[ARVADOS] updated: 2.1.0-218-g5a5737ba7

Fri Dec 18 17:56:33 UTC 2020

Summary of changes:
 lib/controller/federation_test.go  | 62 +++++++++++++++++++++++---------------
 lib/controller/integration_test.go | 17 ++++-------
 lib/controller/localdb/login.go    |  3 +-
 3 files changed, 44 insertions(+), 38 deletions(-)

       via  5a5737ba7565b985a20ce1256d09424860e70337 (commit)
      from  0aec42cb5f4ad6d9593388f3ea5e887ff8b70006 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.


commit 5a5737ba7565b985a20ce1256d09424860e70337
Author: Nico Cesar <nico at nicocesar.com>
Date:   Fri Dec 18 12:56:10 2020 -0500

    addressing https://dev.arvados.org/issues/17014#note-23
    
    Arvados-DCO-1.1-Signed-off-by: Nico Cesar <nico at curii.com>

diff --git a/lib/controller/federation_test.go b/lib/controller/federation_test.go
index 2221ce27e..5e52019f6 100644
--- a/lib/controller/federation_test.go
+++ b/lib/controller/federation_test.go
@@ -633,6 +633,39 @@ func (s *FederationSuite) TestCreateRemoteContainerRequest(c *check.C) {
 	c.Check(strings.HasPrefix(cr.UUID, "zzzzz-"), check.Equals, true)
 }
 
+// getCRfromMockRequest returns a ContainerRequest with the content of
+func (s *FederationSuite) getCRfromMockRequest(c *check.C) arvados.ContainerRequest {
+
+	// Body can be a json formated or something like:
+	//  cluster_id=zmock&container_request=%7B%22command%22%3A%5B%22abc%22%5D%2C%22container_image%22%3A%22123%22%2C%22...7D
+	// or:
+	//  "{\"container_request\":{\"command\":[\"abc\"],\"container_image\":\"12...Uncommitted\"}}"
+
+	var cr arvados.ContainerRequest
+	data, err := ioutil.ReadAll(s.remoteMockRequests[0].Body)
+	c.Check(err, check.IsNil)
+
+	if s.remoteMockRequests[0].Header.Get("Content-Type") == "application/json" {
+		// legacy code path sends a JSON request body
+		var answerCR struct {
+			ContainerRequest arvados.ContainerRequest `json:"container_request"`
+		}
+		c.Check(json.Unmarshal(data, &answerCR), check.IsNil)
+		cr = answerCR.ContainerRequest
+	} else if s.remoteMockRequests[0].Header.Get("Content-Type") == "application/x-www-form-urlencoded" {
+		// new code path sends a form-encoded request body with a JSON-encoded parameter value
+		decodedValue, err := url.ParseQuery(string(data))
+		c.Check(err, check.IsNil)
+		decodedValueCR := decodedValue.Get("container_request")
+		c.Check(json.Unmarshal([]byte(decodedValueCR), &cr), check.IsNil)
+	} else {
+		// mock needs to have Content-Type that we can parse.
+		c.Fail()
+	}
+
+	return cr
+}
+
 func (s *FederationSuite) TestCreateRemoteContainerRequestCheckRuntimeToken(c *check.C) {
 	// Send request to zmock and check that outgoing request has
 	// runtime_token set with a new random v2 token.
@@ -663,33 +696,12 @@ func (s *FederationSuite) TestCreateRemoteContainerRequestCheckRuntimeToken(c *c
 
 	resp := s.testRequest(req).Result()
 	c.Check(resp.StatusCode, check.Equals, http.StatusOK)
-	var cr arvados.ContainerRequest
 
-	// Body can be a json formated or something like:
-	//  (forceLegacyAPI14==false) cluster_id=zmock&container_request=%7B%22command%22%3A%5B%22abc%22%5D%2C%22container_image%22%3A%22123%22%2C%22...7D
-	// or:
-	//  (forceLegacyAPI14==true) "{\"container_request\":{\"command\":[\"abc\"],\"container_image\":\"12...Uncommitted\"}}"
-	data, err := ioutil.ReadAll(s.remoteMockRequests[0].Body)
-	c.Check(err, check.IsNil)
-
-	// this exposes the different inputs we get in the mock
-	if forceLegacyAPI14 {
-		var answerCR struct {
-			ContainerRequest arvados.ContainerRequest `json:"container_request"`
-		}
-		c.Check(json.Unmarshal(data, &answerCR), check.IsNil)
-		cr = answerCR.ContainerRequest
-	} else {
-		var decodedValueCR string
-		decodedValue, err := url.ParseQuery(string(data))
-		c.Check(err, check.IsNil)
-		decodedValueCR = decodedValue.Get("container_request")
-		c.Check(json.Unmarshal([]byte(decodedValueCR), &cr), check.IsNil)
-	}
+	cr := s.getCRfromMockRequest(c)
 
-	// let's make sure the Runtime token is there
-	c.Check(strings.HasPrefix(cr.RuntimeToken, "v2/zzzzz-gj3su-"), check.Equals, true)
-	// the Runtimetoken should be a different one than than the Token we originally did the request with.
+	// Runtime token must match zzzzz cluster
+	c.Check(cr.RuntimeToken, check.Matches, "v2/zzzzz-gj3su-.*")
+	// RuntimeToken must be different than the Original Token we originally did the request with.
 	c.Check(cr.RuntimeToken, check.Not(check.Equals), arvadostest.ActiveTokenV2)
 }
 
diff --git a/lib/controller/integration_test.go b/lib/controller/integration_test.go
index 0567d43fa..9cfef11cb 100644
--- a/lib/controller/integration_test.go
+++ b/lib/controller/integration_test.go
@@ -495,11 +495,6 @@ func (s *IntegrationSuite) TestCreateContainerRequestWithFedToken(c *check.C) {
 }
 
 func (s *IntegrationSuite) TestCreateContainerRequestWithBadToken(c *check.C) {
-	var (
-		body bytes.Buffer
-		resp *http.Response
-	)
-
 	conn1 := s.conn("z1111")
 	rootctx1, _, _ := s.rootClients("z1111")
 	_, ac1, _, au := s.userClients(rootctx1, c, conn1, "z1111", true)
@@ -515,7 +510,7 @@ func (s *IntegrationSuite) TestCreateContainerRequestWithBadToken(c *check.C) {
 		{"v2-looking token", "v2/" + au.UUID + "/badtoken00badtoken00badtoken00badtoken00b", http.StatusUnauthorized},
 	}
 
-	json.NewEncoder(&body).Encode(map[string]interface{}{
+	body, _ := json.Marshal(map[string]interface{}{
 		"container_request": map[string]interface{}{
 			"command":         []string{"echo"},
 			"container_image": "d41d8cd98f00b204e9800998ecf8427e+0",
@@ -527,10 +522,10 @@ func (s *IntegrationSuite) TestCreateContainerRequestWithBadToken(c *check.C) {
 	for _, tt := range tests {
 		c.Log(c.TestName() + " " + tt.name)
 		ac1.AuthToken = tt.token
-		req, err := http.NewRequest("POST", "https://"+ac1.APIHost+"/arvados/v1/container_requests", bytes.NewReader(body.Bytes()))
+		req, err := http.NewRequest("POST", "https://"+ac1.APIHost+"/arvados/v1/container_requests", bytes.NewReader(body))
 		c.Assert(err, check.IsNil)
 		req.Header.Set("Content-Type", "application/json")
-		resp, err = ac1.Do(req)
+		resp, err := ac1.Do(req)
 		c.Assert(err, check.IsNil)
 		c.Assert(resp.StatusCode, check.Equals, tt.expectedCode)
 	}
@@ -556,14 +551,14 @@ func (s *IntegrationSuite) dbConn(c *check.C, clusterID string) (*sql.DB, *sql.C
 }
 
 // TestRuntimeTokenInCR will test several different tokens in the runtime attribute
-// and check the expected retualts
+// and check the expected results accessing directly to the database if needed.
 func (s *IntegrationSuite) TestRuntimeTokenInCR(c *check.C) {
 	db, dbconn := s.dbConn(c, "z1111")
 	defer db.Close()
 	defer dbconn.Close()
 	conn1 := s.conn("z1111")
 	rootctx1, _, _ := s.rootClients("z1111")
-	_, ac1, _, au := s.userClients(rootctx1, c, conn1, "z1111", true)
+	userctx1, ac1, _, au := s.userClients(rootctx1, c, conn1, "z1111", true)
 
 	tests := []struct {
 		name                 string
@@ -587,7 +582,7 @@ func (s *IntegrationSuite) TestRuntimeTokenInCR(c *check.C) {
 			"output_path":     "/",
 			"runtime_token":   tt.token,
 		}
-		cr, err := conn1.ContainerRequestCreate(rootctx1, arvados.CreateOptions{Attrs: rq})
+		cr, err := conn1.ContainerRequestCreate(userctx1, arvados.CreateOptions{Attrs: rq})
 		if tt.expectAToGetAValidCR {
 			c.Check(err, check.IsNil)
 			c.Check(cr, check.NotNil)
diff --git a/lib/controller/localdb/login.go b/lib/controller/localdb/login.go
index 8898aad04..4bf515fc3 100644
--- a/lib/controller/localdb/login.go
+++ b/lib/controller/localdb/login.go
@@ -142,9 +142,8 @@ func noopLogout(cluster *arvados.Cluster, opts arvados.LogoutOptions) (arvados.L
 }
 
 func (conn *Conn) CreateAPIClientAuthorization(ctx context.Context, rootToken string, authinfo rpc.UserSessionAuthInfo) (resp arvados.APIClientAuthorization, err error) {
-	// if rootToken is "" then return an error.
 	if rootToken == "" {
-		return arvados.APIClientAuthorization{}, errors.New("In CreateAPIClientAuthorization() rootToken can't be empty string")
+		return arvados.APIClientAuthorization{}, errors.New("configuration error: empty SystemRootToken")
 	}
 	ctxRoot := auth.NewContext(ctx, &auth.Credentials{Tokens: []string{rootToken}})
 	newsession, err := conn.railsProxy.UserSessionCreate(ctxRoot, rpc.UserSessionCreateOptions{

-----------------------------------------------------------------------


hooks/post-receive
-- 


