Skip to content

ci: update Scylla test version from 2025.2 to 2026.1#773

Open
mykaul wants to merge 1 commit intomasterfrom
ci/update-scylla-version-2026.1
Open

ci: update Scylla test version from 2025.2 to 2026.1#773
mykaul wants to merge 1 commit intomasterfrom
ci/update-scylla-version-2026.1

Conversation

@mykaul
Copy link
Copy Markdown

@mykaul mykaul commented Mar 29, 2026

Summary

  • Update SCYLLA_VERSION in integration test CI from release:2025.2 to release:2026.1
  • Tests gated by @skip_scylla_version_lt(2026.1.0) (e.g. client_routes tests) will now execute in CI
  • No code changes — CI-only

Context

The integration test suite was pinned to release:2025.2. Updating to release:2026.1 ensures CI covers the latest ScyllaDB features and catches regressions earlier.

Known issues on 2026.1: Two tests in test_client_routes.py (TestSslThroughNlb and TestFullNodeReplacementThroughNlb) have pre-existing failures that will be addressed in separate PRs:

  • TestFullNodeReplacementThroughNlb: bootstrap crash due to missing rackdc properties (fix ready on fix/nlb-test-bootstrap-rackdc)
  • TestSslThroughNlb: SSL connection timeout after cluster reconfiguration (under investigation)

@mykaul
ci: update Scylla test version from 2025.2 to 2026.1
1902526 
The integration test suite was pinned to release:2025.2 which is no
longer the latest LTS branch.  Update to release:2026.1 so CI covers
the newest ScyllaDB features and catches regressions earlier.

Tests gated by @skip_scylla_version_lt(2026.1.0) — such as the
client_routes tests — will now actually execute in CI.
@mykaul
Copy link
Copy Markdown
Author

mykaul commented Mar 29, 2026

CI is complaining on The nested job 'upload_pypi' is requesting 'id-token: write', but is only allowed 'id-token: none'. - I assume some CI maintenance taking place (CC @dkropachev , @roy)

@mykaul
Copy link
Copy Markdown
Author

mykaul commented Apr 2, 2026

AI analysis of the CI failure (did not yet review!):
Failure: All 5 asyncio test jobs fail with exactly 1 test failure each:
tests/integration/standard/test_client_routes.py::TestSslThroughNlb::test_ssl_without_hostname_verification_through_nlb
Root cause: This is an asyncio reactor SSL issue, NOT caused by the version bump itself. The version bump simply enables the client_routes tests (they were skipped on release:2025.2 since that version lacks the system.client_routes table).
Details:

  • All libev jobs (6) and asyncore (1) pass this test
  • All asyncio jobs (5) fail — OperationTimedOut after 5 seconds waiting for a CQL SUPPORTED response
  • The asyncio reactor uses loop.sock_recv()/loop.sock_sendall() which are designed for plain sockets, not SSL sockets. When an ssl.SSLSocket in non-blocking mode encounters TLS protocol messages (e.g., TLS 1.3 NewSessionTicket), these methods don't handle the SSL renegotiation correctly
  • The handle_read coroutine catches SSLWantReadError/SSLWantWriteError but the underlying loop.sock_recv() may propagate them differently than expected, or TLS 1.3 behavior in Scylla 2026.1 triggers a deadlock where the socket appears readable but recv() blocks in the SSL layer
    Recommendation: This is a known limitation of the asyncio reactor's low-level SSL approach. The proper fix would be to use asyncio.open_connection() with ssl=context or loop.create_connection() with proper SSL transport, rather than wrapping the raw socket. As a short-term workaround, the test could be marked with @unittest.skipIf for the asyncio reactor, or the connection timeout in routes_visible() could be increased.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@mykaul