/srv/irclogs.ubuntu.com/2011/11/03/#launchpad-dev.txt

jelmerpoolie: upstream-2.5.0~beta1+bzr618200:03
StevenKwgrant: Can I say <tal:block tal:condition="blah" replace="" /> ?00:08
wgrantStevenK: replace="" sounds pretty useless, but yes.00:09
StevenKwgrant: replace="foo", but okay, thanks.00:09
* StevenK needs a test first.00:09
* StevenK shakes fist at TDD.00:09
pooliejames_w, don't suppose you're here?00:09
poolieok https://bugs.launchpad.net/bzr-builder/+bug/88549700:10
pooliewgrant: i think i will try to do that whole series of tweaks to buildd, including making it slightly testable, and then ask for that to be deployed00:17
pooliesince it is expensive, atomic, and independent of lp deployments it seems better to batch it00:17
wgrantYep.00:18
lifelesspoolie: one thing that would be brilliant is to remove it from the LP tree00:19
lifelesspoolie: this requires creating two small projects - one to hold the current common code, and one to hold the buildd production code.00:19
lifelessyou don't have to, but its in the same space you're looking at.00:19
poolieok, i'll consider that00:20
pooliei'll see what  is common00:20
poolieclassic case of it hard to bootstrap out of being hard/scary to change00:20
lifelessreadyservice should be the entirety00:20
pooliehahah00:20
poolieanother classic example of that:00:20
pooliethe bug we hit was fixed in june00:20
poolie(885497) but we've been trying to deploy since then so it is not on the buildd today00:21
wgrantOh, so we're using a bzr-builder snapshot from months ago?00:21
pooliewe're using a snapshot from years ago00:21
poolie(on prod today)00:22
wgrants/using/upgrading to/00:22
poolieyeaoh00:22
jelmerwgrant: it was the release I did back when I started trying to get a newer bzr-builder on the buildds00:22
wgrantRight :(00:22
poolieit's ok00:22
lifelessthese consistently make me sad - empty diffs : https://code.launchpad.net/~lifeless/python-oops-tools/amqp-polish/+merge/8108300:24
wgrantlifeless: You pushed and merged around the same time?00:24
pooliehttps://bugs.launchpad.net/launchpad/+bug/85452000:25
lifelesswgrant: I pushed, clicked approved and tarmac ran00:25
wgrantRight.00:25
wgrantAnd MPJ is crap.00:26
wgrantSo it didn't run until the merge was done.00:26
jelmerpoolie: --allow-fallback-to-native00:30
poolieftr: ah ok so this is not totally fixed upstream, it just gives a cleaner error00:30
jelmerpoolie: actually, we shouldn't need a newer bzr-builder at all00:44
jelmerjust the --allow-fallback-to-native flag should be sufficient00:44
jelmerthe improved error message is only shown when that flag isn't present00:44
jelmernot any newer than what we have in cat-proposed at the moment, that is00:45
pooliehow about the one that's in production now?00:47
jelmerpoolie: that doesn't have some of the new features required for bfbia and new debversion variables people have asked for00:49
jelmerin particular, the one currently in production can create non-native packages00:49
wallyworld_wgrant: StevenK: what's your recollection of the direction being taken for private team name visibility? are private team names still to be hidden when required?00:51
poolieright but it will be safe to pass --allow-fallback to that as an interim step?00:54
pooliei know it needs tobe updated, i'm just wondering if it needs to be serialized or synchronized with the buildd changes00:54
jelmerpoolie: older versions don't support --allow-fallback-to-native so will probably blow up if it is specified00:59
jelmerpoolie: we will need to update launchpad-buildd and bzr-builder at the same time00:59
poolieok01:03
StevenKHm. team.addMember() is returning a tuple that contains TeamMembershipStatus.INVITED. Do I have to do anything to that to make it show up?01:18
wgrantStevenK: The invitation needs to be accepted.01:19
wgrantOr possibly do it as an LP admin.01:20
StevenKI'm doing it in a with celebery_logged_in block01:20
wgrantSounds like you need to do the invitation acceptance dance anyway, then.01:20
* StevenK was looking for an example of that, and came up empty-handed.01:22
wallyworld_StevenK: you doing the addMember() in a test?01:22
StevenKwallyworld_: Indeed.01:23
wallyworld_StevenK: use makeTeam(members=[xxxx])01:23
wallyworld_with name=xxxx as well of course01:23
StevenKwallyworld_: Where do I send the cake?01:25
wallyworld_give it to spm. he needs it more than i do :-)01:26
StevenKHaha01:26
spmrofl01:26
spmdunno about "need", want, yes. need, not so much. :-)01:26
wallyworld_well, need == want for some levels of want :-)01:26
StevenKneed == want for sufficently high levels of want01:27
wallyworld_yes, that's more accurate01:27
wallyworld_or, in javascript: need === want01:27
StevenKhttps://launchpad.dev/~super doesn't even show Subteam of when not logged in :-(01:45
StevenKPerhaps it needs to be restricted01:45
wgrantIs super a subteam?01:46
wgrantSounds more like a superteam to me.01:46
StevenKhttp://pastebin.ubuntu.com/726885/01:47
StevenKPossibly badly named01:47
StevenKRight, it does need to be restricted01:57
pooliehuwshimi: how about if we talk now about fonts and markup?02:45
huwshimipoolie: Sure02:45
pooliehere, mumble, ..?02:45
huwshimipoolie: Don't mind, whatever is easiest02:46
pooliemumble!02:46
huwshimisure02:47
lifelessu02:57
lifelesscan has review ? https://code.launchpad.net/~lifeless/launchpad/bug-885303/+merge/8110602:57
wgrantlifeless: Want to trade? https://code.launchpad.net/~wgrant/launchpad/observer-db/+merge/8110402:59
wgrantNot exactly equal, but I did do that 3kline one for you last week :P02:59
wgrantlifeless: How about quickly hacking oops-tools to accept the ID in the path rather than query string, to work around apache-openid?03:02
lifelesswgrant: I have some critical path stuff to finish, like the rsync replacing script03:04
lifelesswgrant: remind me next week03:04
wgrantBah03:04
lifelessI'm not sure quite whats involved, I'm sure it will be a little fiddly given my lack of know-how on django internals.03:05
lifelessIf I thought it was 5 minutes, I'd do it now.03:05
spmwgrant: you did it wrong. <wgrant> lifeless: it's impossible to hack oops-tools to accept the ID in the path rather than query string, to work around apache-openid. so don't worry about it. we'll just mark a bug and ignore it. <== fixed03:05
wgrantHeh03:06
lifelesswgrant: your cover letter confuses me a little03:06
wgrantlifeless: Good.03:06
lifelessthird paragraph03:06
lifelessPermissions can be either policy-global or artifact-specific. In the first case APP.artifact is left unset,03:06
lifelessletting the permission holder see all artifacts under the policy.03:06
wgrantlifeless: What is confusing?03:07
wgrantlifeless: Why'd you remove the "Check against false positives" test?03:08
lifelessdo you mean grants when you say permissions ?03:08
lifelesswhat does policy-global mean03:08
lifelesswhat is APP03:08
lifelesswho is the permission holder?03:08
wgrantWell, they are grants, yes.03:09
wgrants/policy-global/policy-wide/03:09
wgrantAPP == AccessPolicyPermission03:09
wgrantPermission holder == APP.person03:09
lifelesshow do you feel about s/Permission/Grant/03:09
wgrantI was following an existing pattern (eg. ArchivePermission), but sure.03:10
lifelessthat one weirds me out too ;)03:11
lifelessperhaps I've spent too long with SQL03:12
lifelesswgrant: are you doing a pillar table still ?03:13
wgrantlifeless: Possibly.03:14
wgrantNot sure if it's worth it.03:14
huwshimipoolie: https://bugs.launchpad.net/launchpad/+bug/3000203:15
wgrantIt's easy to work in if you want me to.03:15
lifelessshrug :).03:15
lifelesswas just curious03:15
wgrantlifeless: Oh, I see now why you removed the test.03:16
wgrantlifeless: Should we mandate the hyphen?03:16
wgrantOtherwise anyone talking about oopses is going to get linkified.03:16
wgrantWhich would be bad.03:16
lifelessoops foo ?03:16
lifelessI don't really see a use case for OOPS 123asd12303:16
wgrantRight.03:16
lifelesssince we hyphenate it everywhere.03:16
wgrantSo mandate the hyphen.03:16
lifelessWFM03:16
wgrantOtherwise anybody mentioning "oops" in a sentence will get linkified.03:17
lifelessalso03:17
lifelessOOPS - 1234503:17
lifelessshouldn't link IMNSHO03:17
wgrantWell, depends on word-wrapping.03:17
lifelessugh03:17
lifelesssure03:17
lifelesshates on that though.03:17
wgrantYes.03:17
wgrantI'm reminded of the numbered lists with one item ending in "bug" case.03:17
poolielifeless: my discussion with huw is on hold but is mostly up to looking for a compromise width that is roughly (but no less than) 80 monospace cells03:21
lifelesscool03:21
wgrantlifeless: Thanks.03:23
lifelessmy branch has its new commit up.03:25
wgrantlifeless: You want a note in the AccessPolicyArtifact comment about adding new types there?03:25
lifelesswgrant: somewhere03:25
lifelesswgrant: something that says 'this is how its meant to stick together'03:25
lifelesswgrant: a memo for yourself in 3 years time03:25
wgrantk03:25
huwshimiwgrant, wallyworld_: Right, so with the security stuff, basically we need to show who has access to security bugs.03:28
huwshimiwgrant, wallyworld_: I gather a team or a user can have access?03:28
wallyworld_huwshimi: yes, a team or user or user via their team memberships03:29
wgranthuwshimi: Security is going to stop being a special case.03:29
wgranthuwshimi: Projects will have multiple access policies.03:29
wgrantEach private bug or branch has a policy assigned.03:29
wgrantSecurity bugs would be under the Security policy.03:30
wgrantNon-security but private bugs could be under the Private policy.03:30
lifelesswgrant: can you note to sinzui that https://help.launchpad.net/Bugs/PrivateBugs#Private_bugs implies everyone gets private-by-default bugs03:30
