Wikimedia Release Engineering Team/Monthly notable accomplishments

This page lists notable accomplishments for the month as we come up with them during our weekly team meetings.

See Wikimedia_Release_Engineering_Team/Monthly_notable_accomplishments/Archive for previous quarters.

FY 2025-2026 Q4

April

Phorge: Landed a small performance improvement upstream rP995a80cb6be7 not to run a round of JS to load already displayed comments on every single damn task view
Phorge: Been poking better API reference docs not to have broken links, plus read-only mode
FYI: We saw the highest number ever of new || active users in Phab last month, likely due to GSoC: https://www.mediawiki.org/wiki/Developer_Advocacy/Metrics#Project_management_(Phabricator)
https://gerrit.wikimedia.org/r/c/operations/puppet/+/1255012 scap.cfg.erb: [eqiad1.wikimedia.cloud] remove php_parsoid from mw_web_clusters
https://gitlab.wikimedia.org/repos/releng/gitlab-trusted-runner/-/merge_requests/157 add-project.py: get_projects_for_runner: Add pagination support
https://gitlab.wikimedia.org/repos/releng/gitlab-cloud-runner/-/merge_requests/565 staging.tfvars: Bump buildkit to wmf-v0.28.1
https://gitlab.wikimedia.org/repos/releng/gitlab-cloud-runner/-/merge_requests/566 staging.tfvars: Bump buildkit to wmf-v0.29.0
https://gitlab.wikimedia.org/repos/releng/gitlab-cloud-runner/-/merge_requests/562 Replace nginx ingress with traefik
https://gitlab.wikimedia.org/repos/test-platform/catalyst/catalyst-tofu/-/merge_requests/33 install_k9s: Run under bash and set -o pipefail
https://gitlab.wikimedia.org/repos/test-platform/catalyst/catalyst-api/-/merge_requests/174 charts-dev.yaml: Copy of charts.yaml with alternate host paths
https://gitlab.wikimedia.org/repos/test-platform/catalyst/catalyst-api/-/merge_requests/183 catalyst.go: StreamContainerLogs: Fix logsTerminated data race
https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/304 dev: Lower memory limit to 7836m
https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/301 dev: Only pass --cpus,--memory flags only when creating a minikube
https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/307 skaffold.yaml: Set app.catalystApiUrl: http://catalyst-api-service.cat-env
https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/315 Catalyst.php: errorMessageForStream: Handle non-JSON content
https://gitlab.wikimedia.org/repos/releng/jenkins-deploy/-/merge_requests/112 jenkins.yaml: Grant read access to Arnaudb
https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/1110 scap prep: Require clean git status in patches directory
https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/1111 Drop scap patch subcommand
Added Composer autoloader to patchdemo
- Fixed some things I broke adding an autoloader to patchdemo
wmf/next branch cut job timezone changed to UTC (<https://phabricator.wikimedia.org/T404399>)
Fixed Special:Import ooui form building to work with $wgImportSources with duplicate subprojects (<https://phabricator.wikimedia.org/T410109>)
[anti-win] Residential proxies have found Beta Cluster (<https://phabricator.wikimedia.org/T420833>).
merged https://gitlab.wikimedia.org/repos/releng/jwt-authorizer/-/merge_requests/22 policy: Use Rego policies instead of Go templates (thanks for review, Ahmon!)
worked with dzahn to troubleshoot and resolve Zuul/Zookeeper TLS problems https://phabricator.wikimedia.org/T405119
Mostly-working reorganization of patchdemo webroot, soooorta working port of patchdemo to slim framework
https://gitlab.wikimedia.org/repos/releng/gitlab-cloud-runner/-/merge_requests/567 prod.tfvars: Bump buildkit to wmf-v0.29.0
https://gerrit.wikimedia.org/r/c/operations/puppet/+/1266395 buildkitd: Bump buildkit image to wmf-v0.29.0
https://gitlab.wikimedia.org/repos/test-platform/catalyst/catalyst-api/-/merge_requests/182 StreamContainerLogs: Send an initial event
https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/318 lib/Patchdemo/Catalyst.php: streamLogs: Use error response body
https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/319 js/common.js: Remove unused eslint-disable directive
https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/322 lib/Patchdemo/Catalyst.php: Fix streamLogs timeout reconnect logic
https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/1114 bootstrap_scap_master.sh: Fix install_local_version.sh flags
https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/1116 JobCard.vue: Make job console button a regular link
https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/1117 Spiderpig: Use AnsiUp instead of Xterm.js for job log
https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/1118 JobCard.vue: Eliminate eslint warnings
https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/1120 web: Clean up remaining eslint warnings
https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/1121 web/package-lock.json: npm audit fix updates
https://gitlab.wikimedia.org/repos/releng/gitlab-webhooks/-/merge_requests/38 Fix failing tox environments
https://gitlab.wikimedia.org/repos/releng/train-dev/-/merge_requests/177 exp/Makefile: Pin gradle to version 8.5
https://gitlab.wikimedia.org/repos/releng/train-dev/-/merge_requests/178 Dockerfile.base: Add -o to groupadd
https://gitlab.wikimedia.org/repos/releng/train-dev/-/merge_requests/179 exp/Makefile: Set DOCKER_DEFAULT_PLATFORM to linux/amd64
https://gitlab.wikimedia.org/repos/releng/train-dev/-/merge_requests/180 train-dev: Run npm under docker
https://gitlab.wikimedia.org/repos/releng/train-dev/-/merge_requests/181 mirror-repos.py: Workaround for T409519
https://gerrit.wikimedia.org/r/c/operations/mediawiki-config/+/1268270 Merge remote-tracking branch 'origin/master' into train-dev
https://gerrit.wikimedia.org/r/c/operations/mediawiki-config/+/1268272 InitialiseSettings-dev.php: Disable IPReputation and TestKitchen in train-dev
https://gerrit.wikimedia.org/r/c/integration/config/+/1268239 dockerfiles/catalyst/deploy_env.py: Fix stream_creation_logs
https://gerrit.wikimedia.org/r/c/integration/config/+/1268248 jjb/mediawiki-extensions.yaml: Bump catalyst image to 1.3.2
https://gerrit.wikimedia.org/r/c/integration/config/+/1268245 fab: Use ssh ControlMaster=auto for ssh connections
https://gerrit.wikimedia.org/r/c/mediawiki/extensions/WikibaseLexeme/+/1268664 .gitmodules: Update NLSP/new-lexeme-special-page URL
Rebuilds WMCS Jenkins agents to Bookworm
Need to rebuild from Bullseye to Bookworm deployment-deploy04 (deployment server on Beta Cluster)
- This is on bd808's list of things for this week
Paired and trained test platform about:
- MediaWiki testing (Zuul workflows, Quibble logic)
- Speeding up feedback loop
Thank you Dan for having fixed my migration mistake with `pipelinelib` labels
Incremental progress with zuul. nodepool is now talking to zookeeper
- https://phabricator.wikimedia.org/T422207
- not sure if it's talking to the WMCS zuul cluster yet. i will look into it today
Ready to release 2.0.0 of jwt-authorizer which includes the Rego based policy support
- Making puppet changes for deployment
Backups for k3s data working in Catalyst
https://gerrit.wikimedia.org/r/c/mediawiki/tools/phpunit-patch-coverage/+/1268243 Migrate from phalcongelist/php-diff to jfcherng/php-diff
https://gerrit.wikimedia.org/r/c/integration/config/+/1269068 dockerfiles/quibble-coverage: Update mediawiki/phpunit-patch-coverage to 0.0.17
https://gerrit.wikimedia.org/r/c/integration/config/+/1269070 jjb: Bump quibble-coverage to 1.16.0-s3
https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/1115 backport.py: Process scap backport --revert changes in right order
https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/1126 ErrorLogsPage.vue: Use rison-node library to encode the dashboard query
Patchdemo webroot stuff merged
Composer updates for various images
Catalyst production k8s upgrade
gitlab-cloud-runner
- Upgraded Istio to version 1.29.2
- Upgraded Grafana to 12.4.2
- Updated cluster upgrade notes
- Upgraded staging and prod k8s to 1.35.1-do.3
- docker-hub-mirror: Increased nginx memory requests/limits to 200Mi
- Rewrote k8s-pvc-cleaner in Go.
  - Should be much simpler in k8s 1.36
- Added auto-deploy mode
Catalyst/Patchdemo
- dev: export MINIKUBE_PROFILE=patchdemo
- Use localhost domain for macOS
- Finalized READMEs
Scap
- Dropped `scap security-check`
- sync-world: Offer to rollback k8s deployments
- test-requirements.txt: Use pytest>=9.0.3
- spiderpig: Make close button always work on job viewer page
- backport: Only consider CI votes after backport approval
- Improve sync interaction appearance in terminal
- SpiderPig: Link to job log in sync failure prompts
- Spiderpig: Don't redraw job log on reconnect
- git.py: info(): Use head_sha1 for head key
Phorge
- Andre mandated MFA for more users in hopes of stemming the slopbot tide a bit
DSS published: https://www.mediawiki.org/wiki/Developer_Satisfaction_Survey/2026

