8000 proxy: Identity integration tests don't exercise HTTP proxy · Issue #4947 · linkerd/linkerd2 · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

proxy: Identity integration tests don't exercise HTTP proxy #4947

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
olix0r opened this issue Sep 8, 2020 · 3 comments
Closed

proxy: Identity integration tests don't exercise HTTP proxy #4947

olix0r opened this issue Sep 8, 2020 · 3 comments
Assignees
@hawkw
Labels
area/proxy wontfix

Comments

@olix0r
Copy link
Member
olix0r commented Sep 8, 2020
edited
Loading

Tests like http[1|2]_outbound_tls_works_before_identity_is_certified don't actually exercise the http proxy. Instead, they incorrectly build their own TLS'd HTTP clients and servers, and then exercise the TCP proxy. In order to modify the TCP forwarding stack, these tests must be changed to exercise the actual proxy behavior.

https://github.com/linkerd/linkerd2-proxy/blob/23995e7fb6eae5ede81048bdf9e4f68f7e81c7a9/linkerd/app/integration/tests/identity.rs#L201-L217

If I understand correctly, all of the TLS-related infrastructure in the tests should be removed (client, server); and we should instead use normal plaintext clients and validate the states otherwise (headers? metrics?)

[     0.33353667s] TRACE ThreadId(03) proxy{test=http1_outbound_tls_works_before_identity_is_certified:proxy}:outbound:accept{peer.addr=127.0.0.1:35580}: linkerd2_proxy_http::version: Not HTTP bytes=[22, 3, 1, 1, 17, 1, 0, 1, 13, 3, 3, 97, 162, 23, 33, 20, 185, 45, 122, 141, 51, 68, 175, 140, 253, 33, 2, 250, 197, 145, 41, 187, 74, 166, 191, 9, 123, 240, 107, 196, 86, 231, 188, 32, 171, 60, 74, 193, 51, 5, 120, 167, 88, 184, 141, 80, 92, 244, 225, 38, 205, 45, 214, 74, 220, 76, 53, 191, 143, 143, 11, 12, 175, 216, 195, 11, 0, 20, 19, 3, 19, 2, 19, 1, 204, 169, 204, 168, 192, 44, 192, 43, 192, 48, 192, 47, 0, 255, 1, 0, 0, 176, 0, 43, 0, 5, 4, 3, 4, 3, 3, 0, 0, 0, 58, 0, 56, 0, 0, 53, 98, 97, 114, 46, 110, 115, 49, 46, 115, 101, 114, 118, 105, 99, 101, 97, 99, 99, 111, 117, 110, 116, 46, 105, 100, 101, 110, 116, 105, 116, 121, 46, 108, 105, 110, 107, 101, 114, 100, 46, 99, 108, 117, 115, 116, 101, 114, 46, 108, 111, 99, 97, 108, 0, 11, 0, 2, 1, 0, 0, 10, 0, 8, 0, 6, 0, 29, 0, 24, 0, 23, 0, 13, 0, 18, 0, 16, 5, 3, 4, 3, 8, 6, 8, 5, 8, 4, 6, 1, 5, 1, 4, 1, 0, 23, 0, 0, 0, 5, 0, 5, 1, 0, 0, 0, 0, 0, 51, 0, 38, 0, 36, 0, 29, 0, 32, 208, 251, 16, 139, 56, 124, 247, 205, 106, 121, 70, 247, 210, 125, 134, 126, 228, 142, 160, 169, 204, 187, 150, 58, 167, 7, 48, 62, 173, 232, 51, 86, 0, 45, 0, 2, 1, 1, 0, 35, 0, 0]
[     0.33470237s] TRACE ThreadId(03) proxy{test=http1_outbound_tls_works_before_identity_is_certified:proxy}:outbound:accept{peer.addr=127.0.0.1:35580}: linkerd2_proxy_http::version: h2.preface=[80, 82, 73, 32, 42, 32, 72, 84, 84, 80, 47, 50, 46, 48, 13, 10, 13, 10, 83, 77, 13, 10, 13, 10]
[     0.33524683s] TRACE ThreadId(03) proxy{test=http1_outbound_tls_works_before_identity_is_certified:proxy}:outbound:accept{peer.addr=127.0.0.1:35580}: linkerd2_proxy_http::detect: Forwarding TCP
olix0r added a commit to linkerd/linkerd2-proxy that referenced this issue Sep 8, 2020
@olix0r
Disable identity tests, per linkerd/linkerd2#4947; add debug logging
84a09c2
hawkw pushed a commit to linkerd/linkerd2-proxy that referenced this issue Sep 10, 2020
@olix0r @hawkw
Disable identity tests, per linkerd/linkerd2#4947; add debug logging
c0fff39
@grampelberg
Copy link
Contributor

@hawkw is this done?

@hawkw
Copy link
Contributor
hawkw commented Sep 28, 2020

linkerd/linkerd2-proxy#658 should fix this when it lands.

olix0r pushed a commit to linkerd/linkerd2-proxy that referenced this issue Oct 9, 2020
@hawkw
Update integration tests (#702)
a6f51c3 
Removes defunct identity tests per linkerd/linkerd2#4947
@stale
Copy link
stale bot 7733 commented Jan 10, 2021

This issue has been automatically marked as stale because it has not had recent activity. It will be closed in 14 days if no further activity occurs. Thank you for your contributions.

@stale stale bot added the wontfix label Jan 10, 2021
@olix0r olix0r closed this as completed Jan 10, 2021
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jul 16, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@hawkw hawkw

Labels
area/proxy wontfix
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@grampelberg @olix0r @hawkw
0