Re: Broken SSL tests in master

On 2016-12-01 14:43:04 -0500, Robert Haas wrote:
> On Thu, Dec 1, 2016 at 2:40 PM, Andres Freund <andres@anarazel.de> wrote:
> > On 2016-12-01 14:22:19 -0500, Robert Haas wrote:
> >> On Thu, Nov 24, 2016 at 4:38 PM, Andreas Karlsson <andreas@proxel.se> wrote:
> >> > The SSL test suite (src/test/ssl) is broken in the master since commit
> >> > 9a1d0af4ad2cbd419115b453d811c141b80d872b, which is Robert's refactoring of
> >> > getting the server hostname for GSS, SSPI, and SSL in libpq.
> >>
> >> So, we have no buildfarm coverage for this test suite?  And make
> >> check-world doesn't run it?  Sigh.
> >
> > The story behind that is that it opens the server over tcp to everyone
> > who has a copy of our test CA. Which is oh-so-secretly stored in our git
> > repo..
> 
> I get that, but this is the second time in very recent history that
> I've broken something because there was code that wasn't compiled or
> tests that weren't run by 'make check-world'.  I do run that for many
> of my commits even though it takes 15 minutes.  It's frustrating to me
> that it leaves random stuff out and there's no alternative target that
> includes that stuff; I don't like breaking things.  Of course if my
> code reviewing were perfect it wouldn't matter, but I haven't figured
> out how to do that yet.

Well, I don't quite know what the alternative is. For some reason, which
I don't quite understand personally, people care about security during
regression tests runs. So we can't run the test automatedly.  And nobody
has added a buildfarm module to run it manually on their servers either
:(