Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[CI] SSLServiceTests testDeprecationOfTruststoreWithNoTrustedEntries failing #84703

Closed
valeriy42 opened this issue Mar 7, 2022 · 2 comments
Closed
Assignees
Labels
:Security/TLS SSL/TLS, Certificates Team:Security Meta label for security team >test-failure Triaged test failures from CI

Comments

@valeriy42
Copy link
Contributor

valeriy42 commented Mar 7, 2022

Failed 10 times in the past week. Only the branch 7.17 seems to be affected.

Build scan:
https://gradle-enterprise.elastic.co/s/ihvqccuwdouuk/tests/:x-pack:plugin:core:test/org.elasticsearch.xpack.core.ssl.SSLServiceTests/testDeprecationOfTruststoreWithNoTrustedEntries

Reproduction line:
./gradlew ':x-pack:plugin:core:test' --tests "org.elasticsearch.xpack.core.ssl.SSLServiceTests.testDeprecationOfTruststoreWithNoTrustedEntries" -Dtests.seed=9ADCFAB784EE0D5A -Dtests.locale=it -Dtests.timezone=America/Sao_Paulo -Druntime.java=16 -Dtests.fips.enabled=true

Applicable branches:
7.17

Reproduces locally?:
Yes

Failure history:
https://gradle-enterprise.elastic.co/scans/tests?tests.container=org.elasticsearch.xpack.core.ssl.SSLServiceTests&tests.test=testDeprecationOfTruststoreWithNoTrustedEntries

Failure excerpt:

java.lang.AssertionError: expected to see no trust entries deprecation but did not
Expected: <true>
     but: was <false>

  at __randomizedtesting.SeedInfo.seed([9ADCFAB784EE0D5A:71F39C93CD1E5798]:0)
  at org.hamcrest.MatcherAssert.assertThat(MatcherAssert.java:18)
  at org.elasticsearch.test.MockLogAppender$SeenEventExpectation.assertMatched(MockLogAppender.java:121)
  at org.elasticsearch.test.MockLogAppender.assertAllExpectationsMatched(MockLogAppender.java:55)
  at org.elasticsearch.xpack.core.ssl.SSLServiceTests.testDeprecationOfTruststoreWithNoTrustedEntries(SSLServiceTests.java:927)
  at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(NativeMethodAccessorImpl.java:-2)
  at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:78)
  at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
  at java.lang.reflect.Method.invoke(Method.java:567)
  at com.carrotsearch.randomizedtesting.RandomizedRunner.invoke(RandomizedRunner.java:1750)
  at com.carrotsearch.randomizedtesting.RandomizedRunner$8.evaluate(RandomizedRunner.java:938)
  at com.carrotsearch.randomizedtesting.RandomizedRunner$9.evaluate(RandomizedRunner.java:974)
  at com.carrotsearch.randomizedtesting.RandomizedRunner$10.evaluate(RandomizedRunner.java:988)
  at com.carrotsearch.randomizedtesting.rules.StatementAdapter.evaluate(StatementAdapter.java:36)
  at org.apache.lucene.util.TestRuleSetupTeardownChained$1.evaluate(TestRuleSetupTeardownChained.java:49)
  at org.apache.lucene.util.AbstractBeforeAfterRule$1.evaluate(AbstractBeforeAfterRule.java:45)
  at org.apache.lucene.util.TestRuleThreadAndTestName$1.evaluate(TestRuleThreadAndTestName.java:48)
  at org.apache.lucene.util.TestRuleIgnoreAfterMaxFailures$1.evaluate(TestRuleIgnoreAfterMaxFailures.java:64)
  at org.apache.lucene.util.TestRuleMarkFailure$1.evaluate(TestRuleMarkFailure.java:47)
  at com.carrotsearch.randomizedtesting.rules.StatementAdapter.evaluate(StatementAdapter.java:36)
  at com.carrotsearch.randomizedtesting.ThreadLeakControl$StatementRunner.run(ThreadLeakControl.java:368)
  at com.carrotsearch.randomizedtesting.ThreadLeakControl.forkTimeoutingTask(ThreadLeakControl.java:817)
  at com.carrotsearch.randomizedtesting.ThreadLeakControl$3.evaluate(ThreadLeakControl.java:468)
  at com.carrotsearch.randomizedtesting.RandomizedRunner.runSingleTest(RandomizedRunner.java:947)
  at com.carrotsearch.randomizedtesting.RandomizedRunner$5.evaluate(RandomizedRunner.java:832)
  at com.carrotsearch.randomizedtesting.RandomizedRunner$6.evaluate(RandomizedRunner.java:883)
  at com.carrotsearch.randomizedtesting.RandomizedRunner$7.evaluate(RandomizedRunner.java:894)
  at org.apache.lucene.util.AbstractBeforeAfterRule$1.evaluate(AbstractBeforeAfterRule.java:45)
  at com.carrotsearch.randomizedtesting.rules.StatementAdapter.evaluate(StatementAdapter.java:36)
  at org.apache.lucene.util.TestRuleStoreClassName$1.evaluate(TestRuleStoreClassName.java:41)
  at com.carrotsearch.randomizedtesting.rules.NoShadowingOrOverridesOnMethodsRule$1.evaluate(NoShadowingOrOverridesOnMethodsRule.java:40)
  at com.carrotsearch.randomizedtesting.rules.NoShadowingOrOverridesOnMethodsRule$1.evaluate(NoShadowingOrOverridesOnMethodsRule.java:40)
  at com.carrotsearch.randomizedtesting.rules.StatementAdapter.evaluate(StatementAdapter.java:36)
  at com.carrotsearch.randomizedtesting.rules.StatementAdapter.evaluate(StatementAdapter.java:36)
  at org.apache.lucene.util.TestRuleAssertionsRequired$1.evaluate(TestRuleAssertionsRequired.java:53)
  at org.apache.lucene.util.TestRuleMarkFailure$1.evaluate(TestRuleMarkFailure.java:47)
  at org.apache.lucene.util.TestRuleIgnoreAfterMaxFailures$1.evaluate(TestRuleIgnoreAfterMaxFailures.java:64)
  at org.apache.lucene.util.TestRuleIgnoreTestSuites$1.evaluate(TestRuleIgnoreTestSuites.java:54)
  at com.carrotsearch.randomizedtesting.rules.StatementAdapter.evaluate(StatementAdapter.java:36)
  at com.carrotsearch.randomizedtesting.ThreadLeakControl$StatementRunner.run(ThreadLeakControl.java:368)
  at java.lang.Thread.run(Thread.java:831)

@valeriy42 valeriy42 added :Security/TLS SSL/TLS, Certificates >test-failure Triaged test failures from CI labels Mar 7, 2022
@elasticmachine elasticmachine added the Team:Security Meta label for security team label Mar 7, 2022
@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-security (Team:Security)

valeriy42 added a commit that referenced this issue Mar 7, 2022
@tvernum tvernum self-assigned this Mar 7, 2022
tvernum added a commit to tvernum/elasticsearch that referenced this issue Mar 8, 2022
FIPS JSSE cannot read the common truststore formats (because the
underlying crypto algorithms are not FIPS compliant).
That means the `testDeprecationOfTruststoreWithNoTrustedEntries` test
is not applicable on FIPS

Resolves: elastic#84703
elasticsearchmachine pushed a commit that referenced this issue Mar 18, 2022
FIPS JSSE cannot read the common truststore formats (because the
underlying crypto algorithms are not FIPS compliant). That means the
`testDeprecationOfTruststoreWithNoTrustedEntries` test is not applicable
on FIPS

Resolves: #84703
@tvernum
Copy link
Contributor

tvernum commented Mar 23, 2022

Resolved by #84745

@tvernum tvernum closed this as completed Mar 23, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
:Security/TLS SSL/TLS, Certificates Team:Security Meta label for security team >test-failure Triaged test failures from CI
Projects
None yet
Development

No branches or pull requests

3 participants