Freeze Break Request - Fixing Blocker Proposal in Blockerbugs App (third and hopefully final try)

[Tim Flink]

Hopefully third time's the charm for this freeze break request. I
changed the code so that it no longer uses cookies for python-bugzilla
calls. I've deployed the new code to stg and it is working properly.

A bug was filed the other day claiming that it was impossible to
propose bugs as FE or blockers in the blockerbugs app. I have a fix
ready that's already deployed to stg and I'd like to move it into prod.

After some triage today, it turns out that there were selinux denials
on httpd writing to a cookiefile which is required by python-bugzilla
and used as part doing the actual proposal.

The fix is in two places:
 - the code was modified to not use cookiefiles when calling
   python-bugzilla

   code changes for this is at:
   https://git.fedorahosted.org/cgit/blockerbugs.git/commit/?id=488c2f12e47769103e7f92665fc736fc4fbd4552


 - the config file in puppet needs to be modified so that it no longer
   references the bugzillacookie value

diff --git a/modules/blockerbugs/templates/blockerbugs-settings.py.erb b/modules/blockerbugs/templates/blockerbugs-settings.py.erb
index 8c33d6f..5b58b7a 100644
--- a/modules/blockerbugs/templates/blockerbugs-settings.py.erb
+++ b/modules/blockerbugs/templates/blockerbugs-settings.py.erb
@@ -3,7 +3,6 @@ SQLALCHEMY_DATABASE_URI = 'postgresql+psycopg2://<%= blockerbugs_app %>:<%= bloc
 FAS_ADMIN_GROUP = "qa-admin"
 FAS_USER = "<%= blockerbugs_fas_user %>@fedoraproject.org"
 FAS_PASSWORD = "<%= blockerbugs_fas_password %>"
-BUGZILLA_COOKIE = "" # this should be blank for production
 <% if environment == "staging" %>
 FAS_HTTPS_REQUIRED = False
 FAS_CHECK_CERT = False

Thanks,

Tim
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: not available
URL: <http://lists.fedoraproject.org/pipermail/infrastructure/attachments/20130913/37572b37/attachment.sig>