Update Let's Encrypt ROOT CA certificate in dist-(i686|x86_64)-linux docker images#89486

hkratz · 2021-10-03T09:05:16Z

The DST Root CA X3 used by Let's Encrypt has expired (Let's Encrypt announcement). This patch installs the new root certificate (ISRG Root X1) and disables the old one. Disabling the old one is necessary because otherwise curl still fails to download from servers with Let's Encrypt certs even though they are cross-signed.

Fixes #89484.

…docker images

rust-highfive · 2021-10-03T09:05:19Z

r? @Mark-Simulacrum

(rust-highfive has picked a reviewer for you, use r? to override)

Mark-Simulacrum · 2021-10-03T15:02:40Z

@bors r+

bors · 2021-10-03T15:02:42Z

📌 Commit 32e19fb has been approved by Mark-Simulacrum

Mark-Simulacrum · 2021-10-03T18:23:26Z

@bors p=1

bors · 2021-10-03T19:03:30Z

⌛ Testing commit 32e19fb with merge 9dbb26e...

bors · 2021-10-03T21:44:04Z

☀️ Test successful - checks-actions
Approved by: Mark-Simulacrum
Pushing 9dbb26e to master...

rust-timer · 2021-10-04T00:23:57Z

Finished benchmarking commit (9dbb26e): comparison url.

Summary: This benchmark run did not return any relevant changes.

If you disagree with this performance assessment, please file an issue in rust-lang/rustc-perf.

@rustbot label: -perf-regression

…ate, r=Mark-Simulacrum Update Let's Encrypt ROOT CA certificate in dist-(i686|x86_64)-linux docker images The DST Root CA X3 used by Let's Encrypt has expired ([Let's Encrypt announcement](https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/)). This patch installs the new root certificate (ISRG Root X1) and disables the old one. Disabling the old one is necessary because otherwise curl still fails to download from servers with Let's Encrypt certs even though they are cross-signed. Fixes rust-lang#89484.

rust-log-analyzer · 2021-10-04T20:30:39Z

The job x86_64-gnu-llvm-10 failed! Check out the build log: (web) (plain)

Click to see the possible cause of the failure (guessed by this bot)

  TOOLSTATE_REPO: https://github.com/rust-lang-nursery/rust-toolstate
  CACHE_DOMAIN: ci-caches.rust-lang.org
  IMAGE: x86_64-gnu-llvm-10
##[endgroup]
fatal: unknown commit 53fd98ca776cb875bc9e5514f56b52eb74f9e7a9
All commits in `HEAD` are present in `master`
src/ci/scripts/run-build-from-ci.sh
shell: /bin/bash --noprofile --norc -e -o pipefail {0}
env:
  CI_JOB_NAME: x86_64-gnu-llvm-10
---
To only update this specific test, also pass `--test-args doctest-edition.rs`

error: 1 errors occurred comparing output.
status: exit status: 1
command: "/checkout/obj/build/x86_64-unknown-linux-gnu/stage2/bin/rustdoc" "/checkout/src/test/rustdoc-ui/doctest-edition.rs" "-Zthreads=1" "--target=x86_64-unknown-linux-gnu" "--error-format" "json" "-Ccodegen-units=1" "-Zui-testing" "-Zdeduplicate-diagnostics=no" "-Zemit-future-incompat-report" "-o" "/checkout/obj/build/x86_64-unknown-linux-gnu/test/rustdoc-ui/doctest-edition" "-Cdebuginfo=0" "-Lnative=/checkout/obj/build/x86_64-unknown-linux-gnu/native/rust-test-helpers" "--edition=2021" "-Zunstable-options" "-L" "/checkout/obj/build/x86_64-unknown-linux-gnu/test/rustdoc-ui/doctest-edition/auxiliary"
------------------------------------------

------------------------------------------
stderr:
stderr:
------------------------------------------
error: could not parse code block as Rust code
  --> /checkout/src/test/rustdoc-ui/doctest-edition.rs:7:5
   |
LL |   //! ```
   |  _____^
LL | | //! foo'b'
LL | | //! ```
   |
note: the lint level is defined here
  --> /checkout/src/test/rustdoc-ui/doctest-edition.rs:3:9
   |
   |
LL | #![deny(rustdoc::invalid_rust_codeblocks)]
   |         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
   = note: error from rustc: prefix `foo` is unknown
   |
LL | //! ```text
   |     ~~~~~~~

---
test result: FAILED. 131 passed; 1 failed; 0 ignored; 0 measured; 0 filtered out; finished in 6.66s



