FHIR Chat · https://packages2.fhir.org/ returning 502 errors · tooling

Stream: tooling

Topic: https://packages2.fhir.org/ returning 502 errors

view this post on Zulip Vassil Peytchev (Nov 23 2021 at 17:19):

@Mark Iantorno @Grahame Grieve
Fresh fork of hapifhir/org.hl7.fhir.core is failing with

ERROR] Failed to execute goal org.apache.maven.plugins:maven-surefire-plugin:3.0.0-M5:test (default-test) on project org.hl7.fhir.utilities: There are test failures.
[ERROR]
[ERROR] Please refer to /home/vassil/Work/FHIR/git/org.hl7.fhir.core/org.hl7.fhir.utilities/target/surefire-reports for the individual test results.
[ERROR] Please refer to dump files (if any exist) [date].dump, [date]-jvmRun[N].dump and [date].dumpstream.

The Surefire reports show failures in the CachingClientPackageTests

org.hl7.fhir.utilities.tests.CachingPackageClientTests.testExists2  Time elapsed: 0.023 s  <<< ERROR!
java.io.IOException: Server returned HTTP response code: 502 for URL: https://packages2.fhir.org/packages/hl7.fhir.r4.core

There is another failure in the PackageCachedTests, but that is probably related to the previous one.

org.hl7.fhir.utilities.tests.PackageCacheTests.testLastReleasedVersion  Time elapsed: 1.326 s  <<< FAILURE!
org.opentest4j.AssertionFailedError: expected: <0.0.9> but was: <0.0.8>

view this post on Zulip Vassil Peytchev (Nov 23 2021 at 17:45):

Skipping the tests with mvn install -Dmaven.test.skip=true leads to a successful build.

view this post on Zulip Grahame Grieve (Nov 23 2021 at 21:07):

denial of service attack - it;s doing 1000s of searches a second

view this post on Zulip Grahame Grieve (Nov 23 2021 at 21:50):

the server is now limiting all IPs to a max of 1 request/sec, with an upper queue size of 4 requests.

view this post on Zulip Vassil Peytchev (Nov 23 2021 at 21:52):

Is it worth checking if my VSCode is doing this? When I load org.hl7.fhir.core, the Maven projects take 5 minutes to resolve, could it be constantly trying to reach the package server?

view this post on Zulip Grahame Grieve (Nov 23 2021 at 21:52):

no it's not anything we wrote - it's a request we never make of the server

view this post on Zulip John Moehrke (Nov 23 2021 at 22:00):

dang hackers

view this post on Zulip Grahame Grieve (Nov 24 2021 at 00:07):

This looks like it's not a hacker, it's some one the FHIR community who wrote some kind of automated test framework that's slipped out of control

view this post on Zulip John Moehrke (Nov 24 2021 at 13:30):

that should be easier to discover them... right?

view this post on Zulip Grahame Grieve (Nov 24 2021 at 18:10):

should be. but hasn't proved possible yet. ANyway, 99% of their script executions are failing today

view this post on Zulip Lloyd McKenzie (Nov 24 2021 at 22:48):

Can you identify a geography from the offending IP address?

view this post on Zulip Grahame Grieve (Nov 24 2021 at 22:57):

right now it's just these 8:

view this post on Zulip Grahame Grieve (Nov 24 2021 at 22:57):

18.209.127.78
20.104.197.73
20.104.82.144
20.151.119.124
20.151.209.83
3.223.76.55
34.225.24.54
54.204.12.38

view this post on Zulip Lloyd McKenzie (Nov 24 2021 at 23:00):

So mix of Toronto, Canada and Ashton Virginia...

view this post on Zulip Elliot Silver (Nov 24 2021 at 23:00):

And from AWS. That's not particularly helpful.

view this post on Zulip Grahame Grieve (Nov 24 2021 at 23:01):

right. All making a single request, a list of all carin-bb IG versions. I've asked the carin-bb team, and it's not one of them

view this post on Zulip Lloyd McKenzie (Nov 25 2021 at 03:18):

Is there any way AWS could figure it out?

view this post on Zulip Grahame Grieve (Nov 25 2021 at 03:36):

maybe. but why. it's not a real DNS and nginx can take it

Last updated: Apr 12 2022 at 19:14 UTC


An HL7 Website -