Closed
Bug 1138684
Opened 9 years ago
Closed 9 years ago
Make Jacuzzi Allocator stop running code which is automatically checked out from git
Categories
(Release Engineering :: General, defect)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: mrrrgn, Assigned: mrrrgn)
Details
Attachments
(1 file)
The code should live in RelengAPI, with the allocator itself being run on a schedule via a badpenny (celery) job.
Assignee | ||
Updated•9 years ago
|
Assignee: nobody → winter2718
Assignee | ||
Updated•9 years ago
|
Summary: Port Jacuizzi Allocator to RelengAPI → Port Jacuzzi Allocator to RelengAPI
Comment 1•9 years ago
|
||
So fwiw this had relengapi code written (way back when relengapi was first being conceived/written) https://github.com/mozilla/build-relengapi/commit/2d275e7ce9f2b23ee15b33877516c582b08ecf7c and https://github.com/mozilla/build-relengapi/commit/17a883da20a9852ea3e57bad9f1da813ac64bd6c .. There is also a relatively new use case for me for slave-health, ala displaying lists of jacuzzi's/etc. The primary need here for me is to either preserve an apache-index style listing, or having a way to easily get a list of both machines and builders in jacuzzis. (and urls to their related allocation information) c.f. https://bugzilla.mozilla.org/show_bug.cgi?id=1126181
Assignee | ||
Updated•9 years ago
|
Summary: Port Jacuzzi Allocator to RelengAPI → Remove Jacuzzi Allocators' reliance on git checkout/commits for dynamic allocation
Assignee | ||
Updated•9 years ago
|
Summary: Remove Jacuzzi Allocators' reliance on git checkout/commits for dynamic allocation → Make Jacuzzi Allocator stop running code which is automatically checked out from git
Assignee | ||
Comment 2•9 years ago
|
||
So, because we're looking to deprecate JA, another way to improve the security is just to never run any code that's checked out automatically. To do this, I've created a separate repo for the config file. The config can be checked out and modified in a read only fashion but the code itself will have to be updated by hand: https://github.com/mozilla/releng-jacuzzis-config
Comment 3•9 years ago
|
||
That won't solve this bug, we would need to make the actually run code from jacuzzi-allocator not auto-pull and auto-use the code checked into jacuzzi-allocator. As it stands this additional repo is no-value-add to me. Since the main repo needs to exist in pull/push form for the actual end-state for our automation to support it at present. It just so happens the code that runs is in said repo. FWIW slave health gets around the "auto-deploy, code in repo" issue by only running a manually copied version of the script, as in we have a human involved in the deploy process of the *code* we run. (It may not be the best idea for jacuzzi's considering how many automated pushes that happen, but its probably better until the relengapi solution is done)
Assignee | ||
Comment 4•9 years ago
|
||
(In reply to Justin Wood (:Callek) from comment #3) > That won't solve this bug, we would need to make the actually run code from > jacuzzi-allocator not auto-pull and auto-use the code checked into > jacuzzi-allocator. As it stands this additional repo is no-value-add to me. > Since the main repo needs to exist in pull/push form for the actual > end-state for our automation to support it at present. > > It just so happens the code that runs is in said repo. > > FWIW slave health gets around the "auto-deploy, code in repo" issue by only > running a manually copied version of the script, as in we have a human > involved in the deploy process of the *code* we run. (It may not be the > best idea for jacuzzi's considering how many automated pushes that happen, > but its probably better until the relengapi solution is done) That's what I'm intending to do: require humans to manually pull in code changes. The files which are pull/pushed will only be the read only ones (config.json only if that will work, otherwise that and /v1/*)
Assignee | ||
Comment 5•9 years ago
|
||
How does this sound to you? That is, making it so that we don't run any code that's checked out from a cron job, though, we continue to push/pull to another repository with read only files. I can also create a new user for handing this, with lowered priveleges (and keep the files in a private repo as a cherry on top).
Flags: needinfo?(gdestuynder)
Assignee | ||
Updated•9 years ago
|
Flags: needinfo?(gdestuynder)
talked on irc, r+ for separate repo + manual pull. this does remediate to the issue where code would be automatically pulled and run as root. separate repo also means you can set it so that only humans can push code changes
Assignee | ||
Comment 7•9 years ago
|
||
The other part of this will be modifying the crontask.sh script, and giving the cronjob user access to the new config repo: https://github.com/mozilla/releng-jacuzzis-config
Attachment #8574086 -
Flags: review?(rail)
Assignee | ||
Updated•9 years ago
|
Attachment #8574086 -
Flags: review?(rail) → review?(catlee)
Assignee | ||
Comment 8•9 years ago
|
||
Static and runnable files have been broken up as described above. Automated commit of config changes has been observed. Closing bug.
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
Updated•9 years ago
|
Attachment #8574086 -
Flags: review?(catlee)
Updated•7 years ago
|
Component: Tools → General
You need to log in
before you can comment on or make changes to this bug.
Description
•