Azure, mulitple agents on the same server running NTLM proxy

[aidanhyland]

Hi @bjowes,

Hope you are well.

Not sure if this is an issue but hoping you can provide an explanation or a work around to my issue.

The Env

1. Two servers with 4 agents on each server
2. The test pack consists of 4 spec files.
3. The Pipleline is configured to split spec files and execute them among agents - 1 spec per agent

I see authentication issues in the scenario where two spec files (starting the NTML proxy) on different agents but the same server. There is confliction. The proxy reboots or doesn't allow muliplte connections

Have you encountered issues where multiple tests start the ntlm-proxy or connect to the same proxy and fail?

I added a process check on the server for the ntlm-proxy to avoid tests starting it when active and likewise for stopping but nothing has work so far.

I'm considering to containerize the spec executions.

[bjowes]

Hi @aidanhyland

I am fine thanks!

The plugin is written to use a single instance of the ntlm-proxy, and if it finds another instance on startup it will try to shut it down. This all comes down to how the local proxy urls used by the cypress end of the plugin are transferred - they are written to a specific file. So there cannot be multiple instances of that same file.

I see two possible approaches for you:

1. Use the same ntlm-proxy instance for all 4 agents. To accomplish this, you would need to start your test session by starting ntlm-proxy on the server (see the npm run ntlm-proxy script in the readme). Then spawn you agents, but run the tests by calling only cypress-ntlm (this may be confusing, since the npm run script example in the readme named cypress-ntlm also calls ntlm-proxy, the point is to make a modified script that does not call ntlm-proxy, or ntlm-proxy-exit, which shall be used by the agents). When all test agents have completed, you use ntlm-proxy-exit to shut down the proxy. Keep in mind that this will only work if all your tests can use the same credentials. You cannot call cy.ntlmReset from any of the test agents since that will break the sessions for the other agents.

2. Containers. As long as the containers "hide" the host file system, and the config file written by the plugin is unique within each container, this should work fine. The config file is stored in:

   • Linux: /home/[username]/cypress-ntlm-auth/cypress-ntlm-auth.port
   • Mac: /Users/[username]/Library/Application Support/cypress-ntlm-auth/cypress-ntlm-auth.port
   • Windows: C:\Users\[username]\AppData\Roaming\cypress-ntlm-auth\cypress-ntlm-auth.port

[aidanhyland]

Hi @bjowes ,

Appreciate the super quick reply & thanks for the recommendations.

Our DevOps team are building out the Docker capabilites so option 2 might be the route I take.

I have been trying option 1 to-date with no resolution as our tests do perform an ntlm.reset() to switch users during test execution :(

Aidan

[bjowes]

Ok, I hope the containers pan out for you.

It would be possible to extend the ntlm-proxy to handle multiple cypress instances in parallell, but it isn't trivial to implement. If you would like to give it a go, I would be happy to receive a PR for it. Since this is the first time I've heard of it I think it is an uncommon use case for the users of this plugin.

I'll close this, please reopen if you can't get by with the containers.

[MSIH]

On windows, how can I test if the proxy is already running and not run npm run ntlm-proxy ?

[bjowes]

@MSIH - this is a closed issue, please open a new one for questions. There is no simple API for this, but two possible approaches:

1. Check for the existence of the ports file (see above for path on each platform). This is not 100% proof, if the ntlm-proxy crashed it might not have removed the file
2. Call the alive REST API of ntlm-proxy. To do this, you first need to find the ports file. From the ports file, get the CONFIG_API variable. Append "/alive" to that url and do a GET request to it. It will respond if it is running.

[bjowes]

@aidanhyland - Multiple instances of the proxy are now supported, released in 3.0.0

[aidanhyland]

Really great stuff, I'll be sure to let me fellow colleagues know. Thanks for the tag.