From 62513ad12f8b1e7f4db6a6b714ece918fed663a3 Mon Sep 17 00:00:00 2001 From: shankar0123 Date: Sun, 3 May 2026 15:56:03 +0000 Subject: [PATCH] ci: fix Phase 3 post-push CI failures (contextcheck + ST1021) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit CI on commit 9bc8453 (Phase 3 challenges) failed three lint checks under golangci-lint. Two were contextcheck on internal/service/acme.go RespondToChallenge, where the validator-pool dispatch deliberately detached from the request ctx via 'context.Background()' so the async WithinTx survives the HTTP handler returning. contextcheck rightly flagged the non-inherited context — the canonical Go 1.21+ answer for this exact pattern is context.WithoutCancel(ctx), which preserves inherited values (logger, trace IDs, audit actor) but detaches cancellation. Swapping that in clears both contextcheck hits. The third was ST1021 on internal/api/acme/validators.go: a comment intended for the (*Pool).Snapshot() method had landed above the PoolSnapshot type by accident. Split the comment — one prose line for the type, one for the method — so each exported symbol carries its own properly-anchored doc. Confirmed local 'go vet' clean and 'go test -short -count=1' green across internal/service/ and internal/api/acme/ before commit. --- internal/api/acme/validators.go | 6 ++++-- internal/service/acme.go | 9 +++++---- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/internal/api/acme/validators.go b/internal/api/acme/validators.go index 76fbbae..286a1e2 100644 --- a/internal/api/acme/validators.go +++ b/internal/api/acme/validators.go @@ -191,8 +191,9 @@ func (p *Pool) Drain(ctx context.Context) error { } } -// Snapshot returns the current per-type in-flight + peak counts. Used -// by chaos tests to verify the configured weights were never exceeded. +// PoolSnapshot is the per-type in-flight + peak observation set used by +// chaos / concurrency tests to verify the configured weights were never +// exceeded. type PoolSnapshot struct { HTTP01InFlight int64 HTTP01Peak int64 @@ -202,6 +203,7 @@ type PoolSnapshot struct { TLSALPN01Peak int64 } +// Snapshot returns the current per-type in-flight + peak counts. func (p *Pool) Snapshot() PoolSnapshot { return PoolSnapshot{ HTTP01InFlight: p.http01InFlight.Load(), diff --git a/internal/service/acme.go b/internal/service/acme.go index 326667c..6062c84 100644 --- a/internal/service/acme.go +++ b/internal/service/acme.go @@ -1235,10 +1235,11 @@ func (s *ACMEService) RespondToChallenge( } // Submit to the pool. The onComplete callback persists the final - // challenge status + cascades the parent authz status. We use a - // fresh background context here so the callback's WithinTx isn't - // canceled when the originating HTTP request returns. - bgctx := context.Background() + // challenge status + cascades the parent authz status. We detach + // from the request context via context.WithoutCancel so the + // callback's WithinTx survives the HTTP handler returning, while + // preserving inherited values (logger, trace IDs, audit actor). + bgctx := context.WithoutCancel(ctx) chSnapshot := *ch authzSnapshot := *authz identifier := authz.Identifier.Value