Commit Graph

3913 Commits

Author SHA1 Message Date
Tim Abbott af5ba9bf36 webpack: Use cacheLoader for JS files.
This seems to save over 50% of the webpack startup time in run-dev.py.
2020-05-03 11:03:04 -07:00
Anders Kaseorg baab041acd lint: Upgrade semgrep from 0.5.0-dev.2 to 0.5.0-dev.4.
The major PROVISION_VERSION bump would not be needed, but it was
missing in commit 5ab62a3514 (#14834),
so I’m doing it here.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-05-02 10:19:40 -07:00
Anders Kaseorg bdc365d0fe logging: Pass format arguments to logging.
https://docs.python.org/3/howto/logging.html#optimization

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-05-02 10:18:02 -07:00
Anders Kaseorg 82f629091a lint: Check docs/THIRDPARTY for format errors.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-05-02 10:10:22 -07:00
Tim Abbott 4f3976b917 process_fts_updates: Clean up logging output.
This saves a couple lines of spammy output in the run-dev.py startup
experience, and will be better output in production as well.
2020-05-01 11:51:20 -07:00
Steve Howell ce55ef6e4f tests: Use streamlined server for api/casper tests.
We now use the `--streamlined` options for `run-dev.py`
when we use `test_server_running` for `test-api` and
`test-js-with-casper` (and its experimental
replacement, `test-js-with-puppeteer`).

This means we don't slow anything down with
processes like thumbor, process_fts_updates, etc.,
which aren't meaningfully exercised by these tests.

We may eventually want some tests to meaningfully
exercise those processes, and when that day comes,
we will need to add an extra argument to
`test_server_running`, probably, but until then,
we just always set `--streamlined` in that codepath.

There is actually a tool called `./tools/test-run-dev`
that we run in CI, and it will use the full mode.
It just doesn't verify much stuff--it mostly polls
the server without testing specific features.

This seems to save about 1s of the startup time on a system I use
(~10.6s -> ~9.7s).
2020-05-01 11:37:09 -07:00
Steve Howell d9f8ec1fe7 run-dev: Add streamlined option.
For basic testing (either manual or automated), we
generally only need the server and tornado running.

Obviously, it's nice to test the complete system,
but if you're on a slow PC, the overhead can be
annoying.

Note that we don't launch any of these processes
in `--streamlined` mode:

    process_queue
    process_fts_updates
    deliver_scheduled_messages
    thumbor

And then by not launching process_queue, we avoid
several child processes.

Basic functionality like sending messages will
still work here.

The streamlined mode may be helpful in debugging
our generally slow server startup time.  Obviously,
some of the problem with startup is the auxiliary
processes here, but removing them as a variable
could help us focus on getting the core stuff fast.

Note that we still have the webpack watcher running
in streamlined mode.

For the particular case of thumbor, note that we
modify the proxy server to explicitly print and
return an error if we get a `/thumbor/*` request.
2020-05-01 11:36:43 -07:00
Steve Howell 28a2b90b04 run-dev: Extract server_processes().
We clean up the code related to launching
processes here.

We extract:

    server_processes

We also extract these helper for webpack
stuff:

    do_one_time_webpack_compile
    start_webpack_watcher

And then we move the code to actually launch
them lexically within the file (so as not to
be obscured by various function definitions).
2020-05-01 11:36:43 -07:00
Steve Howell 9cdc9cbca6 run-dev: Display ports more nicely.
Here is the new output for displaying ports:

    Zulip services will listen on ports:
       9991: web proxy
       9992: Django
       9993: Tornado
       9994: webpack
       9995: Thumbor

    Note to Vagrant users: Only the proxy port (9991) is exposed.

I tone down the yellow for the Vagrant warning, and I show
the web proxy in cyan to emphasize it.

I also extracted the code into a function, and I don't call
that function until after `app.listen()`.  (The users probably
won't notice much difference in the timing of this message, but
the message won't show if the `listen` step fails for some
reason, which I think is what we want here.)
2020-05-01 11:36:43 -07:00
Aman Agrawal 9089fd5b08 semgrep: Remove unrequired file exclude.
This file doen't contain any matching pattern which violates the
rule.
2020-05-01 11:08:47 -07:00
Aman Agrawal af0c267cd4 semgrep: Move migrations import check lint rule to semgrep.
We change how a few imports in migrations are done to be easier to
lint and more consitsent with our typical import style.
2020-05-01 11:07:53 -07:00
Aman Agrawal 8e29c88beb semgrep: Add rule to enforce no use of stream.objects.filter. 2020-05-01 11:01:14 -07:00
Aman Agrawal 06c831f146 semgrep: Reformat and correct doc link. 2020-05-01 11:01:14 -07:00
Aman Agrawal 5ab62a3514 sgrep/semgrep: Updgrade and rename sgrep to semgrep.
With its new upgrade, sgrep has been renamed to semgrep.

Rename sgrep.yml to semgrep.yml
2020-05-01 11:01:14 -07:00
Steve Howell ea52bc987d run-dev: Clean up argument parsing code.
We remove the import-tools code that was plunked
right into the middle of our command line
arguments.

Then we add a local var called `DESCRIPTION` to
fix some ugly code formatting, and we stop with the
unnecessary `r` prefix to the multi-line string.
2020-05-01 10:40:34 -07:00
Anders Kaseorg a552c2e5f9 auth: Use the clipboard instead of zulip:// for desktop auth flow.
This does not rely on the desktop app being able to register for the
zulip:// scheme (which is problematic with, for example, the AppImage
format).

It also is a better interface for managing changes to the system,
since the implementation exists almost entirely in the server/webapp
project.

This provides a smoother user experience, where the user doesn't need
to do the paste step, when combined with
https://github.com/zulip/zulip-desktop/pull/943.

Fixes #13613.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-04-30 16:45:00 -07:00
Aman Agrawal 5fa1dbf5b3 test_fixtures: Add DB function to write database digest.
This will give help up write new digest only if the db rebuild
succeeds. We were relying on the caller to
be successful in building db, this was hacky and unreliable.

We write new db digest once the caller succeeds, this ensures
that we write new digest after every successful attempt.

This fixes the anomality we were facing that Databases were rebuild
on the 2nd provision attempt with no changes to files or migrations.
This was happening because we didn't write a new digest for db
after the first provision (The case of DB didn't exist).

During the 1st provision, we check the template_status() of
Database both Dev and Test, but database_exists() of Databases
obviously returned false, and we rebuild the database,
but forgot to write_new_digest and hence the anomaly in the
second provision explained above.
2020-04-30 10:46:53 -07:00
Steve Howell adc0ed4206 provision: Avoid shelling out to clean caches.
Yes, it's slightly janky to create an
argparse.Namespace object like this, but it
saves us from shelling out to a script whose
only real value-add is parsing a single
`threshold_days` argument.

This saves about 130ms for a no-op provision.
2020-04-30 17:19:13 +00:00
Tim Abbott 34cd0d3530 provision: Avoid including all of dev-secrets.conf in digests.
This allows us to edit unrelated secrets without forcing a
reinitialization of RabbitMQ.
2020-04-29 22:53:49 -07:00
Steve Howell aff58ed9d9 db tools: Simplify args for postgres-init-dev-db.
We now just have two modes for setting up a dev/test
database.  This makes it easy to see these things
side-by-side, when you're trying to understand how
the two different databases get built:

    # dev:
        USERNAME=zulip
        DBNAME=zulip
        STATUS_FILE_NAME=migration_status_dev

    # test:
        USERNAME=zulip_test
        DBNAME=zulip_test
        STATUS_FILE_NAME=migration_status_test

And then we make it more explicit the things that
are common between dev and test (which are
important things to understand when troubleshooting
provision-related glitches):

    SEARCH_PATH=zulip,public
    PASSWORD=$("$(dirname "$0")/../../scripts/get-django-setting" LOCAL_DATABASE_PASSWORD)
    DBNAME_BASE=${DBNAME}_base

We lose some "generality" here, but passing in arbitrary
combinations of username/dbname/status_file to the script
would cause chaos for our digest checks, and all the different
template/base databases could cause confusion too.
2020-04-29 12:30:49 -07:00
Aman Agrawal 3442182d7b ci: Use absolute path to zulip folder.
Strangely focal resolves `~/zulip` as `/root/zulip`, this makes
sure we are in the correct folder.
2020-04-29 10:54:53 -07:00
Steve Howell cf3abcedfd provision: Run configure_rabbitmq on clean checkouts.
We now just automatically run configure_rabbitmq any
time there's a clean checkout, or if an important
file has changed.

This allows us to bypass the step to import
SimpleQueueClient in certain places and reduce
some log spam.

See https://chat.zulip.org/#narrow/stream/3-backend/topic/new.20base.20dev.20droplet/near/864672
2020-04-29 13:18:54 -04:00
Steve Howell cf78cb0d6e templates: Use `<hr>` and `<br>` consistently.
We now prevent these variations:

    * <hr/>
    * <hr />
    * <br/>
    * <br />

We could enforce similar consistency for other void
tags, if we wished, but these two are particularly
prevalent.
2020-04-28 17:05:48 -07:00
Puneeth Chaganti 80e432b466 tools: Move screenshot captured message to Python. 2020-04-28 13:00:09 -07:00
Puneeth Chaganti 88c297dffe tools: Allow specifying more options when capturing screenshot.
The name and directory into which the screenshot should be captured can be
specified now, apart from specifying the fixture file to use.
2020-04-28 13:00:09 -07:00
Puneeth Chaganti 4e5c30e7fd tools: Pass image path as an argument to the screenshot tool.
Instead of figuring out the image path from the integration name in the
puppeteer script, we do it in the `generate-integration-docs-screenshot`
script and pass it as an argument to `message-screenshot.js`.
2020-04-28 13:00:09 -07:00
Puneeth Chaganti 39bea656f7 generate-integration-docs-screenshot: Remove call to sys.exit.
Preparatory refactor to allow calling the function in a loop, to generate
screenshots for all integrations.
2020-04-28 13:00:09 -07:00
Puneeth Chaganti ac7d8ce4b3 generate-integration-docs-screenshot: Notify on webhook's stream.
Use the stream specified by `stream_name` on the WebhookIntegration, instead
of using a common stream to send messages.
2020-04-28 13:00:09 -07:00
Tim Abbott 28cb0aa81a docs: Use consistent spelling of CircleCI. 2020-04-28 11:26:58 -07:00
arpit551 7f769512aa travis: Remove Travis unwanted code.
Since in travis we don't have root access so we used to add different
srv path. As now we shifted our production suites to Circle CI
we don't need that code so removed it.

Also we used a hacky code in commit-lint-message for travis which is
now of no use.
2020-04-28 11:11:23 -07:00
Aman Agrawal 1324e7798c ci: Directly run production install script. 2020-04-28 11:11:00 -07:00
Aman Agrawal b5e31c04c9 ci: Rename production install script. 2020-04-28 11:11:00 -07:00
Aman Agrawal 70f7d04bf1 ci: Rename production builder script file. 2020-04-28 11:11:00 -07:00
Tim Abbott 1094589f79 test-all: Print a colorful notice on startup discouraging use.
The test-all tool is useful if you want to be really sure everything
passes, but it's almost always better to run a smaller subsuite when
doing active development, and just run test-all (or CI) at the end.

Our docs already covered this issue well, but this presents the idea
in a place one is definitely looking at when running test-all.
2020-04-27 16:35:29 -07:00
Rohitt Vashishtha 087b54aa45 markdown: Keep only 'text' for a no-op pygments rendering.
Previously, we added support for 'none', 'plain' and 'noop' and a
function `lang = remap_language(lang)`. This also had the potential
to encourage adding more remappings- something that we deliberatly
want to keep to a minimum.

For context, Anders K doesn't want us to keep any remapping (only
keeping 'text' which is the default no-op lexer that pygments has)
and Tim wants to keep 'plain' and 'text'. We should only document
and advertise 'text'.
2020-04-27 10:40:29 -07:00
Abhishek-Balaji 2ff1527be8 models: Switch from NullBooleanField to BooleanField.
In Django 2.1, the preferred way to express a nullable BooleanField
changed from NullBooleanField to passing null=True to BooleanField.

This updates our codebase to use the preferred API.  Tweaked by
tabbott to update the linter rules.

The migration is a noop for Django accounting only.

Part of #11341.
2020-04-26 22:13:28 -07:00
Aman Agrawal cf14cc211f ci: Separate prod tarball extraction and install process.
This allows to run scripts between extraction and install
process.

It will be used to restore npm caches for production install jobs.

We extract the tarball in the working directory so that yarn.lock and
package.json are available to restore cache.

(And also so the path is deterministic).
2020-04-25 16:10:41 -07:00
Aman Agrawal 0aa18e88a5 ci: Stop cloning repo as it is not required for prod install.
Move prod installer and test files to persistent dir so that
they can be utilized.
2020-04-25 16:07:55 -07:00
Tim Abbott 5e24d26f45 webpack: Remove useless print statement.
In I think every place we run this, you'll already be able to see
`tools/webpack` in the `set -x` style output anyway.
2020-04-25 15:39:22 -07:00
Tim Abbott 5187d5032c update-prod-static: Remove unused authors-not-required.
This argument hasn't done anything since we moved constructing the
/team page to a cron job.
2020-04-25 15:39:03 -07:00
Tim Abbott 7e0eeb20a3 update-prod-static: Stop hiding output in update-prod-static.log.
Now that we've cleaned up this tool's output, there's no reason to use
an awkward mechanism to hide its output; we can just print it out like
a normal program.

Fixes #14644; resolves #14701.
2020-04-25 15:39:03 -07:00
Tim Abbott c880886cc3 update-prod-static: Reduce verbosity of logging.
Previously, update-prod-static would produce thousands of lines of
basically useless output in `var/log/update-prod-static.log`.
2020-04-25 15:39:03 -07:00
Steve Howell b29c44ed94 list_render test: Test replace_list_data.
This gets us to 100% line coverage for
list_render, so we remove its exemption.
2020-04-24 18:24:12 -04:00
Steve Howell 951514dd7d check-templates: Be stricter about singleton tags.
We now forbid tags of the form `<foo ... />` in most
places, and we also forbid it even for several void
tags.

We make exceptions for tags that are already formatted
in two different ways in our codebase.  This is mostly
svg tags, plus these common cases:

    - br
    - hr
    - img
    - input

It would be nice to lock down a convention for these,
even though the HTML specification is unopinionated
on these.  We'll probably want to stay flexible for
svg tags, since they are sometimes copy/pasted from
other sources (although it's probably rare enough for
them that we can tolerate just doing minor edits as
needed).
2020-04-24 20:25:55 +00:00
Steve Howell 28f2a6950e check_templates: Parse '<foo/>' tags better.
If folks put something like '<br/>' in the HTML,
we would think the tag's name was "br/" instead
of "br".  I think we were assuming most folks
would write either "<br>" or <br />".

ASIDE:

We should probably have a consistent
preference among these styles:

    * <br>
    * <br/>
    * <br />

I prefer the first.
2020-04-24 20:25:55 +00:00
Steve Howell ca7c79c93e check-templates: Show filename for tokenize errors. 2020-04-24 20:25:54 +00:00
Anders Kaseorg 5e01a0ae8b zulip-ec2-configure-interfaces: Convert function type annotations.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-24 13:06:54 -07:00
Anders Kaseorg f8339f019d python: Convert assignment type annotations to Python 3.6 style.
Commit split by tabbott; this has changes to scripts/, tools/, and
puppet/.

scripts/lib/hash_reqs.py, scripts/lib/setup_venv.py,
scripts/lib/zulip_tools.py, and tools/lib/provision.py are excluded so
tools/provision still gives the right error message on Ubuntu 16.04
with Python 3.5.

