Skip to content

Standup Notes 2020 04 09

Erik Moeller edited this page Apr 10, 2020 · 2 revisions

Participants (alphabetical): Allie, Conor, Erik, Jen, John, Kevin, Kushal, Mickael, Ro

Topics and Call-outs

  • Reminder: Discussion re: staging / libvirt troubles after standup

  • No UX meeting today - but will be coming back next week with a vengeance ;-) focusing on copy & paste experience in Qubes

  • Feedback requested (this is restricted to FPFers): https://docs.google.com/document/d/11nu-hb-eyRE8uyn8BFTI05fO1MaCgNUT5CUEWgXTkJQ/edit

    • These are the options for the *.securedrop.tor.onion URLs, including what Kushal and I thought was the best option (A). Check em out and comment in the doc with your thoughts. If you think of another good option, please feel free to add that suggestion.
    • For other thoughts/comments/open questions, feel free to add to the open questions section.
  • SecureDrop Workstation Release priorities

  • SecureDrop Core Release Priorities

    • Kernel update
    • Tor update
    • OSSEC update
    • Ansible update
  • Staging discussion

    • Allie: I use staging now to test datasets. Have avoided problems in the past by not rebuilding it. There are errors you have to get used to -- quay server is down, molecule/vagrant errors, frequent log investigations. Sometimes you have to run sudo virtshell to remove images manually. Takes about 16 minutes to run fully, which is a long time to wait if the result is an error.
    • Kev: Long-running problems. Go through similar steps. Run molecule destroy, make clean, go into virt-manager to delete VMs. Double-check in virtsh to make sure that volumes were destroyed. Kill stray processes. Process in Qubes is comparatively smooth after initial setup. Resource-intensive. It would be worth supporting a dev env with Tor in it -- not perfect for all tests, but closer than current dev container.
    • Kushal: Have local patch I use with Docker env, running Tor on host. Also use prod, swap out /var/lib/securedrop
    • Allie: Swapping out /var/lib/securedrop does sound easiest.
    • John: That's what I've been doing in staging.
    • Kev: That's what my changes do, as well -- via molecule + Ansible.
    • Kushal: My datasets are not from QA loader, but created with create-dev-data.
    • Jen: QA loader adds more complex dataset, including for testing migrations. create-dev-data is a little more naive
    • John: Have a PR in that starts using create-dev-data logic
    • Jen: Next steps would be to work towards using QA loader in make dev script
    • Kev: I may take that on as part of the work I'm doing anyway
    • Allie: If we used Tor, Apache and mod_wsgi in the Docker container, what would then be the difference be between staging and dev env?
    • Mickael: OSSEC, grsec, App/Mon server, AppArmor
    • John: Cache priming may work in make dev already. Staging also gives us Deb testing
    • Kev: Ansible testing
    • Kushal: make dev is great for fast development against API
    • Jen: Biggest win would be Docker dev env + Tor. Would be very useful for client development.
    • Allie: Also helps with outside contributors.
    • Mickael: Agree with Jen, having Tor in container would be great for rapid testing. Could provide bootstrapping make targets for SecureDrop Workstation development. (molecule)
    • Kushal: Lots of random errors. But no obvious replacement.
    • John: Not just molecule. molecule destroy doesn't always work - but partially because of vagrant destroy failing.
    • Conor: We have staging environment for VirtualBox. Running on buster box and using VirtualBox should be simpler than libvirt.
    • Jen: I do use it and don't run into these issues.
    • Kushal: molecule problems are because of Vagrant/libvirt. VirtualBox more reliable with Vagrant. Unload KVM modules, then use VirtualBox.
    • Conor: We use libvirt for nested virtualization in CI.
    • Allie: Was using VirtualBox when I started, then switched over to libvirt for upgrade testing.

ACTION: More create-dev-data/QA loader consolidation (ongoing, Kev/John)

Potential ACTION: Add Tor to Docker dev env (Erik to track, add to near-term backlog) Potential ACTION (individual): Try using VirtualBox instead of libvirt to reduce errors Potential ACTION (individual): Try staging env in Qubes Potential ACTION: Investigate if we can switch to VirtualBox-only workflow outside CI (including for Tails; upgrade scenario testing) -- assuming devs confirm VirtualBox is more reliable ( https://github.com/freedomofpress/securedrop/issues/3240 )

Allie

Yesterday:

Today:

  • Investigate word wrapping / switch to QTextEdit
  • Review of Kev's staging env PR
  • Continued testing for timeout issue as needed

Blockers or Asks:

Conor

Yesterday:

  • Started HTTPSE route, aim to push to staging server today, then hand off to Jen
  • Worked on kernel PR

Today:

  • Continue on kernel metapackage

Blockers or Asks: None

Erik

Yesterday:

  • Pilot comms / issue tracking
  • Updater PR - ready for initial comments

Today:

  • Review HTTPSE doc
  • Pilot comms / a bit more follow-up on UX issues that were reported
  • Address initial comments on updater PR, write test plan

Blockers or Asks: None

Jen

Yesterday/ since last standup:

  • did that HTTPS-E doc, will review that over next couple days
  • filled up ol staging with lots of sources to see what the behavior from latest master of securedrop-client was, added

Today:

  • Review John's key cache PR
  • Timeouts fun

Blockers or Asks: None

John

Yesterday:

  • #140

Today:

  • #140

Blockers or Asks:

  • None

Kev

Yesterday:

Today:

  • ^^
  • Start poking at OSSEC if time permits

Blockers or Asks: Might check in w/ Mickael on troubleshooting install issues

Kushal

Today:

Tomorrow:

  • Work based on feedback

Blockers or Asks:

Mickael

Yesterday:

Today:

  • Visual review of updater PR
  • sprint tasks

Blockers or Asks: None

Nina

Yesterday:

Today:

Blockers or Asks:

Ro

Yesterday:

Today:

  • support comms + DST followup on a new contract
  • figure out test failures for ^ (and/or test my functional tests), am a newb

Blockers or Asks:

Clone this wiki locally