Differential D356

Add remote execution for disposable clients
ClosedPublic
Actions

Authored by mkrizek on Apr 29 2015, 1:59 PM.

Details

Reviewers
kparal
tflink
jskladan
Maniphest Tasks
T415: Sub-Feature: Remote Execution of Tasks on Disposable VMs
Commits
rLTRN7344502fb1c1: Add remote execution for disposable clients
Summary

The patch assumes that a virtual machine runs with the libtaskotron rpm
installed and a public key (of a user that runs runtask) in
/root/.ssh/authorized_keys. The ip address of the vm is hardcoded in
libtaskotron/runner.py. All of this will be replaced with actual code
that handles virtual machines.

Overview of output files:

Artifacts: <artifacts_dir>/<uuid>/
Std out/err of the task ran in the vm: <artifacts_dir>/<uuid>/stdio.log
VM taskotron.log: <artifacts_dir>/<uuid>/taskotron.log
Buildslave taskotron.log: <artifacts_dir>/<uuid>/taskotron-initiator.log

Test Plan

Create a vm as described in the commit message. Update hardcoded ip
address of the vm in libtaskotron/runner.py. Run a task whose yaml file
contains something like:
environment:

machine:
  dummy: ''

Diff Detail

Repository
rLTRN libtaskotron
Branch
feature/remote_exec
Lint
Lint OK
Unit
No Unit Test Coverage
mkrizek retitled this revision from to Add remote execution for disposable clients.Apr 29 2015, 1:59 PM
mkrizek updated this object.
mkrizek edited the test plan for this revision. (Show Details)
mkrizek added reviewers: tflink, kparal, jskladan.
tflink requested changes to this revision.May 5 2015, 8:57 PM

In general, I like it but have some questions/concerns:

  • I'd like to see less generic filenames the log files
  • I had a hard time figuring out what was going on - it would just fail with no explanation. I'm not sure we want log messages for every remote action, though - that'd get pretty verbose pretty quick. Other thoughts?
  • it dies very easily, some examples of what I hit:
    • libtaskotron is already installed on the vm
    • /etc/taskotron/taskotron.yaml exists on the vm

we could hold off and put the "resiliancy", "verbosity" and "logfile name" bits into tickets as enhancements, though.

libtaskotron/remote_exec.py
84

I like the idea of saving stdio to a logfile but if we're running multiple VMs on a virthost, that logfile is gonna get messy and quasi-unusable pretty quick. I'd rather see the output saved in <hostname>.stdio.log or something that identifies with the buildslave name or remote machine name.

This could be added in another ticket, though - I'm fine with either way

115

fun fact (and new to me): if the package is already installed, yum will exit with a code of 1 so this will blow up rather silently if the package required is already installed on the remote machine.

Not sure that's the behavior that we want here

145

do we want to handle the case of a pre-existing file? right now, this silently fails if the destination file already exists

libtaskotron/runner.py
242

This blows up with exception if there is no taskotron.log on the remote machine. While not the most common case, it can still be valid and should log an error message instead of blowing up

346

If we keep the concept of having different taskotron.log files for local/remote execution, I'd like to see this be less generic so that it's not confusing to have multiple runners on the same virthost

This revision now requires changes to proceed.May 5 2015, 8:57 PM
mkrizek added inline comments.May 6 2015, 2:20 PM
libtaskotron/remote_exec.py
84

Good point.

115

Hmm, not on my (fc20) or kparal's (fc21) machines:

# yum -y install libtaskotron-config
Loaded plugins: langpacks, refresh-packagekit
Package libtaskotron-config-0.3.15-1.fc20.noarch already installed and latest version
Nothing to do
# echo $?
0
145

Does overwriting the file make more sense?

libtaskotron/runner.py
242

Thanks, I knew about that, just didn't fix it for some reason :D

346

We delete taskotron.log before execution anyway on buildmaster (and so we should delete remote_logdir as well), no? Or is it appropriate time to come up with better solution that deleting the logs?

tflink added a comment.May 6 2015, 3:57 PM

Some of this is getting outside the scope of the communication method and I'm fine with breaking them off as enhancements if they're out of scope for this review

libtaskotron/remote_exec.py
115

Of course now that I've written it down, I can't reproduce it :)

I wonder what I was doing differently yesterday but it looks like this can be ignored

145

I think that making overwriting an option would be great. There are some cases where we want to be overwriting (taskotron.yaml) and there are other cases where we might not want to be overwriting the existing target.

On the other hand, this isn't a huge issue and we could just wait and see if it ends up causing problems. I'm fine with either

libtaskotron/runner.py
240

I think that we want to do something with the stdout/stderr here. I finally figured out why the task I was testing with was failing - it was missing something and blowing up before creating the log file. The error showed up in stdout on the vm but not on the task initiator.

346

If we end up going forward with what I had in mind for virthosts - we'll need something that's a bit more specific than what we're doing now. If we have multiple buildslaves running on the same machine, that'll create multiple logfiles and decent odds that one of them will be running when another is wrapping up.

It makes sense to me to either a) start putting logs in a per-buildslave location or b) having names that are unique enough so that each buildslave can figure out which logs belong to it.

mkrizek added inline comments.May 7 2015, 1:04 PM
libtaskotron/runner.py
240

Wasn't it saved in the stdio file on the task initiator? I am not sure I understand.

346

Ok, I didn't realize we were going to have multiple runners on the same machine. In that case, how about we store everything in the artifacts dir right away and not copy everything after the run is over?

tflink added inline comments.May 11 2015, 1:35 PM
libtaskotron/runner.py
240

I don't see any output in the stdio.log - the only file that got output was the remote-exec/taskotron.log file. I'll poke at this a bit more today to make sure, though

346

if the permissions work out, that sounds reasonable.

I think that we'll have more things to rework/tweak if we go forward with the multiple runners per machine plan, though. if storing everything in the artifacts dir right away doesn't work well, I think this would be better as an enhancement ticket that we deal with after figuring out some of the other details.

tflink added a comment.May 12 2015, 2:37 PM

I've poked at this a bit more using rpmlint modified to work as a remote task. If I execute that task on a build (drbd-8.9.2-3.fc23.x86_64 is the one I happened to use) and I run the task with python runtask.py -a x86_64 -i drbd-8.9.2-3.fc23 -t koji_build ../task-rpmlint/rpmlint.yml I get a bunch of output where it's installing repos and packages (which I'll skip for brevity) until I get to:

[libtaskotron:remote_exec.py:142] 2015-05-12 14:16:00 DEBUG   Putting file (/etc/taskotron/taskotron.yaml) on to remote host (/etc/taskotron/taskotron.yaml)
[libtaskotron:remote_exec.py:158] 2015-05-12 14:16:00 DEBUG   Getting file from remote host /home/tflink/code/taskotron/libtaskotron/taskotron_logs/taskotron.log to /home/tflink/code/taskotron/libtaskotron/taskotron_logs/taskotron.log
[libtaskotron:remote_exec.py:162] 2015-05-12 14:16:00 ERROR   Could not get file root@192.168.124.202:/home/tflink/code/taskotron/libtaskotron/taskotron_logs/taskotron.log to /home/tflink/code/taskotron/libtaskotron/taskotron_logs/taskotron.log: No such file
[libtaskotron:logger.py:89] 2015-05-12 14:16:00 CRITICAL Traceback (most recent call last):
  File "runtask.py", line 10, in <module>
    runner.main()
  File "/home/tflink/code/taskotron/libtaskotron/libtaskotron/runner.py", line 357, in main
    task_runner.get_output()
  File "/home/tflink/code/taskotron/libtaskotron/libtaskotron/runner.py", line 242, in get_output
    self.ssh.get_file(logfile, logfile)
  File "/home/tflink/code/taskotron/libtaskotron/libtaskotron/remote_exec.py", line 163, in get_file
    raise exc.TaskotronRemoteError(e)
TaskotronRemoteError: [Errno 2] No such file

There is no real indication to me on what happened other than something around putting the taskotron.yaml file on to the remote host failed for, if I look at the stdio.log, I see nothing indicating what the problem is - that does have output this time but that stops with the successful yum command.

After adding some debug code of my own, turns out that the problem is local - I don't have an /etc/taskotron/taskotron.yaml on my task initiator and the ssh.put_file('/retc/taskotron/taskotron.yaml', '/etc/taskotron/taskotron.yaml') is failing because it can't find the source file.

I think that adding some global-ish error handling to this would help debug issues.

libtaskotron/runner.py
199

we don't require taskotron.yaml to be in /etc/ for normal operation, I'd like to see more flexibility here but that can be added as a later enhancement since it's a bit outside the scope of what this ticket was supposed to accomplish

354

I'd like to see an except block here, even if it just logs the exception that it catches - right now it's just squelching errors that cause problems

mkrizek updated this revision to Diff 995.May 20 2015, 12:15 PM
  • Address issues in the review
mkrizek updated this object.May 20 2015, 12:17 PM
mkrizek updated this revision to Diff 996.May 20 2015, 12:23 PM
  • Copy vm taskotron.log to artifacts directory
mkrizek updated this object.May 20 2015, 12:23 PM
mkrizek updated this revision to Diff 997.May 20 2015, 12:26 PM

Using the correct base branch

mkrizek added inline comments.May 20 2015, 12:32 PM
libtaskotron/remote_exec.py
91

I suppose we need to make writing stdio into a file optional but to move things forward let's do it in a separate review. Thoughts?

libtaskotron/runner.py
342

We need to create uuid directory inside artifacts directory as soon as possible. If we do that outside (Remote)Runner class, we prevent others from using the class because it would fail on artifacts dir not existing. Any thoughts on this?

tflink added inline comments.May 20 2015, 2:39 PM
libtaskotron/remote_exec.py
91

yeah, I'm fine with adding stuff later. I'm sure there's stuff that we haven't thought of yet, anyways :)

libtaskotron/runner.py
342

I can't think of any use cases where someone would want to use the (Remote)Runner class without the other stuff in main(). If we document the need for those directories to exist, I don't think it'd be much of a problem anyways - can you think of any use cases where that isn't the case?

mkrizek added inline comments.May 20 2015, 2:58 PM
libtaskotron/runner.py
342

Can't think of anything either. Just wanted to raise that concern in case someone would come up with something.

tflink added a comment.May 20 2015, 5:05 PM

Overall, it looks really good - works well in my testing.

I have 2 concerns:

  1. no test coverage - this kind of code is not the easiest stuff to test but I'm a little nervous about adding code that has no test coverage
  2. there are some minor error checking things that aren't addressed - like remote_exec.write_file() that doesn't check for an existing file before overwriting

I think that 2) isn't worth dealing with right now - that stuff can be dealt with as needed with enhancements. I don't think it's worth trying for perfection right off the bat, especially this early on.

For 1), part of me wants to just put it off so we can get this code in disposable-develop but I'm leaning more towards waiting until there's some test coverage in remote_exec. Any other thoughts on this?

libtaskotron/runner.py
231

This throws a TB if there is a missing type or item. I'm not sure that's a valid use case but it'd be better not to blow up. I suspect that we're going to need some more arg validation or verify that what we have works for stuff like your concern about rm -rf being in item.

That being said, I also think that this is out of scope for this review.

mkrizek added a comment.May 25 2015, 1:27 PM
In D356#6842, @tflink wrote:

Overall, it looks really good - works well in my testing.

I have 2 concerns:

  1. no test coverage - this kind of code is not the easiest stuff to test but I'm a little nervous about adding code that has no test coverage
  2. there are some minor error checking things that aren't addressed - like remote_exec.write_file() that doesn't check for an existing file before overwriting

File is created if it doesn't exist. Do you think we should not write to the file if it doesn't exist or?

I think that 2) isn't worth dealing with right now - that stuff can be dealt with as needed with enhancements. I don't think it's worth trying for perfection right off the bat, especially this early on.

For 1), part of me wants to just put it off so we can get this code in disposable-develop but I'm leaning more towards waiting until there's some test coverage in remote_exec. Any other thoughts on this?

I have already started writing tests. I am not really sure how to approach this as there would be a lot of mocking paramiko methods. Any ideas?

mkrizek updated this revision to Diff 999.May 25 2015, 2:08 PM
  • Make writing vm's output into a file optional
mkrizek updated this revision to Diff 1000.May 25 2015, 2:11 PM

Er, forgot to use the correct base branch...again

mkrizek updated this revision to Diff 1005.May 27 2015, 2:14 PM
  • Merge branch 'disposable-develop' into feature/remote_exec
  • Use actual location of taskotron.yaml
tflink added a comment.May 28 2015, 4:15 AM
In D356#6847, @mkrizek wrote:
In D356#6842, @tflink wrote:

Overall, it looks really good - works well in my testing.

I have 2 concerns:

  1. no test coverage - this kind of code is not the easiest stuff to test but I'm a little nervous about adding code that has no test coverage
  2. there are some minor error checking things that aren't addressed - like remote_exec.write_file() that doesn't check for an existing file before overwriting

File is created if it doesn't exist. Do you think we should not write to the file if it doesn't exist or?

Doesn't it overwrite anything that already exists in that file or am I missing something? It's not huge, just not sure that's ideal.

I think that 2) isn't worth dealing with right now - that stuff can be dealt with as needed with enhancements. I don't think it's worth trying for perfection right off the bat, especially this early on.

For 1), part of me wants to just put it off so we can get this code in disposable-develop but I'm leaning more towards waiting until there's some test coverage in remote_exec. Any other thoughts on this?

I have already started writing tests. I am not really sure how to approach this as there would be a lot of mocking paramiko methods. Any ideas?

Not many specific ideas at the moment but I suspect building a stub paramiko object that's reused in many places might work well here instead of just creating a bunch of dinguses over and over in the unit tests. I don't know of a technique to avoid heavy mocking/stubbing for stuff like this

mkrizek updated this revision to Diff 1009.May 28 2015, 2:08 PM
  • Add remote_exec tests WIP
mkrizek updated this revision to Diff 1010.May 29 2015, 1:38 PM
  • Add more tests for remote_exec
tflink accepted this revision.Jun 1 2015, 6:02 PM

Looks good to me.

I suspect that some parts of this may need some tweaking as we complete the feature but we'll cross that bridge if and when we get there. At the very least this is a great start

This revision is now accepted and ready to land.Jun 1 2015, 6:02 PM
kparal added a comment.Jun 5 2015, 11:52 AM

I know this has already been committed (do I get the "missed the train" badge?), but since I've spent a few hours studying the changes, I decided to provide some more feedback here. Most of it is cosmetic, but there's one serious issue there as well (the config initialization adjustment).

conf/taskotron.yaml.example
94

Maybe task files (git checkout)?

libtaskotron.spec
26

This should be >= 1.15.1 to be in sync with requirements.txt.

libtaskotron/config_defaults.py
69

I'm a bit confused about the remote part here. In the remote_stdio_name, I understand it, it's the stdio of the VM launched, so remote client. But in this case, it's the local taskotron log, isn't it? The remote taskotron log is saved as taskotron.log, right? So shouldn't this be local_log_name or initiator_log_name? (We really need to agree on some terminology in disposable clients mode, so that we're consistent and know what we mean).

libtaskotron/remote_exec.py
32

Would it be possible to say which file? I know not every file handle has a file name attached, but maybe just for those that do? Maybe even throw an exception?

90

There's definitely missing something here :-)

230

Copy paste error from get_dir().

242

Copy paste error from get_dir().

libtaskotron/runner.py
31

You cannot call config.get_config() in the top level scope. If you do it like this, it is executed before running main() and before parsing cmdline args and running logger.init_prior_config(). If the config parsing fails for some reason, the default logging is not yet initialized, and you will not receive any helpful error messages.

You have to move config.get_config() to the class methods where you need to use it (or run it once in __init__() and save it).

33

On line 61 we call this artifactsdir (meaning the task-particular artifacts dir, i.e. <global artifacts dir>/<uuid>), here we call it uuid_dir. I find that mildly confusing. Can we use the same term in both places?

189

If you wanted to make it simpler, curl is always available ;)

190

Please put a line break here, and at least on line 217 as well. Thank you.

226

This is a great comment. But the item is provided by taskotron trigger, so the very fedmsg would have to be fake, right? So we need to make sure we check fedmsg certificates. And even if this happened, the only thing you control is a disposable client.

238–248

Would it make sense to swap these two operations? So that if somebody's task, by accident, creates a file called taskotron.log, it does not overwrite our own file?

337–340

You can also use

remote = task_data.get('environment', {}).get('machine')

if you like it more than handling the KeyError.

346

I'm again confused by the word remote here, a few comments would definitely improve it here. If remote is true, does it mean that this runtask script is running on a remote machine (i.e. the VM client)? Or does it mean we will schedule it remotely, i.e. we're running on the buildslave initiator?

By reading the code below, it seems that the latter is the case. Would it make sense to rename remote to run_remotely? It seems clearer to me.

testing/test_remote_exec.py
23

A comment would help here.

24

A comment would help here.

89

A comment would help here.

91

A comment would help here.

mkrizek added a comment.Jun 7 2015, 8:46 AM

@kparal Thanks for the review, there are some good catches. I addressed the issues in D380.

libtaskotron/runner.py
190

OK. Left it there as it is since those lines will go away (hopefully) soon anyway.

226

Right. Or maybe someone could send a (force) build directly to buildbot with that item. But the attacker would need to know the password to the buildbot instance I think. Either way, the comment is just a result of me becoming more paranoid. :)

Revision Contents

Diff 1010

View Options

conf/taskotron.yaml.example

Show First 20 LinesShow All 85 Lines▼ Show 20 Line(s)
86 86
87 87
88## ==== PATHS section ==== 88## ==== PATHS section ====
89## Location of various pieces of the project. 89## Location of various pieces of the project.
90 90
91## The location of log files for Taskotron 91## The location of log files for Taskotron
92#logdir: /var/log/taskotron 92#logdir: /var/log/taskotron
93 93
94## The location of task file when running in disposable clients mode
kparalUnsubmitted
Not Done

Maybe task files (git checkout)?

95#client_taskdir: /var/tmp/taskotron/taskdir
96
94## The location of temporary files for Taskotron 97## The location of temporary files for Taskotron
95#tmpdir: /var/tmp/taskotron 98#tmpdir: /var/tmp/taskotron
96 99
97## The location of artifacts produced by checks 100## The location of artifacts produced by checks
98#artifactsdir: /var/lib/taskotron/artifacts 101#artifactsdir: /var/lib/taskotron/artifacts
99 102
100## The location of cached files downloaded by Taskotron 103## The location of cached files downloaded by Taskotron
101#cachedir: /var/cache/taskotron 104#cachedir: /var/cache/taskotron
Show All 27 Lines
View Options

libtaskotron.spec

Show All 17 Lines
18Requires: libtaskotron-config 18Requires: libtaskotron-config
19Requires: mash 19Requires: mash
20Requires: pyOpenSSL 20Requires: pyOpenSSL
21Requires: pytap13 >= 0.3.0 21Requires: pytap13 >= 0.3.0
22Requires: python-bayeux >= 0.9 22Requires: python-bayeux >= 0.9
23Requires: python-bunch >= 1.0.1 23Requires: python-bunch >= 1.0.1
24Requires: python-fedora >= 0.3.36 24Requires: python-fedora >= 0.3.36
25Requires: python-hawkey >= 0.4.13-1 25Requires: python-hawkey >= 0.4.13-1
26Requires: python-paramiko
kparalUnsubmitted
Not Done

This should be >= 1.15.1 to be in sync with requirements.txt.

26Requires: python-pycurl 27Requires: python-pycurl
27Requires: python-setuptools 28Requires: python-setuptools
28Requires: python-urlgrabber 29Requires: python-urlgrabber
29Requires: python-yamlish >= 0.18 30Requires: python-yamlish >= 0.18
30Requires: PyYAML >= 3.11 31Requires: PyYAML >= 3.11
31Requires: resultsdb_api >= 1.2.1 32Requires: resultsdb_api >= 1.2.1
32Requires: rpm-python 33Requires: rpm-python
33BuildRequires: koji 34BuildRequires: koji
▲ Show 20 LinesShow All 181 LinesShow Last 20 Lines
View Options

libtaskotron/check.py

Show First 20 LinesShow All 236 Lines▼ Show 20 Line(s)
237 237
238 238
239class ReportType(object): 239class ReportType(object):
240 ''' Enum for different types of :attr:`CheckDetail.report_type`''' 240 ''' Enum for different types of :attr:`CheckDetail.report_type`'''
241 # the values are used as identifiers in a TAP export 241 # the values are used as identifiers in a TAP export
242 KOJI_BUILD = 'koji_build' #: 242 KOJI_BUILD = 'koji_build' #:
243 BODHI_UPDATE = 'bodhi_update' #: 243 BODHI_UPDATE = 'bodhi_update' #:
244 YUM_REPOSITORY = 'yum_repository' #: 244 YUM_REPOSITORY = 'yum_repository' #:
245 COMPOSE = 'compose' #: 245 COMPOSE = 'compose' #:
246 246
247 247
248def export_TAP(check_details, checkname="$CHECKNAME"): 248def export_TAP(check_details, checkname="$CHECKNAME"):
249 '''Generate TAP output used for reporting to ResultsDB. 249 '''Generate TAP output used for reporting to ResultsDB.
250 250
251 Note: You need to provide all your :class:`CheckDetail`\s in a single pass 251 Note: You need to provide all your :class:`CheckDetail`\s in a single pass
252 in order to generate a valid TAP output. You can't call this method several 252 in order to generate a valid TAP output. You can't call this method several
253 times and then simply join the outputs simply as strings. 253 times and then simply join the outputs simply as strings.
▲ Show 20 LinesShow All 129 LinesShow Last 20 Lines
View Options

libtaskotron/config_defaults.py

Show First 20 LinesShow All 59 Lines▼ Show 20 Line(s)23class Config(object):
60 download_cache_enabled = True #: 60 download_cache_enabled = True #:
61 61
62 bodhi_posting_comments_span = 4320 #: 62 bodhi_posting_comments_span = 4320 #:
63 # 3 days (3*24*60 = 4320) 63 # 3 days (3*24*60 = 4320)
64 bodhi_request_max_retries = 3 #: 64 bodhi_request_max_retries = 3 #:
65 65
66 tmpdir = '/var/tmp/taskotron' #: 66 tmpdir = '/var/tmp/taskotron' #:
67 logdir = '/var/log/taskotron' #: 67 logdir = '/var/log/taskotron' #:
68 client_taskdir = '/var/tmp/taskotron/taskdir' #:
69 remote_log_name = 'taskotron-initiator.log'
kparalUnsubmitted
Not Done

I'm a bit confused about the remote part here. In the remote_stdio_name, I understand it, it's the stdio of the VM launched, so remote client. But in this case, it's the local taskotron log, isn't it? The remote taskotron log is saved as taskotron.log, right? So shouldn't this be local_log_name or initiator_log_name? (We really need to agree on some terminology in disposable clients mode, so that we're consistent and know what we mean).

70 '''name of a log file when running in disposable clients mode
71 in :attr:`artifacts_dir`/<uuid>'''
72 remote_stdio_name = 'stdio.log'
73 '''name of a file containing stdio of disposable client
74 in :attr:`artifacts_dir`/<uuid>'''
68 log_name = 'taskotron.log' 75 log_name = 'taskotron.log'
69 '''name of the main log file in :attr:`logdir`''' 76 '''name of the main log file in :attr:`logdir`'''
70 artifactsdir = '/var/lib/taskotron/artifacts' #: 77 artifactsdir = '/var/lib/taskotron/artifacts' #:
71 cachedir = '/var/cache/taskotron' #: 78 cachedir = '/var/cache/taskotron' #:
72 79
73 log_level_stream = 'INFO' #: 80 log_level_stream = 'INFO' #:
74 log_level_file = 'DEBUG' #: 81 log_level_file = 'DEBUG' #:
75 82
Show All 40 Lines
View Options

libtaskotron/remote_exec.py

  • This file was added.
1# -*- coding: utf-8 -*-
2# Copyright 2009-2015, Red Hat, Inc.
3# License: GPL-2.0+ <http://spdx.org/licenses/GPL-2.0+>
4# See the LICENSE file for more details on Licensing
5
6'''Tools for remote execution primary for disposable clients'''
7
8from __future__ import absolute_import
9import os
10import os.path
11import sys
12import socket
13from stat import S_ISDIR
14
15import paramiko
16
17from .logger import log
18from . import exceptions as exc
19
20
21# http://stackoverflow.com/questions/11325019
22class Tee(object):
23 '''Helper class for writing data to different streams.'''
24
25 def __init__(self, *files):
26 self._files = list(files)
27
28 def add(self, file_):
29 if file_.mode.startswith('w'):
30 self._files.append(file_)
31 else:
32 log.warning('File not opened for writing. Not adding.')
kparalUnsubmitted
Not Done

Would it be possible to say which file? I know not every file handle has a file name attached, but maybe just for those that do? Maybe even throw an exception?

33
34 def write(self, data):
35 for f in self._files:
36 f.write(data)
37
38 def close(self):
39 for f in self._files:
40 if f is not sys.stdout:
41 f.close()
42
43
44class RemoteExec(object):
45 '''Wrapper for SSH communication using paramiko library'''
46
47 def __init__(self, hostname, port, username, key_filename, stdio_filename=None):
48 self.ssh = None
49 self.sftp = None
50 self.hostname = hostname
51 self.port = port
52 self.username = username
53 self.key_filename = key_filename
54 self.stdio_filename = stdio_filename
55 self.outstream = Tee(sys.stdout)
56
57 def __enter__(self):
58 self.connect()
59 return self
60
61 def __exit__(self, type, value, traceback):
62 self.close()
63
64 def __str__(self):
65 return '<%s: %s@%s:%s>' % (self.__class__.__name__, self.username, self.hostname, self.port)
66
67 def connect(self):
68 '''Connect to a machine over ssh. Open sftp channel and, if applicable, file that
69 stdout/err from the machine will be saved to.'''
70
71 self.ssh = paramiko.SSHClient()
72 # accept unknown hosts
73 self.ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
74
75 log.debug('Connecting to remote host: %s:%s as %s', self.hostname, self.port, self.username)
76
77 try:
78 self.ssh.connect(self.hostname,
79 port=self.port,
80 username=self.username,
81 key_filename=self.key_filename)
82
83 self.sftp = self.ssh.open_sftp()
84
tflinkUnsubmitted
Not Done

I like the idea of saving stdio to a logfile but if we're running multiple VMs on a virthost, that logfile is gonna get messy and quasi-unusable pretty quick. I'd rather see the output saved in <hostname>.stdio.log or something that identifies with the buildslave name or remote machine name.

This could be added in another ticket, though - I'm fine with either way

mkrizekAuthorUnsubmitted
Not Done

Good point.

85 if self.stdio_filename is not None:
86 try:
87 f = open(self.stdio_filename, 'w')
88 self.outstream.add(f)
89 except IOError, e:
90 log.warning('Could not open %s. Falling back to writing vm\'s output to stdout only.')
kparalUnsubmitted
Not Done

There's definitely missing something here :-)

91
mkrizekAuthorUnsubmitted
Not Done

I suppose we need to make writing stdio into a file optional but to move things forward let's do it in a separate review. Thoughts?

tflinkUnsubmitted
Not Done

yeah, I'm fine with adding stuff later. I'm sure there's stuff that we haven't thought of yet, anyways :)

92 except paramiko.BadHostKeyException, e:
93 raise exc.TaskotronRemoteError('Server\'s (%s@%s:%s) hostkey could not be verified: %s' %
94 (self.username, self.hostname, self.port, str(e)))
95 except paramiko.AuthenticationException, e:
96 raise exc.TaskotronRemoteError('Authentication to %s@%s:%s failed: %s' %
97 (self.username, self.hostname, self.port, str(e)))
98 except (paramiko.SSHException, socket.error), e:
99 raise exc.TaskotronRemoteError('Could not connect to %s@%s:%s: %s' %
100 (self.username, self.hostname, self.port, str(e)))
101
102 def close(self):
103 '''Close open connections and files.'''
104
105 self.outstream.close()
106 self.sftp.close()
107 self.ssh.close()
108
109 def cmd(self, cmd):
110 '''Execute a command.
111
112 :param str cmd: A command to be executed
113
114 :raise TaskotronRemoteError: If the command has non-zero return code
115 '''
tflinkUnsubmitted
Not Done

fun fact (and new to me): if the package is already installed, yum will exit with a code of 1 so this will blow up rather silently if the package required is already installed on the remote machine.

Not sure that's the behavior that we want here

mkrizekAuthorUnsubmitted
Not Done

Hmm, not on my (fc20) or kparal's (fc21) machines:

# yum -y install libtaskotron-config
Loaded plugins: langpacks, refresh-packagekit
Package libtaskotron-config-0.3.15-1.fc20.noarch already installed and latest version
Nothing to do
# echo $?
0
tflinkUnsubmitted
Not Done

Of course now that I've written it down, I can't reproduce it :)

I wonder what I was doing differently yesterday but it looks like this can be ignored

116
117 log.debug('Running command on remote host: %s', cmd)
118
119 stdin, stdout, stderr = self.ssh.exec_command(cmd)
120
121 # stdout.channel represents channel for both stdout and stderr
122 channel = stdout.channel
123 while not channel.exit_status_ready():
124 if channel.recv_ready():
125 data = channel.recv(1024)
126 self.outstream.write(data)
127 if channel.recv_stderr_ready():
128 data = channel.recv_stderr(1024)
129 self.outstream.write(data)
130
131 retcode = channel.recv_exit_status()
132
133 if retcode != 0:
134 raise exc.TaskotronRemoteError('Command "%s" on %s@%s exited with code %s' %
135 (cmd, self.username, self.hostname, retcode))
136
137 def install_pkgs(self, pkgs):
138 '''Install packages via yum.
139
140 :param list pkgs: A list or a string separated by commas of packages to be installed
141
142 :raise TaskotronRemoteError: If the command has non-zero return code
143 '''
144
145 if isinstance(pkgs, basestring):
tflinkUnsubmitted
Not Done

do we want to handle the case of a pre-existing file? right now, this silently fails if the destination file already exists

mkrizekAuthorUnsubmitted
Not Done

Does overwriting the file make more sense?

tflinkUnsubmitted
Not Done

I think that making overwriting an option would be great. There are some cases where we want to be overwriting (taskotron.yaml) and there are other cases where we might not want to be overwriting the existing target.

On the other hand, this isn't a huge issue and we could just wait and see if it ends up causing problems. I'm fine with either

146 pkgs = pkgs.split(',')
147
148 log.debug('Installing packages on remote host: %s', ','.join(pkgs))
149 self.cmd('yum -y install %s' % ' '.join(pkgs))
150
151 def write_file(self, remote_path, data, overwrite=True):
152 '''Write data to a remote file.
153
154 :param str remote_path: A path to the remote file
155 :param str data: Data to be written
156 :param bool overwrite: Whether to overwrite remote path. Default is True.
157
158 :raise TaskotronRemoteError: If data could not be written
159 '''
160
161 if self._remote_file_exists(remote_path) and not overwrite:
162 log.info('Remote path %s already exists, not overwriting.', remote_path)
163 return
164
165 log.debug('Writing data to %s', remote_path)
166 try:
167 with self.sftp.open(remote_path, 'w') as remote_file:
168 remote_file.write(data)
169 except IOError, e:
170 raise exc.TaskotronRemoteError('Could not write data to %s@%s:%s: %s' %
171 (self.username, self.hostname, remote_path, e.strerror))
172
173 def put_file(self, local_path, remote_path, overwrite=True):
174 '''Copy a file to a remote path.
175
176 :param str local_path: A path to the local file
177 :param str remote_path: A path to the remote file
178 :param bool overwrite: Whether to overwrite remote path. Default is True.
179
180 :return: an SFTPAttributes object containing attributes about the given file,
181 if successful. None otherwise.
182
183 :raise TaskotronRemoteError: If the file could not be copied
184 '''
185
186 if self._remote_file_exists(remote_path) and not overwrite:
187 log.info('Remote path %s already exists, not overwriting.', remote_path)
188 return
189
190 log.debug('Putting file (%s) on to remote host (%s)', local_path, remote_path)
191 try:
192 return self.sftp.put(local_path, remote_path)
193 except IOError, e:
194 raise exc.TaskotronRemoteError('Could not put file %s to %s@%s:%s: %s' %
195 (local_path, self.username, self.hostname, remote_path, e.strerror))
196
197 def get_file(self, remote_path, local_path):
198 '''Get a file from a remote path.
199
200 :param str remote_path: A path to the remote file
201 :param str local_path: A path to the local file
202
203 :raise TaskotronRemoteError: If the file could not be downloaded
204 '''
205
206 log.debug('Getting file from remote host %s to %s', remote_path, local_path)
207 try:
208 self.sftp.get(remote_path, local_path)
209 except IOError, e:
210 raise exc.TaskotronRemoteError('Could not copy file %s@%s:%s to %s: %s' %
211 (self.username, self.hostname, remote_path, local_path, e.strerror))
212
213 def _remote_file_exists(self, remote_path):
214 try:
215 path_stats = self.sftp.stat(remote_path)
216 if path_stats is not None:
217 return True
218 except IOError:
219 pass
220
221 return False
222
223 def _remote_isdir(self, remote_path):
224 try:
225 return S_ISDIR(self.sftp.stat(remote_path).st_mode)
226 except IOError:
227 return False
228
229 def mkdir(self, name, mode=777):
230 '''Get a directory from a remote path.
kparalUnsubmitted
Not Done

Copy paste error from get_dir().

231
232 :param str name: A name of the directory
233 :param int mode: Permissions (posix-style, decimal) of the directory,
234 default is 777
235
236 :raise TaskotronRemoteError: If the directory could not be created
237 '''
238
239 self.cmd('mkdir -p -m %d %s' % (mode, name))
240
241 def put_dir(self, local_path, remote_path, overwrite=True):
242 '''Get a directory from a remote path.
kparalUnsubmitted
Not Done

Copy paste error from get_dir().

