infra issueshttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues2022-03-28T20:29:55Zhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/6377WWW IPv62022-03-28T20:29:55Zmello tronWWW IPv6Hello,
It’d be nice if the public facing web domains had functioning AAAA
records.
*(from redmine: issue id 6377, created on 2016-10-21)*Hello,
It’d be nice if the public facing web domains had functioning AAAA
records.
*(from redmine: issue id 6377, created on 2016-10-21)*Kevin DaudtKevin Daudthttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/1858Create mailing list for security alerts2020-01-06T14:19:15ZNatanael CopaCreate mailing list for security alertsWe already have a amiling list named ‘alpine-security’. I wonder if we
should make it more clear what this list is for.
Maybe we should have a sec-errata@lists.alpinelinux.org too, where we
only post security erratas.
*(from redmine: ...We already have a amiling list named ‘alpine-security’. I wonder if we
should make it more clear what this list is for.
Maybe we should have a sec-errata@lists.alpinelinux.org too, where we
only post security erratas.
*(from redmine: issue id 1858, created on 2013-05-13)*
* Relations:
* relates #2104
* parent #1846Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/1846handling security issues2022-01-29T22:46:09ZPeter Kotcauerhandling security issuesIt would be nice to have an errata mailing list to inform users about
fixed security issues affecting binary packages or the core system.
Mails could include the CVE and other identifiers.
There could be place an unique id tag for thes...It would be nice to have an errata mailing list to inform users about
fixed security issues affecting binary packages or the core system.
Mails could include the CVE and other identifiers.
There could be place an unique id tag for these issues something like
ALPLSA-year:autoincrement (ALPine Linux Security Advisory).
I think one or more security officer(s) should be chosen.
There could be a security@ address where users could send security
related problems (it should have a public pgp key for sending sensitive
information encrypted).
Security officer(s) should be subscribed to distros and linux-distros
closed mailing lists.
*(from redmine: issue id 1846, created on 2013-05-03)*
* Relations:
* child #1858https://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/10634Migration steps from Redmine to Gitlab2019-07-18T21:16:49ZCarlo LandmeterMigration steps from Redmine to GitlabSetup alpine-docker-gitlab
==========================
Docker
------
1. Clone: https://github.com/clandmeter/alpine-docker-gitlab
2. Use a docker-compose file like https://tpaste.us/Bo7b
3. Generate secrets by exec contrib/secrets.sh...Setup alpine-docker-gitlab
==========================
Docker
------
1. Clone: https://github.com/clandmeter/alpine-docker-gitlab
2. Use a docker-compose file like https://tpaste.us/Bo7b
3. Generate secrets by exec contrib/secrets.sh
4. Start docker containers with docker-compose up (keep it in the
foreground to see if something goes wrong)
5. See console for root password or look it up in the secrets files
6. modify unicorn.rb and set process to threads+1
7. restart docker-compose but in the background
Gitlab
------
1. Login to gitlab as root
2. Create alpine Group
3. Create aports project
4. Set group/project writable for users
5. Add a SSH key to the root user (we need it to push aports)
6. Create an API for the root user for migration
7. git push aports with mirror option
Redmine
-------
1. Create api key for admin users on redmine
Migration
---------
### Installation of migrator
1. clone https://github.com/johan-smits/redmine-gitlab-migrator
2. Follow readme to install python application
### Users
1. Generate a users.txt file from the script on mysql db server
(`ssh root`alpine-db.nld3.alpin.pw sh /root/get-redmine-users.sh@)
2. migrate all bugs users to gitlab
- Script https://tpaste.us/baLW
- this makes all of them admins
### Milestones
1. Use migrator from
https://github.com/johan-smits/redmine-gitlab-migrator
2. migrate-rg roadmap —no-verify \\
—redmine-key “$redmine\_api\_key” \\
—gitlab-key “$gitlab\_api\_key” \\
“$redmine\_uri” “$gitlab\_uri”
### Issues
1. Use migrator from
https://github.com/johan-smits/redmine-gitlab-migrator
2. migrate-rg issues —debug —no-verify —keep-id \\
—redmine-key $redmine\_api\_key \\
—gitlab-key $gitlab\_api\_key \\
$redmine\_uri $gitlab\_uri
3. debug is to make it output something when its pre processing
Cleanup
-------
1. Reset all admin privs by setting admin=false in db for all users
except admin
Configuration
-------------
1. TODO
*(from redmine: issue id 10634, created on 2019-06-28)*
* Relations:
* parent #10573Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/10606Redmine and git project/repo conversion/migration to Gitlab2019-07-18T21:17:09ZCarlo LandmeterRedmine and git project/repo conversion/migration to Gitlabwe currently have a specific setup on both Redmine and git.a.o.
### Redmine projects
- AConf
- Alpine Linux
- Alpine Build tools (abuild)
- Alpine Documentation
- Alpine Infrastructure
- Alpine Package Keepe...we currently have a specific setup on both Redmine and git.a.o.
### Redmine projects
- AConf
- Alpine Linux
- Alpine Build tools (abuild)
- Alpine Documentation
- Alpine Infrastructure
- Alpine Package Keeper (apk-tools)
- Alpine Security
- Alpine Setup Scripts
- AWall
- Squark
### git.a.o repos
- Alpine Projects
- repos
- Docks
- repos
- ACF
- repos
- Hosted
- repos
- user
- user repos
### Namespace conversion for projects with source code (git repo):
- projects/alpine =>alpine/aports
- projects/abuild =>alpine/abuild
- projects/apk-tools =>alpine/apk-tools
- projects/alpine-conf =>alpine/alpine-conf
- projects/awall =>alpine/awall
### Namespace conversion for projects without source code (git repo)
These would have a single README.md explaining these projects have
issues only
- projects/alpine-infra =>alpine/infra/general
- projects/alpinedoc =>alpine/docs/general
- projects/alpine-security =>alpine/security/general
### Docs (git repos)
These have no projects on redmine and can be converted to similar Gitlab
namespacing:
- alpine/docs/repository
### Hosted (git repos)
Need to check under which namespace to move these
### ACF
There are a lot of repos on git.a.o and we have mixed the issues within
the alpine (aports) namespace.
We have to discus with Ted Trask how to handle this.
### AConf
I think we can skip migrating Aconf, this project seems empty on
redmine.
### Squark
This seems like an old project. Probably easier to just keep it on
git.a.o
### User repos
We can allow users to migrate their repositories into gitlab or just
keep them on git.a.o.
*(from redmine: issue id 10606, created on 2019-06-23)*
* Relations:
* parent #10573Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/10573migration to gitlab2020-01-06T13:02:23ZCarlo Landmetermigration to gitlabwe are currently testing a new gitlab instance at
gitlab.alpinelinux.org.
Please reply with issues found and features which are missing.
This is also a good place to start discussing how to organize git.a.o
and bugs.a.o into gitlab.
...we are currently testing a new gitlab instance at
gitlab.alpinelinux.org.
Please reply with issues found and features which are missing.
This is also a good place to start discussing how to organize git.a.o
and bugs.a.o into gitlab.
If you want a test account please email me or send a message on IRC for
a password as smtp is disabled atm for obvious reasons.
*(from redmine: issue id 10573, created on 2019-06-14)*
* Relations:
* child #10606
* child #10634
* Uploads:
* ![Screenshot_from_2019-06-14_12-03-06](/uploads/154af9d912af126b459e0740e11c7421/Screenshot_from_2019-06-14_12-03-06.png)Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/9977Flagging packages is not working, 404 instead.2023-06-07T12:16:38ZYaron ShahrabaniFlagging packages is not working, 404 instead.This is website related.
The packages interface doesn’t allow flagging, an error appears.
*(from redmine: issue id 9977, created on 2019-02-11)*This is website related.
The packages interface doesn’t allow flagging, an error appears.
*(from redmine: issue id 9977, created on 2019-02-11)*https://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/9924Allow selecting all arches in pkgs.alpinelinux.org2023-06-07T12:16:38ZKevin DaudtAllow selecting all arches in pkgs.alpinelinux.orgThe arch selection field by default has no arch selected, so it allows
you to search in any arch. But once you selected an arch, it’s no longer
possible to select no arch.
*(from redmine: issue id 9924, created on 2019-01-26)*The arch selection field by default has no arch selected, so it allows
you to search in any arch. But once you selected an arch, it’s no longer
possible to select no arch.
*(from redmine: issue id 9924, created on 2019-01-26)*Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/9589Anitya (release-monitoring) checker stopped working2020-01-06T13:06:54ZJakub JirutkaAnitya (release-monitoring) checker stopped workingMy access to the container running pkgs.a.o has stopped working
**again**, so I cannot check out what’s wrong. `anitya-check-all` should
be executed periodically by cron.
ssh jirutka@172.16.4.21
ssh: connect to host 172.16.4.21 ...My access to the container running pkgs.a.o has stopped working
**again**, so I cannot check out what’s wrong. `anitya-check-all` should
be executed periodically by cron.
ssh jirutka@172.16.4.21
ssh: connect to host 172.16.4.21 port 22: No route to host
*(from redmine: issue id 9589, created on 2018-10-26)*Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/9573Add TLS certificate for email relaying in lists.alpinelinux.org2022-10-06T21:01:19ZMilliardo PeacecraftAdd TLS certificate for email relaying in lists.alpinelinux.orgHello,
As subject states, lists.alpinelinux.org doesn’t offer a certificate for
using STARTTLS in MTA to MTA communication. This can be checked by:
$ openssl s_client -connect lists.alpinelinux.org:25 -starttls smtp
CONNECTED(0...Hello,
As subject states, lists.alpinelinux.org doesn’t offer a certificate for
using STARTTLS in MTA to MTA communication. This can be checked by:
$ openssl s_client -connect lists.alpinelinux.org:25 -starttls smtp
CONNECTED(00000003)
didn't find starttls in server response, try anyway...
22101338425312:error:1400410B:SSL routines:CONNECT_CR_SRVR_HELLO:wrong version number:/usr/src/lib/libssl/ssl_pkt.c:386:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 208 bytes and written 0 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
Start Time: 1540317980
Timeout : 7200 (sec)
Verify return code: 0 (ok)
---
Under some email servers setups such as mine, email isn’t relayed if the
remote doesn’t provides STARTTLS.
Best regards.
*(from redmine: issue id 9573, created on 2018-10-24)*https://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/9493improve patchwork mail routing2020-01-06T13:05:58ZCarlo Landmeterimprove patchwork mail routingCurrently mails for patchwork are routed via redmine container.
This is not very obvious and can lead into issues when changing
container locations.
It would be better if we have a single point of entry (mail.a.o) and
forward to the ...Currently mails for patchwork are routed via redmine container.
This is not very obvious and can lead into issues when changing
container locations.
It would be better if we have a single point of entry (mail.a.o) and
forward to the correct container directly via vpn.
*(from redmine: issue id 9493, created on 2018-09-30)*Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/9134Improve the contributors/developers environment2020-01-06T13:09:55ZCarlo LandmeterImprove the contributors/developers environmentThis issue is not specifically targeted at a single item in our infra
but more general discussion thread to eventually evolve into sub tasks
to get a better environment.
Please add your issues and/or possible solutions and ill update t...This issue is not specifically targeted at a single item in our infra
but more general discussion thread to eventually evolve into sub tasks
to get a better environment.
Please add your issues and/or possible solutions and ill update this
item.
Current issues
==============
Authentication
--------------
Currently Redmine does not support proper Oauth integration. It would be
nice if we could have that implemented.
We currently have an issue open \#9081 to disable anon bug reporting.
Issues per branch
-----------------
Would be nice if we could somehow track security issues per branch see:
https://www.redmine.org/issues/1266\#change-56683
Multi Arch CI
-------------
Currently we use an external service (travis) to verify our
contributions. The limitations is that this is only available for
x86\_84.
