Page MenuHomeSoftware Heritage
Create Task
Maniphest T614

Open up the Software Heritage API to the world
Closed, MigratedEdits Locked
Actions

Description

It's about time we open up our (HTTP-, JSON-based) API to the world.

We need to make very sure that we don't get our pants caught on fire as we do it: we must avoid having our infrastructure torn down by the load.

This meta task tracks the steps we need to take to be able to do this.

  • (critical) create a read-only replica database (this is a by-product of T615)
  • (critical) implement rate limiting for anonymous access to the API (T616)
  • (normal) token-based user authentication and rate-limiting for access to the API
  • (normal) split moma in two virtual machines: one for the scheduler and associated stuff (rabbitmq) and one for the web ui

While opening up the API for unauthenticated requests should not be an issue if we have a second database for read-only access, we should ramp up the load by allowing only heavily rate-limited API access at first, rather than open it all up and see it explode mid-flight.

Provisions for authenticated access will allow us to give special rate limits to the people that need it, and be able to finely control it. This is not critical to have in the beginning, but we should be ready to provide it ASAP anyway. Might as well do that while we're adding the rate-limiting stuff.

Splitting the scheduling and the Web UI should have been done long ago but is now easy as pie as we have another hypervisor, it just needs the work to be done.

Related Objects
Search...

Event Timeline

olasd created this task.Jan 4 2017, 2:24 PM
zack updated the task description. (Show Details)Jan 4 2017, 7:07 PM
zack added a project: General.Jan 4 2017, 8:14 PM
zack created subtask T615: set up pg_logical-based master/slave replication for the postgres db.Jan 4 2017, 8:23 PM
zack updated the task description. (Show Details)Jan 4 2017, 8:25 PM
zack created subtask T616: rate limiting for anonymous access to the API.Jan 4 2017, 8:30 PM
zack updated the task description. (Show Details)
olasd changed the status of subtask T615: set up pg_logical-based master/slave replication for the postgres db from Open to Work in Progress.Jan 9 2017, 3:05 PM
zack added a project: Restricted Project.Jan 11 2017, 4:38 PM
zack moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.
zack created subtask T618: debian packaging of flask-limiter.Jan 11 2017, 4:47 PM
zack created subtask T620: face lift for the API doc page.Jan 11 2017, 5:13 PM
zack created subtask T621: content review for the API doc page.Jan 11 2017, 5:16 PM
olasd changed the status of subtask T618: debian packaging of flask-limiter from Open to Work in Progress.Jan 11 2017, 5:53 PM
zack created subtask Unknown Object (Maniphest Task).Jan 12 2017, 10:24 AM
olasd closed subtask T618: debian packaging of flask-limiter as Resolved.Jan 20 2017, 12:08 PM
olasd changed the status of subtask T616: rate limiting for anonymous access to the API from Open to Work in Progress.Jan 20 2017, 7:36 PM
ardumont closed subtask Unknown Object (Maniphest Task) as Resolved.Jan 24 2017, 11:20 AM
ardumont closed subtask T620: face lift for the API doc page as Resolved.Jan 25 2017, 1:41 PM
olasd created subtask T653: Split the scheduler (rabbitmq) out of the moma virtual machine.Jan 30 2017, 2:14 PM
zack mentioned this in T655: tweak HTTP auth for first API public release.Jan 30 2017, 2:46 PM
zack created subtask T655: tweak HTTP auth for first API public release.
zack changed the status of subtask T621: content review for the API doc page from Open to Work in Progress.Jan 30 2017, 4:54 PM
olasd closed subtask T615: set up pg_logical-based master/slave replication for the postgres db as Resolved.Jan 31 2017, 1:03 PM
olasd closed subtask T653: Split the scheduler (rabbitmq) out of the moma virtual machine as Resolved.Jan 31 2017, 1:43 PM
zack closed subtask T621: content review for the API doc page as Resolved.Feb 1 2017, 12:29 PM
olasd changed the status of subtask T655: tweak HTTP auth for first API public release from Open to Work in Progress.Feb 1 2017, 4:25 PM
zack closed subtask T655: tweak HTTP auth for first API public release as Resolved.Feb 1 2017, 5:47 PM
olasd closed subtask T616: rate limiting for anonymous access to the API as Resolved.Feb 2 2017, 10:43 AM
zack closed this task as Resolved.Feb 2 2017, 9:56 PM
zack claimed this task.
zack added a subscriber: zack.

*drum roll*
*tsssss*

gitlab-migration changed the task status from Resolved to Migrated.Oct 19 2022, 5:52 PM
gitlab-migration claimed this task.
gitlab-migration added a subscriber: gitlab-migration.

This task has been migrated to GitLab.

gitlab-migration changed the status of subtask T615: set up pg_logical-based master/slave replication for the postgres db from Resolved to Migrated.Oct 19 2022, 5:52 PM
gitlab-migration changed the status of subtask T618: debian packaging of flask-limiter from Resolved to Migrated.
gitlab-migration changed the status of subtask T653: Split the scheduler (rabbitmq) out of the moma virtual machine from Resolved to Migrated.
gitlab-migration changed the status of subtask T655: tweak HTTP auth for first API public release from Resolved to Migrated.
gitlab-migration changed the status of subtask T616: rate limiting for anonymous access to the API from Resolved to Migrated.Jan 8 2023, 4:20 PM
gitlab-migration changed the status of subtask T621: content review for the API doc page from Resolved to Migrated.
gitlab-migration changed the status of subtask Unknown Object (Maniphest Task) from Resolved to Migrated.
gitlab-migration changed the status of subtask T620: face lift for the API doc page from Resolved to Migrated.Jan 8 2023, 9:56 PM
About · Developer information · Legal