HDDS-8144. TestDefaultCertificateClient#testTimeBeforeExpiryGracePeriod fails as we approach DST. #4382
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…od() test fails as we approach DST.
adoroszlai
approved these changes
Mar 12, 2023
adoroszlai
reviewed
Mar 12, 2023
| Date expireDate = certificate.getNotAfter(); | ||
| LocalDateTime gracePeriodStart = expireDate.toInstant() | ||
| .atZone(ZoneId.systemDefault()).toLocalDateTime().minus(gracePeriod); | ||
| .minus(gracePeriod).atZone(ZoneId.systemDefault()).toLocalDateTime(); |
Contributor
There was a problem hiding this comment.
Same logic appears in CertificateClientTestImpl, should be fixed there, too?
Contributor
Author
There was a problem hiding this comment.
Yes, thank you @adoroszlai for spotting this one.
In general this one did not caused a problem, as this implementation is used with functionality that does not happen around certificate renewal, and where it does, the grace period is a few seconds, so if it remains this way it does not cause trouble just for very short periods of time, so probably we would not recognize it, but nonetheless, I have pushed the change to the test class in a follow up commit.
adoroszlai
changed the title
adoroszlai
changed the title
Contributor
errose28
added a commit
to errose28/ozone
that referenced
this pull request
Mar 16, 2023
* master: (262 commits) HDDS-8153. Integrate ContainerBalancer with MoveManager (apache#4391) HDDS-8090. When getBlock from a datanode fails, retry other datanodes. (apache#4357) HDDS-8163 Use try-with-resources to ensure close rockdb connection in SstFilteringService (apache#4402) HDDS-8065. Provide GNU long options (apache#4394) HDDS-7930. [addendum] input stream does not refresh expired block token. HDDS-7930. input stream does not refresh expired block token. (apache#4378) HDDS-7740. [Snapshot] Implement SnapshotDeletingService (apache#4244) HDDS-8076. Use container cache in Key listing API. (apache#4346) HDDS-8091. [addendum] Generate list of config tags from ConfigTag enum - Hadoop 3.1 compatibility fix (apache#4374) HDDS-8144. TestDefaultCertificateClient#testTimeBeforeExpiryGracePeriod fails as we approach DST. (apache#4382) HDDS-8151. Support fine grained lifetime for root CA certificate (apache#4386) HDDS-8150. RpcClientTest and ConfigurationSourceTest not run due to naming convention (apache#4388) HDDS-8131. Add Configuration for OM Ratis Log Purge Tuning Parameters. (apache#4371) HDDS-8133. Create ozone sh key checksum command (apache#4375) HDDS-8142. Check if no entries in Block DB for a container on container delete (apache#4379) HDDS-8118. Fail container delete on non empty chunks dir (apache#4367) HDDS-8028. JNI for RocksDB SST Dump tool (apache#4315) HDDS-8129. ContainerStateMachine allows two different tasks with the same container id running in parallel. (apache#4370) HDDS-8119. Remove loosely related AutoCloseable from SendContainerOutputStream (apache#4368) close db connection (apache#4366) ...
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What changes were proposed in this pull request?
In my local environment the TestDefaultCertificateClient#testTimeBeforeExpiryGracePeriod() test started to fail, as we are approaching DST, and with that the return value of DefaultCertificateClient#timeBeforeExpiryGracePeriod(X509Certificate) is off by an hour.
This is because the test sets a 28 days expiration to the certificate, but due to switch to DST, at 3am in one of the mornings we switch to 2am, therefore the certificate expiration is 28days and 1 hour away instead of the expected 0.
What is the link to the Apache JIRA
https://issues.apache.org/jira/browse/HDDS-8144
How was this patch tested?
After the change the named test runs fine in my local env.