This repository has been archived by the owner on Apr 17, 2023. It is now read-only.
Add the possibility to disable background tasks #1631
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
mssola
suggested changes
Jan 25, 2018
lib/portus/background/registry.rb
Outdated
| @@ -14,9 +14,13 @@ def sleep_value | |||
| # options and because the `execute!` method will deal with valid rows | |||
| # already. | |||
| def work? | |||
| true | |||
There was a problem hiding this comment.
You should've left this as it was
lib/portus/background/registry.rb
Outdated
| end | ||
|
|
||
| def enabled? | ||
| return APP_CONFIG("background.registry") |
There was a problem hiding this comment.
Don't use return, ruby will implicitly return the last eval'd object. Moreover, it should be like this:
APP_CONFIG.enabled?("background.registry")
config/config.yml
Outdated
|
|
||
| background: | ||
| registry: true | ||
| sync: true |
There was a problem hiding this comment.
Prefer the convention:
background:
registry:
enabled: true
sync: true
enabled: true| @@ -17,6 +17,10 @@ def work? | |||
| ::Portus::Security.enabled? && Tag.exists?(scanned: Tag.statuses[:scan_none]) | |||
| end | |||
|
|
|||
| def enabled? | |||
| return ::Portus::Security.enabled? | |||
lib/portus/background/sync.rb
Outdated
| @@ -18,6 +18,10 @@ def work? | |||
| true | |||
| end | |||
|
|
|||
| def enabled? | |||
| return APP_CONFIG("background.sync") | |||
termdew
force-pushed
the
DisableBackgroundTasks
branch
8 times, most recently
from
a568ef3
to
e4242f1
Compare
mssola
suggested changes
Jan 29, 2018
lib/portus/background/registry.rb
Outdated
| else | ||
| APP_CONFIG.enabled?("background.registry") | ||
| end | ||
| end |
There was a problem hiding this comment.
I don't think APP_CONFIG("background.registry") will work. Do this instead:
def enabled?
val = APP_CONFIG.enabled?("background.registry")
Rails.logger.warn("WARNING: Registry is disabled!") unless val
val
endAfter that, notice the following:
- You don't have to start the message with
WARNING, since thewarnmethod will already cover that. - The message might not be clear to users. Instead, prefer something like: "Registry integration has been disabled. This is highly discouraged!". For the
sync: "Registry synchronization has been disabled. This can lead into consistency problems!"
mssola
added a commit
to mssola/Portus
that referenced
this pull request
Feb 9, 2018
We have historically struggled with the synchronization of the Registry. This was developed at first because the following situation could happen: 1. User pushes image:tag. 2. Portus authorizes the transaction. 3. Registry sends the event to Portus with all the data, but Portus is unavailable. 4. Portus is up again but it missed the registry event. This is not the case anymore, because all the things that could make Portus unavailable have been either fixed or moved into the background process. Thus, this problem can be ignored in most cases. Moreover, this feature is quite dangerous because a bug on this code can make Portus wipe all the repositories, and historically "funny" issues have happened. This commit builds upon SUSE#1631 where background tasks can be disabled, and it disables the `sync` task by default. Moreover, it also adds a `sync-strategy` option which is available when users enable this feature. This option has four possible values: - `update-delete`: the same behavior we've had up until now. - `update`: similar to `update-delete` but this one will not delete repositories which no longer exist on the registry. This is useful for users which don't trust the risky `update-delete` strategy. - `on-start`: execute `update-delete` only once (on start). - `initial`: execute `update-delete` only once on start and only if the registry is empty. This is the default strategy since it might be convenient for new users that have already a running registry. This commit does not fix all the issues mentioned in SUSE#1631, but it hopefully does the trick for most users. Fixes SUSE#1650 Fixes SUSE#1664 See SUSE#1599 Depends on SUSE#1631 Signed-off-by: Miquel Sabaté Solà <[email protected]>
I have removed all the code that is deprecated in 2.3. Thus: - Removed `portusctl` in favor of openSUSE/portusctl. - Removed deprecated methods from lib/portus/migrate.rb. - Removed rake tasks that dealt with deprecated functionality (e.g. man pages for portusctl). Signed-off-by: Miquel Sabaté Solà <[email protected]>
Both Thor and md2man were used by the old `portusctl`, which has been removed. Signed-off-by: Miquel Sabaté Solà <[email protected]>
Signed-off-by: Miquel Sabaté Solà <[email protected]>
Signed-off-by: Miquel Sabaté Solà <[email protected]>
Signed-off-by: Miquel Sabaté Solà <[email protected]>
The version and the health endpoints needed an entity, so they could be better documented. Moreover, I've adapted some strings (e.g. removing dots), so it's better suited for efforts like SUSE#1645. Signed-off-by: Miquel Sabaté Solà <[email protected]>
Depends on SUSE#1645 Signed-off-by: Miquel Sabaté Solà <[email protected]>
Fixes SUSE#1632 Signed-off-by: Miquel Sabaté Solà <[email protected]>
There were some calls to present which were missing the type context. This should fix some oddities. Signed-off-by: Miquel Sabaté Solà <[email protected]>
Fixes SUSE#1654 Signed-off-by: Miquel Sabaté Solà <[email protected]>
This also clarifies some issues that we had with asset-related gems. See SUSE/velum#432 Fixes SUSE#1655 Signed-off-by: Miquel Sabaté Solà <[email protected]>
It will only remove `bundler`, which we need... Signed-off-by: Miquel Sabaté Solà <[email protected]>
Signed-off-by: Miquel Sabaté Solà <[email protected]>
After a security scanning iteration, some tags might not be in a :scan_done state. This is possible in situtations like: - Clair was unavailable for some time because of a hiccup. - There's an actual bug on the security scanning. In these cases, we will check in the end of the iteration whether all tags have been marked as scan. If this is not the case, then we will log a warning and mark the failed tags as :scan_none (so in the next iteration they can be picked up and hopefully be scanned properly this time). See SUSE#1649 Signed-off-by: Miquel Sabaté Solà <[email protected]>
Some images like `node:8` had so many vulnerabilities that then the stored JSON was huge. This is a temporary fix because we are about to release 2.3 and this fix is needed. A more suitable approach is the one mentioned in SUSE#1669. Fixes SUSE#1657 Signed-off-by: Miquel Sabaté Solà <[email protected]>
This commit adds two new endpoints: `/vulnerabilities` and `/vulnerabilities/:id`. Both these endpoints require admin privileges, and they will simply toggle the `scanned` column of tags so the scanning task can pick them up. This commit does not deal with the UI part, it simply provides the backend code. The frontend code can be delivered later on. See SUSE#1658 Signed-off-by: Miquel Sabaté Solà <[email protected]>
termdew
force-pushed
the
DisableBackgroundTasks
branch
from
e4242f1
to
5f88e65
Compare
|
This has moved into #1679. |
mssola
added a commit
to mssola/Portus
that referenced
this pull request
Feb 12, 2018
We have historically struggled with the synchronization of the Registry. This was developed at first because the following situation could happen: 1. User pushes image:tag. 2. Portus authorizes the transaction. 3. Registry sends the event to Portus with all the data, but Portus is unavailable. 4. Portus is up again but it missed the registry event. This is not the case anymore, because all the things that could make Portus unavailable have been either fixed or moved into the background process. Thus, this problem can be ignored in most cases. Moreover, this feature is quite dangerous because a bug on this code can make Portus wipe all the repositories, and historically "funny" issues have happened. This commit builds upon SUSE#1631 where background tasks can be disabled, and it disables the `sync` task by default. Moreover, it also adds a `sync-strategy` option which is available when users enable this feature. This option has four possible values: - `update-delete`: the same behavior we've had up until now. - `update`: similar to `update-delete` but this one will not delete repositories which no longer exist on the registry. This is useful for users which don't trust the risky `update-delete` strategy. - `on-start`: execute `update-delete` only once (on start). - `initial`: execute `update-delete` only once on start and only if the registry is empty. This is the default strategy since it might be convenient for new users that have already a running registry. This commit does not fix all the issues mentioned in SUSE#1631, but it hopefully does the trick for most users. Fixes SUSE#1650 Fixes SUSE#1664 See SUSE#1599 Depends on SUSE#1631 Signed-off-by: Miquel Sabaté Solà <[email protected]>
mssola
added a commit
to mssola/Portus
that referenced
this pull request
Feb 12, 2018
We have historically struggled with the synchronization of the Registry. This was developed at first because the following situation could happen: 1. User pushes image:tag. 2. Portus authorizes the transaction. 3. Registry sends the event to Portus with all the data, but Portus is unavailable. 