https://pulp.plan.io/https://pulp.plan.io/favicon.ico2014-12-18T21:17:57ZPulpPulp - Story #23: As a user, I can rest easy in the knowledge that Pulp's Celery tasks are not serialized dangerouslyhttps://pulp.plan.io/issues/23?journal_id=582014-12-18T21:17:57Zrbarlow
<ul><li><strong>Project</strong> changed from <i>22</i> to <i>Pulp</i></li></ul> Pulp - Story #23: As a user, I can rest easy in the knowledge that Pulp's Celery tasks are not serialized dangerouslyhttps://pulp.plan.io/issues/23?journal_id=60782015-09-11T16:15:23Zbmbouterbmbouter@redhat.com
<ul><li><strong>Groomed</strong> set to <i>No</i></li><li><strong>Sprint Candidate</strong> set to <i>No</i></li></ul> Pulp - Story #23: As a user, I can rest easy in the knowledge that Pulp's Celery tasks are not serialized dangerouslyhttps://pulp.plan.io/issues/23?journal_id=61622015-09-14T16:14:43Zbmbouterbmbouter@redhat.com
<ul><li><strong>Groomed</strong> changed from <i>No</i> to <i>Yes</i></li></ul> Pulp - Story #23: As a user, I can rest easy in the knowledge that Pulp's Celery tasks are not serialized dangerouslyhttps://pulp.plan.io/issues/23?journal_id=61632015-09-14T17:28:10Zbmbouterbmbouter@redhat.com
<ul><li><strong>Sprint Candidate</strong> changed from <i>No</i> to <i>Yes</i></li></ul> Pulp - Story #23: As a user, I can rest easy in the knowledge that Pulp's Celery tasks are not serialized dangerouslyhttps://pulp.plan.io/issues/23?journal_id=72112015-12-02T17:57:52Zbmbouterbmbouter@redhat.com
<ul></ul><p>The branch with the current work is here: <a href="https://github.com/bmbouter/pulp/tree/23-farmers-ale" class="external">https://github.com/bmbouter/pulp/tree/23-farmers-ale</a></p>
<p>It's currently branched from 2.6, and has 2 additional commits (50d785d and 8bf9633).</p>
<p>Here is what needs to be done:<br>
1) First, rebase or cherry pick against master. The two existing commits will have their hashes changed in the process, but please leave them and their commit messages in place (for attribution). Once rebased into a branch that branches from master, make your commits on top of the existing 2.</p>
<p>2) Reproduce the known issue with this code by having a working pulp installation and running:</p>
<pre><code>pulp-admin rpm repo create --repo-id bar
pulp-admin rpm repo create --repo-id foo
pulp-admin rpm repo copy rpm --from-repo-id=bar --to-repo-id=foo
</code></pre>
<p>3) The issue is that the UnitAssociationCriteria is arriving as a dict in the task code, when it needs to be a UnitAssociationCriteria (which inherits from dict). To resolve this, the UnitAssociationCriteria object needs to be explicitly serialized to a dictionary prior to it being sent as an argument of apply_async(). Add a to_dict() method on UnitAssociationCriteria() to return the dict. Find the place where the UnitAssociationCriteria is passed as an argument by looking at what API endpoint is being used by the repo copy rpm command.</p>
<p>4) Add a classmethod to UnitAssociationCriteria which can instantiate and return a UnitAssociationCriteria object from a dictionary that was produced by to_dict().</p>
<p>5) Use the classmethod above in the task code to produce the UnitAssociationCriteria from the dict passed in as an argument</p>
<p>6) Do some other general testing if you like (not required)</p>
<p>7) Write test code for everything</p>
<p>8) Write one specific test which looks through the celery registry and asserts that each entry in it is a subclass of PulpTask.</p> Pulp - Story #23: As a user, I can rest easy in the knowledge that Pulp's Celery tasks are not serialized dangerouslyhttps://pulp.plan.io/issues/23?journal_id=72662015-12-04T15:40:31Zbmbouterbmbouter@redhat.com
<ul></ul><p>Here is what I put together as a start for item <a class="issue tracker-3 status-9 priority-6 priority-default closed" title="Story: As a user, I can serve docker images with entitlement protection (CLOSED - WONTFIX)" href="https://pulp.plan.io/issues/8">#8</a> above.</p>
<pre><code>from pulp.server.async import app
from pulp.server import tasks # you have to import this to discover all pulp tasks
from pulp.server.async.tasks import PulpTask
for task_name, task in app.celery.tasks.iteritems():
if task.startswith('pulp'):
if not isinstance(task, PulpTask):
self.fail('task named %s must inherit from %s) % (task_name, PulpTask)
</code></pre> Pulp - Story #23: As a user, I can rest easy in the knowledge that Pulp's Celery tasks are not serialized dangerouslyhttps://pulp.plan.io/issues/23?journal_id=73402015-12-09T15:16:32Zipanova@redhat.comipanova@redhat.com
<ul><li><strong>Status</strong> changed from <i>NEW</i> to <i>ASSIGNED</i></li><li><strong>Assignee</strong> set to <i>ipanova@redhat.com</i></li></ul> Pulp - Story #23: As a user, I can rest easy in the knowledge that Pulp's Celery tasks are not serialized dangerouslyhttps://pulp.plan.io/issues/23?journal_id=73912015-12-11T16:22:48Zipanova@redhat.comipanova@redhat.com
<ul><li><strong>Status</strong> changed from <i>ASSIGNED</i> to <i>MODIFIED</i></li></ul><p><a href="https://github.com/pulp/pulp/pull/2241" class="external">https://github.com/pulp/pulp/pull/2241</a></p> Pulp - Story #23: As a user, I can rest easy in the knowledge that Pulp's Celery tasks are not serialized dangerouslyhttps://pulp.plan.io/issues/23?journal_id=73932015-12-11T17:04:32Zbmbouterbmbouter@redhat.com
<ul></ul><p>It's not merged yet, so moving back to POST.</p> Pulp - Story #23: As a user, I can rest easy in the knowledge that Pulp's Celery tasks are not serialized dangerouslyhttps://pulp.plan.io/issues/23?journal_id=74112015-12-15T14:36:33Zipanova@redhat.comipanova@redhat.com
<ul><li><strong>% Done</strong> changed from <i>0</i> to <i>100</i></li></ul><p>Applied in changeset <a class="changeset" title="Introducing from_dict() and to_dict() closes #23 https://pulp.plan.io/issues/23 UnitAssociation..." href="https://pulp.plan.io/projects/pulp/repository/pulp/revisions/ed36708132e18bac4ab8b58d0b56cdb2ffe95685">pulp|ed36708132e18bac4ab8b58d0b56cdb2ffe95685</a>.</p> Pulp - Story #23: As a user, I can rest easy in the knowledge that Pulp's Celery tasks are not serialized dangerouslyhttps://pulp.plan.io/issues/23?journal_id=74662015-12-17T15:55:29Zamacdona@redhat.comaustin@redhat.com
<ul><li><strong>Platform Release</strong> set to <i>2.8.0</i></li></ul> Pulp - Story #23: As a user, I can rest easy in the knowledge that Pulp's Celery tasks are not serialized dangerouslyhttps://pulp.plan.io/issues/23?journal_id=81132016-01-22T17:43:15Zbmbouterbmbouter@redhat.com
<ul></ul><p>This merged change does switch our usage to use the JSON serializer, but we haven't actually disabled the other serializers. As such the following banner is still visible:</p>
<pre><code>Jan 22 01:35:01 dev pulp[22849]: py.warnings:WARNING: (22849-36000) /usr/lib/python2.7/site-packages/celery/apps/worker.py:161: CDeprecationWarning:
Jan 22 01:35:01 dev pulp[22849]: py.warnings:WARNING: (22849-36000) Starting from version 3.2 Celery will refuse to accept pickle by default.
