We should not sign a file if the signing failed, for whatever reason (eg: the signing server is down). We should halt the flow at that point.
I meant "we should not review a file if the signing failed". The signing is done when the review is made, so if a file is reviewed, so we should rather fail the review entirely.
PR: https://github.com/mozilla/olympia/pull/524 The STR are simple... but I'm not sure if they're doable: I think it'll need an ops help to either take the signing endpoint down, or simply configure wrong ones so the post to the signing endpoint fails: 1/ submit a new addon, a new version, or a new file 2/ make sure the signing endpoints are not working 3/ review the addon: it should try signing the file, and fail (and show a "oops" page, at least that's what's done in the current iteration) 4/ if you go back to the review queue, the addon should still be there to be reviewed, and the the signing endpoint is "fixed", it should be reviewable (and will sign it this time) If it's too complicated to QA, I can simply mark the bug as [qa-]
The steps are not complicated but we would need help with the step 2. Who should we talk to to help us with the step 2?
Maybe :jason can help with that? Or I can mark the bug as [qa-]
(In reply to Madalin Cotetiu from comment #4) > The steps are not complicated but we would need help with the step 2. Who > should we talk to to help us with the step 2? Ping me on IRC and I can block/break the signing service on -dev for testing.
First part seems to work, i get an oops error after trying to approve, the issue is that the add-on is really approved Screencast: http://screencast.com/t/Qx9tjHISU Reopening.
Verified as fixed in FF38(Win7) in addons-dev.allizom.org Postfix screencast with the services blocked: http://screencast.com/t/vSc0xSeGFcN After turning them on: http://screencast.com/t/7sOWfP8X3qBL Also the file is signed after the approval Closing bug.