dotorg repo access

Can @dufresnesteven please have access to dotorg.trac.wordpress.org and read-only access to the corresponding svn. He’s helping to open source some of the WP and bbPress plugins that are tucked away in the dotorg repo.

#prio2

Update svn1 node versions for Gutenberg

As per #4974-meta for future Core builds the NodeJS/NPM versions will need bumping for proper Gutenberg building. The PR won’t be merged prior to the svn build servers being updated.

Gutenberg now requires Node.js 12.x and npm > 6.9.x and the “build server” requires updating to accommodate this.
At the time of creating this ticket:
* the latest Node.js LTS release is 12.14.1 https://nodejs.org/en/
* the latest npm release is 6.13.6 https://blog.npmjs.org/
See also: https://github.com/WordPress/gutenberg/pull/19680

For any questions, you’ll need to follow up with someone more involved with Gutenberg development, see the above Trac ticket or Gutenberg PR.

#prio2

#4974-meta

WordCamp.org slow load times

I’ve been noticing intermittently slow load times for wordcamp.org lately, and others have reported it as well.

Most of the times things are normal, but when it happens the page takes 10-30 seconds to load. While it’s going on, it seems like any page I visit is slow (e.g., 2020.asia.wordcamp.org/wp-admin and also 2019.seattle.wordcamp.org/contact). Then it resolves itself after a minute or so.

I noticed it this morning around 7:40am Pacific.

Because all requests are affected, it doesn’t feel like a slow MYSQL query. I’m wondering if it’s a DDoS that was automatically mitigated?

Do we have any logs that would give clues? I don’t see anything in the Slack channels. Or do you have any other ideas?

#prio2

New SSH key for Timi Wahalahti

Was @sippis‘ proxy access automatically blocked (maybe similar to a few people last month)?

We’ve been trying to get it working on his new machine (using his old key), but haven’t been able to. Here’s the output with ports 8080 and 8090; I think they’re both supposed to work, but not sure.

$ ssh -vvv -ND 8080 -p22 -i worgproxy_rsa sippis@proxy.wordpress.org
OpenSSH_7.9p1, LibreSSL 2.7.3
debug1: Reading configuration data /Users/sippis/.ssh/config
debug1: /Users/sippis/.ssh/config line 1: Applying options for proxy.wordpress.org
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 48: Applying options for *
debug1: Connecting to proxy.wordpress.org port 22.
debug1: Connection established.
debug1: identity file worgproxy_rsa type 0
debug1: identity file worgproxy_rsa-cert type -1
debug1: identity file /Users/sippis/.ssh/worgproxy_rsa type 0
debug1: identity file /Users/sippis/.ssh/worgproxy_rsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.9
ssh_exchange_identification: Connection closed by remote host

$ ssh -vvv -ND 8090 -p22 -i worgproxy_rsa sippis@proxy.wordpress.org
OpenSSH_7.9p1, LibreSSL 2.7.3
debug1: Reading configuration data /Users/sippis/.ssh/config
debug1: /Users/sippis/.ssh/config line 1: Applying options for proxy.wordpress.org
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 48: Applying options for *
debug1: Connecting to proxy.wordpress.org port 22.
debug1: Connection established.
debug1: identity file worgproxy_rsa type 0
debug1: identity file worgproxy_rsa-cert type -1
debug1: identity file /Users/sippis/.ssh/worgproxy_rsa type 0
debug1: identity file /Users/sippis/.ssh/worgproxy_rsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.9
ssh_exchange_identification: read: Connection reset by peer

If you don’t see what’s wrong, could you replace his old public key with this new one?

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDRBalZIm7+6MjsAOdm9HVd7rOoy4Z1cyd8vpsGGfejo5qYfRszOHbkOSouXLIuRymm/+vSvmshFLh2N3FhGDMYE/F8rTPrBTTVCNh36aOutBqTPW3ynTHEq7scG9VRM2Ir7ongSjFKF+MIseycJ/6BmEVSwRxvXDV22iCWwZoJwB/qhr8g8nycV152aZPpLPTlWhjZVmZYJg1AhWYX7yc+D3ih06bkfDiKzr+VygIxrhg6R6+MiC4KN8KFuYvsqHSvlgS8CMqj8WJRmcfs0lBmwMSvixzchDfJDeXPqCu1P60wqGaDMvZ+p1/Sx7ttI08g9qsso2R2d1CnGku7FYjP sippis@Illusia.local

#prio2

Grant default theme commit to @ianbelanger

I need to get theme commit access for @ianbelanger to manage work on the default themes. Our most recent two theme committers have had to step back and they worked with him directly to do some training/hand off. I will make sure to share the following documentation with him as well:

  • https://make.wordpress.org/community/handbook/wordcamp-organizer/first-steps/web-presence/computer-security-best-practices/
  • https://make.wordpress.org/core/handbook/best-practices/when-you-become-a-committer/
  • Not a post, but the welcome/onboarding chat as has been passed down to me by @desrosj @mikeschroder and @aaroncampbell.

This is a #prio2, but would be great to get sorted for work on WP5.2.3 and WP5.3.

#commit #themes

Remove trailingslashit rule for theme directory URIs

Currently the nginx rules for the theme directory includes a similar to the following, can we please remove it, as it breaks access to URLs that shouldn’t have a trailing slash, such as https://wordpress.org/themes/sitemap.xml
There should already be a handler in the PHP environment to add the trailing slash if it’s missing.

location /themes/ {
        # Add a trailing slash to all themes
        rewrite ^/themes/([^/]+)$ /themes/$1/ permanent;
}

This is being tracked as #5022-meta.

#prio2

#5022-meta

plugins.svn is very slow

This is a known issue, but it seems like it’s gotten significantly worse in the past ~6 months, to the point where it’s disruptive to workflows, and would delay promptly recovering from bad deploys.

Here are some timings from my WordCamp.org sandbox using, using themes.svn as a baseline.

/wp-content/themes ( 10 svn:externals to themes.svn )
$ time svnup

real 0m0.313s

wp-content/plugins ( 27 svn:externals to plugins.svn items, 1 to meta.svn )
$ time svnup

real 3m29.532s

$ time deploy-wordcamp.sh

real 4m44.074s

With a deploy taking almost 5 minutes, there’ll be a lot of extra/unnecessary downtime if we ever need to revert a bad commit and re-deploy.

#prio-2

#prio2

Proxy Access for @tobifjellner

Hello, can you please set up proxy access for @tobifjellner. He’s a polyglots mentor.

The public key is:

ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAuf3oli0Y3f1Ym36R/NlcuArgNETjzOdlX4q0dj5i56s80Pp55TdbxU3D0H4hZcVOtacYdkcbrS7Byg/0kfMi0RGBEkKgMv4lBewwHxaegWmkTl38DROssioatAWAOEER9EiMTF6cChM68eolLo6xc7ju9K0gn9Mg98hrbr44f22/BATTDpKGefziCOGHSWxjK8juoD/sKmim/XNLK77/I7KNDNv2qxO3hwtHot5/R2+QfU//1zusJx9OFrJ6mriDENurvGWwXf88QcRkjnQxFUfu+NZLT9x2hR3RsKiG3copmWyVZ7OHFShiizlzvji2N9YDBpFUvBrB6VouIAIDZQ== rsa-key-20190620

Thanks!

#prio2

dotorg Trac access for SergeyBiryukov

When using the proxy created for me in 2017, I have access to the dotorg SVN, but for some reason I’m still getting “403 Forbidden” when trying to access dotorg Trac to view changesets.

@pento tried to fix this at WCEU last year, but something was still missing. Initially we assumed that capital letters in my username (SergeyBiryukov) might be an issue, but changing it to lower case didn’t help, and the change was reverted.

He suggested submitting a Systems request to look further, which I’m doing now.

If someone could make my dotorg Trac access work, that would be grealy appreciated 🙂

#prio2

We are discussing moving to…

We are discussing moving to Github for WordCamp.org, and would like to know if there are any blockers that we have not considered yet.

Details are in the linked post, tldr: we would keep using SVN as a release tool so that deploy scripts etc keep on working. We will sync to SVN from Git at start of the deploy process.

#prio2