4. Portus is up again but it missed the registry event. This is not the case anymore, because all the things that could make Portus unavailable have been either fixed or moved into the background process. Thus, this problem can be ignored in most cases. Moreover, this feature is quite dangerous because a bug on this code can make Portus wipe all the repositories, and historically "funny" issues have happened. This commit builds upon SUSE#1631 where background tasks can be disabled, and it disables the `sync` task by default. Moreover, it also adds a `sync-strategy` option which is available when users enable this feature. This option has four possible values: - `update-delete`: the same behavior we've had up until now. - `update`: similar to `update-delete` but this one will not delete repositories which no longer exist on the registry. This is useful for users which don't trust the risky `update-delete` strategy. - `on-start`: execute `update-delete` only once (on start). - `initial`: execute `update-delete` only once on start and only if the registry is empty. This is the default strategy since it might be convenient for new users that have already a running registry. This commit does not fix all the issues mentioned in SUSE#1631, but it hopefully does the trick for most users. Fixes SUSE#1650 Fixes SUSE#1664 See SUSE#1599 Depends on SUSE#1631 Signed-off-by: Miquel Sabaté Solà <[email protected]>
mssola
added a commit
to mssola/Portus
that referenced
this pull request
Feb 12, 2018
We have historically struggled with the synchronization of the Registry. This was developed at first because the following situation could happen: 1. User pushes image:tag. 2. Portus authorizes the transaction. 3. Registry sends the event to Portus with all the data, but Portus is unavailable. 4. Portus is up again but it missed the registry event. This is not the case anymore, because all the things that could make Portus unavailable have been either fixed or moved into the background process. Thus, this problem can be ignored in most cases. Moreover, this feature is quite dangerous because a bug on this code can make Portus wipe all the repositories, and historically "funny" issues have happened. This commit builds upon SUSE#1631 where background tasks can be disabled. Moreover, it also adds a `sync-strategy` option which is available when users enable this feature. This option has four possible values: - `update-delete`: the same behavior we've had up until now. - `update`: similar to `update-delete` but this one will not delete repositories which no longer exist on the registry. This is useful for users which don't trust the risky `update-delete` strategy. - `on-start`: execute `update-delete` only once (on start). - `initial`: execute `update-delete` only once on start and only if the registry is empty. This is the default strategy since it might be convenient for new users that have already a running registry. This commit does not fix all the issues mentioned in SUSE#1631, but it hopefully does the trick for most users. Fixes SUSE#1650 Fixes SUSE#1664 See SUSE#1599 Depends on SUSE#1631 Signed-off-by: Miquel Sabaté Solà <[email protected]>
mssola
added a commit
to mssola/Portus
that referenced
this pull request
Feb 12, 2018
We have historically struggled with the synchronization of the Registry. This was developed at first because the following situation could happen: 1. User pushes image:tag. 2. Portus authorizes the transaction. 3. Registry sends the event to Portus with all the data, but Portus is unavailable. 4. Portus is up again but it missed the registry event. This is not the case anymore, because all the things that could make Portus unavailable have been either fixed or moved into the background process. Thus, this problem can be ignored in most cases. Moreover, this feature is quite dangerous because a bug on this code can make Portus wipe all the repositories, and historically "funny" issues have happened. This commit builds upon SUSE#1631 where background tasks can be disabled. Moreover, it also adds a `sync-strategy` option which is available when users enable this feature. This option has four possible values: - `update-delete`: the same behavior we've had up until now. - `update`: similar to `update-delete` but this one will not delete repositories which no longer exist on the registry. This is useful for users which don't trust the risky `update-delete` strategy. - `on-start`: execute `update-delete` only once (on start). - `initial`: execute `update-delete` only once on start and only if the registry is empty. This is the default strategy since it might be convenient for new users that have already a running registry. This commit does not fix all the issues mentioned in SUSE#1631, but it hopefully does the trick for most users. Fixes SUSE#1650 Fixes SUSE#1664 See SUSE#1599 Depends on SUSE#1631 Signed-off-by: Miquel Sabaté Solà <[email protected]>
mssola
added a commit
to mssola/Portus
that referenced
this pull request
Feb 12, 2018
