+ Container.resolve_container_image(img)
+ end
+ end
+ end
+
+ test "allow unrecognized container when there are remote_hosts" do
+ set_user_from_auth :active
+ Rails.configuration.RemoteClusters = Rails.configuration.RemoteClusters.merge({foooo: ActiveSupport::InheritableOptions.new({Host: "bar.com"})})
+ Container.resolve_container_image('acbd18db4cc2f85cedef654fccc4a4d8+3')
+ end
+
+ test "migrated docker image" do
+ Rails.configuration.Containers.SupportedDockerImageFormats = ['v2']
+ add_docker19_migration_link
+
+ # Test that it returns only v2 images even though request is for v1 image.
+
+ set_user_from_auth :active
+ cr = create_minimal_req!(command: ["true", "1"],
+ container_image: collections(:docker_image).portable_data_hash)
+ assert_equal(Container.resolve_container_image(cr.container_image),
+ collections(:docker_image_1_12).portable_data_hash)
+
+ cr = create_minimal_req!(command: ["true", "2"],
+ container_image: links(:docker_image_collection_tag).name)
+ assert_equal(Container.resolve_container_image(cr.container_image),
+ collections(:docker_image_1_12).portable_data_hash)
+ end
+
+ test "use unmigrated docker image" do
+ Rails.configuration.Containers.SupportedDockerImageFormats = ['v1']
+ add_docker19_migration_link
+
+ # Test that it returns only supported v1 images even though there is a
+ # migration link.
+
+ set_user_from_auth :active
+ cr = create_minimal_req!(command: ["true", "1"],
+ container_image: collections(:docker_image).portable_data_hash)
+ assert_equal(Container.resolve_container_image(cr.container_image),
+ collections(:docker_image).portable_data_hash)
+
+ cr = create_minimal_req!(command: ["true", "2"],
+ container_image: links(:docker_image_collection_tag).name)
+ assert_equal(Container.resolve_container_image(cr.container_image),
+ collections(:docker_image).portable_data_hash)
+ end
+
+ test "incompatible docker image v1" do
+ Rails.configuration.Containers.SupportedDockerImageFormats = ['v1']
+ add_docker19_migration_link
+
+ # Don't return unsupported v2 image even if we ask for it directly.
+ set_user_from_auth :active
+ cr = create_minimal_req!(command: ["true", "1"],
+ container_image: collections(:docker_image_1_12).portable_data_hash)
+ assert_raises(ArvadosModel::UnresolvableContainerError) do
+ Container.resolve_container_image(cr.container_image)
+ end
+ end
+
+ test "incompatible docker image v2" do
+ Rails.configuration.Containers.SupportedDockerImageFormats = ['v2']
+ # No migration link, don't return unsupported v1 image,
+
+ set_user_from_auth :active
+ cr = create_minimal_req!(command: ["true", "1"],
+ container_image: collections(:docker_image).portable_data_hash)
+ assert_raises(ArvadosModel::UnresolvableContainerError) do
+ Container.resolve_container_image(cr.container_image)
+ end
+ cr = create_minimal_req!(command: ["true", "2"],
+ container_image: links(:docker_image_collection_tag).name)
+ assert_raises(ArvadosModel::UnresolvableContainerError) do
+ Container.resolve_container_image(cr.container_image)
+ end
+ end
+
+ test "requestor can retrieve container owned by dispatch" do
+ assert_not_empty Container.readable_by(users(:admin)).where(uuid: containers(:running).uuid)
+ assert_not_empty Container.readable_by(users(:active)).where(uuid: containers(:running).uuid)
+ assert_empty Container.readable_by(users(:spectator)).where(uuid: containers(:running).uuid)
+ end
+
+ [
+ [{"var" => "value1"}, {"var" => "value1"}, nil],
+ [{"var" => "value1"}, {"var" => "value1"}, true],
+ [{"var" => "value1"}, {"var" => "value1"}, false],
+ [{"var" => "value1"}, {"var" => "value2"}, nil],
+ ].each do |env1, env2, use_existing|
+ test "Container request #{((env1 == env2) and (use_existing.nil? or use_existing == true)) ? 'does' : 'does not'} reuse container when committed#{use_existing.nil? ? '' : use_existing ? ' and use_existing == true' : ' and use_existing == false'}" do
+ common_attrs = {cwd: "test",
+ priority: 1,
+ command: ["echo", "hello"],
+ output_path: "test",
+ runtime_constraints: {"vcpus" => 4,
+ "ram" => 12000000000},
+ mounts: {"test" => {"kind" => "json"}}}
+ set_user_from_auth :active
+ cr1 = create_minimal_req!(common_attrs.merge({state: ContainerRequest::Committed,
+ environment: env1}))
+ if use_existing.nil?
