Skip to content

chore: replace deprecated PingCAP download domains#12585

Open
wuhuizuo wants to merge 1 commit intorelease-7.5from
fix/update-download-domains-release-7-5
Open

chore: replace deprecated PingCAP download domains#12585
wuhuizuo wants to merge 1 commit intorelease-7.5from
fix/update-download-domains-release-7-5

Conversation

@wuhuizuo
Copy link
Copy Markdown
Contributor

@wuhuizuo wuhuizuo commented Apr 2, 2026

Summary

  • replace deprecated download.pingcap.org references with download.pingcap.com
  • replace deprecated charts.pingcap.org references with charts.pingcap.com where present
  • keep the existing paths and protocols unchanged

Validation

  • git diff --check
  • verified no remaining download.pingcap.org / charts.pingcap.org references in the patched branch

@ti-chi-bot
Copy link
Copy Markdown
Contributor

ti-chi-bot bot commented Apr 2, 2026

Adding the "do-not-merge/release-note-label-needed" label because no release-note block was detected, please follow our release note process to remove it.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@ti-chi-bot
Copy link
Copy Markdown
Contributor

ti-chi-bot bot commented Apr 2, 2026

This cherry pick PR is for a release branch and has not yet been approved by triage owners.
Adding the do-not-merge/cherry-pick-not-approved label.

To merge this cherry pick:

  1. It must be LGTMed and approved by the reviewers firstly.
  2. For pull requests to TiDB-x branches, it must have no failed tests.
  3. AFTER it has lgtm and approved labels, please wait for the cherry-pick merging approval from triage owners.
Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@ti-chi-bot ti-chi-bot bot added the do-not-merge/release-note-label-needed Indicates that a PR should not merge because it's missing one of the release note labels. label Apr 2, 2026
@ti-chi-bot
Copy link
Copy Markdown
Contributor

ti-chi-bot bot commented Apr 2, 2026

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign d3hunter for approval. For more information see the Code Review Process.
Please ensure that each of them provides their approval before proceeding.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@ti-chi-bot ti-chi-bot bot added area/dm Issues or PRs related to DM. size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Apr 2, 2026
gemini-code-assist[bot]
gemini-code-assist bot reviewed Apr 2, 2026
View reviewed changes
Copy link
Copy Markdown

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request updates several download URLs across documentation and scripts, migrating from the pingcap.org domain to pingcap.com. The review feedback correctly identifies opportunities to further improve security by switching from insecure http to https for these binary downloads, mitigating potential man-in-the-middle risks.

Comment thread dm/tests/README.md
* `bin/tidb-server` can be downloaded from [tidb-master-linux-amd64](https://download.pingcap.org/tidb-master-linux-amd64.tar.gz) or installed by [tiup](https://github.com/pingcap/tiup), you can use the command `find ~/.tiup -name tidb-server` to locate `tidb-server` binary file and copy it
* `bin/sync_diff_inspector` # can be downloaded from [tidb-enterprise-tools-latest-linux-amd64](http://download.pingcap.org/tidb-enterprise-tools-latest-linux-amd64.tar.gz) or build from [source code](https://github.com/pingcap/tidb-tools)
* `bin/tidb-server` can be downloaded from [tidb-master-linux-amd64](https://download.pingcap.com/tidb-master-linux-amd64.tar.gz) or installed by [tiup](https://github.com/pingcap/tiup), you can use the command `find ~/.tiup -name tidb-server` to locate `tidb-server` binary file and copy it
* `bin/sync_diff_inspector` # can be downloaded from [tidb-enterprise-tools-latest-linux-amd64](http://download.pingcap.com/tidb-enterprise-tools-latest-linux-amd64.tar.gz) or build from [source code](https://github.com/pingcap/tidb-tools)
Copy link
Copy Markdown

@gemini-code-assist gemini-code-assist bot Apr 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

security-medium medium

For security and consistency with other links in this file (e.g., line 6), please use https instead of http for downloading binaries. Downloading over unencrypted HTTP is susceptible to man-in-the-middle attacks.

Suggested change
* `bin/sync_diff_inspector` # can be downloaded from [tidb-enterprise-tools-latest-linux-amd64](http://download.pingcap.com/tidb-enterprise-tools-latest-linux-amd64.tar.gz) or build from [source code](https://github.com/pingcap/tidb-tools)
* `bin/sync_diff_inspector` # can be downloaded from [tidb-enterprise-tools-latest-linux-amd64](https://download.pingcap.com/tidb-enterprise-tools-latest-linux-amd64.tar.gz) or build from [source code](https://github.com/pingcap/tidb-tools)

Comment thread dm/tests/download-compatibility-test-binaries.sh
Comment on lines +55 to +56
sync_diff_inspector_download_url="http://download.pingcap.com/tidb-enterprise-tools-nightly-linux-amd64.tar.gz"
mydumper_download_url="http://download.pingcap.com/tidb-enterprise-tools-latest-linux-amd64.tar.gz"
Copy link
Copy Markdown

@gemini-code-assist gemini-code-assist bot Apr 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

security-medium medium

Please use https instead of http for these download URLs to ensure secure transmission of binaries and maintain consistency with other parts of the codebase (e.g., dm/tests/tiup/lib.sh).

Suggested change
sync_diff_inspector_download_url="http://download.pingcap.com/tidb-enterprise-tools-nightly-linux-amd64.tar.gz"
mydumper_download_url="http://download.pingcap.com/tidb-enterprise-tools-latest-linux-amd64.tar.gz"
sync_diff_inspector_download_url="https://download.pingcap.com/tidb-enterprise-tools-nightly-linux-amd64.tar.gz"
mydumper_download_url="https://download.pingcap.com/tidb-enterprise-tools-latest-linux-amd64.tar.gz"

@ti-chi-bot
Copy link
Copy Markdown
Contributor

ti-chi-bot bot commented Apr 2, 2026

@wuhuizuo: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
pull-verify a61f75c link true /test pull-verify
pull-dm-integration-test a61f75c link true /test pull-dm-integration-test
pull-cdc-integration-pulsar-test a61f75c link true /test pull-cdc-integration-pulsar-test

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

area/dm Issues or PRs related to DM. do-not-merge/cherry-pick-not-approved do-not-merge/release-note-label-needed Indicates that a PR should not merge because it's missing one of the release note labels. size/S Denotes a PR that changes 10-29 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@wuhuizuo