QA/Browser Technologies/Services/Releases/BrowserID 07202012
Contents
- 1 Areas for QA Focus
- 2 Information
- 3 Links
- 4 Deployment Ticket
- 5 OPs Ticket and ChangeWindow
- 6 Hot Fixes and Other Deployments
- 7 ChangeLog
- 8 Travis/CI
- 9 BID Automation
- 10 Versions
- 11 Processes
- 12 Logs
- 13 Local Install - Unit Tests
- 14 Local Install - Load Test
- 15 Stage: Load Tests
- 16 Sample Bug and Issue
- 17 New/Updated OPs Tickets and Issues
- 18 New/Updated APPs Tickets and Issues
- 19 New/Updated Labs Tickets and Issues
- 20 New/Updated Localization Tickets and Issues
- 21 Resolved/Closed Bugs and Issues
- 22 Reopened or Updated
- 23 Opened Bugs/Issues For This Week - QA
- 24 Other Open Bugs and Issues - Dev, Contributers
- 25 Notes
Areas for QA Focus
[QA] Suggested additional areas of focus for QA:
- English language review and link checking on main site
- Verification of i18n of main site (use debug language? it-CH)
- Verify all static resources are served from correct domain
- Explore the new forgot password flow!
- Test all permutations of email addition, user accnt creation, email re-confirmation, and password reset on a different browser than where the action is initiated
- double check metrics fixes. Are lines in router-metrics.log correct? Is there one every time the dialog pops up, even when your browser cache is full?
- how do fonts look on IE8? On Windows Firefox?
- verify that other locales look correct. Lots of strings have changed and will be untranslated, but let's make sure the i18n system is working properly in staging environment asap.
Additional areas of focus
- Verifications and more verifications
- See the ChangeLog for closed issues specific to this train
- Verify the backlog of closed issues, time permitting.
- Start with Issue #1466 and move forwards through the very latest closed issues that were fixed for or before this train.
- Additional issues to Verify
- 730: Verification email text is incorrect for forgotton passwords.
Information
- Train 32: 07-20-2012 - DERAILED
Links
- Test Plan: https://wiki.mozilla.org/QA/BrowserID/TestPlan
- Weekly Train Wiki: https://wiki.mozilla.org/QA/BrowserID/BrowserID_Weekly_Trains_Beta
- Release Wiki: https://wiki.mozilla.org/QA/Browser_Technologies/Services/Releases/BrowserID_07202012
- Test Plan spreadsheet: https://docs.google.com/spreadsheet/ccc?key=0As8GUPwNNWMFdDJZSjYzMUxDSnZVQW5vZy0wMjU0Mmc
- Test Cases in Moztrap: https://moztrap.allizom.org/manage/cases/
- Product = BrowserID
- Stage Server: https://login.anosrep.org, https://anosrep.org, https://diresworb.org
- Stage Client/RP1: http://beta.myfavoritebeer.org
- Stage Client/RP2: http://123done.org
- Primary 1: https://eyedee.me
- Dev Server: https://login.dev.anosrep.org, https://dev.anosrep.org, https://dev.diresworb.org
- Dev Client/RP1: http://dev.myfavoritebeer.org
- Dev Client/RP2: http://dev.123done.org
- Primary 1: https://eyedee.me
- Production Server: https://login.persona.org, https://persona.org, https://browserid.org
- Prod Client/RP1: http://myfavoritebeer.org
- Prod Client/RP2: http://123done.org
- Primary 1: https://eyedee.me
- Primary 2: https://mockmyid.com
Deployment Ticket
- Bug 776304 - QA and deploy BrowserID train-2012.07.20 to production
OPs Ticket and ChangeWindow
- Services Maintenance/Change Window
- TBD
Hot Fixes and Other Deployments
- Bug 768169 - New process for serving static content for Persona
ChangeLog
train-2012.07.20:
