Closed
Bug 1354234
Opened 7 years ago
Closed 6 years ago
Requests to fetch GitHub patch fails in SCL3
Categories
(bugzilla.mozilla.org :: Infrastructure, enhancement, P1)
Tracking
()
RESOLVED
INVALID
People
(Reporter: emceeaich, Unassigned)
References
Details
If a users links a GitHub pull request, splinter should fetch and display the patch. This is failing in environments running in SCL3, but works in other environments. Is there a configuration missing that is blocking this.
Comment 1•7 years ago
|
||
dylan, kendall, can you guys take a look at this when you're back in the office?
Flags: needinfo?(klibby)
Flags: needinfo?(dylan)
Comment 2•7 years ago
|
||
Yep! I'll provide a script that does the same thing the web head does to help debug what is failing.
Flags: needinfo?(dylan)
Comment 4•7 years ago
|
||
NI me again when you've got the script and I'll look. I see random github fetch errors in the logs (503 Service Unavailable), but I'm able to curl those URLs successfully, as well as the githubusercontent.com pages they 302 to.
Flags: needinfo?(klibby)
Hi, I'm escalating this bug somewhat. Theory is, this is failing due to the SCL3 proxy cluster refusing the requests, which is why running it manually works. I will invoke my IT access now to confirm/reject that.
Flags: needinfo?(dylan) → needinfo?(rsoderberg)
Proxy testing confirmed that the proxies permit these requests, but also found that curl -k can't follow the form of redirect used by Github - and neither can BMO. n? :dylan to provide more details and the error message he saw.
Flags: needinfo?(rsoderberg) → needinfo?(dylan)
I mistested. curl can follow the redirect. Dylan suggested SNI, which could be the case: $ openssl s_client -connect patch-diff.githubusercontent.com:443 0 s:/businessCategory=Private Organization/1.3.6.1.4.1.311.60.2.1.3=US/1.3.6.1.4.1.311.60.2.1.2=Delaware/serialNumber=5157550/street=88 Colin P Kelly, Jr Street/postalCode=94107/C=US/ST=California/L=San Francisco/O=GitHub, Inc./CN=github.com $ openssl s_client -connect patch-diff.githubusercontent.com:443 -servername patch-diff.githubusercontent.com 0 s:/C=US/ST=California/L=San Francisco/O=GitHub, Inc./CN=*.githubusercontent.com
Comment 8•7 years ago
|
||
sorry it took so long to get this put together: cd /data/www/bugzilla.mozilla.org perl -Ilocal/lib/perl5 -MLWP::UserAgent -E 'my $ua = LWP::UserAgent->new; $ua->proxy("https", "http://squid.proxy.service.consul:3128/"); my $r = $ua->get("https://github.com/mozilla-bteam/bmo/pull/85.diff"); say $r->content' result: <p>This proxy and the remote host failed to negotiate a mutually acceptable security settings for handling your request. It is possible that the remote host does not support secure connections, or the proxy is not satisfied with the host security credentials.</p>
Flags: needinfo?(dylan)
<p><b>Failed to establish a secure connection to 192.30.255.112</b></p> <p id="sysmsg">The system returned: <i>(71) Protocol error</i></p> ERR_SECURE_CONNECT_FAIL CacheHost: proxy2.dmz.scl3.mozilla.com
Comment 10•6 years ago
|
||
SCL3 is no longer a thing.
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → INVALID
You need to log in
before you can comment on or make changes to this bug.
Description
•