1 # Copyright (C) The Arvados Authors. All rights reserved.
3 # SPDX-License-Identifier: AGPL-3.0
6 require 'helpers/container_test_helper'
7 require 'helpers/docker_migration_helper'
9 class ContainerRequestTest < ActiveSupport::TestCase
10 include DockerMigrationHelper
12 include ContainerTestHelper
14 def with_container_auth(ctr)
15 auth_was = Thread.current[:api_client_authorization]
16 Thread.current[:api_client_authorization] = ApiClientAuthorization.find_by_uuid(ctr.auth_uuid)
20 Thread.current[:api_client_authorization] = auth_was
26 ctr.update_attributes!(state: Container::Locked)
27 ctr.update_attributes!(state: Container::Running)
31 def create_minimal_req! attrs={}
33 command: ["echo", "foo"],
34 container_image: links(:docker_image_collection_tag).name,
37 mounts: {"/out" => {"kind" => "tmp", "capacity" => 1000000}},
39 runtime_constraints: {"vcpus" => 1, "ram" => 2},
43 cr = ContainerRequest.create!(defaults.merge(attrs))
48 def check_bogus_states cr
49 [nil, "Flubber"].each do |state|
50 assert_raises(ActiveRecord::RecordInvalid) do
58 test "Container request create" do
59 set_user_from_auth :active
60 cr = create_minimal_req!
62 assert_nil cr.container_uuid
63 assert_equal 0, cr.priority
67 # Ensure we can modify all attributes
68 cr.command = ["echo", "foo3"]
69 cr.container_image = "img3"
71 cr.environment = {"BUP" => "BOP"}
72 cr.mounts = {"BAR" => {"kind" => "BAZ"}}
73 cr.output_path = "/tmp4"
75 cr.runtime_constraints = {"vcpus" => 4}
77 cr.description = "bar3"
80 assert_nil cr.container_uuid
84 {"runtime_constraints" => {"vcpus" => 1}},
85 {"runtime_constraints" => {"vcpus" => 1, "ram" => nil}},
86 {"runtime_constraints" => {"vcpus" => 0, "ram" => 123}},
87 {"runtime_constraints" => {"vcpus" => "1", "ram" => "123"}},
88 {"mounts" => {"FOO" => "BAR"}},
89 {"mounts" => {"FOO" => {}}},
90 {"mounts" => {"FOO" => {"kind" => "tmp", "capacity" => 42.222}}},
91 {"command" => ["echo", 55]},
92 {"environment" => {"FOO" => 55}}
94 test "Create with invalid #{value}" do
95 set_user_from_auth :active
96 assert_raises(ActiveRecord::RecordInvalid) do
97 cr = create_minimal_req!({state: "Committed",
98 priority: 1}.merge(value))
103 test "Update with invalid #{value}" do
104 set_user_from_auth :active
105 cr = create_minimal_req!(state: "Uncommitted", priority: 1)
107 assert_raises(ActiveRecord::RecordInvalid) do
108 cr = ContainerRequest.find_by_uuid cr.uuid
109 cr.update_attributes!({state: "Committed",
110 priority: 1}.merge(value))
115 test "Update from fixture" do
116 set_user_from_auth :active
117 cr = ContainerRequest.find_by_uuid(container_requests(:running).uuid)
118 cr.update_attributes!(description: "New description")
119 assert_equal "New description", cr.description
122 test "Update with valid runtime constraints" do
123 set_user_from_auth :active
124 cr = create_minimal_req!(state: "Uncommitted", priority: 1)
126 cr = ContainerRequest.find_by_uuid cr.uuid
127 cr.update_attributes!(state: "Committed",
128 runtime_constraints: {"vcpus" => 1, "ram" => 23})
129 assert_not_nil cr.container_uuid
132 test "Container request priority must be non-nil" do
133 set_user_from_auth :active
134 cr = create_minimal_req!
136 cr.state = "Committed"
137 assert_raises(ActiveRecord::RecordInvalid) do
142 test "Container request commit" do
143 set_user_from_auth :active
144 cr = create_minimal_req!(runtime_constraints: {"vcpus" => 2, "ram" => 30})
146 assert_nil cr.container_uuid
149 cr.state = "Committed"
155 assert_equal({"vcpus" => 2, "ram" => 30}, cr.runtime_constraints)
157 assert_not_nil cr.container_uuid
158 c = Container.find_by_uuid cr.container_uuid
160 assert_equal ["echo", "foo"], c.command
161 assert_equal collections(:docker_image).portable_data_hash, c.container_image
162 assert_equal "/tmp", c.cwd
163 assert_equal({}, c.environment)
164 assert_equal({"/out" => {"kind"=>"tmp", "capacity"=>1000000}}, c.mounts)
165 assert_equal "/out", c.output_path
166 assert_equal({"keep_cache_ram"=>268435456, "vcpus" => 2, "ram" => 30}, c.runtime_constraints)
167 assert_operator 0, :<, c.priority
169 assert_raises(ActiveRecord::RecordInvalid) do
179 assert_equal 0, cr.priority
180 assert_equal 0, c.priority
183 test "Independent container requests" do
184 set_user_from_auth :active
185 cr1 = create_minimal_req!(command: ["foo", "1"], priority: 5, state: "Committed")
186 cr2 = create_minimal_req!(command: ["foo", "2"], priority: 10, state: "Committed")
188 c1 = Container.find_by_uuid cr1.container_uuid
189 assert_operator 0, :<, c1.priority
191 c2 = Container.find_by_uuid cr2.container_uuid
192 assert_operator c1.priority, :<, c2.priority
193 c2priority_was = c2.priority
195 cr1.update_attributes!(priority: 0)
198 assert_equal 0, c1.priority
201 assert_equal c2priority_was, c2.priority
204 test "Request is finalized when its container is cancelled" do
205 set_user_from_auth :active
206 cr = create_minimal_req!(priority: 1, state: "Committed", container_count_max: 1)
