpected way.

Fail fast has basically always been the behavior of maintain-dbusers. The historic fix would be one of delete the broken account (test-abogott5) or correct whatever is causing the account's failure.

Wed, Mar 22, 4:39 PM ยท cloud-services-team, Toolforge
bd808 added a comment to T332777: Request creation of "dump-references-processor" VPS project.

Per https://wikitech.wikimedia.org/wiki/Help:Cloud_VPS_project#Reviews_of_Cloud_VPS_Project_requests:

The majority of project requests are approved, but there are some things which will cause further discussion:
...
"Umbrella" projects with a broad scope, such as all the work to be done by an engineering team or a large problem space.

"Umbrella" projects with broad scopes are difficult to track over time because of organizational changes and lack of continuity in ownership.
Wed, Mar 22, 2:56 PM ยท cloud-services-team, WMDE-TechWish, Cloud-VPS (Project-requests)

Tue, Mar 21

bd808 changed the subtype of T332674: Build user interface for patrolling that borrows the best workflows from RTRC tool from "Task" to "Feature Request".

I have thought about this before, but while I was patrolling today I ended up wanting very much to have in-line diffs and consistent click targets to make the process a bit quicker.

Tue, Mar 21, 9:38 AM ยท Toolhub
bd808 created T332674: Build user interface for patrolling that borrows the best workflows from RTRC tool.
Tue, Mar 21, 9:37 AM ยท Toolhub

Mon, Mar 20

bd808 added a comment to T332579: Mark all alerts as read.

Similar to, but not exactly the same as T316832: Mark notifs about approved/declined membership requests as read for all admins. Although I would have a hunch that if T316832 were implemented most admins would not feel the need for a "ignore this backlog because it is too deep" button. :)

Mon, Mar 20, 9:56 PM ยท Striker
bd808 added a comment to T224892: Installing the striker role fails with " Couldn't load manifest 'staticfiles.json'".

Seriously? Could this like be updated in documentation?

Mon, Mar 20, 9:54 PM ยท Striker, MediaWiki-Vagrant
bd808 added a parent task for T144713: Add a web shell allowing people to perform actions as their tool from striker: T332480: Make it possible to maintain Toolforge tools via an easy-to-use web interface instead of a command-line one.
Mon, Mar 20, 10:17 AM ยท Striker
bd808 added a subtask for T332480: Make it possible to maintain Toolforge tools via an easy-to-use web interface instead of a command-line one: T144713: Add a web shell allowing people to perform actions as their tool from striker.
Mon, Mar 20, 10:17 AM ยท Striker
bd808 added a comment to T332480: Make it possible to maintain Toolforge tools via an easy-to-use web interface instead of a command-line one.

T144713: Add a web shell allowing people to perform actions as their tool from striker could be considered a duplicate of this or a specific implementation of the desired feature. For now I think I will make this task a parent to that older task and we can continue to explore what the "best" solution is to the general problem.

Mon, Mar 20, 10:17 AM ยท Striker
bd808 closed T224892: Installing the striker role fails with " Couldn't load manifest 'staticfiles.json'" as Declined.

The mediawiki-vagrant powered development environment is no longer supported.

Mon, Mar 20, 10:14 AM ยท Striker, MediaWiki-Vagrant
bd808 awarded T332480: Make it possible to maintain Toolforge tools via an easy-to-use web interface instead of a command-line one a Love token.
Mon, Mar 20, 10:12 AM ยท Striker
bd808 added a comment to T281003: Not all legacy tools are in the legacy_redirector.lua configuration.
Mon, Mar 20, 10:02 AM ยท User-bd808, cloud-services-team (Kanban), Toolforge

Fri, Mar 17

bd808 created E1625: Technical Engagement offsite - Berlin.
Fri, Mar 17, 10:05 PM ยท events
bd808 closed T332100: Move @wikimedia_sal@mastodon.social off mastodon.social as Resolved.

https://botsin.space/@wikimedia_sal

Fri, Mar 17, 8:10 PM ยท User-bd808, Stashbot

Thu, Mar 16

bd808 added a comment to T332290: [backend] Set up auto-updates on Toolforge.

T321919: Figure out and document how to call the Kubernetes API as your tool user from inside a pod has some information on possible ways for to interact with the Toolforge Kubernetes API from inside the Kubernetes cluster.

Thu, Mar 16, 8:33 PM ยท Toolhunt
bd808 added a comment to T332290: [backend] Set up auto-updates on Toolforge.

Make sure to read the warnings on that page about how this can fail. Also be aware that the community provided guidance on that page for a Python service is incomplete. The uwsgi container must be restarted for source code changes to take effect. The missing step would be to call the Kubernetes API to kill the running container or otherwise affect the termination of the active pod and creation of a new one. PHP reads files from disk again for each requests which makes that workflow simpler.

Thu, Mar 16, 8:30 PM ยท Toolhunt
bd808 committed rLTST7b492631a2af: mastodon: mark toots as "unlisted" (authored by bd808).
mastodon: mark toots as "unlisted"
Thu, Mar 16, 8:17 PM
bd808 changed the status of T332100: Move @wikimedia_sal@mastodon.social off mastodon.social from Stalled to In Progress.

Account was approved.

Thu, Mar 16, 12:48 AM ยท User-bd808, Stashbot
bd808 closed T332198: Upgrade Toolforge deployment to use Python 3.9 as Resolved.
Thu, Mar 16, 12:47 AM ยท User-bd808, Stashbot
bd808 committed rLTST8f2ff05dd9bf: requirements: Pin elasticsearch to FOSS versions (authored by bd808).
requirements: Pin elasticsearch to FOSS versions
Thu, Mar 16, 12:45 AM

Wed, Mar 15

bd808 committed rLTST1390137296d5: Switch to python 3.9 runtime (authored by bd808).
Switch to python 3.9 runtime
Wed, Mar 15, 11:51 PM
bd808 committed rLTSTc13aaf5f8aaf: Move entry point script into stashbot module (authored by bd808).
Move entry point script into stashbot module
Wed, Mar 15, 11:51 PM
bd808 committed rLTSTe7174e0c251a: README: update install instructions and license display (authored by bd808).
README: update install instructions and license display
Wed, Mar 15, 11:51 PM
bd808 committed rLTSTe8a5e8e5056e: dotfiles: guard against errors when loading kubectl completion (authored by bd808).
dotfiles: guard against errors when loading kubectl completion
Wed, Mar 15, 11:48 PM
bd808 added a comment to T332220: Acquire enwp.org.

This is not a declaration that this is a good idea, but if I understand the current enwp.org behavior, I think this would replace it:

diff --git i/modules/ncredir/files/nc_redirects.dat w/modules/ncredir/files/nc_redirects.dat
index dc52c09013..bbcc31d1d3 100644
--- i/modules/ncredir/files/nc_redirects.dat
+++ w/modules/ncredir/files/nc_redirects.dat
@@ -115,6 +115,7 @@ rewrite *wikimediaenterprise.com    https://enterprise.wikimedia.com
Wed, Mar 15, 11:29 PM ยท Traffic, SRE, Domains
bd808 added a comment to T261988: Separate secrets from config at rest so main config can be public.

Apparently envvars can be used to override some settings. This could be combined with the idea of using k8s secrets for storage as well by using https://kubernetes.io/docs/tasks/inject-data-application/distribute-credentials-secure/#configure-all-key-value-pairs-in-a-secret-as-container-environment-variables.

Wed, Mar 15, 10:52 PM ยท Tool-bridgebot
bd808 added a comment to T332226: Telegram channels with message per user rate limits can lose IRC messages.

Reported upstream as https://github.com/42wim/matterbridge/issues/2020

Wed, Mar 15, 9:56 PM ยท Upstream, Tool-bridgebot
bd808 committed rLTST25a012ea4b31: dev: Bump expected python to 3.9 (authored by bd808).
dev: Bump expected python to 3.9
Wed, Mar 15, 9:51 PM
bd808 committed rLTST7d354e4c8d0c: dev: simplify tox.ini (authored by bd808).
dev: simplify tox.ini
Wed, Mar 15, 9:51 PM
bd808 committed rLTST83a7b16ee4e5: dev: replace nose with pytest (authored by bd808).
dev: replace nose with pytest
Wed, Mar 15, 9:51 PM
bd808 added a project to T332226: Telegram channels with message per user rate limits can lose IRC messages: Upstream.