+ # Testing with use_existing default value
+ cr2 = create_minimal_req!(common_attrs.merge({state: ContainerRequest::Uncommitted,
+ environment: env2}))
+ else
+
+ cr2 = create_minimal_req!(common_attrs.merge({state: ContainerRequest::Uncommitted,
+ environment: env2,
+ use_existing: use_existing}))
+ end
+ assert_not_nil cr1.container_uuid
+ assert_nil cr2.container_uuid
+
+ # Update cr2 to commited state and check for container equality on different cases:
+ # * When env1 and env2 are equal and use_existing is true, the same container
+ # should be assigned.
+ # * When use_existing is false, a different container should be assigned.
+ # * When env1 and env2 are different, a different container should be assigned.
+ cr2.update_attributes!({state: ContainerRequest::Committed})
+ assert_equal (cr2.use_existing == true and (env1 == env2)),
+ (cr1.container_uuid == cr2.container_uuid)
+ end
+ end
+
+ test "requesting_container_uuid at create is not allowed" do
+ set_user_from_auth :active
+ assert_raises(ActiveRecord::RecordInvalid) do
+ create_minimal_req!(state: "Uncommitted", priority: 1, requesting_container_uuid: 'youcantdothat')
+ end
+ end
+
+ test "Retry on container cancelled" do
+ set_user_from_auth :active
+ cr = create_minimal_req!(priority: 1, state: "Committed", container_count_max: 2)
+ cr2 = create_minimal_req!(priority: 1, state: "Committed", container_count_max: 2, command: ["echo", "baz"])
+ prev_container_uuid = cr.container_uuid
+
+ c = act_as_system_user do
+ c = Container.find_by_uuid(cr.container_uuid)
+ c.update_attributes!(state: Container::Locked)
+ c.update_attributes!(state: Container::Running)
+ c
+ end
+
+ cr.reload
+ cr2.reload
+ assert_equal "Committed", cr.state
+ assert_equal prev_container_uuid, cr.container_uuid
+ assert_not_equal cr2.container_uuid, cr.container_uuid
+ prev_container_uuid = cr.container_uuid
+
+ act_as_system_user do
+ c.update_attributes!(state: Container::Cancelled)
+ end
+
+ cr.reload
+ cr2.reload
+ assert_equal "Committed", cr.state
+ assert_not_equal prev_container_uuid, cr.container_uuid
+ assert_not_equal cr2.container_uuid, cr.container_uuid
+ prev_container_uuid = cr.container_uuid
+
+ c = act_as_system_user do
+ c = Container.find_by_uuid(cr.container_uuid)
+ c.update_attributes!(state: Container::Cancelled)
+ c
+ end
+
+ cr.reload
+ cr2.reload
+ assert_equal "Final", cr.state
+ assert_equal prev_container_uuid, cr.container_uuid
+ assert_not_equal cr2.container_uuid, cr.container_uuid
+ end
+
+ test "Retry on container cancelled with runtime_token" do
+ set_user_from_auth :spectator
+ spec = api_client_authorizations(:active)
+ cr = create_minimal_req!(priority: 1, state: "Committed",
+ runtime_token: spec.token,
+ container_count_max: 2)
+ prev_container_uuid = cr.container_uuid
+
+ c = act_as_system_user do
+ c = Container.find_by_uuid(cr.container_uuid)
+ assert_equal spec.token, c.runtime_token
+ c.update_attributes!(state: Container::Locked)
+ c.update_attributes!(state: Container::Running)
+ c
+ end
+
+ cr.reload
+ assert_equal "Committed", cr.state
+ assert_equal prev_container_uuid, cr.container_uuid
+ prev_container_uuid = cr.container_uuid
+
+ act_as_system_user do
+ c.update_attributes!(state: Container::Cancelled)
