[SERVER-69884] selinux tests must skip if they have any tag beginning with "featureFlag" Created: 21/Sep/22  Updated: 29/Oct/23  Resolved: 10/Oct/22

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: 6.2.0-rc0, 6.0.7

Type: Improvement Priority: Major - P3
Reporter: Sergey Galtsev (Inactive) Assignee: Sergey Galtsev (Inactive)
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Backports
Related
related to SERVER-70421 Complete TODO listed in SERVER-69884 Closed
Backwards Compatibility: Fully Compatible
Backport Requested:
v6.0
Sprint: Security 2022-10-03, Security 2022-10-17
Participants:

 Description   

Selinux tests are executed without any feature flag switches, and this is a persistent cause of BFs

This ticket is to skip selinux tests not only when no_selinux tag is present, but also when any flag is present beginning with a text string featureFlag



 Comments   
Comment by Githook User [ 08/May/23 ]

Author:

{'name': 'Adam Rayner', 'email': 'adam.rayner@mongodb.com', 'username': 'adamtron'}

Message: SERVER-69884 filter out tests with featureFlagXXX from selinux
Branch: v6.0
https://github.com/mongodb/mongo/commit/5d30aeeda2f9f896b888452166edf9e1ef411cfd

Comment by Adam Rayner [ 05/May/23 ]

Requesting backport to save future pain if backporting SELinux tests to 6.0:

Namely, this diff:

https://github.com/mongodb/mongo/commit/b61927c6cdb116d1334789f563fc6558d1e775ed#diff-3b715fad3eac866bc1df467ddba5312b3534ba34008a512ab91499fef0b427f1

 

Requires that any changes to selinux/core.js that are backported to 6.0 must manually revert this line: https://github.com/mongodb/mongo/commit/b61927c6cdb116d1334789f563fc6558d1e775ed#diff-9954003261e113227af4ad4eb12a1263676245880eee3ffa559f3d7033452230R43

 

Because the corresponding regex parsing capability does not exist in the 6.0 version of 
buildscripts/resmokelib/utils/check_has_tag.py and thus jstests will not match the no_selinux tag and will run and fail, failing the tests:
 

https://spruce.mongodb.com/version/64555564562343e8e424e94f/changes?sorts=STATUS%3AASC%3BBASE_STATUS%3ADESC

 

 

Comment by Githook User [ 11/Oct/22 ]

Author:

{'name': 'sergey.galtsev', 'email': 'sergey.galtsev@mongodb.com', 'username': 'brushless-glitch'}

Message: SERVER-70421 Complete TODO listed in SERVER-69884
Branch: master
https://github.com/mongodb/mongo/commit/32251b5a126cfc001e4b51adc7adc5a8df4945eb

Comment by Githook User [ 10/Oct/22 ]

Author:

{'name': 'Sergey Galtsev', 'email': 'sergey.galtsev@mongodb.com', 'username': 'brushless-glitch'}

Message: SERVER-69884 filter out tests with featureFlagXXX from selinux
Branch: master
https://github.com/mongodb/mongo/commit/b61927c6cdb116d1334789f563fc6558d1e775ed

Comment by Sergey Galtsev (Inactive) [ 26/Sep/22 ]

At triage we decided to implement a quick-fix, no resmoke

Comment by Sergey Galtsev (Inactive) [ 21/Sep/22 ]

tag salman.baset@mongodb.com

Generated at Thu Feb 08 06:14:42 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.