Skip to content

Commit f3b9ad9

Browse files
committed
test: fix flaky audit log and service account status tests
The service account status test indexed PublicKeys[0] right after a non-fatal assert.Len. A slow reconcile that left the slice empty would panic instead of retrying, so the index access now sits behind the length check and the poller waits for the key to be aggregated. The two audit log tests seeded 1500 rows as separate autocommit transactions. Under full-suite disk contention those commits triggered enough checkpoint fsyncs to overrun the 30s context deadline mid-statement, so seeding now runs inside a single transaction. Signed-off-by: Oguz Kilcan <oguz.kilcan@siderolabs.com>
1 parent 49c8e72 commit f3b9ad9

2 files changed

Lines changed: 86 additions & 30 deletions

File tree

internal/backend/runtime/omni/audit/auditlog/auditlogsqlite/auditlogsqlite_test.go

Lines changed: 79 additions & 28 deletions
Original file line numberDiff line numberDiff line change
@@ -313,23 +313,56 @@ func TestRemoveByMaxSizeBatchCap(t *testing.T) {
313313
logger := zaptest.NewLogger(t)
314314

315315
// Seed 1500 events into a store with no size limit.
316-
seedStore, db := setupStore(ctx, t, logger)
316+
_, db := setupStore(ctx, t, logger)
317317

318318
const totalEvents = 1500
319319

320-
for i := range totalEvents {
321-
evt := auditlog.Event{
322-
Type: "batch-cap-test",
323-
TimeMillis: int64(i) * 1000,
324-
Data: &auditlog.Data{
320+
require.NoError(t, func() (err error) {
321+
var conn *zombiesqlite.Conn
322+
323+
if conn, err = db.Take(ctx); err != nil {
324+
return err
325+
}
326+
327+
defer db.Put(conn)
328+
329+
endTx, err := sqlitex.ImmediateTransaction(conn)
330+
if err != nil {
331+
return err
332+
}
333+
334+
defer endTx(&err)
335+
336+
insertQuery := fmt.Sprintf("INSERT INTO %s (%s, %s, %s) VALUES ($type, $ts, $data)",
337+
auditlogsqlite.TableName, "event_type", "event_ts_ms", "event_data")
338+
339+
for i := range totalEvents {
340+
data, mErr := json.Marshal(&auditlog.Data{
325341
Session: auditlog.Session{
326342
UserID: fmt.Sprintf("user-%d", i),
327343
Email: fmt.Sprintf("user-%d@example.com", i),
328344
},
329-
},
345+
})
346+
if mErr != nil {
347+
return mErr
348+
}
349+
350+
q, qErr := sqlitexx.NewQuery(conn, insertQuery)
351+
if qErr != nil {
352+
return qErr
353+
}
354+
355+
if err = q.
356+
BindString("$type", "batch-cap-test").
357+
BindInt64("$ts", int64(i)*1000).
358+
BindBytes("$data", data).
359+
Exec(); err != nil {
360+
return err
361+
}
330362
}
331-
require.NoError(t, seedStore.Write(ctx, evt))
332-
}
363+
364+
return nil
365+
}())
333366

334367
// Create a new store on the same DB with maxSize=1 (effectively 0) and probability=1.0.
335368
// This means all rows exceed the limit, but the batch cap (1000) should prevent
@@ -386,30 +419,48 @@ func TestRemoveBatching(t *testing.T) {
386419
rangeStart := time.Date(2026, 1, 1, 0, 0, 0, 0, time.UTC)
387420
rangeEnd := time.Date(2026, 1, 2, 0, 0, 0, 0, time.UTC)
388421

389-
conn, err := db.Take(ctx)
390-
require.NoError(t, err)
422+
require.NoError(t, func() (err error) {
423+
var conn *zombiesqlite.Conn
391424

392-
t.Cleanup(func() {
393-
db.Put(conn)
394-
})
425+
if conn, err = db.Take(ctx); err != nil {
426+
return err
427+
}
395428

396-
for i := range inRangeCount {
397-
ts := rangeStart.Add(time.Duration(i) * time.Second).UnixMilli()
429+
defer db.Put(conn)
398430

399-
q, qErr := sqlitexx.NewQuery(conn,
400-
fmt.Sprintf("INSERT INTO %s (%s, %s) VALUES ($ts, $data)", auditlogsqlite.TableName, "event_ts_ms", "event_data"))
401-
require.NoError(t, qErr)
402-
require.NoError(t, q.BindInt64("$ts", ts).BindBytes("$data", []byte(`{}`)).Exec())
403-
}
431+
endTx, err := sqlitex.ImmediateTransaction(conn)
432+
if err != nil {
433+
return err
434+
}
404435

405-
for i := range outRangeCount {
406-
ts := rangeEnd.Add(time.Duration(i+1) * time.Hour).UnixMilli()
436+
defer endTx(&err)
407437

408-
q, qErr := sqlitexx.NewQuery(conn,
409-
fmt.Sprintf("INSERT INTO %s (%s, %s) VALUES ($ts, $data)", auditlogsqlite.TableName, "event_ts_ms", "event_data"))
410-
require.NoError(t, qErr)
411-
require.NoError(t, q.BindInt64("$ts", ts).BindBytes("$data", []byte(`{}`)).Exec())
412-
}
438+
insertQuery := fmt.Sprintf("INSERT INTO %s (%s, %s) VALUES ($ts, $data)",
439+
auditlogsqlite.TableName, "event_ts_ms", "event_data")
440+
441+
insert := func(ts int64) error {
442+
q, qErr := sqlitexx.NewQuery(conn, insertQuery)
443+
if qErr != nil {
444+
return qErr
445+
}
446+
447+
return q.BindInt64("$ts", ts).BindBytes("$data", []byte(`{}`)).Exec()
448+
}
449+
450+
for i := range inRangeCount {
451+
if err = insert(rangeStart.Add(time.Duration(i) * time.Second).UnixMilli()); err != nil {
452+
return err
453+
}
454+
}
455+
456+
for i := range outRangeCount {
457+
if err = insert(rangeEnd.Add(time.Duration(i+1) * time.Hour).UnixMilli()); err != nil {
458+
return err
459+
}
460+
}
461+
462+
return nil
463+
}())
413464

414465
// Remove all events in range — requires multiple batches (1000 + 500).
415466
require.NoError(t, store.Remove(ctx, rangeStart, rangeEnd))

internal/backend/runtime/omni/controllers/omni/service_account_status_test.go

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -69,7 +69,10 @@ func (suite *ClusterServiceAccountStatusSuite) TestReconcile() {
6969

7070
rtestutils.AssertResources(ctx, suite.T(), suite.state, []string{serviceAccount.Metadata().ID()}, func(res *auth.ServiceAccountStatus, assert *assert.Assertions) {
7171
assert.Equal(string(role.Admin), res.TypedSpec().Value.Role)
72-
assert.Len(res.TypedSpec().Value.PublicKeys, 1)
72+
73+
if !assert.Len(res.TypedSpec().Value.PublicKeys, 1) {
74+
return
75+
}
7376

7477
if assert.NotNil(res.TypedSpec().Value.PublicKeys[0].Created) {
7578
assert.False(res.TypedSpec().Value.PublicKeys[0].Created.AsTime().IsZero())
@@ -86,7 +89,9 @@ func (suite *ClusterServiceAccountStatusSuite) TestReconcile() {
8689
require.NoError(suite.state.Create(suite.ctx, pkLastActive))
8790

8891
rtestutils.AssertResources(ctx, suite.T(), suite.state, []string{serviceAccount.Metadata().ID()}, func(res *auth.ServiceAccountStatus, assert *assert.Assertions) {
89-
assert.Len(res.TypedSpec().Value.PublicKeys, 1)
92+
if !assert.Len(res.TypedSpec().Value.PublicKeys, 1) {
93+
return
94+
}
9095

9196
if assert.NotNil(res.TypedSpec().Value.PublicKeys[0].LastUsed) {
9297
assert.WithinDuration(time.Now(), res.TypedSpec().Value.PublicKeys[0].LastUsed.AsTime(), 5*time.Second)

0 commit comments

Comments
 (0)