action #110533
closedMinion Jobs page keeps retrieving stats even when logged out size:M
0%
Description
Observation¶
When I have a browser window with the Minion Page open, it retrieves statistics in the background every four seconds (/minion/stats).
When I get logged out at some point, it keeps retrieving, but since it's unauthorized, the Ajax request always gets redirected to our OpenID provider, which is causing some other problems on their side due to the many requests.
Acceptance criteria¶
- AC1: Move the Minion stats route (not all Minion routes!!!) into the public part of the openQA routes (to sidestep authentication)
Suggestions¶
- Since it's a JSON request, don't redirect to a login page, just return 403
- Detect that we get a 403 and stop retrieving data
- Fix the ui upstream to stop requesting stats after receiving a non-200 response
Updated by okurz over 2 years ago
- Tags set to reactive work
- Priority changed from Normal to High
- Target version set to Ready
Updated by livdywan over 2 years ago
- Subject changed from Minion Jobs page keeps retrieving stats even when logged out to Minion Jobs page keeps retrieving stats even when logged out size:M
- Description updated (diff)
- Status changed from New to Workable
Updated by okurz over 2 years ago
- Due date set to 2022-05-19
- Status changed from Workable to In Progress
- Assignee set to okurz
I think it's helpful to provide more context and actually also provide the suggestions that had been given. In https://suse.slack.com/archives/C029APBKLGK/p1651500641607249?thread_ts=1651492403.781139&cid=C029APBKLGK
kraih explains that the recurring polling is coming from old jquery code https://github.com/mojolicious/minion/blob/33644624fc62013186fe0808d3365ad5fd8ce347/lib/Mojolicious/Plugin/Minion/resources/public/minion/app.js#L24
app.js
function pollStats (url) {
mojolicious/minion | Added by GitHub
this can be considered to be changed.
Also Andrii Nikitin already suggested: "It might be even safe to just allow minion/stats without authentication, at least something which can be done in openqa without changing the minion lib"
to which kraih confirmed: "yes, the route has a name, so it can be reattached somewhere else in the routing tree https://github.com/mojolicious/minion/blob/33644624fc62013186fe0808d3365ad5fd8ce347/lib/Mojolicious/Plugin/Minion/Admin.pm#L22
Admin.pm
$prefix->get('/stats' => \&_stats)->name('minion_stats');
Updated by okurz over 2 years ago
- Status changed from In Progress to Feedback
first to reproduce the issue what I did was to start a bare openQA instance with config httpsonly=0 in etc/openqa/openqa.ini of my openQA working copy and keeping everything else in place. Then started sudo -u geekotest env OPENQA_BASEDIR=/tmp/tmp.n0KbC5PDt2 script/openqa-webui-daemon with /tmp/tmp.n0KbC5PDt2 being a directory owned by geekotest and an empty subdirectory db to prevent an error about unable to create a lock file. Then I went to http://127.0.0.1:9526/ , logged in, then to http://127.0.0.1:9526/minion/jobs in my browser, opened developer tools, "Network" tab and saw a request every couple of seconds to "stats". I opened http://127.0.0.1:9526/ in a second tab, logged out and could see that the requests in the developer tools go to "www.opensuse.org/openid" instead.
Could fix it with the help of kraih
Updated by okurz over 2 years ago
- Due date deleted (
2022-05-19) - Status changed from Feedback to Resolved
PR merged. I am sure that no one currently has a tab open for an not-logged in openQA instance showing minion jobs so I guess we can immediately resolve :)