diff --git a/src/main/groovy/io/seqera/wave/configuration/ScanConfig.groovy b/src/main/groovy/io/seqera/wave/configuration/ScanConfig.groovy index baef40d75..5a5ac6006 100644 --- a/src/main/groovy/io/seqera/wave/configuration/ScanConfig.groovy +++ b/src/main/groovy/io/seqera/wave/configuration/ScanConfig.groovy @@ -95,7 +95,11 @@ class ScanConfig { @Memoized Path getCacheDirectory() { final result = Path.of(buildDirectory).toAbsolutePath().resolve('.trivy-cache') - Files.createDirectories(result) + try { + Files.createDirectories(result) + } catch (IOException e) { + log.error "Unable to create scan cache directory=${result} - cause: ${e.message}" + } return result } diff --git a/src/test/groovy/io/seqera/wave/controller/ContainerControllerTest.groovy b/src/test/groovy/io/seqera/wave/controller/ContainerControllerTest.groovy index 7f154d374..d582316b8 100644 --- a/src/test/groovy/io/seqera/wave/controller/ContainerControllerTest.groovy +++ b/src/test/groovy/io/seqera/wave/controller/ContainerControllerTest.groovy @@ -21,7 +21,6 @@ package io.seqera.wave.controller import spock.lang.Specification import spock.lang.Unroll -import java.nio.file.Path import java.time.Instant import java.time.temporal.ChronoUnit @@ -42,7 +41,6 @@ import io.seqera.wave.api.SubmitContainerTokenRequest import io.seqera.wave.api.SubmitContainerTokenResponse import io.seqera.wave.config.CondaOpts import io.seqera.wave.configuration.BuildConfig -import io.seqera.wave.configuration.ScanConfig import io.seqera.wave.core.ContainerPlatform import io.seqera.wave.core.RegistryProxyService import io.seqera.wave.exception.BadRequestException @@ -74,7 +72,6 @@ import jakarta.inject.Inject * @author Paolo Di Tommaso */ @MicronautTest -@Property(name='wave.build.workspace', value='/some/wsp') @Property(name='wave.build.repo', value='wave/build') @Property(name='wave.build.cache', value='wave/build/cache') class ContainerControllerTest extends Specification { @@ -103,13 +100,6 @@ class ContainerControllerTest extends Specification { Mock(JobService) } - @MockBean(ScanConfig) - ScanConfig mockScanConfig() { - Mock(ScanConfig) { - getCacheDirectory() >> Path.of('/build/cache/dir') - } - } - @MockBean(RegistryProxyService) RegistryProxyService mockProxy() { Mock(RegistryProxyService) { diff --git a/src/test/groovy/io/seqera/wave/controller/RegistryControllerLocalTest.groovy b/src/test/groovy/io/seqera/wave/controller/RegistryControllerLocalTest.groovy index bde48c21f..9057ac53e 100644 --- a/src/test/groovy/io/seqera/wave/controller/RegistryControllerLocalTest.groovy +++ b/src/test/groovy/io/seqera/wave/controller/RegistryControllerLocalTest.groovy @@ -142,17 +142,17 @@ class RegistryControllerLocalTest extends Specification implements DockerRegistr h.add('Accept', it) } }) - HttpResponse response = client.toBlocking().exchange(request, String) + HttpResponse response = client.toBlocking().exchange(request, String) then: response.status() == HttpStatus.OK when: - def parsedBody = new JsonSlurper().parseText(response.body.get()) + def parsedBody = new JsonSlurper().parseText(response.body.get()) as Map and: def list = parsedBody.manifests.collect { String type = it.mediaType.contains("manifest") ? "manifests" : "blobs" - "/v2/$IMAGE/$type/$it.digest" + return "/v2/$IMAGE/$type/$it.digest" as String } and: boolean fails = list.find{ url -> diff --git a/src/test/groovy/io/seqera/wave/service/CredentialsServiceTest.groovy b/src/test/groovy/io/seqera/wave/service/CredentialsServiceTest.groovy index 