Tuesday, 2022-02-22

*** Guest7 is now known as diablo_rojo_phone17:24
*** diablo_rojo_phone is now known as Guest22917:24
clarkbAnyone else here for the meeting?19:00
ianwo/19:00
clarkb#startmeeting infra19:01
opendevmeetMeeting started Tue Feb 22 19:01:14 2022 UTC and is due to finish in 60 minutes.  The chair is clarkb. Information about MeetBot at http://wiki.debian.org/MeetBot.19:01
opendevmeetUseful Commands: #action #agreed #help #info #idea #link #topic #startvote.19:01
opendevmeetThe meeting name has been set to 'infra'19:01
clarkb#link http://lists.opendev.org/pipermail/service-discuss/2022-February/000322.html Our Agenda19:01
clarkb#topic Announcements19:01
clarkbThe service coordinator nomination period ended last week and I was the only one who was crazy enough to jump on it :)19:01
clarkb#topic Actions from last meeting19:03
clarkb#link http://eavesdrop.openstack.org/meetings/infra/2022/infra.2022-02-15-19.01.txt minutes from last meeting19:03
clarkb#link https://review.opendev.org/c/opendev/system-config/+/829882 Restore gerrit mergeability checking19:03
clarkbfrickler: got that chagne pushed up. I asked about doing some additional testing but after talkign to gerrit upstream over slack about it I think it is probably safe to proceed as is if we prefer19:03
clarkbbasically the behavior we should expect is that changes that are modified after the config update will get mergability checked. Changes that aren't updated won't have that info19:03
clarkbThen we'll need to monitor for overall load induced by the chagne. THough we don't expect it to be a problem19:05
clarkb#topic Topics19:05
clarkb#topic Improving OpenDev's CD throughput19:05
clarkbI didn't update this topic to reflect the gpg encryption of logs work, but I think that is realyl close now?19:06
ianwyes, after a few mis-steps in templates it worked :)19:06
ianwhttps://zuul.opendev.org/t/openstack/build/307b0e0e097c48daa959ee3b960f7ff5/logs19:06
ianwwhat I plan to do now is write up a change with some documentation, and to switch it to apply to all prod jobs19:07
clarkbcool. I guess infra-root should push up changes with their keys?19:07
ianwyep, can either do that now to test if you like, or after i write up some docs19:07
clarkbI'm not in a rush19:08
fungisame19:08
clarkbAnything else on this topic?19:08
ianwi'm hopeful it can help us get some more people interested in helping with prod jobs ... build it and they will come :)  that's the theory anyway :)19:09
clarkbif nothing else I think it continues to show how we can make use of zuul to help us operate things19:09
ianwnope ... although waiting for the various prod jobs to finish has increased my interest in finishing this parallel work!19:09
ianwoh, there were a few comments on the spec @19:09
ianw#link https://review.opendev.org/c/opendev/infra-specs/+/82164519:10
ianwsomething to read and ponder 19:10
ianwthat's all, thanks19:10
clarkb#topic Container maintenance19:11
clarkbNo real news on this other than I actually set time aside for looking at this later today with jentoio. No concrete time, but sometime this afternoon :) Hoping to start making progress on this19:11
clarkb#topic Spring Cleaning of Old Reviews19:12
clarkb#link https://review.opendev.org/q/topic:retirement+status:open Changes to retire all unused the repos.19:12
clarkbThis is where I'm at on that. I got all the repos running noop jobs and then pushed up retirement changes for them all.19:12
clarkbIf they still look retireable please approve and land those changes. Then I'll followup with a change that removes them from zuul and marks them retired in projects.yaml19:13
clarkbAnd we can abandon changes at that point too19:13
fungiabandoning should be done before approving the acl update, just a reminder19:14
clarkbPlease ping me somehow if you find something that shouldn't be retired that has been going through the process. I'll need to update some of my notes and rollback some updates19:14
clarkbfungi: ++ good point19:14
clarkb#topic Gitea 1.16.119:15
clarkb#link https://review.opendev.org/c/opendev/system-config/+/828184 Change to upgrade to 1.16.1 when we are ready19:15
clarkb#link https://104.130.74.7:3081/opendev/system-config Test site via held node here19:15
clarkbI think this is likely landable, but I was really hoping to get many eyes on this19:15
clarkbOur testing should represent good coverage but the large changelog scares me :)19:16
clarkbIf you have time to take a look it is much appreciated19:16
clarkbCross checking the changelog against our expectations is likely a good idea too (in addition to general functioanltiy via the test site)19:16
clarkb#topic Gerrit Gitea links19:17
clarkbHey this happened. Thank you to everyone who kept pushing it along19:17
fungithank you for the heavy lifting fixing gerrit upstream!19:17
clarkbThis required quite a bit more tweaking than I would've expected19:17
ianwclarkb: heh, just on the previous, i'm seeing that jinja thing agains system-config again19:18
clarkbianw: interesting. If I had to guess they reindex things periodically (maybe as a new change) and depending on how complete it is per repo maybe yo uget back weird results. That may be worth asking upstream about19:18