FY 2025-2026 Q3

Jan

Scap Trixie support
- https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/1057 Deprecation fixes for trixie
- https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/1058 Bump flake8 to 6.1.0
- https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/1059 history.py: Don't use database connection pooling
- https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/1060 Add trixie to supported distros
Scap train mods
- https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/1056 train: Act as if testwikis are not part of group0
- https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/1062 Drop `scap test-train`
Buildkitd 0.26.3 upgrade:
- https://gitlab.wikimedia.org/repos/releng/gitlab-cloud-runner/-/merge_requests/541 staging.tfvars: Bump buildkitd to wmf-v0.26.3
- https://gitlab.wikimedia.org/repos/releng/gitlab-cloud-runner/-/merge_requests/542 prod.tfvars: Bump buildkitd to wmf-v0.26.3
- https://gerrit.wikimedia.org/r/c/operations/puppet/+/1223247 Bump buildkitd to wmf-v0.26.3
Phab: Matmarex' Phab CSS patch so bot comments are now less noisy.
Phab: monitoring timeouts for GitLab search
- https://phabricator.wikimedia.org/T413992
Upgrade gitlab-runner to v18.5.0 on gitlab-cloud-runners. (T414053)
GitLab PVC cleaner for k8s runners: https://gitlab.wikimedia.org/repos/releng/k8s-pvc-cleaner/-/merge_requests/35 Revised resource watch implementation
https://gerrit.wikimedia.org/r/c/operations/puppet/+/1219907 git::clone: Get default branch name a different way (T413193)
https://gerrit.wikimedia.org/r/c/operations/puppet/+/1225620 deployment-prep common.yaml: Update mediawiki_smarthosts (T412975)
Fixed puppet on etherpad-bookworm.devtools.eqiad1.wikimedia.cloud (T414504) (Thanks bd808)
Brennen deployed Phabricator things: https://phabricator.wikimedia.org/T414479#11517434
Antoine recursive injectin of MediaWiki extensions:
- Proceeding with Bluespice extensions
- Next: CheckUser related and Wikibase related ones
Phatality: Gergo wrote a user script for Opensearch dashboard to link reqId to a search. Handy to upstream in releng/phatality.git ? https://wikimedia.slack.com/archives/C01R06P8D1B/p1768854772395349
Train: TypeError on https://www.mediawiki.org/wiki/BlueSpice

[0d43958a-c21f-4a3b-8475-25d1258a87dc] 2026-01-28 17:11:30: Fatal exception of type "TypeError"

New SAL for FR-Tech: https://wikitech.wikimedia.org/wiki/Fundraising/SAL https://phabricator.wikimedia.org/T415389
Handled 14 unblock requests for Beta Cluster in January.
Fixed CDN in Beta Cluster by adding a guard condition to skip prod-only code usage. https://phabricator.wikimedia.org/T415113
gitlab-cloud-runner maintenance
* https://gitlab.wikimedia.org/repos/releng/gitlab-cloud-runner/-/merge_requests/547 prod.tfvars: Reduce prometheus_retention to 90 days
- https://gitlab.wikimedia.org/repos/releng/gitlab-cloud-runner/-/merge_requests/549 prod.tfvars: Increase prometheus_storage_size to 100Gi
Scap: locking in the background for DC switchover
- https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/1064 scap lock --all: Add --bg flag
- https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/1069 scap lock: Add --yes flag for --unlock-all mode
- https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/1068 scap update-patch/remove-patch: Lock staging directory during operation
SpiderPig stuff
- https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/1073 spiderpig: Add one-click job retry
- https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/1075 spiderpig/api.py: signal_job: Validate signal type
- https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/1076 jobrunner.py: Allow a job to be signalled more than one time
- https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/1081 jobrunner.py: Set SIGINT handler to default
- https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/1082 JobCard.vue: Add button to stop a job
- https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/1084 JobCard.vue: Don't navigate to job detail when selecting text
Pretrain
- https://gerrit.wikimedia.org/r/c/operations/puppet/+/1230952 pretrain: Run one hour later, at 02:00UTC
Helped Lucas Werkmeister with moving https://gitlab.wikimedia.org/repos/m3api/m3api-oauth2 CI pipeline to WMCS runners (T414864)
https://gitlab.wikimedia.org/repos/releng/train-dev/-/merge_requests/175 mirror-repos.py: Add custom User-Agent for git HTTP operations

