3 class ContainerTest < ActiveSupport::TestCase
7 command: ['echo', 'foo'],
8 container_image: 'fa3c1a9cb6783f85f2ecda037e07b8c3+167',
11 runtime_constraints: {"vcpus" => 1, "ram" => 1},
14 REUSABLE_COMMON_ATTRS = {container_image: "9ae44d5792468c58bcf85ce7353c7027+124",
16 command: ["echo", "hello"],
18 runtime_constraints: {"vcpus" => 4,
19 "ram" => 12000000000},
20 mounts: {"test" => {"kind" => "json"}},
21 environment: {"var" => 'val'}}
23 def minimal_new attrs={}
24 cr = ContainerRequest.new DEFAULT_ATTRS.merge(attrs)
25 cr.state = ContainerRequest::Committed
26 act_as_user users(:active) do
29 c = Container.find_by_uuid cr.container_uuid
34 def check_illegal_updates c, bad_updates
35 bad_updates.each do |u|
36 refute c.update_attributes(u), u.inspect
37 refute c.valid?, u.inspect
42 def check_illegal_modify c
43 check_illegal_updates c, [{command: ["echo", "bar"]},
44 {container_image: "arvados/apitestfixture:june10"},
46 {environment: {"FOO" => "BAR"}},
47 {mounts: {"FOO" => "BAR"}},
48 {output_path: "/tmp3"},
49 {locked_by_uuid: "zzzzz-gj3su-027z32aux8dg2s1"},
50 {auth_uuid: "zzzzz-gj3su-017z32aux8dg2s1"},
51 {runtime_constraints: {"FOO" => "BAR"}}]
54 def check_bogus_states c
55 check_illegal_updates c, [{state: nil},
59 def check_no_change_from_cancelled c
60 check_illegal_modify c
62 check_illegal_updates c, [{ priority: 3 },
63 { state: Container::Queued },
64 { state: Container::Locked },
65 { state: Container::Running },
66 { state: Container::Complete }]
69 test "Container create" do
71 c, _ = minimal_new(environment: {},
72 mounts: {"BAR" => "FOO"},
75 runtime_constraints: {"vcpus" => 1, "ram" => 1})
77 check_illegal_modify c
86 test "Container serialized hash attributes sorted before save" do
87 env = {"C" => 3, "B" => 2, "A" => 1}
88 m = {"F" => {"kind" => 3}, "E" => {"kind" => 2}, "D" => {"kind" => 1}}
89 rc = {"vcpus" => 1, "ram" => 1}
90 c, _ = minimal_new(environment: env, mounts: m, runtime_constraints: rc)
91 assert_equal c.environment.to_json, Container.deep_sort_hash(env).to_json
92 assert_equal c.mounts.to_json, Container.deep_sort_hash(m).to_json
93 assert_equal c.runtime_constraints.to_json, Container.deep_sort_hash(rc).to_json
96 test 'deep_sort_hash on array of hashes' do
97 a = {'z' => [[{'a' => 'a', 'b' => 'b'}]]}
98 b = {'z' => [[{'b' => 'b', 'a' => 'a'}]]}
99 assert_equal Container.deep_sort_hash(a).to_json, Container.deep_sort_hash(b).to_json
102 test "find_reusable method should select higher priority queued container" do
103 set_user_from_auth :active
104 common_attrs = REUSABLE_COMMON_ATTRS.merge({environment:{"var" => "queued"}})
105 c_low_priority, _ = minimal_new(common_attrs.merge({use_existing:false, priority:1}))
106 c_high_priority, _ = minimal_new(common_attrs.merge({use_existing:false, priority:2}))
107 assert_not_equal c_low_priority.uuid, c_high_priority.uuid
108 assert_equal Container::Queued, c_low_priority.state
109 assert_equal Container::Queued, c_high_priority.state
110 reused = Container.find_reusable(common_attrs)
111 assert_not_nil reused
112 assert_equal reused.uuid, c_high_priority.uuid
115 test "find_reusable method should select latest completed container" do
116 set_user_from_auth :active
117 common_attrs = REUSABLE_COMMON_ATTRS.merge({environment: {"var" => "complete"}})
119 state: Container::Complete,
121 log: 'ea10d51bcf88862dbcc36eb292017dfd+45',
122 output: '1f4b0bc7583c2a7f9102c395f4ffc5e3+45'
125 c_older, _ = minimal_new(common_attrs.merge({use_existing: false}))
126 c_recent, _ = minimal_new(common_attrs.merge({use_existing: false}))
127 assert_not_equal c_older.uuid, c_recent.uuid
129 set_user_from_auth :dispatch1
130 c_older.update_attributes!({state: Container::Locked})
131 c_older.update_attributes!({state: Container::Running})
132 c_older.update_attributes!(completed_attrs)
134 c_recent.update_attributes!({state: Container::Locked})
135 c_recent.update_attributes!({state: Container::Running})
136 c_recent.update_attributes!(completed_attrs)
138 reused = Container.find_reusable(common_attrs)
139 assert_not_nil reused
140 assert_equal reused.uuid, c_older.uuid
143 test "find_reusable method should select oldest completed container when inconsistent outputs exist" do
144 set_user_from_auth :active
145 common_attrs = REUSABLE_COMMON_ATTRS.merge({environment: {"var" => "complete"}, priority: 1})
147 state: Container::Complete,
149 log: 'ea10d51bcf88862dbcc36eb292017dfd+45',
152 set_user_from_auth :dispatch1
154 c_output1 = Container.create common_attrs
155 c_output2 = Container.create common_attrs
156 assert_not_equal c_output1.uuid, c_output2.uuid
158 cr = ContainerRequest.new common_attrs
159 cr.state = ContainerRequest::Committed
160 cr.container_uuid = c_output1.uuid
163 cr = ContainerRequest.new common_attrs
164 cr.state = ContainerRequest::Committed
165 cr.container_uuid = c_output2.uuid
168 out1 = '1f4b0bc7583c2a7f9102c395f4ffc5e3+45'
169 log1 = collections(:real_log_collection).portable_data_hash
170 c_output1.update_attributes!({state: Container::Locked})
171 c_output1.update_attributes!({state: Container::Running})
172 c_output1.update_attributes!(completed_attrs.merge({log: log1, output: out1}))
174 out2 = 'fa7aeb5140e2848d39b416daeef4ffc5+45'
175 c_output2.update_attributes!({state: Container::Locked})
176 c_output2.update_attributes!({state: Container::Running})
177 c_output2.update_attributes!(completed_attrs.merge({log: log1, output: out2}))
179 reused = Container.find_reusable(common_attrs)
180 assert_not_nil reused
181 assert_equal reused.uuid, c_output1.uuid
184 test "find_reusable method should select running container by start date" do
185 set_user_from_auth :active
186 common_attrs = REUSABLE_COMMON_ATTRS.merge({environment: {"var" => "running"}})
187 c_slower, _ = minimal_new(common_attrs.merge({use_existing: false}))
188 c_faster_started_first, _ = minimal_new(common_attrs.merge({use_existing: false}))
189 c_faster_started_second, _ = minimal_new(common_attrs.merge({use_existing: false}))
190 # Confirm the 3 container UUIDs are different.
