Freeze break request: Hotfix mirrormanager1 logs
by Stephen John Smoogen
Trying to figure out why mirrormanager front end and back end are not
tracking the same number of requests
diff --git a/roles/mirrorlist/tasks/main.yml
b/roles/mirrorlist/tasks/main.yml
index 348eb2a..207c0c6 100644
--- a/roles/mirrorlist/tasks/main.yml
+++ b/roles/mirrorlist/tasks/main.yml
@@ -12,6 +12,14 @@
tags:
- packages
+# Put in the HOTFIX
+- name: HOTFIX mirrorlist_server.py
+ src=mirrorlist_server.py
dest=/usr/share/mirrormanager/mirrorlist-server/mirrorlist_server.py
+ tags:
+ - files
+ notify:
+ - restart httpd
+
# mirrormanager user ssh key(s)
- name: add authorized_keys for mirrormanager
authorized_key: key="{{ item }}" user=mirrormanager state=present
commit d4329c3c80114afd2de2acef5d410a67da655410
Author: Stephen Smoogen <smooge(a)redhat.com>
Date: Fri Dec 5 21:08:20 2014 +0000
update to patched version which adds additional logs
diff --git a/roles/mirrorlist/files/mirrorlist_server.py
b/roles/mirrorlist/files/mirrorlist_server.py
index 4bde704..118ff4c 100755
--- a/roles/mirrorlist/files/mirrorlist_server.py
+++ b/roles/mirrorlist/files/mirrorlist_server.py
@@ -662,7 +662,9 @@ def do_mirrorlist(kwargs):
ip_str = kwargs['IP'].strNormal()
except:
ip_str = 'Unknown IP'
- log_string = "mirrorlist: %s found its best mirror from %s" % (ip_str,
where_string)
+
+ pid = str(os.getpid())
+ log_string = "mirrorlist(%s): %s found its best mirror from %s (%s)" %
(pid, ip_str, where_string, header)
syslogger.info(log_string)
hosts_and_urls = append_path(allhosts, cache, file,
pathIsDirectory=pathIsDirectory)
--
Stephen J Smoogen.
9 years, 4 months
Freeze break request: Add JSOpenID to apps.fp.o/global
by Patrick Uiterwijk
Hi all,
I would like to add the JSOpenID javascript to apps.fp.o.
The JSOpenID.js is exactly the same as in github (https://github.com/fedora-infra/JSOpenID).
Could I get +1's?
>From 80abd64f0f1e4771475b70eccd72a5f2160ab6c0 Mon Sep 17 00:00:00 2001
From: Patrick Uiterwijk <puiterwijk(a)redhat.com>
Date: Fri, 5 Dec 2014 14:50:45 +0000
Subject: [PATCH] Add apps.fp.o/global and add JSOpenID to that
---
modules/apps-fp-o/files/global/jsopenid.js | 83 ++++++++++++++++++++++++++++
modules/apps-fp-o/manifests/init.pp | 10 +++
2 files changed, 93 insertions(+), 0 deletions(-)
create mode 100644 modules/apps-fp-o/files/global/jsopenid.js
diff --git a/modules/apps-fp-o/files/global/jsopenid.js b/modules/apps-fp-o/files/global/jsopenid.js
new file mode 100644
index 0000000..47d0f9c
--- /dev/null
+++ b/modules/apps-fp-o/files/global/jsopenid.js
@@ -0,0 +1,83 @@
+/**
+ * Copyright (c) 2014, Patrick Uiterwijk <puiterwijk(a)redhat.com>
+ * All rights reserved.
+ *
+ * This file is part of JSOpenID.
+ *
+ * JSOpenID is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * JSOpenID is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with JSOpenID. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+function respondToLogin(targetOrigin, success, data)
+{
+ // From an iframe, window.parent == parent window
+ // So if we don't have a window.parent, we're certainly not an iframe
+ if(window.parent != null)
+ {
+ // If we don't have this element in the parent window, this is not an auth iframe
+ if(window.parent.document.getElementById('jsopenid_ifrm') != null)
+ {
+ window.parent.postMessage({"success": success,
+ "data": data},
+ targetOrigin);
+ }
+ }
+}
+
+function tryBackgroundLogin(login_url, callback_success, callback_failed)
+{
+ if(window.parent != null)
+ {
+ // Check if we are called recursively (from within a login attempt)
+ if(window.parent.document.getElementById('jsopenid_ifrm') != null)
+ {
+ return;
+ }
+ }
+
+ // Create the iframe we are going to use
+ ifrm = document.createElement('iframe');
+ ifrm.id = 'jsopenid_ifrm';
+ ifrm.src = login_url;
+ ifrm.style.width = 0;
+ ifrm.style.height = 0;
+ ifrm.style.visibility = "hidden";
+
+ // Set up for pingbacks
+ window.addEventListener('message', function(event)
+ {
+ // We don't check don't check event.origin, as it wouldn't add anything worthwhile
+ // This would prevent a rogue website from saying "The user is now logged in", but we should *never* trust this anyway
+ // This whole library is only for user convenience
+ if(event.source != ifrm.contentWindow)
+ {
+ // Ignoring response from someone unexpected
+ return;
+ }
+ document.body.removeChild(ifrm);
+ if(event.data["success"])
+ {
+ callback_success(event.data["data"]);
+ }
+ else
+ {
+ if(callback_failed != null)
+ {
+ callback_failed(event.data["data"]);
+ }
+ }
+ }, false);
+
+ // HIT IT!
+ document.body.appendChild(ifrm);
+}
diff --git a/modules/apps-fp-o/manifests/init.pp b/modules/apps-fp-o/manifests/init.pp
index 4736078..0b26e6e 100644
--- a/modules/apps-fp-o/manifests/init.pp
+++ b/modules/apps-fp-o/manifests/init.pp
@@ -35,4 +35,14 @@ define apps-fp-o::proxy(
subscribe => File["/usr/share/apps-fp-o/apps.yaml"],
refreshonly => true
}
+
+ file { "/usr/share/apps-fp-o/global/":
+ owner => "root",
+ group => "root",
+ ensure => present,
+ source => "puppet:///apps-fp-o/global/",
+ require => Package['apps-fp-o'],
+ recurse => true,
+ purge => true
+ }
}
--
1.7.2.1
With kind regards,
Patrick Uiterwijk
Associate Software Engineer, Red Hat
9 years, 4 months
freeze break request: delete .tx/config to pull po files automatically
by Robert Mayr
Hi all,
we need to delete the /var/lib/transifex-client/.tx/config file on bapp,
which should execute directly syncTranslations.sh on puppet
(fedora-web/files), if not it gets executed at next cron-job.
Doing so re-creates all transifex resources, included the new getfedora.org
resource, in /var/tmp/po_dir/, needed to pull pos automatically once a day.
The procedure has been already tested on app01.stg and worked as expected.
Actually we are pulling the pos manually, but we'd need to be sure this
automatic process works smooth before releasing F21.
Any +1's or concerns?
Thank you.
--
Robert Mayr
(robyduck)
9 years, 4 months
freeze break: drop python-bugzilla hotfix
by Kevin Fenzi
We currently have a hotfix for python-bugzilla in puppet.
This is breaking the newer version of python-bugzilla that reviewstatus
uses. ie, if we update to the newer version it's got this hotfix
against the old version it breaks.
tibbs investigated and this hotfix is no longer needed against the
newer version.
So, I would like to drop the hotfix, and update to the new version and
see if reviewstats is happy as I hope it will be. It shouldn't affect
anything release blocking, but would be nice to fix.
Related ticket:
https://fedorahosted.org/fedora-infrastructure/ticket/4429
+1s?
kevin
--
diff --git a/modules/hotfix/manifests/init.pp b/modules/hotfix/manifests/init.pp
index a12b063..ae7850f 100644
--- a/modules/hotfix/manifests/init.pp
+++ b/modules/hotfix/manifests/init.pp
@@ -142,10 +142,6 @@ class hotfix::fas_client {
}
class hotfix::python-bugzilla {
- file { "/usr/lib/python2.6/site-packages/bugzilla/base.py":
- source => 'puppet:///hotfix/python-bugzilla/base.py',
- mode => '0644'
- }
}
class hotfix::python-logging {
9 years, 4 months
Freeze Break: add getfedora.org to production
by Kevin Fenzi
So, since many of us will be traveling later this week, I thought it
might be good to make getfedora.org live today or tomorrow.
This attached patch just makes it fully live in production with ssl
cert enabled.
We may want to redirect it to avoid people hitting it before release at
some point, but I think it would be good to have it enabled for now so
we could make sure it looks ok.
Note that spins is still built from master with this, so those spins
changes will need to be enabled before release.
+1s?
kevin
--
diff --git a/manifests/services/proxy.pp b/manifests/services/proxy.pp
index d85cb3d..fa68194 100644
--- a/manifests/services/proxy.pp
+++ b/manifests/services/proxy.pp
@@ -711,16 +711,20 @@ if $puppetEnvironment == 'staging'{
website => "id.stg.fedoraproject.org",
proxyurl => "http://localhost:10020",
}
+}
httpd::website { "getfedora.org":
ips => $fpo_ips,
server_aliases => [ "stg.getfedora.org" ],
+ ssl => true,
+ sslonly => true,
+ cert_name => "getfedora.org.cert",
+ sSLCertificateChainFile => "getfedora.org.intermediate.cert",
}
fedora-web::getfedora::proxy { "getfedora.org":
website => "getfedora.org"
}
-}
datagrepper::proxy { "apps.fedoraproject.org/datagrepper":
website => "apps.fedoraproject.org",
diff --git a/modules/fedora-web/files/syncStatic.sh b/modules/fedora-web/files/syncStatic.sh
index f0249a7..525f468 100644
--- a/modules/fedora-web/files/syncStatic.sh
+++ b/modules/fedora-web/files/syncStatic.sh
@@ -70,3 +70,10 @@ build boot.fedoraproject.org
build fedoracommunity.org
build fudcon.fedoraproject.org
build start.fedoraproject.org
+/usr/bin/git clean -q -fdx || exit 1
+/usr/bin/git reset -q --hard || exit 1
+/usr/bin/git checkout -q getfedora || exit 1
+/usr/bin/git pull -q --ff-only || exit 1
+build getfedora.org
+# Will need to update before f21 release
+#build spins.fedoraproject.org
9 years, 4 months
December status update for Fedora Infrastructure Apprentices
by Kevin Fenzi
Greetings.
You are getting this email because you are in the 'fi-apprentice' group
in the fedora account system (or are reading this on the
infrastructure list).
Feel free to reply just directly to me, or cc the infrastructure list
for everyone to see and comment on.
https://fedoraproject.org/wiki/Infrastructure_Apprentice
At the first of every month(or so), I am going to be sending out an
email like this one. I would like feedback on how things are going for
you.
I'd like to ask for everyone to send me a quick reply with the
following data or anything related you can think of that might help us
make the apprentice program more useful.
0. Whats your fedora account system login?
1. Have you logged in and used your fi-apprentice membership to look at
our machines/setup in the last month? Do you plan to?
2. Has it helped you decide any area you wish to focus on or contribute
to more?
3. Have you looked at or been able to work on any of the fi-apprentice
'easyfix' tickets?
https://fedorahosted.org/fedora-infrastructure/report/14
4. Do you still wish to be a member of the group? If not (for whatever
reason) could you provide any hints to help others down the road?
5. Is there any help or communication or ideas you have that would help
you do any of the above?
6. What do you find to be the hardest part of getting involved?
Finding things to work on? Getting attention from others to help you?
Finding tickets in your interest area?
7. Have you been able to make any weekly irc meetings? Do you find them
helpful or interesting?
8. Whats the best present you ever got?
Any other general feedback is also quite welcome, including
improvements to this email, the wiki page, etc.
Any folks I do not hear from in the next week will be removed from the
group. (Note that it's easy to be readded when you have time or
whatever and it's nothing at all personal, we just want to keep the
group up to date with active folks).
Thanks, and looking forward to your feedback!
kevin
9 years, 4 months
Meeting Agenda Item: Introduction Sim Ford
by Simeon Ford
Hello Everyone,
Long time Fedora user looking to give back to the project, meet some new
folks, and maybe learn a thing or two along the way.
I work as a SysAdmin out of Nashville, TN. My focus lately has been on
building automation and support tools using bladelogic, scripting of the
shells, Python, and web2py. I'm an RHCE and have good bit of experience
with RHEL and SLES systems.
In the short term, I'd like to help out with any open issues I can and get
a feel for the infrastructure environment. Down the road, I hope to gain
some experience supporting HA and clustering.
Cheers,
Sim
IRC: sford
9 years, 4 months