243
244 :param str remote_path: A path to the remote directory
245 :param str local_path: A path to the local directory
246 :param bool overwrite: Whether to overwrite remote path. Default is True.
247
248 :raise TaskotronRemoteError: If the directory could not be uploaded
249 '''
250
251 if self._remote_file_exists(remote_path) and not overwrite:
252 log.info('Remote path %s already exists, not overwriting.', remote_path)
253 return
254
255 try:
256 files = os.listdir(local_path)
257 except OSError, e:
258 raise exc.TaskotronRemoteError('Could not put dir %s to %s@%s:%s: %s' %
259 (local_path, self.username, self.hostname, remote_path, e.strerror))
260
261 self.mkdir(remote_path)
262
263 for file_ in files:
264 remote_file = os.path.join(remote_path, file_)
265 local_file = os.path.join(local_path, file_)
266 if os.path.isdir(local_file):
267 if not self._remote_isdir(remote_file):
268 self.sftp.mkdir(remote_file)
269 self.put_dir(local_file, remote_file)
270 else:
271 self.put_file(local_file, remote_file)
272
273 def get_dir(self, remote_path, local_path):
274 '''Get a directory from a remote path.
275
276 :param str remote_path: A path to the remote directory
277 :param str local_path: A path to the local directory
278
279 :raise TaskotronRemoteError: If the directory could not be downloaded
280 '''
281
282 try:
283 files = self.sftp.listdir(remote_path)
284 except IOError, e:
285 raise exc.TaskotronRemoteError('Could not copy dir %s@%s:%s to %s: %s' %
286 (self.username, self.hostname, remote_path, local_path, e.strerror))
287
288 for file_ in files:
289 remote_file = os.path.join(remote_path, file_)
290 local_file = os.path.join(local_path, file_)
291 if self._remote_isdir(remote_file):
292 os.mkdir(local_file)
293 self.get_dir(remote_file, local_file)
294 else:
295 self.get_file(remote_file, local_file)
View Options

libtaskotron/runner.py

1# -*- coding: utf-8 -*- 1# -*- coding: utf-8 -*-
2# Copyright 2009-2014, Red Hat, Inc. 2# Copyright 2009-2015, Red Hat, Inc.
3# License: GPL-2.0+ <http://spdx.org/licenses/GPL-2.0+> 3# License: GPL-2.0+ <http://spdx.org/licenses/GPL-2.0+>
4# See the LICENSE file for more details on Licensing 4# See the LICENSE file for more details on Licensing
5 5
6from __future__ import absolute_import 6from __future__ import absolute_import
7import logging 7import logging
8import tempfile 8import tempfile
9import os.path 9import os.path
10import argparse 10import argparse
11import imp 11import imp
12import copy 12import copy
13import collections 13import collections
14import datetime 14import datetime
15import yaml
15 16
16import libtaskotron 17import libtaskotron
17from libtaskotron import taskformula 18from libtaskotron import taskformula
18from libtaskotron import logger 19from libtaskotron import logger
19from libtaskotron import python_utils 20from libtaskotron import python_utils
20from libtaskotron import file_utils 21from libtaskotron import file_utils
21from libtaskotron import config 22from libtaskotron import config
23from libtaskotron import remote_exec
22from libtaskotron.logger import log 24from libtaskotron.logger import log
23from libtaskotron.exceptions import TaskotronYamlError, TaskotronError 25import libtaskotron.exceptions as exc
24 26
25 27
26# The list of accepted item types on the command line (--type option) 28# The list of accepted item types on the command line (--type option)
27_ITEM_TYPES = ["bodhi_id", "koji_build", "koji_tag", "compose"] 29_ITEM_TYPES = ["bodhi_id", "koji_build", "koji_tag", "compose"]
28 30
31CONF = config.get_config()
kparalUnsubmitted
Not Done

You cannot call config.get_config() in the top level scope. If you do it like this, it is executed before running main() and before parsing cmdline args and running logger.init_prior_config(). If the config parsing fails for some reason, the default logging is not yet initialized, and you will not receive any helpful error messages.

You have to move config.get_config() to the class methods where you need to use it (or run it once in __init__() and save it).

32
33def _create_uuid_dir(uuid):
kparalUnsubmitted
Not Done

On line 61 we call this artifactsdir (meaning the task-particular artifacts dir, i.e. <global artifacts dir>/<uuid>), here we call it uuid_dir. I find that mildly confusing. Can we use the same term in both places?

34 uuid_dir = os.path.join(CONF.artifactsdir, uuid)
35
36 try:
37 file_utils.makedirs(uuid_dir)
38 log.info("Task artifacts will be saved in: %s", uuid_dir)
39 except OSError, e:
40 log.error("Can't create artifacts directory %s", uuid_dir)
41 raise exc.TaskotronError(e)
42
29 43
30class Runner(object): 44class Runner(object):
31 def __init__(self, taskdata, argdata, workdir=None): 45 def __init__(self, taskdata, argdata, workdir=None):
32 self.taskdata = taskdata 46 self.taskdata = taskdata
33 self.envdata = argdata 47 self.envdata = argdata
34 self.working_data = {} 48 self.working_data = {}
35 self.directives = {} 49 self.directives = {}
36 self.workdir = workdir 50 self.workdir = workdir
37 51
38 def run(self): 52 def run(self):
39 self._validate_input() 53 self._validate_input()
40 54
41 if not self.workdir: # create temporary workdir if needed 55 if not self.workdir: # create temporary workdir if needed
42 self.workdir = tempfile.mkdtemp(prefix="task-", 56 self.workdir = tempfile.mkdtemp(prefix="task-",
43 dir=config.get_config().tmpdir) 57 dir=CONF.tmpdir)
44 log.debug("Current workdir: %s", self.workdir) 58 log.debug("Current workdir: %s", self.workdir)
45 self.envdata['workdir'] = self.workdir 59 self.envdata['workdir'] = self.workdir
46 self.envdata['checkname'] = self.taskdata['name'] 60 self.envdata['checkname'] = self.taskdata['name']
47 self.envdata['artifactsdir'] = "%s/%s" % \ 61 self.envdata['artifactsdir'] = os.path.join(CONF.artifactsdir, self.envdata['uuid'])
48 (config.get_config().artifactsdir, self.envdata['uuid'])
49 try:
50 file_utils.makedirs(self.envdata['artifactsdir'])
51 log.info("Task artifacts will be saved in: %s", self.envdata['artifactsdir'])
52 except OSError, e:
53 log.error("Can't create artifacts directory %s", self.envdata['artifactsdir'])
54 raise TaskotronError(e)
55 62
56 #override variable values 63 # override variable values
57 for var, val in self.envdata['override']: 64 for var, val in self.envdata['override']:
58 log.debug("Overriding variable %s, new value: %s", var, val) 65 log.debug("Overriding variable %s, new value: %s", var, val)
59 self.envdata[var] = eval(val, {}, {}) 66 self.envdata[var] = eval(val, {}, {})
60 67
61 self.do_actions() 68 self.do_actions()
62 69
63 def _load_directive(self, directive_name, directive_dir=None): 70 def _load_directive(self, directive_name, directive_dir=None):
64 # look in default path if nothing is specified 71 # look in default path if nothing is specified
65 if not directive_dir: 72 if not directive_dir:
66 directive_dir = os.path.join(os.path.dirname(__file__), 73 directive_dir = os.path.join(os.path.dirname(__file__),
67 'directives') 74 'directives')
68 75
69 real_name = "%s_directive" % directive_name 76 real_name = "%s_directive" % directive_name
70 directive_file = os.path.join(directive_dir, '%s.py' % real_name) 77 directive_file = os.path.join(directive_dir, '%s.py' % real_name)
71 78
72 if not os.path.exists(directive_file): 79 if not os.path.exists(directive_file):
73 raise TaskotronYamlError("Directive %s not found in directory %s" % 80 raise exc.TaskotronYamlError("Directive %s not found in directory %s" %
74 (directive_name, directive_dir)) 81 (directive_name, directive_dir))
75 82
76 loaded_directive = imp.load_source(real_name, directive_file) 83 loaded_directive = imp.load_source(real_name, directive_file)
77 self.directives[directive_name] = loaded_directive 84 self.directives[directive_name] = loaded_directive
78 85
79 def _render_action(self, action): 86 def _render_action(self, action):
80 '''Take an action and replace all included variables with actual values 87 '''Take an action and replace all included variables with actual values
81 from :attr:`env_data` and :attr:`working_data`. See :meth:`do_actions` 88 from :attr:`env_data` and :attr:`working_data`. See :meth:`do_actions`
Show All 11 Lines
93 taskformula.replace_vars_in_action(rendered_action, variables) 100 taskformula.replace_vars_in_action(rendered_action, variables)
94 101
95 return rendered_action 102 return rendered_action
96 103
97 def _extract_directive_from_action(self, action): 104 def _extract_directive_from_action(self, action):
98 for key in action: 105 for key in action:
99 if key not in ['name', 'export']: 106 if key not in ['name', 'export']:
100 return key 107 return key
101 raise TaskotronYamlError('no directive found in action %s' % 108 raise exc.TaskotronYamlError('no directive found in action %s' %
102 str(action)) 109 str(action))
103 110
104 def do_single_action(self, action): 111 def do_single_action(self, action):
105 '''Execute a single action from the task. See :meth:`do_actions` to see 112 '''Execute a single action from the task. See :meth:`do_actions` to see
106 how an action looks like. 113 how an action looks like.
107 114
108 :param dict action: An action specification parsed from the task formula 115 :param dict action: An action specification parsed from the task formula
109 ''' 116 '''
Show All 23 Lines139 under the ``actions:`` key. An example action looks like::
133 140
134 - name: download rpms from koji 141 - name: download rpms from koji
135 koji: 142 koji:
136 action: download 143 action: download
137 koji_build: $koji_build 144 koji_build: $koji_build
138 arch: $arch 145 arch: $arch
139 ''' 146 '''
140 if 'actions' not in self.taskdata or not self.taskdata['actions']: 147 if 'actions' not in self.taskdata or not self.taskdata['actions']:
141 raise TaskotronYamlError("At least one task should be specified" 148 raise exc.TaskotronYamlError("At least one task should be specified"
142 " in input formula") 149 " in input formula")
143 150
144 for action in self.taskdata['actions']: 151 for action in self.taskdata['actions']:
145 self.do_single_action(action) 152 self.do_single_action(action)
146 153
147 def _validate_input(self): 154 def _validate_input(self):
148 if 'input' not in self.taskdata: 155 if 'input' not in self.taskdata:
149 return 156 return
150 157
151 if not isinstance(self.taskdata['input'], collections.Mapping): 158 if not isinstance(self.taskdata['input'], collections.Mapping):
152 raise TaskotronYamlError("Input yaml should contain correct 'input'" 159 raise exc.TaskotronYamlError("Input yaml should contain correct 'input'"
153 "section (a mapping). Yours was: %s" % type( 160 "section (a mapping). Yours was: %s" % type(
154 self.taskdata['input'])) 161 self.taskdata['input']))
155 162
156 required_args = self.taskdata['input'].get('args', None) 163 required_args = self.taskdata['input'].get('args', None)
157 164
158 if not python_utils.iterable(required_args): 165 if not python_utils.iterable(required_args):
159 raise TaskotronYamlError("Input yaml should contain correct 'args' " 166 raise exc.TaskotronYamlError("Input yaml should contain correct 'args' "
160 "section (an iterable). Yours was: %s" % type(required_args)) 167 "section (an iterable). Yours was: %s" % type(required_args))
161 168
162 for arg in required_args: 169 for arg in required_args:
163 if not arg in self.envdata: 170 if not arg in self.envdata:
164 raise TaskotronYamlError("Required input arg '%s' " 171 raise exc.TaskotronYamlError("Required input arg '%s' "
165 "was not defined" % arg) 172 "was not defined" % arg)
166 173
167 def _validate_env(self): 174 def _validate_env(self):
168 # TODO: implement this 175 # TODO: implement this
169 raise NotImplementedError("Environment validation is not" 176 raise NotImplementedError("Environment validation is not"
170 " yet implemented") 177 " yet implemented")
171 178
179
172class RemoteRunner(object): 180class RemoteRunner(object):
173 def __init__(self, task_data, arg_data): 181 def __init__(self, ssh, task_data, arg_data):
174 self.ssh = None 182 self.ssh = ssh
175 self.task_data = task_data 183 self.task_data = task_data
176 self.arg_data = arg_data 184 self.arg_data = arg_data
177 self.taskdir = '/home/fedora/taskdir' 185 self.taskdir = CONF.client_taskdir
178 self.taskotron_basedir = os.path.abspath(os.path.dirname(libtaskotron.__file__) + '/../')
179 self.output_basedir = '{}/logfiles'.format(self.taskotron_basedir)
180 output_dirname = datetime.datetime.utcnow().strftime('%Y%d%m-%H%M%S')
181 self.output_dirname = os.path.join(self.output_basedir, output_dirname)
182 self.ssh_keyfile = '{}/conf/id_taskotron'.format(self.taskotron_basedir)
183 186
187 def prepare_task(self):
188 # FIXME remove this once the vm code is done
189 self.ssh.install_pkgs('wget')
kparalUnsubmitted
Not Done

