[tor-bugs] #24174 [Metrics/ExoneraTor]: Use an embedded Jetty in ExoneraTor

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Nov 14 16:36:43 UTC 2017 

#24174: Use an embedded Jetty in ExoneraTor
--------------------------------+-----------------------------
 Reporter:  iwakeh              |          Owner:  iwakeh
     Type:  enhancement         |         Status:  merge_ready
 Priority:  Medium              |      Milestone:
Component:  Metrics/ExoneraTor  |        Version:
 Severity:  Normal              |     Resolution:
 Keywords:  metrics-2017        |  Actual Points:
Parent ID:                      |         Points:
 Reviewer:                      |        Sponsor:
--------------------------------+-----------------------------
Changes (by karsten):

 * status:  needs_revision => merge_ready


Comment:

 Replying to [comment:15 iwakeh]:
 > Replying to [comment:14 karsten]:
 > > Looks good and works locally!
 >
 > Good, I assume all db access works fine now.
 >
 > > Some comments/questions:
 > >  - Can we use `metrics` and `password` as defaults in
 `src/main/resources/jetty.xml`? That should be as simple as writing
 `<SystemProperty name="exonerator.db.user" default="metrics"/ >` and
 `<SystemProperty name="exonerator.db.pw" default="password"/ >`. Just in
 case somebody uses those defaults locally for testing, that is.
 >
 > That means, you want your private test environment configuration in
 development code ;-)

 Asking for a friend! ;)

 > I don't feel strongly about it.  Add them, if you like.  Just be aware
 that people looking at the code might think they discovered Tor's secret
 db credentials ;-)

 Well, without defaults, these are mandatory arguments, not options. I
 think it's fair to assume some default values, even if they are not what
 we'd use in a production environment.

 > But, actually, this is part of a bigger discussion cf. my comment to
 #24041 about 'unifying deployment configuration'.  Let's rather continue
 the configuration discussion there.

 Good idea!

 > >  - Is there a particular reason why you suggest bumping to 2.0.0 and
 not 1.1.0? For the Java 8 update we also made a minor version bump.
 Nothing backward-incompatible going on here, right?
 >
 > Isn't it a major change to move away from external tomcat?  The
 deployment changes completely.

 Alright. 2.0.0 it is.

 > >  - Out of curiousity, what's the full command line that you're using
 to start the JAR and the WAR file? Mine is pretty long, and I'm curious
 whether that's just for me or for everyone. Maybe we can start thinking
 about configuration libraries (#24041) after this ticket?
 >
 > Deployment example:
 > `java -Dexonerator.db.user=secretuser -Dexonerator.db.pw=secret -jar
 exonerator-1.0.0-dev.war`
 >
 > Test w/o db:
 > `java -Dexonerator.url=http://127.0.0.1:8080 -jar exonerator-dummy-
 test.war`
 >
 > I did comment on #24041 and I'm not in favor of long command lines (they
 are better than hard-coded parameters), but that's a different ticket.

 Thanks! Let's discuss this more on #24041.

 Alright, I'll add defaults and merge either tonight or tomorrow.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24174#comment:16>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list