[00:16:08] RECOVERY - Puppet run on tools-webgrid-generic-1403 is OK: OK: Less than 1.00% above the threshold [0.0] [00:26:19] (03PS1) 10Alex Monk: Add my (Alex M's) key to root if realm is labtest [labs/private] - 10https://gerrit.wikimedia.org/r/288736 [00:47:22] Hello, I've been getting a warning when I try to ssh into login.tools.wmflabs.org , and was wondering if it's safe to just ignore it. It says "REMOTE HOST IDENTIFICATION HAS CHANGED", and asks me to add an RSA key to my known_hosts. It also says this could be DNS spoofing a man-in-the-middle attack. Has anyone else seen this message? [00:48:24] cdrini: you should compare that to this https://wikitech.wikimedia.org/wiki/Help:SSH_Fingerprints/tools-login.wmflabs.org and if it matches, accept it. if it doesnt match, don't connect and open a ticket [00:48:56] it happens when servers are reinstalled ... or somebody actually tries to attack [00:49:36] Great, that's the key it's suggesting. Thanks for the help! [00:49:46] sure, you're welcome [00:50:39] to be fair, i should add "and check who last edited that wiki page" , heh [00:50:47] but it looks trustworthy :) [00:56:20] Haha, that would be a smart attack! [02:44:28] 06Labs, 10Tool-Labs: Update python-wikitools on Tool Labs - https://phabricator.wikimedia.org/T102862#1375558 (10MZMcBride) Somewhat inadvertently, I'm using the globally installed version of `wikitools` on Tool Labs. It is indeed version 1.1.1: ``` mzmcbride@tools-bastion-03:~$ grep ^VERSION /usr/lib/python2... [03:13:53] 06Labs, 10Tool-Labs, 06Operations, 13Patch-For-Review: toolserver.org certificate to expire 2016-06-30 - https://phabricator.wikimedia.org/T134798#2294608 (10yuvipanda) It's in relic.toolserver-legacy.eqiad.wmflabs [03:31:07] 06Labs, 10Labs-Kubernetes, 10Tool-Labs, 13Patch-For-Review: Setup NSS inside containers used in Tool Labs - https://phabricator.wikimedia.org/T134748#2294625 (10yuvipanda) a:03yuvipanda [08:34:52] PROBLEM - Host tools-bastion-01 is DOWN: CRITICAL - Host Unreachable (10.68.17.228) [08:40:13] PROBLEM - Puppet run on tools-services-02 is CRITICAL: CRITICAL: 44.44% of data above the critical threshold [0.0] [12:28:02] (03CR) 10Andrew Bogott: [C: 031] "This looks fine to me but I'd like a second opinion about if there's a different/better way to accomplish this" [labs/private] - 10https://gerrit.wikimedia.org/r/288736 (owner: 10Alex Monk) [12:30:27] 06Labs, 10Labs-Infrastructure, 13Patch-For-Review: Install python-requests-oauthlib on labs - https://phabricator.wikimedia.org/T130529#2294808 (10Billinghurst) Is there anything that now needs to be done? When running (or trying to) archivebot.py I continue to get the error message previously reported. [12:33:27] 06Labs, 10Labs-Infrastructure, 13Patch-For-Review: Install python-requests-oauthlib on labs - https://phabricator.wikimedia.org/T130529#2294810 (10Steinsplitter) as far i can see it isn't aviable on precise (https://gerrit.wikimedia.org/r/#/c/288619/2/modules/toollabs/manifests/genpp/python_exec_precise.pp)?... [12:33:49] 06Labs, 10Labs-Infrastructure, 13Patch-For-Review: Install python-requests-oauthlib on labs - https://phabricator.wikimedia.org/T130529#2294811 (10yuvipanda) Yup, it is unavailable on precise, so you will have to move to trusty. [12:34:24] * Steinsplitter pokes YuviPanda [12:35:15] about to go away soon, but wassup? [12:43:16] YuviPanda: i poked you on phab :), regading https://gerrit.wikimedia.org/r/#/c/288619/2/modules/toollabs/manifests/genpp/python_exec_precise.pp :( [12:44:03] Steinsplitter: I responded a little while ago I think, you need to use trusty. [12:45:28] YuviPanda: overlooked, thx. Do i have to add rel trusty to all my crontabs or is there a way to change it by default for a single user? [12:45:47] Steinsplitter: not yet, unfortunately. you have to add it to all your crontabs [12:45:54] ok, thx [12:47:06] np! [12:59:43] 06Labs: confirm that new base labs base image is adequate for kubernetes &c. - https://phabricator.wikimedia.org/T134944#2294831 (10yuvipanda) @Andrew if you enable this for the tools project, I can build a k8s node for it and see how it goes. [13:05:33] (03CR) 10Merlijn van Deen: "An alternative could be via hiera, using "passwords::root::extra_keys" (see https://wikitech.wikimedia.org/wiki/Hiera:Tools). I think that" [labs/private] - 10https://gerrit.wikimedia.org/r/288736 (owner: 10Alex Monk) [13:32:20] 06Labs, 10Labs-Infrastructure, 13Patch-For-Review: Install python-requests-oauthlib on labs - https://phabricator.wikimedia.org/T130529#2294835 (10Billinghurst) This is what I have jsub -N cron-tools.wikisource-bot-1 -once -quiet python scripts/archivebot.py User:Wikisource-bot/config -l release=trusty an... [13:35:01] 06Labs, 10Labs-Infrastructure, 13Patch-For-Review: Install python-requests-oauthlib on labs - https://phabricator.wikimedia.org/T130529#2294836 (10yuvipanda) You should add the '-l release=trusty' before your 'python' command. Right now it is just a parameter to your python script, rather than jsub itself. [13:44:37] (03CR) 10Alex Monk: "That's certainly a different way, but is it better?" [labs/private] - 10https://gerrit.wikimedia.org/r/288736 (owner: 10Alex Monk) [13:54:51] !log codereview.cr1 Set up instance, so that it is useable [13:54:52] codereview.cr1 is not a valid project. [13:55:16] !log Codereview.cr1 Set up instance, so that it is useable [13:55:16] Codereview.cr1 is not a valid project. [13:55:19] meh [13:56:43] !log codereview.cr1 Set up instance, so that it is useable [13:56:44] codereview.cr1 is not a valid project. [13:56:51] 06Labs, 10Labs-Infrastructure, 13Patch-For-Review: Install python-requests-oauthlib on labs - https://phabricator.wikimedia.org/T130529#2294845 (10Billinghurst) 05Open>03Resolved a:03yuvipanda ah, okay, the devil is in fine print. That works. Thanks muchly. [13:57:44] !log Codereview.cr1 Set up instance, so that it is useable [13:57:45] Codereview.cr1 is not a valid project. [13:58:00] what did I made wrong? Works with other projects like that :-/ [13:58:10] !log Codereview Set up instance cr1, so that it is useable [13:58:10] Codereview is not a valid project. [13:58:22] !log codereview.cr1 Set up instance, so that it is useable [13:58:22] codereview.cr1 is not a valid project. [13:58:33] !log codereview Set up instance cr1, so that it is useable [13:58:38] Logged the message at https://wikitech.wikimedia.org/wiki/Nova_Resource:Codereview/SAL, Master [13:58:40] hm [14:01:40] !log codereview.cr1 Set up the instance, so that it is useable [14:01:41] codereview.cr1 is not a valid project. [14:01:44] .... [14:09:28] Luke081515: The name of your project is "codereview" not "codereview." [14:10:10] If you type "groups" on the commandline you can see what groups you're in [14:10:26] multichill: Yep, but some people, including me have SALs for some instances too, I'm using that with . there too, and that works [14:22:02] RECOVERY - Puppet run on tools-exec-1219 is OK: OK: Less than 1.00% above the threshold [0.0] [14:48:07] RECOVERY - Puppet run on tools-exec-1402 is OK: OK: Less than 1.00% above the threshold [0.0] [16:49:51] 06Labs: confirm that new base labs base image is adequate for kubernetes &c. - https://phabricator.wikimedia.org/T134944#2295008 (10Andrew) Done: andrew@labcontrol1001:~$ source ~/novaenv.sh andrew@labcontrol1001:~$ openstack image set --owner tools 649bd26c-27b5-498d-afe5-1b6d2a0f0fd5 The image name is bd808_... [17:09:38] I was told before that reCaptcha wasn't allowed on tool labs because was a violation of the Labs ToU because it is user tracking. Cluebot's review interface is using it here: http://tools.wmflabs.org/cluebot/?page=Create+Account so is that page violating the ToU or is reCaptcha allowed? [18:16:51] RECOVERY - Puppet run on tools-webgrid-lighttpd-1415 is OK: OK: Less than 1.00% above the threshold [0.0] [18:51:11] 10Tool-Labs, 13Patch-For-Review: Install xml2 on labs - https://phabricator.wikimedia.org/T134146#2295092 (10Kelson) Thank you, I have already use it and it works well. [21:13:27] Cyberpower678: Those pull requests you approved for xtools - were they applied to the live version? [21:25:50] Hey, I need login to osmit-tre.equiad.wmflabs user sbiribizio added me to the osmit project but he said I should ask for a bastion role. Is this the right place to ask for? [21:29:40] alezenait: by bastion role, are you referring to a shell account? [21:30:06] well, I think so [21:30:26] fortunately, that's easy to get [21:30:45] https://wikitech.wikimedia.org/wiki/Help:Tool_Labs#Quick_start [21:30:52] ^ that'll get you a shell login [21:34:32] ok, I've already done the 1 - 5 steps, hope the request at #2 was correct [21:48:14] Matthew_, not yet [21:48:38] Are you going to? [21:48:55] not at the moment [21:52:14] Matthew_, perhaps I don't need to reinvent the wheel... https://tools.wmflabs.org/cluebot/?page=Create+Account [21:52:25] Hm... [21:53:39] Unless that's violating the Terms of Use..... [23:33:01] Anyone got a minute to review some code and tell me why something isn't working [23:33:19] depends what it is [23:33:50] It's to mark templates as closed for closed appeals on UTRS [23:33:50] https://github.com/UTRS/utrs/blob/master/public_html/src/UTRSBot.class.php [23:34:08] Line 153 is returning a boolean and I don't know why. The query executes just fine on mysql. [23:34:36] the file has 104 lines... [23:34:48] something has gone wrong if you hit line 153 [23:34:59] My bad, wrong branch https://github.com/UTRS/utrs/blob/UTRSBot/public_html/src/UTRSBot.class.php [23:38:27] TParis, where is connectToDB defined? [23:38:50] in /src/unblocklib.php [23:39:44] what's your $CONFIG['db']['dsn'] ? [23:39:54] RECOVERY - Puppet run on tools-grid-master is OK: OK: Less than 1.00% above the threshold [0.0] [23:40:09] and what does your $db->errorInfo() call return? [23:40:48] Array ( [0] => 00000 [1] => [2] => ) [23:40:59] useful... [23:41:13] so what's your dsn config set to? [23:41:16] I did a gettype on $row and it returned boolean [23:41:48] It's set correctly, connectToDB() is used in the whole system and works. [23:42:08] what is the value? [23:45:33] mysql:host=localhost;dbname=beta; [23:46:30] 06Labs, 10Tool-Labs, 07Tracking: Initial Deployment of Kubernetes to Tool Labs (Tracking) - https://phabricator.wikimedia.org/T111885#2295242 (10yuvipanda) [23:46:32] 06Labs, 10Labs-Sprint-115, 10Tool-Labs, 10labs-sprint-116, 10labs-sprint-118: Write admission controller disabling mounting of unauthorized volumes - https://phabricator.wikimedia.org/T112718#2295240 (10yuvipanda) 05Resolved>03Open This is actually necessary, since the containers still run with gid 0... [23:49:45] TParis, so logging into mysql with that exact hostname and database name, then running the query with :appealid substituted succeeds? [23:50:17] Yes, returns status => "CLOSED" [23:50:44] ... [23:50:46] fuck [23:50:54] Thank you Krenair, you've been a huge help [23:51:22] What was the result? [23:51:27] The fix* even [23:51:29] The appeal id's on-wiki come from the utrs database, not the beta database. [23:51:41] And I've been running the query on utrs, not beta. [23:51:47] :D [23:52:22] But the code has been running it on beta, which won't have the right id's. [23:53:02] so a successful query returning no rows? [23:53:22] It was returning false because there were no rows, which explains the boolean type [23:53:43] When I ran it on the mysql interface, I ran it on utrs, not beta [23:53:50] Which is why I was getting a successful result [23:53:53] Which is why I was stumped. [23:54:13] It would've taken me hours to realize how boneheaded I was. [23:55:48] when you run into mismatching things like this it's a good idea to check your assumptions about the context you're running things under [23:56:15] Well thanks for pressuring me to go check [23:56:31] Clearly my stubbornness is to blame for this [23:57:35] This sort of thing is easy to get stuck on, don't blame yourself too much :)