1 # Copyright (C) The Arvados Authors. All rights reserved.
3 # SPDX-License-Identifier: AGPL-3.0
6 require 'helpers/container_test_helper'
7 require 'helpers/docker_migration_helper'
8 require 'arvados/collection'
10 class ContainerRequestTest < ActiveSupport::TestCase
11 include DockerMigrationHelper
13 include ContainerTestHelper
15 def with_container_auth(ctr)
16 auth_was = Thread.current[:api_client_authorization]
17 Thread.current[:api_client_authorization] = ApiClientAuthorization.find_by_uuid(ctr.auth_uuid)
21 Thread.current[:api_client_authorization] = auth_was
27 ctr.update_attributes!(state: Container::Locked)
28 ctr.update_attributes!(state: Container::Running)
32 def create_minimal_req! attrs={}
34 command: ["echo", "foo"],
35 container_image: links(:docker_image_collection_tag).name,
38 mounts: {"/out" => {"kind" => "tmp", "capacity" => 1000000}},
40 runtime_constraints: {"vcpus" => 1, "ram" => 2},
44 cr = ContainerRequest.create!(defaults.merge(attrs))
49 def check_bogus_states cr
50 [nil, "Flubber"].each do |state|
51 assert_raises(ActiveRecord::RecordInvalid) do
59 test "Container request create" do
60 set_user_from_auth :active
61 cr = create_minimal_req!
63 assert_nil cr.container_uuid
64 assert_equal 0, cr.priority
68 # Ensure we can modify all attributes
69 cr.command = ["echo", "foo3"]
70 cr.container_image = "img3"
72 cr.environment = {"BUP" => "BOP"}
73 cr.mounts = {"BAR" => {"kind" => "BAZ"}}
74 cr.output_path = "/tmp4"
76 cr.runtime_constraints = {"vcpus" => 4}
78 cr.description = "bar3"
81 assert_nil cr.container_uuid
85 {"runtime_constraints" => {"vcpus" => 1}},
86 {"runtime_constraints" => {"vcpus" => 1, "ram" => nil}},
87 {"runtime_constraints" => {"vcpus" => 0, "ram" => 123}},
88 {"runtime_constraints" => {"vcpus" => "1", "ram" => "123"}},
89 {"mounts" => {"FOO" => "BAR"}},
90 {"mounts" => {"FOO" => {}}},
91 {"mounts" => {"FOO" => {"kind" => "tmp", "capacity" => 42.222}}},
92 {"command" => ["echo", 55]},
93 {"environment" => {"FOO" => 55}}
95 test "Create with invalid #{value}" do
96 set_user_from_auth :active
97 assert_raises(ActiveRecord::RecordInvalid) do
98 cr = create_minimal_req!({state: "Committed",
99 priority: 1}.merge(value))
104 test "Update with invalid #{value}" do
105 set_user_from_auth :active
106 cr = create_minimal_req!(state: "Uncommitted", priority: 1)
108 assert_raises(ActiveRecord::RecordInvalid) do
109 cr = ContainerRequest.find_by_uuid cr.uuid
110 cr.update_attributes!({state: "Committed",
111 priority: 1}.merge(value))
116 test "Update from fixture" do
117 set_user_from_auth :active
118 cr = ContainerRequest.find_by_uuid(container_requests(:running).uuid)
119 cr.update_attributes!(description: "New description")
120 assert_equal "New description", cr.description
123 test "Update with valid runtime constraints" do
124 set_user_from_auth :active
125 cr = create_minimal_req!(state: "Uncommitted", priority: 1)
127 cr = ContainerRequest.find_by_uuid cr.uuid
128 cr.update_attributes!(state: "Committed",
129 runtime_constraints: {"vcpus" => 1, "ram" => 23})
130 assert_not_nil cr.container_uuid
133 test "Container request priority must be non-nil" do
134 set_user_from_auth :active
135 cr = create_minimal_req!
137 cr.state = "Committed"
138 assert_raises(ActiveRecord::RecordInvalid) do
143 test "Container request commit" do
144 set_user_from_auth :active
145 cr = create_minimal_req!(runtime_constraints: {"vcpus" => 2, "ram" => 30})
147 assert_nil cr.container_uuid
150 cr.state = "Committed"
156 assert_equal({"vcpus" => 2, "ram" => 30}, cr.runtime_constraints)
158 assert_not_nil cr.container_uuid
159 c = Container.find_by_uuid cr.container_uuid
161 assert_equal ["echo", "foo"], c.command
162 assert_equal collections(:docker_image).portable_data_hash, c.container_image
163 assert_equal "/tmp", c.cwd
164 assert_equal({}, c.environment)
165 assert_equal({"/out" => {"kind"=>"tmp", "capacity"=>1000000}}, c.mounts)
166 assert_equal "/out", c.output_path
167 assert_equal({"keep_cache_ram"=>268435456, "vcpus" => 2, "ram" => 30}, c.runtime_constraints)
168 assert_operator 0, :<, c.priority
170 assert_raises(ActiveRecord::RecordInvalid) do
180 assert_equal 0, cr.priority
181 assert_equal 0, c.priority
184 test "Independent container requests" do
185 set_user_from_auth :active
186 cr1 = create_minimal_req!(command: ["foo", "1"], priority: 5, state: "Committed")
187 cr2 = create_minimal_req!(command: ["foo", "2"], priority: 10, state: "Committed")
189 c1 = Container.find_by_uuid cr1.container_uuid
190 assert_operator 0, :<, c1.priority
192 c2 = Container.find_by_uuid cr2.container_uuid
193 assert_operator c1.priority, :<, c2.priority
194 c2priority_was = c2.priority
196 cr1.update_attributes!(priority: 0)
199 assert_equal 0, c1.priority
202 assert_equal c2priority_was, c2.priority
205 test "Request is finalized when its container is cancelled" do
206 set_user_from_auth :active
207 cr = create_minimal_req!(priority: 1, state: "Committed", container_count_max: 1)
208 assert_equal users(:active).uuid, cr.modified_by_user_uuid
210 act_as_system_user do
211 Container.find_by_uuid(cr.container_uuid).
212 update_attributes!(state: Container::Cancelled)
216 assert_equal "Final", cr.state
217 assert_equal users(:active).uuid, cr.modified_by_user_uuid
220 test "Request is finalized when its container is completed" do
221 set_user_from_auth :active
222 project = groups(:private)
223 cr = create_minimal_req!(owner_uuid: project.uuid,
226 assert_equal users(:active).uuid, cr.modified_by_user_uuid
228 c = act_as_system_user do
229 c = Container.find_by_uuid(cr.container_uuid)
230 c.update_attributes!(state: Container::Locked)
231 c.update_attributes!(state: Container::Running)
236 assert_equal "Committed", cr.state
238 output_pdh = '1f4b0bc7583c2a7f9102c395f4ffc5e3+45'
239 log_pdh = 'fa7aeb5140e2848d39b416daeef4ffc5+45'
240 act_as_system_user do
241 c.update_attributes!(state: Container::Complete,
247 assert_equal "Final", cr.state
248 assert_equal users(:active).uuid, cr.modified_by_user_uuid
250 assert_not_nil cr.output_uuid
251 assert_not_nil cr.log_uuid
252 output = Collection.find_by_uuid cr.output_uuid
253 assert_equal output_pdh, output.portable_data_hash
254 assert_equal output.owner_uuid, project.uuid, "Container output should be copied to #{project.uuid}"
255 assert_not_nil output.modified_at
257 log = Collection.find_by_uuid cr.log_uuid
258 assert_equal log.manifest_text, ". 37b51d194a7513e45b56f6524f2d51f2+3 0:3:bar
259 ./log\\040for\\040container\\040#{cr.container_uuid} 37b51d194a7513e45b56f6524f2d51f2+3 0:3:bar\n"
261 assert_equal log.owner_uuid, project.uuid, "Container log should be copied to #{project.uuid}"
264 # This tests bug report #16144
265 test "Request is finalized when its container is completed even when log & output don't exist" do
266 set_user_from_auth :active
267 project = groups(:private)
268 cr = create_minimal_req!(owner_uuid: project.uuid,
271 assert_equal users(:active).uuid, cr.modified_by_user_uuid
273 output_pdh = '1f4b0bc7583c2a7f9102c395f4ffc5e3+45'
274 log_pdh = 'fa7aeb5140e2848d39b416daeef4ffc5+45'
276 c = act_as_system_user do
277 c = Container.find_by_uuid(cr.container_uuid)
278 c.update_attributes!(state: Container::Locked)
279 c.update_attributes!(state: Container::Running,
286 assert_equal "Committed", cr.state
288 act_as_system_user do
289 Collection.where(portable_data_hash: output_pdh).delete_all
290 Collection.where(portable_data_hash: log_pdh).delete_all
291 c.update_attributes!(state: Container::Complete)
295 assert_equal "Final", cr.state
298 # This tests bug report #16144
299 test "Can destroy CR even if its container doesn't exist" do
300 set_user_from_auth :active
301 project = groups(:private)
302 cr = create_minimal_req!(owner_uuid: project.uuid,
305 assert_equal users(:active).uuid, cr.modified_by_user_uuid
307 c = act_as_system_user do
308 c = Container.find_by_uuid(cr.container_uuid)
309 c.update_attributes!(state: Container::Locked)
310 c.update_attributes!(state: Container::Running)
315 assert_equal "Committed", cr.state
318 act_as_system_user do
319 Container.find_by_uuid(cr.container_uuid).destroy
322 assert_nil ContainerRequest.find_by_uuid(cr_uuid)
325 test "Container makes container request, then is cancelled" do
326 set_user_from_auth :active
327 cr = create_minimal_req!(priority: 5, state: "Committed", container_count_max: 1)
329 c = Container.find_by_uuid cr.container_uuid
330 assert_operator 0, :<, c.priority
333 cr2 = with_container_auth(c) do
334 create_minimal_req!(priority: 10, state: "Committed", container_count_max: 1, command: ["echo", "foo2"])
336 assert_not_nil cr2.requesting_container_uuid
337 assert_equal users(:active).uuid, cr2.modified_by_user_uuid
339 c2 = Container.find_by_uuid cr2.container_uuid
340 assert_operator 0, :<, c2.priority
342 act_as_system_user do
343 c.state = "Cancelled"
348 assert_equal "Final", cr.state
351 assert_equal 0, cr2.priority
352 assert_equal users(:active).uuid, cr2.modified_by_user_uuid
355 assert_equal 0, c2.priority
358 test "child container priority follows same ordering as corresponding top-level ancestors" do
359 findctr = lambda { |cr| Container.find_by_uuid(cr.container_uuid) }
361 set_user_from_auth :active
364 create_minimal_req!(priority: 5, state: "Committed", environment: {"workflow" => "0"}),
365 create_minimal_req!(priority: 5, state: "Committed", environment: {"workflow" => "1"}),
366 create_minimal_req!(priority: 5, state: "Committed", environment: {"workflow" => "2"}),
368 parents = toplevel_crs.map(&findctr)
370 children = parents.map do |parent|
372 with_container_auth(parent) do
373 create_minimal_req!(state: "Committed",
375 environment: {"child" => parent.environment["workflow"]})
379 grandchildren = children.reverse.map do |child|
381 with_container_auth(child) do
382 create_minimal_req!(state: "Committed",
384 environment: {"grandchild" => child.environment["child"]})
386 end.reverse.map(&findctr)
388 shared_grandchildren = children.map do |child|
389 with_container_auth(child) do
390 create_minimal_req!(state: "Committed",
392 environment: {"grandchild" => "shared"})
396 assert_equal shared_grandchildren[0].uuid, shared_grandchildren[1].uuid
397 assert_equal shared_grandchildren[0].uuid, shared_grandchildren[2].uuid
398 shared_grandchild = shared_grandchildren[0]
400 set_user_from_auth :active
402 # parents should be prioritized by submit time.
