Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Release 1.79 #2306

Merged
merged 4 commits into from
Mar 21, 2024
Merged

Release 1.79 #2306

merged 4 commits into from
Mar 21, 2024

Conversation

gweiying
Copy link
Contributor

@gweiying gweiying commented Mar 21, 2024
edited
Loading

New Environment Variables

(Optional Section) Lists any new runtime environment variables that will be introduced in this release. Also, a gentle reminder to ensure that any new environment variables are documented in our README.md.

  • FF_USE_REPLICA_FOR_REDIRECTS: boolean, feature flag for using the replica database to look up redirects to long URLs. Defaults to false

Pre deployment

  • Enable Web Risk API for edu
    • Add billing account for Google Console edu
    • Enable Web Risk API
    • Allow existing safe browsing API key to use Web Risk API
    • Verify that correct key is in use on EB
    • Test that browsing key can use Web Risk API:
      • Send request, https://webrisk.googleapis.com/v1/uris:search?threatTypes=MALWARE&uri=http%3A%2F%2Fgoogle.com&key=<your-key-here>, should return {}
      • Send request https://webrisk.googleapis.com/v1/uris:search?threatTypes=MALWARE&uri=http%3A%2F%2Ftestsafebrowsing.appspot.com%2Fs%2Fmalware.html&key=<your-key-here>, should return threat details
  • Enable Web Risk API for health
    • Add billing account for Google Console edu
    • Enable Web Risk API
    • Allow existing safe browsing API key to use Web Risk API
    • Verify that correct key is in use on EB
    • Test that browsing key can use Web Risk API:
      • Send request, https://webrisk.googleapis.com/v1/uris:search?threatTypes=MALWARE&uri=http%3A%2F%2Fgoogle.com&key=<your-key-here>, should return {}
      • Send request https://webrisk.googleapis.com/v1/uris:search?threatTypes=MALWARE&uri=http%3A%2F%2Ftestsafebrowsing.appspot.com%2Fs%2Fmalware.html&key=<your-key-here>, should return threat details
  • Enable Web Risk API for go
    • Add billing account for Google Console edu
    • Enable Web Risk API
    • Allow existing safe browsing API key to use Web Risk API
    • Verify that correct key is in use on EB
    • Test that browsing key can use Web Risk API:
      • Send request, https://webrisk.googleapis.com/v1/uris:search?threatTypes=MALWARE&uri=http%3A%2F%2Fgoogle.com&key=<your-key-here>, should return {}
      • Send request https://webrisk.googleapis.com/v1/uris:search?threatTypes=MALWARE&uri=http%3A%2F%2Ftestsafebrowsing.appspot.com%2Fs%2Fmalware.html&key=<your-key-here>, should return threat details

Manual tests post deployment

Tests on [go] production

  • Try creating short link to malicious url, should see error "Link is likely malicious, please contact us for help"
  • Create short link to safe url, should be able to create short link
  • [API] Create short link to safe url, should be able to create short link
  • [API] Try creating short link to malicious url, should see error "Link is likely malicious, please contact us for help"
  • [Bulk] Try creating short links with bulk upload of 500 links, all safe, should be able to bulk create
  • [Bulk] Try creating short links with bulk upload of 500 links, at least one malicious link, should not be able to bulk

Tests on [health] production

  • Try creating short link to malicious url, should see error "Link is likely malicious, please contact us for help"
  • Create short link to safe url, should be able to create short link
  • [API] Create short link to safe url, should be able to create short link
  • [API] Try creating short link to malicious url, should see error "Link is likely malicious, please contact us for help"
  • [Bulk] Try creating short links with bulk upload of 500 links, all safe, should be able to bulk create
  • [Bulk] Try creating short links with bulk upload of 500 links, at least one malicious link, should not be able to bulk

Tests on [edu] production

  • Try creating short link to malicious url, should see error "Link is likely malicious, please contact us for help"
  • Create short link to safe url, should be able to create short link
  • [API] Create short link to safe url, should be able to create short link
  • [API] Try creating short link to malicious url, should see error "Link is likely malicious, please contact us for help"
  • [Bulk] Try creating short links with bulk upload of 500 links, all safe, should be able to bulk create
  • [Bulk] Try creating short links with bulk upload of 500 links, at least one malicious link, should not be able to bulk

Tests

Home page

  • The landing page graphic should animate example short urls correctly
  • The landing page should have no link to search

Login page

  • OTP email should contain requestor's IP address
  • Resend OTP should send a new OTP to user, and invalidate previous OTP

User page

  • User message banner appears on top when USER_MESSAGE env var is set
  • Announcement modal appears when ANNOUNCEMENT_* env var is set
  • Banner follows scroll

QR

  • Downloaded PNG QR code should be of width 1000px and height >= 1000px
  • Downloaded SVG QR code should work
  • Scan the downloaded QR code in SVG to check that it points to the correct long url
  • Scan the downloaded QR code in PNG to check that it points to the correct long url

Directory - desktop view

  • It should redirect to the short url link when the row is clicked for active link

Directory - mobile view

  • It should redirect to the short url link when the redirect icon is clicked for active link in bottom mobile panel

Bulk upload

  • If bulk QR code is activated, in progress status bar should appear after uploading bulk file.
  • If bulk QR code is activated, in progress status bar should change to green within 2 mins after uploading bulk file.
  • Should be able to download csv, zipped png and zipped svg from success status bar
  • Downloaded csv should have all created links
  • Downloaded zipped QR code folders should have QR code files for all created links
  • Should receive email to download zipped png and zipped svg files

gweiying and others added 4 commits March 20, 2024 13:05
@gweiying
Merge pull request #2301 from opengovsg/release-1.78.2
822d2db 
[develop] 1.78.2
@gweiying @halfwhole
Chore/disable link stats (#2304)
7c8cea6 
* chore: use replica scope for url short link reads

* chore: wrap update link stats in a try catch to prevent errors bubbling

* chore: add feature flag for using replica to look up redirects

---------

Co-authored-by: halfwhole <limziwei2@gmail.com>
@gweiying
chore: replace safe browsing with web risk (#2305)
1e1f53b 
* chore: replace safe browsing with web risk

* chore: add SOCIAL_ENGINEERING_EXTENDED_COVERAGE
@gweiying
1.79.0
2ab4e4d
@mergify mergify bot mentioned this pull request Mar 21, 2024
Merged
@gweiying gweiying marked this pull request as ready for review March 21, 2024 09:29
@halfwhole halfwhole self-requested a review March 21, 2024 09:29
@gweiying gweiying merged commit 34ba098 into release Mar 21, 2024
68 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@halfwhole halfwhole halfwhole approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@gweiying @halfwhole