search

freedomofpress / securedrop

GitHub repository for the SecureDrop whistleblower platform. Do not submit tips here!
https://securedrop.org/
Other
3.62k stars 686 forks source link

Release SecureDrop 0.10.0 #3849

Closed redshiftzero closed 6 years ago

redshiftzero commented 6 years ago

This is a tracking issue for the upcoming release of SecureDrop 0.10.0 - tasks may get added or modified.

Feature freeze: October 9, 2018 String freeze: October 16, 2018 Pre-release announcement: October 16, 2018 Release date: October 23, 2018

SecureDrop maintainers and testers: As you QA 0.10.0, please report back your testing results as comments on this ticket. File GitHub issues for any problems found, tag them "QA: Release", and associate them with the 0.10.0 milestone for tracking (or ask a maintainer to do so).

Test debian packages will be posted on https://apt-test.freedom.press signed with the test key. An Ansible playbook testing the upgrade path is here.

Prepare release candidate (0.10.0~rc1)

We merged in two important fixes prior to building debs for rc1 so stopped here

Prepare release candidate (0.10.0~rc2)

Prepare release candidate (0.10.0~rc3)

Prepare release candidate (0.10.0~rc4)

[we will add checklists for rc5 release candidates and later as we proceed through the release process]

Test plan to be posted during business hours Pacific time on Wednesday, October 10th.

QA Matrix for 0.10.0

Test Plan for 0.10.0

After each test, please update the QA matrix and post details for Basic Server Testing, Application Acceptance Testing and 0.10.0-specific testing below in comments to this ticket.

Final release

Post release

zenmonkeykstop commented 6 years ago

Note to self (and others wishing to test upgrade path on HW) - ansible playbook to set instance up to use apt-test. instead of apt. is here: https://gist.github.com/conorsch/e7556624df59b2a0f8b81f7c0c4f9b7d

zenmonkeykstop commented 6 years ago

0.10.0 QA Checklist

For both upgrades and fresh installs, here is a list of functionality that requires testing. You can use this for copy/pasting into your QA report. Feel free to edit this message to update the plan as appropriate.

If you have submitted a QA report already for a 0.10.0 release candidate with successful basic server testing and application acceptance testing sections, then you can skip these sections in subsequent reports, unless otherwise indicated by the Release Manager. This is to ensure that you focus your QA effort on the 0.10.0-specific changes as well as changes since the previous release candidate.

Environment

Basic Server Testing

Command Line User Generation

Administration

Application Acceptance Testing

Source Interface

Landing page base cases
First submission base cases
Returning source base cases

Journalist Interface

Login base cases
Index base cases
Individual source page

Basic Tails Testing

Updater GUI

After updating to this release candidate and running securedrop-admin tailsconfig

0.10.0-specific changes

Preflight

These tests should be performed the day of release prior to live debian packages on apt.freedom.press

Basic testing

Tails

zenmonkeykstop commented 6 years ago

0.10.0 QA Checklist

For both upgrades and fresh installs, here is a list of functionality that requires testing. You can use this for copy/pasting into your QA report. Feel free to edit this message to update the plan as appropriate.

If you have submitted a QA report already for a 0.10.0 release candidate with successful basic server testing and application acceptance testing sections, then you can skip these sections in subsequent reports, unless otherwise indicated by the Release Manager. This is to ensure that you focus your QA effort on the 0.10.0-specific changes as well as changes since the previous release candidate.

Environment

Basic Server Testing

Command Line User Generation

Administration

Application Acceptance Testing

Source Interface

Landing page base cases
First submission base cases
Returning source base cases

Journalist Interface

Login base cases
Index base cases
Individual source page

Basic Tails Testing

Updater GUI

After updating to this release candidate and running securedrop-admin tailsconfig

0.10.0-specific changes

Preflight

These tests should be performed the day of release prior to live debian packages on apt.freedom.press

Basic testing

Tails

emkll commented 6 years ago

0.10.0 QA Checklist (Completed)

Environment

Basic Server Testing

Command Line User Generation

Administration

Application Acceptance Testing

Source Interface

Landing page base cases
First submission base cases
Returning source base cases

Journalist Interface

Login base cases
Index base cases
Individual source page

Basic Tails Testing

Updater GUI

After updating to this release candidate and running securedrop-admin tailsconfig

0.10.0-specific changes

robzim commented 6 years ago

Guys, I’m thinking this is an indication that SecureDrop 0.10 will ship soon. Rob

From: mickael e. [mailto:notifications@github.com] Sent: Wednesday, October 17, 2018 11:49 AM To: freedomofpress/securedrop securedrop@noreply.github.com Cc: Subscribed subscribed@noreply.github.com Subject: [EXTERNAL] Re: [freedomofpress/securedrop] Release SecureDrop 0.10.0 (#3849)

0.10.0 QA Checklist Environment

Basic Server Testing

Command Line User Generation

Administration

Application Acceptance Testing Source Interface Landing page base cases

First submission base cases

Returning source base cases

Journalist Interface Login base cases

Index base cases

Individual source page

Basic Tails Testing Updater GUI

After updating to this release candidate and running securedrop-admin tailsconfig

0.10.0-specific changes

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHubhttps://github.com/freedomofpress/securedrop/issues/3849#issuecomment-430683101, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AKBwx3HZ1J8oIARHc8QaZuo26FLhiC1Dks5ul1F_gaJpZM4XK_dU.

zenmonkeykstop commented 6 years ago

@robzim :crossed_fingers:

zenmonkeykstop commented 6 years ago

0.10.0 QA Checklist

For both upgrades and fresh installs, here is a list of functionality that requires testing. You can use this for copy/pasting into your QA report. Feel free to edit this message to update the plan as appropriate.

If you have submitted a QA report already for a 0.10.0 release candidate with successful basic server testing and application acceptance testing sections, then you can skip these sections in subsequent reports, unless otherwise indicated by the Release Manager. This is to ensure that you focus your QA effort on the 0.10.0-specific changes as well as changes since the previous release candidate.

Environment

Basic Server Testing

Command Line User Generation

Administration

Application Acceptance Testing

Source Interface

Landing page base cases
First submission base cases
Returning source base cases

Journalist Interface

Login base cases
Index base cases
Individual source page

Basic Tails Testing

Updater GUI

After updating to this release candidate and running securedrop-admin tailsconfig

0.10.0-specific changes

Preflight

These tests should be performed the day of release prior to live debian packages on apt.freedom.press

Basic testing

Tails

zenmonkeykstop commented 6 years ago

0.10.0 QA Checklist

For both upgrades and fresh installs, here is a list of functionality that requires testing. You can use this for copy/pasting into your QA report. Feel free to edit this message to update the plan as appropriate.

If you have submitted a QA report already for a 0.10.0 release candidate with successful basic server testing and application acceptance testing sections, then you can skip these sections in subsequent reports, unless otherwise indicated by the Release Manager. This is to ensure that you focus your QA effort on the 0.10.0-specific changes as well as changes since the previous release candidate.

Environment

Basic Server Testing

Command Line User Generation

Administration

Application Acceptance Testing

Source Interface

Landing page base cases
First submission base cases
Returning source base cases

Journalist Interface

Login base cases
Index base cases
Individual source page

Basic Tails Testing

Updater GUI

After updating to this release candidate and running securedrop-admin tailsconfig

0.10.0-specific changes

0.10.0-rc3-specific changes

Preflight

These tests should be performed the day of release prior to live debian packages on apt.freedom.press

Basic testing

Tails

conorsch commented 6 years ago

0.10.0 QA Checklist

Performed a limited upgrade test on two (2) 1U form-factor servers, specifically to confirm upgrade to latest kernel from rolled back kernel (3.14.79-grsec). Testing was a success. Did not perform the general application testing steps, since those are well covered already by the reports above.

Environment

Basic Server Testing

Relevant terminal output

For validating kernel -> downgrade -> upgrade process. Manually activated virtualenv, then ran through a few steps for informative output. Confirming the latest kernels are running on 0.9.1:

(.venv) amnesia@amnesia:~/Persistent/securedrop/install_files/ansible-base$ ansible all -a 'uname -r'
app | SUCCESS | rc=0 >>
4.4.144-grsec

mon | SUCCESS | rc=0 >>
4.4.144-grsec

Display hardware type for each server, to aid debugging if problems arise:

(.venv) amnesia@amnesia:~/Persistent/securedrop/install_files/ansible-base$ ansible all -m setup -a filter=ansible_product_name -b
app | SUCCESS => {
    "ansible_facts": {
        "ansible_product_name": "PowerEdge R620"
    }, 
    "changed": false
}
mon | SUCCESS => {
    "ansible_facts": {
        "ansible_product_name": "ProLiant DL385 G7"
    }, 
    "changed": false
}

Followed the docs and manually rolled back both servers to 3.14.79-grsec. Worked:

(.venv) amnesia@amnesia:~/Persistent/securedrop/install_files/ansible-base$ sleep 300 && ansible all -a 'uname -r'
app | SUCCESS | rc=0 >>
3.14.79-grsec

mon | SUCCESS | rc=0 >>
3.14.79-grsec

Ran QA playbook, cron-apt command, then rebooted via CLI to test the kernel update procedure.

(.venv) amnesia@amnesia:~/Persistent/securedrop/install_files/ansible-base$ ansible all -a 'uname -r'
app | SUCCESS | rc=0 >>
4.4.144-grsec

mon | SUCCESS | rc=0 >>
4.4.144-grsec

Success!

emkll commented 6 years ago

0.10.0-rc4 (Completed)

Environment

Basic Server Testing

Command Line User Generation

Administration

Application Acceptance Testing

Source Interface

Landing page base cases
First submission base cases
Returning source base cases

Journalist Interface

Login base cases
Index base cases
Individual source page

Basic Tails Testing

Updater GUI

After updating to this release candidate and running securedrop-admin tailsconfig

0.10.0-specific changes

0.10.0-rc3-specific changes

0.10.0-rc4-specific changes

zenmonkeykstop commented 6 years ago

0.10.0 QA Checklist

For both upgrades and fresh installs, here is a list of functionality that requires testing. You can use this for copy/pasting into your QA report. Feel free to edit this message to update the plan as appropriate.

If you have submitted a QA report already for a 0.10.0 release candidate with successful basic server testing and application acceptance testing sections, then you can skip these sections in subsequent reports, unless otherwise indicated by the Release Manager. This is to ensure that you focus your QA effort on the 0.10.0-specific changes as well as changes since the previous release candidate.

Environment

Basic Server Testing

Command Line User Generation

Administration

Application Acceptance Testing

Source Interface

Landing page base cases
First submission base cases
Returning source base cases

Journalist Interface

Login base cases
Index base cases
Individual source page

Basic Tails Testing

Updater GUI

After updating to this release candidate and running securedrop-admin tailsconfig

0.10.0-specific changes

0.10.0-rc3-specific changes

0.10.0-rc4-specific changes

These tests should be performed the day of release prior to live debian packages on apt.freedom.press

Basic testing

Tails