-
Notifications
You must be signed in to change notification settings - Fork 6
Expand file tree
/
Copy pathtest_app.py
More file actions
519 lines (447 loc) · 20.5 KB
/
test_app.py
File metadata and controls
519 lines (447 loc) · 20.5 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
"""
Unit tests for the Deis api app.
Run the tests with "./manage.py test api"
"""
import logging
from unittest import mock
import requests
from django.conf import settings
from django.contrib.auth.models import User
from django.core.cache import cache
from django.test import override_settings
from rest_framework.authtoken.models import Token
from api.models import App
from scheduler import KubeException
from api.tests import adapter, mock_port, DeisTestCase
import requests_mock
def mock_none(*args, **kwargs):
return None
def _mock_run(*args, **kwargs):
return [0, 'mock']
@override_settings(DEIS_KUBERNETES_DEPLOYMENTS='1')
@requests_mock.Mocker(real_http=True, adapter=adapter)
@mock.patch('api.models.release.publish_release', lambda *args: None)
@mock.patch('api.models.release.docker_get_port', mock_port)
class AppTest(DeisTestCase):
"""Tests creation of applications"""
fixtures = ['tests.json']
def setUp(self):
self.user = User.objects.get(username='autotest')
self.token = Token.objects.get(user=self.user).key
self.client.credentials(HTTP_AUTHORIZATION='Token ' + self.token)
def tearDown(self):
# make sure every test has a clean slate for k8s mocking
cache.clear()
def test_app(self, mock_requests):
"""
Test that a user can create, read, update and delete an application
"""
app_id = self.create_app()
url = '/v2/apps/{app_id}'.format(**locals())
response = self.client.get(url)
self.assertEqual(response.status_code, 200, response.data)
body = {'id': 'new'}
response = self.client.patch(url, body)
self.assertEqual(response.status_code, 405, response.content)
response = self.client.delete(url)
self.assertEqual(response.status_code, 204, response.data)
def test_response_data(self, mock_requests):
"""Test that the serialized response contains only relevant data."""
body = {'id': 'test'}
response = self.client.post('/v2/apps', body)
for key in response.data:
self.assertIn(key, ['uuid', 'created', 'updated', 'id', 'owner', 'structure'])
expected = {
'id': 'test',
'owner': self.user.username,
'structure': {}
}
self.assertDictContainsSubset(expected, response.data)
def test_app_override_id(self, mock_requests):
body = {'id': 'myid'}
response = self.client.post('/v2/apps', body)
self.assertEqual(response.status_code, 201, response.data)
body = {'id': response.data['id']}
response = self.client.post('/v2/apps', body)
self.assertContains(response, 'Application with this id already exists.', status_code=400)
return response
@mock.patch('requests.get')
def test_app_actions(self, mock_requests, mock_get):
url = '/v2/apps'
body = {'id': 'autotest'}
response = self.client.post(url, body)
self.assertEqual(response.status_code, 201, response.data)
app_id = response.data['id'] # noqa
# test logs - 204 from deis-logger
mock_response = mock.Mock()
mock_response.status_code = 204
mock_get.return_value = mock_response
url = "/v2/apps/{app_id}/logs".format(**locals())
response = self.client.get(url)
self.assertEqual(response.status_code, 204, response.content)
# test logs - 404 from deis-logger
mock_response.status_code = 404
response = self.client.get(url)
self.assertEqual(response.status_code, 204, response.content)
# test logs - unanticipated status code from deis-logger
mock_response.status_code = 400
response = self.client.get(url)
self.assertContains(
response,
"Error accessing logs for {}".format(app_id),
status_code=500)
# test logs - success accessing deis-logger
mock_response.status_code = 200
mock_response.content = FAKE_LOG_DATA
response = self.client.get(url)
self.assertContains(response, FAKE_LOG_DATA, status_code=200)
# test logs - HTTP request error while accessing deis-logger
mock_get.side_effect = requests.exceptions.RequestException('Boom!')
response = self.client.get(url)
self.assertContains(
response,
"Error accessing logs for {}".format(app_id),
status_code=500)
# TODO: test run needs an initial build
@mock.patch('api.models.logger')
def test_app_release_notes_in_logs(self, mock_requests, mock_logger):
"""Verifies that an app's release summary is dumped into the logs."""
url = '/v2/apps'
body = {'id': 'autotest'}
response = self.client.post(url, body)
self.assertEqual(response.status_code, 201, response.data)
# check app logs
exp_msg = "autotest created initial release"
exp_log_call = mock.call(logging.INFO, exp_msg)
mock_logger.log.has_calls(exp_log_call)
def test_app_errors(self, mock_requests):
app_id = 'autotest-errors'
url = '/v2/apps'
body = {'id': 'camelCase'}
response = self.client.post(url, body)
self.assertContains(
response,
'App name can only contain a-z (lowercase), 0-9 and hyphens',
status_code=400
)
url = '/v2/apps'
body = {'id': app_id}
response = self.client.post(url, body)
self.assertEqual(response.status_code, 201, response.data)
app_id = response.data['id'] # noqa
url = '/v2/apps/{app_id}'.format(**locals())
response = self.client.delete(url)
self.assertEqual(response.status_code, 204, response.data)
for endpoint in ('containers', 'config', 'releases', 'builds'):
url = '/v2/apps/{app_id}/{endpoint}'.format(**locals())
response = self.client.get(url)
self.assertEqual(response.status_code, 404)
def test_app_reserved_names(self, mock_requests):
"""Nobody should be able to create applications with names which are reserved."""
url = '/v2/apps'
reserved_names = ['foo', 'bar']
with self.settings(DEIS_RESERVED_NAMES=reserved_names):
for name in reserved_names:
body = {'id': name}
response = self.client.post(url, body)
self.assertContains(
response,
'{} is a reserved name.'.format(name),
status_code=400)
def test_app_structure_is_valid_json(self, mock_requests):
"""Application structures should be valid JSON objects."""
app_id = self.create_app()
app = App.objects.get(id=app_id)
app.structure = {'web': 1}
app.save()
url = '/v2/apps/{}'.format(app_id)
response = self.client.get(url)
self.assertIn('structure', response.data)
self.assertEqual(response.data['structure'], {"web": 1})
@mock.patch('api.models.logger')
def test_admin_can_manage_other_apps(self, mock_requests, mock_logger):
"""Administrators of Deis should be able to manage all applications.
"""
# log in as non-admin user and create an app
user = User.objects.get(username='autotest2')
token = Token.objects.get(user=user).key
app_id = 'autotest'
url = '/v2/apps'
body = {'id': app_id}
self.client.credentials(HTTP_AUTHORIZATION='Token ' + token)
response = self.client.post(url, body)
# log in as admin, check to see if they have access
self.client.credentials(HTTP_AUTHORIZATION='Token ' + self.token)
url = '/v2/apps/{}'.format(app_id)
response = self.client.get(url)
self.assertEqual(response.status_code, 200, response.data)
# check app logs
exp_msg = "autotest2 created initial release"
exp_log_call = mock.call(logging.INFO, exp_msg)
mock_logger.log.has_calls(exp_log_call)
# TODO: test run needs an initial build
# delete the app
url = '/v2/apps/{}'.format(app_id)
response = self.client.delete(url)
self.assertEqual(response.status_code, 204, response.data)
def test_admin_can_see_other_apps(self, mock_requests):
"""If a user creates an application, the administrator should be able
to see it.
"""
# log in as non-admin user and create an app
user = User.objects.get(username='autotest2')
token = Token.objects.get(user=user).key
app_id = 'autotest'
url = '/v2/apps'
body = {'id': app_id}
self.client.credentials(HTTP_AUTHORIZATION='Token ' + token)
response = self.client.post(url, body)
# log in as admin
self.client.credentials(HTTP_AUTHORIZATION='Token ' + self.token)
response = self.client.get(url)
self.assertEqual(response.data['count'], 1)
def test_run_without_release_should_error(self, mock_requests):
"""
A user should not be able to run a one-off command unless a release
is present.
"""
app_id = 'autotest'
url = '/v2/apps'
body = {'id': app_id}
response = self.client.post(url, body)
url = '/v2/apps/{}/run'.format(app_id)
body = {'command': 'ls -al'}
response = self.client.post(url, body)
self.assertEqual(response.status_code, 400, response.data)
self.assertEqual(response.data, {'detail': 'No build associated with this '
'release to run this command'})
@mock.patch('api.models.App.run', _mock_run)
@mock.patch('api.models.App.deploy', mock_none)
@mock.patch('api.models.Release.publish', mock_none)
def test_run(self, mock_requests):
"""
A user should be able to run a one off command
"""
app_id = 'autotest'
response = self.client.post('/v2/apps', {'id': app_id})
# create build
body = {'image': 'autotest/example'}
url = '/v2/apps/{app_id}/builds'.format(**locals())
response = self.client.post(url, body)
self.assertEqual(response.status_code, 201, response.data)
# run command
url = '/v2/apps/{}/run'.format(app_id)
body = {'command': 'ls -al'}
response = self.client.post(url, body)
self.assertEqual(response.status_code, 200, response.data)
self.assertEqual(response.data['exit_code'], 0)
self.assertEqual(response.data['output'], 'mock')
def test_run_failure(self, mock_requests):
"""Raise a KubeException via scheduler.run"""
app_id = 'autotest'
response = self.client.post('/v2/apps', {'id': app_id})
# create build
body = {'image': 'autotest/example'}
url = '/v2/apps/{app_id}/builds'.format(**locals())
response = self.client.post(url, body)
self.assertEqual(response.status_code, 201, response.data)
with mock.patch('scheduler.KubeHTTPClient.run') as kube_run:
kube_run.side_effect = KubeException('boom!')
