Dangerous Context Enrichment
by passing the Sentry Context down our abstraction stack. This included changes in the complex context management of managing a Command Execution.
This commit is contained in:
Maximilian Paß
@ -87,7 +87,8 @@ func (w *AWSFunctionWorkload) ExecutionExists(id string) bool {
|
||||
return ok
|
||||
}
|
||||
|
||||
func (w *AWSFunctionWorkload) ExecuteInteractively(id string, _ io.ReadWriter, stdout, stderr io.Writer) (
|
||||
func (w *AWSFunctionWorkload) ExecuteInteractively(
|
||||
id string, _ io.ReadWriter, stdout, stderr io.Writer, _ context.Context) (
|
||||
<-chan ExitInfo, context.CancelFunc, error) {
|
||||
w.ResetTimeout()
|
||||
request, ok := w.executions.Pop(id)
|
||||
|
||||
@ -76,7 +76,8 @@ func TestAWSFunctionWorkload_ExecuteInteractively(t *testing.T) {
|
||||
cancel()
|
||||
|
||||
r.StoreExecution(tests.DefaultEnvironmentIDAsString, &dto.ExecutionRequest{})
|
||||
exit, _, err := r.ExecuteInteractively(tests.DefaultEnvironmentIDAsString, nil, io.Discard, io.Discard)
|
||||
exit, _, err := r.ExecuteInteractively(
|
||||
tests.DefaultEnvironmentIDAsString, nil, io.Discard, io.Discard, context.Background())
|
||||
require.NoError(t, err)
|
||||
<-exit
|
||||
assert.True(t, awsMock.hasConnected)
|
||||
@ -89,7 +90,8 @@ func TestAWSFunctionWorkload_ExecuteInteractively(t *testing.T) {
|
||||
request := &dto.ExecutionRequest{Command: command}
|
||||
r.StoreExecution(tests.DefaultEnvironmentIDAsString, request)
|
||||
|
||||
_, cancel, err := r.ExecuteInteractively(tests.DefaultEnvironmentIDAsString, nil, io.Discard, io.Discard)
|
||||
_, cancel, err := r.ExecuteInteractively(
|
||||
tests.DefaultEnvironmentIDAsString, nil, io.Discard, io.Discard, context.Background())
|
||||
require.NoError(t, err)
|
||||
<-time.After(tests.ShortTimeout)
|
||||
cancel()
|
||||
@ -123,7 +125,8 @@ func TestAWSFunctionWorkload_UpdateFileSystem(t *testing.T) {
|
||||
|
||||
err = r.UpdateFileSystem(&dto.UpdateFileSystemRequest{Copy: []dto.File{myFile}}, context.Background())
|
||||
assert.NoError(t, err)
|
||||
_, execCancel, err := r.ExecuteInteractively(tests.DefaultEnvironmentIDAsString, nil, io.Discard, io.Discard)
|
||||
_, execCancel, err := r.ExecuteInteractively(
|
||||
tests.DefaultEnvironmentIDAsString, nil, io.Discard, io.Discard, context.Background())
|
||||
require.NoError(t, err)
|
||||
<-time.After(tests.ShortTimeout)
|
||||
execCancel()
|
||||
|
||||
@ -109,6 +109,7 @@ func (r *NomadJob) ExecuteInteractively(
|
||||
id string,
|
||||
stdin io.ReadWriter,
|
||||
stdout, stderr io.Writer,
|
||||
requestCtx context.Context,
|
||||
) (<-chan ExitInfo, context.CancelFunc, error) {
|
||||
request, ok := r.executions.Pop(id)
|
||||
if !ok {
|
||||
@ -117,13 +118,19 @@ func (r *NomadJob) ExecuteInteractively(
|
||||
|
||||
r.ResetTimeout()
|
||||
|
||||
command, ctx, cancel := prepareExecution(request, r.ctx)
|
||||
// We have to handle three contexts
|
||||
// - requestCtx: The context of the http request (including Sentry data)
|
||||
// - r.ctx: The context of the runner (runner timeout)
|
||||
// - executionCtx: The context of the execution (execution timeout)
|
||||
// -> The executionCtx cancel that might be triggered (when the client connection breaks)
|
||||
|
||||
command, executionCtx, cancel := prepareExecution(request, r.ctx)
|
||||
exitInternal := make(chan ExitInfo)
|
||||
exit := make(chan ExitInfo, 1)
|
||||
ctxExecute, cancelExecute := context.WithCancel(r.ctx)
|
||||
ctxExecute, cancelExecute := context.WithCancel(requestCtx)
|
||||
|
||||
go r.executeCommand(ctxExecute, command, request.PrivilegedExecution, stdin, stdout, stderr, exitInternal)
|
||||
go r.handleExitOrContextDone(ctx, cancelExecute, exitInternal, exit, stdin)
|
||||
go r.handleExitOrContextDone(executionCtx, cancelExecute, exitInternal, exit, stdin)
|
||||
|
||||
return exit, cancel, nil
|
||||
}
|
||||
@ -166,7 +173,7 @@ func (r *NomadJob) UpdateFileSystem(copyRequest *dto.UpdateFileSystemRequest, ct
|
||||
updateFileCommand := (&dto.ExecutionRequest{Command: fileDeletionCommand + copyCommand}).FullCommand()
|
||||
stdOut := bytes.Buffer{}
|
||||
stdErr := bytes.Buffer{}
|
||||
exitCode, err := r.api.ExecuteCommand(r.id, context.Background(), updateFileCommand, false,
|
||||
exitCode, err := r.api.ExecuteCommand(r.id, ctx, updateFileCommand, false,
|
||||
nomad.PrivilegedExecution, // All files should be written and owned by a privileged user #211.
|
||||
&tarBuffer, &stdOut, &stdErr)
|
||||
if err != nil {
|
||||
|
||||
@ -132,14 +132,14 @@ func (s *ExecuteInteractivelyTestSuite) SetupTest() {
|
||||
}
|
||||
|
||||
func (s *ExecuteInteractivelyTestSuite) TestReturnsErrorWhenExecutionDoesNotExist() {
|
||||
_, _, err := s.runner.ExecuteInteractively("non-existent-id", nil, nil, nil)
|
||||
_, _, err := s.runner.ExecuteInteractively("non-existent-id", nil, nil, nil, context.Background())
|
||||
s.ErrorIs(err, ErrorUnknownExecution)
|
||||
}
|
||||
|
||||
func (s *ExecuteInteractivelyTestSuite) TestCallsApi() {
|
||||
request := &dto.ExecutionRequest{Command: "echo 'Hello World!'"}
|
||||
s.runner.StoreExecution(defaultExecutionID, request)
|
||||
_, _, err := s.runner.ExecuteInteractively(defaultExecutionID, nil, nil, nil)
|
||||
_, _, err := s.runner.ExecuteInteractively(defaultExecutionID, nil, nil, nil, context.Background())
|
||||
s.Require().NoError(err)
|
||||
|
||||
time.Sleep(tests.ShortTimeout)
|
||||
@ -155,7 +155,7 @@ func (s *ExecuteInteractivelyTestSuite) TestReturnsAfterTimeout() {
|
||||
timeLimit := 1
|
||||
executionRequest := &dto.ExecutionRequest{TimeLimit: timeLimit}
|
||||
s.runner.StoreExecution(defaultExecutionID, executionRequest)
|
||||
exit, _, err := s.runner.ExecuteInteractively(defaultExecutionID, &nullio.ReadWriter{}, nil, nil)
|
||||
exit, _, err := s.runner.ExecuteInteractively(defaultExecutionID, &nullio.ReadWriter{}, nil, nil, context.Background())
|
||||
s.Require().NoError(err)
|
||||
|
||||
select {
|
||||
@ -191,7 +191,8 @@ func (s *ExecuteInteractivelyTestSuite) TestSendsSignalAfterTimeout() {
|
||||
timeLimit := 1
|
||||
executionRequest := &dto.ExecutionRequest{TimeLimit: timeLimit}
|
||||
s.runner.StoreExecution(defaultExecutionID, executionRequest)
|
||||
_, _, err := s.runner.ExecuteInteractively(defaultExecutionID, bytes.NewBuffer(make([]byte, 1)), nil, nil)
|
||||
_, _, err := s.runner.ExecuteInteractively(
|
||||
defaultExecutionID, bytes.NewBuffer(make([]byte, 1)), nil, nil, context.Background())
|
||||
s.Require().NoError(err)
|
||||
log.Info("Before waiting")
|
||||
select {
|
||||
@ -210,7 +211,8 @@ func (s *ExecuteInteractivelyTestSuite) TestDestroysRunnerAfterTimeoutAndSignal(
|
||||
executionRequest := &dto.ExecutionRequest{TimeLimit: timeLimit}
|
||||
s.runner.cancel = func() {}
|
||||
s.runner.StoreExecution(defaultExecutionID, executionRequest)
|
||||
_, _, err := s.runner.ExecuteInteractively(defaultExecutionID, bytes.NewBuffer(make([]byte, 1)), nil, nil)
|
||||
_, _, err := s.runner.ExecuteInteractively(
|
||||
defaultExecutionID, bytes.NewBuffer(make([]byte, 1)), nil, nil, context.Background())
|
||||
s.Require().NoError(err)
|
||||
<-time.After(executionTimeoutGracePeriod + time.Duration(timeLimit)*time.Second + tests.ShortTimeout)
|
||||
s.manager.AssertCalled(s.T(), "Return", s.runner)
|
||||
@ -219,7 +221,7 @@ func (s *ExecuteInteractivelyTestSuite) TestDestroysRunnerAfterTimeoutAndSignal(
|
||||
func (s *ExecuteInteractivelyTestSuite) TestResetTimerGetsCalled() {
|
||||
executionRequest := &dto.ExecutionRequest{}
|
||||
s.runner.StoreExecution(defaultExecutionID, executionRequest)
|
||||
_, _, err := s.runner.ExecuteInteractively(defaultExecutionID, nil, nil, nil)
|
||||
_, _, err := s.runner.ExecuteInteractively(defaultExecutionID, nil, nil, nil, context.Background())
|
||||
s.Require().NoError(err)
