Project

General

Profile

Actions

action #110533

closed

Minion Jobs page keeps retrieving stats even when logged out size:M

Added by tinita almost 2 years ago. Updated almost 2 years ago.

Status:
Resolved
Priority:
Low
Assignee:
Category:
Feature requests
Target version:
Start date:
2022-05-02
Due date:
% Done:

0%

Estimated time:

Description

Observation

When I have a browser window with the Minion Page open, it retrieves statistics in the background every four seconds (/minion/stats).

When I get logged out at some point, it keeps retrieving, but since it's unauthorized, the Ajax request always gets redirected to our OpenID provider, which is causing some other problems on their side due to the many requests.

Acceptance criteria

  • AC1: Move the Minion stats route (not all Minion routes!!!) into the public part of the openQA routes (to sidestep authentication)

Suggestions

  • Since it's a JSON request, don't redirect to a login page, just return 403
  • Detect that we get a 403 and stop retrieving data
  • Fix the ui upstream to stop requesting stats after receiving a non-200 response
Actions #1

Updated by okurz almost 2 years ago

  • Tags set to reactive work
  • Priority changed from Normal to High
  • Target version set to Ready
Actions #2

Updated by okurz almost 2 years ago

  • Priority changed from High to Low
Actions #3

Updated by tinita almost 2 years ago

  • Description updated (diff)
Actions #4

Updated by livdywan almost 2 years ago

  • Subject changed from Minion Jobs page keeps retrieving stats even when logged out to Minion Jobs page keeps retrieving stats even when logged out size:M
  • Description updated (diff)
  • Status changed from New to Workable
Actions #5

Updated by okurz almost 2 years ago

  • Due date set to 2022-05-19
  • Status changed from Workable to In Progress
  • Assignee set to okurz

I think it's helpful to provide more context and actually also provide the suggestions that had been given. In https://suse.slack.com/archives/C029APBKLGK/p1651500641607249?thread_ts=1651492403.781139&cid=C029APBKLGK

kraih explains that the recurring polling is coming from old jquery code https://github.com/mojolicious/minion/blob/33644624fc62013186fe0808d3365ad5fd8ce347/lib/Mojolicious/Plugin/Minion/resources/public/minion/app.js#L24

app.js
function pollStats (url) {
mojolicious/minion | Added by GitHub

this can be considered to be changed.
Also Andrii Nikitin already suggested: "It might be even safe to just allow minion/stats without authentication, at least something which can be done in openqa without changing the minion lib"
to which kraih confirmed: "yes, the route has a name, so it can be reattached somewhere else in the routing tree https://github.com/mojolicious/minion/blob/33644624fc62013186fe0808d3365ad5fd8ce347/lib/Mojolicious/Plugin/Minion/Admin.pm#L22

Admin.pm
  $prefix->get('/stats'   => \&_stats)->name('minion_stats');
Actions #6

Updated by okurz almost 2 years ago

  • Status changed from In Progress to Feedback

first to reproduce the issue what I did was to start a bare openQA instance with config httpsonly=0 in etc/openqa/openqa.ini of my openQA working copy and keeping everything else in place. Then started sudo -u geekotest env OPENQA_BASEDIR=/tmp/tmp.n0KbC5PDt2 script/openqa-webui-daemon with /tmp/tmp.n0KbC5PDt2 being a directory owned by geekotest and an empty subdirectory db to prevent an error about unable to create a lock file. Then I went to http://127.0.0.1:9526/ , logged in, then to http://127.0.0.1:9526/minion/jobs in my browser, opened developer tools, "Network" tab and saw a request every couple of seconds to "stats". I opened http://127.0.0.1:9526/ in a second tab, logged out and could see that the requests in the developer tools go to "www.opensuse.org/openid" instead.

Could fix it with the help of kraih

https://github.com/os-autoinst/openQA/pull/4639

Actions #7

Updated by okurz almost 2 years ago

  • Due date deleted (2022-05-19)
  • Status changed from Feedback to Resolved

PR merged. I am sure that no one currently has a tab open for an not-logged in openQA instance showing minion jobs so I guess we can immediately resolve :)

Actions

Also available in: Atom PDF