514 lines
15 KiB
Ruby
514 lines
15 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
require 'spec_helper'
|
|
|
|
RSpec.describe Projects::ContainerRepository::CleanupTagsService, :clean_gitlab_redis_cache do
|
|
using RSpec::Parameterized::TableSyntax
|
|
|
|
let_it_be(:user) { create(:user) }
|
|
let_it_be(:project, reload: true) { create(:project, :private) }
|
|
|
|
let(:repository) { create(:container_repository, :root, project: project) }
|
|
let(:service) { described_class.new(repository, user, params) }
|
|
let(:tags) { %w[latest A Ba Bb C D E] }
|
|
|
|
before do
|
|
project.add_maintainer(user) if user
|
|
|
|
stub_container_registry_config(enabled: true)
|
|
|
|
stub_container_registry_tags(
|
|
repository: repository.path,
|
|
tags: tags
|
|
)
|
|
|
|
stub_tag_digest('latest', 'sha256:configA')
|
|
stub_tag_digest('A', 'sha256:configA')
|
|
stub_tag_digest('Ba', 'sha256:configB')
|
|
stub_tag_digest('Bb', 'sha256:configB')
|
|
stub_tag_digest('C', 'sha256:configC')
|
|
stub_tag_digest('D', 'sha256:configD')
|
|
stub_tag_digest('E', nil)
|
|
|
|
stub_digest_config('sha256:configA', 1.hour.ago)
|
|
stub_digest_config('sha256:configB', 5.days.ago)
|
|
stub_digest_config('sha256:configC', 1.month.ago)
|
|
stub_digest_config('sha256:configD', nil)
|
|
end
|
|
|
|
describe '#execute' do
|
|
subject { service.execute }
|
|
|
|
context 'when no params are specified' do
|
|
let(:params) { {} }
|
|
|
|
it 'does not remove anything' do
|
|
expect_any_instance_of(Projects::ContainerRepository::DeleteTagsService)
|
|
.not_to receive(:execute)
|
|
expect_no_caching
|
|
|
|
is_expected.to eq(expected_service_response(before_truncate_size: 0, after_truncate_size: 0, before_delete_size: 0))
|
|
end
|
|
end
|
|
|
|
context 'when regex matching everything is specified' do
|
|
shared_examples 'removes all matches' do
|
|
it 'does remove all tags except latest' do
|
|
expect_no_caching
|
|
|
|
expect_delete(%w(A Ba Bb C D E))
|
|
|
|
is_expected.to eq(expected_service_response(deleted: %w(A Ba Bb C D E)))
|
|
end
|
|
end
|
|
|
|
let(:params) do
|
|
{ 'name_regex_delete' => '.*' }
|
|
end
|
|
|
|
it_behaves_like 'removes all matches'
|
|
|
|
context 'with deprecated name_regex param' do
|
|
let(:params) do
|
|
{ 'name_regex' => '.*' }
|
|
end
|
|
|
|
it_behaves_like 'removes all matches'
|
|
end
|
|
end
|
|
|
|
context 'with invalid regular expressions' do
|
|
shared_examples 'handling an invalid regex' do
|
|
it 'keeps all tags' do
|
|
expect_no_caching
|
|
|
|
expect(Projects::ContainerRepository::DeleteTagsService)
|
|
.not_to receive(:new)
|
|
|
|
subject
|
|
end
|
|
|
|
it { is_expected.to eq(status: :error, message: 'invalid regex') }
|
|
|
|
it 'calls error tracking service' do
|
|
expect(Gitlab::ErrorTracking).to receive(:log_exception).and_call_original
|
|
|
|
subject
|
|
end
|
|
end
|
|
|
|
context 'when name_regex_delete is invalid' do
|
|
let(:params) { { 'name_regex_delete' => '*test*' } }
|
|
|
|
it_behaves_like 'handling an invalid regex'
|
|
end
|
|
|
|
context 'when name_regex is invalid' do
|
|
let(:params) { { 'name_regex' => '*test*' } }
|
|
|
|
it_behaves_like 'handling an invalid regex'
|
|
end
|
|
|
|
context 'when name_regex_keep is invalid' do
|
|
let(:params) { { 'name_regex_keep' => '*test*' } }
|
|
|
|
it_behaves_like 'handling an invalid regex'
|
|
end
|
|
end
|
|
|
|
context 'when delete regex matching specific tags is used' do
|
|
let(:params) do
|
|
{ 'name_regex_delete' => 'C|D' }
|
|
end
|
|
|
|
it 'does remove C and D' do
|
|
expect_delete(%w(C D))
|
|
|
|
expect_no_caching
|
|
|
|
is_expected.to eq(expected_service_response(deleted: %w(C D), before_truncate_size: 2, after_truncate_size: 2, before_delete_size: 2))