# run command
url = '/v2/apps/{}/run'.format(app_id)
body = {'command': 'ls -al'}
response = self.client.post(url, body)
self.assertEqual(response.status_code, 503, response.data)
def test_unauthorized_user_cannot_see_app(self, mock_requests):
"""
An unauthorized user should not be able to access an app's resources.
Since an unauthorized user can't access the application, these
tests should return a 403, but currently return a 404. FIXME!
"""
app_id = 'autotest'
base_url = '/v2/apps'
body = {'id': app_id}
response = self.client.post(base_url, body)
unauthorized_user = User.objects.get(username='autotest2')
unauthorized_token = Token.objects.get(user=unauthorized_user).key
self.client.credentials(HTTP_AUTHORIZATION='Token ' + unauthorized_token)
url = '{}/{}/run'.format(base_url, app_id)
body = {'command': 'foo'}
response = self.client.post(url, body)
self.assertEqual(response.status_code, 403)
url = '{}/{}/logs'.format(base_url, app_id)
response = self.client.get(url)
self.assertEqual(response.status_code, 403)
url = '{}/{}'.format(base_url, app_id)
response = self.client.get(url)
self.assertEqual(response.status_code, 403)
response = self.client.delete(url)
self.assertEqual(response.status_code, 403)
def test_app_info_not_showing_wrong_app(self, mock_requests):
app_id = 'autotest'
base_url = '/v2/apps'
body = {'id': app_id}
response = self.client.post(base_url, body)
url = '{}/foo'.format(base_url)
response = self.client.get(url)
self.assertEqual(response.status_code, 404)
def test_app_transfer(self, mock_requests):
owner = User.objects.get(username='autotest2')
owner_token = Token.objects.get(user=owner).key
self.client.credentials(HTTP_AUTHORIZATION='Token ' + owner_token)
app_id = 'autotest'
base_url = '/v2/apps'
body = {'id': app_id}
response = self.client.post(base_url, body)
# Transfer App
url = '{}/{}'.format(base_url, app_id)
new_owner = User.objects.get(username='autotest3')
new_owner_token = Token.objects.get(user=new_owner).key
body = {'owner': new_owner.username}
response = self.client.post(url, body)
self.assertEqual(response.status_code, 200, response.data)
# Original user can no longer access it
response = self.client.get(url)
self.assertEqual(response.status_code, 403)
# New owner can access it
self.client.credentials(HTTP_AUTHORIZATION='Token ' + new_owner_token)
response = self.client.get(url)
self.assertEqual(response.status_code, 200, response.data)
self.assertEqual(response.data['owner'], new_owner.username)
# Collaborators can't transfer
body = {'username': owner.username}
perms_url = url+"/perms/"
response = self.client.post(perms_url, body)
self.assertEqual(response.status_code, 201, response.data)
self.client.credentials(HTTP_AUTHORIZATION='Token ' + owner_token)
body = {'owner': self.user.username}
response = self.client.post(url, body)
self.assertEqual(response.status_code, 403)
# Admins can transfer
self.client.credentials(HTTP_AUTHORIZATION='Token ' + self.token)
body = {'owner': self.user.username}
response = self.client.post(url, body)
self.assertEqual(response.status_code, 200, response.data)
response = self.client.get(url)
self.assertEqual(response.status_code, 200, response.data)
self.assertEqual(response.data['owner'], self.user.username)
def test_app_exists_in_kubernetes(self, mock_requests):
"""
Create an app that has the same namespace as an existing kubernetes namespace
"""
body = {'id': 'duplicate'}
response = self.client.post('/v2/apps', body)
self.assertContains(
response,
'duplicate already exists as a namespace in this kuberenetes setup',
status_code=409
)
def test_app_create_failure_kubernetes_create(self, mock_requests):
"""
Create an app but have scheduler.create_service fail with an exception
"""
with mock.patch('scheduler.KubeHTTPClient.create_service') as mock_kube:
mock_kube.side_effect = KubeException('Boom!')
