Don't review a file if its signing failed

VERIFIED FIXED in 2015-05

Status

addons.mozilla.org Graveyard
Admin/Editor Tools
VERIFIED FIXED
3 years ago
2 years ago

People

(Reporter: magopian, Assigned: magopian)

Tracking

unspecified
2015-05
x86
Mac OS X

Details

(Assignee)

Description

3 years ago
We should not sign a file if the signing failed, for whatever reason (eg: the signing server is down).

We should halt the flow at that point.
(Assignee)

Updated

3 years ago
Blocks: 1070153
(Assignee)

Comment 1

3 years ago
I meant "we should not review a file if the signing failed". The signing is done when the review is made, so if a file is reviewed, so we should rather fail the review entirely.
(Assignee)

Comment 2

3 years ago
PR: https://github.com/mozilla/olympia/pull/524

The STR are simple... but I'm not sure if they're doable: I think it'll need an ops help to either take the signing endpoint down, or simply configure wrong ones so the post to the signing endpoint fails:
1/ submit a new addon, a new version, or a new file
2/ make sure the signing endpoints are not working
3/ review the addon: it should try signing the file, and fail (and show a "oops" page, at least that's what's done in the current iteration)
4/ if you go back to the review queue, the addon should still be there to be reviewed, and the the signing endpoint is "fixed", it should be reviewable (and will sign it this time)

If it's too complicated to QA, I can simply mark the bug as [qa-]
(Assignee)

Comment 3

3 years ago
Fixed in https://github.com/mozilla/olympia/commit/8d6f0ba353a5eabe236a16c88b1371e8d6bd0389
Status: NEW → RESOLVED
Last Resolved: 3 years ago
Resolution: --- → FIXED

Comment 4

3 years ago
The steps are not complicated but we would need help with the step 2. Who should we talk to to help us with the step 2?
Flags: needinfo?(mathieu)
(Assignee)

Comment 5

3 years ago
Maybe :jason can help with that? Or I can mark the bug as [qa-]
Flags: needinfo?(mathieu) → needinfo?(jthomas)
(In reply to Madalin Cotetiu from comment #4)
> The steps are not complicated but we would need help with the step 2. Who
> should we talk to to help us with the step 2?

Ping me on IRC and I can block/break the signing service on -dev for testing.
Flags: needinfo?(jthomas)

Comment 7

3 years ago
First part seems to work, i get an oops error after trying to approve, the issue is that the add-on is really approved
Screencast: http://screencast.com/t/Qx9tjHISU
Reopening.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
(Assignee)

Comment 8

3 years ago
New PR: https://github.com/mozilla/olympia/pull/562
(Assignee)

Comment 9

3 years ago
Fixed in https://github.com/mozilla/olympia/pull/562
Status: REOPENED → RESOLVED
Last Resolved: 3 years ago3 years ago
Resolution: --- → FIXED

Comment 10

3 years ago
Verified as fixed in FF38(Win7) in addons-dev.allizom.org
Postfix screencast with the services blocked: http://screencast.com/t/vSc0xSeGFcN
After turning them on: http://screencast.com/t/7sOWfP8X3qBL
Also the file is signed after the approval 
Closing bug.
Status: RESOLVED → VERIFIED
Product: addons.mozilla.org → addons.mozilla.org Graveyard
You need to log in before you can comment on or make changes to this bug.