The default bug view has changed. See this FAQ.

MoFo Security Announcement git repo can become unstable

RESOLVED FIXED

Status

www.mozilla.org
Bedrock
RESOLVED FIXED
2 years ago
2 years ago

People

(Reporter: pmac, Assigned: pmac)

Tracking

Production

Firefox Tracking Flags

(Not tracked)

Details

(Assignee)

Description

2 years ago
Let's figure out why and make sure it doesn't happen again.
(Assignee)

Comment 1

2 years ago
It looks like maybe someone rebased and force-pushed to master in the foundation-security-advisories repo. Do you know if that's the case Al? Doing a rebase or amending a commit that already exists in master will mess up anyone else that has the repo cloned, including the production server. Assuming this was the issue, we should be able to just not do that again. There's not much I can do about this. Doing a force-push to master will break everything. If things are broken, you just need to fix it in a new commit and push that.

If that didn't happen, then we need to do some more research.
Flags: needinfo?(abillings)
While looking at things locally, I saved (but did not commit) a change to -91. I discarded the change and rolled back to the previous commit from the repo. This was *after* -90 and -91 were not showing up on the live site. 

I did fix -90 not showing by removing a linefeed from the metadata for the title (before I did any other changes) and pushed it, causing -90 to appear. 

After that I edited -91, realized I'd saved a bad change locally, and rolled my repo back to discard the change in -91. None of those changes were ever committed to github and only occurred after -91 wasn't appearing in the first place, so that would not explain why -91 never appeared on Monday morning.

I don't know if a local discard by rolling the local repo back to discard changes would somehow rebase things. I didn't do do any commits except the one that fixed -90 after my initial advisory checkin. 

My log only shows two commits:

commit c7aa17d119319e3f5e554c6581357d00475aa860
Author: Al Billings <albill@AlRetina.local>
Date:   Mon Dec 1 09:16:33 2014 -0800

    Fixing line wrap in title in -90

commit 20c30fd00714dc46ec87e7a53a093479c260e611
Author: Al Billings <albill@AlRetina.local>
Date:   Mon Dec 1 08:40:57 2014 -0800

    Firefox 34.0.5 security advisories

So I don't think I'm the one that rebased and force-pushed to master.
Flags: needinfo?(abillings)
(Assignee)

Comment 3

2 years ago
I'm not sure either. I don't have the repo as it existed before and after the change, and I don't think there's any push log I can inspect from github. Some kind of a thing that changed SHAs and a force push was my only guess, but it could be something else. I'll keep looking. Thanks for the info.
(Assignee)

Comment 4

2 years ago
I'm not really able to further diagnose this until/unless it happens again. Closing this for now, but we should reopen if/when we see this again.
Status: NEW → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → WORKSFORME
(Assignee)

Comment 5

2 years ago
Happened again, but I think we've figured it out. Hopefully this new PR[0] will fix it.

[0] https://github.com/mozilla/bedrock/pull/2649
Assignee: nobody → pmac
Status: RESOLVED → REOPENED
Resolution: WORKSFORME → ---

Comment 6

2 years ago
Commits pushed to master at https://github.com/mozilla/bedrock

https://github.com/mozilla/bedrock/commit/face84ea09b7beaecd766832d74ab9c62e219c1e
Fix bug 1106845: Move security advisories repo outside of bedrock repo.

https://github.com/mozilla/bedrock/commit/12630241710e87f3206c8f3b1a2ebb347e5abd2b
Merge pull request #2649 from pmclanahan/move-security-advisories-repo-deployment

Fix bug 1106845: Move security advisories repo outside of bedrock repo.

Updated

2 years ago
Status: REOPENED → RESOLVED
Last Resolved: 2 years ago2 years ago
Resolution: --- → FIXED
(Assignee)

Comment 7

2 years ago
I believe this is fixed, and we should see the new advisories on the site in the next ~15 min.
(Assignee)

Comment 8

2 years ago
Hey! It worked! https://www.mozilla.org/en-US/security/advisories/
You need to log in before you can comment on or make changes to this bug.