403 assert_operator parents[0].priority, :>, parents[1].priority
404 assert_operator parents[1].priority, :>, parents[2].priority
406 # children should be prioritized in same order as their respective
408 assert_operator children[0].priority, :>, children[1].priority
409 assert_operator children[1].priority, :>, children[2].priority
411 # grandchildren should also be prioritized in the same order,
412 # despite having been submitted in the opposite order.
413 assert_operator grandchildren[0].priority, :>, grandchildren[1].priority
414 assert_operator grandchildren[1].priority, :>, grandchildren[2].priority
416 # shared grandchild container should be prioritized above
417 # everything that isn't needed by parents[0], but not above
418 # earlier-submitted descendants of parents[0]
419 assert_operator shared_grandchild.priority, :>, grandchildren[1].priority
420 assert_operator shared_grandchild.priority, :>, children[1].priority
421 assert_operator shared_grandchild.priority, :>, parents[1].priority
422 assert_operator shared_grandchild.priority, :<=, grandchildren[0].priority
423 assert_operator shared_grandchild.priority, :<=, children[0].priority
424 assert_operator shared_grandchild.priority, :<=, parents[0].priority
426 # increasing priority of the most recent toplevel container should
427 # reprioritize all of its descendants (including the shared
428 # grandchild) above everything else.
429 toplevel_crs[2].update_attributes!(priority: 72)
430 (parents + children + grandchildren + [shared_grandchild]).map(&:reload)
431 assert_operator shared_grandchild.priority, :>, grandchildren[0].priority
432 assert_operator shared_grandchild.priority, :>, children[0].priority
433 assert_operator shared_grandchild.priority, :>, parents[0].priority
434 assert_operator shared_grandchild.priority, :>, grandchildren[1].priority
435 assert_operator shared_grandchild.priority, :>, children[1].priority
436 assert_operator shared_grandchild.priority, :>, parents[1].priority
437 # ...but the shared container should not have higher priority than
438 # the earlier-submitted descendants of the high-priority workflow.
439 assert_operator shared_grandchild.priority, :<=, grandchildren[2].priority
440 assert_operator shared_grandchild.priority, :<=, children[2].priority
441 assert_operator shared_grandchild.priority, :<=, parents[2].priority
445 ['running_container_auth', 'zzzzz-dz642-runningcontainr', 501],
446 ['active_no_prefs', nil, 0]
447 ].each do |token, expected, expected_priority|
448 test "create as #{token} and expect requesting_container_uuid to be #{expected}" do
449 set_user_from_auth token
450 cr = ContainerRequest.create(container_image: "img", output_path: "/tmp", command: ["echo", "foo"])
451 assert_not_nil cr.uuid, 'uuid should be set for newly created container_request'
452 assert_equal expected, cr.requesting_container_uuid
453 assert_equal expected_priority, cr.priority
457 test "create as container_runtime_token and expect requesting_container_uuid to be zzzzz-dz642-20isqbkl8xwnsao" do
458 set_user_from_auth :container_runtime_token
459 Thread.current[:token] = "#{Thread.current[:token]}/zzzzz-dz642-20isqbkl8xwnsao"
460 cr = ContainerRequest.create(container_image: "img", output_path: "/tmp", command: ["echo", "foo"])
461 assert_not_nil cr.uuid, 'uuid should be set for newly created container_request'
462 assert_equal 'zzzzz-dz642-20isqbkl8xwnsao', cr.requesting_container_uuid
463 assert_equal 1, cr.priority
466 [[{"vcpus" => [2, nil]},
467 lambda { |resolved| resolved["vcpus"] == 2 }],
468 [{"vcpus" => [3, 7]},
469 lambda { |resolved| resolved["vcpus"] == 3 }],
471 lambda { |resolved| resolved["vcpus"] == 4 }],
472 [{"ram" => [1000000000, 2000000000]},
473 lambda { |resolved| resolved["ram"] == 1000000000 }],
474 [{"ram" => [1234234234]},
475 lambda { |resolved| resolved["ram"] == 1234234234 }],
476 ].each do |rc, okfunc|
477 test "resolve runtime constraint range #{rc} to values" do
478 resolved = Container.resolve_runtime_constraints(rc)
479 assert(okfunc.call(resolved),
480 "container runtime_constraints was #{resolved.inspect}")
485 "kind" => "collection",
486 "uuid" => "zzzzz-4zz18-znfnqtbbv4spc3w",
489 resolved["/out"] == {
490 "portable_data_hash" => "1f4b0bc7583c2a7f9102c395f4ffc5e3+45",
491 "kind" => "collection",
496 "kind" => "collection",
497 "uuid" => "zzzzz-4zz18-znfnqtbbv4spc3w",
