roachtest: encryption at rest configurations aren't respected when creating clusters #79265
Comments
nicktrav
added
C-bug
|
Related to #78125. |
|
The current logic is still too convoluted,
It bears simplification. Why not lift [1] https://github.com/cockroachdb/cockroach/blob/master/pkg/cmd/roachtest/test_runner.go#L602 |
|
because then you can't run I think there generally is merit to letting tests decide (and we do already do that until I guess I broke it with this issue), as long as it's deterministic. Maybe what we ought to do is to let the test decide between
where the actual determination of randomness (if supported) is made on a test-by-test basis behind |
The encryption roachtests are consistently failing, due to the issues mentioned in cockroachdb#79265. Mark as skipped until that issue is resolved. Release note: None.
81054: roachtest: temporarily skip encryption test r=jbowens a=nicktrav The encryption roachtests are consistently failing, due to the issues mentioned in #79265. Mark as skipped until that issue is resolved. Release note: None. Co-authored-by: Nick Travers <travers@cockroachlabs.com>
The encryption roachtests are consistently failing, due to the issues mentioned in #79265. Mark as skipped until that issue is resolved. Release note: None.
The encryption roachtests are consistently failing, due to the issues mentioned in #79265. Mark as skipped until that issue is resolved. Release note: None.
|
@tbg's suggestion makes sense to me. If anyone has another suggestion they'd like to discuss, let me know. |
|
@tbg and I talked about this issue earlier today, and I'm documenting some of the things we talked about, and what our conclusion was. TL;DR: Behavior-wise, If a dev wants to force encryption on/off on a test that allows both, they can checkout the relevant branch, change the TestSpec accordingly, and run roachtest with Longer description: Previously (before #76669), In #76669, Tobi then tried to reconcile the Some other approaches we considered to deal with this were:
|
This commit introduces the `EncryptionSupport` field to `TestSpec`. By setting this field, tests can declare whether they support being run in a cluster with encryption enabled. Three options are available: - EncryptionAllowed: test can run with or without encryption. - EncryptionRequired: test can only run if encryption is enabled. - EncryptionDisabled: test can only run if encryption is disabled (default). This replaces the `EncryptAtRandom` field added earlier, which only allowed tests to opt-in to random encryption. In addition to this change, the values accepted by the `--encrypt` flag in roachtest also changes. The only two valid values are: - `--encrypt=auto` (default). Tests that support encryption (EncryptionAllowed) will run with encryption enabled. - `--encrypt=random` (CI). Tests that support encryption (EncryptionAllowed) will run on a cluster which may or may not have encryption enabled. The `EncryptionSupport` field should be the only way tests indicate their relationship with encryption. The `DontEncrypt` field was removed (it was not being used anymore at the time of this commit), and all tests that set `EncryptedStores` directly were updated to use `EncryptionSupport` accordingly. Resolves: cockroachdb#79265. Release note: None
This commit introduces the `EncryptionSupport` field to `TestSpec`. By setting this field, tests can declare whether they support being run in a cluster with encryption enabled. Three options are available: - EncryptionAlwaysDisabled: test can only run if encryption is disabled (default). - EncryptionAlwaysEnabled: test can only run if encryption is enabled. - EncryptionMetamorphic: tests can opt-in to metamorphic encryption; the probability of these tests running with encryption enabled is controlled by a command flag. This replaces the `EncryptAtRandom` field added earlier, which only allowed tests to opt-in to random encryption. In addition to this change, the `--encrypt` flag is superseded by a new `--metamorphic-encryption-probability` flag. As the name implies, this flag controls the probability of enabling encryption for tests that opted-in to metamorphic encryption. By default, this value is 1, meaning that tests with EncryptionMetamorphic set will always run with encryption enabled. To run these tests locally with encryption disabled, developers can call roachtest passing --metamorphic-encryption-probability=0. The `EncryptionSupport` field should be the only way tests indicate their relationship with encryption. The `DontEncrypt` field was removed (it was not being used anymore at the time of this commit), and all tests that set `EncryptedStores` directly were updated to use `EncryptionSupport` accordingly. Resolves: #79265. Release note: None
81104: opt: disable normalization rules when building lookup expressions r=mgartner a=mgartner Previously, normalization rules applied during construction of lookup expression could result in non-canonical lookup expressions. The execution is unable to generate lookup spans for non-canonical lookup expressions, so the query resulted in an internal error "unable to vectorize execution plan: unhandled expression type". For example, when building the canonical equality `col = false`, the normalization rule `FoldEqFalse` transforms it into `NOT col`, which is non-canonical. This commit fixes the issue by disabling normalization rules when building lookup expressions. Fixes #80525 Release note (bug fix): A bug has been fixed that caused errors with the message "unable to vectorize execution plan: unhandled expression type" in rare cases. This bug has been present since version 21.2.0. 