Page MenuHomePhabricator
Feed Advanced Search

Sat, Dec 4

epriestley added a comment to T13630: Move Phacility provisioning to Piledriver.

The latest version of Phabricator itself is everywhere.

Sat, Dec 4, 11:46 PM · Almanac, Infrastructure, Phacility
epriestley added a comment to T13630: Move Phacility provisioning to Piledriver.

I'm going to hold it until the weekend and try deploying then if things look calm on my end.

Sat, Dec 4, 9:23 PM · Almanac, Infrastructure, Phacility

Thu, Dec 2

cspeckmim updated the task description for T13669: Discourage use of Mailgun as a mail provider.
Thu, Dec 2, 11:18 PM · Guides, Mail
epriestley committed rPdc705cea7fec: Document Mailgun as discouraged, and update Postmark remote address blocks (authored by epriestley).
Document Mailgun as discouraged, and update Postmark remote address blocks
Thu, Dec 2, 10:56 PM
epriestley closed D21738: Document Mailgun as discouraged, and update Postmark remote address blocks.
Thu, Dec 2, 10:56 PM
epriestley closed D21739: Update the extracted cURL SSL CA bundle.
Thu, Dec 2, 10:56 PM
epriestley committed rARC13d3a3c3b100: Update the extracted cURL SSL CA bundle (authored by epriestley).
Update the extracted cURL SSL CA bundle
Thu, Dec 2, 10:56 PM
epriestley requested review of D21739: Update the extracted cURL SSL CA bundle.
Thu, Dec 2, 10:56 PM
epriestley requested review of D21738: Document Mailgun as discouraged, and update Postmark remote address blocks.
Thu, Dec 2, 10:50 PM
epriestley added a revision to T13669: Discourage use of Mailgun as a mail provider: D21738: Document Mailgun as discouraged, and update Postmark remote address blocks.
Thu, Dec 2, 10:48 PM · Guides, Mail
epriestley updated the task description for T13669: Discourage use of Mailgun as a mail provider.
Thu, Dec 2, 10:42 PM · Guides, Mail
epriestley updated the task description for T13669: Discourage use of Mailgun as a mail provider.
Thu, Dec 2, 10:39 PM · Guides, Mail
epriestley added a comment to T13037: An attacker gained staff access to Mailgun and was able to read customer API keys.

I'm satisfied that we aren't violating our commitment to our customers by continuing to use Mailgun as a service provider...

Thu, Dec 2, 10:39 PM · Phacility, Security, Mail
epriestley created U49 Mailgun Discouraged.
Thu, Dec 2, 10:34 PM
epriestley added a comment to T13669: Discourage use of Mailgun as a mail provider.

Purely venting, but the advanced version of "click here to schedule a mysterious meeting" is to outright lie -- pretending that you deeply respect the recipient's achievements -- before asking them to schedule a mysterious meeting.

Thu, Dec 2, 10:30 PM · Guides, Mail
epriestley triaged T13669: Discourage use of Mailgun as a mail provider as Normal priority.
Thu, Dec 2, 10:12 PM · Guides, Mail
cspeckmim edited the content of 2021 Week 49 (Early December).
Thu, Dec 2, 1:36 AM

Wed, Dec 1

epriestley added a comment to T13630: Move Phacility provisioning to Piledriver.

While waiting to deploy db stuff, I was planning to look at pruning dead data out of S3 -- but, on closer examination, the total S3 bill is something like $1/day, so no priority on that whatsoever.

Wed, Dec 1, 11:57 PM · Almanac, Infrastructure, Phacility
epriestley added a comment to T13630: Move Phacility provisioning to Piledriver.

Piledriver also needs to be able to provision database hosts, but these are more-or-less a trivial subset of repository hosts.

Wed, Dec 1, 11:47 PM · Almanac, Infrastructure, Phacility
epriestley added a comment to T13630: Move Phacility provisioning to Piledriver.
  • Make InstancesStateQuery use a dictionary when building the database ref information internally.
Wed, Dec 1, 11:06 PM · Almanac, Infrastructure, Phacility
epriestley added a revision to T13630: Move Phacility provisioning to Piledriver: Unknown Object (Differential Revision).
Wed, Dec 1, 11:03 PM · Almanac, Infrastructure, Phacility
epriestley added a revision to T13630: Move Phacility provisioning to Piledriver: Unknown Object (Differential Revision).
Wed, Dec 1, 10:44 PM · Almanac, Infrastructure, Phacility
epriestley added a revision to T13630: Move Phacility provisioning to Piledriver: Unknown Object (Differential Revision).
Wed, Dec 1, 9:34 PM · Almanac, Infrastructure, Phacility
epriestley added a revision to T13630: Move Phacility provisioning to Piledriver: Unknown Object (Differential Revision).
Wed, Dec 1, 9:25 PM · Almanac, Infrastructure, Phacility
epriestley edited the content of Changelog.
Wed, Dec 1, 9:23 PM
epriestley committed rARC59b273fd15d3: (stable) Promote 2021 Week 49 (authored by epriestley).
(stable) Promote 2021 Week 49
Wed, Dec 1, 9:22 PM
epriestley committed rPd96bd22b8d59: (stable) Promote 2021 Week 49 (authored by epriestley).
(stable) Promote 2021 Week 49
Wed, Dec 1, 9:21 PM
epriestley created an object: 2021 Week 49 (Early December).
Wed, Dec 1, 9:21 PM
epriestley added a comment to T13630: Move Phacility provisioning to Piledriver.

Piledriver also needs to be able to provision database hosts, but these are more-or-less a trivial subset of repository hosts.

Wed, Dec 1, 8:44 PM · Almanac, Infrastructure, Phacility
epriestley added a comment to T13630: Move Phacility provisioning to Piledriver.

I completed all the repository migrations over the weekend and seemingly haven't run into any issues.

Wed, Dec 1, 8:41 PM · Almanac, Infrastructure, Phacility

Mon, Nov 22

epriestley closed T13653: After an AWS event, Phacility hosts may come up with swap only partially configured as Resolved.

This appears resolved: the workflow now tests that /proc/meminfo reports an appropriate value for TotalSwap.

Mon, Nov 22, 2:02 PM · Phacility
epriestley committed rARCc23222438b30: (stable) Provide an API for parsing swap information from "/proc/meminfo" (authored by epriestley).
(stable) Provide an API for parsing swap information from "/proc/meminfo"
Mon, Nov 22, 1:45 PM
epriestley closed D21733: Provide an API for parsing swap information from "/proc/meminfo".
Mon, Nov 22, 1:45 PM
epriestley committed rARCc53bb21bbd3e: Provide an API for parsing swap information from "/proc/meminfo" (authored by epriestley).
Provide an API for parsing swap information from "/proc/meminfo"
Mon, Nov 22, 1:45 PM
epriestley added a comment to D21733: Provide an API for parsing swap information from "/proc/meminfo".

This overlaps somewhat with PhutilSystem::getSystemMemoryInformation(), but that mechanism is narrower and also doesn't really work in practice, so it would probably be reasonable to remove it entirely.

Mon, Nov 22, 1:43 PM
epriestley updated the diff for D21733: Provide an API for parsing swap information from "/proc/meminfo".

Satisfy lint by catching and re-throwing Throwable.

Mon, Nov 22, 1:32 PM
epriestley requested review of D21733: Provide an API for parsing swap information from "/proc/meminfo".
Mon, Nov 22, 1:30 PM
epriestley added a revision to T13653: After an AWS event, Phacility hosts may come up with swap only partially configured: D21733: Provide an API for parsing swap information from "/proc/meminfo".
Mon, Nov 22, 1:30 PM · Phacility

Sun, Nov 21

epriestley added a comment to T13630: Move Phacility provisioning to Piledriver.

Just for completeness, vault used to be an HAProxy host serving as an SSH load balancer, but this responsibility moved to lb001 once ELBs became able to listen on inbound port 22 and TCP forward, so there is no longer a vault class of machines.

Sun, Nov 21, 3:55 PM · Almanac, Infrastructure, Phacility

Sat, Nov 20

epriestley added a comment to T13630: Move Phacility provisioning to Piledriver.

The new provisioning process for repository shards is:

Sat, Nov 20, 9:02 PM · Almanac, Infrastructure, Phacility

Fri, Nov 19

epriestley closed D21732: Allow "PhutilAWSException" to identify "EBS: Not Found" errors.
Fri, Nov 19, 10:55 PM
epriestley committed rARC7cbdf378198b: Allow "PhutilAWSException" to identify "EBS: Not Found" errors (authored by epriestley).
Allow "PhutilAWSException" to identify "EBS: Not Found" errors
Fri, Nov 19, 10:55 PM
epriestley requested review of D21732: Allow "PhutilAWSException" to identify "EBS: Not Found" errors.
Fri, Nov 19, 10:28 PM
epriestley added a revision to T13630: Move Phacility provisioning to Piledriver: D21732: Allow "PhutilAWSException" to identify "EBS: Not Found" errors.
Fri, Nov 19, 10:27 PM · Almanac, Infrastructure, Phacility
epriestley added a revision to T13630: Move Phacility provisioning to Piledriver: Unknown Object (Differential Revision).
Fri, Nov 19, 10:24 PM · Almanac, Infrastructure, Phacility
epriestley added a comment to T13630: Move Phacility provisioning to Piledriver.

Piledriver was built before the FutureGraph stuff settled in T11968; it runs into the same general set of sequencing problems and yield would likely be a good approach.

Fri, Nov 19, 10:22 PM · Almanac, Infrastructure, Phacility
epriestley committed rP8103d361774c: Remove "bin/celerity" dependency on database setup (authored by epriestley).
Remove "bin/celerity" dependency on database setup
Fri, Nov 19, 6:11 PM
epriestley closed D21730: Remove "bin/celerity" dependency on database setup.
Fri, Nov 19, 6:11 PM
epriestley added a comment to D21730: Remove "bin/celerity" dependency on database setup.

See also D19941, which removed a dependency that did previously exist.

Fri, Nov 19, 6:10 PM
epriestley requested review of D21730: Remove "bin/celerity" dependency on database setup.
Fri, Nov 19, 5:58 PM

Thu, Nov 18

epriestley added a comment to T13630: Move Phacility provisioning to Piledriver.

I can't figure out how to delete...

Thu, Nov 18, 7:24 PM · Almanac, Infrastructure, Phacility
epriestley added a comment to T13630: Move Phacility provisioning to Piledriver.

I got rid of everything I could, and nothing appears to be affected.

Thu, Nov 18, 7:20 PM · Almanac, Infrastructure, Phacility
epriestley added a comment to T13630: Move Phacility provisioning to Piledriver.

We have a lot of leftover VPC cruft that I'm going to nuke, notably meta and admin VPCs that (as far as I can tell) have nothing in them, and then a bunch of subnets (meta.private-a, meta.private-b, block-public-222, admin.public-a, admin.public-b, meta.public-a, meta.public-b, block-private-3) and some NGWs etc. I'm like 99% sure this stuff is all leftover from testing years ago and nothing depends on it, but I guess we'll see what happens when I delete all of it.

Thu, Nov 18, 6:55 PM · Almanac, Infrastructure, Phacility
epriestley added a comment to T13630: Move Phacility provisioning to Piledriver.

Here's the last known state of the world from T12816:

Thu, Nov 18, 6:49 PM · Almanac, Infrastructure, Phacility
epriestley added a revision to T13630: Move Phacility provisioning to Piledriver: Unknown Object (Differential Revision).
Thu, Nov 18, 6:26 PM · Almanac, Infrastructure, Phacility
epriestley added a revision to T13630: Move Phacility provisioning to Piledriver: Unknown Object (Differential Revision).
Thu, Nov 18, 6:21 PM · Almanac, Infrastructure, Phacility
epriestley added a revision to T13630: Move Phacility provisioning to Piledriver: Unknown Object (Differential Revision).
Thu, Nov 18, 5:15 PM · Almanac, Infrastructure, Phacility

Wed, Nov 17

epriestley added a comment to T13630: Move Phacility provisioning to Piledriver.

See also NAT carryover from T12816, via T13542.

Wed, Nov 17, 8:02 PM · Almanac, Infrastructure, Phacility
epriestley closed T13542: Rebalance Phacility instances into a private subnet as Resolved.

Closing this in favor of T13630, which covers the same ground.

Wed, Nov 17, 8:02 PM · Phacility

Tue, Nov 16

epriestley closed D21726: Provide missing "AlmanacInterfaceTransactionQuery".
Tue, Nov 16, 7:48 PM
epriestley committed rPc7b04170fedc: Provide missing "AlmanacInterfaceTransactionQuery" (authored by epriestley).
Provide missing "AlmanacInterfaceTransactionQuery"
Tue, Nov 16, 7:48 PM
epriestley requested review of D21726: Provide missing "AlmanacInterfaceTransactionQuery".
Tue, Nov 16, 7:47 PM

Mon, Nov 15

epriestley added a comment to T13654: Wind Down Phacility Operations.

I'm planning to simply delete the Discourse forum without preserving any content.

Mon, Nov 15, 4:22 PM · Phacility

Oct 29 2021

cburroughs awarded D21723: Make corrections to the "arc amend" workflow in Mercurial repositories to be compatible with PHP 5+ a Party Time token.
Oct 29 2021, 2:47 PM

Oct 23 2021

emiraga added a comment to T2794: Implement Phage (like Hypershell).

Thank you for the answer, appreciate it, and your effort that goes into arcanist.