+ end
+
+ cr.reload
+ assert_equal "Committed", cr.state
+ assert_not_equal prev_container_uuid, cr.container_uuid
+ prev_container_uuid = cr.container_uuid
+
+ c = act_as_system_user do
+ c = Container.find_by_uuid(cr.container_uuid)
+ assert_equal spec.token, c.runtime_token
+ c.update_attributes!(state: Container::Cancelled)
+ c
+ end
+
+ cr.reload
+ assert_equal "Final", cr.state
+ assert_equal prev_container_uuid, cr.container_uuid
+ end
+
+
+ test "Retry saves logs from previous attempts" do
+ set_user_from_auth :active
+ cr = create_minimal_req!(priority: 1, state: "Committed", container_count_max: 3)
+
+ c = act_as_system_user do
+ c = Container.find_by_uuid(cr.container_uuid)
+ c.update_attributes!(state: Container::Locked)
+ c.update_attributes!(state: Container::Running)
+ c
+ end
+
+ container_uuids = []
+
+ [0, 1, 2].each do
+ cr.reload
+ assert_equal "Committed", cr.state
+ container_uuids << cr.container_uuid
+
+ c = act_as_system_user do
+ logc = Collection.new(manifest_text: ". 37b51d194a7513e45b56f6524f2d51f2+3 0:3:bar\n")
+ logc.save!
+ c = Container.find_by_uuid(cr.container_uuid)
+ c.update_attributes!(state: Container::Cancelled, log: logc.portable_data_hash)
+ c
+ end
+ end
+
+ container_uuids.sort!
+
+ cr.reload
+ assert_equal "Final", cr.state
+ assert_equal 3, cr.container_count
+ assert_equal ". 37b51d194a7513e45b56f6524f2d51f2+3 0:3:bar
+./log\\040for\\040container\\040#{container_uuids[0]} 37b51d194a7513e45b56f6524f2d51f2+3 0:3:bar
+./log\\040for\\040container\\040#{container_uuids[1]} 37b51d194a7513e45b56f6524f2d51f2+3 0:3:bar
+./log\\040for\\040container\\040#{container_uuids[2]} 37b51d194a7513e45b56f6524f2d51f2+3 0:3:bar
+" , Collection.find_by_uuid(cr.log_uuid).manifest_text
+
+ end
+
+ test "Output collection name setting using output_name with name collision resolution" do
+ set_user_from_auth :active
+ output_name = 'unimaginative name'
+ Collection.create!(name: output_name)
+
+ cr = create_minimal_req!(priority: 1,
+ state: ContainerRequest::Committed,
+ output_name: output_name)
+ run_container(cr)
+ cr.reload
+ assert_equal ContainerRequest::Final, cr.state
+ output_coll = Collection.find_by_uuid(cr.output_uuid)
+ # Make sure the resulting output collection name include the original name
+ # plus the date
+ assert_not_equal output_name, output_coll.name,
+ "more than one collection with the same owner and name"
+ assert output_coll.name.include?(output_name),
+ "New name should include original name"
+ assert_match /\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}\.\d+Z/, output_coll.name,
+ "New name should include ISO8601 date"
+ end
+
+ [[0, :check_output_ttl_0],
+ [1, :check_output_ttl_1s],
+ [365*86400, :check_output_ttl_1y],
+ ].each do |ttl, checker|
+ test "output_ttl=#{ttl}" do
+ act_as_user users(:active) do
+ cr = create_minimal_req!(priority: 1,
+ state: ContainerRequest::Committed,
+ output_name: 'foo',
+ output_ttl: ttl)
+ run_container(cr)
+ cr.reload
+ output = Collection.find_by_uuid(cr.output_uuid)
+ send(checker, db_current_time, output.trash_at, output.delete_at)
+ end
+ end
+ end
+
+ def check_output_ttl_0(now, trash, delete)
+ assert_nil(trash)
+ assert_nil(delete)
+ end
+
+ def check_output_ttl_1s(now, trash, delete)
