Project: tooltool/api

Url:production, staging
Papertrail:production, staging
Sentry:production, staging
Heroku:production, staging
Database (PostreSQL):
 production, staging
Contact:Rok Garbas, (backup Release Engineering)

Some of the jobs in the RelEng infrastructure make use of generic binary artifacts, which are stored in dedicated artifacts repositories (S3 buckets). tooltool/api application provides an interface to those artifacts repositories.


In case of an incident this five steps that should help you narrow down the problem.

  1. Look at Heroku metrics to get birds view on the running application.
  2. There might be some problems with Heroku. Make sure to also check their status page
  3. Check if there is any unsual high count of errors collected in Sentry.
  4. To see more logs (from the past) look at Papertrail.
  5. Sometimes restarting an application might solve the issue (at least temporary). Once you restart the application also verify that it is working correctly (follow instructions below).


tooltool/api is a Flask application deployed to Heroku. Please follow the Heroku deployment guide how to manually deploy hotfixes.

The architecture

blockdiag tooltool/api on Heroku PostgreSQL TARGET: Heroku

Is ToolTool working correctly?

To test and verify that tooltool/api is running correctly please follow the following steps:

  1. Select which environement (production or staging).

    For production:

    $ export URL=

    For staging:

    $ export URL=
  2. Known public sha512 should redirect (return code: 302)

    $ curl $URL/sha512/f93a685c8a10abbd349cbef5306441ba235c4cbfba1cc000299e11b58f258e9953cbe23463515407925eeca94c3f5d8e5f637c95be387e620845efa43cdcb0c0
    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
    <p>You should be redirected automatically to target URL: <a href="..."></a>.  If not click the link.%
  3. Known private sha512 should stay protected (return code: 403)

    $ curl $URL/sha512/06a1cf7b1918ffd94210e8089cf48985fbf9af95f15cd9dd5007df76b934c2b825147334ba176c3f19a9f7d86585c58e017bc23a606e8831872c8b40560be874
       "detail": "You don't have the permission to access the requested resource. It is either read-protected or not readable by the server.",
       "instance": "about:blank",
       "status": 403,
       "title": "403 Forbidden: You don't have the permission to access the requested resource. It is either read-protected or not readable by the server.",
       "type": "about:blank"
  4. Unknown sha512 should return invalid error (return code: 400)

    $ curl $URL/sha512/invalid
      "detail": "Invalid sha512 digest",
      "instance": "about:blank",
      "status": 400,
      "title": "400 Bad Request: Invalid sha512 digest",
      "type": "about:blank"


To start developing tooltool/api you would need to:

  1. Install all requirements and read through general guide how to contribute.

  2. Read through python projects guide, how python projects are structured and how to add/update dependencies to a project.

  3. And last you will have to read about conventions we use to write REST endpoints using Flask.

    It is important to know that tooltool/api uses the following Flask extensions: