Commit Graph

3636 Commits

Author SHA1 Message Date
Aman Agrawal cf4349d1c1 tools: Add script to start database services for WSL.
It needs to be run everytime WSL is restarted.
2020-04-11 12:05:33 -07:00
Steve Howell b8552e9524 test-js-with-node: Show correct coverage link in color.
We figure out the dev host using the same logic as
dev_settings.py, so that we don't use wrong things
like 127.0.0.1 for droplet users.

And we display the link in cyan.
2020-04-11 07:05:04 -04:00
Steve Howell f28a1a4c6c test-js-with-node: Remove stray comments.
When I introduced EXEMPT_FILES, I forgot
to delete these comments, and they became
totally nonsensical after sorting the list
of files.
2020-04-11 07:05:04 -04:00
wowol 71dfb85607 emails: Allow usage of word subject in send_email.py. 2020-04-10 15:53:35 -07:00
Tim Abbott 59937ec9fa scripts: Rename inline-email-css to inline_email_css.py.
This is a preparatory step for making it a module that we can import
and call from other code.
2020-04-10 15:29:47 -07:00
Anders Kaseorg d8fce9417b run-dev: Automatically set EXTERNAL_HOST for droplet dev servers.
As of commit 99242138a7 (#14530), this
is required when visiting a droplet dev server remotely.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-10 16:50:13 -04:00
Anders Kaseorg 99242138a7 static: Serve webpack bundles from the root domain.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-10 00:48:02 -07:00
Anders Kaseorg c734bbd95d python: Modernize legacy Python 2 syntax with pyupgrade.
Generated by `pyupgrade --py3-plus --keep-percent-format` on all our
Python code except `zthumbor` and `zulip-ec2-configure-interfaces`,
followed by manual indentation fixes.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-09 16:43:22 -07:00
Rohitt Vashishtha 3f6541b306 bugdown: Add 'none' as alias for no syntax highlighting in codeblocks.
This is a precursor to #14404.
2020-04-09 16:02:02 -07:00
Mateusz Mandera 122d0bca83 check-rabbitmq-queue: Add a simple algorithm to analyze queue stats.
This new algorithm is designed to avoid monitoring paging when a queue
simply has bursty behavior.
2020-04-09 13:41:01 -07:00
Vishnu KS 31a5119892 tools: Back off after request failure in fetch-contributor-data.
If a request fails the tool sleeps for some time before making
further requests. The sleep time is a random number between
0 and 2^failures capped at 64 seconds. More details about the
algorithm can be found at https://chat.zulip.org/#narrow/stream/
92-learning/topic/exponential.20backoff.20--.20with.20jitter
2020-04-08 12:53:05 -07:00
Vishnu KS 449f7e2d4b team: Generate team page data using cron job.
This eliminates the contributors data as a possible source of
flakiness when installing Zulip from Git.

Fixes #14351.
2020-04-08 12:52:31 -07:00
Vishnu KS 8415a1472a tools: Rename update-authors-json to fetch-contributor-data. 2020-04-08 12:40:00 -07:00
Vishnu KS abad5365fa tools: Move duplicate_commits.json file to tools directory.
This is a prep commit for generating /team page data
using cron job. zerver/tests directory is not present in
production installation. So moving the file from the directory
tests to tools.
2020-04-07 16:06:29 -07:00
Greg Price 4d17abee82 tools: Use require_clean_work_tree everywhere.
As described in the commit that added this function, this fixes one
quite annoying bug and one at least in-principle bug:

 * On Windows, the simple version (lacking `git update-index
   --refresh`) routinely gives false positives, making the tools
   that rely on it basically unusable.

 * If you have uncommitted changes in the index but manage to have
   the worktree nevevertheless match HEAD, the simple version will
   give a false negative and we'd blow away those changes.
2020-04-06 17:52:10 -07:00
Greg Price daf357aaab tools: Give `require_clean_work_tree` our nice UI touches.
Notably, print the details of what's modified.
2020-04-06 17:52:10 -07:00
Greg Price 43ca39c87d tools: Modernize require_clean_work_tree a bit.
Use `local`.  Also `set -u`-compatible `${2-}`, and normalize
formatting of `if .. then`.
2020-04-06 17:52:10 -07:00
Greg Price 73acca76ba tools: Add a require_clean_work_tree function, from Git upstream.
This is verbatim from Git upstream, at an older version.  (The one
change since then is to add localization for the messages like "You
have unstaged changes" -- which complicates the code, is important and
worth it for Git itself, but for our tools we can do without.)

