-
Notifications
You must be signed in to change notification settings - Fork 8
/
Copy pathmultiple_apps_test.go
151 lines (122 loc) · 5.37 KB
/
multiple_apps_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
package main_test
import (
"fmt"
"net/http"
"strings"
"github.com/cloudfoundry/cf-test-helpers/v2/cf"
"github.com/cloudfoundry/cf-test-helpers/v2/workflowhelpers"
. "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
)
var _ = Describe("multiple apps uses volume services", func() {
var (
readWriteAppURL, appName, instanceName string
app2Name, fname, app2URL string
)
BeforeEach(func() {
instanceName, appName, readWriteAppURL = generateTestNames()
app2Name = appName + "-2"
app2URL = "http://" + app2Name + "." + pConfig.AppsDomain
if pConfig.IncludeIsolationSegment {
app2URL = "http://" + app2Name + "." + pConfig.IsolationSegmentDomain
}
})
Context("when a second app is bound with a different uid and gid", func() {
BeforeEach(func() {
if pConfig.ServiceName == "smb" {
Skip("skip when using smb")
}
By("Enabling service-access")
enableServiceAccess(pConfig.ServiceName, cfTestSuiteSetup.RegularUserContext().Org)
By("Pushing the first app")
pushPoraNoStart(appName, false)
By("Creating a service")
createService(instanceName, testValues.validCreateServiceConfig)
By("Binding the service to the first app")
bindAppToService(appName, instanceName, testValues.validBindConfigs[0])
By("Starting the first app")
startApp(appName)
By("Writing something to the mount with the first app")
fname = eventuallyExpect(readWriteAppURL+"/create", "pora")
})
AfterEach(func() {
eventuallyExpect(fmt.Sprintf("%s/delete/%s", readWriteAppURL, fname), fname)
workflowhelpers.AsUser(cfTestSuiteSetup.RegularUserContext(), DEFAULT_TIMEOUT, func() {
cf.Cf("logs", appName, "--recent").Wait(DEFAULT_TIMEOUT)
cf.Cf("logs", app2Name, "--recent").Wait(DEFAULT_TIMEOUT)
cf.Cf("unbind-service", appName, instanceName).Wait(DEFAULT_TIMEOUT)
cf.Cf("unbind-service", app2Name, instanceName).Wait(DEFAULT_TIMEOUT)
cf.Cf("delete-service", instanceName, "-f").Wait(DEFAULT_TIMEOUT)
cf.Cf("delete", appName, "-r", "-f").Wait(DEFAULT_TIMEOUT)
cf.Cf("delete", app2Name, "-r", "-f").Wait(DEFAULT_TIMEOUT)
})
})
DescribeTable("can be read by the 2nd app",
func(testDocker bool) {
By("Pushing a 2nd app")
app2Name = appName + "-2"
pushPoraNoStart(app2Name, testDocker)
By("Binding the service to the 2nd app")
bindAppToService(app2Name, instanceName, testValues.secondAppValidBindConfig)
By("Starting the 2nd app")
startApp(app2Name)
By("Testing that the 2nd app can read the file")
eventuallyExpect(fmt.Sprintf("%s/read/%s", app2URL, fname), "Hello Persistent World")
By("Testing that the 2nd app can't delete the file")
body, status, _ := get(fmt.Sprintf("%s/delete/%s", app2URL, fname), printErrorsOn)
Expect(body).NotTo(ContainSubstring("deleted"))
Expect(status).NotTo(Equal(http.StatusOK))
},
Entry("When using a docker app", true),
Entry("When using a non-docker app", false),
)
})
Context("when a second app is bound with a readonly mount", func() {
BeforeEach(func() {
By("Enabling service-access")
enableServiceAccess(pConfig.ServiceName, cfTestSuiteSetup.RegularUserContext().Org)
By("Pushing the first app")
pushPoraNoStart(appName, false)
By("Creating a service")
createService(instanceName, testValues.validCreateServiceConfig)
By("Binding the service to the first app")
bindAppToService(appName, instanceName, testValues.validBindConfigs[0])
By("Starting the first app")
startApp(appName)
By("Writing something to the mount with the first app")
fname = eventuallyExpect(readWriteAppURL+"/create", "pora")
})
AfterEach(func() {
eventuallyExpect(fmt.Sprintf("%s/delete/%s", readWriteAppURL, fname), fname)
workflowhelpers.AsUser(cfTestSuiteSetup.AdminUserContext(), DEFAULT_TIMEOUT, func() {
cf.Cf("logs", appName, "--recent").Wait(DEFAULT_TIMEOUT)
cf.Cf("logs", app2Name, "--recent").Wait(DEFAULT_TIMEOUT)
cf.Cf("unbind-service", appName, instanceName).Wait(DEFAULT_TIMEOUT)
cf.Cf("unbind-service", app2Name, instanceName).Wait(DEFAULT_TIMEOUT)
cf.Cf("delete-service", instanceName, "-f").Wait(DEFAULT_TIMEOUT)
cf.Cf("delete", appName, "-r", "-f").Wait(DEFAULT_TIMEOUT)
cf.Cf("delete", app2Name, "-r", "-f").Wait(DEFAULT_TIMEOUT)
cf.Cf("disable-service-access", pConfig.ServiceName, "-o", cfTestSuiteSetup.RegularUserContext().Org, "-b", pConfig.BrokerName).Wait(DEFAULT_TIMEOUT)
})
})
DescribeTable("should include the volume mount as read only in the second application's environment",
func(testDocker bool) {
By("Pushing a 2nd app")
pushPoraNoStart(app2Name, testDocker)
By("Binding the service to the 2nd app")
readOnlyBindConfig := strings.Replace(testValues.validBindConfigs[0], "}", `,"readonly":true}`, 1)
bindAppToService(app2Name, instanceName, readOnlyBindConfig)
By("Starting the 2nd app")
startApp(app2Name)
By("Testing that the 2nd app cannot write to the file system")
body, _, _ := get(app2URL+"/create", printErrorsOff)
Expect(body).To(ContainSubstring("read-only file system"))
By("Testing that when the first app creates a file, should be readable by the 2nd app")
fname := eventuallyExpect(readWriteAppURL+"/create", "pora")
eventuallyExpect(fmt.Sprintf("%s/read/%s", app2URL, fname), "Hello Persistent World")
},
Entry("When using a docker app", true),
Entry("When using a non-docker app", false),
)
})
})