main.py - corrected leasing behaviour (migrated from 'LEASE_REF' to 'ALLOTMENT_REF')

2023-01-03 13:05:05 +01:00 · 2023-01-03 13:05:05 +01:00 · 0e3e7cbd3a
parent bd5625af42
commit 0e3e7cbd3a
5 changed files with 76 additions and 19 deletions
--- a/README.md
+++ b/README.md
@ -292,7 +292,8 @@ After first success you have to replace `--issue` with `--renew`.
 | `DATABASE`             | `sqlite:///db.sqlite`                  | See [official SQLAlchemy docs](https://docs.sqlalchemy.org/en/14/core/engines.html)                  |
 | `CORS_ORIGINS`         | `https://{DLS_URL}`                    | Sets `Access-Control-Allow-Origin` header (comma separated string) \*2                               |
 | `SITE_KEY_XID`         | `00000000-0000-0000-0000-000000000000` | Site identification uuid                                                                             |
-| `INSTANCE_REF`         | `00000000-0000-0000-0000-000000000000` | Instance identification uuid                                                                         |
+| `INSTANCE_REF`         | `10000000-0000-0000-0000-000000000001` | Instance identification uuid                                                                         |
+| `ALLOTMENT_REF`        | `20000000-0000-0000-0000-000000000001` | Allotment identification uuid                                                                        |
 | `INSTANCE_KEY_RSA`     | `<app-dir>/cert/instance.private.pem`  | Site-wide private RSA key for singing JWTs                                                           |
 | `INSTANCE_KEY_PUB`     | `<app-dir>/cert/instance.public.pem`   | Site-wide public key                                                                                 |

--- a/app/main.py
+++ b/app/main.py
@ -36,7 +36,8 @@ db_init(db), migrate(db)
 DLS_URL = str(env('DLS_URL', 'localhost'))
 DLS_PORT = int(env('DLS_PORT', '443'))
 SITE_KEY_XID = str(env('SITE_KEY_XID', '00000000-0000-0000-0000-000000000000'))
-INSTANCE_REF = str(env('INSTANCE_REF', '00000000-0000-0000-0000-000000000000'))
+INSTANCE_REF = str(env('INSTANCE_REF', '10000000-0000-0000-0000-000000000001'))
+ALLOTMENT_REF = str(env('ALLOTMENT_REF', '20000000-0000-0000-0000-000000000001'))
 INSTANCE_KEY_RSA = load_key(str(env('INSTANCE_KEY_RSA', join(dirname(__file__), 'cert/instance.private.pem'))))
 INSTANCE_KEY_PUB = load_key(str(env('INSTANCE_KEY_PUB', join(dirname(__file__), 'cert/instance.public.pem'))))
 TOKEN_EXPIRE_DELTA = relativedelta(hours=1)  # days=1
@ -90,6 +91,7 @@ async def _config():
        'DLS_PORT': str(DLS_PORT),
        'SITE_KEY_XID': str(SITE_KEY_XID),
        'INSTANCE_REF': str(INSTANCE_REF),
+        'ALLOTMENT_REF': [ALLOTMENT_REF],
        'TOKEN_EXPIRE_DELTA': str(TOKEN_EXPIRE_DELTA),
        'LEASE_EXPIRE_DELTA': str(LEASE_EXPIRE_DELTA),
        'LEASE_RENEWAL_PERIOD': str(LEASE_RENEWAL_PERIOD),
@ -192,7 +194,7 @@ async def _client_token():
        "nbf": timegm(cur_time.timetuple()),
        "exp": timegm(exp_time.timetuple()),
        "update_mode": "ABSOLUTE",
-        "scope_ref_list": [str(uuid4())],  # this is our LEASE_REF
+        "scope_ref_list": [ALLOTMENT_REF],
        "fulfillment_class_ref_list": [],
        "service_instance_configuration": {
            "nls_service_instance_ref": INSTANCE_REF,
@ -361,12 +363,16 @@ async def leasing_v1_lessor(request: Request):

    lease_result_list = []
    for scope_ref in scope_ref_list:
+        if scope_ref not in [ALLOTMENT_REF]:
+            raise HTTPException(status_code=500, detail=f'no service instances found for scopes: ["{scope_ref}"]')
+
+        lease_ref = str(uuid4())
        expires = cur_time + LEASE_EXPIRE_DELTA
        lease_result_list.append({
            "ordinal": 0,
            # https://docs.nvidia.com/license-system/latest/nvidia-license-system-user-guide/index.html
            "lease": {
-                "ref": scope_ref,
+                "ref": lease_ref,
                "created": cur_time.isoformat(),
                "expires": expires.isoformat(),
                "recommended_lease_renewal": LEASE_RENEWAL_PERIOD,
@ -375,7 +381,7 @@ async def leasing_v1_lessor(request: Request):
            }
        })

-        data = Lease(origin_ref=origin_ref, lease_ref=scope_ref, lease_created=cur_time, lease_expires=expires)
+        data = Lease(origin_ref=origin_ref, scope_ref=scope_ref, lease_ref=lease_ref, lease_created=cur_time, lease_expires=expires)
        Lease.create_or_update(db, data)

    response = {
--- a/app/orm.py
+++ b/app/orm.py
@ -72,17 +72,19 @@ class Lease(Base):
    lease_ref = Column(CHAR(length=36), primary_key=True, nullable=False, index=True)  # uuid4

    origin_ref = Column(CHAR(length=36), ForeignKey(Origin.origin_ref, ondelete='CASCADE'), nullable=False, index=True)  # uuid4
+    scope_ref = Column(CHAR(length=36), nullable=False, index=True)  # uuid4
    lease_created = Column(DATETIME(), nullable=False)
    lease_expires = Column(DATETIME(), nullable=False)
    lease_updated = Column(DATETIME(), nullable=False)

    def __repr__(self):
-        return f'Lease(origin_ref={self.origin_ref}, lease_ref={self.lease_ref}, expires={self.lease_expires})'
+        return f'Lease(origin_ref={self.origin_ref}, scope_ref={self.scope_ref}, lease_ref={self.lease_ref}, expires={self.lease_expires})'

    def serialize(self) -> dict:
        return {
            'lease_ref': self.lease_ref,
            'origin_ref': self.origin_ref,
+            'scope_ref': self.scope_ref,
            'lease_created': self.lease_created.isoformat(),
            'lease_expires': self.lease_expires.isoformat(),
            'lease_updated': self.lease_updated.isoformat(),
@ -178,4 +180,14 @@ def migrate(engine: Engine):
            Lease.__table__.drop(bind=engine)
            init(engine)

+    def upgrade_1_2_to_1_3():
+        x = db.dialect.get_columns(engine.connect(), Lease.__tablename__)
+        x = next((_ for _ in x if _['name'] == 'scope_ref'), None)
+        if x is None:
+            Lease.scope_ref.compile()
+            column_name = Lease.scope_ref.name
+            column_type = Lease.scope_ref.type.compile(engine.dialect)
+            engine.execute(f'ALTER TABLE "{Lease.__tablename__}" ADD COLUMN "{column_name}" {column_type}')
+
    upgrade_1_0_to_1_1()
+    upgrade_1_2_to_1_3()
--- a/doc/Database.md
+++ b/doc/Database.md
@ -0,0 +1,26 @@
+# Database structure
+
+## `request_routing.service_instance`
+
+| xid                                    | org_name                 |
+|----------------------------------------|--------------------------|
+| `10000000-0000-0000-0000-000000000000` | `lic-000000000000000000` |
+
+- `xid` is used as `SERVICE_INSTANCE_XID`
+
+## `request_routing.license_allotment_service_instance`
+
+| xid                                    | service_instance_xid                   | license_allotment_xid                  |
+|----------------------------------------|----------------------------------------|----------------------------------------|
+| `90000000-0000-0000-0000-000000000001` | `10000000-0000-0000-0000-000000000000` | `80000000-0000-0000-0000-000000000001` |
+
+- `xid` is only a primary-key and never used as foreign-key or reference
+- `license_allotment_xid` must be used to fetch `xid`'s from `request_routing.license_allotment_reference`
+
+## `request_routing.license_allotment_reference`
+
+| xid                                    | license_allotment_xid                  |
+|----------------------------------------|----------------------------------------|
+| `20000000-0000-0000-0000-000000000001` | `80000000-0000-0000-0000-000000000001` | 
+
+- `xid` is used as `scope_ref_list` on token request
--- a/test/main.py
+++ b/test/main.py
@ -3,7 +3,7 @@ from hashlib import sha256
 from calendar import timegm
 from datetime import datetime
 from os.path import dirname, join
-from uuid import uuid4
+from uuid import uuid4, UUID

 from dateutil.relativedelta import relativedelta
 from jose import jwt, jwk
@ -20,8 +20,7 @@ from app.util import load_key

 client = TestClient(main.app)

-ORIGIN_REF, LEASE_REF = str(uuid4()), str(uuid4())
-SECRET = "HelloWorld"
+ORIGIN_REF, ALLOTMENT_REF, SECRET = str(uuid4()), '20000000-0000-0000-0000-000000000001', 'HelloWorld'

 # INSTANCE_KEY_RSA = generate_key()
 # INSTANCE_KEY_PUB = INSTANCE_KEY_RSA.public_key()
@ -177,15 +176,16 @@ def test_leasing_v1_lessor():
            'product': {'name': 'NVIDIA RTX Virtual Workstation'}
        }],
        'proposal_evaluation_mode': 'ALL_OF',
-        'scope_ref_list': [LEASE_REF]
+        'scope_ref_list': [ALLOTMENT_REF]
    }

    response = client.post('/leasing/v1/lessor', json=payload, headers={'authorization': __bearer_token(ORIGIN_REF)})
    assert response.status_code == 200

-    lease_result_list = response.json()['lease_result_list']
+    lease_result_list = response.json().get('lease_result_list')
    assert len(lease_result_list) == 1
-    assert lease_result_list[0]['lease']['ref'] == LEASE_REF
+    assert str(UUID(lease_result_list[0]['lease']['ref'])) == lease_result_list[0]['lease']['ref']
+    return lease_result_list[0]['lease']['ref']


 def test_leasing_v1_lessor_lease():
@ -194,29 +194,41 @@ def test_leasing_v1_lessor_lease():

    active_lease_list = response.json().get('active_lease_list')
    assert len(active_lease_list) == 1
-    assert active_lease_list[0] == LEASE_REF
+    assert str(UUID(active_lease_list[0])) == active_lease_list[0]


 def test_leasing_v1_lease_renew():
-    response = client.put(f'/leasing/v1/lease/{LEASE_REF}', headers={'authorization': __bearer_token(ORIGIN_REF)})
+    response = client.get('/leasing/v1/lessor/leases', headers={'authorization': __bearer_token(ORIGIN_REF)})
+    active_lease_list = response.json().get('active_lease_list')
+    lease_ref = active_lease_list[0]
+
+    ###
+
+    response = client.put(f'/leasing/v1/lease/{lease_ref}', headers={'authorization': __bearer_token(ORIGIN_REF)})
    assert response.status_code == 200

-    assert response.json()['lease_ref'] == LEASE_REF
+    assert response.json().get('lease_ref') == lease_ref


 def test_leasing_v1_lease_delete():
-    response = client.delete(f'/leasing/v1/lease/{LEASE_REF}', headers={'authorization': __bearer_token(ORIGIN_REF)})
+    response = client.get('/leasing/v1/lessor/leases', headers={'authorization': __bearer_token(ORIGIN_REF)})
+    active_lease_list = response.json().get('active_lease_list')
+    lease_ref = active_lease_list[0]
+
+    ###
+
+    response = client.delete(f'/leasing/v1/lease/{lease_ref}', headers={'authorization': __bearer_token(ORIGIN_REF)})
    assert response.status_code == 200

-    assert response.json()['lease_ref'] == LEASE_REF
+    assert response.json().get('lease_ref') == lease_ref


 def test_leasing_v1_lessor_lease_remove():
-    test_leasing_v1_lessor()
+    lease_ref = test_leasing_v1_lessor()

    response = client.delete('/leasing/v1/lessor/leases', headers={'authorization': __bearer_token(ORIGIN_REF)})
    assert response.status_code == 200

    released_lease_list = response.json().get('released_lease_list')
    assert len(released_lease_list) == 1
-    assert released_lease_list[0] == LEASE_REF
+    assert released_lease_list[0] == lease_ref