9c20ae790..5a3c4bbaa 100644 --- a/src/test/groovy/io/seqera/wave/service/CredentialsServiceTest.groovy +++ b/src/test/groovy/io/seqera/wave/service/CredentialsServiceTest.groovy @@ -166,8 +166,7 @@ class CredentialsServiceTest extends Specification { registry: 'docker.io' ) and: - - def identity = new PlatformId(new User(id:10), 11,"token",'tower.io', '101') + def identity = new PlatformId(new User(id:10), 100,"token",'tower.io', '101') def auth = JwtAuth.of(identity) when: @@ -183,7 +182,7 @@ class CredentialsServiceTest extends Specification { ) and: 'non matching credentials are listed' - 1 * towerClient.listCredentials('tower.io',auth,11) >> CompletableFuture.completedFuture(new ListCredentialsResponse( + 1 * towerClient.listCredentials('tower.io',auth,100) >> CompletableFuture.completedFuture(new ListCredentialsResponse( credentials: [nonContainerRegistryCredentials,otherRegistryCredentials] )) @@ -220,8 +219,8 @@ class CredentialsServiceTest extends Specification { def 'should get registry creds from compute creds when not found in tower credentials'() { given: 'a tower user in a workspace on a specific instance with a valid token' - def userId = 12 - def workspaceId = 12 + def userId = 10 + def workspaceId = 100 def token = "valid-token" def towerEndpoint = "http://tower.io:9090" def workflowId = "id123" diff --git a/src/test/groovy/io/seqera/wave/service/builder/KubeBuildStrategyTest.groovy b/src/test/groovy/io/seqera/wave/service/builder/KubeBuildStrategyTest.groovy index e7ce69724..2c9e221e2 100644 --- a/src/test/groovy/io/seqera/wave/service/builder/KubeBuildStrategyTest.groovy +++ b/src/test/groovy/io/seqera/wave/service/builder/KubeBuildStrategyTest.groovy @@ -21,13 +21,11 @@ package io.seqera.wave.service.builder import spock.lang.Specification import java.nio.file.Files -import java.nio.file.Path import java.time.Duration import io.micronaut.context.annotation.Property import io.micronaut.test.annotation.MockBean import io.micronaut.test.extensions.spock.annotation.MicronautTest -import io.seqera.wave.configuration.ScanConfig import io.seqera.wave.core.ContainerPlatform import io.seqera.wave.service.k8s.K8sService import io.seqera.wave.service.k8s.K8sServiceImpl @@ -40,11 +38,9 @@ import jakarta.inject.Inject * @author Paolo Di Tommaso */ @MicronautTest -@Property(name="wave.build.workspace",value="/build/work") @Property(name="wave.build.k8s.namespace",value="foo") @Property(name="wave.build.k8s.configPath",value="/home/kube.config") @Property(name="wave.build.k8s.storage.claimName",value="bar") -@Property(name="wave.build.k8s.storage.mountPath",value="/build") @Property(name='wave.build.k8s.node-selector[linux/amd64]',value="service=wave-build") @Property(name='wave.build.k8s.node-selector[linux/arm64]',value="service=wave-build-arm64") class KubeBuildStrategyTest extends Specification { @@ -60,12 +56,6 @@ class KubeBuildStrategyTest extends Specification { Mock(K8sService) } - @MockBean(ScanConfig) - ScanConfig mockScanConfig() { - Mock(ScanConfig) { - getCacheDirectory() >> Path.of('/build/cache/dir') - } - } def "request to build a container with right selector"(){ given: diff --git a/src/test/groovy/io/seqera/wave/service/k8s/K8sServiceImplTest.groovy b/src/test/groovy/io/seqera/wave/service/k8s/K8sServiceImplTest.groovy index e0dd8e580..626f82679 100644 --- a/src/test/groovy/io/seqera/wave/service/k8s/K8sServiceImplTest.groovy +++ b/src/test/groovy/io/seqera/wave/service/k8s/K8sServiceImplTest.groovy @@ -18,11 +18,9 @@ package