Generated by com2ann, with whitespace fixes and various manual fixes
for runtime issues:

-shebang_rules: List[Rule] = [
+shebang_rules: List["Rule"] = [

-trailing_whitespace_rule: Rule = {
+trailing_whitespace_rule: "Rule" = {

-whitespace_rules: List[Rule] = [
+whitespace_rules: List["Rule"] = [

-comma_whitespace_rule: List[Rule] = [
+comma_whitespace_rule: List["Rule"] = [

-prose_style_rules: List[Rule] = [
+prose_style_rules: List["Rule"] = [

-html_rules: List[Rule] = whitespace_rules + prose_style_rules + [
+html_rules: List["Rule"] = whitespace_rules + prose_style_rules + [

-    target_port: int = None
+    target_port: int

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-24 13:06:54 -07:00
Aman Agrawal 0e544ec40b ci: Add job to run production script to tests production install.
Only restore npm cache, venv cache not required.
Restart rabbitmq-server for production install.
2020-04-24 12:40:31 -07:00
Aman Agrawal 7c99555107 ci: Copy https headers to persistent dir for comparison. 2020-04-24 12:40:31 -07:00
Aman Agrawal b7c50034b8 ci: Remove unnecessary setup-production steps.
This steps won't be used since production install will run in
a separate job.
2020-04-24 12:40:26 -07:00
Aman Agrawal 1a096a9a10 ci: Move built production tarball to /tmp/ directory.
This directory will persist across build jobs.
2020-04-24 12:40:20 -07:00
Pranav 93b09d44d6 ci: Add test to check for untracked files.
Runs a test at the end of tools/ci/backend to check if any untracked
files have been created during this ci tests. Exits with error code 1
if untracked files are found, otherwise exits successfully.

Fixes #14691.
2020-04-24 12:35:47 -07:00
Steve Howell e47e1cd648 droplet settings: Fix hostname-related settings.
We recently changed our droplet setup such that their
host names no longer include zulipdev.org.  This caused
a few things to break.

The particular symptom that this commit fixes is that
we were trying to server static assets from
showell:9991 instead of showell.zulipdev.org:9991,
which meant that you couldn't use the app locally.
(The server would start, but the site's pretty unusable
without static assets.)

Now we rely 100% on `dev_settings.py` to set
`EXTERNAL_HOST` for any droplet users who don't set
that var in their own environment.  That allows us to
remove some essentially duplicate code in `run-dev.py`.

We also set `IS_DEV_DROPLET` explicitly, so that other
code doesn't have to make inferences or duplicate
logic to detemine whether we're a droplet or not.

And then in `settings.py` we use `IS_DEV_DROPLET` to
know that we can use a prod-like method of calculating
`STATIC_URL`, instead of hard coding `localhost`.

We may want to iterate on this further--this was
sort of a quick fix to get droplets functional again.
It's possible we can re-configure droplets to have
folks get reasonable `EXTERNAL_HOST` settings in their
bash profiles, or something like that, although that
may have its own tradeoffs.
2020-04-24 12:33:27 -07:00
Steve Howell cc1c517264 node tests: Report coverage url correctly.
This small patch accounts for our new
droplets dropping "zulipdev.org" from
the host name.
2020-04-24 10:50:08 -04:00
Rohitt Vashishtha fe5a1eeaeb settings: Extract settings_list_widget.js.
We still have a dependency on settings_org in settings_list_widget that
we should try to remove.
2020-04-22 17:57:16 -07:00
Puneeth Chaganti d5f5a99b07 tools: Verify that all integrations have bot avatars. 2020-04-22 17:45:30 -07:00
Puneeth Chaganti 18ae06404b tools: Use pre-generated avatar images for documentation bots.
Avatar images for bots used by the tool to generate integration
documentation screenshots are pre-generated and committed to the repository.
The `generate-integration-docs-screenshot` tool now uses these images,
instead of trying to create these avatar images on the fly.

Also, deleted the unused `create_png_from_svg` function.
2020-04-22 17:45:30 -07:00
Puneeth Chaganti 87648596ee integrations: Add script to create bot avatars for integrations.
These avatars can be directly used by bots used for documenting these
integrations. In future, these could be used by bots created from a web UI.
2020-04-22 17:45:30 -07:00
Puneeth Chaganti e97c39c587 tools: Extract png generation code to separate module. 2020-04-22 17:45:30 -07:00
Anders Kaseorg bfb314ff3a lint: Remove exclusions for Python 2 style type comments.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-22 16:16:08 -07:00
arpit551 aabad1c0bb test: run test-locked-requirements only for Bionic.
Currently our compiled requirements files will differ for different
python versions. So we will run test-locked-requirements only for Bionic.
2020-04-22 16:10:59 -07:00
Anders Kaseorg 6983491a0f install-{sgrep,shellcheck}: Check that we detect the version correctly.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-22 15:05:17 -07:00
Anders Kaseorg f8c95cda51 mypy: Add specific codes to type: ignore annotations.
https://mypy.readthedocs.io/en/stable/error_codes.html

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-22 10:46:33 -07:00
Aman Agrawal 0f4b1076ad scripts: Remove Xenial and Stretch support from installation scripts.
Note that we leave support for them in `setup-apt-repo` and puppet,
since we're still supporting systems using Xenial for non-appserver
puppet rules.
2020-04-22 10:00:38 -07:00
Aman Agrawal 8944e0ad53 provision: Drop Xenial and stretch support. 2020-04-22 09:58:39 -07:00
Steve Howell 29ac0f36a9 rebuild-test-database: Clean up helper functions.
We now have helpers for the two places where
we create databases.

There was already one helper in place, and
I gave it a more concrete name, to match
its actual database name in postgres.
2020-04-22 09:24:42 -07:00
Steve Howell 8c2f8c8bcc db tools: Refactor generate-fixtures/rebuild-test-database.
So `generate-fixtures` only ever did 9 lines of code (really
3 lines of actual code) in its normal mode of operation.

But it was cluttered with lots of stuff that really only
happened when you called it with the `-force` option, which
was only invoked by `rebuild-test-database`.

Now we inline most of the code into `rebuild-test-database`.

And now `generate-fixtures` is simple (and doesn't support
a `-force` flag.
2020-04-22 09:24:42 -07:00
Steve Howell 239474124e test-backend: Remove generate_fixtures option.
We remove the `generate_fixtures` option here mostly
for simplicity, but in particular to facilitate
an upcoming commit to simplify the job of
`generate-fixtures` (and remove its `--force` option).

The command line option here for `test-backend`
was really calling `generate_fixtures --force`,
which we're about to rename `tools/rebuild-test-database`.

The `test-backend` tools is already smart about catching
up on migrations, so we generally don't need to tell it
to repair the database.

And if the database does get corrupt, you can just do
it directly with `tools/rebuild-test-database`.

This eliminates the `use_force` flag in
`update_test_databases_if_required`, which was easy
to confuse with `rebuild_test_database`.

The other caller wasn't using `use_force`.
2020-04-22 09:24:42 -07:00
Steve Howell 54151bb548 db tools: Rename do-destroy-*database.
The new tools now have more concise, more parallel names:

    - rebuild-dev-database
    - rebuild-test-database

The actual implementations are still pretty different:

rebuild-dev-database:
    mostly delegates to 5 management scripts

rebuild-test-database:
    is a very thin wrapper for generate-fixtures

We'll try to clean that up a bit soon.
2020-04-22 09:24:42 -07:00
Tim Abbott b5f2ba5566 tools: Move test-emoji-name-scripts into subdirectory. 2020-04-21 16:19:45 -07:00
Steve Howell 837369d339 tools: Remove js-dep-visualizer.
This tool was part of a very ad hoc investigation
during 2017 into our JS dep dependencies.

It's very out of date, and it has a non-trivial
maintenance cost, as these type of tools seem
to come up in every code sweep.
2020-04-21 16:18:29 -07:00
Anders Kaseorg 9620611ec9 check-openapi: Restore functionality after OpenAPI definitions moved.
Commit 35577a1f66 (#9406) moved the
OpenAPI definitions to zerver/openapi, and this script was not
updated, so it has been validating nothing for two years.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-21 16:11:56 -07:00
Anders Kaseorg 7bbbc46aad check-openapi: Remove check_duplicate_operation_ids.
This is handled by swagger-parser now.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-21 16:11:56 -07:00
arpit551 56a5beddc0 ci: Fixed errors related to running services in ci production build.
Restart postgres service if provision is called in production test suite.
This is required because terminate-psql-sessions script (used
in tools/ci/setup-production) throws error if postgres service is not running.

Restart rabbitmq service if provision is called in production test suite.
This is done to start the node as Circle CI don't start services on installation.

Removed memcached restart as flush-memcached script (which is furthur
used in tools/ci/production) throws UNKNOWN READ FAILURE if memcached is restarted
in development.
2020-04-21 14:46:40 -07:00
arpit551 e6edf469ee ci: Remove the need of using TRAVIS in env.
Since now we want to use production suites on Circle CI so there
is no need to set TRAVIS in env while running scripts.

CIRCLECI is set default in the enviroment of Circle CI builds
so we can use it directly.

Also Travis CI had rabbitmq-server installed so we had to add workaround
in install script to avoid the error. That workaround is removed.
2020-04-21 14:46:40 -07:00
arpit551 4946405e3a ci: Change production setup in ci according to bionic and Circle CI.
Used postgres 10 inplace of postgres 9.5 as it is used in Bionic.

Upgraded nginx version in success-http-headers which is in CircleCI
Bionic enviroment.
2020-04-21 14:46:40 -07:00
arpit551 dee8de3b88 ci: Replaced travis with test suite while setting production setup on ci. 2020-04-21 14:46:40 -07:00
arpit551 80af201ef9 ci: Removed hacky code required for travis CI.
Removed hacky code required for travis CI in production-helper
and setup production.
2020-04-21 14:46:40 -07:00
Steve Howell 900fe02471 tools: Remove replacer.
This seems to be a complicated wrapper around `sed`.
It's not used anywhere or documented anywhere.  I
assume it was used in some code sweep or something.

See cec45b0ae5
2020-04-21 14:12:57 -07:00
Steve Howell 735f098ff5 tools: Remove get-handlebars-vars.
I built this in 2013 to help me quickly build
some sample data for our very early node tests,
I believe.

Ever since then it's just been changed for various
code sweeps.  Also, if we wanted to resurrect this
idea for some reason, we now have the template
parser that was written since then.
2020-04-21 14:12:57 -07:00
Steve Howell 3dd1a9211c tools: Remove html-grep.
I built this in August 2016, but I haven't used it
since, and all the more recent commits are just for
things like mypy sweeps.
2020-04-21 14:12:57 -07:00
Steve Howell 5bf43b77df tools: Remove django-template-graph.
This tool was last modified in 2016, has no
documentation, and requires `dot` to run, so
I think we can remove it to reduce some clutter
in the tools directory.
2020-04-21 14:12:57 -07:00
Steve Howell 2488438d90 tools: Convert fix-unused-css to look at zulip.scss.
This tool is hackish and incomplete, but it's still
worth looking at if somebody wants to hunt down
obsolete CSS.  There are probably better ways to
tackle this problem, so we should eventually just
remove this tool, but it's pretty low maintenance.

Current output looks like this:

    $ ./tools/find-unused-css
    actions_hovered
    actions_link
    bookend_tr
    btn-skip
    company-name
    flatpickr-months
    label_for_text
    loading_more_messages_indicator_box
    loading_more_messages_indicator_box_container
    logoimage
    messages-collapse
    messages-expand
    numInputWrapper
    page_loading_indicator_box
    page_loading_indicator_box_container
    skinny-user-gravatar
    sp-input
    summary_colorblock
    summary_row
    summary_row_private_message
    tutorial-done-button
2020-04-21 14:12:57 -07:00
Vishnu KS 87fdef2472 team: Don't remove duplicate commits inside the retry loop.
Else for each retry the duplicate commits would be removed
again and again from the contributor's zulip/zulip commits.
This is a bug in the original commit
6bed6ccdcf that added the
functionality to remove duplicate commits.
2020-04-21 13:41:10 -07:00
Puneeth Chaganti 7a5033852d provision: Add dependencies for Chromium used by latest puppeteer.
a51902a870 upgraded the puppeteer version to
3.0.0, which upgraded the Chromium version being used[1]. This version of
Chromium requires a couple of extra libraries to be installed.

[1]: https://github.com/puppeteer/puppeteer/releases/tag/v3.0.0
2020-04-20 23:25:45 -07:00
Steve Howell 51f74a7fd8 provision: Manage digests more rigorously.
We now have two functions related to digests
for processes:

    is_digest_obsolete
    write_digest_file

In most cases we now **wait** to write the
digest file until after we've successfully
run a process with its new inputs.

In one place, for database migrations, we
continue to write the digest optimistically.
We'll want to fix this, but it requires a
little more code cleanup.

Here is the typical sequence of events:

    NEVER RUN -
        is_digest_obsolete returns True
        quickly (we don't compute a hash)

        write_digest_file does a write (duh)

    AFTER NO CHANGES -
        is_digest_obsolete returns False
        after reading one file for old
        hash and multiple files to compute
        hash

        most callers skip write_digest_file

        (no files are changed)

    AFTER SOME CHANGES -
        is_digest_obsolete returns False
        after doing full checks

        most callers call write_digest_file
        *after* running a process
2020-04-20 15:06:47 -07:00
Steve Howell 2bd836bc4c provision: Promote pygments import to module scope.
There's no real reason to do the lazy import any
more, as we use this unconditionally inside `main`
(indirectly), and `provision_inner` runs after we
have set up the venv.
2020-04-20 15:06:47 -07:00
Steve Howell e66bd6a7a4 provision: Put hash_name argument first (minor). 2020-04-20 15:06:47 -07:00
Steve Howell ca49f38619 provision: Extract helpers for paths to hash.
I make these all functions for consistency,
and in particular I want to continue to avoid
`glob.glob` calls until we are actually
computing hashes.

This is mostly a prep to allow us to do
hashing in two separate places:

    - check hashes
    - update hashes

We would only update hashes **after** running
processes anew.

For `provision_inner` I considered using a
class to put the three path-related helpers
into a mini namespace, but it felt too heavy.

It wouldn't be completely implausible here
to extract something like a JSON config
file that has a list of globs for each
process that we do path-hashing for, but I
want to clean up other stuff first.
2020-04-20 15:06:47 -07:00
Steve Howell 4822f8d7d6 refactor: Add Database.template_status.
This is mostly a pure code move from
template_database_status().
2020-04-20 15:06:47 -07:00
Steve Howell 0ea4f727d4 refactor: Change params to template_database_status(). 2020-04-20 15:06:47 -07:00
Steve Howell 5c5d85cf19 test databases: Add Database.run_db_migrations().
We can reduce some code duplication by having this
on the class.
2020-04-20 15:06:47 -07:00
Puneeth Chaganti e55d967f6e generate_zulip_bots_static_files: Lazy import cairosvg.
Importing cairosvg in fails in production, because `libgtk-3-dev` is not
available. This commit moves the import for `cairosvg` into the function
where it is used. This code will soon be moved into a separate script that
will not be run on production.
2020-04-20 09:14:08 -07:00
Anders Kaseorg 438a545477 gitlint-rules: Fix bogus type annotations.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-19 13:36:58 -07:00
Aman Agrawal b13beb5ea8 circleci: Remove Xenial build as we are deprecating Xenial.
Docs updated to reflect the change.
2020-04-19 11:38:49 -07:00
Anders Kaseorg 5901e7ba7e python: Convert function type annotations to Python 3 style.
Generated by com2ann (slightly patched to avoid also converting
assignment type annotations, which require Python 3.6), followed by
some manual whitespace adjustment, and six fixes for runtime issues:

-    def __init__(self, token: Token, parent: Optional[Node]) -> None:
+    def __init__(self, token: Token, parent: "Optional[Node]") -> None:

-def main(options: argparse.Namespace) -> NoReturn:
+def main(options: argparse.Namespace) -> "NoReturn":

-def fetch_request(url: str, callback: Any, **kwargs: Any) -> Generator[Callable[..., Any], Any, None]:
+def fetch_request(url: str, callback: Any, **kwargs: Any) -> "Generator[Callable[..., Any], Any, None]":

-def assert_server_running(server: subprocess.Popen[bytes], log_file: Optional[str]) -> None:
+def assert_server_running(server: "subprocess.Popen[bytes]", log_file: Optional[str]) -> None:

-def server_is_up(server: subprocess.Popen[bytes], log_file: Optional[str]) -> bool:
+def server_is_up(server: "subprocess.Popen[bytes]", log_file: Optional[str]) -> bool:

-    method_kwarg_pairs: List[FuncKwargPair],
+    method_kwarg_pairs: "List[FuncKwargPair]",

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-18 20:42:48 -07:00
Anders Kaseorg d3c55c166e requirements: Upgrade mypy from 0.761 to 0.770.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-18 13:09:51 -07:00
Anders Kaseorg 21c2a4cc42 update-locked-requirements: Generate prod locks from dev locks.
This guarantees that we don’t accidentally upgrade one without the
other, which could happen for example due to different third-party
version constraints between the two.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-18 13:09:51 -07:00
Steve Howell 7eb6d32d59 provision: Let build_emoji build its own cache.
We no longer need to maintain duplicate code
related to where we set up the emoji
cache directory.

And we no longer need two extra steps for
people doing advanced (i.e. manual) setup.

There was no clear benefit to having provision
build the cache directory for `build_emoji`,
when it was easy to make `build_emoji` more
self-sufficient.  The `build_emoji` tool
was already importing the library that has
`run_as_root`, and it was already responsible
for 99% of the create-directory kind of tasks.

(We always call `build_emoji` unconditionally from
`provision`, so there's no rationale in terms
of avoiding startup time or something.)

ASIDE:

Its not completely clear to me why we need
to put this directory in "/srv", instead of
somewhere more local (like we already do for
Travis), but maybe it's just to be like
its siblings in "/srv":

    node_modules
    yarn.lock
    zulip-emoji-cache
    zulip-npm-cache
    zulip-py3-venv
    zulip-thumbor-venv
    zulip-venv-cache
    zulip-yarn

I guess the caches that we keep in var are
dev-only, although I think some of what's under
`zulip-emoji-cache` is also dev-only in nature?

    ./var/webpack-cache
    ./var/mypy-cache

In `docs/subsystems/emoji.md` we say this:

```
The `build_emoji` tool generates the set of files under
`static/generated/emoji` (or really, it generates the
`/srv/zulip-emoji-cache/<sha1>/emoji` tree, and
`static/generated/emoji` is a symlink to that tree;we do this in
order to cache old versions to make provisioning and production
deployments super fast in the common case that we haven't changed the
emoji tooling). [...]
```

I don't really understand that rationale for the development
case, since `static/generated` is as much ignored by `git` as
'/srv' is, without the complications of needing `sudo` to create it.

And in production, I'm not sure how much time we're really saving,
as it takes me about 1.4s to fully rebuild the cache in dev, not to
mention we're taking on upgrade risk by sharing files between versions.
2020-04-17 09:53:26 -07:00
Steve Howell bf3decfd0c build_emoji: Inline get_success_stamp.
So, `source_emoji_dump` is not the greatest variable
name, but at least we now define it relative to its
parent instead of the `.success-stamp` file.  (And
then `success_stamp` is just another join.)
2020-04-17 09:45:59 -07:00
Steve Howell aae28e41d0 provision: Extract create_var_directories().
This fixes the pattern of
SIX_DIR_PATH_CONSTANTS_IN_ALL_CAPS
just to create a few subdirectories.
2020-04-17 09:45:59 -07:00
Steve Howell bc62796276 provision: Check for compiled templates.
If the directory `templates/zerver/emails/compiled/`
is missing, then we need to run `inline_email_css`
again.

This can happen if somebody gets overzealous about
cleaning untracked files.
2020-04-17 09:45:59 -07:00
Steve Howell ec416a315f provision: Extract need_to_run_inline_email_css.
This extraction also prevents an unnecessary
call to `glob.glob` when `is_force` is `True`.
2020-04-17 09:45:59 -07:00
Steve Howell 66234850ba provision: Extract need_to_run_build_pygments_data.
This is more encapsulated and more efficient.

In the cases where `is_force` is `True` or
`pygments_data.json` is missing, we now avoid
the unnecessary step of importing `pygments`, at
least up front.

(Of course, we probably import that once we generate
the artifacts.)
2020-04-17 09:45:59 -07:00
Steve Howell 796351ed9e provision: Detect missing language_name_map.json.
If somebody is having issues with provision, it's
plausible they'll do something like `git clean -fX`
to clean up old artifacts of earlier provision runs,
as part of debugging things.

We defend against this by detecting the most obvious
symptom as cheaply as possible.
2020-04-17 09:45:59 -07:00
Steve Howell 765d40b34c provision: Extract need_to_run_compilemessages.
This is slightly more than a code move, as we
now skip some unnecessary file I/O when
`is_force` is `True`.
2020-04-17 09:45:59 -07:00
Steve Howell 067196c508 provision: Simplify `is_force` codepaths.
I remove `is_force` from `file_or_package_hash_updated`
and modernize its mypy annotations.

If `is_force` is `True`, we just now run the thing
we want to force-run without having to call
`file_or_package_hash_updated` to expensively
and riskily return `True`.

Another nice outcome of this change is that if
`file_or_package_hash_updated` returns `True`,
you can know that the file or package has
indeed been updated.

For the case of `build_pygments_data` we also
skip an `os.path.exists` check when `is_force`
is `True`.

We will short-circuit more logic in the next
few commits, as well as cleaning up some of
the long/wrapper lines in the `if` statements.
2020-04-17 09:45:59 -07:00
Steve Howell f98843d197 provision: Add build_emoji prefix to message.
This is similar to what we do in generate_secrets,
and it makes the output from a no-op provision
a bit more consistent.
2020-04-17 09:45:59 -07:00
Steve Howell 478b50dde3 provision: Improve message for configure-rabbitmq.
We change the message for skipping RabbitMQ
configuration to match nearby messages:

    No need to run `tools/setup/build_pygments_data`.
    No need to run `scripts/setup/inline_email_css.py`.
    No need to run `scripts/setup/configure-rabbitmq.
    No need to regenerate the dev DB.
    No need to regenerate the test DB.
    No need to run `manage.py compilemessages`.
2020-04-17 09:45:59 -07:00
Puneeth Chaganti 6b3358b14f generate-integration-docs-screenshot: Allow sending custom headers.
This commit makes it convenient to specify additional headers to send in the
integration webhook request from the command line.
2020-04-17 09:41:55 -07:00
Puneeth Chaganti 84e411c543 generate-integration-docs-screenshot: Fix crash on ignored fixtures.
When using a fixture that is correctly handled by our webhooks, but don't
cause a notification message to be sent, the tool shouldn't crash.
2020-04-17 09:41:55 -07:00
Puneeth Chaganti 9248b16e86 message-screenshot: Create image directory if it doesn't exist. 2020-04-17 09:41:55 -07:00
Puneeth Chaganti cee240fb74 generate-integration-docs-screenshot: Raise ArgumentTypeError.
When an invalid fixture is passed as an argument to the tool, raise an
`ArgumentTypeError`, instead of a `ValueError`.
2020-04-17 09:41:55 -07:00
Puneeth Chaganti ae754887eb generate-integration-docs-screenshot: Message to run dev server.
If the dev server is not running, when this tool is run, we print a clear
error message to start the dev server first, and then run this tool.
2020-04-17 09:41:55 -07:00
Puneeth Chaganti 874e473fc4 generate-integration-docs-screenshot: Refactor code into functions. 2020-04-17 09:41:55 -07:00
Puneeth Chaganti 4719226d0f generate-integration-docs-screenshot: Ensure puppeteer is installed. 2020-04-17 09:41:55 -07:00
Puneeth Chaganti dd6966b9af test-js-with-puppeteer: Extract code to prepare for puppeteer run. 2020-04-17 09:41:55 -07:00
Puneeth Chaganti 572e188b36 tools: Extract code to find js test files to test_script. 2020-04-17 09:41:55 -07:00
Puneeth Chaganti 26e199035d test_script: Use Python3 style type hints. 2020-04-17 09:41:55 -07:00
Tim Abbott 561ded5e59 production: Fix generating bot static files in production.
For upgrade-zulip-from-git to work, we need to be able to run
update-prod-static on production systems, which means provision code
like this cairosvg logic needs to be there for now.
2020-04-17 09:25:48 -07:00
Puneeth Chaganti 464cbcd9c1 tools: Capture incoming bot message screenshot using puppeteer. 2020-04-16 19:25:13 -07:00
Puneeth Chaganti 4d2ce607c9 tools: Add script to trigger webhook notification using fixtures.
When creating a webhook integration or creating a new one, it is a pain to
create or update the screenshots in the documentation. This commit adds a
tool that can trigger a sample notification for the webhook using a fixture,
that is likely already written for the tests.

