OCPBUGS-64799: TLS 1.3 / Modern profile tests #29611
Conversation
openshift-ci
bot
added
the
do-not-merge/work-in-progress
jacobsee
changed the title
openshift-ci
bot
removed
the
do-not-merge/work-in-progress
|
Supports OCPBUGS-37706, OCPSTRAT-1364 |
|
Job Failure Risk Analysis for sha: 6c00d75
|
|
/lgtm |
|
/retest-required |
|
Job Failure Risk Analysis for sha: ff62120
|
|
which jobs run the new test ? i have checked |
|
Job Failure Risk Analysis for sha: b6d72fd
|
@jacobsee I think you need to run |
|
@p0lyn0mial Thanks! I hadn't seen that. It's in there now, and I've realized that it should probably be marked [slow] as well. To your earlier comment, do we now still need to pick jobs to run this? This is my first brush with the origin tests, so I'm not sure what all is needed to get a new one plugged in correctly. |
|
Job Failure Risk Analysis for sha: 39e5f22
|
it looks like you could use xref: https://docs.ci.openshift.org/docs/release-oversight/pull-request-testing/#payload-job we just need to find a periodic job that will run your test. maybe some serial test from ? so, overall:
|
|
@p0lyn0mial: trigger 1 job(s) for the /payload-(with-prs|job|aggregate|job-with-prs|aggregate-with-prs) command
See details on https://pr-payload-tests.ci.openshift.org/runs/ci/745c1ee0-0985-11f0-8a93-335e1efa7bdb-0 |
|
@p0lyn0mial Addressed several things - however the wait for etcd to stabilize was a deliberate decision after a chat with @dusk125 however, so maybe we should bring that context to this thread here. The thinking was that it is also desirable to have a test for etcd's TLS 1.3 stability, and the test would have 90% the same code as this one (just with a different check in the middle), so we might we well ensure that both stabilize here to avoid duplicating an already-slow test. |
|
Job Failure Risk Analysis for sha: 76dc7ef
|
|
/payload-job-with-prs periodic-ci-openshift-release-master-ci-4.19-e2e-aws-ovn openshift/kubernetes#2135 |
|
@jacobsee: trigger 1 job(s) for the /payload-(with-prs|job|aggregate|job-with-prs|aggregate-with-prs) command
See details on https://pr-payload-tests.ci.openshift.org/runs/ci/5ac351c0-0e39-11f0-9a0c-207cdc87222c-0 |
|
/test e2e-metal-ipi-ovn-ipv6 |
|
/cherry-pick release-4.20 |
|
@wangke19: once the present PR merges, I will cherry-pick it on top of In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
/cherry-pick release-4.19 |
|
@wangke19: once the present PR merges, I will cherry-pick it on top of In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
/cherry-pick release-4.18 |
|
@wangke19: once the present PR merges, I will cherry-pick it on top of In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
/approve |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: dusk125, jacobsee, petr-muller, sanchezl, wangke19 The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci
bot
added
the
approved
|
Scheduling required tests: |
|
@jacobsee: Jira Issue Verification Checks: Jira Issue OCPBUGS-64799 Jira Issue OCPBUGS-64799 has been moved to the MODIFIED state and will move to the VERIFIED state when the change is available in an accepted nightly payload. 🕓 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
@wangke19: new pull request created: #30522 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
@wangke19: new pull request created: #30523 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
@wangke19: new pull request created: #30524 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
This reverts commit 66bb721.
…)" This reverts commit 10dab7a.
This commit fixes two bugs in the TLS test that were causing failures:
1. Variable shadowing bug (line 145):
- Changed `err := conn.Close()` to `closeErr := conn.Close()`
- The original code shadowed the outer `err` variable, making the
test logic confusing and error-prone
- Now the test correctly checks the Dial error, not the Close error
2. Missing URL prefix stripping in cipher test (line 168-170):
- Added `host := strings.TrimPrefix(oc.AdminConfig().Host, "https://")`
- The cipher test was trying to dial with "https://..." prefix
- tls.Dial expects "host:port" format, not a URL
3. Improved error handling in cipher test (line 172):
- Properly capture and use closeErr instead of calling conn.Close()
inline in the error message
These fixes address the test failures reported in:
periodic-ci-openshift-release-master-nightly-4.21-e2e-metal-ipi-ovn-bm
Related: PR openshift#30533 (the revert), PR openshift#29611 (original implementation)
This commit fixes two bugs in the TLS test that were causing failures:
1. Variable shadowing bug (line 145):
- Changed `err := conn.Close()` to `closeErr := conn.Close()`
- The original code shadowed the outer `err` variable, making the
test logic confusing and error-prone
- Now the test correctly checks the Dial error, not the Close error
2. Missing URL prefix stripping in cipher test (line 168-170):
- Added `host := strings.TrimPrefix(oc.AdminConfig().Host, "https://")`
- The cipher test was trying to dial with "https://..." prefix
- tls.Dial expects "host:port" format, not a URL
3. Improved error handling in cipher test (line 172):
- Properly capture and use closeErr instead of calling conn.Close()
inline in the error message
These fixes address the test failures reported in:
periodic-ci-openshift-release-master-nightly-4.21-e2e-metal-ipi-ovn-bm
Related: PR openshift#30533 (the revert), PR openshift#29611 (original implementation)
This commit fixes two bugs in the TLS test that were causing failures:
1. Variable shadowing bug (line 145):
- Changed `err := conn.Close()` to `closeErr := conn.Close()`
- The original code shadowed the outer `err` variable, making the
test logic confusing and error-prone
- Now the test correctly checks the Dial error, not the Close error
2. Missing URL prefix stripping in cipher test (line 168-170):
- Added `host := strings.TrimPrefix(oc.AdminConfig().Host, "https://")`
- The cipher test was trying to dial with "https://..." prefix
- tls.Dial expects "host:port" format, not a URL
3. Improved error handling in cipher test (line 172):
- Properly capture and use closeErr instead of calling conn.Close()
inline in the error message
These fixes address the test failures reported in:
periodic-ci-openshift-release-master-nightly-4.21-e2e-metal-ipi-ovn-bm
Related: PR openshift#30533 (the revert), PR openshift#29611 (original implementation)
12 participants
This PR:
cc: @dusk125