Merge remote-tracking branch 'origin/master' into release-0.58.0-rc1

mesosphere · Aug 12, 2020 · 36e0953 · 36e0953
2 parents e0c4bc3 + 7c32779
commit 36e0953
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 10 deletions.
diff --git a/frameworks/helloworld/tests/test_mono_to_multi_migrate.py b/frameworks/helloworld/tests/test_mono_to_multi_migrate.py
@@ -30,6 +30,7 @@ def before_each_test(configure_security):
         sdk_install.uninstall(config.PACKAGE_NAME, config.SERVICE_NAME)
 
 
+@pytest.mark.skip(reason="Infra Issues:D2IQ-69830")
 @pytest.mark.sanity
 def test_old_tasks_not_relaunched():
     hello_task_id = sdk_tasks.get_task_ids(config.SERVICE_NAME, "hello")
@@ -54,6 +55,7 @@ def test_old_tasks_not_relaunched():
     assert len(sdk_tasks.get_task_ids(config.SERVICE_NAME, "foo")) == 1
 
 
+@pytest.mark.skip(reason="Infra Issues:D2IQ-69830")
 @pytest.mark.sanity
 def test_old_tasks_get_relaunched_with_new_config():
     hello_task_id = sdk_tasks.get_task_ids(config.SERVICE_NAME, "hello")

diff --git a/frameworks/helloworld/tests/test_quota_upgrade.py b/frameworks/helloworld/tests/test_quota_upgrade.py
@@ -25,7 +25,7 @@ def configure_package(configure_security):
         sdk_install.uninstall(config.PACKAGE_NAME, SERVICE_NAME)
         sdk_marathon.delete_group(group_id=ENFORCED_ROLE)
         # create group with enforced-roles
-        sdk_marathon.create_group(group_id=ENFORCED_ROLE, options={"enforceRole": False})
+        sdk_marathon.create_group(group_id=ENFORCED_ROLE, options={"enforceRole": True})
         yield  # let the test session execute
     finally:
         sdk_install.uninstall(config.PACKAGE_NAME, SERVICE_NAME)

diff --git a/frameworks/helloworld/tests/test_tls.py b/frameworks/helloworld/tests/test_tls.py
@@ -164,27 +164,25 @@ def test_java_keystore():
     # and make sure that mesos curl can verify certificate served by app
     cmd_list = [
         "curl",
-        "-v",
         "-i",
         "--cacert",
         "secure-tls-pod.ca",
+        "--trace -",
+        "-w ssl_verify_result=%{ssl_verify_result}",
         "https://{}/hello-world".format(
             sdk_hosts.vip_host(config.SERVICE_NAME, KEYSTORE_TASK_HTTPS_PORT_NAME)
         ),
     ]
     curl = " ".join(cmd_list)
 
-    _, _, stderr = sdk_cmd.service_task_exec(config.SERVICE_NAME, "artifacts-0-node", curl)
+    _, stdout, _ = sdk_cmd.service_task_exec(config.SERVICE_NAME, "artifacts-0-node", curl)
     # Check that HTTP request was successful with response 200 and make sure
     # that curl with pre-configured cert was used and that task was matched
     # by SAN in certificate.
-    assert "HTTP/1.1 200 OK" in stderr
-    assert "CAfile: secure-tls-pod.ca" in stderr
-    tls_verification_msg = (
-        'host "keystore-https.hello-world.l4lb.thisdcos.directory" matched '
-        'cert\'s "keystore-https.hello-world.l4lb.thisdcos.directory"'
-    )
-    assert tls_verification_msg in stderr
+    assert "HTTP/1.1 200 OK" in stdout
+    assert "CAfile: secure-tls-pod.ca" in stdout
+    assert "Connected to keystore-https.hello-world.l4lb.thisdcos.directory" in stdout
+    assert "ssl_verify_result=0" in stdout
 
 
 @pytest.mark.sanity