The last rebuild only promoted our Gerrit 3.8 image. This appears to
have happened because we only modified the jobs and not the Dockerfile
itself. Fix this by modifying the Dockerfile which should rebuild and
promote both 3.8 and 3.9 images ensuring that our upgrade testing tests
what we want to upgrade to.
Change-Id: I8d06ea9971a6ee0c0e06e6fe2b73391526be6220
In earlier commits it was noted that we aren't as complete as we could
be with the scripts in launch. This commit removes detection of yum as
a package manager (which stopped being a real thin in CentOS-7).
And creates a more complete list of tools used in the appropriate
scripts
Change-Id: I4cd05da18155169fd640c06a151467aed6112a3d
Mirror nodes have an atypical LVN setup. In that the volume, once
visible to the guest, is split between 2 equal volumes for proxy and
afs caches.
This will do that work for us. As the volume (at least in ord.rax) is
attached to the guest after initial creation this script isn't integrated
into launch_node (like mount_volume.sh).
Change-Id: I9ebc6daa9a65a654d9e8622ea6004ebbc28348a2
Also while we're there use 99 as the host index to make it slightly
harder to confuse testing with production.
Change-Id: I62193418feb9401fc06da39bd100553aef3dc52d
In testing jammy updates we discovered that this value need to match
so that websockets are directed to the correct host.
Change-Id: Id44bf92edff411389f05a652dad2ae78607e4d55
The file in which our Etherpad settings reside is templated with
sensitive data like an API key and DB password. Remove the world
readable bit from it, and also drop user/group write perms while
we're at it. Also switch the service's effective GID to match its
UID and make sure the config's ownership is set accordingly.
Change-Id: I65b70237b4bc8f4e63aa0b717702c124e01ed777
This updates changes how Etherpad is built and how authentication is
managed for API requests. This ends up changing a lot of our tooling
around etherpad but etherpad itself (other than the auth changes)
doesn't seem to change much. In response to this I update our admin docs
on common api tasks to use the new process. Then update our testinfra
testing as well to cover that to ensure it all continues to work
properly after this change.
Note the Dockerfile updates are all adapted from upstream. I'm actually
not fond of the decisions they have made in this image build, but being
in sync is probably more important than fixing the multistage builds and
being different.
This change jumps us from v1.9.7 to 2.0.3 (covers releases 2.0.0, 2.0.1,
and 2.0.2 too). A changelog can be found here:
https://github.com/ether/etherpad-lite/blob/v2.0.3/CHANGELOG.md
Change-Id: Ia7c4f26d893b4fc4a178262e1a6b9f3fa80d2a5c
The OpenDev team is planning on removing Ubuntu Xenial in the nearish
future. One of the things still running on Xenial is our old puppet
testing. We've decided taht we'll just have to manually manage those
nodes going forward without CI as there are few of them at this point
and we really want to clean up old Ubuntus in nodepool and our mirrors.
There is a risk that this will allow things to break without detection
or otherwise create new problems, but this stuff has been neglected so
that risk was there anyway.
Depends-On: https://review.opendev.org/c/openstack/project-config/+/917198
Change-Id: I4560ae9bbb61e950a7baa1d29aaf677403249012
This change won't automatically perform the upgrade because we don't let
ansible manage Gerrit's containers directly. But it will update the
docker-compose file for us so that we can manually pull images, down,
then up the containers again which will do the upgrade for us.
This SQL database behind Gerrit only keeps tracks of which files users
have reviewed so its importance is minimal. Getting it updated so we can
bother even less about it is a good thing.
Change-Id: I78b683770496bb3d8e97464ddedaf813780a2a4e
After upgrading MariaDB behind several services from 10.4 to 10.11 it is
now Gitea's turn. Use the auto upgrade method as we've done elsewhere
and update Gitea's DB too.
Change-Id: I01aab3c55f1af4f883efe05bf8862ccd50a07631
This notably drops pabelanger and mordred (thank you for all the help!),
changes clarkb's, frickler's and fungi's keys, and adds tonyb's key.
Once this is applied to our clouds we can update nodepool configs.
Change-Id: I9f1b205099285a5e735b2f9c8f85a3b3d3666dd5
This is our semi regular python base image rebuild. This ensures we're
running relatively up to date python builds as well as base system
packages (though many of our image builds update the base system too).
Change-Id: Ice918219a64bd5845de9dc3330bf292261c6a80e
We're noticing that mailman's uwsgi queue is filling up. Before we try
to extend the queue apply our user agent filter to apache to reduce the
number of requests that hit the queue in the first place.
Change-Id: Ib821a7fffa6239a9affcc4c6698eef2dc9378cd1
We've noticed that our uwsgi queues are filling up and a lot of requests
are being made to robots.txt which ends up 500/503 erroring. Add a
robots.txt file which allows crawling of our lists and archives with a
delay value in hopes this will cause bots to cache results and not fill
up the queue with repetetive requests.
Change-Id: I660d8d43f6b2d96663212d93ec48e67d86e9e761
Gitea wants us to move the robots.txt file to a new location. It
currently logs a warning about it:
2024/04/17 19:30:56 cmd/web.go:191:serveInstalled() [E] Found legacy public
asset "robots.txt" in CustomPath. Please move it to
/custom/public/robots.txt
Change-Id: Ic4a7f3bbe4633972e0409b37b511fdb03f968442