diff --git a/moto/acm/models.py b/moto/acm/models.py index 3963b88c2..8f4fca626 100644 --- a/moto/acm/models.py +++ b/moto/acm/models.py @@ -5,6 +5,7 @@ import datetime from moto.core import BaseBackend, BaseModel from moto.core.exceptions import AWSError from moto.ec2 import ec2_backends +from moto import settings from .utils import make_arn_for_certificate @@ -324,13 +325,15 @@ class CertBundle(BaseModel): ) def check(self): - # Basically, if the certificate is pending, and then checked again after 1 min - # It will appear as if its been validated + # Basically, if the certificate is pending, and then checked again after a + # while, it will appear as if its been validated. The default wait time is 60 + # seconds but you can set an environment to change it. + waited_seconds = (datetime.datetime.now() - self.created_at).total_seconds() if ( self.type == "AMAZON_ISSUED" and self.status == "PENDING_VALIDATION" - and (datetime.datetime.now() - self.created_at).total_seconds() > 60 - ): # 1min + and waited_seconds > settings.ACM_VALIDATION_WAIT + ): self.status = "ISSUED" def describe(self): diff --git a/moto/settings.py b/moto/settings.py index 2694ac6f4..4c94e75ad 100644 --- a/moto/settings.py +++ b/moto/settings.py @@ -10,6 +10,9 @@ S3_IGNORE_SUBDOMAIN_BUCKETNAME = os.environ.get( "S3_IGNORE_SUBDOMAIN_BUCKETNAME", "" ) in ["1", "true"] +# How many seconds to wait before we "validate" a new certificate in ACM. +ACM_VALIDATION_WAIT = int(os.environ.get("MOTO_ACM_VALIDATION_WAIT", "60")) + def get_sf_execution_history_type(): """ diff --git a/tests/test_acm/test_acm.py b/tests/test_acm/test_acm.py index b32fabeed..31f8a10d7 100644 --- a/tests/test_acm/test_acm.py +++ b/tests/test_acm/test_acm.py @@ -6,11 +6,17 @@ import uuid import boto3 import pytest import sure # noqa +import sys from botocore.exceptions import ClientError from freezegun import freeze_time from moto import mock_acm, settings from moto.core import ACCOUNT_ID -from unittest import SkipTest + +if sys.version_info[0] < 3: + import mock + from unittest import SkipTest +else: + from unittest import SkipTest, mock RESOURCE_FOLDER = os.path.join(os.path.dirname(__file__), "resources") _GET_RESOURCE = lambda x: open(os.path.join(RESOURCE_FOLDER, x), "rb").read() @@ -530,6 +536,36 @@ def test_request_certificate_issued_status(): resp["Certificate"]["Status"].should.equal("ISSUED") +@mock.patch("moto.settings.ACM_VALIDATION_WAIT", 3) +@mock_acm +def test_request_certificate_issued_status_with_wait_in_envvar(): + # After requesting a certificate, it should then auto-validate after 3 seconds + if settings.TEST_SERVER_MODE: + raise SkipTest("Cant manipulate time in server mode") + + client = boto3.client("acm", region_name="eu-central-1") + + with freeze_time("2012-01-01 12:00:00"): + resp = client.request_certificate(DomainName="google.com",) + arn = resp["CertificateArn"] + + with freeze_time("2012-01-01 12:00:00"): + resp = client.describe_certificate(CertificateArn=arn) + resp["Certificate"]["CertificateArn"].should.equal(arn) + resp["Certificate"]["Status"].should.equal("PENDING_VALIDATION") + + # validation will be pending for 3 seconds. + with freeze_time("2012-01-01 12:00:02"): + resp = client.describe_certificate(CertificateArn=arn) + resp["Certificate"]["CertificateArn"].should.equal(arn) + resp["Certificate"]["Status"].should.equal("PENDING_VALIDATION") + + with freeze_time("2012-01-01 12:00:04"): + resp = client.describe_certificate(CertificateArn=arn) + resp["Certificate"]["CertificateArn"].should.equal(arn) + resp["Certificate"]["Status"].should.equal("ISSUED") + + @mock_acm def test_request_certificate_with_mutiple_times(): if settings.TEST_SERVER_MODE: