launchpad-reviewers team mailing list archive

[Stuart Bishop <stuart.bishop@xxxxxxxxxxxxx>]

Stuart Bishop has proposed merging lp:~stub/launchpad/trivial into lp:launchpad.

Requested reviews:
  Launchpad code reviewers (launchpad-reviewers)
Related bugs:
  Bug #851686 in Launchpad itself: "buildd-manager needs to connect as a unique database user"
  https://bugs.launchpad.net/launchpad/+bug/851686

For more details, see:
https://code.launchpad.net/~stub/launchpad/trivial/+merge/75696

= Summary =

buildd-manager needs to connect as a dedicated database user so its connections are not confused with those from other services.

== Proposed fix ==


== Pre-implementation notes ==

== Implementation details ==

== Tests ==

== Demo and Q/A ==


= Launchpad lint =

Checking for conflicts and issues in changed files.

Linting changed files:
  lib/canonical/config/schema-lazr.conf
  database/schema/security.cfg
  database/schema/preflight.py
  daemons/buildd-manager.tac

./lib/canonical/config/schema-lazr.conf
     516: Line exceeds 78 characters.
     590: Line exceeds 78 characters.
     955: Line exceeds 78 characters.
    1030: Line exceeds 78 characters.
./database/schema/preflight.py
       7: '_pythonpath' imported but unused
-- 
https://code.launchpad.net/~stub/launchpad/trivial/+merge/75696
Your team Launchpad code reviewers is requested to review the proposed merge of lp:~stub/launchpad/trivial into lp:launchpad.

=== modified file 'daemons/buildd-manager.tac'
--- daemons/buildd-manager.tac	2010-10-20 18:43:29 +0000
+++ daemons/buildd-manager.tac	2011-09-16 10:05:29 +0000
@@ -16,7 +16,7 @@
 from canonical.lp import initZopeless
 
 execute_zcml_for_scripts()
-initZopeless(dbuser=config.builddmaster.dbuser)
+initZopeless(dbuser='buildd_manager')
 
 options = ServerOptions()
 options.parseOptions()

=== modified file 'database/schema/preflight.py'
--- database/schema/preflight.py	2011-09-14 07:15:26 +0000
+++ database/schema/preflight.py	2011-09-16 10:05:29 +0000
@@ -40,7 +40,7 @@
 # added here. The preflight check will fail if any of these users are
 # connected, so these systems will need to be shut down manually before
 # a database update.
-FRAGILE_USERS = frozenset(['archivepublisher', 'fiera'])
+FRAGILE_USERS = frozenset(['archivepublisher', 'buildd_manager'])
 
 # How lagged the cluster can be before failing the preflight check.
 MAX_LAG = timedelta(seconds=60)

=== modified file 'database/schema/security.cfg'
--- database/schema/security.cfg	2011-09-13 04:31:49 +0000
+++ database/schema/security.cfg	2011-09-16 10:05:29 +0000
@@ -947,6 +947,10 @@
 public.translationtemplatesbuild              = SELECT, INSERT
 type=user
 
+[buildd_manager]
+type=user
+groups=fiera
+
 [ppa-apache-log-parser]
 groups=script
 public.archive                                  = SELECT

=== modified file 'lib/canonical/config/schema-lazr.conf'
--- lib/canonical/config/schema-lazr.conf	2011-09-16 09:07:33 +0000
+++ lib/canonical/config/schema-lazr.conf	2011-09-16 10:05:29 +0000
@@ -58,6 +58,8 @@
 
 [builddmaster]
 # The database user which will be used by this process.
+# THIS IS DEPRECATED, as the remaining code pulling this config item
+# should not be and fixed to use dedicated users.
 # datatype: string
 dbuser: fiera
 storm_cache: generational