QA/Browser Technologies/Services/Releases/BrowserID 07202012

From MozillaWiki
Jump to: navigation, search

Areas for QA Focus

[QA] Suggested additional areas of focus for QA:

  • English language review and link checking on main site
  • Verification of i18n of main site (use debug language? it-CH)
  • Verify all static resources are served from correct domain
  • Explore the new forgot password flow!
  • Test all permutations of email addition, user accnt creation, email re-confirmation, and password reset on a different browser than where the action is initiated
  • double check metrics fixes. Are lines in router-metrics.log correct? Is there one every time the dialog pops up, even when your browser cache is full?
  • how do fonts look on IE8? On Windows Firefox?
  • verify that other locales look correct. Lots of strings have changed and will be untranslated, but let's make sure the i18n system is working properly in staging environment asap.

Additional areas of focus

  • Verifications and more verifications
    • See the ChangeLog for closed issues specific to this train
    • Verify the backlog of closed issues, time permitting.
      • Start with Issue #1466 and move forwards through the very latest closed issues that were fixed for or before this train.
  • Additional issues to Verify
    • 730: Verification email text is incorrect for forgotton passwords.

Information

  • Train 32: 07-20-2012 - DERAILED

Links

Deployment Ticket

  • Bug 776304 - QA and deploy BrowserID train-2012.07.20 to production

OPs Ticket and ChangeWindow

  • Services Maintenance/Change Window
    • TBD

Hot Fixes and Other Deployments

  • Bug 768169 - New process for serving static content for Persona

ChangeLog

train-2012.07.20: 

* Introduction of "static" process which serves views and static resources: #1757
* Update account password recovery flow, no longer do we remove all emails upon password recovery: #1913
* API parameter validation on all API calls: #1526, #2001, #1981, #2042, #2032, #2057, #2121
* 'locale_directory' no longer a neccesary nor allowed configuration parameter
* Implement support for proxy IdP (a.k.a. BigTent): #2019, #2060
* Main site i18n - now persona is completely translated: #1862, #2075, #2093
* UI improvements: #1898, #1786, #1920, #1932, #1901, #1885, #1951, #1964, #1967, #1916, #1967, #2007
* KPI improvements: #1827, #1825
* Localization improvments, reduced dependencies and debugging locale works all the time: #1917, #1905, #1970
* Fix regression of fonts on windows: #1856, #1973
* Resource optimization: #1941, #1999
* Links to external sumo pages are language neutral: #1938, #2055
* Unit test fixes and improvements: #1958, #1948, #1783, #1916, #2011, #1986
* Fixes for node 0.8.x (production still on node 0.6.x): #1914
* Code cleanup: #1902, #1989
* Language improvements: #1960, #1167
* Opera 12 fixes: #1844
* Persona logos added to repo: #1974
* Fix error when KPIs are disabled: #1978
* For primary certificate provisioning, fail if the process takes longer than 20s: #1570
* Fix IE8 cookie check: #1982
* Log assertion verification failures: #2016
* Fix slow keyboard key press response on fennec: #2029
* Documentation fixes: #2064
* All resources should include license and links: #1655?
* Repair metrics, specifically counting of distinct sign_ins: #2040
* returnTo, siteName, and siteLogo only work with the observer API: #2086
* Fix regressions introduced during development: #2118, #2104, #2088

Travis/CI

BID Automation

See the following site: https://wiki.mozilla.org/Identity/QA#BrowserID_Automation

Versions

Processes

  • webheads
    • /usr/bin/node bin/browserid
    • /usr/bin/node bin/verifier
    • /usr/bin/node /opt/browserid/lib/verifier/verifier-compute.js
    • /usr/bin/node /opt/browserid/lib/bcrypt-compute.js
    • /usr/bin/node bin/router
    • /usr/bin/node bin/static
  • secure webheads
    • /usr/bin/node bin/dbwriter
    • /usr/bin/node /opt/browserid/lib/bcrypt-compute.js
  • keysigners
    • /usr/bin/node bin/keysigner
    • /usr/bin/node /opt/browserid/lib/keysigner/keysigner-compute.js
  • databases: various mysql processes
  • zeus: various zeus processes

Logs

  • webheads: /var/log/browserid/
    • browserid.log
    • verifier.log
    • verifier-metrics.json
    • verifier-compute.log
    • router.log
    • static.log
    • router-metrics.json
Note: router-metrics.json replaces browserid-metrics.json
  • secure webheads: /var/log/browserid/
    • dbwriter.log
  • keysigners have /var/log/browserid/
    • keysigner.log
    • keysigner-compute.log
  • databases: n/a
  • zeus: various logs

Local Install - Unit Tests

  • Front-End Unit Tests: TBD
  • Back-End/Headless Unit Tests: TBD

Local Install - Load Test

  • Set 1 - TBD
    • Term1: CREATE_TEST_USERS=2000 BROWSERID_FAKE_VERIFICATION=1 NODE_ENV=test_mysql nohup npm start
    • Term2: nohup bin/load_gen -u 1/50 -m 50000 -o -s http://127.0.0.1:10002

Stage: Load Tests

  • Set 1: TBD

Sample Bug and Issue

New/Updated OPs Tickets and Issues

Bugzilla: https://bugzilla.mozilla.org/

  • Bug 775255 - add second intermediate to all GeoTrust (EV and non-EV) SSL certs, update docs
  • Bug 773094 - Deploy BigTent to stage with latest code
  • Bug 776151 - Stable Mozilla IP(s) for integration testing
  • Bug 776396 - Persona/BrowserID Stage: Consider adding log rotation and archiving
  • Bug 773094 - bigtent: Deploy BigTent to stage with latest code
  • Bug 768169 - New process for serving static content for Persona
  • Bug 775255 - add second intermediate to all GeoTrust (EV and non-EV) SSL certs, update docs
  • Bug 775712 - Establish firewall openings for new bigtent servers at scl2
  • Bug 778022 - rsbac breakage causing http* alerts to fire on web3.idweb.scl2

https://github.com/mozilla/browserid/issues

  • 2165: compile-json.sh breaks stage deployment

New/Updated APPs Tickets and Issues

Bugzilla: https://bugzilla.mozilla.org/

  • Bug 746231 - KPI Dashboard first Key Performance Indicator
  • Bug 773407 - Create KPI Dashboard stage environment
  • Bug 778951 - Mozilla Persona page difficult to read

New/Updated Labs Tickets and Issues

Bugzilla: https://bugzilla.mozilla.org/

  • TBD

New/Updated Localization Tickets and Issues

Bugzilla: https://bugzilla.mozilla.org/

  • TBD

GitHub: https://github.com/mozilla/browserid/issues

  • 2136: Train-2012.07.20 l10n issues #2
  • 2147: L10n preview is not updating
  • 2148: Usability enhancements to the forgot password screen
  • 2164: Need a RP that points to l10n-preview.diresworb.org

Resolved/Closed Bugs and Issues

Bugzilla: https:/bugzilla.mozilla.org/

  • TBD

GitHub: https://github.com/mozilla/browserid/issues

  • 730: Verification email text is incorrect for forgotton passwords.
  • 759: email reset / password recovery is not good
  • 1167: The new "requires cookies" message needs improvement.
  • 1526: code cleanup: validate vs sanitize
  • 1629: Reset password flow
  • 1655: Tracking: license may be needed on all served production resources.
  • 1783: IE8: Unit tests do not complete when slow script warning disabled.
  • 1786: Update FavIcon for Persona
  • 1825: Emit additional events during authentication of returning users
  • 1827: KPI data should acknowledge successful sign-in even after dialog is closed
  • 1844: Opera 12 Freezes on Signin
  • 1856: windows (xp/win7) - main site font issues
  • 1885: win7/opera 11.64 - main site layout issue with split signup button
  • 1898: too much button flicker!
  • 1899: dev: /wsapi/authenticate_user after account creation verification being called without email.
  • 1900: Add a small delay after an xhr request is complete before submit_disabled class is removed from the body.
  • 1901: tabindex on authenticate page is out of order with new layout.
  • 1902: Clean up jshint warnings in some of the bin processes
  • 1905: Dialog displaying wrong translations
  • 1914: Node 0.8.x support
  • 1915: Update favicon with new glyph
  • 1916: front-end tests timing out at /dialog/views/error.ejs
  • 1917: why do we need node-gettext?
  • 1920: from skinny: slide the arrow off the screen.
  • 1921: A way to specify in the shell which front-end tests to run
  • 1922: Slide the arrow all the way off the screen.
  • 1932: buttons on 'Remember you?' screen could use a little more margin
  • 1938: l10n issue - link to 'cookies disabled' message is hard-coded to en-US despite user language
  • 1941: dialog: html5shim is not cachified for ie8.
  • 1944: Remove the en-US from the cookies-disabled SUMO article.
  • 1948: A way to specify what test modules to run from the shell
  • 1951: [ie8] visual defects on /about page
  • 1856: windows (xp/win7) - main site font issues
  • 1958: backend unit tests failing on tests/static_resources.js
  • 1959: fix issue GH-1958; add '/production/authenticate_with_primary.js' to items to exclude and reformat the single line array
  • 1960: L10n bugs in train-2012.07.06
  • 1964: IE: Persona logo at bottom of /about page has border
  • 1967: mobile/main site: "Take the tour or sign up" is ugly (left justified)
  • 1970: enable debug 'locale' in our dev env
  • 1973: cross-origin issues with fonts redux
  • 1974: Add Persona sign in buttons to repo
  • 1978: javascript error when checking address_info for unknown secondary
  • 1979: perform rigorous validation on all API parameters, cleanup redundancy in sanitize.js and validate.js - issue #1526
  • 1981: improve validation of origin params to API calls
  • 1982: IE8 does not support max-age in cookies, making the cookie check cookie a session cookie.
  • 1986: unit test module names need updated to match directory structure
  • 1989: helpers.extend is dupe of _.extend
  • 1996: Fix cookie check cookie made into a session cookie in IE8
  • 1999: dev/staging: /unsupported_dialog not showing the firefox logo
  • 2001: wsapi fails with extra parameters are not allowed: email
  • 2004: Remove the extra "email" parameter sent to auth_with_assertion.
  • 2007: redirect timeout is sometimes first displayed with < 5 seconds.
  • 2010: Slow response when typing in the email field on FF mobile
  • 2011: dev: if string is not localized, no string is displayed.
  • 2015: new regex for matching origins - issue #1981
  • 2016: log bad verifier assertions
  • 2029: Fix the slow Fennec key press response in the email field.
  • 2031: Add a link to the repo and current source in the top level of each served up HTML resource.
  • 2032: dev: If user enters < 8 char password, /authenticate_user returns 400 error
  • 2040: browserid metrics - referer not passed through
  • 2042: new origin validation is too strict
  • 2053: Before authenticating, check password length.
  • 2055: Link to Mozilla Support from mainpage contains "en-US"
  • 2056: Remove en-US from the SUMO link
  • 2057: Remove extraneous params in load_gen requests
  • 2060: Allow assertions issued by person to be used to authenticate. This makes it possible for "proxy idps" to work without the implementation details leaking out into others verifier implementations.
  • 2064: Add instructions on hacking things directly in code/
  • 2075: not BrowserID, but Persona
  • 2092: move metrics to router: avoids headers not being forwarded and caching
  • 2105: Cancel Account says "Are you sure you want to cancel your BrowserID account?"
  • 2118: main site - forgot password flow winds up showing /signin page
  • 2121: change-password dialog: wrong pw gives confusing error dialog
  • 2123: Cancel Account alert mentions BrowserID, not Persona
  • 2127: Fix forgot password redirection to /signin
  • 2135: Issues 2088 and 2104
  • 2104: Verifying email reset in multiple browser exception in /wsapi/complete_reset
  • 2088: error when verifying email addition in second browser
  • 2129: Issues 2088 2104 address verification

GitHub: https://github.com/mozilla/123done/issues

  • TBD

Reopened or Updated

Bugzilla: https://bugzilla.mozilla.org/

  • Bug 773877 - Identity server: Browserid-metrics.json with invalid entries
  • Bug 773407 - Create KPI Dashboard stage environment
  • Bug 746231 - KPI Dashboard first Key Performance Indicator
  • Bug 742809 - Security review for new Identity Project BigTent
  • Bug 754926 - BigTent tracking - ProxyIdP for Persona
  • Bug 772686 - New DNS and SSL certs are ready for BigTent
  • Bug 773400 - KPI Dashboard Tracking Bug
  • Bug 759452 - Persona passwords are not remembered

GitHub: https://github.com/mozilla/browserid/issues

  • 796: Sign-in failure using Google Chrome Frame
  • 1702: Password change doesn't require password confirmation
  • 1862: Translate the main site

GitHub: https://github.com/mozilla/123done/issues

  • TBD

Opened Bugs/Issues For This Week - QA

Bugzilla: https://bugzilla.mozilla.org/

  • TBD

GitHub: https://github.com/mozilla/browserid/issues

  • 2130: [mainsite] a signedin primary user visits /forgot, ask for new passwords and email sent.
  • 2132: 'checking with email provider' permanently shown when cancelling out of forgot password screen
  • 2181: add a /robots.txt file
  • 2183: [ie8] train-2012.07.20 js exception when signing in

