2019-02-22 09:48:12 +03:00
|
|
|
import re
|
|
|
|
|
|
Bug 1364894 - Upgrade from Neutrino 4 to 9 (#4216)
Neutrino controls our frontend linting, transpilation, source-maps,
testing, dev-server and optimisation of production builds.
Highlights of the upgrade are:
* Major version updates to the individual tools within (such as webpack,
Babel and ESLint), significantly improving performance, fixing
transpilation/minification correctness bugs, adding support for newer
ECMAScript features, and increasing linter coverage.
* Hot reloading in the dev server now works for all entry-points and not
just the jobs view, shortening the feedback cycle.
* Reduced bundle size due to webpack 4's tree shaking, scope hoisting,
automatic shared/vendor code chunk splitting (no need for the manually
maintained 'vendor' list).
* CSS is now extracted out of JS, which improves performance, reduces
bundle size and prevents the initial white flash of un-styled content.
* Support for dynamic imports/code splitting (needed for bug 1502192).
* Support for Jest via a new Jest preset (unblocks bug 1364045).
* Support for public class field declarations (unblocks bug 1480166).
* Improved source-maps (increases the quality of production exception
trace-backs and fixes several debugger breakpoint bugs).
* Reduced amount of custom configuration required for our fairly complex
frontend needs, reducing maintenance burden and allowing for easier
future Neutrino upgrades.
In addition this PR:
* Fixes the WhiteNoise `immutable_file_test()` regex, so that it now
correctly enables browser caching of images, fonts and source maps.
* Enables webpack-dev-server's overlay feature, which displays any
compilation errors in the browser, saving having to switch back
to the console (this can be enabled for warnings too if desired).
* Enables webpack-dev-server's automatic browser-opening feature,
which saves having to manually navigate to `localhost:5000` after
running `yarn start`.
* Switches Karma tests to run Firefox in headless mode, reducing the
workflow disruption when running `yarn test`.
* Uses the new webpack `performance` option to enable maximum asset
file size thresholds, to help prevent bundle-size regressions.
* Rewrites the `package.json` script commands so that they now work
correctly on Windows, even when setting environment variables.
Performance comparison:
* Local `yarn build`:
- Cached: 2m34s -> 23s
- Uncached: 2m34s -> 58s
* Local `yarn start`:
- Cached: 34.5s -> 13.6s
- Uncached: 34.5s -> 31.3s
* Local `yarn test`
- Cached: 61.5s -> 19.8s
- Uncached: 61.5s -> 22.0s
* Local `yarn lint`
- Cached: 3.8s -> 1.8s
- Uncached: 13.7s -> 13.4s
* Travis end-to-end time:
9 minutes -> 6 minutes
* Heroku deploy end-to-end time:
14 minutes -> 9 minutes
2018-11-02 21:48:28 +03:00
|
|
|
import pytest
|
|
|
|
|
|
|
|
|
|
from treeherder.middleware import CustomWhiteNoise
|
|
|
|
|
|
|
|
|
|
URLS_IMMUTABLE = [
|
2023-06-30 14:03:19 +03:00
|
|
|
# Assets generated by Yarn.
|
Bug 1364894 - Upgrade from Neutrino 4 to 9 (#4216)
Neutrino controls our frontend linting, transpilation, source-maps,
testing, dev-server and optimisation of production builds.
Highlights of the upgrade are:
* Major version updates to the individual tools within (such as webpack,
Babel and ESLint), significantly improving performance, fixing
transpilation/minification correctness bugs, adding support for newer
ECMAScript features, and increasing linter coverage.
* Hot reloading in the dev server now works for all entry-points and not
just the jobs view, shortening the feedback cycle.
* Reduced bundle size due to webpack 4's tree shaking, scope hoisting,
automatic shared/vendor code chunk splitting (no need for the manually
maintained 'vendor' list).
* CSS is now extracted out of JS, which improves performance, reduces
bundle size and prevents the initial white flash of un-styled content.
* Support for dynamic imports/code splitting (needed for bug 1502192).
* Support for Jest via a new Jest preset (unblocks bug 1364045).
* Support for public class field declarations (unblocks bug 1480166).
* Improved source-maps (increases the quality of production exception
trace-backs and fixes several debugger breakpoint bugs).
* Reduced amount of custom configuration required for our fairly complex
frontend needs, reducing maintenance burden and allowing for easier
future Neutrino upgrades.
In addition this PR:
* Fixes the WhiteNoise `immutable_file_test()` regex, so that it now
correctly enables browser caching of images, fonts and source maps.
* Enables webpack-dev-server's overlay feature, which displays any
compilation errors in the browser, saving having to switch back
to the console (this can be enabled for warnings too if desired).
* Enables webpack-dev-server's automatic browser-opening feature,
which saves having to manually navigate to `localhost:5000` after
running `yarn start`.
* Switches Karma tests to run Firefox in headless mode, reducing the
workflow disruption when running `yarn test`.
* Uses the new webpack `performance` option to enable maximum asset
file size thresholds, to help prevent bundle-size regressions.
* Rewrites the `package.json` script commands so that they now work
correctly on Windows, even when setting environment variables.
Performance comparison:
* Local `yarn build`:
- Cached: 2m34s -> 23s
- Uncached: 2m34s -> 58s
* Local `yarn start`:
- Cached: 34.5s -> 13.6s
- Uncached: 34.5s -> 31.3s
* Local `yarn test`
- Cached: 61.5s -> 19.8s
- Uncached: 61.5s -> 22.0s
* Local `yarn lint`
- Cached: 3.8s -> 1.8s
- Uncached: 13.7s -> 13.4s
* Travis end-to-end time:
9 minutes -> 6 minutes
* Heroku deploy end-to-end time:
14 minutes -> 9 minutes
2018-11-02 21:48:28 +03:00
|
|
|
"/assets/2.379789df.css",
|
|
|
|
|
"/assets/dancing_cat.fa5552a5.gif",
|
|
|
|
|
"/assets/fontawesome-webfont.af7ae505.woff2",
|
|
|
|
|
"/assets/fontawesome-webfont.fee66e71.woff",
|
|
|
|
|
"/assets/index.1d85033a.js",
|
|
|
|
|
"/assets/index.1d85033a.js.map",
|
|
|
|
|
"/assets/perf.d7fea1e4.css",
|
|
|
|
|
"/assets/perf.d7fea1e4.css.map",
|
|
|
|
|
"/assets/treeherder-logo.3df97cff.png",
|
|
|
|
|
]
|
|
|
|
|
|
|
|
|
|
URLS_NOT_IMMUTABLE = [
|
|
|
|
|
"/",
|
|
|
|
|
"/contribute.json",
|
|
|
|
|
"/perf.html",
|
|
|
|
|
"/revision.txt",
|
|
|
|
|
"/tree_open.png",
|
|
|
|
|
"/docs/schema.js",
|
2023-06-30 14:03:19 +03:00
|
|
|
# The unhashed Yarn/webpack output if using `yarn build --mode development`.
|
Bug 1364894 - Upgrade from Neutrino 4 to 9 (#4216)
Neutrino controls our frontend linting, transpilation, source-maps,
testing, dev-server and optimisation of production builds.
Highlights of the upgrade are:
* Major version updates to the individual tools within (such as webpack,
Babel and ESLint), significantly improving performance, fixing
transpilation/minification correctness bugs, adding support for newer
ECMAScript features, and increasing linter coverage.
* Hot reloading in the dev server now works for all entry-points and not
just the jobs view, shortening the feedback cycle.
* Reduced bundle size due to webpack 4's tree shaking, scope hoisting,
automatic shared/vendor code chunk splitting (no need for the manually
maintained 'vendor' list).
* CSS is now extracted out of JS, which improves performance, reduces
bundle size and prevents the initial white flash of un-styled content.
* Support for dynamic imports/code splitting (needed for bug 1502192).
* Support for Jest via a new Jest preset (unblocks bug 1364045).
* Support for public class field declarations (unblocks bug 1480166).
* Improved source-maps (increases the quality of production exception
trace-backs and fixes several debugger breakpoint bugs).
* Reduced amount of custom configuration required for our fairly complex
frontend needs, reducing maintenance burden and allowing for easier
future Neutrino upgrades.
In addition this PR:
* Fixes the WhiteNoise `immutable_file_test()` regex, so that it now
correctly enables browser caching of images, fonts and source maps.
* Enables webpack-dev-server's overlay feature, which displays any
compilation errors in the browser, saving having to switch back
to the console (this can be enabled for warnings too if desired).
* Enables webpack-dev-server's automatic browser-opening feature,
which saves having to manually navigate to `localhost:5000` after
running `yarn start`.
* Switches Karma tests to run Firefox in headless mode, reducing the
workflow disruption when running `yarn test`.
* Uses the new webpack `performance` option to enable maximum asset
file size thresholds, to help prevent bundle-size regressions.
* Rewrites the `package.json` script commands so that they now work
correctly on Windows, even when setting environment variables.
Performance comparison:
* Local `yarn build`:
- Cached: 2m34s -> 23s
- Uncached: 2m34s -> 58s
* Local `yarn start`:
- Cached: 34.5s -> 13.6s
- Uncached: 34.5s -> 31.3s
* Local `yarn test`
- Cached: 61.5s -> 19.8s
- Uncached: 61.5s -> 22.0s
* Local `yarn lint`
- Cached: 3.8s -> 1.8s
- Uncached: 13.7s -> 13.4s
* Travis end-to-end time:
9 minutes -> 6 minutes
* Heroku deploy end-to-end time:
14 minutes -> 9 minutes
2018-11-02 21:48:28 +03:00
|
|
|
"/assets/runtime.js",
|
|
|
|
|
"/assets/vendors~index.js",
|
|
|
|
|
# The unhashed Django static asset originals (used in development).
|
|
|
|
|
"/static/debug_toolbar/assets/toolbar.css",
|
|
|
|
|
"/static/rest_framework/docs/js/jquery.json-view.min.js",
|
|
|
|
|
]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@pytest.mark.parametrize("url", URLS_IMMUTABLE)
|
|
|
|
|
def test_immutable_file_test_matches(url):
|
|
|
|
|
assert CustomWhiteNoise().immutable_file_test("", url)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@pytest.mark.parametrize("url", URLS_NOT_IMMUTABLE)
|
|
|
|
|
def test_immutable_file_test_does_not_match(url):
|
|
|
|
|
assert not CustomWhiteNoise().immutable_file_test("", url)
|
2019-02-22 09:48:12 +03:00
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_content_security_policy_header(client):
|
|
|
|
|
# Ideally we'd test requesting our frontend HTML, eg `/` and `/login.html`,
|
|
|
|
|
# however they won't exist unless `yarn build` has been run first.
|
|
|
|
|
# So instead we request an arbitrary static asset from django-rest-framework,
|
|
|
|
|
# which will be served with the same headers as our frontend HTML.
|
|
|
|
|
response = client.get("/static/rest_framework/css/default.css")
|
2019-02-25 22:47:45 +03:00
|
|
|
assert response.has_header("Content-Security-Policy")
|
2019-02-26 11:04:53 +03:00
|
|
|
policy_regex = r"default-src 'none'; script-src 'self' 'unsafe-eval' 'report-sample'; .*; report-uri /api/csp-report/"
|
2019-02-25 22:47:45 +03:00
|
|
|
assert re.match(policy_regex, response["Content-Security-Policy"])
|
