fix tests caused by moving rotator initiation out of coderd

sreya · sreya · commit 3809cd5fa2c5 · 2024-10-17T03:14:32.000Z
diff --git a/cli/server_test.go b/cli/server_test.go
@@ -44,6 +44,7 @@ import (
 	"github.com/coder/coder/v2/cli/clitest"
 	"github.com/coder/coder/v2/cli/config"
 	"github.com/coder/coder/v2/coderd/coderdtest"
+	"github.com/coder/coder/v2/coderd/database"
 	"github.com/coder/coder/v2/coderd/database/dbtestutil"
 	"github.com/coder/coder/v2/coderd/httpapi"
 	"github.com/coder/coder/v2/coderd/telemetry"
@@ -1590,6 +1591,44 @@ func TestServer(t *testing.T) {
 			w.RequireSuccess()
 		})
 	})
+
+	t.Run("CryptoKeysGenerated", func(t *testing.T) {
+		t.Parallel()
+		if testing.Short() {
+			t.SkipNow()
+		}
+
+		if runtime.GOOS != "linux" || testing.Short() {
+			// Skip on non-Linux because it spawns a PostgreSQL instance.
+			t.SkipNow()
+		}
+		connectionURL, closeFunc, err := dbtestutil.Open()
+		require.NoError(t, err)
+		defer closeFunc()
+
+		inv, cfg := clitest.New(t,
+			"server",
+			"--http-address", ":0",
+			"--access-url", "http://example.com",
+			"--postgres-url", connectionURL,
+			"--cache-dir", t.TempDir(),
+		)
+
+		const superDuperLong = testutil.WaitSuperLong * 3
+		ctx := testutil.Context(t, superDuperLong)
+		clitest.Start(t, inv.WithContext(ctx))
+		_ = waitAccessURL(t, cfg)
+
+		logger := slogtest.Make(t, nil)
+		sqldb, err := cli.ConnectToPostgres(ctx, logger, "postgres", connectionURL)
+		require.NoError(t, err)
+		defer sqldb.Close()
+
+		db := database.New(sqldb)
+		keys, err := db.GetCryptoKeys(ctx)
+		require.NoError(t, err)
+		require.Len(t, keys, len(database.AllCryptoKeyFeatureValues()))
+	})
 }
 
 func TestServer_Production(t *testing.T) {
diff --git a/coderd/cryptokeys/cache.go b/coderd/cryptokeys/cache.go
@@ -406,7 +406,7 @@ func (s StaticKey) DecryptingKey(_ context.Context, id string) (interface{}, err
 	return s.Key, nil
 }
 
-func (s StaticKey) Close() error {
+func (StaticKey) Close() error {
 	return nil
 }
 
diff --git a/coderd/userauth_test.go b/coderd/userauth_test.go
@@ -1309,11 +1309,16 @@ func TestUserOIDC(t *testing.T) {
 			cfg.AllowSignups = true
 		})
 
-		client := coderdtest.New(t, &coderdtest.Options{
+		client, db := coderdtest.NewWithDatabase(t, &coderdtest.Options{
 			Auditor:    auditor,
 			OIDCConfig: cfg,
 		})
 
+		// Make sure there's a signing key!
+		_ = dbgen.CryptoKey(t, db, database.CryptoKey{
+			Feature: database.CryptoKeyFeatureOIDCConvert,
+		})
+
 		owner := coderdtest.CreateFirstUser(t, client)
 		user, userData := coderdtest.CreateAnotherUser(t, client, owner.OrganizationID)
 
diff --git a/coderd/workspaceapps/db_test.go b/coderd/workspaceapps/db_test.go
@@ -20,6 +20,9 @@ import (
 
 	"github.com/coder/coder/v2/agent/agenttest"
 	"github.com/coder/coder/v2/coderd/coderdtest"
+	"github.com/coder/coder/v2/coderd/database"
+	"github.com/coder/coder/v2/coderd/database/dbgen"
+	"github.com/coder/coder/v2/coderd/database/dbtestutil"
 	"github.com/coder/coder/v2/coderd/httpmw"
 	"github.com/coder/coder/v2/coderd/jwtutils"
 	"github.com/coder/coder/v2/coderd/workspaceapps"
@@ -76,6 +79,7 @@ func Test_ResolveRequest(t *testing.T) {
 	deploymentValues.Dangerous.AllowPathAppSharing = true
 	deploymentValues.Dangerous.AllowPathAppSiteOwnerAccess = true
 
+	db, pubsub := dbtestutil.NewDB(t)
 	client, closer, api := coderdtest.NewWithAPI(t, &coderdtest.Options{
 		AppHostname:                 "*.test.coder.com",
 		DeploymentValues:            deploymentValues,
@@ -91,13 +95,18 @@ func Test_ResolveRequest(t *testing.T) {
 				"CF-Connecting-IP",
 			},
 		},
+		Database: db,
+		Pubsub:   pubsub,
 	})
 	t.Cleanup(func() {
 		_ = closer.Close()
 	})
 
-	ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitMedium)
-	t.Cleanup(cancel)
+	_ = dbgen.CryptoKey(t, db, database.CryptoKey{
+		Feature: database.CryptoKeyFeatureWorkspaceAppsToken,
+	})
+
+	ctx := testutil.Context(t, testutil.WaitMedium)
 
 	firstUser := coderdtest.CreateFirstUser(t, client)
 	me, err := client.User(ctx, codersdk.Me)
diff --git a/coderd/workspaceapps_test.go b/coderd/workspaceapps_test.go
@@ -11,7 +11,6 @@ import (
 	"github.com/coder/coder/v2/coderd/coderdtest"
 	"github.com/coder/coder/v2/coderd/database"
 	"github.com/coder/coder/v2/coderd/database/dbgen"
-	"github.com/coder/coder/v2/coderd/database/dbtestutil"
 	"github.com/coder/coder/v2/coderd/workspaceapps"
 	"github.com/coder/coder/v2/codersdk"
 	"github.com/coder/coder/v2/testutil"
@@ -181,19 +180,25 @@ func TestWorkspaceApplicationAuth(t *testing.T) {
 		t.Run(c.name, func(t *testing.T) {
 			t.Parallel()
 
-			db, pubsub := dbtestutil.NewDB(t)
-
 			accessURL, err := url.Parse(c.accessURL)
 			require.NoError(t, err)
 
-			client := coderdtest.New(t, &coderdtest.Options{
-				Database:    db,
-				Pubsub:      pubsub,
+			client, db := coderdtest.NewWithDatabase(t, &coderdtest.Options{
 				AccessURL:   accessURL,
 				AppHostname: c.appHostname,
 			})
 			_ = coderdtest.CreateFirstUser(t, client)
 
+			// Make sure there's a signing key!
+			_ = dbgen.CryptoKey(t, db, database.CryptoKey{
+				Feature: database.CryptoKeyFeatureWorkspaceAppsToken,
+			})
+
+			// Make sure there's an encryption key!
+			_ = dbgen.CryptoKey(t, db, database.CryptoKey{
+				Feature: database.CryptoKeyFeatureWorkspaceAppsAPIKey,
+			})
+
 			// Disable redirects.
 			client.HTTPClient.CheckRedirect = func(_ *http.Request, _ []*http.Request) error {
 				return http.ErrUseLastResponse
diff --git a/enterprise/coderd/workspaceproxy_test.go b/enterprise/coderd/workspaceproxy_test.go
@@ -608,11 +608,8 @@ func TestProxyRegisterDeregister(t *testing.T) {
 func TestIssueSignedAppToken(t *testing.T) {
 	t.Parallel()
 