This function will replace our use of `git diff-index --quiet HEAD`
in several scripts.  The key differences in behavior are:

 * The `git update-index --refresh`.  Without this, on Windows
   apparently `git diff-index` routinely (but not all the time!)
   reports that tons of files have changed.  See report:
     https://chat.zulip.org/#narrow/stream/9-issues/topic/.2E.2Ftools.2Ffetch-pull-request.20issue/near/834435

 * Instead of one command comparing the worktree to HEAD, we
   separately compare the worktree to the index and the index to
   HEAD, and abort if either diff is nonempty.  This one is obvious,
   but rather an edge case (it matters only if you've managed to
   make the worktree and HEAD agree while the index has some
   changes), and the extra code is annoying if written out in every
   script that needs it.  But that's what a subroutine is for. :-)

We'll make a few tweaks before actually switching to use this.
2020-04-06 17:52:10 -07:00
Greg Price fc0b99cd62 tools: Apply `set -x` to just the interesting parts of *-pull-request.
The Git commands we're invoking to do the real work are useful to
print, for transparency to see what's happening and that there's no
magic here.

The boring shell stuff like `remote=${2:-"upstream"}` is not so
helpful, and nor is the rather arcane and in any case read-only
command `git diff-index --quiet HEAD`.  Those only add noise that
obscures the interesting parts.  So, move the `set -x` down to when
we're done with the boring preparatory stuff and ready to perform
the commands that do the work.
2020-04-06 17:52:10 -07:00
Anders Kaseorg 15d68c40dd nginx: Set X-XSS-Protection: 1; mode=block.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-05 16:13:53 -07:00
Anders Kaseorg 79c215626e nginx: Set X-Content-Type-Options: nosniff globally.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-05 16:13:53 -07:00
Anders Kaseorg bcc040b01c test-locked-requirements: Cache only one copy of each valid hash.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-05 13:45:25 -07:00
Anders Kaseorg bc6862b949 test-locked-requirements: Check all locked requirements files.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-05 13:45:25 -07:00
Steve Howell da6508a7af presence tests: Test for offline/reload use cases.
This gets us to 100% line coverage.
2020-04-03 11:42:59 -07:00
brendon f65e6d0d94 sgrep: Install syntactic code search tool as an external linter.
Add sgrep (sgrep.dev) to tooling and include simple rule as
proof of concept. Included rule detects use of old django render
function.

Also added a rule that looks for if-else statements where both
code paths are identical.
2020-04-01 15:08:34 -07:00
Anders Kaseorg 68cfcd6446 CVE-2020-9444: Prevent reverse tabnabbing attacks.
While we could fix this issue by changing the markdown processor,
doing so is not a robust solution, because even a momentary bug in the
markdown processor could allow cached messages that do not follow our
security policy.

This change ensures that even if our markdown processor has bugs that
result in rendered content that does not properly follow our policy of
using rel="noopener noreferrer" on links, we'll still do something
reasonable.

Co-authored-by: Tim Abbott <tabbott@zulipchat.com>
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-01 14:01:45 -07:00
arpit551 a2dd1fad12 provision: switch Focal to use PGroonga from PPA.
Since Groonga packages for Ubuntu 20.04 Focal are now available
in their ppa so stopped building pgroonga from source.
2020-03-31 15:02:31 -07:00
Anders Kaseorg 9d75eb0ad5 install-shellcheck: Check the tarball’s SHA-256 hash.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-03-31 15:01:54 -07:00
Steve Howell 6b86d9055f tests: Only wait up to 90s for the server. 2020-03-29 12:17:16 -07:00
Steve Howell cef74e1fdd tests: Sleep a bit more between server-is-up checks.
A watched pot never boils.

If we get server startup time down enough where 400ms
becomes a significant chunk, we can re-tweak this.
2020-03-29 12:17:16 -07:00
Steve Howell 7e4d542df4 tests: Use zulipdev.com for server_is_up() check.
Folks can have issues connecting to Casper
as zulipdev.com when they are not connected to
the internet or just have a bad connection, since
the DNS record is on the internet.  Folks can
work around this by just creating an /etc/hosts
entry for zulipdev.com, but people don't always
know.

This fix moves the symptom slightly earlier in
the process--we don't advertise that the server
is "up" if you can't actually connect to it as
"zulipdev.com".
2020-03-29 12:17:16 -07:00
Stefan Weil d2fa058cc1
text: Fix some typos (most of them found and fixed by codespell).
Signed-off-by: Stefan Weil <sw@weilnetz.de>
2020-03-27 17:25:56 -07:00
Anders Kaseorg 43996106d8 requirements: Get transifex-client from apt.
In the past it has blocked Python library security updates with overly
strict version bounds, and we don’t use it as a library, only as a
binary.

