launchpad-dev team mailing list archive

[Robert Collins <robert.collins@xxxxxxxxxxxxx>]

On Thu, Sep 15, 2011 at 11:15 PM, Julian Edwards
<julian.edwards@xxxxxxxxxxxxx> wrote:
>> > What do you think?
>>
>> Seems a fairly sensible idea. I'd be worried a little bit about skew
>> between what an app thinks it needs to run and what it actually needs.
>> Perhaps it's best phrased as a dry-run start up, rather than a deps
>> check?
>
> Agree, both with the idea and these concerns.

On skew of directly visible resources: If we make the resources needed
be declared - e.g.:
class MyScript(LaunchpadCronScript):
    needs = [PublicLibrarian, PublicLibrarianUpload,
Database(Master|Slave, 'branchscanner'), BzrHosted]

...

Then we could potentially inject garbage into the config for that
script alone, thus finding out if it needs something undeclared.

> One of the biggest skews we have that *consistently* hurts us is setting up DB
> users with the right permissions on tables.  This is largely because the
> security.cfg is not action-based, but user-based.  That is - we should be
> composing DB users' permissions out of a set of actions/roles (I think there's
> one example if this in the file but it's an exception), not setting up each
> user discretely.

This is something we have much more direct control over, and can test
effectively already. I think its reasonable to debate it, but its a
totally different problem to the one I've raised ;)

-Rob