-	db, pubsub := dbtestutil.NewDB(t)
-	client, user := coderdenttest.New(t, &coderdenttest.Options{
+	client, db, user := coderdenttest.NewWithDatabase(t, &coderdenttest.Options{
 		Options: &coderdtest.Options{
-			Database:                 db,
-			Pubsub:                   pubsub,
 			IncludeProvisionerDaemon: true,
 		},
 		LicenseOptions: &coderdenttest.LicenseOptions{
@@ -622,6 +619,10 @@ func TestIssueSignedAppToken(t *testing.T) {
 		},
 	})
 
+	_ = dbgen.CryptoKey(t, db, database.CryptoKey{
+		Feature: database.CryptoKeyFeatureWorkspaceAppsToken,
+	})
+
 	// Create a workspace + apps
 	authToken := uuid.NewString()
 	version := coderdtest.CreateTemplateVersion(t, client, user.OrganizationID, &echo.Responses{
@@ -715,6 +716,10 @@ func TestReconnectingPTYSignedToken(t *testing.T) {
 		closer.Close()
 	})
 
+	_ = dbgen.CryptoKey(t, db, database.CryptoKey{
+		Feature: database.CryptoKeyFeatureWorkspaceAppsToken,
+	})
+
 	// Create a workspace + apps
 	authToken := uuid.NewString()
 	version := coderdtest.CreateTemplateVersion(t, client, user.OrganizationID, &echo.Responses{
@@ -945,16 +950,14 @@ func TestGetCryptoKeys(t *testing.T) {
 		keys, err := proxy.SDKClient.CryptoKeys(ctx, codersdk.CryptoKeyFeatureWorkspaceAppsAPIKey)
 		require.NoError(t, err)
 		require.NotEmpty(t, keys)
-		// 1 key is generated on startup, the other is the one we generated for our test.
-		require.Equal(t, 2, len(keys.CryptoKeys))
+		require.Equal(t, 1, len(keys.CryptoKeys))
 		requireContainsKeys(t, keys.CryptoKeys, encryptionKey)
-		requireNotContainsKeys(t, keys.CryptoKeys, signingKey)
 
 		keys, err = proxy.SDKClient.CryptoKeys(ctx, codersdk.CryptoKeyFeatureWorkspaceAppsToken)
 		require.NoError(t, err)
 		require.NotEmpty(t, keys)
+		require.Equal(t, 1, len(keys.CryptoKeys))
 		requireContainsKeys(t, keys.CryptoKeys, signingKey)
-		requireNotContainsKeys(t, keys.CryptoKeys, encryptionKey)
 	})
 
 	t.Run("InvalidFeature", func(t *testing.T) {
@@ -1027,18 +1030,6 @@ func TestGetCryptoKeys(t *testing.T) {
 	})
 }
 
-func requireNotContainsKeys(t *testing.T, keys []codersdk.CryptoKey, unexpected ...codersdk.CryptoKey) {
-	t.Helper()
-
-	for _, expectedKey := range unexpected {
-		for _, key := range keys {
-			if key.Feature == expectedKey.Feature && key.Sequence == expectedKey.Sequence {
-				t.Fatalf("unexpected key %+v found", expectedKey)
-			}
-		}
-	}
-}
-
 func requireContainsKeys(t *testing.T, keys []codersdk.CryptoKey, expected ...codersdk.CryptoKey) {
 	t.Helper()
 
diff --git a/enterprise/workspaceapps_test.go b/enterprise/workspaceapps_test.go
@@ -5,6 +5,9 @@ import (
 	"testing"
 
