From adc5f5adbede63c788ad36e9a7f13cb807c0d2e9 Mon Sep 17 00:00:00 2001
From: SitaLakshmi <sita1996@gmail.com>
Date: Thu, 16 Feb 2023 13:53:13 -0500
Subject: [PATCH] delete only Ca create time > 24 hours

---
 .../src/test/java/privateca/SnippetsIT.java      |  1 +
 .../snippets/src/test/java/privateca/Util.java   | 16 ++++++++++++++++
 2 files changed, 17 insertions(+)

diff --git a/privateca/snippets/src/test/java/privateca/SnippetsIT.java b/privateca/snippets/src/test/java/privateca/SnippetsIT.java
index 74ca42c9348..0ffee4d513b 100644
--- a/privateca/snippets/src/test/java/privateca/SnippetsIT.java
+++ b/privateca/snippets/src/test/java/privateca/SnippetsIT.java
@@ -109,6 +109,7 @@ public static void setUp()
 
     // Delete stale resources
     Util.cleanUpCaPool(PROJECT_ID, LOCATION);
+    TimeUnit.SECONDS.sleep(30);
 
     // <--- START CA POOL --->
     // Create CA Pool.
diff --git a/privateca/snippets/src/test/java/privateca/Util.java b/privateca/snippets/src/test/java/privateca/Util.java
index 7c62b2c0771..587869c345c 100644
--- a/privateca/snippets/src/test/java/privateca/Util.java
+++ b/privateca/snippets/src/test/java/privateca/Util.java
@@ -26,13 +26,18 @@
 import com.google.cloud.security.privateca.v1.DisableCertificateAuthorityRequest;
 import com.google.cloud.security.privateca.v1.ListCaPoolsRequest;
 import com.google.cloud.security.privateca.v1.LocationName;
+import com.google.protobuf.Timestamp;
 import java.io.IOException;
+import java.time.Instant;
+import java.time.temporal.ChronoUnit;
 import java.util.concurrent.ExecutionException;
 import java.util.concurrent.TimeUnit;
 import java.util.concurrent.TimeoutException;
 
 public class Util {
 
+  private static final int DELETION_THRESHOLD_TIME_HOURS = 24;
+
   // Delete Ca pools which starts with the given prefixToDelete.
   public static void cleanUpCaPool(String projectId,
       String location)
@@ -74,6 +79,11 @@ public static void deleteCertificateAuthority(String caPoolName)
         CertificateAuthorityServiceClient.create()) {
       for (CertificateAuthority certificateAuthority :
           certificateAuthorityServiceClient.listCertificateAuthorities(caPoolName).iterateAll()) {
+        // Check if the CA was created before the threshold time.
+        if (!isCreatedBeforeThresholdTime(certificateAuthority.getCreateTime())) {
+          continue;
+        }
+
         // Check if the CA is enabled.
         State caState =
             certificateAuthorityServiceClient
@@ -112,4 +122,10 @@ public static void disableCertificateAuthority(String caName)
           .get(5, TimeUnit.MINUTES);
     }
   }
+
+  public static boolean isCreatedBeforeThresholdTime(Timestamp timestamp) {
+    Instant instant = Instant.ofEpochSecond(timestamp.getSeconds(), timestamp.getNanos());
+    return instant
+        .isBefore(Instant.now().minus(DELETION_THRESHOLD_TIME_HOURS, ChronoUnit.HOURS));
+  }
 }