Restore conservative configuration #5759
Conversation
There was a problem hiding this comment.
Test plan passes for SESSION_EXPIRATION_MINUTES and locale config settings, fails with numerous errors for other config settings. For some of them it should fail (like SCRYPT_*, there should never be default values for those.) Testing scope might need to be narrowed.
securedrop/tests/test_config.py
Outdated
|
|
||
| from sdconfig import SDConfig | ||
|
|
||
| SDConfig() |
There was a problem hiding this comment.
Looks like this breaks subsequent tests that rely on the removed attributes.
There was a problem hiding this comment.
yeah, added another reload at the end, which resolved it with a subset locally.
|
I should have written that the dev server should start without errors thrown from |
Bring back the try/except blocks needed to support long-running instance configurations that may lack newer attributes.
There was a problem hiding this comment.
Tested the changes in a staging server, from a 1.6.0 instance (with SESSION_EXPIRATION_MINUTES removed from config.py. Upon upgrading to 1.7.0, observed the error at upgrade time (and 500 on source interface):
File "<frozen importlib._bootstrap_external>", line 665, in exec_module
File "<frozen importlib._bootstrap>", line 222, in _call_with_frames_removed
File "/var/www/securedrop/alembic/versions/3da3fcab826a_delete_orphaned_submissions.py", line 18, in <module>
from journalist_app import create_app
File "/var/www/securedrop/journalist_app/__init__.py", line 13, in <module>
import i18n
File "/var/www/securedrop/i18n.py", line 32, in <module>
from sdconfig import SDConfig
File "/var/www/securedrop/sdconfig.py", line 98, in <module>
config = SDConfig() # type: SDConfig
File "/var/www/securedrop/sdconfig.py", line 42, in __init__
self.SESSION_EXPIRATION_MINUTES = _config.SESSION_EXPIRATION_MINUTES # type: int
AttributeError: module 'config' has no attribute 'SESSION_EXPIRATION_MINUTES'
dpkg: error processing package securedrop-app-code (--configure):
subprocess installed post-installation script returned error exit status 1
Errors were encountered while processing:
securedrop-app-code
E: Sub-process /usr/bin/dpkg returned an error code (1)
Cannot start "/usr/sbin/sendmail": executable not found (adjust *sendmail* variable)
"/root/dead.letter" 1197/65704
... message not sent
root@app-staging:/var/www/securedrop# apt list --installed | grep securedrop-app-code
After running cron-apt on a local apt server with the changes in this branch, I can confirm this resolves the issue, and the source no longer returns 500 and accepts submissions.
Deferring to @zenmonkeykstop for final review, but good to merge for 1.7.1, from my perspective, once CI passes
Status
Ready for review
Description of Changes
Fixes #5757.
Bring back the try/except blocks needed to support long-running instance configurations that may lack newer attributes.
Testing
make test-configSESSION_EXPIRATION_MINUTESmake devThe dev server should start without errors.
Deployment
This should be restoring the conservative configuration handling used in 1.6.0 and earlier.
Checklist
If you made changes to the server application code:
make lint) and tests (make test) pass in the development containerIf you made non-trivial code changes: