Closed
Bug 930194
Opened 11 years ago
Closed 10 years ago
Add prerequisite checks for MozillaMaintenance Service tests that fail the tests if the build system is not properly configured
Categories
(Toolkit :: Application Update, defect)
Tracking
()
RESOLVED
FIXED
mozilla29
People
(Reporter: bbondy, Assigned: robert.strong.bugs)
References
Details
Attachments
(2 files, 2 obsolete files)
7.11 KB,
patch
|
bbondy
:
review+
robert.strong.bugs
:
checkin+
|
Details | Diff | Splinter Review |
1.12 KB,
patch
|
bbondy
:
review+
|
Details | Diff | Splinter Review |
There may be some talos machines that are misconfigured and MozillaMaintenance service tests would get skipped, and we'd never know. We added the skip originally so that people who run tests locally wouldn't have tests failing by default. rstrong thought of a way around this: Check if the binary is signed, and if so, then fail a test if it will be skipped.
Assignee | ||
Updated•11 years ago
|
Assignee: netzen → robert.bugzilla
Status: NEW → ASSIGNED
Assignee | ||
Comment 1•11 years ago
|
||
Hey Brian, do you know if the test helper binary's check-signature argument works on WinXP? http://mxr.mozilla.org/mozilla-central/source/toolkit/mozapps/update/tests/unit_aus_update/head_update.js#781 Take a look at this recent try run for what I am referring to https://tbpl.mozilla.org/?tree=Try&rev=b8ce1f2bd3d8
Reporter | ||
Comment 2•11 years ago
|
||
I thought it did, but I don't know for sure. That's pretty strange. I'd have to debug on an XP machine to know for sure what's going on. Or maybe modify the binary to output some extra info or return the last error.
Assignee | ||
Comment 3•11 years ago
|
||
If you are busy don't sweat it and I'll take a look when I am able.
Reporter | ||
Comment 4•11 years ago
|
||
I'll get to it soonish :)
Reporter | ||
Comment 5•11 years ago
|
||
Interim update, I installed an XP SP3 VM and setup a dev environment on it. I ran TestAUSHelper.exe check-signature <path> in a debugger, but the VerifyCertificateTrustForFile returns ERROR_SUCCESS. Not sure yet why the XP tests fail.
Assignee: robert.bugzilla → netzen
Reporter | ||
Comment 6•11 years ago
|
||
Is it possible that the CA used to sign the try binaries wasn't manually imported to the XP machines? Or perhaps used to, but is no longer? Everything looks right from my end.
Flags: needinfo?(bhearsum)
Assignee | ||
Comment 7•11 years ago
|
||
I'd like to get these checks in sooner rather than later even if it needs to check for XP for the time being. I've pushed to try to see what else needs to be done. https://tbpl.mozilla.org/?tree=Try&rev=238759f03674
Assignee: netzen → robert.bugzilla
Assignee | ||
Comment 8•11 years ago
|
||
bad patch... trying again https://tbpl.mozilla.org/?tree=Try&rev=7e7fd393b2cd
Assignee | ||
Comment 9•11 years ago
|
||
I'll submit a second patch for the other checks after the XP issue is fixed
Attachment #8337590 -
Attachment is obsolete: true
Attachment #8337688 -
Flags: review?(netzen)
Reporter | ||
Updated•11 years ago
|
Attachment #8337688 -
Flags: review?(netzen) → review+
Comment 10•11 years ago
|
||
(In reply to Brian R. Bondy [:bbondy] from comment #6) > Is it possible that the CA used to sign the try binaries wasn't manually > imported to the XP machines? Or perhaps used to, but is no longer? > Everything looks right from my end. I would be surprised if there's an overall problem, as we haven't touched this in awhile (other than to deploy the new fingerprints for bug 803531). I'll look into this a bit more though.
Flags: needinfo?(bhearsum)
Comment 11•11 years ago
|
||
Looking at t-xp32-ix-045 I see the DigiCert and Mozilla Fake CA certs. AFAICT this machine is set-up correctly, and this is one of the ones running tests in the link from comment #1. Does it look OK to you Brian?
Updated•11 years ago
|
Flags: needinfo?(netzen)
Reporter | ||
Comment 12•11 years ago
|
||
I'm not actually concerned with the registry info being correct, but with the fake ca cert being imported manually for the same user that runs the tests. Could it be possible the root issuer wasn't imported into the certificate store for the user that runs the tests? (system account + user)
Flags: needinfo?(netzen) → needinfo?(bhearsum)
Comment 13•11 years ago
|
||
(In reply to Brian R. Bondy [:bbondy] from comment #12) > I'm not actually concerned with the registry info being correct, but with > the fake ca cert being imported manually for the same user that runs the > tests. Could it be possible the root issuer wasn't imported into the > certificate store for the user that runs the tests? (system account + user) Ah, I see. It looks like they are missing =(. Filed bug 942847 for this.
Flags: needinfo?(bhearsum)
Reporter | ||
Comment 14•11 years ago
|
||
Glad we tracked it down, thanks for looking into it so fast :)
Assignee | ||
Updated•11 years ago
|
Summary: Add a test that fails if MozillaMaintenance Service tests are skipped but binaries are signed → Add prerequisite checks for MozillaMaintenance Service tests that fail the tests
Assignee | ||
Updated•11 years ago
|
Summary: Add prerequisite checks for MozillaMaintenance Service tests that fail the tests → Add prerequisite checks for MozillaMaintenance Service tests that fail the tests if the build system is not properly configured
Assignee | ||
Comment 15•11 years ago
|
||
Comment on attachment 8337688 [details] [diff] [review] 1. patch - add initial checks Pushed part 1 to fx-team https://hg.mozilla.org/integration/fx-team/rev/af7b718037b5
Attachment #8337688 -
Flags: checkin+
Assignee | ||
Updated•11 years ago
|
Whiteboard: [leave open]
Assignee | ||
Comment 17•10 years ago
|
||
throw when DISABLE_UPDATER_AUTHENTICODE_CHECK is not defined and the binaries aren't signed. Bug 942847 should be fixed now but the machines have to reboot for the fix to take affect. I'll throw this at try tomorrow.
Assignee | ||
Comment 18•10 years ago
|
||
Pushed to try https://tbpl.mozilla.org/?tree=Try&rev=8258cd79ddd9
Assignee | ||
Comment 19•10 years ago
|
||
Comment on attachment 8355397 [details] [diff] [review] 2. final checks I'll wait until next week to land this to give the machines a chance to reboot.
Attachment #8355397 -
Flags: review?(netzen)
Assignee | ||
Updated•10 years ago
|
Attachment #8337730 -
Attachment is obsolete: true
Reporter | ||
Updated•10 years ago
|
Attachment #8355397 -
Flags: review?(netzen) → review+
Assignee | ||
Comment 20•10 years ago
|
||
Pushed to mozilla-inbound https://hg.mozilla.org/integration/mozilla-inbound/rev/046258beb928
Flags: in-testsuite+
Whiteboard: [leave open]
Target Milestone: --- → mozilla29
Comment 21•10 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/046258beb928
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•