Add Platform info to Fusion license (#6142) [ci fast]

pditommaso · web-flow · commit 75f1bc52bcbb · 2025-05-30T20:22:34.000+02:00
Signed-off-by: Paolo Di Tommaso &lt;paolo.ditommaso@gmail.com&gt;
diff --git a/plugins/nf-tower/src/main/io/seqera/tower/plugin/TowerFusionToken.groovy b/plugins/nf-tower/src/main/io/seqera/tower/plugin/TowerFusionToken.groovy
@@ -82,23 +82,26 @@ class TowerFusionToken implements FusionToken {
     // Platform access token to use for requests
     private String accessToken
 
+    // Platform workflowId
+    private String workspaceId
+
+    // Platform workflowId
+    private String workflowId
+
     TowerFusionToken() {
         final config = PlatformHelper.config()
         final env = SysEnv.get()
         this.endpoint = PlatformHelper.getEndpoint(config, env)
-        if( !endpoint )
-            throw new IllegalArgumentException("Missing Seqera Platform endpoint")
         this.accessToken = PlatformHelper.getAccessToken(config, env)
+        this.workflowId = env.get('TOWER_WORKFLOW_ID')
+        this.workspaceId = PlatformHelper.getWorkspaceId(config, env)
     }
 
     protected void validateConfig() {
         if( !endpoint )
             throw new IllegalArgumentException("Missing Seqera Platform endpoint")
         if( !accessToken )
             throw new IllegalArgumentException("Missing Seqera Platform access token")
-        final client = TowerFactory.client()
-        if( !client )
-            throw new IllegalArgumentException("Seqera Platform client is not enabled")
     }
 
     /**
@@ -138,7 +141,12 @@ class TowerFusionToken implements FusionToken {
      * @return The signed JWT token
      */
     protected String getLicenseToken(String product, String version) {
-        final req = new GetLicenseTokenRequest(product: product, version: version ?: 'unknown')
+        final req = new GetLicenseTokenRequest(
+            product: product,
+            version: version ?: 'unknown',
+            workflowId: workflowId,
+            workspaceId: workspaceId
+        )
         final key = '${product}-${version}'
         try {
             final now = Instant.now()
diff --git a/plugins/nf-tower/src/main/io/seqera/tower/plugin/exchange/GetLicenseTokenRequest.groovy b/plugins/nf-tower/src/main/io/seqera/tower/plugin/exchange/GetLicenseTokenRequest.groovy
@@ -1,9 +1,9 @@
 package io.seqera.tower.plugin.exchange
 
+
 import groovy.transform.CompileStatic
 import groovy.transform.EqualsAndHashCode
 import groovy.transform.ToString
-
 /**
  * Models a REST request to obtain a license-scoped JWT token from Platform
  *
@@ -19,4 +19,14 @@ class GetLicenseTokenRequest {
 
     /** The product version */
     String version
+
+    /**
+     * The Platform workflow ID associated with this request
+     */
+    String workflowId
+
+    /**
+     * The Platform workspace ID associated with this request
+     */
+    String workspaceId
 }
diff --git a/plugins/nf-tower/src/test/io/seqera/tower/plugin/TowerFusionEnvTest.groovy b/plugins/nf-tower/src/test/io/seqera/tower/plugin/TowerFusionEnvTest.groovy
@@ -12,6 +12,9 @@ import nextflow.SysEnv
 import nextflow.util.GsonHelper
 import spock.lang.Shared
 import spock.lang.Specification
+
+import static com.github.tomakehurst.wiremock.client.WireMock.*
+
 /**
  * Test cases for the TowerFusionEnv class.
  *
@@ -244,24 +247,29 @@ class TowerFusionEnvTest extends Specification {
         SysEnv.pop()
     }
 