498 "portable_data_hash" => "1f4b0bc7583c2a7f9102c395f4ffc5e3+45",
501 resolved["/out"] == {
502 "portable_data_hash" => "1f4b0bc7583c2a7f9102c395f4ffc5e3+45",
503 "kind" => "collection",
508 "kind" => "collection",
509 "portable_data_hash" => "1f4b0bc7583c2a7f9102c395f4ffc5e3+45",
512 resolved["/out"] == {
513 "portable_data_hash" => "1f4b0bc7583c2a7f9102c395f4ffc5e3+45",
514 "kind" => "collection",
520 "kind" => "collection",
523 resolved["/out"] == {
524 "kind" => "collection",
528 ].each do |mounts, okfunc|
529 test "resolve mounts #{mounts.inspect} to values" do
530 set_user_from_auth :active
531 resolved = Container.resolve_mounts(mounts)
532 assert(okfunc.call(resolved),
533 "Container.resolve_mounts returned #{resolved.inspect}")
537 test 'mount unreadable collection' do
538 set_user_from_auth :spectator
541 "kind" => "collection",
542 "uuid" => "zzzzz-4zz18-znfnqtbbv4spc3w",
546 assert_raises(ArvadosModel::UnresolvableContainerError) do
547 Container.resolve_mounts(m)
551 test 'mount collection with mismatched UUID and PDH' do
552 set_user_from_auth :active
555 "kind" => "collection",
556 "uuid" => "zzzzz-4zz18-znfnqtbbv4spc3w",
557 "portable_data_hash" => "fa7aeb5140e2848d39b416daeef4ffc5+45",
561 resolved_mounts = Container.resolve_mounts(m)
562 assert_equal m['portable_data_hash'], resolved_mounts['portable_data_hash']
565 ['arvados/apitestfixture:latest',
566 'arvados/apitestfixture',
567 'd8309758b8fe2c81034ffc8a10c36460b77db7bc5e7b448c4e5b684f9d95a678',
569 test "Container.resolve_container_image(#{tag.inspect})" do
570 set_user_from_auth :active
571 resolved = Container.resolve_container_image(tag)
572 assert_equal resolved, collections(:docker_image).portable_data_hash
576 test "Container.resolve_container_image(pdh)" do
577 set_user_from_auth :active
578 [[:docker_image, 'v1'], [:docker_image_1_12, 'v2']].each do |coll, ver|
579 Rails.configuration.Containers.SupportedDockerImageFormats = {ver=>{}}
580 pdh = collections(coll).portable_data_hash
581 resolved = Container.resolve_container_image(pdh)
582 assert_equal resolved, pdh
586 ['acbd18db4cc2f85cedef654fccc4a4d8+3',
588 'arvados/apitestfixture:ENOEXIST',
590 test "container_image_for_container(#{img.inspect}) => 422" do
591 set_user_from_auth :active
592 assert_raises(ArvadosModel::UnresolvableContainerError) do
593 Container.resolve_container_image(img)
598 test "allow unrecognized container when there are remote_hosts" do
599 set_user_from_auth :active
600 Rails.configuration.RemoteClusters = Rails.configuration.RemoteClusters.merge({foooo: ActiveSupport::InheritableOptions.new({Host: "bar.com"})})
601 Container.resolve_container_image('acbd18db4cc2f85cedef654fccc4a4d8+3')
604 test "migrated docker image" do
605 Rails.configuration.Containers.SupportedDockerImageFormats = {'v2'=>{}}
606 add_docker19_migration_link
608 # Test that it returns only v2 images even though request is for v1 image.
610 set_user_from_auth :active
611 cr = create_minimal_req!(command: ["true", "1"],
612 container_image: collections(:docker_image).portable_data_hash)
613 assert_equal(Container.resolve_container_image(cr.container_image),
614 collections(:docker_image_1_12).portable_data_hash)
616 cr = create_minimal_req!(command: ["true", "2"],
617 container_image: links(:docker_image_collection_tag).name)
618 assert_equal(Container.resolve_container_image(cr.container_image),
619 collections(:docker_image_1_12).portable_data_hash)
622 test "use unmigrated docker image" do
623 Rails.configuration.Containers.SupportedDockerImageFormats = {'v1'=>{}}
624 add_docker19_migration_link
626 # Test that it returns only supported v1 images even though there is a
629 set_user_from_auth :active
630 cr = create_minimal_req!(command: ["true", "1"],
631 container_image: collections(:docker_image).portable_data_hash)
632 assert_equal(Container.resolve_container_image(cr.container_image),
633 collections(:docker_image).portable_data_hash)
635 cr = create_minimal_req!(command: ["true", "2"],
636 container_image: links(:docker_image_collection_tag).name)
637 assert_equal(Container.resolve_container_image(cr.container_image),
638 collections(:docker_image).portable_data_hash)
641 test "incompatible docker image v1" do
642 Rails.configuration.Containers.SupportedDockerImageFormats = {'v1'=>{}}
643 add_docker19_migration_link
645 # Don't return unsupported v2 image even if we ask for it directly.
