trafficserver: new module #1243
Conversation
|
The test run doesn't seem to exit: https://github.com/cachix/devenv/actions/runs/9290213675/job/25603905574?pr=1243 |
|
I couldn't reproduce the failure locally on x86_64 Linux. The CI output has multiple lines with To help with debugging, I added a timeout for curl and made the console logs more verbose. |
|
Hmm, I still can't figure out the cause of the failure. I ran the test on GitHub Actions using my repository, and the Linux runner was able to complete the test successfully. https://github.com/midchildan/devenv/actions/runs/9339577654/job/25704130159 To make things worse, the complete logs are still missing likely because it's output too late. When I run it locally, the logs appear after the shell prompt. Maybe a different setting might be able to surface the logs, I'll look into it. |
|
Maybe something similar to #1248 (comment) |
|
Thanks, I set the hostname for ATS and also tried to get more logs. If this doesn't go well, I might have to temporarily wrap the traffic_server command with strace to get more details. |
midchildan
force-pushed
the
feat/trafficserver-module
branch
from
528849f
to
0bf8418
Compare
|
Huh, maybe it doesn't like one of the systemd restrictions on our runner: https://github.com/NixOS/nixpkgs/blob/051f920625ab5aabe37c920346e3e69d7d34400e/nixos/modules/services/continuous-integration/github-runner/service.nix#L227-L265 |
|
I tried applying the same restrictions on NixOS 23.11 with the default kernel, but the test still completed successfully. |
|
I pushed a new commit that wraps the traffic_server command with strace to see which system call is causing the crash. |
midchildan
force-pushed
the
feat/trafficserver-module
branch
from
18248a4
to
e0207b1
Compare
|
It appears Traffic Server is requesting In a typical setup, Traffic Server is launched as root. During startup, the server process changes to an unprivileged user and further drops unnecessary capabilities. But in doing so, it also attempts to explicitly keep the required capabilities including On other machines, this appears to have no effect when Traffic Server is launched as an unprivileged user. So perhaps the CI host is configured differently? In any case, I configured Traffic Server to not attempt to change the user during launch. This should prevent the problematic code from running. |
|
It appears the tests hanged before the Traffic Sever tests were able to run on the Linux runners. I pushed another commit to temporarily disable other examples so that we can see the results faster. |
|
I brought down our CI trying to upgrade NixOS. Will re-run once I get it back up, but the fix looks promising! |
That's interesting, I don't see any change since last time that would cause the option to stop being defined. |
midchildan
force-pushed
the
feat/trafficserver-module
branch
from
34c18da
to
e8fbe42
Compare
|
I tried rebasing. |
|
Seems like the tests pass now? |
|
Yay! Thanks for being so patient, @midchildan. If you could please drop the debug commits, and we'll merge straight away. |
midchildan
force-pushed
the
feat/trafficserver-module
branch
from
e8fbe42
to
ba7198a
Compare
Creates a new module for Apache Traffic Server.