Feb

Scap feature: https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/1088 sync-world: Add `--force-l10n-update` flag
Scap chore: https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/1090 main.py: Remove reference to php 7.x
Scap k8s: https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/1092 kubernetes.py: Make deployment monitoring resilient to connectivity blips
Scap web:
- https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/1091 JobCard: Move job actions to their own column
- https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/1095 package-lock.json: Ran `npm audit fix`
- https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/1097 web/src/api.js: Clean up unused variables
- https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/1101 web: Fix multiple template root issues in Vue components
- https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/1102 web: Replace v-model:open with explicit bindings in dialogs
- https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/1103 Train.vue: Add a top-level div
- https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/1105 web: Linter fixes
Catalyst dev env updates
- https://gitlab.wikimedia.org/repos/test-platform/catalyst/catalyst-api/-/merge_requests/153 dev: Check for all tools used by the script
- https://gitlab.wikimedia.org/repos/test-platform/catalyst/catalyst-api/-/merge_requests/154 dev: Add mariadb helm repo
- https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/238 deployment.yaml: Don't clone repo if its directory already exists
- https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/240 skaffold.yaml: Rebuild when apache config is modified
- https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/241 Chart.yaml: Add comments about prerequisites
- https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/242 README.md: Mention ./dev runtime
- https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/243 skaffold.yaml: Install mariadb-operator-crds and mariadb-operator first
- https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/244 skaffold.yaml: wikiReposPool.enabled: false
- https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/245 dev: Add start/stop/clean operations
Misc catalyst/patchdemo changes
- https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/249 README.md: Use https URL to access local patchdemo server
- https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/248 Remove helm/patchdemo/charts/mariadb-17.0.1.tgz
- https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/250 dev: Check for all tools used by the script
- https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/255 includes.php: shell_echo_multi: Fix polling interval
- https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/256 includes.php: shell_echo_multi: Send periodic heartbeat
- https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/252 dev: Add mariadb helm repo
- https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/253 .dockerignore: Ignore top level .git directory
- https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/259 includes.php: shell_echo_multi: Limit concurrent subprocesses
- https://gitlab.wikimedia.org/repos/releng/dev-images/-/merge_requests/87 patchdemo-bookworm-node18-php82-apache2: Run under tini
- https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/261 blubber.yaml: Use docker-registry.wikimedia.org/dev/patchdemo-bookworm-node18-php82-apache2:0.0.3
- https://gitlab.wikimedia.org/repos/test-platform/catalyst/catalyst-tofu/-/merge_requests/28 modules/primary_setup: Install K9s on main K3s host
- https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/260 Catalyst.php: streamLogs: Add heartbeat callback
- https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/265 dev: Add kubectl to list of required tools
- https://phabricator.wikimedia.org/T417426 (Quota increase request for project catalyst-dev)
- https://gitlab.wikimedia.org/repos/test-platform/catalyst/catalyst-tofu/-/merge_requests/29 Setup improvements
- https://gitlab.wikimedia.org/repos/test-platform/catalyst/catalyst-api/-/merge_requests/155 Makefile: Don't try to read nonexistent VERSION file
Andre attended ChaossCon and FOSDEM, met Wikimedians and the Bitergia folks
Phorge: Wrote a fix not to create a duplicate default column after disabling and creating a project workboard
Phorge: Wrote a CSS patch not to make the task title without whitespace break out of the "Close as Dup" dialog
Antoine: finished disabling recursion on BlueSpice repos
Antoine: I found a solution to isolate Wikibase browser tests to a standalone job, speeding up everyone depending on Wikibase somehow.
- Before de-recursifying: https://releng-data.wmcloud.org/-/dashboards/jenkins/build-time-distro?job_name=quibble-vendor-mysql-php83&date_end=2025-12-01&date_start=2025-10-02&repo_name=&host_name=