If you wanted to make it simpler, curl is always available ;)

190 self.ssh.cmd('wget -O /etc/yum.repos.d/tflink-taskotron-fedora-f21.repo http://copr-fe.cloud.fedoraproject.org/coprs/tflink/taskotron/repo/fedora-21/tflink-taskotron-fedora-21.repo')
kparalUnsubmitted
Not Done

Please put a line break here, and at least on line 217 as well. Thank you.

mkrizekAuthorUnsubmitted
Not Done

OK. Left it there as it is since those lines will go away (hopefully) soon anyway.

191 self.ssh.install_pkgs('libtaskotron')
192 #
184 193
185 def prepare_task():
186 # add ssh keys if needed for controlling other machines
187 # install required packages 194 # install required packages
195 rpms = self.task_data['environment']['rpm']
196 self.ssh.install_pkgs(rpms)
197
198 # configure libtaskotron
199 if CONF.config_filename:
tflinkUnsubmitted
Not Done

we don't require taskotron.yaml to be in /etc/ for normal operation, I'd like to see more flexibility here but that can be added as a later enhancement since it's a bit outside the scope of what this ticket was supposed to accomplish

200 self.ssh.put_file(CONF.config_filename, '/etc/taskotron/taskotron.yaml')
201
188 # patch remote libtaskotron if needed (for dev, shouldn't be used in production) 202 # patch remote libtaskotron if needed (for dev, shouldn't be used in production)
189 # create dirs required for execution 203 if self.arg_data['patch'] is not None:
204 self.ssh.put_file(os.path.abspath(self.arg_data['patch']), '%s/%s' % (self.taskdir, self.arg_data['patch']))
205 self.ssh.install_pkgs('patch')
206 self.ssh.cmd('patch -d /usr/lib/python2.7/site-packages/ -p1 -i %s/%s' % (self.taskdir, self.arg_data['patch']))
207
208 # create needed dirs
209 self.ssh.mkdir(self.taskdir)
210
190 # put files needed for execution (task, input files, etc) 211 # put files needed for execution (task, input files, etc)
191 pass 212 self.ssh.put_dir(os.path.dirname(self.arg_data['taskfile']), self.taskdir)
192 213
193 def run(): 214 taskdata = copy.deepcopy(self.task_data)
194 # effectively override the local run method to encapsulate the running 215 taskdata.pop('environment')
195 # in a remote VM 216 # need to have default_flow_style false to get valid yaml w/ nested dicts
196 pass 217 self.ssh.write_file(os.path.join(self.taskdir, os.path.basename(self.arg_data['taskfile'])), yaml.dump(taskdata, default_flow_style=False))
197 218
219 def run(self):
220 # execute task
221 task_cmd = ['cd %s;' % self.taskdir,
222 'runtask',
223 '-t',
224 self.arg_data['type'],
225 '-i',
226 self.arg_data['item'], # XXX what if item is "; rm -rf /;"?
kparalUnsubmitted
Not Done

This is a great comment. But the item is provided by taskotron trigger, so the very fedmsg would have to be fake, right? So we need to make sure we check fedmsg certificates. And even if this happened, the only thing you control is a disposable client.

mkrizekAuthorUnsubmitted
Not Done

Right. Or maybe someone could send a (force) build directly to buildbot with that item. But the attacker would need to know the password to the buildbot instance I think. Either way, the comment is just a result of me becoming more paranoid. :)

227 '--uuid',
228 self.arg_data['uuid'],
229 os.path.basename(self.arg_data['taskfile'])]
230
231 self.ssh.cmd(' '.join(task_cmd))
tflinkUnsubmitted
Not Done

This throws a TB if there is a missing type or item. I'm not sure that's a valid use case but it'd be better not to blow up. I suspect that we're going to need some more arg validation or verify that what we have works for stuff like your concern about rm -rf being in item.

That being said, I also think that this is out of scope for this review.

232
233 def get_output(self):
234 artifacts_dir = os.path.join(CONF.artifactsdir, self.arg_data['uuid'])
235 logfile = os.path.join(CONF.logdir, CONF.log_name)
236 local_logfile = os.path.join(artifacts_dir, CONF.log_name)
237
238 # copy taskotron.log from vm
239 try:
240 self.ssh.get_file(logfile, local_logfile)
tflinkUnsubmitted
Not Done

I think that we want to do something with the stdout/stderr here. I finally figured out why the task I was testing with was failing - it was missing something and blowing up before creating the log file. The error showed up in stdout on the vm but not on the task initiator.

mkrizekAuthorUnsubmitted
Not Done

Wasn't it saved in the stdio file on the task initiator? I am not sure I understand.

tflinkUnsubmitted
Not Done

I don't see any output in the stdio.log - the only file that got output was the remote-exec/taskotron.log file. I'll poke at this a bit more today to make sure, though

241 except exc.TaskotronRemoteError, e:
242 log.info(e)
tflinkUnsubmitted
Not Done

This blows up with exception if there is no taskotron.log on the remote machine. While not the most common case, it can still be valid and should log an error message instead of blowing up

mkrizekAuthorUnsubmitted
Not Done

Thanks, I knew about that, just didn't fix it for some reason :D

243
244 # copy artifacts from vm
245 try:
246 self.ssh.get_dir(artifacts_dir, artifacts_dir)
247 except exc.TaskotronRemoteError, e:
248 log.info(e)
kparalUnsubmitted
Not Done

Would it make sense to swap these two operations? So that if somebody's task, by accident, creates a file called taskotron.log, it does not overwrite our own file?

198 249
199def get_argparser(): 250def get_argparser():
200 parser = argparse.ArgumentParser() 251 parser = argparse.ArgumentParser()
201 parser.add_argument("task", nargs=1, help="task to run") 252 parser.add_argument("task", nargs=1, help="task to run")
202 parser.add_argument("-a", "--arch", 253 parser.add_argument("-a", "--arch",
203 choices=["i386", "x86_64", "armhfp", "noarch"], 254 choices=["i386", "x86_64", "armhfp", "noarch"],
204 action='append', 255 action='append',
205 help="architecture specifying the item to be checked. If omitted, " 256 help="architecture specifying the item to be checked. If omitted, "
▲ Show 20 LinesShow All 63 Lines▼ Show 20 Line(s)319 log.info('Execution started at: %s',
269 datetime.datetime.utcnow().strftime('%Y-%m-%d %H:%M:%S UTC')) 320 datetime.datetime.utcnow().strftime('%Y-%m-%d %H:%M:%S UTC'))
270 log.debug('Using libtaskotron %s', libtaskotron.__version__) 321 log.debug('Using libtaskotron %s', libtaskotron.__version__)
271 322
272 # parse cmdline 323 # parse cmdline
273 parser = get_argparser() 324 parser = get_argparser()
274 args = parser.parse_args() 325 args = parser.parse_args()
275 log.debug('Parsed arguments: %s', args) 326 log.debug('Parsed arguments: %s', args)
276 327
277 # full logging initialization
278 level_stream = logging.DEBUG if args.debug else None
279 logger.init(level_stream=level_stream)
280
281 arg_data = process_args(vars(args)) 328 arg_data = process_args(vars(args))
282 arg_data['taskfile'] = args.task[0] 329 arg_data['taskfile'] = args.task[0]
283 330
284 # parse task formula 331 # parse task formula
285 task_data = taskformula.parse_yaml_from_file(arg_data['taskfile']) 332 task_data = taskformula.parse_yaml_from_file(arg_data['taskfile'])
286 if not task_data: 333 if not task_data:
287 raise TaskotronYamlError('Input file should not be empty') 334 raise exc.TaskotronYamlError('Input file should not be empty')
288 335
289 # if environment/machine is defined in the task, we can tell that it is 336 # decide whether to run on disposable client
290 # supposed to be run in a virtual machine as a disposable client 337 try:
291 if 'environment' in task_data.keys() and task_data['environment']['machine'] is not None and not args.local: 338 remote = task_data['environment']['machine'] is not None
292 log.info("Running Task in VM") 339 except KeyError:
293 task_runner = RemoteRunner(task_data, arg_data) 340 remote = False
kparalUnsubmitted
Not Done

You can also use

remote = task_data.get('environment', {}).get('machine')

if you like it more than handling the KeyError.

294 task_runner.prepare_task()
295 output = task_runner.run()
296 log.info("remote stdout: %s" % output[0])
297 log.info("remote stderr: %s" % output[1])
298 341
342 _create_uuid_dir(arg_data['uuid'])
mkrizekAuthorUnsubmitted
Not Done

We need to create uuid directory inside artifacts directory as soon as possible. If we do that outside (Remote)Runner class, we prevent others from using the class because it would fail on artifacts dir not existing. Any thoughts on this?

tflinkUnsubmitted
Not Done

I can't think of any use cases where someone would want to use the (Remote)Runner class without the other stuff in main(). If we document the need for those directories to exist, I don't think it'd be much of a problem anyways - can you think of any use cases where that isn't the case?

mkrizekAuthorUnsubmitted
Not Done

Can't think of anything either. Just wanted to raise that concern in case someone would come up with something.

343
344 level_stream = logging.DEBUG if args.debug else None
345
346 if remote:
tflinkUnsubmitted
Not Done

If we keep the concept of having different taskotron.log files for local/remote execution, I'd like to see this be less generic so that it's not confusing to have multiple runners on the same virthost

mkrizekAuthorUnsubmitted
Not Done

We delete taskotron.log before execution anyway on buildmaster (and so we should delete remote_logdir as well), no? Or is it appropriate time to come up with better solution that deleting the logs?

tflinkUnsubmitted
Not Done

If we end up going forward with what I had in mind for virthosts - we'll need something that's a bit more specific than what we're doing now. If we have multiple buildslaves running on the same machine, that'll create multiple logfiles and decent odds that one of them will be running when another is wrapping up.

It makes sense to me to either a) start putting logs in a per-buildslave location or b) having names that are unique enough so that each buildslave can figure out which logs belong to it.

mkrizekAuthorUnsubmitted
Not Done

Ok, I didn't realize we were going to have multiple runners on the same machine. In that case, how about we store everything in the artifacts dir right away and not copy everything after the run is over?

tflinkUnsubmitted
Not Done

if the permissions work out, that sounds reasonable.

I think that we'll have more things to rework/tweak if we go forward with the multiple runners per machine plan, though. if storing everything in the artifacts dir right away doesn't work well, I think this would be better as an enhancement ticket that we deal with after figuring out some of the other details.

kparalUnsubmitted
Not Done

I'm again confused by the word remote here, a few comments would definitely improve it here. If remote is true, does it mean that this runtask script is running on a remote machine (i.e. the VM client)? Or does it mean we will schedule it remotely, i.e. we're running on the buildslave initiator?

By reading the code below, it seems that the latter is the case. Would it make sense to rename remote to run_remotely? It seems clearer to me.

347 logger.init(level_stream=level_stream, filelog=True,
348 filelog_path=os.path.join(CONF.artifactsdir, arg_data['uuid'], CONF.remote_log_name))
349
350 log.info("Running Task in VM")
351 # FIXME remove hardcoded ip when the vm code is done
352 stdio_filename = os.path.join(CONF.artifactsdir, arg_data['uuid'], CONF.remote_stdio_name)
353 with remote_exec.RemoteExec('192.168.122.99', 22, 'root', 'conf/id_taskotron', stdio_filename) as ssh:
354 task_runner = RemoteRunner(ssh, task_data, arg_data)
tflinkUnsubmitted
Not Done

I'd like to see an except block here, even if it just logs the exception that it catches - right now it's just squelching errors that cause problems

355 try:
356 task_runner.prepare_task()
357 task_runner.run()
358 except exc.TaskotronRemoteError, e:
359 log.exception(e)
360 task_runner.get_output()
299 else: 361 else:
362 logger.init(level_stream=level_stream)
300 # run the task locally 363 # run the task locally
301 task_runner = Runner(task_data, arg_data) 364 task_runner = Runner(task_data, arg_data)
302 task_runner.run() 365 task_runner.run()
303 366
304 # finalization 367 # finalization
305 log.info('Execution finished at: %s', 368 log.info('Execution finished at: %s',
306 datetime.datetime.utcnow().strftime('%Y-%m-%d %H:%M:%S UTC')) 369 datetime.datetime.utcnow().strftime('%Y-%m-%d %H:%M:%S UTC'))
View Options

requirements.txt

1# This is a list of pypi packages to be installed into virtualenv. Alternatively, 1# This is a list of pypi packages to be installed into virtualenv. Alternatively,
2# you can install these as RPMs instead of pypi packages. Use 2# you can install these as RPMs instead of pypi packages. Use
3# `rpmspec -q --requires libtaskotron.spec` and 3# `rpmspec -q --requires libtaskotron.spec` and
4# `rpmspec -q --buildrequires libtaskotron.spec` to get a list of RPM dependencies. 4# `rpmspec -q --buildrequires libtaskotron.spec` to get a list of RPM dependencies.
5# 5#
6# A note for maintainers: Please keep this list in sync with libtaskotron.spec. 6# A note for maintainers: Please keep this list in sync with libtaskotron.spec.
7# You should require exact versions here (in order to define an exact working 7# You should require exact versions here (in order to define an exact working
8# environment), and require a minimal version in the spec file (in order to allow 8# environment), and require a minimal version in the spec file (in order to allow
9# the libraries to have some minor version bumps during the Fedora release 9# the libraries to have some minor version bumps during the Fedora release
10# lifecycle). If the Fedora libraries span multiple versions across releases, 10# lifecycle). If the Fedora libraries span multiple versions across releases,
11# you can define a dependency range here instead of an exact version. 11# you can define a dependency range here instead of an exact version.
12 12
13bayeux == 0.9 13bayeux == 0.9
14bunch == 1.0.1 14bunch == 1.0.1
15dingus == 0.3.4 15dingus == 0.3.4
16paramiko == 1.15.1
16pytap13 == 0.3.0 17pytap13 == 0.3.0
17pytest == 2.6.4 18pytest == 2.6.4
18pytest-cov == 1.8.1 19pytest-cov == 1.8.1
19python-fedora == 0.3.36 20python-fedora == 0.3.36
20PyYAML == 3.11 21PyYAML == 3.11
21resultsdb_api == 1.2.1 22resultsdb_api == 1.2.1
22Sphinx == 1.2.3 23Sphinx == 1.2.3
23yamlish == 0.18 24yamlish == 0.18
View Options

testing/test_remote_exec.py

  • This file was added.
1# -*- coding: utf-8 -*-
2# Copyright 2009-2015, Red Hat, Inc.
3# License: GPL-2.0+ <http://spdx.org/licenses/GPL-2.0+>
4# See the LICENSE file for more details on Licensing
5
6'''Unit tests for libtaskotron/remote_exec.py'''
7
8import errno
9import socket
10
11import pytest
12import paramiko
13from bunch import Bunch
14from dingus import Dingus
15
16from libtaskotron import remote_exec
17from libtaskotron.exceptions import TaskotronRemoteError
18
19
20STUB_DIR = 'dirname'
21STUB_FILE = 'filename'
22STUB_NONEXISTING_FILE = ''
23STUB_ENOSPC = 1
kparalUnsubmitted
Not Done

A comment would help here.

24STUB_REF_MODE = None
kparalUnsubmitted
Not Done

A comment would help here.

25STUB_NONEXISTING_HOST1 = 'ip1'
26STUB_NONEXISTING_HOST2 = 'ip2'
27STUB_NONEXISTING_USER = 'foo'
28STUB_NONWRITABLE_FILE = 'permissiondenied'
29STUB_CMD_TRUE = 0
30STUB_CMD_FALSE = 1
31
32
33class StubChannel(object):
34 def __init__(self, cmd):
35 self.cmd = cmd
36 self._status_ready = False
37
38 def exit_status_ready(self):
39 ret = self._status_ready
40 self._status_ready = True
41 return ret
42
43 def recv_ready(self):
44 return True
45
46 def recv(self, count):
47 return 'command output'
48
49 def recv_stderr_ready(self):
50 return True
51
52 def recv_stderr(self, count):
53 return 'command error'
54
55 def recv_exit_status(self):
56 return self.cmd
57
58
59class StubSFTPClient(object):
60 def __init__(self, *args, **kwargs):
61 pass
62
63 def close(self, *args, **kwargs):
64 pass
65
66 def open(self, path, mode):
67 if path == STUB_NONWRITABLE_FILE:
68 raise IOError
69
70 def put(self, localpath, remotepath):
71 if remotepath == STUB_ENOSPC:
72 raise IOError
73
74 attrs = paramiko.SFTPAttributes()
75 attrs.st_mode = STUB_REF_MODE
76
77 return attrs
78
79 def get(self, remotepath, localpath):
80 if localpath == STUB_ENOSPC:
81 raise IOError
82
83 return None
84
85 def stat(self, path):
86 attrs = paramiko.SFTPAttributes()
87
88 if path == STUB_DIR:
89 attrs.st_mode = 16893
kparalUnsubmitted
Not Done

A comment would help here.

90 elif path == STUB_FILE:
91 attrs.st_mode = 33204
kparalUnsubmitted
Not Done

A comment would help here.

92 elif path == STUB_NONEXISTING_FILE:
93 raise IOError(errno.ENOENT, 'No such file')
94
95 return attrs
96
97 def listdir(self, path):
98 if not path == STUB_DIR:
99 raise IOError
100
101 def mkdir(self, *args, **kwargs):
102 pass
103
104
105class StubSSHClient(object):
106 def __init__(self, *args, **kwargs):
107 self._sftp = None
108
109 def set_missing_host_key_policy(self, *args, **kwargs):
110 pass
111
112 def connect(self, hostname, port, username, key_filename):
113 if hostname == STUB_NONEXISTING_HOST1:
114 raise paramiko.SSHException
115 elif hostname == STUB_NONEXISTING_HOST2:
116 raise socket.error
117 if username == STUB_NONEXISTING_USER:
118 raise paramiko.AuthenticationException
119
120 def close(self, *args, **kwargs):
121 pass
122
123 def open_sftp(self, *args, **kwargs):
124 if self._sftp is None:
125 self._sftp = StubSFTPClient()
126
127 return self._sftp
128
129 def exec_command(self, cmd):
130 ch = Bunch(channel=StubChannel(cmd))
131
132 return ch, ch, ch
133
134
135class TestRemoteExec(object):
136 def setup_method(self, method):
137 '''Run this before every test invocation'''
138 self.ref_host_ip = '192.168.122.22'
139 paramiko.SSHClient = StubSSHClient
140 self.remote = remote_exec.RemoteExec(self.ref_host_ip, 22, 'root', 'keyfilename')
141 self.remote.connect()
142
143 def teardown_method(self, method):
144 self.remote.close()
145
146 def test_remote_isdir(self):
147 assert self.remote._remote_isdir(STUB_DIR) is True
148
149 def test_remote_isdir_not(self):
150 assert self.remote._remote_isdir(STUB_FILE) is False
151
152 def test_remote_isdir_not_exist(self):
153 assert self.remote._remote_isdir(STUB_NONEXISTING_FILE) is False
154
155 def test_remote_file_exists(self):
156 assert self.remote._remote_file_exists(STUB_FILE) is True
157
158 def test_remote_file_doesnt_exists(self):
159 assert self.remote._remote_file_exists(STUB_NONEXISTING_FILE) is False
160
161 def test_get_file(self):
162 assert self.remote.get_file(STUB_FILE, STUB_FILE) is None
163
164 def test_get_file_ioerror(self):
165 with pytest.raises(TaskotronRemoteError):
166 self.remote.get_file(STUB_FILE, STUB_ENOSPC)
167
168 def test_put_file(self):
169 attrs = self.remote.put_file(STUB_FILE, STUB_FILE)
170 assert attrs.st_mode == STUB_REF_MODE
171
172 def test_put_file_ioerror(self):
173 with pytest.raises(TaskotronRemoteError):
174 self.remote.put_file(STUB_FILE, STUB_ENOSPC)
175
176 def test_put_file_overwrite(self):
177 attrs = self.remote.put_file(STUB_FILE, STUB_FILE, overwrite=True)
178 assert attrs.st_mode == STUB_REF_MODE
179
180 def test_put_file_dont_overwrite(self):
181 assert self.remote.put_file(STUB_FILE, STUB_FILE, overwrite=False) is None
182
183 def test_connect_nonexisting_host1(self):
184 remote = remote_exec.RemoteExec(STUB_NONEXISTING_HOST1, 22, 'root', 'keyfilename')
185 with pytest.raises(TaskotronRemoteError):
186 remote.connect()
187
188 def test_connect_nonexisting_host2(self):
189 remote = remote_exec.RemoteExec(STUB_NONEXISTING_HOST2, 22, 'root', 'keyfilename')
190 with pytest.raises(TaskotronRemoteError):
191 remote.connect()
192
193 def test_connect_nonexisting_user(self):
194 remote = remote_exec.RemoteExec(self.ref_host_ip, 22, STUB_NONEXISTING_USER, 'keyfilename')
195 with pytest.raises(TaskotronRemoteError):
196 remote.connect()
197
198 def test_write_file_not_accessible_file(self):
199 ref_data = 'foobar'
200 with pytest.raises(TaskotronRemoteError):
201 self.remote.write_file(STUB_NONWRITABLE_FILE, ref_data)
202
203 def test_write_file_dont_overwrite(self):
204 ref_data = 'foobar'
205 assert self.remote.write_file(STUB_FILE, ref_data, overwrite=False) is None
206
207 def test_put_dir_not_dir(self):
208 with pytest.raises(TaskotronRemoteError):
209 assert self.remote.put_dir(STUB_FILE, STUB_DIR) is None
210
211 def test_put_dir_not_dir_dont_overwrite(self):
212 assert self.remote.put_dir(STUB_DIR, STUB_DIR, overwrite=False) is None
213
214 def test_get_dir_not_dir(self):
215 with pytest.raises(TaskotronRemoteError):
216 self.remote.get_dir(STUB_FILE, STUB_DIR)
217
218 def test_cmd_success(self):
219 assert self.remote.cmd(STUB_CMD_TRUE) is None
220
221 def test_cmd_failure(self):
222 with pytest.raises(TaskotronRemoteError):
223 self.remote.cmd(STUB_CMD_FALSE)
224
225 def test_install_pkgs_str(self):
226 self.remote.cmd = Dingus()
227 self.remote.install_pkgs('libtaskotron,rpmlint')
228 assert self.remote.cmd.calls()[0][1][0] == 'yum -y install libtaskotron rpmlint'
229
230 def test_install_pkgs_list(self):
231 self.remote.cmd = Dingus()
232 self.remote.install_pkgs(['libtaskotron', 'rpmlint'])
233 assert self.remote.cmd.calls()[0][1][0] == 'yum -y install libtaskotron rpmlint'
234
235 def test_mkdir(self):
236 ref_dirname = 'dirname'
237 self.remote.cmd = Dingus()
238 self.remote.mkdir(ref_dirname)
239 assert self.remote.cmd.calls()[0][1][0] == 'mkdir -p -m 777 %s' % ref_dirname
240
241 def test_mkdir_mode(self):
242 ref_dirname = 'dirname'
243 ref_mode = 644
244 self.remote.cmd = Dingus()
245 self.remote.mkdir(ref_dirname, ref_mode)
246 assert self.remote.cmd.calls()[0][1][0] == 'mkdir -p -m %d %s' % (ref_mode, ref_dirname)