+ assert_not_nil(trash)
+ assert_not_nil(delete)
+ assert_in_delta(trash, now + 1.second, 10)
+ assert_in_delta(delete, now + Rails.configuration.Collections.BlobSigningTTL, 10)
+ end
+
+ def check_output_ttl_1y(now, trash, delete)
+ year = (86400*365).second
+ assert_not_nil(trash)
+ assert_not_nil(delete)
+ assert_in_delta(trash, now + year, 10)
+ assert_in_delta(delete, now + year, 10)
+ end
+
+ def run_container(cr)
+ act_as_system_user do
+ c = Container.find_by_uuid(cr.container_uuid)
+ c.update_attributes!(state: Container::Locked)
+ c.update_attributes!(state: Container::Running)
+ c.update_attributes!(state: Container::Complete,
+ exit_code: 0,
+ output: '1f4b0bc7583c2a7f9102c395f4ffc5e3+45',
+ log: 'fa7aeb5140e2848d39b416daeef4ffc5+45')
+ c
+ end
+ end
+
+ test "Finalize committed request when reusing a finished container" do
+ set_user_from_auth :active
+ cr = create_minimal_req!(priority: 1, state: ContainerRequest::Committed)
+ cr.reload
+ assert_equal ContainerRequest::Committed, cr.state
+ run_container(cr)
+ cr.reload
+ assert_equal ContainerRequest::Final, cr.state
+
+ cr2 = create_minimal_req!(priority: 1, state: ContainerRequest::Committed)
+ assert_equal cr.container_uuid, cr2.container_uuid
+ assert_equal ContainerRequest::Final, cr2.state
+
+ cr3 = create_minimal_req!(priority: 1, state: ContainerRequest::Uncommitted)
+ assert_equal ContainerRequest::Uncommitted, cr3.state
+ cr3.update_attributes!(state: ContainerRequest::Committed)
+ assert_equal cr.container_uuid, cr3.container_uuid
+ assert_equal ContainerRequest::Final, cr3.state
+ end
+
+ [
+ [false, ActiveRecord::RecordInvalid],
+ [true, nil],
+ ].each do |preemptible_conf, expected|
+ test "having Rails.configuration.Containers.UsePreemptibleInstances=#{preemptible_conf}, create preemptible container request and verify #{expected}" do
+ sp = {"preemptible" => true}
+ common_attrs = {cwd: "test",
+ priority: 1,
+ command: ["echo", "hello"],
+ output_path: "test",
+ scheduling_parameters: sp,
+ mounts: {"test" => {"kind" => "json"}}}
+ Rails.configuration.Containers.UsePreemptibleInstances = preemptible_conf
+ set_user_from_auth :active
+
+ cr = create_minimal_req!(common_attrs)
+ cr.state = ContainerRequest::Committed
+
+ if !expected.nil?
+ assert_raises(expected) do
+ cr.save!
+ end
+ else
+ cr.save!
+ assert_equal sp, cr.scheduling_parameters
+ end
+ end
+ end
+
+ [
+ 'zzzzz-dz642-runningcontainr',
+ nil,
+ ].each do |requesting_c|
+ test "having preemptible instances active on the API server, a committed #{requesting_c.nil? ? 'non-':''}child CR should not ask for preemptible instance if parameter already set to false" do
+ common_attrs = {cwd: "test",
+ priority: 1,
+ command: ["echo", "hello"],
+ output_path: "test",
+ scheduling_parameters: {"preemptible" => false},
+ mounts: {"test" => {"kind" => "json"}}}
+
+ Rails.configuration.Containers.UsePreemptibleInstances = true
+ set_user_from_auth :active
+
+ if requesting_c
+ cr = with_container_auth(Container.find_by_uuid requesting_c) do
+ create_minimal_req!(common_attrs)
+ end
+ assert_not_nil cr.requesting_container_uuid
+ else
+ cr = create_minimal_req!(common_attrs)
+ end
+
+ cr.state = ContainerRequest::Committed
+ cr.save!