We have historically struggled with the synchronization of the Registry. This was developed at first because the following situation could happen: 1. User pushes image:tag. 2. Portus authorizes the transaction. 3. Registry sends the event to Portus with all the data, but Portus is unavailable. 4. Portus is up again but it missed the registry event. This is not the case anymore, because all the things that could make Portus unavailable have been either fixed or moved into the background process. Thus, this problem can be ignored in most cases. Moreover, this feature is quite dangerous because a bug on this code can make Portus wipe all the repositories, and historically "funny" issues have happened. This commit builds upon SUSE#1631 where background tasks can be disabled. Moreover, it also adds a `sync-strategy` option which is available when users enable this feature. This option has four possible values: - `update-delete`: the same behavior we've had up until now. - `update`: similar to `update-delete` but this one will not delete repositories which no longer exist on the registry. This is useful for users which don't trust the risky `update-delete` strategy. - `on-start`: execute `update-delete` only once (on start). - `initial`: execute `update-delete` only once on start and only if the registry is empty. This is the default strategy since it might be convenient for new users that have already a running registry. This commit does not fix all the issues mentioned in SUSE#1631, but it hopefully does the trick for most users. Fixes SUSE#1650 Fixes SUSE#1664 See SUSE#1599 Depends on SUSE#1631 Signed-off-by: Miquel Sabaté Solà <[email protected]>
mssola
added a commit
to mssola/Portus
that referenced
this pull request
Feb 14, 2018
We have historically struggled with the synchronization of the Registry. This was developed at first because the following situation could happen: 1. User pushes image:tag. 2. Portus authorizes the transaction. 3. Registry sends the event to Portus with all the data, but Portus is unavailable. 4. Portus is up again but it missed the registry event. This is not the case anymore, because all the things that could make Portus unavailable have been either fixed or moved into the background process. Thus, this problem can be ignored in most cases. Moreover, this feature is quite dangerous because a bug on this code can make Portus wipe all the repositories, and historically "funny" issues have happened. This commit builds upon SUSE#1631 where background tasks can be disabled. Moreover, it also adds a `sync-strategy` option which is available when users enable this feature. This option has four possible values: - `update-delete`: the same behavior we've had up until now. - `update`: similar to `update-delete` but this one will not delete repositories which no longer exist on the registry. This is useful for users which don't trust the risky `update-delete` strategy. - `on-start`: execute `update-delete` only once (on start). - `initial`: execute `update-delete` only once on start and only if the registry is empty. This is the default strategy since it might be convenient for new users that have already a running registry. This commit does not fix all the issues mentioned in SUSE#1599, but it hopefully does the trick for most users. Fixes SUSE#1650 Fixes SUSE#1664 See SUSE#1599 Depends on SUSE#1631 Signed-off-by: Miquel Sabaté Solà <[email protected]>
mssola
added a commit
that referenced
this pull request
Feb 14, 2018
We have historically struggled with the synchronization of the Registry. This was developed at first because the following situation could happen: 1. User pushes image:tag. 2. Portus authorizes the transaction. 3. Registry sends the event to Portus with all the data, but Portus is unavailable. 4. Portus is up again but it missed the registry event. This is not the case anymore, because all the things that could make Portus unavailable have been either fixed or moved into the background process. Thus, this problem can be ignored in most cases. Moreover, this feature is quite dangerous because a bug on this code can make Portus wipe all the repositories, and historically "funny" issues have happened. This commit builds upon #1631 where background tasks can be disabled. Moreover, it also adds a `sync-strategy` option which is available when users enable this feature. This option has four possible values: - `update-delete`: the same behavior we've had up until now. - `update`: similar to `update-delete` but this one will not delete repositories which no longer exist on the registry. This is useful for users which don't trust the risky `update-delete` strategy. - `on-start`: execute `update-delete` only once (on start). - `initial`: execute `update-delete` only once on start and only if the registry is empty. This is the default strategy since it might be convenient for new users that have already a running registry. This commit does not fix all the issues mentioned in #1599, but it hopefully does the trick for most users. Fixes #1650 Fixes #1664 See #1599 Depends on #1631 Signed-off-by: Miquel Sabaté Solà <[email protected]>
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Add possibility to disable background tasks