1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-29 10:12:41 +01:00
Commit graph

734 commits

Author SHA1 Message Date
Austin McKinley
66de16fbc4 Diffusion import documentation update
Summary: Fixes T12761.

Test Plan: doitlive

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley

Maniphest Tasks: T12761

Differential Revision: https://secure.phabricator.com/D18023
2017-05-26 08:18:40 -07:00
epriestley
3698e4a14f Update rate limiting for APCu and X-Forwarded-For
Summary:
Ref T12612. This updates the rate limiting code to:

  - Support a customizable token, like the client's X-Forwarded-For address, rather than always using `REMOTE_ADDR`.
  - Support APCu.
  - Report a little more rate limiting information.
  - Not reference nonexistent documentation (removed in D16403).

I'm planning to put this into production on `secure` for now and then we can deploy it more broadly if things work well.

Test Plan:
 - Enabled it locally, used `ab -n 100` to hit the limit, saw the limit enforced.
 - Waited a while, was allowed to browse again.

Reviewers: chad, amckinley

Reviewed By: amckinley

Maniphest Tasks: T12612

Differential Revision: https://secure.phabricator.com/D17758
2017-04-21 20:39:14 -07:00
epriestley
5c1e4488de Remove all "Phabricator Bot" code
Summary:
Closes T7829 as wontfix. Closes T7965 as wontfix. Closes T7800 as wontfix. Closes T2731 as wontfix. Closes T1271 as wontfix.

We aren't maintaining this at all (see, e.g., T7829) and a user reported a technically accurate security issue via HackerOne: <https://hackerone.com/reports/222870>

Just throw it away until we get to the eventual Conphernece bot/API update and can do this stuff correctly.

Test Plan: Grepped for `phabricatorbot`.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T7965, T7829, T7800, T2731, T1271

Differential Revision: https://secure.phabricator.com/D17756
2017-04-21 12:48:35 -07:00
Austin McKinley
305966e748 Fixing of the typos
Test Plan: doitlive

Reviewers: epriestley, chad

Reviewed By: epriestley, chad

Subscribers: cspeckmim, Korvin

Differential Revision: https://secure.phabricator.com/D17727
2017-04-19 11:39:17 -07:00
epriestley
dee9c33be2 Suggest use of "usermod" rather than manually editing critical files in /etc
Summary: Fixes T12529.

Test Plan: O_O

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12529

Differential Revision: https://secure.phabricator.com/D17648
2017-04-10 14:15:38 -07:00
epriestley
c9f51fd405 Write a "Developer Setup" guide for onboarding
Summary: Fixes T11561. Collect guidance about local configuration which hasn't been obvious in the past.

Test Plan:
  - Read document carefully.
  - Used `./bin/diviner generate` to generate documentation.
  - Previewed in Diviner locally:

{F4795021}

Reviewers: amckinley, chad

Reviewed By: chad

Subscribers: cspeckmim

Maniphest Tasks: T11561

Differential Revision: https://secure.phabricator.com/D17641
2017-04-10 08:36:49 -07:00
epriestley
287e708c4d Adjust and wordsmith Search documentation
Summary:
Ref T12450. General adjustments:

  - Try to make "Cluster: Search" more about "stuff in common + types" instead of pretty much all being Elastic-specific, so we can add Solr or whatever later.
  - Provide guidance about rebuilding indexes after making a change.
  - Simplify the basic examples, then provide a more advanced example at the ed.
  - Really try to avoid suggesting anyone configure Elasticsearch ever for any reason.

Test Plan: Read documents, previewed in remarkup.

Reviewers: chad, 20after4

Reviewed By: 20after4

Maniphest Tasks: T12450

Differential Revision: https://secure.phabricator.com/D17602
2017-04-02 13:09:07 -07:00
Mukunda Modell
654f0f6043 Make messages translatable and more sensible.
Summary:
These exception messages & comments didn't quite match reality.
Fixed and added pht() around a couple of them.

Test Plan: I didn't test this :P

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17578
2017-03-28 23:17:35 +00:00
Mukunda Modell
e41c25de50 Support multiple fulltext search clusters with 'cluster.search' config
Summary:
The goal is to make fulltext search back-ends more extensible, configurable and robust.

When this is finished it will be possible to have multiple search storage back-ends and
potentially multiple instances of each.

Individual instances can be configured with roles such as 'read', 'write' which control
which hosts will receive writes to the index and which hosts will respond to queries.

These two roles make it possible to have any combination of:

* read-only
* write-only
* read-write
* disabled

This 'roles' mechanism is extensible to add new roles should that be needed in the future.

In addition to supporting multiple elasticsearch and mysql search instances, this refactors
the connection health monitoring infrastructure from PhabricatorDatabaseHealthRecord and
utilizes the same system for monitoring the health of elasticsearch nodes. This will
allow Wikimedia's phabricator to be redundant across data centers (mysql already is,
elasticsearch should be as well).

The real-world use-case I have in mind here is writing to two indexes (two elasticsearch clusters
in different data centers) but reading from only one. Then toggling the 'read' property when
we want to migrate to the other data center (and when we migrate from elasticsearch 2.x to 5.x)

Hopefully this is useful in the upstream as well.

Remaining TODO:

* test cases
* documentation

Test Plan:
(WARNING) This will most likely require the elasticsearch index to be deleted and re-created due to schema changes.

Tested with elasticsearch versions 2.4 and 5.2 using the following config:

```lang=json
  "cluster.search": [
    {
      "type": "elasticsearch",
      "hosts": [
        {
          "host": "localhost",
          "roles": { "read": true, "write": true }
        }
      ],
      "port": 9200,
      "protocol": "http",
      "path": "/phabricator",
      "version": 5
    },
    {
      "type": "mysql",
      "roles": { "write": true }
     }
  ]

Also deployed the same changes to Wikimedia's production Phabricator instance without any issues whatsoever.
```

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Tags: #elasticsearch, #clusters, #wikimedia

Differential Revision: https://secure.phabricator.com/D17384
2017-03-26 08:16:47 +00:00
Chad Little
4f2bca58fc Fix typo in diviner user guide / diffusion
Summary: Fixes T12445. Reads better.

Test Plan: Read it a few more times.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12445

Differential Revision: https://secure.phabricator.com/D17546
2017-03-23 12:43:40 -07:00
Chad Little
1182bbcae7 Remove FreeNode from "support" options
Summary: Don't think it's fair to send users there anymore, we can use Conpherence better (and searchable).

Test Plan: Remove copy.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17525
2017-03-20 22:19:21 -07:00
epriestley
85d9a009a9 Remove dead link from "External Editors" documentation
Summary: Fixes T12418. This is a fairly advanced feature and I think users can reasonably consult the documentation for their own editors to figure out how to do this.

Test Plan: Saw no more text.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12418

Differential Revision: https://secure.phabricator.com/D17510
2017-03-20 08:17:46 -07:00
epriestley
dbe3d5e57f Fix a stray piece of remarkup syntax in arc documentation
Summary: This is incorrectly starting an ordered sublist.

Test Plan: (o_O)

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D17434
2017-02-28 12:09:30 -08:00
epriestley
1b2c047ce0 Correct spelling of "phabrictor" in Lipsum and elsewhere
Summary: Ref T12319. The product name is misspelled in some methods, and a few places in the documentation.

Test Plan: `grep`

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12319

Differential Revision: https://secure.phabricator.com/D17419
2017-02-27 09:09:13 -08:00
Chad Little
c15501fc9b Add clearer language and options to Arcanist install guides
Summary: Fixes T12315. Reworks the copy placement a little, adds more links.

Test Plan: Read in sandbox

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12315

Differential Revision: https://secure.phabricator.com/D17413
2017-02-24 16:37:32 -08:00
Chad Little
d2c4d7d961 Clarify linking to comments in Remarkup Guide
Summary: Provides additional hint on where to find and clarification.

Test Plan: read

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17313
2017-02-04 11:09:09 -08:00
Chad Little
c8de563622 Update Profile Menu diviner
Summary: Ref T12174, Updates documentation to better match current functionality.

Test Plan: I keep getting exceptions trying to generate diviner locally, not sure what's up.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T12174

Differential Revision: https://secure.phabricator.com/D17309
2017-02-03 18:24:09 -08:00
epriestley
aca0f642a3 Add a "bin/audit synchronize" command
Summary: Ref T10978. This is just a maintenance convenience script. It can fix up overall commit state after you `bin/audit delete` stuff or nuke a bunch of stuff from the database, as I did on `secure.phabricator.com`.

Test Plan: Ran `bin/audit synchronize`, and `bin/audit update-owners`.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10978

Differential Revision: https://secure.phabricator.com/D17271
2017-01-31 09:19:31 -08:00
epriestley
3b8e2739fc Update some Audit documentation
Summary:
Ref T10978.

  - Generally refresh this documentation.
  - Use the word "publish", not the word "push", to distinguish between review and audit, echoing the language in the "Write, Review, Merge, Publish" document.
  - Mention the new "Needs Verification" state.

Test Plan: Read documentation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10978

Differential Revision: https://secure.phabricator.com/D17253
2017-01-26 10:15:28 -08:00
epriestley
103d8c45f3 Remove "PHP 7 is not supported" from install documentation
Summary:
Ref T9640. This is no longer true.

I'm assuming PHP7 vs 7.1 issues won't be common (everyone on the cutting edge is probably on 7.1, and Ubuntu 16 is on 7.1) but we could make this more granular in the future.

Test Plan: Careful reading.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9640

Differential Revision: https://secure.phabricator.com/D17202
2017-01-12 16:00:40 -08:00
epriestley
11861265fe Merge "Audit" more completely into "Diffusion"
Summary:
Fixes T6630. Long ago, "Audit", "Diffusion" and "Repositories" were three totally separate applications.

This separation isn't useful and the three rapidly became intertwined. Ideally, they would all be one application.

This doesn't take us quite that far, but Audit no longer has any controllers and has little actual behavior.

The "Audit" screen has always just been a SearchEngine view of commits with some filters on it, and this formalizes that and puts a link to it in Diffusion. (This view has other uses, too.)

Test Plan:
  - Accessed audit from home page.
  - Accessed audit/commits from Diffusion.
  - Could no longer uninstall Audit on its own.
  - Grepped for `/audit/` and `AuditApplication`.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T6630

Differential Revision: https://secure.phabricator.com/D17186
2017-01-11 16:28:42 -08:00
epriestley
ccff47682f Provide more useful guidance if a repository is clusterized into an existing multi-device cluster
Summary:
Fixes T12087. When transitioning into a clustered configuration for the first time, the documentation recommends using a one-device cluster as a transitional step.

However, installs may not do this for whatever reason, and we aren't as clear as we could be in warning about clusterizing directly into a multi-device cluster.

Roughly, when you do this, we end up believing that working copies exist on several different devices, but have no information about which copy or copies are up to date. //Usually// they all were already synchronized and are all up to date, but we can't make this assumption safely without risking data.

Instead, we err on the side of caution, and require a human to tell us which copy we should consider to be up-to-date, using `bin/repository thaw --promote`.

Test Plan:
```
$ ./bin/repository clusterize rLOCKS --service repos001.phacility.net
Service "repos001.phacility.net" is actively bound to more than one device
(local002.local, local001.phacility.net).

If you clusterize a repository onto this service it will be unclear which
devices have up-to-date copies of the repository. This leader/follower
ambiguity will freeze the repository. You may need to manually promote a
device to unfreeze it. See "Ambiguous Leaders" in the documentation for
discussion.

    Continue anyway? [y/N]
```

Read other changes.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12087

Differential Revision: https://secure.phabricator.com/D17169
2017-01-10 12:45:55 -08:00
epriestley
7ea1bd5a5a Fix two cluster repository documentation typos
Summary: Ref T12087. Caught these while re-reading.

Test Plan: O.O

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12087

Differential Revision: https://secure.phabricator.com/D17167
2017-01-09 17:43:48 -08:00
epriestley
c2f9e7f6e6 Remove an extra "`" from the documentation
Summary: One too many.

Test Plan: Counted carefully.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D17137
2017-01-04 11:09:33 -08:00
epriestley
065d865bce In the "Version Information" panel, try to include branchpoints
Summary:
Fixes T12040. In T12039, a user running local patches followed the report instructions as far as grabbing version information, but didn't update or revert their local changes or try against a clean install before reporting.

This obviously isn't ideal for us, but it's understandable (grabbing version information is much easier than upgrading/reverting), and we can do better about making this information useful: when compiling version information, try to figure out the branchpoint from a known upstream `master` branch by listing remotes, then running `git merge-base` against them.

Additionally, explicitly document that we want upstream hashes. We have to have a fallback case in this document anyway (for when you can't get to Config) so hopefully this makes it more likely that we get useful information in initial reports.

Test Plan: {F2229574}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12040

Differential Revision: https://secure.phabricator.com/D17103
2016-12-23 11:42:20 -08:00
Sébastien Santoro
ed9b7eb38c Fix typo in Drydock user documentation
Summary: disussion → discussion

Test Plan: Read again the sentence.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D17096
2016-12-19 18:00:14 -08:00
epriestley
8a2afa14d2 Make the documentation more clear that storage.mysql-engine.max-size is measured in bytes
Summary: Fixes T12001. I think we're consistent about using bytes everywhere, but users won't necessarily know that and this documentation could certainly be more clear.

Test Plan: Read new text.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T12001

Differential Revision: https://secure.phabricator.com/D17037
2016-12-13 07:34:20 -08:00
epriestley
42896f9f90 Rename all ProfilePanels into ProfileMenuItems
Summary: Ref T11957.

Test Plan:
  - Viewed an existing project profile.
  - Viewed a user profile.
  - Created a new project.
  - Edited a profile menu.
  - Added new profile items.
  - Grepped for renamed symbols.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11957

Differential Revision: https://secure.phabricator.com/D17028
2016-12-11 11:44:38 -08:00
epriestley
e8d9c676b1 Fix a bad link in the database partitioning docs
Summary: Fixes T11959. Also, minor wordsmithing.

Test Plan: Read vv carefully.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11959

Differential Revision: https://secure.phabricator.com/D17007
2016-12-07 13:33:37 -08:00
epriestley
8c89fc38fc Allow persistent connections to be configured per database host
Summary: Ref T11044. Fixes T11672. In T11672, persistent connections seem to work fine, but they can require `max_connections` and other settings to be raised. Since most users don't need them, make them an advanced option.

Test Plan: Configured persistent connections, loaded some pages, observed persistent connections get used.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11044, T11672

Differential Revision: https://secure.phabricator.com/D16913
2016-11-22 10:55:45 -08:00
epriestley
4da74166fe When storage is partitioned, refuse to serve requests unless web and databases agree on partitioning
Summary:
Ref T11044. One popular tool in a modern operations environment is Puppet. The primary purpose of this tool is to randomly revert hosts to older or different configurations.

Introducing an element of chaotic unpredictability into operations trains staff to be on high alert at all times, rather than lulled into complacency by predictability or consistency.

When Puppet reverts a Phabricator host's configuration to an older version, we might start writing data to a lot of crazy places where it shouldn't go. This will create a big sticky mess that is virtually impossible to undo, mostly because we'll get two files with ID 123 or two tasks with ID 456 or whatever else and good luck with that.

Instead, after changing the partition layout, require `bin/storage partition` to be run. This writes a copy of the config everywhere.

Then, when we start serving web requests, make sure every database has the exact same config. This will foil Puppet by refusing to run requests on hosts it has reverted.

Test Plan:
  - Changed partition configuration.
  - Ran Phabricator.
  - FOILED!
  - Ran `bin/storage partition` to sync config.
  - Things worked again.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11044

Differential Revision: https://secure.phabricator.com/D16910
2016-11-22 04:15:46 -08:00
epriestley
55e21565b5 Support application partitioning across multiple masters
Summary:
Ref T11044. I'm going to hold this until after the release cut, but I think it's good to go.

This allows installs to configure multiple masters in `cluster.databases` and partition applications across them (for example, put Maniphest on a dedicated database).

When we make a Maniphest connection we go look up which master we should be hitting first, then connect to it.

This has at least approximately been planned for many years, so the actual change is largely just making sure that your config makes sense.

Test Plan:
  - Configured `db001.epriestley.com` and `db002.epriestley.com` as master/master.
  - Partitioned applications between them.
  - Interacted with various applications, saw writes go to the correct host.
  - Viewed "Database Servers" and saw partitioning information.
  - Ran schema upgrades.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11044

Differential Revision: https://secure.phabricator.com/D16876
2016-11-19 14:14:39 -08:00
epriestley
a590e0e753 Document even more ways to manage sshd ports
Summary: Fixes T11882. Document using `~/.ssh/config` to mitigate the inconvenience of port 2222.

Test Plan: Read document.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11882

Differential Revision: https://secure.phabricator.com/D16894
2016-11-17 14:46:56 -08:00
epriestley
c7f2e4a924 Document calendar summary icons
Summary:
Fixes T11809. Ref

  - Explicitly document the summary icon hints -- I don't think these are too hard to figure out (and maybe this stuff should just go in the tooltips) but we can start here.
  - Use color + shape to distinguish between "cancelled" and "declined", not just color (for users with vision accessibility issues).
  - Translate a "minute(s)" string into sensible English.
  - Use RSVP status on the month view green circle thing.

Test Plan:
  - Read docs.
  - Looked at month view.
  - Read reminder mail.
  - Viewed month view mobile view.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11809

Differential Revision: https://secure.phabricator.com/D16872
2016-11-15 13:44:20 -08:00
epriestley
de77d5249b Fix some remarkup formatting in the Arcanist lint document
Summary: Since this was written, `Ennn` became an event monogram and these became real events.

Test Plan: O__O

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D16845
2016-11-12 07:39:12 -08:00
epriestley
999fae524f Fix a typo of the word "granularity"
Summary: This isn't spelled as well as it could be.

