Because:
- In train-266 stage smoke tests failed because the auth-client build was missing
- The auth client used to be part of the docker image, but this changed now that we cache builds in nx.
This Commit:
- Builds auth client with nx prior to running smoke tests.
Because:
- Fixes projects param on integration tests in flows other than test_pull_request
- Defaults to large resource class for integration tests (for now)
Because:
- Not all CI operations where taking advantage of NX caches
This Commit:
- Adjusts nx.json config to ensure correct caching behavior
- Adjusts nx.json config to ensure proper target chains. ie build is dependent on pre-build
- Uses nx to directly run integration tests
- Uses nx to directly run unit tests
- Phases out dependency on generated .list files
- Ensures 'start up' for services for functional tests is done with nx and uses nx caches.
- Creates nx tags to facilitate test commands
- Fixes linter errors encountered
- Updates docker images to nx for builds
- Updates nx ignore files
Because:
* We want to use the latest typescript features.
This commit:
* Updates to TypeScript 5.2.2.
* Updates to Node 18.17.1 as OOM would occur frequently with 18.14.
* Updates CI to use a large instance with increased memory for Node.
Because:
- Refactor the Cart Manager to serve as higher level logic for the
cart db model.
This commit:
- Removes service level logic.
- Adds common methods to be used by Cart Manager consumers.
- Adds checks for valid state by action and valid state transitions.
- Reverts playwright tests back to xlarge instance size
Closes FXA-8128
Because:
- The CI already targets test-unit
- We want to draw a distinction between unit and integration tests.
This Commit:
- Renames "test" to "test-unit" in lib packages.
- Sets up CI to run integration tests on 'libs' folder packages
- Adds tags to nx projects in libs folder
Because:
* Fluent warning messages are slowing down tests.
This commit:
* Updates to the latest @fluent/react version
* Adds a non-console.warn reportError to testing ReactLocalization
instantiations.
Closes #FXA-7958
Because:
* Resubscription tests were failing/flaking
This commit:
* Increase the playwright functional test resource class from large to xlarge.
Closes #
Because:
- We want to enable password reset using our react app.
This commit:
- Ports over oauth reset password for react
- Updates Playwright tests accordingly
- Ports over playwright tests covering typical reset password flows
- Adds playwright test for PKCE reset password case
- Adds playwright test for TOTP reset password case
- Adds playwright test for account recovery code reset password case
- Adds playwright test for account recovery code & TOTP reset password case
- Enables oauth redirect logic, and removed short circuit operation in router.js -> showReactApp that would prevent oauth routes from rendering.
- Applied oauth redirect logic to:
- CompleteResetPassword page
- AccountRecoveryResetPassword
- Fixes issues with displaying service name in:
- ResetPasswordWithRecoveryKeyVerified
- ResetPasswordVerified,
- Fixes issues with rendering story book state
- Fixed issues found in hooks:
- Switched CreateReliers and CreateIntegration to useReliers and useIntegration. These accessed context so it turns out they really should be hooks.
- Made these hooks return singletons, which fixed a bunch of ‘ghost’ rerenders.
- Fixed an intermittent race condition in url-query-data.ts and added an option to ‘synchronize’ a data store.
- Updated logic in RelierFactory.initOuathReliers to ensure all the relying party information needed for password reset could be resolved.
- Fixed call to account.resetPassword on ResetPassword page, so proper options were sent to auth so state would be reflected in email link.
- Added support for handling resume tokens. Resume tokens on base64 encoded in the resume field in the query string. The logic for parsing these tokens wasn’t present yet.
- Updated the integration factory to pass in a relier authClient. These were needed to handle the integration logic.
- Ported scoped keys logic.
- Clean up in tests:
- Moved commonly used function, getReactFeatureFlagUrl to a util file.
- Removes incorrect usages of act blocks in favor of 'findBy' calls
- Wraps events in 'act' block that require it thereby fixing 'act' warnings
- Mocks console.warn to silence data provider output
- Test fxa-settings:test-integration output is now 100% percent clean, with no more warnings!
Because:
* We need to show the customer what is owed and when (i.e. proration) on checkout.
This commit:
* Updates PlanUpgradeDetails component and invoice preview to include proration amount.
* Adds a helper function to formats for only plan intervals.
* Shows updated content when useStripeImmediatelyInvoice flag is set to true.
* Updates tests and stories when aforementioned flag is set to true, where applicable.
Closes FXA-6878
Because:
- We want to lock down our gql queries as part of good security practices.
This Commit:
- Creates task that extracts existing gql queries from our code
- Applies middleware that checks a allowlist of extracted queries.
- Creates a 403 if the query is not in the allowlist
- Makes all gql parsable by extraction utility. The extraction utility doesn't support string placeholders. e.g. gql` Account { ${ACCOUNT_FIELDS} }`
- Moves all the gql in the admin server into .ts files. Again for consistency and extraction utility support.
- Cleans up some config references at startup
- Adds nx config for extraction & copy tasks
Because:
* We need to update the playwright tests to support the new account recovery key flow
This commit:
* Update recoveryKey page model
* Update misc, password and recoveryKey functional tests with feature flagging
Closes #FXA-7250
Because:
- We want to try running smoke tests against a new environment
This Commit:
- Adds pipeline parameters for configuring standard domains
- Transfers pipeline parameters to a set of standard envs
- Updates playwright tests to use these envs
- Updates functional content server tests to use these envs
Because:
* We want to introduce nx to the repository
This commit:
* Adds nx with working builds
Closes: FXA-7341
Co-authored-by: dschom <dschomburg@mozilla.com>
Because:
- We want all projects to pass cleanly
This Commit:
- Fixes issue where the linter was linting the build directory. This fixed the bulk of the issues.
- Fixes the remaining actual linter errors.
- Removes lint-packages.sh in favor of inline command in circleci config
Because:
- We want a poc that auth can be added to redis
This Commit:
- Configures all configs to support a redis password
- Sets the standard env for redis auth to REDIS_PASSWORD
- Creates a default redis password of 'fxa123' for local dev
- Starts redis container with --requirepass fxa123
Because:
- For tests that are potentially flaky we want to enable the 'rerun only failed' circleci option
This Commit:
- Adjusts playwright tests to support 'rerun only failed'
Because:
- We want to clean up our docker build
- We no longer used our service specific images
This Commit:
- Switches to multi stage docker build
- Removes unused building of individual services
- Removes used script that sets environment variables.
- Removes `workspaces focus` call that resulted in redundant installs
- Removes trap on build logs.
- Uses circleci DLC to get cache hits for fxa-utils and fxa-build-utils
- Removes scripts that build service specific images
- Cleans up naming conventions to reflect that only one image is being built
Because:
* We cancelled the React port of post_verify add recovery key routes and post_verify add secondary email routes and deemed 'push' routes out of scope (see tickets for details), so our feature flags needed some tweaking
* simpleRoutes are rolled out to 100% in production and updating local.json-dist to match keeps local dev in sync
closes FXA-6647
Because:
- If the image wasn't present locally, the deploy would simply skip the push.
This Commit:
- Checks to see if the target image tag is present on the remote docker registry.
- Pulls the target image the from the registry and then pushes it with the correct tag.
Because:
- We were running out of memory.
- We recently increased the scope of linter coverage, which is likely related.
This Commit:
- Bumps the resource class for lint jobs.
Because:
- Not all workspaces were configured for linting
- Not all workspaces passed linting
This Commit:
- Makes sure the lint command runs all workspaces
- Applies standard eslint config across the board
- Fixes as many linting errors as possible
- Follows still needed for payments, settings & functional tests
Because:
- We can build the docker image while tests are running
- This will cut down on deploy time
This commit:
- Builds the deployed docker images in parallel to tests
- Pushes temporary image to docker up
- Once tests finish re-tags temporary image and pushes to docker hub
- Removes temporary build image from docker hub
Because:
* We want to show the retryAfterLocalized value in localized error messages when ResetPassword requests are throttled (maxEmails reached)
This commit:
* Add retryAfter and retryAfterLocalized from Auth server errors to GraphQl errors
* Make this value available to the localized throttled error message for the ResetPassword page.
* Add ResetPassword stories to show error examples.
* Enable customs-server by default in dev environment, but disable for CircleCi builds.
* Add documentation explaining how to disable/enable customs-server for local testing.
* Use ipv4 for the customs-server localhost (prevent from using ipv6, favoured by Node18)
Closes #FXA-6875
Because:
- We want to start tracking build errors on all packages
- We should create urgency around fixing typescript build errors
This Commit:
- Removes any typescript compile exclusions
- Disabled the 'fail-fast' step for compile jobs
- Fixes content-server typescript compilation errors
- Disabled typescript compilation on test files in payments. A follow has been filed here.
Because:
- Smoke tests could be triggered on branches but not on tags
This Commit:
- Applies filters such that smoke tests can be run on tags.
- Applies filters such that smoke tests can be run on branches.
Because:
- we want to use the latest node LTS major version
This commit:
- upgrades FxA to use node 18, with two workarounds
- Webpack uses a hash algorithm that's no longer supported by default
in node 17+, causing build failures; --openssl-legacy-provider is
used as the workaround
- dns.lookup in node 17+ by default returns the results in the same
order as they are from the resolver, which could lead to
'localhost' resolving to ::1; --dns-result-order=ipv4first is used
as the workaround
Because:
- TypeScript errors were occurring during the docker build of the deploy workflow
- We want to catch typescript errors as early as possible
This Commit:
- Adds compile job, that runs tsc --noEmit across all workspaces
Because:
- We want to avoid redundant git clone operations
- We want to reduce the number of ftl bundles requested on the client side.
This Commit:
- Adds _scripts/l10n/*.sh for conducting l10n build operations
- Bundles ftl files together into ftl main
- Removes bundle prop on AppLocalizer, so that it uses the default, [main.ftl]
- Replace - with _ in locale names when resolving ftl files
- Removes clone-l10n.sh
Because:
- We want to run smoke tests in parallel for faster deployments.
This Commit:
- Adds pipeline flags required to support remote execution of pipelines
- Updates readme
Because:
- We had some scenarios where we see anything written to stdout
This Commit:
- Applies the --ungroup option, which allows stdout to be written in realtime.
- Only does this when max parallel jobs is set 1
- Prints the actual operations being run to stdout for easier debugging
Because:
- This workflow triggered an error when the test-content-server-remote job was invoked with CircleCI api V1
- It appears this is caused by a bug in the CircleCI V1 api (https://github.com/CircleCI-Public/slack-orb/issues/148)
This Commit:
- Temporarily disables the nightly workflow
Because:
- Not all jobs were running in the test_and_deploy_tag
This Commit:
- Adds filter configs to each job. This typically isn't necessary, but since we
ignore all branches, in this case it is.
Because:
- Not all jobs were running in the test_and_deploy_tag
This Commit:
- Adds filter configs to each job. This typically isn't necessary, but since we
ignore all branches, in this case it is.
Because:
- Something was off for base-install in jobs using the ci-base-browser-latest images. Yarn cache hits were not happening as anticipated. Also, in the event the yarn install could be skipped, the postinstall script was taking longer than expected.
- An occasional race condition where the deploy-fxa-ci-browser-image could be built off a stale base image was detected.
- Since ci-base-latest and ci-base-browsers-latests weren’t pushed at the same time, occasionally different builds would be used in a pipeline. Although this never directly led to problems, it did seem like the potential was there.
- The ci-* docker images were larger than desired..