I think I have found a workaround for this. I granted the wm-bridegbot user a custom admin role in the Telegram chat. This seems to allow it to bypass the slow mode restriction. The custom role is titled "bot" and has all of the "what can this admin do?" toggles turned off.

Wed, Mar 15, 9:20 PM ยท Upstream, Tool-bridgebot
bd808 added a comment to T332226: Telegram channels with message per user rate limits can lose IRC messages.

Matterbridge's IRC handler has a MessageDelay knob that can be used to avoid rate limits. Unfortunately the Telegram handler does not have an equivalent function.

Wed, Mar 15, 9:05 PM ยท Upstream, Tool-bridgebot
bd808 created T332226: Telegram channels with message per user rate limits can lose IRC messages.
Wed, Mar 15, 8:56 PM ยท Upstream, Tool-bridgebot
bd808 changed the status of T332198: Upgrade Toolforge deployment to use Python 3.9 from Open to In Progress.
Wed, Mar 15, 6:15 PM ยท User-bd808, Stashbot
bd808 moved T332198: Upgrade Toolforge deployment to use Python 3.9 from Backlog to Accepted on the Stashbot board.
Wed, Mar 15, 6:15 PM ยท User-bd808, Stashbot
bd808 changed the status of T332100: Move @wikimedia_sal@mastodon.social off mastodon.social from Open to Stalled.

I have requested an account for the bot at botsin.space. They have a manual moderation queue for new accounts, so things are stalled until the account is approved or rejected upstream.

Wed, Mar 15, 5:05 PM ยท User-bd808, Stashbot
bd808 created T332198: Upgrade Toolforge deployment to use Python 3.9.
Wed, Mar 15, 4:41 PM ยท User-bd808, Stashbot
bd808 added a comment to T332100: Move @wikimedia_sal@mastodon.social off mastodon.social.

I think I should probably make the bot's toots unlisted too to avoid boring instance timeline clutter.

Wed, Mar 15, 4:28 PM ยท User-bd808, Stashbot
bd808 added a comment to T332100: Move @wikimedia_sal@mastodon.social off mastodon.social.

Stashbot does "own" the account. Moving to botsin.space because of defederation concerns seems reasonable.

Wed, Mar 15, 4:09 PM ยท User-bd808, Stashbot
bd808 added a comment to T325756: Allow wmcs cookbooks running on cloudcuminXXXX to write to the SAL.

Basically wm-bot serves the same relay bot role in the WMCS SAL logging path as logmsgbot does for wiki cluster SAL logging: app - โ†’ relay bot - โ†’ irc - โ†’ stashbot - โ†’ wikitech + sal.toolforge.org

Wed, Mar 15, 3:34 PM ยท cloud-services-team, Infrastructure-Foundations, SRE-tools

