Make it possible to customize the ACM cert validation wait time. (#3843)

* Make it possible to customize the ACM cert validation wait time.

Signed-off-by: Kai Xia <kaix+github@fastmail.com>

* address PR comments & change requests.

Signed-off-by: Kai Xia <kaix+github@fastmail.com>

* make tests work.

Signed-off-by: Kai Xia <kaix+github@fastmail.com>

moto/acm/models.py

@@ -5,6 +5,7 @@ import datetime
 from moto.core import BaseBackend, BaseModel
 from moto.core.exceptions import AWSError
 from moto.ec2 import ec2_backends
+from moto import settings
 
 from .utils import make_arn_for_certificate
 
@@ -324,13 +325,15 @@ class CertBundle(BaseModel):
             )
 
     def check(self):
-        # Basically, if the certificate is pending, and then checked again after 1 min
+        # Basically, if the certificate is pending, and then checked again after a
-        # It will appear as if its been validated
+        # while, it will appear as if its been validated. The default wait time is 60
+        # seconds but you can set an environment to change it.
+        waited_seconds = (datetime.datetime.now() - self.created_at).total_seconds()
         if (
             self.type == "AMAZON_ISSUED"
             and self.status == "PENDING_VALIDATION"
-            and (datetime.datetime.now() - self.created_at).total_seconds() > 60
+            and waited_seconds > settings.ACM_VALIDATION_WAIT
-        ):  # 1min
+        ):
             self.status = "ISSUED"
 
     def describe(self):

moto/settings.py

@@ -10,6 +10,9 @@ S3_IGNORE_SUBDOMAIN_BUCKETNAME = os.environ.get(
     "S3_IGNORE_SUBDOMAIN_BUCKETNAME", ""
 ) in ["1", "true"]
 
+# How many seconds to wait before we "validate" a new certificate in ACM.
+ACM_VALIDATION_WAIT = int(os.environ.get("MOTO_ACM_VALIDATION_WAIT", "60"))
+
 
 def get_sf_execution_history_type():
     """

tests/test_acm/test_acm.py

@@ -6,11 +6,17 @@ import uuid
 import boto3
 import pytest
 import sure  # noqa
+import sys
 from botocore.exceptions import ClientError
 from freezegun import freeze_time
 from moto import mock_acm, settings
 from moto.core import ACCOUNT_ID
-from unittest import SkipTest
+
+if sys.version_info[0] < 3:
+    import mock
+    from unittest import SkipTest
+else:
+    from unittest import SkipTest, mock
 
 RESOURCE_FOLDER = os.path.join(os.path.dirname(__file__), "resources")
 _GET_RESOURCE = lambda x: open(os.path.join(RESOURCE_FOLDER, x), "rb").read()
@@ -530,6 +536,36 @@ def test_request_certificate_issued_status():
         resp["Certificate"]["Status"].should.equal("ISSUED")
 
 
+@mock.patch("moto.settings.ACM_VALIDATION_WAIT", 3)
+@mock_acm
+def test_request_certificate_issued_status_with_wait_in_envvar():
+    # After requesting a certificate, it should then auto-validate after 3 seconds
+    if settings.TEST_SERVER_MODE:
+        raise SkipTest("Cant manipulate time in server mode")
+
+    client = boto3.client("acm", region_name="eu-central-1")
+
+    with freeze_time("2012-01-01 12:00:00"):
+        resp = client.request_certificate(DomainName="google.com",)
+    arn = resp["CertificateArn"]
+
+    with freeze_time("2012-01-01 12:00:00"):
+        resp = client.describe_certificate(CertificateArn=arn)
+    resp["Certificate"]["CertificateArn"].should.equal(arn)
+    resp["Certificate"]["Status"].should.equal("PENDING_VALIDATION")
+
+    # validation will be pending for 3 seconds.
+    with freeze_time("2012-01-01 12:00:02"):
+        resp = client.describe_certificate(CertificateArn=arn)
+    resp["Certificate"]["CertificateArn"].should.equal(arn)
+    resp["Certificate"]["Status"].should.equal("PENDING_VALIDATION")
+
+    with freeze_time("2012-01-01 12:00:04"):
+        resp = client.describe_certificate(CertificateArn=arn)
+    resp["Certificate"]["CertificateArn"].should.equal(arn)
+    resp["Certificate"]["Status"].should.equal("ISSUED")
+
+
 @mock_acm
 def test_request_certificate_with_mutiple_times():
     if settings.TEST_SERVER_MODE: