Uploaded image for project: 'Data Management'
  1. Data Management
  2. DM-17230

jenkins 2018-09-25 2018-12-05 security vulnerabilties (TSSW)

    Details

      Description

      The jenkins update done for DM (DM-15866) also needs to be rolled out for TSSW. As a per-requistie, rather than continuing to maintain thet TSSW jenkins deployment as a fork/branch of the DM deployment that needs to be periodically rebased (often non-trivial) it should be merged into the same hiera configuration hierarchy in hopes of reducing the on-going maintenance burden.

      Prior to the re-deployment, all existing plugins should be removed, so that all installed plugins are in the .hpi format as this is a long-shot possible source of [at least one of] the stability problems in (DM-16495).

        Attachments

          Issue Links

            Activity

            Hide
            jhoblitt Joshua Hoblitt added a comment -

            It was more difficult than expected but I believe I have a working procedure for the update. Downtime has been announced on #ts-software for tomorrow evening.

            @channel the TSSW jenkins instance will be down for maintenance tomorrow evening (01/30) from 2000-2100 (US/Arizona time)
            

            Show
            jhoblitt Joshua Hoblitt added a comment - It was more difficult than expected but I believe I have a working procedure for the update. Downtime has been announced on #ts-software for tomorrow evening. @channel the TSSW jenkins instance will be down for maintenance tomorrow evening ( 01 / 30 ) from 2000 - 2100 (US/Arizona time)
            Hide
            jhoblitt Joshua Hoblitt added a comment -

            The deployment was completely redone from the vpc up. The old master was snapshotted and registered as ami-0959efe7c6f53d935 (us-west-2).

            Brief testing is unable to reproduce the update-center metadata update crash.

            Show
            jhoblitt Joshua Hoblitt added a comment - The deployment was completely redone from the vpc up. The old master was snapshotted and registered as ami-0959efe7c6f53d935 ( us-west-2 ). Brief testing is unable to reproduce the update-center metadata update crash.
            Hide
            jhoblitt Joshua Hoblitt added a comment -

            It was discovered during the update last night that jenkins CASC credentials management is an all or nothing affair, so it was disabled for the tssw jenkins-prod env. DM-17594 has been opened to investigate this.

            Show
            jhoblitt Joshua Hoblitt added a comment - It was discovered during the update last night that jenkins CASC credentials management is an all or nothing affair, so it was disabled for the tssw jenkins-prod env. DM-17594 has been opened to investigate this.

              People

              • Assignee:
                jhoblitt Joshua Hoblitt
                Reporter:
                jhoblitt Joshua Hoblitt
                Watchers:
                Andy Clements, Joshua Hoblitt, Rob Bovill, Simon Krughoff
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: