Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Flaky] Compile failure due to 403 from lucene snapshots #3597

Closed
peternied opened this issue Oct 25, 2023 · 5 comments · Fixed by #3912
Closed

[Flaky] Compile failure due to 403 from lucene snapshots #3597

peternied opened this issue Oct 25, 2023 · 5 comments · Fixed by #3912
Labels
flaky-test Flaky Test issue triaged Issues labeled as 'Triaged' have been reviewed and are deemed actionable. untriaged Require the attention of the repository maintainers and may need to be prioritized

Comments

@peternied
Copy link
Member

Description

We've seen failures a number of times trying to get resources from the lucene cloudfront url.

> Task :compileJava UP-TO-DATE
Failed to get resource: HEAD. [HTTP HTTP/1.1 403 Forbidden: https://d1nvenhzbhpy0q.cloudfront.net/snapshots/lucene/net/shibboleth/utilities/java-support/8.4.0/java-support-8.4.0.pom)]
Failed to get resource: HEAD. [HTTP HTTP/1.1 403 Forbidden: https://d1nvenhzbhpy0q.cloudfront.net/snapshots/lucene/org/opensaml/opensaml-core/4.3.0/opensaml-core-4.3.0.pom)]
Failed to get resource: HEAD. [HTTP HTTP/1.1 403 Forbidden: https://d1nvenhzbhpy0q.cloudfront.net/snapshots/lucene/org/opensaml/opensaml-security-impl/4.3.0/opensaml-security-impl-4.3.0.pom)]
Failed to get resource: HEAD. [HTTP HTTP/1.1 403 Forbidden: https://d1nvenhzbhpy0q.cloudfront.net/snapshots/lucene/org/opensaml/opensaml-security-api/4.3.0/opensaml-security-api-4.3.0.pom)]
Failed to get resource: HEAD. [HTTP HTTP/1.1 403 Forbidden: https://d1nvenhzbhpy0q.cloudfront.net/snapshots/lucene/org/opensaml/opensaml-xmlsec-api/4.3.0/opensaml-xmlsec-api-4.3.0.pom)]
Failed to get resource: HEAD. [HTTP HTTP/1.1 403 Forbidden: https://d1nvenhzbhpy0q.cloudfront.net/snapshots/lucene/org/opensaml/opensaml-xmlsec-impl/4.3.0/opensaml-xmlsec-impl-4.3.0.pom)]
Failed to get resource: HEAD. [HTTP HTTP/1.1 403 Forbidden: https://d1nvenhzbhpy0q.cloudfront.net/snapshots/lucene/org/opensaml/opensaml-saml-api/4.3.0/opensaml-saml-api-4.3.0.pom)]
Failed to get resource: HEAD. [HTTP HTTP/1.1 403 Forbidden: https://d1nvenhzbhpy0q.cloudfront.net/snapshots/lucene/org/opensaml/opensaml-saml-impl/4.3.0/opensaml-saml-impl-4.3.0.pom)]
Failed to get resource: HEAD. [HTTP HTTP/1.1 403 Forbidden: https://d1nvenhzbhpy0q.cloudfront.net/snapshots/lucene/org/opensaml/opensaml-messaging-api/4.3.0/opensaml-messaging-api-4.3.0.pom)]
Failed to get resource: HEAD. [HTTP HTTP/1.1 403 Forbidden: https://d1nvenhzbhpy0q.cloudfront.net/snapshots/lucene/org/opensaml/opensaml-storage-api/4.3.0/opensaml-storage-api-4.3.0.pom)]

Excepted Result

Lucene snapshot should never return 403s, only 200s or 404s.
@peternied peternied added the flaky-test Flaky Test issue label Oct 25, 2023
@github-actions github-actions bot added the untriaged Require the attention of the repository maintainers and may need to be prioritized label Oct 25, 2023
@peternied
Copy link
Member Author

@peternied peternied mentioned this issue Oct 25, 2023
Closed
@peternied
Copy link
Member Author

@stephen-crawford
Copy link
Contributor

[Triage] @reta shared there are actually no Lucene Snapshots in main for several weeks so the cause of this failure is not obvious.

Adding action items for:

  • Determine root of failure
  • Bump/patch/fix as required

Associated context will have to be taken from the linked logs: https://github.com/opensearch-project/security/actions/runs/6658542778/job/18095643149?pr=3601

@stephen-crawford stephen-crawford added triaged Issues labeled as 'Triaged' have been reviewed and are deemed actionable. and removed untriaged Require the attention of the repository maintainers and may need to be prioritized labels Oct 30, 2023
@cwperks
Copy link
Member

cwperks commented Dec 19, 2023

@peternied Can this issue be closed? I believe opensearch-project/opensearch-build#3874 will help with stability.

@cwperks cwperks closed this as completed Dec 19, 2023
@cwperks cwperks reopened this Dec 19, 2023
@github-actions github-actions bot added the untriaged Require the attention of the repository maintainers and may need to be prioritized label Dec 19, 2023
@peternied
Copy link
Member Author

I think we need to switch to the new url... looking into this

@peternied peternied mentioned this issue Jan 3, 2024
Merged
3 tasks
willyborankin pushed a commit that referenced this issue Jan 3, 2024
@peternied
Switched to more reliable OpenSearch Lucene snapshot location (#3912)
31f1625 
### Description
Switched to more reliable OpenSearch Lucene snapshot location

### Issues Resolved
- Resolves #3597

### Check List
- [ ] ~New functionality includes testing~
- [ ] ~New functionality has been documented~
- [X] Commits are signed per the DCO using --signoff

By submitting this pull request, I confirm that my contribution is made
under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and
signing off your commits, please check
[here](https://github.com/opensearch-project/OpenSearch/blob/main/CONTRIBUTING.md#developer-certificate-of-origin).

Signed-off-by: Peter Nied <[email protected]>
opensearch-trigger-bot bot pushed a commit that referenced this issue Jan 3, 2024
@github-actions
Switched to more reliable OpenSearch Lucene snapshot location (#3912)
e1ca282 
### Description
Switched to more reliable OpenSearch Lucene snapshot location

### Issues Resolved
- Resolves #3597

### Check List
- [ ] ~New functionality includes testing~
- [ ] ~New functionality has been documented~
- [X] Commits are signed per the DCO using --signoff

By submitting this pull request, I confirm that my contribution is made
under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and
signing off your commits, please check
[here](https://github.com/opensearch-project/OpenSearch/blob/main/CONTRIBUTING.md#developer-certificate-of-origin).

Signed-off-by: Peter Nied <[email protected]>
(cherry picked from commit 31f1625)
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
dlin2028 pushed a commit to dlin2028/security that referenced this issue May 1, 2024
@peternied @dlin2028
Switched to more reliable OpenSearch Lucene snapshot location (opense…
19fa3ff 
…arch-project#3912)

### Description
Switched to more reliable OpenSearch Lucene snapshot location

### Issues Resolved
- Resolves opensearch-project#3597

### Check List
- [ ] ~New functionality includes testing~
- [ ] ~New functionality has been documented~
- [X] Commits are signed per the DCO using --signoff

By submitting this pull request, I confirm that my contribution is made
under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and
signing off your commits, please check
[here](https://github.com/opensearch-project/OpenSearch/blob/main/CONTRIBUTING.md#developer-certificate-of-origin).

Signed-off-by: Peter Nied <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
flaky-test Flaky Test issue triaged Issues labeled as 'Triaged' have been reviewed and are deemed actionable. untriaged Require the attention of the repository maintainers and may need to be prioritized
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Switched to more reliable OpenSearch Lucene snapshot location peternied/security
3 participants
@peternied @cwperks @stephen-crawford