Skip to content

[CI] SSLErrorMessageFileTests testMessageForPemCertificateOutsideConfigDir failing #127686

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
elasticsearchmachine opened this issue May 4, 2025 · 1 comment
Open

[CI] SSLErrorMessageFileTests testMessageForPemCertificateOutsideConfigDir failing #127686

elasticsearchmachine opened this issue May 4, 2025 · 1 comment
Labels
low-risk An open issue or test failure that is a low risk to future releases :Security/Security Security issues without another label Team:Security Meta label for security team >test-failure Triaged test failures from CI

Comments

@elasticsearchmachine
Copy link
Collaborator

Build Scans:

Reproduction Line:

./gradlew ":x-pack:plugin:security:test" --tests "org.elasticsearch.xpack.ssl.SSLErrorMessageFileTests.testMessageForPemCertificateOutsideConfigDir" -Dtests.seed=F4803D4D4824F6ED -Dtests.jvm.argline="-Des.entitlements.enabled=false" -Dtests.locale=fr-MU -Dtests.timezone=Europe/Kirov -Druntime.java=21

Applicable branches:
main

Reproduces locally?:
N/A

Failure History:
See dashboard

Failure Message:

java.lang.AssertionError: 
Expected: a throwable with message of "failed to load SSL configuration [xpack.security.transport.ssl] - cannot read configured PEM certificate [/this/path/is/outside/the/config/directory/file.error] because access to read the file is blocked; SSL resources should be placed in the [/dev/shm/bk/bk-agent-prod-gcp-1746363526853960197/elastic/elasticsearch-periodic/x-pack/plugin/security/build/testrun/test/temp/org.elasticsearch.xpack.ssl.SSLErrorMessageFileTests_F4803D4D4824F6ED-001/tempDir-073/config] directory"
     but: was <org.elasticsearch.ElasticsearchSecurityException: failed to load SSL configuration [xpack.security.transport.ssl] - cannot read configured PEM certificate [/this/path/is/outside/the/config/directory/file.error] because the file does not exist> at org.elasticsearch.xpack.core.ssl.SSLService.lambda$loadSslConfigurations$11(SSLService.java:622)

Issue Reasons:

  • [main] 86 consecutive failures in test testMessageForPemCertificateOutsideConfigDir
  • [main] 18 consecutive failures in step openjdk21_entitlements_false_checkpart4_java-matrix
  • [main] 17 consecutive failures in step openjdk21_checkpart4_java-fips-matrix
  • [main] 17 consecutive failures in step openjdk23_entitlements_true_checkpart4_java-matrix
  • [main] 17 consecutive failures in step openjdk21_entitlements_true_checkpart4_java-matrix
  • [main] 17 consecutive failures in step openjdk23_entitlements_false_checkpart4_java-matrix
  • [main] 18 consecutive failures in pipeline elasticsearch-periodic
  • [main] 86 failures in test testMessageForPemCertificateOutsideConfigDir (100.0% fail rate in 86 executions)
  • [main] 18 failures in step openjdk21_entitlements_false_checkpart4_java-matrix (100.0% fail rate in 18 executions)
  • [main] 17 failures in step openjdk21_checkpart4_java-fips-matrix (100.0% fail rate in 17 executions)
  • [main] 17 failures in step openjdk23_entitlements_true_checkpart4_java-matrix (100.0% fail rate in 17 executions)
  • [main] 17 failures in step openjdk21_entitlements_true_checkpart4_java-matrix (100.0% fail rate in 17 executions)
  • [main] 17 failures in step openjdk23_entitlements_false_checkpart4_java-matrix (100.0% fail rate in 17 executions)
  • [main] 18 failures in pipeline elasticsearch-periodic (100.0% fail rate in 18 executions)

Note:
This issue was created using new test triage automation. Please report issues or feedback to es-delivery.
@elasticsearchmachine elasticsearchmachine added :Security/Security Security issues without another label >test-failure Triaged test failures from CI Team:Security Meta label for security team needs:risk Requires assignment of a risk label (low, medium, blocker) labels May 4, 2025
@elasticsearchmachine
Copy link
Collaborator Author

Pinging @elastic/es-security (Team:Security)

@n1v0lg n1v0lg added low-risk An open issue or test failure that is a low risk to future releases and removed needs:risk Requires assignment of a risk label (low, medium, blocker) labels May 5, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
low-risk An open issue or test failure that is a low risk to future releases :Security/Security Security issues without another label Team:Security Meta label for security team >test-failure Triaged test failures from CI
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@n1v0lg @elasticsearchmachine