up
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Build Test Deploy / build-test (push) Has been cancelled
Build Test Deploy / authority-container (push) Has been cancelled
Build Test Deploy / docs (push) Has been cancelled
Build Test Deploy / deploy (push) Has been cancelled
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Build Test Deploy / build-test (push) Has been cancelled
Build Test Deploy / authority-container (push) Has been cancelled
Build Test Deploy / docs (push) Has been cancelled
Build Test Deploy / deploy (push) Has been cancelled
This commit is contained in:
@@ -0,0 +1,34 @@
|
||||
using System.Collections.Concurrent;
|
||||
using StellaOps.Scanner.Storage.ObjectStore;
|
||||
|
||||
namespace StellaOps.Scanner.Storage.Tests;
|
||||
|
||||
internal sealed class InMemoryArtifactObjectStore : IArtifactObjectStore
|
||||
{
|
||||
private readonly ConcurrentDictionary<(string Bucket, string Key), byte[]> _objects = new();
|
||||
|
||||
public IReadOnlyDictionary<(string Bucket, string Key), byte[]> Objects => _objects;
|
||||
|
||||
public Task DeleteAsync(ArtifactObjectDescriptor descriptor, CancellationToken cancellationToken)
|
||||
{
|
||||
_objects.TryRemove((descriptor.Bucket, descriptor.Key), out _);
|
||||
return Task.CompletedTask;
|
||||
}
|
||||
|
||||
public Task<Stream?> GetAsync(ArtifactObjectDescriptor descriptor, CancellationToken cancellationToken)
|
||||
{
|
||||
if (_objects.TryGetValue((descriptor.Bucket, descriptor.Key), out var bytes))
|
||||
{
|
||||
return Task.FromResult<Stream?>(new MemoryStream(bytes, writable: false));
|
||||
}
|
||||
|
||||
return Task.FromResult<Stream?>(null);
|
||||
}
|
||||
|
||||
public async Task PutAsync(ArtifactObjectDescriptor descriptor, Stream content, CancellationToken cancellationToken)
|
||||
{
|
||||
using var buffer = new MemoryStream();
|
||||
await content.CopyToAsync(buffer, cancellationToken).ConfigureAwait(false);
|
||||
_objects[(descriptor.Bucket, descriptor.Key)] = buffer.ToArray();
|
||||
}
|
||||
}
|
||||
26
src/StellaOps.Scanner.Storage.Tests/ScannerMongoFixture.cs
Normal file
26
src/StellaOps.Scanner.Storage.Tests/ScannerMongoFixture.cs
Normal file
@@ -0,0 +1,26 @@
|
||||
using Mongo2Go;
|
||||
using MongoDB.Driver;
|
||||
using Xunit;
|
||||
|
||||
namespace StellaOps.Scanner.Storage.Tests;
|
||||
|
||||
public sealed class ScannerMongoFixture : IAsyncLifetime
|
||||
{
|
||||
public MongoDbRunner Runner { get; private set; } = null!;
|
||||
public IMongoClient Client { get; private set; } = null!;
|
||||
public IMongoDatabase Database { get; private set; } = null!;
|
||||
|
||||
public Task InitializeAsync()
|
||||
{
|
||||
Runner = MongoDbRunner.Start(singleNodeReplSet: true);
|
||||
Client = new MongoClient(Runner.ConnectionString);
|
||||
Database = Client.GetDatabase($"scanner-tests-{Guid.NewGuid():N}");
|
||||
return Task.CompletedTask;
|
||||
}
|
||||
|
||||
public Task DisposeAsync()
|
||||
{
|
||||
Runner.Dispose();
|
||||
return Task.CompletedTask;
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,10 @@
|
||||
<Project Sdk="Microsoft.NET.Sdk">
|
||||
<PropertyGroup>
|
||||
<TargetFramework>net10.0</TargetFramework>
|
||||
<Nullable>enable</Nullable>
|
||||
<ImplicitUsings>enable</ImplicitUsings>
|
||||
</PropertyGroup>
|
||||
<ItemGroup>
|
||||
<ProjectReference Include="../StellaOps.Scanner.Storage/StellaOps.Scanner.Storage.csproj" />
|
||||
</ItemGroup>
|
||||
</Project>
|
||||
142
src/StellaOps.Scanner.Storage.Tests/StorageDualWriteFixture.cs
Normal file
142
src/StellaOps.Scanner.Storage.Tests/StorageDualWriteFixture.cs
Normal file
@@ -0,0 +1,142 @@
|
||||
using System.Security.Cryptography;
|
||||
using Microsoft.Extensions.Logging.Abstractions;
|
||||
using Microsoft.Extensions.Options;
|
||||
using MongoDB.Bson;
|
||||
using MongoDB.Driver;
|
||||
using StellaOps.Scanner.Storage;
|
||||
using StellaOps.Scanner.Storage.Catalog;
|
||||
using StellaOps.Scanner.Storage.Migrations;
|
||||
using StellaOps.Scanner.Storage.Mongo;
|
||||
using StellaOps.Scanner.Storage.ObjectStore;
|
||||
using StellaOps.Scanner.Storage.Repositories;
|
||||
using StellaOps.Scanner.Storage.Services;
|
||||
using Xunit;
|
||||
|
||||
namespace StellaOps.Scanner.Storage.Tests;
|
||||
|
||||
[CollectionDefinition("scanner-mongo-fixture")]
|
||||
public sealed class ScannerMongoCollection : ICollectionFixture<ScannerMongoFixture>
|
||||
{
|
||||
}
|
||||
|
||||
[Collection("scanner-mongo-fixture")]
|
||||
public sealed class StorageDualWriteFixture
|
||||
{
|
||||
private readonly ScannerMongoFixture _fixture;
|
||||
|
||||
public StorageDualWriteFixture(ScannerMongoFixture fixture)
|
||||
{
|
||||
_fixture = fixture;
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public async Task StoreArtifactAsync_DualWrite_WritesToMirrorAndCatalog()
|
||||
{
|
||||
var options = BuildOptions(dualWrite: true, mirrorBucket: "mirror-bucket");
|
||||
var objectStore = new InMemoryArtifactObjectStore();
|
||||
|
||||
await InitializeMongoAsync(options);
|
||||
var provider = new MongoCollectionProvider(_fixture.Database, Options.Create(options));
|
||||
var artifactRepository = new ArtifactRepository(provider);
|
||||
var lifecycleRepository = new LifecycleRuleRepository(provider);
|
||||
var service = new ArtifactStorageService(
|
||||
artifactRepository,
|
||||
lifecycleRepository,
|
||||
objectStore,
|
||||
Options.Create(options),
|
||||
NullLogger<ArtifactStorageService>.Instance);
|
||||
|
||||
var bytes = System.Text.Encoding.UTF8.GetBytes("test artifact payload");
|
||||
using var stream = new MemoryStream(bytes);
|
||||
var expiresAt = DateTime.UtcNow.AddHours(6);
|
||||
|
||||
var document = await service.StoreArtifactAsync(
|
||||
ArtifactDocumentType.LayerBom,
|
||||
ArtifactDocumentFormat.CycloneDxJson,
|
||||
mediaType: "application/vnd.cyclonedx+json",
|
||||
content: stream,
|
||||
immutable: true,
|
||||
ttlClass: "compliance",
|
||||
expiresAtUtc: expiresAt,
|
||||
cancellationToken: CancellationToken.None);
|
||||
|
||||
var digest = Convert.ToHexString(SHA256.HashData(bytes)).ToLowerInvariant();
|
||||
var expectedKey = $"{options.ObjectStore.RootPrefix.TrimEnd('/')}/layers/{digest}/sbom.cdx.json";
|
||||
Assert.Contains(objectStore.Objects.Keys, key => key.Bucket == options.ObjectStore.BucketName && key.Key == expectedKey);
|
||||
Assert.Contains(objectStore.Objects.Keys, key => key.Bucket == options.DualWrite.MirrorBucket && key.Key == expectedKey);
|
||||
|
||||
var artifact = await artifactRepository.GetAsync(document.Id, CancellationToken.None);
|
||||
Assert.NotNull(artifact);
|
||||
Assert.Equal($"sha256:{digest}", artifact!.BytesSha256);
|
||||
Assert.Equal(1, artifact.RefCount);
|
||||
Assert.Equal("compliance", artifact.TtlClass);
|
||||
Assert.True(artifact.Immutable);
|
||||
|
||||
var lifecycleCollection = _fixture.Database.GetCollection<LifecycleRuleDocument>(ScannerStorageDefaults.Collections.LifecycleRules);
|
||||
var lifecycle = await lifecycleCollection.Find(x => x.ArtifactId == document.Id).FirstOrDefaultAsync();
|
||||
Assert.NotNull(lifecycle);
|
||||
Assert.Equal("compliance", lifecycle!.Class);
|
||||
Assert.True(lifecycle.ExpiresAtUtc.HasValue);
|
||||
Assert.True(lifecycle.ExpiresAtUtc.Value <= expiresAt.AddSeconds(5));
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public async Task Bootstrapper_CreatesLifecycleTtlIndex()
|
||||
{
|
||||
var options = BuildOptions(dualWrite: false, mirrorBucket: null);
|
||||
await InitializeMongoAsync(options);
|
||||
|
||||
var collection = _fixture.Database.GetCollection<BsonDocument>(ScannerStorageDefaults.Collections.LifecycleRules);
|
||||
var cursor = await collection.Indexes.ListAsync();
|
||||
var indexes = await cursor.ToListAsync();
|
||||
var ttlIndex = indexes.SingleOrDefault(x => string.Equals(x["name"].AsString, "lifecycle_expiresAt", StringComparison.Ordinal));
|
||||
|
||||
Assert.NotNull(ttlIndex);
|
||||
Assert.True(ttlIndex!.TryGetValue("expireAfterSeconds", out var expireValue));
|
||||
Assert.Equal(0, expireValue.ToInt64());
|
||||
|
||||
var uniqueIndex = indexes.SingleOrDefault(x => string.Equals(x["name"].AsString, "lifecycle_artifact_class", StringComparison.Ordinal));
|
||||
Assert.NotNull(uniqueIndex);
|
||||
Assert.True(uniqueIndex!["unique"].AsBoolean);
|
||||
}
|
||||
|
||||
private ScannerStorageOptions BuildOptions(bool dualWrite, string? mirrorBucket)
|
||||
{
|
||||
var options = new ScannerStorageOptions
|
||||
{
|
||||
Mongo =
|
||||
{
|
||||
ConnectionString = _fixture.Runner.ConnectionString,
|
||||
DatabaseName = _fixture.Database.DatabaseNamespace.DatabaseName,
|
||||
},
|
||||
ObjectStore =
|
||||
{
|
||||
BucketName = "primary-bucket",
|
||||
RootPrefix = "scanner",
|
||||
EnableObjectLock = true,
|
||||
},
|
||||
};
|
||||
|
||||
options.DualWrite.Enabled = dualWrite;
|
||||
options.DualWrite.MirrorBucket = mirrorBucket;
|
||||
return options;
|
||||
}
|
||||
|
||||
private async Task InitializeMongoAsync(ScannerStorageOptions options)
|
||||
{
|
||||
await _fixture.Client.DropDatabaseAsync(options.Mongo.DatabaseName);
|
||||
var migrations = new IMongoMigration[] { new EnsureLifecycleRuleTtlMigration() };
|
||||
var runner = new MongoMigrationRunner(
|
||||
_fixture.Database,
|
||||
migrations,
|
||||
NullLogger<MongoMigrationRunner>.Instance,
|
||||
TimeProvider.System);
|
||||
var bootstrapper = new MongoBootstrapper(
|
||||
_fixture.Database,
|
||||
Options.Create(options),
|
||||
NullLogger<MongoBootstrapper>.Instance,
|
||||
runner);
|
||||
|
||||
await bootstrapper.InitializeAsync(CancellationToken.None);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user