191 assert_equal 3, [c_slower.uuid, c_faster_started_first.uuid, c_faster_started_second.uuid].uniq.length
192 set_user_from_auth :dispatch1
193 c_slower.update_attributes!({state: Container::Locked})
194 c_slower.update_attributes!({state: Container::Running,
196 c_faster_started_first.update_attributes!({state: Container::Locked})
197 c_faster_started_first.update_attributes!({state: Container::Running,
199 c_faster_started_second.update_attributes!({state: Container::Locked})
200 c_faster_started_second.update_attributes!({state: Container::Running,
202 reused = Container.find_reusable(common_attrs)
203 assert_not_nil reused
204 # Selected container is the one that started first
205 assert_equal reused.uuid, c_faster_started_first.uuid
208 test "find_reusable method should select running container by progress" do
209 set_user_from_auth :active
210 common_attrs = REUSABLE_COMMON_ATTRS.merge({environment: {"var" => "running2"}})
211 c_slower, _ = minimal_new(common_attrs.merge({use_existing: false}))
212 c_faster_started_first, _ = minimal_new(common_attrs.merge({use_existing: false}))
213 c_faster_started_second, _ = minimal_new(common_attrs.merge({use_existing: false}))
214 # Confirm the 3 container UUIDs are different.
215 assert_equal 3, [c_slower.uuid, c_faster_started_first.uuid, c_faster_started_second.uuid].uniq.length
216 set_user_from_auth :dispatch1
217 c_slower.update_attributes!({state: Container::Locked})
218 c_slower.update_attributes!({state: Container::Running,
220 c_faster_started_first.update_attributes!({state: Container::Locked})
221 c_faster_started_first.update_attributes!({state: Container::Running,
223 c_faster_started_second.update_attributes!({state: Container::Locked})
224 c_faster_started_second.update_attributes!({state: Container::Running,
226 reused = Container.find_reusable(common_attrs)
227 assert_not_nil reused
228 # Selected container is the one with most progress done
229 assert_equal reused.uuid, c_faster_started_second.uuid
232 test "find_reusable method should select locked container most likely to start sooner" do
233 set_user_from_auth :active
234 common_attrs = REUSABLE_COMMON_ATTRS.merge({environment: {"var" => "locked"}})
235 c_low_priority, _ = minimal_new(common_attrs.merge({use_existing: false}))
236 c_high_priority_older, _ = minimal_new(common_attrs.merge({use_existing: false}))
237 c_high_priority_newer, _ = minimal_new(common_attrs.merge({use_existing: false}))
238 # Confirm the 3 container UUIDs are different.
239 assert_equal 3, [c_low_priority.uuid, c_high_priority_older.uuid, c_high_priority_newer.uuid].uniq.length
240 set_user_from_auth :dispatch1
241 c_low_priority.update_attributes!({state: Container::Locked,
243 c_high_priority_older.update_attributes!({state: Container::Locked,
245 c_high_priority_newer.update_attributes!({state: Container::Locked,
247 reused = Container.find_reusable(common_attrs)
248 assert_not_nil reused
249 assert_equal reused.uuid, c_high_priority_older.uuid
252 test "find_reusable method should select running over failed container" do
253 set_user_from_auth :active
254 common_attrs = REUSABLE_COMMON_ATTRS.merge({environment: {"var" => "failed_vs_running"}})
255 c_failed, _ = minimal_new(common_attrs.merge({use_existing: false}))
256 c_running, _ = minimal_new(common_attrs.merge({use_existing: false}))
257 assert_not_equal c_failed.uuid, c_running.uuid
258 set_user_from_auth :dispatch1
259 c_failed.update_attributes!({state: Container::Locked})
260 c_failed.update_attributes!({state: Container::Running})
261 c_failed.update_attributes!({state: Container::Complete,
263 log: 'ea10d51bcf88862dbcc36eb292017dfd+45',
264 output: 'ea10d51bcf88862dbcc36eb292017dfd+45'})
265 c_running.update_attributes!({state: Container::Locked})
266 c_running.update_attributes!({state: Container::Running,
268 reused = Container.find_reusable(common_attrs)
269 assert_not_nil reused
270 assert_equal reused.uuid, c_running.uuid
273 test "find_reusable method should select complete over running container" do
274 set_user_from_auth :active
275 common_attrs = REUSABLE_COMMON_ATTRS.merge({environment: {"var" => "completed_vs_running"}})
276 c_completed, _ = minimal_new(common_attrs.merge({use_existing: false}))
277 c_running, _ = minimal_new(common_attrs.merge({use_existing: false}))
278 assert_not_equal c_completed.uuid, c_running.uuid
279 set_user_from_auth :dispatch1
280 c_completed.update_attributes!({state: Container::Locked})
281 c_completed.update_attributes!({state: Container::Running})
282 c_completed.update_attributes!({state: Container::Complete,
284 log: 'ea10d51bcf88862dbcc36eb292017dfd+45',
285 output: '1f4b0bc7583c2a7f9102c395f4ffc5e3+45'})
286 c_running.update_attributes!({state: Container::Locked})
287 c_running.update_attributes!({state: Container::Running,
289 reused = Container.find_reusable(common_attrs)
290 assert_not_nil reused
291 assert_equal c_completed.uuid, reused.uuid
294 test "find_reusable method should select running over locked container" do
295 set_user_from_auth :active
296 common_attrs = REUSABLE_COMMON_ATTRS.merge({environment: {"var" => "running_vs_locked"}})
297 c_locked, _ = minimal_new(common_attrs.merge({use_existing: false}))
298 c_running, _ = minimal_new(common_attrs.merge({use_existing: false}))
299 assert_not_equal c_running.uuid, c_locked.uuid
300 set_user_from_auth :dispatch1
301 c_locked.update_attributes!({state: Container::Locked})
302 c_running.update_attributes!({state: Container::Locked})
303 c_running.update_attributes!({state: Container::Running,
305 reused = Container.find_reusable(common_attrs)
306 assert_not_nil reused
307 assert_equal reused.uuid, c_running.uuid
310 test "find_reusable method should select locked over queued container" do
311 set_user_from_auth :active
312 common_attrs = REUSABLE_COMMON_ATTRS.merge({environment: {"var" => "running_vs_locked"}})
313 c_locked, _ = minimal_new(common_attrs.merge({use_existing: false}))
314 c_queued, _ = minimal_new(common_attrs.merge({use_existing: false}))
315 assert_not_equal c_queued.uuid, c_locked.uuid
316 set_user_from_auth :dispatch1
317 c_locked.update_attributes!({state: Container::Locked})
318 reused = Container.find_reusable(common_attrs)
319 assert_not_nil reused
320 assert_equal reused.uuid, c_locked.uuid
323 test "find_reusable method should not select failed container" do
324 set_user_from_auth :active
325 attrs = REUSABLE_COMMON_ATTRS.merge({environment: {"var" => "failed"}})
326 c, _ = minimal_new(attrs)
327 set_user_from_auth :dispatch1
328 c.update_attributes!({state: Container::Locked})
329 c.update_attributes!({state: Container::Running})
330 c.update_attributes!({state: Container::Complete,
332 reused = Container.find_reusable(attrs)
336 test "Container running" do
337 c, _ = minimal_new priority: 1
339 set_user_from_auth :dispatch1
340 check_illegal_updates c, [{state: Container::Running},
341 {state: Container::Complete}]
344 c.update_attributes! state: Container::Running
346 check_illegal_modify c
349 check_illegal_updates c, [{state: Container::Queued}]
352 c.update_attributes! priority: 3
355 test "Lock and unlock" do
356 c, cr = minimal_new priority: 0
358 set_user_from_auth :dispatch1
359 assert_equal Container::Queued, c.state
361 assert_raise(ActiveRecord::RecordInvalid) {c.lock} # "no priority"
363 assert cr.update_attributes priority: 1
365 refute c.update_attributes(state: Container::Running), "not locked"
367 refute c.update_attributes(state: Container::Complete), "not locked"
370 assert c.lock, show_errors(c)
371 assert c.locked_by_uuid
374 assert_raise(ArvadosModel::AlreadyLockedError) {c.lock}
