open-nomad/client/alloc_endpoint_test.go

255 lines
7.1 KiB
Go
Raw Normal View History

package client
import (
"fmt"
"testing"
"github.com/hashicorp/nomad/acl"
"github.com/hashicorp/nomad/client/config"
cstructs "github.com/hashicorp/nomad/client/structs"
"github.com/hashicorp/nomad/nomad/mock"
nstructs "github.com/hashicorp/nomad/nomad/structs"
"github.com/hashicorp/nomad/testutil"
"github.com/stretchr/testify/require"
)
func TestAllocations_GarbageCollectAll(t *testing.T) {
t.Parallel()
require := require.New(t)
client := TestClient(t, nil)
2018-02-06 01:20:42 +00:00
req := &nstructs.NodeSpecificRequest{}
var resp nstructs.GenericResponse
require.Nil(client.ClientRPC("Allocations.GarbageCollectAll", &req, &resp))
}
func TestAllocations_GarbageCollectAll_ACL(t *testing.T) {
t.Parallel()
require := require.New(t)
server, addr, root := testACLServer(t, nil)
defer server.Shutdown()
client := TestClient(t, func(c *config.Config) {
c.Servers = []string{addr}
c.ACLEnabled = true
})
defer client.Shutdown()
// Try request without a token and expect failure
{
2018-02-06 01:20:42 +00:00
req := &nstructs.NodeSpecificRequest{}
var resp nstructs.GenericResponse
err := client.ClientRPC("Allocations.GarbageCollectAll", &req, &resp)
require.NotNil(err)
require.EqualError(err, nstructs.ErrPermissionDenied.Error())
}
// Try request with an invalid token and expect failure
{
token := mock.CreatePolicyAndToken(t, server.State(), 1005, "invalid", mock.NodePolicy(acl.PolicyDeny))
2018-02-06 01:20:42 +00:00
req := &nstructs.NodeSpecificRequest{}
req.AuthToken = token.SecretID
var resp nstructs.GenericResponse
err := client.ClientRPC("Allocations.GarbageCollectAll", &req, &resp)
require.NotNil(err)
require.EqualError(err, nstructs.ErrPermissionDenied.Error())
}
// Try request with a valid token
{
token := mock.CreatePolicyAndToken(t, server.State(), 1007, "valid", mock.NodePolicy(acl.PolicyWrite))
2018-02-06 01:20:42 +00:00
req := &nstructs.NodeSpecificRequest{}
req.AuthToken = token.SecretID
var resp nstructs.GenericResponse
require.Nil(client.ClientRPC("Allocations.GarbageCollectAll", &req, &resp))
}
// Try request with a management token
{
2018-02-06 01:20:42 +00:00
req := &nstructs.NodeSpecificRequest{}
req.AuthToken = root.SecretID
var resp nstructs.GenericResponse
require.Nil(client.ClientRPC("Allocations.GarbageCollectAll", &req, &resp))
}
}
func TestAllocations_GarbageCollect(t *testing.T) {
t.Parallel()
require := require.New(t)
client := TestClient(t, nil)
a := mock.Alloc()
require.Nil(client.addAlloc(a, ""))
// Try with bad alloc
req := &nstructs.AllocSpecificRequest{}
var resp nstructs.GenericResponse
err := client.ClientRPC("Allocations.GarbageCollect", &req, &resp)
require.NotNil(err)
// Try with good alloc
req.AllocID = a.ID
testutil.WaitForResult(func() (bool, error) {
2018-02-06 18:53:00 +00:00
// Check if has been removed first
if _, ok := client.allAllocs()[a.ID]; !ok {
return true, nil
}
var resp2 nstructs.GenericResponse
err := client.ClientRPC("Allocations.GarbageCollect", &req, &resp2)
return err == nil, err
}, func(err error) {
t.Fatalf("err: %v", err)
})
}
func TestAllocations_GarbageCollect_ACL(t *testing.T) {
t.Parallel()
require := require.New(t)
server, addr, root := testACLServer(t, nil)
defer server.Shutdown()
client := TestClient(t, func(c *config.Config) {
c.Servers = []string{addr}
c.ACLEnabled = true
})
defer client.Shutdown()
// Try request without a token and expect failure
{
req := &nstructs.AllocSpecificRequest{}
var resp nstructs.GenericResponse
err := client.ClientRPC("Allocations.GarbageCollect", &req, &resp)
require.NotNil(err)
require.EqualError(err, nstructs.ErrPermissionDenied.Error())
