New issue
Advanced search Search tips

Issue 775727 link

Starred by 1 user

Issue metadata

Status: Fixed
Owner:
Closed: Oct 2017
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: Mac
Pri: 3
Type: Bug



Sign in to add a comment

Have a proper API for fetching the current sheriff/trooper on duty

Project Member Reported by hinoka@chromium.org, Oct 17 2017

Issue description

Currently the API for fetching the current sheriff/trooper on duty is to hit https://build.chromium.org/p/chromium/sheriff_(name).js, (eg https://build.chromium.org/p/chromium/sheriff_ios_europe.js), and parse the javascript string for text.  This is also mirrored on chromium-build.appspot.com.  This has the follow issues:

* Loading and parsing a js file on the client is inherently a security risk.  If the .js file is compromised (either via a server side attack or MITM), the attacker gains full access to build.chromium.org (or uberchromegw, if an internal console is loaded).
* The API is unstructured.  A JSON or PROTO endpoint would be more appropriate for a machine readable API.
* It is currently served via apache from a golo master.  Golo masters will go away following the LUCI launch, so the source of truth will have to be served from somewhere else.
 
Project Member

Comment 1 by bugdroid1@chromium.org, Oct 18 2017

The following revision refers to this bug:
  https://chrome-internal.googlesource.com/infra/infra_internal/+/afd25ab986f03519ff56ccc895913c099f354cc6

commit afd25ab986f03519ff56ccc895913c099f354cc6
Author: Andrii Shyshkalov <tandrii@chromium.org>
Date: Wed Oct 18 00:53:22 2017

Cc: tandrii@chromium.org
Status: Available (was: undefined)
Project Member

Comment 4 by bugdroid1@chromium.org, Oct 18 2017

The following revision refers to this bug:
  https://chrome-internal.googlesource.com/infra/puppet/+/4e8e46acf9e773ed594fe3820adcf6e8899d88d4

commit 4e8e46acf9e773ed594fe3820adcf6e8899d88d4
Author: Andrii Shyshkalov <tandrii@chromium.org>
Date: Wed Oct 18 18:48:15 2017

Project Member

Comment 5 by bugdroid1@chromium.org, Oct 18 2017

The following revision refers to this bug:
  https://chrome-internal.googlesource.com/infra/puppet/+/4b296f5bb46c403652cab07334823787e5c25c74

commit 4b296f5bb46c403652cab07334823787e5c25c74
Author: Andrii Shyshkalov <tandrii@chromium.org>
Date: Wed Oct 18 23:47:29 2017

Mkay, I certainly broke cronjobs, since it's 17:38 now and files should be updated eveyr 10 minutes:

$ ls -alrt /home/chrome-bot/buildbot/build/masters/master.chromium/public_html/
total 240
-rw-rw-r--  1 chrome-bot chrome-bot    48 Oct 18 16:51 trooper.js
-rw-rw-r--  1 chrome-bot chrome-bot    28 Oct 18 16:51 sheriff_angle.js
-rw-rw-r--  1 chrome-bot chrome-bot    17 Oct 18 16:51 current_trooper.txt
-rw-rw-r--  1 chrome-bot chrome-bot    54 Oct 18 16:51 sheriff.js
-rw-rw-r--  1 chrome-bot chrome-bot    24 Oct 18 16:52 sheriff_ios_us.js
-rw-rw-r--  1 chrome-bot chrome-bot    25 Oct 18 16:53 sheriff_ios_europe.js
-rw-rw-r--  1 chrome-bot chrome-bot    33 Oct 18 16:55 sheriff_cros_mtv.js
-rw-rw-r--  1 chrome-bot chrome-bot    43 Oct 18 16:56 sheriff_v8.js
-rw-rw-r--  1 chrome-bot chrome-bot    32 Oct 18 16:56 sheriff_cros_nonmtv.js
-rw-rw-r--  1 chrome-bot chrome-bot    24 Oct 18 16:57 sheriff_perf.js
-rw-rw-r--  1 chrome-bot chrome-bot    26 Oct 18 16:57 sheriff_perfbot.js
-rw-rw-r--  1 chrome-bot chrome-bot    24 Oct 18 16:58 sheriff_cr_cros_gardeners.js
-rw-rw-r--  1 chrome-bot chrome-bot    26 Oct 18 16:59 sheriff_gpu.js
-rw-rw-r--  1 chrome-bot chrome-bot    31 Oct 18 17:00 sheriff_android.js

Project Member

Comment 8 by bugdroid1@chromium.org, Oct 19 2017

The following revision refers to this bug:
  https://chrome-internal.googlesource.com/infra/infra_internal/+/72e7d71a6c15082003ab29a3bd1946798d8e21c3

commit 72e7d71a6c15082003ab29a3bd1946798d8e21c3
Author: Andrii Shyshkalov <tandrii@chromium.org>
Date: Thu Oct 19 00:58:22 2017

Project Member

Comment 9 by bugdroid1@chromium.org, Oct 19 2017

The following revision refers to this bug:
  https://chrome-internal.googlesource.com/infra/puppet/+/1e545cdc05dea5e989b9ee75cb97eb639f0112a0

commit 1e545cdc05dea5e989b9ee75cb97eb639f0112a0
Author: Andrii Shyshkalov <tandrii@chromium.org>
Date: Thu Oct 19 01:06:15 2017

Actually, files are served here:
https://uberchromegw.corp.google.com/i/chromium/sheriff.json and similiar
https://uberchromegw.corp.google.com/i/chromium/trooper.json (not yet available because there are no troopers (which is weird, but I'm not going to fix that)
Owner: tandrii@chromium.org
Status: Assigned (was: Available)
Status: Fixed (was: Assigned)
https://uberchromegw.corp.google.com/i/chromium/trooper.json  actually does work, so all this.

Sign in to add a comment