Skip to content

ocsp: rotate certs of test data to fix flaky tests#23635

Merged
wbpcode merged 2 commits intoenvoyproxy:mainfrom
wbpcode:dev-investigate-tls-tests
Oct 24, 2022
Merged

ocsp: rotate certs of test data to fix flaky tests#23635
wbpcode merged 2 commits intoenvoyproxy:mainfrom
wbpcode:dev-investigate-tls-tests

Conversation

@wbpcode
Copy link
Copy Markdown
Member

@wbpcode wbpcode commented Oct 23, 2022

Commit Message: ocsp: rotate certs of test data to fix flaky tests
Additional Description:

See #23632.

Risk Level: none. test only update.
Testing: n/a.
Docs Changes: n/a.
Release Notes: n/a.
Platform Specific Features: n/a.

ocsp: rotate certs of test data
d8e02fa 
Signed-off-by: wbpcode <wangbaiping@corp.netease.com>
fix format
4f52ed9 
Signed-off-by: wbpcode <wangbaiping@corp.netease.com>
@wbpcode
Copy link
Copy Markdown
Member Author

wbpcode commented Oct 23, 2022

cc @ggreenway cc @lizan

Almost all PRs was blocked by the flaky test and this PR should fixed it.

@wbpcode
Copy link
Copy Markdown
Member Author

wbpcode commented Oct 24, 2022

cc @alyssawilk Here fixed the flaky ci.

alyssawilk
alyssawilk approved these changes Oct 24, 2022
View reviewed changes
Copy link
Copy Markdown
Contributor

@alyssawilk alyssawilk left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the fix!

@wbpcode wbpcode merged commit 051c119 into envoyproxy:main Oct 24, 2022
@phlax
Copy link
Copy Markdown
Member

phlax commented Oct 24, 2022

i wonder if we can give these certs a longer ttl so we dont need to update them so frequently

@wbpcode
Copy link
Copy Markdown
Member Author

wbpcode commented Oct 24, 2022

i wonder if we can give these certs a longer ttl so we dont need to update them so frequently

I agree. Now it's two years, I think. For test, I think a longer ttl is completely ok.

wbpcode pushed a commit to wbpcode/envoy that referenced this pull request Oct 24, 2022
ocsp: rotate certs of test data to fix flaky tests (envoyproxy#23635)
506e222 
* ocsp: rotate certs of test data

Signed-off-by: wbpcode <wangbaiping@corp.netease.com>

* fix format

Signed-off-by: wbpcode <wangbaiping@corp.netease.com>

Signed-off-by: wbpcode <wangbaiping@corp.netease.com>
@wbpcode wbpcode mentioned this pull request Oct 24, 2022
Merged
@wbpcode
Copy link
Copy Markdown
Member Author

wbpcode commented Oct 24, 2022

We can update these certs refresh script with a pr to achieve this target. Or even generate certs dynamically at runtime?

@phlax
Copy link
Copy Markdown
Member

phlax commented Oct 24, 2022

either way seems ok - not sure how long they take to generate - but probably they can just be generated dynamically

phlax pushed a commit that referenced this pull request Oct 25, 2022
backport: ocsp: rotate certs of test data to fix flaky tests (#23635) (
0fb8620 
…#23641)

Signed-off-by: wbpcode <wangbaiping@corp.netease.com>
@ggreenway
Copy link
Copy Markdown
Member

ggreenway commented Oct 31, 2022

I'd prefer to have the certs generated by bazel and not checked into the repo; this would fix the issue that old versions of envoy will always fail tests.

@wbpcode wbpcode deleted the dev-investigate-tls-tests branch November 2, 2022 02:12
phlax pushed a commit to phlax/envoy that referenced this pull request Nov 3, 2022
@phlax
backport: ocsp: rotate certs of test data to fix flaky tests (envoypr…
668d8fc 
…oxy#23635)

Signed-off-by: wbpcode <wangbaiping@corp.netease.com>
Signed-off-by: Ryan Northey <ryan@synca.io>

Signed-off-by: code <wangbaiping@corp.netease.com>
phlax pushed a commit that referenced this pull request Nov 3, 2022
@phlax
backport: ocsp: rotate certs of test data to fix flaky tests (#23635)
e02d9f9 
Signed-off-by: wbpcode <wangbaiping@corp.netease.com>
Signed-off-by: Ryan Northey <ryan@synca.io>

Signed-off-by: code <wangbaiping@corp.netease.com>
phlax pushed a commit to phlax/envoy that referenced this pull request Nov 8, 2022
@phlax
ocsp: rotate certs of test data to fix flaky tests (envoyproxy#23635)
290a8a2 
* ocsp: rotate certs of test data

Signed-off-by: wbpcode <wangbaiping@corp.netease.com>

* fix format

Signed-off-by: wbpcode <wangbaiping@corp.netease.com>

Signed-off-by: wbpcode <wangbaiping@corp.netease.com>
Signed-off-by: Ryan Northey <ryan@synca.io>
phlax pushed a commit that referenced this pull request Nov 8, 2022
@phlax
ocsp: rotate certs of test data to fix flaky tests (#23635)
3a43ea7 
* ocsp: rotate certs of test data

Signed-off-by: wbpcode <wangbaiping@corp.netease.com>

* fix format

Signed-off-by: wbpcode <wangbaiping@corp.netease.com>

Signed-off-by: wbpcode <wangbaiping@corp.netease.com>
Signed-off-by: Ryan Northey <ryan@synca.io>
@phlax phlax mentioned this pull request Nov 9, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lizan lizan Awaiting requested review from lizan

@ggreenway ggreenway Awaiting requested review from ggreenway ggreenway is a code owner

1 more reviewer

@alyssawilk alyssawilk alyssawilk approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@lizan lizan

@ggreenway ggreenway

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@wbpcode @phlax @ggreenway @alyssawilk @lizan