/srv/irclogs.ubuntu.com/2010/09/07/#launchpad-dev.txt

lifelessspm: hi00:02
lifelessspm: I'm sure you have urgents, but I have some today00:02
lifelessspm: firstly, gmb needs to know some stuff about the release.00:02
lifelessgmb: ^00:02
spmlifeless: heya00:02
* gmb is paying attention, may mumble further questions00:02
gmbHave run out of Monday.00:03
lifelessspm: specifically; how long did the staging db migration take (for downtime estimation); secondly, are the lucid upgrades tom is doing sequential or concurrent with the schema migration00:03
lifelessalso we seem to have a dead-but-accepting launchpad edge server - see #launchpad backlog with nightrose00:03
lifelessand can I have a pony. please.00:03
spmsorry. no ponies. we do have shiny ponies tho? does that count?00:04
lifelessshiny will do00:04
spmlifeless: <stub> spm: 25 mins for the db patches to apply anyway00:05
lifelessgmb: ^00:05
gmbspm: Ta.00:05
spmtho. um. migration? I perhaps misunderstood the question?00:05
spmdid you mean the 8.3 -> 8.4 migration? or just the regular do the DB juju? cause the ans provided is for the latter; not former.00:06
spmstaging DB has not been migrated.00:06
lifelessregular DB juju00:06
spmcoolio00:06
lifelessoh and speaking of staging00:07
lifelessI'd like to get a profile pretty please00:08
* thumper is finding :((00:13
* gmb exits stage right in search of sleep.00:15
gmb'Night folks.00:15
lifelessshiny shiny - http://wiki.postgresql.org/wiki/Postgres-XC00:15
elmo"Failover/High Availability: No"00:23
lifelessyeah00:24
lifelessbut its the first multi master thing in the pg world that I've heard of00:24
lifelessso things are starting to move00:24
thumperah no00:24
thumperI was all about to go \o/00:24
thumperbut no failover is somewhat sucky00:24
lifelessoh god no, we can't /move/ to this today00:25
lifelessits simply 'if you need more writes than one machine can give you. I think it would be possibly to run slony on top if it if we wanted (arrghh :P)00:25
thumperjelmer: ping?00:38
jelmerthumper, pong00:38
thumperjelmer: why am I not too surprised that you are up?00:38
thumperjelmer: http://staging.launchpadlibrarian.net/54835281/chicken-chicken-git-mirror.log00:38
thumperjelmer: looking at some staging import logs00:38
thumperjelmer: Exception AttributeError: "'NoneType' object has no attribute 'close'" in <function terminate at 0x414d140> ignored00:38
thumperjelmer: any ideas?00:39
thumperjelmer: seems on bzr-git and bzr-svn imports00:39
jelmerthumper: as far as I can tell they are to do with paramiko00:39
thumperjelmer: ah00:39
jelmerthumper: I've seen them from e.g. update-sourcecode as well00:39
jelmerthumper: but I'm not clear as to what the problem is exactly00:39
thumperok00:39
thumperjelmer: I've got a question about bug 59939700:40
_mup_Bug #599397: code imports break when tdb is installed <code-import> <qa-needstesting> <Bazaar Hg Plugin:Triaged> <Launchpad Bazaar Integration:Fix Committed by jelmer> <https://launchpad.net/bugs/599397>00:41
thumperjelmer: should we be running the import machines with tdb?00:41
jelmerthumper: Yes-ish00:42
thumper?00:42
thumpermeaning?00:42
jelmerthumper: There are some advantages to using tdb - it allows concurrent write access for example, so multiple clones from the same svn repository at the same. In my experience it's also faster than SQLite.00:42
thumperI feel a but coming...00:42
jelmerthere is.. :-)00:43
jelmermaxb has reported he's seen worse performance from tdb than from sqlite00:43
jelmerthere is also the fact that all existing caches are already in sqlite, moving to tdb would mean regenerating them or keeping the existing ones in sqlite and the new ones in tdb00:44
jelmerconcurrent access isn't really an issue except when people register svn imports for different branches in the same svn repository at the same time. after the initial import the incremental imports are quite quick so they hardly ever overlap, and even if they do they will be retried.00:46
thumperjelmer: suggestion on an import to try to verify bug 617078?00:46
_mup_Bug #617078: RedirectRequest errors trying to access .git/objects <qa-needstesting> <Bazaar Git Plugin:Fix Committed by jelmer> <Launchpad Bazaar Integration:Fix Committed by jelmer> <https://launchpad.net/bugs/617078>00:46
mwhudsonany github http import i think?00:46
jelmerthumper: xwax, lp:~dholbach/xwax/trunk00:47
thumperok00:47
jelmermwhudson: I think most non-github failing git imports over http are failing because of that particular bug00:47
mwhudsonah ok00:48
jelmermwhudson: github still won't work with the new rollout, they don't support "dumb" access to git repositories over http00:48
jelmermwhudson: s/github/github over http/00:48
lifelessspm: can we do a profile on stagin gplease?00:54
spmlifeless: sure; sorry was just stopping the librarian from running outa space and doing a major update on how docco on how to achieve that happy state :-)00:55
lifelessyeah00:55
lifelessI'd like to do the multi-disk-support thing properly.00:55
lifelessif you have design constraints/ideas add em to the bug.00:55
spmhttps://wiki.canonical.com/InformationInfrastructure/OSA/LPHowTo/IncrementTopLevelLibrarianDir for the bored00:55
lifelessI wonder if we could just move to an S3 impl00:56
spmwritten for the "AAAAA! Librarian! No Space! FIX NOW" I don't wanna have to work this out from first principles in a hurry losa00:56
spmobvious jokes aside; it is something we've rambled about internally. I'm unsure if backups and/or IO would be sufficient tho.00:57
lifelessspm: challenges challenges00:57
lifelessanyhow, lets get our current system bug free00:58
lifelessthen we can transform what it does into a requirements spec for evaluating replacements.00:58
lifelessspm: so profiling ? yes/no ?00:59
spmgetting there.... :-)00:59
thumperlifeless: no01:00
thumperlifeless: spm is doing something for me first :)01:00
thumperlifeless: I'll take 3 minutes01:00
lifelessok01:00
lifelessthere, thats 6 :P01:06
thumperlifeless: I'm all done01:07
lifelessspm: oh hhhaaaaaiiiii01:09
spmheh, you have not been forgotten; just another crit state I had to deal with...01:09
lifelessI know01:10
spmonly 10 reds atm ; 2 since dealt with. progress... :-/01:10
lifeless><01:10
lifelessany I can help with ?01:10