Tue, Mar 14

bd808 committed R2333:b1015983539b: dev: configure tox for py39 and black (authored by bd808).
dev: configure tox for py39 and black
Tue, Mar 14, 11:06 PM
bd808 committed R2333:9596b6bfc811: ci: Use cloud/cicd config to run tox (authored by bd808).
ci: Use cloud/cicd config to run tox
Tue, Mar 14, 11:06 PM
bd808 committed R2333:c84679bb68c5: dbconn: Use toolforge.toolsdb() (authored by bd808).
dbconn: Use toolforge.toolsdb()
Tue, Mar 14, 11:06 PM
bd808 committed R2333:3ec6410af123: dev: Format files with black (authored by bd808).
dev: Format files with black
Tue, Mar 14, 11:06 PM
bd808 added a comment to T331820: Upstream caches: 404.
WARNING: random speculation ahead!
Tue, Mar 14, 10:14 PM ยท SRE, Thumbor, SRE-swift-storage, Commons
bd808 added a comment to T331820: Upstream caches: 404.
#wikimedia-tech 2023-03-14
[16:39]  <  roy649_> When a do a get onย https://upload.wikimedia.org/wikipedia/commons/thumb/b/b2/Pete_Sutherland_playing_at_Bristol_town_tribute_%28cropped%29.jpg/280px-Pete_Sutherland_playing_at_Bristol_town_tribute_%28cropped%29.jpg, I get "Our servers are currently under maintenance or experiencing a technical problem. Please try again in a few minutes."
[16:39]  <  roy649_> Just in case this isn't already a known issue.
[16:40]  <  roy649_> Request from 2600:4041:51ec:c500:fdcb:d9c7:57cb:3c21 via cp1090 cp1090, Varnish XID 716451937
[16:40]  <  roy649_> Upstream caches: cp1090 int
[16:40]  <  roy649_> Error: 404, Not Found at Tue, 14 Mar 2023 16:38:25 GMT
[16:58]  <AntiComposite> works for me
Tue, Mar 14, 10:07 PM ยท SRE, Thumbor, SRE-swift-storage, Commons
bd808 added a comment to T320794: Extend LDAP to allow storing all necessary attributes.

We actually have uid, cn and sn which are all by default set to the developer account username.

Tue, Mar 14, 6:22 PM ยท Infrastructure-Foundations, SRE
bd808 added a comment to T320794: Extend LDAP to allow storing all necessary attributes.

Attributes we will be needing:

  • wikimediaGlobalAccountName (MediaWiki SUL account name) (optional)
Tue, Mar 14, 4:06 PM ยท Infrastructure-Foundations, SRE
bd808 added a comment to T331841: [backend] Get Celery and Redis running.
  1. kubectl get pods to see if a toolhunt-api.worker pod exists
  2. if it does, kill it with kubectl delete deploy toolhunt-api.worker
  3. spin up a new pod with kubectl create --validate=true -f $HOME/www/python/src/deployment.yaml
Tue, Mar 14, 3:46 PM ยท Toolhunt, User-Slst2020, Outreachy (Round 25)

Mon, Mar 13

bd808 created T331943: https://gitlab.wikimedia.org/repos/releng/gitlab-phabricator needs a LICENSE file.
Mon, Mar 13, 11:46 PM ยท Release-Engineering-Team, User-brennen, Software-Licensing, GitLab (Integrations)
bd808 added a hashtag to GitLab (Integrations): #gitlab-integrations.
Mon, Mar 13, 11:39 PM
bd808 committed R2073:0f400c549d56: project: create exclusive sets of users based on descending "power" (authored by bd808).
project: create exclusive sets of users based on descending "power"
Mon, Mar 13, 11:27 PM
bd808 committed R2073:5682beff0dc5: keystone: Do not assume that each user has only one role (authored by bd808).
keystone: Do not assume that each user has only one role
Mon, Mar 13, 11:27 PM
bd808 committed R2073:cbace9dcfcb7: black: bump target Python version to 3.9 (authored by bd808).
black: bump target Python version to 3.9
Mon, Mar 13, 11:24 PM
bd808 committed R2073:6d0402ac2d1c: pyenv: ignore .python-version file (authored by bd808).
pyenv: ignore .python-version file
Mon, Mar 13, 11:24 PM
bd808 committed R2073:2bf2a4f48d2f: project: create exclusive sets of users based on descending "power" (authored by bd808).
project: create exclusive sets of users based on descending "power"
Mon, Mar 13, 11:10 PM
bd808 committed R2073:04d836a8cac1: keystone: Do not assume that each user has only one role (authored by bd808).
keystone: Do not assume that each user has only one role
Mon, Mar 13, 11:10 PM
bd808 committed R2073:394ff3cea539: dev: format files with black (authored by bd808).
dev: format files with black
Mon, Mar 13, 11:01 PM
bd808 committed R2073:9f40c215c019: dev: format files with black (authored by bd808).
dev: format files with black
Mon, Mar 13, 10:54 PM
bd808 committed R2073:f7bf3a1697fa: Add tox CI runner from https://gitlab.wikimedia.org/repos/cloud/cicd/gitlab-ci (authored by bd808).
Add tox CI runner from https://gitlab.wikimedia.org/repos/cloud/cicd/gitlab-ci
Mon, Mar 13, 10:49 PM
bd808 added a project to T331933: Release plan for Better Diff improvements (rough plan): Better-Diffs-2023.
Mon, Mar 13, 9:45 PM ยท Community-Tech, MediaWiki-Page-diffs, wikidiff2, Better-Diffs-2023
bd808 committed R2073:724ecdf37978: project: create exclusive sets of users based on descending "power" (authored by bd808).
project: create exclusive sets of users based on descending "power"
Mon, Mar 13, 9:14 PM
bd808 committed R2073:bafb61ead720: project: create exclusive sets of users based on descending "power" (authored by bd808).
project: create exclusive sets of users based on descending "power"
Mon, Mar 13, 9:00 PM
bd808 added a comment to T330759: Modernize openstack rbac.

