Open redshiftzero opened 6 years ago
Hey @kushaldas - I believe you mentioned you were working on this - can you push up your WIP if so?
As is evident with #3426, this is high priority. We should have a test git repo for the logic in ./securedrop-admin check_for_updates
.
Perhaps a slightly simpler approach would be for a potential tester to fork the repo, and add a remote to the local repo, since the logic to fetch the tags will pull tags from all remotes. This will allow to push tags with higher version number (non rc) to test the check_for_updates
logic.
After the 0.9.0 release, a missing cwd
parameter for a subprocess caused a security check to fail when securedrop-admin update
is executed from the graphical updater, which acts largely as a user-friendly wrapper. (See https://github.com/freedomofpress/securedrop/pull/3796.)
As discussed briefly during today's extended standup, we should account for this in our automated testing approach to avoid a repeat episode of this exact problem (this does not absolve us from having to test the graphical updater, but would provide an additional layer of automated sanity checks).
Description
We accidentally introduced a regression in #3327 which was not caught by our automated tests (fortunately it was caught by manual QA). Also, it is difficult to fully test changes like those in #3340 without end-to-end integration tests.
For this reason, it's worth adding integration tests for
securedrop-admin
such that we can catch these kinds of bugs in the future.User Stories
As a SecureDrop developer, I want integration testing of all user-facing applications such that I catch regressions before they go to production.
Child issues
securedrop-admin check_for_updates
(#3459)securedrop-admin update
(#3460)securedrop-admin sdconfig
(#3461)