by

Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
  • May 29 16:27

    richardlt on fix-wrap-multi-error

    refactor: remove some fmt.Errorf feat: handle wrap MultiError refactor: clean fmt.Errorf usage and 3 more (compare)

  • May 29 14:12
    yesnault synchronize #5219
  • May 29 14:12

    yesnault on ye-spawn-info-display

    fix(ui): cr Signed-off-by: Yvo… (compare)

  • May 29 12:19

    sguiheux on snapRunSecrets

    fix: unit test on RetrieveSecre… (compare)

  • May 29 05:58

    sguiheux on snapRunSecrets

    fix: add id primary key column … (compare)

  • May 28 16:44
    yesnault review_requested #5219
  • May 28 16:44
    yesnault review_requested #5219
  • May 28 16:44
    yesnault review_requested #5219
  • May 28 16:44
    yesnault opened #5219
  • May 28 16:43

    yesnault on ye-spawn-info-display

    fix(ui): display spawn info for… (compare)

  • May 28 15:33

    ovh-cds on 0.46.0

    (compare)

  • May 28 14:52

    fsamin on api

    (compare)

  • May 28 14:50

    fsamin on api

    (compare)

  • May 28 14:50

    fsamin on api

    (compare)

  • May 28 14:50

    fsamin on api

    (compare)

  • May 28 14:50

    fsamin on api

    (compare)

  • May 28 14:15

    sguiheux on snapRunSecrets

    feat: take a snapshot of workfl… (compare)

  • May 28 13:21

    yesnault on master

    test: fix compilation after mer… (compare)

  • May 28 13:21
    yesnault closed #5218
  • May 28 13:21
    richardlt review_requested #5218
Smithx10
@Smithx10
How do you apply SSL to CDS API?
I'm trying to configure https
Smithx10
@Smithx10
Do workers need to have access to the REDIS instance that the Engine is using ?
Smithx10
@Smithx10
Is there any documentation about how I should configure elasticsearch>?
I see it all over the conf.toml
Smithx10
@Smithx10
figured it out
Smithx10
@Smithx10
I noticed the timeline doesn't persist
is that on purpose:
?
Smithx10
@Smithx10
Do I have to init these indexes?
Smithx10
@Smithx10
Im getting back errors like 2019-09-11 23:28:07 [WARN] pprofLabel>recoverWrap>Handle>getApplicationOverviewHandler>GetMetrics>DoJSONRequest>doJSONRequest>ErrorWithFallback>NewErrorWithStack: wrong request (from: Unable to perform request on service elastic (elasticsearch)) (caused by: getApplicationOverviewHandler> Cannot list vulnerability met
rics: Unable to get metrics: internal server error) error_uuid=cf756d68-d4eb-11e9-b83a-90b8d004466a method=GET request_uri=/ui/project/TEST/application/test/overview stack_trace=internal server error
after creating a index on ES
Anywhere to read how to configure ES ?
Smithx10
@Smithx10
Anyway to configure the API services to only listen on a certain address?
also I would like to TLS them but it seems that the API services don't support TLS ?
Smithx10
@Smithx10
For some reason, a User can Create a Project but they can't click the create workflow button etc
Yvonnick Esnault
@yesnault
@Smithx10 Hi! Sorry for delay, I'll try to answer all questions now :)
"How do you apply SSL to CDS API?" -> we configure a LB (haproxy, what you want) with ssl
it's not configured directly on CDS Api for now
Yvonnick Esnault
@yesnault
"Do workers need to have access to the REDIS instance that the Engine is using ?" -> no, workers need only to access to CDS API
About ES: you need to create index yes. It's used to stored two things: timeline (to persist) and vulnerabilities computed on CDS Application. There is some documentation about what is it on this PR: https://github.com/ovh/cds/pull/4562/files, it will be merged after release 0.42
issue created to add some doc about it: ovh/cds#4601
TLS on engine is planned on the refactor branch about authentication here: ovh/cds#4556 If you want TLS today between service, you have to use LB in front of them
Yvonnick Esnault
@yesnault
"Anyway to configure the API services to only listen on a certain address?" -> you already configure that, example:
[api.http]

    # Listen HTTP address without port, example: 127.0.0.1
    addr = "127.0.0.1"
    port = 8081
you can configure that on all services
@Smithx10 "For some reason, a User can Create a Project but they can't click the create workflow button etc" -> yes, today, everybody can create a project. About the restriction with creating workflow, the user has write access to the project?
Smithx10
@Smithx10
Do they need to create keys
the create thingie was greyed out
Smithx10
@Smithx10
Thanks :)
@yesnault Is there a git issue or a branch about doing TLS to the API servers?
I can probably handle that
I was also thinking about adding "GITEA" as a VCS
Smithx10
@Smithx10
ahhh sorry I didnt read the branch comment ... errrr!!
Smithx10
@Smithx10
@yesnault thats an exciting branch! :)
Smithx10
@Smithx10
@yesnault it looks like Event data is also stored in ES correct? do you by chance have the HTTP post you used for creating the index? I got a few errors from the API while it attempted to read back some data.
I'm curious if because it differs from the index you created*
Smithx10
@Smithx10
Also, how do you make a certain workflow / pipeline stage use a certain job? Ill check the documentatino
Mats
@matspitz1
can i have masked/secret variables?
Mats
@matspitz1
why is my job queued and will not start?
Mats
@matspitz1
when i am trying to link a github repo and click the
Click on the following link to finalize the link between CDS and the repository manager: Click here
i get a 404 at github
Yvonnick Esnault
@yesnault
@Smithx10 about TLS, it's on ovh/cds#4556 on "To Plan" for now
@Smithx10 about the ES Index "Event" data -> We'll start a engine start kpi this week, this will let user to configure a ES on a project, or administrator on a whole CDS. This will be develop as an "integration". The index "creation" will be documented with this new uservice. This new service let user (or CDS administrator of course) do some graphs with kibana, this will be much more useful than today.
@Smithx10 and about last question about run conditions -> you can add run conditions on a Stage or on a node of a workflow (pipeline, hook, etc...)
Yvonnick Esnault
@yesnault
@matspitz1 yes, you can use variable of type "password".
@matspitz1 about the job queued -> it can be many things, but some checks to do: do you have a worker model with "need registration=false"? If yes, do you have binary prerequisite on job, and theses binary are there available in the worker model? Do you have a default OS / Arch ? If yes, the hatchery launched runs workers with the same os /arch?
@matspitz1 and about Github. The 404 page is on GitHub on is it the callback on your CDS UI? I'm available in private if you want me to debug something (and probably improve some docs about that)
Mats
@matspitz1
Yes i am here
Mats
@matspitz1
What should these two values be:
    [vcs.api.grpc]
      # insecure = false
      url = "http://localhost:8082"

    [vcs.api.http]
      # insecure = false
      url = "http://localhost:8081"
i keep getting errors when adding my URL when running engine start vcs --config vcs-config.toml