Oct 23 2021, 11:06 AM · Phage, Infrastructure

Oct 21 2021

epriestley added a comment to T2794: Implement Phage (like Hypershell).

The non-public parts of Phage are currently very specific to Phacility's cluster and probably not generally useful. The current version of PhageRemoteWorkflow is similar to P2107 and depends on particular Phacility services and hosts to enumerate valid remotes and negotiate a connection to them through a bastion pool. These service-listing and bastion-host components are not generalized and not trivially generalizable.

Oct 21 2021, 8:00 PM · Phage, Infrastructure
emiraga added a comment to T2794: Implement Phage (like Hypershell).

It seem to me like certain parts of phage are not published in a public repo. Are there plans to open up missing pieces?

Oct 21 2021, 6:37 PM · Phage, Infrastructure

Oct 19 2021

epriestley added a comment to T13628: Provide "Foist Upon", an inverse operation to "Commandeer".
  1. As Alice, commandeer a revision authored by Baliey and reviewed by Claire. Edit it locally to do arbitrary bad things, then git push it.
  2. Make a commit, edit the commit message to say Differential Revision: D1234, where D1234 is a current, valid, accepted revision authored by anyone, then git push it.
Oct 19 2021, 6:25 PM · Differential
epriestley added a comment to T13628: Provide "Foist Upon", an inverse operation to "Commandeer".

I believe it is extremely difficult to configure Phabricator to provide the assurance you describe, particularly if arc land does anything. If you are actually providing this guarantee ("an attacker needs two machines"), you can likely add a clause to the large amount of custom code you've written to prevent self-foisting while still supporting other foisting use cases. If you haven't written a large amount of custom code, I suspect an attacker can fairly easily deploy with one machine without using "Foist Upon".

Oct 19 2021, 6:18 PM · Differential
ptarjan added a comment to T13628: Provide "Foist Upon", an inverse operation to "Commandeer".

Is there a way to disable this feature? Our security team has noticed that with this feature we can land code with just a single person's machine being compromised (we rely on an attacker needing two machines to deploy code as a safety mechanism). I.e. You make a revision, Foist it on someone, Approve it, then arc land it as the other person (saying y to the prompt).

Oct 19 2021, 5:48 PM · Differential
cspeckmim added a comment to D21724: Update Mercurial's cascading of commit sets to rebase non-landed commits.

Just making a note that I did test git a while back and saw behavior that I wasn't expecting; I haven't had a chance to dig further into this. I'm not super familiar with how to visualize the commit graph in git to confirm this but I believe what happened is a graph that looked like this

A  B
| /
C
|
D  (master)
Oct 19 2021, 2:51 AM

Oct 3 2021

0 published D21725: Hide event start times on subsequent days for review.
Oct 3 2021, 10:45 PM · Calendar

Oct 1 2021

epriestley added a comment to D21425: Streamline handling of Futures and PIDs in daemons.

The Future stuff is used on both the client and server, so it lives in Arcanist rather than Phabricator. The method definition should be here:

Oct 1 2021, 9:49 PM
jmeador added inline comments to D21425: Streamline handling of Futures and PIDs in daemons.
Oct 1 2021, 9:25 PM

Sep 28 2021

epriestley added a comment to T13588: PHP 8 Compatibility.

See also T12404#256288 for a note on each removal.

Sep 28 2021, 2:41 PM · Infrastructure
epriestley added a comment to T12404: Implement a first-party SMTP client.

each is usually easy to replace and I'm happy to accept a change to replace it if someone wants to reproduce/test it. I believe this (totally ridiculous) construction:

Sep 28 2021, 2:40 PM · Infrastructure, Mail
avivey added a comment to T13588: PHP 8 Compatibility.

From https://discourse.phabricator-community.org/t/sending-emails-causes-an-exception/4966, looks like the PHPMailer uses each which is removed in php 8.

Sep 28 2021, 7:57 AM · Infrastructure
avivey added a comment to T12404: Implement a first-party SMTP client.

From https://discourse.phabricator-community.org/t/sending-emails-causes-an-exception/4966, it appears that both class.smtp.php and class.phpmailer-lite.php have calls to each which is removed in PHP 8.

Sep 28 2021, 7:55 AM · Infrastructure, Mail

Sep 24 2021

cspeckmim planned changes to D21724: Update Mercurial's cascading of commit sets to rebase non-landed commits.

Marking Plan Changes until I test this out in Git

Sep 24 2021, 4:05 PM

Sep 23 2021

cspeckmim updated the diff for D21724: Update Mercurial's cascading of commit sets to rebase non-landed commits.

Remove the $obsolete_map and $rebasedActiveCommit and just use $rebasedCommitMap

Sep 23 2021, 3:39 AM
cspeckmim planned changes to D21724: Update Mercurial's cascading of commit sets to rebase non-landed commits.
Sep 23 2021, 3:23 AM
cspeckmim requested review of D21724: Update Mercurial's cascading of commit sets to rebase non-landed commits.
Sep 23 2021, 3:09 AM
cspeckmim added a revision to T13668: Landing a string of dependent revisions which contains branched commits will result in stripping/pruning those branched commits: D21724: Update Mercurial's cascading of commit sets to rebase non-landed commits.
Sep 23 2021, 3:09 AM · Mercurial, Arcanist

Sep 22 2021

cspeckmim updated the task description for T13668: Landing a string of dependent revisions which contains branched commits will result in stripping/pruning those branched commits.
Sep 22 2021, 2:10 AM · Mercurial, Arcanist
cspeckmim created T13668: Landing a string of dependent revisions which contains branched commits will result in stripping/pruning those branched commits.
Sep 22 2021, 2:06 AM · Mercurial, Arcanist

Sep 18 2021

cspeckmim added a comment to D21723: Make corrections to the "arc amend" workflow in Mercurial repositories to be compatible with PHP 5+.

The second baby has arrived

aw smile.png (100×100 px, 6 KB)
dancing duck.gif (280×498 px, 2 MB)

Sep 18 2021, 2:02 AM

Sep 17 2021

epriestley added a comment to D21723: Make corrections to the "arc amend" workflow in Mercurial repositories to be compatible with PHP 5+.

The second baby has arrived so I have about 17 seconds per day to look at my computer nowadays, but I think it would also be reasonable to backfill str_starts_with() if you run into more of this -- the strncmp() syntax has always felt pretty hard to read to me. You can do that in PHP like this:

Sep 17 2021, 1:02 PM
cspeckmim closed D21723: Make corrections to the "arc amend" workflow in Mercurial repositories to be compatible with PHP 5+.
Sep 17 2021, 3:03 AM
cspeckmim committed rARCa028291f8e5e: Make corrections to the "arc amend" workflow in Mercurial repositories to be… (authored by cspeckmim).
Make corrections to the "arc amend" workflow in Mercurial repositories to be…
Sep 17 2021, 3:03 AM
cspeckmim retitled D21723: Make corrections to the "arc amend" workflow in Mercurial repositories to be compatible with PHP 5+ from Make corrections to the "arc amend" workflow used with Mercurial repositories to Make corrections to the "arc amend" workflow in Mercurial repositories to be compatible with PHP 5+.
Sep 17 2021, 3:02 AM
cspeckmim updated the summary of D21723: Make corrections to the "arc amend" workflow in Mercurial repositories to be compatible with PHP 5+.
Sep 17 2021, 3:01 AM
epriestley accepted D21723: Make corrections to the "arc amend" workflow in Mercurial repositories to be compatible with PHP 5+.
Sep 17 2021, 2:20 AM

Sep 16 2021

cspeckmim updated the diff for D21723: Make corrections to the "arc amend" workflow in Mercurial repositories to be compatible with PHP 5+.

Switch to using strncmp()

Sep 16 2021, 6:57 PM
cspeckmim requested review of D21723: Make corrections to the "arc amend" workflow in Mercurial repositories to be compatible with PHP 5+.
Sep 16 2021, 6:55 PM
cspeckmim added a revision to T13665: The "arc amend" workflow does not work on Mercurial repositories: D21723: Make corrections to the "arc amend" workflow in Mercurial repositories to be compatible with PHP 5+.
Sep 16 2021, 6:54 PM · Mercurial, Arcanist
cspeckmim added inline comments to D21716: Update ArcanistMercurialAPI to support getting the current commit ref.
Sep 16 2021, 6:35 PM

Sep 14 2021

cspeckmim updated the task description for T13667: Landing a mercurial revision which has no changes causes errors on the revision page as well as history viewing.
Sep 14 2021, 9:59 PM · Arcanist, Mercurial
cspeckmim updated the task description for T13667: Landing a mercurial revision which has no changes causes errors on the revision page as well as history viewing.
Sep 14 2021, 9:55 PM · Arcanist, Mercurial
cspeckmim created T13667: Landing a mercurial revision which has no changes causes errors on the revision page as well as history viewing.
Sep 14 2021, 9:49 PM · Arcanist, Mercurial

Sep 13 2021

epriestley added inline comments to D21680: An assortment of fixes and updates to using arc-land with mercurial.
Sep 13 2021, 9:28 PM