projects / arvados.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge branch 'master' of git.curoverse.com:arvados into 13429-cwl-runner-storage...
[arvados.git] / services / arv-git-httpd / server_test.go
diff --git a/services/arv-git-httpd/server_test.go b/services/arv-git-httpd/server_test.go
index 3971d17f9c181819907de8f738da3958581dd721..77049c3d2c1af14239cdc61b73f28a8de5fd9d5f 100644 (file)
--- a/services/arv-git-httpd/server_test.go
+++ b/services/arv-git-httpd/server_test.go
@@ -1,166 +1,123 @@
+// Copyright (C) The Arvados Authors. All rights reserved.
+//
+// SPDX-License-Identifier: AGPL-3.0
+
 package main
 
 import (
-       "errors"
-       "io/ioutil"
+       "net/http"
+       "net/http/httptest"
        "os"
        "os/exec"
-       "strings"
-       "testing"
 
        "git.curoverse.com/arvados.git/sdk/go/arvadostest"
+
        check "gopkg.in/check.v1"
 )
 
-var _ = check.Suite(&IntegrationSuite{})
+var _ = check.Suite(&GitSuite{})
+
+const (
+       spectatorToken = "zw2f4gwx8hw8cjre7yp6v1zylhrhn3m5gvjq73rtpwhmknrybu"
+       activeToken    = "3kg6k6lzmp9kj5cpkcoxie963cmvjahbt2fod9zru30k1jqdmi"
+       anonymousToken = "4kg6k6lzmp9kj4cpkcoxie964cmvjahbt4fod9zru44k4jqdmi"
+       expiredToken   = "2ym314ysp27sk7h943q6vtc378srb06se3pq6ghurylyf3pdmx"
+)
 
-// IntegrationSuite tests need an API server and an arv-git-httpd server
-type IntegrationSuite struct {
-       tmpRepoRoot string
-       tmpWorkdir  string
-       testServer  *server
+type GitSuite struct {
+       IntegrationSuite
 }
 
-func (s *IntegrationSuite) TestPathVariants(c *check.C) {
+func (s *GitSuite) TestPathVariants(c *check.C) {
        s.makeArvadosRepo(c)
-       // Spectator token
-       os.Setenv("ARVADOS_API_TOKEN", "zw2f4gwx8hw8cjre7yp6v1zylhrhn3m5gvjq73rtpwhmknrybu")
-       for _, repo := range []string{"foo.git", "foo/.git", "arvados.git", "arvados/.git"} {
-               err := s.runGit(c, "fetch", repo)
+       for _, repo := range []string{"active/foo.git", "active/foo/.git", "arvados.git", "arvados/.git"} {
+               err := s.RunGit(c, spectatorToken, "fetch", repo)
                c.Assert(err, check.Equals, nil)
        }
 }
 
-func (s *IntegrationSuite) TestReadonly(c *check.C) {
-       // Spectator token
-       os.Setenv("ARVADOS_API_TOKEN", "zw2f4gwx8hw8cjre7yp6v1zylhrhn3m5gvjq73rtpwhmknrybu")
-       err := s.runGit(c, "fetch", "foo.git")
+func (s *GitSuite) TestReadonly(c *check.C) {
+       err := s.RunGit(c, spectatorToken, "fetch", "active/foo.git")
        c.Assert(err, check.Equals, nil)
-       err = s.runGit(c, "push", "foo.git", "master:newbranchfail")
-       c.Assert(err, check.ErrorMatches, `.*HTTP code = 403.*`)
-       _, err = os.Stat(s.tmpRepoRoot + "/.git/refs/heads/newbranchfail")
+       err = s.RunGit(c, spectatorToken, "push", "active/foo.git", "master:newbranchfail")
+       c.Assert(err, check.ErrorMatches, `.*HTTP (code = )?403.*`)
+       _, err = os.Stat(s.tmpRepoRoot + "/zzzzz-s0uqq-382brsig8rp3666.git/refs/heads/newbranchfail")
        c.Assert(err, check.FitsTypeOf, &os.PathError{})
 }
 