- While investigating optimizations, it became apparent job spin up times could be further reduced by using CircleCI workspaces.
– Nightly builds are useful, and we would occasionally encounter a regression on main that wasn’t present in PRs due to differences in resulting state after a merge.
- SRE needs a better way to trigger smoke tests in parallel.
This commit:
- Reworks the docker file.
- Puts everything into one multi stage build, which results in better layer caching.
- Creates new tag names ci-builder, ci-test-runner, & ci-functional-test-runner
- Makes sure these images are as small as possible
- Updates references to these new images in the executors
- Ensures that the ci images are built on the same machine and pushed at the same time. This addresses the potential race condition described in the because section above.
- Short circuits the docker build for ci images if there are no npm package changes detected. Since the base images are really just a way to decrease build time by caching package dependencies in a docker image that compresses better than the circle ci cache, we don’t actually need to build the image unless a package change has occurred.
- Leverages CircleCI workspaces. The build now primes the workspace and it is then restored in the subsequent jobs. This ends up saving time, because we skip the build / install step, and it allows us to use much smaller docker images for any job running post build.
- Adds a script to extract the current state of the yarn cache from a docker image, so the yarn cache can be kept fresh. This was an oversight in the initial pass.
- For functional tests, the operation that starts the pm2 stack and the actual jobs have been separated into different steps. This gives us better timing metrics, and also lets us see which step fails most often. Starting the stack actually takes up a considerable amount of time, and shouldn’t be confused with the time it takes to execute tests.
- For functional tests (both playwright and content), a memory optimization was made by not including fxa-shared or fxa-react in the ‘run start’ operation. Both of these workspaces are now built in the ‘build’ stage, so there is no reason to include them when spinning up the stack. This actually resulted in a noticeable reduction in memory usage. This is probably due to the fact that these pm2 tasks were running a watch operation, which is more memory intensive than just running a build.
- Ensures that the entire git history isn't copied into the base image, which results in a smaller image. (Our git history is surprisingly large!) This is done by setting a depth of 1 when cloning and depth of 2 when fetching. These changes also address FXA-6676, because the clone and fetch operations have been modified.
- Adds a nightly workflow, so that we can run a full test suite to guard against regression resulting from a merge into main. See FXA-6626 for more information. We can also use this nightly flow to postpone any CI tasks that run on main, but aren’t urgent.
- Retains the ability to manually trigger tasks that were shifted to the nightly workflow. These tasks include deploying storybook or deploying packages.
- Adds the ability to trigger smoke test workflows with pipeline parameters. It’s possible this will simplify executing smoke tests in parallel for SRE.
- Fixes the issue of slow base-install script performance when the yarn install operation could be skipped. The issue was that when we invoke postinstall directly, fxa-shared would be built. This is already taken care of in the build step, so doing so in the base install was an unneeded redundancy.
- Adds a few other minor improvements fixes such as avoiding a couple redundant build / lint operations, making the build script a bit more robust, and cleaning up the config file a bit.
Because:
- When there was just a single integration test suite to run, the second integration test suite in the ci would fail.
This Commit:
- Checks to make sure the split file exists before running it.
Because:
- There is logic to gracefully exit when an operations list is empty.
This Commit:
- Creates an empty file when operations lists are created.
Closes: FXA-6701
Because:
- The settings server functional tests have all been moved to playwright.
- The settings server integration tests run in the integration tests suites now.
This Commit:
- Phases out the settings server functional tests.
Because:
- Code would error out if the operations list was empty.
- Code should gracefully exit if asked to run an empty list of operations.
This Commit:
- Gracefully exists when operations list is empty
Because:
- We've been seeing some odd behavior were 'stale' images are getting used in some cases.
