backport of commit 8a174b05b045662423ce76be62687faab7e2514d (#22207)

Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
2023-08-04 11:45:55 -04:00 · 2023-08-04 11:45:55 -04:00 · 05cd21f13b
parent 6510f797ee
commit 05cd21f13b
2 changed files with 32 additions and 14 deletions
--- a/builtin/logical/pki/path_acme_test.go
+++ b/builtin/logical/pki/path_acme_test.go
@ -56,7 +56,8 @@ func TestAcmeBasicWorkflow(t *testing.T) {
 		{"issuer", "issuer/int-ca/acme/"},
 		{"issuer_role", "issuer/int-ca/roles/test-role/acme/"},
 	}
-	testCtx := context.Background()
+	testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
 	defer cancel()
 	for _, tc := range cases {
 		t.Run(tc.name, func(t *testing.T) {
@ -359,7 +360,8 @@ func TestAcmeBasicWorkflowWithEab(t *testing.T) {
 	t.Parallel()
 	cluster, client, _ := setupAcmeBackend(t)
 	defer cluster.Cleanup()
-	testCtx := context.Background()
+	testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
 	defer cancel()
 	// Enable EAB
 	_, err := client.Logical().WriteWithContext(context.Background(), "pki/config/acme", map[string]interface{}{
@ -559,7 +561,8 @@ func TestAcmeClusterPathNotConfigured(t *testing.T) {
 		{"issuer", "pki/issuer/default/acme/directory"},
 		{"issuer_role", "pki/issuer/default/roles/test-role/acme/directory"},
 	}
-	testCtx := context.Background()
+	testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
 	defer cancel()
 	for _, tc := range cases {
 		t.Run(tc.name, func(t *testing.T) {
@ -594,7 +597,8 @@ func TestAcmeAccountsCrossingDirectoryPath(t *testing.T) {
 	accountKey, err := rsa.GenerateKey(rand.Reader, 2048)
 	require.NoError(t, err, "failed creating rsa key")
-	testCtx := context.Background()
+	testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
 	defer cancel()
 	acmeClient := getAcmeClientForCluster(t, cluster, baseAcmeURL, accountKey)
 	// Create new account
@ -629,7 +633,8 @@ func TestAcmeEabCrossingDirectoryPath(t *testing.T) {
 	accountKey, err := rsa.GenerateKey(rand.Reader, 2048)
 	require.NoError(t, err, "failed creating rsa key")
-	testCtx := context.Background()
+	testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
 	defer cancel()
 	acmeClient := getAcmeClientForCluster(t, cluster, baseAcmeURL, accountKey)
 	// fetch a new EAB
@ -716,7 +721,9 @@ func TestAcmeTruncatesToIssuerExpiry(t *testing.T) {
 	cluster, client, _ := setupAcmeBackend(t)
 	defer cluster.Cleanup()
-	testCtx := context.Background()
+	testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
 	defer cancel()
 	mount := "pki"
 	resp, err := client.Logical().WriteWithContext(context.Background(), mount+"/issuers/generate/intermediate/internal",
 		map[string]interface{}{
@ -804,7 +811,8 @@ func TestAcmeRoleExtKeyUsage(t *testing.T) {
 	cluster, client, _ := setupAcmeBackend(t)
 	defer cluster.Cleanup()
-	testCtx := context.Background()
+	testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
 	defer cancel()
 	roleName := "test-role"
@ -907,7 +915,9 @@ func TestIssuerRoleDirectoryAssociations(t *testing.T) {
 	defer cluster.Cleanup()
 	// Setup DNS for validations.
-	testCtx := context.Background()
+	testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
 	defer cancel()
 	dns := dnstest.SetupResolver(t, "dadgarcorp.com")
 	defer dns.Cleanup()
 	_, err := client.Logical().WriteWithContext(testCtx, "pki/config/acme", map[string]interface{}{
@ -1040,7 +1050,9 @@ func TestACMESubjectFieldsAndExtensionsIgnored(t *testing.T) {
 	defer cluster.Cleanup()
 	// Setup DNS for validations.
-	testCtx := context.Background()
+	testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
 	defer cancel()
 	dns := dnstest.SetupResolver(t, "dadgarcorp.com")
 	defer dns.Cleanup()
 	_, err := client.Logical().WriteWithContext(testCtx, "pki/config/acme", map[string]interface{}{
@ -1086,7 +1098,8 @@ func TestAcmeWithCsrIncludingBasicConstraintExtension(t *testing.T) {
 	cluster, client, _ := setupAcmeBackend(t)
 	defer cluster.Cleanup()
-	testCtx := context.Background()
+	testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
 	defer cancel()
 	baseAcmeURL := "/v1/pki/acme/"
 	accountKey, err := rsa.GenerateKey(rand.Reader, 2048)
@ -1415,7 +1428,9 @@ func TestAcmeValidationError(t *testing.T) {
 	cluster, _, _ := setupAcmeBackend(t)
 	defer cluster.Cleanup()
-	testCtx := context.Background()
+	testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
 	defer cancel()
 	baseAcmeURL := "/v1/pki/acme/"
 	accountKey, err := rsa.GenerateKey(rand.Reader, 2048)
 	require.NoError(t, err, "failed creating rsa key")
@ -1521,7 +1536,8 @@ func TestAcmeRevocationAcrossAccounts(t *testing.T) {
 	cluster, vaultClient, _ := setupAcmeBackend(t)
 	defer cluster.Cleanup()
-	testCtx := context.Background()
+	testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
 	defer cancel()
 	baseAcmeURL := "/v1/pki/acme/"
 	accountKey1, err := rsa.GenerateKey(rand.Reader, 2048)
@ -1745,7 +1761,9 @@ func TestACMEClientRequestLimits(t *testing.T) {
 		},
 	}
-	testCtx := context.Background()
+	testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
 	defer cancel()
 	acmeConfig := map[string]interface{}{
 		"enabled":                  true,
 		"allowed_issuers":          "*",
--- a/builtin/logical/pki/path_config_acme_test.go
+++ b/builtin/logical/pki/path_config_acme_test.go
@ -91,7 +91,7 @@ func TestAcmeConfig(t *testing.T) {
 	testCtx := context.Background()
 	for _, tc := range cases {
-		deadline := time.Now().Add(time.Second * 10)
+		deadline := time.Now().Add(1 * time.Minute)
 		subTestCtx, _ := context.WithDeadline(testCtx, deadline)
 		_, err := client.Logical().WriteWithContext(subTestCtx, "pki/roles/exists", roleConfig)