-    def 'should get a license token'() {
-        given: 'a TowerFusionEnv provider'
-        Global.session = Mock(Session) {
-            config >> [
-                tower: [
-                    endpoint   : wireMockServer.baseUrl(),
-                    accessToken: 'abc123'
-                ]
-            ]
-        }
+    def 'should get a license token with config'() {
+        given:
+        def config = [
+            endpoint   : wireMockServer.baseUrl(),
+            accessToken: 'abc123',
+            workspaceId: '67890'
+        ]
+        def PRODUCT = 'some-product'
+        def VERSION = 'some-version'
+        and:
+        Global.session = Mock(Session) {getConfig() >> [ tower: config ] }
+        and:
         def provider = new TowerFusionToken()
 
         and: 'a mock endpoint returning a valid token'
         final now = Instant.now()
         final expirationDate = GsonHelper.toJson(now.plus(1, ChronoUnit.DAYS))
         wireMockServer.stubFor(
-            WireMock.post(WireMock.urlEqualTo("/license/token/"))
-                .withHeader('Authorization', WireMock.equalTo('Bearer abc123'))
+            WireMock.post(urlEqualTo("/license/token/"))
+                .withHeader('Authorization', equalTo('Bearer abc123'))
+                .withRequestBody(matchingJsonPath('$.product', equalTo("some-product")))
+                .withRequestBody(matchingJsonPath('$.version', equalTo("some-version")))
+                .withRequestBody(matchingJsonPath('$.workspaceId', equalTo("67890")))
                 .willReturn(
                     WireMock.aResponse()
                         .withStatus(200)
@@ -280,14 +288,53 @@ class TowerFusionEnvTest extends Specification {
         wireMockServer.verify(1, WireMock.postRequestedFor(WireMock.urlEqualTo("/license/token/"))
             .withHeader('Authorization', WireMock.equalTo('Bearer abc123')))
 
-        where:
-        PRODUCT        | VERSION
-        'some-product' | 'some-version'
-        'some-product' | null
-        null           | 'some-version'
-        null           | null
     }
 
+    def 'should get a license token with environment'() {
+        given:
+        SysEnv.push([
+            TOWER_WORKFLOW_ID: '12345',
+            TOWER_ACCESS_TOKEN: 'abc123',
+            TOWER_WORKSPACE_ID: '67890',
+            TOWER_API_ENDPOINT: wireMockServer.baseUrl()
+        ])
+        def PRODUCT = 'some-product'
+        def VERSION = 'some-version'
+        and:
+        Global.session = Mock(Session) {getConfig() >> [:] }
+        and:
+        def provider = new TowerFusionToken()
+
+        and: 'a mock endpoint returning a valid token'
+        final now = Instant.now()
+        final expirationDate = GsonHelper.toJson(now.plus(1, ChronoUnit.DAYS))
+        wireMockServer.stubFor(
+            WireMock.post(urlEqualTo("/license/token/"))
+                .withHeader('Authorization', equalTo('Bearer abc123'))
+                .withRequestBody(matchingJsonPath('$.product', equalTo("some-product")))
+                .withRequestBody(matchingJsonPath('$.version', equalTo("some-version")))
+                .withRequestBody(matchingJsonPath('$.workspaceId', equalTo("67890")))
+                .willReturn(
+                    WireMock.aResponse()
+                        .withStatus(200)
+                        .withHeader('Content-Type', 'application/json')
+                        .withBody('{"signedToken":"xyz789", "expiresAt":' + expirationDate + '}')
+                )
+        )
+
+        when: 'a license token is requested'
+        final token = provider.getLicenseToken(PRODUCT, VERSION)
+
+        then: 'the token has the expected value'
+        token == 'xyz789'
+
+        and: 'the request is correct'
+        wireMockServer.verify(1, WireMock.postRequestedFor(WireMock.urlEqualTo("/license/token/"))
+            .withHeader('Authorization', WireMock.equalTo('Bearer abc123')))
+
+        cleanup:
+        SysEnv.pop()
+    }
 
 
     def 'should throw UnauthorizedException if getting a token fails with 401'() {
@@ -300,6 +347,7 @@ class TowerFusionEnvTest extends Specification {
                 ]
             ]
         }
+        and:
         def provider = new TowerFusionToken()
 
         and: 'a mock endpoint returning an error'