io.seqera.wave.service.k8s -import spock.lang.Shared import spock.lang.Specification import spock.lang.Unroll -import java.nio.file.Files import java.nio.file.Path import java.time.Duration import java.time.OffsetDateTime @@ -40,41 +38,27 @@ import io.kubernetes.client.openapi.models.V1Pod import io.kubernetes.client.openapi.models.V1PodList import io.kubernetes.client.openapi.models.V1PodStatus import io.micronaut.context.ApplicationContext -import io.micronaut.test.extensions.spock.annotation.MicronautTest import io.seqera.wave.configuration.BlobCacheConfig -import io.seqera.wave.configuration.ScanConfig import io.seqera.wave.configuration.MirrorConfig +import io.seqera.wave.configuration.ScanConfig /** * * @author Paolo Di Tommaso */ -@MicronautTest class K8sServiceImplTest extends Specification { - @Shared - Path workspace - - def setupSpec() { - workspace = Files.createTempDirectory('test') - } - - def cleanupSpec() { - workspace?.deleteDir() - } - def 'should validate context OK ' () { when: def PROPS = [ - 'wave.build.workspace': workspace.toString(), + 'wave.build.workspace': '/build/work', 'wave.build.k8s.namespace': 'foo', 'wave.build.k8s.configPath': '/home/kube.config', 'wave.build.k8s.storage.claimName': 'bar', - 'wave.build.k8s.storage.mountPath': workspace.toString(), + 'wave.build.k8s.storage.mountPath': '/build', 'wave.scan.enabled': 'true'] and: def ctx = ApplicationContext.run(PROPS) ctx.getBean(K8sServiceImpl) - then: noExceptionThrown() and: @@ -97,11 +81,11 @@ class K8sServiceImplTest extends Specification { def 'should get mount path' () { given: def PROPS = [ - 'wave.build.workspace': workspace.toString(), + 'wave.build.workspace': '/build/work', 'wave.build.k8s.namespace': 'foo', 'wave.build.k8s.configPath': '/home/kube.config', 'wave.build.k8s.storage.claimName': 'bar', - 'wave.build.k8s.storage.mountPath': workspace.toString() ] + 'wave.build.k8s.storage.mountPath': '/build' ] and: def ctx = ApplicationContext.run(PROPS) def k8sService = ctx.getBean(K8sServiceImpl) @@ -144,11 +128,11 @@ class K8sServiceImplTest extends Specification { def 'should create build vol' () { given: def PROPS = [ - 'wave.build.workspace': workspace.toString(), + 'wave.build.workspace': '/build/work', 'wave.build.k8s.namespace': 'foo', 'wave.build.k8s.configPath': '/home/kube.config', 'wave.build.k8s.storage.claimName': 'bar', - 'wave.build.k8s.storage.mountPath': workspace.toString() ] + 'wave.build.k8s.storage.mountPath': '/build' ] and: def ctx = ApplicationContext.run(PROPS) def k8sService = ctx.getBean(K8sServiceImpl) @@ -172,11 +156,11 @@ class K8sServiceImplTest extends Specification { def 'should get docker config vol' () { given: def PROPS = [ - 'wave.build.workspace': workspace.toString(), + 'wave.build.workspace': '/build/work', 'wave.build.k8s.namespace': 'foo', 'wave.build.k8s.configPath': '/home/kube.config', 'wave.build.k8s.storage.claimName': 'bar', - 'wave.build.k8s.storage.mountPath': workspace.toString() ] + 'wave.build.k8s.storage.mountPath': '/build' ] and: def ctx = ApplicationContext.run(PROPS) def k8sService = ctx.getBean(K8sServiceImpl) @@ -196,17 +180,17 @@ class K8sServiceImplTest extends Specification { def 'should create build pod for buildkit' () { given: def PROPS = [ - 'wave.build.workspace' : workspace.toString(), + 'wave.build.workspace' : '/build/work', 'wave.build.k8s.namespace' : 'my-ns', 'wave.build.k8s.configPath' : '/home/kube.config', 'wave.build.k8s.storage.claimName': 'build-claim', - 'wave.build.k8s.storage.mountPath': workspace.toString()] + 'wave.build.k8s.storage.mountPath': '/build'] and: def ctx = ApplicationContext.run(PROPS) def k8sService = ctx.getBean(K8sServiceImpl) when: - def result = k8sService.buildSpec('foo', 'my-image:latest', ['this', 'that'], workspace.resolve('work/xyz'), workspace.resolve('work/xyz/config.json'), Duration.ofSeconds(10), [:]) + def result = k8sService.buildSpec('foo', 'my-image:latest', ['this', 'that'], Path.of('/build/work/xyz'), Path.of('/build/work/xyz/config.json'), Duration.ofSeconds(10), [:]) then: result.metadata.name == 'foo' result.metadata.namespace == 'my-ns' @@ -223,9 +207,9 @@ class K8sServiceImplTest extends Specification { volumeMounts.size() == 2 volumeMounts.get(0).name == 'build-data' volumeMounts.get(0).mountPath == '/home/user/.docker/config.json' - volumeMounts.get(0).subPath == "work/xyz/config.json" + volumeMounts.get(0).subPath == 'work/xyz/config.json' volumeMounts.get(1).name == 'build-data' - volumeMounts.get(1).mountPath == "${workspace.toString()}/work/xyz" + volumeMounts.get(1).mountPath == '/build/work/xyz' volumeMounts.get(1).subPath == 'work/xyz' } and: @@ -239,16 +223,15 @@ class K8sServiceImplTest extends Specification { def 'should create build pod for singularity' () { given: def PROPS = [ - 'wave.build.workspace': workspace.toString(), + 'wave.build.workspace': '/build/work', 'wave.build.k8s.namespace': 'my-ns', 'wave.build.k8s.configPath': '/home/kube.config', 'wave.build.k8s.storage.claimName': 'build-claim', - 'wave.build.k8s.storage.mountPath': workspace.toString() ] + 'wave.build.k8s.storage.mountPath': '/build' ] and: def ctx = ApplicationContext.run(PROPS) def k8sService = ctx.getBean(K8sServiceImpl) - def workDir = workspace.resolve('work/xyz') - + def workDir = Path.of('/build/work/xyz') when: def result = k8sService.buildSpec('foo', 'singularity:latest', ['this','that'], workDir, workDir.resolve('config.json'), Duration.ofSeconds(10), [:]) then: @@ -271,7 +254,7 @@ class K8sServiceImplTest extends Specification { volumeMounts.get(1).mountPath == '/root/.singularity/remote.yaml' volumeMounts.get(1).subPath == 'work/xyz/singularity-remote.yaml' volumeMounts.get(2).name == 'build-data' - volumeMounts.get(2).mountPath == "${workspace.toString()}/work/xyz" + volumeMounts.get(2).mountPath == '/build/work/xyz' volumeMounts.get(2).subPath == 'work/xyz' getWorkingDir() == null getSecurityContext().privileged @@ -287,17 +270,17 @@ class K8sServiceImplTest extends Specification { def 'should create build pod without init container' () { given: def PROPS = [ - 'wave.build.workspace': workspace.toString(), + 'wave.build.workspace': '/build/work', 'wave.build.k8s.namespace': 'my-ns', 'wave.build.k8s.configPath': '/home/kube.config', 'wave.build.k8s.storage.claimName': 'build-claim', - 'wave.build.k8s.storage.mountPath': workspace.toString() ] + 'wave.build.k8s.storage.mountPath': '/build' ] and: def ctx = ApplicationContext.run(PROPS) def k8sService = ctx.getBean(K8sServiceImpl) when: - def result = k8sService.buildSpec('foo', 'my-image:latest', ['this','that'], workspace.resolve('work/xyz'), null, Duration.ofSeconds(10), [:]) + def result = k8sService.buildSpec('foo', 'my-image:latest', ['this','that'], Path.of('/build/work/xyz'), null, Duration.ofSeconds(10), [:]) then: result.metadata.name == 'foo' @@ -315,7 +298,7 @@ class K8sServiceImplTest extends Specification { env.value == ['--oci-worker-no-process-sandbox'] volumeMounts.size() == 1 volumeMounts.get(0).name == 