Closed Bug 950784 Opened 11 years ago Closed 10 years ago

Need automatic hsts preload list updates on any branches based on Gecko 18 and later

Categories

(Release Engineering :: General, defect)

Product:
Release Engineering
Component:
General
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: keeler, Assigned: RyanVM)

Details

Attachments

(2 files, 1 obsolete file)

enable hsts updates on b2g branches >=18
2.62 KB, patch
catlee
: review+
RyanVM
: checked-in+
Details | Diff | Splinter Review
disable HSTS updates on b2g18
1.45 KB, patch
mozilla
: review+
RyanVM
: checked-in+
Details | Diff | Splinter Review 
Since bug 800444, we expire the hsts preload list after 18 weeks since its last update. That means that any branch since then needs to periodically update the list using the automated mechanism we have set up.
(see also bug 948004)
Look OK to you, David? I left the v1.1hd branch of b2g18 off because that receives merges from the regular b2g18 branch anyway.
Attachment #8362105 - Flags: feedback?(dkeeler)
Comment on attachment 8362105 [details] [diff] [review]
enable hsts updates on all gecko branches >=18

Review of attachment 8362105 [details] [diff] [review]:
-----------------------------------------------------------------

I think I was a little confused when I filed this bug. The issue is branches that are around for a long time (like esr) definitely need this update to happen. However, I also recall making the decision to not enable this for beta to prevent last-minute changes that may cause compatibility issues. Since it is enabled on aurora and we move the trains every 6 weeks, the list won't ever expire on beta (or release, for that matter).
Long story short: I don't think we actually want to enable this for beta, but I don't know enough about the b2g trains to say whether they need it or not. Hopefully this explanation tells you what you need to know, though.
Attachment #8362105 - Flags: feedback?(dkeeler) → feedback+
Does B2G make use of HSTS? Because the support time for the releases isn't ESR-length, but still much longer than desktop. If it does, I think we should do the updates.
(In reply to Ryan VanderMeulen [:RyanVM UTC-5] from comment #3)
> Does B2G make use of HSTS? 

As far as I can tell, yes.

> Because the support time for the releases isn't
> ESR-length, but still much longer than desktop. If it does, I think we
> should do the updates.

Sounds good.
Per comment 4.
Assignee: nobody → ryanvm
Attachment #8362105 - Attachment is obsolete: true
Status: NEW → ASSIGNED
Attachment #8363096 - Flags: review?(catlee)
Attachment #8363096 - Flags: review?(catlee) → review+
Comment on attachment 8363096 [details] [diff] [review]
enable hsts updates on b2g branches >=18

https://hg.mozilla.org/build/buildbot-configs/rev/62eac305a67c
Attachment #8363096 - Flags: checked-in+
in production.
Hrm, it appears to have worked on b2g26 but not b2g18?
What, you mean we don't post a latest b2g18 build?! Shocking :)

Anyway, I think attempts to do this automatically on that branch are going to be futile, so I went ahead and did a manual update.
https://hg.mozilla.org/releases/mozilla-b2g18/rev/fb89776dd0c1

I'll post a patch here for disabling them again.

        Attachment #8366673 -
        Flags: review?(catlee)

        Attachment #8366673 -
        Flags: review?(catlee) → review+

    
    

    
  
In production.

    
  
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Component: General Automation → General

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: