Page MenuHomeMiraheze

Site Reliability EngineeringGroup
ActivePublic

Members (5)

Watchers (1)

Details

Description

Project for:

  • all higher-level tasks affecting the Director of Site Reliability Engineering;
  • tasks requiring pro-active engagement of both the Infrastructure and MediaWiki sub-teams;
  • a funnel point for initial triage if sub-team scope is unknown.

Recent Activity

Yesterday

RhinosF1 added a comment to T7712: New MediaWiki deployment system.

Test3 is now running as 'staging':

Fri, Jul 30, 10:21 · Goal-2021-Jul-Dec, MediaWiki, MediaWiki (SRE)
RhinosF1 added a comment to T7712: New MediaWiki deployment system.

It would also be good if we could allow for the extension to receive other updates and still have the patch remain applied, which may require some research/testing.

If we copy enough logic, it should be fine. In the worst case, you just run git apply after updating but before syncing.

Fri, Jul 30, 09:35 · Goal-2021-Jul-Dec, MediaWiki, MediaWiki (SRE)
RhinosF1 added a comment to T7712: New MediaWiki deployment system.

This also saves on running commands many many times and cloning git. We could probably eventually automate it in puppet if mediawiki or config changes

Fri, Jul 30, 09:23 · Goal-2021-Jul-Dec, MediaWiki, MediaWiki (SRE)
RhinosF1 updated the task description for T7712: New MediaWiki deployment system.
Fri, Jul 30, 09:22 · Goal-2021-Jul-Dec, MediaWiki, MediaWiki (SRE)
RhinosF1 added a comment to T7699: i need to whitelist a domain in CSP to load external file from it.

CSP Desicions can take a while

Fri, Jul 30, 07:17 · Site Reliability Engineering, Puppet

Thu, Jul 29

Light-777-Angel added a comment to T7699: i need to whitelist a domain in CSP to load external file from it.

can someone please look at this and tell me what do i need to do.

Thu, Jul 29, 19:05 · Site Reliability Engineering, Puppet

Wed, Jul 28

Light-777-Angel added a comment to T7699: i need to whitelist a domain in CSP to load external file from it.

anybody working here?
can i get some help..
i need this white listed.

Wed, Jul 28, 20:16 · Site Reliability Engineering, Puppet
Void moved T7712: New MediaWiki deployment system from Radar to Discussion on the Site Reliability Engineering board.
Wed, Jul 28, 19:01 · Goal-2021-Jul-Dec, MediaWiki, MediaWiki (SRE)
Void triaged T7712: New MediaWiki deployment system as Low priority.
Wed, Jul 28, 19:01 · Goal-2021-Jul-Dec, MediaWiki, MediaWiki (SRE)
Reception123 added a comment to T7270: Review rights global Sysadmin group has .

I will shortly review each permission and see if we need them or not. For now adding the list here:

Wed, Jul 28, 07:21 · Site Reliability Engineering

Tue, Jul 27

Light-777-Angel added a comment to T7699: i need to whitelist a domain in CSP to load external file from it.

any progress?

Tue, Jul 27, 20:46 · Site Reliability Engineering, Puppet
Reception123 closed T7447: Budget request for SRE Q3+Q4 2021 as Resolved.
Tue, Jul 27, 09:55 · Site Reliability Engineering

Mon, Jul 26

R4356th moved T7699: i need to whitelist a domain in CSP to load external file from it from Radar to Discussion on the Site Reliability Engineering board.
Mon, Jul 26, 17:00 · Site Reliability Engineering, Puppet
R4356th edited projects for T7699: i need to whitelist a domain in CSP to load external file from it, added: Puppet, Site Reliability Engineering; removed MediaWiki (SRE), MediaWiki.
Mon, Jul 26, 17:00 · Site Reliability Engineering, Puppet

Sun, Jul 25

Universal_Omega added a comment to T7270: Review rights global Sysadmin group has .

@Reception123: any progress on reviewing the rights? I do think this should be done so we don't have unnecessary ones.

