Repository: mesos Updated Branches: refs/heads/master e4d56bcb6 -> be7d2ca48
Added a test that uses environment secrets and the DefaultExecutor. This test checks that environment secrets are properly resolved and exposed to tasks started by the DefaultExecutor. Review: https://reviews.apache.org/r/61920/ Project: http://git-wip-us.apache.org/repos/asf/mesos/repo Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/065d2a80 Tree: http://git-wip-us.apache.org/repos/asf/mesos/tree/065d2a80 Diff: http://git-wip-us.apache.org/repos/asf/mesos/diff/065d2a80 Branch: refs/heads/master Commit: 065d2a801396e90adb619e839f062ae153249ca0 Parents: e4d56bc Author: Gastón Kleiman <gas...@mesosphere.io> Authored: Wed Aug 30 17:20:36 2017 -0700 Committer: Greg Mann <gregorywm...@gmail.com> Committed: Wed Aug 30 17:21:43 2017 -0700 ---------------------------------------------------------------------- .../environment_secret_isolator_tests.cpp | 106 +++++++++++++++++++ 1 file changed, 106 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/mesos/blob/065d2a80/src/tests/containerizer/environment_secret_isolator_tests.cpp ---------------------------------------------------------------------- diff --git a/src/tests/containerizer/environment_secret_isolator_tests.cpp b/src/tests/containerizer/environment_secret_isolator_tests.cpp index 2ba156f..38fef2d 100644 --- a/src/tests/containerizer/environment_secret_isolator_tests.cpp +++ b/src/tests/containerizer/environment_secret_isolator_tests.cpp @@ -125,6 +125,112 @@ TEST_F(EnvironmentSecretIsolatorTest, ResolveSecret) driver.join(); } + +// This test verifies that the environment secrets are resolved when launching +// a task using the DefaultExecutor. +TEST_F(EnvironmentSecretIsolatorTest, ResolveSecretDefaultExecutor) +{ + Try<Owned<cluster::Master>> master = StartMaster(); + ASSERT_SOME(master); + + mesos::internal::slave::Flags flags = CreateSlaveFlags(); + +#ifndef USE_SSL_SOCKET + // Disable operator API authentication for the default executor. Executor + // authentication currently has SSL as a dependency, so we cannot require + // executors to authenticate with the agent operator API if Mesos was not + // built with SSL support. + flags.authenticate_http_readwrite = false; +#endif // USE_SSL_SOCKET + + Fetcher fetcher(flags); + Try<SecretResolver*> secretResolver = SecretResolver::create(); + EXPECT_SOME(secretResolver); + + Try<MesosContainerizer*> containerizer = + MesosContainerizer::create(flags, true, &fetcher, secretResolver.get()); + EXPECT_SOME(containerizer); + + Owned<MasterDetector> detector = master.get()->createDetector(); + Try<Owned<cluster::Slave>> slave = + StartSlave(detector.get(), containerizer.get(), flags); + ASSERT_SOME(slave); + + MockScheduler sched; + MesosSchedulerDriver driver( + &sched, DEFAULT_FRAMEWORK_INFO, master.get()->pid, DEFAULT_CREDENTIAL); + + Future<FrameworkID> frameworkId; + EXPECT_CALL(sched, registered(&driver, _, _)) + .WillOnce(FutureArg<1>(&frameworkId)); + + Future<std::vector<Offer>> offers; + EXPECT_CALL(sched, resourceOffers(&driver, _)) + .WillOnce(FutureArg<1>(&offers)) + .WillRepeatedly(Return()); // Ignore subsequent offers. + + driver.start(); + + AWAIT_READY(frameworkId); + + AWAIT_READY(offers); + ASSERT_FALSE(offers->empty()); + + Resources resources = Resources::parse("cpus:0.1;mem:32;disk:32").get(); + + ExecutorInfo executorInfo; + executorInfo.set_type(ExecutorInfo::DEFAULT); + executorInfo.mutable_executor_id()->CopyFrom(DEFAULT_EXECUTOR_ID); + executorInfo.mutable_framework_id()->CopyFrom(frameworkId.get()); + executorInfo.mutable_resources()->CopyFrom(resources); + + const string commandString = strings::format( + "env; test \"$%s\" = \"%s\"", + SECRET_ENV_NAME, + SECRET_VALUE).get(); + + CommandInfo command; + command.set_value(commandString); + + // Request a secret. + // TODO(kapil): Update createEnvironment() to support secrets. + mesos::Environment::Variable *env = + command.mutable_environment()->add_variables(); + env->set_name(SECRET_ENV_NAME); + env->set_type(mesos::Environment::Variable::SECRET); + + mesos::Secret* secret = env->mutable_secret(); + secret->set_type(Secret::VALUE); + secret->mutable_value()->set_data(SECRET_VALUE); + + const Offer& offer = offers->front(); + const SlaveID& slaveId = offer.slave_id(); + + TaskInfo task = createTask( + slaveId, + Resources::parse("cpus:0.1;mem:32").get(), + command); + + // NOTE: Successful tasks will output two status updates. + Future<TaskStatus> statusRunning; + Future<TaskStatus> statusFinished; + EXPECT_CALL(sched, statusUpdate(&driver, _)) + .WillOnce(FutureArg<1>(&statusRunning)) + .WillOnce(FutureArg<1>(&statusFinished)); + + TaskGroupInfo taskGroup = createTaskGroupInfo({task}); + + driver.acceptOffers({offer.id()}, {LAUNCH_GROUP(executorInfo, taskGroup)}); + + AWAIT_READY(statusRunning); + EXPECT_EQ(TASK_RUNNING, statusRunning->state()); + AWAIT_READY(statusFinished); + EXPECT_EQ(TASK_FINISHED, statusFinished->state()); + + driver.stop(); + driver.join(); +} + } // namespace tests { } // namespace internal { } // namespace mesos {