hybrid_platforms_conductor 32.3.6 → 32.6.0

data/spec/hybrid_platforms_conductor_test/api/actions_executor/connectors/ssh/remote_actions_spec.rb

@@ -6,7 +6,7 @@ describe HybridPlatformsConductor::ActionsExecutor do
 
       it 'executes bash commands remotely' do
         with_test_platform_for_remote_testing(
-          expected_cmds: [[/.+\/ssh test_user@hpc\.node \/bin\/bash <<'EOF'\nbash_cmd.bash\nEOF/, proc { [0, 'Bash commands executed on node', ''] }]],
+          expected_cmds: [[/.+\/ssh hpc\.node \/bin\/bash <<'EOF'\nbash_cmd.bash\nEOF/, proc { [0, 'Bash commands executed on node', ''] }]],
           expected_stdout: 'Bash commands executed on node'
         ) do
           test_connector.remote_bash('bash_cmd.bash')
@@ -17,7 +17,7 @@ describe HybridPlatformsConductor::ActionsExecutor do
         with_test_platform_for_remote_testing(
           expected_cmds: [
             [
-              /.+\/ssh test_user@hpc\.node \/bin\/bash <<'EOF'\nbash_cmd.bash\nEOF/,
+              /.+\/ssh hpc\.node \/bin\/bash <<'EOF'\nbash_cmd.bash\nEOF/,
               proc do |cmd, log_to_file: nil, log_to_stdout: true, log_stdout_to_io: nil, log_stderr_to_io: nil, expected_code: 0, timeout: nil, no_exception: false|
                 expect(timeout).to eq 5
                 [0, '', '']
@@ -33,7 +33,7 @@ describe HybridPlatformsConductor::ActionsExecutor do
       it 'executes interactive commands remotely' do
         with_test_platform_for_remote_testing do
           expect(test_connector).to receive(:system) do |cmd|
-            expect(cmd).to match /^.+\/ssh test_user@hpc\.node$/
+            expect(cmd).to match /^.+\/ssh hpc\.node$/
           end
           test_connector.remote_interactive
         end
@@ -43,7 +43,7 @@ describe HybridPlatformsConductor::ActionsExecutor do
         with_test_platform_for_remote_testing(
           expected_cmds: [
             [
-              /cd \/path\/to && tar\s+--create\s+--gzip\s+--file -\s+src.file \| \/.+\/ssh\s+test_user@hpc\.node\s+"tar\s+--extract\s+--gunzip\s+--file -\s+--directory \/remote_path\/to\/dst.dir\s+--owner root\s+"/,
+              /cd \/path\/to && tar\s+--create\s+--gzip\s+--file -\s+src.file \| \/.+\/ssh\s+hpc\.node\s+"tar\s+--extract\s+--gunzip\s+--file -\s+--directory \/remote_path\/to\/dst.dir\s+--owner root\s+"/,
               proc { [0, '', ''] }
             ]
           ]
@@ -56,7 +56,7 @@ describe HybridPlatformsConductor::ActionsExecutor do
         with_test_platform_for_remote_testing(
           expected_cmds: [
             [
-              /cd \/path\/to && tar\s+--create\s+--gzip\s+--file -\s+src.file \| \/.+\/ssh\s+test_user@hpc\.node\s+"tar\s+--extract\s+--gunzip\s+--file -\s+--directory \/remote_path\/to\/dst.dir\s+--owner root\s+"/,
+              /cd \/path\/to && tar\s+--create\s+--gzip\s+--file -\s+src.file \| \/.+\/ssh\s+hpc\.node\s+"tar\s+--extract\s+--gunzip\s+--file -\s+--directory \/remote_path\/to\/dst.dir\s+--owner root\s+"/,
               proc do |cmd, log_to_file: nil, log_to_stdout: true, log_stdout_to_io: nil, log_stderr_to_io: nil, expected_code: 0, timeout: nil, no_exception: false|
                 expect(timeout).to eq 5
                 [0, '', '']
@@ -76,7 +76,7 @@ describe HybridPlatformsConductor::ActionsExecutor do
             [
               /.+\/hpc_temp_cmds_.+\.sh$/,
               proc do |received_cmd|
-                expect(File.read(received_cmd)).to match /.+\/ssh test_user@hpc\.node \/bin\/bash <<'EOF'\n#{Regexp.escape(cmd)}\nEOF/
+                expect(File.read(received_cmd)).to match /.+\/ssh hpc\.node \/bin\/bash <<'EOF'\n#{Regexp.escape(cmd)}\nEOF/
                 [0, 'Bash commands executed on node', '']
               end
             ]
@@ -92,7 +92,7 @@ describe HybridPlatformsConductor::ActionsExecutor do
         with_test_platform_for_remote_testing(
           expected_cmds: [
             [
-              /cd \/path\/to && tar\s+--create\s+--gzip\s+--file -\s+src.file \| \/.+\/ssh\s+test_user@hpc\.node\s+"sudo tar\s+--extract\s+--gunzip\s+--file -\s+--directory \/remote_path\/to\/dst.dir\s+--owner root\s+"/,
+              /cd \/path\/to && tar\s+--create\s+--gzip\s+--file -\s+src.file \| \/.+\/ssh\s+hpc\.node\s+"sudo -u root tar\s+--extract\s+--gunzip\s+--file -\s+--directory \/remote_path\/to\/dst.dir\s+--owner root\s+"/,
               proc { [0, '', ''] }
             ]
           ]
@@ -101,11 +101,25 @@ describe HybridPlatformsConductor::ActionsExecutor do
         end
       end
 