'build-data' - volumeMounts.get(0).mountPath == "${workspace.toString()}/work/xyz" + volumeMounts.get(0).mountPath == '/build/work/xyz' volumeMounts.get(0).subPath == 'work/xyz' } and: @@ -330,11 +313,11 @@ class K8sServiceImplTest extends Specification { def 'should add labels ' () { given: def PROPS = [ - 'wave.build.workspace': workspace.toString(), + 'wave.build.workspace': '/build/work', 'wave.build.k8s.namespace': 'foo', 'wave.build.k8s.configPath': '/home/kube.config', 'wave.build.k8s.storage.claimName': 'bar', - 'wave.build.k8s.storage.mountPath': workspace.toString(), + 'wave.build.k8s.storage.mountPath': '/build', 'wave.build.k8s.labels': ['department': 'unit a','organization': 'org'] ] and: @@ -354,11 +337,11 @@ class K8sServiceImplTest extends Specification { def 'should add nodeselector' () { given: def PROPS = [ - 'wave.build.workspace': workspace.toString(), + 'wave.build.workspace': '/build/work', 'wave.build.k8s.namespace': 'foo', 'wave.build.k8s.configPath': '/home/kube.config', 'wave.build.k8s.storage.claimName': 'bar', - 'wave.build.k8s.storage.mountPath': workspace.toString(), + 'wave.build.k8s.storage.mountPath': '/build', 'wave.build.k8s.node-selector': [ 'linux/amd64': 'service=wave-build', 'linux/arm64': 'service=wave-build-arm64' @@ -385,11 +368,11 @@ class K8sServiceImplTest extends Specification { def 'should add serviceAccount' () { given: def PROPS = [ - 'wave.build.workspace': workspace.toString(), + 'wave.build.workspace': '/build/work', 'wave.build.k8s.namespace': 'foo', 'wave.build.k8s.configPath': '/home/kube.config', 'wave.build.k8s.storage.claimName': 'bar', - 'wave.build.k8s.storage.mountPath': workspace.toString(), + 'wave.build.k8s.storage.mountPath': '/build', 'wave.build.k8s.service-account': 'theAdminAccount' ] and: @@ -408,21 +391,21 @@ class K8sServiceImplTest extends Specification { def 'should create scan pod' () { given: def PROPS = [ - 'wave.build.workspace': workspace.toString(), + 'wave.build.workspace': '/build/work', 'wave.build.k8s.namespace': 'my-ns', 'wave.build.k8s.configPath': '/home/kube.config', 'wave.build.k8s.storage.claimName': 'build-claim', - 'wave.build.k8s.storage.mountPath': workspace.toString() ] + 'wave.build.k8s.storage.mountPath': '/build', ] and: def ctx = ApplicationContext.run(PROPS) def k8sService = ctx.getBean(K8sServiceImpl) def config = Mock(ScanConfig) { - getCacheDirectory() >> workspace.resolve('work/.trivy') + getCacheDirectory() >> Path.of('/build/work/.trivy') getTimeout() >> Duration.ofSeconds(10) } when: - def result = k8sService.scanSpec('foo', 'my-image:latest', ['this','that'], workspace.resolve('work/xyz'), workspace.resolve('work/xyz/config.json'), config, null ) + def result = k8sService.scanSpec('foo', 'my-image:latest', ['this','that'], Path.of('/build/work/xyz'), Path.of('/build/work/xyz/config.json'), config, null ) then: result.metadata.name == 'foo' result.metadata.namespace == 'my-ns' @@ -438,7 +421,7 @@ class K8sServiceImplTest extends Specification { volumeMounts.get(0).mountPath == '/root/.docker/config.json' volumeMounts.get(0).subPath == 'work/xyz/config.json' volumeMounts.get(1).name == 'build-data' - volumeMounts.get(1).mountPath == "${workspace.toString()}/work/xyz" + volumeMounts.get(1).mountPath == '/build/work/xyz' volumeMounts.get(1).subPath == 'work/xyz' volumeMounts.get(2).name == 'build-data' volumeMounts.get(2).mountPath == '/root/.cache/' @@ -455,7 +438,7 @@ class K8sServiceImplTest extends Specification { def 'should create transfer job spec with defaults' () { given: def PROPS = [ - 'wave.build.workspace': workspace.toString(), + 'wave.build.workspace': '/build/work', 'wave.build.k8s.namespace': 'my-ns', 'wave.build.k8s.configPath': '/home/kube.config' ] and: @@ -490,7 +473,7 @@ class K8sServiceImplTest extends Specification { def 'should create transfer job spec with custom settings' () { given: def PROPS = [ - 'wave.build.workspace': workspace.toString(), + 'wave.build.workspace': '/build/work', 'wave.build.k8s.namespace': 'my-ns', 'wave.build.k8s.service-account': 'foo-sa', 'wave.build.k8s.configPath': '/home/kube.config' ] @@ -634,11 +617,11 @@ class K8sServiceImplTest extends Specification { def 'buildJobSpec should create job with singularity image'() { given: def PROPS = [ - 'wave.build.workspace': workspace.toString(), + 'wave.build.workspace': '/build/work', 'wave.build.k8s.namespace': 'my-ns', 'wave.build.k8s.configPath': '/home/kube.config', 'wave.build.k8s.storage.claimName': 'build-claim', - 'wave.build.k8s.storage.mountPath': workspace.toString(), + 'wave.build.k8s.storage.mountPath': '/build', 'wave.build.retry-attempts': 3 ] and: @@ -647,7 +630,7 @@ class K8sServiceImplTest extends Specification { def name = 'the-job-name' def containerImage = 'singularity:latest' def args = ['singularity', '--this', '--that'] - def workDir = workspace.resolve('work/xyz') + def workDir = Path.of('/build/work/xyz') def credsFile = workDir.resolve('config.json') def timeout = Duration.ofMinutes(10) def nodeSelector = [key: 'value'] @@ -673,7 +656,7 @@ class K8sServiceImplTest extends Specification { job.spec.template.spec.containers.get(0).volumeMounts.get(1).subPath == 'work/xyz/singularity-remote.yaml' and: job.spec.template.spec.containers.get(0).volumeMounts.get(2).name == 'build-data' - job.spec.template.spec.containers.get(0).volumeMounts.get(2).mountPath == "${workspace.toString()}/work/xyz" + job.spec.template.spec.containers.get(0).volumeMounts.get(2).mountPath == '/build/work/xyz' job.spec.template.spec.containers.get(0).volumeMounts.get(2).subPath == 'work/xyz' and: job.spec.template.spec.volumes.get(0).name == 'build-data' @@ -686,11 +669,11 @@ class K8sServiceImplTest extends Specification { def 'buildJobSpec should create job with docker image'() { given: def PROPS = [ - 'wave.build.workspace': workspace.toString(), + 'wave.build.workspace': '/build/work', 'wave.build.k8s.namespace': 'my-ns', 'wave.build.k8s.configPath': '/home/kube.config', 'wave.build.k8s.storage.claimName': 'build-claim', - 'wave.build.k8s.storage.mountPath': workspace.toString(), + 'wave.build.k8s.storage.mountPath': '/build', 'wave.build.retry-attempts': 3 ] and: @@ -699,7 +682,7 @@ class K8sServiceImplTest extends Specification { def name = 'test-job' def containerImage = 'docker://test-image' def args = ['arg1', 'arg2'] - def workDir = workspace.resolve('work/xyz') + def workDir = Path.of('/build/work/xyz') def credsFile = workDir.resolve('config.json') def timeout = Duration.ofMinutes(10) def nodeSelector = [key: 'value'] @@ -722,7 +705,7 @@ class K8sServiceImplTest extends Specification { job.spec.template.spec.containers.get(0).volumeMounts.get(0).subPath == 'work/xyz/config.json' and: job.spec.template.spec.containers.get(0).volumeMounts.get(1).name == 'build-data' - job.spec.template.spec.containers.get(0).volumeMounts.get(1).mountPath == "$workspace/work/xyz" + job.spec.template.spec.containers.get(0).volumeMounts.get(1).mountPath == '/build/work/xyz' job.spec.template.spec.containers.get(0).volumeMounts.get(1).subPath == 'work/xyz' and: job.spec.template.spec.volumes.get(0).name == 'build-data' @@ -735,11 +718,11 @@ class K8sServiceImplTest extends Specification { def 'should create scan job spec with valid inputs'() { given: def PROPS = [ - 'wave.build.workspace': workspace.toString(), + 'wave.build.workspace': '/build/work', 'wave.build.k8s.namespace': 'foo', 'wave.build.k8s.configPath': '/home/kube.config', 'wave.build.k8s.storage.claimName': 'bar', - 'wave.build.k8s.storage.mountPath': workspace.toString(), + 'wave.build.k8s.storage.mountPath': '/build', 'wave.build.k8s.service-account': 'theAdminAccount' ] and: @@ -748,10 +731,10 @@ class K8sServiceImplTest extends Specification { def name = 'scan-job' def containerImage = 'scan-image:latest' def args = ['arg1', 'arg2'] - def workDir = workspace.resolve('work/dir') + def workDir = Path.of('/work/dir') def credsFile = Path.of('/creds/file') def scanConfig = Mock(ScanConfig) { - getCacheDirectory() >> workspace.resolve('cache/dir') + getCacheDirectory() >> Path.of('/build/cache/dir') getRequestsCpu() >> '2' getRequestsMemory() >> '4Gi' getEnvironmentAsTuples() >> [new Tuple2('GITHUB_TOKEN', '123abc')] @@ -779,11 +762,11 @@ class K8sServiceImplTest extends Specification { def 'should create scan job spec without creds file'() { given: def PROPS = [ - 'wave.build.workspace': workspace.toString(), + 'wave.build.workspace': '/build/work', 'wave.build.k8s.namespace': 'foo', 'wave.build.k8s.configPath': '/home/kube.config', 'wave.build.k8s.storage.claimName': 'bar', - 'wave.build.k8s.storage.mountPath': workspace.toString(), + 'wave.build.k8s.storage.mountPath': '/build', 'wave.build.k8s.service-account': 'theAdminAccount' ] and: @@ -795,7 +778,7 @@ class K8sServiceImplTest extends Specification { def workDir = Path.of('/work/dir') def credsFile = null def scanConfig = Mock(ScanConfig) { - getCacheDirectory() >> workspace.resolve('cache/dir') + getCacheDirectory() >> Path.of('/build/cache/dir') getRequestsCpu() >> '2' getRequestsMemory() >> '4Gi' } @@ -821,11 +804,11 @@ class K8sServiceImplTest extends Specification { def 'should create scan job spec without node selector'() { given: def PROPS = [ - 'wave.build.workspace': workspace.toString(), + 'wave.build.workspace': '/build/work', 'wave.build.k8s.namespace': 'foo', 'wave.build.k8s.configPath': '/home/kube.config', 'wave.build.k8s.storage.claimName': 'bar', - 'wave.build.k8s.storage.mountPath': workspace.toString(), + 'wave.build.k8s.storage.mountPath': '/build', 'wave.build.k8s.service-account': 'theAdminAccount', ] and: @@ -837,7 +820,7 @@ class K8sServiceImplTest extends Specification { def workDir = Path.of('/work/dir') def credsFile = Path.of('/creds/file') def scanConfig = Mock(ScanConfig) { - getCacheDirectory() >> workspace.resolve('cache/dir') + getCacheDirectory() >> Path.of('/build/cache/dir') getRequestsCpu() >> '2' getRequestsMemory() >> '4Gi' getRetryAttempts() >> 3 @@ -865,11 +848,11 @@ class K8sServiceImplTest extends Specification { def 'should create mirror job spec'() { given: def PROPS = [ - 'wave.build.workspace': workspace.toString(), + 'wave.build.workspace': '/build/work', 'wave.build.k8s.namespace': 'foo', 'wave.build.k8s.configPath': '/home/kube.config', 'wave.build.k8s.storage.claimName': 'bar', - 'wave.build.k8s.storage.mountPath': workspace.toString(), + 'wave.build.k8s.storage.mountPath': '/build', 'wave.build.k8s.service-account': 'theAdminAccount', 'wave.mirror.retry-attempts': 3 ] @@ -879,8 +862,8 @@ class K8sServiceImplTest extends Specification { def name = 'scan-job' def containerImage = 'scan-image:latest' def args = ['arg1', 'arg2'] - def workDir = workspace.resolve('work/dir') - def credsFile = workspace.resolve('work/dir/creds/file') + def workDir = Path.of('/build/work/dir') + def credsFile = Path.of('/build/work/dir/creds/file') def mirrorConfig = Mock(MirrorConfig) { getRequestsCpu() >> null getRequestsMemory() >> null @@ -908,7 +891,7 @@ class K8sServiceImplTest extends Specification { } and: with(job.spec.template.spec.containers[0].volumeMounts[1]) { - mountPath == "$workspace/work/dir" + mountPath == '/build/work/dir' readOnly == true subPath == 'work/dir' } @@ -924,11 +907,11 @@ class K8sServiceImplTest extends Specification { def 'should create scan job spec without resource requests'() { given: def PROPS = [ - 'wave.build.workspace': workspace.toString(), + 'wave.build.workspace': '/build/work', 'wave.build.k8s.namespace': 'foo', 'wave.build.k8s.configPath': '/home/kube.config', 'wave.build.k8s.storage.claimName': 'bar', - 'wave.build.k8s.storage.mountPath': workspace.toString(), + 'wave.build.k8s.storage.mountPath': '/build', 'wave.build.k8s.service-account': 'theAdminAccount', 'wave.scan.retry-attempts': 3 ] @@ -938,10 +921,10 @@ class K8sServiceImplTest extends Specification { def name = 'scan-job' def containerImage = 'scan-image:latest' def args = ['arg1', 'arg2'] - def workDir = workspace.resolve('work/dir') + def workDir = Path.of('/work/dir') def credsFile = Path.of('/creds/file') def scanConfig = Mock(ScanConfig) { - getCacheDirectory() >> workspace.resolve('cache/dir') + getCacheDirectory() >> Path.of('/build/cache/dir') getRequestsCpu() >> null getRequestsMemory() >> null getRetryAttempts() >> 3 diff --git a/src/test/groovy/io/seqera/wave/service/scan/DockerScanStrategyTest.groovy b/src/test/groovy/io/seqera/wave/service/scan/DockerScanStrategyTest.groovy index bd21291c8..1a759cc58 100644 --- a/src/test/groovy/io/seqera/wave/service/scan/DockerScanStrategyTest.groovy +++ b/src/test/groovy/io/seqera/wave/service/scan/DockerScanStrategyTest.groovy @@ -20,24 +20,30 @@ package io.seqera.wave.service.scan import spock.lang.Specification -import java.nio.file.Files import java.nio.file.Path -import io.micronaut.context.ApplicationContext +import io.micronaut.test.annotation.MockBean +import io.micronaut.test.extensions.spock.annotation.MicronautTest +import io.seqera.wave.configuration.ScanConfig +import jakarta.inject.Inject /** * * @author Munish Chouhan */ +@MicronautTest class DockerScanStrategyTest extends Specification { + @Inject + DockerScanStrategy dockerContainerStrategy + + @MockBean(ScanConfig) + ScanConfig mockConfig() { + Mock(ScanConfig) { + getCacheDirectory() >> Path.of('/some/scan/cache') + } + } + def 'should get docker command' () { - given: - def workspace = Files.createTempDirectory('test') - def props = ['wave.build.workspace': workspace.toString()] - and: - def ctx = ApplicationContext.run(props) - and: - def dockerContainerStrategy = ctx.getBean(DockerScanStrategy) when: def scanDir = Path.of('/some/scan/dir') @@ -56,7 +62,7 @@ class DockerScanStrategyTest extends Specification { '-v', '/some/scan/dir:/some/scan/dir:rw', '-v', - "$workspace/.trivy-cache:/root/.cache/:rw", + '/some/scan/cache:/root/.cache/:rw', '-v', '/user/test/build-workspace/config.json:/root/.docker/config.json:ro', '-e', @@ -65,8 +71,5 @@ class DockerScanStrategyTest extends Specification { 'BAR=2' ] - cleanup: - ctx.close() - workspace?.deleteDir() } }