From 7bba7374ecb05c64ddef22c58d5be2ff62508003 Mon Sep 17 00:00:00 2001 From: Cameron Baird Date: Wed, 14 May 2025 22:40:32 +0000 Subject: [PATCH] genpolicy: Add retries to policy generation As the genpolicy from_files call makes network requests to container registries, it has a chance to fail. Harden us against flakes due to network by introducing a 6x retry loop in genpolicy tests. Signed-off-by: Cameron Baird --- src/tools/genpolicy/tests/policy/main.rs | 26 +++++++++++++++++++----- 1 file changed, 21 insertions(+), 5 deletions(-) diff --git a/src/tools/genpolicy/tests/policy/main.rs b/src/tools/genpolicy/tests/policy/main.rs index e0fae49eb6..0967bb060c 100644 --- a/src/tools/genpolicy/tests/policy/main.rs +++ b/src/tools/genpolicy/tests/policy/main.rs @@ -86,11 +86,27 @@ mod tests { yaml_file: workdir.join("pod.yaml").to_str().map(|s| s.to_string()), }; - let policy = genpolicy::policy::AgentPolicy::from_files(&config) - .await - .unwrap(); - assert_eq!(policy.resources.len(), 1); - let policy = policy.resources[0].generate_policy(&policy); + // The container repos/network calls can be unreliable, so retry + // a few times before giving up. + let mut policy = String::new(); + for i in 0..6 { + policy = match genpolicy::policy::AgentPolicy::from_files(&config).await { + Ok(policy) => { + assert_eq!(policy.resources.len(), 1); + policy.resources[0].generate_policy(&policy) + } + Err(e) => { + if i == 5 { + panic!("Failed to generate policy after 6 attempts"); + } else { + println!("Retrying to generate policy: {}", e); + tokio::time::sleep(tokio::time::Duration::from_secs(10)).await; + continue; + } + } + }; + break; + } let policy = BASE64_STANDARD.decode(&policy).unwrap(); // write policy to a file