646 set_user_from_auth :active
647 cr = create_minimal_req!(command: ["true", "1"],
648 container_image: collections(:docker_image_1_12).portable_data_hash)
649 assert_raises(ArvadosModel::UnresolvableContainerError) do
650 Container.resolve_container_image(cr.container_image)
654 test "incompatible docker image v2" do
655 Rails.configuration.Containers.SupportedDockerImageFormats = {'v2'=>{}}
656 # No migration link, don't return unsupported v1 image,
658 set_user_from_auth :active
659 cr = create_minimal_req!(command: ["true", "1"],
660 container_image: collections(:docker_image).portable_data_hash)
661 assert_raises(ArvadosModel::UnresolvableContainerError) do
662 Container.resolve_container_image(cr.container_image)
664 cr = create_minimal_req!(command: ["true", "2"],
665 container_image: links(:docker_image_collection_tag).name)
666 assert_raises(ArvadosModel::UnresolvableContainerError) do
667 Container.resolve_container_image(cr.container_image)
671 test "requestor can retrieve container owned by dispatch" do
672 assert_not_empty Container.readable_by(users(:admin)).where(uuid: containers(:running).uuid)
673 assert_not_empty Container.readable_by(users(:active)).where(uuid: containers(:running).uuid)
674 assert_empty Container.readable_by(users(:spectator)).where(uuid: containers(:running).uuid)
678 [{"var" => "value1"}, {"var" => "value1"}, nil],
679 [{"var" => "value1"}, {"var" => "value1"}, true],
680 [{"var" => "value1"}, {"var" => "value1"}, false],
681 [{"var" => "value1"}, {"var" => "value2"}, nil],
682 ].each do |env1, env2, use_existing|
683 test "Container request #{((env1 == env2) and (use_existing.nil? or use_existing == true)) ? 'does' : 'does not'} reuse container when committed#{use_existing.nil? ? '' : use_existing ? ' and use_existing == true' : ' and use_existing == false'}" do
684 common_attrs = {cwd: "test",
686 command: ["echo", "hello"],
688 runtime_constraints: {"vcpus" => 4,
689 "ram" => 12000000000},
690 mounts: {"test" => {"kind" => "json"}}}
691 set_user_from_auth :active
692 cr1 = create_minimal_req!(common_attrs.merge({state: ContainerRequest::Committed,
697 # Testing with use_existing default value
698 cr2 = create_minimal_req!(common_attrs.merge({state: ContainerRequest::Uncommitted,
702 cr2 = create_minimal_req!(common_attrs.merge({state: ContainerRequest::Uncommitted,
704 use_existing: use_existing}))
706 assert_not_nil cr1.container_uuid
707 assert_nil cr2.container_uuid
709 # Update cr2 to commited state and check for container equality on different cases:
710 # * When env1 and env2 are equal and use_existing is true, the same container
711 # should be assigned.
712 # * When use_existing is false, a different container should be assigned.
713 # * When env1 and env2 are different, a different container should be assigned.
714 cr2.update_attributes!({state: ContainerRequest::Committed})
715 assert_equal (cr2.use_existing == true and (env1 == env2)),
716 (cr1.container_uuid == cr2.container_uuid)
720 test "requesting_container_uuid at create is not allowed" do
721 set_user_from_auth :active
722 assert_raises(ActiveRecord::RecordInvalid) do
723 create_minimal_req!(state: "Uncommitted", priority: 1, requesting_container_uuid: 'youcantdothat')
727 test "Retry on container cancelled" do
728 set_user_from_auth :active
729 cr = create_minimal_req!(priority: 1, state: "Committed", container_count_max: 2)
730 cr2 = create_minimal_req!(priority: 1, state: "Committed", container_count_max: 2, command: ["echo", "baz"])
731 prev_container_uuid = cr.container_uuid
733 c = act_as_system_user do
734 c = Container.find_by_uuid(cr.container_uuid)
735 c.update_attributes!(state: Container::Locked)
736 c.update_attributes!(state: Container::Running)
742 assert_equal "Committed", cr.state
743 assert_equal prev_container_uuid, cr.container_uuid
744 assert_not_equal cr2.container_uuid, cr.container_uuid
745 prev_container_uuid = cr.container_uuid
747 act_as_system_user do
748 c.update_attributes!(state: Container::Cancelled)
753 assert_equal "Committed", cr.state
754 assert_not_equal prev_container_uuid, cr.container_uuid
755 assert_not_equal cr2.container_uuid, cr.container_uuid
756 prev_container_uuid = cr.container_uuid
758 c = act_as_system_user do
759 c = Container.find_by_uuid(cr.container_uuid)
760 c.update_attributes!(state: Container::Cancelled)
766 assert_equal "Final", cr.state
767 assert_equal prev_container_uuid, cr.container_uuid
768 assert_not_equal cr2.container_uuid, cr.container_uuid
771 test "Retry on container cancelled with runtime_token" do
772 set_user_from_auth :spectator
773 spec = api_client_authorizations(:active)
774 cr = create_minimal_req!(priority: 1, state: "Committed",
775 runtime_token: spec.token,
776 container_count_max: 2)
777 prev_container_uuid = cr.container_uuid
779 c = act_as_system_user do
780 c = Container.find_by_uuid(cr.container_uuid)
781 assert_equal spec.token, c.runtime_token
782 c.update_attributes!(state: Container::Locked)
783 c.update_attributes!(state: Container::Running)
788 assert_equal "Committed", cr.state
789 assert_equal prev_container_uuid, cr.container_uuid
790 prev_container_uuid = cr.container_uuid
792 act_as_system_user do
793 c.update_attributes!(state: Container::Cancelled)
797 assert_equal "Committed", cr.state
798 assert_not_equal prev_container_uuid, cr.container_uuid
799 prev_container_uuid = cr.container_uuid
801 c = act_as_system_user do
802 c = Container.find_by_uuid(cr.container_uuid)
803 assert_equal spec.token, c.runtime_token
804 c.update_attributes!(state: Container::Cancelled)
809 assert_equal "Final", cr.state
810 assert_equal prev_container_uuid, cr.container_uuid
814 test "Retry saves logs from previous attempts" do
815 set_user_from_auth :active
816 cr = create_minimal_req!(priority: 1, state: "Committed", container_count_max: 3)
818 c = act_as_system_user do
819 c = Container.find_by_uuid(cr.container_uuid)
820 c.update_attributes!(state: Container::Locked)
821 c.update_attributes!(state: Container::Running)
829 assert_equal "Committed", cr.state
830 container_uuids << cr.container_uuid
832 c = act_as_system_user do
833 logc = Collection.new(manifest_text: ". 37b51d194a7513e45b56f6524f2d51f2+3 0:3:bar\n")
835 c = Container.find_by_uuid(cr.container_uuid)
836 c.update_attributes!(state: Container::Cancelled, log: logc.portable_data_hash)
841 container_uuids.sort!
844 assert_equal "Final", cr.state
845 assert_equal 3, cr.container_count
846 assert_equal ". 37b51d194a7513e45b56f6524f2d51f2+3 0:3:bar
847 ./log\\040for\\040container\\040#{container_uuids[0]} 37b51d194a7513e45b56f6524f2d51f2+3 0:3:bar
848 ./log\\040for\\040container\\040#{container_uuids[1]} 37b51d194a7513e45b56f6524f2d51f2+3 0:3:bar
849 ./log\\040for\\040container\\040#{container_uuids[2]} 37b51d194a7513e45b56f6524f2d51f2+3 0:3:bar
850 " , Collection.find_by_uuid(cr.log_uuid).manifest_text
854 test "Output collection name setting using output_name with name collision resolution" do
855 set_user_from_auth :active
856 output_name = 'unimaginative name'
857 Collection.create!(name: output_name)
859 cr = create_minimal_req!(priority: 1,
860 state: ContainerRequest::Committed,
861 output_name: output_name)
864 assert_equal ContainerRequest::Final, cr.state
865 output_coll = Collection.find_by_uuid(cr.output_uuid)
866 # Make sure the resulting output collection name include the original name
868 assert_not_equal output_name, output_coll.name,
869 "more than one collection with the same owner and name"
870 assert output_coll.name.include?(output_name),
871 "New name should include original name"
872 assert_match /\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}\.\d+Z/, output_coll.name,
873 "New name should include ISO8601 date"
876 [[0, :check_output_ttl_0],
877 [1, :check_output_ttl_1s],
878 [365*86400, :check_output_ttl_1y],
879 ].each do |ttl, checker|
880 test "output_ttl=#{ttl}" do
881 act_as_user users(:active) do
882 cr = create_minimal_req!(priority: 1,
883 state: ContainerRequest::Committed,
888 output = Collection.find_by_uuid(cr.output_uuid)
889 send(checker, db_current_time, output.trash_at, output.delete_at)
894 def check_output_ttl_0(now, trash, delete)
899 def check_output_ttl_1s(now, trash, delete)
900 assert_not_nil(trash)
901 assert_not_nil(delete)
902 assert_in_delta(trash, now + 1.second, 10)
903 assert_in_delta(delete, now + Rails.configuration.Collections.BlobSigningTTL, 10)
906 def check_output_ttl_1y(now, trash, delete)
907 year = (86400*365).second
908 assert_not_nil(trash)
909 assert_not_nil(delete)
910 assert_in_delta(trash, now + year, 10)
911 assert_in_delta(delete, now + year, 10)
914 def run_container(cr)
915 act_as_system_user do
916 logc = Collection.new(owner_uuid: system_user_uuid,
917 manifest_text: ". ef772b2f28e2c8ca84de45466ed19ee9+7815 0:0:arv-mount.txt\n")
920 c = Container.find_by_uuid(cr.container_uuid)
921 c.update_attributes!(state: Container::Locked)
922 c.update_attributes!(state: Container::Running)
923 c.update_attributes!(state: Container::Complete,
925 output: '1f4b0bc7583c2a7f9102c395f4ffc5e3+45',
926 log: logc.portable_data_hash)
932 test "Finalize committed request when reusing a finished container" do
933 set_user_from_auth :active
934 cr = create_minimal_req!(priority: 1, state: ContainerRequest::Committed)
936 assert_equal ContainerRequest::Committed, cr.state
939 assert_equal ContainerRequest::Final, cr.state
941 cr2 = create_minimal_req!(priority: 1, state: ContainerRequest::Committed)
942 assert_equal cr.container_uuid, cr2.container_uuid
943 assert_equal ContainerRequest::Final, cr2.state
945 cr3 = create_minimal_req!(priority: 1, state: ContainerRequest::Uncommitted)
946 assert_equal ContainerRequest::Uncommitted, cr3.state
947 cr3.update_attributes!(state: ContainerRequest::Committed)
948 assert_equal cr.container_uuid, cr3.container_uuid
949 assert_equal ContainerRequest::Final, cr3.state
953 [false, ActiveRecord::RecordInvalid],
955 ].each do |preemptible_conf, expected|
956 test "having Rails.configuration.Containers.UsePreemptibleInstances=#{preemptible_conf}, create preemptible container request and verify #{expected}" do
957 sp = {"preemptible" => true}
958 common_attrs = {cwd: "test",
960 command: ["echo", "hello"],
962 scheduling_parameters: sp,
963 mounts: {"test" => {"kind" => "json"}}}
964 Rails.configuration.Containers.UsePreemptibleInstances = preemptible_conf
965 set_user_from_auth :active
967 cr = create_minimal_req!(common_attrs)
968 cr.state = ContainerRequest::Committed
971 assert_raises(expected) do
976 assert_equal sp, cr.scheduling_parameters
982 'zzzzz-dz642-runningcontainr',
984 ].each do |requesting_c|
985 test "having preemptible instances active on the API server, a committed #{requesting_c.nil? ? 'non-':''}child CR should not ask for preemptible instance if parameter already set to false" do
986 common_attrs = {cwd: "test",
988 command: ["echo", "hello"],
990 scheduling_parameters: {"preemptible" => false},
991 mounts: {"test" => {"kind" => "json"}}}
993 Rails.configuration.Containers.UsePreemptibleInstances = true
994 set_user_from_auth :active
997 cr = with_container_auth(Container.find_by_uuid requesting_c) do
998 create_minimal_req!(common_attrs)
1000 assert_not_nil cr.requesting_container_uuid
1002 cr = create_minimal_req!(common_attrs)
1005 cr.state = ContainerRequest::Committed
1008 assert_equal false, cr.scheduling_parameters['preemptible']
1013 [true, 'zzzzz-dz642-runningcontainr', true],
1015 [false, 'zzzzz-dz642-runningcontainr', nil],
1017 ].each do |preemptible_conf, requesting_c, schedule_preemptible|
1018 test "having Rails.configuration.Containers.UsePreemptibleInstances=#{preemptible_conf}, #{requesting_c.nil? ? 'non-':''}child CR should #{schedule_preemptible ? '':'not'} ask for preemptible instance by default" do
1019 common_attrs = {cwd: "test",
1021 command: ["echo", "hello"],
1022 output_path: "test",
1023 mounts: {"test" => {"kind" => "json"}}}
1025 Rails.configuration.Containers.UsePreemptibleInstances = preemptible_conf
1026 set_user_from_auth :active
1029 cr = with_container_auth(Container.find_by_uuid requesting_c) do
1030 create_minimal_req!(common_attrs)
1032 assert_not_nil cr.requesting_container_uuid
1034 cr = create_minimal_req!(common_attrs)
1037 cr.state = ContainerRequest::Committed
1040 assert_equal schedule_preemptible, cr.scheduling_parameters['preemptible']
1045 [{"partitions" => ["fastcpu","vfastcpu", 100]}, ContainerRequest::Committed, ActiveRecord::RecordInvalid],
1046 [{"partitions" => ["fastcpu","vfastcpu", 100]}, ContainerRequest::Uncommitted],
1047 [{"partitions" => "fastcpu"}, ContainerRequest::Committed, ActiveRecord::RecordInvalid],
1048 [{"partitions" => "fastcpu"}, ContainerRequest::Uncommitted],
1049 [{"partitions" => ["fastcpu","vfastcpu"]}, ContainerRequest::Committed],
1050 [{"max_run_time" => "one day"}, ContainerRequest::Committed, ActiveRecord::RecordInvalid],
1051 [{"max_run_time" => "one day"}, ContainerRequest::Uncommitted],
1052 [{"max_run_time" => -1}, ContainerRequest::Committed, ActiveRecord::RecordInvalid],
1053 [{"max_run_time" => -1}, ContainerRequest::Uncommitted],
1054 [{"max_run_time" => 86400}, ContainerRequest::Committed],
1055 ].each do |sp, state, expected|
1056 test "create container request with scheduling_parameters #{sp} in state #{state} and verify #{expected}" do
1057 common_attrs = {cwd: "test",
1059 command: ["echo", "hello"],
1060 output_path: "test",
1061 scheduling_parameters: sp,
1062 mounts: {"test" => {"kind" => "json"}}}
1063 set_user_from_auth :active
1065 if expected == ActiveRecord::RecordInvalid
1066 assert_raises(ActiveRecord::RecordInvalid) do
1067 create_minimal_req!(common_attrs.merge({state: state}))
1070 cr = create_minimal_req!(common_attrs.merge({state: state}))
1071 assert_equal sp, cr.scheduling_parameters
1073 if state == ContainerRequest::Committed
1074 c = Container.find_by_uuid(cr.container_uuid)
1075 assert_equal sp, c.scheduling_parameters
1081 test "Having preemptible_instances=true create a committed child container request and verify the scheduling parameter of its container" do
1082 common_attrs = {cwd: "test",
1084 command: ["echo", "hello"],
1085 output_path: "test",
1086 state: ContainerRequest::Committed,
1087 mounts: {"test" => {"kind" => "json"}}}
1088 set_user_from_auth :active
1089 Rails.configuration.Containers.UsePreemptibleInstances = true
1091 cr = with_container_auth(Container.find_by_uuid 'zzzzz-dz642-runningcontainr') do
1092 create_minimal_req!(common_attrs)
1094 assert_equal 'zzzzz-dz642-runningcontainr', cr.requesting_container_uuid
1095 assert_equal true, cr.scheduling_parameters["preemptible"]
1097 c = Container.find_by_uuid(cr.container_uuid)
1098 assert_equal true, c.scheduling_parameters["preemptible"]
1101 [['Committed', true, {name: "foobar", priority: 123}],
1102 ['Committed', false, {container_count: 2}],
1103 ['Committed', false, {container_count: 0}],
1104 ['Committed', false, {container_count: nil}],
1105 ['Final', false, {state: ContainerRequest::Committed, name: "foobar"}],
1106 ['Final', false, {name: "foobar", priority: 123}],
1107 ['Final', false, {name: "foobar", output_uuid: "zzzzz-4zz18-znfnqtbbv4spc3w"}],
1108 ['Final', false, {name: "foobar", log_uuid: "zzzzz-4zz18-znfnqtbbv4spc3w"}],
1109 ['Final', false, {log_uuid: "zzzzz-4zz18-znfnqtbbv4spc3w"}],
1110 ['Final', false, {priority: 123}],
1111 ['Final', false, {mounts: {}}],
1112 ['Final', false, {container_count: 2}],
1113 ['Final', true, {name: "foobar"}],
1114 ['Final', true, {name: "foobar", description: "baz"}],
1115 ].each do |state, permitted, updates|
1116 test "state=#{state} can#{'not' if !permitted} update #{updates.inspect}" do
1117 act_as_user users(:active) do
1118 cr = create_minimal_req!(priority: 1,
1120 container_count_max: 1)