Skip the PROVISION_VERSION bump because we can use the tx binary from
either location.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-03-26 21:39:04 -07:00
Anders Kaseorg 006a69c912 ci: Disable test-run-dev.
This test doesn’t catch many bugs and is known to be flaky.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-03-26 21:38:19 -07:00
Anders Kaseorg a6624f04db Revert "run-dev: Run process_queue with DJANGO_AUTORELOAD_ENV."
This reverts commit 36a8e61e67 (#13934).

The Django 2.2 autoreloader works by forking into a child process that
exits with status 3 when a file changes, and a parent process that
restarts the child when it exits with status 3.  Setting this
environment variable had the effect of pretending we were already the
child process, without a parent process to restart it.  Therefore,
changing any code used by the queue processor caused it to exit rather
than restart.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-03-26 21:38:19 -07:00
Anders Kaseorg 7ff9b22500 docs: Convert many http URLs to https.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-03-26 21:35:32 -07:00
arpit551 b5c2202b3b provision: add dependency for building pgroonga from source.
clang-9 and llvm-9-dev are added for building pgroonga from source.
2020-03-25 16:09:59 -07:00
arpit551 f23a435fcb circleci: Add base image for Ubuntu Focal.
Added base image for Focal and new job in config.yml
to run backend and frontend tests in circleci for
python3.8 using Focal docker image.
2020-03-25 16:09:59 -07:00
arpit551 b9c8c185bc circleci: Removed python-dev from dockerfile.template.
python-dev will be depreciated in Focal but can be used as python2-dev
so removed it from common dockerfile.template and added it
as an extra package in .circleci/config.yml.
2020-03-25 16:09:59 -07:00
arpit551 0c821424cd lint: Run whitespace linter against .yml files.
Lint now checks for .yml files with whitespace_rules.
2020-03-24 15:31:59 -07:00
Anders Kaseorg 39f9abeb3f python: Convert json.loads(f.read()) to json.load(f).
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-03-24 10:46:32 -07:00
Tim Abbott 3d0b720543 provision: Fix missing apt update for installing new dependencies.
Previously, we only did apt updates when our sources.list files or
keys changed, which could result in provisioning errors for
development systems that don't routinely update their apt cache
(probably including ~all Vagrant environments).
2020-03-23 13:47:17 -07:00
arpit551 dc6c362e4a api_docs: Replaced cgi.escape with html.escape.
cgi.escape is deprecated in python3.2 and removed in python3.8.
This function was unsafe because quote is false by default, hence
removed and replaced with a safer html.escape.
2020-03-23 10:28:21 -07:00
arpit551 258de497a8 setup_venv: Used get_venv_dependencies() to return correct VENV dependencies.
Used get_venv_dependencies function to return the correct dependencies
for RHEL, Centos, Fedora rather than importing them as separate
COMMON_YUM_DEPENDENCIES in provision and create-production-venv.
2020-03-23 10:28:21 -07:00
Dinesh dacca3a593 tests: Add `test-js-with-puppeteer` similar to `test-js-with-casper`.
Note that there are no puppeteer tests yet; this is just preparatory
infrastructure.
2020-03-22 11:42:14 -07:00
Dinesh 9e65f3f354 provision: Add provision support for puppeteer. 2020-03-22 11:42:14 -07:00
Steve Howell eb9a252ec9 populate_db, tests: Restrict emails in zulip realm.
We now restrict emails on the zulip realm, and now
`email` and `delivery_email` will be different for
users.

This change should make it more likely to catch
errors where we leak delivery emails or use the
wrong field for lookups.
2020-03-19 16:21:31 -07:00
Rohitt Vashishtha b25e02aa14 tests: Treat github.com/zulip links as external.
Tests for these links often result in rate-limiting from GitHub,
leading to the builds failing in Circle CI. We temporarily mark
github.com/zulip links as external to keep the builds passing.
2020-03-19 09:27:40 -04:00
Vishnu KS a48845c8fb tests: Create new test mode for generating stripe fixtures. 2020-03-17 16:46:56 -07:00
arpit551 e916d0b733 provision: Added provision support for Ubuntu 20.04(Focal).
Groonga does not have a ppa package for Focal yet so pgroonga is
built from the source.
Postgres 12 is used when os_version is 20.04.
2020-03-17 14:57:14 -07:00