mirror of
https://github.com/containers/skopeo.git
synced 2025-04-27 11:01:18 +00:00
4beb3f0af9
golangci-lint linter: unparam This primarily fixes TestProxy to test the correct image Signed-off-by: Miloslav Trmač <mitr@redhat.com>
120 lines
4.3 KiB
Go
120 lines
4.3 KiB
Go
package main
|
|
|
|
import (
|
|
"fmt"
|
|
"os/exec"
|
|
"testing"
|
|
|
|
"github.com/containers/skopeo/version"
|
|
"github.com/stretchr/testify/assert"
|
|
"github.com/stretchr/testify/require"
|
|
"github.com/stretchr/testify/suite"
|
|
)
|
|
|
|
const (
|
|
privateRegistryURL0 = "127.0.0.1:5000"
|
|
privateRegistryURL1 = "127.0.0.1:5001"
|
|
)
|
|
|
|
func TestSkopeo(t *testing.T) {
|
|
suite.Run(t, &skopeoSuite{})
|
|
}
|
|
|
|
type skopeoSuite struct {
|
|
suite.Suite
|
|
regV2 *testRegistryV2
|
|
regV2WithAuth *testRegistryV2
|
|
}
|
|
|
|
var _ = suite.SetupAllSuite(&skopeoSuite{})
|
|
var _ = suite.TearDownAllSuite(&skopeoSuite{})
|
|
|
|
func (s *skopeoSuite) SetupSuite() {
|
|
t := s.T()
|
|
_, err := exec.LookPath(skopeoBinary)
|
|
require.NoError(t, err)
|
|
s.regV2 = setupRegistryV2At(t, privateRegistryURL0, false, false)
|
|
s.regV2WithAuth = setupRegistryV2At(t, privateRegistryURL1, true, false)
|
|
}
|
|
|
|
func (s *skopeoSuite) TearDownSuite() {
|
|
if s.regV2 != nil {
|
|
s.regV2.tearDown()
|
|
}
|
|
if s.regV2WithAuth != nil {
|
|
// cmd := exec.Command("docker", "logout", s.regV2WithAuth)
|
|
// require.Noerror(t, cmd.Run())
|
|
s.regV2WithAuth.tearDown()
|
|
}
|
|
}
|
|
|
|
func (s *skopeoSuite) TestVersion() {
|
|
t := s.T()
|
|
assertSkopeoSucceeds(t, fmt.Sprintf(".*%s version %s.*", skopeoBinary, version.Version),
|
|
"--version")
|
|
}
|
|
|
|
func (s *skopeoSuite) TestCanAuthToPrivateRegistryV2WithoutDockerCfg() {
|
|
t := s.T()
|
|
assertSkopeoFails(t, ".*manifest unknown.*",
|
|
"--tls-verify=false", "inspect", "--creds="+s.regV2WithAuth.username+":"+s.regV2WithAuth.password, fmt.Sprintf("docker://%s/busybox:latest", s.regV2WithAuth.url))
|
|
}
|
|
|
|
func (s *skopeoSuite) TestNeedAuthToPrivateRegistryV2WithoutDockerCfg() {
|
|
t := s.T()
|
|
assertSkopeoFails(t, ".*authentication required.*",
|
|
"--tls-verify=false", "inspect", fmt.Sprintf("docker://%s/busybox:latest", s.regV2WithAuth.url))
|
|
}
|
|
|
|
func (s *skopeoSuite) TestCertDirInsteadOfCertPath() {
|
|
t := s.T()
|
|
assertSkopeoFails(t, ".*unknown flag: --cert-path.*",
|
|
"--tls-verify=false", "inspect", fmt.Sprintf("docker://%s/busybox:latest", s.regV2WithAuth.url), "--cert-path=/")
|
|
assertSkopeoFails(t, ".*authentication required.*",
|
|
"--tls-verify=false", "inspect", fmt.Sprintf("docker://%s/busybox:latest", s.regV2WithAuth.url), "--cert-dir=/etc/docker/certs.d/")
|
|
}
|
|
|
|
// TODO(runcom): as soon as we can push to registries ensure you can inspect here
|
|
// not just get image not found :)
|
|
func (s *skopeoSuite) TestNoNeedAuthToPrivateRegistryV2ImageNotFound() {
|
|
t := s.T()
|
|
out, err := exec.Command(skopeoBinary, "--tls-verify=false", "inspect", fmt.Sprintf("docker://%s/busybox:latest", s.regV2.url)).CombinedOutput()
|
|
assert.Error(t, err, "%s", string(out))
|
|
assert.Regexp(t, "(?s).*manifest unknown.*", string(out)) // (?s) : '.' will also match newlines
|
|
assert.NotRegexp(t, "(?s).*unauthorized: authentication required.*", string(out)) // (?s) : '.' will also match newlines
|
|
}
|
|
|
|
func (s *skopeoSuite) TestInspectFailsWhenReferenceIsInvalid() {
|
|
t := s.T()
|
|
assertSkopeoFails(t, `.*Invalid image name.*`, "inspect", "unknown")
|
|
}
|
|
|
|
func (s *skopeoSuite) TestLoginLogout() {
|
|
t := s.T()
|
|
assertSkopeoSucceeds(t, "^Login Succeeded!\n$",
|
|
"login", "--tls-verify=false", "--username="+s.regV2WithAuth.username, "--password="+s.regV2WithAuth.password, s.regV2WithAuth.url)
|
|
// test --get-login returns username
|
|
assertSkopeoSucceeds(t, fmt.Sprintf("^%s\n$", s.regV2WithAuth.username),
|
|
"login", "--tls-verify=false", "--get-login", s.regV2WithAuth.url)
|
|
// test logout
|
|
assertSkopeoSucceeds(t, fmt.Sprintf("^Removed login credentials for %s\n$", s.regV2WithAuth.url),
|
|
"logout", s.regV2WithAuth.url)
|
|
}
|
|
|
|
func (s *skopeoSuite) TestCopyWithLocalAuth() {
|
|
t := s.T()
|
|
assertSkopeoSucceeds(t, "^Login Succeeded!\n$",
|
|
"login", "--tls-verify=false", "--username="+s.regV2WithAuth.username, "--password="+s.regV2WithAuth.password, s.regV2WithAuth.url)
|
|
// copy to private registry using local authentication
|
|
imageName := fmt.Sprintf("docker://%s/busybox:mine", s.regV2WithAuth.url)
|
|
assertSkopeoSucceeds(t, "", "copy", "--dest-tls-verify=false", testFQIN+":latest", imageName)
|
|
// inspect from private registry
|
|
assertSkopeoSucceeds(t, "", "inspect", "--tls-verify=false", imageName)
|
|
// logout from the registry
|
|
assertSkopeoSucceeds(t, fmt.Sprintf("^Removed login credentials for %s\n$", s.regV2WithAuth.url),
|
|
"logout", s.regV2WithAuth.url)
|
|
// inspect from private registry should fail after logout
|
|
assertSkopeoFails(t, ".*authentication required.*",
|
|
"inspect", "--tls-verify=false", imageName)
|
|
}
|