Sun, Jul 25, 18:09 · Site Reliability Engineering

Mon, Jul 19

Universal_Omega closed T7532: GlobalNewFiles disabled as caused too many connections to db11 (CVE-2021-32722), a subtask of T7531: 503 Backend fetch failed errors lasting a few minutes, as Resolved.
Mon, Jul 19, 22:37 · Site Reliability Engineering

Tue, Jul 13

Void closed T7467: [Access Request] Void as Resolved.

Have access now to OVH/RN/Proxmox. I believe that's everything.

Tue, Jul 13, 22:05 · Site Reliability Engineering
Universal_Omega moved T7632: Request to add aaside.bushimo.jp and argo-bdp.com to CSP whitelist (in order load external images) from Radar to Discussion on the Site Reliability Engineering board.
Tue, Jul 13, 04:52 · Site Reliability Engineering
Universal_Omega added a project to T7632: Request to add aaside.bushimo.jp and argo-bdp.com to CSP whitelist (in order load external images): Site Reliability Engineering.
Tue, Jul 13, 04:51 · Site Reliability Engineering

Mon, Jul 12

MacFan4000 added a comment to T7382: Phabricator is no longer maintained - decide what to do.

Phorge is now becoming a reality at https://we.phorge.it/

Mon, Jul 12, 00:03 · Universal Omega, Site Reliability Engineering, Phabricator

Sun, Jul 11

R4356th added a comment to T7567: Enable Extension:EmbedSpotify on mediterraneanvision.miraheze.org.

Bump. Disallowing Spotify when Google is allowed makes no sense, IMO; Spotify should be trusted enough even though they serve ads.

Sun, Jul 11, 17:59 · Site Reliability Engineering, Universal Omega, Extensions

Tue, Jul 6

Reception123 added a comment to T7541: Create CVE policy for extensions managed by Miraheze.

@Owen Would you be able to provide some comments and suggestions for what you think needs to be considered before opening a security advisory and requesting a CVE from GitHub?

Tue, Jul 6, 07:41 · Trust & Safety, Site Reliability Engineering

Sat, Jul 3

Universal_Omega updated subscribers of T7585: [Access Elevation] RhinosF1 (puppet-user).
Sat, Jul 3, 18:35 · Site Reliability Engineering
John added a comment to T7585: [Access Elevation] RhinosF1 (puppet-user).

My concerns remain regardless of the impact.

Sat, Jul 3, 13:28 · Site Reliability Engineering
RhinosF1 added a comment to T7585: [Access Elevation] RhinosF1 (puppet-user).

This work is going to the probably the biggest improvement to the way SSL certificate deployments work since the introduction of the ssl repo and turn a near completely manual process into one that could take minutes and now provide near instant feedback to the requestor on whether they're correctly pointing their domain at Miraheze.

Sat, Jul 3, 13:25 · Site Reliability Engineering
John added a comment to T7585: [Access Elevation] RhinosF1 (puppet-user).

While this is an entirely SRE matter, I would like to make my opinion clear that given the complaints raised regarding the user’s attitude, communication abilities, and activity - given SRE’s recent stance of working to build community relationships, I wouldn’t support an access elevation - essentially rewarding - a major contributor of the current endemic SRE is finding itself in.

Sat, Jul 3, 13:17 · Site Reliability Engineering
RhinosF1 moved T7585: [Access Elevation] RhinosF1 (puppet-user) from Radar to Access on the Site Reliability Engineering board.
Sat, Jul 3, 12:55 · Site Reliability Engineering
RhinosF1 triaged T7585: [Access Elevation] RhinosF1 (puppet-user) as Normal priority.
Sat, Jul 3, 12:54 · Site Reliability Engineering
RhinosF1 placed T7161: Add Wikimedia's mirror sites to CSP white list up for grabs.

needs approval from. Site Reliability Engineering

Sat, Jul 3, 08:45 · Site Reliability Engineering, Puppet

Thu, Jul 1

Southparkfan added a comment to T7467: [Access Request] Void.

Discussed with Void, remaining rights will be granted during the transfer period.

Thu, Jul 1, 17:26 · Site Reliability Engineering
Bukkit added a comment to T7491: Request for Security Reviewer.

Okay.

Thu, Jul 1, 16:13 · Site Reliability Engineering
RhinosF1 added a comment to T7491: Request for Security Reviewer.

When would a good time to try again be?

Thu, Jul 1, 16:00 · Site Reliability Engineering
Bukkit added a comment to T7491: Request for Security Reviewer.

When would a good time to try again be?

Thu, Jul 1, 15:57 · Site Reliability Engineering

Jun 30 2021

Universal_Omega removed a project from T5869: Whitelist postimages.org & imgbb.com (& their domains) for image display: Puppet.
Jun 30 2021, 17:12 · Site Reliability Engineering
Universal_Omega placed T7567: Enable Extension:EmbedSpotify on mediterraneanvision.miraheze.org up for grabs.
Jun 30 2021, 17:10 · Site Reliability Engineering, Universal Omega, Extensions
Universal_Omega moved T7567: Enable Extension:EmbedSpotify on mediterraneanvision.miraheze.org from Unsorted to Short Term on the Universal Omega board.
Jun 30 2021, 17:10 · Site Reliability Engineering, Universal Omega, Extensions
Reception123 closed T7569: Request access to security tasks as Resolved.

Done. Added to acl*security and acl*security_reviewers

Jun 30 2021, 15:28 · Site Reliability Engineering
Owen created T7569: Request access to security tasks.
Jun 30 2021, 15:20 · Site Reliability Engineering
R4356th moved T7567: Enable Extension:EmbedSpotify on mediterraneanvision.miraheze.org from Radar to Discussion on the Site Reliability Engineering board.
Jun 30 2021, 14:38 · Site Reliability Engineering, Universal Omega, Extensions
R4356th edited projects for T7567: Enable Extension:EmbedSpotify on mediterraneanvision.miraheze.org, added: Site Reliability Engineering; removed MediaWiki (SRE).

The extension itself is approved but this still needs Site Reliability Engineering to add Spotify to the CSP whitelist.

Jun 30 2021, 14:38 · Site Reliability Engineering, Universal Omega, Extensions

Jun 28 2021

Owen moved T7541: Create CVE policy for extensions managed by Miraheze from Backlog to External on the Trust & Safety board.
Jun 28 2021, 12:58 · Trust & Safety, Site Reliability Engineering
Reception123 updated subscribers of T7541: Create CVE policy for extensions managed by Miraheze.
Jun 28 2021, 06:37 · Trust & Safety, Site Reliability Engineering

Jun 27 2021

Universal_Omega assigned T7161: Add Wikimedia's mirror sites to CSP white list to RhinosF1.

Since @RhinosF1 has a PR open, assigning to him.

Jun 27 2021, 16:56 · Site Reliability Engineering, Puppet
Reception123 moved T7541: Create CVE policy for extensions managed by Miraheze from Radar to Discussion on the Site Reliability Engineering board.
Jun 27 2021, 13:16 · Trust & Safety, Site Reliability Engineering
Reception123 triaged T7541: Create CVE policy for extensions managed by Miraheze as High priority.
Jun 27 2021, 13:15 · Trust & Safety, Site Reliability Engineering

Jun 26 2021

Reception123 renamed T7532: GlobalNewFiles disabled as caused too many connections to db11 (CVE-2021-32722) from 26 June Incident to GlobalNewFiles caused too many connections to db11.
Jun 26 2021, 13:13 · GlobalNewFiles, Universal Omega, MediaWiki (SRE), Database
Reception123 closed T7531: 503 Backend fetch failed errors lasting a few minutes as Resolved.

Closing in favour of keeping T7532 to address the specific database-related problem rather than just the 503 whose cause is now known.

Jun 26 2021, 13:13 · Site Reliability Engineering
Reception123 lowered the priority of T7531: 503 Backend fetch failed errors lasting a few minutes from Unbreak Now! to High.

Lowering status as this is now very likely temporarily fixed.

Jun 26 2021, 13:13 · Site Reliability Engineering
RhinosF1 added a comment to T7531: 503 Backend fetch failed errors lasting a few minutes.

GlobaNewFiles is currently disabled.

You mean GlobalNewFiles?

Jun 26 2021, 13:11 · Site Reliability Engineering
PiscesKazeMGR added a comment to T7531: 503 Backend fetch failed errors lasting a few minutes.

GlobaNewFiles is currently disabled.

Jun 26 2021, 13:07 · Site Reliability Engineering