|
|
end
|
|
|
|
context 'with overriding allow regex' do
|
|
let(:params) do
|
|
{ 'name_regex_delete' => 'C|D',
|
|
'name_regex_keep' => 'C' }
|
|
end
|
|
|
|
it 'does not remove C' do
|
|
expect_delete(%w(D))
|
|
|
|
expect_no_caching
|
|
|
|
is_expected.to eq(expected_service_response(deleted: %w(D), before_truncate_size: 1, after_truncate_size: 1, before_delete_size: 1))
|
|
end
|
|
end
|
|
|
|
context 'with name_regex_delete overriding deprecated name_regex' do
|
|
let(:params) do
|
|
{ 'name_regex' => 'C|D',
|
|
'name_regex_delete' => 'D' }
|
|
end
|
|
|
|
it 'does not remove C' do
|
|
expect_delete(%w(D))
|
|
|
|
expect_no_caching
|
|
|
|
is_expected.to eq(expected_service_response(deleted: %w(D), before_truncate_size: 1, after_truncate_size: 1, before_delete_size: 1))
|
|
end
|
|
end
|
|
end
|
|
|
|
context 'with allow regex value' do
|
|
let(:params) do
|
|
{ 'name_regex_delete' => '.*',
|
|
'name_regex_keep' => 'B.*' }
|
|
end
|
|
|
|
it 'does not remove B*' do
|
|
expect_delete(%w(A C D E))
|
|
|
|
expect_no_caching
|
|
|
|
is_expected.to eq(expected_service_response(deleted: %w(A C D E), before_truncate_size: 4, after_truncate_size: 4, before_delete_size: 4))
|
|
end
|
|
end
|
|
|
|
context 'when keeping only N tags' do
|
|
let(:params) do
|
|
{ 'name_regex' => 'A|B.*|C',
|
|
'keep_n' => 1 }
|
|
end
|
|
|
|
it 'sorts tags by date' do
|
|
expect_delete(%w(Bb Ba C))
|
|
|
|
expect_no_caching
|
|
|
|
expect(service).to receive(:order_by_date).and_call_original
|
|
|
|
is_expected.to eq(expected_service_response(deleted: %w(Bb Ba C), before_truncate_size: 4, after_truncate_size: 4, before_delete_size: 3))
|
|
end
|
|
end
|
|
|
|
context 'when not keeping N tags' do
|
|
let(:params) do
|
|
{ 'name_regex' => 'A|B.*|C' }
|
|
end
|
|
|
|
it 'does not sort tags by date' do
|
|
expect_delete(%w(A Ba Bb C))
|
|
|
|
expect_no_caching
|
|
|
|
expect(service).not_to receive(:order_by_date)
|
|
|
|
is_expected.to eq(expected_service_response(deleted: %w(A Ba Bb C), before_truncate_size: 4, after_truncate_size: 4, before_delete_size: 4))
|
|
end
|
|
end
|
|
|
|
context 'when removing keeping only 3' do
|
|
let(:params) do
|
|
{ 'name_regex_delete' => '.*',
|
|
'keep_n' => 3 }
|
|
end
|
|
|
|
it 'does remove B* and C as they are the oldest' do
|
|
expect_delete(%w(Bb Ba C))
|
|
|
|
expect_no_caching
|
|
|
|
is_expected.to eq(expected_service_response(deleted: %w(Bb Ba C), before_delete_size: 3))
|
|
end
|
|
end
|
|
|
|
context 'when removing older than 1 day' do
|
|
let(:params) do
|
|
{ 'name_regex_delete' => '.*',
|
|
'older_than' => '1 day' }
|
|
end
|
|
|
|
it 'does remove B* and C as they are older than 1 day' do
|
|
expect_delete(%w(Ba Bb C))
|
|
|
|
expect_no_caching
|
|
|
|
is_expected.to eq(expected_service_response(deleted: %w(Ba Bb C), before_delete_size: 3))
|
|
end
|
|
end
|
|
|
|
context 'when combining all parameters' do
|
|
let(:params) do
|
|
{ 'name_regex_delete' => '.*',
|
|
'keep_n' => 1,
|
|
'older_than' => '1 day' }
|
|
end
|
|
|
|
it 'does remove B* and C' do
|
|
expect_delete(%w(Bb Ba C))
|
|
|
|
expect_no_caching
|
|
|
|
is_expected.to eq(expected_service_response(deleted: %w(Bb Ba C), before_delete_size: 3))
|
|
end
|
|
end
|
|
|
|
context 'when running a container_expiration_policy' do
|
|
let(:user) { nil }
|
|
|
|
context 'with valid container_expiration_policy param' do
|
|
let(:params) do
|
|
{ 'name_regex_delete' => '.*',
|
|
'keep_n' => 1,
|
|
'older_than' => '1 day',
|
|
'container_expiration_policy' => true }
|
|
end
|
|
|
|
before do
|
|
expect_delete(%w(Bb Ba C), container_expiration_policy: true)
|
|
end
|
|
|
|
it { is_expected.to eq(expected_service_response(deleted: %w(Bb Ba C), before_delete_size: 3)) }
|
|
|
|
context 'caching' do
|
|
it 'expects caching to be used' do
|
|
expect_caching
|
|
|
|
subject
|
|
end
|
|
|
|
context 'when setting set to false' do
|
|
before do
|
|
stub_application_setting(container_registry_expiration_policies_caching: false)
|
|
end
|
|
|
|
it 'does not use caching' do
|
|
expect_no_caching
|
|
|
|
subject
|
|
end
|
|
end
|
|
end
|
|
end
|
|
|
|
context 'without container_expiration_policy param' do
|
|
let(:params) do
|
|
{ 'name_regex_delete' => '.*',
|
|
'keep_n' => 1,
|
|
'older_than' => '1 day' }
|
|
end
|
|
|
|
it 'fails' do
|
|
is_expected.to eq(status: :error, message: 'access denied')
|
|
end
|
|
end
|
|
end
|
|
|
|
context 'truncating the tags list' do
|
|
let(:params) do
|
|
{
|
|
'name_regex_delete' => '.*',
|
|
'keep_n' => 1
|
|
}
|
|
end
|
|
|
|
shared_examples 'returning the response' do |status:, original_size:, before_truncate_size:, after_truncate_size:, before_delete_size:|
|
|
it 'returns the response' do
|
|
expect_no_caching
|
|
|
|
result = subject
|
|
|
|
service_response = expected_service_response(
|
|
status: status,
|
|
original_size: original_size,
|
|
before_truncate_size: before_truncate_size,
|
|
after_truncate_size: after_truncate_size,
|
|
before_delete_size: before_delete_size,
|
|
deleted: nil
|
|
)
|
|
|
|
expect(result).to eq(service_response)
|
|
end
|
|
end
|
|
|
|
where(:max_list_size, :delete_tags_service_status, :expected_status, :expected_truncated) do
|
|
10 | :success | :success | false
|
|
10 | :error | :error | false
|
|
3 | :success | :error | true
|
|
3 | :error | :error | true
|
|
0 | :success | :success | false
|
|
0 | :error | :error | false
|
|
end
|
|
|
|
with_them do
|
|
before do
|
|
stub_application_setting(container_registry_cleanup_tags_service_max_list_size: max_list_size)
|
|
allow_next_instance_of(Projects::ContainerRepository::DeleteTagsService) do |service|
|
|
expect(service).to receive(:execute).and_return(status: delete_tags_service_status)
|
|
end
|
|
end
|
|
|
|
original_size = 7
|
|
keep_n = 1
|
|
|
|
it_behaves_like(
|
|
'returning the response',
|
|
status: params[:expected_status],
|
|
original_size: original_size,
|
|
before_truncate_size: original_size - keep_n,
|
|
after_truncate_size: params[:expected_truncated] ? params[:max_list_size] + keep_n : original_size - keep_n,
|
|
before_delete_size: params[:expected_truncated] ? params[:max_list_size] : original_size - keep_n - 1 # one tag is filtered out with older_than filter
|
|
)
|
|
end
|
|
end
|
|
|
|
context 'caching', :freeze_time do
|
|
let(:params) do
|
|
{
|
|
'name_regex_delete' => '.*',
|
|
'keep_n' => 1,
|
|
'older_than' => '1 day',
|
|
'container_expiration_policy' => true
|
|
}
|
|
end
|
|
|
|
let(:tags_and_created_ats) do
|
|
{
|
|
'A' => 1.hour.ago,
|
|
'Ba' => 5.days.ago,
|
|
'Bb' => 5.days.ago,
|
|
'C' => 1.month.ago,
|
|
'D' => nil,
|
|
'E' => nil
|
|
}
|
|
end
|
|
|
|
let(:cacheable_tags) { tags_and_created_ats.reject { |_, value| value.nil? } }
|
|
|
|
before do
|
|
expect_delete(%w(Bb Ba C), container_expiration_policy: true)
|
|
# We froze time so we need to set the created_at stubs again
|
|
stub_digest_config('sha256:configA', 1.hour.ago)
|
|
stub_digest_config('sha256:configB', 5.days.ago)
|
|
stub_digest_config('sha256:configC', 1.month.ago)
|
|
end
|
|
|
|
it 'caches the created_at values' do
|
|
::Gitlab::Redis::Cache.with do |redis|
|
|
expect_mget(redis, tags_and_created_ats.keys)
|
|
|
|
expect_set(redis, cacheable_tags)
|
|
end
|
|
|
|
expect(subject).to include(cached_tags_count: 0)
|
|
end
|
|
|
|
context 'with cached values' do
|
|
before do
|
|
::Gitlab::Redis::Cache.with do |redis|
|
|
redis.set(cache_key('C'), rfc3339(1.month.ago))
|
|
end
|
|
end
|
|
|
|
it 'uses them' do
|
|
::Gitlab::Redis::Cache.with do |redis|
|
|
expect_mget(redis, tags_and_created_ats.keys)
|
|
|
|
# because C is already in cache, it should not be cached again
|
|
expect_set(redis, cacheable_tags.except('C'))
|
|
end
|
|
|
|
# We will ping the container registry for all tags *except* for C because it's cached
|
|
expect(ContainerRegistry::Blob).to receive(:new).with(repository, { "digest" => "sha256:configA" }).and_call_original
|
|
expect(ContainerRegistry::Blob).to receive(:new).with(repository, { "digest" => "sha256:configB" }).twice.and_call_original
|
|
expect(ContainerRegistry::Blob).not_to receive(:new).with(repository, { "digest" => "sha256:configC" })
|
|
expect(ContainerRegistry::Blob).to receive(:new).with(repository, { "digest" => "sha256:configD" }).and_call_original
|
|
|
|
expect(subject).to include(cached_tags_count: 1)
|
|
end
|
|
end
|
|
|
|
def expect_mget(redis, keys)
|
|
expect(redis).to receive(:mget).with(keys.map(&method(:cache_key))).and_call_original
|
|
end
|
|
|
|
def expect_set(redis, tags)
|
|
tags.each do |tag_name, created_at|
|
|
ex = 1.day.seconds - (Time.zone.now - created_at).seconds
|
|
if ex > 0
|
|
expect(redis).to receive(:set).with(cache_key(tag_name), rfc3339(created_at), ex: ex.to_i)
|
|
end
|
|
end
|
|
end
|
|
|
|
def cache_key(tag_name)
|
|
"container_repository:{#{repository.id}}:tag:#{tag_name}:created_at"
|
|
end
|
|
|
|
def rfc3339(date_time)
|
|
# DateTime rfc3339 is different ActiveSupport::TimeWithZone rfc3339
|
|
# The caching will use DateTime rfc3339
|
|
DateTime.rfc3339(date_time.rfc3339).rfc3339
|
|
end
|
|
end
|
|
end
|
|
|
|
private
|
|
|
|
def stub_tag_digest(tag, digest)
|
|
allow_any_instance_of(ContainerRegistry::Client)
|
|
.to receive(:repository_tag_digest)
|
|
.with(repository.path, tag) { digest }
|
|
|
|
allow_any_instance_of(ContainerRegistry::Client)
|
|
.to receive(:repository_manifest)
|
|
.with(repository.path, tag) do
|
|
{ 'config' => { 'digest' => digest } } if digest
|
|
end
|
|
end
|
|
|
|
def stub_digest_config(digest, created_at)
|
|
allow_any_instance_of(ContainerRegistry::Client)
|
|
.to receive(:blob)
|
|
.with(repository.path, digest, nil) do
|
|
{ 'created' => created_at.to_datetime.rfc3339 }.to_json if created_at
|
|
end
|
|
end
|
|
|
|
def expect_delete(tags, container_expiration_policy: nil)
|
|
expect(Projects::ContainerRepository::DeleteTagsService)
|
|
.to receive(:new)
|
|
.with(repository.project, user, tags: tags, container_expiration_policy: container_expiration_policy)
|
|
.and_call_original
|
|
|
|
expect_any_instance_of(Projects::ContainerRepository::DeleteTagsService)
|
|
.to receive(:execute)
|
|
.with(repository) { { status: :success, deleted: tags } }
|
|
end
|
|
|
|
# all those -1 because the default tags on L13 have a "latest" that will be filtered out
|
|
def expected_service_response(status: :success, deleted: [], original_size: tags.size, before_truncate_size: tags.size - 1, after_truncate_size: tags.size - 1, before_delete_size: tags.size - 1)
|
|
{
|
|
status: status,
|
|
deleted: deleted,
|
|
original_size: original_size,
|
|
before_truncate_size: before_truncate_size,
|
|
after_truncate_size: after_truncate_size,
|
|
before_delete_size: before_delete_size,
|
|
cached_tags_count: 0
|
|
}.compact.merge(deleted_size: deleted&.size)
|
|
end
|
|
|
|
def expect_no_caching
|
|
expect(::Gitlab::Redis::Cache).not_to receive(:with)
|
|
end
|
|
|
|
def expect_caching
|
|
::Gitlab::Redis::Cache.with do |redis|
|
|
expect(redis).to receive(:mget).and_call_original
|
|
expect(redis).to receive(:set).and_call_original
|
|
end
|
|
end
|
|
end
|