Open cnotv opened 2 years ago
The use of HTTPS protocol seems returning an error existing in an older version of Cypress.
RequestError: Error: write EPROTO 65300708884936:error:100000f7:SSL routines:OPENSSL_internal:WRONG_VERSION_NUMBER:../../third_party/boringssl/src/ssl/tls_record.cc:242:
https://github.com/rancher/dashboard/actions/runs/3228470912/jobs/5284610299#step:6:53
Since removing SSL is not solving the video upload issue, I'm playing around another cluster to verify which steps starts to block the videos.
New installation of Sorry Cypress allows upload of videos but access is now blocked on port 9000
Some other weird issue worth mentioning, when trying to host everything locally I encountered some caching issues, where the server kept pointing to the previous defined env var.
On localhost address the 403 for CORS issue with MongoDB seems to do not exists. This may probably be something related to different ports.
Re-running local tests against DO with new Sorry-Cypress DO instance has now generated an accessible video and the errors prior 403 are now turned into 404 🤔
It seems like some global configuration for Digital Ocean have been changed 🤔
The issue in accessing the videos seems related to firewall and reverse proxy of the port 9000 in the MINIO configuration, as it returns http://167.172.180.127/minio:9000/
instead of http://167.172.180.127/minio/
.
Also ANY firewall rule seems blocking video access, generating CORS issues.
Upload issue returning Nothing to Upload
is 100% due SSL configuration and may require further investigation.
Removing credentials for MINIO and SSL seems to fix the issue. Keeping the issue opened so we can eventually try to enable it another time. Created separated issue to restore videos: https://github.com/rancher/dashboard/issues/7214
As continuation of rancher/dashboard#6677 we would like to change protocols to HTTPS to secure authentications and requests.
Changes will require to update, due CORS issues:
Both cases can be corrected with nginx directives by mapping the port to a segment and update SorryCypress setup data as well. The first seems to be possible using
GRAPHQL_SCHEMA_URL
. The static data may require further investigation.Note: It will be required to update the E2E script for CI to use HTTPS protocol when communicating with the director service.
Playground server: http://167.172.180.127/