Test Plan: O_O

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D16827
2016-11-08 12:39:45 -08:00
epriestley
e9b861ff15 Write a basic Calendar user guide
Summary:
Ref T11809. Roughly documents most of the tricky/unintuitive stuff.

Also fixes a bug with "Make Recurring" with no "Until" date.

Test Plan: Read document.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11809

Differential Revision: https://secure.phabricator.com/D16792
2016-11-02 14:48:29 -07:00
epriestley
1014a27717 Document Calendar imports
Summary:
Ref T10747.

  - Adds import documentation.
  - Adds import/export docs to the help menu.
  - Removes some weird/old/out-of-date information from the general user guide, which I'll rewrite later.

Test Plan: Read documentation somewhat thoroughly.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10747

Differential Revision: https://secure.phabricator.com/D16766
2016-10-28 18:14:08 -07:00
epriestley
1f6ad5e7dd Support ".ico" in Celerity and simplify rewite rule configuration
Summary:
See D16734.

  - Add ".ico" files to the Celerity map.
  - Add a formal route for "/favicon.ico".
  - Remove instructions to configure `/rsrc/` and `/favicon.ico` rewrite rules.

Long ago, we served resources directly via `/rsrc/` in at least some cases. As we added more features, this stopped working more and more often (for example, Apache can never serve CSS this way, because it doesn't know how to post-process `{$variables}`).

In modern code (until this change), only `/favicon.ico` is still expected to be served this way.

Instead, serve it with an explicit route via controller (this allows different Sites to have different favicons, for example).

Remove the instructions suggesting the old rewrite rules be configured. It's OK if they're still in place -- they won't break anything, so we don't need to rush to get users to delete them.

We should keep "webroot/favicon.ico" in place for now, since it needs to be there for users with the old rewrite rule.

Test Plan:
  - Ran celerity map.
  - Loaded `/favicon.ico`, got resource via route.
  - Used `celerity_generate_resource_uri()` to get paths to other icons, loaded them, got icons.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D16737
2016-10-20 11:28:11 -07:00
epriestley
ff97ed2195 Document how to export Calendar events
Summary:
Ref T10747. This explains how exports work.

Also make mail exports use the same logic as other stuff.

Test Plan: Read documentation. Did some exports.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10747

Differential Revision: https://secure.phabricator.com/D16680
2016-10-06 15:33:01 -07:00
epriestley
49448a87c1 Rough in most of Calendar exports
Summary:
Ref T10747. Rough flow is:

  - Run a query.
  - Select a new "Export Events..." action.
  - This lets you define an "Export", which has a unique URL you can paste into Google Calendar or Calendar.app or whatever.

Most of this does nothing yet but here's the boilerplate.

Test Plan: Doesn't do anything yet.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10747

Differential Revision: https://secure.phabricator.com/D16675
2016-10-06 04:06:35 -07:00
Dmitri Iouchtchenko
b639b38242 Fix myranch TLD
Summary: Fixes a typo in the Almanac docs.

Test Plan: Didn't test this one.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D16529
2016-09-09 03:55:11 -07:00
epriestley
5f43abd7ef Add a {key ..} Remarkup rule for discussing keystrokes
Summary: Ruleset for styles in D16506.

Test Plan: {F1803883}

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D16510
2016-09-07 09:09:40 -07:00
epriestley
7eee5c5f6f Fix two "proably" typos
Summary: Caught one of these while reviewing docs, grepped for the other one.

Test Plan: `grep`, reading

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D16498
2016-09-06 08:59:07 -07:00
epriestley
081081b20e Fix a Repository doc spelling mistake
Summary: Those letters don't go there!

Test Plan: O__O

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D16486
2016-09-02 08:23:00 -07:00
epriestley
991e49b711 Correct spelling of "therefore"
Summary: Fixes T11565.

Test Plan: `git grep -i therefor | grep -vi therefore`

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11565

Differential Revision: https://secure.phabricator.com/D16476
2016-08-30 14:09:05 -07:00
Josh Cox
8cdf1a890a Updated the docs so chatbots can use the Conduit API
Summary: Previously, the chatbot docs instructed users to get certificates for the conduit API and put the cert in a `conduit.cert` config key. In order to get the chatbot to work, I needed to instead get an API key and put it in the `conduit.token` config entry.

Test Plan: Doc fix. Tried the new documented way and it worked.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, epriestley

Differential Revision: https://secure.phabricator.com/D16443
2016-08-24 19:05:30 -04:00
epriestley
ae0cf00a23 Document the use of repository commit hints
Summary: Ref T11522. This explains how to actually use `bin/repository hint`.

Test Plan: Read the document. Used `bin/repository hint` as directed.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11522

Differential Revision: https://secure.phabricator.com/D16441
2016-08-24 10:57:45 -07:00
epriestley
f46cf99274 Fix a typo in "Internationalization" documentation
Summary: Caught this while linking to it from D16405.

Test Plan: Consulted a dictionary.

Reviewers: chad, alexmv

Reviewed By: alexmv

Differential Revision: https://secure.phabricator.com/D16406
2016-08-16 17:48:00 -07:00
epriestley
a35b03ac6a Update Preamble documentation for clusters with mixed request sources and loadbalancer chains
Summary:
Fixes T11487. Improve documentation for three situations:

  - When you configure a cluster behind a load balancer, all requests are trusted but not all have an "X-Forwarded-For" header. Change the suggested snippet to read this header only if it exists.
  - When a request goes through a series of load balancers (as with a CDN) they can end up writing a list of IPs to the header. Parse these.
  - Remove the "rate limiting" stuff -- this got disabled/removed a long time ago and is misleading/incorrect.

Test Plan: Read documentation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11487

Differential Revision: https://secure.phabricator.com/D16403
2016-08-16 16:05:42 -07:00
epriestley
05f7227329 Document how to manually close revisions
Summary: Fixes T11484. These mechanisms aren't necessarily obvious and make sense to document here.

Test Plan: Read documentation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11484

Differential Revision: https://secure.phabricator.com/D16404
2016-08-16 16:04:38 -07:00
epriestley
38403b12be Update Herald documentation for modern policies and beahvior
Summary: Ref T11428. This documentation was a bit misleading and out of date. Update it to reflect modern reality.

Test Plan: Read documentation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11428

Differential Revision: https://secure.phabricator.com/D16384
2016-08-10 08:55:43 -07:00
epriestley
24a28dd1f3 Fix a documentation typo ("repositorie")
Summary: This isn't a word!

Test Plan: Read carefully.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D16362
2016-08-02 18:02:34 -07:00
Sbastien Santoro
7e49479ab0 discouarges → discourages
Test Plan: Read again the sentence.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D16307
2016-07-15 21:06:47 +00:00
epriestley
5c8dabdf80 Add a strong hint about importing or observing repositories to repository creation
Summary: Fixes T11278. Also mention `svnsync`, since we have some evidence that it works.

Test Plan: {F1716250}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11278

Differential Revision: https://secure.phabricator.com/D16255
2016-07-08 07:43:34 -07:00
epriestley
abdb02b51d Update Phame documentation to reflect changes to the application
Summary:
Ref T9360. Old docs felt a little weird to me (particularly very-old text like "favoring the individual rather than the collective").

Try a simpler tone focused more on use cases and examples?

Test Plan:
Read documentation.

Also, viewed a post list and saw monograms.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9895, T9360

Differential Revision: https://secure.phabricator.com/D16246
2016-07-06 18:43:06 -07:00
Chad Little
0dd6c3653e Clean up Blog Post crumbs
Summary: Show the J monogram when internally linked, but nothing externally (cleaner UI). Ref T9360

Test Plan: View post live and internal.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T9360

Differential Revision: https://secure.phabricator.com/D16245
2016-07-07 01:30:54 +00:00
epriestley
b53831101f Raise explicit setup issues about PHP 7
Summary: Ref T9640. Fixes T9888. Decline to support PHP 7 until the async signal handling issue in T11270 is resolved.

Test Plan: Faked local version, got helpful error message.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9640, T9888

Differential Revision: https://secure.phabricator.com/D16231
2016-07-05 05:33:26 -07:00
epriestley
bf1352c0e4 Document the "---" rule in Remarkup
Summary: Fixes T11228.

Test Plan: {F1704113}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11228

Differential Revision: https://secure.phabricator.com/D16186
2016-06-28 14:57:46 -07:00
Austin Seipp
da6c96dfff Fix a busted sentence in the File Encryption documentation
Summary: love to wordsmith

Test Plan: read it

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D16183
2016-06-28 03:55:31 +00:00
epriestley
67084a6953 Support AES256 at-rest encryption in Files
Summary:
Ref T11140. This makes encryption actually work:

  - Provide a new configuation option, `keyring`, for specifying encryption keys.
  - One key may be marked as `default`. This activates AES256 encryption for Files.
  - Add `bin/files generate-key`. This is helps when generating valid encryption keys.
  - Add `bin/files encode`. This changes the storage encoding of a file, and helps test encodings and migrate existing data.
  - Add `bin/files cycle`. This re-encodes the block key with a new master key, if your master key leaks or you're just paraonid.
  - Document all these options and behaviors.

Test Plan:
  - Configured a bad `keyring`, hit a bunch of different errors.
  - Used `bin/files generate-key` to try to generate bad keys, got appropriate errors ("raw doesn't support keys", etc).
  - Used `bin/files generate-key` to generate an AES256 key.
  - Put the new AES256 key into the `keyring`, without `default`.
  - Uploaded a new file, verified it still uploaded as raw data (no `default` key yet).
  - Used `bin/files encode` to change a file to ROT13 and back to raw. Verified old data got deleted and new data got stored properly.
  - Used `bin/files encode --key ...` to explicitly convert a file to AES256 with my non-default key.
  - Forced a re-encode of an AES256 file, verified the old data was deleted and a new key and IV were generated.
  - Used `bin/files cycle` to try to cycle raw/rot13 files, got errors.
  - Used `bin/files cycle` to cycle AES256 files. Verified metadata changed but file data did not. Verified file data was still decryptable with metadata.
  - Ran `bin/files cycle --all`.
  - Ran `encode` and `cycle` on chunked files, saw commands fail properly. These commands operate on the underlying data blocks, not the chunk metadata.
  - Set key to `default`, uploaded a file, saw it stored as AES256.
  - Read documentation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11140

Differential Revision: https://secure.phabricator.com/D16127
2016-06-16 08:08:56 -07:00
epriestley
411cf13457 Add Videos to Remarkup
Summary: Ref T6916. Added video to remarkup using D7156 as reference.

Test Plan:
  - Viewed video files (MP4, Ogg) in Safari, Chrome, Firefox (some don't work, e.g., OGG in Safari, but nothing we can really do about that).
  - Used `alt`.
  - Used `autoplay`.
  - Used `loop`.
  - Used `media=audio`.
  - Viewed file detail page.

Reviewers: nateguchi2, chad, #blessed_reviewers

Reviewed By: chad, #blessed_reviewers

Subscribers: asherkin, ivo, joshuaspence, Korvin, epriestley

Tags: #remarkup

Maniphest Tasks: T6916

Differential Revision: https://secure.phabricator.com/D11297
2016-06-07 13:20:25 -07:00
Chad Little
bbd5b3a9f6 Fix spelling issue in cluster doc
Summary: Fix spelling issue

Test Plan: Re-read

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D16058
2016-06-06 11:38:07 -07:00
epriestley
fb1cc8cc58 Remove Lamson documentation
Summary:
Fixes T11054. This project's website has been down for more than a year:

<https://github.com/zedshaw/lamson/issues/36>

It hasn't received any new commits for three years (March, 2013):

<https://github.com/zedshaw/lamson/commits/master>

Instructions like this are a good candidate for community ownership rather than upstream maintenance. I don't think we'd accept these instructions upstream today.

Test Plan: `grep -i lamson`

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11054

Differential Revision: https://secure.phabricator.com/D15990
2016-05-30 10:11:52 -07:00
epriestley
189600e411 Allow broader HTTP access to public repositories, respect nonstandard Phabricator HTTP port when generating repository URIs
Summary:
Fixes T11030. Fixes T11032.

  - Allow HTTP access to "Public" repositories even if `diffusion.allow-http-auth` is disabled.
  - If you run Phabricator on an unusual port (???) use that port as the default when generating HTTP URIs.

Test Plan:
  - Faked `phabricator.base-uri` to an unusual port, saw repository HTTP URI generate with an unusual port.
  - Disabled `diffusion.allow-http-auth`, confirmed that toggling view policy between "public" and "users" activated or deactivated HTTP clone URI.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T11030, T11032

Differential Revision: https://secure.phabricator.com/D15973
2016-05-25 09:07:00 -07:00
epriestley
9385ddaf82 Fix bad documentation link in clustering intro doc
Summary: Fixes T10991.

Test Plan: Previewed harder, clicked link.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10991

Differential Revision: https://secure.phabricator.com/D15949
2016-05-19 14:59:50 -07:00
epriestley
9c24798e64 Update Owners auditing rules for multiple reviewers
Summary:
Ref T10939. Fixes T10181. This slightly simplifies, then documents the auditing rules, which haven't been updated for a while. In particular:

  - If an owner authored the change, never audit.
  - Examine all reviewers to determine reviewer audit status, not just the first reviewer.
  - Simplify some of the loading code a bit.

Test Plan:
  - Ran `bin/repository reparse --owners <commit> --force` to trigger this stuff.
  - Verified that the web UI did reasonable things with resulting audits.
  - Read documentation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10181, T10939

Differential Revision: https://secure.phabricator.com/D15939
2016-05-17 13:46:06 -07:00
epriestley
809c7bf996 Allow users to manage package dominion rules
Summary: Ref T10939. This adds UI, transactions, etc, to adjust dominion rules.

Test Plan:
  - Read documentation.
  - Changed dominion rules.
  - Created packages on `/` ("A") and `/x` ("B") with "Auto Review: Review".
  - Touched `/x`.
  - Verified that A and B were added with strong dominion.
  - Verified that only B was added when A was set to weak dominion.
  - Viewed file in Diffusion, saw correct ownership with strong/weak dominion rules.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10939

Differential Revision: https://secure.phabricator.com/D15936
2016-05-17 10:57:43 -07:00
Luka Kladaric
174f3f6d23 docs: fix setup instructions for Mailgun and S3
Summary: The S3 fields are mandatory and if you only enter the ones in the docs you will immediately encounter a "Amazon S3 is Only Partially Configured" error. For Mailgun the error is more difficult to figure out - emails get stuck on Mailgun's side but the error is illegible. On Phabricator's side you have to go trawling through nginx logs to find "Mail signature is not valid. Check your Mailgun API key."

Test Plan: Deploy a new standalone instance, follow old instructions, fail. Deploy another one, follow updated instructions, win.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D15931
2016-05-16 22:11:37 +02:00
Austin Seipp
1567f07e3c Fix some broken links in the cluster documentation
Summary:
Looks like some copy pasta snuck in. Also fixes a missed
parenthesis.

Test Plan: Eyeball it.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D15920
2016-05-15 07:15:34 +00:00
epriestley
c9365e48d8 Don't trigger "Auto Review" if the author is already an owner; document "Auto Review"
Summary:
Ref T10939. If you already own a package, don't trigger the subscribe/review rules.

Document how these rules work.

Test Plan:
  - Read documentation.
  - Removed reviewers, updated a revision, got autoreviewed.
  - Joined package.
  - Removed reveiwers, updated a revision, no more autoreview.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10939

Differential Revision: https://secure.phabricator.com/D15918
2016-05-13 17:24:33 -07:00
epriestley
1793e2f945 Use ye new Englishe in ye docs
Summary: Ah, a fine thing it be.

Test Plan: Pip pip cheerio.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D15919
2016-05-13 13:55:57 -07:00
epriestley
5162f81095 Provide SSH host documentation, tweak/supplement cluster documentation
Summary: Ref T10751. I think this mostly brings us up to date with the state of the world.

Test Plan: Read documentation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10751

Differential Revision: https://secure.phabricator.com/D15897
2016-05-12 12:09:04 -07:00
epriestley
0faf3dd18d Fix "Contributing" misspelling in documentation
Summary: Fixes T10958.

Test Plan: Dictionary'd.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10958

Differential Revision: https://secure.phabricator.com/D15898
2016-05-12 08:29:53 -07:00
epriestley
fc654f8996 Flesh out a few more repository documentation sections
Summary: Ref T10923. This links up some more related documentation about repository management.

Test Plan: Read documentation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10923

Differential Revision: https://secure.phabricator.com/D15890
2016-05-11 13:01:02 -07:00
epriestley
5587d97a7f Tailor Diffusion protocol rules slightly
Summary: Fixes T10948. Ref T10923. Make these rules a little more thorough and document their behavior.

Test Plan: Looked at Diffusion clone URIs.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10923, T10948

Differential Revision: https://secure.phabricator.com/D15887
2016-05-11 07:18:09 -07:00
epriestley
e2bbde9675 Bring old repository instructions and guidance forward to new UI
Summary:
Ref T10923. Fixes T10406. This brings most of the guidance/instructions forward:

  - Some remained as instructions.
  - Some moved to documentation.

Test Plan: Went through all of the sections and hit the help.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10406, T10923

Differential Revision: https://secure.phabricator.com/D15873
2016-05-10 05:15:43 -07:00
epriestley
f191f66f34 Document API management of repositories and fix some issues with creating URIs via API
Summary:
Ref T10923. Primarily documents the process for creating repositories via the API.

Also fixes a couple of issues with `repositoryPHID` not being set yet when creating URIs via the API.

