Commit Graph

143 Commits

Author SHA1 Message Date
Anders Kaseorg 3a27b12a7d dependencies: Switch to pnpm.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-03-20 15:48:29 -07:00
Anders Kaseorg ec58b6790d install-node: Upgrade Node.js to 18.14.0; manage Yarn with Corepack.
Corepack manages multiple per-project version of Yarn and PNPM, which
means we have to maintain less installation code, and could help us
switch away from Yarn 1 without making the system unusable for
development of other Yarn 1 projects.

https://nodejs.org/api/corepack.html

The Unicode spaces in the timerender test resulted from an ICU
upgrade: https://github.com/nodejs/node/pull/45068.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-02-09 15:50:47 -08:00
Lalit 112df91fbd provision: Do not require that no other yarn precedes us in $PATH.
`check_version` in `install-yarn` had the rather careful check that
the yarn it installed into `/usr/bin/yarn` was the yarn which was
first in the user's `$PATH`.  This caused problems when the user had a
pre-existing `/usr/local/bin/yarn`; however, those problems are
limited to the `install-yarn` script itself, since the nearly all
calls to yarn from Zulip's code already hardcode the `/srv/zulip-yarn`
location, and do not depend on what is in `$PATH`.

Remove the checks in `install-yarn` that depend on the local `$PATH`,
and stop installing our `yarn` into it.  We also adjust the two
callsites which did not specify the full path to `yarn`, so use
`/srv/zulip-yarn`.

Fixes: #23993

Co-authored-by: Alex Vandiver <alexmv@zulip.com>
2023-01-19 17:51:52 -05:00
Anders Kaseorg 872f4b41c1 ci: Check that non-scripts aren’t marked executable.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-12-07 09:54:01 -08:00
Josh Klar 3a0620a40c tools: Reimplement CI failure script without using CircleCI endpoint.
Using curl to POST to the CircleCI workflow endpoint on CZO:

- Doesn't work on zulip/zulip@main (CZO runs a revert)
- Sets a bad example for other orgs
- Robs us of an opportunity to dogfood our own zulip/github-actions-zulip

Refactor the Actions workflows in this repo to report failure states
using the Zulip Action, and reimplement the related helper scripts in
Python, since they'd previously mostly shelled out to Python anyway.
2022-12-05 14:33:15 -05:00
Anders Kaseorg fc9f23a85f scripts: Pass --retry 3 to curl.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-11-08 08:07:36 -08:00
Alex Vandiver 63d2565467 ci: Do not pre-install rabbitmq-server in Docker images.
Before Zulip 4.9, the Zulip install process left any already-installed
rabbitmq with whatever nodename it had previously configured.  Wince
this encodes the name of the host when it was installed, this does not
function well with containers.

Leave rabbitmq-server uninstalled, which lets the Zulip installation
process set the nodename to `localhost`, which ensures that it is
usable across container restarts.
2022-10-25 14:53:32 -04:00
Alex Vandiver b161cba078 ci: Backport two patches to the 3.4 prod install process. 2022-10-25 14:53:32 -04:00
Alex Vandiver 39efe6f312 ci: Remove references to CircleCI, which we no longer use. 2022-07-16 10:43:40 -07:00
Alex Vandiver f8e2d652e1 ci: Test upgrades from the minimum of each major version, not the max. 2022-07-16 10:43:40 -07:00
Anders Kaseorg ef3510fa6d nginx: Remove legacy X-XSS-Protection header.
Support for this header was removed in Chrome 78, Safari 15.4, and
Edge 17.  It was never supported in Firefox.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-06-27 17:38:18 -07:00
Alex Vandiver 41deef40cf nagios: Switch to generic check_cron_file for queues and consumers.
These share a common root; 91da4bd59b duplicated the code, but
didn't move the existing uses to the new utility.
2022-06-22 12:07:38 -07:00
Alex Vandiver 91379fd67e ci: Update upgrade test to 5.3, from 5.2. 2022-06-21 17:40:33 -07:00
Anders Kaseorg 79842fd228 install-shfmt: Upgrade shfmt from 3.4.3 to 3.5.0.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-06-02 12:03:49 -07:00
Alex Vandiver fb338f22d7 ci: Stop rabbitmq when making CI images.
The production CI image starts `rabbitmq-server` but does not stop it,
which leaves a stale `/var/run/rabbitmq/pid` file in the image.