- After de-recursifying: https://releng-data.wmcloud.org/-/dashboards/jenkins/build-time-distro?job_name=quibble-vendor-mysql-php83&date_end=2026-02-02&date_start=2025-12-02&repo_name=&host_name=
Antoine: have talk with test teams about browser tests. I should meet Peter & Zelko next week
TheDJ hot fixed TimedmediaHandler for the train :victory:
Loss: CentralAuth failure on train
Created an epic and subtasks for gitlab-cloud-runner migration from DigitalOcean to WMCS
- https://phabricator.wikimedia.org/T416256
- submitted a working refactor of gitlab-cloud-runner as a draft MR https://gitlab.wikimedia.org/repos/releng/gitlab-cloud-runner/-/merge_requests/551
- MR needs to be broken up and further refactored
- BD808 note: firewall rules in current WMCS-hosted runners vs. DO-hosted runners. May be a non-issue if we're not using puppet/ferm things.
Routine Phab/Phorge deploy - https://phabricator.wikimedia.org/T417657#11623845
Not-really-win: Poked the "require MFA in Phab for members of some ACL projects" whack-a-mole game, upstream did not like my two approaches, but at least they are looking into reusable Policy objects a bit now
It feels like Gerrit-behind-the-CDN has been relatively painless. (Modulo CI stuff.)
New Pretrain hypothesis documented and starting work: https://phabricator.wikimedia.org/T417704
Antoine deployed WP25EasterEgg enablement on Monday. Thanks Artem for the testing and Urbanecm for the very detailled preparation work
Antoine: switch over of Gerrit service to a new hardware/OS successful
CI had git failing with 502 since Feb 10th and a lot more during most of monday due to Gerrit switchover adding increasing latency between DC exacerbating a timeout race condition. Fixed by Valentin from Traffic https://phabricator.wikimedia.org/T417536
Anti-Win: CI does not receive event from Gerrit 6% of the time since the switch behind TCP Proxy UBN https://phabricator.wikimedia.org/T417497
https://gerrit.wikimedia.org/r/c/operations/puppet/+/1240372 scap3 install provider: Set env vars for deploy_user when running scap
https://gerrit.wikimedia.org/r/c/operations/puppet/+/1240377 scap: load scap_source type in specs
https://gitlab.wikimedia.org/repos/test-platform/catalyst/catalyst-api/-/merge_requests/156 blubber.yaml: Enable Go build cache
https://gitlab.wikimedia.org/repos/test-platform/catalyst/ci-charts/-/merge_requests/120 Chart 0.1.2: Use $PHP_VERSION instead of hard-coded 8.1
https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/258 create.php: Handle deleted catalyst environment
https://gitlab.wikimedia.org/repos/releng/dev-images/-/merge_requests/92 bookworm-php-sury: Update sury-php GPG key
https://gitlab.wikimedia.org/repos/releng/dev-images/-/merge_requests/95 fab: Minimize ssh calls
Deployed https://gitlab.wikimedia.org/repos/releng/gitlab-cloud-runner/-/merge_requests/553 gitlab-runner: bump image version to alpine-v18.7.2
https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/1104 web: Upgrade to ESLint 9.39.2
Scap 4.242.0 released (with Tyler's https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/1106)
Docs updated to remove outdated guidance about branching and deploying before beta cluster testing -- <https://www.mediawiki.org/w/index.php?title=Writing_an_extension_for_deployment&diff=prev&oldid=8233168> <https://phabricator.wikimedia.org/T125678>
- IT'S BEAUTIFUL!
Took over abandoned "phabricator-bug-status" tool and fixed it so that <https://en.wikipedia.org/wiki/MediaWiki:Gadget-BugStatusUpdate.js> works again. <https://phabricator.wikimedia.org/T329927> <https://phabricator.wikimedia.org/T142237>
- nice
Phab: Brennen deployed a few config changes: https://phabricator.wikimedia.org/T418256#11646797 (going to personal Settings no more lists "SSH Public Keys" and "VCS Password" panels in the navigation bar)
Phab: Marked a bunch of bot accounts as bots by setting the DB flag manually. This may allow us to see which individuals use Conduit at https://phabricator.wikimedia.org/conduit/log/query/all/ to bother them and such
Phorge upstream: Added some random "Copy" buttons to random Password/Token dialogs
Phorge upstream: Wrote PoC code to allow setting a custom name for Conduit Tokens (need to clean up still)
gitlab-cloud-runner: Ready to merge MR that separates k8s cluster management and in-cluster resource management https://gitlab.wikimedia.org/repos/releng/gitlab-cloud-runner/-/merge_requests/552
- It's a big change that prepares the repo for a new wmcs module
Dealt with CDN/TCP proxy switch of Gerrit (that was exhausting)
- There are still some aftermath to deal with and probably a postmortem to write about it
Overhauled dashboard for Gerrit replication https://grafana.wikimedia.org/d/d4a4da73-c27f-4ce6-a9e5-ab84dd7a4ebb/replication
Antoine pairing with test platform

Mar

https://gitlab.wikimedia.org/repos/test-platform/catalyst/ci-charts/-/merge_requests/121 add_worktree: Clone repo if it hasn't been cloned yet
https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/276 dev: Use --addons=ingress
https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/274 dev: Populate wiki-repos pool
https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/278 dev: Fix accidental second start of minikube
https://gitlab.wikimedia.org/repos/test-platform/catalyst/catalyst-api/-/merge_requests/167 dev: Fix accidental second start of minikube
https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/279 dev: Set minikube cpu and memory allocations
https://gitlab.wikimedia.org/repos/releng/release/-/merge_requests/236 make-container-image/build-images.py: Remove 5 minute sleep after full image build push
https://gitlab.wikimedia.org/repos/releng/scap/-/merge_requests/1109 verify-requirements.txt: Bump filelock and platformdirs versions
Reset Mr. Widget (Phab related merge requests) token, documented where that lives because it took me like 45 minutes to figure that out.
Merged/deployed https://gitlab.wikimedia.org/repos/releng/gitlab-cloud-runner/-/merge_requests/552
- Big refactor to how gitlab-cloud-runner is managed, separating cluster resources from in-cluster resources
Moved on to requesting quota for gitlab-runners project based on data from grafana.cloud.releng.team but I might have scared WMCS folks when actually requesting the quota. Need to sync up with them
- https://phabricator.wikimedia.org/T418813#11667212
36% (9min) improvement to merge times for MediaWiki gated stuff: https://phabricator.wikimedia.org/T287582
Updated SPDX data in Toolhub and deployed new version for the first time in ~1 year. <https://phabricator.wikimedia.org/T372824>
- new license metadata stuff
https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/275 deployment.yaml: Refactor clone-wikis initContainer
https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/282 dev: Remove git submodules update
https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/285 dev: Run populate-repo-pool job as root
Fixed a bunch of issues with 404 link results in Phorge upstream API references on https://we.phorge.it/diviner/ (once that gets deployed) in https://we.phorge.it/differential/?ids=26818,26819,26823#R
Antoine pairing with Željko & Peter on CI things
Fixing PHPUnit coverage xml parsing
Documenting split of Jenkins from Zuul for Java21 upgrade
- https://doc.wikimedia.org/cover-extensions/
There was a Northwestern Yurop Hackathon last weekend and people did stuff
https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/287 dev: Don't chown 33:33 /mnt/k3s-data/wiki-repos
https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/286 dev: Wait for mariadb-operator-webhook to be ready before running skaffold dev
https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/288 dev: Use /data/wiki-repos instead of /mnt/k3s-data/wiki-repos
https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/295 dev: Add DO_REPO_POOL_POPULATION setting
https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/297 dev: Use up to 3 concurrent clones
https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/294 deployment.yaml: Announce patchdemo ingress URL
https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/298 Set User-Agent for all git clone operations
https://gitlab.wikimedia.org/repos/test-platform/catalyst/patchdemo/-/merge_requests/300 dev/traefik: Configure self-signed wildcard certificate
I've got a working patchdemo + catalyst API dev setup, thanks Ahmon & Jeena
Published reusable reverse proxy container for Toolforge folks <https://phabricator.wikimedia.org/T414836>
Got WMCS shared egress IP unblocked by MusicBrainz <https://phabricator.wikimedia.org/T419777>
Got Reedy to backport thumbnail steps to REL1_43 for 1.43.7 so that the LTS release can meet current WMF expectations for InstantCommons/QuickInstantCommons request patterns.
Threw some hardware at that long term annoying deployment-sessionstore06 problem and saw great success. <https://phabricator.wikimedia.org/T415021>
Fixed CI for wikibugs which had been broken by setuptools 82.0 removing the previously deprecated `pkg_resources` system.
added traefik ingress to patchdemo dev
code-server merged to patchdemo
switched catalyst ci jobs from downstream trigger to component, but this still needs some work
refactored jwt-authorizer to use Rego policies instead of Go templates. almost ready for review
- https://www.openpolicyagent.org/docs/policy-language#why-use-rego