1125 act_as_system_user do
1126 Container.find_by_uuid(cr.container_uuid).
1127 update_attributes!(state: Container::Cancelled)
1131 raise 'broken test case'
1133 assert_equal state, cr.state
1135 assert cr.update_attributes!(updates)
1137 assert_raises(ActiveRecord::RecordInvalid) do
1138 cr.update_attributes!(updates)
1145 test "delete container_request and check its container's priority" do
1146 act_as_user users(:active) do
1147 cr = ContainerRequest.find_by_uuid container_requests(:running_to_be_deleted).uuid
1149 # initially the cr's container has priority > 0
1150 c = Container.find_by_uuid(cr.container_uuid)
1151 assert_equal 1, c.priority
1155 # the cr's container now has priority of 0
1156 c = Container.find_by_uuid(cr.container_uuid)
1157 assert_equal 0, c.priority
1161 test "delete container_request in final state and expect no error due to before_destroy callback" do
1162 act_as_user users(:active) do
1163 cr = ContainerRequest.find_by_uuid container_requests(:completed).uuid
1164 assert_nothing_raised {cr.destroy}
1168 test "Container request valid priority" do
1169 set_user_from_auth :active
1170 cr = create_minimal_req!
1172 assert_raises(ActiveRecord::RecordInvalid) do
1192 assert_raises(ActiveRecord::RecordInvalid) do
1198 # Note: some of these tests might look redundant because they test
1199 # that out-of-order spellings of hashes are still considered equal
1200 # regardless of whether the existing (container) or new (container
1201 # request) hash needs to be re-ordered.
1202 secrets = {"/foo" => {"kind" => "text", "content" => "xyzzy"}}
1203 same_secrets = {"/foo" => {"content" => "xyzzy", "kind" => "text"}}
1204 different_secrets = {"/foo" => {"kind" => "text", "content" => "something completely different"}}
1210 [true, secrets, same_secrets],
1211 [true, same_secrets, secrets],
1212 [false, nil, secrets],
1213 [false, {}, secrets],
1214 [false, secrets, {}],
1215 [false, secrets, nil],
1216 [false, secrets, different_secrets],
1217 ].each do |expect_reuse, sm1, sm2|
1218 test "container reuse secret_mounts #{sm1.inspect}, #{sm2.inspect}" do
1219 set_user_from_auth :active
1220 cr1 = create_minimal_req!(state: "Committed", priority: 1, secret_mounts: sm1)
1221 cr2 = create_minimal_req!(state: "Committed", priority: 1, secret_mounts: sm2)
1222 assert_not_nil cr1.container_uuid
1223 assert_not_nil cr2.container_uuid
1225 assert_equal cr1.container_uuid, cr2.container_uuid
1227 assert_not_equal cr1.container_uuid, cr2.container_uuid
1232 test "scrub secret_mounts but reuse container for request with identical secret_mounts" do
1233 set_user_from_auth :active
1234 sm = {'/secret/foo' => {'kind' => 'text', 'content' => secret_string}}
1235 cr1 = create_minimal_req!(state: "Committed", priority: 1, secret_mounts: sm.dup)
1239 # secret_mounts scrubbed from db
1240 c = Container.where(uuid: cr1.container_uuid).first
1241 assert_equal({}, c.secret_mounts)
1242 assert_equal({}, cr1.secret_mounts)
1244 # can reuse container if secret_mounts match
1245 cr2 = create_minimal_req!(state: "Committed", priority: 1, secret_mounts: sm.dup)
1246 assert_equal cr1.container_uuid, cr2.container_uuid
1248 # don't reuse container if secret_mounts don't match
1249 cr3 = create_minimal_req!(state: "Committed", priority: 1, secret_mounts: {})
1250 assert_not_equal cr1.container_uuid, cr3.container_uuid
1252 assert_no_secrets_logged
1255 test "conflicting key in mounts and secret_mounts" do
1256 sm = {'/secret/foo' => {'kind' => 'text', 'content' => secret_string}}
1257 set_user_from_auth :active
1258 cr = create_minimal_req!
1259 assert_equal false, cr.update_attributes(state: "Committed",
1261 mounts: cr.mounts.merge(sm),
1263 assert_equal [:secret_mounts], cr.errors.messages.keys
1266 test "using runtime_token" do
1267 set_user_from_auth :spectator
1268 spec = api_client_authorizations(:active)
1269 cr = create_minimal_req!(state: "Committed", runtime_token: spec.token, priority: 1)
1271 c = Container.find_by_uuid cr.container_uuid
1273 assert_nil c.auth_uuid
1274 assert_equal c.runtime_token, spec.token
1276 assert_not_nil ApiClientAuthorization.find_by_uuid(spec.uuid)
1278 act_as_system_user do
1279 c.update_attributes!(state: Container::Complete,
1281 output: '1f4b0bc7583c2a7f9102c395f4ffc5e3+45',
1282 log: 'fa7aeb5140e2848d39b416daeef4ffc5+45')
1287 assert_nil cr.runtime_token
1288 assert_nil c.runtime_token
1291 test "invalid runtime_token" do
1292 set_user_from_auth :active
1293 spec = api_client_authorizations(:spectator)
1294 assert_raises(ArgumentError) do
1295 cr = create_minimal_req!(state: "Committed", runtime_token: "#{spec.token}xx")
projects / arvados.git / blob