New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[release/1.6] Fix ambiguous tls fallback #9300
[release/1.6] Fix ambiguous tls fallback #9300
Conversation
The TLS fallback should only be used when the protocol is ambiguous due to provided TLS configurations and defaulting to http. Do not add TLS configurations when defaulting to http. When the port is 80 or will be defaulted to 80, there is no protocol ambiguity and TLS fallback should not be used. Signed-off-by: Derek McGowan <derek@mcg.dev> (cherry picked from commit d48ceb6) Signed-off-by: Derek McGowan <derek@mcg.dev>
When the HTTP fallback is used, the scheme changes from HTTPS to HTTP which can cause a mismatch on redirect, causing the authorizer to get stripped out. Since the redirect host must match the redirect host in this case, credentials are only sent to the same origin host that returned the redirect. This fixes an issue for a push getting a 401 unauthorized on the PUT request even though credentials are available. Signed-off-by: Derek McGowan <derek@mcg.dev> (cherry picked from commit 466ee87) Signed-off-by: Derek McGowan <derek@mcg.dev>
/retest |
k8s-ci-robot now reruns GitHub Actions with the retest command? That's new. I just wanted the one aborted prow job to rerun... /test pull-containerd-node-e2e |
@samuelkarp: The specified target(s) for
Use In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
@samuelkarp It was added so that the github workflows could be retriggered by the author of the PR. Otherwise, only org members/owners could retrigger a github workflow Also, the aborted job is for the main branch. In |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
Looks like it got triggered because of this?
|
/test all |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM if green
The integration test failure seems unrelated to the changes in this PR. Can the job be retriggered and checked? |
/test all |
So we may need to do something on Prow side. I don't think I can cancel the job. Can I? |
@kzys It can be ignored, since that test is not supposed to run on this branch(release/1.6). I am not sure if github allows to merge by overriding the failing check. |
I merged it anyway. I don't think there's a way to clear |
Backport