[00:28:14] 10GitLab (CI & Job Runners), 10serviceops: upgrade gitlab-runners to bullseye - https://phabricator.wikimedia.org/T297659 (10Dzahn) I made a new VM in the "gitlab-runners" project. runner-1020. It's running on bullseye and a runner is installed and active on it now but it's only for demo purposes, could not u... [00:39:14] 10GitLab (CI & Job Runners), 10serviceops: upgrade gitlab-runners to bullseye - https://phabricator.wikimedia.org/T297659 (10Dzahn) [02:35:18] 10Release-Engineering-Team (Radar), 10Research (FY2021-22-Research-April-June), 10User-brennen: Define Metrics for Change Failure Percentage - https://phabricator.wikimedia.org/T289567 (10leila) [07:59:12] When anyone has a minute to review this CI config change: https://gerrit.wikimedia.org/r/c/integration/config/+/778287 [08:10:11] 10Phabricator, 10Privacy: Investigate ways to enforce username usage within Phabricator - https://phabricator.wikimedia.org/T304864 (10Tgr) I think this is a good practice even apart from privacy expectations - when someone's real name and handle differs, comments addressing them by their real name become conf... [08:53:29] 10Phabricator, 10Project-Admins, 10DBA, 10Developer Productivity: Fold Phab tags for optimizer-bug and Slow-DB-Query tag under Wikimedia-database-error - https://phabricator.wikimedia.org/T305639 (10Ladsgroup) I can start monitoring #wikimedia-database-error but I suggest at least renaming database error t... [09:16:01] addshore: Any chance you can recode the team-a-tech & team-b-tech project/tag names on phab, that naming provides very little context on locations where tags appear thoughout phabricator [09:25:32] (03PS1) 10David Caro: operations-puppet: Add possibility to use custom facts [integration/config] - 10https://gerrit.wikimedia.org/r/778474 [09:34:02] s/recode/rename [09:38:42] 10Phabricator, 10Privacy: Investigate ways to enforce username usage within Phabricator - https://phabricator.wikimedia.org/T304864 (10Peachey88) I don't think its something that can ever be fully prevented, But maybe we could encourage in the etiquette and similar documents with examples such as "When you nee... [10:08:47] (03CR) 10David Caro: [C: 04-1] "This is not needed if https://gerrit.wikimedia.org/r/c/operations/puppet/+/778477 gets in instead (preferred)." [integration/config] - 10https://gerrit.wikimedia.org/r/778474 (owner: 10David Caro) [10:25:01] 10GitLab (CI & Job Runners), 10serviceops: upgrade gitlab-runners to bullseye - https://phabricator.wikimedia.org/T297659 (10Jelto) I like the idea of putting the bullseye runner `runner-1020` into the `gitlab-runners` project. That reduces overhead around the puppet and hiera configuration. > I haven't actua... [10:50:05] hashar: If you have time, https://gerrit.wikimedia.org/r/c/integration/config/+/778287 [10:52:28] 10Gerrit, 10Data³: Investigate sending Gerrit events to our data lake - https://phabricator.wikimedia.org/T304947 (10hashar) From https://wikitech.wikimedia.org/wiki/Event_Platform/Schemas/Guidelines, the events have to be extended to include a few more fields: | $schema | A URI identifying the JSONSchema for... [10:52:47] awight: good morning :] [10:52:49] well kind of [10:53:34] (03CR) 10Hashar: [C: 03+2] Kartographer tests depend on FlaggedRevs [integration/config] - 10https://gerrit.wikimedia.org/r/778287 (https://phabricator.wikimedia.org/T304813) (owner: 10Awight) [10:53:39] awight: deploying! [10:53:52] O_O thank you! [10:54:00] the whole system is crazy really [10:54:27] hehe how could it not be [10:54:28] so for that use case there would be nothing preventing FlaggedRevs to introduce change that might end up breaking Kartographer [10:54:41] hence why we went with the gated extension wmf-quibble* jobs [10:54:49] but those blindly run everything [10:55:12] I am contemplating a system that would let us craft a job that runs solely the integration tests for FlaggedRevs + Kartographer [10:55:41] it would clone all required dependencies but run PHPUnit / wdio with some filter to only run the subset of tests that exercise the coupling between those tow [10:55:56] Mostly I'm adding it for a specific patch which is skipped w/o FlaggedRevs, but that's a good point that the gated job would have had the same effect, if I was willing to suppress the phan warnings or only add the dependency for phan. [10:55:57] which mean moaaare jobs :-\ [10:56:03] yeah it is good [10:56:05] no complaint [10:56:08] that is the best we can do right now [10:56:14] (03Merged) 10jenkins-bot: Kartographer tests depend on FlaggedRevs [integration/config] - 10https://gerrit.wikimedia.org/r/778287 (https://phabricator.wikimedia.org/T304813) (owner: 10Awight) [10:57:01] Kartographer is in the gated extension system but FlaggedRevs is not [10:57:22] ooh! Seems like an important one to have in there, since it's so aggressive. [11:08:29] !log Reloading Zuul for https://gerrit.wikimedia.org/r/778287 [11:08:30] Logged the message at https://wikitech.wikimedia.org/wiki/Release_Engineering/SAL [11:30:33] p858snake: I'll add wmde to the name or something :) [11:31:40] yes, namespacing project tags is always handy, esay to pick out which ones to not pay attention to (i commonly skim read the "new tasks" pane etc) [11:33:14] (03CR) 10Zfilipin: Add selenium daily job to Vector (031 comment) [integration/config] - 10https://gerrit.wikimedia.org/r/777884 (https://phabricator.wikimedia.org/T301184) (owner: 10Jdlrobson) [14:00:54] hashar: Maybe I misunderstood how phan_dependencies works, but I'm surprised by https://integration.wikimedia.org/ci/job/mwext-php72-phan-docker/173951/console [14:01:17] I see the FlaggedRevs extension loaded, so why would its classes be unknown to phan? [14:01:29] hmm [14:01:55] so that is a change for Kartographer [14:02:12] the CI change from earlier injects the build parameter EXT_DEPENDENCIES=mediawiki/extensions/FlaggedRevs\nmediawiki/extensions/GeoData\nmediawiki/extensions/JsonConfig [14:02:26] which causes Quibble to clone all those repositories [14:02:30] Which looks good... [14:02:42] as can be seen by 00:00:21.700 INFO:zuul.Cloner.mediawiki/extensions/FlaggedRevs:Prepared mediawiki/extensions/FlaggedRevs repo with branch master at commit f5f8018e4473ac8ac7ac9460cad95e233a58e49b [14:03:01] theen composer kicks in and Installing phan/phan (5.2.0): Extracting archive [14:03:27] then that runs the releng/mediawiki-phan image [14:03:43] which does exec vendor/bin/phan -d . --long-progress-bar --color --require-config-exists [14:03:45] BUT [14:03:48] * hashar rolls the drum [14:04:03] phan requires configuration in Kartographer .phan/config.whatever [14:04:12] to let it now about FlaggedRevs [14:04:20] ooh ty! [14:04:37] yeah [14:04:41] `.phan/config.php` [14:05:00] you need to add FlaggedRevs to both `directory_list` and `exclude_analysis_directory_list` array [14:05:23] there is a task floating around to make the phan config generated from fields in extension.json [14:05:54] meanwhile folks copy paste :/ [14:07:57] The sad part is that I've done this before, but completely forgot about all the secret keys to turn. [14:08:57] 10GitLab: Enabling CORS for raw file URLs - https://phabricator.wikimedia.org/T305700 (10diegodlh) [14:14:05] hashar: I've been thinking that maybe we should just have .phan/config.php include ../* for simplicity? [14:18:54] hashar: fyi, I discovered that the CI job *was* already including FlaggedRevs, I don't know why. e.g. https://integration.wikimedia.org/ci/job/quibble-vendor-mysql-php72-noselenium-docker/145607/consoleFull [14:19:01] Not worried but I thought you might want to know. [14:19:16] James_F: on CI that would work for sure [14:19:32] but for developers they might have more extensions [14:19:53] awight: there are two set of dependencies! [14:20:10] awight: for that last job which runs the tests, the dependencies