Provide end-of life messaging and disable on source interface after Xenial EOL #5789
Conversation
sssoleileraaa
requested review from
conorsch,
emkll,
kushaldas and
redshiftzero
as code owners
|
This pull request introduces 6 alerts when merging 6973797 into f4b7805 - view on LGTM.com new alerts:
|
sssoleileraaa
force-pushed
the
v2-and-xenial-eol
branch
from
6973797
to
6e382b5
Compare
|
This pull request introduces 1 alert when merging 6e382b5 into f4b7805 - view on LGTM.com new alerts:
|
sssoleileraaa
force-pushed
the
v2-and-xenial-eol
branch
from
6e382b5
to
2f99b13
Compare
|
This pull request introduces 1 alert when merging 2f99b13 into f4b7805 - view on LGTM.com new alerts:
|
emkll
changed the title
There was a problem hiding this comment.
Thanks @creviera , I've gone through the test plan on a staging instance and functionally everything is working with the exception of the instance's logo (see below)
This is because the decorators are applied for the org-logo route serving the icon, and not behind /static, so we may need to add the following changes to the decorators:
diff --git a/securedrop/source_app/decorators.py b/securedrop/source_app/decorators.py
index 2fae92b3d..786a80a3d 100644
--- a/securedrop/source_app/decorators.py
+++ b/securedrop/source_app/decorators.py
@@ -22,7 +22,7 @@ def ignore_static(f: Callable) -> Callable:
a static resource."""
@wraps(f)
def decorated_function(*args: Any, **kwargs: Any) -> Any:
- if request.path.startswith('/static'):
+ if request.path.startswith('/static') or request.path == '/org-logo':
return # don't execute the decorated function
return f(*args, **kwargs)
return decorated_function
Good idea updating the language once the source interface is disabled:
Trying to figure out why this doesn't work for me. The logo still doesn't show up. |
|
Okay, the logo started showing up after I add that change ^ and uploaded a custom logo. |
|
In the case where someone is logged in during which the eol of the os is reached, we should log that user out before showing the "We're sorry, our SecureDrop is currently offline." Right now we show the logout button with the error message but the user actually won't be able to log out since everything is disabled. UpdateSee new test (#5789 (comment)) to verify ^ |
sssoleileraaa
force-pushed
the
v2-and-xenial-eol
branch
3 times, most recently
from
4c56f48
to
68e332b
Compare
|
"ERROR: Unable to contact the Docker daemon. Please refer to https://docs.docker.com/config/daemon/ for managing the daemon" is the same error seen in #5798. Perhaps we are not configuring the daemon properly or something wrong with the image. This is from our config file: deb-tests-focal:
docker:
- image: cimg/python:3.7
environment:
LC_ALL: C.UTF-8
LANG: C.UTF-8
steps:
- run: sudo apt-get update && sudo apt-get install -y make virtualenv enchant jq python3-dev build-essential rsync
- checkout
- setup_remote_docker
- run:
name: Test Debian package build on Focal
command: |
make ci-deb-tests-focalversus xenial: deb-tests:
docker:
- image: cimg/python:3.7
environment:
LC_ALL: C.UTF-8
LANG: C.UTF-8
steps:
- run: sudo apt-get update && sudo apt-get install -y make virtualenv enchant jq python3-dev build-essential rsync
- checkout
- setup_remote_docker
- run:
name: Test Debian package build
command: |
BRANCH_MATCH=$(devops/scripts/match-ci-branch.sh "^update-builder")
if ! [[ $BRANCH_MATCH =~ ^found ]]; then echo "Skipping: ${BRANCH_MATCH}"; exit 0; fi
make ci-deb-tests🤔 |
emkll
force-pushed
the
v2-and-xenial-eol
branch
from
68e332b
to
a80255a
Compare
|
rebased on latest develop after merge of #5801 |
|
I've committed to helping with UI/string review before merge. |
There was a problem hiding this comment.
Thanks @creviera for the changes. I went through the test plan and confirmed the functionality is still working as expected
I've added a minor suggestion inline to reduce the diff, since we will likely revert these changes once SecureDrop 2.0.0 is released and Xenial support is eliminated.
Once @eloquence's reviews the strings, I would ask that you please rebase/squash in a single commit.
I will be happy to provide final review once the steps above have been completed, otherrwise we should consider these changes approved.
| {% if 'logged_in' in session %} | ||
| <a href="{{ url_for('main.logout') }}" class="btn pull-right" id="logout">{{ gettext('LOG OUT') }}</a> | ||
| <a href="{{ url_for('main.logout') }}" class="btn pull-right" id="logout">{{ gettext('LOG OUT') }}</a> |
There was a problem hiding this comment.
looks like the changes on lines 37, 41, 44 and 46 are not strictly required here and make the diff more complicated to read
There was a problem hiding this comment.
ah, i see. i was trying to mimic the code style i saw in other areas of the code. it looked like other areas of the code try to keep the indents of the html correct rather than the template code, but if you want i can revert to make it easier for you to review.
There was a problem hiding this comment.
easier to review but also preserves a cleaner history, making it easier to revert changes in the future if/when this code is no longer be necessary (i.e. 2.0)
|
(Taking a look now.) |
| </div> | ||
| {% elif g.show_os_near_eol_warning %} | ||
| <div id="os-near-eol" class="alert-banner"> | ||
| <img src="{{ url_for('static', filename='i/bang-circle.png') }}" width="20" height="20"> {{ gettext ('<strong>Critical Security:</strong> The operating system used by your SecureDrop servers is approaching its end-of-life on April 30, 2021. A manual update is urgently required to remain safe. Please contact your adminstrator. <a href="//securedrop.org/xenial-eol" rel="noreferrer">Learn More</a>') }} |
There was a problem hiding this comment.
Nit: I would say will reach its end-of-life on April 30 and not is approaching its end-of-life on April 30; the latter could be interpreted (and translated) to suggest that end-of-life will start approaching on April 30.
| @@ -1,4 +1,4 @@ | |||
| # Last Modified: Wed Oct 29 08:16:32 2014 | |||
| # Last Modified: Wed Feb 10 16:27:32 2021 | |||
There was a problem hiding this comment.
Clearly not the most well-maintained timestamp. ;-) Maybe we should just ditch it?
|
I verified
in the Docker-based dev env. UI and strings look great to me; just one small recommended tweak. |
|
the only reason id like to push back a little on the request to rebase into a single commit is because each unit is in a clear commit and we'll probably revisit these commits once focal approaches its EOL. the three commits are:
actually, it might make sense to combine the bottom two. |
|
Good point, I agree: a separate commit to remove the v2/v2+v3 warnings makes sense here. I would still suggest squashing the two others, at your option. |
sssoleileraaa
force-pushed
the
v2-and-xenial-eol
branch
from
a80255a
to
9b56878
Compare
Signed-off-by: Allie Crevier <allie@freedom.press>
sssoleileraaa
force-pushed
the
v2-and-xenial-eol
branch
from
9b56878
to
ecfecea
Compare
Status
Ready for review
Description of Changes
Resolves #5688
Needs review of messaging to admins/source/journalists.
Changes proposed in this pull request:
Testing
securedrop-app-codedebs off of this pr branch with the edit from step 1source_app/disable.pyandjouranlist_app/os_eol.pyto year 2020 instead of 2021New test
Checklist
make lint) and tests (make test) pass in the development container