Problem/Motivation

Follow-up #3351895: Add Drush command to allow running cron updates via console and by a separate user, for defense-in-depth. Pretty much the same reasoning as #3351895 but we can't rely on Drush in Drupal core

Proposed resolution

Add a symfony console command that allows running updates. Remove the existing drush command since this was only in Alpha version and all references to Drush in the codebase

Remaining tasks

User interface changes

API changes

Data model changes

Issue fork automatic_updates-3360485

Command icon Show commands

Start within a Git clone of the project using the version control instructions.

Or, if you do not have SSH keys set up on git.drupalcode.org:

About issue forks

Comments

tedbow created an issue. See original summary.

tedbow’s picture

tedbow
he/him
Primary language English
Location Ithaca, NY, USA
commented
Issue tags: +Security improvements

Not adding sprint tag right now as I figure out what else needs to be done for #3284443: Enable unattended updates

tedbow’s picture

tedbow
he/him
Primary language English
Location Ithaca, NY, USA
commented

core/scripts/db-tools.php might be a example of how to write a php file to invoke a console command.

\Drupal\Core\Command\ServerCommand::boot might be a example of how to create a command the boots

tedbow’s picture

tedbow
he/him
Primary language English
Location Ithaca, NY, USA
commented
Issue summary: View changes
wim leers’s picture

wim leers
Location Ghent 🇧🇪🇪🇺
commented
Title: Add symfony console Command to allow running cron updates via console and by a separate user, for defense-in-depth » Add Symfony Console command to allow running cron updates via console and by a separate user, for defense-in-depth
Priority: Normal » Major

#3++

Why is this not Major? Is this not blocking a commit to Drupal core? (Drupal core does not provide Drush commands, and we won't be allowed to change that.)

phenaproxima made their first commit to this issue’s fork.

phenaproxima opened merge request !942

tedbow’s picture

tedbow
he/him
Primary language English
Location Ithaca, NY, USA
commented
Issue summary: View changes
tedbow’s picture

tedbow
he/him
Primary language English
Location Ithaca, NY, USA
commented
Status: Active » Needs work
tedbow’s picture

tedbow
he/him
Primary language English
Location Ithaca, NY, USA
commented
Issue tags: +sprint
tedbow’s picture

tedbow
he/him
Primary language English
Location Ithaca, NY, USA
commented
Assigned: Unassigned » phenaproxima

There is on todo left pointing to this issue in \Drupal\Tests\automatic_updates\Kernel\TestCronUpdateStage::runTerminalUpdateCommand()

// @todo Determine if the terminal command can be run in kernel tests when
    //   the Drush dependency is removed in https://drupal.org/i/3360485.
    //   Drush\TestTraits\DrushTestTrait only works with functional tests.

We don't actually need to run the command in kernel tests as of now so we could just remove the todo. We if we could run the command in kernel tests then we could probably convert StatusCheckFailureEmailTest back to kernel test which was before #3357969: For web server dependent unattended updates run the entire life cycle in a separate process that will not be affected by hosting time limits but that is not super important as it does work as a functional.

Either way we need to remove the todo

phenaproxima’s picture

phenaproxima
he/him
Primary language English
Location Massachusetts
commented
Assigned: phenaproxima » Unassigned

Re #11, I have removed the todo. I don't think we can run the terminal command in kernel tests, because it needs to boot into a real(-ish) Drupal site with a real file system, and kernel tests don't have either of those things. (It's true that our kernel tests use the real file system for certain things, but those stub sites are not bootable.)

phenaproxima’s picture

phenaproxima
he/him
Primary language English
Location Massachusetts
commented
Assigned: Unassigned » tedbow
Status: Needs work » Needs review
phenaproxima’s picture

phenaproxima
he/him
Primary language English
Location Massachusetts
commented
tedbow’s picture

tedbow
he/him
Primary language English
Location Ithaca, NY, USA
commented
Status: Needs review » Reviewed & tested by the community

Looks good!

RTBC, hoping both branches pass

  • phenaproxima committed 1bd55d50 on 3.0.x 
    Issue #3360485 by phenaproxima, tedbow: Add Symfony Console command to...
phenaproxima’s picture

phenaproxima
he/him
Primary language English
Location Massachusetts
commented
Status: Reviewed & tested by the community » Fixed

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.