command did not execute successfully: "/checkout/obj/build/x86_64-unknown-linux-gnu/stage0-tools-bin/compiletest" "--compile-lib-path" "/checkout/obj/build/x86_64-unknown-linux-gnu/stage2/lib" "--run-lib-path" "/checkout/obj/build/x86_64-unknown-linux-gnu/stage2/lib/rustlib/x86_64-unknown-linux-gnu/lib" "--rustc-path" "/checkout/obj/build/x86_64-unknown-linux-gnu/stage2/bin/rustc" "--rustdoc-path" "/checkout/obj/build/x86_64-unknown-linux-gnu/stage2/bin/rustdoc" "--src-base" "/checkout/src/test/rustdoc-ui" "--build-base" "/checkout/obj/build/x86_64-unknown-linux-gnu/test/rustdoc-ui" "--stage-id" "stage2-x86_64-unknown-linux-gnu" "--suite" "rustdoc-ui" "--mode" "ui" "--target" "x86_64-unknown-linux-gnu" "--host" "x86_64-unknown-linux-gnu" "--llvm-filecheck" "/usr/lib/llvm-10/bin/FileCheck" "--nodejs" "/usr/bin/node" "--host-rustcflags" "-Cdebuginfo=0  -Lnative=/checkout/obj/build/x86_64-unknown-linux-gnu/native/rust-test-helpers" "--target-rustcflags" "-Cdebuginfo=0  -Lnative=/checkout/obj/build/x86_64-unknown-linux-gnu/native/rust-test-helpers" "--docck-python" "/usr/bin/python3" "--lldb-python" "/usr/bin/python3" "--gdb" "/usr/bin/gdb" "--quiet" "--llvm-version" "10.0.0" "--llvm-components" "aarch64 aarch64asmparser aarch64codegen aarch64desc aarch64disassembler aarch64info aarch64utils aggressiveinstcombine all all-targets amdgpu amdgpuasmparser amdgpucodegen amdgpudesc amdgpudisassembler amdgpuinfo amdgpuutils analysis arm armasmparser armcodegen armdesc armdisassembler arminfo armutils asmparser asmprinter avr avrasmparser avrcodegen avrdesc avrdisassembler avrinfo binaryformat bitreader bitstreamreader bitwriter bpf bpfasmparser bpfcodegen bpfdesc bpfdisassembler bpfinfo cfguard codegen core coroutines coverage debuginfocodeview debuginfodwarf debuginfogsym debuginfomsf debuginfopdb demangle dlltooldriver dwarflinker engine executionengine frontendopenmp fuzzmutate globalisel hexagon hexagonasmparser hexagoncodegen hexagondesc hexagondisassembler hexagoninfo instcombine instrumentation interpreter ipo irreader jitlink lanai lanaiasmparser lanaicodegen lanaidesc lanaidisassembler lanaiinfo libdriver lineeditor linker lto mc mca mcdisassembler mcjit mcparser mips mipsasmparser mipscodegen mipsdesc mipsdisassembler mipsinfo mirparser msp430 msp430asmparser msp430codegen msp430desc msp430disassembler msp430info native nativecodegen nvptx nvptxcodegen nvptxdesc nvptxinfo objcarcopts object objectyaml option orcerror orcjit passes perfjitevents powerpc powerpcasmparser powerpccodegen powerpcdesc powerpcdisassembler powerpcinfo profiledata remarks riscv riscvasmparser riscvcodegen riscvdesc riscvdisassembler riscvinfo riscvutils runtimedyld scalaropts selectiondag sparc sparcasmparser sparccodegen sparcdesc sparcdisassembler sparcinfo support symbolize systemz systemzasmparser systemzcodegen systemzdesc systemzdisassembler systemzinfo tablegen target textapi transformutils vectorize webassembly webassemblyasmparser webassemblycodegen webassemblydesc webassemblydisassembler webassemblyinfo windowsmanifest x86 x86asmparser x86codegen x86desc x86disassembler x86info x86utils xcore xcorecodegen xcoredesc xcoredisassembler xcoreinfo xray" "--system-llvm" "--cc" "" "--cxx" "" "--cflags" "" "--adb-path" "adb" "--adb-test-dir" "/data/tmp/work" "--android-cross-path" "" "--channel" "beta" "--color" "always"


Build completed unsuccessfully in 0:29:29

ehuss · 2021-10-04T21:15:06Z

rust-log-analyzer seem to have gotten confused somehow by my PR and posted this in the wrong place. 😕

[beta] Beta rollup * Fix WinUWP std compilation errors due to I/O safety rust-lang#88587 * Disable RemoveZsts in generators to avoid query cycles rust-lang#88979 * Disable the evaluation cache when in intercrate mode rust-lang#88994 * Fix linting when trailing macro expands to a trailing semi rust-lang#88996 * Don't use projection cache or candidate cache in intercrate mode rust-lang#89125 * 2229: Mark insignificant dtor in stdlib rust-lang#89144 * Temporarily rename int_roundings functions to avoid conflicts rust-lang#89184 * [rfc 2229] Drop fully captured upvars in the same order as the regular drop code rust-lang#89208 * Use the correct edition for syntax highlighting doctests rust-lang#89277 * Don't normalize opaque types with escaping late-bound regions rust-lang#89285 * Update Let's Encrypt ROOT CA certificate in dist-(i686|x86_64)-linux docker images rust-lang#89486 Cargo update: * - [beta] 1.56 backports (rust-lang/cargo#9958) * - [beta] Revert "When a dependency does not have a version, git or path… (rust-lang/cargo#9912) * - [beta] Fix rustc --profile=dev unstable check. (rust-lang/cargo#9901)

Update Let's Encrypt ROOT CA certificate in dist-(i686|x86_64)-linux …

32e19fb

…docker images

rust-highfive assigned Mark-Simulacrum Oct 3, 2021

rust-highfive added the S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. label Oct 3, 2021

bors added S-waiting-on-bors Status: Waiting on bors to run and complete tests. Bors will change the label on completion. and removed S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. labels Oct 3, 2021

bors added the merged-by-bors This PR was explicitly merged by bors. label Oct 3, 2021

bors merged commit 9dbb26e into rust-lang:master Oct 3, 2021

rustbot added this to the 1.57.0 milestone Oct 3, 2021

Mark-Simulacrum added beta-accepted Accepted for backporting to the compiler in the beta channel. beta-nominated Nominated for backporting to the compiler in the beta channel. labels Oct 4, 2021

ehuss mentioned this pull request Oct 4, 2021

[beta] Beta rollup #89527

Merged

ehuss removed the beta-nominated Nominated for backporting to the compiler in the beta channel. label Oct 4, 2021

Mark-Simulacrum modified the milestones: 1.57.0, 1.56.0 Oct 6, 2021

hkratz deleted the docker_letsencrypt_ca_update branch November 6, 2021 20:37

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Update Let's Encrypt ROOT CA certificate in dist-(i686|x86_64)-linux docker images#89486