spmkill the c o u c h d b developers?01:11
lifelessI have a small moral objection there01:11
spmoh. did that come out loud. oops.01:11
mwhudson:)01:13
spmlifeless: go for it!01:20
lifelessgrabbing the new docs01:22
lifelessthe new one only permits it rather than doing it on every request (unless you set another key as well)01:22
rockstarwgrant, I disagree.  They provide a good clean system, but they also provide a system that can be safely compromised.01:23
lifeless30782            0     16.7424      1.1619   storm.store:669(_load_object)01:25
lifelessthat might be related to the assignments perf problem01:25
thumper✁☹01:26
thumperthat's how I'm feeling right now01:26
lifelesswhere are enums again?01:30
lifelessspm: can you kick the profiling rsync?01:31
thumperlifeless: which enums?01:32
thumperlazr.enum01:32
thumperor for a particular lp part?01:33
spmyarp01:33
lifelessthumper: particular part01:33
lifelessregistry01:33
thumpertry lp.registry.enum01:34
thumperI know they were moving them01:34
thumperthey may not have moved all yet though01:34
lifelessthumper: and th eold place?01:34
thumperlifeless: interface imports01:34
spmlifeless: done01:34
lifelessspm: thanks I'm done01:36
lifelessturn off allow profiling please01:36
lifelessso, storm's load-objects is 80% of Distribution:+assignments01:37
* lifeless again considers removing storms object cache.01:37
wgrantrockstar: The VMs protect from compromise. Not the chroots.01:37
thumperdamn01:38
thumpersomething is wrong with my groovey new code01:38
* thumper lunches and mulls it over01:38
spmlifeless: reverted01:39
* spm goes to correct a ZOMG-ULTRA_VIOLENT Critical alert: -ENOCOFFEE01:41
lifelessspm: zomg the librarian thing scares me shitless01:50
spmlifeless: ahh. welcome to the club.01:51
lifelesshow often do you do this?01:51
nigelbcan I interest one of you folks to do a session during https://wiki.ubuntu.com/UbuntuAppDeveloperWeek03:02
lifelesswhat sort of thing did you have in mind?03:03
nigelbits about appp development, so something about how lp fits in, recipies, dailies, etc03:03
nigelbhow LP can be awesome to an app developer03:04
lifelessrecipes are a significant differentiator over e.g. sf03:05
lifelessjamesh: hi03:13
jameshlifeless: hi03:13
lifelesshttps://bugs.edge.launchpad.net/blueprint/+bug/61836703:13
_mup_Bug #618367: Distribution:+assignments is taking a long time maybe 20% of the time <timeout> <Launchpad Blueprints:Triaged> <https://launchpad.net/bugs/618367>03:13
lifelessjamesh: storm seems to spend about 1/2ms per object in load_objects03:14
lifelessthe last three comments are relevant03:14
nigelblifeless: sf?03:15
lifelesssource forge and others03:15
nigelbyes, so that's why asked if somone could do a session about how LP could help :)03:16
lifelessI htink its a good idea03:16
lifelessask on the lp-dev mailing list though03:16
lifelessyou'll capture more peoples attention03:16
nigelbok, I will :)03:17
nigelberr, which team is that list attached to?03:17
nigelbnm, got it03:18
lifelessjamesh: any thoughts on that bug ?03:25
lifelessjamesh: I'm going to reduce the columns and not return full objects for the eager loading03:25
jameshlifeless: I guess one obvious question is how many distinct objects are you getting from that query?03:27
lifeless3000 distinct -rows-03:27
lifelessmany repeated person/account/email triples03:27
jameshWhile it is 3000 rows x 10 tables, I assume it isn't 30K different objects, right?03:27
lifelessthats right03:27
lifelessif storm could skip deserialising when the primary key for a thing was already retrieved in the same query that would be useful03:28
jameshfrom the third last comment, is it set_values or _set_values you saw in the profile?03:34
lifeless_set_values, attached the kcachegrind to the bug for you03:36
lifelessto do seperate person + specs queries without code contortions at higher layers we need an even smarter resultset03:37
jameshso, from how _load_objec() is structured, the _set_values() calls occur when we're updating the values in an existing Python wrapper03:37
lifelessI think investing in a sqlalchemy like mapping layer is probably well worth it03:37
jameshthe get_object_info() calls are when _load_object() creates a new wrapper03:38
lifelessjamesh: so having a way to skip that if its from the same query would be uesful ?03:38
jameshthe _load_object() calls with neither are the cases where the row was all NULLs (I assume you're doing a left join here)03:38
lifelessyes03:39
lifelessthe one I was pulling my hair out over the other week03:39
jameshI don't think I can give you a quick answer to the problem: we don't really keep track of whether an ObjectInfo has been fully filled out, so we'd need to track that to decide whether to attempt to fill it in03:45
jameshmaintaining such a flag would need to track when the user assigns lazy values to properties too03:45
lifelesshmmm03:46
lifelessso the challenge is that we have apis which return resultsets, which shouldn't cost a lot to e.g. call and do count()03:53
lifelessbut /have/ to eager load this related data03:53
lifelessits quite possible the db would be faster doing two queries as well (though in theory not; only if its misphrased)03:54
lifelessI'd like to get rid of the use of count() in tales03:54
jameshcreating a ResultSet and calling its count() method won't hit _load_object()03:55
jameshyou should only hit that when calling an API that actually returns objects03:55
lifelesslet me rephrase03:55
lifelessif we restructure this into two queries03:55
lifelessthere will still only be one attribute (specifications) that the browser/view/template iterate03:55
jameshfirst grab all specs, then grab all referenced (person, account, email) triples?03:56
lifelessso it needs to eager load the people, for the rows being returned, before iteration, and only when iteration is hjappening03:56
lifelessjamesh: right,thats what one would want to happen.03:57
lifelessI doubt that we'll save much time doing that on the DB end: its 500ms to get the specs alone with no people03:59
lifelessprobably due to freakishly wide rows or something03:59
thumpermwhudson: I need to talk through this problem if you have a minute04:54
mwhudsonthumper: ok, but a minute would be about right04:55
thumpermwhudson: you don't have long?04:56
mwhudsonthumper: i just seem to have ever mounting distractions04:56
thumper:(04:56
lifeless garh05:24
lifelesswhat is05:24
lifeless+class Array(NamedFunc):05:24
lifeless+    """Implements the postgres "array" function in Storm."""05:24
lifeless+    name = 'array'05:24
lifeless+05:24
lifelessdoing in product.py?!05:24
thumperlifeless: because that is where it is being used?05:25
lifelessalso lib/lp/services/database/prejoin.py should be deleted.05:27
lifelessthumper: it should in storm itself or lp.services.database.storm05:27
lifelessso other folk can find it05:27
thumperlifeless: agreed05:27
* thumper just found a bug...05:36
lifelessspm: hi05:50
spmyo05:50
lifelessspm: I have a small favour to ask05:50
spmLIES!05:50
lifelessI'd like you to pull a patch onto the staging appserver so I can see if it actually helps05:51
spmsure. you have a patch file?05:51
lifelessits one commit - rev 11516 in lp:~lifeless/launchpad/bug-61836705:51
lifelessI'll make a patch, one sec05:51
lifelessor you can just do a merge -c 11516 lp:~lifeless/launchpad/bug-61836705:52
lifelessall it changes is specifications (hah what could go wrong) and it passes the tests I wrote for this the other day05:52
spm"hah what could go wrong".... oh where do I start.... ;-)05:53
lifelesshttp://paste.ubuntu.com/489589/05:54
lifelessbut the merge may be easier to do; you tell me :)05:54
spmgenerally a patch is tbh05:55
lifelessthe pastebin should do then ?05:55
spmyup. ta05:56
spmlp is a little easier these days being open; but any locked branches - eg configs - are a pita. so patches are generally better.05:56
spmlifeless: patched clean; restarting...05:57
lifelessok, its not enough05:59
lifelesscan you please enable profiling again05:59
spmsure05:59
lifelessand I'll get a profile and then be out of your hair for a while05:59
* spm restrains mightily against an outpouring of cynical laughter06:00
spmlifeless: should be abck again06:02
lifelesskick the profile rsync ?06:03
spmoh yeah. sorry - should have anticipated that one.06:05
lifelessspm: ok, I have it06:09
lifelessprofiling off, patch off, gtg.06:09
lifelessthanks06:09
lifelessspm: actually, hang a sec, i fyou haven't06:10
spmI haven't.06:10
lifelesstrying to see if its DB IO06:11
lifelessok, there is clearly 10 seconds of storm parsing time in there06:14
lifelesswhats the status of 'mentoring'06:34
lifelessshould we be deleting stuff for it ?06:34
mwhudsoni think so06:36
thumperk06:39
thumperI've got the main fubar fixed06:39
spmlifeless: can I reset that btw?06:41
lifelessspm: sorry, yes please06:46
spmnp06:46
stublifeless: So I can't maintain the data structures for the page performance report in RAM now that devpad has less RAM06:55
stublifeless: So I need to spool parsed requests to disk06:55
stublifeless: sqlite3 or spooling to an xdr file (xdrlib) seem suitable06:57
stublifeless: xdrlib will be fastest to write, but generating 500 rows in the report will involve scanning it 500 times. sqlite3 is much slower to write as it needs to update indexes, but the whole file does not need to be scanned to generate a row as data can be pulled out with an index06:59
lifelessstub: we'll be getting more ram agian07:20
stublifeless: So don't bother?07:20
lifelessit seems to be generating OK at the moment07:20
stubWhatever I do, it will make things slower.07:20
lifelessso yeah, I wouldn't bother.07:20
stubk. I'll dump the kanban card and see if IS keep wining.07:21
stubwhining even.07:21
lifelessrt 4120007:21
lifelesscharlie mentions a different ticket to swap th ebits back07:22
lifelessthe monthlies may need a disk spool regardless07:24
lifelessbut dailies should be fine I think - no?07:24
spmstub: we can whine no matter what you do.07:27
lifelessrotfl07:27
lifelesstiming is everything07:27
spmreckon. /me sulks07:27
nigelbhrm, wgrant isn't around today?07:31
wgrantnigelb: Am I not?07:31
wgrantI'm reasonably busy.07:31
wgrantBut I'm around.07:31
wgrantAlthough I'm about to be unbusy.07:31
nigelbwgrant: I was asking around eariler if somone wanted to talk about LP awesomeness on app developer week... interested?07:32
* nigelb hugs spm 07:32
nigelbsomeday you'll get the timing right ;)07:32
spm:-)07:33
wgrantnigelb: Not really, sorry.07:33
lifelesswgrant: you bought a gun and found your project team?07:33
wgrantlifeless: Sadly not.07:33
nigelblifeless: wait, what?07:33
mwhudsonwgrant: you just did all the work yourself?07:34
nigelbwgrant: np, I'll look for more victims..err candidates07:34
wgrantmwhudson: It's looking that way, although we're only half-way through.07:34
lifelessnigelb: ?07:45
nigelblifeless: talk of guns and project teams.. nm, I figured it out07:46
lifelesswgrant: did you get a chance to look at the +history thing?07:51
lifelessok, I'm off for a while, I'll be back later to nab jkakar / therve etc and talk about big picture refactorings of storm07:51
lifelessjamesh: ping08:24
jameshlifeless: pong08:26
adeuringgood morning08:42
lifelessjamesh: wanting to discuss storm perf with you more08:54
lifelessjamesh: looks like 66% of the time was in 10% of the objects08:54
mrevellHello09:12
wgrantbigjools: That fix hasn't landed yet, has it?09:31
bigjoolswgrant: I'll find out shortly :)09:31
lifelessstatik: if you want to catch up nowish I could do a relatively brief skype call09:33
statiklifeless: i'm toggling between an in-person meeting on OpenERP and a security bug, i'll probably have to wait until next week. sorry man09:35
lifelessthats ok09:35
lifelessjust bein gopportunistic09:35
lifelessI have to wait around a bit to stalk jkakar about storm performance anyhow09:35
bigjoolslifeless: still around?11:31
allenapIs there a staging codehosting environment?11:34
mwhudsonallenap: yes11:35
mwhudsonallenap: but it's a bit odd because it has hardly any other underlying branches11:35
allenapmwhudson: It's not refreshed at the same time as the database?11:35
mwhudsonallenap: all 600 gigs of it?11:39
allenapmwhudson: Yeah :) Okay, guess not. If I'm interested in manipulating some of those branches, I suppose I can push them first, and things will work?11:43
mwhudsonyeah11:44
mwhudsonthe bzrtools branchess are synced11:44
mwhudsoniirc11:44
allenapmwhudson: Excellent, thank you.11:54
deryckMorning, all.12:00
lifelessbigjools: not really; whats up?12:13
bigjoolslifeless: it can wait.  I want to talk about how zopless scripts interact with the webapp with regard to table locking and transactions12:13
lifeless'badly' :P12:13
bigjoolsI figured12:14
bigjoolslet me re-phrase12:14
bigjoolsI want to make it work :)12:14
lifelessI'm growing more and more of the opinion that we need the same protection the webapp has, in scripts12:14
bigjoolswhich protection?12:14
lifelessthere are a few ways to do that12:14
lifelesstimeouts12:14
lifelessenforced12:14
bigjoolshmmm12:14
bigjoolsin my case I want to add a build cancellation feature, but the webapp would need to change build states potentially at the same time as the buildd-manager12:15
lifelesshow so, and how is it different to two people changing a bug status at the same time ?12:16
bigjoolsbecause the b-m is a script12:17
bigjoolsand that is where my uncertainty lies12:17
bigjoolsthere's a race condition where the build is NEEDSBUILD and the webapp wants to cancel it and the b-m wants to dispatch it12:18
bigjoolsI need to make sure that they behave.  In the old days you'd have mutexes or something.12:18
lifelessok12:19
bigjoolsI can avoid it if I do something like make the webapp use another status that's a "request to cancel" and then make the b-m handle it12:20
lifelessso you can model this with a table12:20
bigjoolsbut that's not ideal from a user PoV12:20
lifelessyou have NEEDSBUILD-><something>12:22
lifelessand you have two mutators12:22
lifelesswebapp chooses cancelled12:22
lifelessbm chooses dispatched12:22
lifelessif the webapp ins the bm commit will fail12:24
lifelessif the bm wins, the webapp request will be retried12:25
lifeless(and won't see it as NEEDSBUILD the next time around)12:25
lifelessif the bm commit fails, it shouldn't dispatch12:25
bigjoolswhat makes the commit fail?12:25
lifelessconflict12:25
bigjoolswhat detects that?12:25
lifelesspg12:26
lifelessopen up two pgsql launchpad_dev sessions12:26
bigjoolsdoes it need a special txn mode?12:26
lifelessin both do 'begin;'12:26
wgrantThe webapp uses READ COMMITTED.12:26
wgrantSo watch out.12:26
lifelessthen do an update in one like the bm will do, and in the other like the webapp - just the status field they both write to is enough12:26
wgrantReally really watch out.12:26
bigjoolsexactly my point wgrant :)12:26
bigjoolsthe b-m also uses the @write_transaction decorator which retries IIRC?12:27
lifelesswrite locks are still txn wide in read committed12:27
wgrantbigjools: It does retry, yes.12:28
StevenKDoes python have a sh -n equivlant?12:28
* StevenK is trying to remember12:28
lifelessI think it will work; you will definitely ant to verify that it does - even if only by a manual test script12:29
bigjoolsI'm going to run the b-m and the webapp in 2 debug sessions and see what happens12:29
bigjoolsI don't trust it simply because I think this sort of thing has gone wrong before12:30
lifelessplenty of ways it can12:30
* lifeless would be happiest if b-m didn't talk to the db12:30
lifelessit would make this trivial12:30
bigjoolsyou mean talk through a webapp using the api don't you12:30
* bigjools shudders12:30
lifelessor the internal xml server12:31
* bigjools shudders again12:31
bigjoolsxmlsucks.org12:31
StevenKOh dear, this argument again?12:31
bigjools:)12:31
bigjoolsI'd be very happy to be persuaded that it would all work fine12:31
lifelessoh xml is terrible, no argument.12:31
bigjoolsbut I'm unconvinced since it's pushing the problem to a different place12:32
lifelessthe LP API already has semantics for in flight collisions12:32
lifelessit gives a patch error12:32
lifelessFWIW12:32
bigjoolswhat about the webapp?12:33
bigjoolswell, the UI I mean12:33
StevenKlifeless: I think we need to make the API *much* quicker before we can argue about b-m using it with any credence.12:33
lifelesswhen it retries -AIUI, I haven't checked this code myself- it will start over from scratch.12:33
lifelessStevenK: yes, would you like a list of soyuz API calls that are shocking? Available on demand.12:34
bigjoolsStevenK: I think that's already understood :)12:34
StevenKlifeless: Not assigning blame12:34
lifelessStevenK: the API is not slow because its the API - in general; its slow because LP is slow and the API is a thin skin over the LP model objects.12:34
lifelessStevenK: its -trivial- to make a set of dedicated extremely fast API calls for services like the codehosting machines have12:34
bigjoolspart of the problem with the API is that it serializes all of the object - even bits I don't care about12:35
lifelessanyhow, yes thats a definite constraint12:35
bigjoolsand often the developers don't remember this when adding new "properties"12:35
lifelessyes12:35
* StevenK cries since making the wadl is dying with SyntaxError12:36
lifelessI need to collate some of the lessons in this area for general discussion12:36
lifelessbut back to the question12:36
lifelessthe webapp starts over12:36
bigjoolslifeless: anyway, I shall try some debug sessions to see how the webapp interacts with a b-m under conflict conditions12:36
lifelessit will read the *new* state, and as long as the form handler is sensible (that is that a 'cancel' returns a 'cannot cancel, its <something>' when the thing wasn't in NEEDSBUILD, then the web ui will be fine.12:37
StevenKAnd the SyntaxError is *so* helpful :-(12:37
bigjoolslifeless: the problem is that the transaction boundaries in the b-m are shit12:37
bigjoolsI need to review it and figure out WTF it has commit() inside @write_transaction12:38
lifelessbigjools: I can believe that; thats part of the stuff making me speculate about APIs12:38
lifelessbigjools: the merge proposal worker is currently causing timeouts in the webapp12:38
lifelesssimilar story12:38
lifelesslong transaction12:38
bigjoolslifeless: I would be on board with the API idea iff it was *thin* and super super fast12:38
lifelesswebapp wants to update same thing, timeout.12:38
bigjoolsblocked on a lock?12:39
lifelessbigjools: While I can be very critical of some parts of it - and I have, on the list - it is pretty darn thin and quite lean; for the use case of b-m I think it would be fine.12:39
bigjoolslifeless: the restful aspect of it makes me cry12:40
lifelesscertainly you could try putting selected bits of b-m into the API and see whether they are good or bad, low risk, easy rollback etc.12:40
lifelessbigjools: rest has some serious limitations that I dislike too.12:40
lifelessand we're not even really doing rest all that faithfully.12:40
bigjoolshonestly, I just can't see me ever making the b-m use the API as it is12:41
lifelessI'd appreciate it if you made sure there are (reasonably) focused bugs for what you need changed.12:41
bigjoolslifeless: anyway, thanks, I'll let you know how I get on with the testing12:41
bigjoolsI don't know what I would need changed :(12:42
lifelessI definitely want the API suitable for implementing backend services on.12:42
lifelessbigjools: well, 'I tried to put <x> in the API and it was 10 seconds slower' would be a great bug :)12:42
bigjoolsheh12:42
lifelessseriously, make sure that one update you do is in the API12:42
bigjoolsbefore I take the time to do that I want to see clearly what the pros are12:42
lifelesssecured appropriately12:42
lifelessthe pros are:12:43
bigjoolsthe b-m would have to be an authenticated user12:43
bigjoolsunless we give it a private webapp12:43
lifeless - clear transaction boundaries. Crystal clear, and enforced via the primary stack we use.12:43
lifeless - easier testing : the twisted stuff which doesn't play - that - well with storm. postrgresql & zope - will become more pure twisted, and less godzilla hybrid from the deeps12:44
lifeless - we can, if we go the full monty, get rid of zope from the b-m *entirely*12:44
lifelessbigjools: yes, it would be a celebrity, like the software centre agent, I suspect.12:45
lifelessor something approximately like that12:45
bigjoolswell I am sprinting with jml in a couple of week's time and we're overhauling the remaining synchronous stuff in the b-m, I'll make sure we consider your concerns when we redesign bits of it12:45
lifelessit is at this point just an idea; I think its worth exploring, but its an idea.12:46
lifelessIts *one* implementation strategy for 'please ensure that ALL things connecting to the DB have *enforced* transaction timeouts. Thanks.'12:46
bigjoolsthe latency on the requests would have to be much much quicker (consider that versus a native storm query)12:46
lifelessthere are other implementation strategies, and we probably want to try them all in different places and see what works best.12:46
lifelessbigjools: apples and oranges; you'd structure it a little differently12:47
bigjoolswell, like I said, I'm sceptical but very happy to be proven wrong12:47
bigjoolswgrant: do you remember when the package copier was fixed to prevent file checksum conflicts?12:54
* bigjools is clearing up the 6 PPAs with unpublishable packages12:54
lifelessbigjools: so I don't think its a matter of proving you wrong - there are plenty of services in the dc already running against the API12:58
bigjoolslifeless: I'm sure there are, but the b-m is an extremely sensitive component12:59
lifelessbigjools: I'm totally sure there would be things to fix. I just can't predict them more accurately than saying - give it a shot, in a safe incremental way, and when we hit a problem, file a bug and stop there until its fixed.12:59
lifelessanyhow, irssi tells me it just went midnight; have a great day!12:59
lifelessgnight12:59
bigjoolslifeless: gnight!13:00
wgrantbigjools: April some time.13:09
bigjoolswgrant: figures, the most recent corrupt publication is 2010-04-0313:09
wgrantExcellent news.13:09
bigjoolsI'll just delete them all13:10
wgrantDelete or DELETE?13:11
bigjoolslatter13:11
wgrantSounds reasonable.13:11
bigjoolswhee storm is rolling in, I expect to go offline13:11
bigjoolsthe third world substation here trips as soon as I get thunder13:12
wgrantHeh.13:12
wgrantLovely.13:12
=== almaisan-away is now known as al-maisan
=== mrevell is now known as mrevell-lunch
=== mrevell-lunch is now known as mrevell
=== thekorn_ is now known as thekorn
thefishsorry for silly question, but is it possible to run launchpad locally, similar to something like redmine? Ive installed as per the /Getting etc instructions, but the instance I have contains loads of other oss projects - would like to use this for internal-only dev if possible/allowed15:32
deryckhi thefish.  That's probably more appropriate for #launchpad, but the short answer is that the code base is designed for running locally for development, not deployment.16:02
thefishderyck: thank you for the answer, thats exactly what we want to do, just a replacement for redmine - sorry about wrong channel :) is there any docs about how to use it for local-only stuff (we dont want to see bugs for anything other than our own projects, and we dont want our own projects pushed to landscape.net)16:04
thefish^ shall i ask in #landscape instead?16:04
deryckthefish, it's #launchpad not #landscape.  Too similar I know :-)  And sure, let's move it there.16:05
thefish:)16:05
=== mpt_ is now known as mpt
cr3if I'm extending launchpad outside the core of the project, which naming would be preferable/more consistent: launchpad_foobar or launchpadfoobar?16:39
cr3it seems that the former is more readable but that other projects prefer the latter, like launchpadintegration for example16:40
benjicr3: if you mean a Python package name, many people have a strong dislike for underscores in package names16:41
cr3benji: I recall something in the PEP8 that underscores are preferable for readability, but I guess many people prefer typability over readability :)16:42
benjithe pertinant bit of PEP-8 is "Python packages should also have short, all-lowercase names, although the use of underscores is discouraged."16:44
benji(although I certainly don't treat PEP-8 as gospel)16:45
cr3benji: ditto, thanks for the advice :)16:45
=== benji is now known as benji-lunch
=== beuno is now known as beuno-lunch
=== benji-lunch is now known as benji
=== deryck is now known as deryck[lunch]
=== al-maisan is now known as almaisan-away
=== deryck[lunch] is now known as deryck
=== beuno-lunch is now known as beuno
m4n1shI am preparing a presentation for giving a talk at PyCon India on Launchpad. I just wanted to make sure that Soyez has been made open source or it is still proprietary ?19:20
beunom4n1sh, it was open sourced with everything else19:26
beunonothing got held back19:26
m4n1shbenji: I can't find the branches under it;s launchpad's project19:27
m4n1shhttps://code.launchpad.net/soyuz <-- can't find any source code19:27
benjim4n1sh: me neither!19:27
* benji wonders what we're talking about.19:28
m4n1shbenji: if it is open sourced, then where is the code?19:28
m4n1sheven I heard it was getting open sourced. Didn't follow after the news came out19:28
beunom4n1sh, it's all part of the same source tree19:29
m4n1shunder launchpad.net/launchpad ?19:29
beunoyes19:29
m4n1shbeuno: thanks.19:29
beunom4n1sh, the full bzr history got released19:30
m4n1shcol19:30
=== almaisan-away is now known as al-maisan
m4n1sh*cool19:30
cr3when using openid to authenticate against login.launchpad.net, is there a way to get the email address of the user?20:24
cr3I tried sreg.SRegRequest(required=["email"])) but this results in an empty sreg.SRegResponse.fromSuccessResponse(response)20:25
lifelessmoin20:30
james_w`cr3: you have to get you app added to a trusted list20:30
cr3james_w`: I'm trying to find a simpler way and I think I got it thanks to the openid identifier20:32
lifelessjkakar: hi20:37
EdwinGrubbsabentley: ping20:37
abentleyEdwinGrubbs, pong20:38
lifelessabentley: btw got your mail the other day; am ruminating on it20:38
abentleylifeless, cool.20:38
EdwinGrubbsabentley: I was looking at the various BranchJob classes to understand how to create my own for adding members to teams. Why is there a branch foreign key on the BranchJob table, but there is also a branch id in the metadata sometimes? Why not just put all the data in the metadata?20:40
abentleyEdwinGrubbs, I'm not sure.  Which BranchJob has a branch id in its metadata?20:41
EdwinGrubbsabentley: ReclaimBranchSpaceJob20:41
jkakarlifeless: Hiyas20:41
lifelessjkakar: hi20:41
lifelessjkakar: want to talk storm performance ?20:41
abentleyEdwinGrubbs, probably because that one has to refer to the branch id of a branch that has been deleted.20:42
jkakarlifeless: Uhm, sure.  Want to hop over to #storm?20:43
lifelesssure20:43
=== lifeless changed the topic of #launchpad-dev to: Launchpad Development Channel | Week 3 of 10.09 | PQM is CLOSED | firefighting: - | https:/​/​dev.launchpad.net/​ | Get the code: https:/​/​dev.launchpad.net/​Getting | On-call review in irc:/​/​irc.freenode.net/​#launchpad-reviews
EdwinGrubbsabentley: I'm wondering why we go to the trouble of creating new tables for new foreign keys when it is ok to put some foreign keys in the metadata.20:43
cr3james_w`: easy question for you: if the same user authenticates using openid against login.launchpad.net and oauth against launchpad.net, what would be the simplest way to obtain a common handle about that user?20:44
abentleyEdwinGrubbs, at that point, the branch id is not a foreign key.  There is no id corresponding with that branch in the Branch table.  The purpose of the id in that case is to refer to the location of files on disk.20:45
cr3james_w`: s/launchpad.net/api.launchpad.net/20:45
james_w`cr3: I don't really understand the question. openid gives you an identity, oauth gives you an auth token. If your app cares about identity it would normally tie the latter to the former.20:46
EdwinGrubbsabentley: ok, so for an AddMemberJob table, I should have a foreign key for super_team and for new_member.20:46
james_w`cr3: or are you talking about from the LP point of view?20:46
jelmerwhat's up with staging?20:46
abentleyEdwinGrubbs, that sounds like a good idea, because you might want to find that job by querying on super_team and/or new_member.20:48
cr3james_w`: how could I tie the latter to the former, other than by making api calls with the handle obtained from oauth like handle.me.preferred_email_address for example20:48
EdwinGrubbsthanks20:48
abentleyEdwinGrubbs, no problem.20:48
james_w`cr3: depends on your app. I assume this is a webapp?20:48
cr3james_w`: yes20:48
james_w`cr3: and you want act on behalf of the user to do some things on LP?20:49
cr3james_w`: but the webapp does not have a dedicated user for doing things on launchpad, it proxies request from the user interacting with the webapp using launchpadlib20:49
james_w`cr3: don't use a single user!20:49
cr3james_w`: on behalf of the user, but as the user20:49
cr3james_w`: right, no single user20:50
cr3james_w`: however, users will sometimes access the webapp using oauth and something openid. I'd like both to refer to the same person object somehow20:50
cr3s/something/sometimes/20:50
james_w`cr3: right, so to "impersonate" me, you would have me to the "oauth dance", which would give you an oauth token. You then make API requests signed by that token, which make the changes on Launchpad.20:50
james_w`cr3: users /never/ access your webapp using /Launchpad's/ oauth20:51
cr3james_w`: I've got that dance working already, it's pretty cool and I can use launchpadlib as is20:51
james_w`cr3: you use oauth on their behalf to talk to Launchpad20:51
cr3james_w`: exactly, the user does the oauth dance20:51
james_w`cr3: great. Then how do you stop me from using your oauth token to do bad things that will be attributed to you?20:51
james_w`or, how do I stop you? ;-)20:52
cr3james_w`: you answer read-only access during the oauth dance or something20:52
cr3james_w`: the concern you raise for the webapp is exactly the same as for any other application20:53
james_w`cr3: I mean from the webapp's point of view20:53
james_w`consider a really simple webapp with a text box, and a button that says "add comment to bug #1"20:53
cr3james_w`: I'm not sure I follow, the "you" and "me" in your question confused me20:53
_mup_Bug #1: Microsoft has a majority market share <iso-testing> <ubuntu> <Clubdistro:Confirmed> <Computer Science Ubuntu:Invalid by compscibuntu-bugs> <EasyPeasy Overview:Invalid by ramvi> <GNOME Screensaver:Won't Fix> <Ichthux:Invalid by raphink> <JAK LINUX:Invalid> <The Linux OS Project:In Progress> <OpenOffice:In Progress by lh-maviya> <Tabuntu:Invalid by tinarussell> <Tivion:Invalid by shakaran> <Tv-Player:New> <Ubuntu:In Progress by sabdfl> <20:53
james_w`and the webapp wants to add that comment as the user who is accessing it20:54
james_w`it will do that using their oauth token.20:54
cr3james_w`: I wouldn't do anything like that, changes to launchpad can only occur as a result of using the api, not the web interface20:54
james_w`cr3: which api?20:54
cr3james_w`: the webapp's api20:55
james_w`cr3: ok, same thing applies though20:55
cr3james_w`: conceptually, since I have the oauth information, I could very well make changes in launchpad as anyone20:55
james_w`cr3: a webapp method, that adds a comment to that bug. How does the webapp know which user's Launchpad oauth token to use when making the Launchpad oauth request?20:55
james_w`it may have thousands of oauth tokens20:56
cr3james_w`: isn't that what /dev/srandom is for?20:56
james_w`you are just going to pick a random user?20:56
cr3james_w`: seriously though, I expect the session to tell me but, you're right, nothing prevents me from using an arbitrary user20:57
james_w`cr3: right. I'm not trying to expose the fact that your webapp could be malicious, just trying to expose the real question underlying yours.20:57
james_w`cr3: the session needs a user identity for which it can find the oauth token to use20:58
james_w`therefore your webapp needs a user database, which contains at least a link to an oauth token to use20:58
james_w`if there is no oauth token then you refuse the request and make the user do the oauth dance20:58
james_w`but, you don't want to manage identity in the webapp, you want to delegate that to Launchpad20:59
cr3james_w`: I'm trying hard to avoid having a user database. if I could get a common handle somehow, I was hoping to just be able to instantiate volatile users with the handle passed to the constructor20:59
james_w`that's where openid comes in20:59
james_w`you create a user when someone logs in using an openid that you have not seen before, and you tie the openid identity to the user, and hence the Launchpad oauth token21:00
cr3james_w`: from the user, I could then get oauth_access_tokens, just like in launchpad, or identity_url for openid. all from the same volatile user object21:00
james_w`then, assuming you are using oauth for the webapp's API, you also implement the server-side part of oauth to hand out your apps oauth tokens21:01
cr3james_w`: so users need to use the web interface in order to create an identity in a persistent store, right?21:01
james_w`cr3: you can call it something else than User, but that's what it is, it's an identity table, and there is no way to avoid it21:01
james_w`cr3: indeed21:01
cr3ok, so I need an identity table, whatever the name is. then, when the same user uses the api and authenticates using oauth, how do I relate that to the existing identity?21:02
james_w`you need something to tie identity (delegated to Launchpad via openid), to the oauth token to use for authorization when acting on behalf of that user with Launchpad, and to the valid oauth tokens that they can use to talk to your webapp's API.21:02
james_w`cr3: by implementing the server-side part of oauth, it should be fairly obvious how to do that part when you implement that21:03
james_w`when you get an oauth signed request you can look up a user from that and retrieve the Launchpad oauth token to use21:04
cr3james_w`: I started implementing the server-side part of oauth and I reverted that to proxy requests straight to launchpad21:04
james_w`cr3: so oauth requests that your webapp receives would be forwarded straight to Launchpad, without re-signing or something?21:05
cr3james_w`: one of the major roadblocks to having my own server-side part is that I'd really benefit from using launchpadlib as-is21:05
cr3james_w`: that's where I'm at now, yes21:05
james_w`cr3: ok, so two comments, firstly, I don't think that's possible under oauth, because the headers are signed, and the headers aren't valid to send to Launchpad, and two, why does your application exist at all if they can just talk directly to Launchpad?21:06
cr3james_w`: firstly, my webapp seems to proxy the oauth dance to launchpad successfully, I just need to make sure the Referer points to the right place and voila21:07
cr3james_w`: secondly, it exists because it extends the launchpad api with additional functionality. for example, using the same handle against my api, you could use launchpad like lp.projects['bzr'] and you can get results like lp.results[-1]21:08
james_w`ok21:08
cr3james_w`: sane, almost sane or completely insane?21:09
james_w`if you can get it to work, then go for it, but I think you will find that you get requests that you can't proxy without re-signing21:09
cr3james_w`: I'm not sure my understanding of oauth is good enough to validate the re-signing part and I suspect I'll find out at my own cost :(21:10
james_w`cr3: you say you proxied the dance, did you proxy any signed requests?21:10
james_w`because I would expect that it would just say 401 Unauthorized to any proxied requests21:11
cr3james_w`: haven't tried yet, just the +request-token, +authorize-token and +access-token21:11
james_w`+access-token I would expect to reject it21:11
cr3james_w`: I'll give that a try next at least to validate I'm going in the right direction21:11
cr3james_w`: the whole dance process worked, that I can confirm21:11
james_w`plus, without your own oauth access tokens you have no way to validate requests like lp.addResult(...)21:11
cr3james_w`: I was hoping that if launchpad returned an access-token, then requests are valid21:12
sinzuithumper, ping21:12
cr3james_w`: the only thing is that I don't necessarily have the access granularity of launchpad: read-only, read-write, etc.21:12
james_w`cr3: but you can't do that on every request21:12
cr3james_w`: when the information is successfully returned from +access-token, that's when I cache the oauth consumer and token in my own database and use that for subsequent requests instead of doing the dance every request21:13
cr3james_w`: my understanding of oauth is very limited, so I'm not claiming this is necessarily correct, so your critique is very welcome :)21:13
james_w`cr3: but how do you associate my access token that you just stored with me when I make my next request?21:14
cr3james_w`: isn't that sent in the HTTP_AUTHORIZATION header?21:15
cr3james_w`: however, note that I can only assess that the user has previously successfully gotten an access token from launchpad, I'm at the point of associating that with a user which is when the openid <-> oauth debacle all started21:16
james_w`cr3: yes, but how do you have any idea that is is correctly signed?21:17
cr3james_w`: crap, I need nonce information for that, right?21:17
james_w`yes21:18
cr3james_w`: and that's never sent over the wire, just server side, right?21:18
james_w`yes21:18
cr3james_w`: actually, I observed this was sent over the wire when doing the dance: janrain_nonce=2010-09-07T15%3A15%3A54ZoRpj7Y21:18
cr3james_w`: however, that's for the request token rather than the access token, right?21:18
james_w`cr3: in order to verify it you have to MITM the communication between LP and the user, which oauth is explicitly designed to prevent21:19
james_w`cr3: basically, if you find a way to do it, it will be a security bug in the oauth protocol, and promptly closed21:19
thumpersinzui: hi21:19
sinzuithumper, We need to talk about the death of gmaps. Do you have time today for a skype call21:20
cr3james_w`: dude, you totally broke my fun. now I have to redesign the whole oauth thing! but thanks, better to know early than late :)21:20
thumpersinzui: sure, just let me get the kids off then we can chat21:20
james_w`cr3: I suggest you add a User table (or whatever you want to call it), and implement oauth client and server21:20
sinzuithansk21:20
sinzuithanks21:20
james_w`cr3: it's exactly how this stuff is supposed to be used, so you won't be fighting against it21:21
cr3james_w`: I had most of that implemented already, so it's just a question of combining that with the launchpad dance21:21
mwhudsonjanrain_nonce is to do with openid, not oauth, fwiw21:21
cr3mwhudson: thanks21:22
cr3james_w`: so, if my webapp handles the oauth server side, can the webapp turnaround and get a handle against launchpad or should it not do that?21:22
james_w`cr3: it can indeed21:23
cr3james_w`: I'm not sure what the user experience would be. lets say someone uses launchpadlib against my webapp's url with their email address, what would happen next in terms of the user experience?21:24
james_w`cr3: they can't use their email address with launchpadlib21:25
james_w`cr3: let me doodle in a pastebin21:25
cr3james_w`: when I used launchpadlib, I've used something like: Launchpad.get_token_and_login(consumer_name...) where consumer_name is my email address21:26
james_w`consumer_name is arbitrary21:27
thumpersinzui: skype up and we can chat now21:27
thumpersinzui: I have to take the little car for a warrent this morning21:28
cr3james_w`: ah! that clarifies another question I had, thanks!21:28
* cr3 takes a little break to let all of this sink in21:28
cr3james_w`: I totally understand how to link the openid to the oauth token now, that's why +request-token redirects to an openid page like https://launchpad.net/+authorize-token/+login?oauth_token=5V7gnDVP2MqTjw2TKPg2 which can then link that token to the identity, right?21:38
james_w`cr3: if you are not logged in, then it will ask you to login, yes. It requires that so that it knows who is granting access.21:39
james_w`http://paste.ubuntu.com/490014/21:39
cr3james_w`: do you think I can conceptually achieve this user experience using launchpadlib as is, assuming I adhere to the urls expected by launchpad?21:42
james_w`cr3: yes, if you use lazr.restful then you should be good to go21:43
cr3james_w`: yep, I'll give that a try and let you know how it goes :)21:43
james_w`great21:44
cr3james_w`: by the way, do you happen to know of any code that does what I'm trying to do? I think that the software-center-agent uses a single user instead of going through the hoops we've discussed21:55
james_w`cr3: I believe it does21:55
james_w`cr3: the font testing tool did something like this IIRC21:55
cr3james_w`: this code in sca seems to indicate they have a hard coded access token for all launchpad requests: oauth_token = OAuthToken(settings.LP_ACCESS_TOKEN, settings.LP_ACCESS_SECRET)22:01
cr3james_w`: and I just got confirmation from achuni that actions are performed as a single user, hopefully my code could be reused by that project then :)22:01
lifelessis staging meant to be down ?22:04
lifelesshmmm, I guess it might be codeupdating22:05
=== abentley_ is now known as abentley
lifelessdevpad, wherearthough ?22:15
lifelessI hat emuscle memory22:15
EdwinGrubbsabentley: does BranchMergeProposalJobDerived delegate instead of subclass from BranchMergeProposalJob just because storm doesn't like multiple classes linked to the same table?22:18
abentleyEdwinGrubbs, no, it does it because AFAIK, Storm doesn't support inheritance.  (Other stormified classes inherit from BranchMergeProposalJobDerived)22:31
EdwinGrubbsabentley: according to the storm docs, you can inherit, but you have to override the __storm_table__ attribute in the subclasses.22:37
abentleyEdwinGrubbs, wouldn't that make it impossible to use the data provided by that table?22:38
EdwinGrubbsabentley: right, it doesn't help in this situation. Storm usually expects subclasses to have a table with all the columns. Actually, now I see in storm's infoheritance.txt, it does have a pattern for subclasses that have an extra table with just the extra columns it needs. However, it doesn't seem to provide any benefits over using delegates, and it has a confusing registration process.22:45
wallyworld_morning22:55
lifelessis it possible to specify a host in the database config ?23:02
thumperwallyworld_: morning23:13
wallyworld_thumper: standup meeting happening today?23:14
thumperwallyworld_: the other two had to head23:14
thumperwallyworld_: but I'm around23:14
thumperwallyworld_: but I need more coffee23:14
wallyworld_thumper: np. i've got a couple of bugs left in my queue23:14
thumperwallyworld_: let me make a coffee then we can have a call23:16
wallyworld_thumper: ok, i'll have a flat white :-)23:16
thumperwallyworld_: here you go -> ☕23:17
wallyworld_:-D23:17
thumperwallyworld_: what is the name of the IDE you use?  I've a friend asking about python IDEs23:30
wallyworld_thumper: PyCharm (from the guys in do Intellij for java). It's still in beta though (beta2).23:30
wallyworld_s/in/who23:31
=== al-maisan is now known as almaisan-away
bdmurrayIf I want to use a css class but don't like one part of it how can I change it on just my page?23:52

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!