GitHub: https://github.com/mozilla/123done/issues

  • TBD

Other Open Bugs and Issues - Dev, Contributers

Bugzilla: https://bugzilla.mozilla.org/

  • TBD

GitHub: https://github.com/mozilla/browserid/issues

  • 2128: Update "Developer" links to point to our MDN root
  • 2129: Issues 2088 2104 address verification
  • 2131: Perform CEF logging where indicated by security review
  • 2133: upgrade data formats
  • 2134: Issue2104 verify email reset multiple browsers
  • 2135: Issues 2088 and 2104
  • 2137: Sign in button hidden when using lots of emails
  • 2138: make x-frame-options configurable
  • 2139: Make x_frame_options configurable. Default to DENY.
  • 2140: Remove unused requires from bin/ processe
  • 2141: Update the "To verify that you own" strings to unify copy and clean up bad grammar.
  • 2142: add spellcheck="false" to email fields
  • 2143: CSS Sign In buttons
  • 2144: lots of emails causes signin button to be hidden
  • 2145: Observer API's onlogin leads to an expensive backend call on each page load?
  • 2146: Nodejs ephemeral keys
  • 2149: Usability updates to the signin and signup pages.
  • 2150: Added CEF logging at key points alongside our app logger
  • 2151: Log additional verifier assertion errors, where assertion or audience could not be found
  • 2152: API for getting extra verified emails from a user
  • 2153: Fix typo in primary logging
  • 2154: frontend: convert exception throwing to use new Error(msg) or subtypes
  • 2155: completeAuthentication should accept a limitedToRPs param
  • 2156: Add support for IdP dynamic identifiers
  • 2157: Get into preloaded HSTS lists for Firefox and Chrome
  • 2158: Pinning the CA for our TLS certs
  • 2159: "Need help?" page needs to be refreshed for new name
  • 2160: Support for IPv6
  • 2161: Issue 2120 combine signin signup pages into /signin
  • 2162: Give the Persona window the name __persona_dialog when opening.
  • 2163: Fix for users receiving a mustAuth response from the backend even though they set the password in this session.
  • 2166: Create a status page
  • 2167: always set currentHint to null at startup
  • 2168: don't set process.env.SUPPORTS_SIGNALS = false
  • 2169: dialog.css transitions obscure sign in with Ubuntu / Firefox 4.0
  • 2170: Nitpicking on the browserid.org redirects
  • 2171: IE8: exceptions thrown in bidbundle.js
  • 2172: Allow long RP names to wrap.
  • 2173: Send html versions of emails
  • 2174: Add VerificationURL and RelyingParty to verification email headers
  • 2175: Enable node-debug mode
  • 2176: sites_signed_in and sites_visited KPI renaming
  • 2177: KPI renaming
  • 2178: If the user hits the /signin or /forgot pages while signed in, redirect them to the "/" page.
  • 2179: going from /signin to /forgot via the "is this your address?" link redirects the user back to /signin
  • 2180: Fix the email not being saved when the user goes from /signin to /forgot via the "forgot your password?" link.
  • 2182: dynamically size domain name inside dialog
  • 2184: Pull in BrowserID-Tests
  • 2185: Persona passwords are not remembered by Firefox password manager
  • 2186: SUMO should have a new section for Persona
  • 2187: Persona sign-up page's placeholder input texts same font as regular input
  • 2188: Idea: Remind native IdP users to log out of their IdP after authing with us
  • 2189: make placeholder text in inputs lighter grey

GitHub: https://github.com/mozilla/123done/issues

  • TBD

GitHub: https://github.com/mozilla/browserid-bigtent/issues

  • TBD

Notes

  • DERAILED
  • (lloyd)
    • Our last candidate, train-2012.07.06 was derailed and will not make it to production. The previous push dipped into QA time and didn't leave enough for us to safely get this candidate out.
    • But a new candidate has been cut, who we'll call train-2012.07.20!
    • This is HUGE: https://github.com/mozilla/browserid/blob/train-2012.07.20/ChangeLog#L1-29
    • Here's a deployment ticket: https://bugzilla.mozilla.org/show_bug.cgi?id=776304
    • Matjaz, a fix for issue 2093 is included in this train, please extract strings at your earliest convenience.
    • Developers! The `dev` branch is now open. This is the last development cycle before our beta. A reminder! We are in a code slush. We are focused on product polish, but not major new features, and not major code refactoring and cleanup. We have some exceptions, previously discussed.
    • If there are medium features you'd like to land this cycle that you think are important, let's discuss them on list and strive to get a stable beta product out that we're all proud of, and ready to stand firmly behind.
Retrieved from "https://wiki.mozilla.org/index.php?title=QA/Browser_Technologies/Services/Releases/BrowserID_07202012&oldid=456703"