Closed
Bug 819850
Opened 12 years ago
Closed 12 years ago
please deploy train 2012.12.07 to stage
Categories
(Cloud Services :: Server: Identity, defect)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: lhilaiel, Assigned: gene)
References
Details
this will require the creation of a new database table: "CREATE TABLE IF NOT EXISTS idp (" + "id BIGINT AUTO_INCREMENT PRIMARY KEY," + "domain VARCHAR(255) UNIQUE NOT NULL," + "lastSeen TIMESTAMP DEFAULT 0 NOT NULL" + ") ENGINE=InnoDB;", version 0.2012.12.07 sha 4545e8fda9 branch train-2012.12.07
Comment 2•12 years ago
|
||
Gene already did the CREATE TABLE in stage: https://bugzilla.mozilla.org/show_bug.cgi?id=819506#c3 So we can just proceed with the rpm spin of the sha above and push that on stage.
Assignee | ||
Updated•12 years ago
|
Status: NEW → ASSIGNED
Assignee | ||
Comment 3•12 years ago
|
||
jrgm : For this release are there any configuration changes associated with the new code (e.g. proxy_idp, etc)
Assignee | ||
Comment 4•12 years ago
|
||
The RPM we'll be using is : browserid-server-0.2012.12.07-1.el6_111519.x86_64.rpm which is distributed everywhere and ready to be installed
Flags: needinfo?(jrgm)
Comment 5•12 years ago
|
||
I've been going through the diff and I'm not sure what config changes will need defaults. proxy_idsp: {} is definitely one. The others may be measure_dom_loading, cef and idp_offline_grace_period_ms. Shane, Jed, Lloyd can you say what changes are needed if any.
Flags: needinfo?(jrgm)
Assignee | ||
Updated•12 years ago
|
Flags: needinfo?(lhilaiel)
Comment 6•12 years ago
|
||
(In reply to John Morrison [:jrgm] from comment #5) I think proxy_idps changes were a clarification, but something we already managed in stage. No real change there.
Assignee | ||
Comment 7•12 years ago
|
||
Ya, I still don't have a definitive list of what config changes I need for this release. jrgm, can you schedule a meeting with Jed Lloyd etc. to find out the answers to your question about measure_dom_loading, cef and idp_offline_grace_period_ms
Comment 8•12 years ago
|
||
Okay, sorry I missed that. I'll get you these details. (I actually was in the previous train's tree when I poked around, because I was confused)
Comment 9•12 years ago
|
||
Updated with 3 hotfixes. SHA: 7d22f19cbcd5473c641d2951b66bc80b43e78d83 Branch: https://github.com/mozilla/browserid/tree/train-2012.12.07 Ready to deploy (after train-2012.11.23 is deployed and tested of course)
Comment 10•12 years ago
|
||
So for idp_offline_grace_period_ms, measure_dom_loading, cef, they have reasonable defaults set in browserid/config/production.json in train-2012.12.07. However, if I have this right, puppet has its own version of that file that it wants to install. Is that correct? Then you'll need updates to the puppet version. (But we really shouldn't need to have production.json modified from the committed version, again if that's how it currently is; prod/stage specific changes can be picked up in an overlay file on that config). Can you check the diff between that version and the version on this train (or give me a copy of production.json, and also webhead.json).
Assignee | ||
Comment 11•12 years ago
|
||
Yes, puppet installs a production.json file. > But we really shouldn't need to have production.json modified from the committed version, again if that's how it currently is; prod/stage specific changes can be picked up in an overlay file on that config I'd like to understand more about this. What is the overlay file? We use production.json to define all the URLs as well as all the ports. These all differ from the default production.json Sure, here's the diff --- <unnamed> +++ <unnamed> @@ -1,71 +1,43 @@ -// production.js is the common base configuration for -// all hosted deployments (non-local) { "env": "production", + "public_url": "https://login.anosrep.org", + "public_static_url": "https://static.login.anosrep.org", "bind_to": { "host": "127.0.0.1" }, "use_minified_resources": true, - "public_static_url": "https://static.login.persona.org", "database": { "driver": "mysql", - "user": "browserid", "name": "browserid", - "create_schema": true + "create_schema": false + }, + "smtp": { + "host": "127.0.0.1" }, "statsd": { "enabled": true }, - "kpi_backend_sample_rate": 0.0, "bcrypt_work_factor": 12, "max_compute_processes": null, "max_compute_duration": 10, "disable_primary_support": false, "enable_code_version": false, "default_lang": "en", - // supported_languages should be overridded with what is appropriate for the - // deployment. That is environment dependent: - // * in l10 preview env it's all available locales - // * in staging or dev envs it depends, but should include at least - // testing locales: "it-CH", "db-LB" - // * in production it's reviews locales that have been signed off - "supported_languages": [ - "en" - ], - "debug_lang": "it-CH", - // locale directory should be overridden - "express_log_format": "default_bid", + "express_log_format": "default", "email_to_console": false, - // var path should be overridded - // "var_path": "xxx", + "var_path": "/var/browserid", - // this is daemon specific configuration to bind the - // ports we've traditionally bound different daemons to, - // may be overridden if desired + "keysigner": { "bind_to": { "port": 62700 } }, + "browserid": { "bind_to": { "port": 62700 } }, + "router": { "bind_to": { "port": 63300 } }, "verifier": { "bind_to": { "port": 62800 } }, - "verifier_url": "http://127.0.0.1:62800/verify", - "keysigner": { "bind_to": { "port": 62600 } }, - "keysigner_url": "http://127.0.0.1:62600", - "dbwriter": { "bind_to": { "port": 62900 } }, - "dbwriter_url": "http://127.0.0.1:62900", - "browserid": { "bind_to": { "port": 62700 } }, + "dbwriter": { "bind_to": { "port": 62700 } }, + "static": { "bind_to": { "port": 63400 } }, + + "static_url": "http://127.0.0.1:63400", + "verifier_url": "https://browserid.org", + "keysigner_url": "http://keysign.idkeysign.scl2.stage.svc.mozilla.com", + "dbwriter_url": "http://dbwriter.idsecweb.scl2.stage.svc.mozilla.com", "browserid_url": "http://127.0.0.1:62700", - "static": { "bind_to": { "port": 63400 } }, - "static_url": "http://127.0.0.1:63400", - "router": { "bind_to": { "port": 63300 } }, - - // set to true to enable the development menu. - "enable_development_menu": false, - - // http_proxy should be overridded per env - //"http_proxy": { - // "host": "127.0.0.1", - // "port": 10006 - //}, - - // set to true to use an inline script in the dialog HEAD to measure the - // time it takes the window to open and the DOM to start loading. - // Enabling this will break CSP because of the extra inline script in the - // HEAD. - "measure_dom_loading": false + "proxy_idps": {} }
Comment 12•12 years ago
|
||
(In reply to Gene Wood [:gene] from comment #7) > Ya, I still don't have a definitive list of what config changes I need for > this release. jrgm, can you schedule a meeting with Jed Lloyd etc. to find > out the answers to your question about > > measure_dom_loading, cef and idp_offline_grace_period_ms For CEF, one change needs to be made: CEF_SYSLOG_HOST=local4
Comment 13•12 years ago
|
||
All configs have good default values, no new config is manditory. lloyd added idp_offline_grace_period_ms defaults to 5 days MIN_TIME_BETWEEN_EMAILS_MS is a new ENV variable for the existing min_time_between_emails_ms stomlinson added measure_dom_loading - defaults to false jedp added cef [1] logging has many config values. All have sane defaults for stage/production. We chatted with yvan and parker to sanity check. There is no stage syslog hosted by security. Each DC will have a syslog server that we can send data to. gene will open up a bug for produciton config. [1] https://github.com/mozilla/browserid/compare/train-2012.11.23...train-2012.12.07#L21R136
Comment 14•12 years ago
|
||
(In reply to Gene Wood [:gene] from comment #11) > I'd like to understand more about this. What is the overlay file? We use > production.json to define all the URLs as well as all the ports. These all > differ from the default production.json > Thanks for the diff. By "overlay", look at CONFIG_FILES in services/browserid*/run. Each file in the list can overwrite any previous keys (although not delete, I think).
Comment 15•12 years ago
|
||
(In reply to John Morrison [:jrgm] from comment #14) > ... can overwrite any previous keys (although not delete ... can overwrite or *add*, but not delete keys
Comment 16•12 years ago
|
||
Yes, please deploy this train to stage. I am done with 11.23 in stage.
Comment 17•12 years ago
|
||
Yes, at 7d22f19cbcd547.
Assignee | ||
Comment 18•12 years ago
|
||
7d22f19cbcd5473c641d2951b66bc80b43e78d83 has been deployed to stage l10n and clientN
Comment 19•12 years ago
|
||
Updated with 4th hotfix. SHA: f9ee47079ca0883ac9a4bf03c35b3139c18ee918 Branch: https://github.com/mozilla/browserid/tree/train-2012.12.07 Ready to deploy
Assignee | ||
Comment 20•12 years ago
|
||
f9ee47079ca0883ac9a4bf03c35b3139c18ee918 deployed as browserid-server-0.2012.12.07-4.el6_111681.x86_64.rpm on stage l10n and clientN
Status: ASSIGNED → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Comment 21•12 years ago
|
||
Please enable Yahoo BigTent in stage. We wanted to turn this on and off over the next couple of weeks. Please consult your environment notes, but I think our stage is yahoo.login.anosrep.org. Example config in browserid would be: {"yahoo.com":"yahoo.login.anosrep.org"}
You need to log in
before you can comment on or make changes to this bug.
Description
•