chore: remove parallel running in integration tests (#8904)

# Which Problems Are Solved

Integration tests are flaky due to eventual consistency.

# How the Problems Are Solved

Remove t.Parallel so that less concurrent requests on multiple instance
happen. This allows the projections to catch up more easily.

# Additional Changes

- none

# Additional Context

- none

internal/api/oidc/integration_test/auth_request_test.go

@@ -28,8 +28,6 @@ var (
 )
 
 func TestOPStorage_CreateAuthRequest(t *testing.T) {
-	t.Parallel()
-
 	clientID, _ := createClient(t, Instance)
 
 	id := createAuthRequest(t, Instance, clientID, redirectURI)
@@ -37,8 +35,6 @@ func TestOPStorage_CreateAuthRequest(t *testing.T) {
 }
 
 func TestOPStorage_CreateAccessToken_code(t *testing.T) {
-	t.Parallel()
-
 	clientID, _ := createClient(t, Instance)
 	authRequestID := createAuthRequest(t, Instance, clientID, redirectURI)
 	sessionID, sessionToken, startTime, changeTime := Instance.CreateVerifiedWebAuthNSession(t, CTXLOGIN, User.GetUserId())
@@ -78,8 +74,6 @@ func TestOPStorage_CreateAccessToken_code(t *testing.T) {
 }
 
 func TestOPStorage_CreateAccessToken_implicit(t *testing.T) {
-	t.Parallel()
-
 	clientID := createImplicitClient(t)
 	authRequestID := createAuthRequestImplicit(t, clientID, redirectURIImplicit)
 	sessionID, sessionToken, startTime, changeTime := Instance.CreateVerifiedWebAuthNSession(t, CTXLOGIN, User.GetUserId())
@@ -130,8 +124,6 @@ func TestOPStorage_CreateAccessToken_implicit(t *testing.T) {
 }
 
 func TestOPStorage_CreateAccessAndRefreshTokens_code(t *testing.T) {
-	t.Parallel()
-
 	clientID, _ := createClient(t, Instance)
 	authRequestID := createAuthRequest(t, Instance, clientID, redirectURI, oidc.ScopeOpenID, oidc.ScopeOfflineAccess)
 	sessionID, sessionToken, startTime, changeTime := Instance.CreateVerifiedWebAuthNSession(t, CTXLOGIN, User.GetUserId())
@@ -155,8 +147,6 @@ func TestOPStorage_CreateAccessAndRefreshTokens_code(t *testing.T) {
 }
 
 func TestOPStorage_CreateAccessAndRefreshTokens_refresh(t *testing.T) {
-	t.Parallel()
-
 	clientID, _ := createClient(t, Instance)
 	provider, err := Instance.CreateRelyingParty(CTX, clientID, redirectURI)
 	require.NoError(t, err)
@@ -193,8 +183,6 @@ func TestOPStorage_CreateAccessAndRefreshTokens_refresh(t *testing.T) {
 }
 
 func TestOPStorage_RevokeToken_access_token(t *testing.T) {
-	t.Parallel()
-
 	clientID, _ := createClient(t, Instance)
 	provider, err := Instance.CreateRelyingParty(CTX, clientID, redirectURI)
 	require.NoError(t, err)
@@ -238,8 +226,6 @@ func TestOPStorage_RevokeToken_access_token(t *testing.T) {
 }
 
 func TestOPStorage_RevokeToken_access_token_invalid_token_hint_type(t *testing.T) {
-	t.Parallel()
-
 	clientID, _ := createClient(t, Instance)
 	provider, err := Instance.CreateRelyingParty(CTX, clientID, redirectURI)
 	require.NoError(t, err)
@@ -277,8 +263,6 @@ func TestOPStorage_RevokeToken_access_token_invalid_token_hint_type(t *testing.T
 }
 
 func TestOPStorage_RevokeToken_refresh_token(t *testing.T) {
-	t.Parallel()
-
 	clientID, _ := createClient(t, Instance)
 	provider, err := Instance.CreateRelyingParty(CTX, clientID, redirectURI)
 	require.NoError(t, err)
@@ -322,8 +306,6 @@ func TestOPStorage_RevokeToken_refresh_token(t *testing.T) {
 }
 
 func TestOPStorage_RevokeToken_refresh_token_invalid_token_type_hint(t *testing.T) {
-	t.Parallel()
-
 	clientID, _ := createClient(t, Instance)
 	provider, err := Instance.CreateRelyingParty(CTX, clientID, redirectURI)
 	require.NoError(t, err)
@@ -361,8 +343,6 @@ func TestOPStorage_RevokeToken_refresh_token_invalid_token_type_hint(t *testing.
 }
 
 func TestOPStorage_RevokeToken_invalid_client(t *testing.T) {
-	t.Parallel()
-
 	clientID, _ := createClient(t, Instance)
 	authRequestID := createAuthRequest(t, Instance, clientID, redirectURI, oidc.ScopeOpenID, oidc.ScopeOfflineAccess)
 	sessionID, sessionToken, startTime, changeTime := Instance.CreateVerifiedWebAuthNSession(t, CTXLOGIN, User.GetUserId())
@@ -393,8 +373,6 @@ func TestOPStorage_RevokeToken_invalid_client(t *testing.T) {
 }
 