}
// Try request with an invalid token and expect failure
{
token := mock.CreatePolicyAndToken(t, server.State(), 1005, "invalid", mock.NodePolicy(acl.PolicyDeny))
req := &nstructs.AllocSpecificRequest{}
req.AuthToken = token.SecretID
var resp nstructs.GenericResponse
err := client.ClientRPC("Allocations.GarbageCollect", &req, &resp)
require.NotNil(err)
require.EqualError(err, nstructs.ErrPermissionDenied.Error())
}
// Try request with a valid token
{
token := mock.CreatePolicyAndToken(t, server.State(), 1005, "test-valid",
mock.NamespacePolicy(nstructs.DefaultNamespace, "", []string{acl.NamespaceCapabilitySubmitJob}))
req := &nstructs.AllocSpecificRequest{}
req.AuthToken = token.SecretID
req.Namespace = nstructs.DefaultNamespace
var resp nstructs.GenericResponse
err := client.ClientRPC("Allocations.GarbageCollect", &req, &resp)
2018-02-13 23:50:51 +00:00
require.True(nstructs.IsErrUnknownAllocation(err))
}
// Try request with a management token
{
req := &nstructs.AllocSpecificRequest{}
req.AuthToken = root.SecretID
var resp nstructs.GenericResponse
err := client.ClientRPC("Allocations.GarbageCollect", &req, &resp)
2018-02-13 23:50:51 +00:00
require.True(nstructs.IsErrUnknownAllocation(err))
}
}
func TestAllocations_Stats(t *testing.T) {
t.Parallel()
require := require.New(t)
client := TestClient(t, nil)
a := mock.Alloc()
require.Nil(client.addAlloc(a, ""))
// Try with bad alloc
req := &cstructs.AllocStatsRequest{}
var resp cstructs.AllocStatsResponse
err := client.ClientRPC("Allocations.Stats", &req, &resp)
require.NotNil(err)
// Try with good alloc
req.AllocID = a.ID
testutil.WaitForResult(func() (bool, error) {
var resp2 cstructs.AllocStatsResponse
err := client.ClientRPC("Allocations.Stats", &req, &resp2)
if err != nil {
return false, err
}
if resp2.Stats == nil {
return false, fmt.Errorf("invalid stats object")
}
return true, nil
}, func(err error) {
t.Fatalf("err: %v", err)
})
}
func TestAllocations_Stats_ACL(t *testing.T) {
t.Parallel()
require := require.New(t)
server, addr, root := testACLServer(t, nil)
defer server.Shutdown()
client := TestClient(t, func(c *config.Config) {
c.Servers = []string{addr}
c.ACLEnabled = true
})
defer client.Shutdown()
// Try request without a token and expect failure
{
req := &cstructs.AllocStatsRequest{}
var resp cstructs.AllocStatsResponse
err := client.ClientRPC("Allocations.Stats", &req, &resp)
require.NotNil(err)
require.EqualError(err, nstructs.ErrPermissionDenied.Error())
}
// Try request with an invalid token and expect failure
{
token := mock.CreatePolicyAndToken(t, server.State(), 1005, "invalid", mock.NodePolicy(acl.PolicyDeny))
req := &cstructs.AllocStatsRequest{}
req.AuthToken = token.SecretID
var resp cstructs.AllocStatsResponse
err := client.ClientRPC("Allocations.Stats", &req, &resp)
require.NotNil(err)
require.EqualError(err, nstructs.ErrPermissionDenied.Error())
}
// Try request with a valid token
{
token := mock.CreatePolicyAndToken(t, server.State(), 1005, "test-valid",
mock.NamespacePolicy(nstructs.DefaultNamespace, "", []string{acl.NamespaceCapabilityReadJob}))
req := &cstructs.AllocStatsRequest{}
req.AuthToken = token.SecretID
req.Namespace = nstructs.DefaultNamespace
var resp cstructs.AllocStatsResponse
err := client.ClientRPC("Allocations.Stats", &req, &resp)
2018-02-13 23:50:51 +00:00
require.True(nstructs.IsErrUnknownAllocation(err))
}
// Try request with a management token
{
req := &cstructs.AllocStatsRequest{}
req.AuthToken = root.SecretID
var resp cstructs.AllocStatsResponse
err := client.ClientRPC("Allocations.Stats", &req, &resp)
2018-02-13 23:50:51 +00:00
require.True(nstructs.IsErrUnknownAllocation(err))
}
}