Closed Bug 1156333 Opened 9 years ago Closed 9 years ago

Don't review a file if its signing failed

Categories

(addons.mozilla.org Graveyard :: Admin/Editor Tools, defect)

Product:
addons.mozilla.org Graveyard
Component:
Admin/Editor Tools
Platform:
x86
macOS
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
VERIFIED FIXED
Milestone:
2015-05

People

(Reporter: magopian, Assigned: magopian)

References

Details

We should not sign a file if the signing failed, for whatever reason (eg: the signing server is down).

We should halt the flow at that point.
Blocks: 1070153
I meant "we should not review a file if the signing failed". The signing is done when the review is made, so if a file is reviewed, so we should rather fail the review entirely.
PR: https://github.com/mozilla/olympia/pull/524

The STR are simple... but I'm not sure if they're doable: I think it'll need an ops help to either take the signing endpoint down, or simply configure wrong ones so the post to the signing endpoint fails:
1/ submit a new addon, a new version, or a new file
2/ make sure the signing endpoints are not working
3/ review the addon: it should try signing the file, and fail (and show a "oops" page, at least that's what's done in the current iteration)
4/ if you go back to the review queue, the addon should still be there to be reviewed, and the the signing endpoint is "fixed", it should be reviewable (and will sign it this time)

If it's too complicated to QA, I can simply mark the bug as [qa-]
Fixed in https://github.com/mozilla/olympia/commit/8d6f0ba353a5eabe236a16c88b1371e8d6bd0389
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
The steps are not complicated but we would need help with the step 2. Who should we talk to to help us with the step 2?
Flags: needinfo?(mathieu)
Maybe :jason can help with that? Or I can mark the bug as [qa-]
Flags: needinfo?(mathieu) → needinfo?(jthomas)
(In reply to Madalin Cotetiu from comment #4)
> The steps are not complicated but we would need help with the step 2. Who
> should we talk to to help us with the step 2?

Ping me on IRC and I can block/break the signing service on -dev for testing.
Flags: needinfo?(jthomas)
First part seems to work, i get an oops error after trying to approve, the issue is that the add-on is really approved
Screencast: http://screencast.com/t/Qx9tjHISU
Reopening.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Fixed in https://github.com/mozilla/olympia/pull/562
Status: REOPENED → RESOLVED
Closed: 9 years ago9 years ago
Resolution: --- → FIXED
Verified as fixed in FF38(Win7) in addons-dev.allizom.org
Postfix screencast with the services blocked: http://screencast.com/t/vSc0xSeGFcN
After turning them on: http://screencast.com/t/7sOWfP8X3qBL
Also the file is signed after the approval 
Closing bug.
Status: RESOLVED → VERIFIED
Product: addons.mozilla.org → addons.mozilla.org Graveyard
You need to log in before you can comment on or make changes to this bug.