Sjoerd Simons authored Jul 04, 2022 and Igor Ponomarev committed Jul 04, 2022

Merge branch 'disable-login-required-for-scheduler-internals-apertispro-staging' into 'apertispro/staging'

Disable REQUIRE_LOGIN for `scheduler/internal/v1`

See merge request !84

Internal API has its own authentication mechanism that is not
compatible with Django authentication.

Fix lavacli not working when REQUIRE_LOGIN is activated

See merge request !83

lavacli sends token as basic auth instead of `Token`
authentication header.

Upstream MR: https://git.lavasoftware.org/lava/lava/-/merge_requests/1800

Let REQUIRE_LOGIN mode passthrough valid auth tokens

See merge request !82

Otherwise REST API and XMLRPC are practically unusable.

This is a passthrough mode meaning the token should be
validated and assinged user down the processing stack

This means that using the valid token someone can access other
pages as an anonymous user even when REQUIRE_LOGIN is enabled.

Igor Ponomarev authored Jun 17, 2022 and Sjoerd Simons committed Jun 23, 2022

It will activate the require login middleware if set to true.

Igor Ponomarev authored Jun 14, 2022 and Sjoerd Simons committed Jun 23, 2022

It will make it a requirement to be logged in for any page
other than home "/", static files "/static/" or login page
"/accounts/login".

The middleware can be activated by altering `MIDDLEWARE`
configuration variable.

For example:

File: `/etc/lava-server/settings.d/middleware.yaml`

Contents:
```yaml
---
MIDDLEWARE:
  - django.middleware.security.SecurityMiddleware
  - whitenoise.middleware.WhiteNoiseMiddleware
  - django.contrib.sessions.middleware.SessionMiddleware
  - django.middleware.common.CommonMiddleware
  - django.middleware.csrf.CsrfViewMiddleware
  - django.contrib.auth.middleware.AuthenticationMiddleware
  - django.contrib.messages.middleware.MessageMiddleware
  - django.middleware.clickjacking.XFrameOptionsMiddleware
  - lava_server.security.LavaRequireLoginMiddleware
```

Ritesh Raj Sarraf authored Mar 07, 2022 and Sjoerd Simons committed May 23, 2022

Signed-off-by: Ritesh Raj Sarraf <ritesh.sarraf@collabora.com>

Ritesh Raj Sarraf authored Mar 07, 2022 and Sjoerd Simons committed May 23, 2022

Signed-off-by: Ritesh Raj Sarraf <ritesh.sarraf@collabora.com>

Ritesh Raj Sarraf authored Mar 06, 2022 and Sjoerd Simons committed May 23, 2022

Signed-off-by: Ritesh Raj Sarraf <ritesh.sarraf@collabora.com>

Igor Ponomarev authored Apr 20, 2022 and Sjoerd Simons committed May 18, 2022

Breaking changes to query parameters and JSON object

Igor Ponomarev authored May 13, 2022 and Paweł Wieczorek committed May 13, 2022

Because of lazy pagination it is impossible to tell how many
total pages we have.
The `/ ??` was looking like something was broken on the server.

Upstream MR: https://git.lavasoftware.org/lava/lava/-/merge_requests/1752

Laura Nao authored Apr 19, 2022 and Paweł Wieczorek committed May 13, 2022

Network booting in Depthcharge is achieved by a single command.
Override bootloader-commands action for Depthcharge and add support
for detecting error messages before final_message.

Signed-off-by: Laura Nao <laura.nao@collabora.com>

Laura Nao authored Apr 19, 2022 and Paweł Wieczorek committed May 13, 2022

Add list of error message patterns for the Depthcharge boot method.
Allow users to redefine the errors through depthcharge_error_messages.

Signed-off-by: Laura Nao <laura.nao@collabora.com>

Laura Nao authored May 03, 2022 and Paweł Wieczorek committed May 13, 2022

Add extra_kernel_args parameter to the Depthcharge boot method,
to allow specifying additional kernel arguments specific for each
boot action in multi-stage jobs.

Signed-off-by: Laura Nao <laura.nao@collabora.com>

Laura Nao authored Apr 07, 2022 and Paweł Wieczorek committed May 13, 2022

Remove unneeded base_kernel_args override from trogdor device type
template.

MR upstream: https://git.lavasoftware.org/lava/lava/-/merge_requests/1726



Signed-off-by: Laura Nao <laura.nao@collabora.com>

This patch is intended to prevent CI pipeline flakiness caused by the
changes from the container image publisher.

Script environment is expected to be Alpine hence the specific base
image. DinD service does not need to be bound to a specific base image.

Signed-off-by: Paweł Wieczorek <pawiecz@collabora.com>

By default "docker-compose up" picks up any changes in service
configuration by stopping and recreating the containers. This behaviour
caused recreation of LAVA server and database when worker token was
passed to the dispatcher configuration even though these services are
not affected by this change.

Signed-off-by: Paweł Wieczorek <pawiecz@collabora.com>

Compose plugin is now available by default on the DinD image [0].
Version was bumped from 1.29.2 to 2.5.0. Default field separator has
been changed from '_' to '-'.

[0] https://github.com/docker-library/docker/commit/9aaa75893c70431f1302b0608af47ee26d67edf2



Signed-off-by: Paweł Wieczorek <pawiecz@collabora.com>

Igor Ponomarev authored Apr 21, 2022 and Paweł Wieczorek committed May 13, 2022

Anonymous users cannot be a part of any group.

There is no point in running a complex SQL query that can
slow down the server.

Closes #536

Tomer Galor authored Feb 23, 2022 and Paweł Wieczorek committed May 13, 2022

There are two grunt variants that look very similar to each other but
have different device configurations.

Signed-off-by: Tomer Galor <tomer.galor@collabora.com>

Laura Nao authored Mar 01, 2022 and Paweł Wieczorek committed May 13, 2022

Add device type template for the Acer CB514-2H spherion Chromebook.

Signed-off-by: Laura Nao <laura.nao@collabora.com>

Paweł Wieczorek authored Aug 17, 2021 and Paweł Wieczorek committed May 13, 2022

Creating volume as a separate step is not required [1].

This way tracking lavacli volume name so that only single volume is
created is no longer necessary. No additional ones would be created in
case of a typo.

[1] https://docs.docker.com/storage/volumes/#start-a-container-with-a-volume



Signed-off-by: Paweł Wieczorek <pawel.wieczorek@collabora.com>

Entrypoint script for dispatcher ("start-worker.sh") expected
"LOG_LEVEL" instead of "LOGLEVEL" in its environment.

This patch also fixes "LOG_LEVEL" flag: "lava-worker" accepts "--level".

Signed-off-by: Paweł Wieczorek <pawiecz@collabora.com>

Having more than one hundred devices running jobs at the same time and
pushing log statements generates high traffic to the server. Increasing
logger time limit could help to reduce the number of HTTP requests.

Signed-off-by: Paweł Wieczorek <pawiecz@collabora.com>

This patch is a temporary work-around (famous last words). It should be
replaced with a restarting policy once LAVA services are separated in
Collabora deployment.

Signed-off-by: Paweł Wieczorek <pawiecz@collabora.com>