+      it 'copies files remotely with a different sudo' do
+        with_test_platform_for_remote_testing(
+          expected_cmds: [
+            [
+              /cd \/path\/to && tar\s+--create\s+--gzip\s+--file -\s+src.file \| \/.+\/ssh\s+hpc\.node\s+"other_sudo --user root tar\s+--extract\s+--gunzip\s+--file -\s+--directory \/remote_path\/to\/dst.dir\s+--owner root\s+"/,
+              proc { [0, '', ''] }
+            ]
+          ],
+          additional_config: 'sudo_for { |user| "other_sudo --user #{user}" }'
+        ) do
+          test_connector.remote_copy('/path/to/src.file', '/remote_path/to/dst.dir', sudo: true)
+        end
+      end
+
       it 'copies files remotely with a different owner' do
         with_test_platform_for_remote_testing(
           expected_cmds: [
             [
-              /cd \/path\/to && tar\s+--create\s+--gzip\s+--file -\s+--owner remote_user\s+src.file \| \/.+\/ssh\s+test_user@hpc\.node\s+"tar\s+--extract\s+--gunzip\s+--file -\s+--directory \/remote_path\/to\/dst.dir\s+--owner root\s+"/,
+              /cd \/path\/to && tar\s+--create\s+--gzip\s+--file -\s+--owner remote_user\s+src.file \| \/.+\/ssh\s+hpc\.node\s+"tar\s+--extract\s+--gunzip\s+--file -\s+--directory \/remote_path\/to\/dst.dir\s+--owner root\s+"/,
               proc { [0, '', ''] }
             ]
           ]
@@ -118,7 +132,7 @@ describe HybridPlatformsConductor::ActionsExecutor do
         with_test_platform_for_remote_testing(
           expected_cmds: [
             [
-              /cd \/path\/to && tar\s+--create\s+--gzip\s+--file -\s+--group remote_group\s+src.file \| \/.+\/ssh\s+test_user@hpc\.node\s+"tar\s+--extract\s+--gunzip\s+--file -\s+--directory \/remote_path\/to\/dst.dir\s+--owner root\s+"/,
+              /cd \/path\/to && tar\s+--create\s+--gzip\s+--file -\s+--group remote_group\s+src.file \| \/.+\/ssh\s+hpc\.node\s+"tar\s+--extract\s+--gunzip\s+--file -\s+--directory \/remote_path\/to\/dst.dir\s+--owner root\s+"/,
               proc { [0, '', ''] }
             ]
           ]

data/spec/hybrid_platforms_conductor_test/api/deployer/config_dsl_spec.rb

@@ -0,0 +1,15 @@
+describe HybridPlatformsConductor::Deployer do
+
+  context 'checking deployer specific config DSL' do
+
+    it 'declares a packaging timeout' do
+      with_repository do |repository|
+        with_platforms('packaging_timeout 666') do
+          expect(test_config.packaging_timeout_secs).to eq 666
+        end
+      end
+    end
+
+  end
+
+end

data/spec/hybrid_platforms_conductor_test/api/nodes_handler/common_spec.rb

@@ -124,4 +124,32 @@ describe HybridPlatformsConductor::NodesHandler do
     end
   end
 
+    it 'computes the correct sudo for different nodes' do
+      with_test_platform(
+        {
+          nodes: {
+            'node1' => {},
+            'node2' => {},
+            'node3' => {}
+          }
+        },
+        false,
+        '
+          for_nodes(%w[node1 node2]) do
+            sudo_for { |user| "alt_sudo1 -p #{user}" }
+          end
+          for_nodes(\'node2\') do
+            sudo_for { |user| "alt_sudo2 -q #{user}" }
+          end
+        '
+      ) do
+        expect(test_nodes_handler.sudo_on('node1')).to eq 'alt_sudo1 -p root'
+        expect(test_nodes_handler.sudo_on('node1', 'test_user')).to eq 'alt_sudo1 -p test_user'
+        expect(test_nodes_handler.sudo_on('node2')).to eq 'alt_sudo2 -q root'
+        expect(test_nodes_handler.sudo_on('node2', 'test_user')).to eq 'alt_sudo2 -q test_user'
+        expect(test_nodes_handler.sudo_on('node3')).to eq 'sudo -u root'
+        expect(test_nodes_handler.sudo_on('node3', 'test_user')).to eq 'sudo -u test_user'
+      end
+    end
+
 end

data/spec/hybrid_platforms_conductor_test/api/nodes_handler/config_dsl_spec.rb

@@ -0,0 +1,71 @@
+describe HybridPlatformsConductor::NodesHandler do
+
+  context 'checking config DSL' do
+
+    it 'adds helpers for master cmdbs' do
+      with_test_platform(
+        {
+          nodes: {
+            'node1' => {},
+            'node2' => {},
+            'node3' => {}
+          }
+        },
+        false,
+        '
+          master_cmdbs(
+            test_cmdb: :property1,
+            test_cmdb2: :property2
+          )
+          for_nodes(\'node2\') do
+            master_cmdbs(test_cmdb: :property3)
+          end
+        '
+      ) do
+        register_test_cmdb(%i[test_cmdb test_cmdb2])
+        expect(test_config.cmdb_masters).to eq [
+          {
+            nodes_selectors_stack: [],
+            cmdb_masters: {
+              test_cmdb: [:property1],
+              test_cmdb2: [:property2]
+            }
+          },
+          {
+            nodes_selectors_stack: ['node2'],
+            cmdb_masters: {
+              test_cmdb: [:property3]
+            }
+          }
+        ]
+      end
+    end
+
+    it 'adds helpers for configurable sudo' do
+      with_test_platform(
+        {
+          nodes: {
+            'node1' => {},
+            'node2' => {},
+            'node3' => {}
+          }
+        },
+        false,
+        '
+          sudo_for { |user| "alt_sudo1 -p #{user}" }
+          for_nodes(\'node2\') do
+            sudo_for { |user| "alt_sudo2 -q #{user}" }
+          end
+        '
+      ) do
+        expect(test_config.sudo_procs.size).to eq 2
+        expect(test_config.sudo_procs[0][:nodes_selectors_stack]).to eq []
+        expect(test_config.sudo_procs[0][:sudo_proc].call('test_user')).to eq 'alt_sudo1 -p test_user'
+        expect(test_config.sudo_procs[1][:nodes_selectors_stack]).to eq ['node2']
+        expect(test_config.sudo_procs[1][:sudo_proc].call('test_user')).to eq 'alt_sudo2 -q test_user'
+      end
+    end
+
+  end
+
+end

data/spec/hybrid_platforms_conductor_test/api/nodes_handler/git_diff_impacts_spec.rb

@@ -33,6 +33,16 @@ describe HybridPlatformsConductor::NodesHandler do
       end
     end
 
+    it 'fails when the commit id is invalid' do
+      with_test_platform({}, true) do
+        with_cmd_runner_mocked([
+          [/cd .+\/my_remote_platform && git --no-pager diff --no-color invalid_id/, proc { raise HybridPlatformsConductor::CmdRunner::UnexpectedExitCodeError, 'Mocked git error due to an invalid commit id' }]
+        ]) do
+          expect { test_nodes_handler.impacted_nodes_from_git_diff('my_remote_platform', from_commit: 'invalid_id') }.to raise_error HybridPlatformsConductor::NodesHandler::GitError, 'Mocked git error due to an invalid commit id'
+        end
+      end
+    end
+
     it 'diffs to another commit if asked' do
       with_test_platform({}, true) do
         with_cmd_runner_mocked([

data/spec/hybrid_platforms_conductor_test/executables/nodes_to_deploy_spec.rb

@@ -106,6 +106,31 @@ describe 'nodes_to_deploy executable' do
     end
   end
 
+  it 'considers nodes having invalid commit ids in their logs to be deployed' do
+    with_test_platform_for_nodes_to_deploy do
+      expect_actions_executor_runs([proc do |actions|
+        expect(actions).to eq(
+          'node1' => { remote_bash: "cd /var/log/deployments && ls -t | head -1 | xargs sed '/===== STDOUT =====/q'" },
+          'node2' => { remote_bash: "cd /var/log/deployments && ls -t | head -1 | xargs sed '/===== STDOUT =====/q'" }
+        )
+        {
+          'node1' => [0, "repo_name_0: platform\nexit_status: 0\ncommit_id_0: abcdef1", ''],
+          'node2' => [0, "repo_name_0: platform\nexit_status: 0\ncommit_id_0: abcdef2", '']
+        }
+      end])
+      expect(test_nodes_handler).to receive(:impacted_nodes_from_git_diff).with('platform', from_commit: 'abcdef1', to_commit: 'master') do
+        raise HybridPlatformsConductor::NodesHandler::GitError, 'Mocked git error due to an invalid commit id'
+      end
+      expect(test_nodes_handler).to receive(:impacted_nodes_from_git_diff).with('platform', from_commit: 'abcdef2', to_commit: 'master') { [%w[], [], [], false] }
+      exit_code, stdout, stderr = run 'nodes_to_deploy'
+      expect(exit_code).to eq 0
+      expect(stdout).to eq <<~EOS
+        ===== Nodes to deploy =====
+        node1
+      EOS
+    end
+  end
+
   it 'ignores impacts if asked' do
     with_test_platform_for_nodes_to_deploy do
       exit_code, stdout, stderr = run 'nodes_to_deploy', '--ignore-deployed-info'

data/spec/hybrid_platforms_conductor_test/helpers/connector_ssh_helpers.rb

@@ -10,6 +10,7 @@ module HybridPlatformsConductorTest
       # Parameters::
       # * *nodes_connections* (Hash<String, Hash<Symbol,Object> >): Nodes' connections info, per node name:
       #   * *connection* (String): Connection string (fqdn, IP...) used by SSH
+      #   * *ip* (String): IP used by SSH (can be different from connection in case of transformed SSH) [default: connection]
       #   * *user* (String): User used by SSH
       #   * *times* (Integer): Number of times this connection should be used [default: 1]
       #   * *control_master_create_error* (String or nil): Error to simulate during the SSH ControlMaster creation, or nil for none [default: nil]
@@ -33,16 +34,17 @@ module HybridPlatformsConductorTest
           ssh_commands_once = []
           ssh_commands_per_connection = []
           if with_strict_host_key_checking
+            ip = node_connection_info[:ip] || node_connection_info[:connection]
             ssh_commands_once.concat([
               [
-                "ssh-keyscan #{node_connection_info[:connection]}",
-                proc { [0, "#{node_connection_info[:connection]} ssh-rsa fake_host_key_for_#{node_connection_info[:connection]}", ''] }
+                "ssh-keyscan #{ip}",
+                proc { [0, "#{ip} ssh-rsa fake_host_key_for_#{ip}", ''] }
               ]
             ])
           end
           if with_control_master_create
             ssh_commands_per_connection << [
-              /^.+\/ssh #{with_batch_mode ? '-o BatchMode=yes ' : ''}-o ControlMaster=yes -o ControlPersist=yes #{Regexp.escape(node_connection_info[:user])}@hpc\.#{Regexp.escape(node)} true$/,
+              /^.+\/ssh #{with_batch_mode ? '-o BatchMode=yes ' : ''}-o ControlMaster=yes -o ControlPersist=yes hpc\.#{Regexp.escape(node)} true$/,
               proc do
                 control_file = test_actions_executor.connector(:ssh).send(:control_master_file, node_connection_info[:connection], '22', node_connection_info[:user])
                 # Fail if the ControlMaster file already exists, as would SSH do if the file is stalled
@@ -60,13 +62,13 @@ module HybridPlatformsConductorTest
           end
           if with_control_master_check
             ssh_commands_per_connection << [
-              /^.+\/ssh -O check #{Regexp.escape(node_connection_info[:user])}@hpc\.#{Regexp.escape(node)}$/,
+              /^.+\/ssh -O check hpc\.#{Regexp.escape(node)}$/,
               proc { [0, '', ''] }
             ]
           end
           if with_control_master_destroy
             ssh_commands_per_connection << [
-              /^.+\/ssh -O exit #{Regexp.escape(node_connection_info[:user])}@hpc\.#{Regexp.escape(node)} 2>&1 \| grep -v 'Exit request sent\.'$/,
+              /^.+\/ssh -O exit hpc\.#{Regexp.escape(node)} 2>&1 \| grep -v 'Exit request sent\.'$/,
               proc do
                 # Really mock the control file deletion
                 File.unlink(test_actions_executor.connector(:ssh).send(:control_master_file, node_connection_info[:connection], '22', node_connection_info[:user]))
@@ -94,9 +96,17 @@ module HybridPlatformsConductorTest
       # * *expected_stderr* (String): Expected stderr after client code execution [default: '']
       # * *timeout* (Integer or nil): Timeout to prepare the connector for [default: nil]
       # * *password* (String or nil): Password to set for the node, or nil for none [default: nil]
+      # * *additional_config* (String): Additional config [default: '']
       # * Proc: Client code to execute testing
-      def with_test_platform_for_remote_testing(expected_cmds: [], expected_stdout: '', expected_stderr: '', timeout: nil, password: nil)
-        with_test_platform(nodes: { 'node' => { meta: { host_ip: '192.168.42.42' } } }) do
+      def with_test_platform_for_remote_testing(
+        expected_cmds: [],
+        expected_stdout: '',
+        expected_stderr: '',
+        timeout: nil,
+        password: nil,
+        additional_config: ''
+      )
+        with_test_platform({ nodes: { 'node' => { meta: { host_ip: '192.168.42.42' } } } }, false, additional_config) do
           with_cmd_runner_mocked(
             [
               ['which env', proc { [0, "/usr/bin/env\n", ''] }],

data/spec/hybrid_platforms_conductor_test/helpers/deployer_helpers.rb

@@ -9,12 +9,12 @@ module HybridPlatformsConductorTest
       # Parameters::
       # * *action* (Hash<Symbol,Object>): The action to check
       # * *node* (String): The concerned node
-      # * *sudo* (Boolean): Is sudo supposed to be used? [default: true]
-      def expect_action_to_lock_node(action, node, sudo: true)
+      # * *sudo* (String or nil): sudo supposed to be used, or nil if none [default: 'sudo -u root']
+      def expect_action_to_lock_node(action, node, sudo: 'sudo -u root')
         expect(action[:scp].size).to eq 1
         expect(action[:scp].first[0]).to match /^.+\/mutex_dir$/
         expect(action[:scp].first[1]).to eq '.'
-        expect(action[:remote_bash]).to eq "while ! #{sudo ? 'sudo ' : ''}./mutex_dir lock /tmp/hybrid_platforms_conductor_deploy_lock \"$(ps -o ppid= -p $$)\"; do echo -e 'Another deployment is running on #{node}. Waiting for it to finish to continue...' ; sleep 5 ; done"
+        expect(action[:remote_bash]).to eq "while ! #{sudo ? "#{sudo} " : ''}./mutex_dir lock /tmp/hybrid_platforms_conductor_deploy_lock \"$(ps -o ppid= -p $$)\"; do echo -e 'Another deployment is running on #{node}. Waiting for it to finish to continue...' ; sleep 5 ; done"
       end
 
       # Expect a given action to be releasing the mutex on a given node
@@ -22,9 +22,9 @@ module HybridPlatformsConductorTest
       # Parameters::
       # * *action* (Hash<Symbol,Object>): The action to check
       # * *node* (String): The concerned node
-      # * *sudo* (Boolean): Is sudo supposed to be used? [default: true]
-      def expect_action_to_unlock_node(action, node, sudo: true)
-        expect(action).to eq(remote_bash: "#{sudo ? 'sudo ' : ''}./mutex_dir unlock /tmp/hybrid_platforms_conductor_deploy_lock")
+      # * *sudo* (String or nil): sudo supposed to be used, or nil if none [default: 'sudo -u root']
+      def expect_action_to_unlock_node(action, node, sudo: 'sudo -u root')
+        expect(action).to eq(remote_bash: "#{sudo ? "#{sudo} " : ''}./mutex_dir unlock /tmp/hybrid_platforms_conductor_deploy_lock")
       end
 
       # Expect a given set of actions to be a deployment
@@ -33,12 +33,12 @@ module HybridPlatformsConductorTest
       # * *actions* (Object): Actions
       # * *nodes* (String or Array<String>): Node (or list of nodes) that should be checked
       # * *check* (Boolean): Is the deploy only a check? [default: false]
-      # * *sudo* (Boolean): Is sudo supposed to be used? [default: true]
+      # * *sudo* (String or nil): sudo supposed to be used, or nil if none [default: 'sudo -u root']
       # * *expected_actions* (Array<Object>): Additional expected actions [default: []]
       # * *mocked_result* (Hash<String, [Object, String, String]>): Expected result of the actions, per node, or nil for success [default: nil]
       # Result::
       # * Hash<String, [Integer or Symbol, String, String] >: Expected result of those expected actions
-      def expect_actions_to_deploy_on(actions, nodes, check: false, sudo: true, expected_actions: [], mocked_result: nil)
+      def expect_actions_to_deploy_on(actions, nodes, check: false, sudo: 'sudo -u root', expected_actions: [], mocked_result: nil)
         nodes = [nodes] if nodes.is_a?(String)
         mocked_result = Hash[nodes.map { |node| [node, [0, "#{check ? 'Check' : 'Deploy'} successful", '']] }] if mocked_result.nil?
         expect(actions.size).to eq nodes.size
@@ -57,8 +57,8 @@ module HybridPlatformsConductorTest
       # Parameters::
       # * *actions* (Object): Actions
       # * *nodes* (String or Array<String>): Node (or list of nodes) that should be checked
-      # * *sudo* (Boolean): Is sudo supposed to be used? [default: true]
-      def expect_actions_to_unlock(actions, nodes, sudo: true)
+      # * *sudo* (String or nil): sudo supposed to be used, or nil if none [default: 'sudo -u root']
+      def expect_actions_to_unlock(actions, nodes, sudo: 'sudo -u root')
         nodes = [nodes] if nodes.is_a?(String)
         expect(actions.size).to eq nodes.size
         nodes.each do |node|
@@ -73,17 +73,17 @@ module HybridPlatformsConductorTest
       # Parameters::
       # * *actions* (Object): Actions
       # * *nodes* (String or Array<String>): Node (or list of nodes) that should be checked
-      # * *sudo* (Boolean): Is sudo supposed to be used? [default: true]
-      def expect_actions_to_upload_logs(actions, nodes, sudo: true)
+      # * *sudo* (String or nil): sudo supposed to be used, or nil if none [default: 'sudo -u root']
+      def expect_actions_to_upload_logs(actions, nodes, sudo: 'sudo -u root')
         nodes = [nodes] if nodes.is_a?(String)
         expect(actions.size).to eq nodes.size
         nodes.each do |node|
           expect(actions.key?(node)).to eq true
-          expect(actions[node][:remote_bash]).to eq "#{sudo ? 'sudo ' : ''}mkdir -p /var/log/deployments"
+          expect(actions[node][:remote_bash]).to eq "#{sudo ? "#{sudo} " : ''}mkdir -p /var/log/deployments"
           expect(actions[node][:scp].first[1]).to eq '/var/log/deployments'
           expect(actions[node][:scp][:group]).to eq 'root'
           expect(actions[node][:scp][:owner]).to eq 'root'
-          expect(actions[node][:scp][:sudo]).to eq sudo
+          expect(actions[node][:scp][:sudo]).to eq (!sudo.nil?)
         end
         Hash[nodes.map { |node| [node, [0, 'Logs uploaded', '']] }]
       end

data/spec/hybrid_platforms_conductor_test/helpers/deployer_test_helpers.rb

@@ -1,3 +1,5 @@
+require 'timeout'
+
 module HybridPlatformsConductorTest
 
   module Helpers
@@ -18,7 +20,7 @@ module HybridPlatformsConductorTest
           #
           # Parameters::
           # * *services* (Hash<String, Array<String> >): Expected nodes that should be deployed, with their corresponding services [default: { 'node' => %w[service] }]
-          # * *sudo* (Boolean): Do we expect sudo to be used in commands? [default: true]
+          # * *sudo* (String or nil): sudo supposed to be used, or nil if none [default: 'sudo -u root']
           # * *check_mode* (Boolean): Are we testing in check mode? [default: @check_mode]
           # * *mocked_deploy_result* (Hash or nil): Mocked result of the deployment actions, or nil to use the helper's default [default: nil]
           # * *additional_expected_actions* (Array): Additional expected actions [default: []]
@@ -26,7 +28,7 @@ module HybridPlatformsConductorTest
           # * *expect_actions_timeout* (Integer or nil): Expected timeout in actions, or nil for none [default: nil]
           def expected_actions_for_deploy_on(
             services: { 'node' => %w[service] },
-            sudo: true,
+            sudo: 'sudo -u root',
             check_mode: @check_mode,
             mocked_deploy_result: nil,
             additional_expected_actions: [],
@@ -76,8 +78,11 @@ module HybridPlatformsConductorTest
           #
           # Parameters::
           # * *nodes_info* (Hash): Node info to give the platform [default: 1 node having 1 service]
+          # * *expect_package* (Boolean): Should we expect packaging? [default: true]
+          # * *expect_prepare_for_deploy* (Boolean): Should we expect calls to prepare for deploy? [default: true]
+          # * *expect_connections_to_nodes* (Boolean): Should we expect connections to nodes? [default: true]
           # * *expect_default_actions* (Boolean): Should we expect default actions? [default: true]
-          # * *expect_sudo* (Boolean): Do we expect sudo to be used in commands? [default: true]
+          # * *expect_sudo* (String or nil): Expected sudo command, or nil if none [default: 'sudo -u root']
           # * *expect_secrets* (Hash): Secrets to be expected during deployment [default: {}]
           # * *expect_local_environment* (Boolean): Expected local environment flag [default: false]
           # * *expect_additional_actions* (Array): Additional expected actions [default: []]
@@ -90,8 +95,11 @@ module HybridPlatformsConductorTest
           #     * *repository* (String): Path to the repository
           def with_platform_to_deploy(
             nodes_info: { nodes: { 'node' => { services: %w[service] } } },
+            expect_package: true,
+            expect_prepare_for_deploy: true,
+            expect_connections_to_nodes: true,
             expect_default_actions: true,
-            expect_sudo: true,
+            expect_sudo: 'sudo -u root',
             expect_secrets: {},
             expect_local_environment: false,
             expect_additional_actions: [],
@@ -102,40 +110,52 @@ module HybridPlatformsConductorTest
           )
             platform_name = check_mode ? 'platform' : 'my_remote_platform'
             with_test_platform(nodes_info, !check_mode, additional_config) do |repository|
-              with_connections_mocked_on(nodes_info[:nodes].keys) do
-                # Mock the ServicesHandler accesses
-                expect_services_to_deploy = Hash[nodes_info[:nodes].map do |node, node_info|
-                  [node, node_info[:services]]
-                end]
-                unless check_mode
-                  expect(test_services_handler).to receive(:deploy_allowed?).with(
-                    services: expect_services_to_deploy,
-                    secrets: expect_secrets,
-                    local_environment: expect_local_environment
-                  ) do
-                    nil
-                  end
+              # Mock the ServicesHandler accesses
+              expect_services_to_deploy = Hash[nodes_info[:nodes].map do |node, node_info|
+                [node, node_info[:services]]
+              end]
+              unless check_mode
+                expect(test_services_handler).to receive(:deploy_allowed?).with(
+                  services: expect_services_to_deploy,
+                  secrets: expect_secrets,
+                  local_environment: expect_local_environment
+                ) do
+                  nil
                 end
+              end
+              if expect_package
                 expect(test_services_handler).to receive(:package).with(
                   services: expect_services_to_deploy,
                   secrets: expect_secrets,
                   local_environment: expect_local_environment
                 )
+              else
+                expect(test_services_handler).not_to receive(:package)
+              end
+              if expect_prepare_for_deploy
                 expect(test_services_handler).to receive(:prepare_for_deploy).with(
                   services: expect_services_to_deploy,
                   secrets: expect_secrets,
                   local_environment: expect_local_environment,
                   why_run: check_mode
                 )
-                expect_actions_executor_runs(expected_actions_for_deploy_on(
-                  services: expect_services_to_deploy,
-                  check_mode: check_mode,
-                  sudo: expect_sudo,
-                  additional_expected_actions: expect_additional_actions,
-                  expect_concurrent_actions: expect_concurrent_actions,
-                  expect_actions_timeout: expect_actions_timeout
-                )) if expect_default_actions
-                test_deployer.use_why_run = true if check_mode
+              else
+                expect(test_services_handler).not_to receive(:prepare_for_deploy)
+              end
+              test_deployer.use_why_run = true if check_mode
+              if expect_connections_to_nodes
+                with_connections_mocked_on(nodes_info[:nodes].keys) do
+                  expect_actions_executor_runs(expected_actions_for_deploy_on(
+                    services: expect_services_to_deploy,
+                    check_mode: check_mode,
+                    sudo: expect_sudo,
+                    additional_expected_actions: expect_additional_actions,
+                    expect_concurrent_actions: expect_concurrent_actions,
+                    expect_actions_timeout: expect_actions_timeout
+                  )) if expect_default_actions
+                  yield repository
+                end
+              else
                 yield repository
               end
             end
@@ -181,12 +201,21 @@ module HybridPlatformsConductorTest
           end
 
