attempt to trace down another unstable test

mathiasertl · Jun 29, 2024 · df09955 · df09955
1 parent fcae3ea
commit df09955
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 2 deletions.
diff --git a/ca/django_ca/tests/base/assertions.py b/ca/django_ca/tests/base/assertions.py
@@ -208,7 +208,9 @@ def assert_crl(  # noqa: PLR0913
     signer = signer or CertificateAuthority.objects.get(name="child")
     extensions = extensions or []
     now = datetime.now(tz=tz.utc)
-    expires_timestamp = now + timedelta(seconds=expires)
+    expires_timestamp = (now + timedelta(seconds=expires)).replace(microsecond=0)
+    print("### now", now)
+    print("### expires", expires, expires_timestamp)
 
     if idp is not None:  # pragma: no branch
         extensions.append(idp)
@@ -236,7 +238,8 @@ def assert_crl(  # noqa: PLR0913
     assert parsed_crl.is_signature_valid(public_key) is True
     assert parsed_crl.issuer == signer.pub.loaded.subject
     assert parsed_crl.last_update_utc == last_update
-    assert parsed_crl.next_update_utc == expires_timestamp.replace(microsecond=0)
+    print("### next update", parsed_crl.next_update_utc)
+    assert parsed_crl.next_update_utc == expires_timestamp
     assert list(parsed_crl.extensions) == extensions
 
     entries = {e.serial_number: e for e in parsed_crl}

diff --git a/ca/django_ca/tests/test_views.py b/ca/django_ca/tests/test_views.py
@@ -88,12 +88,16 @@ def test_basic_response(
         # test the default view
         url = reverse("default", kwargs={"serial": usable_child.serial})
         idp = get_idp(full_name=idp_full_name(usable_child), only_contains_user_certs=True)
+        print("### --- Fetching data...")
         response = client.get(url)
         assert response.status_code == HTTPStatus.OK
         assert response["Content-Type"] == "application/pkix-crl"
+        print("### everything valid:", TIMESTAMPS["everything_valid"])
+        print("### ------- Start assert_crl")
         assert_crl(
             response.content, expected=[], encoding=Encoding.DER, signer=usable_child, expires=600, idp=idp
         )
+        print("### ------- Finished assert_crl")
 
         # revoke a certificate
         child_cert.revoke()

diff --git a/ca/django_ca/views.py b/ca/django_ca/views.py
@@ -116,6 +116,7 @@ def fetch_crl(self, ca: CertificateAuthority, encoding: CertificateRevocationLis
         encoded_crl: Optional[bytes] = cache.get(cache_key)
         if encoded_crl is None:
             # Catch this case early so that we can give a better error message
+            print("### Recalculating cached CRL...")
             if self.include_issuing_distribution_point is True and ca.parent is None and self.scope is None:
                 raise ValueError(
                     "Cannot add IssuingDistributionPoint extension to CRLs with no scope for root CAs."
@@ -130,6 +131,8 @@ def fetch_crl(self, ca: CertificateAuthority, encoding: CertificateRevocationLis
             )
             encoded_crl = crl.public_bytes(encoding)
             cache.set(cache_key, encoded_crl, self.expires)
+        else:
+            print("### Got CACHED CRL!")
         return encoded_crl
 
     def get(self, request: HttpRequest, serial: str) -> HttpResponse:  # pylint: disable=unused-argument