Closed Bug 1016006 Opened 10 years ago Closed 10 years ago

Review Board dev server needs hg server

Categories

(bugzilla.mozilla.org :: Infrastructure, defect)

Product:
bugzilla.mozilla.org
Component:
Infrastructure
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: mcote, Assigned: bkero)

References

Details

(Whiteboard: [kanban:https://kanbanize.com/ctrl_board/4/213] ) 

Review Board integration with core code requires an hg server to push to.  According to gmiroshnykov, it should reside on the same machine.  Instructions are here:

https://github.com/laggyluke/reviewboard-mercurial-hook#readme
Blocks: 889431
The details of this need are currently being discussed in email. When that resolves to something actionable (before end of week), this bug will be updated, and likely become a tracker for requesting dedicated hosts, etc.
Assignee: server-ops-webops → bkero
Based on email thread, we need to set the staging server up as a pre-production instance. (I.e. the configuration and data will migrate into the full production instance, but this setup does not need to meet performance & load goals for now.) This instance is an application setup, and the repositories are separate from the VCS.

The following requirements may be new:
 - separate Hg server, latest or next-to-latest version preferred
 - ssh logins allowed using hg vcs credentials
 - 10GB space for repository to grow (can start with 3GB to speed things up)
 - hgweb instance to display the one repository
 - flows from the internet to ssh, https ports
 - official IT backup of all review board & repository data
 - allow project developer access to hg configuration, especially hooks
 - none of the usual hooks should be deployed (push urls, single head, pushlog, etc.)

Repository should be created as a clone of mozilla-central, with scm level 1 permissions.
OS: Mac OS X → All
Hardware: x86 → All
- The servers are set up

True for -dev:
- SSH logins via LDAP are enabled
- There is 30GB space available on the hosts
- The hg-web instance of mozilla-central has been set up with scm_level_1 permissions.
  - This can be cloned via 'hg clone ssh://ldapuser@m.c@reviewboard-dev.allizom.org: mozilla-central
  - This is browsable at http://reviewboard-dev.allizom.org/repo
- Flows have been created for ssh and http(s)

- I'm unfamiliar with the backup system IT uses, so that will have to go to the systems team to enable
- I'm unsure the best method to give developers access to hg configuration. Any straightforward ideas?
As a quick check, since its mirroring production data (to my understanding) all the data handled/store is public right? (ie data that is otherwise available to the world).
(if so we're good)
Flags: needinfo?(hwine)
Yeah, we are actually explicitly disallowing reviews for confidential bugs, so no security or otherwise private patches should be pushed to the review repo.
:kang - :mcote is running the project and knows the various databases involved for any future security questions.
Flags: needinfo?(hwine)
Whiteboard: [kanban:https://kanbanize.com/ctrl_board/4/213]
Component: WebOps: Bugzilla → Infrastructure
Product: Infrastructure & Operations → bugzilla.mozilla.org
:kang - yup, we will be using Review Board *only* for nonconfidential patches.  Any confidential patches, for security or whatever else, will still be using splinter for the foreseeable future.

Resolving this, since our dev instance is good, and I don't think we're going to bother with a staging site, for now at least (I think we'll keep reviewboard.allizom.org up for a bit, but running the old stuff).
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Summary: Review Board dev and staging servers need hg servers → Review Board dev server needs hg server
You need to log in before you can comment on or make changes to this bug.