           it 'deploys on 1 node using root' do
-            with_platform_to_deploy(expect_sudo: false) do
+            with_platform_to_deploy(expect_sudo: nil) do
               test_actions_executor.connector(:ssh).ssh_user = 'root'
               expect(test_deployer.deploy_on('node')).to eq('node' => expected_deploy_result)
             end
           end
 
+          it 'deploys on 1 node using an alternate sudo' do
+            with_platform_to_deploy(
+              expect_sudo: 'other_sudo --user root',
+              additional_config: 'sudo_for { |user| "other_sudo --user #{user}" }'
+            ) do
+              expect(test_deployer.deploy_on('node')).to eq('node' => expected_deploy_result)
+            end
+          end
+
           it 'deploys on 1 node using 1 secret' do
             with_platform_to_deploy(expect_secrets: { 'secret1' => 'password1' }) do
               test_deployer.secrets = [{ 'secret1' => 'password1' }]
@@ -207,9 +236,9 @@ module HybridPlatformsConductorTest
                 nodes_info: { nodes: { 'node' => { meta: { image: 'debian_9' }, services: %w[service] } } },
                 expect_local_environment: true,
                 expect_additional_actions: [
-                  { remote_bash: 'sudo apt update && sudo apt install -y ca-certificates' },
+                  { remote_bash: 'sudo -u root apt update && sudo -u root apt install -y ca-certificates' },
                   {
-                    remote_bash: 'sudo update-ca-certificates',
+                    remote_bash: 'sudo -u root update-ca-certificates',
                     scp:  {
                       certs_dir => '/usr/local/share/ca-certificates',
                       :sudo => true
@@ -224,6 +253,31 @@ module HybridPlatformsConductorTest
             end
           end
 
+          it 'deploys on 1 node in local environment with certificates to install using hpc_certificates on Debian and an alternate sudo' do
+            with_certs_dir do |certs_dir|
+              with_platform_to_deploy(
+                nodes_info: { nodes: { 'node' => { meta: { image: 'debian_9' }, services: %w[service] } } },
+                expect_sudo: 'other_sudo --user root',
+                expect_local_environment: true,
+                expect_additional_actions: [
+                  { remote_bash: 'other_sudo --user root apt update && other_sudo --user root apt install -y ca-certificates' },
+                  {
+                    remote_bash: 'other_sudo --user root update-ca-certificates',
+                    scp:  {
+                      certs_dir => '/usr/local/share/ca-certificates',
+                      :sudo => true
+                    }
+                  }
+                ],
+                additional_config: 'sudo_for { |user| "other_sudo --user #{user}" }'
+              ) do
+                ENV['hpc_certificates'] = certs_dir
+                test_deployer.local_environment = true
+                expect(test_deployer.deploy_on('node')).to eq('node' => expected_deploy_result)
+              end
+            end
+          end
+
           it 'deploys on 1 node with certificates to install using hpc_certificates on Debian but ignores them in non-local environment' do
             with_certs_dir do |certs_dir|
               with_platform_to_deploy(nodes_info: { nodes: { 'node' => { meta: { image: 'debian_9' }, services: %w[service] } } }) do
@@ -237,7 +291,7 @@ module HybridPlatformsConductorTest
             with_certs_dir do |certs_dir|
               with_platform_to_deploy(
                 nodes_info: { nodes: { 'node' => { meta: { image: 'debian_9' }, services: %w[service] } } },
-                expect_sudo: false,
+                expect_sudo: nil,
                 expect_local_environment: true,
                 expect_additional_actions: [
                   { remote_bash: 'apt update && apt install -y ca-certificates' },
@@ -264,9 +318,9 @@ module HybridPlatformsConductorTest
                 nodes_info: { nodes: { 'node' => { meta: { image: 'centos_7' }, services: %w[service] } } },
                 expect_local_environment: true,
                 expect_additional_actions: [
-                  { remote_bash: 'sudo yum install -y ca-certificates' },
+                  { remote_bash: 'sudo -u root yum install -y ca-certificates' },
                   {
-                    remote_bash: ['sudo update-ca-trust enable', 'sudo update-ca-trust extract'],
+                    remote_bash: ['sudo -u root update-ca-trust enable', 'sudo -u root update-ca-trust extract'],
                     scp: {
                       "#{certs_dir}/test_cert.crt" => '/etc/pki/ca-trust/source/anchors',
                       :sudo => true
@@ -281,11 +335,36 @@ module HybridPlatformsConductorTest
             end
           end
 
+          it 'deploys on 1 node with certificates to install using hpc_certificates on CentOS and an alternate sudo' do
+            with_certs_dir do |certs_dir|
+              with_platform_to_deploy(
+                nodes_info: { nodes: { 'node' => { meta: { image: 'centos_7' }, services: %w[service] } } },
+                expect_sudo: 'other_sudo --user root',
+                expect_local_environment: true,
+                expect_additional_actions: [
+                  { remote_bash: 'other_sudo --user root yum install -y ca-certificates' },
+                  {
+                    remote_bash: ['other_sudo --user root update-ca-trust enable', 'other_sudo --user root update-ca-trust extract'],
+                    scp: {
+                      "#{certs_dir}/test_cert.crt" => '/etc/pki/ca-trust/source/anchors',
+                      :sudo => true
+                    }
+                  }
+                ],
+                additional_config: 'sudo_for { |user| "other_sudo --user #{user}" }'
+              ) do
+                ENV['hpc_certificates'] = certs_dir
+                test_deployer.local_environment = true
+                expect(test_deployer.deploy_on('node')).to eq('node' => expected_deploy_result)
+              end
+            end
+          end
+
           it 'deploys on 1 node with certificates to install using hpc_certificates on CentOS using root' do
             with_certs_dir do |certs_dir|
               with_platform_to_deploy(
                 nodes_info: { nodes: { 'node' => { meta: { image: 'centos_7' }, services: %w[service] } } },
-                expect_sudo: false,
+                expect_sudo: nil,
                 expect_local_environment: true,
                 expect_additional_actions: [
                   { remote_bash: 'yum install -y ca-certificates' },
@@ -360,6 +439,31 @@ module HybridPlatformsConductorTest
             end
           end
 
+          it 'fails when packaging timeout has been reached while taking the futex' do
+            with_platform_to_deploy(
+                additional_config: 'packaging_timeout 1',
+                expect_package: false,
+                expect_prepare_for_deploy: false,
+                expect_connections_to_nodes: false
+            ) do
+              # Simulate another process taking the packaging futex
+              futex_file = HybridPlatformsConductor::Deployer.const_get(:PACKAGING_FUTEX_FILE)
+              Futex.new(futex_file).open do
+                # Expect the error to be raised within 2 seconds (as it should timeout after 1 second)
+                begin
+                  Timeout::timeout(2) {
+                    expect { test_deployer.deploy_on('node') }.to raise_error(
+                      Futex::CantLock,
+                      /can't get exclusive access to the file #{Regexp.escape(futex_file)} because of the lock at #{Regexp.escape(futex_file)}\.lock, after 1\.\d+s of waiting/
+                    )
+                  }
+                rescue Timeout::Error
+                  raise 'The packaging timeout (set to 1 seconds) did not fire within 2 seconds. Looks like it is not working properly.'
+                end
+              end
+            end
+          end
+
           context 'checking deployment retries' do
 
             # Prepare a platform ready to test deployments' retries on.