@@ -225,8 +225,13 @@ func TestPolicySetsCreate(t *testing.T) {
225225 t .Skip ("Export a valid GITHUB_POLICY_SET_IDENTIFIER before running this test" )
226226 }
227227
228- oc , ocTestCleanup := createOAuthToken (t , client , orgTest )
229- defer ocTestCleanup ()
228+ // We are deliberately ignoring the cleanup func here, because there's a potential race condition
229+ // against the subsequent subtest -- TFC performs some async cleanup on VCS repos when deleting an
230+ // OAuthClient, and we've seen evidence that it will zero out the next test's NEW VCSRepo values if
231+ // they manage to slip in before the async stuff completes, even though the new values link it to a
232+ // new OAuthToken. Anyway, there's a deferred cleanup for orgTest in the outer scope, so the org's
233+ // dependent: destroy clause on OAuthClients will clean this up when the test as a whole ends.
234+ oc , _ := createOAuthToken (t , client , orgTest )
230235
231236 options := PolicySetCreateOptions {
232237 Name : String ("vcs-policy-set" ),
@@ -265,8 +270,13 @@ func TestPolicySetsCreate(t *testing.T) {
265270 t .Skip ("Export a valid GITHUB_POLICY_SET_IDENTIFIER before running this test" )
266271 }
267272
268- oc , ocTestCleanup := createOAuthToken (t , client , orgTest )
269- defer ocTestCleanup ()
273+ // We are deliberately ignoring the cleanup func here, because it's not really necessary: there's a
274+ // deferred cleanup for orgTest in the outer scope, so the org's dependent: destroy clause on
275+ // OAuthClients will clean this up when the test as a whole ends. Unlike the one in the previous
276+ // subtest, there's no known race condition here because there aren't any later subtests that modify
277+ // this same policy set. But I'm being consistent with the prior case just to reduce risks from future
278+ // copypasta code.
279+ oc , _ := createOAuthToken (t , client , orgTest )
270280
271281 options := PolicySetUpdateOptions {
272282 Name : String ("vcs-policy-set" ),
0 commit comments