Need to validate generated luci-scheduler.cfg before submitting |
||
Issue descriptionThe LUCI Config service will send an email notification if an invalid configuration is pushed to it. A few days ago, this happened on this commit: https://chrome-internal.googlesource.com/chromeos/manifest-internal/+/92fe26870cec20933d2c4a47ab6c017b3a98dbb4%5E%21/#F0 . However, this config commit came from a builder whose job it is to sync config from master in to infra/config branch. So, there are two problems that we need to solve to fix this: 1. There needs to be a Chromite network test to call https://apis-explorer.appspot.com/apis-explorer/?base=https://luci-config.appspot.com/_ah/api#p/config/v1/config.validate_config to validate the config so that the author on master can see that their configuration will be rejected before they commit. 2. The LUCI Scheduler builder job needs to also call this API to confirm that the configuration is valid before making a commit in to infra/config.
,
Nov 6
Also from Nodir: """forgot to mention that the robot might also want to call https://apis-explorer.appspot.com/apis-explorer/?base=https://luci-config.appspot.com/_ah/api#p/config/v1/config.reimport to explicitly tell luci-notify to load the latest commit right after it is made. Otherwise luci-config may take up to 10min to notice the change. we'd need to add the robot service account to https://chrome-infra-auth.appspot.com/auth/groups/config-reimport after that, ideally the robot would call https://apis-explorer.appspot.com/apis-explorer/?base=https://luci-config.appspot.com/_ah/api#p/config/v1/config.get_config_sets?config_set=projects%252Fchromeos&include_last_import_attempt=true&_h=2& to ensure that the revision was accepted. Note that response would also contain validation errors if revision was not accepted (should not be the case since the robot called validation API before making the change). RPC definition, in python unfortunately https://cs.chromium.org/chromium/infra/luci/appengine/config_service/api.py?q=config_service/api&sq=package:chromium&g=0&l=230 """
,
Nov 6
What are the required arguments to config.validate_config, and config.reimport? I'm sure they are documented somewhere, but I don't see where yet.
,
Nov 6
they are not well documented. This is cloud endpoints (as opposed to prpc), so one has to read python code :( I am sorry about that reimport: https://cs.chromium.org/chromium/infra/luci/appengine/config_service/api.py?q=config_service/api&sq=package:chromium&g=0&l=460&rcl=9bac6d2446f6d1a8d5db6bfcb32804b52d04ea06 validate_config: https://cs.chromium.org/chromium/infra/luci/appengine/config_service/api.py?q=config_service/api&sq=package:chromium&g=0&rcl=9bac6d2446f6d1a8d5db6bfcb32804b52d04ea06&l=160
,
Nov 9
is this robot making commits to https://chrome-internal.googlesource.com/chromeos/manifest-internal/+/infra/config a temporary solution? It seems to be mutually exclusive with the go/luci-config-push effort which assumes that configs will be pushed by Chrome Infra Auth service. With the high-level config effort, we are moving towards one config file that configures all of LUCI (as opposed to per-service config, e.g. cr-buildbucket.cfg, luci-scheduler.cfg). What system will generate that config file, with all buckets, builders, scheduler jobs, etc? Would Chrome Infra Auth Service know all of this? I don't know much about Chrome Infra Auth service, but it seems to be a scope creep. If this robot can make commits to the repo, why do we need go/luci-config-push? Why can't it load partner projects from Chrome Infra Auth, add other LUCI concepts (builders, scheduler jobs) on top and make a commit? we need a mailing list for these discussions
,
Nov 9
I created the bot as a way to reduce management overhead for myself, TPMs, and others adjusting our builds schedules until go/luci-config-push is ready. |
||
►
Sign in to add a comment |
||
Comment 1 by dgarr...@chromium.org
, Nov 5