From 486a4fb50aa8210289727fce104b3f761fef24aa Mon Sep 17 00:00:00 2001 From: Evan Jarrett Date: Tue, 18 Nov 2025 21:49:05 -0600 Subject: [PATCH] spindle/secrets/openbao Speed up openbao unit tests by allowing connectionTimeout override Signed-off-by: Evan Jarrett --- spindle/secrets/openbao.go | 22 +++++++++++++++------- spindle/secrets/openbao_test.go | 7 +++++-- 2 files changed, 20 insertions(+), 9 deletions(-) diff --git a/spindle/secrets/openbao.go b/spindle/secrets/openbao.go index 659a246b..83140633 100644 --- a/spindle/secrets/openbao.go +++ b/spindle/secrets/openbao.go @@ -13,9 +13,10 @@ import ( ) type OpenBaoManager struct { - client *vault.Client - mountPath string - logger *slog.Logger + client *vault.Client + mountPath string + logger *slog.Logger + connectionTimeout time.Duration } type OpenBaoManagerOpt func(*OpenBaoManager) @@ -26,6 +27,12 @@ func WithMountPath(mountPath string) OpenBaoManagerOpt { } } +func WithConnectionTimeout(timeout time.Duration) OpenBaoManagerOpt { + return func(v *OpenBaoManager) { + v.connectionTimeout = timeout + } +} + // NewOpenBaoManager creates a new OpenBao manager that connects to a Bao Proxy // The proxyAddress should point to the local Bao Proxy (e.g., "http://127.0.0.1:8200") // The proxy handles all authentication automatically via Auto-Auth @@ -43,9 +50,10 @@ func NewOpenBaoManager(proxyAddress string, logger *slog.Logger, opts ...OpenBao } manager := &OpenBaoManager{ - client: client, - mountPath: "spindle", // default KV v2 mount path - logger: logger, + client: client, + mountPath: "spindle", // default KV v2 mount path + logger: logger, + connectionTimeout: 10 * time.Second, // default connection timeout } for _, opt := range opts { @@ -62,7 +70,7 @@ func NewOpenBaoManager(proxyAddress string, logger *slog.Logger, opts ...OpenBao // testConnection verifies that we can connect to the proxy func (v *OpenBaoManager) testConnection() error { - ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second) + ctx, cancel := context.WithTimeout(context.Background(), v.connectionTimeout) defer cancel() // try token self-lookup as a quick way to verify proxy works diff --git a/spindle/secrets/openbao_test.go b/spindle/secrets/openbao_test.go index 7cdd831d..8810df5a 100644 --- a/spindle/secrets/openbao_test.go +++ b/spindle/secrets/openbao_test.go @@ -152,7 +152,9 @@ func TestNewOpenBaoManager(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { logger := slog.New(slog.NewTextHandler(os.Stderr, nil)) - manager, err := NewOpenBaoManager(tt.proxyAddr, logger, tt.opts...) + // Use shorter timeout for tests to avoid long waits + opts := append(tt.opts, WithConnectionTimeout(1*time.Second)) + manager, err := NewOpenBaoManager(tt.proxyAddr, logger, opts...) if tt.expectError { assert.Error(t, err) @@ -596,7 +598,8 @@ func TestOpenBaoManager_ProxyConfiguration(t *testing.T) { // All these will fail because no real proxy is running // but we can test that the configuration is properly accepted - manager, err := NewOpenBaoManager(tt.proxyAddr, logger) + // Use shorter timeout for tests to avoid long waits + manager, err := NewOpenBaoManager(tt.proxyAddr, logger, WithConnectionTimeout(1*time.Second)) assert.Error(t, err) // Expected because no real proxy assert.Nil(t, manager) assert.Contains(t, err.Error(), "failed to connect to bao proxy") -- 2.43.0