 func TestOPStorage_TerminateSession(t *testing.T) {
-	t.Parallel()
-
 	clientID, _ := createClient(t, Instance)
 	provider, err := Instance.CreateRelyingParty(CTX, clientID, redirectURI)
 	require.NoError(t, err)
@@ -432,8 +410,6 @@ func TestOPStorage_TerminateSession(t *testing.T) {
 }
 
 func TestOPStorage_TerminateSession_refresh_grant(t *testing.T) {
-	t.Parallel()
-
 	clientID, _ := createClient(t, Instance)
 	provider, err := Instance.CreateRelyingParty(CTX, clientID, redirectURI)
 	require.NoError(t, err)
@@ -478,8 +454,6 @@ func TestOPStorage_TerminateSession_refresh_grant(t *testing.T) {
 }
 
 func TestOPStorage_TerminateSession_empty_id_token_hint(t *testing.T) {
-	t.Parallel()
-
 	clientID, _ := createClient(t, Instance)
 	provider, err := Instance.CreateRelyingParty(CTX, clientID, redirectURI)
 	require.NoError(t, err)

internal/api/oidc/integration_test/client_test.go

@@ -24,8 +24,6 @@ import (
 )
 
 func TestServer_Introspect(t *testing.T) {
-	t.Parallel()
-
 	project, err := Instance.CreateProject(CTX)
 	require.NoError(t, err)
 	app, err := Instance.CreateOIDCNativeClient(CTX, redirectURI, logoutRedirectURI, project.GetId(), false)
@@ -143,8 +141,6 @@ func TestServer_Introspect(t *testing.T) {
 }
 
 func TestServer_Introspect_invalid_auth_invalid_token(t *testing.T) {
-	t.Parallel()
-
 	// ensure that when an invalid authentication and token is sent, the authentication error is returned
 	// https://github.com/zitadel/zitadel/pull/8133
 	resourceServer, err := Instance.CreateResourceServerClientCredentials(CTX, "xxxxx", "xxxxx")
@@ -191,8 +187,6 @@ func assertIntrospection(
 // TestServer_VerifyClient tests verification by running code flow tests
 // with clients that have different authentication methods.
 func TestServer_VerifyClient(t *testing.T) {
-	t.Parallel()
-
 	sessionID, sessionToken, startTime, changeTime := Instance.CreateVerifiedWebAuthNSession(t, CTXLOGIN, User.GetUserId())
 	project, err := Instance.CreateProject(CTX)
 	require.NoError(t, err)

internal/api/oidc/integration_test/keys_test.go

@@ -24,8 +24,6 @@ import (
 )
 
 func TestServer_Keys(t *testing.T) {
-	t.Parallel()
-
 	instance := integration.NewInstance(CTX)
 	ctxLogin := instance.WithAuthorization(CTX, integration.UserTypeLogin)
 

internal/api/oidc/integration_test/server_test.go

@@ -18,8 +18,6 @@ import (
 )
 
 func TestServer_RefreshToken_Status(t *testing.T) {
-	t.Parallel()
-
 	clientID, _ := createClient(t, Instance)
 	provider, err := Instance.CreateRelyingParty(CTX, clientID, redirectURI)
 	require.NoError(t, err)

internal/api/oidc/integration_test/token_client_credentials_test.go

@@ -22,8 +22,6 @@ import (
 )
 
 func TestServer_ClientCredentialsExchange(t *testing.T) {
-	t.Parallel()
-
 	machine, name, clientID, clientSecret, err := Instance.CreateOIDCCredentialsClient(CTX)
 	require.NoError(t, err)
 

internal/api/oidc/integration_test/token_exchange_test.go

@@ -143,8 +143,6 @@ func refreshTokenVerifier(ctx context.Context, provider rp.RelyingParty, subject
 }
 
 func TestServer_TokenExchange(t *testing.T) {
-	t.Parallel()
-
 	instance := integration.NewInstance(CTX)
 	ctx := instance.WithAuthorization(CTX, integration.UserTypeIAMOwner)
 	userResp := instance.CreateHumanUser(ctx)
@@ -365,8 +363,6 @@ func TestServer_TokenExchange(t *testing.T) {
 }
 
 func TestServer_TokenExchangeImpersonation(t *testing.T) {
-	t.Parallel()
-
 	instance := integration.NewInstance(CTX)
 	ctx := instance.WithAuthorization(CTX, integration.UserTypeIAMOwner)
 	userResp := instance.CreateHumanUser(ctx)
@@ -581,8 +577,6 @@ func TestServer_TokenExchangeImpersonation(t *testing.T) {
 // This test tries to call the zitadel API with an impersonated token,
 // which should fail.
 func TestImpersonation_API_Call(t *testing.T) {
-	t.Parallel()
-
 	instance := integration.NewInstance(CTX)
 	ctx := instance.WithAuthorization(CTX, integration.UserTypeIAMOwner)
 

internal/api/oidc/integration_test/token_jwt_profile_test.go

@@ -21,8 +21,6 @@ import (
 )
 
 func TestServer_JWTProfile(t *testing.T) {
-	t.Parallel()
-
 	user, name, keyData, err := Instance.CreateOIDCJWTProfileClient(CTX)
 	require.NoError(t, err)