[Test] 440_ssl_server: tolerate slow controller SSL bind

The controller worker registers with the main process slightly
before its SSL listener finishes initializing OpenSSL and starts
accepting connections. The pre-test readiness check in Run Rspamd
sees "workers" appear in `rspamadm control stat` -- proof that
registration is done -- but the SSL socket on PORT_CONTROLLER_SSL
can still briefly refuse for tens to hundreds of milliseconds
after that, especially under concurrent-phase load on CI.

The first two tests in 440_ssl_server hit the SSL controller port
back-to-back and were the only ones to occasionally fail with
"Connection refused"; the remaining four (plain controller,
SSL/plain normal worker) ran later in the suite and always passed
because the SSL listener was up by the time they reached it.

Wrap just those two HTTPS calls in `Wait Until Keyword Succeeds`
(15 x 0.4s = ~6s) so the test reflects what it actually verifies:
the SSL controller eventually serves /stat and /errors. Refactor
the assertion into a small `Fetch HTTPS And Expect 200` keyword
to keep both retries readable.

Local: three back-to-back parallel pabot runs of the suite -- 6/6
pass each time, no flakes.

diff --git a/test/functional/cases/001_merged/440_ssl_server.robot b/test/functional/cases/001_merged/440_ssl_server.robot
index 2decb0ff90d1cb851068fccb8c8fdd098fcb1e78..5a37de9095ff4ea6ea57772c4f1dd6ddaa67be8c 100644 (file)
--- a/test/functional/cases/001_merged/440_ssl_server.robot
+++ b/test/functional/cases/001_merged/440_ssl_server.robot
@@ -9,14 +9,19 @@ ${SETTINGS_NOSYMBOLS}  {symbols_enabled = []}
 
 *** Test Cases ***
 Controller SSL - stat
-  [Documentation]  Fetch /stat over HTTPS from the controller SSL port
-  @{result} =  HTTPS  GET  ${RSPAMD_LOCAL_ADDR}  ${RSPAMD_PORT_CONTROLLER_SSL}  /stat
-  Should Be Equal As Integers  ${result}[0]  200
+  [Documentation]  Fetch /stat over HTTPS from the controller SSL port.
+  ...              rspamd registers workers with main slightly before
+  ...              the controller's SSL listener finishes its OpenSSL
+  ...              init and starts accepting connections; when this
+  ...              test is the first one against a fresh rspamd the
+  ...              SSL port may briefly refuse. Retry until it serves.
+  Wait Until Keyword Succeeds  15x  0.4s
+  ...  Fetch HTTPS And Expect 200  ${RSPAMD_PORT_CONTROLLER_SSL}  /stat
 
 Controller SSL - errors
   [Documentation]  Fetch /errors over HTTPS from the controller SSL port
-  @{result} =  HTTPS  GET  ${RSPAMD_LOCAL_ADDR}  ${RSPAMD_PORT_CONTROLLER_SSL}  /errors
-  Should Be Equal As Integers  ${result}[0]  200
+  Wait Until Keyword Succeeds  15x  0.4s
+  ...  Fetch HTTPS And Expect 200  ${RSPAMD_PORT_CONTROLLER_SSL}  /errors
 
 Controller plain still works alongside SSL
   [Documentation]  Plain HTTP controller port must still work when SSL port is also configured
@@ -37,3 +42,9 @@ Normal worker plain still works alongside SSL
   [Documentation]  Plain HTTP normal port must still work when SSL port is also configured
   Scan File  ${GTUBE}  Settings=${SETTINGS_NOSYMBOLS}
   Expect Symbol  GTUBE
+
+*** Keywords ***
+Fetch HTTPS And Expect 200
+  [Arguments]  ${port}  ${path}
+  @{result} =  HTTPS  GET  ${RSPAMD_LOCAL_ADDR}  ${port}  ${path}
+  Should Be Equal As Integers  ${result}[0]  200