Skip to content

[CI] JwtRealmSingleNodeTests testClientSecretRotation failing #122863

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
elasticsearchmachine opened this issue Feb 18, 2025 · 1 comment
Open

[CI] JwtRealmSingleNodeTests testClientSecretRotation failing #122863

elasticsearchmachine opened this issue Feb 18, 2025 · 1 comment
Assignees
@slobodanadamovic
Labels
low-risk An open issue or test failure that is a low risk to future releases :Security/Authentication Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc) Team:Security Meta label for security team >test-failure Triaged test failures from CI

Comments

@elasticsearchmachine
Copy link
Collaborator

elasticsearchmachine commented Feb 18, 2025
edited
Loading

Build Scans:

Reproduction Line:

./gradlew ":x-pack:plugin:security:internalClusterTest" --tests "org.elasticsearch.xpack.security.authc.jwt.JwtRealmSingleNodeTests.testClientSecretRotation" -Dtests.seed=DA59A1A6C6C81894 -Dtests.locale=ca-ES-VALENCIA -Dtests.timezone=America/Mendoza -Druntime.java=24

Applicable branches:
main

Reproduces locally?:
N/A

Failure History:
See dashboard

Failure Message:

org.elasticsearch.client.ResponseException: method [GET], host [http://127.0.0.1:9200], URI [/_security/_authenticate], status line [HTTP/1.1 401 Unauthorized]
{"error":{"root_cause":[{"type":"unavailable_shards_exception","reason":"at least one search shard for the index [.security-7] is unavailable"}],"type":"security_exception","reason":"error attempting to authenticate request","additional_unsuccessful_credentials":"oauth2 token: invalid token","caused_by":{"type":"unavailable_shards_exception","reason":"at least one search shard for the index [.security-7] is unavailable"},"header":{"WWW-Authenticate":["ApiKey","Basic realm=\"security\", charset=\"UTF-8\""]}},"status":401}

Issue Reasons:

  • [main] 2 failures in test testClientSecretRotation (0.4% fail rate in 472 executions)
  • [main] 2 failures in pipeline elasticsearch-periodic-platform-support (15.4% fail rate in 13 executions)

Note:
This issue was created using new test triage automation. Please report issues or feedback to es-delivery.
@elasticsearchmachine elasticsearchmachine added :Security/Authentication Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc) >test-failure Triaged test failures from CI Team:Security Meta label for security team needs:risk Requires assignment of a risk label (low, medium, blocker) labels Feb 18, 2025
@elasticsearchmachine
Copy link
Collaborator Author

Pinging @elastic/es-security (Team:Security)

@slobodanadamovic slobodanadamovic self-assigned this Feb 26, 2025
@slobodanadamovic slobodanadamovic added low-risk An open issue or test failure that is a low risk to future releases and removed needs:risk Requires assignment of a risk label (low, medium, blocker) labels Feb 26, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@slobodanadamovic slobodanadamovic

Labels
low-risk An open issue or test failure that is a low risk to future releases :Security/Authentication Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc) Team:Security Meta label for security team >test-failure Triaged test failures from CI
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@slobodanadamovic @elasticsearchmachine