- Change verify_prod_deployment from 'when: manual' to 'when: on_success'
- Production deployment verification will now run automatically on master branch
- Ensures production deployments are verified just like dev deployments
- Maintains safety with allow_failure: false
- Add PrometheusMetricsIntegrationTest class with 7 comprehensive tests
- Test Prometheus server startup, custom metrics availability, and port conflict handling
- Test metrics increment, different labels, histogram metrics, and production mode
- Use random ports (9470-9570) to avoid conflicts between tests
- Make tests lenient about custom metrics timing (collection delays)
- Update OpenTelemetry configuration to handle MeterProvider conflicts gracefully
- Update documentation to clarify production vs development Prometheus usage
- Ensure metrics are properly exported via OTLP in production
- Verify comprehensive test coverage for CI environments
All 34 OpenTelemetry tests pass successfully.
- Fix commit_date parsing from git logs (was showing 'unknown')
- Add deployment_date field using manage.py modification time
- Improve git log parsing to handle author names with spaces
- Both dates now show in proper format: YYYY-MM-DD HH:MM:SS +timezone
The endpoint now returns:
- commit_date: When the commit was made (from git logs)
- deployment_date: When the code was deployed (from file mtime)
- Comment out DjangoInstrumentor().instrument() to test if it's causing duplicate Host headers
- Remove unused DjangoInstrumentor import
- Keep other instrumentation (database, HTTP client) enabled
- This is a temporary test to isolate the Host header duplication issue
- Add _ot_initialized flag to prevent multiple setup calls
- Make setup_opentelemetry() idempotent
- Handle 'Address in use' error gracefully for Prometheus server
- Prevent OpenTelemetry setup failures due to multiple initialization
- Always initialize OpenTelemetry in Django settings (instrumentation always enabled)
- Remove ENABLE_OPENTELEMETRY feature flag from config.py
- Simplify views.py OpenTelemetry imports to always use real implementation
- Export control now handled by OTEL_EXPORT_ENABLED environment variable only
This ensures OpenTelemetry is properly initialized during Django startup
and the Prometheus metrics server starts correctly.
Since containers restart on content changes, remove TTL-based cache expiration
and cache version information indefinitely. This provides maximum performance
benefit while maintaining correctness.
- Remove timestamp-based cache expiration logic
- Cache version info indefinitely until container restart
- Simplify caching function by removing TTL complexity
- Maintain optimized git log file reading
- Add _start_prometheus_server method to start HTTP server
- Register PrometheusMetricReader collector with prometheus_client REGISTRY
- Parse endpoint to extract host and port for HTTP server
- This fixes the issue where metrics endpoint was not accessible
- Add proper cache expiration with 5-minute TTL
- Optimize git log file reading to avoid loading entire file
- Read only last chunk (1024 bytes) instead of all lines
- Add shorter TTL (30s) for error cases to allow retry
- Improve error handling with UnicodeDecodeError support
- Maintain backward compatibility and security (no subprocess calls)
This fixes the 30-second response time issue by implementing efficient
caching and optimized file I/O operations.
- Add OpenIDErrorHandlingTestCase with 8 test methods
- Test OpenID discovery failures, confirmation failures, and cancellations
- Test template inheritance (openid/failure.html extends error.html)
- Test direct error.html template rendering with authenticated/anonymous users
- Use unittest.mock to simulate OpenID failures without external dependencies
- Verify error messages are properly displayed to users
- Ensure comprehensive coverage of error.html template through OpenID scenarios
All tests pass and maintain existing test coverage.
File upload security (iteration 1), security enhancements and OpenTelemetry (OTEL) implementation (sending data disabled by default)
See merge request oliver/ivatar!265
- Update all test scripts to use OTEL_EXPORT_ENABLED instead of legacy flags
- Remove references to deprecated ENABLE_OPENTELEMETRY and OTEL_ENABLED
- Simplify run_tests_local.sh to use --exclude-tag=bluesky
- Update documentation to reflect instrumentation always enabled
- Remove legacy configuration section from README.md
All scripts now use the new approach where:
- OpenTelemetry instrumentation is always enabled
- Only data export is controlled by OTEL_EXPORT_ENABLED flag
- Cleaner configuration with single export control flag
- Update test_setup_tracing_with_otlp to use OTEL_EXPORT_ENABLED instead of OTEL_ENABLED
- Update test_setup_metrics_with_prometheus_and_otlp to use OTEL_EXPORT_ENABLED instead of OTEL_ENABLED
- These tests now correctly test the export-enabled behavior by setting the export flag
- Always enable OpenTelemetry instrumentation, use OTEL_EXPORT_ENABLED for data export control
- Remove conditional checks from middleware, metrics, and decorators
- Simplify CI configuration to use single test job instead of parallel jobs
- Update tests to remove conditional logic and mocking of is_enabled()
- Add comprehensive environment variable documentation to README
- Update config.py to always add OpenTelemetry middleware
- Replace ENABLE_OPENTELEMETRY/OTEL_ENABLED with OTEL_EXPORT_ENABLED
This approach is much simpler and eliminates the complexity of conditional
OpenTelemetry loading while still allowing control over data export.
- The standalone semgrep job was scanning /tmp/app instead of project files
- It produced no useful output and wasted CI resources
- semgrep-sast from SAST template already provides comprehensive security scanning
- This eliminates redundancy and reduces pipeline time by ~31 seconds
- Replace scripts/test_deployment.sh with scripts/check_deployment.py
- Add command-line parameters: --dev, --prod, --endpoint, --max-retries, --retry-delay
- Improve maintainability with Python instead of shell script
- Add proper SSL certificate handling with fallback to unverified SSL
- Add binary content support for image downloads
- Add comprehensive error handling and colored output
- Add type hints and better documentation
- Update GitLab CI deployment verification jobs to use new Python script
- Replace ~140 lines of inline shell script with simple Python calls
- Change CI images from alpine:latest to python:3.11-alpine
- Add Pillow dependency for image processing in CI
- Maintain same retry logic and timing as before
- Remove obsolete test runner scripts that were deleted earlier
- All deployment tests now use consistent Python-based approach
