Canonical SSO provider

Merge ~suligap/canonical-identity-provider:talisker-init-with-sentry-overhaul into canonical-identity-provider:master

  1. Git
  2. lp:~suligap/canonical-identity-provider
  3. talisker-init-with-sentry-overhaul
  4. Merge into master
Proposed by Przemysław Suliga
Status: Merged
Approved by: Przemysław Suliga
Approved revision: 99cd5cebf1a79b106e2bcd2295a51b667d56968c
Merge reported by: Otto Co-Pilot
Merged at revision: not available
Proposed branch: ~suligap/canonical-identity-provider:talisker-init-with-sentry-overhaul
Merge into: canonical-identity-provider:master
Diff against target: 160 lines (+14/-21)
5 files modified
Makefile (+2/-1)
django_project/settings_base.py (+9/-12)
django_project/settings_devel.py (+0/-1)
requirements.txt (+3/-3)
src/identityprovider/wsgi.py (+0/-4)
Reviewer Review Type Date Requested Status
Daniel Manrique (community) Approve
Review via email: mp+384254@code.launchpad.net

Commit message

Switch to talisker and simplify/standardise the Sentry config

Description of the change

Description in the commit message.

Required dependencies MP: https://code.launchpad.net/~suligap/canonical-identity-provider/dependencies-talisker/+merge/384255.

Looks like the charm itself is already talisker aware and will use it instead of gunicorn if it's installed: https://bazaar.launchpad.net/~ubuntuone-pqm-team/canonical-identity-provider/charm/view/head:/playbook.yaml#L89

To post a comment you must log in.
Revision history for this message
Daniel Manrique (roadmr) wrote :

LGTM, I like that the changes are pretty well-localized and not too intrusive.

review: Approve
Revision history for this message
Przemysław Suliga (suligap) wrote :

Thanks for the reviews Daniel!

I've added the mentioned soft request timeout config for talisker in https://code.launchpad.net/~suligap/canonical-identity-provider/charm-talisker-soft-request-timeout/+merge/384493

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/Makefile b/Makefile
2index d76add8..8b077a1 100644
3--- a/Makefile
4+++ b/Makefile
5@@ -6,6 +6,7 @@ CONFIGMANAGER = config-manager.txt
6 CONN_CHECK_CONFIG_PATH ?= /tmp/sso_conn_check_config.yaml
7 DJANGO_SETTINGS_MODULE ?= settings
8 ENV = $(CURDIR)/env
9+GUNICORN = $(ENV)/bin/talisker
10 JUJU_ENV ?= local
11 JUJU_REPO ?= ../.juju-repo
12 LOCAL_SETTINGS_DIR ?= $(CURDIR)/../local_config
13@@ -200,7 +201,7 @@ manage: ## Run django management commands
14 run: ARGS=0.0.0.0:8000
15 run: PID_ID=gunicorn
16 run: collectstatic django-check ## Start development server
17- $(ENV)/bin/gunicorn django_project.wsgi:application --workers=2 --reload --pid=logs/$(PID_ID).pid --bind=$(ARGS) --timeout=99999 --error-logfile=- --access-logfile=- $(SSL_CONFIG)
18+ DEVEL=1 $(GUNICORN) django_project.wsgi:application --workers=2 --reload --pid=logs/$(PID_ID).pid --bind=$(ARGS) --error-logfile=- --access-logfile=- $(SSL_CONFIG)
19
20 run-ssl: dev-sso.crt
21 $(MAKE) run SSL_CONFIG="--certfile=dev-sso.crt --keyfile=dev-sso.key --ssl-version 2" ARGS=0.0.0.0:8443 SSO_ROOT_URL=https://sso-xenial:8443 PID_ID=gunicorn-ssl
22diff --git a/django_project/settings_base.py b/django_project/settings_base.py
23index e0aa795..561acbf 100644
24--- a/django_project/settings_base.py
25+++ b/django_project/settings_base.py
26@@ -214,6 +214,7 @@ INSTALLED_APPS = [
27 'pgtools',
28 'piston',
29 'preflight',
30+ 'raven.contrib.django.raven_compat',
31 'saml2idp',
32
33 # own apps
34@@ -221,8 +222,6 @@ INSTALLED_APPS = [
35 'identityprovider',
36 'ubuntu_sso_saml',
37 'webui',
38- 'raven.contrib.django.raven_compat',
39- 'canonical_raven',
40 ]
41 INTERNAL_IPS = []
42 LANGUAGES = [
43@@ -357,6 +356,12 @@ LOGGING = {
44 'filters': [],
45 'handlers': ['file'],
46 },
47+ 'talisker.wsgi': {
48+ 'level': 'WARNING',
49+ 'propagate': False,
50+ 'filters': [],
51+ 'handlers': ['file'],
52+ },
53 },
54 'root': {
55 'level': 'INFO',
56@@ -383,7 +388,6 @@ MESSAGE_STORAGE = 'django.contrib.messages.storage.fallback.FallbackStorage'
57 MIDDLEWARE_CLASSES = [
58 ('raven.contrib.django.raven_compat.middleware'
59 '.SentryResponseErrorIdMiddleware'),
60- 'canonical_raven.middleware.RavenContextMiddleware',
61 'api.v20.utils.EnsureJSONResponseOnAPIErrorMiddleware',
62 'identityprovider.middleware.http.SetRemoteAddrFromForwardedFor',
63 'identityprovider.middleware.statsd.PistonRequestTimingMiddleware',
64@@ -470,15 +474,8 @@ RAVEN_CONFIG = {
65 # 'dsn': 'http://api:key@sentry.host/project_id',
66 'release': version_info['revno'],
67 'string_max_length': 16000,
68- 'install_sql_hook': False,
69 'CELERY_LOGLEVEL': logging.WARN,
70- 'processors': [
71- 'raven.processors.SanitizePasswordsProcessor',
72- 'raven.processors.RemoveStackLocalsProcessor',
73- 'raven.processors.RemovePostDataProcessor',
74- 'canonical_raven.processors.RemoveCookiesProcessor',
75- 'canonical_raven.processors.SanitizeTimelineDjangoProcessor',
76- ],
77+ # talisker takes care of setting safe defaults for raven.
78 }
79 READ_ONLY_MODE = False
80 ROOT_URLCONF = 'django_project.urls'
81@@ -500,6 +497,7 @@ SECURE_PROXY_SSL_HEADER = None
82 SECURE_SSL_REDIRECT = False
83 SEND_BROKEN_LINK_EMAILS = False
84 SENTRY_CELERY_LOGLEVEL = logging.WARN
85+SENTRY_CLIENT = 'talisker.django.SentryClient'
86 SERVER_EMAIL = 'noreply@ubuntu.com'
87 SESSION_CACHE_ALIAS = 'default'
88 SESSION_COOKIE_AGE = 1209600
89@@ -614,7 +612,6 @@ TWOFACTOR_TTL = 48 * 3600 # 48 hs
90 USE_ETAGS = False
91 USE_I18N = True
92 USE_L10N = True
93-USE_SENTRY = True
94 USE_THOUSAND_SEPARATOR = False
95 USE_TZ = False
96 USE_X_FORWARDED_HOST = False
97diff --git a/django_project/settings_devel.py b/django_project/settings_devel.py
98index a3466f8..da15108 100644
99--- a/django_project/settings_devel.py
100+++ b/django_project/settings_devel.py
101@@ -47,4 +47,3 @@ TWOFACTOR_MANDATORY_TEAMS = ['ubuntuone-hackers']
102 # Load a minimal blacklist in development so as to not need too much
103 # time and memory and not break any tests
104 PASSWORD_BLACKLIST_FILE = os.path.join(BASE_DIR, "blacklist-devel.txt")
105-USE_SENTRY = False
106diff --git a/requirements.txt b/requirements.txt
107index 39def16..0577502 100644
108--- a/requirements.txt
109+++ b/requirements.txt
110@@ -1,5 +1,4 @@
111 bson==0.3.4
112-canonical-raven==0.0.3
113 cffi==1.6.0
114 conn-check-configs==1.0.3
115 convoy==0.4.1
116@@ -17,7 +16,7 @@ django-secure==1.0.1
117 django-statsd-mozilla==0.4.0
118 enum34==1.1.6
119 gargoyle-yplan==1.2.5
120-gunicorn==19.3.0
121+gunicorn==19.10.0
122 idna==2.1
123 ipaddress==1.0.16
124 lazr.authentication==0.1.3
125@@ -36,13 +35,14 @@ pyasn1==0.1.9
126 pycparser==2.14
127 pymacaroons==0.10.0
128 python-openid==2.2.5
129-raven==6.0.0
130+raven==6.10.0
131 requests==2.10.0
132 requests-oauthlib==0.4.2
133 saml2idp==0.18
134 six==1.10.0
135 ssoclient==2.1.1
136 statsd==3.1
137+talisker[django,gunicorn,raven]==0.18.0
138 testresources==0.2.7
139 timeline==0.0.4
140 timeline-django==0.0.5
141diff --git a/src/identityprovider/wsgi.py b/src/identityprovider/wsgi.py
142index b8ce74c..492858c 100644
143--- a/src/identityprovider/wsgi.py
144+++ b/src/identityprovider/wsgi.py
145@@ -2,8 +2,6 @@ import uuid
146
147 import oops_wsgi
148
149-from canonical_raven.middleware import Sentry
150-
151 from django.conf import settings
152 from oops_wsgi import django as oops_wsgi_django
153 from timeline.wsgi import make_app as timeline_wsgi_make_app
154@@ -77,6 +75,4 @@ def make_app():
155 app = oops_wsgi.make_app(
156 app, config, oops_on_status=['500'],
157 soft_start_timeout=settings.HANDLER_TIMEOUT_MILLIS)
158- if settings.USE_SENTRY:
159- app = Sentry(app, soft_start_timeout=settings.HANDLER_TIMEOUT_MILLIS)
160 return app

Subscribers

People subscribed via source and target branches