* Introduction of "static" process which serves views and static resources: #1757 * Update account password recovery flow, no longer do we remove all emails upon password recovery: #1913 * API parameter validation on all API calls: #1526, #2001, #1981, #2042, #2032, #2057, #2121 * 'locale_directory' no longer a neccesary nor allowed configuration parameter * Implement support for proxy IdP (a.k.a. BigTent): #2019, #2060 * Main site i18n - now persona is completely translated: #1862, #2075, #2093 * UI improvements: #1898, #1786, #1920, #1932, #1901, #1885, #1951, #1964, #1967, #1916, #1967, #2007 * KPI improvements: #1827, #1825 * Localization improvments, reduced dependencies and debugging locale works all the time: #1917, #1905, #1970 * Fix regression of fonts on windows: #1856, #1973 * Resource optimization: #1941, #1999 * Links to external sumo pages are language neutral: #1938, #2055 * Unit test fixes and improvements: #1958, #1948, #1783, #1916, #2011, #1986 * Fixes for node 0.8.x (production still on node 0.6.x): #1914 * Code cleanup: #1902, #1989 * Language improvements: #1960, #1167 * Opera 12 fixes: #1844 * Persona logos added to repo: #1974 * Fix error when KPIs are disabled: #1978 * For primary certificate provisioning, fail if the process takes longer than 20s: #1570 * Fix IE8 cookie check: #1982 * Log assertion verification failures: #2016 * Fix slow keyboard key press response on fennec: #2029 * Documentation fixes: #2064 * All resources should include license and links: #1655? * Repair metrics, specifically counting of distinct sign_ins: #2040 * returnTo, siteName, and siteLogo only work with the observer API: #2086 * Fix regressions introduced during development: #2118, #2104, #2088
Travis/CI
BID Automation
See the following site: https://wiki.mozilla.org/Identity/QA#BrowserID_Automation
Versions
- Dev: https://login.dev.anosrep.org/ver.txt
- TBD
- Prod: https://login.persona.org/ver.txt
- TBD
- Stage: https://login.anosrep.org/ver.txt
- TBD
- l10n: https://l10n-preview.diresworb.org/ver.txt
- TBD
Processes
- webheads
- /usr/bin/node bin/browserid
- /usr/bin/node bin/verifier
- /usr/bin/node /opt/browserid/lib/verifier/verifier-compute.js
- /usr/bin/node /opt/browserid/lib/bcrypt-compute.js
- /usr/bin/node bin/router
- /usr/bin/node bin/static
- secure webheads
- /usr/bin/node bin/dbwriter
- /usr/bin/node /opt/browserid/lib/bcrypt-compute.js
- keysigners
- /usr/bin/node bin/keysigner
- /usr/bin/node /opt/browserid/lib/keysigner/keysigner-compute.js
- databases: various mysql processes
- zeus: various zeus processes
Logs
- webheads: /var/log/browserid/
- browserid.log
- verifier.log
- verifier-metrics.json
- verifier-compute.log
- router.log
- static.log
- router-metrics.json
Note: router-metrics.json replaces browserid-metrics.json
- secure webheads: /var/log/browserid/
- dbwriter.log
- keysigners have /var/log/browserid/
- keysigner.log
- keysigner-compute.log
- databases: n/a
- zeus: various logs
Local Install - Unit Tests
- Front-End Unit Tests: TBD
- Back-End/Headless Unit Tests: TBD
Local Install - Load Test
- Set 1 - TBD
- Term1: CREATE_TEST_USERS=2000 BROWSERID_FAKE_VERIFICATION=1 NODE_ENV=test_mysql nohup npm start
- Term2: nohup bin/load_gen -u 1/50 -m 50000 -o -s http://127.0.0.1:10002
Stage: Load Tests
- Set 1: TBD
Sample Bug and Issue
- Basic format:
- Bug XXXXXX - But title
- Link to Bugzilla: https://bugzilla.mozilla.org/
- XXXX: Git Hub issue/title
- Link to GitHub:
- Embedded format:
- bug XXXXXX - Bug title
- [BrowserID issue 1400] : Issue title
New/Updated OPs Tickets and Issues
Bugzilla: https://bugzilla.mozilla.org/
- Bug 775255 - add second intermediate to all GeoTrust (EV and non-EV) SSL certs, update docs
- Bug 773094 - Deploy BigTent to stage with latest code
- Bug 776151 - Stable Mozilla IP(s) for integration testing
- Bug 776396 - Persona/BrowserID Stage: Consider adding log rotation and archiving
- Bug 773094 - bigtent: Deploy BigTent to stage with latest code
- Bug 768169 - New process for serving static content for Persona
- Bug 775255 - add second intermediate to all GeoTrust (EV and non-EV) SSL certs, update docs
- Bug 775712 - Establish firewall openings for new bigtent servers at scl2
