func TwerkCommandPattern(stdin io.Reader, stdout, stderr io.Writer) cli.Command { return cli.Command{ Name: "twerk", Usage: "Run one-time-use interactive (thus nonrepeatable!) command. All the defaults are filled in for you. Great for experimentation.", Action: func(ctx *cli.Context) { executor := executordispatch.Get("chroot") formula := def.Formula{ Inputs: []def.Input{{ Type: "tar", MountPath: "/", Hash: "uJRF46th6rYHt0zt_n3fcDuBfGFVPS6lzRZla5hv6iDoh5DVVzxUTMMzENfPoboL", Warehouses: []string{ "http+ca://repeatr.s3.amazonaws.com/assets/", }, }}, Action: def.Action{ Entrypoint: []string{"bash", "-c", "echo hallo ; pwd ; ls -la ; bash"}, }, } // TODO bonus points if you eventually can get the default mode to have no setuid binaries, in addition to making a spare user and dropping privs immediately. fmt.Fprintln(ctx.App.Writer, "launchin") job := executor.Start(formula, def.JobID(guid.New()), stdin, ctx.App.Writer) go io.Copy(stdout, job.Outputs().Reader(1)) go io.Copy(stderr, job.Outputs().Reader(2)) result := job.Wait() if result.Error != nil { fmt.Fprintf(ctx.App.Writer, "error: %s\n", result.Error) } else { fmt.Fprintf(ctx.App.Writer, "done; exit code %d\n", result.ExitCode) } }, } }
func soExpectSuccessAndOutput(execEng executor.Executor, formula def.Formula, output string) { job := execEng.Start(formula, def.JobID(guid.New()), nil, ioutil.Discard) So(job, ShouldNotBeNil) So(job.Wait().Error, ShouldBeNil) So(job.Wait().ExitCode, ShouldEqual, 0) msg, err := ioutil.ReadAll(job.OutputReader()) So(err, ShouldBeNil) So(string(msg), ShouldEqual, output) }
func CheckFilesystemContainment(execEng executor.Executor) { Convey("SPEC: Launching with multiple inputs should work", func() { formula := getBaseFormula() Convey("Launch should succeed", func() { filefixture.Beta.Create("./fixture/beta") formula.Inputs = append(formula.Inputs, (def.Input{ Name: "2-input-test", Type: "dir", Hash: filefixture.Beta_Hash, Warehouses: []string{"./fixture/beta"}, MountPath: "/data/test", })) formula.Action = def.Action{ Entrypoint: []string{"/bin/true"}, } job := execEng.Start(formula, def.JobID(guid.New()), nil, ioutil.Discard) So(job, ShouldNotBeNil) So(job.Wait().Error, ShouldBeNil) So(job.Wait().ExitCode, ShouldEqual, 0) Convey("Commands inside the job should be able to see the mounted files", FailureContinues, func() { formula.Action = def.Action{ Entrypoint: []string{"ls", "/data/test"}, } job := execEng.Start(formula, def.JobID(guid.New()), nil, ioutil.Discard) So(job, ShouldNotBeNil) So(job.Wait().Error, ShouldBeNil) So(job.Wait().ExitCode, ShouldEqual, 0) msg, err := ioutil.ReadAll(job.OutputReader()) So(err, ShouldBeNil) So(string(msg), ShouldEqual, "1\n2\n3\n") }) }) }) }
func CheckEnvBehavior(execEng executor.Executor) { // NOTE the chroot executor currently uses `def.ValidateAll` which effectively *does not permit you to have an empty $PATH var*. // we may decide to change that later -- but there's a correctness versus convenience battle there, and for now, we're going with convenience. Convey("SPEC: Env vars should be contained", func() { formula := getBaseFormula() formula.Action = def.Action{ Entrypoint: []string{"env"}, } Convey("Env from the parent should not be inherited", func() { os.Setenv("REPEATR_TEST_KEY_1", "test value") defer os.Unsetenv("REPEATR_TEST_KEY_1") // using unique strings per test anyway, because this is too scary job := execEng.Start(formula, def.JobID(guid.New()), nil, ioutil.Discard) So(job, ShouldNotBeNil) So(job.Wait().Error, ShouldBeNil) So(job.Wait().ExitCode, ShouldEqual, 0) msg, err := ioutil.ReadAll(job.OutputReader()) So(err, ShouldBeNil) So(strings.Contains("REPEATR_TEST_KEY_1", string(msg)), ShouldBeFalse) }) Convey("Env specified with the job should be applied", func() { formula.Action.Env = make(map[string]string) formula.Action.Env["REPEATR_TEST_KEY_2"] = "test value" job := execEng.Start(formula, def.JobID(guid.New()), nil, ioutil.Discard) So(job, ShouldNotBeNil) So(job.Wait().Error, ShouldBeNil) So(job.Wait().ExitCode, ShouldEqual, 0) msg, err := ioutil.ReadAll(job.OutputReader()) So(err, ShouldBeNil) So(string(msg), ShouldContainSubstring, "REPEATR_TEST_KEY_2=test value") }) }) }