This Commit:
- Disables docker layer caching for now. This seems like the safest thing to do until we fully understand what's happening in FXA-6624
Because:
- We wanted to run a few preliminary checks before proceeding to more
expensive CI jobs. Checks include:
- Compiling typescript in commonly referenced workspace packages
- Linting code that has changed
- Executing Unit Tests for code that has changed
- We wanted to partition test operations into unit tests, and
integration tests. Unit tests can be run relatively quickly and
require no additional infrastructure. Integration tests require
additional infrastructure and generally have longer execution
times. Now that jobs are blocked from running until preliminary
checks pass, one of which is unit tests, it is important to draw a
distinction between these two types of tests.
- We want to avoid unnecessary yarn installs and typescript
compilations, which are time consuming.
- We want to make sure that test results are published and failing tests
can be easily viewed in the CI.
This Commit:
- Creates a build-and-validate job in the CI that builds, lints, and
unit tests code prior to running any other jobs.
- Creates unit-test job in CI config
- Creates integration-test job in CI config
- Removes redundant calls to compile workspace packages. These
are now built up front, cached, and restored as needed for future
runs.
- Extends the create-lists script functionality to generate commands
that can be executed with the parallel command.
- Removes unnecessary yarn install operations. Invoking yarn workspace
focus results in a yarn install. In the case of running tests this is largely
unnecessary, because we already do a yarn install in the base-install
step.
- Make sure test results are exported as junit xml so the CI can report
back on tests that were failing. This was done for a couple workspace
packages, but many were lacking the capability. All test:unit and
test:integration npm scripts now export this data.
- Fixes the following issues encountered along the way:
- Adds logs to monitor heap usage of jest tests. Some
jest tests are still using a lot of memory.
- Moves a few slow / long running tests from unit test to
integration tests.
- Ensures that jest.transform for ts-jest is always instructed
to have the config option isolateModules is set to true. This
definitely decreases memory overhead and resolves some
of the OOM errors we were hitting. It was configured in
some places but not everywhere.
- Exports test results files for all tests
- Exports all test artifacts
- Uses gnu parallel to run tests in parallel. Turns out yarn
workspaces foreach would give a false positive when an OOM
was encountered. Fortunately, the parallel command offered an
acceptable work around, and even offers some nice features
like the load argument, which allows to control test execution a
bit more efficiently.
Because:
- We cannot add parameters to job triggered through circleci's API
This Commit:
- Removes parameters from the `test-content-server-remote` job
Because:
- We want decrease the time it takes to deploy
This Commit:
- Adds ability to divide smoke tests
- Creates jobs that divide content server smoke tests into three parts
- Jobs can be run in parallel
- Creates a new executor for running smoke tests
- Removes mozinstall command (found in test-ci-remote.sh) since there is already a firefox browser installed in the base image
- Removes internjs argument --firefoxBinary, because there is now a firefox binary available in /usr/local/bin/firefox.
Because:
- We want to speed up pipeline startup.
This Commit:
- Optimizes docker base image builds for the smallest images possible.
- Enables hard links for yarn cache
- Enables global yarn cache
- Avoids needlessly installing playwright browsers.
- Avoids needlessly running yarn install.
- Uses mozilla/fxa-circleci:ci-base-latest image for running test pipelines
- Uses mozilla/fxa-circleci:ci-base-browsers image for running functional tests pipelines
- Creates configurable executors that can be reused across pipelines
- Upgrades to yarn 3.3.0
- Enabled direct check out of PR code to test, which is faster than circle ci’s checkout command.
- Upgrades functional test to X-Large. This was already the case for playwright tests, but is now extended to content server tests too. This decision was made due to running lots of pipelines and realizing flakiness was largely due to CPU or memory hitting 100% for long periods of time.
- Turns off tracing, since it saves a bit of runtime.
dschom
Ben Bangert
Reino Muhl
Barry Chen
Valerie Pomerleau
Ankita Shrivastava
Ankita Shrivastava
Dan Schomburg
Meghan Sardesai
Julian Poyourow
Vijay Budhram
Lauren Zugai
Vijay Budhram
Wil Clouser
Meghan Sardesai
Ivo Plamenac