|
||||
s.timer.AssertCalled(s.T(), "ResetTimeout")
|
||||
}
|
||||
@ -228,7 +230,8 @@ func (s *ExecuteInteractivelyTestSuite) TestExitHasTimeoutErrorIfRunnerTimesOut(
|
||||
s.mockedTimeoutPassedCall.Return(true)
|
||||
executionRequest := &dto.ExecutionRequest{}
|
||||
s.runner.StoreExecution(defaultExecutionID, executionRequest)
|
||||
exitChannel, _, err := s.runner.ExecuteInteractively(defaultExecutionID, &nullio.ReadWriter{}, nil, nil)
|
||||
exitChannel, _, err := s.runner.ExecuteInteractively(
|
||||
defaultExecutionID, &nullio.ReadWriter{}, nil, nil, context.Background())
|
||||
s.Require().NoError(err)
|
||||
exit := <-exitChannel
|
||||
s.Equal(ErrorRunnerInactivityTimeout, exit.Err)
|
||||
|
||||
@ -43,6 +43,7 @@ type Runner interface {
|
||||
stdin io.ReadWriter,
|
||||
stdout,
|
||||
stderr io.Writer,
|
||||
ctx context.Context,
|
||||
) (exit <-chan ExitInfo, cancel context.CancelFunc, err error)
|
||||
|
||||
// ListFileSystem streams the listing of the file system of the requested directory into the Writer provided.
|
||||
|
||||
@ -48,13 +48,13 @@ func (_m *RunnerMock) Environment() dto.EnvironmentID {
|
||||
return r0
|
||||
}
|
||||
|
||||
// ExecuteInteractively provides a mock function with given fields: id, stdin, stdout, stderr
|
||||
func (_m *RunnerMock) ExecuteInteractively(id string, stdin io.ReadWriter, stdout io.Writer, stderr io.Writer) (<-chan ExitInfo, context.CancelFunc, error) {
|
||||
ret := _m.Called(id, stdin, stdout, stderr)
|
||||
// ExecuteInteractively provides a mock function with given fields: id, stdin, stdout, stderr, ctx
|
||||
func (_m *RunnerMock) ExecuteInteractively(id string, stdin io.ReadWriter, stdout io.Writer, stderr io.Writer, ctx context.Context) (<-chan ExitInfo, context.CancelFunc, error) {
|
||||
ret := _m.Called(id, stdin, stdout, stderr, ctx)
|
||||
|
||||
var r0 <-chan ExitInfo
|
||||
if rf, ok := ret.Get(0).(func(string, io.ReadWriter, io.Writer, io.Writer) <-chan ExitInfo); ok {
|
||||
r0 = rf(id, stdin, stdout, stderr)
|
||||
if rf, ok := ret.Get(0).(func(string, io.ReadWriter, io.Writer, io.Writer, context.Context) <-chan ExitInfo); ok {
|
||||
r0 = rf(id, stdin, stdout, stderr, ctx)
|
||||
} else {
|
||||
if ret.Get(0) != nil {
|
||||
r0 = ret.Get(0).(<-chan ExitInfo)
|
||||
@ -62,8 +62,8 @@ func (_m *RunnerMock) ExecuteInteractively(id string, stdin io.ReadWriter, stdou
|
||||
}
|
||||
|
||||
var r1 context.CancelFunc
|
||||
if rf, ok := ret.Get(1).(func(string, io.ReadWriter, io.Writer, io.Writer) context.CancelFunc); ok {
|
||||
r1 = rf(id, stdin, stdout, stderr)
|
||||
if rf, ok := ret.Get(1).(func(string, io.ReadWriter, io.Writer, io.Writer, context.Context) context.CancelFunc); ok {
|
||||
r1 = rf(id, stdin, stdout, stderr, ctx)
|
||||
} else {
|
||||
if ret.Get(1) != nil {
|
||||
r1 = ret.Get(1).(context.CancelFunc)
|
||||
@ -71,8 +71,8 @@ func (_m *RunnerMock) ExecuteInteractively(id string, stdin io.ReadWriter, stdou
|
||||
}
|
||||
|
||||
var r2 error
|
||||
if rf, ok := ret.Get(2).(func(string, io.ReadWriter, io.Writer, io.Writer) error); ok {
|
||||
r2 = rf(id, stdin, stdout, stderr)
|
||||
if rf, ok := ret.Get(2).(func(string, io.ReadWriter, io.Writer, io.Writer, context.Context) error); ok {
|
||||
r2 = rf(id, stdin, stdout, stderr, ctx)
|
||||
} else {
|
||||
r2 = ret.Error(2)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user