Skip to content

s2a tests are order-dependent #11732

New issue
New issue
Closed
#11809
Closed
s2a tests are order-dependent#11732
#11809
Labels
code health
Milestone
 
1.71
@ejona86

Description

@ejona86
ejona86
opened on Dec 9, 2024

@rmehta19

In #11722 I tried to remove a public API and needed to move a test to a more appropriate package. This changed the test execution order and caused test failures:

GetAuthenticationMechanismsTest > getAuthMechanisms_emptyIdentity_success FAILED
    1 expectation failed:
      1. value of:
             getAuthMechanism(...)
         expected:
             Optional[token: "access_token"
             ]
         but was:
             Optional.empty
                at io.grpc.s2a.internal.handshaker.GetAuthenticationMechanismsTest.getAuthMechanisms_emptyIdentity_success(GetAuthenticationMechanismsTest.java:53)
     

GetAuthenticationMechanismsTest > getAuthMechanisms_nonEmptyIdentity_success FAILED
    1 expectation failed:
      1. value of:
             getAuthMechanism(...)
         expected:
             Optional[identity {
               spiffe_id: "fake-spiffe-id"
             }
             token: "access_token"
             ]
         but was:
             Optional.empty
                at io.grpc.s2a.internal.handshaker.GetAuthenticationMechanismsTest.getAuthMechanisms_nonEmptyIdentity_success(GetAuthenticationMechanismsTest.java:62)

In investigating the failure, I found multiple global states that were mutated by tests and not restored. Those are being fixed in #11731. But I also saw that GetAuthenticationMechanisms will copy some of the global state and remember it. Thus even after restoring the mutated state the tests are still order-dependent.

It isn't at all clear to me what the point of GetAuthenticationMechanisms is, as it seems to be a very convoluted approach to read an environment variable. I don't understand why TokenFetcher receives an S2AIdentity, as the only implementation ignores it. I suspect some of this may be for testing, although it seems dependency injection would be much better suited.

Activity

ejona86
added
code health
on Dec 9, 2024
ejona86
added this to the Next milestone on Dec 9, 2024
ejona86
mentioned this on Dec 9, 2024
NaveenPrasannaV
mentioned this on Jan 8, 2025
NaveenPrasannaV

NaveenPrasannaV commented on Jan 8, 2025

@NaveenPrasannaV
NaveenPrasannaV
on Jan 8, 2025 · edited by NaveenPrasannaV
Contributor

@ejona86 @shivaspeaks
For s2a tests are order-dependent, my analysis was to move the test to a better package, fix global state issues, simplify GetAuthenticationMechanisms to read the environment variable directly, and refactor TokenFetcher to remove S2AIdentity and use dependency injection. Picked changes from PR #11722 and #11731. After all the changes, I ran the GetAuthenticationMechanismsTest class, which is now successful and unable to reproduce the issue.
11732-GetAuthenticationMechanismsTest

ejona86

ejona86 commented on Jan 14, 2025

@ejona86
ejona86
on Jan 14, 2025
MemberAuthor

@rmehta19, any idea when you might get to this?

rmehta19

rmehta19 commented on Feb 14, 2025

@rmehta19
rmehta19
on Feb 14, 2025
Contributor

I opened #11898

I'm sorry about the delay on this. We got this order dependence finding for S2A internally, and I sent the fix then. I just set up email notifications on github, so I can respond to these issues in a timely fashion.

ejona86
mentioned this on Feb 14, 2025
ejona86
modified the milestones: Next, 1.71 on Feb 14, 2025
ejona86
closed this as completedon Feb 14, 2025
github-actions
locked as resolved and limited conversation to collaborators on May 16, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

No one assigned

    Labels

    code health

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions
      s2a tests are order-dependent · Issue #11732 · grpc/grpc-java