wgrantEach policy has a different set of observers.03:30
wgrantlifeless: Yeah, was going to bring that up next time we had a call.03:30
wgrantOr throw the bug at him.03:30
wallyworld_wgrant: yes, but security bugs still have the security checkbox ticked, so users still see that and wan to know who has access to such bugs03:31
wgrantwallyworld_: Right, but the policies behave the same way.03:31
wgrantIt's no longer a separate role in the project.03:31
wgrantTo which only one person or team has access.03:31
huwshimiwgrant, wallyworld_: So Matthew said this: "The manage disclosure page currently shows people who have access to private stuff but we realised today we also need some way of showing people who have access to security bugs. We treat security and private issues separately as they often have to be seen by different people."03:31
wallyworld_so perhaps we need a view to show what artifacts can be seen under each policy03:31
wgranthuwshimi: Right.03:31
wgranthuwshimi: There will be two separate classes of private objects.03:31
huwshimiwgrant: Is that no longer valid?03:31
wgranthuwshimi: With the same set of controls.03:31
wgranthuwshimi: It is mostly valid.03:32
lifelesswgrant: btw, bugsummary will need an update for this too03:32
lifelesswgrant: though I expect you knew that.03:32
wgranthuwshimi: It will eventually be more than just private and security. It is expected that projects will be able to define their own policies in future.03:32
wgrantlifeless: Yes, lots of stuff does :/03:32
wallyworld_huwshimi: so if there were a listing where one could select the user and then select a policy and it would show what a user can see under that policy, would that help?03:32
huwshimiSo in the UI we will still need to distinguish between them03:33
wallyworld_and one of the policies would be security03:33
wallyworld_huwshimi: i mistyped a bit above. what i meant was choose a policy and then see who can access stuff03:34
huwshimiwallyworld_: tight03:34
huwshimi*right03:34
wgrantlifeless: It's a bit sad that the first significant change to be done through fastdowntime is probably the biggest, most awkward model shift in Launchpad's production history.03:34
lifelesswgrant: you're landing the soyuz un-refactoring finally?03:34
wgrantHah03:35
wallyworld_huwshimi: so at the moment, we have a user centric listing ie what can a user see. sounds like we need another new page for policy centric listing03:35
lifelesssee what I did thar?03:35
wgrantwallyworld_: I'm imagining something maybe sort of like the AJAX filtering on +localpackagediffs.03:36
huwshimiwallyworld_: I think Matthew was talking about adding that to the filters03:36
wgrantwallyworld_: So the main listing lists all permissions for the project.03:36
wallyworld_yes03:36
lifelesswgrant: going to approve my mp ?03:36
wallyworld_the main overview page would be the union of all polocies03:36
wgrantwallyworld_: With rows like "Some Team | Security (observer), Private (restricted observer)"03:36
wgrantAnd then the AJAX filter widget on the second column.03:36
wgrantAllowing you to select a subset of policies to care about.03:37
wgrantLike the packagsets column on https://launchpad.net/ubuntu/precise/+localpackagediffs03:37
wgrantlifeless: Once the diff's updated. Which it probably is by now.03:37
* wallyworld_ loks03:37
wallyworld_looks03:37
huwshimiwgrant: Can they have security and private?03:38
lifelessthere is no need for non-ajax rendering in this policy page: its modern browsers only stuff03:38
lifelessand not googlebot visible03:38
wgranthuwshimi: Hm?03:38
huwshimiwgrant: Can a teams policy for viewing a private bug be because they can view private and security bugs03:39
* huwshimi may not be using the right terminology03:39
lifelesshuwshimi: the bug will be categorised as either private or security03:39
lifelesshuwshimi: thats a link to the policy03:39
wallyworld_wgrant: that filter popup is yucky03:39
wallyworld_there's no way to "select all" again03:39
wgrantwallyworld_: Yes, but I think the concept's good.03:39
wallyworld_+103:40
wgrantThis is also not dissimilar to what Bugs is doing, I expect.03:40
lifelesshuwshimi: so they will be able to view a given bug (asset) because they have a grant in the matching policy03:40
wgrants/Bugs/bug-columns/03:40
wgrantlifeless: approved, thanks.03:40
wallyworld_lifeless: i wasn't planning on not doing ajax only :-)03:41
lifelesswgrant: oh, I forgot one hting03:41
lifelesswgrant: why not name column ?03:41
lifelesswgrant: s/not/no/03:42
lifelesswgrant: for identification in the API - url traversal etc03:42
wallyworld_huwshimi: there will initially be only out-of-the-box polices, hard wired03:42
wallyworld_huwshimi: and the meanings or what they allow to be seen will be well explained03:43
wallyworld_huwshimi: do you have enough to take back to matthew?03:45
huwshimiwallyworld_: I'm just uploading a mockup to see if what I'm doing makes sense03:45
wgrantlifeless: It's not a very linkable thing, so I decided I didn't care much about pretty URL. Display name is a unique reference for use in the API. I can add a name if you want, but it's awkward since we don't autogenerate them.03:46
wallyworld_huwshimi: i will likely not have enough time to change the current mockup to add in the policy stuff before the next planned testing03:46
lifelesswgrant: we don't ?03:47
lifelesswgrant: I mean, with 2 hard coded policies, they have fixed values03:47
huwshimiwallyworld_: I think Matthew just wants something to show some people at UDS03:47
lifelesswgrant: and private (name) Private (display name)03:47
wgrantlifeless: True, and I guess we do have precedent for interactively autogenerating on ProductSet:+new03:47
wgrantOK, will add.03:47
wallyworld_i think we need a name FWIW03:48
huwshimiwallyworld_ wgrant: http://people.canonical.com/~huwshimi/policy.png03:48
lifelesswgrant: I see you decided on per-project rows rather than site-wide rows03:48
huwshimiwallyworld_, wgrant: Does that make any sense?03:48
lifelesswgrant: thats fine with me - what led you to that conclusion ?03:48
wgranthuwshimi: Not exactly. It's possible for me to be an Observer for Private, and a Restricted Observer for Security.03:49
wallyworld_huwshimi: we only want the policy column03:49
wallyworld_the policy defines what the user can see03:49
wgrantwallyworld_: Oh?03:49
wgrantwallyworld_: There's still an observer/restrictedobserver concept, within each policy.03:50
wallyworld_wgrant: yes03:50
wallyworld_i was thinking it was part of the policy but yes, it is separate03:50
wgrantlifeless: Nothing very strongly either way. It's possible that if we want to keep retargeting easy it'll be easier to have site-wide policies, but eeeh.03:51
wgrantlifeless: But it's cheap enough to switch either way later.03:52
wgrantEven with fastdowntime.;03:52
lifelesswallyworld_: hi03:52
wallyworld_wgrant: huwshimi: it will be difficult to represent the policy/permission concept concisely in a table row03:52
wallyworld_o/03:52
lifelesswallyworld_: your recent branches on filtering look broken to me - why are you changing browser code for model issues ?03:52
wgrantwallyworld_: I don't see a better way than "Some Team | Private (observer), Security (restricted observer)"03:53
lifelesswallyworld_: If I may suggest, this is code that doesn't need to be written at all, if you do the proposed partial disclosure of private teams, which I know sinzui has scheduled somewhere03:53
wgrantUnless we assume that people have a reasonable number of policies and turn each into a column.03:53
huwshimiwgrant: Oh, now I understand, you can have different permissions for different policies03:54
wallyworld_lifeless: that's where the current filtering is done, i just added to the existing filter condition03:54
lifelesswallyworld_: its a different sort of filtering03:54
wallyworld_lifeless: i see you point about the partial p team disclosure. wonder why the bug was raised then03:54
lifelessbugs :)03:55
wallyworld_i raised the 2nd one03:55
wgranthuwshimi: Right. eg. someone could have access to all of Ubuntu's Private bugs, and then report a Security bug. They need access to that Security bug, and all Private bugs, but not the rest of the Security bugs.03:55
wallyworld_based on the first03:55
lifelesskk03:56
wgrantlifeless: I think I should still keep UNIQUE (pillar, display_name), as there's no reason the pillar owners can't keep their own display names unique?03:56
lifelessanyhow, just a thought... your team will be fixing up the fallout one way or another :)03:56
lifelesswgrant: two words: social attacks.03:56
wgrantlifeless: If the project owner is launching a social attack, the project is in trouble anyway...03:57
wallyworld_lifeless: i think the filtering is messed up then. "private and user_can_edit" also belongs in the model in that case03:57
lifelesswgrant: not on themselves :P03:57
lifelesswallyworld_: one of the first things I noted when I became TA is that we have too much code in our browser classes ;)03:57
wgrantlifeless: So, should I keep the UNIQUE or not?03:57
wallyworld_lifeless: agree 1000%03:58
lifelesswgrant: I think the UNIQUE has to stay.03:58
wallyworld_the privacy setting and event raisng stuff in the browser is total bollocks03:58
lifelesswgrant: on name and separately on display name.03:58
wallyworld_for example03:58
wgrantlifeless: Right, that's what I had done. Thanks.03:58
wallyworld_lifeless: i was merely taking a pragmatic view to tweak what was already there03:59
lifelesswgrant: I'm just noting that editing is perhaps a problem (unless we show Private (private))03:59
lifelesswallyworld_: you may not be aware of this, but bug subscription calculations are a big chunk of rendering a bug03:59
wgrantlifeless: Given that the namespace is controlled by the project owner and display_name is UNIQUE, that should be unnecessary.03:59
lifelesswallyworld_: so you want to be confident you're not triggering late evaluation when touching this stuff :)04:00
lifelesswgrant: retargeting04:00
wgrantlifeless, wallyworld_: I'm not sure if it's changed since stub's fixes last night, but yesterday the bug subscription queries made up like 80% of bug render time.04:00
huwshimiwgrant, wallyworld_: Like this then? http://people.canonical.com/~huwshimi/policy2.png04:00
lifelesswgrant: and in future linking probably04:00
wallyworld_lifeless: i sort of knew. hence the desire not to mess with the existing stuff at a lower level also. i am almost certain that the permission check will not add any late eval but could do a test i suppose04:01
wgrantlifeless: I'm not sure how that's relevant. You're only going to be seeing policies from one project. If you can't trust the owner of that project, you can't safely assign the bug there at all.04:01
wgranthuwshimi: Indeed.04:01
lifelesswallyworld_: anyhow, even if its moved to the model, it will still be wrong04:02
lifelesswallyworld_: because we want to show the subscribers04:02
lifelesswallyworld_: having hidden subscribers is a defect04:02
lifelesswallyworld_: (consider someone replying to a bug notification email, who is a hidden subscriber...)04:02
huwshimiwallyworld_: Does that mockup make sense to you too?04:03
wallyworld_lifeless: sure, but at the moment it oopses04:03
wallyworld_and until now, private team visibility was verboten04:03
lifelesswallyworld_: its a soft oops added by StevenK to track places that need updating04:03
StevenKIn fact, I'm fixing one now.04:04
StevenKOr attempting to, rargh!04:04
StevenKBloody tests.04:05
wallyworld_lifeless: i didn't try the ui, just wrote the test, are you saying ui will render ok, just with "<hidden team>" as the display name?04:05
lifelesswallyworld_: yes04:05
lifelesswallyworld_: thats the status quo04:05
StevenK*And* it will throw a MixedVisibility OOPS.04:05
StevenKSo fix it.04:05
lifelesswallyworld_: the fix is to a) tell folk we're changing this and b) show the team display name, name and url.04:05
lifelessStevenK: has the policy change been communicated yet ?04:05
StevenKlifeless: I have no idea.04:05
lifelessStevenK: just fix it isn't useful if we're not ready to change things04:06
wallyworld_lifeless: so to do (b) we need to change the zope permissions, no?04:06
StevenKCurtis filed a bug saying we shouldn't show private teams under Subteam of04:06
wallyworld_and he filed the bug i did the mp for, same issue sort of04:06
lifelessI think something has gotten confused then04:07
james_wpoolie, am now04:07
huwshimiwallyworld_: Just wanted to check you were happy that the second mockup made sense before I spend to much time fixing up all the other mockups04:07
StevenKwallyworld_: Then link lifeless the bug04:07
StevenKEasy solution04:07
wallyworld_huwshimi: sorry, just one sec04:07
lifelessas that is diametrically opposed to the plan in e.g.04:07
lifelessbug 85567004:07
huwshimiwallyworld_: No problems :)04:07
pooliehi james_w, i think it's all sorted04:08
lifelesswallyworld_: and bug 40527704:08
* wallyworld_ looking04:08
james_wgood good04:08
james_whow is everyone today?04:08
pooliegood04:09
poolieare you at uds?04:09
pooliei was going to show you https://bugs.launchpad.net/launchpad/+bug/88549704:10
lifelessStevenK: what bug are you doing ?04:10
StevenKlifeless: bug 88421704:12
wallyworld_lifeless: so it seems there's a much larger issue at play here and when that is addressed, the bug i worked on will disappear04:12
lifelessthat larger issue is AIUI, in scope04:12
wallyworld_huwshimi: wgrant: the 2nd mockup is better but i'm concerned about how it will scale for users with more than 1 or 2 policies/roles04:13
lifelessStevenK: I've commented04:13
StevenKI can't see Subteam of when I'm not logged in :-(04:14
wgrantwallyworld_: Indeed.04:14
lifelessStevenK: wallyworld_: so yes, there is a different picture here.04:14
lifelessStevenK: wallyworld_: if curtis wants you to mask this then come back and change it, fine, but I would be very surprised by that.04:14
wallyworld_lifeless: yes, it does appear in scope. but i'll need to talk to curtis before we charge off to do anythong04:14
wallyworld_lifeless: i was wondering if those bugs were raised as a stop gap04:15
StevenKRight, then I can't work on this either04:15
wallyworld_since they are recent04:15
wallyworld_and the original scope was done a while ago04:15
wallyworld_huwshimi: wgrant: perhaps we should show the most permissive policy/role and have an ellipses to trigger a popup to see the rest?04:16
wgrant~wallyworld_, huwshimi: What if each policy is a column (possibly with the name rotated to vertical, if people end up having insane numbers)?04:16
wgrantPossibly.04:16
wgrantI guess people can filter if they want to see the more restricted policies.04:16
wallyworld_yes04:17
wallyworld_better to show worse case in the default view04:17
wgrantWell.04:17
wgrantThat's the thing.04:17
wgrantIt's not necessarily the worst case.04:17
wallyworld_but how to quantify that04:17
wgrantExactly.04:17
wgrantFor Ubuntu, the worst case is any permission on Security.04:17
james_wpoolie, I am04:18
huwshimiwallyworld_ wgrant: How would the Driver, Owner etc. fit into those columns?04:18
wallyworld_that the trouble with thinking out loud in a public forum04:18
wgranthuwshimi: Ideally they don't.04:18
wgranthuwshimi: Those roles aren't special.04:18
james_wpoolie, the synchronized update is a shame04:18
wgranthuwshimi: Although in the default config they will give observer permissions.04:18
StevenKlifeless: I was also looking at bug 618399, your analysis is out of date.04:18
wallyworld_wgrant: huwshimi: the original mockups implied those roles were special04:18
pooliejames_w i guess i could make it look at the version number?04:18
poolieor...04:18
StevenKWhere has mup gone?04:18
wgrantwallyworld_: The original mockups are wrong :)04:18
pooliemaybe something else04:19
lifelessStevenK: oh, the analysis of bug 618399 ?04:19
pooliei don't have a good sense whether upgrading two packages is especially dangerous04:19
wgranthuwshimi, wallyworld_: So, when I create a new project, the security contact will get an observer permission on the Security policy. But that can be changed.04:19
lifelessStevenK: I had friction there ;)04:19
StevenKlifeless: You did?04:19
wallyworld_wgrant:  huwshimi: yes, just what i was going to type04:19
lifelessStevenK: I thought you were saying the private team analysis was out of date :)04:19
StevenKlifeless: No, which I mentioned a different bug number.04:20
huwshimiwallyworld_ wgrant: so are they just treated like everyone else now? Do they need to be noted e.g. observer (Owner)04:20
wallyworld_huwshimi: wgrant: and there's the display mode which shows implicit access via team membership, eg if someone is in the bug supervisor team04:20
wgranthuwshimi: We could add that note if we want, but I don't think it's really critical.04:20
StevenKlifeless: I strongly suspect there are a bunch of repeated queries, but the code you implicated in the bug has moved/been deleted.04:20
wgrantwallyworld_: lifeless argues that that is silly.04:21
wgrantwallyworld_: Because eg. most projects will have ~canonical, and that is huge.04:21
wgrantwallyworld_: But I think it should still be done.04:21
wallyworld_wgrant: i don't think it's silly04:21
wallyworld_because you can see *why* someone has access04:21
wallyworld_and correct it if needed04:21
huwshimiwallyworld_ wgrant: So move to private/security columns then?04:21
lifelessmmmm, I argue that a per-person collection for all of ~canonical does not meet user needs.04:21
lifelessthey need searches04:22
wgrantIt certainly needs a search.04:22
lifelesse.g. 'show me folk with permission not in ~canonical'04:22
lifeless-vastly- more useful.04:22
wallyworld_lifeless: yes, but what about the case where a project owner says "tell me why fred can see my shit"04:23
wallyworld_and you can say "that's because he is in team xxx"04:23
wallyworld_"and team xxx has private/observer permission"04:23
lifelesswallyworld_: thats useful too04:23
lifelesswallyworld_: imagine finding fred by clicking next 15 times.04:24
lifelesswallyworld_: and xxx likewise.04:24
lifelesswallyworld_: *that* isn't useful.04:24
* StevenK notes lifeless has gotten distracted.04:24
lifelessexpanding out teams in the default view will *devalue* the view.04:24
wallyworld_lifeless: no, but you search for fred and he comes up in the results and you can instantly see his indirect access04:24
lifelesswallyworld_: sure, and I think thats desirable.04:25
wgrantlifeless: In the default view, yets.04:25
wgrantyes.04:25
wgrantIt certainly needs to default to showing only explicit grants.04:25
wallyworld_lifeless: so i think we agree, we're just discussing different valid use cases, both of which will be supported04:25
lifelessI think a displaymode that shows *everything* expanding teams isn't useful04:25
wallyworld_lifeless: we don't have that04:26
lifelessI have had the impression that that is currently intended.04:26
lifelessfrom statements like '17:20 < wallyworld_> huwshimi: wgrant: and there's the display mode which shows implicit access via team membership, eg if someone is in the bug supervisor team04:26
wallyworld_we have a list matching the search criteria which can optinally show if access is indirect or not and how04:26
wgrantThat has to show implicit access via team membership.;04:26
wallyworld_lifeless: ^^^^04:26
wgrantIt's unlikely it will ever be used in an unfiltered form, however.04:27
lifelessPerhaps I'm being odd about this04:27
lifelessI'm sure you have a good understanding; I'm probably misunderstanding due to language things04:27
wallyworld_lifeless: take my 2 statements above together and the other stuff i've just said that you agreed with. that's the intent of it, not an expanded team view04:27
lifelessI just want to save you from implementing a very slow thing because you're bringing back hundreds of times the needed data within the DB04:28
pooliejames_w, oh, the other option would be to turn that option on by default for dailydeb04:28
wallyworld_huwshimi: wgrant: the private/security columns question04:28
wallyworld_not sure that will work well for everything04:29
wgrantwallyworld_: Oh?04:29
james_wpoolie, yeah, I'm not sure if that's a good idea04:29
wallyworld_perhaps it will. i guess those two categorisations are the only ones we will have04:30
james_wpoolie, I'd forgotten that this was both in packages04:30
pooliebuilder and buildd?04:30
pooliealso they're hard to type together04:30
james_wso upgrade should be fine04:30
james_wheh, yeah04:30
lifelessStevenK: still 80 spph lookups04:34
lifelessStevenK: if you can repro locally, LP_SQL_DEBUG_EXTRA=1 should give you the code paths04:35
pooliehttp://lpqateam.canonical.com/qa-reports/deployment-stable.html often seems to get confused about qa-ok vs untestable04:35
poolieeg bug 88409204:35
wgrantpoolie: eg.?04:35
pooliei guess it doesn't matter as long as it knows they're not blocking deployment04:35
StevenKlifeless: Sure -- what I'm saying is I couldn't figure out which code path is implicated.04:35
huwshimiwgrant wallyworld_: So with the columns approach it could be something more like this: http://people.canonical.com/~huwshimi/policy3.png04:35
poolie884092 is called 'ok' on the report but is untestable on the bug, and always has been04:35
wgrantpoolie: Ah, qa-untestable counts as qa-ok.04:36
pooliebut some others are called untestable?04:36
huwshimiwgrant wallyworld_: But wallyworld_ might be right about it not scaling very well (if/when there are custom policies)04:36
wgrantpoolie: 'untestable' on that report means that there's no bug, or it's marked as [no-qa]04:36
poolieoh, no-qa is called untestable04:36
poolieok04:36
StevenKBy rights, qa-untestable should be untestable too04:36
wgrantStevenK: Yes.04:36
wallyworld_huwshimi: wgrant: i think that look ok, but we want the edit icons next to each permission to trigger insitu popup editing04:36
StevenKBut the deployment report is ... crap04:36
wgrantBut lots of things should be different :P)04:36
poolienot a big deal04:37
huwshimiwallyworld_: To edit security/private individually?04:37
wgrantwallyworld_, huwshimi It would be more scannable if the columns weren't so wide and text.04:37
wallyworld_huwshimi: yes, on the current interactive demo, you can change the permission from observer -> restricted etc by clicking the cell04:38
wallyworld_ie the edit icon in the cell04:38
wallyworld_like for bug importance etc04:38
StevenKlifeless: Did you determine the 80 SPPH lookups locally or from an OOPS?04:39
huwshimiwgrant, wallyworld: So, sticking with the columns like this then (with a few improvements)?04:39
lifelesshttps://lp-oops.canonical.com/oops.py/?oopsid=2102F9#repeatedstatements04:39
wallyworld_huwshimi: wgrant: i think for the next iteration that;s ok. get user feedback etc04:40
wgrantwallyworld_, huwshimi: Yeah, looks reasonable.04:40
wgrantI think it may be better to use less text, but I guess we'll see.04:40
huwshimiwgrant: What do you mean by less text?04:41
wallyworld_it's hard to think of what "less" text to use04:41
wgranthuwshimi: Well, "Restricted observer" and "Observer" are pretty huge ways to represent a tri-state field.04:41
wgrantMakes the table very unscannable.04:42
huwshimiwgrant: Ah I seee04:42
wallyworld_huwshimi: so when you talk to matthew, you can let him know the interactive demo has been tweak as per the initial feedback and we are looking to move forward also with the stuff discussed today04:42
wallyworld_huwshimi: wgrant: we could use abbreviations like O and R and have popup help bubble?04:43
wgrantwallyworld_: That was along the lines of what I was thinking. That would also allow us to fit in an awful lot of columns, but hopefully nobody will ever want to do that.04:44
wgrantBut you never know with OEM :)04:44
wallyworld_wgrant: abbreviations are difficult because you need to discover what they mean, but seems like we do need it here04:45
wallyworld_anyways, huwshimi can ask the users what they want :-)04:46
wgrantThese would pretty clearly make the page more readable, and the existing terms need description anyway.04:46
wallyworld_yep04:46
wgrantSo, something to consider.04:47
huwshimiwallyworld_: Well I think Matthew will be talking to people (I'm not at UDS)04:47
wallyworld_oh, i thought you were for some reason04:47
wgrantlifeless: Any objections to removing the old non-CTE visibility code?04:49
wgrantlifeless: Doesn't seem to have caused any new timeouts.04:49
pooliefruit salad! http://people.canonical.com/~jelmer/recipe-status/bzr.html04:49
wgrantpoolie: I hate to think how long that took to generate.04:50
poolieor how many sql queries, when it should be about 104:50
lifelesswgrant: we may be able to revert back to it and it is a bit simpler (there was talk about a regression in 8.4.9)04:50
poolielifeless:  if you're orc and not flat out could you read04:53
pooliehttps://code.launchpad.net/~mbp/testscenarios/module-scenarios/+merge/8028704:53
pooliehttps://code.launchpad.net/~mbp/launchpad/678090-affected-count/+merge/8110804:53
poolieneither is very big04:53
wgrantlifeless: Well, it's all going to die soonish anyway.04:54
poolie<lifeless> poolie: this requires creating two small projects - one to hold the current common code, and one to hold the buildd production code.05:01
pooliedo you have any opinion about what they should be called?05:01
poolielp-buildd and ...?05:01
lifelessI haven't thought about it05:01
lifelessbut https://dev.launchpad.net/CreatingNewProjects05:01
lifelessis our guidelines05:01
wgrantWell.05:02
wgrantOr you can just work out how to remove lp-buildd's dep on readyservice.05:02
wgrantThat's all it needs from LP nowadays, IIRC.05:02
lifelessyes05:02
lifelessthats used for the LP test suite05:02
lifelessto detect when the test slave is ready to use05:02
wgrantIt can't just try to connect?05:03
lifelessperhaps05:03
lifelessI have no opinion05:03
pooliehttps://bugs.launchpad.net/launchpad/+bug/80029505:04
pooliebot is on leave today?05:05
nigelbIts been like this since yesterday05:07
nigelb(morning btw)05:07
pooliehi nigelb05:28
nigelbHey poolie!05:28
nigelbI realized UDS is hard even when remotely partcipating :)05:29
poolie:)05:29
pooliemaybe i'll see you at the next one05:37
nigelbHopefully05:38
nigelb :)05:38
pooliewgrant: just trying to connect sounds good to me05:38
poolieit does seem to be barely used05:39
huwshimiwallyworld_ wgrant: Does this look roughly ok now? http://people.canonical.com/~huwshimi/policy4.png06:19
wgranthuwshimi: Hm, maybe the role could go in a separate column?06:19
wgrantSince it's presently duplicated between the two, and bears no particular relevance to either one.06:20
wgrantor it could just be parenthesised in the Person column.06:20
huwshimiwgrant: Yeah I was going to suggest the latter06:20
wgrantThat looks reasonable. I hope we can do better than that with the search UI, but it otherwise looks good.06:21
huwshimiwgrant: There's certainly room to improve, but Matthew just needs something by tonight06:21
wgrantThe edit icons should probably only be shown on hover... or there is an old more subtle variant that we could use.06:21
wgrantOtherwise it's going to look *really* cluttered.06:21
wgrantRight.06:22
wgrantstub: Hi. Will you able to review https://code.launchpad.net/~wgrant/launchpad/observer-db/+merge/81104 todayish?06:25
stubyer, already had a quick look06:25
wallyworld_huwshimi: looks good06:26
wallyworld_huwshimi: but i think we are missing the edit icons in a table column which take the user to the person/team listing page06:26
wallyworld_huwshimi: like i did in the latest mockups06:27
stubwgrant: How will the policies be created?06:27
stubwgrant: As in the AccessPolicy records?06:27
wgrantstub: Initially by model code on project creation, and a garbo job.06:27
huwshimiwallyworld_: Oh, do you have a link?06:27
huwshimiwallyworld_: Or are these the mockups you did ages ago?06:27
wgrantstub: Once we're done with the migration, project owners will be able to create them themselves.06:27
wgrantstub: (for example, Ubuntu has two additional polices to allow apport to work properly)06:28
wallyworld_huwshimi: http://people.canonical.com/~ianb/disclosure/manage_disclosure_index.html06:28
huwshimiwallyworld_: Ah thanks06:28
stubWhy did you go with a text field display_name rather than an enum?06:28
wallyworld_huwshimi: same url as before, but i updated based on feedback from dan06:28
wallyworld_huwshimi: i did a cc all on the email i sent but you must not have been on the list. i'll forward now06:28
wgrantstub: Some projects need customisation, and it's not clear that an enum gives us significant value.06:28
wallyworld_huwshimi: did you get dan's original email?06:29
huwshimiwallyworld_: No I did not06:29
wallyworld_i'll send that too then06:29
stubwgrant: The theory is that enums involve less storage space and pick up typos at lint time.06:29
huwshimiwallyworld_: This mockup seems to have some old stuff in it too (than the last mockups I sent)06:29
lifelessstub: wgrant is adding a name column too FWIW. enum may be better - I have no fixed opinion06:30
wgrantThe column should be in the diff now.06:30
wgrantname column, that is.06:30
stubwgrant: Will every display_name have corresponding code changes in lp? And is it possible for a (product, display_name) policy for two different policies to act differently?06:30
wallyworld_huwshimi: i only updated based on dan's feedback. which ones did you send?06:30
wgrantstub: No, there will be no code changes for new policies.06:30
stubI see no name field06:31
lifelesswelll06:31
* wgrant rechecks.06:31
lifelessthere may be business rules about who gets which policies06:31
wgrantWell, it's probably a boolean of the form "you are allowed to create new policies"06:31
wgrantBecause you are Canonical or have paid us.06:32
wgrantstub: Hm, what diff are you looking at?06:32
wgrantI pushed the new column more than two hours ago, and requested your review afterwards.06:32
stubI mean that if I create a record ('ubuntu', 'Lord of All') would there need to be code change to make that do something useful, or are people accessing this stuff via the apis or something external to Launchpad?06:32
wgrantSo even the email should have it.06:32
stubhttps://code.launchpad.net/~wgrant/launchpad/observer-db/+merge/8110206:32
stuboic. old mp06:32
wgrantYeah, 81104 is new.06:33
wgrant81102 should be dead...06:33
wgrant(I merged devel, but didn't set it as a prereq the first time)06:33
wgrantstub: It'll still do useful stuff. Eventually we'll have UI to choose a policy, and there will shortly be UI to customise who can access a policy.06:33
wgrantThe initial pass will retain the private/security flags in the UI, mapping them onto two well-known policy names.06:34
stubYes, I'm just trying to see if there is any point having this data in the database or if it should be hard coded in an enum (dropping name & display_name from the schema)06:34
wgrantThat will later be replaced/extended with a way to select an arbitrary policy.06:34
wgrantFor example, Ubuntu needs 'apport unprocessed' and 'apport processed' or similar policies.06:34
lifelesswell maybe06:35
lifelessapport can just move off of lp entirely06:35
wgrantIn 5 years.06:35
lifelessnah06:35
lifelessno need to wait that long06:35
wgrantIt's been on LP for a bit over 5 years so far :)06:36
wgrantAnother 5 wouldn't surprise me.06:36
stubAt this point I can't see any reason to have two text columns and 4 indexes over one integer column and two indexes. I can see some disadvantages.06:38
wgrantWe'll need to talk to stakeholders about restricting them to a single set of artifacts.06:40
wgrantBut I guess it might work.06:40
stubWhat is the restriction here?06:40
huwshimiwallyworld_: The last mockups I sent were ages and ages ago06:40
wgrantstub: I'm not adding an OEM Engineers value to an enum.06:40
pooliehttps://code.launchpad.net/~mbp/launchpad/800295-buildd-split/+merge/8111106:41
poolieprobably prepares to split them06:41
wgrantstub: If we restrict everything to an enum, when someone comes up with a new reason to split out some of their artifacts, they need a code change, and we need project-specific code in LP.06:41
stubwgrant: How does this work with the proposed model?06:42
wgrantstub: They click the "New access policy" link.06:42
lifelessthere is some undesigned stuff here06:42
wgrantThey enter details, then wander over to the relevant artifacts and click "Change access policy"06:42
stubRight, and they select from an existing list or do they type in some names?06:42
lifelessparticularly around tightly coupled bugs (cross pillar)06:42
wgrantType in some names.06:42
wallyworld_huwshimi: sorry i didn't use them this time. hopefully the latest work you've done plus the next round of testing will see us ready to start the proper coding work. i'd be interested in your thoughts on the emails i just sent too at some stage06:43
lifelessand for now, we're forcing a specific set of policies06:43
wgrantFor the initial migration, yes.06:43
stubok. And then is there some science fiction to map this policy to a set of permissions?06:43
stubthrough the web or via apis or something? Or does that require code changes?06:43
wgrantWeb UI.06:43
wgrantThrough the usual disclosure management web UI.06:43
stubok. So the current model makes sense to support that.06:44
wgranthttp://people.canonical.com/~huwshimi/policy4.png are the latest mockups.06:44
wgrantWell, a subset of them.06:44
stubHow many rows do we expect in AccessPolicy btw? Wondering if the indexes should be partial or not.06:44
lifelesswgrant: I thought that hadn't been decided on06:44
wgrantlifeless: What hadn't?06:44
lifelesswgrant: that we were implementing a saner way of doing what we do today, future proofing *future* design decisions06:45
huwshimiwallyworld_: Sure, I need to EOD but I'll take a look tomorrow. I think I'll need to do a bit of a review of the UI after UDS is over and we have the feedback so I can make sure things are not being overlooked06:45
huwshimiwgrant: Actually http://people.canonical.com/~huwshimi/policy5.png has the last change (moving the role)06:45
wgrantlifeless: Well, we need at least two custom access policies, and I believe OEM will want more.06:45
lifelesswhat two ?06:45
wgrantlifeless: apport06:45
wgrantAnd no, we're not moving apport off LP next week.06:45
lifelesswe don't06:45
wallyworld_huwshimi: np. i didn't expect anything else today :-)06:45
wgrantstub: Just over two per pillar, I suspect.06:46
wgrantstub: They probably should be partial, yes.06:46
lifelesswgrant: are you saying we *need* it because apport bugs are currently using the limited-subscriber-list hack ?06:46
stubwgrant: Should AccessPolicyGrant.artifact be declared NOT NULL?06:46
wgrantstub: No.06:46
wgrantstub: There are policy-wide grants.06:46
wgrantstub: Which are implemented by leaving artifact null.06:46
wgrantlifeless: Yes.06:47
stubwgrant: We will need to fix that UNIQUE then as it doesn't do what you think it does06:47
wgrantstub: I have a second partial one afterwards.06:47
lifelesswgrant: so, one crashdump policy should supply that06:47
wgrantlifeless: WIth a few hundred thousand restricted observers.06:47
stubwgrant: I think we need two partials here.06:47
wgrantSure.06:47
lifelesswgrant: !cite06:47
wgrantstub: UNIQUE (policy, person, artifact) should work where artifact is not null, right?06:48
wgrantlifeless: Once apport has processed a bug and removed the core dump, it subscribes a restricted Ubuntu team.06:48
lifelesswgrant: oh, for a second pass review? I thought it made them public straight away06:48
wgrantstub: Then I have a UNIQUE (policy, person) WHERE artifact IS NULL afterwards.06:48
wgrantlifeless: If they're dupes I think they get all the attachments obliterated, and then made public.06:49
stubwgrant: I think what you have works, but the index has unnecessary rows (all the NULL artifact rows, and any queries with NULL artifact would be using the partial index)06:49
wgrantlifeless: But normally they get the coredump removed, retraces attached, and ~crash-triagers-universe or similar subscribed.06:49
lifelesswe could do two tables06:49
lifelessone full one restricted06:49
wgrantstub: True.06:49
wgrantCould.06:50
wgrantBut now I can just say AccessPolicyGrant.artifact IS NULL or AccessPolicyGrant.artifact = blah :)06:50
lifelessOTOH preventing nuts data is easier with one table06:50
stubwgrant: Can we swap the order of those indexes around, putting the person column first to keep people merge happiest?06:51
lifelesse.g. if we want to say you can't be restricted *and* full06:51
stubwgrant: if we are doing queries like that, fine.06:51
lifelesswgrant: I don't think support apport is equivalent to supporting arbitrary custom policies06:52
wgrantstub: That's the main query. Checking whether someone has access to the whole policy, or this particular artifact.06:52
lifelesswgrant: I think its fixing 5 year old tech debt where apport used a poor mechanism to its advantage06:52
wgrantstub: Ah, I did have a second index with person first, but dropped it somewhere along the line.06:52
wgrantstub: Need policy first for some things, so I'll readd a second one.06:52
lifelesswgrant: so we start with 4 policies, not 206:52
stubwgrant: yes, add a separate index for person then.06:52
lifelesswgrant: that doesn't imply arbitrary custom policies, nor the UI to support that.06:53
wgrantlifeless: Will need to check with stakeholders, particularly OEM, but perhaps.06:53
lifelesswgrant: we haven't offered custom rules to OEM AFAIK06:53
lifelesswgrant: but sure06:54
wgrantlifeless: Yes, and we've already fucked them over once.06:54
lifelesswgrant: you're referring to the bug pillar constraint?06:54
wgrantYes, particularly the mass-deletion.06:54
lifelesshasn't been done yet has it ?06:54
wgrantThey're not at all clear on what we're doing.06:54
wgrantAnd what constraints we're putting in place.06:54
lifelessyeah, that has been largely resolved today, though I think you'll scream :)06:55
wgrantBut saying we only have two policies, we're restricting what they can do.06:55
wgrantOh?06:55
lifelessthe oem project is really the union of disclosure + bug deps06:56
wgrantThey had better not be back in scope.06:56
wgrantThat extends the project by months.06:56
lifelessnope06:56
lifelessjust ignore them, disclosure doesn't need to be usable by oem until both projects are finished06:57
wgrantHuh?06:57
wgrantYou know we're ripping out the old privacy mechanism, right?06:57
stubwgrant: Why do we want the links on bug and branch to AccessPolicy, when the links are already there via AccessPolicyGrant and AccessPolicyArtifact?06:58
