1 // Copyright (C) The Arvados Authors. All rights reserved.
3 // SPDX-License-Identifier: Apache-2.0
23 "git.arvados.org/arvados.git/lib/controller/rpc"
24 "git.arvados.org/arvados.git/lib/crunchrun"
25 "git.arvados.org/arvados.git/sdk/go/arvados"
26 "git.arvados.org/arvados.git/sdk/go/arvadostest"
27 "git.arvados.org/arvados.git/sdk/go/httpserver"
28 check "gopkg.in/check.v1"
31 func (s *ClientSuite) TestShellGatewayNotAvailable(c *check.C) {
32 var stdout, stderr bytes.Buffer
33 cmd := exec.Command("go", "run", ".", "shell", arvadostest.QueuedContainerUUID, "-o", "controlpath=none", "echo", "ok")
34 cmd.Env = append(cmd.Env, os.Environ()...)
35 cmd.Env = append(cmd.Env, "ARVADOS_API_TOKEN="+arvadostest.ActiveTokenV2)
38 c.Check(cmd.Run(), check.NotNil)
39 c.Log(stderr.String())
40 c.Check(stderr.String(), check.Matches, `(?ms).*container is not running yet \(state is "Queued"\).*`)
43 func (s *ClientSuite) TestShellGateway(c *check.C) {
45 c.Check(arvados.NewClientFromEnv().RequestAndDecode(nil, "POST", "database/reset", nil, nil), check.IsNil)
47 uuid := arvadostest.QueuedContainerUUID
48 h := hmac.New(sha256.New, []byte(arvadostest.SystemRootToken))
50 authSecret := fmt.Sprintf("%x", h.Sum(nil))
51 dcid := "theperthcountyconspiracy"
52 gw := crunchrun.Gateway{
53 DockerContainerID: &dcid,
56 AuthSecret: authSecret,
57 // Just forward connections to localhost instead of a
58 // container, so we can test without running a
60 ContainerIPAddress: func() (string, error) { return "0.0.0.0", nil },
63 c.Assert(err, check.IsNil)
65 rpcconn := rpc.NewConn("",
68 Host: os.Getenv("ARVADOS_API_HOST"),
71 func(context.Context) ([]string, error) {
72 return []string{arvadostest.SystemRootToken}, nil
74 _, err = rpcconn.ContainerUpdate(context.TODO(), arvados.UpdateOptions{UUID: uuid, Attrs: map[string]interface{}{
75 "state": arvados.ContainerStateLocked,
77 c.Assert(err, check.IsNil)
78 _, err = rpcconn.ContainerUpdate(context.TODO(), arvados.UpdateOptions{UUID: uuid, Attrs: map[string]interface{}{
79 "state": arvados.ContainerStateRunning,
80 "gateway_address": gw.Address,
82 c.Assert(err, check.IsNil)
84 var stdout, stderr bytes.Buffer
85 cmd := exec.Command("go", "run", ".", "shell", uuid, "-o", "controlpath=none", "-o", "userknownhostsfile="+c.MkDir()+"/known_hosts", "echo", "ok")
86 cmd.Env = append(cmd.Env, os.Environ()...)
87 cmd.Env = append(cmd.Env, "ARVADOS_API_TOKEN="+arvadostest.ActiveTokenV2)
90 c.Check(cmd.Run(), check.NotNil)
91 c.Log(stderr.String())
92 c.Check(stderr.String(), check.Matches, `(?ms).*(No such container: theperthcountyconspiracy|exec: \"docker\": executable file not found in \$PATH).*`)
94 // Set up an http server, and try using "arvados-client shell"
95 // to forward traffic to it.
96 httpTarget := &httpserver.Server{}
97 httpTarget.Handler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
98 c.Logf("httpTarget.Handler: incoming request: %s %s", r.Method, r.URL)
99 if r.URL.Path == "/foo" {
100 fmt.Fprintln(w, "bar baz")
102 w.WriteHeader(http.StatusNotFound)
105 err = httpTarget.Start()
106 c.Assert(err, check.IsNil)
108 ln, err := net.Listen("tcp", ":0")
109 c.Assert(err, check.IsNil)
110 _, forwardedPort, _ := net.SplitHostPort(ln.Addr().String())
115 ctx, cancel := context.WithDeadline(context.Background(), time.Now().Add(10*time.Second))
117 cmd = exec.CommandContext(ctx,
118 "go", "run", ".", "shell", uuid,
119 "-L", forwardedPort+":"+httpTarget.Addr,
120 "-o", "controlpath=none",
121 "-o", "userknownhostsfile="+c.MkDir()+"/known_hosts",
124 c.Logf("cmd.Args: %s", cmd.Args)
125 cmd.Env = append(cmd.Env, os.Environ()...)
126 cmd.Env = append(cmd.Env, "ARVADOS_API_TOKEN="+arvadostest.ActiveTokenV2)
131 forwardedURL := fmt.Sprintf("http://localhost:%s/foo", forwardedPort)
133 for range time.NewTicker(time.Second / 20).C {
134 resp, err := http.Get(forwardedURL)
136 if !strings.Contains(err.Error(), "connect") {
138 } else if ctx.Err() != nil {
141 // Retry until OpenSSH starts listening
144 c.Check(resp.StatusCode, check.Equals, http.StatusOK)
145 body, err := ioutil.ReadAll(resp.Body)
146 c.Check(err, check.IsNil)
147 c.Check(string(body), check.Equals, "bar baz\n")
151 var wg sync.WaitGroup
152 for i := 0; i < 10; i++ {
156 resp, err := http.Get(forwardedURL)
157 if !c.Check(err, check.IsNil) {
160 body, err := ioutil.ReadAll(resp.Body)
161 c.Check(err, check.IsNil)
162 c.Check(string(body), check.Equals, "bar baz\n")