Skip to content
This repository was archived by the owner on Mar 5, 2024. It is now read-only.

Commit 6e07571

Browse files
abursavichabursavich
authored
De-flake dynamic TLS test (#390)
1 parent f41bd20 commit 6e07571

File tree

1 file changed

+37
-13
lines changed

1 file changed

+37
-13
lines changed

pkg/server/tls_test.go

Lines changed: 37 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -44,32 +44,56 @@ func TestDynamicTLS(t *testing.T) {
4444
})
4545
check(t, "Failed to create symlink", os.Symlink(data0, data))
4646

47-
// create config
48-
certsCh := make(chan *tlsCerts, 1)
47+
type result struct {
48+
cert *tls.Certificate
49+
pool *x509.CertPool
50+
err error
51+
}
52+
ch := make(chan result, 1)
4953
wantCert := func(want *tls.Certificate) {
5054
t.Helper()
51-
select {
52-
case got := <-certsCh:
53-
if !reflect.DeepEqual(got.cert.Certificate, want.Certificate) {
54-
t.Fatal("Unexpected cert")
55-
}
56-
if !reflect.DeepEqual(got.cert.PrivateKey, want.PrivateKey) {
57-
t.Fatal("Unexpected key")
55+
timeout := time.NewTimer(5 * time.Second)
56+
defer timeout.Stop()
57+
var err error
58+
for {
59+
select {
60+
case got := <-ch:
61+
if got.err != nil {
62+
// This can occur if a filesystem event triggers a reload
63+
// and a symlink flip happens between reading the public
64+
// and private keys. They won't match due to this race,
65+
// but will immediately be reloaded again and will match.
66+
t.Logf("Unexpected error, may be transient: %v", got.err)
67+
err = got.err
68+
continue
69+
}
70+
if !reflect.DeepEqual(got.cert.Certificate, want.Certificate) {
71+
t.Fatal("Unexpected cert")
72+
}
73+
if !reflect.DeepEqual(got.cert.PrivateKey, want.PrivateKey) {
74+
t.Fatal("Unexpected key")
75+
}
76+
return // OK
77+
case <-timeout.C:
78+
if err != nil {
79+
t.Fatalf("Unexpected error: %v", err)
80+
}
81+
t.Fatal("Timeout waiting for certs")
5882
}
59-
case <-time.After(10 * time.Second):
60-
t.Fatal("Timeout waiting for certs")
6183
}
6284
}
85+
86+
// create config
6387
cfg, err := newDynamicTLSConfig(
6488
filepath.Join(dir, "cert.pem"),
6589
filepath.Join(dir, "key.pem"),
6690
filepath.Join(dir, "roots.pem"),
6791
func(cert *tls.Certificate, pool *x509.CertPool, err error) {
6892
select {
69-
case <-certsCh:
93+
case <-ch:
7094
default:
7195
}
72-
certsCh <- &tlsCerts{cert, pool}
96+
ch <- result{cert, pool, err}
7397
},
7498
)
7599
check(t, "Failed to initialize config", err)

0 commit comments

Comments
 (0)