Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add retry on keyvault test #3095

Merged
merged 2 commits into from
Mar 18, 2024
Merged

Add retry on keyvault test #3095

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
de6aa10
Add retry on keyvault test
Mar 15, 2024
642d72f
newline
Mar 15, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 7 additions & 1 deletion tests_e2e/test_suites/keyvault_certificates.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,9 +1,15 @@
#
# This test verifies that the Agent can download and extract KeyVault certificates that use different encryption algorithms
# This test verifies that the Agent can download and extract KeyVault certificates that use different encryption
# algorithms (currently RSA and EC).
#
# The test needs exclusive use of the VM because support for EC certificates was added on version 2.10. Daemons
# older than that version will fail to parse the certificates, and go on an infinite loop when fetching the goal
# state.
#
name: "KeyvaultCertificates"
tests:
- "keyvault_certificates/keyvault_certificates.py"
images:
- "endorsed"
- "endorsed-arm64"
owns_vm: true
27 changes: 20 additions & 7 deletions tests_e2e/tests/keyvault_certificates/keyvault_certificates.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,9 @@
#
# This test verifies that the Agent can download and extract KeyVault certificates that use different encryption algorithms (currently EC and RSA).
#
import datetime
import time

from assertpy import fail

from tests_e2e.tests.lib.agent_test import AgentVmTest
Expand Down Expand Up @@ -82,13 +85,23 @@ def run(self):
log.info("Reapplying the goal state to ensure the test certificates are downloaded.")
self._context.vm.reapply()

try:
output = ssh_client.run_command(f"ls {expected_certificates}", use_sudo=True)
log.info("Found all the expected certificates:\n%s", output)
except CommandError as error:
if error.stdout != "":
log.info("Found some of the expected certificates:\n%s", error.stdout)
fail(f"Failed to find certificates\n{error.stderr}")
# If the goal state includes only the certificates, but no extensions, the update/reapply operations may complete before the Agent has downloaded the certificates
# so we retry for a few minutes to ensure the certificates are downloaded.
timed_out = datetime.datetime.utcnow() + datetime.timedelta(minutes=5)
while True:
try:
output = ssh_client.run_command(f"ls {expected_certificates}", use_sudo=True)
log.info("Found all the expected certificates:\n%s", output)
break
except CommandError as error:
if error.stdout == "":
if datetime.datetime.utcnow() < timed_out:
log.info("The certificates have not been downloaded yet, will retry after a short delay.")
time.sleep(30)
continue
else:
log.info("Found some of the expected certificates:\n%s", error.stdout)
fail(f"Failed to find certificates\n{error.stderr}")


if __name__ == "__main__":
Expand Down
Loading