metadata: fix tests not running, fix failing non-running tests, fix validate base images exist

[erohmensing]

Close #33197

An entire rabbit hole of little fixes.

These fixes are all very coupled, and I couldn't split them while keeping CI green. I've written comments in the diff which explains why each change was made.

A summary of the rabbit hole (if I remember correctly/can grok my commit history:

1. Noticed that test_upload_metadata_to_gcs_invalid_docker_images "ran", but didn't actually run on any files. The fixture was empty!
2. Fixed the issue and got our fixtures back. The test itself doesn't run
3. Fixed an error in the test, now they are running. An old test case is failing for a different reason than it should
4. Fix that. Run into some weird errors! It's because some test cases are succeeding when they should be failing.
5. Add bettor error handling for when test cases succeed when they should fail.
6. Look into those that are succeeding when they should fail. None of the invalid base_image checks are invalid! Looks like we're not checking the correct property when looking for the base image.
7. Fix that
8. Fix the stub that got out of sync with the method it stubs, add extra stubbing for the digest and change the invalid data files accordingly
9. Get docker auth errors, realize that we now need to stub docker in validate in addition to upload, since we are calling the dockerhub api in pre-upload validations
10. move the invalid base image checks to the validate fixtures since they should fail early.

Plus some other nonsense I ran into along the way

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

1 Ignored Deployment

Name	Status	Preview	Comments	Updated (UTC)
airbyte-docs	⬜️ Ignored (Inspect)	Visit Preview		Dec 6, 2023 9:15pm

[erohmensing]

Current dependencies on/for this PR:

• master
  • PR fix references to metadata_service changed files #33125
    • PR fix failing metadata tests on master #33126
      • PR change mock doc url to look more mock-like #33128
        • PR metadata: fix tests not running, fix failing non-running tests, fix validate base images exist #33127 👈
          • PR re-organize metadata test fixtures #33134

This stack of pull requests is managed by Graphite.

[erohmensing]

❗ this fixes the behavior of the validator - previously it wasn't checking the right tag. This means that we have not been running this validation, and should probably do a run on all connectors on this branch/after this is merged to make sure that no connectors currently reference invalid base images.

[alafanechere]

nice catch! I don't think running full validation is necessary: if the value of this field is incorrect the connector build will fail, so we'd probably catch this error on publish failure anyway.

[erohmensing]

This fixes an issue where cleaning up our fixtures by adding subdirectories actually led to no files being found for the fixture - we weren't looking in the subdirectories for files because we early returned after grabbing the (non-nested) files from the directory itself.

[erohmensing]

This would have caught the issue of tests not being run. The test iterated over an empty list and therefore said it was green.

If we instead use pytest.mark.parameterize to get similar behavior, we could still run into issues where the test is green when it's skipping things, but it'd be a lot more obvious since we get a different test listed and pass/fail for each test case.

It would likely be overkill for test_upload_metadata_to_gcs_valid_metadata since we already have 12(?) different test cases we run for every valid metadata file, but for the invalid ones which are just one test, it could work.

[erohmensing]

Also note that in the case that the dir has both files and subdirs with files, this would not validate that we haven't missed the subdir's files. Maybe there's a better way to check this, but I wanted to add some sanity checking.

[erohmensing]

This previously failed for the wrong reason - a ValidationError because the normalizationTag field is missing. We want it to fail because the image itself does not exist.

[erohmensing]

Used the "testing for " and this print to help debug to make sure that tests were actually raising the errors i expected them to. example output:

Testing upload of valid metadata file with invalid docker image: /Users/ella/airbytehq/airbyte/airbyte-ci/connectors/metadata_service/lib/tests/fixtures/metadata_upload/invalid/tag_nonexistent/metadata_normalization_image_tag_does_not_exist.yaml
Running validator: validate_all_tags_are_keyvalue_pairs
Running validator: validate_at_least_one_language_tag
Running validator: validate_major_version_bump_has_breaking_change_entry
Running validator: validate_docs_path_exists
Running validator: validate_metadata_base_images_in_dockerhub
Running validator: validate_metadata_images_in_dockerhub
Checking that the following images are on dockerhub: [('airbyte/exists-2', '6.6.6'), ('airbyte/exists-3', '0.0.1'), ('airbyte/exists-1', '0.0.1'), ('airbyte/exists-4', '0.0.1')]
Upload raised Metadata file /Users/ella/airbytehq/airbyte/airbyte-ci/connectors/metadata_service/lib/tests/fixtures/metadata_upload/invalid/tag_nonexistent/metadata_normalization_image_tag_does_not_exist.yaml is invalid for uploading: Validation error: Image airbyte/exists-2:6.6.6 does not exist in DockerHub

Testing upload of valid metadata file with invalid docker image: /Users/ella/airbytehq/airbyte/airbyte-ci/connectors/metadata_service/lib/tests/fixtures/metadata_upload/invalid/valid_overrides_but_image_nonexistent/metadata_main_repo_does_not_exist_but_is_overrode.yaml
Running validator: validate_all_tags_are_keyvalue_pairs
Running validator: validate_at_least_one_language_tag
Running validator: validate_major_version_bump_has_breaking_change_entry
Running validator: validate_docs_path_exists
Running validator: validate_metadata_base_images_in_dockerhub
Running validator: validate_metadata_images_in_dockerhub
Checking that the following images are on dockerhub: [('airbyte/exists-2', '0.0.1'), ('airbyte/exists-3', '0.0.1'), ('airbyte/does-not-exist-1', '0.0.1'), ('airbyte/exists-4', '0.0.1')]
Upload raised Metadata file /Users/ella/airbytehq/airbyte/airbyte-ci/connectors/metadata_service/lib/tests/fixtures/metadata_upload/invalid/valid_overrides_but_image_nonexistent/metadata_main_repo_does_not_exist_but_is_overrode.yaml is invalid for uploading: Validation error: Image airbyte/does-not-exist-1:0.0.1 does not exist in DockerHub

This output is only from when I add the -s flag. So I don't think this will clog up our CI/airbyte-ci logs

[erohmensing]

Now that we are properly running the base image docker check on validate, not only on upload, we need to mock dockerhub in this test too

[erohmensing]

add stub for digests so that we can test that it fails if the digest is invalid, in addition to the other ways the image could fail.

[erohmensing]

Changed all of these to the format we use to either indicate that the piece should exist or not.

I think we should probably refactor the way we do this for both images and SHAs (and also probably docs) such that anything exists by default, unless DOESNOTEXIST or something similar is in it. That way, the files can look more like metadata and require less edits when we make new examples. But I'd do that later as it would touch a bunch of files.

[erohmensing]

the valid_overrides_but_base_image_nonexistent folder was confusing as it referred to the high-level dockerImageTag not existing. Now that we also have base image validations, changed it to valid_overrides_but_main_image_nonexistent and the filenames within accordingly

[erohmensing]

This test failed for the wrong reason - it was supposed to clock that there is no breaking change for version 2.0.0, but its actually incorrectly formatted.

[erohmensing]

New test to cover the case I uncovered where a breaking change test was failing for the wrong reason

[erohmensing]

Just a breaking change format test that i don't think we have covered!

[erohmensing]

New test: if there's no sha, it's invalid. Our validator seems to enforce this in

    try:
        image_name, tag_with_sha_prefix, digest = image_address.split(":")
        # As we query the DockerHub API we need to remove the docker.io prefix
        image_name = image_name.replace("docker.io/", "")
    except ValueError:
        return False, f"Image {image_address} is not in the format <image>:<tag>@<sha>"

[alafanechere]

Nice

[alafanechere]

LGTM, minor comments, thanks for fixing this!

[alafanechere]

nice catch! I don't think running full validation is necessary: if the value of this field is incorrect the connector build will fail, so we'd probably catch this error on publish failure anyway.

[alafanechere]

Nice

[alafanechere]

Can we make the "does not exist" case use 0.0.0 version.
It might be more robust. I can easily make a typo like doesnotexists

[erohmensing]

I'll look into a better does not exist version number combo (i think we still need one specific to breaking changes) before merging this.

on the "exists" - I agree. Mentioned a suggestion here, but will put that off to a separate pr

[erohmensing]

went with 99.99.99 and 0.0.0. Not perfect but definitely sticks out more than 6.6.6

Fixed the shas in this one and will fix the images separately