X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/f731a77a92ee926951422934959db21438d03de3..b7f7154a7232e49b0e8ee5bc41d124ff2d15273c:/lib/controller/federation_test.go diff --git a/lib/controller/federation_test.go b/lib/controller/federation_test.go index 5ea5748b04..c935e20be6 100644 --- a/lib/controller/federation_test.go +++ b/lib/controller/federation_test.go @@ -21,7 +21,7 @@ import ( "git.curoverse.com/arvados.git/sdk/go/arvadostest" "git.curoverse.com/arvados.git/sdk/go/httpserver" "git.curoverse.com/arvados.git/sdk/go/keepclient" - "github.com/Sirupsen/logrus" + "github.com/sirupsen/logrus" check "gopkg.in/check.v1" ) @@ -594,8 +594,7 @@ func (s *FederationSuite) TestCreateRemoteContainerRequest(c *check.C) { func (s *FederationSuite) TestCreateRemoteContainerRequestCheckRuntimeToken(c *check.C) { // Send request to zmock and check that outgoing request has - // runtime_token sent (because runtime_token isn't returned in - // the response). + // runtime_token set with a new random v2 token. defer s.localServiceReturns404(c).Close() // pass cluster_id via query parameter, this allows arvados-controller @@ -611,7 +610,7 @@ func (s *FederationSuite) TestCreateRemoteContainerRequestCheckRuntimeToken(c *c } } `)) - req.Header.Set("Authorization", "Bearer "+arvadostest.ActiveToken) + req.Header.Set("Authorization", "Bearer "+arvadostest.ActiveTokenV2) req.Header.Set("Content-type", "application/json") np := arvados.NodeProfile{ @@ -628,13 +627,13 @@ func (s *FederationSuite) TestCreateRemoteContainerRequestCheckRuntimeToken(c *c arvados.ContainerRequest `json:"container_request"` } c.Check(json.NewDecoder(s.remoteMockRequests[0].Body).Decode(&cr), check.IsNil) - c.Check(strings.HasPrefix(cr.ContainerRequest.RuntimeToken, "v2/"), check.Equals, true) + c.Check(strings.HasPrefix(cr.ContainerRequest.RuntimeToken, "v2/zzzzz-gj3su-"), check.Equals, true) + c.Check(cr.ContainerRequest.RuntimeToken, check.Not(check.Equals), arvadostest.ActiveTokenV2) } func (s *FederationSuite) TestCreateRemoteContainerRequestCheckSetRuntimeToken(c *check.C) { // Send request to zmock and check that outgoing request has - // runtime_token sent (because runtime_token isn't returned in - // the response). + // runtime_token set with the explicitly provided token. defer s.localServiceReturns404(c).Close() // pass cluster_id via query parameter, this allows arvados-controller @@ -662,6 +661,35 @@ func (s *FederationSuite) TestCreateRemoteContainerRequestCheckSetRuntimeToken(c c.Check(cr.ContainerRequest.RuntimeToken, check.Equals, "xyz") } +func (s *FederationSuite) TestCreateRemoteContainerRequestRuntimeTokenFromAuth(c *check.C) { + // Send request to zmock and check that outgoing request has + // runtime_token set using the Auth token because the user is remote. + + defer s.localServiceReturns404(c).Close() + // pass cluster_id via query parameter, this allows arvados-controller + // to avoid parsing the body + req := httptest.NewRequest("POST", "/arvados/v1/container_requests?cluster_id=zmock", + strings.NewReader(`{ + "container_request": { + "name": "hello world", + "state": "Uncommitted", + "output_path": "/", + "container_image": "123", + "command": ["abc"] + } +} +`)) + req.Header.Set("Authorization", "Bearer "+arvadostest.ActiveTokenV2+"/zzzzz-dz642-parentcontainer") + req.Header.Set("Content-type", "application/json") + resp := s.testRequest(req) + c.Check(resp.StatusCode, check.Equals, http.StatusOK) + var cr struct { + arvados.ContainerRequest `json:"container_request"` + } + c.Check(json.NewDecoder(s.remoteMockRequests[0].Body).Decode(&cr), check.IsNil) + c.Check(cr.ContainerRequest.RuntimeToken, check.Equals, arvadostest.ActiveTokenV2) +} + func (s *FederationSuite) TestCreateRemoteContainerRequestError(c *check.C) { defer s.localServiceReturns404(c).Close() // pass cluster_id via query parameter, this allows arvados-controller