81483: roachtest: declare encryption support as part of TestSpec r=nicktrav,srosenberg a=renatolabs This commit introduces the `EncryptionSupport` field to `TestSpec`. By setting this field, tests can declare whether they support being run in a cluster with encryption enabled. Three options are available: - EncryptionAllowed: test can run with or without encryption. - EncryptionRequired: test can only run if encryption is enabled. - EncryptionDisabled: test can only run if encryption is disabled (default). This replaces the `EncryptAtRandom` field added earlier, which only allowed tests to opt-in to random encryption. In addition to this change, the values accepted by the `--encrypt` flag in roachtest also changes. The only two valid values are: - `--encrypt=auto` (default). Tests that support encryption (EncryptionAllowed) will run with encryption enabled. - `--encrypt=random` (CI). Tests that support encryption (EncryptionAllowed) will run on a cluster which may or may not have encryption enabled. The `EncryptionSupport` field should be the only way tests indicate their relationship with encryption. The `DontEncrypt` field was removed (it was not being used anymore at the time of this commit), and all tests that set `EncryptedStores` directly were updated to use `EncryptionSupport` accordingly. Resolves: #79265. Release note: None **** This commit should be sufficient for us to re-enable `@nicktrav's` tests that originated this issue (#79265). Should I do it in this commit/PR or is that generally done separately once the fix is merged? 81562: colexec: add more redundancy to releasing disk resources r=yuzefovich a=yuzefovich As a couple of recently-found issues showed, making sure that all disk resources are released can be tricky since disk-backed operators can form large graphs with multiple external operators supporting a single operation. This commit makes the release of disk resources more bullet-proof by auditing all users of the vectorized disk queues to make sure they are added to `OpWithMetaInfo.ToClose` which are closed on the flow cleanup. Since `Close` can be safely called multiple times, it adds some redundancy, leaning on the side of caution. In particular, the following changes are made: - external distinct and external hash aggregators are explicitly added to `ToClose` slice. They should already be now closed by the `diskSpillerBase`, but it doesn't hurt closing them explicitly. - window aggregator operator has been refactored so that it doesn't throw an error in its `Close` method - with the previous version it was possible to panic during the `Close` execution and possibly leak some resources. - signatures of the constructor methods have been adjusted to return `ClosableOperator` to make the need for closing be more explicit. - each router output is now a `Closer` and the consumer of each output is now resposible for closing it. Again, I'm pretty sure that each output will have been closed by that time the consumer explicitly tries to close the output, yet there is no harm in closing it twice. An additional minor cleanup is the removal of the usage of an embedded context in a couple `Close` implementations given that the function takes it as an argument. Release note: None Co-authored-by: Marcus Gartner <marcus@cockroachlabs.com> Co-authored-by: Renato Costa <renato@cockroachlabs.com> Co-authored-by: Yahor Yuzefovich <yahor@cockroachlabs.com>
This commit introduces the `EncryptionSupport` field to `TestSpec`. By setting this field, tests can declare whether they support being run in a cluster with encryption enabled. Three options are available: - EncryptionAlwaysDisabled: test can only run if encryption is disabled (default). - EncryptionAlwaysEnabled: test can only run if encryption is enabled. - EncryptionMetamorphic: tests can opt-in to metamorphic encryption; the probability of these tests running with encryption enabled is controlled by a command flag. This replaces the `EncryptAtRandom` field added earlier, which only allowed tests to opt-in to random encryption. In addition to this change, the `--encrypt` flag is superseded by a new `--metamorphic-encryption-probability` flag. As the name implies, this flag controls the probability of enabling encryption for tests that opted-in to metamorphic encryption. By default, this value is 1, meaning that tests with EncryptionMetamorphic set will always run with encryption enabled. To run these tests locally with encryption disabled, developers can call roachtest passing --metamorphic-encryption-probability=0. The `EncryptionSupport` field should be the only way tests indicate their relationship with encryption. The `DontEncrypt` field was removed (it was not being used anymore at the time of this commit), and all tests that set `EncryptedStores` directly were updated to use `EncryptionSupport` accordingly. Resolves: cockroachdb#79265. Release note: None
This commit introduces the `EncryptionSupport` field to `TestSpec`. By setting this field, tests can declare whether they support being run in a cluster with encryption enabled. Three options are available: - EncryptionAlwaysDisabled: test can only run if encryption is disabled (default). - EncryptionAlwaysEnabled: test can only run if encryption is enabled. - EncryptionMetamorphic: tests can opt-in to metamorphic encryption; the probability of these tests running with encryption enabled is controlled by a command flag. This replaces the `EncryptAtRandom` field added earlier, which only allowed tests to opt-in to random encryption. In addition to this change, the `--encrypt` flag is superseded by a new `--metamorphic-encryption-probability` flag. As the name implies, this flag controls the probability of enabling encryption for tests that opted-in to metamorphic encryption. By default, this value is 1, meaning that tests with EncryptionMetamorphic set will always run with encryption enabled. To run these tests locally with encryption disabled, developers can call roachtest passing --metamorphic-encryption-probability=0. The `EncryptionSupport` field should be the only way tests indicate their relationship with encryption. The `DontEncrypt` field was removed (it was not being used anymore at the time of this commit), and all tests that set `EncryptedStores` directly were updated to use `EncryptionSupport` accordingly. Resolves: cockroachdb#79265. Release note: None
Describe the problem
A recent change in #76669 altered the way that tests were opted into using encryption at rest (EAR).
Consider a test that should always run with EAR (like this one). After the refactor, the test is required to explicitly opt into random EAR by setting
EncryptAtRandomon theTestSpec(a bit of an API wrinkle, as this test always wants EAR, not randomly).However, even if that flag were
true, EAR is only on 50% of the time (see here), which makes the test flaky.Expected behavior
A roachtest that always wants EAR should be have its settings respected.
Epic: CRDB-10428
Jira issue: CRDB-14664
The text was updated successfully, but these errors were encountered: