Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

integration-cli: fix test rogue certs #43617

Merged
merged 1 commit into from
May 19, 2022
Merged

integration-cli: fix test rogue certs #43617

merged 1 commit into from
May 19, 2022

Conversation

crazy-max
Copy link
Member

@crazy-max crazy-max commented May 19, 2022
edited

follow-up #43613 (comment)

while working on #43529, I encounter an issue with this test:

[2022-05-18T13:57:36.674Z] === Failed
[2022-05-18T13:57:36.674Z] === FAIL: amd64.integration-cli TestDockerDaemonSuite/TestHTTPSInfoRogueServerCert (0.55s)
[2022-05-18T13:57:36.674Z]     docker_cli_daemon_test.go:1407: Expected err: x509: certificate signed by unknown authority, got instead: exit status 1 and output: error during connect: Get "https://localhost:4272/v1.30/info": x509: certificate relies on legacy Common Name field, use SANs instead
[2022-05-18T13:57:36.674Z]     --- FAIL: TestDockerDaemonSuite/TestHTTPSInfoRogueServerCert (0.55s)
[2022-05-18T13:57:36.674Z] 
[2022-05-18T13:57:36.674Z] === FAIL: amd64.integration-cli TestDockerDaemonSuite (335.42s)

root cause is that the new Dockerfile now builds the docker cli for the integration tests:

moby/Dockerfile

Lines 453 to 460 in 1bf5dbb

FROM dockercli-base AS dockercli
RUN --mount=from=dockercli-src,src=/usr/src/dockercli/components/cli,rw \
--mount=type=cache,target=/root/.cache \
--mount=type=cache,target=/go/pkg/mod <<EOT
set -e
go build -o /out/docker -v ./cmd/docker
xx-verify /out/docker
EOT

previously the Dockerfile was just downloading the docker cli from download.docker.com and this one was using an old Go version that didn't have this requirement for an alt name yet. I think it's fair to update the rogue certs as in the future we are going to have the exact same issue anyway.

cc @thaJeztah

Signed-off-by: CrazyMax crazy-max@users.noreply.github.com

@crazy-max
integration-cli: fix test rogue certs
3b157dc 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
@crazy-max crazy-max requested a review from tianon as a code owner May 19, 2022 08:59
thaJeztah
thaJeztah approved these changes May 19, 2022
View reviewed changes
Copy link
Member

@thaJeztah thaJeztah left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM (if green) 👍

@thaJeztah thaJeztah merged commit 4f80313 into moby:master May 19, 2022
@crazy-max crazy-max deleted the fix-rogue-certs branch May 20, 2022 01:24
@thaJeztah thaJeztah added this to the 22.06.0 milestone Aug 20, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@thaJeztah thaJeztah thaJeztah approved these changes

@tianon tianon Awaiting requested review from tianon tianon is a code owner

Assignees
No one assigned
Labels
area/testing status/2-code-review
Projects
None yet
Milestone
23.0.0
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@crazy-max @thaJeztah