launchpad-reviewers team mailing list archive

[Kit Randel <kit.randel@xxxxxxxxxxxxx>]

Kit Randel has proposed merging lp:~blr/canonical-mojo-specs/rutabaga-e2e into lp:~canonical-launchpad-branches/canonical-mojo-specs/trunk.

Commit message:
* Add support for rutabaga e2e nagios check.
* Set squid credentialsttl to 1 second.

Requested reviews:
  Launchpad code reviewers (launchpad-reviewers)

For more details, see:
https://code.launchpad.net/~blr/canonical-mojo-specs/rutabaga-e2e/+merge/280929

This branch bumps revnos on squid-forwardproxy and rutabaga to provide the check_rutabaga_proxy e2e nagios check. The admin secret is generated in predeploy and stored on disk in /srv/rutabaga/.admin_secret with nagios ownership to prevent passing the secret over the cli to the auth helper script.

The squid config value credentialsttl is also set to 1 second to ensure a only a limited window exists after token invalidation. This may need to be adjusted later after performance profiling.
-- 
Your team Launchpad code reviewers is requested to review the proposed merge of lp:~blr/canonical-mojo-specs/rutabaga-e2e into lp:~canonical-launchpad-branches/canonical-mojo-specs/trunk.

=== modified file 'lp/mojo-lp-snap-proxy/collect-charms'
--- lp/mojo-lp-snap-proxy/collect-charms	2015-12-07 22:37:52 +0000
+++ lp/mojo-lp-snap-proxy/collect-charms	2015-12-17 22:42:20 +0000
@@ -1,6 +1,6 @@
 # Services
-rutabaga                  lp:~canonical-launchpad-branches/charms/trusty/rutabaga/devel;revno=20
-squid-forwardproxy        lp:~canonical-launchpad-branches/charms/precise/squid-forwardproxy/trunk;revno=34
+rutabaga                  lp:~canonical-launchpad-branches/charms/trusty/rutabaga/devel;revno=21
+squid-forwardproxy        lp:~canonical-launchpad-branches/charms/precise/squid-forwardproxy/trunk;revno=35
 
 # Subordinates
 gunicorn                lp:charms/trusty/gunicorn;revno=34

=== modified file 'lp/mojo-lp-snap-proxy/devel/deploy'
--- lp/mojo-lp-snap-proxy/devel/deploy	2015-12-07 23:14:15 +0000
+++ lp/mojo-lp-snap-proxy/devel/deploy	2015-12-17 22:42:20 +0000
@@ -34,6 +34,7 @@
                     ]
                 auth_params: |
                     [{"scheme": "basic", "program": "/srv/rutabaga/code/rutabaga/scripts/rutabaga_auth_helper.py"},
+                     {"scheme": "basic", "credentialsttl": "1 second"},
                      {"scheme": "basic", "casesensitive": "on"}]
     relations:
         - ["rutabaga", ["rutabaga-gunicorn", "squid-forwardproxy"]]

=== modified file 'lp/mojo-lp-snap-proxy/predeploy'
--- lp/mojo-lp-snap-proxy/predeploy	2015-11-24 01:54:12 +0000
+++ lp/mojo-lp-snap-proxy/predeploy	2015-12-17 22:42:20 +0000
@@ -3,8 +3,18 @@
 
 TOP="${0%/*}"
 
+create_admin_api_secret () {
+    python -c '
+import random
+import string
+
+print("".join(random.SystemRandom().choice(string.ascii_uppercase + string.digits) for _ in range(32)))
+'
+}
+
 case "${MOJO_STAGE##*/}" in
     devel)
+        ADMIN_API_SECRET=$(create_admin_api_secret)
         CONTAINER_NAME="${MOJO_DOWNLOADER_CONTAINER_NAME:-${MOJO_PROJECT}-builds}"
         STORAGE_URL="$(${TOP}/utils/get-swift-storage-url)"
         echo "Setting BUILD_LABEL..."
@@ -22,6 +32,7 @@
                 build_label: ${RUTABAGA_BUILD_LABEL}
                 swift_container_name: ${CONTAINER_NAME}
                 swift_storage_url: ${STORAGE_URL}
+                admin_api_secret: ${ADMIN_API_SECRET}
 EOF
         ;;
 esac