blobstore: use version-agnostic TLS strategy construction in Ali ITs#511
Draft
kchoy-sfdc wants to merge 1 commit into
Draft
blobstore: use version-agnostic TLS strategy construction in Ali ITs#511kchoy-sfdc wants to merge 1 commit into
kchoy-sfdc wants to merge 1 commit into
Conversation
The Ali IT harness (AliBlobStoreIT, AliBlobClientIT) built its WireMock-proxy TlsSocketStrategy via ClientTlsStrategyBuilder.setHostVerificationPolicy(...) .buildClassic() — both methods only exist in httpclient5 5.5.x. Replace that builder chain with a direct DefaultClientTlsStrategy(SSLContext, HostnameVerificationPolicy, HostnameVerifier) construction, which is present in both 5.4.x and 5.5.x (and is exactly what buildClassic() returns internally). Behavior is identical (same trust-all SSLContext, CLIENT verification policy, and noop verifier). This keeps the test harness buildable across httpclient5 versions without changing the pinned dependency or any runtime behavior; verified locally with both AliBlobStoreIT and AliBlobClientIT passing in replay.
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #511 +/- ##
=========================================
Coverage 82.41% 82.41%
Complexity 662 662
=========================================
Files 210 210
Lines 14314 14314
Branches 1930 1930
=========================================
Hits 11797 11797
Misses 1694 1694
Partials 823 823
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Harness. 🚀 New features to boost your workflow:
|
sandeepvinayak
requested changes
Jun 26, 2026
sandeepvinayak
left a comment
Contributor
There was a problem hiding this comment.
There might be multiple forks of this repo in numerous places with different dependencies, keeping open source tests compatible is none of this open source business.
Collaborator
Author
|
Per discuss we'll shelve this change for the time being |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Makes the Ali integration-test harness build against both httpclient5 5.4.x and 5.5.x by replacing a 5.5.x-only builder API with an equivalent constructor. No production code, no dependency, and no runtime behavior changes.
Problem
AliBlobStoreITandAliBlobClientITconstruct the WireMock-proxyTlsSocketStrategyvia:Both
setHostVerificationPolicy(...)andbuildClassic()were introduced in httpclient5 5.5.x and do not exist in 5.4.x, so the ITs fail to compile against the older line.Change
Construct the strategy directly:
DefaultClientTlsStrategy implements TlsSocketStrategy.ClientTlsStrategyBuilder.buildClassic()returns internally (buildImpl()→DefaultClientTlsStrategy), so behavior is identical — same trust-all SSLContext,CLIENThostname-verification policy, and noop verifier.Why
This keeps the test harness portable across httpclient5 versions without changing the pinned dependency (still 5.5.1 here) or any runtime/driver code. It only affects how the test harness builds its proxy TLS strategy.
Testing
mvn verify -pl blob/blob-ali—AliBlobStoreIT(123) andAliBlobClientIT(2) pass in replay mode; checkstyle clean.