Closed Bug 1370952 Opened 7 years ago Closed 6 years ago

Reftest analyzer fails to load testcase

Categories

(Developer Services :: Mercurial: hg.mozilla.org, defect)

Product:
Developer Services
Component:
Mercurial: hg.mozilla.org
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
VERIFIED FIXED

People

(Reporter: botond, Assigned: gps)

References

Details

Attachments

(1 file)

ansible/hg-web: add https://taskcluster-artifacts.net/ to CSP policy (bug 1370952);
59 bytes, text/x-review-board-request
fubar
: review+
sheehan
: review+
Details 
STR:
  Load [1]

  (Alternatively, visit the Try push at [2], select the first "Ru6"
  failure under "Windows 7 opt", and click the "Launch the Reftest
  Analyzer in a new window" button.)

Expected results:

  The Reftest Analyzer renders the testcase.

Actual results:

  The Reftest Analyzer is stuck on "Loading log...".
  The devtools console shows "TypeError: item is undefined"
  coming from [3].

[1] https://hg.mozilla.org/mozilla-central/raw-file/tip/layout/tools/reftest/reftest-analyzer.xhtml#logurl=https://queue.taskcluster.net/v1/task/Msp_2YtORRa8R_atWKXoSA/runs/0/artifacts/public/logs/live_backing.log&only_show_unexpected=1
[2] https://treeherder.mozilla.org/#/jobs?repo=try&revision=0f79dc5500e101058f953985b87e3de4dfd5222d
[3] https://hg.mozilla.org/mozilla-central/file/tip/layout/tools/reftest/reftest-analyzer.xhtml#l252
Just hit this on [1]. Joel, can you resource a fix? The reftest analyzer is a useful tool, especially for intermittents.

[1] https://treeherder.mozilla.org/#/jobs?repo=mozilla-inbound&revision=927dfa701c4057bab166448ff29d673c266bb0da&selectedJob=160731110
Flags: needinfo?(jmaher)
this seems odd, links that used to work are failing now.  When I load any reftest analyzer I get an error in the console:
Content Security Policy: The page’s settings blocked the loading of a resource at https://taskcluster-artifacts.net/DVPBXaoZQme4PzujlH2QkQ/0/public/logs/live_backing.log (“connect-src”).


so either something changed on where we store the artifacts, or https://hg.mozilla.org/mozilla-central has recent changes- I assume sometime in the last week this changed.

:gps- would you know why this might be failing?
Flags: needinfo?(jmaher) → needinfo?(gps)
It looks like hg.mo has a CSP now:
$ curl -LI https://hg.mozilla.org/mozilla-central/raw-file/tip/layout/tools/reftest/reftest-analyzer.xhtml
HTTP/1.1 200 Script output follows
Server: Apache
Content-Type: application/xhtml+xml
Content-Security-Policy: default-src 'none'; connect-src 'self' https://archive.mozilla.org/ https://public-artifacts.taskcluster.net/ https://queue.taskcluster.net/; img-src 'self' data:; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests; frame-ancestors https:
Strict-Transport-Security: max-age=31536000
Date: Tue, 27 Feb 2018 18:58:01 GMT
Access-Control-Allow-Origin: *
Content-Disposition: inline; filename="reftest-analyzer.xhtml"
Connection: Keep-Alive
Content-Length: 25303


This is probably necessary to keep hg.mo from being an attack vector. We could presumably host reftest-analyzer on an actual static webhost.
could we add https://taskcluster-artifacts.net to the connect-src line?  I am not sure who controls hg.m.o

Otherwise, we will need to find a way to host this- maybe as part of treeherder.  Since I see so many other related domains in the connect-src, I would like to pursue adding one more.
We have a global CSP setting on hg.mo for security reasons. There's an exception for reftest analyzer. The custom CSP header is baked into the hg.mo server configs. So we need to update the hg.mo server config.
Component: Reftest → Mercurial: hg.mozilla.org
Flags: needinfo?(gps)
Product: Testing → Developer Services
Version: Version 3 → unspecified
Comment on attachment 8954525 [details]
ansible/hg-web: add https://taskcluster-artifacts.net/ to CSP policy (bug 1370952);

https://reviewboard.mozilla.org/r/223582/#review229880
Attachment #8954525 - Flags: review?(klibby) → review+
(In reply to Joel Maher ( :jmaher) (UTC-5) from comment #4)
> Otherwise, we will need to find a way to host this- maybe as part of treeherder.

For prior discussion on this see bug 1200501 (in particular bug 1200501 comment 23).
Comment on attachment 8954525 [details]
ansible/hg-web: add https://taskcluster-artifacts.net/ to CSP policy (bug 1370952);

https://reviewboard.mozilla.org/r/223582/#review230790
Attachment #8954525 - Flags: review?(sheehan) → review+
Pushed by cosheehan@mozilla.com:
https://hg.mozilla.org/hgcustom/version-control-tools/rev/92c5b13c3b88
ansible/hg-web: add https://taskcluster-artifacts.net/ to CSP policy ; r=fubar,sheehan
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → FIXED
Has this been deployed? Clicking on the reftest analyzer button on reftest failures in treeherder still doesn't work.
Assignee: nobody → gps
Flags: needinfo?(gps)
It wasn't deployed until a few hours ago. And I had to bounce the server processes for the change to take effect. The change should now be live.

Sorry for the delay. Connor and I were both at the Mercurial developer meetup this weekend and were pretty much out of touch since Thursday.
Flags: needinfo?(gps)
I confirmed that this works for me now. Marking as "Verified".
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: