mirror of
https://github.com/coder/coder.git
synced 2026-06-02 20:48:20 +00:00
Cian Johnston
81468323e0
`time.Now()` has nanosecond precision while Postgres timestamps are microsecond precision. When tests compare `time.Now()` against DB-sourced timestamps using `Before`/`After`/`WithinRange`/etc., there is a non-zero flake risk from the precision mismatch. This replaces `time.Now()` with `dbtime.Now()` (which rounds to microsecond precision) in all test assertions that compare against database timestamps. Follows from #22684. ## Changes (11 files) | File | Changes | |---|---| | `coderd/apikey_test.go` | 11 comparisons with `ExpiresAt` | | `coderd/users_test.go` | 2 comparisons with `ExpiresAt` | | `coderd/oauth2_test.go` | 1 comparison with `token.Expiry` | | `coderd/workspaces_test.go` | 2 comparisons with `DormantAt` | | `coderd/workspaceagents_test.go` | 3 comparisons with `ConnectedAt`/`DisconnectedAt` | | `coderd/workspaceapps/db_test.go` | 1 comparison with `token.Expiry` | | `coderd/provisionerdserver/provisionerdserver_test.go` | 1 comparison with `key.ExpiresAt` | | `enterprise/coderd/workspaces_test.go` | 1 comparison with `DormantAt` | | `enterprise/coderd/license/license_test.go` | 3 `NotBefore` values | | `enterprise/coderd/licenses_test.go` | 2 `NotBefore` values | | `enterprise/coderd/users_test.go` | 3 `Next()` comparisons | ## Not changed (intentionally) - `scaletest/placebo/run_test.go` — compares wall-clock elapsed time, not DB timestamps - `cli/server_test.go`, `coderd/jwtutils/jwt_test.go`, `enterprise/aibridgeproxyd/aibridgeproxyd_test.go` — TLS cert fields, not DB-stored - `coderd/azureidentity/azureidentity_test.go` — Azure cert expiry, not DB 🤖 Generated by Claude Opus 4.6 but reviewed manually.
306 lines
10 KiB
Go
306 lines
10 KiB
Go
package coderd_test
|
|
|
|
import (
|
|
"context"
|
|
"net/http"
|
|
"testing"
|
|
"time"
|
|
|
|
"github.com/google/uuid"
|
|
"github.com/stretchr/testify/assert"
|
|
"github.com/stretchr/testify/require"
|
|
"golang.org/x/xerrors"
|
|
|
|
"github.com/coder/coder/v2/coderd/database/dbtime"
|
|
"github.com/coder/coder/v2/codersdk"
|
|
"github.com/coder/coder/v2/enterprise/coderd/coderdenttest"
|
|
"github.com/coder/coder/v2/enterprise/coderd/license"
|
|
"github.com/coder/coder/v2/testutil"
|
|
)
|
|
|
|
func TestPostLicense(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
t.Run("Success", func(t *testing.T) {
|
|
t.Parallel()
|
|
client, _ := coderdenttest.New(t, &coderdenttest.Options{DontAddLicense: true})
|
|
respLic := coderdenttest.AddLicense(t, client, coderdenttest.LicenseOptions{
|
|
AccountType: license.AccountTypeSalesforce,
|
|
AccountID: "testing",
|
|
Features: license.Features{
|
|
codersdk.FeatureAuditLog: 1,
|
|
},
|
|
})
|
|
assert.GreaterOrEqual(t, respLic.ID, int32(0))
|
|
// just a couple spot checks for sanity
|
|
assert.Equal(t, "testing", respLic.Claims["account_id"])
|
|
features, err := respLic.FeaturesClaims()
|
|
require.NoError(t, err)
|
|
assert.EqualValues(t, 1, features[codersdk.FeatureAuditLog])
|
|
})
|
|
|
|
t.Run("InvalidDeploymentID", func(t *testing.T) {
|
|
t.Parallel()
|
|
// The generated deployment will start out with a different deployment ID.
|
|
client, _ := coderdenttest.New(t, &coderdenttest.Options{DontAddLicense: true})
|
|
license := coderdenttest.GenerateLicense(t, coderdenttest.LicenseOptions{
|
|
DeploymentIDs: []string{uuid.NewString()},
|
|
})
|
|
_, err := client.AddLicense(context.Background(), codersdk.AddLicenseRequest{
|
|
License: license,
|
|
})
|
|
errResp := &codersdk.Error{}
|
|
require.ErrorAs(t, err, &errResp)
|
|
require.Equal(t, http.StatusBadRequest, errResp.StatusCode())
|
|
require.Contains(t, errResp.Message, "License cannot be used on this deployment!")
|
|
})
|
|
|
|
t.Run("InvalidAccountID", func(t *testing.T) {
|
|
t.Parallel()
|
|
// The generated deployment will start out with a different deployment ID.
|
|
client, _ := coderdenttest.New(t, &coderdenttest.Options{DontAddLicense: true})
|
|
license := coderdenttest.GenerateLicense(t, coderdenttest.LicenseOptions{
|
|
AllowEmpty: true,
|
|
AccountID: "",
|
|
})
|
|
_, err := client.AddLicense(context.Background(), codersdk.AddLicenseRequest{
|
|
License: license,
|
|
})
|
|
errResp := &codersdk.Error{}
|
|
require.ErrorAs(t, err, &errResp)
|
|
require.Equal(t, http.StatusBadRequest, errResp.StatusCode())
|
|
require.Contains(t, errResp.Message, "Invalid license")
|
|
})
|
|
|
|
t.Run("InvalidAccountType", func(t *testing.T) {
|
|
t.Parallel()
|
|
// The generated deployment will start out with a different deployment ID.
|
|
client, _ := coderdenttest.New(t, &coderdenttest.Options{DontAddLicense: true})
|
|
license := coderdenttest.GenerateLicense(t, coderdenttest.LicenseOptions{
|
|
AllowEmpty: true,
|
|
AccountType: "",
|
|
})
|
|
_, err := client.AddLicense(context.Background(), codersdk.AddLicenseRequest{
|
|
License: license,
|
|
})
|
|
errResp := &codersdk.Error{}
|
|
require.ErrorAs(t, err, &errResp)
|
|
require.Equal(t, http.StatusBadRequest, errResp.StatusCode())
|
|
require.Contains(t, errResp.Message, "Invalid license")
|
|
})
|
|
|
|
t.Run("InvalidLicenseExpires", func(t *testing.T) {
|
|
t.Parallel()
|
|
// The generated deployment will start out with a different deployment ID.
|
|
client, _ := coderdenttest.New(t, &coderdenttest.Options{DontAddLicense: true})
|
|
license := coderdenttest.GenerateLicense(t, coderdenttest.LicenseOptions{
|
|
GraceAt: time.Unix(99999999999, 0),
|
|
})
|
|
_, err := client.AddLicense(context.Background(), codersdk.AddLicenseRequest{
|
|
License: license,
|
|
})
|
|
errResp := &codersdk.Error{}
|
|
require.ErrorAs(t, err, &errResp)
|
|
require.Equal(t, http.StatusBadRequest, errResp.StatusCode())
|
|
require.Contains(t, errResp.Message, "Invalid license")
|
|
})
|
|
|
|
t.Run("Unauthorized", func(t *testing.T) {
|
|
t.Parallel()
|
|
client, _ := coderdenttest.New(t, &coderdenttest.Options{DontAddLicense: true})
|
|
client.SetSessionToken("")
|
|
_, err := client.AddLicense(context.Background(), codersdk.AddLicenseRequest{
|
|
License: "content",
|
|
})
|
|
errResp := &codersdk.Error{}
|
|
if xerrors.As(err, &errResp) {
|
|
assert.Equal(t, 401, errResp.StatusCode())
|
|
} else {
|
|
t.Error("expected to get error status 401")
|
|
}
|
|
})
|
|
|
|
t.Run("Corrupted", func(t *testing.T) {
|
|
t.Parallel()
|
|
client, _ := coderdenttest.New(t, &coderdenttest.Options{DontAddLicense: true})
|
|
coderdenttest.AddLicense(t, client, coderdenttest.LicenseOptions{})
|
|
_, err := client.AddLicense(context.Background(), codersdk.AddLicenseRequest{
|
|
License: "invalid",
|
|
})
|
|
errResp := &codersdk.Error{}
|
|
if xerrors.As(err, &errResp) {
|
|
assert.Equal(t, 400, errResp.StatusCode())
|
|
} else {
|
|
t.Error("expected to get error status 400")
|
|
}
|
|
})
|
|
|
|
// Test a license that isn't yet valid, but will be in the future. We should allow this so that
|
|
// operators can upload a license ahead of time.
|
|
t.Run("NotYet", func(t *testing.T) {
|
|
t.Parallel()
|
|
client, _ := coderdenttest.New(t, &coderdenttest.Options{DontAddLicense: true})
|
|
respLic := coderdenttest.AddLicense(t, client, coderdenttest.LicenseOptions{
|
|
AccountType: license.AccountTypeSalesforce,
|
|
AccountID: "testing",
|
|
Features: license.Features{
|
|
codersdk.FeatureAuditLog: 1,
|
|
},
|
|
NotBefore: dbtime.Now().Add(time.Hour),
|
|
GraceAt: time.Now().Add(2 * time.Hour),
|
|
ExpiresAt: time.Now().Add(3 * time.Hour),
|
|
})
|
|
assert.GreaterOrEqual(t, respLic.ID, int32(0))
|
|
// just a couple spot checks for sanity
|
|
assert.Equal(t, "testing", respLic.Claims["account_id"])
|
|
features, err := respLic.FeaturesClaims()
|
|
require.NoError(t, err)
|
|
assert.EqualValues(t, 1, features[codersdk.FeatureAuditLog])
|
|
})
|
|
|
|
// Test we still reject a license that isn't valid yet, but has other issues (e.g. expired
|
|
// before it starts).
|
|
t.Run("NotEver", func(t *testing.T) {
|
|
t.Parallel()
|
|
client, _ := coderdenttest.New(t, &coderdenttest.Options{DontAddLicense: true})
|
|
lic := coderdenttest.GenerateLicense(t, coderdenttest.LicenseOptions{
|
|
AccountType: license.AccountTypeSalesforce,
|
|
AccountID: "testing",
|
|
Features: license.Features{
|
|
codersdk.FeatureAuditLog: 1,
|
|
},
|
|
NotBefore: dbtime.Now().Add(time.Hour),
|
|
GraceAt: time.Now().Add(2 * time.Hour),
|
|
ExpiresAt: time.Now().Add(-time.Hour),
|
|
})
|
|
_, err := client.AddLicense(context.Background(), codersdk.AddLicenseRequest{
|
|
License: lic,
|
|
})
|
|
errResp := &codersdk.Error{}
|
|
require.ErrorAs(t, err, &errResp)
|
|
require.Equal(t, http.StatusBadRequest, errResp.StatusCode())
|
|
require.Contains(t, errResp.Detail, license.ErrMultipleIssues.Error())
|
|
})
|
|
}
|
|
|
|
func TestGetLicense(t *testing.T) {
|
|
t.Parallel()
|
|
t.Run("Success", func(t *testing.T) {
|
|
t.Parallel()
|
|
client, _ := coderdenttest.New(t, &coderdenttest.Options{DontAddLicense: true})
|
|
ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitLong)
|
|
defer cancel()
|
|
|
|
coderdenttest.AddLicense(t, client, coderdenttest.LicenseOptions{
|
|
AccountID: "testing",
|
|
Features: license.Features{
|
|
codersdk.FeatureAuditLog: 1,
|
|
codersdk.FeatureSCIM: 1,
|
|
codersdk.FeatureBrowserOnly: 1,
|
|
codersdk.FeatureTemplateRBAC: 1,
|
|
},
|
|
})
|
|
|
|
coderdenttest.AddLicense(t, client, coderdenttest.LicenseOptions{
|
|
AccountID: "testing2",
|
|
Features: license.Features{
|
|
codersdk.FeatureAuditLog: 1,
|
|
codersdk.FeatureSCIM: 1,
|
|
codersdk.FeatureBrowserOnly: 1,
|
|
codersdk.FeatureUserLimit: 200,
|
|
},
|
|
Trial: true,
|
|
})
|
|
|
|
licenses, err := client.Licenses(ctx)
|
|
require.NoError(t, err)
|
|
require.Len(t, licenses, 2)
|
|
assert.Equal(t, int32(1), licenses[0].ID)
|
|
assert.Equal(t, "testing", licenses[0].Claims["account_id"])
|
|
|
|
features, err := licenses[0].FeaturesClaims()
|
|
require.NoError(t, err)
|
|
assert.Equal(t, map[codersdk.FeatureName]int64{
|
|
codersdk.FeatureAuditLog: 1,
|
|
codersdk.FeatureSCIM: 1,
|
|
codersdk.FeatureBrowserOnly: 1,
|
|
codersdk.FeatureTemplateRBAC: 1,
|
|
}, features)
|
|
assert.Equal(t, int32(2), licenses[1].ID)
|
|
assert.Equal(t, "testing2", licenses[1].Claims["account_id"])
|
|
assert.Equal(t, true, licenses[1].Claims["trial"])
|
|
|
|
features, err = licenses[1].FeaturesClaims()
|
|
require.NoError(t, err)
|
|
assert.Equal(t, map[codersdk.FeatureName]int64{
|
|
codersdk.FeatureUserLimit: 200,
|
|
codersdk.FeatureAuditLog: 1,
|
|
codersdk.FeatureSCIM: 1,
|
|
codersdk.FeatureBrowserOnly: 1,
|
|
}, features)
|
|
})
|
|
}
|
|
|
|
func TestDeleteLicense(t *testing.T) {
|
|
t.Parallel()
|
|
t.Run("Empty", func(t *testing.T) {
|
|
t.Parallel()
|
|
client, _ := coderdenttest.New(t, &coderdenttest.Options{DontAddLicense: true})
|
|
ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitLong)
|
|
defer cancel()
|
|
|
|
err := client.DeleteLicense(ctx, 1)
|
|
errResp := &codersdk.Error{}
|
|
if xerrors.As(err, &errResp) {
|
|
assert.Equal(t, 404, errResp.StatusCode())
|
|
} else {
|
|
t.Error("expected to get error status 404")
|
|
}
|
|
})
|
|
|
|
t.Run("BadID", func(t *testing.T) {
|
|
t.Parallel()
|
|
client, _ := coderdenttest.New(t, &coderdenttest.Options{DontAddLicense: true})
|
|
ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitLong)
|
|
defer cancel()
|
|
|
|
//nolint:gocritic // RBAC is irrelevant here.
|
|
resp, err := client.Request(ctx, http.MethodDelete, "/api/v2/licenses/drivers", nil)
|
|
require.NoError(t, err)
|
|
assert.Equal(t, http.StatusNotFound, resp.StatusCode)
|
|
require.NoError(t, resp.Body.Close())
|
|
})
|
|
|
|
t.Run("Success", func(t *testing.T) {
|
|
t.Parallel()
|
|
client, _ := coderdenttest.New(t, &coderdenttest.Options{DontAddLicense: true})
|
|
ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitLong)
|
|
defer cancel()
|
|
|
|
coderdenttest.AddLicense(t, client, coderdenttest.LicenseOptions{
|
|
AccountID: "testing",
|
|
Features: license.Features{
|
|
codersdk.FeatureAuditLog: 1,
|
|
},
|
|
})
|
|
coderdenttest.AddLicense(t, client, coderdenttest.LicenseOptions{
|
|
AccountID: "testing2",
|
|
Features: license.Features{
|
|
codersdk.FeatureAuditLog: 1,
|
|
codersdk.FeatureUserLimit: 200,
|
|
},
|
|
})
|
|
|
|
licenses, err := client.Licenses(ctx)
|
|
require.NoError(t, err)
|
|
assert.Len(t, licenses, 2)
|
|
for _, l := range licenses {
|
|
err = client.DeleteLicense(ctx, l.ID)
|
|
require.NoError(t, err)
|
|
}
|
|
licenses, err = client.Licenses(ctx)
|
|
require.NoError(t, err)
|
|
assert.Len(t, licenses, 0)
|
|
})
|
|
}
|