Closed Bug 1027278 Opened 7 years ago Closed 7 years ago

Please deploy fxa-oauth-server and fxa-profile-server PROD stacks

Categories

(Cloud Services :: Operations: Deployment Requests - DEPRECATED, task)

task
Not set
normal

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: edwong, Assigned: ckolos)

References

Details

getting prod endpoint up sooner rather than later is good for partner testing.  I believe the endpoints are defined in config already.
Assignee: nobody → ckolos
The only client data in the current config is completely bogus. Is that sufficient for partner testing?
From discussion in IRC, it's clear that we need to

1) Define the partners that will be hitting this stack ( done, I think. Marketplace and FMD)
2) Define client data in this format for each partner in each env (dev/stage/prod)

{
      id: "(16 bit client id)",
      secret: "(64 bit secret)",
      name: "(client name)",
      imageUri: "(https://some-url)",
      redirectUri: "(http://some-url)",
      whitelisted: (true/false)
}

3) These values, once generated, will be considered secret and not available in the general puppet repository. For this reason, svcops folk will have to maintain this list. (for now? forever?) Also, any changes to this data after it is written to the DB must be done from an fxa-db-write instance/account in RDS.

Once these are done, we can setup a reliable prod-stack for oauth/profile

Currently, FMD has valid id/secret data for dev/stage testing. Marketplace has no valid data yet.
Blocks: 1027395
Blocks: 1025371, 1027399
No longer blocks: 1027395, 1027399
Blocks: 1027395
No longer blocks: 1025371
Depends on: 1027403
No longer depends on: 1027403
Depends on: 1027403
Related bug (Setting up FxA for Marketplace): https://bugzilla.mozilla.org/show_bug.cgi?id=1007958
The current place is for both the stage and prod Marketplace and FMD deployments to rely on the *prod* deployment of the FxA Oauth and Profile servers.

Sean can help you generate/get the credentials for those in the correct format?

We'll also probably want to generate credentials for a "prod" deployment of our 123done "test relier". We don't have a "prod" deployment of 123done, but when we do it would be nice to have those creds already in  our Oauth server. 

I'm not sure what the process is for communicating all these credentials to the QA and ops teams of FMD and Marketplace, but I'm assuming Services Ops will handle that.
Flags: needinfo?(smcarthur)
Warner and I have contacted Benson (ckolos is on PTO) about how to get this information on prod.
Flags: needinfo?(smcarthur)
any status updates on this, fmd is blocked by this
Flags: needinfo?(ckolos)
It's working in prod now. Just wrapping up what fixes need to go back into puppet.
Current versions are:

fxa-profile-server-svcops-0.14.1-1snap201406231228gitHEAD.x86_64.rpm
fxa-oauth-server-svcops-0.14.1-1snap201406231311gitHEAD.x86_64.rpm
Blocks: 1029214
Clean stacks have been deployed and return the correct information when queried:

OAuth:

$ curl -k https://oauth.accounts.firefox.com
{
  "version": "0.14.1",
  "commit": "b869eda53e6dc04b0a2dd1449ea62dad489009f5"
}

Profile:

$ curl -k https://profile.accounts.firefox.com                                                                      
{
  "version": "0.14.1",
  "commit": "28cefa955d0ebed9e12c31a1914dc92f633fa8e4"
}
Status: NEW → RESOLVED
Closed: 7 years ago
Flags: needinfo?(ckolos)
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.