Page MenuHomeGitPull.it
Create Task
Maniphest T440

Fix landing automation for BusTO (Unable to acquire slot locks)
Closed, ResolvedPublic
Actions

Assigned To
valerio.bozzolan
Authored By
valerio.bozzolan
Aug 6 2020, 08:09
Tags
Referenced Files
F1466070: phabricator-harbormaster-drydock-almanac-host.dia
Feb 16 2021, 00:46
F1466069: phabricator-harbormaster-drydock-almanac-host.svg
Feb 16 2021, 00:46
F1466071: image.png
Feb 16 2021, 00:46
F1466067: phabricator-harbormaster-drydock-almanac-host.png
Feb 16 2021, 00:46
Subscribers
fabio.mazza
valerio.bozzolan

Description

We would be able to have a " Land" button in R4 Libre BusTO.

For security reasons this requires separated SSH credentials, so another Drydock Blueprint host, in order to separate the building stuff to the landing stuff.

Why? Because the building stuff should be considered very untrusted and dangerous and should never be able to interact with the landing stuff that should be kept without untristed contamination.

As already said this can be achieved with two SSH users on the same host because the default umask is good to avoid that one SSH user could be able to write from the other.

Upstream guide:

https://secure.phabricator.com/book/phabricator/article/drydock_repository_automation/

WikiBooks Guide:

https://en.wikibooks.org/wiki/Phabricator_Administrator%27s_Handbook/Continuous_integration#Setup_1:_on_own_hardware_(using_Drydock)

Related Objects
Search...

Event Timeline

valerio.bozzolan triaged this task as Normal priority.Aug 6 2020, 08:09
valerio.bozzolan created this task.
valerio.bozzolan added a project: Libre BusTO .
valerio.bozzolan added a subscriber: fabio.mazza.
valerio.bozzolan updated the task description. (Show Details)Aug 6 2020, 08:47
valerio.bozzolan added a comment.Aug 7 2020, 08:47

Uh, Houston, we've had a problem:

One or more blueprints promised a new resource, but failed when allocating: [PhutilAggregateException] All blueprints failed to allocate a suitable new resource when trying to allocate lease ("PHID-DRYL-7bvtnllfkursoigqa4ea").
- PhutilAggregateException: Unable to allocate any binding as a resource.
- DrydockSlotLockException: Unable to acquire slot locks: "almanac.host.binding(PHID-ABND-d546gmbq7ajyidyi6hcf)" (owned by "PHID-DRYR-f4guzy2xnotw6thi67mf").

https://gitpull.it/drydock/lease/140/

valerio.bozzolan moved this task from Backlog to Deadlock on the gitpull.it board.Aug 11 2020, 08:02
valerio.bozzolan lowered the priority of this task from Normal to Wishlist.Aug 26 2020, 15:14
valerio.bozzolan added a project: User-valerio.bozzolan.Oct 6 2020, 14:09
valerio.bozzolan renamed this task from Setup land Automation for BusTO to Fix landing automation for BusTO (Unable to acquire slot locks).Feb 14 2021, 23:12
valerio.bozzolan added a project: Phabricator.
valerio.bozzolan moved this task from Arriving 🔥 to Holy fucking nightmare on the Libre BusTO board.Feb 14 2021, 23:37
valerio.bozzolan added a parent task: T727: Write "Automation" documentation on Wikibooks.Feb 16 2021, 00:00
valerio.bozzolan updated the task description. (Show Details)Feb 16 2021, 00:36
valerio.bozzolan edited projects, added User-valerio.bozzolan (Febrary 2021); removed User-valerio.bozzolan.EditedFeb 16 2021, 00:46

surprisedpika

Uhm. It seems that my PhutilAggregateException (Unable to allocate any binding as a resource.) means that you cannot have two Host Blueprints pointing to the same Almanac Service.

And the Google search for that raises 7 results:

image.png (160×388 px, 11 KB)

This Task is one of these results, and the others are mirrors of the official source-code related to the AlmanacService, so I'm officially the first human exploring this cute exception.
asd

Having said that.

This is somehow confusing to me because the credentials are something Blueprint-related and so it may have sense to have different Blueprints using the same resources (for example to initialize different separate SSH connections).

I've made a cute schema to explain my concerns:

phabricator-harbormaster-drydock-almanac-host.png (1×2 px, 104 KB)

Original Dia file:

phabricator-harbormaster-drydock-almanac-host.dia7 KBDownload

SVG:

phabricator-harbormaster-drydock-almanac-host.svg174 KBDownload

Let's share some thoughts with upstream to learn more about this interesting part.

valerio.bozzolan closed this task as Resolved.Mar 14 2021, 00:57
valerio.bozzolan moved this task from Deadlock to Tech on the gitpull.it board.Mar 29 2021, 09:23
valerio.bozzolan moved this task from Backlog to Recently done on the Phabricator board.Jul 29 2021, 12:18
Public contents are in Creative Commons Attribution-ShareAlike 4.0 (CC-BY-SA) or GNU Free Documentation License (at your option) unless otherwise noted. · Contact / Register