response = self.client.post('/v2/apps', {'id': 'test-kube'})
self.assertEqual(response.status_code, 503, response.data)
def test_app_delete_failure_kubernetes_destroy(self, mock_requests):
"""
Create an app and then delete but have scheduler.delete_namespace
fail with an exception
"""
# create
response = self.client.post('/v2/apps', {'id': 'test'})
self.assertEqual(response.status_code, 201, response.data)
with mock.patch('scheduler.KubeHTTPClient.delete_namespace') as mock_kube:
# delete
mock_kube.side_effect = KubeException('Boom!')
response = self.client.delete('/v2/apps/test')
self.assertEqual(response.status_code, 503, response.data)
def test_app_verify_application_health_success(self, mock_requests):
"""
Create an application which in turn causes a health check to run against
the router. Make it succeed on the 6th try
"""
responses = [
{'text': 'Not Found', 'status_code': 404},
{'text': 'Not Found', 'status_code': 404},
{'text': 'Not Found', 'status_code': 404},
{'text': 'Not Found', 'status_code': 404},
{'text': 'Not Found', 'status_code': 404},
{'text': 'OK', 'status_code': 200}
]
hostname = 'http://{}:{}/'.format(settings.ROUTER_HOST, settings.ROUTER_PORT)
mr = mock_requests.register_uri('GET', hostname, responses)
# create app
body = {'id': 'myid'}
response = self.client.post('/v2/apps', body)
self.assertEqual(response.status_code, 201, response.data)
# deploy app to get verification
url = "/v2/apps/myid/builds"
body = {'image': 'autotest/example'}
response = self.client.post(url, body)
self.assertEqual(response.status_code, 201, response.data)
self.assertEqual(response.data['image'], body['image'])
self.assertEqual(mr.called, True)
self.assertEqual(mr.call_count, 6)
def test_app_verify_application_health_failure_404(self, mock_requests):
"""
Create an application which in turn causes a health check to run against
the router. Make it fail with a 404 after 10 tries
"""
# function tries to hit router 10 times
responses = [
{'text': 'Not Found', 'status_code': 404},
{'text': 'Not Found', 'status_code': 404},
{'text': 'Not Found', 'status_code': 404},
{'text': 'Not Found', 'status_code': 404},
{'text': 'Not Found', 'status_code': 404},
{'text': 'Not Found', 'status_code': 404},
{'text': 'Not Found', 'status_code': 404},
{'text': 'Not Found', 'status_code': 404},
{'text': 'Not Found', 'status_code': 404},
{'text': 'Not Found', 'status_code': 404},
]
hostname = 'http://{}:{}/'.format(settings.ROUTER_HOST, settings.ROUTER_PORT)
mr = mock_requests.register_uri('GET', hostname, responses)
# create app
body = {'id': 'myid'}
response = self.client.post('/v2/apps', body)
self.assertEqual(response.status_code, 201, response.data)
# deploy app to get verification
url = "/v2/apps/myid/builds"
body = {'image': 'autotest/example'}
response = self.client.post(url, body)
self.assertEqual(response.status_code, 201, response.data)
self.assertEqual(response.data['image'], body['image'])
self.assertEqual(mr.called, True)
self.assertEqual(mr.call_count, 10)
def test_app_verify_application_health_failure_exceptions(self, mock_requests):
"""
Create an application which in turn causes a health check to run against
the router. Make it fail with a python-requets exception
"""
def _raise_exception(request, ctx):
raise requests.exceptions.RequestException('Boom!')
# function tries to hit router 10 times
hostname = 'http://{}:{}/'.format(settings.ROUTER_HOST, settings.ROUTER_PORT)
mr = mock_requests.register_uri('GET', hostname, text=_raise_exception)
# create app
body = {'id': 'myid'}
response = self.client.post('/v2/apps', body)
self.assertEqual(response.status_code, 201, response.data)
# deploy app to get verification
url = "/v2/apps/myid/builds"
body = {'image': 'autotest/example'}
response = self.client.post(url, body)
self.assertEqual(response.status_code, 201, response.data)
self.assertEqual(response.data['image'], body['image'])
# Called 10 times due to the exception
self.assertEqual(mr.called, True)
self.assertEqual(mr.call_count, 10)
FAKE_LOG_DATA = """
2013-08-15 12:41:25 [33454] [INFO] Starting gunicorn 17.5
2013-08-15 12:41:25 [33454] [INFO] Listening at: http://0.0.0.0:5000 (33454)
2013-08-15 12:41:25 [33454] [INFO] Using worker: sync
2013-08-15 12:41:25 [33457] [INFO] Booting worker with pid 33457
"""