Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
  • Feb 22 23:09
    ovh-cds commented #4997
  • Feb 22 22:54
    yesnault review_requested #4997
  • Feb 22 22:54
    yesnault review_requested #4997
  • Feb 22 22:54
    yesnault review_requested #4997
  • Feb 22 22:54
    yesnault review_requested #4997
  • Feb 22 22:54
    yesnault ready_for_review #4997
  • Feb 22 22:53
    yesnault edited #4997
  • Feb 22 22:53
    yesnault synchronize #4997
  • Feb 22 22:53

    yesnault on ye-vscode

    feat(vscode): autocomplete yml … (compare)

  • Feb 22 21:22
    yesnault commented #4997
  • Feb 22 21:22
    yesnault commented #4997
  • Feb 22 18:20
    ovh-cds commented #4997
  • Feb 22 18:02
    yesnault edited #4997
  • Feb 22 18:01
    yesnault synchronize #4997
  • Feb 22 18:01

    yesnault on ye-vscode

    feat(vscode): queue Signed-off… (compare)

  • Feb 22 01:53
    ovh-cds commented #4997
  • Feb 22 01:36
    yesnault synchronize #4997
  • Feb 22 01:36

    yesnault on ye-vscode

    feat: init queue Signed-off-by… refactor(vscode): remove kinds … feat(vscode): queue waiting/bui… (compare)

  • Feb 21 18:53
    yesnault commented #4997
  • Feb 21 18:47
    ovh-cds commented #4997
Yvonnick Esnault
@yesnault
@Smithx10 Hi! Sorry for delay, I'll try to answer all questions now :)
"How do you apply SSL to CDS API?" -> we configure a LB (haproxy, what you want) with ssl
it's not configured directly on CDS Api for now
Yvonnick Esnault
@yesnault
"Do workers need to have access to the REDIS instance that the Engine is using ?" -> no, workers need only to access to CDS API
About ES: you need to create index yes. It's used to stored two things: timeline (to persist) and vulnerabilities computed on CDS Application. There is some documentation about what is it on this PR: https://github.com/ovh/cds/pull/4562/files, it will be merged after release 0.42
issue created to add some doc about it: ovh/cds#4601
TLS on engine is planned on the refactor branch about authentication here: ovh/cds#4556 If you want TLS today between service, you have to use LB in front of them
Yvonnick Esnault
@yesnault
"Anyway to configure the API services to only listen on a certain address?" -> you already configure that, example:
[api.http]

    # Listen HTTP address without port, example: 127.0.0.1
    addr = "127.0.0.1"
    port = 8081
you can configure that on all services
@Smithx10 "For some reason, a User can Create a Project but they can't click the create workflow button etc" -> yes, today, everybody can create a project. About the restriction with creating workflow, the user has write access to the project?
Smithx10
@Smithx10
Do they need to create keys
the create thingie was greyed out
Smithx10
@Smithx10
Thanks :)
@yesnault Is there a git issue or a branch about doing TLS to the API servers?
I can probably handle that
I was also thinking about adding "GITEA" as a VCS
Smithx10
@Smithx10
ahhh sorry I didnt read the branch comment ... errrr!!
Smithx10
@Smithx10
@yesnault thats an exciting branch! :)
Smithx10
@Smithx10
@yesnault it looks like Event data is also stored in ES correct? do you by chance have the HTTP post you used for creating the index? I got a few errors from the API while it attempted to read back some data.
I'm curious if because it differs from the index you created*
Smithx10
@Smithx10
Also, how do you make a certain workflow / pipeline stage use a certain job? Ill check the documentatino
Mats
@matspitz1
can i have masked/secret variables?
Mats
@matspitz1
why is my job queued and will not start?
Mats
@matspitz1
when i am trying to link a github repo and click the
Click on the following link to finalize the link between CDS and the repository manager: Click here
i get a 404 at github
Yvonnick Esnault
@yesnault
@Smithx10 about TLS, it's on ovh/cds#4556 on "To Plan" for now
@Smithx10 about the ES Index "Event" data -> We'll start a engine start kpi this week, this will let user to configure a ES on a project, or administrator on a whole CDS. This will be develop as an "integration". The index "creation" will be documented with this new uservice. This new service let user (or CDS administrator of course) do some graphs with kibana, this will be much more useful than today.
@Smithx10 and about last question about run conditions -> you can add run conditions on a Stage or on a node of a workflow (pipeline, hook, etc...)
Yvonnick Esnault
@yesnault
@matspitz1 yes, you can use variable of type "password".
@matspitz1 about the job queued -> it can be many things, but some checks to do: do you have a worker model with "need registration=false"? If yes, do you have binary prerequisite on job, and theses binary are there available in the worker model? Do you have a default OS / Arch ? If yes, the hatchery launched runs workers with the same os /arch?
@matspitz1 and about Github. The 404 page is on GitHub on is it the callback on your CDS UI? I'm available in private if you want me to debug something (and probably improve some docs about that)
Mats
@matspitz1
Yes i am here
Mats
@matspitz1
What should these two values be:
    [vcs.api.grpc]
      # insecure = false
      url = "http://localhost:8082"

    [vcs.api.http]
      # insecure = false
      url = "http://localhost:8081"
i keep getting errors when adding my URL when running engine start vcs --config vcs-config.toml
Unable to register: Register: internal server error (caused by: Post http://localhost:8081/services/register: dial tcp [::1]:8081: connect: connection refused)
Service has been stopped: vcs Register: internal server error (caused by: Post http://localhost:8081/services/register: dial tcp [::1]:8081: connect: connection refused)
Yvonnick Esnault
@yesnault
@matspitz1 the vcs.api.http -> must be the url of the CDS API. Your CDS API is running and listening on http://localhost:8081 ?
Mats
@matspitz1
i am able to run jobs, now thanks Yvonnick!
however when i am running a step script with ssh, i am continuously running into issues when trying to install the key
i have added this to my step script
eval $(worker key install --env proj-mykey)
echo $PKEY # variable $PKEY will contains the path of the SSH private key
Mats
@matspitz1
I want to SSH into another server and execute commands on it.
Yvonnick Esnault
@yesnault
Before using the plugin, a ssh call after a worker install key is the best way to check if the pubkey is ok on the remote. Do you have an error in your job or some logs on remote?
Next step in private message for debugging
Louis GOUNOT
@louis-gounot
Hello
When I try to clone an environment (in UI) having "password" variables, I get an error "Bad request" "valeur du secret non spécifiée"
Does it mean I can't clone an environment that has password variables ?
Yvonnick Esnault
@yesnault
Hi @louis-gounot can you (re)set the value of the variable?
hum, sorry, I'd just understand the question
so, yes, it's can be cloned if there is some variable of type password
btw, you can export the evironment with cdsctl ( cdsctl environment export ...) then import with cdsctl too