It would be nice if we could somehow have a CI which can push jobs to
different containers in our infra on different architectures.
Most of our developers do not have access to these Archs so It would be
nice for them to send jobs to verify their contributions.
Patch queue management
----------------------
We currently have 2 queues, GitHub and Patchwork. This is by far optimal
and should be reduced to a single queue where people can contribute
to.
This will be much easier to maintain and less people will complain one
of the queues is better managed and remove questions as to which they
should contribute to.
To my knowledge the reason people use patchwork/ml is that they don’t
like to have an account on Github for privacy reasons. I think we should
support
this request and provided them with an alternative solution which means
we would have to replace both of them with a locally hosted solution.
Ideas regarding solutions
=========================
Unified solution
----------------
I’ve looked into the Open Source world to see if there is a holy grail
to work around the above mentioned issues.
After reviewing I ended up with only two solutions that seem to pack the
feature set we currently need is very active and had proper
documentation.
Both projects also have a side project which can migrate issues from
Redmine which is kind of nice to have.
### GitLab
This currently seems to be a choice for many other open source projects,
but its very hard to maintain it locally.
I started packaging the individual parts (gitlab-ce, gitaly…) but it was
very messy and i ended up with huge packages. I’ve seen Jirutka has
tried to
package it up for Gentoo but in the end stopped working on it. So in the
end I gave up because it seems to be very messy and time consuming.
### Phabricator
This application seems to be very easy to install, has only a few
dependencies so its a matter of an hour to get up and running.
Also the upgrade path is very simple and will be very easy to maintain
(if I read the documentation correctly).
The main issue we faced up till now is the workflow and the actual patch
integration in Phabricator. The only way to retrieve the patches
is to fetch the diff via the web interface or via the PHP cli. There is
no way to grab an mbox file or branch and locally apply and push it
(like we do with github).
This is one of the main issues ncopa faced when trying it out. I didn’t
look closer if this can be overcome somehow.
There is a test instance available at https://phabtest.alpinelinux.org
(the database isn’t running local so its maybe a bit slow at times).
Separate solutions
------------------
I didn’t have time yet to look into possible other solutions so any
feedback is appreciated.
*(from redmine: issue id 9134, created on 2018-07-25)*Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/9076Remove flag button from non-edge packages on pkgs.alpinelinux.org2022-07-25T10:55:13ZSascha PaunovicRemove flag button from non-edge packages on pkgs.alpinelinux.orgSince one cannot flag packages that aren’t in the edge repos, having the
flag button doesn’t make sense there doesn’t make sense.
*(from redmine: issue id 9076, created on 2018-07-11)*Since one cannot flag packages that aren’t in the edge repos, having the
flag button doesn’t make sense there doesn’t make sense.
*(from redmine: issue id 9076, created on 2018-07-11)*https://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/9071Outdated copyright notice2020-01-06T13:10:33ZTBKOutdated copyright noticeOn https://alpinelinux.org/ and https://pkgs.alpinelinux.org/packages
the footer copyright notice says 2017.
See attached file.
*(from redmine: issue id 9071, created on 2018-07-11)*
* Uploads:
* ![2018-07-11_03-02-09](/uploads/c79...On https://alpinelinux.org/ and https://pkgs.alpinelinux.org/packages
the footer copyright notice says 2017.
See attached file.
