Release 7.0.0 Actions

Release Notes

List of all issues included in release

Issues discovered in testing

Issues discovered in testing:

Discovered by	Issue	bb	db	nw
Andy	The only issue I’ve found so far is that the looping task producers emit an error to STDERR on every run. I have set up cron jobs to run the loopers daily and send us an email if there are errors, so now we’re receiving this error for every looper every day. WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by org.springframework.cglib.core.ReflectUtils$1 (file:/var/lib/duracloud/auditlog-generator.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int,java.security.ProtectionDomain) WARNING: Please consider reporting this to the maintainers of org.springframework.cglib.core.ReflectUtils$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release This is a known issue with Spring and Java 9+. https://github.com/spring-projects/spring-framework/issues/20414 It looks like this is addressed in more recent version of the Spring framework. The workaround is to add these parameters to the JVM. --add-opens java.base/java.lang=ALL-UNNAMED --add-opens java.base/java.lang.invoke=ALL-UNNAMED
Danny	opening duracloudsync-6.3.0-SNAPSHOT-osx-installer.app on my machine is failing (due to openjdk 13.0 security issue) . After removing the offending cask I am getting this: I'm pretty sure this is a local issue, but it would be good if Nicholas Woodward can confirm that it works on his machine.
Bill	The SyncTool installer is meant to check for Java prior to launch. At the moment, it is set (in installbuilder.xml) to require Java 7. This needs to be updated to Java 11. The related error messages should also be updated, along with the download link, which should be: https://www.oracle.com/java/technologies/javase-downloads.html JIRA ticket: Unable to locate Jira server for this macro. It may be due to Application Link configuration. PR: https://github.com/duracloud/duracloud/pull/133
Bill	The SyncTool installer for linux does not work on Ubuntu 20.04. The executable jar works just fine, so this will become the preferred installation method for linux users.
Nick	Found this while looking for anything below Java 11. Not sure if it's even still in use. https://github.com/duracloud/snapshot/blob/develop/resources/setup-bridge-server.sh. PR to remove this file (it's unused): https://github.com/duracloud/snapshot/pull/28

Testing of Completed Issues

Item	bb	db	nw
Unable to locate Jira server for this macro. It may be due to Application Link configuration.
Unable to locate Jira server for this macro. It may be due to Application Link configuration.
Unable to locate Jira server for this macro. It may be due to Application Link configuration.
Unable to locate Jira server for this macro. It may be due to Application Link configuration.
Unable to locate Jira server for this macro. It may be due to Application Link configuration.
Unable to locate Jira server for this macro. It may be due to Application Link configuration.
Unable to locate Jira server for this macro. It may be due to Application Link configuration.
Unable to locate Jira server for this macro. It may be due to Application Link configuration.
Unable to locate Jira server for this macro. It may be due to Application Link configuration.
Unable to locate Jira server for this macro. It may be due to Application Link configuration.
Unable to locate Jira server for this macro. It may be due to Application Link configuration.
Unable to locate Jira server for this macro. It may be due to Application Link configuration.
Unable to locate Jira server for this macro. It may be due to Application Link configuration.
Unable to locate Jira server for this macro. It may be due to Application Link configuration.
Unable to locate Jira server for this macro. It may be due to Application Link configuration.
Unable to locate Jira server for this macro. It may be due to Application Link configuration.
Unable to locate Jira server for this macro. It may be due to Application Link configuration.
Unable to locate Jira server for this macro. It may be due to Application Link configuration.
Unable to locate Jira server for this macro. It may be due to Application Link configuration.
Unable to locate Jira server for this macro. It may be due to Application Link configuration.
Unable to locate Jira server for this macro. It may be due to Application Link configuration.
Unable to locate Jira server for this macro. It may be due to Application Link configuration.

Regression Testing

Task

bb

db

nw

af

Perform Regression Tests

Verified: UI functions across user levels and browsers, media streaming, synctool, retrieval tool, rest api, Manifest, Audit, Snapshot actions, Storage Stats

Use ZAProxy to perform a security analysis

Use a test DuraCloud account with very little content
Start an Automated Scan
Remove any sites not relevant to DuraCloud from the "Sites" list
Generate an HTML and XML report and attach to this page

ZAProxy Report (html, xml)

Medium risk:
- jquery, version 1.7.1 is vulnerable
Low risk:
- Missing anti-CSFR tokens on login form
- Missing cookie settings (AWS cookies): HttpOnly flag, SameSite attribute, Secure flag
- Missing X-Content-Type-Options header

Build Tests

Test	bb	db	nw	af
Update all dependencies to 6.3.0-SNAPSHOT versions		Duracloud is pointing at duracloud-db-6.2.0 Management console is pointing to duracloud 6.2.0 and duracloud-db 6.2.0 Mill is pointing to duracloud-6.2.0 https://github.com/duracloud/duracloud/pull/132 https://github.com/duracloud/management-console/pull/40 https://github.com/duracloud/mill/pull/40 These are all fixed and updated.
mvn clean install (full build + integration tests) - DuraCloud DB
mvn clean install (full build + integration tests) - DuraCloud
mvn clean install (full build + integration tests) - Management Console
mvn clean install (full build + integration tests) - Mill
mvn clean install (full build + integration tests) - Snapshot

Release Actions - for each baseline (in this order): DB, DuraCloud, MC, Mill, Snapshot

Complete testing
Perform version release (v7.0.0): https://github.com/duracloud/deployment-docs/blob/master/release-new-version.md
- DuraCloud DB 7.0.0: https://github.com/duracloud/duracloud-db/releases/tag/duracloud-db-7.0.0
- DuraCloud 7.0.0: https://github.com/duracloud/duracloud/releases/tag/duracloud-7.0.0
- DuraCloud MC 7.0.0: https://github.com/duracloud/management-console/releases/tag/duracloud-mc-7.0.0
- DuraCloud Mill 4.0.0: https://github.com/duracloud/mill/releases/tag/duracloud-mill-4.0.0
- DuraCloud Bridge 3.0.0: https://github.com/duracloud/snapshot/releases/tag/duracloud-bridge-3.0.0
Deploy release zip to production Beanstalk
Create release notes in Github
Update documentation
Update download links to point to Github release

Page tree