Currently, the developer needs to take a screenshot manually, but this could
be automated using puppeteer or something like that.

Also, the tool does not support webhooks with basic auth, and only supports
webhooks that use json fixtures. These can be fixed in subsequent commits.
2020-04-16 19:25:13 -07:00
Puneeth Chaganti 4c142b778a generate_zulip_bots_static_files: Move imports outside the function. 2020-04-16 19:25:13 -07:00
Mateusz Mandera fbc8325d0e test-backend: Remove rate_limiter from not_yet_fully_covered.
rate_limiter.py now has sufficient test coverage to remove from the
list of exclusions.

Tweaked by tabbott to handle @abstractmethod in a better way.
2020-04-15 11:20:37 -07:00
wowol fcf4c9639e emails: Add tests for sending custom emails.
This requires configuring the linter to allow using "subject" in these
files.
2020-04-14 10:50:43 -07:00
Tim Abbott 4f23f13c55 fetch-contributor-data: Fix running in production.
The previous logic attempted to check for a venv, rather than putting
itself into the virtualenv automatically.
2020-04-12 12:14:07 -07:00
Aman Agrawal cf4349d1c1 tools: Add script to start database services for WSL.
It needs to be run everytime WSL is restarted.
2020-04-11 12:05:33 -07:00
Steve Howell b8552e9524 test-js-with-node: Show correct coverage link in color.
We figure out the dev host using the same logic as
dev_settings.py, so that we don't use wrong things
like 127.0.0.1 for droplet users.

And we display the link in cyan.
2020-04-11 07:05:04 -04:00
Steve Howell f28a1a4c6c test-js-with-node: Remove stray comments.
When I introduced EXEMPT_FILES, I forgot
to delete these comments, and they became
totally nonsensical after sorting the list
of files.
2020-04-11 07:05:04 -04:00
wowol 71dfb85607 emails: Allow usage of word subject in send_email.py. 2020-04-10 15:53:35 -07:00
Tim Abbott 59937ec9fa scripts: Rename inline-email-css to inline_email_css.py.
This is a preparatory step for making it a module that we can import
and call from other code.
2020-04-10 15:29:47 -07:00
Anders Kaseorg d8fce9417b run-dev: Automatically set EXTERNAL_HOST for droplet dev servers.
As of commit 99242138a7 (#14530), this
is required when visiting a droplet dev server remotely.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-10 16:50:13 -04:00
Anders Kaseorg 99242138a7 static: Serve webpack bundles from the root domain.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-10 00:48:02 -07:00
Anders Kaseorg c734bbd95d python: Modernize legacy Python 2 syntax with pyupgrade.
Generated by `pyupgrade --py3-plus --keep-percent-format` on all our
Python code except `zthumbor` and `zulip-ec2-configure-interfaces`,
followed by manual indentation fixes.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-09 16:43:22 -07:00
Rohitt Vashishtha 3f6541b306 bugdown: Add 'none' as alias for no syntax highlighting in codeblocks.
This is a precursor to #14404.
2020-04-09 16:02:02 -07:00
Mateusz Mandera 122d0bca83 check-rabbitmq-queue: Add a simple algorithm to analyze queue stats.
This new algorithm is designed to avoid monitoring paging when a queue
simply has bursty behavior.
2020-04-09 13:41:01 -07:00
Vishnu KS 31a5119892 tools: Back off after request failure in fetch-contributor-data.
If a request fails the tool sleeps for some time before making
further requests. The sleep time is a random number between
0 and 2^failures capped at 64 seconds. More details about the
algorithm can be found at https://chat.zulip.org/#narrow/stream/
92-learning/topic/exponential.20backoff.20--.20with.20jitter
2020-04-08 12:53:05 -07:00
Vishnu KS 449f7e2d4b team: Generate team page data using cron job.
This eliminates the contributors data as a possible source of
flakiness when installing Zulip from Git.

Fixes #14351.
2020-04-08 12:52:31 -07:00
Vishnu KS 8415a1472a tools: Rename update-authors-json to fetch-contributor-data. 2020-04-08 12:40:00 -07:00
Vishnu KS abad5365fa tools: Move duplicate_commits.json file to tools directory.
This is a prep commit for generating /team page data
using cron job. zerver/tests directory is not present in
production installation. So moving the file from the directory
tests to tools.
2020-04-07 16:06:29 -07:00
Greg Price 4d17abee82 tools: Use require_clean_work_tree everywhere.
As described in the commit that added this function, this fixes one
quite annoying bug and one at least in-principle bug:

 * On Windows, the simple version (lacking `git update-index
   --refresh`) routinely gives false positives, making the tools
   that rely on it basically unusable.

 * If you have uncommitted changes in the index but manage to have
   the worktree nevevertheless match HEAD, the simple version will
   give a false negative and we'd blow away those changes.
2020-04-06 17:52:10 -07:00
Greg Price daf357aaab tools: Give `require_clean_work_tree` our nice UI touches.
Notably, print the details of what's modified.
2020-04-06 17:52:10 -07:00
Greg Price 43ca39c87d tools: Modernize require_clean_work_tree a bit.
Use `local`.  Also `set -u`-compatible `${2-}`, and normalize
formatting of `if .. then`.
2020-04-06 17:52:10 -07:00
Greg Price 73acca76ba tools: Add a require_clean_work_tree function, from Git upstream.
This is verbatim from Git upstream, at an older version.  (The one
change since then is to add localization for the messages like "You
have unstaged changes" -- which complicates the code, is important and
worth it for Git itself, but for our tools we can do without.)

This function will replace our use of `git diff-index --quiet HEAD`
in several scripts.  The key differences in behavior are:

 * The `git update-index --refresh`.  Without this, on Windows
   apparently `git diff-index` routinely (but not all the time!)
   reports that tons of files have changed.  See report:
     https://chat.zulip.org/#narrow/stream/9-issues/topic/.2E.2Ftools.2Ffetch-pull-request.20issue/near/834435

 * Instead of one command comparing the worktree to HEAD, we
   separately compare the worktree to the index and the index to
   HEAD, and abort if either diff is nonempty.  This one is obvious,
   but rather an edge case (it matters only if you've managed to
   make the worktree and HEAD agree while the index has some
   changes), and the extra code is annoying if written out in every
   script that needs it.  But that's what a subroutine is for. :-)

We'll make a few tweaks before actually switching to use this.
2020-04-06 17:52:10 -07:00
Greg Price fc0b99cd62 tools: Apply `set -x` to just the interesting parts of *-pull-request.
The Git commands we're invoking to do the real work are useful to
print, for transparency to see what's happening and that there's no
magic here.

The boring shell stuff like `remote=${2:-"upstream"}` is not so
helpful, and nor is the rather arcane and in any case read-only
command `git diff-index --quiet HEAD`.  Those only add noise that
obscures the interesting parts.  So, move the `set -x` down to when
we're done with the boring preparatory stuff and ready to perform
the commands that do the work.
2020-04-06 17:52:10 -07:00
Anders Kaseorg 15d68c40dd nginx: Set X-XSS-Protection: 1; mode=block.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-05 16:13:53 -07:00
Anders Kaseorg 79c215626e nginx: Set X-Content-Type-Options: nosniff globally.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-05 16:13:53 -07:00
Anders Kaseorg bcc040b01c test-locked-requirements: Cache only one copy of each valid hash.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-05 13:45:25 -07:00
Anders Kaseorg bc6862b949 test-locked-requirements: Check all locked requirements files.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-05 13:45:25 -07:00
Steve Howell da6508a7af presence tests: Test for offline/reload use cases.
This gets us to 100% line coverage.
2020-04-03 11:42:59 -07:00
brendon f65e6d0d94 sgrep: Install syntactic code search tool as an external linter.
Add sgrep (sgrep.dev) to tooling and include simple rule as
proof of concept. Included rule detects use of old django render
function.

Also added a rule that looks for if-else statements where both
code paths are identical.
2020-04-01 15:08:34 -07:00
Anders Kaseorg 68cfcd6446 CVE-2020-9444: Prevent reverse tabnabbing attacks.
While we could fix this issue by changing the markdown processor,
doing so is not a robust solution, because even a momentary bug in the
markdown processor could allow cached messages that do not follow our
security policy.

This change ensures that even if our markdown processor has bugs that
result in rendered content that does not properly follow our policy of
using rel="noopener noreferrer" on links, we'll still do something
reasonable.

Co-authored-by: Tim Abbott <tabbott@zulipchat.com>
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-01 14:01:45 -07:00
arpit551 a2dd1fad12 provision: switch Focal to use PGroonga from PPA.
Since Groonga packages for Ubuntu 20.04 Focal are now available
in their ppa so stopped building pgroonga from source.
2020-03-31 15:02:31 -07:00
Anders Kaseorg 9d75eb0ad5 install-shellcheck: Check the tarball’s SHA-256 hash.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-03-31 15:01:54 -07:00
Steve Howell 6b86d9055f tests: Only wait up to 90s for the server. 2020-03-29 12:17:16 -07:00
Steve Howell cef74e1fdd tests: Sleep a bit more between server-is-up checks.
A watched pot never boils.

If we get server startup time down enough where 400ms
becomes a significant chunk, we can re-tweak this.
2020-03-29 12:17:16 -07:00
Steve Howell 7e4d542df4 tests: Use zulipdev.com for server_is_up() check.
Folks can have issues connecting to Casper
as zulipdev.com when they are not connected to
the internet or just have a bad connection, since
the DNS record is on the internet.  Folks can
work around this by just creating an /etc/hosts
entry for zulipdev.com, but people don't always
know.

This fix moves the symptom slightly earlier in
the process--we don't advertise that the server
is "up" if you can't actually connect to it as
"zulipdev.com".
2020-03-29 12:17:16 -07:00
Stefan Weil d2fa058cc1
text: Fix some typos (most of them found and fixed by codespell).
Signed-off-by: Stefan Weil <sw@weilnetz.de>
2020-03-27 17:25:56 -07:00
Anders Kaseorg 43996106d8 requirements: Get transifex-client from apt.
In the past it has blocked Python library security updates with overly
strict version bounds, and we don’t use it as a library, only as a
binary.

Skip the PROVISION_VERSION bump because we can use the tx binary from
either location.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-03-26 21:39:04 -07:00
Anders Kaseorg 006a69c912 ci: Disable test-run-dev.
This test doesn’t catch many bugs and is known to be flaky.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-03-26 21:38:19 -07:00
Anders Kaseorg a6624f04db Revert "run-dev: Run process_queue with DJANGO_AUTORELOAD_ENV."
This reverts commit 36a8e61e67 (#13934).

The Django 2.2 autoreloader works by forking into a child process that
exits with status 3 when a file changes, and a parent process that
restarts the child when it exits with status 3.  Setting this
environment variable had the effect of pretending we were already the
child process, without a parent process to restart it.  Therefore,
changing any code used by the queue processor caused it to exit rather
than restart.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-03-26 21:38:19 -07:00
Anders Kaseorg 7ff9b22500 docs: Convert many http URLs to https.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-03-26 21:35:32 -07:00
arpit551 b5c2202b3b provision: add dependency for building pgroonga from source.
clang-9 and llvm-9-dev are added for building pgroonga from source.
2020-03-25 16:09:59 -07:00
arpit551 f23a435fcb circleci: Add base image for Ubuntu Focal.
Added base image for Focal and new job in config.yml
to run backend and frontend tests in circleci for
python3.8 using Focal docker image.
2020-03-25 16:09:59 -07:00
arpit551 b9c8c185bc circleci: Removed python-dev from dockerfile.template.
python-dev will be depreciated in Focal but can be used as python2-dev
so removed it from common dockerfile.template and added it
as an extra package in .circleci/config.yml.
2020-03-25 16:09:59 -07:00
arpit551 0c821424cd lint: Run whitespace linter against .yml files.
Lint now checks for .yml files with whitespace_rules.
2020-03-24 15:31:59 -07:00
Anders Kaseorg 39f9abeb3f python: Convert json.loads(f.read()) to json.load(f).
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-03-24 10:46:32 -07:00
Tim Abbott 3d0b720543 provision: Fix missing apt update for installing new dependencies.
Previously, we only did apt updates when our sources.list files or
keys changed, which could result in provisioning errors for
development systems that don't routinely update their apt cache
(probably including ~all Vagrant environments).
2020-03-23 13:47:17 -07:00
arpit551 dc6c362e4a api_docs: Replaced cgi.escape with html.escape.
cgi.escape is deprecated in python3.2 and removed in python3.8.
This function was unsafe because quote is false by default, hence
removed and replaced with a safer html.escape.
2020-03-23 10:28:21 -07:00
arpit551 258de497a8 setup_venv: Used get_venv_dependencies() to return correct VENV dependencies.
Used get_venv_dependencies function to return the correct dependencies
for RHEL, Centos, Fedora rather than importing them as separate
COMMON_YUM_DEPENDENCIES in provision and create-production-venv.
2020-03-23 10:28:21 -07:00
Dinesh dacca3a593 tests: Add `test-js-with-puppeteer` similar to `test-js-with-casper`.
Note that there are no puppeteer tests yet; this is just preparatory
infrastructure.
2020-03-22 11:42:14 -07:00
Dinesh 9e65f3f354 provision: Add provision support for puppeteer. 2020-03-22 11:42:14 -07:00
Steve Howell eb9a252ec9 populate_db, tests: Restrict emails in zulip realm.
We now restrict emails on the zulip realm, and now
`email` and `delivery_email` will be different for
users.

This change should make it more likely to catch
errors where we leak delivery emails or use the
wrong field for lookups.
2020-03-19 16:21:31 -07:00
Rohitt Vashishtha b25e02aa14 tests: Treat github.com/zulip links as external.
Tests for these links often result in rate-limiting from GitHub,
leading to the builds failing in Circle CI. We temporarily mark
github.com/zulip links as external to keep the builds passing.
2020-03-19 09:27:40 -04:00
Vishnu KS a48845c8fb tests: Create new test mode for generating stripe fixtures. 2020-03-17 16:46:56 -07:00
arpit551 e916d0b733 provision: Added provision support for Ubuntu 20.04(Focal).
Groonga does not have a ppa package for Focal yet so pgroonga is
built from the source.
Postgres 12 is used when os_version is 20.04.
2020-03-17 14:57:14 -07:00
arpit551 b0cb493850 setup_venv: Added get_venv_dependencies function.
Added a get_venv_dependencies() function in setup_venv.py which
returns VENV_DEPENDENCIES according to the vendor and os_version.
The reason for adding this function was because python-dev will be
depreciated in Focal but can be used as python2-dev so when adding
support for Focal VENV_DEPENDENCIES should to be os_version dependent.
2020-03-17 14:57:14 -07:00
arpit551 3963b6740a provision: Corrected how scripts/lib/build-* is included for sha1 sum check.
There were two problems with the previous code-
1) The code glob.glob("scripts/lib/build-") should be
   glob.glob("scripts/lib/build-*) otherwise it would always return [].
2) The part of the code where we included scripts/lib/build-* for sha1 sum
   check would only run when debian is not in os_families(). This wasn't
   correct as we could have a situation where we have to build pgroonga
   from source even in case of debian and so we need to improve the
   condition on it.
Now since we only have build-pgroonga there its better to just directly hash
its content with the condition of BUILD_PGROONGA_FROM_SOURCE.
2020-03-17 14:57:14 -07:00
Mateusz Mandera d00a579318 Revert "test-run-dev: Use a pipe rather than polling a log file."
This should fix spurious failures, where test-run-dev would occasionally
freeze. What exactly about these changes was causing that is still to
be potentially investigated. This is merely meant as a fix to the
failures.
This reverts commit 19429c3ad7.
2020-03-17 14:16:18 -07:00
Vishnu KS 1c6435d4cc validator: Optionally record a type_structure attribute.
We plan to use these records to check and record the schema of Zulip's
events for the purposes of API documentation.

Based on an original messier commit by tabbott.

In theory, a nicer version of this would be able to work directly off
the mypy type system, but this will be good enough for our use case.
2020-03-06 17:07:14 -08:00
Steve Howell e67be55152 node tests: Actually test `translations.js`.
Before this test, we were validating the behavior
of `i18next`, but we weren't validating our light
layer that sits on top of `i18next`, which currently
resides in the slightly misnamed `translations.js`
file.

The translations module is now so small that I'll
just quote it verbatim here:

    import i18next from 'i18next';

    i18next.init({
        lng: 'lang',
        resources: {
            lang: {
                translation: page_params.translation_data,
            },
        },
        nsSeparator: false,
        keySeparator: false,
        interpolation: {
            prefix: "__",
            suffix: "__",
        },
        returnEmptyString: false,  // Empty string is not a valid translation.
    });

    window.i18n = i18next;

We now just do `zrequire('translations')` to initialize
the `i18next` library, which allows us to have simpler
test setup and to actually exercise the above call to
`i18next.init`.

This change now gives us 100% line coverage of `translations.js`,
which of course isn't that hard to acheive (see above).
2020-02-29 12:19:51 -08:00
Anders Kaseorg 687553a661 setup_path_on_import: Replace with setup_path function.
isort 5 knows not to reorder imports across function calls, so this
will stop isort from breaking our code.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-02-25 15:40:21 -08:00
Anders Kaseorg 1cdab5ae61 emoji: Resolve emoji sprite sheets and stylesheets through Webpack.
This gives them cache-compatible URLs, and also avoids some extra
copies of the sprite sheet images.

Comments on the Octopus emoji added by tabbott.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-02-25 14:43:46 -08:00
Anders Kaseorg 197084ab93 generate_emoji_names_table: Update SORTED_CATEGORIES.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-02-25 14:30:31 -08:00
Anders Kaseorg b474fa0e37 webpack: Generalize debug-require-webpack-plugin interface.
Now the caller simply imports the debug ‘require’ function as a
module, deciding for itself how to expose it and with what name (in
our case, we expose it as ‘require’ with expose-loader).  Also, remove
a stray console.log.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-02-25 14:01:06 -08:00
Anders Kaseorg 46e14d1c40 webpack: Expose a version of require() for use in the browser console.
This adds a global require() function that makes JS modules accessible
to the browser console without adding them to the global window
object:

» const typeahead = require("./static/shared/js/typeahead");
» typeahead.popular_emojis
Array(6) [ "1f44d", "1f389", "1f642", "2764", "1f6e0", "1f419" ]

The list of known modules is exposed via the keys of require.ids
object.

This will allow us to migrate more modules to ES6 without losing
access to this debugging functionality.

I’ll probably upload this plugin to NPM at some point, but I figured
I’ll let it bake in-tree first.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-02-24 23:18:05 -08:00
Steve Howell 5e8279c2fb refactor: Extract settings_config.
This moves some code from settings_display.js
into the new module settings_config.js.

Extracting this module breaks some dependencies
on settings_display.js (which has some annoying
transitive dependencies, including jQuery).

In particular this isolates stream_data from
from settings_display.js.

Two of the three structures that we moved here
weren't even directly used by settings_display.js,
since we do a lot of rendering in the modules
admin.js and setting.js.

We make get_all_display_settings() a function
to avoid a require-time dependency on page_params.

Breaking the dependencies simplifies a few
node tests.

Most of the node test complexity came from the
following commit in March 2019:

5a130097bf

The commit itself seems harmless enough, but
dependencies can have a somewhat "viral" nature,
where making stream_data depend on settings_display
caused us to modify four different node tests.
2020-02-21 12:06:31 -08:00
Tim Abbott 8aae02de68 emoji: Add a block comment explaining spritesheet CSS. 2020-02-21 10:26:57 -08:00
Steve Howell af7923c557 refactor: Extract get_square_size() for emoji sprites.
This cleans up a few things:

    - just yield values so we don't have to do
      tedious max logic
    - use values() instead of items() for
      skin_variations loop

In the ideal world the emoji.json would reduce this
code to `get_square_size = lambda data: data['square_size']`,
but I don't think we can get the square size explicitly.
2020-02-21 10:21:12 -08:00
Steve Howell da1ce9a577 emoji sprites: Avoid hard coding CSS percentages.
This commit changes the calculation of the
background-size parameter that we use to
render emojis from sprite sheets.

In particular, it now makes the parameter
match the sizes of our latest sprite
sheets from Twitter/Google.

This should fix the geometry aspect of #13959,
but we also need to fix some issues with the
cache being sticky.

There is also some minor cleanup:

    - Remove obsolete -moz/-webkit CSS.
    - Remove needless precision in percentages.
    - Fix the transposed nrows/ncols names.
    - Add extensive commenting.

Finally, we add a minor bump to the provision
number.  This commit should be merged in the
same series as the other fix for this issue,
which will probably have a major bump, and we'll
need to rebase this appropriately.
2020-02-21 10:21:12 -08:00
Anders Kaseorg 9d598d95a6 puppet: Fix puppet-lint warning.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-02-20 19:51:48 -08:00
Tim Abbott aaee506fb2 provision: Always build pygments_data.json if missing.
While it's a bit of extra complexity to do this check, which I'm not
excited about, we've had multiple folks spend significant time being
confused rebasing past d7d8632525 into
deleting `pygments_data.json`, with provision not rebuilding it, so
this seems worth merging as a transitional fix even if we decide to
remove it in 2 months.
2020-02-20 10:25:11 -08:00
Mateusz Mandera 7293862eae tests: Keep temporary .coverage files in var/ directory. 2020-02-19 14:36:17 -08:00
Mateusz Mandera 782353f0e1 tests: Ensure coverage data files get cleaned up at the end.
Without calling cov.erase() the data file seems to persist and even
pollute future test runs if not removed. Registering an atexit handler
seems like a good, and reasonably clean way to ensure the cleanup
happens.
Fixes #13933.
2020-02-19 14:36:17 -08:00
Anders Kaseorg 7990ef2d52 register: Spell Greek Ακμή with Greek alpha, not Latin A
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-02-18 17:41:43 -08:00
Anders Kaseorg 4889a0486d tests: Compile Handlebars templates with source maps.
This allows us to collect coverage for Handlebars templates, and also
improves the readability of Handlebars-related stack traces.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-02-18 07:38:46 -05:00
Mateusz Mandera 36a8e61e67 run-dev: Run process_queue with DJANGO_AUTORELOAD_ENV.
In Django 2.2 the autoreload system has changed.
DJANGO_AUTORELOAD_ENV env variable should be set when calling code
that'll use the autoreloader. Otherwise there's some kind of race
condition in the autoreload code when SIGINT is sent, where
restart_with_reloader() (called only if the env variable isn't set)
has the subprocess module calling p.kill() on a process that's already
exited, raising ProcessLookupError and printing an ugly traceback. This
causes non-deterministic test-run-dev failures.
2020-02-17 13:06:50 -05:00
Vishnu KS 5bab2a3762 upload: Replace jQuery filedrop with Uppy. 2020-02-13 16:43:19 -08:00
Tim Abbott e2892a88c1 channel: Discard all HTTP responses while reloading.
We used to have a block of code doing this just in the presence
endpoint because that's where we'd had error-handling problems with it
not being present, but it seems more correct for it to run
unconditionally on all HTTP requests.

This requires adding a dependency of channel on reload_state, which we
record in the webpack configuration for now.
2020-02-13 15:45:39 -08:00