377 assert c.unlock, show_errors(c)
378 refute c.locked_by_uuid
381 refute c.update_attributes(state: Container::Running), "not locked"
383 refute c.locked_by_uuid
386 assert c.lock, show_errors(c)
387 assert c.update_attributes(state: Container::Running), show_errors(c)
388 assert c.locked_by_uuid
391 auth_uuid_was = c.auth_uuid
393 assert_raise(ActiveRecord::RecordInvalid) {c.lock} # Running to Locked is not allowed
395 assert_raise(ActiveRecord::RecordInvalid) {c.unlock} # Running to Queued is not allowed
398 assert c.update_attributes(state: Container::Complete), show_errors(c)
399 refute c.locked_by_uuid
402 auth_exp = ApiClientAuthorization.find_by_uuid(auth_uuid_was).expires_at
403 assert_operator auth_exp, :<, db_current_time
406 test "Container queued cancel" do
408 set_user_from_auth :dispatch1
409 assert c.update_attributes(state: Container::Cancelled), show_errors(c)
410 check_no_change_from_cancelled c
413 test "Container locked cancel" do
415 set_user_from_auth :dispatch1
416 assert c.lock, show_errors(c)
417 assert c.update_attributes(state: Container::Cancelled), show_errors(c)
418 check_no_change_from_cancelled c
421 test "Container running cancel" do
423 set_user_from_auth :dispatch1
425 c.update_attributes! state: Container::Running
426 c.update_attributes! state: Container::Cancelled
427 check_no_change_from_cancelled c
430 test "Container create forbidden for non-admin" do
431 set_user_from_auth :active_trustedclient
432 c = Container.new DEFAULT_ATTRS
434 c.mounts = {"BAR" => "FOO"}
435 c.output_path = "/tmp"
437 c.runtime_constraints = {}
438 assert_raises(ArvadosModel::PermissionDeniedError) do
443 test "Container only set exit code on complete" do
445 set_user_from_auth :dispatch1
447 c.update_attributes! state: Container::Running
449 check_illegal_updates c, [{exit_code: 1},
450 {exit_code: 1, state: Container::Cancelled}]
452 assert c.update_attributes(exit_code: 1, state: Container::Complete)
455 test "locked_by_uuid can set output on running container" do
457 set_user_from_auth :dispatch1
459 c.update_attributes! state: Container::Running
461 assert_equal c.locked_by_uuid, Thread.current[:api_client_authorization].uuid
463 assert c.update_attributes output: collections(:collection_owned_by_active).portable_data_hash
464 assert c.update_attributes! state: Container::Complete
467 test "auth_uuid can set output on running container, but not change container state" do
469 set_user_from_auth :dispatch1
471 c.update_attributes! state: Container::Running
473 Thread.current[:api_client_authorization] = ApiClientAuthorization.find_by_uuid(c.auth_uuid)
474 Thread.current[:user] = User.find_by_id(Thread.current[:api_client_authorization].user_id)
475 assert c.update_attributes output: collections(:collection_owned_by_active).portable_data_hash
477 assert_raises ArvadosModel::PermissionDeniedError do
478 # auth_uuid cannot set container state
479 c.update_attributes state: Container::Complete
483 test "not allowed to set output that is not readable by current user" do
485 set_user_from_auth :dispatch1
487 c.update_attributes! state: Container::Running
489 Thread.current[:api_client_authorization] = ApiClientAuthorization.find_by_uuid(c.auth_uuid)
490 Thread.current[:user] = User.find_by_id(Thread.current[:api_client_authorization].user_id)
492 assert_raises ActiveRecord::RecordInvalid do
493 c.update_attributes! output: collections(:collection_not_readable_by_active).portable_data_hash
497 test "other token cannot set output on running container" do
499 set_user_from_auth :dispatch1
501 c.update_attributes! state: Container::Running
503 set_user_from_auth :not_running_container_auth
504 assert_raises ArvadosModel::PermissionDeniedError do
505 c.update_attributes! output: collections(:foo_file).portable_data_hash