Freeze break request: adding FMN to the list of trusted trust roots
by Patrick Uiterwijk
Hi all,
Here I come again with yet another request for +1's.
Basically, I want to add the trust root that FMN (https://apps.fedoraproject.org/, FMN at https://apps.fedoraproject.org/notifications/) to the list of trusted roots in FedOAuth.
From 0fd1ce2a4aef09119d9be2694d7b6475cdcc7a1c Mon Sep 17 00:00:00 2001
From: Patrick Uiterwijk <puiterwijk(a)redhat.com>
Date: Thu, 11 Sep 2014 15:13:17 +0000
Subject: [PATCH] Add FMN to the list of trusted trust roots
---
roles/fedoauth/templates/fedoauth.cfg | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/roles/fedoauth/templates/fedoauth.cfg b/roles/fedoauth/templates/fedoauth.cfg
index ffd1529..557891f 100644
--- a/roles/fedoauth/templates/fedoauth.cfg
+++ b/roles/fedoauth/templates/fedoauth.cfg
@@ -80,7 +80,8 @@ AUTH_PROVIDER_CONFIGURATION = {
'https://admin.fedoraproject.org/pkgdb/',
'https://admin.fedoraproject.org/voting/',
'https://apps.fedoraproject.org/github2fedmsg',
- 'https://admin.fedoraproject.org'], # Nagios
+ 'https://admin.fedoraproject.org', # Nagios
+ 'https://apps.fedoraproject.org/'], # FMN
{% endif %}
'non_trusted_roots': [],
'handle_magic_groups_value': True
--
1.7.2.1
Thanks,
Patrick
9 years, 7 months
Summary/Minutes from today's Fedora Infrastructure meeting (2014-09-11)
by Patrick Uiterwijk
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
============================================
#fedora-meeting: Infrastructure (2014-09-11)
============================================
Meeting started by puiterwijk at 18:00:24 UTC. The full logs are available at
http://meetbot.fedoraproject.org/fedora-meeting/2014-09-11/infrastructure...
Meeting summary
- ---------------
* welcome (puiterwijk, 18:00:28)
* New folks introductions and Apprentice tasks (puiterwijk, 18:02:35)
* Freeze reminder (puiterwijk, 18:08:27)
* Applications status / discussion (puiterwijk, 18:08:35)
* People should help test gitolite3, info sent to mailing list (puiterwijk, 18:13:22)
* https://lists.fedoraproject.org/pipermail/infrastructure/2014-September/0... has instructions how to test (bochecha, 18:13:58)
* nagios/alerts recap (puiterwijk, 18:20:12)
* http://tinyurl.com/l3vjae8 (puiterwijk, 18:20:14)
* Sysadmin status / discussion (puiterwijk, 18:21:09)
* https://lists.fedoraproject.org/pipermail/infrastructure/2014-September/0... (threebean, 18:21:20)
* Upcoming Tasks/Items (puiterwijk, 18:23:17)
* https://apps.fedoraproject.org/calendar/list/infrastructure/ (puiterwijk, 18:23:21)
* Open Floor (puiterwijk, 18:25:43)
* http://karl-tux-stadt.de/ktuxs/?p=4659 we had a blast of fedora-tagger activity yesterday (threebean, 18:26:07)
Meeting ended at 18:31:47 UTC.
Action Items
- ------------
People Present (lines said)
- ---------------------------
* puiterwijk (51)
* threebean (22)
* nirik (13)
* bochecha (12)
* RogerB_TX (8)
* Neldogz (5)
* purezen (5)
* zodbot (4)
* smooge (3)
* tflink (2)
* randomuser (2)
* relrod (1)
* danielbruno (1)
* danofsatx (1)
* mpduty (1)
* bwood09 (1)
* mirek_ (1)
* oddshocks (1)
* mdomsch (0)
* abadger1999 (0)
* lmacken (0)
* pingou (0)
* dgilmore (0)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
iQIcBAEBCgAGBQJUEevrAAoJEIZXmA2atR5Q4gMP/RAM0CeXQ1rpnE7PucGRn0IS
39gH/RprZhqzP/p1GSsfpTtXlTRIbVfvYzXrY1RL+DRRKuCG4+8V8wPJoIoRJndO
a9sCtr6+I7eD8+ITn7SU37zI+dxMK2dBo0jzRmvJ7vuHAka+4eczvC+fykWAKVQa
IFz4NfxTV5D9ACki8pzRmD0RgLYz8l/WlJruLTZPudwicBMqTDt46lUXIBkOQma0
gedlzW+BCrv7TWu12bqIE+bStuqo26sdNYnc6A/UiGspNmsZQe/zpY0W1ZINRlEo
lQMniDfVtIIxhHp3Vtpz/hly+gSwj1hd5o/mendZzOV9BrK1fVAgsipiFnCDNRI+
AcsCuy6lC565/Chsk1FnSNGgdCvaHNeNc0zVMuwvpnhPM2JN5lc7p15vpPrHz2Bf
QYfkTZmEPjr0+57wNEOx1qSdYCzGlfYC36YnMh2ehq3zirOUWi71eIJyhy2EmW8M
jMOIjMeXoM0BcHOPLIV/09d1hmoKA/xePlJgBgYT0G5RG1pBvbsoduoj0mLoxmux
t/5iJRA45PvCiEQyVO32shLeEngfthswrR2WCN54NnBNpj8L8+SblcQprwYAlzdO
/slnj5v1p1Pvqw5Gd628di7EZh6dpyp/LPfNOoKzotdXfL4WII7byg+x1bswtWYF
ghIdvkJNFQ9rs2n24zap
=j8vc
-----END PGP SIGNATURE-----
9 years, 7 months
mirror crawler seems to have had a problem
by Adrian Reber
Looking at the crawler mirrormanager log files on bapp02 it seems the
last crawler run had some kind of problem:
-rw-r--r--. 1 mirrormanager mirrormanager 0 Sep 11 04:02 crawler.log
-rw-rw-r--. 1 mirrormanager mirrormanager 0 Sep 11 04:02 generate-publiclist.log
Both files have no content and it seems the last run of the crawler has
finished. Looking at the output of crawler_perhost in /var/log/mirrormanager/crawler
it also seems all recent log files are empty.
It would probably be a good thing to start the crawler manually to
update the mirrormanager database.
Adrian
9 years, 7 months
Plan for tomorrow's Fedora Infrastructure meeting (2014-09-11)
by Kevin Fenzi
The infrastructure team will be having it's weekly meeting tomorrow,
2014-09-11 at 18:00 UTC in #fedora-meeting on the freenode network.
Suggested topics:
#topic New folks introductions and Apprentice tasks.
If any new folks want to give a quick one line bio or any apprentices
would like to ask general questions, they can do so in this part of the
meeting. Don't be shy!
#topic Freeze reminder
#topic Applications status / discussion
Check in on status of our applications: pkgdb, fas, bodhi, koji,
community, voting, tagger, packager, dpsearch, etc.
If there's new releases, bugs we need to work around or things to note.
#topic Sysadmin status / discussion
Here we talk about sysadmin related happenings from the previous week,
or things that are upcoming.
#topic nagios/alerts recap
Here we go over the last weeks alerts and see if we can find ways to
make it so they don't happen again.
#topic Upcoming Tasks/Items
https://apps.fedoraproject.org/calendar/list/infrastructure/
#topic Open Floor
Submit your agenda items, as tickets in the trac instance and send a
note replying to this thread.
More info here:
https://fedoraproject.org/wiki/Infrastructure/Meetings#Meetings
Thanks
kevin
9 years, 7 months
Freeze break request: cron to check for anonymous trac permissions
by Patrick Uiterwijk
Hi all,
I would like to get two +1's to add the following cron job to hosted03.
This will give us an overview of which trac projects have anonymous ticket editing or creation.