`rabbitmqctl wait --timeout 600 /var/run/rabbitmq/pid`, which is run
after starting the rabbitmq node, reads the PID file and waits for the
PID to be running, and for rabbitmq's port to be responding to pings.

If it reads an old PID file before the new PID is written, it
aborts (all but the first and last lines are output from `rabbitmqctl
wait` that is hidden by `/etc/init.d/rabbitmq-server`):

```
 * Starting RabbitMQ Messaging Server rabbitmq-server
Waiting for pid file '/var/run/rabbitmq/pid' to appear
pid is 341
Waiting for erlang distribution on node 'rabbit@fc8f64d6acdb' while OS process '341' is running
Error:
process_not_running
 * FAILED - check /var/log/rabbitmq/startup_\{log, _err\}
 ```

If it failed, the `production-upgrade` script tried to start
`rabbitmq` again -- despite it already still starting in the
background.  These two attempts conflicted, and often one or both
failed.

Stop `rabbitmq-server` when building the image, which removes the
stale PID file.
2022-05-19 13:30:59 -07:00
Alex Vandiver bf562f8fff ci: Update upgrade test to 5.2, from 5.1. 2022-05-04 11:37:15 -07:00
Tim Abbott cd011b1a94 ci: Verify production servers using /api/v1/server_settings.
The previous commit changed our response for the root domain on a
self-hosted Zulip server containing no realms to be a 404.

This made the HTTP headers verification done here less robust than
would be ideal, in that one could imagine a bug that makes every URL
404 passing that test.

So we instead change the check to verify the /server_settings API,
which doesn't have that problem.
2022-04-28 12:34:59 -07:00
Aman Agrawal 4e08c737ca home: For web public realms, skip login for spectators.
To provide a smoother experience of accessing a web public stream,
we don't ask user to login unless user directly requests a
`/login` URL.

Fixes #21690.
2022-04-28 12:34:29 -07:00
Anders Kaseorg a543dcc8e3 Remove Debian 10 support.
As a consequence:

• Bump minimum supported Python version to 3.8.
• Move Vagrant environment to Ubuntu 20.04, which has Python 3.8.
• Move CI frontend tests to Ubuntu 20.04.
• Move production build test to Ubuntu 20.04.
• Move 3.4 upgrade test to Ubuntu 20.04.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-04-26 16:32:02 -07:00
Alex Vandiver e2a3fe0930 ci: Test upgrades from 3.x, 4.x and 5.x. 2022-04-08 17:10:03 -07:00
Anders Kaseorg e2e645a183 browserslist: Stop transpiling for pre-ES2019 browsers.
Specifically, this desupports:

android 4.4.3-4.4.4
baidu 7.12
ie 11
kaios 2.5
op_mini all

although we’ve already been blocking IE 11 since 3.0 (#14662).

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-03-17 15:24:46 -07:00
Alex Vandiver d150236217 ci: Test upgrades from 4.11. 2022-03-15 16:00:02 -07:00
Alex Vandiver 62f4f3435f ci: Test upgrades from 4.10. 2022-02-25 16:28:33 -08:00
Anders Kaseorg 894a50b5c9 install: Support Ubuntu 22.04.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-02-25 14:49:07 -08:00
Anders Kaseorg b3260bd610 docs: Use Debian and Ubuntu version numbers over development codenames.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-02-23 12:04:24 -08:00
Anders Kaseorg b0ce4f1bce docs: Fix many spelling mistakes.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-02-07 18:51:06 -08:00
Anders Kaseorg a58a71ef43 Remove Ubuntu 18.04 support.
As a consequence:

• Bump minimum supported Python version to 3.7.
• Move Vagrant environment to Debian 10, which has Python 3.7.
• Move CI frontend tests to Debian 10.
• Move production build test to Debian 10.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-01-21 17:26:14 -08:00
Anders Kaseorg d035efd467 ci: Test upgrade-postgresql on Ubuntu 20.04.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-01-21 17:26:14 -08:00
Alex Vandiver 71b56f7c1c puppet: process_fts_updates connects as nagios (or provided username).
It should not use the configured zulip username, but should instead
pull from the login user (likely `nagios`), or an explicit alternate
provided PostgreSQL username.  Failure to do so results in Nagios
failures because the `nagios` login does not have permissions to
authenticated the `zulip` PostgreSQL user.

This requires CI changes, as the install tests install as the `zulip`
login username, which allowed Nagios tests to pass previously; with
the custom database and username, however, they must be passed to
process_fts_updates explicitly when validating the install.
2021-12-14 14:48:53 -08:00
Alex Vandiver 0ae375e0f9 ci: Test upgrades from the latest minor release. 2021-11-25 08:00:34 -08:00
Alex Vandiver 73055255bb ci: Test pgroonga installation. 2021-11-20 07:13:50 -08:00
Alex Vandiver c9ebccdf70 ci: Update outdated comments to generated Dockerfiles.
These were missed in the doc updates in d78723b6e8, which were for
behavior changes in 16067bc4fc.
2021-11-05 15:45:46 -07:00
Anders Kaseorg 9f2ac49fb3 ci: Change github UID from 3434 to 1001.
CircleCI expected 3434; GitHub Actions expects 1001.  This is the
reason zulip-ci.yml currently needs to mess with the permissions in
/__w.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-10-14 13:01:47 -07:00
Alex Vandiver 7d7d727865 tools: Switch to download.zulip.com from www.zulip.org. 2021-08-26 17:21:31 -07:00
Gaurav Pandey dc2066c7e8 ci: Remove unnecessary steps from production upgrade script.
This removes some steps which are no longer necessary to be run
in the production upgrade script. The steps were used due to
errors related to supervisor failing to restart which was resolved
in the commit 08c39a7388.
2021-07-28 08:44:15 -07:00
Anders Kaseorg bcc89c80a2 ci: Remove unused detritus from Docker images.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-07-14 22:45:38 -07:00
Anders Kaseorg db476bdc51 ci: Use apt-get -y in production-upgrade test.
We currently configure ‘APT::Get::Assume-Yes’ in our custom Docker
image, but this is the only place we rely on it (outside of the
Dockerfile itself), and it’s better not to.

Also ‘apt-get remove && apt-get purge’ is the same as just ‘apt-get
purge’.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-07-13 18:57:34 -07:00
Anders Kaseorg 47897c76a2 scripts: Use curl -f (--fail).
This makes curl exit with nonzero status on HTTP 4xx/5xx errors.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-07-13 16:47:49 -07:00
Anders Kaseorg 99533b4aa2 js: Fix, and check for, non-ES5 syntax in webpack bundles.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-07-05 13:32:37 -07:00
Anders Kaseorg 91bfebca7d install: Replace wget with curl.
curl uses Happy Eyeballs to avoid long timeouts on systems with broken
IPv6.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-06-25 09:05:07 -07:00
Anders Kaseorg 16067bc4fc ci: Remove superfluous generate-dockerfiles template system.
Dockerfiles already support variables.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-06-24 15:34:11 -07:00
Anders Kaseorg 3b60b25446 ci: Remove bullseye hack.
base-files 11.1 marked bullseye as Debian 11 in /etc/os-release.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-06-24 14:35:51 -07:00
Anders Kaseorg bf361e9951 ci: Remove uses of VERSION_CODENAME.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-06-24 14:35:51 -07:00
Gaurav Pandey e648ad3477 ci: Add prod upgrade step to prod suite.
This adds a check in the current production suite of
CI that upgrades a previous release of zulip server
with a newer one.

Fixes #18346.
2021-06-21 10:15:24 -07:00
Gaurav Pandey 4ca87d785b ci: Create Zulip server pre-installed docker image template.
These Docker images will be useful for testing the upgrade process
from previous Zulip major releases to master.

Fixes part of #18346.
2021-06-18 13:02:37 -07:00
Tim Abbott 76f73ae787 ci: Remove unnecessary sudo docker.
Generally, we never want to recommend sudo for an operation that can
be done as a non-root user, and it's normal to configure Docker to be
usable by normal users.
2021-06-18 13:02:18 -07:00
Anders Kaseorg 9e5f382241 production-verify: Don’t assume lengths have a decimal point.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-06-09 16:52:46 -07:00
Adam Birds 9aab03654e ci: Update CI to test once with custom db name and user.
Update CI to test once with a custom db name and user so we can test
both scenarios of a custom dbname/user and the default "zulip".
2021-05-25 13:56:05 -07:00
Adam Birds 73b4ac5793 debugging: Print process_fts_updates log in CI. 2021-05-25 13:56:05 -07:00
Alex Vandiver 4f017614c5 nagios: Replace check_fts_update_log with a process_fts_updates flag.
This avoids having to duplicate the connection logic from
process_fts_updates.

Co-authored-by: Adam Birds <adam.birds@adbwebdesigns.co.uk>
2021-05-25 13:56:05 -07:00