Keith Wall
Keith Wall
I'm not proposing to chase the additional coverage in this PR. Those were already uncovered paths.
I'm thinking about things like: 1. Upstream errors (uncontactable host, network timeout, TLS negotiation errors, Protocol errors) 2. Downstream errors (TLS negotiation errors, Protocol errors (i.e. HTTP))
@SamBarker it is not clear what remains to be done. could you update the state of this issue?
I notice that in the case above, the issue is occuring after the ResilienceIT has run. I added `shouldTolerateUpstreamGoingOffline` so I wonder if that might be exposing the issue?
I haven't been able to reproduce this issue locally. We are not seeing this issue regularly on CI either either. I think turning up `io.netty.leakDetection.targetRecords` would be a good idea...
@SamBarker I'm not actually confident that the #2114 will resolve the issue. I couldn't make the story fit together. But let's see!
@robobario @SamBarker hoping this PR is now in good shape.
@SamBarker @robobario if I can add this to your review queue that'd be great.
> In testing I was surprised that setting up downstream trust didn't stop the client connecting without a certificate. It looks like by default if we don't supply a `clientAuth`...
Agreed this is something that we want.