Example 6 with AuthenticatedUserRequest
use of bio.terra.workspace.service.iam.AuthenticatedUserRequest in project terra-workspace-manager by DataBiosphere.
the class CreateGcpContextFlightTest method successCreatesProjectAndContext.
@Test
@DisabledIfEnvironmentVariable(named = "TEST_ENV", matches = BUFFER_SERVICE_DISABLED_ENVS_REG_EX)
void successCreatesProjectAndContext() throws Exception {
UUID workspaceId = createWorkspace(spendUtils.defaultSpendId());
AuthenticatedUserRequest userRequest = userAccessUtils.defaultUserAuthRequest();
assertTrue(testUtils.getAuthorizedGcpCloudContext(workspaceId, userRequest).isEmpty());
// Retry steps once to validate idempotency.
Map<String, StepStatus> retrySteps = getStepNameToStepStatusMap();
FlightDebugInfo debugInfo = FlightDebugInfo.newBuilder().doStepFailures(retrySteps).build();
FlightState flightState = StairwayTestUtils.blockUntilFlightCompletes(jobService.getStairway(), CreateGcpContextFlight.class, createInputParameters(workspaceId, userRequest), STAIRWAY_FLIGHT_TIMEOUT, debugInfo);
assertEquals(FlightStatus.SUCCESS, flightState.getFlightStatus());
String projectId = flightState.getResultMap().get().get(WorkspaceFlightMapKeys.GCP_PROJECT_ID, String.class);
assertTrue(testUtils.getAuthorizedGcpCloudContext(workspaceId, userRequest).isPresent());
String contextProjectId = workspaceService.getAuthorizedRequiredGcpProject(workspaceId, userRequest);
assertEquals(projectId, contextProjectId);
Project project = crl.getCloudResourceManagerCow().projects().get(projectId).execute();
assertEquals(projectId, project.getProjectId());
assertEquals("billingAccounts/" + spendUtils.defaultBillingAccountId(), crl.getCloudBillingClientCow().getProjectBillingInfo("projects/" + projectId).getBillingAccountName());
assertRolesExist(project);
assertPolicyGroupsSynced(workspaceId, project);
}
Also used :
FlightState(bio.terra.stairway.FlightState)
Project(com.google.api.services.cloudresourcemanager.v3.model.Project)
FlightDebugInfo(bio.terra.stairway.FlightDebugInfo)
AuthenticatedUserRequest(bio.terra.workspace.service.iam.AuthenticatedUserRequest)
StepStatus(bio.terra.stairway.StepStatus)
UUID(java.util.UUID)
Test(org.junit.jupiter.api.Test)
BaseConnectedTest(bio.terra.workspace.common.BaseConnectedTest)
DisabledIfEnvironmentVariable(org.junit.jupiter.api.condition.DisabledIfEnvironmentVariable)
Example 7 with AuthenticatedUserRequest
use of bio.terra.workspace.service.iam.AuthenticatedUserRequest in project terra-workspace-manager by DataBiosphere.
the class WorkspaceDeleteFlightTest method deleteMcWorkspaceWithResource.
@Test
@DisabledIfEnvironmentVariable(named = "TEST_ENV", matches = BUFFER_SERVICE_DISABLED_ENVS_REG_EX)
void deleteMcWorkspaceWithResource() throws Exception {
// Create a workspace with a controlled resource
AuthenticatedUserRequest userRequest = userAccessUtils.defaultUserAuthRequest();
Workspace workspace = connectedTestUtils.createWorkspaceWithGcpContext(userRequest);
ControlledBigQueryDatasetResource dataset = ControlledResourceFixtures.makeDefaultControlledBigQueryBuilder(workspace.getWorkspaceId()).build();
var creationParameters = ControlledResourceFixtures.defaultBigQueryDatasetCreationParameters().datasetId(dataset.getDatasetName());
controlledResourceService.createControlledResourceSync(dataset, null, userRequest, creationParameters).castByEnum(WsmResourceType.CONTROLLED_GCP_BIG_QUERY_DATASET);
ControlledBigQueryDatasetResource gotResource = controlledResourceService.getControlledResource(workspace.getWorkspaceId(), dataset.getResourceId(), userRequest).castByEnum(WsmResourceType.CONTROLLED_GCP_BIG_QUERY_DATASET);
assertEquals(dataset, gotResource);
// Run the delete flight, retrying every step once
FlightMap deleteParameters = new FlightMap();
deleteParameters.put(WorkspaceFlightMapKeys.WORKSPACE_ID, workspace.getWorkspaceId().toString());
deleteParameters.put(WorkspaceFlightMapKeys.WORKSPACE_STAGE, workspace.getWorkspaceStage().name());
deleteParameters.put(JobMapKeys.AUTH_USER_INFO.getKeyName(), userRequest);
Map<String, StepStatus> doFailures = new HashMap<>();
doFailures.put(DeleteControlledSamResourcesStep.class.getName(), StepStatus.STEP_RESULT_FAILURE_RETRY);
doFailures.put(DeleteGcpProjectStep.class.getName(), StepStatus.STEP_RESULT_FAILURE_RETRY);
doFailures.put(DeleteWorkspaceAuthzStep.class.getName(), StepStatus.STEP_RESULT_FAILURE_RETRY);
doFailures.put(DeleteWorkspaceStateStep.class.getName(), StepStatus.STEP_RESULT_FAILURE_RETRY);
FlightDebugInfo debugInfo = FlightDebugInfo.newBuilder().doStepFailures(doFailures).build();
FlightState flightState = StairwayTestUtils.blockUntilFlightCompletes(jobService.getStairway(), WorkspaceDeleteFlight.class, deleteParameters, DELETION_FLIGHT_TIMEOUT, debugInfo);
assertEquals(FlightStatus.SUCCESS, flightState.getFlightStatus());
// Verify the resource and workspace are not in WSM DB
assertThrows(WorkspaceNotFoundException.class, () -> controlledResourceService.getControlledResource(dataset.getWorkspaceId(), dataset.getResourceId(), userRequest));
assertThrows(WorkspaceNotFoundException.class, () -> workspaceService.getWorkspace(workspace.getWorkspaceId(), userRequest));
}
Also used :
FlightDebugInfo(bio.terra.stairway.FlightDebugInfo)
HashMap(java.util.HashMap)
AuthenticatedUserRequest(bio.terra.workspace.service.iam.AuthenticatedUserRequest)
StepStatus(bio.terra.stairway.StepStatus)
FlightState(bio.terra.stairway.FlightState)
FlightMap(bio.terra.stairway.FlightMap)
ControlledBigQueryDatasetResource(bio.terra.workspace.service.resource.controlled.cloud.gcp.bqdataset.ControlledBigQueryDatasetResource)
Workspace(bio.terra.workspace.service.workspace.model.Workspace)
BaseConnectedTest(bio.terra.workspace.common.BaseConnectedTest)
Test(org.junit.jupiter.api.Test)
DisabledIfEnvironmentVariable(org.junit.jupiter.api.condition.DisabledIfEnvironmentVariable)
Example 8 with AuthenticatedUserRequest
use of bio.terra.workspace.service.iam.AuthenticatedUserRequest in project terra-workspace-manager by DataBiosphere.
the class AzureWorkspaceTest method createGetDeleteAzureContext.
@Test
void createGetDeleteAzureContext() {
AuthenticatedUserRequest userRequest = new AuthenticatedUserRequest().token(Optional.of("fake-token")).email("fake@email.com").subjectId("fakeID123");
Workspace request = Workspace.builder().workspaceId(UUID.randomUUID()).spendProfileId(spendUtils.defaultSpendId()).workspaceStage(WorkspaceStage.MC_WORKSPACE).build();
workspaceService.createWorkspace(request, userRequest);
String jobId = UUID.randomUUID().toString();
AzureCloudContext azureCloudContext = new AzureCloudContext(azureTestConfiguration.getTenantId(), azureTestConfiguration.getSubscriptionId(), azureTestConfiguration.getManagedResourceGroupId());
workspaceService.createAzureCloudContext(request.getWorkspaceId(), jobId, userRequest, "/fake/value", azureCloudContext);
jobService.waitForJob(jobId);
assertNull(jobService.retrieveJobResult(jobId, Object.class, userRequest).getException());
assertTrue(testUtils.getAuthorizedAzureCloudContext(request.getWorkspaceId(), userRequest).isPresent());
workspaceService.deleteAzureCloudContext(request.getWorkspaceId(), userRequest);
assertTrue(testUtils.getAuthorizedAzureCloudContext(request.getWorkspaceId(), userRequest).isEmpty());
}
Also used :
AzureCloudContext(bio.terra.workspace.service.workspace.model.AzureCloudContext)
AuthenticatedUserRequest(bio.terra.workspace.service.iam.AuthenticatedUserRequest)
Workspace(bio.terra.workspace.service.workspace.model.Workspace)
Test(org.junit.jupiter.api.Test)
BaseAzureTest(bio.terra.workspace.common.BaseAzureTest)
Example 9 with AuthenticatedUserRequest
use of bio.terra.workspace.service.iam.AuthenticatedUserRequest in project terra-workspace-manager by DataBiosphere.
the class CreateAndDeleteAzureControlledResourceFlightTest method createAzureNetworkControlledResource.
@Test
public void createAzureNetworkControlledResource() throws InterruptedException {
UUID workspaceId = azureTestUtils.createWorkspace(workspaceService);
AuthenticatedUserRequest userRequest = userAccessUtils.defaultUserAuthRequest();
// Cloud context needs to be created first
FlightState createAzureContextFlightState = StairwayTestUtils.blockUntilFlightCompletes(jobService.getStairway(), CreateAzureContextFlight.class, azureTestUtils.createAzureContextInputParameters(workspaceId, userRequest), STAIRWAY_FLIGHT_TIMEOUT, null);
assertEquals(FlightStatus.SUCCESS, createAzureContextFlightState.getFlightStatus());
assertTrue(workspaceService.getAuthorizedAzureCloudContext(workspaceId, userRequest).isPresent());
final ApiAzureNetworkCreationParameters creationParams = ControlledResourceFixtures.getAzureNetworkCreationParameters();
// TODO: make this application-private resource once the POC supports it
final UUID resourceId = UUID.randomUUID();
ControlledAzureNetworkResource resource = ControlledAzureNetworkResource.builder().common(ControlledResourceFields.builder().workspaceId(workspaceId).resourceId(resourceId).name("testNetwork").description("testDesc").cloningInstructions(CloningInstructions.COPY_RESOURCE).accessScope(AccessScopeType.fromApi(ApiAccessScope.SHARED_ACCESS)).managedBy(ManagedByType.fromApi(ApiManagedBy.USER)).build()).networkName(creationParams.getName()).region(creationParams.getRegion()).subnetName(creationParams.getSubnetName()).addressSpaceCidr(creationParams.getAddressSpaceCidr()).subnetAddressCidr(creationParams.getSubnetAddressCidr()).build();
// Submit a Network creation flight.
FlightState flightState = StairwayTestUtils.blockUntilFlightCompletes(jobService.getStairway(), CreateControlledResourceFlight.class, azureTestUtils.createControlledResourceInputParameters(workspaceId, userRequest, resource), STAIRWAY_FLIGHT_TIMEOUT, null);
assertEquals(FlightStatus.SUCCESS, flightState.getFlightStatus());
// Verify controlled resource exists in the workspace.
ControlledResource res = controlledResourceService.getControlledResource(workspaceId, resourceId, userRequest);
try {
ControlledAzureNetworkResource azureNetworkResource = res.castByEnum(WsmResourceType.CONTROLLED_AZURE_NETWORK);
assertEquals(resource, azureNetworkResource);
} catch (Exception e) {
fail("Failed to cast resource to ControlledAzureNetworkResource", e);
}
}
Also used :
FlightState(bio.terra.stairway.FlightState)
ControlledResource(bio.terra.workspace.service.resource.controlled.model.ControlledResource)
AuthenticatedUserRequest(bio.terra.workspace.service.iam.AuthenticatedUserRequest)
UUID(java.util.UUID)
ApiAzureNetworkCreationParameters(bio.terra.workspace.generated.model.ApiAzureNetworkCreationParameters)
ControlledAzureNetworkResource(bio.terra.workspace.service.resource.controlled.cloud.azure.network.ControlledAzureNetworkResource)
ManagementException(com.azure.core.management.exception.ManagementException)
Test(org.junit.jupiter.api.Test)
BaseAzureTest(bio.terra.workspace.common.BaseAzureTest)
Example 10 with AuthenticatedUserRequest
use of bio.terra.workspace.service.iam.AuthenticatedUserRequest in project terra-workspace-manager by DataBiosphere.
the class CreateAndDeleteAzureControlledResourceFlightTest method createAndDeleteAzureVmControlledResource.
@Test
public void createAndDeleteAzureVmControlledResource() throws InterruptedException {
// Setup workspace and cloud context
UUID workspaceId = azureTestUtils.createWorkspace(workspaceService);
AuthenticatedUserRequest userRequest = userAccessUtils.defaultUserAuthRequest();
// Cloud context needs to be created first
FlightState createAzureContextFlightState = StairwayTestUtils.blockUntilFlightCompletes(jobService.getStairway(), CreateAzureContextFlight.class, azureTestUtils.createAzureContextInputParameters(workspaceId, userRequest), STAIRWAY_FLIGHT_TIMEOUT, null);
assertEquals(FlightStatus.SUCCESS, createAzureContextFlightState.getFlightStatus());
assertTrue(workspaceService.getAuthorizedAzureCloudContext(workspaceId, userRequest).isPresent());
// Create ip
ControlledAzureIpResource ipResource = createIp(workspaceId, userRequest);
// Create disk
ControlledAzureDiskResource diskResource = createDisk(workspaceId, userRequest);
// Create network
ControlledAzureNetworkResource networkResource = createNetwork(workspaceId, userRequest);
final ApiAzureVmCreationParameters creationParameters = ControlledResourceFixtures.getAzureVmCreationParameters();
// TODO: make this application-private resource once the POC supports it
final UUID resourceId = UUID.randomUUID();
ControlledAzureVmResource resource = ControlledAzureVmResource.builder().common(ControlledResourceFields.builder().workspaceId(workspaceId).resourceId(resourceId).name(getAzureName("vm")).description(getAzureName("vm-desc")).cloningInstructions(CloningInstructions.COPY_RESOURCE).accessScope(AccessScopeType.fromApi(ApiAccessScope.SHARED_ACCESS)).managedBy(ManagedByType.fromApi(ApiManagedBy.USER)).build()).vmName(creationParameters.getName()).vmSize(creationParameters.getVmSize()).vmImageUri(creationParameters.getVmImageUri()).region(creationParameters.getRegion()).ipId(ipResource.getResourceId()).diskId(diskResource.getResourceId()).networkId(networkResource.getResourceId()).build();
// Submit a VM creation flight.
FlightState flightState = StairwayTestUtils.blockUntilFlightCompletes(jobService.getStairway(), CreateControlledResourceFlight.class, azureTestUtils.createControlledResourceInputParameters(workspaceId, userRequest, resource), STAIRWAY_FLIGHT_TIMEOUT, null);
assertEquals(FlightStatus.SUCCESS, flightState.getFlightStatus());
// Verify controlled resource exists in the workspace.
ControlledResource res = controlledResourceService.getControlledResource(workspaceId, resourceId, userRequest);
try {
ControlledAzureVmResource azureVmResource = res.castByEnum(WsmResourceType.CONTROLLED_AZURE_VM);
assertEquals(resource, azureVmResource);
} catch (Exception e) {
fail("Failed to cast resource to ControlledAzureVmResource", e);
}
// Exercise resource enumeration for the underlying resources.
// Verify that the resources we created are in the enumeration.
List<WsmResource> resourceList = wsmResourceService.enumerateResources(workspaceId, null, null, 0, 100, userRequest);
checkForResource(resourceList, ipResource);
checkForResource(resourceList, diskResource);
checkForResource(resourceList, networkResource);
checkForResource(resourceList, resource);
ComputeManager computeManager = azureTestUtils.getComputeManager();
VirtualMachine vmTemp = null;
var retries = 20;
while (vmTemp == null) {
try {
retries = retries - 1;
if (retries >= 0) {
vmTemp = computeManager.virtualMachines().getByResourceGroup(azureTestUtils.getAzureCloudContext().getAzureResourceGroupId(), creationParameters.getName());
} else
throw new RuntimeException(String.format("%s is not created in time in Azure", creationParameters.getName()));
} catch (com.azure.core.exception.HttpResponseException ex) {
if (ex.getResponse().getStatusCode() == 404)
Thread.sleep(10000);
else
throw ex;
}
}
final VirtualMachine resolvedVm = vmTemp;
// Submit a VM deletion flight.
FlightState deleteFlightState = StairwayTestUtils.blockUntilFlightCompletes(jobService.getStairway(), DeleteControlledResourceFlight.class, azureTestUtils.deleteControlledResourceInputParameters(workspaceId, resourceId, userRequest, resource), STAIRWAY_FLIGHT_TIMEOUT, null);
assertEquals(FlightStatus.SUCCESS, deleteFlightState.getFlightStatus());
Thread.sleep(10000);
resolvedVm.networkInterfaceIds().forEach(nic -> assertThrows(com.azure.core.exception.HttpResponseException.class, () -> computeManager.networkManager().networks().getById(nic)));
assertThrows(com.azure.core.exception.HttpResponseException.class, () -> computeManager.disks().getById(resolvedVm.osDiskId()));
}
Also used :
ControlledAzureIpResource(bio.terra.workspace.service.resource.controlled.cloud.azure.ip.ControlledAzureIpResource)
WsmResource(bio.terra.workspace.service.resource.model.WsmResource)
ControlledAzureVmResource(bio.terra.workspace.service.resource.controlled.cloud.azure.vm.ControlledAzureVmResource)
AuthenticatedUserRequest(bio.terra.workspace.service.iam.AuthenticatedUserRequest)
ApiAzureVmCreationParameters(bio.terra.workspace.generated.model.ApiAzureVmCreationParameters)
ManagementException(com.azure.core.management.exception.ManagementException)
ComputeManager(com.azure.resourcemanager.compute.ComputeManager)
FlightState(bio.terra.stairway.FlightState)
ControlledAzureDiskResource(bio.terra.workspace.service.resource.controlled.cloud.azure.disk.ControlledAzureDiskResource)
ControlledResource(bio.terra.workspace.service.resource.controlled.model.ControlledResource)
UUID(java.util.UUID)
ControlledAzureNetworkResource(bio.terra.workspace.service.resource.controlled.cloud.azure.network.ControlledAzureNetworkResource)
VirtualMachine(com.azure.resourcemanager.compute.models.VirtualMachine)
Test(org.junit.jupiter.api.Test)
BaseAzureTest(bio.terra.workspace.common.BaseAzureTest)
Aggregations
AuthenticatedUserRequest (bio.terra.workspace.service.iam.AuthenticatedUserRequest)119
ResponseEntity (org.springframework.http.ResponseEntity)77
Test (org.junit.jupiter.api.Test)25
FlightState (bio.terra.stairway.FlightState)22
UUID (java.util.UUID)22
BaseConnectedTest (bio.terra.workspace.common.BaseConnectedTest)17
DisabledIfEnvironmentVariable (org.junit.jupiter.api.condition.DisabledIfEnvironmentVariable)15
ControlledResourceFields (bio.terra.workspace.service.resource.controlled.model.ControlledResourceFields)11
FlightDebugInfo (bio.terra.stairway.FlightDebugInfo)9
Workspace (bio.terra.workspace.service.workspace.model.Workspace)9
BaseAzureTest (bio.terra.workspace.common.BaseAzureTest)8
ControlledResource (bio.terra.workspace.service.resource.controlled.model.ControlledResource)8
FlightMap (bio.terra.stairway.FlightMap)7
ReferencedResource (bio.terra.workspace.service.resource.referenced.cloud.gcp.ReferencedResource)7
StepStatus (bio.terra.stairway.StepStatus)6
ApiJobControl (bio.terra.workspace.generated.model.ApiJobControl)6
CloningInstructions (bio.terra.workspace.service.resource.model.CloningInstructions)6
ApiClonedWorkspace (bio.terra.workspace.generated.model.ApiClonedWorkspace)5
ApiCreatedWorkspace (bio.terra.workspace.generated.model.ApiCreatedWorkspace)5
ControlledAzureDiskResource (bio.terra.workspace.service.resource.controlled.cloud.azure.disk.ControlledAzureDiskResource)5
