Speed up ca unit tests by 10x (#6128)

Profiling showed that the unit tests were spending almost all of their time in key generation, because the tests were generating new fake keys for the linter with every call to `setup()`. Instead, create the linters just once at startup time. This decreases the runtime of `go test ./ca/...` from ~9.7s to less than one second.
2022-05-18 13:16:04 -07:00 · 2022-05-18 13:16:04 -07:00 · 50f6a6b84f
parent f958d479f9
commit 50f6a6b84f
1 changed files with 6 additions and 4 deletions
--- a/ca/ca_test.go
+++ b/ca/ca_test.go
@ -158,6 +158,8 @@ func (m *mockSA) GetPrecertificate(ctx context.Context, req *sapb.Serial, _ ...g
 var caKey crypto.Signer
 var caCert *issuance.Certificate
 var caCert2 *issuance.Certificate
+var caLinter *linter.Linter
+var caLinter2 *linter.Linter
 var ctx = context.Background()

 func init() {
@ -173,6 +175,8 @@ func init() {
 	if err != nil {
 		panic(fmt.Sprintf("Unable to parse %q: %s", caCertFile2, err))
 	}
+	caLinter, _ = linter.New(caCert.Certificate, caKey, []string{"n_subject_common_name_included"})
+	caLinter2, _ = linter.New(caCert2.Certificate, caKey, []string{"n_subject_common_name_included"})
 }

 func setup(t *testing.T) *testCtx {
@ -208,22 +212,20 @@ func setup(t *testing.T) *testCtx {
 		)
 		return res
 	}
-	boulderLinter, _ := linter.New(caCert.Certificate, caKey, []string{"n_subject_common_name_included"})
-	boulderLinter2, _ := linter.New(caCert2.Certificate, caKey, []string{"n_subject_common_name_included"})
 	boulderIssuers := []*issuance.Issuer{
 		// Must list ECDSA-only issuer first, so it is the default for ECDSA.
 		{
 			Cert:    caCert2,
 			Signer:  caKey,
 			Profile: boulderProfile(false, true),
-			Linter:  boulderLinter2,
+			Linter:  caLinter2,
 			Clk:     fc,
 		},
 		{
 			Cert:    caCert,
 			Signer:  caKey,
 			Profile: boulderProfile(true, true),
-			Linter:  boulderLinter,
+			Linter:  caLinter,
 			Clk:     fc,
 		},
 	}