207 assert_equal users(:active).uuid, cr.modified_by_user_uuid
209 act_as_system_user do
210 Container.find_by_uuid(cr.container_uuid).
211 update_attributes!(state: Container::Cancelled)
215 assert_equal "Final", cr.state
216 assert_equal users(:active).uuid, cr.modified_by_user_uuid
219 test "Request is finalized when its container is completed" do
220 set_user_from_auth :active
221 project = groups(:private)
222 cr = create_minimal_req!(owner_uuid: project.uuid,
225 assert_equal users(:active).uuid, cr.modified_by_user_uuid
227 c = act_as_system_user do
228 c = Container.find_by_uuid(cr.container_uuid)
229 c.update_attributes!(state: Container::Locked)
230 c.update_attributes!(state: Container::Running)
235 assert_equal "Committed", cr.state
237 output_pdh = '1f4b0bc7583c2a7f9102c395f4ffc5e3+45'
238 log_pdh = 'fa7aeb5140e2848d39b416daeef4ffc5+45'
239 act_as_system_user do
240 c.update_attributes!(state: Container::Complete,
246 assert_equal "Final", cr.state
247 assert_equal users(:active).uuid, cr.modified_by_user_uuid
248 ['output', 'log'].each do |out_type|
249 pdh = Container.find_by_uuid(cr.container_uuid).send(out_type)
250 assert_equal(1, Collection.where(portable_data_hash: pdh,
251 owner_uuid: project.uuid).count,
252 "Container #{out_type} should be copied to #{project.uuid}")
254 assert_not_nil cr.output_uuid
255 assert_not_nil cr.log_uuid
256 output = Collection.find_by_uuid cr.output_uuid
257 assert_equal output_pdh, output.portable_data_hash
258 log = Collection.find_by_uuid cr.log_uuid
259 assert_equal log_pdh, log.portable_data_hash
262 test "Container makes container request, then is cancelled" do
263 set_user_from_auth :active
264 cr = create_minimal_req!(priority: 5, state: "Committed", container_count_max: 1)
266 c = Container.find_by_uuid cr.container_uuid
267 assert_operator 0, :<, c.priority
270 cr2 = with_container_auth(c) do
271 create_minimal_req!(priority: 10, state: "Committed", container_count_max: 1, command: ["echo", "foo2"])
273 assert_not_nil cr2.requesting_container_uuid
274 assert_equal users(:active).uuid, cr2.modified_by_user_uuid
276 c2 = Container.find_by_uuid cr2.container_uuid
277 assert_operator 0, :<, c2.priority
279 act_as_system_user do
280 c.state = "Cancelled"
285 assert_equal "Final", cr.state
288 assert_equal 0, cr2.priority
289 assert_equal users(:active).uuid, cr2.modified_by_user_uuid
292 assert_equal 0, c2.priority
295 test "child container priority follows same ordering as corresponding top-level ancestors" do
296 findctr = lambda { |cr| Container.find_by_uuid(cr.container_uuid) }
298 set_user_from_auth :active
301 create_minimal_req!(priority: 5, state: "Committed", environment: {"workflow" => "0"}),
302 create_minimal_req!(priority: 5, state: "Committed", environment: {"workflow" => "1"}),
303 create_minimal_req!(priority: 5, state: "Committed", environment: {"workflow" => "2"}),
305 parents = toplevel_crs.map(&findctr)
307 children = parents.map do |parent|
309 with_container_auth(parent) do
310 create_minimal_req!(state: "Committed",
312 environment: {"child" => parent.environment["workflow"]})
316 grandchildren = children.reverse.map do |child|
318 with_container_auth(child) do
319 create_minimal_req!(state: "Committed",
321 environment: {"grandchild" => child.environment["child"]})
323 end.reverse.map(&findctr)
325 shared_grandchildren = children.map do |child|
326 with_container_auth(child) do
327 create_minimal_req!(state: "Committed",
329 environment: {"grandchild" => "shared"})
333 assert_equal shared_grandchildren[0].uuid, shared_grandchildren[1].uuid
334 assert_equal shared_grandchildren[0].uuid, shared_grandchildren[2].uuid
335 shared_grandchild = shared_grandchildren[0]
337 set_user_from_auth :active
339 # parents should be prioritized by submit time.
