A customer is DOSing the server with an CI infinite loop. They are working on stopping it now but I don't have a timeline when it will be fixed. It's subsided a bit as I've manually blocked the following IP ranges:

34.*
35.*
54.*
52.*

But if any customers are in those ranges, they'll be caught too. Unfortunately this CI service is distributed, using dozens of machines and IP addresses so I can't easily block 5-10 individual IPs or even smaller subnets.

Thanks for the update. We're starting to see some builds go through, at least after several retries.

Assuming the issue continues to persist, is there any recommended way to bypass the gem server in our builds?

Vendor the gem. A gem is just ruby code unpacked into a directory on your disk.

@mperham The status page https://status.sidekiq.org/ seems to indicate everything is good. Perhaps this could be updated so we know when to try restarting our builds again?

My monitoring shows the server is back to normal now, as of 10:45 Pacific.

@mperham Are the IP ranges above still blocked?

Everything seems to be back up now.

Can you please let us know when you'll remove the Blocks. We fall within that 54.* (and I think a lot of AWS does too, at least us-east-1)

@jimiray No, I've switched the server back to one without IP blocks.

Ok, customer reports their CI is disabled now until the service is fixed. I will look into adding an emergency Cloudflare cached mode to handle DDOSes in the future.

3597

Thanks for resolving this!

Just for future reference -- is it within the terms of our license to vendor the gem on an ongoing basis to reduce the need for this dependency in our build process?

It's absolutely within the license. As long as your subscription is active, you can cache/vendor the code for resiliency.

Awesome, thanks so much.

Server is down again. How exactly do you vendor a gem? @mperham