-
Notifications
You must be signed in to change notification settings - Fork 685
1.7.1 Test Plan
Conor Schaefer edited this page Jan 27, 2021
·
7 revisions
QA plan
- NUC7s
- Prod VMs
The 1.7.1 is a bugfix release, intended to resolve https://github.com/freedomofpress/securedrop/issues/5757. The test plan is therefore abbreviated compared to a standard minor version change.
- Install target:
- Tails version:
- Test Scenario:
- SSH over Tor:
- Onion service version:
- Release candidate:
In order to confirm resolution of the bug affecting configuration logic, you must first reproduce the error by editing the config.
- Perform fresh install of 1.7.0 prod, create journalist account, confirm login.
- SSH into app server, edit
/var/www/securedrop/config.py
and comment out theSESSION_EXPIRATION_MINUTES
line. - Run
sudo service apache2 restart
- Observe 500s on both Source & Journalist interfaces.
Now you're ready to proceed with the upgrade of application version, and evaluate the fix.
We'll prepare the packages for 1.7.1 and post them on https://apt-qa.freedom.press/. In order to upgrade:
- SSH into app server
- Edit
/etc/apt/security.list
and changeapt.freedom.press
toapt-qa.freedom.press
. - Run
sudo cron-apt -i -s
as described in https://github.com/freedomofpress/securedrop-docs/pull/142 - Confirm working Source & Journalist Interfaces. Proceed with functional review of webapp as normal, see below.
- Can successfully add admin user and login
- JS warning bar does not appear when using Security Slider high
- JS warning bar does appear when using Security Slider Low
- On generate page, refreshing codename produces a new 7-word codename
- On submit page, empty submissions produce flashed message
- On submit page, short message submitted successfully
- On submit page, file greater than 500 MB produces "The connection was reset" in Tor Browser quickly before the entire file is uploaded
- On submit page, file less than 500 MB submitted successfully
- Nonexistent codename cannot log in
- Empty codename cannot log in
- Legitimate codename can log in
- Returning user can view journalist replies - need to log into journalist interface to test
- Can log in with 2FA tokens
- incorrect password cannot log in
- invalid 2fa token cannot log in
- 2fa immediate reuse cannot log in
- Journalist account with HOTP can log in
- Filter by codename works
- Starring and unstarring works
- Click select all selects all submissions
- Selecting all and clicking "Download" works
- You can submit a reply and a flashed message and new row appears
- You cannot submit an empty reply
- Clicking "Delete Source And Submissions" and the source and docs are deleted
- You can click on a document and successfully decrypt using application private key
After updating to this release candidate and running securedrop-admin tailsconfig
- The Updater GUI appears on boot
- Updating occurs without issue