Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
  • 18:38
    richardlt commented #5092
  • 18:38
    richardlt commented #5092
  • 18:38
    richardlt synchronize #5092
  • 18:38

    richardlt on feat-template-instance-default-param

    fix: key type for worker (compare)

  • 17:51
    ovh-cds commented #5092
  • 17:51
    ovh-cds commented #5092
  • 17:34
    richardlt commented #5092
  • 17:34
    richardlt commented #5092
  • 17:32
    richardlt synchronize #5092
  • 17:32

    richardlt on feat-template-instance-default-param

    fix: key type for worker (compare)

  • 17:24
    ovh-cds commented #5092
  • 17:24
    ovh-cds commented #5092
  • 17:09
    richardlt synchronize #5092
  • 17:09

    richardlt on feat-template-instance-default-param

    fix: key type for worker (compare)

  • 17:02
    richardlt commented #5092
  • 17:02
    richardlt commented #5092
  • 17:02
    richardlt commented #5092
  • 17:02
    richardlt commented #5092
  • 17:02
    richardlt commented #5092
  • 17:02
    richardlt commented #5092
Smithx10
@Smithx10
after creating a index on ES
Anywhere to read how to configure ES ?
Smithx10
@Smithx10
Anyway to configure the API services to only listen on a certain address?
also I would like to TLS them but it seems that the API services don't support TLS ?
Smithx10
@Smithx10
For some reason, a User can Create a Project but they can't click the create workflow button etc
Yvonnick Esnault
@yesnault
@Smithx10 Hi! Sorry for delay, I'll try to answer all questions now :)
"How do you apply SSL to CDS API?" -> we configure a LB (haproxy, what you want) with ssl
it's not configured directly on CDS Api for now
Yvonnick Esnault
@yesnault
"Do workers need to have access to the REDIS instance that the Engine is using ?" -> no, workers need only to access to CDS API
About ES: you need to create index yes. It's used to stored two things: timeline (to persist) and vulnerabilities computed on CDS Application. There is some documentation about what is it on this PR: https://github.com/ovh/cds/pull/4562/files, it will be merged after release 0.42
issue created to add some doc about it: ovh/cds#4601
TLS on engine is planned on the refactor branch about authentication here: ovh/cds#4556 If you want TLS today between service, you have to use LB in front of them
Yvonnick Esnault
@yesnault
"Anyway to configure the API services to only listen on a certain address?" -> you already configure that, example:
[api.http]

    # Listen HTTP address without port, example: 127.0.0.1
    addr = "127.0.0.1"
    port = 8081
you can configure that on all services
@Smithx10 "For some reason, a User can Create a Project but they can't click the create workflow button etc" -> yes, today, everybody can create a project. About the restriction with creating workflow, the user has write access to the project?
Smithx10
@Smithx10
Do they need to create keys
the create thingie was greyed out
Smithx10
@Smithx10
Thanks :)
@yesnault Is there a git issue or a branch about doing TLS to the API servers?
I can probably handle that
I was also thinking about adding "GITEA" as a VCS
Smithx10
@Smithx10
ahhh sorry I didnt read the branch comment ... errrr!!
Smithx10
@Smithx10
@yesnault thats an exciting branch! :)
Smithx10
@Smithx10
@yesnault it looks like Event data is also stored in ES correct? do you by chance have the HTTP post you used for creating the index? I got a few errors from the API while it attempted to read back some data.
I'm curious if because it differs from the index you created*
Smithx10
@Smithx10
Also, how do you make a certain workflow / pipeline stage use a certain job? Ill check the documentatino
Mats
@matspitz1
can i have masked/secret variables?
Mats
@matspitz1
why is my job queued and will not start?
Mats
@matspitz1
when i am trying to link a github repo and click the
Click on the following link to finalize the link between CDS and the repository manager: Click here
i get a 404 at github
Yvonnick Esnault
@yesnault
@Smithx10 about TLS, it's on ovh/cds#4556 on "To Plan" for now
@Smithx10 about the ES Index "Event" data -> We'll start a engine start kpi this week, this will let user to configure a ES on a project, or administrator on a whole CDS. This will be develop as an "integration". The index "creation" will be documented with this new uservice. This new service let user (or CDS administrator of course) do some graphs with kibana, this will be much more useful than today.
@Smithx10 and about last question about run conditions -> you can add run conditions on a Stage or on a node of a workflow (pipeline, hook, etc...)
Yvonnick Esnault
@yesnault
@matspitz1 yes, you can use variable of type "password".
@matspitz1 about the job queued -> it can be many things, but some checks to do: do you have a worker model with "need registration=false"? If yes, do you have binary prerequisite on job, and theses binary are there available in the worker model? Do you have a default OS / Arch ? If yes, the hatchery launched runs workers with the same os /arch?
@matspitz1 and about Github. The 404 page is on GitHub on is it the callback on your CDS UI? I'm available in private if you want me to debug something (and probably improve some docs about that)
Mats
@matspitz1
Yes i am here
Mats
@matspitz1
What should these two values be:
    [vcs.api.grpc]
      # insecure = false
      url = "http://localhost:8082"

    [vcs.api.http]
      # insecure = false
      url = "http://localhost:8081"
i keep getting errors when adding my URL when running engine start vcs --config vcs-config.toml
Unable to register: Register: internal server error (caused by: Post http://localhost:8081/services/register: dial tcp [::1]:8081: connect: connection refused)
Service has been stopped: vcs Register: internal server error (caused by: Post http://localhost:8081/services/register: dial tcp [::1]:8081: connect: connection refused)
Yvonnick Esnault
@yesnault
@matspitz1 the vcs.api.http -> must be the url of the CDS API. Your CDS API is running and listening on http://localhost:8081 ?
Mats
@matspitz1
i am able to run jobs, now thanks Yvonnick!
however when i am running a step script with ssh, i am continuously running into issues when trying to install the key
i have added this to my step script
eval $(worker key install --env proj-mykey)
echo $PKEY # variable $PKEY will contains the path of the SSH private key
Mats
@matspitz1
I want to SSH into another server and execute commands on it.
Yvonnick Esnault
@yesnault
Before using the plugin, a ssh call after a worker install key is the best way to check if the pubkey is ok on the remote. Do you have an error in your job or some logs on remote?
Next step in private message for debugging
Louis GOUNOT
@louis-gounot
Hello
When I try to clone an environment (in UI) having "password" variables, I get an error "Bad request" "valeur du secret non spécifiée"