- Bug 778022 - rsbac breakage causing http* alerts to fire on web3.idweb.scl2
https://github.com/mozilla/browserid/issues
- 2165: compile-json.sh breaks stage deployment
New/Updated APPs Tickets and Issues
Bugzilla: https://bugzilla.mozilla.org/
- Bug 746231 - KPI Dashboard first Key Performance Indicator
- Bug 773407 - Create KPI Dashboard stage environment
- Bug 778951 - Mozilla Persona page difficult to read
New/Updated Labs Tickets and Issues
Bugzilla: https://bugzilla.mozilla.org/
- TBD
New/Updated Localization Tickets and Issues
Bugzilla: https://bugzilla.mozilla.org/
- TBD
GitHub: https://github.com/mozilla/browserid/issues
- 2136: Train-2012.07.20 l10n issues #2
- 2147: L10n preview is not updating
- 2148: Usability enhancements to the forgot password screen
- 2164: Need a RP that points to l10n-preview.diresworb.org
Resolved/Closed Bugs and Issues
Bugzilla: https:/bugzilla.mozilla.org/
- TBD
GitHub: https://github.com/mozilla/browserid/issues
- 730: Verification email text is incorrect for forgotton passwords.
- 759: email reset / password recovery is not good
- 1167: The new "requires cookies" message needs improvement.
- 1526: code cleanup: validate vs sanitize
- 1629: Reset password flow
- 1655: Tracking: license may be needed on all served production resources.
- 1783: IE8: Unit tests do not complete when slow script warning disabled.
- 1786: Update FavIcon for Persona
- 1825: Emit additional events during authentication of returning users
- 1827: KPI data should acknowledge successful sign-in even after dialog is closed
- 1844: Opera 12 Freezes on Signin
- 1856: windows (xp/win7) - main site font issues
- 1885: win7/opera 11.64 - main site layout issue with split signup button
- 1898: too much button flicker!
- 1899: dev: /wsapi/authenticate_user after account creation verification being called without email.
- 1900: Add a small delay after an xhr request is complete before submit_disabled class is removed from the body.
- 1901: tabindex on authenticate page is out of order with new layout.
- 1902: Clean up jshint warnings in some of the bin processes
- 1905: Dialog displaying wrong translations
- 1914: Node 0.8.x support
- 1915: Update favicon with new glyph
- 1916: front-end tests timing out at /dialog/views/error.ejs
- 1917: why do we need node-gettext?
- 1920: from skinny: slide the arrow off the screen.
- 1921: A way to specify in the shell which front-end tests to run
- 1922: Slide the arrow all the way off the screen.
- 1932: buttons on 'Remember you?' screen could use a little more margin
- 1938: l10n issue - link to 'cookies disabled' message is hard-coded to en-US despite user language
- 1941: dialog: html5shim is not cachified for ie8.
- 1944: Remove the en-US from the cookies-disabled SUMO article.
- 1948: A way to specify what test modules to run from the shell
- 1951: [ie8] visual defects on /about page
- 1856: windows (xp/win7) - main site font issues
- 1958: backend unit tests failing on tests/static_resources.js
- 1959: fix issue GH-1958; add '/production/authenticate_with_primary.js' to items to exclude and reformat the single line array
- 1960: L10n bugs in train-2012.07.06
- 1964: IE: Persona logo at bottom of /about page has border
- 1967: mobile/main site: "Take the tour or sign up" is ugly (left justified)
- 1970: enable debug 'locale' in our dev env
- 1973: cross-origin issues with fonts redux
- 1974: Add Persona sign in buttons to repo
- 1978: javascript error when checking address_info for unknown secondary
- 1979: perform rigorous validation on all API parameters, cleanup redundancy in sanitize.js and validate.js - issue #1526
- 1981: improve validation of origin params to API calls
- 1982: IE8 does not support max-age in cookies, making the cookie check cookie a session cookie.
- 1986: unit test module names need updated to match directory structure
- 1989: helpers.extend is dupe of _.extend
- 1996: Fix cookie check cookie made into a session cookie in IE8
- 1999: dev/staging: /unsupported_dialog not showing the firefox logo
- 2001: wsapi fails with extra parameters are not allowed: email
- 2004: Remove the extra "email" parameter sent to auth_with_assertion.
- 2007: redirect timeout is sometimes first displayed with < 5 seconds.
- 2010: Slow response when typing in the email field on FF mobile
- 2011: dev: if string is not localized, no string is displayed.
- 2015: new regex for matching origins - issue #1981
- 2016: log bad verifier assertions
- 2029: Fix the slow Fennec key press response in the email field.
- 2031: Add a link to the repo and current source in the top level of each served up HTML resource.
- 2032: dev: If user enters < 8 char password, /authenticate_user returns 400 error
- 2040: browserid metrics - referer not passed through
- 2042: new origin validation is too strict
- 2053: Before authenticating, check password length.
- 2055: Link to Mozilla Support from mainpage contains "en-US"
- 2056: Remove en-US from the SUMO link
- 2057: Remove extraneous params in load_gen requests
- 2060: Allow assertions issued by person to be used to authenticate. This makes it possible for "proxy idps" to work without the implementation details leaking out into others verifier implementations.
- 2064: Add instructions on hacking things directly in code/
- 2075: not BrowserID, but Persona
- 2092: move metrics to router: avoids headers not being forwarded and caching
- 2105: Cancel Account says "Are you sure you want to cancel your BrowserID account?"
- 2118: main site - forgot password flow winds up showing /signin page
- 2121: change-password dialog: wrong pw gives confusing error dialog
- 2123: Cancel Account alert mentions BrowserID, not Persona
- 2127: Fix forgot password redirection to /signin
- 2135: Issues 2088 and 2104
- 2104: Verifying email reset in multiple browser exception in /wsapi/complete_reset
- 2088: error when verifying email addition in second browser
- 2129: Issues 2088 2104 address verification
GitHub: https://github.com/mozilla/123done/issues
- TBD
Reopened or Updated
Bugzilla: https://bugzilla.mozilla.org/
- Bug 773877 - Identity server: Browserid-metrics.json with invalid entries
- Bug 773407 - Create KPI Dashboard stage environment
- Bug 746231 - KPI Dashboard first Key Performance Indicator
- Bug 742809 - Security review for new Identity Project BigTent
- Bug 754926 - BigTent tracking - ProxyIdP for Persona
- Bug 772686 - New DNS and SSL certs are ready for BigTent
- Bug 773400 - KPI Dashboard Tracking Bug
- Bug 759452 - Persona passwords are not remembered
GitHub: https://github.com/mozilla/browserid/issues
- 796: Sign-in failure using Google Chrome Frame
- 1702: Password change doesn't require password confirmation
- 1862: Translate the main site
GitHub: https://github.com/mozilla/123done/issues
- TBD
Opened Bugs/Issues For This Week - QA
Bugzilla: https://bugzilla.mozilla.org/
- TBD
GitHub: https://github.com/mozilla/browserid/issues
- 2130: [mainsite] a signedin primary user visits /forgot, ask for new passwords and email sent.
- 2132: 'checking with email provider' permanently shown when cancelling out of forgot password screen
- 2181: add a /robots.txt file
- 2183: [ie8] train-2012.07.20 js exception when signing in
GitHub: https://github.com/mozilla/123done/issues
- TBD
Other Open Bugs and Issues - Dev, Contributers
Bugzilla: https://bugzilla.mozilla.org/
- TBD
GitHub: https://github.com/mozilla/browserid/issues
- 2128: Update "Developer" links to point to our MDN root
- 2129: Issues 2088 2104 address verification
- 2131: Perform CEF logging where indicated by security review
- 2133: upgrade data formats
- 2134: Issue2104 verify email reset multiple browsers
- 2135: Issues 2088 and 2104
- 2137: Sign in button hidden when using lots of emails
- 2138: make x-frame-options configurable
- 2139: Make x_frame_options configurable. Default to DENY.
