Fix flaky SSH security integration tests on Windows CI (#2764)#2766
Merged
jbonofre merged 1 commit intoJul 10, 2026
Merged
Conversation
* Fix flaky SSH security itests on Windows by waiting for command completion The SSH command security integration tests (SshCommandTestBase) wrote a command to the SSH channel and immediately sent "logout" to tear down the session. On slower runners - in particular the Windows CI - the session could be closed while the command output was still in flight, producing truncated output (e.g. a partial command echo "she" instead of "shell:nano") and spurious assertion failures such as "Should contain 'Command not found'". Introduce a writeCommandAndWait() helper that appends a sentinel "echo <marker>" command and blocks until the unique marker appears in the captured output before closing the channel. Because the remote shell reads and executes its input line by line, the marker cannot appear before the command under test has been fully executed and flushed back to the client, providing a deterministic completion signal that also works for the OK case (which has no positive marker of its own). "echo" is a gogo built-in that is not restricted by any command ACL, so it is safe for every test user. The helper is also used by addUsers()/addViewer() so the JAAS users are fully created before the test logs in as them. * Potential fix for pull request finding Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Contributor
Member
Author
|
@holgerfriedrich #2537 just updated the build contexts (checks) on CI, but it still execute the tests. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The SSH command security integration tests (SshCommandTestBase) wrote a command to the SSH channel and immediately sent "logout" to tear down the session. On slower runners - in particular the Windows CI - the session could be closed while the command output was still in flight, producing truncated output (e.g. a partial command echo "she" instead of "shell:nano") and spurious assertion failures such as "Should contain 'Command not found'".
Introduce a writeCommandAndWait() helper that appends a sentinel "echo " command and blocks until the unique marker appears in the captured output before closing the channel. Because the remote shell reads and executes its input line by line, the marker cannot appear before the command under test has been fully executed and flushed back to the client, providing a deterministic completion signal that also works for the OK case (which has no positive marker of its own). "echo" is a gogo built-in that is not restricted by any command ACL, so it is safe for every test user.
The helper is also used by addUsers()/addViewer() so the JAAS users are fully created before the test logs in as them.