clarkbwe can try filing an issue with them in github I guess19:18
fungias part of the gitea linking work, we aldo disabled gitiles links in the gerrit webui (because they're effectively redundant)19:18
fungis/aldo/also/19:19
clarkbya I think at this point we're mostly waiting for anyone to notice and if they notice hopefully without issues :)19:19
ianwor, maybe it's just ... right - https://imgur.com/a/Yi79MSx19:19
fungii couldn't find any way to disable the gitiles plug-in because it's "core" to gerrit, but i have a change proposed to forbid access to /plugins/gitiles as a location in our apache proxy layer19:19
clarkbianw: heh it is a lot of nasible. But the flip flopping is curious19:19
clarkb#topic Rocky Linux19:22
clarkbJust a heads up that rocky images continue to be a work in progress. The most recent thing was we needed epel to install haveged19:22
clarkbI updated dib's epel role to support rocky so that we can get that in our builds and ianw made a dib release. We've updated nodepool to include that dib release and are just waiting for images to build now19:23
clarkbI think we're stuck behind all the other image builds right now so may be a bit. Might be nice to be able to prioritize a build in nodepool but I don't think that is currently possible19:23
ianwyesterday i almost deleted the centos-8 wheel afs volumes, but then i paused thinking rocky could use them19:24
fungican't even cancel the other builds to move it up the queue, i don't think19:24
ianwbut then i realised it is better to start them fresh anyway19:24
ianwif there is actually interest in that, because they have a lot of old stuff in them19:24
ianwfrom before fungi updated us to only build wheels that aren't upstream, etc.19:25
ianwso, unless there's objections, my plan is still to delete those volumes19:25
fungino objection from me19:25
clarkbif things are signed the signatures are likely different too?19:26
clarkboh wheels ya those aren't signed19:26
clarkbsorry I had in my head rpms19:26
clarkbBut ya I agree starting over is probably better19:26
clarkband I think rocky will be a good test case for mirroring less stuff and seeing how it goes19:26
clarkb#topic Open Discussion19:28
clarkbThat was what we had on the agenda. Anything else?19:28
clarkbI'm working on fixing Gerrit's server-sig-algs ssh key exchange extension support19:28
clarkbEventually Gerrit will be able to do modern rsa :)19:28
fungii've got openstack's release artifact signing key proposed for the zed cycle19:29
fungiif anyone wants to update it with additional attestations, you can find it here:19:29
fungi#link https://review.opendev.org/829933 Publish the Zed Cycle signing key for future use19:29
fungithe process for exporting the signed key with your added signature is in a comment in the index.rst file at the top of the list of key entries19:30
clarkbhttps://gerrit-review.googlesource.com/c/gerrit/+/331019 just pushed the gerrit fix for kex server sig algs19:30
fungiawesome, thanks!19:30
fungii assume best case that will only be available in 3.5.something?19:30
fungiseems like they're not backporting the mina-sshd update19:31
clarkbI think 3.619:32
ianwclarkb's gitea stats are going to start flipping to "java" soon :)19:32
clarkbianw: its ok gitea stopped syncing the gerrit repo :)19:32
clarkbwell we stopped syncing the gerrit repo so gerrit stopped pushing updates to gitea :)19:32
fungidid we ever retire that repo? should we?19:33
clarkbI thought about retiring it but keeping it for now seems fine19:33
clarkbI think my main concern is that we might need ti again for some reason. Though we have a good way to carry patches more distro packaging like in system-config if necessary19:33
ianwi find it tends to come up with higher priority in searches than the actual gerrit repos19:33
fungithat could be problematic19:34
ianwi should add for esoteric things where the only reference is in the actual code19:34
ianwor changelog19:35
clarkbianw: as you can probably tell I've just ended up with a local checkout :/19:36
clarkbworth noting you need bazel 5.0 for gerrit master and I had to do a whole dance for that and ended up with a 5GB docker image in the process19:36
fungiyikes19:37
fungireminds me of when i tried to `tox -e docs` in zuul/zuul recently and it died with enospc after consuming some 4gb of disk19:38
clarkbya similar situation. Turns out that build stuff is big19:39
clarkbAnyway sounds like that may be all for the meeting?19:39
clarkbthank you everyone. We'll see you here next week19:39
ianw++ thanks for hosting clarkb!19:39
clarkbBut then the week after I'll likely have to skip due to other engagements19:40
fungithanks clarkb!19:40
clarkb#endmeeting19:40
opendevmeetMeeting ended Tue Feb 22 19:40:08 2022 UTC.  Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)19:40
opendevmeetMinutes:        https://meetings.opendev.org/meetings/infra/2022/infra.2022-02-22-19.01.html19:40
opendevmeetMinutes (text): https://meetings.opendev.org/meetings/infra/2022/infra.2022-02-22-19.01.txt19:40
opendevmeetLog:            https://meetings.opendev.org/meetings/infra/2022/infra.2022-02-22-19.01.log.html19:40

Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!