-
Notifications
You must be signed in to change notification settings - Fork 686
Standup Notes 2020 04 09
Participants (alphabetical): Allie, Conor, Erik, Jen, John, Kevin, Kushal, Mickael, Ro
-
Reminder: Discussion re: staging / libvirt troubles after standup
-
No UX meeting today - but will be coming back next week with a vengeance ;-) focusing on copy & paste experience in Qubes
-
Feedback requested (this is restricted to FPFers): https://docs.google.com/document/d/11nu-hb-eyRE8uyn8BFTI05fO1MaCgNUT5CUEWgXTkJQ/edit
- These are the options for the *.securedrop.tor.onion URLs, including what Kushal and I thought was the best option (A). Check em out and comment in the doc with your thoughts. If you think of another good option, please feel free to add that suggestion.
- For other thoughts/comments/open questions, feel free to add to the open questions section.
-
SecureDrop Workstation Release priorities
- timeout issues: https://github.com/freedomofpress/securedrop-client/issues/1007
- Allie/Jen/John will continue to test & discuss today
- line wrapping: https://github.com/freedomofpress/securedrop-client/issues/815
- lack of submission key: https://github.com/freedomofpress/securedrop-client/issues/140
- timeout issues: https://github.com/freedomofpress/securedrop-client/issues/1007
-
SecureDrop Core Release Priorities
- Kernel update
- Tor update
- OSSEC update
- Ansible update
-
Staging discussion
- Allie: I use staging now to test datasets. Have avoided problems in the past by not rebuilding it. There are errors you have to get used to -- quay server is down, molecule/vagrant errors, frequent log investigations. Sometimes you have to run
sudo virtshell
to remove images manually. Takes about 16 minutes to run fully, which is a long time to wait if the result is an error. - Kev: Long-running problems. Go through similar steps. Run molecule destroy, make clean, go into virt-manager to delete VMs. Double-check in virtsh to make sure that volumes were destroyed. Kill stray processes. Process in Qubes is comparatively smooth after initial setup. Resource-intensive. It would be worth supporting a dev env with Tor in it -- not perfect for all tests, but closer than current dev container.
- Kushal: Have local patch I use with Docker env, running Tor on host. Also use prod, swap out /var/lib/securedrop
- Allie: Swapping out /var/lib/securedrop does sound easiest.
- John: That's what I've been doing in staging.
- Kev: That's what my changes do, as well -- via molecule + Ansible.
- Kushal: My datasets are not from QA loader, but created with create-dev-data.
- Jen: QA loader adds more complex dataset, including for testing migrations. create-dev-data is a little more naive
- John: Have a PR in that starts using create-dev-data logic
- Jen: Next steps would be to work towards using QA loader in
make dev
script - Kev: I may take that on as part of the work I'm doing anyway
- Allie: If we used Tor, Apache and mod_wsgi in the Docker container, what would then be the difference be between staging and dev env?
- Mickael: OSSEC, grsec, App/Mon server, AppArmor
- John: Cache priming may work in
make dev
already. Staging also gives us Deb testing - Kev: Ansible testing
- Kushal:
make dev
is great for fast development against API - Jen: Biggest win would be Docker dev env + Tor. Would be very useful for client development.
- Allie: Also helps with outside contributors.
- Mickael: Agree with Jen, having Tor in container would be great for rapid testing. Could provide bootstrapping make targets for SecureDrop Workstation development. (molecule)
- Kushal: Lots of random errors. But no obvious replacement.
- John: Not just molecule. molecule destroy doesn't always work - but partially because of vagrant destroy failing.
- Conor: We have staging environment for VirtualBox. Running on buster box and using VirtualBox should be simpler than libvirt.
- Jen: I do use it and don't run into these issues.
- Kushal: molecule problems are because of Vagrant/libvirt. VirtualBox more reliable with Vagrant. Unload KVM modules, then use VirtualBox.
- Conor: We use libvirt for nested virtualization in CI.
- Allie: Was using VirtualBox when I started, then switched over to libvirt for upgrade testing.
- Allie: I use staging now to test datasets. Have avoided problems in the past by not rebuilding it. There are errors you have to get used to -- quay server is down, molecule/vagrant errors, frequent log investigations. Sometimes you have to run
-
ACTION: More create-dev-data/QA loader consolidation (ongoing, Kev/John)
-
Potential ACTION: Add Tor to Docker dev env (Erik to track, add to near-term backlog)
-
Potential ACTION (individual): Try using VirtualBox instead of libvirt to reduce errors
-
Potential ACTION (individual): Try staging env in Qubes
-
Potential ACTION: Investigate if we can switch to VirtualBox-only workflow outside CI (including for Tails; upgrade scenario testing) -- assuming devs confirm VirtualBox is more reliable ( https://github.com/freedomofpress/securedrop/issues/3240 )
Yesterday:
- Continuing to review https://github.com/freedomofpress/securedrop-client/pull/1050 and will look into it more wherever Kushal
Today:
- Investigate word wrapping / switch to QTextEdit
- Review of Kev's staging env PR
- Continued testing for timeout issue as needed
Blockers or Asks:
Yesterday:
- Started HTTPSE route, aim to push to staging server today, then hand off to Jen
- Worked on kernel PR
Today:
- Continue on kernel metapackage
Blockers or Asks: None
Yesterday:
- Pilot comms / issue tracking
- Updater PR - ready for initial comments
Today:
- Review HTTPSE doc
- Pilot comms / a bit more follow-up on UX issues that were reported
- Address initial comments on updater PR, write test plan
Blockers or Asks: None
Yesterday/ since last standup:
- did that HTTPS-E doc, will review that over next couple days
- filled up ol staging with lots of sources to see what the behavior from latest master of securedrop-client was, added
Today:
- Review John's key cache PR
- Timeouts fun
Blockers or Asks: None
Yesterday:
- #140
Today:
- #140
Blockers or Asks:
- None
Yesterday:
- Discovered issue with qa_loader script -- it does not create valid datasets that can be restored into an instance
- Poked at https://github.com/freedomofpress/securedrop/pull/5174
Today:
- ^^
- Start poking at OSSEC if time permits
Blockers or Asks: Might check in w/ Mickael on troubleshooting install issues
Today:
- https://github.com/freedomofpress/securedrop/pull/5184 Reviewed redis key cache
- Started moving to QPlainTextEdit for text wrap https://github.com/freedomofpress/securedrop-client/pull/1050
Tomorrow:
- Work based on feedback
Blockers or Asks:
- https://github.com/freedomofpress/securedrop-client/pull/1050 Need help wtih the auto vertical resize of the SpeechBubble
Yesterday:
- Onsite
- Reviewed https://github.com/freedomofpress/securedrop-workstation/pull/523
- Reviewed kernels (metapackage change required)
Today:
- Visual review of updater PR
- sprint tasks
Blockers or Asks: None
Yesterday:
Today:
Blockers or Asks:
Yesterday:
- support comms
- meetings
- https://github.com/freedomofpress/securedrop/issues/4952
- pilot debrief
Today:
- support comms + DST followup on a new contract
- figure out test failures for ^ (and/or test my functional tests), am a newb
Blockers or Asks:
- nina: Could I have access to the Zeplin project you link to in https://github.com/freedomofpress/securedrop-ux/issues/94#issuecomment-589456323 (have pinged in internal comms)
- john/someone: I have made minor changes to a string in source interface that will need to be translated, and this string is referred to in
translations/
and intests/il8n
. What do?