Closed
Bug 1328441
Opened 7 years ago
Closed 7 years ago
CI busted building rbweb with TLS error
Categories
(MozReview Graveyard :: Testing / Development Environment, defect)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: mcote, Assigned: gps)
References
Details
The rb tests are currently failing; amongst the error messages is this: rbweb> stderr: DEPRECATION: Python 2.6 is no longer supported by the Python core team, please upgrade your Python. A future version of pip will drop support for Python 2.6 rbweb> /venv/lib/python2.6/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:318: SNIMissingWarning: An HTTPS request has been made, but the SNI (Subject Name Indication) extension to TLS is not available on this platform. This may cause the server to present an incorrect TLS certificate, which can cause validation failures. You can upgrade to a newer version of Python to solve this. For more information, see https://urllib3.readthedocs.io/en/latest/security.html#snimissingwarning. Interestingly zalun saw something similar today in his local environment, with Python 2.7.12. Upgrading to 2.7.13 fixed it. The note above about 2.6 being no longer supported, however, makes me think this might not be an easy fix in production. If there's no fix for the TLS problems in Python 2.6, we'll have to upgrade to 2.7, somehow, and very very soon.
Assignee | ||
Comment 1•7 years ago
|
||
For some reason it is attempting TLS when talking to http://downloads.reviewboard.org/. Having not looked at what that server is doing, my guess is they are 301'ing to https:// and Python 2.6 is barfing because the server requires SNI to negotiate the certificate, which Python 2.6 does not support.
Assignee: nobody → gps
Status: NEW → ASSIGNED
Assignee | ||
Comment 2•7 years ago
|
||
http://downloads.reviewboard.org/ 301's to https:// and headers indicate it is using CloudFront. CloudFront requires SNI unless you pay them a good chunk of money for a dedicated IP.
Assignee | ||
Comment 3•7 years ago
|
||
We attempted to switch ansible/roles/mozreview-virtualenv/files/requirements.txt in fcece6d7e38a (bug 1110299). However, that was reverted in e27ab55bc81a. There was also some minor changes about trusted hosts in 0305a960aa02 (1243501). Welcome to the hell that is crappy TLS support on Python 2.6.
Depends on: 1110299
Pushed by gszorc@mozilla.com: https://hg.mozilla.org/hgcustom/version-control-tools/rev/608768a6ebbb ansible/mozreview-virtualenv: download Python packages from S3
Status: ASSIGNED → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•