are processed recursively [14:20:30] Eh. [14:20:33] but for phan we use a second list of dependencies in zuul/parameters_function.py [14:20:35] Thanks for the explanation! [14:20:48] and that list intended for Phan is NOT processed recursively [14:21:13] much like the directories in .phan/config.php are not processing recursively the phan/config.php files of other directories [14:21:33] there is some generic doc at https://www.mediawiki.org/wiki/Continuous_integration/Phan [14:21:44] and for extensions specifically it is https://www.mediawiki.org/wiki/Continuous_integration/Tutorials/Add_phan_to_a_MediaWiki_extension [14:22:27] and the task to make the .phan/config.php magic is https://phabricator.wikimedia.org/T237447 [14:22:33] which is unfunded [14:22:38] loll [14:22:59] (03CR) 10Jdlrobson: Add selenium daily job to Vector (031 comment) [integration/config] - 10https://gerrit.wikimedia.org/r/777884 (https://phabricator.wikimedia.org/T301184) (owner: 10Jdlrobson) [14:23:13] I think I will end up taking some vacations to have some quiet time to work on a proposal to address the development tooling issue :] [14:23:20] be it phan, phpunit or quibble [14:23:37] or better, I should commit to allocate time to tackle that problem [14:23:59] James_F: for magic .phan/config.php the task is https://phabricator.wikimedia.org/T237447 [14:25:45] or maybe https://phabricator.wikimedia.org/T250380 [14:27:56] ah and https://phabricator.wikimedia.org/T225112#5241339 [14:29:02] anyway I am off and in vacations for a week :] [14:29:10] happy phan and happy hacking [14:31:35] 10GitLab: Enabling CORS for raw file URLs - https://phabricator.wikimedia.org/T305700 (10diegodlh) Just adding that as a workaround I configured mirroring the repository to Github and I'm using Github raw file URLs for now, which do support CORS. For example: https://raw.githubusercontent.com/web2cit/w2c-core/ma... [14:33:22] 10GitLab, 10Security-Team, 10Security: Enabling CORS for raw file URLs - https://phabricator.wikimedia.org/T305700 (10Stang) [14:35:08] hashar: Enjoy! And no thinking about this on vacation :+1: [14:42:10] 10Phabricator, 10Privacy: Investigate ways to enforce username usage within Phabricator - https://phabricator.wikimedia.org/T304864 (10sbassett) I have boldly added [[ https://www.mediawiki.org/w/index.php?title=Bug_management/Phabricator_etiquette&type=revision&diff=5153594&oldid=5122036&diffmode=visual | a n... [14:42:16] (03CR) 10Zfilipin: Add selenium daily job to Vector (031 comment) [integration/config] - 10https://gerrit.wikimedia.org/r/777884 (https://phabricator.wikimedia.org/T301184) (owner: 10Jdlrobson) [14:56:28] (03CR) 10Jdlrobson: Add selenium daily job to Vector (031 comment) [integration/config] - 10https://gerrit.wikimedia.org/r/777884 (https://phabricator.wikimedia.org/T301184) (owner: 10Jdlrobson) [15:13:21] Yippee, build fixed! [15:13:21] Project mwcore-phpunit-coverage-master build #2059: 09FIXED in 13 min: https://integration.wikimedia.org/ci/job/mwcore-phpunit-coverage-master/2059/ [15:20:25] 10GitLab (Project Migration), 10Data-Engineering, 10Data-Engineering-Kanban, 10Product-Analytics, 10wmfdata-python: Move Wmfdata-Python from Github to Gitlab - https://phabricator.wikimedia.org/T304544 (10Milimetric) a:03Milimetric [15:32:08] 10Release-Engineering-Team: Apache docker image used in CI strips Authorization header - https://phabricator.wikimedia.org/T305709 (10Jakob_WMDE) [15:35:14] (03PS1) 10Ahmon Dancy: Add clear-deploy-mwdebug-error Makefile target [tools/release] - 10https://gerrit.wikimedia.org/r/778535 (https://phabricator.wikimedia.org/T299648) [15:36:27] (03CR) 10Ahmon Dancy: [C: 03+2] Add clear-deploy-mwdebug-error Makefile target [tools/release] - 10https://gerrit.wikimedia.org/r/778535 (https://phabricator.wikimedia.org/T299648) (owner: 10Ahmon Dancy) [15:37:30] (03Merged) 10jenkins-bot: Add clear-deploy-mwdebug-error Makefile target [tools/release] - 10https://gerrit.wikimedia.org/r/778535 (https://phabricator.wikimedia.org/T299648) (owner: 10Ahmon Dancy) [17:00:46] 10Project-Admins: Create project tag for Security API Service - https://phabricator.wikimedia.org/T305728 (10sbassett) [17:10:23] 10Release-Engineering-Team, 10MW-on-K8s, 10serviceops, 10Kubernetes: Kubernetes credentials on deployment servers should be available to deployers, not all users - https://phabricator.wikimedia.org/T305729 (10Joe) [17:36:46] 10GitLab (CI & Job Runners), 10Security Team AppSec, 10Security-Team, 10Security: Support conda environments with a new template - https://phabricator.wikimedia.org/T305732 (10sbassett) [17:37:10] 10GitLab (CI & Job Runners), 10Security Team AppSec, 10Security-Team, 10Security, 10user-sbassett: Support conda environments with a new template - https://phabricator.wikimedia.org/T305732 (10sbassett) 05Open→03In progress p:05Triage→03Medium [17:37:14] 10GitLab (CI & Job Runners), 10Security Team AppSec, 10Security-Team, 10Security: Design and Build Application Security Pipeline Components for Gitlab - https://phabricator.wikimedia.org/T289290 (10sbassett) [17:38:24] 10GitLab (CI & Job Runners), 10Security Team AppSec, 10Security-Team, 10Security, 10user-sbassett: Support conda environments with a new gitlab appsec ci template - https://phabricator.wikimedia.org/T305732 (10sbassett) [20:12:09] 10Release-Engineering-Team (Deployment Training Requests): Deployment training request for **Daniel Kinzler** - https://phabricator.wikimedia.org/T304955 (10thcipriani) 05Open→03Resolved a:03thcipriani >>! In T304955#7837144, @ArielGlenn wrote: > Daniel did indeed show up, get a refresher training, and do... [20:12:22] 10Release-Engineering-Team (Deployment Training Requests): Deployment training request for **Daniel Kinzler** - https://phabricator.wikimedia.org/T304955 (10thcipriani) a:05thcipriani→03ArielGlenn [20:23:42] 10GitLab, 10Wikimedia-Interwiki-links: Evaluate an interwiki to WMF GitLab - https://phabricator.wikimedia.org/T305755 (10valerio.bozzolan) [20:27:21] 10GitLab, 10Wikimedia-Interwiki-links: Evaluate an interwiki to WMF GitLab - https://phabricator.wikimedia.org/T305755 (10Reedy) Seems a good idea. Needs doing at https://meta.wikimedia.org/wiki/Interwiki_map and then pulling through to production [20:33:58] 10GitLab, 10Wikimedia-Interwiki-links: Evaluate an interwiki to WMF GitLab - https://phabricator.wikimedia.org/T305755 (10valerio.bozzolan) [21:02:15] 10GitLab (CI & Job Runners), 10Security Team AppSec, 10Security-Team, 10Security, 10user-sbassett: Support conda environments with a new gitlab appsec ci template - https://phabricator.wikimedia.org/T305732 (10sbassett) See also: https://pythonspeed.com/articles/conda-security-scans/ [21:32:13] 10GitLab (CI & Job Runners), 10Release-Engineering-Team, 10Security Team AppSec, 10Security-Team, and 3 others: Evaluate and confirm potential licensing issues for gitlab appsec pipeline tools - https://phabricator.wikimedia.org/T304737 (10Legoktm) Sorry about the delay. tl;dr: By letter of policy, anythi... [21:34:04] (03CR) 10Krinkle: Add selenium daily job to Vector (031 comment) [integration/config] - 10https://gerrit.wikimedia.org/r/777884 (https://phabricator.wikimedia.org/T301184) (owner: 10Jdlrobson) [21:46:16] 10GitLab (Integrations), 10GitLab-Test, 10Phabricator, 10Release-Engineering-Team (Next), and 2 others: Experiment with GitLab-Phabricator integration - https://phabricator.wikimedia.org/T265617 (10thcipriani) I experiemented with a [[ https://gitlab.wikimedia.org/help/user/project/integrations/custom_issu... [22:49:59] 10GitLab (CI & Job Runners), 10serviceops: upgrade gitlab-runners to bullseye - https://phabricator.wikimedia.org/T297659 (10Dzahn) >>! In T297659#7840520, @Jelto wrote: > So I can confirm `runner-1020` shows up in the GitLab admin area. And it already executed 8 jobs mostly successfully (2 jobs failed due to...