Would be a good idea.

Comments

coltrane’s picture

coltrane
he/him
CreditAttribution: coltrane commented

+1 to this. Let me know if I can help at all. So far the output is minimal but if it's super helpful to expand it I can.

Here's output for one my D7 sites.
drush --nocolor secrev

Text formats                                                           [success]
Content                                                                  [error]
Error reporting                                                          [error]
Private files                                                            [error]
Allowed upload extensions                                              [success]
Drupal permissions                                                     [success]
Executable PHP                                                         [success]
Drupal base URL                                                          [error]
Temporary files                                                          [error]

(Edited to remove stderr redirection)

mlhess’s picture

mlhess CreditAttribution: mlhess commented
Assigned: Unassigned » mlhess

Do we want to make this Jenkins job and run it once a (month?)

Michael

greggles’s picture

greggles
he/him
Primary language English
Location Denver, Colorado, USA
CreditAttribution: greggles commented
Title: Run "drush secrev" on every live site and mail output to security@d.o » Have jenkins run "drush secrev" on every live site and mail output to security@d.o on a regular basis

Yes, sorry if that wasn't clear. I think every day.

greggles’s picture

greggles
he/him
Primary language English
Location Denver, Colorado, USA
CreditAttribution: greggles commented

Got a job setup with a few sites commented out: http://localhost:8080/job/secrev

Association fails with:

CiviCRM does not have permission to write temp files in /var/www/association.drupal.org/civicrm-files/templates_c/en_US/, ExitingDrush command terminated abnormally due to an unrecoverable error. [error]

The module is missing from:

* localize
* portland
* qa
* security.d.o (how embarrassing!)

I tried to enable it on security.d.o but there was some problem with deployment: http://localhost:8080/view/Security/job/deploy_security.drupal.org/65/co...

The job is set to mail coltrane and me and will run "H H * * *" (i.e. daily).

Right now there are a few false-positive failures.

Oddly enough it marks a build as succeeding even with an error like:

"Comments [error]"

I thought drush_print with an error would raise an error exit code. no?

drumm’s picture

drumm
he/him
Location NY, US
CreditAttribution: drumm commented

Association drush often requires sudo -u bender drush ... to work around those permissions. This is not an issue for Jenkins because it is bender.

The security deployment problem is a symptom of #2035815: Add infrastructure clone to Puppet. I fixed the permissions in the meantime.

greggles’s picture

greggles
he/him
Primary language English
Location Denver, Colorado, USA
CreditAttribution: greggles commented

Cool, enabled association and security.d.o now and re-ran it and it seems to be working.

Mixologic’s picture

Mixologic
He/Him/His
Primary language English
Location Portland, OR
CreditAttribution: Mixologic commented
Component: Other » Continuous Integration
Issue summary: View changes

Updating component

mlhess’s picture

mlhess CreditAttribution: mlhess commented
Status: Active » Fixed

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.