From efc76f0bfeecaa2a17d92517409ee4e473bd50d4 Mon Sep 17 00:00:00 2001 From: Andrey Smirnov Date: Tue, 24 Mar 2026 21:08:20 +0400 Subject: [PATCH] test: fix the flakes in tests with trusted roots As one of the integration tests was overriding TrustedRoots config, it erased the required settings leading to a random failure (depending on the nodes picked for subsequent tests). Fixes #13013 Signed-off-by: Andrey Smirnov (cherry picked from commit 70cefab6af3dacdc80921b55ca8dbf5644501c6c) --- internal/integration/api/trusted-roots.go | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/internal/integration/api/trusted-roots.go b/internal/integration/api/trusted-roots.go index 417cdab11..888f75b14 100644 --- a/internal/integration/api/trusted-roots.go +++ b/internal/integration/api/trusted-roots.go @@ -12,8 +12,11 @@ import ( "strings" "time" + "github.com/siderolabs/gen/xslices" + "github.com/siderolabs/talos/internal/integration/base" "github.com/siderolabs/talos/pkg/machinery/client" + "github.com/siderolabs/talos/pkg/machinery/config/config" "github.com/siderolabs/talos/pkg/machinery/config/types/security" "github.com/siderolabs/talos/pkg/machinery/constants" ) @@ -65,6 +68,14 @@ func (suite *TrustedRootsSuite) TestTrustedRoots() { // build a Talos API context which is tied to the node nodeCtx := client.WithNode(suite.ctx, node) + // query the current TrustedRoots config to restore it after the test + cfg, err := suite.ReadConfigFromNode(nodeCtx) + suite.Require().NoError(err) + + originalConfig := xslices.Filter(cfg.Documents(), func(doc config.Document) bool { + return doc.Kind() == security.TrustedRootsConfig + }) + const name = "test-ca" cfgDocument := security.NewTrustedRootsConfigV1Alpha1() @@ -90,6 +101,11 @@ func (suite *TrustedRootsSuite) TestTrustedRoots() { suite.Require().Eventually(func() bool { return !strings.Contains(suite.readTrustedRoots(nodeCtx), name) }, 5*time.Second, 100*time.Millisecond) + + // restore back trusted roots config if it existed before the test + if len(originalConfig) > 0 { + suite.PatchMachineConfig(nodeCtx, xslices.Map(originalConfig, func(d config.Document) any { return d })...) + } } func init() {