letsencrypt
/
boulder
mirror of https://github.com/letsencrypt/boulder.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

CA: Run all CA package tests in parallel (#7438) 

The CA tests don't share any state and create their own individual CA
implementations. We can safely run these tests in parallel within the CA
package to shave at least a second off of unit test runs at the expense
of additional CPU and memory usage.
This commit is contained in:
Phil Porada 2024-04-17 19:01:37 -04:00 committed by GitHub
parent 2b8dea9821
commit c0ecabd244
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 23 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
ca/ca_test.go
View File

@ -40,6 +40,7 @@ import (
) )
func TestImplementation(t *testing.T) { func TestImplementation(t *testing.T) {
t.Parallel()
test.AssertImplementsGRPCServer(t, &certificateAuthorityImpl{}, capb.UnimplementedCertificateAuthorityServer{}) test.AssertImplementsGRPCServer(t, &certificateAuthorityImpl{}, capb.UnimplementedCertificateAuthorityServer{})
} }
@ -277,6 +278,7 @@ func setup(t *testing.T) *testCtx {
} }
func TestSerialPrefix(t *testing.T) { func TestSerialPrefix(t *testing.T) {
t.Parallel()
testCtx := setup(t) testCtx := setup(t)
_, err := NewCertificateAuthorityImpl( _, err := NewCertificateAuthorityImpl(
@ -329,6 +331,7 @@ type TestCertificateIssuance struct {
} }
func TestIssuePrecertificate(t *testing.T) { func TestIssuePrecertificate(t *testing.T) {
t.Parallel()
testCases := []struct { testCases := []struct {
name string name string
csr []byte csr []byte
@ -439,6 +442,7 @@ func issueCertificateSubTestValidityUsesCAClock(t *testing.T, i *TestCertificate
// Test failure mode when no issuers are present. // Test failure mode when no issuers are present.
func TestNoIssuers(t *testing.T) { func TestNoIssuers(t *testing.T) {
t.Parallel()
testCtx := setup(t) testCtx := setup(t)
sa := &mockSA{} sa := &mockSA{}
_, err := NewCertificateAuthorityImpl( _, err := NewCertificateAuthorityImpl(
@ -465,6 +469,7 @@ func TestNoIssuers(t *testing.T) {
// Test issuing when multiple issuers are present. // Test issuing when multiple issuers are present.
func TestMultipleIssuers(t *testing.T) { func TestMultipleIssuers(t *testing.T) {
t.Parallel()
testCtx := setup(t) testCtx := setup(t)
sa := &mockSA{} sa := &mockSA{}
ca, err := NewCertificateAuthorityImpl( ca, err := NewCertificateAuthorityImpl(
@ -511,6 +516,7 @@ func TestMultipleIssuers(t *testing.T) {
} }
func TestProfiles(t *testing.T) { func TestProfiles(t *testing.T) {
t.Parallel()
ctx := setup(t) ctx := setup(t)
test.AssertEquals(t, len(ctx.certProfiles), 2) test.AssertEquals(t, len(ctx.certProfiles), 2)
@ -679,6 +685,7 @@ func TestProfiles(t *testing.T) {
} }
func TestECDSAAllowList(t *testing.T) { func TestECDSAAllowList(t *testing.T) {
t.Parallel()
req := &capb.IssueCertificateRequest{Csr: ECDSACSR, RegistrationID: arbitraryRegID} req := &capb.IssueCertificateRequest{Csr: ECDSACSR, RegistrationID: arbitraryRegID}
// With allowlist containing arbitraryRegID, issuance should come from ECDSA issuer. // With allowlist containing arbitraryRegID, issuance should come from ECDSA issuer.
@ -711,6 +718,7 @@ func TestECDSAAllowList(t *testing.T) {
} }
func TestInvalidCSRs(t *testing.T) { func TestInvalidCSRs(t *testing.T) {
t.Parallel()
testCases := []struct { testCases := []struct {
name string name string
csrPath string csrPath string
@ -802,6 +810,7 @@ func TestInvalidCSRs(t *testing.T) {
} }
func TestRejectValidityTooLong(t *testing.T) { func TestRejectValidityTooLong(t *testing.T) {
t.Parallel()
testCtx := setup(t) testCtx := setup(t)
sa := &mockSA{} sa := &mockSA{}
ca, err := NewCertificateAuthorityImpl( ca, err := NewCertificateAuthorityImpl(
@ -905,6 +914,7 @@ func makeSCTs() ([][]byte, error) {
} }
func TestIssueCertificateForPrecertificate(t *testing.T) { func TestIssueCertificateForPrecertificate(t *testing.T) {
t.Parallel()
testCtx := setup(t) testCtx := setup(t)
sa := &mockSA{} sa := &mockSA{}
ca, err := NewCertificateAuthorityImpl( ca, err := NewCertificateAuthorityImpl(
@ -975,6 +985,7 @@ func TestIssueCertificateForPrecertificate(t *testing.T) {
} }
func TestIssueCertificateForPrecertificateWithSpecificCertificateProfile(t *testing.T) { func TestIssueCertificateForPrecertificateWithSpecificCertificateProfile(t *testing.T) {
t.Parallel()
testCtx := setup(t) testCtx := setup(t)
sa := &mockSA{} sa := &mockSA{}
ca, err := NewCertificateAuthorityImpl( ca, err := NewCertificateAuthorityImpl(
@ -1096,6 +1107,7 @@ func (m *getCertErrorSA) GetCertificate(ctx context.Context, req *sapb.Serial, _
} }
func TestIssueCertificateForPrecertificateDuplicateSerial(t *testing.T) { func TestIssueCertificateForPrecertificateDuplicateSerial(t *testing.T) {
t.Parallel()
testCtx := setup(t) testCtx := setup(t)
sa := &dupeSA{} sa := &dupeSA{}
ca, err := NewCertificateAuthorityImpl( ca, err := NewCertificateAuthorityImpl(
@ -1190,6 +1202,7 @@ func TestIssueCertificateForPrecertificateDuplicateSerial(t *testing.T) {
} }
func TestGenerateSKID(t *testing.T) { func TestGenerateSKID(t *testing.T) {
t.Parallel()
key, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader) key, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
test.AssertNotError(t, err, "Error generating key") test.AssertNotError(t, err, "Error generating key")

2
ca/crl_test.go
View File

@ -15,6 +15,7 @@ import (
) )
func TestImplementationCRL(t *testing.T) { func TestImplementationCRL(t *testing.T) {
t.Parallel()
test.AssertImplementsGRPCServer(t, &crlImpl{}, capb.UnimplementedCRLGeneratorServer{}) test.AssertImplementsGRPCServer(t, &crlImpl{}, capb.UnimplementedCRLGeneratorServer{})
} }
@ -38,6 +39,7 @@ func (s mockGenerateCRLBidiStream) Send(entry *capb.GenerateCRLResponse) error {
} }
func TestGenerateCRL(t *testing.T) { func TestGenerateCRL(t *testing.T) {
t.Parallel()
testCtx := setup(t) testCtx := setup(t)
crli := testCtx.crl crli := testCtx.crl
errs := make(chan error, 1) errs := make(chan error, 1)

7
ca/ecdsa_allow_list_test.go
View File

@ -5,6 +5,7 @@ import (
) )
func TestNewECDSAAllowListFromFile(t *testing.T) { func TestNewECDSAAllowListFromFile(t *testing.T) {
t.Parallel()
type args struct { type args struct {
filename string filename string
} }
@ -46,9 +47,13 @@ func TestNewECDSAAllowListFromFile(t *testing.T) {
} }
for _, tt := range tests { for _, tt := range tests {
// TODO(Remove this >= go1.22.3) This shouldn't be necessary due to
// go1.22 changing loopvars.
// https://github.com/golang/go/issues/65612#issuecomment-1943342030
tt := tt
t.Run(tt.name, func(t *testing.T) { t.Run(tt.name, func(t *testing.T) {
t.Parallel()
allowList, gotEntries, err := NewECDSAAllowListFromFile(tt.args.filename) allowList, gotEntries, err := NewECDSAAllowListFromFile(tt.args.filename)
if (err != nil) != tt.wantErrBool { if (err != nil) != tt.wantErrBool {
t.Errorf("NewECDSAAllowListFromFile() error = %v, wantErr %v", err, tt.wantErrBool) t.Errorf("NewECDSAAllowListFromFile() error = %v, wantErr %v", err, tt.wantErrBool)
t.Error(allowList, gotEntries, err) t.Error(allowList, gotEntries, err)

2
ca/ocsp_test.go
View File

@ -17,6 +17,7 @@ import (
) )
func TestImplementationOCSP(t *testing.T) { func TestImplementationOCSP(t *testing.T) {
t.Parallel()
test.AssertImplementsGRPCServer(t, &ocspImpl{}, capb.UnimplementedOCSPGeneratorServer{}) test.AssertImplementsGRPCServer(t, &ocspImpl{}, capb.UnimplementedOCSPGeneratorServer{})
} }
@ -30,6 +31,7 @@ func serial(t *testing.T) []byte {
} }
func TestOCSP(t *testing.T) { func TestOCSP(t *testing.T) {
t.Parallel()
testCtx := setup(t) testCtx := setup(t)
ca, err := NewCertificateAuthorityImpl( ca, err := NewCertificateAuthorityImpl(
&mockSA{}, &mockSA{},