+
+ assert_equal false, cr.scheduling_parameters['preemptible']
+ end
+ end
+
+ [
+ [true, 'zzzzz-dz642-runningcontainr', true],
+ [true, nil, nil],
+ [false, 'zzzzz-dz642-runningcontainr', nil],
+ [false, nil, nil],
+ ].each do |preemptible_conf, requesting_c, schedule_preemptible|
+ test "having Rails.configuration.Containers.UsePreemptibleInstances=#{preemptible_conf}, #{requesting_c.nil? ? 'non-':''}child CR should #{schedule_preemptible ? '':'not'} ask for preemptible instance by default" do
+ common_attrs = {cwd: "test",
+ priority: 1,
+ command: ["echo", "hello"],
+ output_path: "test",
+ mounts: {"test" => {"kind" => "json"}}}
+
+ Rails.configuration.Containers.UsePreemptibleInstances = preemptible_conf
+ set_user_from_auth :active
+
+ if requesting_c
+ cr = with_container_auth(Container.find_by_uuid requesting_c) do
+ create_minimal_req!(common_attrs)
+ end
+ assert_not_nil cr.requesting_container_uuid
+ else
+ cr = create_minimal_req!(common_attrs)
+ end
+
+ cr.state = ContainerRequest::Committed
+ cr.save!
+
+ assert_equal schedule_preemptible, cr.scheduling_parameters['preemptible']
+ end
+ end
+
+ [
+ [{"partitions" => ["fastcpu","vfastcpu", 100]}, ContainerRequest::Committed, ActiveRecord::RecordInvalid],
+ [{"partitions" => ["fastcpu","vfastcpu", 100]}, ContainerRequest::Uncommitted],
+ [{"partitions" => "fastcpu"}, ContainerRequest::Committed, ActiveRecord::RecordInvalid],
+ [{"partitions" => "fastcpu"}, ContainerRequest::Uncommitted],
+ [{"partitions" => ["fastcpu","vfastcpu"]}, ContainerRequest::Committed],
+ [{"max_run_time" => "one day"}, ContainerRequest::Committed, ActiveRecord::RecordInvalid],
+ [{"max_run_time" => "one day"}, ContainerRequest::Uncommitted],
+ [{"max_run_time" => -1}, ContainerRequest::Committed, ActiveRecord::RecordInvalid],
+ [{"max_run_time" => -1}, ContainerRequest::Uncommitted],
+ [{"max_run_time" => 86400}, ContainerRequest::Committed],
+ ].each do |sp, state, expected|
+ test "create container request with scheduling_parameters #{sp} in state #{state} and verify #{expected}" do
+ common_attrs = {cwd: "test",
+ priority: 1,
+ command: ["echo", "hello"],
+ output_path: "test",
+ scheduling_parameters: sp,
+ mounts: {"test" => {"kind" => "json"}}}
+ set_user_from_auth :active
+
+ if expected == ActiveRecord::RecordInvalid
+ assert_raises(ActiveRecord::RecordInvalid) do
+ create_minimal_req!(common_attrs.merge({state: state}))
+ end
+ else
+ cr = create_minimal_req!(common_attrs.merge({state: state}))
+ assert_equal sp, cr.scheduling_parameters
+
+ if state == ContainerRequest::Committed
+ c = Container.find_by_uuid(cr.container_uuid)
+ assert_equal sp, c.scheduling_parameters
+ end
+ end
+ end
+ end
+
+ test "Having preemptible_instances=true create a committed child container request and verify the scheduling parameter of its container" do
+ common_attrs = {cwd: "test",
+ priority: 1,
+ command: ["echo", "hello"],
+ output_path: "test",
+ state: ContainerRequest::Committed,
+ mounts: {"test" => {"kind" => "json"}}}
+ set_user_from_auth :active
+ Rails.configuration.Containers.UsePreemptibleInstances = true
+
+ cr = with_container_auth(Container.find_by_uuid 'zzzzz-dz642-runningcontainr') do
+ create_minimal_req!(common_attrs)
+ end
+ assert_equal 'zzzzz-dz642-runningcontainr', cr.requesting_container_uuid
+ assert_equal true, cr.scheduling_parameters["preemptible"]
+
+ c = Container.find_by_uuid(cr.container_uuid)
+ assert_equal true, c.scheduling_parameters["preemptible"]
+ end
+
+ [['Committed', true, {name: "foobar", priority: 123}],
+ ['Committed', false, {container_count: 2}],
+ ['Committed', false, {container_count: 0}],
+ ['Committed', false, {container_count: nil}],
+ ['Final', false, {state: ContainerRequest::Committed, name: "foobar"}],
+ ['Final', false, {name: "foobar", priority: 123}],
+ ['Final', false, {name: "foobar", output_uuid: "zzzzz-4zz18-znfnqtbbv4spc3w"}],
+ ['Final', false, {name: "foobar", log_uuid: "zzzzz-4zz18-znfnqtbbv4spc3w"}],
+ ['Final', false, {log_uuid: "zzzzz-4zz18-znfnqtbbv4spc3w"}],
+ ['Final', false, {priority: 123}],
+ ['Final', false, {mounts: {}}],
+ ['Final', false, {container_count: 2}],
+ ['Final', true, {name: "foobar"}],
+ ['Final', true, {name: "foobar", description: "baz"}],
+ ].each do |state, permitted, updates|
+ test "state=#{state} can#{'not' if !permitted} update #{updates.inspect}" do
+ act_as_user users(:active) do
+ cr = create_minimal_req!(priority: 1,
+ state: "Committed",
+ container_count_max: 1)
+ case state
+ when 'Committed'
+ # already done
+ when 'Final'
+ act_as_system_user do
+ Container.find_by_uuid(cr.container_uuid).