Test Plan:
  - Followed all documented steps to create a new repository.
  - Created and edited some new URIs from the web workflow, too.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10923

Differential Revision: https://secure.phabricator.com/D15870
2016-05-10 05:10:35 -07:00
epriestley
34e85aaeb8 Document most of the new Diffusion management panel
Summary: Ref T10923. This isn't complete yet, but reduces lies and increases truths.

Test Plan: Read documentation, clicked new "Documentation" nav item.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10923

Differential Revision: https://secure.phabricator.com/D15868
2016-05-10 05:10:07 -07:00
epriestley
cc579be6f1 Use more precise language to describe what mirroring is
Summary: Fixes T10928. This behavior hasn't changed at all and this is what, e.g., `git push --mirror` means, and the other behavior isn't possible, but be more explicit about the inherent destructive potential of mirroring.

Test Plan: Read documentation.

Reviewers: chad, sascha-egerer

Reviewed By: sascha-egerer

Subscribers: sascha-egerer

Maniphest Tasks: T10928

Differential Revision: https://secure.phabricator.com/D15861
2016-05-06 08:04:18 -07:00
epriestley
128995f1ac Document all the hypothetical URI features we plan to support soon
Summary: Ref T10748. Ref T10366. This documents how everything is planned to work shortly.

Test Plan: Read documentation.

Reviewers: chad

Reviewed By: chad

Subscribers: eadler, scode

Maniphest Tasks: T10366, T10748

Differential Revision: https://secure.phabricator.com/D15817
2016-04-29 09:24:10 -07:00
epriestley
dc3a13c5e8 Add bin/repository clusterize and document setup and migration for clusters
Summary: Ref T4292. This provides at least some sort of hint about how to set up cluster repositories.

Test Plan:
  - Read documentation.
  - Ran `bin/repository clusterize` to add + remove clusters.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T4292

Differential Revision: https://secure.phabricator.com/D15798
2016-04-26 10:07:17 -07:00
epriestley
8d9bc401e4 Improve Diffusion hosting setup instructions somewhat?
Summary:
Ref T10866. Fixes T10386. This attempts to make it a little more plausible to follow these directions:

  - Use simpler language in general.
  - Remove language suggesting that HTTP requires no additional configuration.
  - Suggest using a load balancer or an ugly port number instead of swapping SSH to a different port.
  - Be more granular about `sudo` setup.
  - Organize better?

Test Plan: Read documentation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10386, T10866

Differential Revision: https://secure.phabricator.com/D15796
2016-04-26 10:06:59 -07:00
epriestley
2c870bad86 Document how to register cluster devices with Almanac
Summary:
Ref T4292. This is a required step in configuring a cluster: document and explain it.

Previously `bin/almanac register` could //also// add and trust keys. I've removed this capability since I think it's needless and complicated. If there's some real use for it eventually, we could add a `bin/almanac add-key` or whatever. The workflow is simpler and has better guard rails that point you in the correct direction now.

Test Plan:
  - Read documentation.
  - Ran `bin/almanac` with various good/bad flags.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T4292

Differential Revision: https://secure.phabricator.com/D15795
2016-04-25 14:58:58 -07:00
epriestley
623ed1f434 Include directory-ownership note in sshd setup instructions
Summary: Fixes T9560. We suggest a root-owned location, but users who choose their own location instead can run into trouble.

Test Plan:
  - Changed parent directory to have an non-root owner, verified that `ssh` no longer worked.
  - Changed parent directory back to a root owner, verified `ssh` worked again.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9560

Differential Revision: https://secure.phabricator.com/D15794
2016-04-25 08:16:14 -07:00
epriestley
9d0891c7e1 Correct Aphlict documentation for Nginx proxying
Summary: Fixes T10857. This documentation did not accurately reflect proper configuration: in the Aphlict config, SSL is inferred from the presence of `ssl.*` configuration.

Test Plan: Read documentation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10857

Differential Revision: https://secure.phabricator.com/D15787
2016-04-24 06:31:58 -07:00
epriestley
9656fe48bc Add a "Repository Servers" cluster administration panel
Summary: Ref T4292. This adds a new high-level overview panel.

Test Plan: {F1238854}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T4292

Differential Revision: https://secure.phabricator.com/D15772
2016-04-21 11:56:44 -07:00
epriestley
c986caebb2 Put all cluster docs in the right documentation group
Summary: Some of these had the wrong `@group` header.

Test Plan: `grep`

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D15778
2016-04-20 20:38:08 -07:00
epriestley
bd4fb3c9fa Implement bin/repository thaw for unfreezing cluster repositories
Summary:
Ref T10751. Add support tooling for manually prying your way out of trouble if disaster strikes.

Refine documentation, try to refer to devices as "devices" more consistently instead of sometimes calling them "nodes".

Test Plan: Promoted and demoted repository devices with `bin/repository thaw`.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10751

Differential Revision: https://secure.phabricator.com/D15768
2016-04-20 10:45:58 -07:00
epriestley
11aa902bd1 Show "Last Writer" and "Last Write At" in the UI, add more documentation
Summary:
Ref T10751. Make the UI more useful and explain what failure states mean and how to get out of them.

The `bin/repository thaw` command does not exist yet, I'll write that soon.

Test Plan: {F1238241}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10751

Differential Revision: https://secure.phabricator.com/D15766
2016-04-20 10:45:03 -07:00
epriestley
48b015a3fa Add slightly more cluster repository documentation
Summary: Ref T10751. There are still some missing support tools here, but explain some of this a little better.

Test Plan: Read documentation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10751

Differential Revision: https://secure.phabricator.com/D15764
2016-04-20 04:46:40 -07:00
epriestley
bab3690b54 Fill in missing cluster database documentation
Summary:
Ref T10751. Provide some guidance on replicas and promotion.

I'm not trying to walk administrators through the gritty details of this. It's not too complex, they should understand it, and the MySQL documentation is pretty thorough.

Test Plan: Read documentation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10751

Differential Revision: https://secure.phabricator.com/D15763
2016-04-20 04:46:25 -07:00
epriestley
92c50de8aa Rough in the new custom URI panel
Summary: Ref T10748. Ref T10366. No support for editing and no impact on the UI, but get some of the basics in place.

Test Plan: {F1223279}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10366, T10748

Differential Revision: https://secure.phabricator.com/D15742
2016-04-17 16:03:24 -07:00
epriestley
025b243e27 Document wiki relative link syntax
Summary: Also make `../` work to start relative a link so I don't have to document it as `./../path`.

Test Plan:
  - Used `./`, `../`. `./../`, and normal links (proper title pickup).
  - Used bad links (red).
  - Regenerated documentation:

{F1221692}

Reviewers: hach-que

Reviewed By: hach-que

Differential Revision: https://secure.phabricator.com/D15734
2016-04-16 18:54:55 -07:00
Austin Seipp
b2d2f03dea Tell users to avoid magical CloudFlare nonsense in the CDN documentation
Summary:
Fixes T9716. Doesn't go into too much detail, but will hopefully
save some pain.

Test Plan: Read all the wonderful text.

Reviewers: #blessed_committers, epriestley, #blessed_reviewers

Reviewed By: #blessed_committers, epriestley, #blessed_reviewers

Subscribers: Korvin

Maniphest Tasks: T9716

Differential Revision: https://secure.phabricator.com/D15738
2016-04-17 01:50:26 +00:00
epriestley
686c02d54a Add a "memory.hint" parameter to Aphlict
Summary:
Ref T10696. By default, `node` uses 1.5GB, which is enormous overkill for this service and can crowd out other services if it's running next to things like a database on the same host.

Provide a configuration option to adjust it via `--max-old-space-size` and default to 256MB. It only seems to need about 30M locally, so this should be plenty of headroom.

Test Plan:
Ran `bin/aphlict debug`, things seemed OK.

It takes a long time (days?) to grow to 1.5GB so I can't easily test this locally without a lot of work, but I'll keep an eye on it in production.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10696

Differential Revision: https://secure.phabricator.com/D15720
2016-04-15 07:14:45 -07:00
epriestley
fad9e043c3 Fix bad cluster.database in documentation
Summary: This is mistaken.

Test Plan: Careful inspection, `grep` for other mistakes.

Reviewers: chad, eadler

Reviewed By: eadler

Differential Revision: https://secure.phabricator.com/D15717
2016-04-14 15:00:03 -07:00
epriestley
7852ec1619 Use --master-data, not --dump-slave, in bin/storage dump
Summary: These flags do slightly different things, I actually want --master-data here. My test databases are setup half-weird and work with either statement, which is why I missed this.

Test Plan: Ran a dump against master, got the right CHANGE MASTER statement with no warnings.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D15716
2016-04-14 14:56:21 -07:00
epriestley
bbb321395a Support Aphlict clustering
Summary:
Ref T6915. This allows multiple notification servers to talk to each other:

  - Every server has a list of every other server, including itself.
  - Every server generates a unique fingerprint at startup, like "XjeHuPKPBKHUmXkB".
  - Every time a server gets a message, it marks it with its personal fingerprint, then sends it to every other server.
  - Servers do not retransmit messages that they've already seen (already marked with their fingerprint).
  - Servers learn other servers' fingerprints after they send them a message, and stop sending them messages they've already seen.

