command: ["echo", "hello"],
output_path: "test",
runtime_constraints: {
+ "API" => false,
+ "keep_cache_ram" => 0,
"ram" => 12000000000,
"vcpus" => 4,
},
assert_equal c1.runtime_status, {}
assert_equal Container::Queued, c1.state
- assert_raises ActiveRecord::RecordInvalid do
+ assert_raises ArvadosModel::PermissionDeniedError do
c1.update_attributes! runtime_status: {'error' => 'Oops!'}
end
set_user_from_auth :active
env = {"C" => "3", "B" => "2", "A" => "1"}
m = {"F" => {"kind" => "3"}, "E" => {"kind" => "2"}, "D" => {"kind" => "1"}}
- rc = {"vcpus" => 1, "ram" => 1, "keep_cache_ram" => 1}
+ rc = {"vcpus" => 1, "ram" => 1, "keep_cache_ram" => 1, "API" => true}
c, _ = minimal_new(environment: env, mounts: m, runtime_constraints: rc)
- assert_equal c.environment.to_json, Container.deep_sort_hash(env).to_json
- assert_equal c.mounts.to_json, Container.deep_sort_hash(m).to_json
- assert_equal c.runtime_constraints.to_json, Container.deep_sort_hash(rc).to_json
+ c.reload
+ assert_equal Container.deep_sort_hash(env).to_json, c.environment.to_json
+ assert_equal Container.deep_sort_hash(m).to_json, c.mounts.to_json
+ assert_equal Container.deep_sort_hash(rc).to_json, c.runtime_constraints.to_json
end
test 'deep_sort_hash on array of hashes' do
assert_equal Container::Queued, c1.state
reused = Container.find_reusable(common_attrs.merge(runtime_token_attr(:container_runtime_token)))
# See #14584
+ assert_not_nil reused
assert_equal c1.uuid, reused.uuid
end
assert_equal Container::Queued, c1.state
reused = Container.find_reusable(common_attrs.merge(runtime_token_attr(:container_runtime_token)))
# See #14584
+ assert_not_nil reused
assert_equal c1.uuid, reused.uuid
end
assert_equal Container::Queued, c1.state
reused = Container.find_reusable(common_attrs.merge(runtime_token_attr(:container_runtime_token)))
# See #14584
+ assert_not_nil reused
assert_equal c1.uuid, reused.uuid
end
auth_exp = ApiClientAuthorization.find_by_uuid(auth_uuid_was).expires_at
assert_operator auth_exp, :<, db_current_time
+
+ assert_nil ApiClientAuthorization.validate(token: ApiClientAuthorization.find_by_uuid(auth_uuid_was).token)
end
test "Exceed maximum lock-unlock cycles" do
end
end
+ [
+ [Container::Queued, {state: Container::Locked}],
+ [Container::Queued, {state: Container::Running}],
+ [Container::Queued, {state: Container::Complete}],
+ [Container::Queued, {state: Container::Cancelled}],
+ [Container::Queued, {priority: 123456789}],
+ [Container::Queued, {runtime_status: {'error' => 'oops'}}],
+ [Container::Queued, {cwd: '/'}],
+ [Container::Locked, {state: Container::Running}],
+ [Container::Locked, {state: Container::Queued}],
+ [Container::Locked, {priority: 123456789}],
+ [Container::Locked, {runtime_status: {'error' => 'oops'}}],
+ [Container::Locked, {cwd: '/'}],
+ [Container::Running, {state: Container::Complete}],
+ [Container::Running, {state: Container::Cancelled}],
+ [Container::Running, {priority: 123456789}],
+ [Container::Running, {runtime_status: {'error' => 'oops'}}],
+ [Container::Running, {cwd: '/'}],
+ [Container::Running, {gateway_address: "172.16.0.1:12345"}],
+ [Container::Running, {interactive_session_started: true}],
+ [Container::Complete, {state: Container::Cancelled}],
+ [Container::Complete, {priority: 123456789}],
+ [Container::Complete, {runtime_status: {'error' => 'oops'}}],
+ [Container::Complete, {cwd: '/'}],
+ [Container::Cancelled, {cwd: '/'}],
+ ].each do |start_state, updates|
+ test "Container update #{updates.inspect} when #{start_state} forbidden for non-admin" do
+ set_user_from_auth :active
+ c, _ = minimal_new
+ if start_state != Container::Queued
+ set_user_from_auth :dispatch1
+ c.lock
+ if start_state != Container::Locked
+ c.update_attributes! state: Container::Running
+ if start_state != Container::Running
+ c.update_attributes! state: start_state
+ end
+ end
+ end
+ assert_equal c.state, start_state
+ set_user_from_auth :active
+ assert_raises(ArvadosModel::PermissionDeniedError) do
+ c.update_attributes! updates
+ end
+ end
+ end
+
test "Container only set exit code on complete" do
set_user_from_auth :active
c, _ = minimal_new
c.update_attributes! state: Container::Running
set_user_from_auth :running_to_be_deleted_container_auth
- refute c.update_attributes(output: collections(:foo_file).portable_data_hash)
+ assert_raises(ArvadosModel::PermissionDeniedError) do
+ c.update_attributes(output: collections(:foo_file).portable_data_hash)
+ end
end
test "can set trashed output on running container" do
end
end
+ test "user cannot delete" do
+ set_user_from_auth :active
+ c, _ = minimal_new
+ assert_raises ArvadosModel::PermissionDeniedError do
+ c.destroy
+ end
+ assert Container.find_by_uuid(c.uuid)
+ end
+
[
{state: Container::Complete, exit_code: 0, output: '1f4b0bc7583c2a7f9102c395f4ffc5e3+45'},
{state: Container::Cancelled},
projects / arvados.git / blobdiff