+ update_attributes!(state: Container::Cancelled)
+ end
+ cr.reload
+ else
+ raise 'broken test case'
+ end
+ assert_equal state, cr.state
+ if permitted
+ assert cr.update_attributes!(updates)
+ else
+ assert_raises(ActiveRecord::RecordInvalid) do
+ cr.update_attributes!(updates)
+ end
+ end
+ end
+ end
+ end
+
+ test "delete container_request and check its container's priority" do
+ act_as_user users(:active) do
+ cr = ContainerRequest.find_by_uuid container_requests(:running_to_be_deleted).uuid
+
+ # initially the cr's container has priority > 0
+ c = Container.find_by_uuid(cr.container_uuid)
+ assert_equal 1, c.priority
+
+ cr.destroy
+
+ # the cr's container now has priority of 0
+ c = Container.find_by_uuid(cr.container_uuid)
+ assert_equal 0, c.priority
+ end
+ end
+
+ test "delete container_request in final state and expect no error due to before_destroy callback" do
+ act_as_user users(:active) do
+ cr = ContainerRequest.find_by_uuid container_requests(:completed).uuid
+ assert_nothing_raised {cr.destroy}
+ end
+ end
+
+ test "Container request valid priority" do
+ set_user_from_auth :active
+ cr = create_minimal_req!
+
+ assert_raises(ActiveRecord::RecordInvalid) do
+ cr.priority = -1
+ cr.save!
+ end
+
+ cr.priority = 0
+ cr.save!
+
+ cr.priority = 1
+ cr.save!
+
+ cr.priority = 500
+ cr.save!
+
+ cr.priority = 999
+ cr.save!
+
+ cr.priority = 1000
+ cr.save!
+
+ assert_raises(ActiveRecord::RecordInvalid) do
+ cr.priority = 1001
+ cr.save!
+ end
+ end
+
+ # Note: some of these tests might look redundant because they test
+ # that out-of-order spellings of hashes are still considered equal
+ # regardless of whether the existing (container) or new (container
+ # request) hash needs to be re-ordered.
+ secrets = {"/foo" => {"kind" => "text", "content" => "xyzzy"}}
+ same_secrets = {"/foo" => {"content" => "xyzzy", "kind" => "text"}}
+ different_secrets = {"/foo" => {"kind" => "text", "content" => "something completely different"}}
+ [
+ [true, nil, nil],
+ [true, nil, {}],
+ [true, {}, nil],
+ [true, {}, {}],
+ [true, secrets, same_secrets],
+ [true, same_secrets, secrets],
+ [false, nil, secrets],
+ [false, {}, secrets],
+ [false, secrets, {}],
+ [false, secrets, nil],
+ [false, secrets, different_secrets],
+ ].each do |expect_reuse, sm1, sm2|
+ test "container reuse secret_mounts #{sm1.inspect}, #{sm2.inspect}" do
+ set_user_from_auth :active
+ cr1 = create_minimal_req!(state: "Committed", priority: 1, secret_mounts: sm1)
+ cr2 = create_minimal_req!(state: "Committed", priority: 1, secret_mounts: sm2)
+ assert_not_nil cr1.container_uuid
+ assert_not_nil cr2.container_uuid
+ if expect_reuse
+ assert_equal cr1.container_uuid, cr2.container_uuid
+ else
+ assert_not_equal cr1.container_uuid, cr2.container_uuid