340 assert_operator parents[0].priority, :>, parents[1].priority
341 assert_operator parents[1].priority, :>, parents[2].priority
343 # children should be prioritized in same order as their respective
345 assert_operator children[0].priority, :>, children[1].priority
346 assert_operator children[1].priority, :>, children[2].priority
348 # grandchildren should also be prioritized in the same order,
349 # despite having been submitted in the opposite order.
350 assert_operator grandchildren[0].priority, :>, grandchildren[1].priority
351 assert_operator grandchildren[1].priority, :>, grandchildren[2].priority
353 # shared grandchild container should be prioritized above
354 # everything that isn't needed by parents[0], but not above
355 # earlier-submitted descendants of parents[0]
356 assert_operator shared_grandchild.priority, :>, grandchildren[1].priority
357 assert_operator shared_grandchild.priority, :>, children[1].priority
358 assert_operator shared_grandchild.priority, :>, parents[1].priority
359 assert_operator shared_grandchild.priority, :<=, grandchildren[0].priority
360 assert_operator shared_grandchild.priority, :<=, children[0].priority
361 assert_operator shared_grandchild.priority, :<=, parents[0].priority
363 # increasing priority of the most recent toplevel container should
364 # reprioritize all of its descendants (including the shared
365 # grandchild) above everything else.
366 toplevel_crs[2].update_attributes!(priority: 72)
367 (parents + children + grandchildren + [shared_grandchild]).map(&:reload)
368 assert_operator shared_grandchild.priority, :>, grandchildren[0].priority
369 assert_operator shared_grandchild.priority, :>, children[0].priority
370 assert_operator shared_grandchild.priority, :>, parents[0].priority
371 assert_operator shared_grandchild.priority, :>, grandchildren[1].priority
372 assert_operator shared_grandchild.priority, :>, children[1].priority
373 assert_operator shared_grandchild.priority, :>, parents[1].priority
374 # ...but the shared container should not have higher priority than
375 # the earlier-submitted descendants of the high-priority workflow.
376 assert_operator shared_grandchild.priority, :<=, grandchildren[2].priority
377 assert_operator shared_grandchild.priority, :<=, children[2].priority
378 assert_operator shared_grandchild.priority, :<=, parents[2].priority
382 ['running_container_auth', 'zzzzz-dz642-runningcontainr', 501],
383 ['active_no_prefs', nil, 0]
384 ].each do |token, expected, expected_priority|
385 test "create as #{token} and expect requesting_container_uuid to be #{expected}" do
386 set_user_from_auth token
387 cr = ContainerRequest.create(container_image: "img", output_path: "/tmp", command: ["echo", "foo"])
388 assert_not_nil cr.uuid, 'uuid should be set for newly created container_request'
389 assert_equal expected, cr.requesting_container_uuid
390 assert_equal expected_priority, cr.priority
394 test "create as container_runtime_token and expect requesting_container_uuid to be zzzzz-dz642-20isqbkl8xwnsao" do
395 set_user_from_auth :container_runtime_token
396 Thread.current[:token] = "#{Thread.current[:token]}/zzzzz-dz642-20isqbkl8xwnsao"
397 cr = ContainerRequest.create(container_image: "img", output_path: "/tmp", command: ["echo", "foo"])
398 assert_not_nil cr.uuid, 'uuid should be set for newly created container_request'
399 assert_equal 'zzzzz-dz642-20isqbkl8xwnsao', cr.requesting_container_uuid
400 assert_equal 1, cr.priority
403 [[{"vcpus" => [2, nil]},
404 lambda { |resolved| resolved["vcpus"] == 2 }],
405 [{"vcpus" => [3, 7]},
406 lambda { |resolved| resolved["vcpus"] == 3 }],
408 lambda { |resolved| resolved["vcpus"] == 4 }],
409 [{"ram" => [1000000000, 2000000000]},
410 lambda { |resolved| resolved["ram"] == 1000000000 }],
411 [{"ram" => [1234234234]},
412 lambda { |resolved| resolved["ram"] == 1234234234 }],
413 ].each do |rc, okfunc|
414 test "resolve runtime constraint range #{rc} to values" do
415 resolved = Container.resolve_runtime_constraints(rc)
416 assert(okfunc.call(resolved),
417 "container runtime_constraints was #{resolved.inspect}")
422 "kind" => "collection",
423 "uuid" => "zzzzz-4zz18-znfnqtbbv4spc3w",
426 resolved["/out"] == {
427 "portable_data_hash" => "1f4b0bc7583c2a7f9102c395f4ffc5e3+45",
428 "uuid" => "zzzzz-4zz18-znfnqtbbv4spc3w",
429 "kind" => "collection",
434 "kind" => "collection",
435 "uuid" => "zzzzz-4zz18-znfnqtbbv4spc3w",
436 "portable_data_hash" => "1f4b0bc7583c2a7f9102c395f4ffc5e3+45",
439 resolved["/out"] == {
440 "portable_data_hash" => "1f4b0bc7583c2a7f9102c395f4ffc5e3+45",
441 "uuid" => "zzzzz-4zz18-znfnqtbbv4spc3w",
442 "kind" => "collection",
447 "kind" => "collection",
448 "portable_data_hash" => "1f4b0bc7583c2a7f9102c395f4ffc5e3+45",
451 resolved["/out"] == {
452 "portable_data_hash" => "1f4b0bc7583c2a7f9102c395f4ffc5e3+45",
453 "kind" => "collection",
457 ].each do |mounts, okfunc|
458 test "resolve mounts #{mounts.inspect} to values" do
459 set_user_from_auth :active
460 resolved = Container.resolve_mounts(mounts)
461 assert(okfunc.call(resolved),
462 "Container.resolve_mounts returned #{resolved.inspect}")
466 test 'mount unreadable collection' do
467 set_user_from_auth :spectator
470 "kind" => "collection",
471 "uuid" => "zzzzz-4zz18-znfnqtbbv4spc3w",
475 assert_raises(ArvadosModel::UnresolvableContainerError) do
476 Container.resolve_mounts(m)
480 test 'mount collection with mismatched UUID and PDH' do
481 set_user_from_auth :active
484 "kind" => "collection",
485 "uuid" => "zzzzz-4zz18-znfnqtbbv4spc3w",
486 "portable_data_hash" => "fa7aeb5140e2848d39b416daeef4ffc5+45",
490 assert_raises(ArgumentError) do
491 Container.resolve_mounts(m)
495 ['arvados/apitestfixture:latest',
496 'arvados/apitestfixture',
497 'd8309758b8fe2c81034ffc8a10c36460b77db7bc5e7b448c4e5b684f9d95a678',
499 test "Container.resolve_container_image(#{tag.inspect})" do
500 set_user_from_auth :active
501 resolved = Container.resolve_container_image(tag)
502 assert_equal resolved, collections(:docker_image).portable_data_hash
506 test "Container.resolve_container_image(pdh)" do
507 set_user_from_auth :active
508 [[:docker_image, 'v1'], [:docker_image_1_12, 'v2']].each do |coll, ver|
509 Rails.configuration.docker_image_formats = [ver]
510 pdh = collections(coll).portable_data_hash
511 resolved = Container.resolve_container_image(pdh)
512 assert_equal resolved, pdh
516 ['acbd18db4cc2f85cedef654fccc4a4d8+3',
518 'arvados/apitestfixture:ENOEXIST',
520 test "container_image_for_container(#{img.inspect}) => 422" do
521 set_user_from_auth :active
522 assert_raises(ArvadosModel::UnresolvableContainerError) do
523 Container.resolve_container_image(img)
528 test "allow unrecognized container when there are remote_hosts" do
529 set_user_from_auth :active
530 Rails.configuration.remote_hosts = {"foooo" => "bar.com"}
531 Container.resolve_container_image('acbd18db4cc2f85cedef654fccc4a4d8+3')
534 test "migrated docker image" do
535 Rails.configuration.docker_image_formats = ['v2']
536 add_docker19_migration_link
538 # Test that it returns only v2 images even though request is for v1 image.
540 set_user_from_auth :active
541 cr = create_minimal_req!(command: ["true", "1"],
542 container_image: collections(:docker_image).portable_data_hash)
543 assert_equal(Container.resolve_container_image(cr.container_image),
544 collections(:docker_image_1_12).portable_data_hash)
546 cr = create_minimal_req!(command: ["true", "2"],
547 container_image: links(:docker_image_collection_tag).name)
548 assert_equal(Container.resolve_container_image(cr.container_image),
549 collections(:docker_image_1_12).portable_data_hash)
552 test "use unmigrated docker image" do
553 Rails.configuration.docker_image_formats = ['v1']
554 add_docker19_migration_link
556 # Test that it returns only supported v1 images even though there is a
559 set_user_from_auth :active
560 cr = create_minimal_req!(command: ["true", "1"],
561 container_image: collections(:docker_image).portable_data_hash)
562 assert_equal(Container.resolve_container_image(cr.container_image),
563 collections(:docker_image).portable_data_hash)
565 cr = create_minimal_req!(command: ["true", "2"],
566 container_image: links(:docker_image_collection_tag).name)
567 assert_equal(Container.resolve_container_image(cr.container_image),
568 collections(:docker_image).portable_data_hash)
571 test "incompatible docker image v1" do
572 Rails.configuration.docker_image_formats = ['v1']
573 add_docker19_migration_link
575 # Don't return unsupported v2 image even if we ask for it directly.
576 set_user_from_auth :active
577 cr = create_minimal_req!(command: ["true", "1"],
578 container_image: collections(:docker_image_1_12).portable_data_hash)
579 assert_raises(ArvadosModel::UnresolvableContainerError) do
580 Container.resolve_container_image(cr.container_image)
584 test "incompatible docker image v2" do
585 Rails.configuration.docker_image_formats = ['v2']
586 # No migration link, don't return unsupported v1 image,
588 set_user_from_auth :active
589 cr = create_minimal_req!(command: ["true", "1"],
590 container_image: collections(:docker_image).portable_data_hash)
591 assert_raises(ArvadosModel::UnresolvableContainerError) do
592 Container.resolve_container_image(cr.container_image)
594 cr = create_minimal_req!(command: ["true", "2"],
595 container_image: links(:docker_image_collection_tag).name)
596 assert_raises(ArvadosModel::UnresolvableContainerError) do
597 Container.resolve_container_image(cr.container_image)
601 test "requestor can retrieve container owned by dispatch" do
602 assert_not_empty Container.readable_by(users(:admin)).where(uuid: containers(:running).uuid)
603 assert_not_empty Container.readable_by(users(:active)).where(uuid: containers(:running).uuid)
604 assert_empty Container.readable_by(users(:spectator)).where(uuid: containers(:running).uuid)
608 [{"var" => "value1"}, {"var" => "value1"}, nil],
609 [{"var" => "value1"}, {"var" => "value1"}, true],
610 [{"var" => "value1"}, {"var" => "value1"}, false],
611 [{"var" => "value1"}, {"var" => "value2"}, nil],
612 ].each do |env1, env2, use_existing|
613 test "Container request #{((env1 == env2) and (use_existing.nil? or use_existing == true)) ? 'does' : 'does not'} reuse container when committed#{use_existing.nil? ? '' : use_existing ? ' and use_existing == true' : ' and use_existing == false'}" do
614 common_attrs = {cwd: "test",
616 command: ["echo", "hello"],
618 runtime_constraints: {"vcpus" => 4,
619 "ram" => 12000000000},
620 mounts: {"test" => {"kind" => "json"}}}
621 set_user_from_auth :active
622 cr1 = create_minimal_req!(common_attrs.merge({state: ContainerRequest::Committed,
625 # Testing with use_existing default value
626 cr2 = create_minimal_req!(common_attrs.merge({state: ContainerRequest::Uncommitted,
630 cr2 = create_minimal_req!(common_attrs.merge({state: ContainerRequest::Uncommitted,
632 use_existing: use_existing}))
634 assert_not_nil cr1.container_uuid
635 assert_nil cr2.container_uuid
637 # Update cr2 to commited state and check for container equality on different cases:
638 # * When env1 and env2 are equal and use_existing is true, the same container
639 # should be assigned.
640 # * When use_existing is false, a different container should be assigned.
641 # * When env1 and env2 are different, a different container should be assigned.
642 cr2.update_attributes!({state: ContainerRequest::Committed})
643 assert_equal (cr2.use_existing == true and (env1 == env2)),
644 (cr1.container_uuid == cr2.container_uuid)
648 test "requesting_container_uuid at create is not allowed" do
649 set_user_from_auth :active
650 assert_raises(ActiveRecord::RecordInvalid) do
651 create_minimal_req!(state: "Uncommitted", priority: 1, requesting_container_uuid: 'youcantdothat')
655 test "Retry on container cancelled" do
656 set_user_from_auth :active
657 cr = create_minimal_req!(priority: 1, state: "Committed", container_count_max: 2)
658 cr2 = create_minimal_req!(priority: 1, state: "Committed", container_count_max: 2, command: ["echo", "baz"])
659 prev_container_uuid = cr.container_uuid
661 c = act_as_system_user do
662 c = Container.find_by_uuid(cr.container_uuid)
663 c.update_attributes!(state: Container::Locked)
664 c.update_attributes!(state: Container::Running)
670 assert_equal "Committed", cr.state
671 assert_equal prev_container_uuid, cr.container_uuid
672 assert_not_equal cr2.container_uuid, cr.container_uuid
673 prev_container_uuid = cr.container_uuid
675 act_as_system_user do
676 c.update_attributes!(state: Container::Cancelled)
681 assert_equal "Committed", cr.state
682 assert_not_equal prev_container_uuid, cr.container_uuid
683 assert_not_equal cr2.container_uuid, cr.container_uuid
684 prev_container_uuid = cr.container_uuid
686 c = act_as_system_user do
687 c = Container.find_by_uuid(cr.container_uuid)
688 c.update_attributes!(state: Container::Cancelled)
694 assert_equal "Final", cr.state
695 assert_equal prev_container_uuid, cr.container_uuid
696 assert_not_equal cr2.container_uuid, cr.container_uuid
699 test "Retry on container cancelled with runtime_token" do
700 set_user_from_auth :spectator
701 spec = api_client_authorizations(:active)
702 cr = create_minimal_req!(priority: 1, state: "Committed",
703 runtime_token: spec.token,
704 container_count_max: 2)
705 prev_container_uuid = cr.container_uuid
707 c = act_as_system_user do
708 c = Container.find_by_uuid(cr.container_uuid)
709 assert_equal spec.token, c.runtime_token
710 c.update_attributes!(state: Container::Locked)
711 c.update_attributes!(state: Container::Running)
716 assert_equal "Committed", cr.state
717 assert_equal prev_container_uuid, cr.container_uuid
718 prev_container_uuid = cr.container_uuid
720 act_as_system_user do
721 c.update_attributes!(state: Container::Cancelled)
725 assert_equal "Committed", cr.state
726 assert_not_equal prev_container_uuid, cr.container_uuid
727 prev_container_uuid = cr.container_uuid
729 c = act_as_system_user do
730 c = Container.find_by_uuid(cr.container_uuid)
731 assert_equal spec.token, c.runtime_token
732 c.update_attributes!(state: Container::Cancelled)
737 assert_equal "Final", cr.state
738 assert_equal prev_container_uuid, cr.container_uuid
742 test "Output collection name setting using output_name with name collision resolution" do
743 set_user_from_auth :active
744 output_name = 'unimaginative name'
745 Collection.create!(name: output_name)
747 cr = create_minimal_req!(priority: 1,
748 state: ContainerRequest::Committed,
749 output_name: output_name)
752 assert_equal ContainerRequest::Final, cr.state
753 output_coll = Collection.find_by_uuid(cr.output_uuid)
754 # Make sure the resulting output collection name include the original name
756 assert_not_equal output_name, output_coll.name,
757 "more than one collection with the same owner and name"
758 assert output_coll.name.include?(output_name),
759 "New name should include original name"
760 assert_match /\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}\.\d+Z/, output_coll.name,
761 "New name should include ISO8601 date"
764 [[0, :check_output_ttl_0],
765 [1, :check_output_ttl_1s],
766 [365*86400, :check_output_ttl_1y],
767 ].each do |ttl, checker|
768 test "output_ttl=#{ttl}" do
769 act_as_user users(:active) do
770 cr = create_minimal_req!(priority: 1,
771 state: ContainerRequest::Committed,
776 output = Collection.find_by_uuid(cr.output_uuid)
777 send(checker, db_current_time, output.trash_at, output.delete_at)
782 def check_output_ttl_0(now, trash, delete)
787 def check_output_ttl_1s(now, trash, delete)
788 assert_not_nil(trash)
789 assert_not_nil(delete)
790 assert_in_delta(trash, now + 1.second, 10)
791 assert_in_delta(delete, now + Rails.configuration.blob_signature_ttl.second, 10)
794 def check_output_ttl_1y(now, trash, delete)
795 year = (86400*365).second
796 assert_not_nil(trash)
797 assert_not_nil(delete)
798 assert_in_delta(trash, now + year, 10)
799 assert_in_delta(delete, now + year, 10)
802 def run_container(cr)
803 act_as_system_user do
804 c = Container.find_by_uuid(cr.container_uuid)
805 c.update_attributes!(state: Container::Locked)
806 c.update_attributes!(state: Container::Running)
807 c.update_attributes!(state: Container::Complete,
809 output: '1f4b0bc7583c2a7f9102c395f4ffc5e3+45',
810 log: 'fa7aeb5140e2848d39b416daeef4ffc5+45')
815 test "Finalize committed request when reusing a finished container" do
816 set_user_from_auth :active
817 cr = create_minimal_req!(priority: 1, state: ContainerRequest::Committed)
819 assert_equal ContainerRequest::Committed, cr.state
822 assert_equal ContainerRequest::Final, cr.state
824 cr2 = create_minimal_req!(priority: 1, state: ContainerRequest::Committed)
825 assert_equal cr.container_uuid, cr2.container_uuid
826 assert_equal ContainerRequest::Final, cr2.state
828 cr3 = create_minimal_req!(priority: 1, state: ContainerRequest::Uncommitted)
829 assert_equal ContainerRequest::Uncommitted, cr3.state
830 cr3.update_attributes!(state: ContainerRequest::Committed)
831 assert_equal cr.container_uuid, cr3.container_uuid
832 assert_equal ContainerRequest::Final, cr3.state
836 [false, ActiveRecord::RecordInvalid],
838 ].each do |preemptible_conf, expected|
839 test "having Rails.configuration.preemptible_instances=#{preemptible_conf}, create preemptible container request and verify #{expected}" do
840 sp = {"preemptible" => true}
841 common_attrs = {cwd: "test",
843 command: ["echo", "hello"],
845 scheduling_parameters: sp,
846 mounts: {"test" => {"kind" => "json"}}}
847 Rails.configuration.preemptible_instances = preemptible_conf
848 set_user_from_auth :active
850 cr = create_minimal_req!(common_attrs)
851 cr.state = ContainerRequest::Committed
854 assert_raises(expected) do
859 assert_equal sp, cr.scheduling_parameters
865 'zzzzz-dz642-runningcontainr',
867 ].each do |requesting_c|
868 test "having preemptible instances active on the API server, a committed #{requesting_c.nil? ? 'non-':''}child CR should not ask for preemptible instance if parameter already set to false" do
869 common_attrs = {cwd: "test",
871 command: ["echo", "hello"],
873 scheduling_parameters: {"preemptible" => false},
874 mounts: {"test" => {"kind" => "json"}}}
876 Rails.configuration.preemptible_instances = true
877 set_user_from_auth :active
880 cr = with_container_auth(Container.find_by_uuid requesting_c) do
881 create_minimal_req!(common_attrs)
883 assert_not_nil cr.requesting_container_uuid
885 cr = create_minimal_req!(common_attrs)
888 cr.state = ContainerRequest::Committed
891 assert_equal false, cr.scheduling_parameters['preemptible']
896 [true, 'zzzzz-dz642-runningcontainr', true],
898 [false, 'zzzzz-dz642-runningcontainr', nil],
900 ].each do |preemptible_conf, requesting_c, schedule_preemptible|
901 test "having Rails.configuration.preemptible_instances=#{preemptible_conf}, #{requesting_c.nil? ? 'non-':''}child CR should #{schedule_preemptible ? '':'not'} ask for preemptible instance by default" do
902 common_attrs = {cwd: "test",
904 command: ["echo", "hello"],
906 mounts: {"test" => {"kind" => "json"}}}
908 Rails.configuration.preemptible_instances = preemptible_conf
909 set_user_from_auth :active
912 cr = with_container_auth(Container.find_by_uuid requesting_c) do
913 create_minimal_req!(common_attrs)
915 assert_not_nil cr.requesting_container_uuid
917 cr = create_minimal_req!(common_attrs)
920 cr.state = ContainerRequest::Committed
923 assert_equal schedule_preemptible, cr.scheduling_parameters['preemptible']
928 [{"partitions" => ["fastcpu","vfastcpu", 100]}, ContainerRequest::Committed, ActiveRecord::RecordInvalid],
929 [{"partitions" => ["fastcpu","vfastcpu", 100]}, ContainerRequest::Uncommitted],
930 [{"partitions" => "fastcpu"}, ContainerRequest::Committed, ActiveRecord::RecordInvalid],
931 [{"partitions" => "fastcpu"}, ContainerRequest::Uncommitted],
932 [{"partitions" => ["fastcpu","vfastcpu"]}, ContainerRequest::Committed],
933 [{"max_run_time" => "one day"}, ContainerRequest::Committed, ActiveRecord::RecordInvalid],
934 [{"max_run_time" => "one day"}, ContainerRequest::Uncommitted],
935 [{"max_run_time" => -1}, ContainerRequest::Committed, ActiveRecord::RecordInvalid],
936 [{"max_run_time" => -1}, ContainerRequest::Uncommitted],
937 [{"max_run_time" => 86400}, ContainerRequest::Committed],
938 ].each do |sp, state, expected|
939 test "create container request with scheduling_parameters #{sp} in state #{state} and verify #{expected}" do
940 common_attrs = {cwd: "test",
942 command: ["echo", "hello"],
944 scheduling_parameters: sp,
945 mounts: {"test" => {"kind" => "json"}}}
946 set_user_from_auth :active
948 if expected == ActiveRecord::RecordInvalid
949 assert_raises(ActiveRecord::RecordInvalid) do
950 create_minimal_req!(common_attrs.merge({state: state}))
953 cr = create_minimal_req!(common_attrs.merge({state: state}))
954 assert_equal sp, cr.scheduling_parameters
956 if state == ContainerRequest::Committed
957 c = Container.find_by_uuid(cr.container_uuid)
958 assert_equal sp, c.scheduling_parameters
964 test "Having preemptible_instances=true create a committed child container request and verify the scheduling parameter of its container" do
965 common_attrs = {cwd: "test",
967 command: ["echo", "hello"],
969 state: ContainerRequest::Committed,
970 mounts: {"test" => {"kind" => "json"}}}
971 set_user_from_auth :active
972 Rails.configuration.preemptible_instances = true
974 cr = with_container_auth(Container.find_by_uuid 'zzzzz-dz642-runningcontainr') do
975 create_minimal_req!(common_attrs)
977 assert_equal 'zzzzz-dz642-runningcontainr', cr.requesting_container_uuid
978 assert_equal true, cr.scheduling_parameters["preemptible"]
980 c = Container.find_by_uuid(cr.container_uuid)
981 assert_equal true, c.scheduling_parameters["preemptible"]
984 [['Committed', true, {name: "foobar", priority: 123}],
985 ['Committed', false, {container_count: 2}],
986 ['Committed', false, {container_count: 0}],
987 ['Committed', false, {container_count: nil}],
988 ['Final', false, {state: ContainerRequest::Committed, name: "foobar"}],
989 ['Final', false, {name: "foobar", priority: 123}],
990 ['Final', false, {name: "foobar", output_uuid: "zzzzz-4zz18-znfnqtbbv4spc3w"}],
991 ['Final', false, {name: "foobar", log_uuid: "zzzzz-4zz18-znfnqtbbv4spc3w"}],
992 ['Final', false, {log_uuid: "zzzzz-4zz18-znfnqtbbv4spc3w"}],
993 ['Final', false, {priority: 123}],
994 ['Final', false, {mounts: {}}],
995 ['Final', false, {container_count: 2}],
996 ['Final', true, {name: "foobar"}],
997 ['Final', true, {name: "foobar", description: "baz"}],
998 ].each do |state, permitted, updates|
999 test "state=#{state} can#{'not' if !permitted} update #{updates.inspect}" do
1000 act_as_user users(:active) do
1001 cr = create_minimal_req!(priority: 1,
1003 container_count_max: 1)
1008 act_as_system_user do
1009 Container.find_by_uuid(cr.container_uuid).
1010 update_attributes!(state: Container::Cancelled)
1014 raise 'broken test case'
1016 assert_equal state, cr.state
1018 assert cr.update_attributes!(updates)
1020 assert_raises(ActiveRecord::RecordInvalid) do
1021 cr.update_attributes!(updates)
1028 test "delete container_request and check its container's priority" do
1029 act_as_user users(:active) do
1030 cr = ContainerRequest.find_by_uuid container_requests(:running_to_be_deleted).uuid
1032 # initially the cr's container has priority > 0
1033 c = Container.find_by_uuid(cr.container_uuid)
1034 assert_equal 1, c.priority
1038 # the cr's container now has priority of 0
1039 c = Container.find_by_uuid(cr.container_uuid)
1040 assert_equal 0, c.priority
1044 test "delete container_request in final state and expect no error due to before_destroy callback" do
1045 act_as_user users(:active) do
1046 cr = ContainerRequest.find_by_uuid container_requests(:completed).uuid
1047 assert_nothing_raised {cr.destroy}
1051 test "Container request valid priority" do
1052 set_user_from_auth :active
1053 cr = create_minimal_req!
1055 assert_raises(ActiveRecord::RecordInvalid) do
1075 assert_raises(ActiveRecord::RecordInvalid) do
1081 # Note: some of these tests might look redundant because they test
1082 # that out-of-order spellings of hashes are still considered equal
1083 # regardless of whether the existing (container) or new (container
1084 # request) hash needs to be re-ordered.
1085 secrets = {"/foo" => {"kind" => "text", "content" => "xyzzy"}}
1086 same_secrets = {"/foo" => {"content" => "xyzzy", "kind" => "text"}}
1087 different_secrets = {"/foo" => {"kind" => "text", "content" => "something completely different"}}
1093 [true, secrets, same_secrets],
1094 [true, same_secrets, secrets],
1095 [false, nil, secrets],
1096 [false, {}, secrets],
1097 [false, secrets, {}],
1098 [false, secrets, nil],
1099 [false, secrets, different_secrets],
1100 ].each do |expect_reuse, sm1, sm2|
1101 test "container reuse secret_mounts #{sm1.inspect}, #{sm2.inspect}" do
1102 set_user_from_auth :active
1103 cr1 = create_minimal_req!(state: "Committed", priority: 1, secret_mounts: sm1)
1104 cr2 = create_minimal_req!(state: "Committed", priority: 1, secret_mounts: sm2)
1105 assert_not_nil cr1.container_uuid
1106 assert_not_nil cr2.container_uuid
1108 assert_equal cr1.container_uuid, cr2.container_uuid
1110 assert_not_equal cr1.container_uuid, cr2.container_uuid
1115 test "scrub secret_mounts but reuse container for request with identical secret_mounts" do
1116 set_user_from_auth :active
1117 sm = {'/secret/foo' => {'kind' => 'text', 'content' => secret_string}}
1118 cr1 = create_minimal_req!(state: "Committed", priority: 1, secret_mounts: sm.dup)
1122 # secret_mounts scrubbed from db
1123 c = Container.where(uuid: cr1.container_uuid).first
1124 assert_equal({}, c.secret_mounts)
1125 assert_equal({}, cr1.secret_mounts)
1127 # can reuse container if secret_mounts match
1128 cr2 = create_minimal_req!(state: "Committed", priority: 1, secret_mounts: sm.dup)
1129 assert_equal cr1.container_uuid, cr2.container_uuid
1131 # don't reuse container if secret_mounts don't match
1132 cr3 = create_minimal_req!(state: "Committed", priority: 1, secret_mounts: {})
1133 assert_not_equal cr1.container_uuid, cr3.container_uuid
1135 assert_no_secrets_logged
1138 test "conflicting key in mounts and secret_mounts" do
1139 sm = {'/secret/foo' => {'kind' => 'text', 'content' => secret_string}}
1140 set_user_from_auth :active
1141 cr = create_minimal_req!
1142 assert_equal false, cr.update_attributes(state: "Committed",
1144 mounts: cr.mounts.merge(sm),
1146 assert_equal [:secret_mounts], cr.errors.messages.keys
1149 test "using runtime_token" do
1150 set_user_from_auth :spectator
1151 spec = api_client_authorizations(:active)
1152 cr = create_minimal_req!(state: "Committed", runtime_token: spec.token, priority: 1)
1154 c = Container.find_by_uuid cr.container_uuid
1156 assert_nil c.auth_uuid
1157 assert_equal c.runtime_token, spec.token
1159 assert_not_nil ApiClientAuthorization.find_by_uuid(spec.uuid)
1161 act_as_system_user do
1162 c.update_attributes!(state: Container::Complete,
1164 output: '1f4b0bc7583c2a7f9102c395f4ffc5e3+45',
1165 log: 'fa7aeb5140e2848d39b416daeef4ffc5+45')
1170 assert_nil cr.runtime_token
1171 assert_nil c.runtime_token
1174 test "invalid runtime_token" do
1175 set_user_from_auth :active
1176 spec = api_client_authorizations(:spectator)
1177 assert_raises(ArgumentError) do
1178 cr = create_minimal_req!(state: "Committed", runtime_token: "#{spec.token}xx")