*(from redmine: issue id 9071, created on 2018-07-11)*
* Uploads:
* ![2018-07-11_03-02-09](/uploads/c79b02d159f5ab696d19f1efe5447669/2018-07-11_03-02-09.png)Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/9055Add an index.tab and index.json to the download site2021-11-12T15:08:51ZNick SchonningAdd an index.tab and index.json to the download siteSorry I’m just not looking in the right place. I checked out
http://dl-cdn.alpinelinux.org/alpine/ but couldn’t find anything like
what nodejs has for being able to easily pull relase version info. EX:
\- https://nodejs.org/dist/index.j...Sorry I’m just not looking in the right place. I checked out
http://dl-cdn.alpinelinux.org/alpine/ but couldn’t find anything like
what nodejs has for being able to easily pull relase version info. EX:
\- https://nodejs.org/dist/index.json
- https://nodejs.org/dist/index.tab
This appears to be done by a tool they wrote here
https://github.com/nodejs/nodejs-dist-indexer
The reason I’m looking for a file like this is to automate bumping
images as they are released
*(from redmine: issue id 9055, created on 2018-07-05)*Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/8489Improving package search - searching in pkgdesc2020-03-28T15:18:18ZBernhard J. M. GrünImproving package search - searching in pkgdescIt would be a nice improvement to also have a switch to enable searching
in package descriptions (pkgdesc) too on the website
https://pkgs.alpinelinux.org/packages .
*(from redmine: issue id 8489, created on 2018-02-15)*It would be a nice improvement to also have a switch to enable searching
in package descriptions (pkgdesc) too on the website
https://pkgs.alpinelinux.org/packages .
*(from redmine: issue id 8489, created on 2018-02-15)*Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/8475add SSL/TLS support to Alpine MQTT infrastructure2022-10-06T21:00:48ZCarlo Landmeteradd SSL/TLS support to Alpine MQTT infrastructureWe are currently only supporting plain text MQTT and MQTT+Websockets on
msg.alpinelinux.org.
This should be extended with MQTT over SSL/TLS and Websockets over
SSL/TLS.
To migrate all infra to SSL/TLS mqtt-exec will need to be updated...We are currently only supporting plain text MQTT and MQTT+Websockets on
msg.alpinelinux.org.
This should be extended with MQTT over SSL/TLS and Websockets over
SSL/TLS.
To migrate all infra to SSL/TLS mqtt-exec will need to be updated with
SSL/TLS support.
See: https://github.com/ncopa/mqtt-exec/issues/4
*(from redmine: issue id 8475, created on 2018-02-05)*Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/8448Alpine theme for Redmine2020-02-24T17:42:01ZDaniel Isaksendisaksen@alpinelinux.orgAlpine theme for RedmineIt’d be nice if our Redmine installation conformed with the Alpine
“template” website, like alpinelinux.org, pkgs.a.o, mirrors.a.o and
such.
*(from redmine: issue id 8448, created on 2018-01-30)*It’d be nice if our Redmine installation conformed with the Alpine
“template” website, like alpinelinux.org, pkgs.a.o, mirrors.a.o and
such.
*(from redmine: issue id 8448, created on 2018-01-30)*Daniel Isaksendisaksen@alpinelinux.orgDaniel Isaksendisaksen@alpinelinux.orghttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/8428Make all third party mirrors sync from T1 mirrors2022-12-03T21:42:56ZDaniel Isaksendisaksen@alpinelinux.orgMake all third party mirrors sync from T1 mirrorsAll third party mirrors **must** synchronize from our tier 1 (dl-N)
mirrors, and **not** from master.
Therefore we must contact the admins for all third party mirrors and
notify them of this.
A list of contacts are in the git.a.o:infra...All third party mirrors **must** synchronize from our tier 1 (dl-N)
mirrors, and **not** from master.
Therefore we must contact the admins for all third party mirrors and
notify them of this.
A list of contacts are in the git.a.o:infra/mirrors repository.
*(from redmine: issue id 8428, created on 2018-01-26)*
* Relations:
* parent #8426https://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/8424Make an inventory of the current infrastructure2022-11-06T20:43:46ZKevin DaudtMake an inventory of the current infrastructureBefore the infrastructure can be documented, we need to make an
inventory of what infrastructure is there.
*(from redmine: issue id 8424, created on 2018-01-26)*
* Relations:
* parent #8413Before the infrastructure can be documented, we need to make an
inventory of what infrastructure is there.
*(from redmine: issue id 8424, created on 2018-01-26)*
* Relations:
* parent #8413