-func (s *IntegrationSuite) TestReadwrite(c *check.C) {
-       // Active user token
-       os.Setenv("ARVADOS_API_TOKEN", "3kg6k6lzmp9kj5cpkcoxie963cmvjahbt2fod9zru30k1jqdmi")
-       err := s.runGit(c, "fetch", "foo.git")
+func (s *GitSuite) TestReadwrite(c *check.C) {
+       err := s.RunGit(c, activeToken, "fetch", "active/foo.git")
        c.Assert(err, check.Equals, nil)
-       err = s.runGit(c, "push", "foo.git", "master:newbranch")
+       err = s.RunGit(c, activeToken, "push", "active/foo.git", "master:newbranch")
        c.Assert(err, check.Equals, nil)
-       _, err = os.Stat(s.tmpRepoRoot + "/foo/.git/refs/heads/newbranch")
+       _, err = os.Stat(s.tmpRepoRoot + "/zzzzz-s0uqq-382brsig8rp3666.git/refs/heads/newbranch")
        c.Assert(err, check.Equals, nil)
 }
 
-func (s *IntegrationSuite) TestNonexistent(c *check.C) {
-       // Spectator token
-       os.Setenv("ARVADOS_API_TOKEN", "zw2f4gwx8hw8cjre7yp6v1zylhrhn3m5gvjq73rtpwhmknrybu")
-       err := s.runGit(c, "fetch", "thisrepodoesnotexist.git")
-       c.Assert(err, check.ErrorMatches, `.* not found:.*`)
+func (s *GitSuite) TestNonexistent(c *check.C) {
+       err := s.RunGit(c, spectatorToken, "fetch", "thisrepodoesnotexist.git")
+       c.Assert(err, check.ErrorMatches, `.* not found.*`)
 }
 
-func (s *IntegrationSuite) TestNoPermission(c *check.C) {
-       // Anonymous token
-       os.Setenv("ARVADOS_API_TOKEN", "4kg6k6lzmp9kj4cpkcoxie964cmvjahbt4fod9zru44k4jqdmi")
-       for _, repo := range []string{"foo.git", "foo/.git"} {
-               err := s.runGit(c, "fetch", repo)
-               c.Assert(err, check.ErrorMatches, `.* not found:.*`)
-       }
+func (s *GitSuite) TestMissingGitdirReadableRepository(c *check.C) {
+       err := s.RunGit(c, activeToken, "fetch", "active/foo2.git")
+       c.Assert(err, check.ErrorMatches, `.* not found.*`)
 }
 
-func (s *IntegrationSuite) SetUpSuite(c *check.C) {
-       arvadostest.StartAPI()
+func (s *GitSuite) TestNoPermission(c *check.C) {
+       for _, repo := range []string{"active/foo.git", "active/foo/.git"} {
+               err := s.RunGit(c, anonymousToken, "fetch", repo)
+               c.Assert(err, check.ErrorMatches, `.* not found.*`)
+       }
 }
 
-func (s *IntegrationSuite) SetUpTest(c *check.C) {
-       arvadostest.ResetEnv()
-       s.testServer = &server{}
-       var err error
-       s.tmpRepoRoot, err = ioutil.TempDir("", "arv-git-httpd")
-       c.Assert(err, check.Equals, nil)
-       s.tmpWorkdir, err = ioutil.TempDir("", "arv-git-httpd")
-       c.Assert(err, check.Equals, nil)
-       _, err = exec.Command("git", "init", s.tmpRepoRoot+"/foo").Output()
-       c.Assert(err, check.Equals, nil)
-       _, err = exec.Command("sh", "-c", "cd "+s.tmpRepoRoot+"/foo && echo test >test && git add test && git commit -am 'foo: test'").CombinedOutput()
-       c.Assert(err, check.Equals, nil)
-       _, err = exec.Command("git", "init", s.tmpWorkdir).Output()
-       c.Assert(err, check.Equals, nil)
-       _, err = exec.Command("sh", "-c", "cd "+s.tmpWorkdir+" && echo work >work && git add work && git commit -am 'workdir: test'").CombinedOutput()
-       c.Assert(err, check.Equals, nil)
-
-       theConfig = &config{
-               Addr:       ":",
-               GitCommand: "/usr/bin/git",
-               Root:       s.tmpRepoRoot,
+func (s *GitSuite) TestExpiredToken(c *check.C) {
+       for _, repo := range []string{"active/foo.git", "active/foo/.git"} {
+               err := s.RunGit(c, expiredToken, "fetch", repo)
+               c.Assert(err, check.ErrorMatches, `.* (500 while accessing|requested URL returned error: 500).*`)
        }
-       err = s.testServer.Start()
-       c.Assert(err, check.Equals, nil)
-
-       // Clear ARVADOS_API_TOKEN after starting up the server, to
-       // make sure arv-git-httpd doesn't use it.
-       os.Setenv("ARVADOS_API_TOKEN", "")
-
-       _, err = exec.Command("git", "config",
-               "--file", s.tmpWorkdir+"/.git/config",
-               "credential.http://"+s.testServer.Addr+"/.helper",
-               "!foo(){ echo password=$ARVADOS_API_TOKEN; };foo").Output()
-       c.Assert(err, check.Equals, nil)
-       _, err = exec.Command("git", "config",
-               "--file", s.tmpWorkdir+"/.git/config",
-               "credential.http://"+s.testServer.Addr+"/.username",
-               "none").Output()
-       c.Assert(err, check.Equals, nil)
 }
 
-func (s *IntegrationSuite) TearDownTest(c *check.C) {
-       var err error
-       if s.testServer != nil {
-               err = s.testServer.Close()
-       }
-       c.Check(err, check.Equals, nil)
-       if s.tmpRepoRoot != "" {
-               err = os.RemoveAll(s.tmpRepoRoot)
-               c.Check(err, check.Equals, nil)
+func (s *GitSuite) TestInvalidToken(c *check.C) {
+       for _, repo := range []string{"active/foo.git", "active/foo/.git"} {
+               err := s.RunGit(c, "s3cr3tp@ssw0rd", "fetch", repo)
+               c.Assert(err, check.ErrorMatches, `.* requested URL returned error.*`)
        }
-       if s.tmpWorkdir != "" {
-               err = os.RemoveAll(s.tmpWorkdir)
-               c.Check(err, check.Equals, nil)
+}
+
+func (s *GitSuite) TestShortToken(c *check.C) {
+       for _, repo := range []string{"active/foo.git", "active/foo/.git"} {
+               err := s.RunGit(c, "s3cr3t", "fetch", repo)
+               c.Assert(err, check.ErrorMatches, `.* (500 while accessing|requested URL returned error: 500).*`)
        }
 }
 
-func (s *IntegrationSuite) runGit(c *check.C, gitCmd, repo string, args ...string) error {
-       cwd, err := os.Getwd()
-       c.Assert(err, check.Equals, nil)
-       defer os.Chdir(cwd)
-       os.Chdir(s.tmpWorkdir)
-
-       gitargs := append([]string{
-               gitCmd, "http://" + s.testServer.Addr + "/" + repo,
-       }, args...)
-       cmd := exec.Command("git", gitargs...)
-       w, err := cmd.StdinPipe()
-       c.Assert(err, check.Equals, nil)
-       go w.Close()
-       output, err := cmd.CombinedOutput()
-       c.Log("git ", gitargs, " => ", err)
-       if err != nil {
-               // Easier to match error strings without newlines.
-               err = errors.New(strings.Replace(string(output), "\n", " // ", -1))
+func (s *GitSuite) TestShortTokenBadReq(c *check.C) {
+       for _, repo := range []string{"bogus"} {
+               err := s.RunGit(c, "s3cr3t", "fetch", repo)
+               c.Assert(err, check.ErrorMatches, `.*not found.*`)
        }
-       return err
 }
 
 // Make a bare arvados repo at {tmpRepoRoot}/arvados.git
-func (s *IntegrationSuite) makeArvadosRepo(c *check.C) {
-       _, err := exec.Command("git", "init", "--bare", s.tmpRepoRoot+"/arvados.git").Output()
+func (s *GitSuite) makeArvadosRepo(c *check.C) {
+       msg, err := exec.Command("git", "init", "--bare", s.tmpRepoRoot+"/zzzzz-s0uqq-arvadosrepo0123.git").CombinedOutput()
+       c.Log(string(msg))
        c.Assert(err, check.Equals, nil)
-       _, err = exec.Command("git", "--git-dir", s.tmpRepoRoot+"/arvados.git", "fetch", "../../.git", "master:master").Output()
+       msg, err = exec.Command("git", "--git-dir", s.tmpRepoRoot+"/zzzzz-s0uqq-arvadosrepo0123.git", "fetch", "../../.git", "HEAD:master").CombinedOutput()
+       c.Log(string(msg))
        c.Assert(err, check.Equals, nil)
 }
 
-// Gocheck boilerplate
-func Test(t *testing.T) {
-       check.TestingT(t)
+func (s *GitSuite) TestHealthCheckPing(c *check.C) {
+       req, err := http.NewRequest("GET",
+               "http://"+s.testServer.Addr+"/_health/ping",
+               nil)
+       c.Assert(err, check.Equals, nil)
+       req.Header.Set("Authorization", "Bearer "+arvadostest.ManagementToken)
+
+       resp := httptest.NewRecorder()
+       s.testServer.Handler.ServeHTTP(resp, req)
+       c.Check(resp.Code, check.Equals, 200)
+       c.Check(resp.Body.String(), check.Matches, `{"health":"OK"}\n`)
 }