This revert is due to T331674: Some tool maintainers not showing in Striker UI following config change where it became clear to me that we have not yet changed the Keystone database to grant everyone the new roles (which I somehow thought had been done). At least in the tools project (Toolforge) the migration is half done. Users who had 'projectadmin' now have 'member', but 'user' has not yet been converted to 'reader'.

Mon, Mar 13, 5:44 PM ยท Patch-For-Review, cloud-services-team, Cloud-VPS
bd808 closed T331674: Some tool maintainers not showing in Striker UI following config change, a subtask of T330759: Modernize openstack rbac, as Resolved.
Mon, Mar 13, 5:40 PM ยท Patch-For-Review, cloud-services-team, Cloud-VPS
bd808 closed T331674: Some tool maintainers not showing in Striker UI following config change as Resolved.
Mon, Mar 13, 5:40 PM ยท User-bd808, Striker
bd808 committed rWDPOa5759322ee5b: tracking: Allow piwik.wm.o as img-src in CSP header (authored by bd808).
tracking: Allow piwik.wm.o as img-src in CSP header
Mon, Mar 13, 4:43 PM

Fri, Mar 10

bd808 committed rWDPOfc6280880269: tracking: Add Matomo (authored by apaskulin).
tracking: Add Matomo
Fri, Mar 10, 9:56 PM
bd808 updated the task description for T331674: Some tool maintainers not showing in Striker UI following config change.
Fri, Mar 10, 9:02 PM ยท User-bd808, Striker
bd808 committed R2073:d6e2475f7dd5: keystone: Do not assume that each user has only one role (authored by bd808).
keystone: Do not assume that each user has only one role
Fri, Mar 10, 8:59 PM
bd808 added a comment to T331674: Some tool maintainers not showing in Striker UI following config change.
[16:37]  <    bd808> ah! I think my code is to blame!
[16:38]  <    bd808> It seems to memoize and assume that each user only has one role!
[16:38]  <andrewbogott> that would do it :)
[16:38]  <    taavi> oh of course, I even had the exact same issue with openstack-browser :D
[16:38]  <    bd808> yeah, I think this is the bug. it's in Striker'sย openstack.pyย and the users_by_role() method
[16:39]  <    bd808> because the client was copied from strikerย taaviย :)
[16:40]  <andrewbogott> welp, I tried to provide a graceful transition by leaving the old roles in place and that just made it worse :)
Fri, Mar 10, 4:44 PM ยท User-bd808, Striker
โ€ข taavi awarded T331684: Provide a means to introduce "skew" for scheduled jobs to avoid thundering herd problems a Stroopwafel token.
Fri, Mar 10, 9:59 AM ยท Toolforge Jobs framework
bd808 created T331684: Provide a means to introduce "skew" for scheduled jobs to avoid thundering herd problems.
Fri, Mar 10, 1:36 AM ยท Toolforge Jobs framework

Thu, Mar 9

bd808 updated the task description for T331674: Some tool maintainers not showing in Striker UI following config change.
Thu, Mar 9, 11:32 PM ยท User-bd808, Striker
bd808 moved T331674: Some tool maintainers not showing in Striker UI following config change from To Do to Needs Review/Feedback on the User-bd808 board.
Thu, Mar 9, 11:28 PM ยท User-bd808, Striker
bd808 added a comment to T331674: Some tool maintainers not showing in Striker UI following config change.
[22:42]  <    bd808> kindrobot: I think you should be able to create a phab board with Striker now.
[22:42]  <    bd808> I can see you listed onย https://toolsadmin.wikimedia.org/tools/id/ducttapeย at least
[22:52]  <kindrobot> It worked! :D
Thu, Mar 9, 11:26 PM ยท User-bd808, Striker
bd808 added a comment to T331674: Some tool maintainers not showing in Striker UI following config change.
NOTE: with the current production config, Toolforge members show in Striker and admins do not. This is because the role migration is half done with 'projectadmin' having been replaced in Keystone with 'member' but 'user' not yet having been replaced with 'reader'.
Thu, Mar 9, 11:04 PM ยท User-bd808, Striker
bd808 updated subscribers of T331674: Some tool maintainers not showing in Striker UI following config change.

Rolling back to the prior settings.OPENSTACK_USER_ROLE and settings.OPENSTACK_ADMIN_ROLE values has fixed the issue with non-admin users not showing in the UI. It should also fix the originally reported issue of failing to find Phabricator accounts for maintainers. That was caused by the maintainer list being empty due to the config mismatch. Luckily all of this was a client configuration issue without any data loss in the canonical LDAP storage.

Thu, Mar 9, 10:49 PM ยท User-bd808, Striker
bd808 renamed T331674: Some tool maintainers not showing in Striker UI following config change from Some tool maintainers not showing in Striker UI to Some tool maintainers not showing in Striker UI following config change.
Thu, Mar 9, 10:43 PM ยท User-bd808, Striker
bd808 added a comment to T330759: Modernize openstack rbac.

Change 896031 merged by Legoktm:

[operations/puppet@production] Revert "striker: Bump container version to 2023-03-09-005633-production"

https://gerrit.wikimedia.org/r/896031

Thu, Mar 9, 10:39 PM ยท Patch-For-Review, cloud-services-team, Cloud-VPS
bd808 added a subtask for T330759: Modernize openstack rbac: T331674: Some tool maintainers not showing in Striker UI following config change.
Thu, Mar 9, 10:24 PM ยท Patch-For-Review, cloud-services-team, Cloud-VPS
bd808 added a parent task for T331674: Some tool maintainers not showing in Striker UI following config change: T330759: Modernize openstack rbac.
Thu, Mar 9, 10:24 PM ยท User-bd808, Striker
bd808 added a comment to T331674: Some tool maintainers not showing in Striker UI following config change.
>>> from striker.tools import cache
>>> users = cache.get_openstack_users()
>>> users.keys()
dict_keys(['glanceadmin', 'heat_stack_owner', 'admin', 'member', 'projectadmin', 'designateadmin', 'heat_stack_user', 'keystonevalidate', 'user', 'reader'])
>>> for role in users.keys():
...     print(role, len(users[role]))
...
glanceadmin 0
heat_stack_owner 0
admin 0
member 26
projectadmin 0
designateadmin 1
heat_stack_user 0
keystonevalidate 0
user 2406
reader 0

We changed the settings before the backing database for Keystone was updated. :/

Thu, Mar 9, 10:20 PM ยท User-bd808, Striker
bd808 added a comment to T331674: Some tool maintainers not showing in Striker UI following config change.

We changed the values of settings.OPENSTACK_USER_ROLE and settings.OPENSTACK_ADMIN_ROLE today with https://gerrit.wikimedia.org/r/c/labs/striker/+/895140. This feels like the likely cause of strange behaviors. It may be entirely in this custom manager's _get_tool_users implementation:

class MaintainerManager(models.Manager):
    def _get_tool_users(self):
        if settings.TEST_MODE:
            # Hack to keep from trying to talk to openstack API from django
            # test harness
            return []
        users = cache.get_openstack_users()
        return (
            users[settings.OPENSTACK_USER_ROLE] +
            users[settings.OPENSTACK_ADMIN_ROLE]
        )
Thu, Mar 9, 10:13 PM ยท User-bd808, Striker
bd808 updated subscribers of T331674: Some tool maintainers not showing in Striker UI following config change.
$ python3 manage.py shell
>>> from striker.tools.models import Tool
>>> ducttape = Tool.objects.get(cn='tools.ducttape')
>>> ducttape.maintainer_ids()
['kindrobot']
>>> ducttape.maintainers()
<QuerySet []>
>>> from striker.tools.models import Maintainer
>>> Maintainer.objects.get(uid='kindrobot')
Traceback (most recent call last):
  File "<console>", line 1, in <module>
  File "/opt/lib/python/site-packages/django/db/models/manager.py", line 82, in manager_method
    return getattr(self.get_queryset(), name)(*args, **kwargs)
  File "/opt/lib/python/site-packages/django/db/models/query.py", line 408, in get
    self.model._meta.object_name
striker.tools.models.Maintainer.DoesNotExist: Maintainer matching query does not exist.
>>> Maintainer.objects.get(uid='bd808')
<Maintainer: BryanDavis>
Thu, Mar 9, 10:09 PM ยท User-bd808, Striker
bd808 changed the status of T331674: Some tool maintainers not showing in Striker UI following config change from Open to In Progress.
Thu, Mar 9, 10:03 PM ยท User-bd808, Striker
bd808 created T331674: Some tool maintainers not showing in Striker UI following config change.
Thu, Mar 9, 10:03 PM ยท User-bd808, Striker
bd808 reassigned T330421: Add the EUPL to the list of Licenses from bd808 to MarcoAurelio.
Thu, Mar 9, 8:47 PM ยท User-MarcoAurelio, User-bd808, Striker
bd808 closed T330421: Add the EUPL to the list of Licenses as Resolved.
$ ssh cloudweb1003.wikimedia.org
$ cd ~/projects/striker
$ ./debug-striker.sh -it --entrypoint=/bin/bash
$ python3 manage.py loaddata software_license.json
Installed 33 object(s) from 1 fixture(s)

license dropdown showing EUPL-1.2-only and EUPL-1.2-or-later in the options

Thu, Mar 9, 7:12 PM ยท User-MarcoAurelio, User-bd808, Striker
bd808 committed R1959:a7f4c36b49c4: Update CI config (authored by bd808).
Update CI config
Thu, Mar 9, 3:30 AM
bd808 committed R1959:f9de1055d20e: help: Fix URL escaping of third example (authored by LucasWerkmeister).
help: Fix URL escaping of third example
Thu, Mar 9, 3:30 AM

Wed, Mar 8

bd808 renamed T331572: maintain-kubeusers container in CrashLoopBackoff preventing new tool creation after 'user-maintainer' ClusterRole changes from maintain-kubeusers container in CrashLoopBackoff preventing new tool creation to maintain-kubeusers container in CrashLoopBackoff preventing new tool creation after 'user-maintainer' ClusterRole changes.
Wed, Mar 8, 10:37 PM ยท cloud-services-team, Toolforge
bd808 updated subscribers of T331572: maintain-kubeusers container in CrashLoopBackoff preventing new tool creation after 'user-maintainer' ClusterRole changes.

The service is working again because I live hacked the missing podsecuritypolicies grants back into the user-maintainer clusterrole, but this will break again as soon as someone runs the helm deploy for maintain-kubeusers.

Wed, Mar 8, 10:37 PM ยท cloud-services-team, Toolforge
bd808 added a subtask for T286856: Upgrade Toolforge Kubernetes to latest 1.22: T331572: maintain-kubeusers container in CrashLoopBackoff preventing new tool creation after 'user-maintainer' ClusterRole changes.
Wed, Mar 8, 10:36 PM ยท cloud-services-team, Toolforge