Add to debug CI

Signed-off-by: Marcos Yacob <[email protected]>

pkg/server/ca/manager/manager.go

@@ -645,6 +645,8 @@ func (m *Manager) notifyTaintedAuthorities(ctx context.Context, taintedAuthoriti
 }
 
 func (m *Manager) processTaintedUpstreamAuthorities(ctx context.Context, taintedAuthorities []*x509.Certificate) error {
+	fmt.Println("Processing tainted keys on upstream authority")
+
 	// Nothing to rotate if no upstream authority is used
 	if m.upstreamClient == nil {
 		return errors.New("processing of tainted upstream authorities must not be reached when not using an upstream authority; please report this bug")

pkg/server/ca/manager/manager_test.go

@@ -401,8 +401,10 @@ func TestUpstreamProcessTaintedAuthority(t *testing.T) {
 	go test.m.ProcessBundleUpdates(ctx)
 
 	// Taint first root
+	fmt.Println("Tainting authority")
 	err = fakeUA.TaintAuthority(0)
 	require.NoError(t, err)
+	fmt.Println("AFTER Tainting authority")
 
 	// Get the roots again and verify that the first X.509 authority is tainted
 	x509Roots := fakeUA.X509Roots()

pkg/server/ca/upstream_client.go

@@ -4,6 +4,7 @@ import (
 	"context"
 	"crypto/x509"
 	"errors"
+	"fmt"
 	"io"
 	"sync"
 	"time"
@@ -155,6 +156,7 @@ func (u *UpstreamClient) runMintX509CAStream(ctx context.Context, csr []byte, tt
 		return
 	}
 
+	fmt.Println("Syncing X.509 roots")
 	if err := u.c.BundleUpdater.SyncX509Roots(ctx, x509Roots); err != nil {
 		firstResultCh <- mintX509CAResult{err: err}
 		return
@@ -163,6 +165,7 @@ func (u *UpstreamClient) runMintX509CAStream(ctx context.Context, csr []byte, tt
 	firstResultCh <- mintX509CAResult{x509CA: x509CA}
 
 	for {
+		fmt.Println("Waiting for x509RootsStream.RecvUpstreamX509Authorities")
 		x509Roots, err := x509RootsStream.RecvUpstreamX509Authorities()
 		if err != nil {
 			switch {