 	"github.com/coder/coder/v2/coderd/coderdtest"
+	"github.com/coder/coder/v2/coderd/database"
+	"github.com/coder/coder/v2/coderd/database/dbgen"
+	"github.com/coder/coder/v2/coderd/database/dbtestutil"
 	"github.com/coder/coder/v2/coderd/httpmw"
 	"github.com/coder/coder/v2/coderd/workspaceapps/apptest"
 	"github.com/coder/coder/v2/codersdk"
@@ -36,6 +39,9 @@ func TestWorkspaceApps(t *testing.T) {
 			flushStatsCollectorCh <- flushStatsCollectorDone
 			<-flushStatsCollectorDone
 		}
+
+		db, pubsub := dbtestutil.NewDB(t)
+
 		client, _, _, user := coderdenttest.NewWithAPI(t, &coderdenttest.Options{
 			Options: &coderdtest.Options{
 				DeploymentValues:         deploymentValues,
@@ -51,6 +57,8 @@ func TestWorkspaceApps(t *testing.T) {
 					},
 				},
 				WorkspaceAppsStatsCollectorOptions: opts.StatsCollectorOptions,
+				Database:                           db,
+				Pubsub:                             pubsub,
 			},
 			LicenseOptions: &coderdenttest.LicenseOptions{
 				Features: license.Features{
@@ -59,6 +67,13 @@ func TestWorkspaceApps(t *testing.T) {
 			},
 		})
 
+		_ = dbgen.CryptoKey(t, db, database.CryptoKey{
+			Feature: database.CryptoKeyFeatureWorkspaceAppsToken,
+		})
+		_ = dbgen.CryptoKey(t, db, database.CryptoKey{
+			Feature: database.CryptoKeyFeatureWorkspaceAppsAPIKey,
+		})
+
 		return &apptest.Deployment{
 			Options:        opts,
 			SDKClient:      client,
diff --git a/enterprise/wsproxy/wsproxy_test.go b/enterprise/wsproxy/wsproxy_test.go
@@ -25,6 +25,9 @@ import (
 	"github.com/coder/coder/v2/agent/agenttest"
 	"github.com/coder/coder/v2/buildinfo"
 	"github.com/coder/coder/v2/coderd/coderdtest"
+	"github.com/coder/coder/v2/coderd/database"
+	"github.com/coder/coder/v2/coderd/database/dbgen"
+	"github.com/coder/coder/v2/coderd/database/dbtestutil"
 	"github.com/coder/coder/v2/coderd/healthcheck/derphealth"
 	"github.com/coder/coder/v2/coderd/httpmw"
 	"github.com/coder/coder/v2/coderd/workspaceapps/apptest"
@@ -932,6 +935,9 @@ func TestWorkspaceProxyWorkspaceApps(t *testing.T) {
 		if opts.PrimaryAppHost == "" {
 			opts.PrimaryAppHost = "*.primary.test.coder.com"
 		}
+
+		db, pubsub := dbtestutil.NewDB(t)
+
 		client, closer, api, user := coderdenttest.NewWithAPI(t, &coderdenttest.Options{
 			Options: &coderdtest.Options{
 				DeploymentValues:         deploymentValues,
@@ -947,6 +953,8 @@ func TestWorkspaceProxyWorkspaceApps(t *testing.T) {
 					},
 				},
 				WorkspaceAppsStatsCollectorOptions: opts.StatsCollectorOptions,
+				Database:                           db,
+				Pubsub:                             pubsub,
 			},
 			LicenseOptions: &coderdenttest.LicenseOptions{
 				Features: license.Features{
@@ -959,6 +967,13 @@ func TestWorkspaceProxyWorkspaceApps(t *testing.T) {
 			_ = closer.Close()
 		})
 
+		_ = dbgen.CryptoKey(t, db, database.CryptoKey{
+			Feature: database.CryptoKeyFeatureWorkspaceAppsToken,
+		})
+		_ = dbgen.CryptoKey(t, db, database.CryptoKey{
+			Feature: database.CryptoKeyFeatureWorkspaceAppsAPIKey,
+		})
+
 		// Create the external proxy
 		if opts.DisableSubdomainApps {
 			opts.AppHost = ""
@@ -1002,6 +1017,8 @@ func TestWorkspaceProxyWorkspaceApps_BlockDirect(t *testing.T) {
 		if opts.PrimaryAppHost == "" {
 			opts.PrimaryAppHost = "*.primary.test.coder.com"
 		}
+
+		db, pubsub := dbtestutil.NewDB(t)
 		client, closer, api, user := coderdenttest.NewWithAPI(t, &coderdenttest.Options{
 			Options: &coderdtest.Options{
 				DeploymentValues:         deploymentValues,
@@ -1017,6 +1034,8 @@ func TestWorkspaceProxyWorkspaceApps_BlockDirect(t *testing.T) {
 					},
 				},
 				WorkspaceAppsStatsCollectorOptions: opts.StatsCollectorOptions,
+				Database:                           db,
+				Pubsub:                             pubsub,
 			},
 			LicenseOptions: &coderdenttest.LicenseOptions{
 				Features: license.Features{
@@ -1029,6 +1048,13 @@ func TestWorkspaceProxyWorkspaceApps_BlockDirect(t *testing.T) {
 			_ = closer.Close()
 		})
 
+		_ = dbgen.CryptoKey(t, db, database.CryptoKey{
+			Feature: database.CryptoKeyFeatureWorkspaceAppsToken,
+		})
+		_ = dbgen.CryptoKey(t, db, database.CryptoKey{
+			Feature: database.CryptoKeyFeatureWorkspaceAppsAPIKey,
+		})
+
 		// Create the external proxy
 		if opts.DisableSubdomainApps {
 			opts.AppHost = ""
diff --git a/scaletest/createworkspaces/run_test.go b/scaletest/createworkspaces/run_test.go
@@ -15,6 +15,8 @@ import (
 	"cdr.dev/slog/sloggers/slogtest"
 	"github.com/coder/coder/v2/agent"
 	"github.com/coder/coder/v2/coderd/coderdtest"
+	"github.com/coder/coder/v2/coderd/database"
+	"github.com/coder/coder/v2/coderd/database/dbgen"
 	"github.com/coder/coder/v2/coderd/httpapi"
 	"github.com/coder/coder/v2/coderd/util/ptr"
 	"github.com/coder/coder/v2/codersdk"
@@ -55,9 +57,12 @@ func Test_Runner(t *testing.T) {
 		ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitLong)
 		defer cancel()
 
-		client := coderdtest.New(t, &coderdtest.Options{
+		client, db := coderdtest.NewWithDatabase(t, &coderdtest.Options{
 			IncludeProvisionerDaemon: true,
 		})
+		_ = dbgen.CryptoKey(t, db, database.CryptoKey{
+			Feature: database.CryptoKeyFeatureWorkspaceAppsToken,
+		})
 		user := coderdtest.CreateFirstUser(t, client)
 
 		authToken := uuid.NewString()
@@ -343,9 +348,12 @@ func Test_Runner(t *testing.T) {
 		ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitLong)
 		defer cancel()
 
-		client := coderdtest.New(t, &coderdtest.Options{
+		client, db := coderdtest.NewWithDatabase(t, &coderdtest.Options{
 			IncludeProvisionerDaemon: true,
 		})
+		_ = dbgen.CryptoKey(t, db, database.CryptoKey{
+			Feature: database.CryptoKeyFeatureWorkspaceAppsToken,
+		})
 		user := coderdtest.CreateFirstUser(t, client)
 
 		authToken := uuid.NewString()
diff --git a/scaletest/reconnectingpty/run_test.go b/scaletest/reconnectingpty/run_test.go
diff --git a/scaletest/workspacetraffic/run_test.go b/scaletest/workspacetraffic/run_test.go

Original file line number	Diff line number	Diff line change
`@@ -406,7 +406,7 @@ func (s StaticKey) DecryptingKey(_ context.Context, id string) (interface{}, err`
`406`	`406`	`return s.Key, nil`
`407`	`407`	`}`
`408`	`408`
`409`		`-func (s StaticKey) Close() error {`
	`409`	`+func (StaticKey) Close() error {`
`410`	`410`	`return nil`
`411`	`411`	`}`
`412`	`412`