Jan 22 01:35:01 dev pulp[22849]: py.warnings:WARNING: (22849-36000)
Jan 22 01:35:01 dev pulp[22849]: py.warnings:WARNING: (22849-36000) The pickle serializer is a security concern as it may give attackers
Jan 22 01:35:01 dev pulp[22849]: py.warnings:WARNING: (22849-36000) the ability to execute any command. It's important to secure
Jan 22 01:35:01 dev pulp[22849]: py.warnings:WARNING: (22849-36000) your broker from unauthorized access when using pickle, so we think
Jan 22 01:35:01 dev pulp[22849]: py.warnings:WARNING: (22849-36000) that enabling pickle should require a deliberate action and not be
Jan 22 01:35:01 dev pulp[22849]: py.warnings:WARNING: (22849-36000) the default choice.
Jan 22 01:35:01 dev pulp[22849]: py.warnings:WARNING: (22849-36000)
Jan 22 01:35:01 dev pulp[22849]: py.warnings:WARNING: (22849-36000) If you depend on pickle then you should set a setting to disable this
Jan 22 01:35:01 dev pulp[22849]: py.warnings:WARNING: (22849-36000) warning and to be sure that everything will continue working
Jan 22 01:35:01 dev pulp[22849]: py.warnings:WARNING: (22849-36000) when you upgrade to Celery 3.2::
Jan 22 01:35:01 dev pulp[22849]: py.warnings:WARNING: (22849-36000)
Jan 22 01:35:01 dev pulp[22849]: py.warnings:WARNING: (22849-36000) CELERY_ACCEPT_CONTENT = ['pickle', 'json', 'msgpack', 'yaml']
Jan 22 01:35:01 dev pulp[22849]: py.warnings:WARNING: (22849-36000)
Jan 22 01:35:01 dev pulp[22849]: py.warnings:WARNING: (22849-36000) You must only enable the serializers that you will actually use.
Jan 22 01:35:01 dev pulp[22849]: py.warnings:WARNING: (22849-36000)
Jan 22 01:35:01 dev pulp[22849]: py.warnings:WARNING: (22849-36000)
Jan 22 01:35:01 dev pulp[22849]: py.warnings:WARNING: (22849-36000) warnings.warn(CDeprecationWarning(W_PICKLE_DEPRECATED))
Jan 22 01:35:01 dev pulp[22849]: py.warnings:WARNING: (22849-36000)
</code></pre>
<p>I am fixing this now with a small PR to disable the other serializers.</p> Pulp - Story #23: As a user, I can rest easy in the knowledge that Pulp's Celery tasks are not serialized dangerouslyhttps://pulp.plan.io/issues/23?journal_id=81142016-01-22T17:53:22Zbmbouterbmbouter@redhat.com
<ul></ul><p>PR available at: <a href="https://github.com/pulp/pulp/pull/2346" class="external">https://github.com/pulp/pulp/pull/2346</a></p> Pulp - Story #23: As a user, I can rest easy in the knowledge that Pulp's Celery tasks are not serialized dangerouslyhttps://pulp.plan.io/issues/23?journal_id=90522016-02-18T02:28:45Zbmbouterbmbouter@redhat.com
<ul><li><strong>Has duplicate</strong> <i><a class="issue tracker-1 status-12 priority-6 priority-default closed" href="/issues/575">Issue #575</a>: Warning in the log when starting celery services</i> added</li></ul> Pulp - Story #23: As a user, I can rest easy in the knowledge that Pulp's Celery tasks are not serialized dangerouslyhttps://pulp.plan.io/issues/23?journal_id=91832016-02-23T20:55:04Zdkliban@redhat.com
<ul><li><strong>Status</strong> changed from <i>MODIFIED</i> to <i>5</i></li></ul> Pulp - Story #23: As a user, I can rest easy in the knowledge that Pulp's Celery tasks are not serialized dangerouslyhttps://pulp.plan.io/issues/23?journal_id=100582016-03-23T18:14:56Zdkliban@redhat.com
<ul><li><strong>Status</strong> changed from <i>5</i> to <i>CLOSED - CURRENTRELEASE</i></li></ul> Pulp - Story #23: As a user, I can rest easy in the knowledge that Pulp's Celery tasks are not serialized dangerouslyhttps://pulp.plan.io/issues/23?journal_id=407892019-04-15T21:22:43Zbmbouterbmbouter@redhat.com
<ul><li><strong>Tags</strong> <i>Pulp 2</i> added</li></ul>