Add test for detecting goroutine leak

pull/19285/head
Chris S. Kim 1 year ago
parent 1922b5f539
commit a4dff42744

@ -244,7 +244,7 @@ func (v *VaultProvider) renewToken(ctx context.Context, watcher *vaultapi.Lifeti
case err := <-watcher.DoneCh(): case err := <-watcher.DoneCh():
// Watcher has stopped // Watcher has stopped
if err != nil { if err != nil {
v.logger.Error("Error renewing token for Vault provider", "error", err, "fails", retrier.Failures()) v.logger.Error("Error renewing token for Vault provider", "error", err, "retries", retrier.Failures())
} }
// Although the vault watcher has its own retry logic, we have encountered // Although the vault watcher has its own retry logic, we have encountered

@ -8,6 +8,7 @@ import (
"encoding/json" "encoding/json"
"fmt" "fmt"
"io" "io"
"runtime/pprof"
"strconv" "strconv"
"strings" "strings"
"sync/atomic" "sync/atomic"
@ -237,8 +238,68 @@ func TestVaultCAProvider_Configure(t *testing.T) {
testcase.expectedValue(t, provider) testcase.expectedValue(t, provider)
}) })
} }
}
// This test must not run in parallel
func TestVaultCAProvider_ConfigureWithBadToken(t *testing.T) {
if testing.Short() {
t.Skip("too slow for testing.Short")
}
SkipIfVaultNotPresent(t)
testVault := NewTestVaultServer(t)
attr := &VaultTokenAttributes{
RootPath: "pki-root",
IntermediatePath: "pki-intermediate",
ConsulManaged: true,
}
token := CreateVaultTokenWithAttrs(t, testVault.client, attr)
return provider := NewVaultProvider(hclog.New(&hclog.LoggerOptions{Name: "ca.vault"}))
t.Run("bad token does not leak renewal routine on Configure", func(t *testing.T) {
config := map[string]any{
"RootPKIPath": "pki-root/",
"IntermediatePKIPath": "badbadbad/",
}
cfg := vaultProviderConfig(t, testVault.Addr, token, config)
err := provider.Configure(cfg)
require.Error(t, err)
retry.RunWith(retry.TwoSeconds(), t, func(r *retry.R) {
profile := pprof.Lookup("goroutine")
sb := strings.Builder{}
require.NoError(r, profile.WriteTo(&sb, 2))
require.NotContains(r, sb.String(),
"created by github.com/hashicorp/consul/agent/connect/ca.(*VaultProvider).Configure",
"found renewal goroutine leak")
// If this test is failing because you added a new goroutine to
// (*VaultProvider).Configure AND that goroutine should persist
// even if Configure errored, then you should change the checked
// string to (*VaultProvider).renewToken.
})
})
t.Run("correct token starts renewal routine", func(t *testing.T) {
config := map[string]any{
"RootPKIPath": "pki-root/",
"IntermediatePKIPath": "pki-intermediate/",
}
cfg := vaultProviderConfig(t, testVault.Addr, token, config)
require.NoError(t, provider.Configure(cfg))
retry.RunWith(retry.TwoSeconds(), t, func(r *retry.R) {
profile := pprof.Lookup("goroutine")
sb := strings.Builder{}
require.NoError(r, profile.WriteTo(&sb, 2))
require.Contains(r, sb.String(),
"created by github.com/hashicorp/consul/agent/connect/ca.(*VaultProvider).Configure",
"expected renewal goroutine, got none")
})
})
} }
func TestVaultCAProvider_SecondaryActiveIntermediate(t *testing.T) { func TestVaultCAProvider_SecondaryActiveIntermediate(t *testing.T) {

Loading…
Cancel
Save