- 2140: Remove unused requires from bin/ processe
- 2141: Update the "To verify that you own" strings to unify copy and clean up bad grammar.
- 2142: add spellcheck="false" to email fields
- 2143: CSS Sign In buttons
- 2144: lots of emails causes signin button to be hidden
- 2145: Observer API's onlogin leads to an expensive backend call on each page load?
- 2146: Nodejs ephemeral keys
- 2149: Usability updates to the signin and signup pages.
- 2150: Added CEF logging at key points alongside our app logger
- 2151: Log additional verifier assertion errors, where assertion or audience could not be found
- 2152: API for getting extra verified emails from a user
- 2153: Fix typo in primary logging
- 2154: frontend: convert exception throwing to use new Error(msg) or subtypes
- 2155: completeAuthentication should accept a limitedToRPs param
- 2156: Add support for IdP dynamic identifiers
- 2157: Get into preloaded HSTS lists for Firefox and Chrome
- 2158: Pinning the CA for our TLS certs
- 2159: "Need help?" page needs to be refreshed for new name
- 2160: Support for IPv6
- 2161: Issue 2120 combine signin signup pages into /signin
- 2162: Give the Persona window the name __persona_dialog when opening.
- 2163: Fix for users receiving a mustAuth response from the backend even though they set the password in this session.
- 2166: Create a status page
- 2167: always set currentHint to null at startup
- 2168: don't set process.env.SUPPORTS_SIGNALS = false
- 2169: dialog.css transitions obscure sign in with Ubuntu / Firefox 4.0
- 2170: Nitpicking on the browserid.org redirects
- 2171: IE8: exceptions thrown in bidbundle.js
- 2172: Allow long RP names to wrap.
- 2173: Send html versions of emails
- 2174: Add VerificationURL and RelyingParty to verification email headers
- 2175: Enable node-debug mode
- 2176: sites_signed_in and sites_visited KPI renaming
- 2177: KPI renaming
- 2178: If the user hits the /signin or /forgot pages while signed in, redirect them to the "/" page.
- 2179: going from /signin to /forgot via the "is this your address?" link redirects the user back to /signin
- 2180: Fix the email not being saved when the user goes from /signin to /forgot via the "forgot your password?" link.
- 2182: dynamically size domain name inside dialog
- 2184: Pull in BrowserID-Tests
- 2185: Persona passwords are not remembered by Firefox password manager
- 2186: SUMO should have a new section for Persona
- 2187: Persona sign-up page's placeholder input texts same font as regular input
- 2188: Idea: Remind native IdP users to log out of their IdP after authing with us
- 2189: make placeholder text in inputs lighter grey
GitHub: https://github.com/mozilla/123done/issues
- TBD
GitHub: https://github.com/mozilla/browserid-bigtent/issues
- TBD
Notes
- DERAILED
- (lloyd)
- Our last candidate, train-2012.07.06 was derailed and will not make it to production. The previous push dipped into QA time and didn't leave enough for us to safely get this candidate out.
- But a new candidate has been cut, who we'll call train-2012.07.20!
- This is HUGE: https://github.com/mozilla/browserid/blob/train-2012.07.20/ChangeLog#L1-29
- Here's a deployment ticket: https://bugzilla.mozilla.org/show_bug.cgi?id=776304
- Matjaz, a fix for issue 2093 is included in this train, please extract strings at your earliest convenience.
- Developers! The `dev` branch is now open. This is the last development cycle before our beta. A reminder! We are in a code slush. We are focused on product polish, but not major new features, and not major code refactoring and cleanup. We have some exceptions, previously discussed.
- If there are medium features you'd like to land this cycle that you think are important, let's discuss them on list and strive to get a stable beta product out that we're all proud of, and ready to stand firmly behind.