lifelessthe proposal is to leave them in place while you get all the rest of the work done, for oem under a ff06:59
wgrantlifeless: Fuck. No.06:59
lifelessmore or less06:59
wgrantMaybe if we were a sensible bugtracker.06:59
wgrantBut we're not.06:59
wgrantAll our projects are intertwined.06:59
wgrantstub: That's one of the bits I'm less sure of. Firstly, there isn't an explicit grant for every artifact. I could put the policy on AccessPolicyArtifact, but then we have to join through an extra table for every private bug.07:02
stubYes, it seems denormalization. Wondering if it is necessary or if it is premature optimization.07:03
wgrantIt is a minor denormalisation, yes.07:03
stubBranch and Bug just keep growing wider :-(07:04
wgrantlifeless: Is this being seriously considered?07:04
wgrantlifeless: It's probably faster to do bug dependencies.07:04
lifelesswgrant: yes, seriously.07:06
lifelesswgrant: I can talk on voice if you want, in ~15 minutes.07:06
wgrantThat's bordering on entirely ridiculous.07:06
wgrantIt would probably even be worth reducing ourselves to a single maintenance squad for a few weeks to get bug dependencies done early, rather than working on optimising all the hybrid queries and maintaining two UIs and models for years.07:09
wgrantThere'd be a lot of criticals from that.07:09
lifelessnot talking yeats07:09
lifelessmonths at most07:09
wgrantlolololol07:09
lifelessbug deps are 2nd in queue07:09
lifelesslistings, testing, deps07:09
wgrantYes.07:10
lifelessonce deps are done, they get migrated, and disclosure can finish off at its leisure07:10
wgrantJump the queue, do deps after listings in parallel with disclosure.07:10
wgrantProblem solved.07:10
lifelessdeps will be parallel with disclosure07:10
wgrantBut when?07:13
wgrantWe may be better off suspending the visibility work until it's done, if the alternative is to keep both around in parallel.07:14
lifelesstell me something07:15
lifelessif you migrate them to have rows in each project07:15
lifelessand a flag saying this is ok for projects x y z07:15
lifelessdoes that add significant overhead?07:15
lifelessmy understanding of the data model is that it doesn't07:15
lifelessafter all, we were going to do that originally but it was the ownership ramifications that were intractable07:16
wgrantWhat does that mean?07:16
wgrantWho has access?07:16
stubWhat is the point of a bug/branch linked to an access policy without a access policy grant? Are there implicit grants?07:16
lifelessunion of07:16
wgrantstub: Most grants are policy-wide.07:16
wgrantstub: So they apply to all artifacts within the policy.07:17
wgrantlifeless: That means the disclosure management views are a lie.07:17
lifelesswgrant: yes, acceptable until all the pieces come together07:17
lifelesswgrant: *for those projects*07:17
lifelesswgrant: heck, it could oops for them, and it wouldm't matter - what they need involves disclosure + deps; until both are done they aren't able to use it anyhow07:18
wgrantlifeless: So, this completely changes the model, because we now need multiple policies per bug. Or we need to entirely preserve the old mechanism, and reoptimise every query to be a hybrid and hope it's actually possible to make it performant.07:19
stubBah. I'm loath to extend bug and branch any more, but given the column is going to be used by pretty much all queries for visibility. Do we get to drop Bug/Branch.private with this?07:19
lifelessstub: yes07:19
wgrantstub: Yes, that will be dropped with legacy disclosure's destruction.07:19
wgrantstub: Bug.security_related too, in all probability.07:19
wgrantAnd Branch.transitively_private.07:19
lifelesswgrant: I'm not sure transitively goes07:20
lifelesswgrant: unless we don't permit private & ppublic branches in the same project ever07:20
stubSo I can understand the current model and am fine with it. I think we can make a lot of the indexes partial for a speed win in AccessPolicy & AccessPolicyArtifact07:21
wgrantlifeless: We've not quite worked out how stacking works.07:21
stubI suspect transitively_private will no longer make sense when the private flag goes. It is just a cache really.07:21
lifelesswgrant: yes07:22
wgrantAs a flag it certainly will no longer make sense.07:22
lifelessits a derived value though07:22
wgrantIt is, but saying that something is "just private" will no longer be possible.07:22
wgrantThere needs to be a policy.07:23
wgrantI don't know what restrictions we'll have around stacking.07:23
wgrantstub: Indeed, I should make lots of those partial.07:23
stubWill Branch/Bug.access_policy become NOT NULL?07:24
wgrantstub: I expect the schema to make privacy queries substantially faster, as it won't have to indirect through a linking table for most things.07:24
wgrantstub: No -- NULL means public.07:24
stubHow does that work for hidden or private products? (do we have them?)07:25
wgrantA reasonable point.07:25
wgrantHmm. I hate to think how that would perform.07:26
wgrantBecause that would require bug searches to look up policies for even public bugs...07:27
stubProbably about the same as LEFT OUTER JOIN with the AccessPolicy or a UNION like we do with private stuff atm.07:27
stubAnyway, it might end up nicer and/or faster if it becomes NOT NULL and public bugs are linked to a public AccessPolicy07:29
lifelesswe already check project.active07:29
wgrantHmm, so we do.07:29
wgrantSo maybe that would work.07:30
lifelessif we want to denorm inactivity, we can do that by (for instance) creating a non-public policy for them07:30
lifelessstub: a hidden or private product will have no public bugs07:30
lifelessstub: by definition07:30
lifelessstub: we don't [really] have them yet, but we will. Also private distros.07:31
stublifeless: Well, if a product could override what 'public' means you could have hidden bugtasks on a bug. But I'm not sure people want to go down that path.07:31
stubBut even without, the queries just might come out nicer so worth keeping in mind when hacking the code.07:32
stubwgrant: Do you want to make the partial index changes and push?07:33
wgrantstub: Do I also want to make AccessPolicyArtifact's indices partial?07:36
lifelesswgrant: ok, do you want a voice chat about oem?07:40
stubwgrant: Yes, I think so07:41
wgrantlifeless: Sure.07:41
wgrantI'm Skyped up.07:41
lifelesstry calling me07:42
lifelessI think skype is running, can't tell(unity)07:42
lifelesswgrant: ^07:43
wgrantCalling07:43
* StevenK attempts to fix the qa-tagger08:18
StevenKTwo rollbacks, which I think overlap? Seriously? :-(08:19
wgrantStevenK: That works normally.08:19
wgrantWhat's the error?08:19
StevenKIt isn't crashing, but r14216 is marked as needstesting, I set it back to qa-bad bad-commit-1421608:20
StevenKRevision 14216 can be deployed if 14223 is deployable: rolledback08:21
StevenKThere we go08:21
* StevenK fixes r14219 too08:22
wgrant(for the record, my earlier objections to lifeless' crazy plan are rescinded now that he's clarified he doesn't actually suggest that we keep legacy disclosure around, just that we temporarily weaken new disclosure for some projects)08:27
StevenKwgrant: Bleh.08:31
StevenKwgrant: Now both bad commits are so marked, but r14229 is linked to the same bug.08:33
wgrantStevenK: Mark that bug qa-ok or qa-untestable as appropriate.08:33
wgrantThe bad-commit-XXX will still taint the bad rev.08:33
StevenKIt was marked as needstesting 10 hours ago, I guess abentley has not done QA on it yet.08:34
wgrantLeave it needstesting, then.08:34
StevenKAnd I think deryck has done the same thing.08:34
* StevenK digs.08:34
* StevenK gives up on deploying before Monday.08:36
=== rvba changed the topic of #launchpad-dev to: https://dev.launchpad.net/ | On call reviewer: lifeless, rvba | Critical bugtasks: 266
StevenKRight, two revisions need QA to get us to a deployable state.08:42
StevenKrvba with r14225, and abentley with r1422908:42
StevenKWell, deployable until r14231 at least.08:43
rvbaStevenK: r14225 is actually qa-ok (it's behind a ff anyway) but I forgot to mark it incr when I landed it…08:44
rvbaso I marked it qa-ok first, and the I removed the qa tag altogether maybe I got the qa tagger confused, sorry about that.08:45
rvbas/and the/and then/08:46
rvbaStevenK: should I re-add the qa-ok tag?08:47
StevenKrvba: If you remove the tag altogether the qa tagger will assume it's not ok -- please add the tag if it is.08:49
rvbaStevenK: done.08:49
adeuringgood morning08:59
pooliehi09:00
lifelessallenap: so what was the rabbit/txlongpoll qa issue?09:15
lifelessstub: fdt - how would you feel about us removing the long xact check09:19
lifelessstub: (for readonly conns)09:19
lifelessstub: or can we not tell..09:19
stublifeless: A readonly connection will still block the updates09:22
lifelessstub: yes, thus killing it09:22
bigjoolslifeless: re. txlongpoll - it just started worked so we figured it was something you did to Rabbit09:22
bigjoolsworking*09:22
lifelessok great09:23
bigjoolsneed to get it in production now09:23
lifelessi didn't see an update to the ticket about prod rabbit09:23
bigjoolsbut we need a deployment strategy09:23
lifelesswhich IIRC was blocked pending txlongpoll on staging being happyt09:23
lifelessbigjools: related question09:23
stublifeless: I mean if we let them stay, they will block the updates. ALTER TABLE and most DDL needs an ACCESS EXCLUSIVE lock, which conflicts with the ACCESS SHARE locks taken out by SELECT statements.09:23
pooliebigjools, lifeless: so if we split out the buildds, i'm presuming we want the buildmaster tests to still be able to start it09:23
lifelessstub: yes, I don't mean let them stay09:24
lifelessstub: I mean kill them rather than aborting09:24
stuboic.09:24
bigjoolspoolie: sorry, I think I am missing context09:24
pooliesorry09:24
pooliei'm looking at https://bugs.launchpad.net/launchpad/+bug/80029509:24
lifelessbigjools: does txlongpoll have amqp oopses configured ?09:24
pooliebut specifically, robert suggested trying to split out the buildd source from launchpad proper09:24
stubWe could, but it is a workaround the real problem that something screwy is happening that needs to be investigated.09:24
bigjoolslifeless: I believe so09:25
lifelessbigjools: great09:25
lifelessbigjools: I'd like to confirm that; how do I go about it ?09:25
bigjoolspoolie: so yes I think some of the b-m tests use the buildd09:25
stublifeless: The theory is that nothing except a few well known system connections should have long running transactions open, and if this is not the case the system might be unstable and we should not proceed without investigation.09:25
bigjoolspoolie: we just make it a source dependency in versions.cfg etc.09:26
lifelessstub: so far it seems to be generating false positives09:26
bigjoolspoolie: the buildd code should be a GPL2 project on its own09:26
lifelessstub: things which yes we should fix but they are totally safe to interrupt09:26
bigjoolsrvba: did txlongpoll get amqp oopses?09:26
poolieright, and it should probably expose a python module that contains a test fixture etc?09:27
bigjoolspoolie: right09:27
bigjoolspoolie: in fact I suspect we need 2 projects, the buildd and a buildd-fixture09:27
stublifeless: Right. So we can either ignore everything and not do the check at all (possibly causing things to explode because something is screwing up) or keep things as they are09:27
bigjoolsLP just depends on the latter09:27
poolie?09:28
pooliewon't it need the actual buildd, to run it?09:28
lifelessstub: we put out a broad call for things that deal with nontransactional data09:28
lifelessstub: and got back the whitelist09:28
bigjoolsyes - dependency chain09:28
bigjoolsit's what we did with txlongpollfixture09:28
stublifeless: yes. I'm more thinking of things like postgresql processes getting hung in odd states or thrashing trying to calculate multibillion row result sets and that sort of thing.09:29
poolieoh i see, it only directly depends on the fixture, right09:29
pooliethough, if we just bring it in as an egg(?) or branch, it doesn't really need to be separately packaged09:29
bigjoolsthe thought of being able to type "make run_buildd" is appealing :)09:29
lifelessstub: so we try a cancel backend; wait 5 seconds; check09:29
lifelessstub: of the slow things first09:30
lifeless?09:30
stubWe also have the option of increasing the timeout.09:30
bigjoolspoolie: if we want to pull it in on buildout it should be an egg really09:30
lifelessstub: which timeout ?09:30
stublifeless: We could, yes. That starts causing outages before the real outage.09:30
stublifeless: The definition of a long running transaction09:30
lifelessstub: of things with -long- transactions09:30
bigjoolswe don't need to package it I guess09:30
lifelessstub: and long is already defined longer than any webapp, right ?09:31
bigjoolsbut it is already packaged09:31
stublifeless: Yes. So it shouldn't affect anything interactive that isn't already messed up.09:31
pooliewhat would be the steps, roughly, to 'make run_buildd'?09:31
lifelessstub: which means we're not really causing an outage ;P09:31
stublifeless: Yes, we can define outage in such a way as to not have outages :-)09:32
lifelessstub: \o/ at shifting goalposts09:32
stublifeless: The important things are backup processes, slon processes etc. and they are protected as we define this stuff as system users.09:33
lifelessyes09:33
lifelessstub: so my thrust is to reduce/eliminate failed fdt's where we miss the window and don't do the deploy09:34
stubIncreasing the long running transaction definition is the simplest thing that might fix the immediate problem, and I think it is even a command line option.09:34
lifelessballs in your court :)09:34
stubFor killing long running transactions, we should be able to do the connections to the slaves. On the master, it would be all or nothing as I can't tell a read only connection from a read/write.09:35
lifelesswe had  in a row that failed IIRC09:35
lifelessstub: can we not check held locks?09:35
stubThat might work, yes.09:35
stubThere are race conditions, but we already have that with connections that don't meet the 'long running' criteria but might cause problems when we take down pgbouncer.09:36
bigjoolspoolie: I don't know precisely but we have done a couple of fixtures that start up with "make run" now, see rabbitfixture and txlongpollfixture09:37
bigjoolspoolie: allenap did the work if you need details09:37
bigjoolspoolie: although I suspect the buildd package will need some tweaking as it's currently designed to run in a chroot in its own account09:38
poolieright, and some of it insists on being under xen09:38
pooliedo you test it locally at all?09:38
bigjoolspoolie: not as such, I am talking about running it locally09:38
bigjoolsyes - so you make a new "buildd" account and then chroot inside there09:38
lifelessstub: there should be one lock on the virtual xaction and thats it, for a readonly op IIRC09:39
* bigjools OTP for 5m09:39
stublifeless: Right, I haven't looked closely yet but anything that doesn't have any sort of exclusive locks open would count I think.09:39
stublifeless: So I guess we can just ignore any read only transactions for the long running check and keep everything but that query the same.09:41
stubmasters and slaves.09:41
pooliebigjools, could you read https://code.launchpad.net/~mbp/launchpad/800295-buildd-split/+merge/8111110:17
bigjoolspoolie: OTP, will check shortly10:18
pooliethanks10:18
=== nigelb_ is now known as nigelb
bigjoolspoolie: where is _hasDaemonStarted called from?11:12
pooliebigjools, from the superclass TacTestSetup12:25
bigjoolspoolie: that's code that's still in the main tree12:26
bigjoolspoolie: I think we need to duplicate TacTestSetup in buildd12:27
poolieoh probably12:28
poolieif we want the split out buildd to be independently testable12:28
bigjoolsindeed12:28
poolie... with tests that cover starting it this way12:28
bigjoolsLP can depend on buildd but not the other way around12:28
poolieand we probably do12:28
bigjoolsthanks for looking at this though!12:29
pooliei have ec2 seeing if it passes with these changes now12:30
jelmerrvba: hi, do you have time for a review?12:57
rvbajelmer: sure.12:57
=== rvba changed the topic of #launchpad-dev to: https://dev.launchpad.net/ | On call reviewer: rvba | Critical bugtasks: 266
jelmerrvba: great - the MP is at https://code.launchpad.net/~jelmer/launchpad/stacked-code-imports/+merge/8113913:01
deryckMorning, everyone.13:01
jelmerhey Deryck13:02
rvbajelmer: okay, I confess I'm not familiar with this part of the code but it will be a good occasion to learn.  Besides this branch has sort of already been approved right?13:03
jelmerrvba: yeah, benji reviewed it earlier13:03
rvbajelmer: Okay, I'll have another look then.13:04
flacostebigjools: can you join the session going on in #ubuntu-uds-bonaire5 ?13:13
flacostebigjools: we are discussing gating uploads when the distro is in prerelease13:13
UrsinhaI wish I was there *sigh*13:14
jmlI'm creating a Launchpad project now13:28
jmland setting up team structures is a bit dull13:28
jmland easy to mess up13:28
=== jcsackett changed the topic of #launchpad-dev to: https://dev.launchpad.net/ | On call reviewer: rvba, jcsackett | Critical bugtasks: 266
jmlCould I please get a team renamed? https://answers.launchpad.net/launchpad/+question/17739513:31
Beretjml, I'm pretty sure that costs $19.95 plus S/H13:33
jmlBeret: Canonical can dock it from my salary then.13:34
Berethah13:34
rvbaMorning jcsackett!13:35
jcsackettmorning, rvba. :-)13:36
rvbaI'm afraid it's gonna be a crazy reviewing day.13:36
rvbaI'm on Jelmer's branch, then I'll review Ian's 1249 branch.13:37
rvbaAfter that I plan to kill myself ;).13:37
rvba1249 lines branch that is.13:37
jcsackettrvba: 1249? that's not a typo? wow.13:38
jcsackettrvba: i'm looking at your branch now.13:38
rvbajcsackett: Thank you.13:38
jmlIs https://bugs.launchpad.net/launchpad/+bug/3945 different from https://bugs.launchpad.net/launchpad/+bug/57418, really?13:45
_mup_Bug #3945: Support debtags in Launchpad for products and packages <lp-foundations> <Launchpad itself:Triaged> < https://launchpad.net/bugs/3945 >13:45
_mup_Bug #57418: Support debtags in Packages.gz <escalated> <feature> <lp-soyuz> <soyuz-publish> <Launchpad itself:Triaged> < https://launchpad.net/bugs/57418 >13:45
deryckabentley, my css-polish branch is up to date now and pushed.13:45
=== fjlacoste is now known as flacoste
abentleyderyck: thanks!13:48
derycknp!13:48
jelmerjml: it seems they're pretty similar. debtags in their original implementation were not in the Packages file, so it would be possible to do 3945 without 5741813:50
jmljelmer: ah, ok.13:50
abentleyrvba, what do you mean by "unify the formatting here"?13:54
rvbaabentley: Well, it looks like sometimes the inner part is indented, sometimes not.13:54
abentleyrvba: okay.13:55
deryckrvba or jcsackett, I have a CSS/html branch for review.  takers? :)13:56
abentleyrvba: better? http://pastebin.ubuntu.com/727255/13:57
rvbaderyck: We will add it to the queue :)13:57
rvbaabentley: I think so, don't you agree?13:58
deryckrvba, ok, cool.  A busy day then, I take it. :)13:58
abentleyrvba: I waffle about indenting.13:58
jcsackettderyck: a bit. i should be able to look at yours in a bit.13:59
rvbaderyck: busy day indeed.14:00
rvbajcsackett: just for the fun of it, I invite you to take a look at the MP: https://code.launchpad.net/~wallyworld/launchpad/delete-bugtask-ui-ajax-878909/+merge/8077914:02
jelmerrvba: thanks!14:03
rvbanp14:03
jcsacketti will just say i'm glad you're taking that one, rvba. :-P14:04
rvbahehe14:04
jcsackettrvba: r=me on your branch.14:07
jcsackettderyck, i'll look at yours now.14:07
deryckjcsackett, ok thanks!14:08
rvbajcsackett: thanks.  The nice part is that landing this branch will conflict with Ian's branch.14:08
rvbaI have my revenge!14:08
* jcsackett laughs.14:08
jcsackettthat's the problem with enormous branches -- the odds of someone stepping on your toes goes *way* up.14:09
rvbaTrue14:09
jcsackettderyck: to make sure i understand, your css changes only effect the mustache template, right?14:11
deryckjcsackett, correct14:13
jcsackettawesome. r=me, then, deryck.14:13
deryckjcsackett, rocking thanks!14:13
allenaprvba, jcsackett: Please can you review my shortish branch? https://code.launchpad.net/~allenap/launchpad/participation-keyerror-bug-810114-2/+merge/8115114:21
jcsackettallenap: sure, i'll jump that over the longer branch of jtv's i just grabbed.14:22
allenapjcsackett: Hehe, thanks.14:22
deryckabentley, my css-polish branch is approved and playing in ec2 now.14:23
abentleyderyck: excellent.14:24
jcsackettallenap: i haven't seen the "slurp" function before, what's the deal?14:24
jcsackett... or is this defined elsewhere in the branch ...14:24
allenapjcsackett: The latter :)14:24
abentleyderyck: I expect to have this branch up for review today.14:25
deryckabentley, awesome.14:25
* deryck goes offline to switch work locations, back shortly14:31
jcsackettallenap: r=me.14:31
allenapjcsackett: Thanks!14:31
abentleyrvba or jcsackett: could you please review https://code.launchpad.net/~abentley/launchpad/client-bug-fields/+merge/81157 ?15:27
rvbaabentley: I'll take it.15:28
abentleyrvba: thanks.15:28
abentleyderyck: custom-bug-listings-css-polish fails lp.bugs.browser.tests.test_bugtask.TestBugTaskSearchListingView.test_mustache_rendering15:38
deryckabentley, ah, dang.  I didn't run tests.  But ec2 will catch it.15:38
deryckabentley, thanks for the heads up.  I'll get a fix shortly.15:38
abentleyderyck: np.15:39
abentleyderyck: let me know so I can merge the fix.15:39
deryckabentley, will do15:39
adeuringrvba, jcsackett: could you please  review this MP: https://code.launchpad.net/~adeuring/launchpad/banner-for-beta-features/+merge/8116515:42
jcsackettadeuring: i'm doing one of jtv's right now, i can do yours right after.15:42
adeuringjcsackett: trhanks!15:42
rvbajcsackett: I told you today would be crazy ;)15:43
jcsackettrvba: you weren't kidding. :-P15:43
jcsackettadeuring: okay, i'm looking at yours now.15:49
adeuringjcsackett: cool15:49
=== beuno is now known as beuno-lunch
deryckrvba or jcsackett, I have another branch for review if either of you is available.15:59
rvbaderyck: I'll take it once I'm finished with the one I'm working on right now.15:59
deryckrvba, thanks!  It's here:  https://code.launchpad.net/~deryck/launchpad/orderby-bar-settings-slot/+merge/8114816:00
rvbak16:00
deryckabentley, test is fixed now and pushed up to lp in that branch.16:13
abentleyderyck: thanks.16:14
derycknp16:14
rvbaabentley: I've got a question about this bit of code: http://paste.ubuntu.com/727380/16:15
abentleyrvba: sure.16:16
rvbain the each loop, what kind of value have the variables value and key?16:16
abentleyrvba: value is a boolean, key is a string.16:17
rvbaabentley: field_visibility is something like {show_item: true} right?16:18
abentleyrvba: right.16:18
bigjoolsany idea why I'd get a "Signature couldn't be verified: (7, 8, u'Bad signature')" when reviewing an MP over email?16:18
jelmerbigjools: are you using thunderbird without MIME?16:19
bigjoolsjelmer: no16:19
rvbaabentley: then I don't get why you do: delete batch.mustache_model.bugtasks[i][key];16:19
bigjoolsthe signature verifies locally (I am using kmail)16:19
rvbaabentley: could you please explain that a little bit?16:19
jelmerbigjools: I'm finding that if I don't use MIME for GPG signatures in Thunderbird I get that error16:19
bigjoolsjelmer: I have no idea if I can even config that16:20
abentleyrvba: that is to prevent "batch.mustache_model.bugtasks[i][key]" from shadowing "batch.mustache_model[key]"16:20
bigjoolsjelmer: ah I found something - so "S/MIME" ought to work?16:21
abentleyrvba: mustache templates are supposed to have nested scopes, so that if key isn't found in current scope, it's looked up in the outer scopes.16:22
rvbaabentley: ah! that's what I was missing!16:23
rvbaThanks!16:23
abentleyrvba: np.16:23
bigjoolsjelmer: I've not used MIME before and it's worked, plus kmail bitches that it doesn't have the other side's keys if I try and force MIME :/16:24
jelmerbigjools: that works for me, though it's obviously also a bug in launchpad if it only works with S/MIME (in some situations?)16:25
rvbaabentley: r=me16:25
abentleyrvba: thanks.16:25
adeuringjcsackett: thanks for your review!16:26
rvbaderyck: I'm starting with your branch.16:26
jcsackettadeuring: you're welcome, sorry i forgot to tell you i was done. :-P16:26
adeuringnp ;)16:26
deryckrvba, thanks!16:26
rvbaderyck: r=me16:38
deryckrvba, thanks!16:39
rvbanp16:39
=== rvba changed the topic of #launchpad-dev to: https://dev.launchpad.net/ | On call reviewer: jcsackett | Critical bugtasks: 266
=== beuno-lunch is now known as beuno
lifelessmoin18:07
bigjoolsgood night!18:13
abentleyderyck: looking at bug age, the examples seem to show a time formatting we haven't done before.  Or am I missing something?18:17
deryckabentley, yeah, I thought that was new as well, but never asked about it.18:17
=== Pendulum_ is now known as Pendulum
=== jcsackett changed the topic of #launchpad-dev to: https://dev.launchpad.net/ | On call reviewer: - | Critical bugtasks: 266
lifelessmrevell: I'm ready whenever19:43
mrevellhey lifeless!19:44
timrccody-somerville,  #ubuntu-uds-Bonaire421:40
lifelesswow oops pruning is ... just wow22:29
poolielifeless, so my split-out-buildd thing has passed tests up to a certain level of completion22:47
pooliethe buildd tests still depend on the lp tree but there is no actually copied-around code22:48
timrcI noticed that from a logged out perspective my ~canonical membership badge is not shown on my profile page.  Is this by design? Or, is it a bug? Or, am I missing how to show it?22:51
lifelesstimrc: canonical is a private team22:51
timrclifeless, so can someone logged in but not a member of Canonical see it?22:53
lifelessno22:54
timrclifeless, okay, that's the information I needed22:54
wgrantlifeless: Yeah, oops-prune is pretty special.23:02
wgrantlifeless: I don't imagine wildcherry is very happy with it.23:02
StevenKwgrant: I need to write an API script to copy from Ubuntu? I forget. :-(23:02
lifelessso, I'm considering some options here23:03
lifelessI need opinions :)23:03
lifelessbroadly, I'm thinking:23:03
lifeless - delta based - get changes across the tables for a date range23:03
wgrantStevenK: You can copy from anywhere. Even create a new PPA and copy from an existing PPA into that.23:03
lifeless - use [for now] a local disk file to record last run time23:03
lifeless - add an API on project [product] that takes two dates - start and stop - and returns a set of oops ids23:04
lifelessof course, this is probably impossible in the API23:04
lifelessStevenK: wgrant: either of you familiar with api gotchas / benefits ?23:05
lifelessif I just return a set([id, id2, ...]) from a method, will it work23:06
wgrantThat should work, yes.23:06
lifelessor do I need an Interface OopsResult with an attribute oops_ids ?23:06
wgrantBut doing this through the lazr.restful API would indicate that you have a deathwish.23:06
lifelesswell23:06
lifelessI'd like to let other folk running oops systems work with LP to keep interesting ones and prune the rest.23:06
lifelessSo there is very good reason to make this a public API23:07
wgrantYes, there is very good reason to do it.23:07
wgrantBut there's also very good reason to not.23:07
lifeless...23:07
wgrantThis sounds like it's going to be a fairly expensive method, and return a lot of data.23:08
lifelessno23:08
wgrantNeither of which the API is likely to be good at.23:08
wgrantAh, if it's partial, I guess.23:09
lifelessthere are very few oopses referenced in the system for any given short date range23:09
lifelessthe reason it takes 3 minutes to run is because we're searching everything23:09
lifelesssearching 1 day - one /(365*5) of the db - should be subsecond trivially.23:09
wgrantIndeed.23:09
wgrantSo, yes, you can just return a sequence from a method, and it will work.23:10
lifelessand if not, there are other similar uses so making it subsecond is desirable anyhow.23:10
wgrantYou can't declare the return type, so lazr.restfulclient won't do any special decoding.23:10
wgrantBut since it's just strings it should be fine.23:10
lifelessthe client script then needs to remember where it has pruned up to - thats the lower bound, and select a day more than (gc window) back, thats the upper bound.23:11
lifelessso, for instance, if I default to 7 days, the first run would take the oldest datedir in the local datedir repo, and 7 days ago, and query.23:11
lifelesswhich would suck, if we ran it on the old stuff on carob23:11
lifelessbut new stuff will be a few weeks.23:12
lifelessmax.23:12
poolielifeless, wgrant, what do you think of me landing https://code.launchpad.net/~mbp/launchpad/800295-buildd-split/+merge/81111 as an incremental step towards a buildd split out23:38
=== wallyworld_ changed the topic of #launchpad-dev to: https://dev.launchpad.net/ | On call reviewer: wallyworld | Critical bugtasks: 266

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!