Joe added a comment.
Given my opposition to the plan as proposed in this task, I've been asked to explain it in more detail here. First of all, I want to say that IMHO things would have gone smoother if you asked SRE for an opinion about the plan before it was put in motion. Keep this in mind for the future. Having said that, we don't usually allow any request to flow from production services to services running in WMCS for a few good reasons, regarding reliability, privacy, and security. I don't think we've ever made an exception to this rule, and I don't think we should make one in this case - but this is my own personal opinion. I would be interested in seeing if we can have a path forward that allows you to get what you want with minimum effort while deploying in production. I would say that **a security review cannot be skipped **even if you're running the code from WMCS - as it's involved in serving production traffic. The other things standing in your way are a production deployment and a performance review, AIUI. Given you already have a docker image coming from the pipeline, creating a dedicated chart shouldn't be much harder than running the scaffolding script, and we can create an LVS endpoint for it in a relatively short timescale, so that you can get to production (a few weeks I think). I can't speak for the performance team, but I think you can ask for the performance review to happen with the service already deployed for the inital phases of your A/B testing. This path seems more reasonable to me than creating an exception to serve production traffic from WMCS. Does it sound unreasonable / irrealistic to you? In the future, we plan to have a much easier process for small experiments to run on kubernetes as "lambdas", but that will take some time to come to fruition - we're just working right now on introducing the technologies that will make it possible. TASK DETAIL https://phabricator.wikimedia.org/T285098 EMAIL PREFERENCES https://phabricator.wikimedia.org/settings/panel/emailpreferences/ To: Joe Cc: Joe, Ladsgroup, Ottomata, Lucas_Werkmeister_WMDE, Martaannaj, Michaelcochez, Michael, Addshore, Aklapper, Biggs657, Invadibot, Lalamarie69, maantietaja, Juan90264, Alter-paule, Beast1978, Un1tY, Akuckartz, Hook696, Iflorez, Kent7301, alaa_wmde, joker88john, CucyNoiD, Nandana, Gaboe420, Giuliamocci, Cpaulf30, Lahi, Gq86, Af420, Bsandipan, GoranSMilovanovic, QZanden, LawExplorer, Lewizho99, Maathavan, _jensen, rosalieper, Scott_WUaS, Wikidata-bugs, aude, Lydia_Pintscher, Sjoerddebruin, Mbch331
_______________________________________________ Wikidata-bugs mailing list -- [email protected] To unsubscribe send an email to [email protected]
