fix(examples): make https_request rom_impl CI test resilient to transient external server failures
Closes IDFCI-3792
See merge request espressif/esp-idf!47528
fix(http_server/ws_echo_server): Fix ws_echo_server test URI registration race condition
Closes IDFCI-8585, IDFCI-6703, and IDFCI-3484
See merge request espressif/esp-idf!47368
The test_examples_protocol_https_request_rom_impl test on ESP32-C2 with
the ROM mbedTLS implementation hits a public TLS endpoint
(tls13.browserleaks.com / www.howsmyssl.com) for five sequential
sub-tests. CI runs frequently fail mid-test with one of:
* mbedtls_ssl_handshake returned -0x7780
(MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE - server-side fatal alert)
* esp-tls: [sock=NN] select() timeout
* esp-tls: Failed to open new connection in specified timeout
In a representative log the first three sub-tests succeed and only the
fourth/fifth fail, which is consistent with rate-limiting or transient
server unavailability rather than a device bug. Mark the test as
flaky with up to two reruns (10 s delay) so a single transient remote
failure does not fail the CI job.
Also align this test with the rest of the file by injecting the host
timestamp via NVS (write_time_to_nvs) so the device clock no longer
depends on a previous boot's persisted SNTP result, removing one more
source of CI flakiness on first-boot or after NVS erase.
The test_examples_protocol_https_request_rom_impl test on ESP32-C2 with
the ROM mbedTLS implementation hits a public TLS endpoint
(tls13.browserleaks.com / www.howsmyssl.com) for five sequential
sub-tests. CI runs frequently fail mid-test with one of:
* mbedtls_ssl_handshake returned -0x7780
(MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE - server-side fatal alert)
* esp-tls: [sock=NN] select() timeout
* esp-tls: Failed to open new connection in specified timeout
In a representative log the first three sub-tests succeed and only the
fourth/fifth fail, which is consistent with rate-limiting or transient
server unavailability rather than a device bug. Mark the test as
flaky with up to two reruns (10 s delay) so a single transient remote
failure does not fail the CI job.
Also align this test with the rest of the file by injecting the host
timestamp via NVS (write_time_to_nvs) so the device clock no longer
depends on a previous boot's persisted SNTP result, removing one more
source of CI flakiness on first-boot or after NVS erase.
fix(https_request): write host time to NVS to eliminate SNTP dependency in CI
Closes IDFCI-3371, IDFCI-3294, IDFCI-3480, IDFCI-5982, IDFCI-6184, and IDFCI-3651
See merge request espressif/esp-idf!47201
The async handler CI tests fail intermittently because the TCP
connection from the pytest host to the ESP32 HTTP server times out
or gets refused.
Add a _connect_with_retry() helper that retries the TCP connection
up to 3 times with a 2-second delay between attempts, catching
TimeoutError, ConnectionRefusedError, and OSError.
Extract common server startup waiting into _wait_for_server_ready()
which includes a 2-second stabilization delay after the server
registers its URI handlers before tests begin sending requests.
The WebSocket echo server tests connect immediately after seeing
"Starting server on port:" in the device log, but URI handlers
(/ws, /ws_partial, /auth) are registered asynchronously after the
server starts, taking 40-660ms depending on config and CI load.
This causes two failures:
1. WebSocket handshake returns 404 Not Found because the URI
handler is not registered yet when the client connects.
2. WebSocket echo returns wrong data because the server is in a
partially initialized state.
Wait for "Returned from app_main()" before connecting, which
guarantees all URI handlers are registered. Add connection retry
with WebSocketBadStatusException handling to WsClient and to the
partial frame test's raw websocket connection.
Extract _wait_for_server_ready() helper to deduplicate the WiFi
credential input and server readiness logic across all 3 tests.
Replace erase_nvs + SNTP time sync with direct NVS timestamp injection
from the pytest host. This eliminates CI flakiness caused by NTP servers
being unreachable from the CI lab network.
Changes:
- Add write_time_to_nvs() helper that generates an NVS partition image
with the current host timestamp and flashes it to the DUT before each
test. The firmware reads this via the existing update_time_from_nvs()
path and skips SNTP entirely.
- Remove @pytest.mark.parametrize('erase_nvs', ['y']) from all 4
Ethernet-based tests since NVS is now written with valid data.
Replace howsmyssl.com with letsencrypt.org in the https_x509_bundle
example. howsmyssl.com is a third-party server that is frequently
unreachable from CI, causing flaky test failures. letsencrypt.org
chains to the same ISRG Root X1 CA, so the custom certificate bundle
validation coverage is identical.
Since letsencrypt.org was already present in the full bundle URL list,
remove the duplicate entry and reduce MAX_URLS from 9 to 8. All 6
unique root CAs in the stress test are still covered.
For the QEMU stress test, increase per-connection timeout from 30s to
60s and final completion timeout from 60s to 180s. QEMU emulated
network is 3-5x slower than real hardware for TLS handshakes.
Add flaky markers to hardware tests to handle intermittent CI lab DHCP
failures that affect all Ethernet-based tests.
This commit added demo to receive websocket single frame in chunks
using newly added API httpd_ws_recv_frame_part() with optimized memory.
closes https://github.com/espressif/esp-idf/pull/15622
Make it possible to disable http(s) server events. This improves
performance of the server, as http server creates events on every signle
read or write to the socket.
Mahavir Jain
Hrushikesh Bhosale
David Čermák
Aditya Patwardhan
Euripedes Rocha Filho
Fu Hanxi
Ondrej Kosta
Ashish Sharma
nilesh.kale
igor.udot
harshal.patil
Bogdan Kolendovskyy
C.S.M
Alexey Lapshin
Jimmy Wennlund