From 0443e6d8eff85b3e09f6218a24410c0a32217ff8 Mon Sep 17 00:00:00 2001
From: Patrick Uiterwijk <puiterwijk(a)redhat.com>
Date: Wed, 10 Sep 2014 19:59:52 +0000
Subject: [PATCH] Anonymous trac permission check
---
manifests/services/hosted.pp | 1 +
modules/scripts/files/trac-anonymous-check.sh | 12 ++++++++++++
modules/scripts/manifests/init.pp | 18 ++++++++++++++++++
3 files changed, 31 insertions(+), 0 deletions(-)
create mode 100644 modules/scripts/files/trac-anonymous-check.sh
diff --git a/manifests/services/hosted.pp b/manifests/services/hosted.pp
index 5540613..8b8b533 100644
--- a/manifests/services/hosted.pp
+++ b/manifests/services/hosted.pp
@@ -19,6 +19,7 @@ class hosted {
include hotfix::python-fedora-django
include cgit::cgit
include cgit::clean-lock-cron
+ include scripts::trac-anonymous-check
reviewboard::server { '/reviewboard/':
secret_key => $reviewboardsecretkey,
diff --git a/modules/scripts/files/trac-anonymous-check.sh b/modules/scripts/files/trac-anonymous-check.sh
new file mode 100644
index 0000000..9e7268d
--- /dev/null
+++ b/modules/scripts/files/trac-anonymous-check.sh
@@ -0,0 +1,12 @@
+#!/bin/bash
+for project in `ls /srv/web/trac/projects`;
+do
+ PERMISSIONS="`sqlite3 /srv/web/trac/projects/$project/db/trac.db "select action from permission where username='anonymous';" | grep 'CREATE\|APPEND\|EDIT\|MODIFY'`"
+ if [ "" != "$PERMISSIONS" ];
+ then
+ echo -n $project
+ echo -n ": "
+ echo $PERMISSIONS
+ echo "------"
+ fi
+done
diff --git a/modules/scripts/manifests/init.pp b/modules/scripts/manifests/init.pp
index befff2d..3f85baf 100644
--- a/modules/scripts/manifests/init.pp
+++ b/modules/scripts/manifests/init.pp
@@ -17,6 +17,24 @@ class scripts::buildSB1Indexes {
}
+class scripts::trac-anonymous-check {
+
+ file { '/usr/local/bin/trac-anonymous-check.sh':
+ source => 'puppet:///scripts/trac-anonymous-check.sh',
+ mode => '0755'
+ }
+
+ cron { trac-anonymous-check:
+ command => "/usr/local/bin/trac-anonymous-check.sh",
+ user => "root",
+ minute => 0,
+ hour => 0,
+ ensure => present,
+ require => File['/usr/local/bin/trac-anonymous-check.sh']
+ }
+
+}
+
class scripts::confineSsh {
file { '/usr/local/bin/confine-ssh.sh':
--
1.7.2.1
--
Thanks,
Patrick Uiterwijk
9 years, 7 months
Fedora Atomic / Infrastructure check-in minutes for 9 September 2014
by Joe Brockmeier
===============
#atomic Meeting
===============
Meeting started by jzb at 20:04:18 UTC. The full logs are available at
http://meetbot.fedoraproject.org/atomic/2014-09-09/atomic.2014-09-09-20.0...
.
Meeting summary
---------------
* LINK:
https://git.fedorahosted.org/cgit/releng/tree/scripts/buildbranched
and https://git.fedorahosted.org/cgit/releng/tree/scripts/buildrawhide
(nirik, 20:11:12)
* note, we are producing Atomic images regularly in test composes, not
yet in nightlies (stickster, 20:13:06)
* Help is needed patching the compose scripts! (stickster, 20:16:16)
* LINK: https://git.fedorahosted.org/cgit/releng/tree/scripts/run-pungi
(stickster, 20:16:44)
* LINK:
https://git.fedorahosted.org/cgit/releng/tree/scripts/buildbranched
(stickster, 20:16:49)
* LINK:
https://git.fedorahosted.org/cgit/releng/tree/scripts/buildrawhide
(stickster, 20:16:55)
* metalink XML, mirroring (walters, 20:20:10)
* http://koji.fedoraproject.org/koji/buildinfo?buildID=576104 should
support metalinks and has a new "summary" file (stickster,
20:21:07)
* ACTION: oddshocks work on adding Atomic to releng scripts (jzb,
20:41:49)
* open floor (jzb, 20:50:35)
Meeting ended at 21:01:41 UTC.
Action Items
------------
* oddshocks work on adding Atomic to releng scripts
Action Items, by person
-----------------------
* oddshocks
* oddshocks work on adding Atomic to releng scripts
* **UNASSIGNED**
* (none)
People Present (lines said)
---------------------------
* jzb (48)
* walters (42)
* stickster (25)
* nirik (18)
* dustymabe (15)
* oddshocks (10)
* zodbot (7)
* roshi (2)
* number80 (1)
* dgilmore (0)
Generated by `MeetBot`_ 0.1.4
.. _`MeetBot`: http://wiki.debian.org/MeetBot
--
Joe Brockmeier | Principal Cloud & Storage Analyst
jzb(a)redhat.com | http://community.redhat.com/
Twitter: @jzb | http://dissociatedpress.net/
9 years, 7 months
Freeze break request: blockerbugs bugfix to correctly sync updates
by Tim Flink
We found a bug in the blockerbugs app yesterday that is preventing
updates from being properly synced and leaving us with an empty page of
pending updates:
https://qa.fedoraproject.org/blockerbugs/milestone/21/alpha/updates
I'd like to deploy a new version of blockerbugs with the fix for that
bug and adding a convenience endpoint to the API. The added API
endpoint is of little to no risk because there are no current users of
that API and the change itself is very small.
I'd like to get some +1s if the change is acceptable during freeze.
Tim
Reviews of changes:
(bugfix) https://phab.qadevel.cloud.fedoraproject.org/D228
(endpoint) https://phab.qadevel.cloud.fedoraproject.org/D230
Full diff of code change:
diff --git a/blockerbugs/cli.py b/blockerbugs/cli.py
index 2ec4898..b164b7b 100644
--- a/blockerbugs/cli.py
+++ b/blockerbugs/cli.py
@@ -166,7 +166,7 @@ def sync_updates(fullsync=False):
active_releases = Release.query.filter_by(active=True).all()
update_sync = UpdateSync(db)
for release in active_releases:
- update_sync.sync_updates(release)
+ update_sync.sync_updates(release, fullsync)
def minify():
diff --git a/blockerbugs/controllers/api/api.py
b/blockerbugs/controllers/api/api.py index 09f437f..721b442 100644
--- a/blockerbugs/controllers/api/api.py
+++ b/blockerbugs/controllers/api/api.py
@@ -233,4 +233,7 @@ def update_spin(rel_num, milestone_version,
spin_id): db.session.commit()
return JsonResponse(status=200)
-
+(a)api_v0.route('/milestones/current')
+def get_current_milestone():
+ current_milestone = get_or_404(Milestone, current=True)
+ return JsonResponse(current_milestone.simple())
diff --git a/blockerbugs/models/milestone.py
b/blockerbugs/models/milestone.py index 68bbf0e..0b1739d 100644
--- a/blockerbugs/models/milestone.py
+++ b/blockerbugs/models/milestone.py
@@ -60,3 +60,13 @@ class Milestone(db.Model):
def __repr__(self):
number = self.release.number if self.release else -1
return 'milestone: %d-%s' % (number, self.version)
+
+ def simple(self):
+ return {'id': self.id,
+ 'release': self.release.number,
+ 'version': self.version,
+ 'name': self.name,
+ 'blocker_tracker': self.blocker_tracker,
+ 'fe_tracker': self.fe_tracker,
+ 'current': self.current,
+ }
diff --git a/blockerbugs/models/update.py b/blockerbugs/models/update.py
index 033e623..777beec 100644
--- a/blockerbugs/models/update.py
+++ b/blockerbugs/models/update.py
@@ -77,7 +77,7 @@ class Update(db.Model):
def __str__(self):
return 'update: %s' % (self.title)
- def sync(self, updateinfo, milestone):
+ def sync(self, updateinfo, fullsync=False):
self.title = updateinfo['title']
self.url = updateinfo['url']
self.karma = updateinfo['karma']
@@ -91,16 +91,18 @@ class Update(db.Model):
self.pending = updateinfo['pending']
current_bugids = [bug.bugid for bug in self.bugs]
for bugid in updateinfo['bugs']:
- if not bugid in current_bugids:
+ # if full sync is specified, we want to sync all of the
bugs
+ if fullsync or not bugid in current_bugids:
newbugs = Bug.query.filter_by(bugid=bugid).all()
for bug in newbugs:
- self.bugs.append(bug)
- if not milestone in self.milestones:
- self.milestones.append(milestone)
+ if not bugid in current_bugids:
+ self.bugs.append(bug)
+ if not bug.milestone in self.milestones:
+ self.milestones.append(bug.milestone)
@classmethod
- def from_data(cls, updateinfo, release, milestone):
+ def from_data(cls, updateinfo, release):
newupdate = Update(updateinfo['title'], '', 0, '', [],
release, None)
- newupdate.sync(updateinfo, milestone)
+ newupdate.sync(updateinfo)
return newupdate
diff --git a/blockerbugs/util/update_sync.py
b/blockerbugs/util/update_sync.py index af8b2bf..4587a8c 100644
--- a/blockerbugs/util/update_sync.py
+++ b/blockerbugs/util/update_sync.py
@@ -132,7 +132,7 @@ class UpdateSync(object):
buglist.extend(milestone.bugs.filter_by(active=True).all())
return buglist
- def sync_bug_updates(self, release, bugs):
+ def sync_bug_updates(self, release, bugs, fullsync=False):
starttime = datetime.utcnow()
bugs_ids = [bug.bugid for bug in bugs]
self.log.debug('searching for updates for bugs %s' %
str(bugs_ids)) @@ -154,11 +154,10 @@ class UpdateSync(object):
if existing_update:
self.log.debug(
'syncing existing update %s' %
existing_update.title)
- existing_update.sync(update, bug.milestone)
+ existing_update.sync(update, fullsync)
else:
self.log.debug('creating new update %s' %
update['title'])
- existing_update = Update.from_data(update, release,
- bug.milestone)
+ existing_update = Update.from_data(update, release)
self.db.session.add(existing_update)
self.db.session.commit()
@@ -166,7 +165,7 @@ class UpdateSync(object):
self.db.session.add(release)
self.db.session.commit()
- def sync_updates(self, release):
+ def sync_updates(self, release, fullsync=False):
bugs = self.get_release_bugs(release)
self.log.info(
'found %d bugs in f%d release' % (len(bugs),
release.number)) @@ -175,4 +174,4 @@ class UpdateSync(object):
'no bugs in f%d release, skip update' %
(release.number)) release.last_update_sync = datetime.utcnow()
return
- self.sync_bug_updates(release, bugs)
+ self.sync_bug_updates(release, bugs, fullsync)
diff --git a/testing/test_api.py b/testing/test_api.py
index 34c90e3..30f20f6 100644
--- a/testing/test_api.py
+++ b/testing/test_api.py
@@ -24,6 +24,8 @@ class TestRestAPI(object):
cls.release = add_release(99)
cls.milestone = add_milestone(cls.release, 'final', 100, 101,
'99-final', True)
+ cls.milestone.current = True
+
cls.milestone2 = add_milestone(cls.release, 'beta', 200, 201,
'99-beta')
bug1 = add_bug(9000, 'testbug1', cls.milestone)
@@ -287,3 +289,10 @@ class TestRestAPI(object):
assert resp.status_code == httplib.FORBIDDEN
error = json.loads(resp.data)['error']
assert error['code'] == errors.AuthFailedError.code
+
+ def test_get_current_milestone(self):
+ url = '/api/v0/milestones/current'
+ resp = self.client.get(url)
+ assert resp.status_code == httplib.OK
+ data = json.loads(resp.data)
+ assert data['name'] == self.milestone.name
9 years, 7 months