func CheckPwdBehavior(execEng executor.Executor) { Convey("SPEC: Working directory should be contained", func() { formula := getBaseFormula() Convey("The default pwd should be the root", func() { // This test exists because of a peculularly terrifying fact about chroots: // If you spawn a new process with the chroot without setting its current working dir, // the cwd is still *whatever it inherits*. And even if the process can't reach there // starting from "/", it can still *walk deeper from that cwd*. formula.Action = def.Action{ //Entrypoint: []string{"find", "-maxdepth", "5"}, // if you goofed, during test runs this will show you the executor's workspace! //Entrypoint: []string{"bash", "-c", "find -maxdepth 5 ; echo --- ; echo \"$PWD\" ; cd \"$(echo \"$PWD\" | sed 's/^(unreachable)//')\" ; ls"}, // this demo's that you can't actually cd back to it, though. Entrypoint: []string{"pwd"}, } soExpectSuccessAndOutput(execEng, formula, "/\n", ) }) Convey("Setting another cwd should work", func() { formula.Action = def.Action{ Cwd: "/usr", Entrypoint: []string{"pwd"}, } soExpectSuccessAndOutput(execEng, formula, "/usr\n", ) }) Convey("Setting a nonexistent cwd should fail to launch", FailureContinues, func() { formula.Action = def.Action{ Cwd: "/does/not/exist/by/any/means", Entrypoint: []string{"pwd"}, } job := execEng.Start(formula, def.JobID(guid.New()), nil, ioutil.Discard) So(job, ShouldNotBeNil) So(job.Wait().Error, ShouldNotBeNil) So(job.Wait().Error, testutil.ShouldBeErrorClass, executor.TaskExecError) So(job.Wait().ExitCode, ShouldEqual, -1) msg, err := ioutil.ReadAll(job.OutputReader()) So(err, ShouldBeNil) So(string(msg), ShouldEqual, "") }) }) }
func (s *Scheduler) Schedule(f def.Formula) (def.JobID, <-chan def.Job) { id := def.JobID(guid.New()) h := &hold{ id: id, forumla: f, response: make(chan def.Job), } // Non-blocking send, will panic if scheduler queue is full select { case s.queue <- h: default: panic(scheduler.QueueFullError) } return id, h.response }
/* Check the basics of exec: - Does it work at all? - Can we see error codes? - Can we stream stdout? - If there's no rootfs, does it panic? - If the command's not found, does it panic? Anything that requires *more than the one rootfs input* or anything about outputs belongs in another part of the spec tests. If any of these fail, most other parts of the specs will also fail. */ func CheckBasicExecution(execEng executor.Executor) { Convey("SPEC: Attempting launch with a rootfs that doesn't exist should error", func() { formula := def.Formula{ Inputs: []def.Input{ { Type: "tar", Location: "/", // Funny thing is, the URI isn't even necessarily where the buck stops; // Remote URIs need not be checked if caches are in play, etc. // So the hash needs to be set (and needs to be invalid). URI: "file:///nonexistance/in/its/most/essential/unform.tar.gz", Hash: "defnot", }, }, } Convey("We should get an error from the warehouse", func() { result := execEng.Start(formula, def.JobID(guid.New()), nil, ioutil.Discard).Wait() So(result.Error, testutil.ShouldBeErrorClass, integrity.WarehouseError) }) Convey("The job exit code should clearly indicate failure", FailureContinues, func() { formula.Accents = def.Accents{ Entrypoint: []string{"echo", "echococo"}, } job := execEng.Start(formula, def.JobID(guid.New()), nil, ioutil.Discard) So(job, ShouldNotBeNil) So(job.Wait().Error, ShouldNotBeNil) // Even though one should clearly also check the error status, // zero here could be very confusing, so jobs that error before start should be -1. So(job.Wait().ExitCode, ShouldEqual, -1) }) }) Convey("SPEC: Launching a command with a working rootfs should work", func() { formula := getBaseFormula() Convey("The executor should be able to invoke echo", FailureContinues, func() { formula.Accents = def.Accents{ Entrypoint: []string{"echo", "echococo"}, } job := execEng.Start(formula, def.JobID(guid.New()), nil, ioutil.Discard) So(job, ShouldNotBeNil) // note that we can read output concurrently. // no need to wait for job done. msg, err := ioutil.ReadAll(job.OutputReader()) So(err, ShouldBeNil) So(string(msg), ShouldEqual, "echococo\n") So(job.Wait().Error, ShouldBeNil) So(job.Wait().ExitCode, ShouldEqual, 0) }) Convey("The executor should be able to check exit codes", func() { formula.Accents = def.Accents{ Entrypoint: []string{"sh", "-c", "exit 14"}, } job := execEng.Start(formula, def.JobID(guid.New()), nil, ioutil.Discard) So(job, ShouldNotBeNil) So(job.Wait().Error, ShouldBeNil) So(job.Wait().ExitCode, ShouldEqual, 14) }) Convey("The executor should report command not found clearly", FailureContinues, func() { formula.Accents = def.Accents{ Entrypoint: []string{"not a command"}, } job := execEng.Start(formula, def.JobID(guid.New()), nil, ioutil.Discard) So(job.Wait().Error, testutil.ShouldBeErrorClass, executor.NoSuchCommandError) So(job.Wait().ExitCode, ShouldEqual, -1) msg, err := ioutil.ReadAll(job.OutputReader()) So(err, ShouldBeNil) So(string(msg), ShouldEqual, "") }) }) }