Jaeger: Go 1.15 compatiblity

Created on 31 Aug 2020  路  2Comments  路  Source: jaegertracing/jaeger

Describe the bug

Even after a couple of fixes (#2401, #2429), there are more issues related to compatibility with Go 1.15

To Reproduce
Steps to reproduce the behavior:

  1. brew install [email protected]
  2. make test

Expected behavior
All tests pass

Screenshots
These tests fail, possibly more:

=== RUN   TestProxyClientTLS/should_pass_with_TLS_client_to_trusted_TLS_server_with_correct_hostname
    builder_test.go:342:
            Error Trace:    builder_test.go:342
            Error:          Received unexpected error:
                            rpc error: code = Unavailable desc = connection error: desc = "transport: authentication handshake failed: x509: certificate relies on legacy Common Name field, use SANs or temporarily enable Common Name matching with GODEBUG=x509ignoreCN=0"
            Test:           TestProxyClientTLS/should_pass_with_TLS_client_to_trusted_TLS_server_with_correct_hostname
=== RUN   TestProxyClientTLS/should_fail_with_TLS_client_without_cert_to_trusted_TLS_server_requiring_cert
=== RUN   TestProxyClientTLS/should_fail_with_TLS_client_without_cert_to_trusted_TLS_server_requiring_cert_from_a_different_CA
=== RUN   TestProxyClientTLS/should_pass_with_TLS_client_with_cert_to_trusted_TLS_server_requiring_cert
    builder_test.go:342:
            Error Trace:    builder_test.go:342
            Error:          Received unexpected error:
                            rpc error: code = Unavailable desc = connection error: desc = "transport: authentication handshake failed: x509: certificate relies on legacy Common Name field, use SANs or temporarily enable Common Name matching with GODEBUG=x509ignoreCN=0"
            Test:           TestProxyClientTLS/should_pass_with_TLS_client_with_cert_to_trusted_TLS_server_requiring_cert
--- FAIL: TestProxyClientTLS (0.15s)
    --- PASS: TestProxyClientTLS/should_pass_with_insecure_grpc_connection (0.01s)
    --- PASS: TestProxyClientTLS/should_fail_with_TLS_client_to_non-TLS_server (0.12s)
    --- PASS: TestProxyClientTLS/should_fail_with_TLS_client_to_untrusted_TLS_server (0.00s)
    --- PASS: TestProxyClientTLS/should_fail_with_TLS_client_to_trusted_TLS_server_with_incorrect_hostname (0.00s)
    --- FAIL: TestProxyClientTLS/should_pass_with_TLS_client_to_trusted_TLS_server_with_correct_hostname (0.00s)
    --- PASS: TestProxyClientTLS/should_fail_with_TLS_client_without_cert_to_trusted_TLS_server_requiring_cert (0.00s)
    --- PASS: TestProxyClientTLS/should_fail_with_TLS_client_without_cert_to_trusted_TLS_server_requiring_cert_from_a_different_CA (0.00s)
    --- FAIL: TestProxyClientTLS/should_pass_with_TLS_client_with_cert_to_trusted_TLS_server_requiring_cert (0.00s)
=== RUN   TestMultipleCollectors
--- PASS: TestMultipleCollectors (0.00s)
=== RUN   TestBindFlags
--- PASS: TestBindFlags (0.00s)
=== RUN   TestReporter_EmitZipkinBatch
--- PASS: TestReporter_EmitZipkinBatch (0.00s)
=== RUN   TestReporter_EmitBatch
--- PASS: TestReporter_EmitBatch (0.00s)
=== RUN   TestReporter_SendFailure
--- PASS: TestReporter_SendFailure (0.00s)
=== RUN   TestReporter_AddProcessTags_EmptyTags
--- PASS: TestReporter_AddProcessTags_EmptyTags (0.00s)
=== RUN   TestReporter_AddProcessTags_ZipkinBatch
--- PASS: TestReporter_AddProcessTags_ZipkinBatch (0.00s)
=== RUN   TestReporter_AddProcessTags_JaegerBatch
--- PASS: TestReporter_AddProcessTags_JaegerBatch (0.00s)
=== RUN   TestReporter_MakeModelKeyValue
--- PASS: TestReporter_MakeModelKeyValue (0.00s)
FAIL
FAIL    github.com/jaegertracing/jaeger/cmd/agent/app/reporter/grpc 0.383s

cc @albertteoh

bug good first issue hacktoberfest
Source
picture yurishkuro

Most helpful comment

I don't think GODEBUG is the appropriate path here (it will become unsupported in Go 1.16 again). This https://github.com/golang/go/issues/39568#issuecomment-671424481 has a number of other suggestions on how to fix this. I think we need to regenerate the test certificates as described in step 2 there.

picture yurishkuro on 31 Aug 2020
👍2

All 2 comments

Just some additional info:

  • This is caused by Go 1.15 dropping support for verifying hostname/IP address in the Common Name field of a certificate.
  • GODEBUG=x509ignoreCN=0 make test should get the tests passing locally in the meantime.
  • More details found here: https://github.com/golang/go/issues/39568#issuecomment-671424481
albertteoh picture albertteoh on 31 Aug 2020

I don't think GODEBUG is the appropriate path here (it will become unsupported in Go 1.16 again). This https://github.com/golang/go/issues/39568#issuecomment-671424481 has a number of other suggestions on how to fix this. I think we need to regenerate the test certificates as described in step 2 there.

yurishkuro picture yurishkuro on 31 Aug 2020
👍2
Was this page helpful?
0 / 5 - 0 ratings

Related issues

albertteoh picture albertteoh  路  3Comments
jvans1 picture jvans1  路  3Comments
mabn picture mabn  路  4Comments
tomaszturkowski picture tomaszturkowski  路  4Comments
rur0 picture rur0  路  4Comments