Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adds Upgrade scenario boxes for 0.12.0 (Trusty) #4215

Merged
merged 4 commits into from
Mar 6, 2019

Conversation

conorsch
Copy link
Contributor

@conorsch conorsch commented Mar 1, 2019

Status

Work in progress.

Description of Changes

Built new Trusty 0.12.0 boxes for upgrade scenario. They're uploaded, but I haven't tested them yet. Further changes will be required to prepare and upload Xenial-based 0.12.0 boxes. Would prefer to handle those changes in a separate PR.

Changes proposed in this pull request:

  • Created and pushed (to S3) new base boxes for the "upgrade" testing scenario (so far Trusty only)
  • Reorganized the path/metadata logic in the box building somewhat, to accommodate for different platforms

Prior to merge, these changes should be rebased on top of latest develop. Note that as specified in the box maintenance docs (https://docs.securedrop.org/en/release-0.12.0/development/upgrade_testing.html#updating-the-base-boxes-used-for-upgrade-testing) I checked out the 0.12.0 tag in order to build these boxes, but I branched from that tag in order to write these commits, for the per-platform logic. Technically the mv operations documented in the manual steps are no longer required, and can be removed. The manual JSON updates are still required, although I'd prefer to automate those at a later date, as well.

Testing

  1. Run make upgrade-start
  2. Confirm boxes pull successfully
  3. Confirm boxes are running 0.12.0.

Deployment

Any special considerations for deployment? Consider both:

  1. Upgrading existing production instances.
  2. New installs.

Checklist

If you made changes to the server application code:

  • Linting (make ci-lint) and tests (make -C securedrop test) pass in the development container

If you made changes to securedrop-admin:

  • Linting and tests (make -C admin test) pass in the admin development container

If you made changes to the system configuration:

If you made non-trivial code changes:

  • I have written a test plan and validated it for this PR

If you made changes to documentation:

  • Doc linting (make docs-lint) passed locally

@zenmonkeykstop
Copy link
Contributor

Test plan as given fails, because there are no local debs to push to the apt server. Rerunning with make build-debs before make upgrade-start.

@zenmonkeykstop
Copy link
Contributor

Tested as follows on Ubuntu 18.04, Vagrant 2.2.2, libvirt 4.0.0:

  • Checked out branch, ran:
make build-debs
make upgrade-start

Confirmed that Source Interface at address in molecule output is up, and that the version in the footer and in /metadata is 0.12.0. OS version in /metadata is 14.04.

Conor Schaefer added 4 commits March 6, 2019 08:43
Storing the version string and platform directly in the box filename
now. The docs for maintaining the "upgrade" boxes have long included
a manual step to rename files with the version number; that's now
done automatically.

The addition of the platform in the filename is required to support
multiplatforms, specifically Trusty & Xenial. Eventually we'll drop
support for Trusty altogether, but for now we must maintain both.
The prepare-servers role was added to the main prod/staging playbooks,
but wasn't added to the derivative playbook used for building the
"upgrade" Vagrant boxes. Ideally we'd have all role includes
conditionally set, so that we can reuse the same playbook in all
contexts and disable specific roles via vars per scenario.
Updated the metadata references for the "upgrade" Trusty boxes
to include the platform explicitly, since we plan to add Xenial
boxes for use in "upgrade" testing for 0.12.0, as well.
Used the standard procedure to generate the base boxes, but
updated the metadata references to reference the platform explicitly,
since we plan to add Xenial boxes for use in "upgrade" testing for
0.12.0, as well.

Unsure if this is sufficient change; we may have to update the metadata
stored inside the .box file as part of the packaging process, as well.
@conorsch conorsch force-pushed the upgrade-boxes-for-0.12.0-trusty branch from c439e89 to cd0b172 Compare March 6, 2019 16:43
@conorsch
Copy link
Contributor Author

conorsch commented Mar 6, 2019

Thanks for testing, @zenmonkeykstop. I've rebased these changes on top of latest develop (21fcf15). Opened #4237 to track creating Xenial upgrade boxes for 0.12.0 (and beyond).

Copy link
Contributor

@emkll emkll left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, after running make upgrade-start on this branch

  • Confirm boxes pull successfully
  • Confirm boxes are running 0.12.0.
  • make upgrade-test-local upgrades the box to 0.13.0~rc1 🎉

@codecov-io
Copy link

Codecov Report

Merging #4215 into develop will decrease coverage by 0.07%.
The diff coverage is n/a.

Impacted file tree graph

@@             Coverage Diff             @@
##           develop    #4215      +/-   ##
===========================================
- Coverage    84.79%   84.72%   -0.08%     
===========================================
  Files           43       43              
  Lines         2782     2782              
  Branches       303      303              
===========================================
- Hits          2359     2357       -2     
- Misses         355      356       +1     
- Partials        68       69       +1
Impacted Files Coverage Δ
securedrop/securedrop/crypto_util.py 94.73% <0%> (-1.76%) ⬇️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 21fcf15...cd0b172. Read the comment docs.

@emkll emkll merged commit 89836b7 into develop Mar 6, 2019
@emkll emkll deleted the upgrade-boxes-for-0.12.0-trusty branch March 6, 2019 18:48
@conorsch conorsch mentioned this pull request Mar 21, 2019
16 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants