Small fixes

This commit: * Fixes the error checking in migration tests now that we are using the canonical ErrPermissionDenied error * Guard against NPE when looking up objects to generate the migration token * Handle an additional case in ShouldMigrate()
2017-10-11 17:04:09 -07:00 · 2017-10-11 17:04:09 -07:00 · 53f2ea88a5
parent c67bfc2ee4
commit 53f2ea88a5
3 changed files with 16 additions and 6 deletions
--- a/command/agent/alloc_endpoint_test.go
+++ b/command/agent/alloc_endpoint_test.go
@ -342,7 +342,7 @@ func TestHTTP_AllocSnapshot_WithMigrateToken(t *testing.T) {
 		respW := httptest.NewRecorder()
 		_, err = s.Server.ClientAllocRequest(respW, req)
 		assert.NotNil(err)
-		assert.Contains(err.Error(), "invalid migrate token")
+		assert.EqualError(err, structs.ErrPermissionDenied.Error())

 		// Create an allocation
 		alloc := mock.Alloc()
@ -360,7 +360,7 @@ func TestHTTP_AllocSnapshot_WithMigrateToken(t *testing.T) {
 		// Make the unauthorized request
 		respW = httptest.NewRecorder()
 		_, err = s.Server.ClientAllocRequest(respW, req)
-		assert.NotContains(err.Error(), "invalid migrate token")
+		assert.NotContains(err.Error(), structs.ErrPermissionDenied.Error())
 	})
 }

--- a/nomad/node_endpoint.go
+++ b/nomad/node_endpoint.go
@ -700,25 +700,31 @@ func (n *Node) GetClientAllocs(args *structs.NodeSpecificRequest,

 			reply.Allocs = make(map[string]uint64)
 			reply.MigrateTokens = make(map[string]string)
+
 			// Setup the output
 			if len(allocs) != 0 {
 				for _, alloc := range allocs {
 					reply.Allocs[alloc.ID] = alloc.AllocModifyIndex

-					// used to create a migrate token for an authenticated volume, using
-					// the client's secret identifier for authentication.
+					// If the allocation is going to do a migration, create a
+					// migration token so that the client can authenticate with
+					// the node hosting the previous allocation.
 					if alloc.ShouldMigrate() {
 						prevAllocation, err := state.AllocByID(ws, alloc.PreviousAllocation)
 						if err != nil {
 							return err
 						}

-						if prevAllocation.NodeID != alloc.NodeID {
+						if prevAllocation != nil && prevAllocation.NodeID != alloc.NodeID {
 							allocNode, err := state.NodeByID(ws, prevAllocation.NodeID)
-
 							if err != nil {
 								return err
 							}
+							if allocNode == nil {
+								// Node must have been GC'd so skip the token
+								continue
+							}
+
 							token, err := generateMigrateToken(prevAllocation.ID, allocNode.SecretID)
 							if err != nil {
 								return err
--- a/nomad/structs/structs.go
+++ b/nomad/structs/structs.go
@ -4690,6 +4690,10 @@ func (a *Allocation) RanSuccessfully() bool {

 // ShouldMigrate returns if the allocation needs data migration
 func (a *Allocation) ShouldMigrate() bool {
+	if a.PreviousAllocation == "" {
+		return false
+	}
+
 	if a.DesiredStatus == AllocDesiredStatusStop || a.DesiredStatus == AllocDesiredStatusEvict {
 		return false
 	}