Closed Bug 1210888 Opened 10 years ago Closed 9 years ago

Make config, except secrets, easier to manage

Categories

(Socorro :: Infra, task)

Product:
Socorro
Component:
Infra
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED WORKSFORME

People

(Reporter: peterbe, Unassigned)

Details

At the moment we have ALL config loaded into consul. Including secrets (e.g. AWS_SECRET_KEY or DATABASE_PASSWORD) and regular config things (e.g. crontabber.jobs) It means that the defaults in code (e.g. https://github.com/mozilla/socorro/blob/758940cabadfb160e51ea5334c72242b2439f104/socorro/cron/crontabber_app.py#L66) are useless unless it's a new config option. In particular, the crontabber jobs that we run is NOT this list https://github.com/mozilla/socorro/blob/758940cabadfb160e51ea5334c72242b2439f104/socorro/cron/crontabber_app.py#L10-L51 It's some other list that you can only find out by ssh'ing into an instance (stage or prod) and poking around with the consulate command. We do NOT want secrets in a file, but ideally we should maintain as much of the configuration as possible with code. By having it in code we can follow the wonderful pattern of proposing a config change by making a PR, having it reviewed and getting transparency of when it changed my following when it was merged to master. NOTE! We want to tackle this for "Mozilla specific configuration". E.g. the socorro/webapp-django/ALLOWED_HOSTS config key is not security sensitive but it's not applicable to other companies either.
Rob and I were chatting about this and one possible solution is to,.... * Create a new file called something like general-mozilla-configuration.json and add it to socorro-infra * Manually pick out things from consul and insert into this file. E.g. socorro/webapp-django/ALLOWED_HOSTS or socorro/crontabber/crontabber.jobs. Things we know are NOT security sensitive. * (pardon my ignorance in lingo here) Upon deployment we override what's in consul by reading from this file. * Ideally running a production deployment (or yum upgrading the admin node) should *then* pick up these new config changes. But we'd also like to be able to update consul manually with changes to this file without having to so do a socorro release.
I appreciate that there might be better tools for handling secrets (e.g. Vault) but let's not distract ourselves. What we need to achieve is transparency and simplicity with the basic config.
We are pointing in a new direction with socorro infra/management, and I'm cleaning up old bugs!
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.