Backlog of quality issues/optimizations to make:
🤢 Backend: Prod/stage not DRY w/ secret fetching logic
noted 2018-02-18
🤢 Backend: Lots of magic values, like directories and so on.
noted 2018-02
* magic values in backend, like for lots of dirs: might want to save these values in a bash env file to source; that way I only have to change a path in one place rather than who knows how many places
🤢 Backend: hard coded db endpoints(more magic values: put in module instead, or use secret)
noted 2018-02
* replace hard coded values for db endpoint in django config with secret value; requires updating secrets for swarms (don't do thisfor stage though - stage secret is relative to manager, not swarm task)
🤢 CI/CD: playbooks may be safer if they prompt for values
noted 2018-02
`* playbooks could be written to ask for plays instead of requiring extra varfrom cmd line.
🔴 CI/CD: Current solution for updating secrets requires downtime(take down stack and redeploy)
Python multithreading disabled with uwsgi
🤢 Push.yml for compose,secrets fails at move step/tar step if compose file/secret dir isn’t existing on remote node.
TASK [push-secrets : Move current secrets to prev dir] *****************************
fatal: [mm-prod-manager1]: FAILED! => {"changed": true, "cmd": "(cd /home/docker/secrets/ && tar c .) | (cd /home/docker/prev-secrets/ && tar xf -)", "delta": "0:00:00.002387", "end": "2018-02-13 18:29:23.274442", "msg": "non-zero return code", "rc": 2, "start": "2018-02-13 18:29:23.272055", "stderr": "/bin/sh: cd: line 1: can't cd to /home/docker/prev-secrets/\n/bin/sh: cd: line 1: can't cd to /home/docker/secrets/", "stderr_lines": ["/bin/sh: cd: line 1: can't cd to /home/docker/prev-secrets/", "/bin/sh: cd: line 1: can't cd to /home/docker/secrets/"], "stdout": "", "stdout_lines": []}
Backlog of quality issues/optimizations to make:
🤢 Backend: Prod/stage not DRY w/ secret fetching logic
🤢 Backend: Lots of magic values, like directories and so on.
* magic values in backend, like for lots of dirs: might want to save these values in a bash env file to source; that way I only have to change a path in one place rather than who knows how many places🤢 Backend: hard coded db endpoints (more magic values: put in module instead, or use secret)
* replace hard coded values for db endpoint in django config with secret value; requires updating secrets for swarms (don't do thisfor stage though - stage secret is relative to manager, not swarm task)🤢 CI/CD: playbooks may be safer if they prompt for values
`* playbooks could be written to ask for plays instead of requiring extra var from cmd line.🔴 CI/CD: Current solution for updating secrets requires downtime (take down stack and redeploy)
Python multithreading disabled with uwsgi
🤢 Push.yml for compose,secrets fails at move step/tar step if compose file/secret dir isn’t existing on remote node.
TASK [push-secrets : Move current secrets to prev dir] *****************************fatal: [mm-prod-manager1]: FAILED! => {"changed": true, "cmd": "(cd /home/docker/secrets/ && tar c .) | (cd /home/docker/prev-secrets/ && tar xf -)", "delta": "0:00:00.002387", "end": "2018-02-13 18:29:23.274442", "msg": "non-zero return code", "rc": 2, "start": "2018-02-13 18:29:23.272055", "stderr": "/bin/sh: cd: line 1: can't cd to /home/docker/prev-secrets/\n/bin/sh: cd: line 1: can't cd to /home/docker/secrets/", "stderr_lines": ["/bin/sh: cd: line 1: can't cd to /home/docker/prev-secrets/", "/bin/sh: cd: line 1: can't cd to /home/docker/secrets/"], "stdout": "", "stdout_lines": []} to retry, use: --limit @/home/rona/projects/moshimoji/ansible/push.retry
Not sure if I’m using load balancer for stage - have 2 a records for stage, both ipv4when it should be a cname to lb.
🤢 STAGE set to ’0’ instead of 0 in be task: unideal solution implemented, which is to cast the value into int in wsgi.py check.
⚠️ Logins insecure till SSL implemented
⚠️ Generate fragment runs against stage endpoint of gql all the time, instead of inferring the environment and going from there.
This doc has gotten too heavy! I’m moving to a new one.
2018-02-23
TypeError: e.allUserStatuses is undefined => broken browser render even after doing migrate and sync onto stage