This is pretty crude, and the first message to a cluster will transmit N^2 times, but N is going to be like 3 or 4 in even the most extreme cases for a very long time.

The fingerprinting stops cycles, and stops servers from sending themselves copies of messages.

We don't need to do anything more sophisticated than this because it's fine if some notifications get lost when a server dies. Clients will reconnect after a short period of time and life will continue.

Test Plan:
  - Wrote two server configs.
  - Started two servers.
  - Told Phabricator about all four services.
  - Loaded Chrome and Safari.
  - Saw them connect to different servers.
  - Sent messages in one, got notifications in the other (magic!).
  - Saw the fingerprinting stuff work on the console, no infinite retransmission of messages, etc.

(This pretty much just worked when I ran it the first time so I probably missed something?)

{F1218835}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T6915

Differential Revision: https://secure.phabricator.com/D15711
2016-04-14 13:26:30 -07:00
epriestley
5a0b7398ca Give bin/storage some replica-aware options
Summary:
Fixes T10758.

  - Adds a "--host" flag. If you specify this, we read your cluster config. This lets you dump from a replica.
  - Adds a "--for-replica" flag to `storage dump`. This makes `mysqldump` include a `CHANGE MASTER ...` statement in the output, which is useful when setting up a replica for the first time.

Test Plan:
  - Dumped master and replica cluster databases.
  - Dumped non-cluster databases.
  - Ran various other commands (help, status, etc).

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10758

Differential Revision: https://secure.phabricator.com/D15714
2016-04-14 13:23:35 -07:00
epriestley
07fc8f17cc Support "ssl.chain" in Aphlict configuration
Summary: Fixes T10806. Although browsers don't seem to care about this, it's more correct to support it, and the new test console uses normal `cURL` and does care.

Test Plan:
  - Hit the error case for providing a chain but no key/cert.
  - Used `openssl s_client -connect localhost:22280` to connect to local Aphlict servers.
  - With SSL but no chain, saw `openssl` fail to verify the remote.
  - With SSL and a chain, saw `openssl` verify the identify of the remote.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10806

Differential Revision: https://secure.phabricator.com/D15709
2016-04-14 10:41:21 -07:00
epriestley
383ae7621f Fix a "websokket" typo
Summary: Typo fix from D15703 that I overlooked.

Test Plan: Careful inspection.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D15708
2016-04-14 10:40:54 -07:00
epriestley
2930733ac9 Complete modernization of Aphlict configuration
Summary:
Fixes T10697. This finishes bringing the rest of the config up to cluster power levels.

Phabricator is now given an arbitrarily long list of notification servers.

Each Aphlict server is given an arbitrarily long list of ports to run services on.

Users are free to make them meet in the middle by proxying whatever they want to whatever else they want.

This should also accommodate clustering fairly easily in the future.

Also rewrote the status UI and changed a million other things. 🐗

Test Plan:
{F1217864}

{F1217865}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10697

Differential Revision: https://secure.phabricator.com/D15703
2016-04-14 04:57:00 -07:00
epriestley
c6b0925954 Move Aphlict logging and PID configuration options to config file
Summary: Ref T10697. Mostly straightforward. Also allow the server to have multiple logs and log options in the future (e.g., different verbosities or separate admin/client logs or whatever). No specific plans for this, but the default log is pretty noisy today.

Test Plan: Set up a couple of logs, started server, saw it log to them.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10697

Differential Revision: https://secure.phabricator.com/D15702
2016-04-14 04:55:19 -07:00
epriestley
c84dee522b Move server-related Aphlict options to a configuration file
Summary: Ref T10697. This isn't everything but starts generalizing options and moving us toward a cluster-ready state of affairs.

Test Plan: Started server in various configurations, hit most (all?) of the error cases with bad configs, sent test notifications.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10697

Differential Revision: https://secure.phabricator.com/D15701
2016-04-14 04:54:42 -07:00
Andy Reitz
3876d6b439 Fix some typos in the new cluster docs
Summary:
While reading the new cluster docs, I noticed a few minor typos, and one
section that seemed to be incomplete and redundant, so I just removed it.

Test Plan: none.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: chad, Korvin, jshirley

Differential Revision: https://secure.phabricator.com/D15704
2016-04-13 16:30:40 -07:00
epriestley
66366137ff Don't apply security.require-https to intracluster requests
Summary:
Ref T10784. Currently, if you terminate SSL at a load balancer (very common) and use HTTP beyond that, you have to fiddle with this setting in your premable or a `SiteConfig`.

On the balance I think this makes stuff much harder to configure without any real security benefit, so don't apply this option to intracluster requests.

Also document a lot of stuff.

Test Plan: Poked around locally but this is hard to test outside of a production cluster, I'll vet it more thoroughly on `secure`.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10784

Differential Revision: https://secure.phabricator.com/D15696
2016-04-13 12:51:41 -07:00
epriestley
afb0f7c7af Clean up some old cluster-ish documentation
Summary:
Ref T10751. We currently have a placeholder Almanac document, and a fairly-bad-advice section in Daemons.

Pull these into the modern cluster documentation.

Test Plan: 17 phabricator PHDs

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10751

Differential Revision: https://secure.phabricator.com/D15689
2016-04-12 19:14:08 -07:00
epriestley
110223c1a7 Fix pretty drawings
Summary: Changes elsewhere which support spaces before "|" when defining a table so that tables quote properly also accidentally changed these beautiful drawings into remarkup tables.

Test Plan: (( o.O ))

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D15690
2016-04-12 10:55:03 -07:00
epriestley
58eef68b7c Rough cut of repository cluster status panel
Summary:
Ref T4292. This adds some very basic cluster/device data to the new management view. Nothing interesting yet.

Also deal with disabled bindings a little more cleanly.

Test Plan: {F1214619}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T4292

Differential Revision: https://secure.phabricator.com/D15685
2016-04-12 05:38:10 -07:00
epriestley
ac35246d0d Never sever non-cluster database; write more read-only documentation
Summary:
Ref T4571. Write more of the missing documentation sections and clarify a few things.

Since the "replicating master" check needs a special permission, imposes a performance penalty, is probably very difficult to misconfigure, and likely not a big deal anyway, just drop the idea of trying to automatically detect + prevent it. We still show if it's an issue on the status page, provided we have permission to check.

When you don't have any cluster databases configured, never stop trying to connect to the default master database. We might want to do this eventually as load reduction, but just don't muddy the waters too much for now while things stabilize.

Test Plan:
  - Tested functionality in cluster, non-cluster, and degraded-cluster modes.
  - Used status console to monitor a health check cycle.
  - Read docs.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T4571

Differential Revision: https://secure.phabricator.com/D15679
2016-04-11 08:44:11 -07:00
epriestley
0439645d5b Add a "Database Cluster Status" console in Config
Summary: Ref T4571. The configuration option still doesn't do anything, but add a status panel for basic setup monitoring.

Test Plan:
Here's what a good version looks like:

{F1212291}

Also faked most of the errors it can detect and got helpful diagnostic messages like this:

{F1212292}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T4571

Differential Revision: https://secure.phabricator.com/D15667
2016-04-09 20:34:13 -07:00
epriestley
3f51b78539 Lay cluster.databases configuration groundwork for database clustering
Summary:
Ref T4571. This adds a new option which allows you to upgrade your one-host configuration to a multi-host configuration by configuring it.

Doing this currently does nothing. I wrote a lot of words about what it is //supposed// to do in the future, though.

Test Plan:
  - Tried to configure the option in all the possible bad ways, got errors.
  - Read documentation.

Reviewers: chad

Reviewed By: chad

Subscribers: eadler

Maniphest Tasks: T4571

Differential Revision: https://secure.phabricator.com/D15663
2016-04-09 13:41:16 -07:00
epriestley
5dec03af32 Make OAuth scope handling more flexible
Summary:
Ref T7303. Currently, our handling of "scope" is fairly rigid and adheres to the spec, but some of these behaviors don't make much sense in practice.

Soften some behaviors and make them more flexible:

**Soft Failure on Unknown Permissions**: If a client asks for a permission we don't know about, just warn that we don't recognize it instead of fataling. In particular, I plan to make `offline_access` and `whoami` implicit. Older clients that request these permissions will still work fine as long as we don't hard-fatal.

**Move `user.whoami` to ALWAYS scope**: Make `whoami` a default permission. We've already done this, in effect; this just formalizes it.

**Tokens no longer expire**: Make `offline_access` (infinite-duration tokens) a default permission. I think the OAuth model doesn't map well to reality. It is common for other providers to issue "temporary" tokens with a duration of multiple years, and the refesh workflow is sort of silly. We can add a "temporary" scope later if we need temporary tokens.

This flow was potentially extra silly with the "log out of Phacility" use case, where we might need to have you log in again before we could log you out, which is bizarre and senseless. Avoid this nonsense.

**Move away from granular permissions**: Users currently get to pick-and-choose which permissions they grant, but this likely rarely/never works in practice and is fairly hostile since applications can't communicate which permissions they need. Applications which can actually operate with only some subset of permissions can make separate requests (e.g., when you activate "cool feature X", it asks for X permission). I think applications that do this are rare; pretty much everything just asks for tons of permissions and everyone grants them.

Making this all-or-nothing is better for well-behaved applications and better for users. It's also slightly better for overzealous applications that ask for more than they need, but whatever. Users can make an informed decision, hopefully, and I plan to let administrators force applications to a subset of permissions once we introduce meaningful scopes.

Test Plan:
  - Generated tokens.
  - Used tokens.
  - Authorized an instance.
  - Faked some bogus scopes, got clean authorization.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T7303

Differential Revision: https://secure.phabricator.com/D15621
2016-04-05 13:53:33 -07:00
epriestley
1bd33ad759 Correct table documentation in Remarkup reference
Summary: Ref T10570. Earlier work on that task made tables activate even if indented so they work in quoted blocks. However, the documentation doesn't explicitly mark them in code blocks, so it turned them into markup.

Test Plan:
Used `bin/diviner generate` to regenerate documentation, verified it now renders properly.

{F1205818}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10570

Differential Revision: https://secure.phabricator.com/D15619
2016-04-05 09:02:54 -07:00
epriestley
3493d9d513 Fix a typo
Summary: Whoops.

Test Plan: O.o

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D15519
2016-03-24 09:12:34 -07:00
epriestley
b193796266 Provide "Reproduction Steps" docs and separate "Version" doc
Summary: I know this is ultimately pointless but feel better about pushing back on users when there is no possible way they could be acting in good faith.

Test Plan: Read documents.

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D15518
2016-03-24 08:57:29 -07:00
epriestley
4a6589524b Add amazon-ses.endpoint configuration
Summary: Fixes T5116.

Test Plan: Will test in production.

Reviewers: chad

Maniphest Tasks: T5116

Differential Revision: https://secure.phabricator.com/D15515
2016-03-23 12:28:59 -07:00
epriestley
63ab2ad69b Typo fixed in docs/tech
Summary: Spelling mistake fixed - neessary > necessary

Test Plan: No Test plan

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D15146
2016-03-21 10:13:06 -07:00
tycho.tatitscheff
821ba8b22e Fix a typo on Almanac User Guide
Summary:
Ref T10527
The lack of a * messed up the remarkup.

Test Plan:
Tested on my instance by pasting the sentence in a phriction document.
See the markup correctly done.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin

Maniphest Tasks: T10527

Differential Revision: https://secure.phabricator.com/D15421
2016-03-06 15:49:44 -08:00
epriestley
809646c8d2 Unprototype Almanac
Summary: Fixes T10449. Almanac doesn't do a whole lot for the average user, but is in good shape technically and works well, and exposing it in the cluster won't let installs destroy themselves now.

Test Plan: Re-read documentation; grepped for `TODO` (there are a couple, but reasonable to push off); browsed around all the UI things (new two-column looks great), called API methods.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10449

Differential Revision: https://secure.phabricator.com/D15400
2016-03-04 17:22:49 -08:00
epriestley
4c97d88aa4 Allow Almanac bindings to be disabled and unused interfaces to be removed
Summary:
Fixes T9762. Ref T10246.

**Disabling Bindings**: Previously, there was no formal way to disable bindings. The internal callers sometimes check some informal property on the binding, but this is a common need and deserves first-class support in the UI. Allow bindings to be disabled.

**Deleting Interfaces**: Previously, you could not delete interfaces. Now, you can delete unused interfaces.

Also some minor cleanup and slightly less mysterious documentation.

Test Plan: Disabled bindings and deleted interfaces.

Reviewers: chad

Reviewed By: chad

Subscribers: yelirekim

Maniphest Tasks: T9762, T10246

Differential Revision: https://secure.phabricator.com/D15345
2016-02-26 06:21:23 -08:00
epriestley
944539a786 Simplify locking of Almanac cluster services
Summary:
Fixes T6741. Ref T10246. Broadly, we want to protect Almanac cluster services:

  - Today, against users in the Phacility cluster accidentally breaking their own instances.
  - In the future, against attackers compromising administrative accounts and adding a new "cluster database" which points at hardware they control.

The way this works right now is really complicated: there's a global "can create cluster services" setting, and then separate per-service and per-device locks.

Instead, change "Can Create Cluster Services" into "Can Manage Cluster Services". Require this permission (in addition to normal permissions) to edit or create any cluster service.

This permission can be locked to "No One" via config (as we do in the Phacility cluster) so we only need this one simple setting.

There's also zero reason to individually lock //some// of the cluster services.

Also improve extended policy errors.

The UI here is still a little heavy-handed, but should be good enough for the moment.

Test Plan:
  - Ran migrations.
  - Verified that cluster services and bindings reported that they belonged to the cluster.
  - Edited a cluster binding.
  - Verified that the bound device was marked as a cluster device
  - Moved a cluster binding, verified the old device was unmarked as a cluster device.
  - Tried to edit a cluster device as an unprivileged user, got a sensible error.

{F1126552}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T6741, T10246

Differential Revision: https://secure.phabricator.com/D15339
2016-02-25 03:38:39 -08:00
epriestley
411331469a Apply namespace locking rules in Almanac
Summary:
Ref T10246. Ref T6741.

When you have a namespace like "phacility.net", require users creating services and devices within it to have edit permission on the namespace.

This primarily allows us to lock down future device names in the cluster, so instances can't break themselves once they get access to Almanac.

Test Plan:
  - Configured a `phacility.net` namespace, locked myself out of it.
  - Could not create new `stuff.phacility.net` services/devices.
  - Could still edit existing devices I had permission for.
  - Configured a `free.phacility.net` namespace with more liberal policies.
  - Could create `me.free.phacility.net`.
  - Still could not create `other.phacility.net`.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T6741, T10246

Differential Revision: https://secure.phabricator.com/D15325
2016-02-22 04:58:53 -08:00
epriestley
db50d0fb11 Rough-in Almanac namespaces
Summary:
Ref T6741. Ref T10246.

Root problem: to provide Drydock in the cluster, we need to expose Almanac, and doing so would let users accidentally or intentionally create a bunch of `repo006.phacility.net` devices/services which could conflict with the real ones we manage.

There's currently no way to say "you can't create anything named `*.blah.net`". This adds "namespaces", which let you do that (well, not yet, but they will after the next diff).

After the next diff, if you try to create `repo003.phacility.net`, but the namespace `phacility.net` already exists and you don't have permission to edit it, you'll be asked to choose a different name.

Also various modernizations and some new docs.

Test Plan:
  - Created cool namespaces like `this.computer`.
  - Almanac namespaces don't actually enforce policies yet.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T6741, T10246

Differential Revision: https://secure.phabricator.com/D15324
2016-02-22 04:58:35 -08:00
epriestley
925a0d3d59 Pass repository PHID to custom hooks in PHABRICATOR_REPOSITORY instead of callsign
Summary:
Ref T4245. We pass this exclusively for use by additional third-party hooks.

This is technically a backward compatibility break, but I suspect it doesn't affect anyone:

  - Probably almost no one is using this (there are few reasons to, even for the tiny number of installs with custom commit hooks).
  - If they are, there's a good chance the PHID will work anyway, since nearly all scripts and Conduit methods will accept it in place of a callsign now, and if it's in logging or debugging code the PHID is a reasonable substitute
  - Even if it doesn't just keep working, the break should be very obvious in most reasonable cases.

I'll call this out explicitly in the changelog, though -- almost everything else will just continue working, but this is a strict compatibility break.

Test Plan:
  - Ugh.
  - Picked a hosted Git repo out of Diffusion.
  - Went to the path on disk.
  - Went into `hooks/`.
  - Went into `pre-receive-phabricator.d/`.
  - Wrote this hook and gave it `chmod +x`:

```name=stuff.sh
#!/bin/sh

echo $PHABRICATOR_REPOSITORY >> /tmp/stuff.log
```

  - Pushed to the repository.
  - Saw a PHID show up in the log:

```
$ cat /tmp/stuff.log
PHID-REPO-bqkcdp47euwnwlasrsrh
```

Reviewers: chad, avivey

Reviewed By: avivey

Subscribers: avivey

Maniphest Tasks: T4245

Differential Revision: https://secure.phabricator.com/D15294
2016-02-17 17:10:44 -08:00
epriestley
973b8ace86 Remove dependence on callsigns from bin/commit-hook
Summary:
Ref T4245. Two effects:

  - First, let hooks work for future repositories without callsigns.
  - Second, provide a better error when users push directly to hosted repositories.

Test Plan: Ran `bin/commit-hook PHID-REPO-xxx`.

Reviewers: chad, avivey

Reviewed By: avivey

Maniphest Tasks: T4245

Differential Revision: https://secure.phabricator.com/D15293
2016-02-17 16:50:36 -08:00
epriestley
8661170819 Fix a couple typos in "why so many databases?" document
Summary: One missing word, one `0` that should be a `)`, simplify a couple of mega-clauses to improve readability?

Test Plan: ((O)) . ((O))

Reviewers: michaeljs1990, chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D15252
2016-02-11 13:49:58 -08:00
epriestley
f5c8a2fb18 Write "Why does Phabricator need so many databases?"
Summary: We will sell you as many new databases as you want, cheap! Just $1 per database!

Test Plan: (O).(O)

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D15249
2016-02-11 13:01:04 -08:00
Vlad Albulescu
b5518d4bfb fix a typo in troubleshooting perf wiki page
Summary: Fix typo. That said, I love the example.

Test Plan: no

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin

Differential Revision: https://secure.phabricator.com/D15210
2016-02-07 16:29:13 -08:00
epriestley
90a0459821 Roughly implement milestone columns on workboards
Summary:
Ref T10010. These aren't perfect but I think (?) they aren't horribly broken.

  - When a project is a parent project, destroy (as far as the user can tell) any custom columns.
  - When a project has milestones, automatically generate columns on the project's workboard (if it has a workboard).
  - When you move tasks between milestones, add the proper milestone tag.
  - When you move tasks out of milestones back into the backlog, add the proper parent project tag.
  - (Plenty of UI / design stuff to adjust.)

Test Plan:
  - Dragged stuff between milestone columns.
  - Used a normal workboard.
  - Wasn't able to find any egregiously bad cases that did anything terrible.

{F1088224}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10010

Differential Revision: https://secure.phabricator.com/D15171
2016-02-03 16:37:59 -08:00
epriestley
d156da3402 Clarify why VCS passwords must be unique
Summary: Fixes T10265.

Test Plan: Read text.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10265

Differential Revision: https://secure.phabricator.com/D15173
2016-02-03 07:23:19 -08:00
epriestley
268a9ced78 Implement subproject/milestone conflict resolution rules
Summary:
Ref T10010. When you try to add "Sprint 35" to a task, remove "Sprint 34", etc. Briefly:

  - A task can't be in Sprint 3 and Sprint 4.
  - A task can't be in "A" and "A > B" (but "A > B" and "A > C" are fine).
  - When a user makes an edit which would violate one of these rules, preserve the last tag in each group of conflicts.

Test Plan:
  - Added fairly comprehensive tests.
  - Added a bunch of different tags to things, saw them properly exclude conflicting tags.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10010

Differential Revision: https://secure.phabricator.com/D15167
2016-02-02 13:12:27 -08:00
epriestley
fc9db6e2a2 Put subprojects and milestones back into the Project UI
Summary: Ref T10010. Restores subprojects and milestones to the UI with a more modern style and more warnings.

Test Plan:
{F1085207}

{F1085208}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10010

Differential Revision: https://secure.phabricator.com/D15152
2016-02-01 09:18:11 -08:00
epriestley
c00cd5c2a3 Make hidden and locked configuration even more explicit
Summary:
A user in IRC seemed very confused by this, and worked extremely hard to shoot themsevles in the foot by manually writing locked configuration to the database.

Try to explain why configuration is locked better.

Test Plan:
Mostly reading.

{F1078905}

{F1078906}

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D15128
2016-01-28 08:18:24 -08:00
epriestley
9c19a026a8 Update old documentation about arc set-config
Summary: Fixes T10223.

Test Plan: Read documentation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10223

Differential Revision: https://secure.phabricator.com/D15116
2016-01-26 08:26:26 -08:00
epriestley
c11c7f2900 Prevent "Manage" profile menu items from being hidden
Summary: Ref T10054. Prevent users from removing this item and locking themselves out of the system unless they can guess the URI.

Test Plan: Tried to disable "Manage", wasn't permitted to.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10054

Differential Revision: https://secure.phabricator.com/D15113
2016-01-25 06:43:03 -08:00
epriestley
7bbd949703 Document that tagging something with a project never affects visibility
Summary: Fixes T10144.

Test Plan: (-O.O-)

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10144

Differential Revision: https://secure.phabricator.com/D15107
2016-01-24 10:02:22 -08:00
epriestley
df4b484a5f Write documentation for profile menus
Summary: Ref T10054. This is all pretty straightforward. Also include some project-specific examples in the project documentation.

Test Plan: Read documentation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10054

Differential Revision: https://secure.phabricator.com/D15090
2016-01-22 08:15:03 -08:00
epriestley
3f36e498b7 Document the new watcher/member/edit notification mail rules
Summary: Ref T10054. This is mostly for completness so I can reference it when closing all the related tasks.

Test Plan: Read documentation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10054

Differential Revision: https://secure.phabricator.com/D15066
2016-01-19 19:39:16 -08:00
epriestley
f24318f308 Make "profile menu" configuration mostly work
Summary:
Ref T10054. This does a big chunk of the legwork to let users reconfigure profile menus (currently, just project menus).

This includes:

  - Editing builtin items (e.g., you can rename the default items).
  - Creating new items (for now, only links are available).

This does not yet include:

  - Hiding items.
  - Reordering items.
  - Lots of fancy types of items (dashboards, etc).
  - Any UI changes.
  - Documentation (does feature: TODO link for documentation).

Test Plan:
{F1060695}

{F1060696}

{F1060697}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10054

Differential Revision: https://secure.phabricator.com/D15010
2016-01-13 11:45:31 -08:00
epriestley
77ac52c180 Update Phabricator documentation of script-and-regex linter for behavioral change
Summary: Ref T10124. Corresponding doc update.

Test Plan: COPY / PASTE

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10124

Differential Revision: https://secure.phabricator.com/D15001
2016-01-11 17:37:32 -08:00
epriestley
b471ebe987 Document that hosted repositories should be backed up
Summary: Fixes T8950.

Test Plan: Reading.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T8950

Differential Revision: https://secure.phabricator.com/D14952
2016-01-05 14:03:20 -08:00
epriestley
55373030df Fix a bad copy/paste in Conduit documentation
Summary: This is linking to the wrong article.

Test Plan: O.O

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D14885
2015-12-26 07:29:24 -08:00
epriestley
aab1574e33 Remove TYPE_SEARCH_DIDUPDATEINDEX event
Summary:
Ref T9979. This event had one weird callsite and no known third-party callers. It can be done more cleanly as an extension, now.

This index is used to allow us to "Group By: Project" in Maniphest without joining into the Projects database.

Test Plan:
  - Ran a query with "Group By: Project" in Maniphest.
  - Renamed project "Apples" to "Zebras".
  - Reloaded page.
  - UI properly moved "Zebras" tasks to the bottom of the list.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9979

Differential Revision: https://secure.phabricator.com/D14836
2015-12-21 17:23:59 -08:00
epriestley
57cc30d0c4 Continue hammering new *.search / *.edit documentation into shape
Summary: Ref T9964. Create some docuemntation for this stuff, and clean up the *.edit endpoints a bit.

Test Plan: Read documentation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9964

Differential Revision: https://secure.phabricator.com/D14798
2015-12-16 08:46:05 -08:00
epriestley
c19654db16 Write some basic "dealing with Conduit changes" documentation
Summary:
Ref T9980. No magic here, just write a little bit about how to find outdated callers. Update the technical doc.

Also:

  - Fix an unrelated bug where you couldn't leave comments if an object had missing, required, custom fields.
  - Restore the ConduitConnectionLog table so `bin/storage adjust` doesn't complain.

Test Plan: Read docs.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9980

Differential Revision: https://secure.phabricator.com/D14784
2015-12-14 15:26:24 -08:00
epriestley
0692115953 Remove all references to the Conduit ConnectionLog
Summary:
Ref T5955, T9980, T9982.

We currently store two types of Conduit logs: //connection// logs and //method// logs.

Originally, Conduit worked like web logins: you'd call `conduit.connect` and then get a session back. This approach still works, but new clients don't use it and it will probably stop working eventually after T5955 is further along.

There was no real reason for things to work like this and no other API in the world does, I think it was just slightly easier to implement back in 2011.

This table was used to group up related calls in a UI long ago, I think, but that got deleted at some point. In any case, it serves no purpose in modern Phabricator.

Test Plan: `grep`

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T5955, T9980, T9982

Differential Revision: https://secure.phabricator.com/D14780
2015-12-14 15:25:11 -08:00
epriestley
c62e0a10f6 Clarify that ApplicationEditor supports editing itself
Summary: edit forms in yo' edit forms

Test Plan: ~(o.o)~

Reviewers: chad

Reviewed By: chad

Differential Revision: https://secure.phabricator.com/D14739
2015-12-10 19:19:20 -08:00
epriestley
42ef21f8fa Document how to customize forms in ApplicationEditor
Summary:
Ref T9132. I think the featureset is approximatley stable, so here's some documentation.

I also cleaned up a handful of things in the UI and tried to make them more obvious or more consistent.

Test Plan: Read documentation.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9132

Differential Revision: https://secure.phabricator.com/D14718
2015-12-09 07:30:23 -08:00