backport tests: test mitigation for the segfault of if-match 412 #13283
+16,255
−556
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
mockbin.com redirects to insomnia official site and triggers a security policy, which makes tests fail.
Build 2.8 on Bazel KAG-2835
Several of these tests contained the following assertion after generating a certificate with the `kong hybrid gen_cert` command: ```lua assert(crt:get_not_before() >= ngx.time()) ``` This produces failures every now and again when the clock has advanced _just_ enough for ngx.time() to return `crt:get_not_before() + 1`. To fix this, we record the time _before_ generating the cert and validate against the stored timestamp. (cherry picked from commit b7a8361)
Please check the contained README.md. (cherry picked from commit f135c70) Co-authored-by: Zachary Hu <[email protected]>
… the changelog directory
* chore(test): remove prefix directory when stop_kong called (#12691) If the prefix is not cleaned up when stop_kong is called, it could impact subsequent tests, especially when later tests start Kong by a shell command, the Kong instance might be started up with the default `servroot` prefix. KAG-3808 (cherry picked from commit 3dd5bdb) * remove prefix directory for 2.8
…mit (#12693) (#12711) Replace `${{ secrets.GHA_COMMENT_TOKEN }}` with `${{ secrets.GITHUB_TOKEN }}`. The `${{ secrets.GHA_COMMENT_TOKEN }}` needs to be manually rotated, replacing it by `${{ secrets.GITHUB_TOKEN }}`, which is generated by each run of the workflow, so we don't need to rotate token anymore.
FTI-5842 (cherry picked from commit ed0b96d) Co-authored-by: Zachary Hu <[email protected]>
cherry-pick from Kong/kong-ee#9042 KAG-4775 (cherry picked from commit 8e86dba) Co-authored-by: Niklaus Schen <[email protected]>
* Create a clean version for 2.8 CE. * Add back changelog. --------- Co-authored-by: Zhongwei Yao <[email protected]>
With this patch, CI will notify a Kong Inc internal slack channel on every PR that performs a schema change.
It seems that if the do not merge label job is skipped then the second job doesn't run either: https://github.com/Kong/kong/actions/runs/4307151445/jobs/7511859202 This change splits the job into two and narrows down the events on which these jobs are triggered since the only meaninful input are the labels on the PR.
This is a bad practice which could cause merge conflicts and is against our backport policy.
It seems that Github Actions is not running these jobs even once even though the PRs are labelled at least once. This patch runs these jobs on other related PR activity.
chobits
added
chore
…lid http `IF-Match` header (#5757)
chobits
force-pushed
the
cherry-pick-2.8.5-fix-412
branch
from
4253fb8
to
e00abd4
Compare
github-actions
bot
removed
the
chore
chobits
changed the title
chobits
commented
Jun 22, 2024
| @@ -140,7 +140,7 @@ http { | |||
| listen $(entry.listener); | |||
| > end | |||
|
|
|||
| error_page 400 404 408 411 412 413 414 417 494 /kong_error_handler; | |||
| error_page 400 404 408 411 413 414 417 494 /kong_error_handler; | |||
There was a problem hiding this comment.
For the unmitigated version: if we do not remove 412 from test template, it will cause segfault(signal 11): https://github.com/Kong/kong/actions/runs/9625903064/job/26551305748
|
If it should not be merged, I tend to change it to draft. |
|
I'm closing it, it was originally used to test if this fix work for 2.8.5's mitigation method. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
You don't need to merge this pr, because the original segfault fix(removing 412 from template) has been verified mannually (see KAG-2394).
Summary
Checklist
changelog/unreleased/kongorskip-changeloglabel added on PR if changelog is unnecessary. README.mdIssue reference
Fix #[issue number]