Closed scara closed 2 years ago
Hi,
if (!empty(getenv('EXTTESTURL'))) {
define('TEST_EXTERNAL_FILES_HTTP_URL', getenv('EXTTESTURL'));
define('TEST_EXTERNAL_FILES_HTTPS_URL', getenv('EXTTESTURL'));
}
That said, yeah, we must ensure that there aren't any other calls to downloads (haven't looked) and fix all them.
Finally, curiously, this called my attention because, while I was playing to get multi-arch php moodlehq images (amd64 and arm64, yay, it seems to be working great), I've been performing a number or complete phpunit runs here (both architectures). And I've been getting a consistent failure with a test that downloads user.jpg
(from memory), always with a CURL timeout error. But, the URL was the correct one (http://exttests/user.jpg), so I've to dig into that problem. It seems that other runs aren't affected, it only happens in my local docker instances (amd64 and arm64).
So, yeah, we should sort out 1 & 2. I'm going to start a run here without networking to see which tests are, effectively, trying to access outside (I imagine that there will be some H5P-related ones, but there shouldn't be others, agree).
Here it's a complete run: https://pastebin.com/2fBj8czB
With only change performed being:
--- a/config.docker-template.php
+++ b/config.docker-template.php
@@ -47,6 +47,7 @@ $CFG->pathtophp = '/usr/local/bin/php';
$CFG->phpunit_dataroot = '/var/www/phpunitdata';
$CFG->phpunit_prefix = 't_';
define('TEST_EXTERNAL_FILES_HTTP_URL', 'http://exttests:9000');
+define('TEST_EXTERNAL_FILES_HTTPS_URL', 'http://exttests:9000');
$CFG->behat_wwwroot = 'http://webserver';
$CFG->behat_dataroot = '/var/www/behatdata';
And this is the list of problems (grouped by type) while it was run with networking disabled:
core_iplookup_geoplugin_testcase::test_ipv4
tool_mobile_external_testcase::test_get_public_config
auth_oauth2_privacy_testcase::test_delete_data_for_users
auth_oauth2_privacy_testcase::test_get_users_in_context
auth_oauth2_privacy_testcase::test_delete_data_for_user
auth_oauth2_privacy_testcase::test_delete_data_for_all_users_in_context
auth_oauth2_privacy_testcase::test_export_user_data
auth_oauth2_privacy_testcase::test_get_contexts_for_userid
auth_oauth2_external_testcase::test_linked_logins
auth_oauth2_external_testcase::test_clean_orphaned_linked_logins_with_issuer_id
auth_oauth2_external_testcase::test_clean_orphaned_linked_logins
core_oauth2_testcase::test_is_available_for_login
core_oauth2_testcase::test_get_all_issuers
core_oauth2_testcase::test_create_endpoints_for_standard_issuer with data set "IMS OBv2.1 without slash in baseurl should work too" ('imsobv2p1', '.well-known/badgeconnect.json', false, 'https://dc.imsglobal.org')
core_oauth2_testcase::test_create_endpoints_for_standard_issuer with data set "IMS OBv2.1" ('imsobv2p1', '.well-known/badgeconnect.json', false, 'https://dc.imsglobal.org/')
core_oauth2_testcase::test_create_endpoints_for_standard_issuer with data set "Google will work too with a valid baseurl parameter" ('google', '.well-known/openid-configuration', true, 'https://accounts.google.com/')
core_oauth2_testcase::test_create_endpoints_for_standard_issuer with data set "Google" ('google', '.well-known/openid-configuration')
core_oauth2_testcase::test_create_and_delete_standard_issuers
core_googlelib_testcase::test_invalid_google_api_key
core_antivirus_testcase::test_manager_none_quarantine_data_virus
core_antivirus_testcase::test_manager_quarantine_data_virus
core_antivirus_testcase::test_manager_send_message_to_admin_email_scan_data_virus
core_antivirus_testcase::test_manager_send_message_to_user_email_scan_data_virus
core_antivirus_testcase::test_manager_scan_data_virus
core_antivirus_testcase::test_manager_scan_data_error
core_antivirus_testcase::test_manager_none_quarantine_file_virus
core_antivirus_testcase::test_manager_quarantine_file_virus
core_antivirus_testcase::test_manager_send_message_to_admin_email_scan_file_virus
core_antivirus_testcase::test_manager_send_message_to_user_email_scan_file_virus
core_antivirus_testcase::test_manager_scan_file_virus
core_antivirus_testcase::test_manager_scan_file_error
Basically all the oauth ones are about resolving some host, and the antivirus ones about (surprisingly) performing ip-lookups. Nothing related with exttests, so far.
There is also a failure that I'm getting locally all the time since some days ago and cannot reproduce @ CIs, but that's another story, heh.
So, maybe, all we need is to add TEST_EXTERNAL_FILES_HTTPS_URL
and done.
Hi @stronk7, thanks a ton for your deep diving! 👍
My HTTPS failure was related to https://github.com/moodle/moodle/blob/0d0e66d37c6271657d76f948db9eeb10c139e7ae/lib/tests/filelib_test.php#L111-L115 so it doesn't hurt even there.
+1 to your proposal to mimic what already in place at https://github.com/moodlehq/moodle-ci-runner.
Unfortunately, we can define and distribute the $CFG->geoip2file
file to avoid calling http://www.geoplugin.net/json.gp?ip=<IP Address>
.
TIA, Matteo
Hello Everybody, on updating my fork I see an unrelated failure on my local GHA run due to a temporary "external issue":
which is unexpected to me since I'd guess
exttests
should be targeted even here, in the local tests.It appears that "a family of tests" in Moodle core code, based on
/lib/phpunit/classes/advanced_testcase.php::getExternalTestFileUrl()
, has been left out from the scope ofexttests
, probably due to the unavailability of a valid HTTPS certificate and the properly set ofTEST_EXTERNAL_FILES_HTTPS_URL
.Should we, when running here the tests, define
TEST_EXTERNAL_FILES_HTTPS_URL
asfalse
to skip the above tests, avoiding to overload the Moodle Download site?Note: I still miss why
getExternalTestFileUrl()
returns the HTTPS URL, since the local Moodle instance is exposed via HTTP and the failed test do not explicitly require HTTPS.HTH, Matteo