1 require 'whitelist_update'
3 class ContainerRequest < ArvadosModel
6 include CommonApiTemplate
7 include WhitelistUpdate
9 serialize :properties, Hash
10 serialize :environment, Hash
11 serialize :mounts, Hash
12 serialize :runtime_constraints, Hash
13 serialize :command, Array
15 before_validation :fill_field_defaults, :if => :new_record?
16 before_validation :set_container
17 validates :command, :container_image, :output_path, :cwd, :presence => true
18 validate :validate_state_change
19 validate :validate_change
20 after_save :update_priority
21 before_create :set_requesting_container_uuid
23 api_accessible :user, extend: :common do |t|
25 t.add :container_count_max
26 t.add :container_image
38 t.add :requesting_container_uuid
39 t.add :runtime_constraints
43 # Supported states for a container request
46 (Uncommitted = 'Uncommitted'),
47 (Committed = 'Committed'),
52 nil => [Uncommitted, Committed],
53 Uncommitted => [Committed],
61 def skip_uuid_read_permission_check
62 # XXX temporary until permissions are sorted out.
63 %w(modified_by_client_uuid container_uuid requesting_container_uuid)
66 def container_completed!
67 # may implement retry logic here in the future.
68 self.state = ContainerRequest::Final
74 def fill_field_defaults
75 self.state ||= Uncommitted
76 self.environment ||= {}
77 self.runtime_constraints ||= {}
82 # Create a new container (or find an existing one) to satisfy this
85 # TODO: resolve mounts and container_image to content addresses.
86 c = act_as_system_user do
87 Container.create!(command: self.command,
88 container_image: self.container_image,
90 environment: self.environment,
92 output_path: self.output_path,
93 runtime_constraints: runtime_constraints_for_container)
95 self.container_uuid = c.uuid
98 # Return a runtime_constraints hash that complies with
99 # self.runtime_constraints but is suitable for saving in a container
100 # record, i.e., has specific values instead of ranges.
102 # Doing this as a step separate from other resolutions, like "git
103 # revision range to commit hash", makes sense only when there is no
104 # opportunity to reuse an existing container (e.g., container reuse
105 # is not implemented yet, or we have already found that no existing
106 # containers are suitable).
107 def runtime_constraints_for_container
109 runtime_constraints.each do |k, v|
120 if (container_uuid_changed? and
121 not current_user.andand.is_admin and
122 not container_uuid.nil?)
123 errors.add :container_uuid, "can only be updated to nil."
126 if state_changed? and state == Committed and container_uuid.nil?
132 permitted = [:owner_uuid]
136 # Permit updating most fields
137 permitted.push :command, :container_count_max,
138 :container_image, :cwd, :description, :environment,
139 :filters, :mounts, :name, :output_path, :priority,
140 :properties, :requesting_container_uuid, :runtime_constraints,
141 :state, :container_uuid
144 if container_uuid.nil?
145 errors.add :container_uuid, "has not been resolved to a container."
149 errors.add :priority, "cannot be nil"
152 # Can update priority, container count, name and description
153 permitted.push :priority, :container_count_max, :container_uuid, :name, :description
155 if self.state_changed?
156 # Allow create-and-commit in a single operation.
157 permitted.push :command, :container_image, :cwd, :description, :environment,
158 :filters, :mounts, :name, :output_path, :properties,
159 :requesting_container_uuid, :runtime_constraints,
160 :state, :container_uuid
164 if not current_user.andand.is_admin and not (self.name_changed? || self.description_changed?)
165 errors.add :state, "of container request can only be set to Final by system."
168 if self.state_changed? || self.name_changed? || self.description_changed?
169 permitted.push :state, :name, :description
171 errors.add :state, "does not allow updates"
175 errors.add :state, "invalid value"
178 check_update_whitelist permitted
182 if self.state_changed? or
183 self.priority_changed? or
184 self.container_uuid_changed?
185 act_as_system_user do
188 [self.container_uuid_was, self.container_uuid].compact).
189 map(&:update_priority!)
194 def set_requesting_container_uuid
195 return true if self.requesting_container_uuid # already set
197 token_uuid = current_api_client_authorization.andand.uuid
198 container = Container.where('auth_uuid=?', token_uuid).order('created_at desc').first
199 self.requesting_container_uuid = container.uuid if container