Page MenuHomePhabricator
Create Task
Maniphest T136782

Unit tests for wfLoadExtension @ operations/mediawiki-config
Closed, DeclinedPublic
Actions

Description

We're currently progressively updating CommonSettings.php to load extensions through wfLoadExtension instead of former include, to comply with extension registration and get rid of wmg/wg hack (see T119117).

Humans are quite bad to spot typos when extensions path or name look coherent, but this is potentially very harmful for the servers, as any deployment could break (and actually broke) the servers.

To avoid this, we can add tests to CommonSettings.php (and CommonSettings-labs.php): any wfLoadExtension method call should be validated, to ensure it requires to load an actual extension.

Related incident: https://wikitech.wikimedia.org/wiki/Incident_documentation/20160601-MediaWiki

Related Objects

Event Timeline

Dereckson created this task.Jun 2 2016, 12:18 AM
Restricted Application added subscribers: Zppix, Aklapper. · View Herald TranscriptJun 2 2016, 12:18 AM
Dereckson updated the task description. (Show Details)Jun 2 2016, 12:19 AM
Dereckson added subscribers: Legoktm, ori.
Dereckson added a comment.Jun 2 2016, 12:24 AM

Note: from local repo point of view, we're quite limited as we don't know from the repository what's really deployed in prod, but we can already compare with extension-list (as long as still available).

Some other actions tests apart could be valuable: use systematically a first sync with mw1017 to test such changes for example would allow to avoid to impact production.

Paladox subscribed.Jun 2 2016, 1:25 AM
MZMcBride subscribed.Jun 2 2016, 1:43 AM
Luke081515 subscribed.Jun 2 2016, 10:12 AM
Krinkle mentioned this in T136821: Offer a mechanism not to serve a fatal error when trying to load a non existing extension.Jun 2 2016, 10:30 PM
greg added a project: Wikimedia-Incident.Jul 27 2016, 10:42 PM
greg moved this task from Active investigation to Follow-up prevention on the Wikimedia-Incident board.Jul 27 2016, 10:45 PM
greg subscribed.Sep 29 2016, 7:41 PM

This follow-up task from an incident report has not been updated recently. If it is no longer valid, please add a comment explaining why. If it is still valid, please prioritize it appropriately relative to your other work. If you have any questions, feel free to ask me (Greg Grossmeier).

Krinkle subscribed.Apr 5 2020, 7:16 PM

Having tests for this seems nice, but I don't think that's feasible within the current CI setup for wmf-config.

But looking at the actual incident and example in the task description, it is unclear to me how or why this would've caused production impact. Typos and such in wfLoadExtension() calls are deterministic would be trivial to detect as soon as you're on the mwdebug server. Going to any wiki at all that uses the extension while staging, will have uncovered that.

Catching in CI would be even nicer of course, but I think in this case our existing deployment process already covered this, but it was skipped. Can we confirm that the staging step was skipped? If it was not skipped, we need to figure out why the problem didn't happen during staging. If it was skipped, we may need to look into automating and enforcing that step as part of Scap. E.g. make it so that scap sync-* always goes to mwdebug first, and then leaves an interactive prompt for you to proceed once it has been verified (perhaps skippable via --force). Or, if we think it was an isolated case and that we generally follow it and don't want this kind of automation, then we should close the task :)

Krinkle edited projects, added Scap, Release-Engineering-Team-TODO; removed WMF-General-or-Unknown.Apr 5 2020, 7:16 PM
thcipriani triaged this task as Low priority.Apr 8 2020, 5:21 PM
thcipriani moved this task from Should be empty (use Release-Engineering-Team) to Later / Need volunteer on the Release-Engineering-Team-TODO board.
Krinkle edited projects, added Sustainability (Incident Followup); removed Wikimedia-Incident.Apr 28 2020, 9:51 PM
thcipriani edited projects, added Release-Engineering-Team (thcipriani-workboard-fiddling); removed Release-Engineering-Team-TODO.Apr 20 2021, 3:42 AM
thcipriani moved this task from thcipriani-workboard-fiddling to Seen (ARCHIVE) on the Release-Engineering-Team board.Apr 20 2021, 3:59 AM
thcipriani edited projects, added Release-Engineering-Team; removed Release-Engineering-Team (thcipriani-workboard-fiddling).
thcipriani edited projects, added Release-Engineering-Team (Seen); removed Release-Engineering-Team.Apr 20 2021, 3:24 PM
Krinkle closed this task as Declined.Sep 28 2021, 9:14 PM
Krinkle updated the task description. (Show Details)

Declining in favour of T121597: Implement MediaWiki pre-promote checks.

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits