Avoid a rare flake in TestSupervisorLogin.
There was nothing to guarantee that _all_ Supervisor pods would be ready to handle this request. We saw a rare test flake where the LDAPIdentityProvider was marked as ready but one of the Supervisor pods didn't have it loaded yet and returned an HTTP 422 error (`Unprocessable Entity: No upstream providers are configured`). Signed-off-by: Matt Moyer <moyerm@vmware.com>
This commit is contained in:
parent
2acfafd5a5
commit
5686591420
@ -540,11 +540,29 @@ func requestAuthorizationUsingLDAPIdentityProvider(t *testing.T, downstreamAutho
|
|||||||
authRequest.Header.Set("Pinniped-Username", upstreamUsername)
|
authRequest.Header.Set("Pinniped-Username", upstreamUsername)
|
||||||
authRequest.Header.Set("Pinniped-Password", upstreamPassword)
|
authRequest.Header.Set("Pinniped-Password", upstreamPassword)
|
||||||
|
|
||||||
authResponse, err := httpClient.Do(authRequest)
|
// At this point in the test, we've already waited for the LDAPIdentityProvider to be loaded and marked healthy by
|
||||||
require.NoError(t, err)
|
// at least one Supervisor pod, but we can't be sure that _all_ of them have loaded the provider, so we may need
|
||||||
responseBody, err := ioutil.ReadAll(authResponse.Body)
|
// to retry this request multiple times until we get the expected 302 status response.
|
||||||
defer authResponse.Body.Close()
|
var authResponse *http.Response
|
||||||
require.NoError(t, err)
|
var responseBody []byte
|
||||||
|
library.RequireEventuallyWithoutError(t, func() (bool, error) {
|
||||||
|
authResponse, err = httpClient.Do(authRequest)
|
||||||
|
if err != nil {
|
||||||
|
t.Logf("got authorization response with error %v", err)
|
||||||
|
return false, nil
|
||||||
|
}
|
||||||
|
defer func() { _ = authResponse.Body.Close() }()
|
||||||
|
responseBody, err = ioutil.ReadAll(authResponse.Body)
|
||||||
|
if err != nil {
|
||||||
|
return false, nil
|
||||||
|
}
|
||||||
|
t.Logf("got authorization response with code %d (%d byte body)", authResponse.StatusCode, len(responseBody))
|
||||||
|
if authResponse.StatusCode != http.StatusFound {
|
||||||
|
return false, nil
|
||||||
|
}
|
||||||
|
return true, nil
|
||||||
|
}, 30*time.Second, 200*time.Millisecond)
|
||||||
|
|
||||||
expectSecurityHeaders(t, authResponse, true)
|
expectSecurityHeaders(t, authResponse, true)
|
||||||
|
|
||||||
// A successful authorize request results in a redirect to our localhost callback listener with an authcode param.
|
// A successful authorize request results in a redirect to our localhost callback listener with an authcode param.
|
||||||
|
Loading…
Reference in New Issue
Block a user