Open
Conversation
PyJWT >=2.5 changed the error message from "Could not deserialize key data." to "Could not parse the provided public key.".
…yptography - ES512 with HMAC-encoded key now surfaces cryptography's "Unable to load PEM file" error (pyjwt no longer wraps it for ECDSA). - ES512 with RSA key now fails with pyjwt's "Wrong key provided for ECDSA algorithms" (pyjwt added explicit key-type validation).
The three "invalid key" cases used to assert specific error messages from pyjwt/cryptography, which differ between library versions and break with every dependency bump. The actual contract under test is: 1. an exception is raised, 2. it is wrapped by our Oauth2TokenExchangeCredentials error handling, 3. no HTTP request is made (already enforced by http_request_is_expected). Match our own stable "Oauth2TokenExchangeCredentials:" prefix instead of the upstream wording.
The retriable error backoff sleep can take up to 1s, which together with the 1s wait_for timeout makes the test flaky on slower CI runners. Bump to 5s for both wait_for calls.
`DockerProject.stop()` was running `docker compose kill` via subprocess, which forks the python process. On Python 3.9 this races with the driver's active gRPC threads and crashes the child with SIGABRT (`fork_posix.cc: Other threads are currently calling into gRPC` followed by `epoll_wait error: Bad file descriptor`), failing every integration job on 3.9 in CI. Killing through the Docker SDK (unix socket, no fork) eliminates the race. `start()` keeps the `docker compose up -d --force-recreate` path because reviving an in-memory PDisk YDB after SIGKILL needs the full compose config — by then the driver's connections are already broken and its threads are sleeping in retry backoff, so forking is safe.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Pull request type
Please check the type of change your PR introduces:
What is the current behavior?
Issue Number: N/A
What is the new behavior?
Other information