Skip to content

fix(test): await startCrlServer so the EADDRINUSE retry covers the listen#1710

Open
kriszyp wants to merge 2 commits into
mainfrom
kris/crl-server-retry-await
Open

fix(test): await startCrlServer so the EADDRINUSE retry covers the listen#1710
kriszyp wants to merge 2 commits into
mainfrom
kris/crl-server-retry-await

Conversation

@kriszyp

@kriszyp kriszyp commented Jul 8, 2026

Copy link
Copy Markdown
Member

What

One-line test-harness fix in integrationTests/utils/securityServices.ts. No production code changes.

Why

setupCrlServerWithCerts had a 5-attempt retry loop intended to handle EADDRINUSE from server.listen(), but the call to startCrlServer was returned without await. Because startCrlServer rejects via server.on('error', reject), that rejection escapes the try/catch entirely — so the retry only ever guarded generateCrlCertificates, never the actual bind.

Ports are chosen randomly from 50000–59999, which overlaps the Linux ephemeral range (32768–60999). A collision with a kernel-assigned port causes the whole suite to fail with EADDRINUSE instead of retrying. This surfaced as a crl-verification.test.ts failure on the Node 22 shard of an unrelated PR (#1709); Node 24/26 shards happened to be clean (pure timing).

Fix

Add await before startCrlServer(...). This makes the bind rejection land in the catch, so the existing retry loop works as intended. The sibling setupOcspResponderWithCerts already does const server = await startOcspServer(...) inside its try — this change brings setupCrlServerWithCerts to the same pattern.

Generated by Claude Sonnet 4.6.

The unawaited return let server.listen()'s rejection escape the try/catch,
so the 5-attempt retry loop only guarded generateCrlCertificates, never the
actual bind. Ports are drawn from 50000–59999 which overlaps Linux's ephemeral
range (32768–60999), so collisions with kernel-assigned ports are realistic.
Adding await matches the existing setupOcspResponderWithCerts pattern (which
already awaits startOcspServer and is flake-free).

Discovered via flaky crl-verification.test.ts on Node 22 in PR #1709's CI.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@kriszyp kriszyp requested review from DavidCockerill and heskew July 8, 2026 04:37

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request updates the setupCrlServerWithCerts function in integrationTests/utils/securityServices.ts to await the promise returned by startCrlServer. This ensures that any EADDRINUSE errors thrown during server startup are properly caught by the local try-catch block, allowing the retry logic to execute as intended. There are no review comments, and I have no additional feedback to provide.

@claude

claude Bot commented Jul 8, 2026

Copy link
Copy Markdown
Contributor

Reviewed; no blockers found.

@kriszyp kriszyp marked this pull request as ready for review July 8, 2026 05:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant