This should 'fix' broken redirects in the elections UI, see
https://pagure.io/fedora-infrastructure/issue/12997 .
This probably isn't ultimately the correct fix but it should make
things work for now. The real issue seems to be that elections'
custom WSGI app wrapper which attempts to handle the app being
reverse-proxied doesn't handle all proxied headers and/or doesn't
handle comma-separated list values. The long-term fix is likely
to be using werkzeug/middleware/proxy_fix.py instead, see
https://pagure.io/elections/issue/106 .
Signed-off-by: Adam Williamson <awilliam@redhat.com>
frantisekz, lbrabec and jskladan left the team. Adamwill should own everything,
and jgroman is our new app developer.
Signed-off-by: Kamil Páral <kparal@redhat.com>
bodhi gets a bunch of messages from resultsdb updating test results.
This means that it sometimes gets a large flurry of things to consume.
We don't want nagios to alert on these as it's processing and 'normal'
so, lets just up the limits here.
If there's no consumer they will grow over these limits.
If it can't process fast enough it will go over these limits.
Worst case we get notified about a problem a bit later than before.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
Swap out the short(ish)-lived secret for a client certificate and key.
This, unfortunately, requires a minor code change in the application so
ideally this should be rolled out to just staging, I can deploy the code
change there and double check everything works before rolling it out to
prod.
Signed-off-by: Jeremy Cline <jeremycline@linux.microsoft.com>
The routing keys published by the image uploader are in the format
"fedora_image_uploader.published.v1.azure.<release>.<variant>.<arch>".
In AMQP, * matches a single segment up to a "." whereas # matches zero
or more segments. If ELN publishing frequency uses too many test
resources we will want to filter those out, but for now lets try testing
everything.
Signed-off-by: Jeremy Cline <jeremycline@linux.microsoft.com>
This introduces another container to the image upload project. This
container runs a test suite against the images we upload using LISA[0].
The new fedora-messaging consumer and associated Containerfile were
added in https://pagure.io/cloud-image-uploader/pull-request/65. Like
when I introduced the image uploader, I'm starting with Azure since I've
got the most access to that, but LISA also supports AWS so I expect to
expand this in the future.
Finally, not much is done with the results of the tests just yet. A
message is published with the results, and the HTML results are stashed
in a storage account. In the future there will be a static page
summarizing the results and detailing failures, and images will be
tagged and promoted if tests are satisfactory. It'll also be hooked up
to the QA results wiki so Adam doesn't have to beg the Cloud SIG to do
some testing for releases.
[0] https://mslisa.readthedocs.io/
Hopefully this will help the high ai scraper load and not break
anything.
In the event we need to revert, simply change the proxyurl back to the
haproxy endpoint instead of the varnish endpoint.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
The scrapers are now downloading js and css files at a really high rate,
and thats causing a lot of load on pkgs01.
So, lets see if we can just move src behind the varnish on proxies.
This should allow it to return those pretty static files a lot
faster and not cause load on the backend.
However, putting varnish in the path might mess up something, so
lets just test in staging first.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
It seems like somebody just copied the production tasks for staging
without changing the LDAP domain, which caused the staging task to fail.
This commit is fixing that. And tagging the related tasks as well.
Signed-off-by: Michal Konecny <mkonecny@redhat.com>
I didn't realized that the check service, which is hitting a lot of
repositories is running on staging as well. Let's disable it and leave
it for manual testing if needed.
Signed-off-by: Michal Konecny <mkonecny@redhat.com>
