This was reported as causing the server to fail to shutdown on
NetBSD. Look for the expected informational and error messages.
(cherry picked from commit 580c41de0d)
In the past, our CI infrastructure was more sensitive to the number of
CI jobs running on it. We tried to limit long-running jobs in merge
request-triggered pipelines, as there are many of them, and spawned them
only in daily scheduled ones. Moving most of the CI infrastructure to
AWS has made it way better to run jobs in parallel, and the existence of
short respdiff jobs has lost its original merit. It can also be harmful
as some problems are detected only by the longer respdiff variant when a
faulty merge request has already been merged. We should run all long
respdiff tests in merge request-triggered pipelines.
Also, move the former respdiff-long job (now just "respdiff") to AWS as
old instance memory constraints (see
f09cf69594) are no longer an issue.
(cherry picked from commit 6a045cd8ec)
If the zone is signed with a different way than 'dnssec-policy', use
the legacy way of jittering signatures, that is calculate jitter by
taking the two values of 'sig-validity-interval' and subtracting the
second value from the first value.
Having a value higher than signatures-validity does not make sense
and should be treated as a configuration error.
(cherry picked from commit c3d8932f79)
When calculating the RRSIG validity, jitter is now derived from the
config option rather than from the refresh value.
(cherry picked from commit 67f403a423)
Commit d29fa288d4 added "pipelines" to CI
job trigger lists without updating the names of the YAML anchors
containing those lists accordingly. Update YAML anchor names so that
they are consistent with their own contents.
(cherry picked from commit a7ece8e0bd)
Since pre-release testing is usually carried out for branches in which
CHANGES entries are intentionally malformed to prevent entry numbering
conflicts down the road, do not run the "changes" GitLab CI job in
pipelines that are triggered by a parent pipeline (which can currently
only be a pre-release testing pipeline) to prevent triggering job
failures that would be meaningless anyway.
(cherry picked from commit 8c2503947f)
Checking the contents of the CHANGES file currently requires invoking
multiple shell scripts. These invocations are conflated with those for
other test scripts in the "misc" GitLab CI job. Extract the commands
checking the contents of the CHANGES file to a separate GitLab CI job,
"changes", to improve readability. Remove similar checks for the
CHANGES.SE file altogether as they are only relevant for BIND -S and
therefore should not be present in an open source branch.
(cherry picked from commit 1335e139f2)
Commit 2eee1e1761 modified the
"serve-stale" system test by adding the ns3/named9.conf.in configuration
file and making the ns3 named instance load that file near the end of
the test. However, ns3/named9.conf.in changes the
stale-answer-client-timeout setting to a very low value, which affects
all subsequent checks in tests.sh (rather than just the check that needs
the low value to be set) and may cause false positives. Fix by
reloading configuration from ns3/named8.conf.in as soon as the check
using a very low stale-answer-client-timeout value is finished.
Check that named correctly returns a synthesized DNS64 answer when the
server stale timer triggers for the A lookup. Use a small value for
stale-answer-client-timeout (2ms) and delay the A response by 1 second.
Check that RFC 1918 leak detection does not trigger an assertion
when nxdomain redirection is enabled in the server but not for the
RFC 1918 reverse namespace.
(cherry picked from commit 2789906ce4)
