Closed
Bug 873600
Opened 11 years ago
Closed 11 years ago
Update pre-existing packages ids.json to match device naming
Categories
(Marketplace Graveyard :: General, defect, P1)
Tracking
(Not tracked)
RESOLVED
FIXED
2013-05-30
People
(Reporter: robhudson, Assigned: ashort)
References
Details
(Whiteboard: p=2, A4A)
See bug 870920. We need a way to update all existing packages and update their META-INF/ids.json file to match the keys used on device side. One thought I had was to remove the code that adds this file upon submission and do it pre-signing (assuming signing takes this file into account, otherwise we can do it post-signing while we're already writing META-INF files). Then we can remove all reviewer signed packages and re-sign all publicly signed packages (which we have a script for).
Reporter | ||
Comment 1•11 years ago
|
||
Ryan: Since ids.json is inside META-INF/ does it get used as part of the file's signature? IOW, can I add that file after signing and not break verification?
Flags: needinfo?(rtilder)
Reporter | ||
Comment 2•11 years ago
|
||
The META-INF/ids.json file is inside the manifest.mf which I'm pretty certain means it affects the package signature. So we need to include the ids.json prior to signing.
Flags: needinfo?(rtilder)
Reporter | ||
Comment 3•11 years ago
|
||
Alan: Can you take this on? My thought was to move the `inject_ids` call, which currently happens during packaged app submission, to the pre-signing step. Once done we can re-sign all the public apps and not need an extra script, which may also come in handy later. Note: This needs to handle cases where there is no META-INF/ids.json file (new packages) and cases where that file already exists (old packages).
Assignee: nobody → ashort
Reporter | ||
Updated•11 years ago
|
Priority: -- → P1
Whiteboard: p=2
Reporter | ||
Updated•11 years ago
|
Target Milestone: --- → 2013-05-23
Assignee | ||
Comment 4•11 years ago
|
||
https://github.com/washort/zamboni/commit/6db3f07
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Reporter | ||
Comment 5•11 years ago
|
||
For QA on -dev: Try to install this app: https://marketplace-dev.allizom.org/app/simple-calculator It should fail with an INVALID_IDS_JSON error (iirc). Run this on -dev: ./manage.py --settings=settings_local_mkt sign_apps --webapps=428684 Try to install again to see if the ids.json file was fixed properly.
Comment 6•11 years ago
|
||
I keep hitting reinstall_forbidden for packaged apps on dev even after a fresh install. So, i'm blocked from verifying this bug on -dev
Updated•11 years ago
|
Whiteboard: p=2 → p=2, A4A
Reporter | ||
Comment 7•11 years ago
|
||
We found an issue with the script after further testing. We'll need to fix before running on prod. Unfortunately this misses our push for today. The issue is the re-signing script mistakenly adds multiple META-INF/ids.json files. I believe this then triggers a signing error when we pass it to the signing server. Regardless this is the wrong behavior and we'll fix before running on any packaged apps on production machines.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Comment 8•11 years ago
|
||
Are you sure this isn't running on prod now? I'm getting signing errors (INVALID_SIGNATURE) and the zips I've downloaded have multiple ids.json in the META-INF folder.
Reporter | ||
Comment 9•11 years ago
|
||
(In reply to Andrew Williamson [:eviljeff] from comment #8) > Are you sure this isn't running on prod now? > > I'm getting signing errors (INVALID_SIGNATURE) and the zips I've downloaded > have multiple ids.json in the META-INF folder. You're right, it is. I was only considering if we run it as part of our "re-signing" script. We're planning a 2 stage fix... (1) to sign and re-sign packages regardless of if it already has ids.json file(s), and (2) a clean up script to strip ids.json files from existing uploaded zip packages. (2) isn't needed for (1) to work correctly, but we don't want those showing up if a dev re-downloads their original zip or showing up in the file viewer.
Reporter | ||
Comment 10•11 years ago
|
||
Reverted the prior patch (in comment 4) since we've discovered problems in prod: https://github.com/mozilla/zamboni/commit/46a0b76
Updated•11 years ago
|
Target Milestone: 2013-05-23 → ---
Assignee | ||
Comment 11•11 years ago
|
||
https://github.com/washort/zamboni/commit/417d95d https://github.com/washort/zamboni/commit/f606174 https://github.com/washort/zamboni/commit/ceeabbf
Status: REOPENED → RESOLVED
Closed: 11 years ago → 11 years ago
Resolution: --- → FIXED
Target Milestone: --- → 2013-05-30
Comment 12•11 years ago
|
||
(In reply to Rob Hudson [:robhudson] from comment #5) > For QA on -dev: > > Try to install this app: > https://marketplace-dev.allizom.org/app/simple-calculator > > It should fail with an INVALID_IDS_JSON error (iirc). > > Run this on -dev: > ./manage.py --settings=settings_local_mkt sign_apps --webapps=428684 > > Try to install again to see if the ids.json file was fixed properly. Installing simple calculator on -dev works just fine. Did we run the script on -dev already?
Assignee | ||
Comment 13•11 years ago
|
||
Rob did run this on -dev already.
Comment 15•11 years ago
|
||
I will mark this bug as verified after testing in prod tomorrow.
Updated•11 years ago
|
Target Milestone: 2013-05-23 → 2013-05-30
Comment 17•11 years ago
|
||
I'm not seeing this is fixed - packaged apps still aren't installing - and the zip files contain duplicate ids.json files - seemingly one from the upload and one from when it was signed. e.g. https://marketplace.firefox.com/reviewers/apps/review/foot-pong https://marketplace.firefox.com/reviewers/apps/review/productivity-generator https://marketplace.firefox.com/reviewers/apps/review/germanhelp
Severity: normal → major
Flags: needinfo?(ashort)
Comment 18•11 years ago
|
||
This is all fixed now, right?
Comment 19•11 years ago
|
||
I was able to install successfully the following packaged apps: KitchenSink, Poppit, Terra and Calculator Test device info: Leo Gecko http://hg.mozilla.org/releases/mozilla-b2g18/rev/4f318822e72c Gaia e1c59baed29e4665d1da9392f86239272073f07a Build 2013-05-31-070205
Comment 20•11 years ago
|
||
From reviewer tools, I'm able to install: https://marketplace.firefox.com/reviewers/apps/review/here-maps-packaged https://marketplace.firefox.com/reviewers/apps/review/battery-status https://marketplace.firefox.com/reviewers/apps/review/speedy-bird https://marketplace.firefox.com/reviewers/apps/review/bubble-hit-1 But not able to install: https://marketplace.firefox.com/reviewers/apps/review/poppit https://marketplace.firefox.com/reviewers/apps/review/notesplus https://marketplace.firefox.com/reviewers/apps/review/kitchensink
Comment 21•11 years ago
|
||
(In reply to Lisa Brewster [:adora] from comment #20) > But not able to install: > https://marketplace.firefox.com/reviewers/apps/review/poppit > https://marketplace.firefox.com/reviewers/apps/review/notesplus > https://marketplace.firefox.com/reviewers/apps/review/kitchensink App updates are still broken. The script only fixed public apps and pending app submissions unfortunately. Rob, is it feasible for the script to be run on pending updates also or are we going to have to contact the developers and ask them to submit again (there were 6 updates last time I Looked)
Flags: needinfo?(ashort) → needinfo?(robhudson.mozbugs)
Reporter | ||
Comment 22•11 years ago
|
||
(In reply to Andrew Williamson [:eviljeff] from comment #21) > Rob, is it feasible for the script to be run on pending updates also or are > we going to have to contact the developers and ask them to submit again > (there were 6 updates last time I Looked) Yep, I could come up with a query to find those. I'll try to do that today and have IT run it.
Flags: needinfo?(robhudson.mozbugs)
Reporter | ||
Comment 23•11 years ago
|
||
(In reply to Rob Hudson [:robhudson] from comment #22) > (In reply to Andrew Williamson [:eviljeff] from comment #21) > > Rob, is it feasible for the script to be run on pending updates also or are > > we going to have to contact the developers and ask them to submit again > > (there were 6 updates last time I Looked) > > Yep, I could come up with a query to find those. I'll try to do that today > and have IT run it. It was run and updated 8 packaged app updates.
Comment 24•11 years ago
|
||
QA - WHen you verify this will you confirm that 859688 is also fixed?
See Also: → 859688
Comment 26•11 years ago
|
||
Worked for me for Distant Orbit, thanks !
You need to log in
before you can comment on or make changes to this bug.
Description
•