cli/command: add unit-test for RetrieveAuthTokenFromImage
It's currently slower because it calls registry.ParseRepositoryInfo, which does a DNS lookup for hostnames to determine if they're a loopback address (and marked "insecure"); go test -v -run TestRetrieveAuthTokenFromImage === RUN TestRetrieveAuthTokenFromImage === RUN TestRetrieveAuthTokenFromImage/no-prefix === RUN TestRetrieveAuthTokenFromImage/docker.io === RUN TestRetrieveAuthTokenFromImage/index.docker.io === RUN TestRetrieveAuthTokenFromImage/registry-1.docker.io === RUN TestRetrieveAuthTokenFromImage/registry.hub.docker.com === RUN TestRetrieveAuthTokenFromImage/[::1] === RUN TestRetrieveAuthTokenFromImage/[::1]:5000 === RUN TestRetrieveAuthTokenFromImage/127.0.0.1 === RUN TestRetrieveAuthTokenFromImage/localhost === RUN TestRetrieveAuthTokenFromImage/localhost:5000 === RUN TestRetrieveAuthTokenFromImage/no-auth.example.com --- PASS: TestRetrieveAuthTokenFromImage (0.35s) --- PASS: TestRetrieveAuthTokenFromImage/no-prefix (0.00s) --- PASS: TestRetrieveAuthTokenFromImage/docker.io (0.00s) --- PASS: TestRetrieveAuthTokenFromImage/index.docker.io (0.00s) --- PASS: TestRetrieveAuthTokenFromImage/registry-1.docker.io (0.08s) --- PASS: TestRetrieveAuthTokenFromImage/registry.hub.docker.com (0.12s) --- PASS: TestRetrieveAuthTokenFromImage/[::1] (0.13s) --- PASS: TestRetrieveAuthTokenFromImage/[::1]:5000 (0.00s) --- PASS: TestRetrieveAuthTokenFromImage/127.0.0.1 (0.00s) --- PASS: TestRetrieveAuthTokenFromImage/localhost (0.00s) --- PASS: TestRetrieveAuthTokenFromImage/localhost:5000 (0.00s) --- PASS: TestRetrieveAuthTokenFromImage/no-auth.example.com (0.01s) PASS ok github.com/docker/cli/cli/command 1.367s Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This commit is contained in:
parent
b8034c0ed7
commit
15b95beac7
@ -1,6 +1,8 @@
|
||||
package command_test
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"path"
|
||||
"testing"
|
||||
|
||||
"github.com/docker/cli/cli/command"
|
||||
@ -80,3 +82,113 @@ func TestGetDefaultAuthConfig_HelperError(t *testing.T) {
|
||||
assert.Check(t, is.DeepEqual(expectedAuthConfig, authconfig))
|
||||
assert.Check(t, is.ErrorContains(err, "docker-credential-fake-does-not-exist"))
|
||||
}
|
||||
|
||||
func TestRetrieveAuthTokenFromImage(t *testing.T) {
|
||||
// configFileContent contains a plain-text "username:password", as stored by
|
||||
// the plain-text store;
|
||||
// https://github.com/docker/cli/blob/v28.0.4/cli/config/configfile/file.go#L218-L229
|
||||
const configFileContent = `{"auths": {
|
||||
"https://index.docker.io/v1/": {"auth": "dXNlcm5hbWU6cGFzc3dvcmQ="},
|
||||
"[::1]": {"auth": "dXNlcm5hbWU6cGFzc3dvcmQ="},
|
||||
"[::1]:5000": {"auth": "dXNlcm5hbWU6cGFzc3dvcmQ="},
|
||||
"127.0.0.1": {"auth": "dXNlcm5hbWU6cGFzc3dvcmQ="},
|
||||
"127.0.0.1:5000": {"auth": "dXNlcm5hbWU6cGFzc3dvcmQ="},
|
||||
"localhost": {"auth": "dXNlcm5hbWU6cGFzc3dvcmQ="},
|
||||
"localhost:5000": {"auth": "dXNlcm5hbWU6cGFzc3dvcmQ="},
|
||||
"registry-1.docker.io": {"auth": "dXNlcm5hbWU6cGFzc3dvcmQ="},
|
||||
"registry.hub.docker.com": {"auth": "dXNlcm5hbWU6cGFzc3dvcmQ="}
|
||||
}
|
||||
}`
|
||||
cfg := configfile.ConfigFile{}
|
||||
err := cfg.LoadFromReader(bytes.NewReader([]byte(configFileContent)))
|
||||
assert.NilError(t, err)
|
||||
|
||||
remoteRefs := []string{
|
||||
"ubuntu",
|
||||
"ubuntu:latest",
|
||||
"ubuntu:latest@sha256:72297848456d5d37d1262630108ab308d3e9ec7ed1c3286a32fe09856619a782",
|
||||
"ubuntu@sha256:72297848456d5d37d1262630108ab308d3e9ec7ed1c3286a32fe09856619a782",
|
||||
"library/ubuntu",
|
||||
"library/ubuntu:latest",
|
||||
"library/ubuntu:latest@sha256:72297848456d5d37d1262630108ab308d3e9ec7ed1c3286a32fe09856619a782",
|
||||
"library/ubuntu@sha256:72297848456d5d37d1262630108ab308d3e9ec7ed1c3286a32fe09856619a782",
|
||||
}
|
||||
|
||||
tests := []struct {
|
||||
prefix string
|
||||
expectedAddress string
|
||||
expectedAuthCfg registry.AuthConfig
|
||||
}{
|
||||
{
|
||||
prefix: "",
|
||||
expectedAddress: "https://index.docker.io/v1/",
|
||||
expectedAuthCfg: registry.AuthConfig{Username: "username", Password: "password", ServerAddress: "https://index.docker.io/v1/"},
|
||||
},
|
||||
{
|
||||
prefix: "docker.io",
|
||||
expectedAddress: "https://index.docker.io/v1/",
|
||||
expectedAuthCfg: registry.AuthConfig{Username: "username", Password: "password", ServerAddress: "https://index.docker.io/v1/"},
|
||||
},
|
||||
{
|
||||
prefix: "index.docker.io",
|
||||
expectedAddress: "https://index.docker.io/v1/",
|
||||
expectedAuthCfg: registry.AuthConfig{Username: "username", Password: "password", ServerAddress: "https://index.docker.io/v1/"},
|
||||
},
|
||||
{
|
||||
// FIXME(thaJeztah): registry-1.docker.io (the actual registry) is the odd one out, and is stored separate from other URLs used for docker hub's registry
|
||||
prefix: "registry-1.docker.io",
|
||||
expectedAuthCfg: registry.AuthConfig{Username: "username", Password: "password", ServerAddress: "registry-1.docker.io"},
|
||||
},
|
||||
{
|
||||
// FIXME(thaJeztah): registry.hub.docker.com is stored separate from other URLs used for docker hub's registry
|
||||
prefix: "registry.hub.docker.com",
|
||||
expectedAuthCfg: registry.AuthConfig{Username: "username", Password: "password", ServerAddress: "registry.hub.docker.com"},
|
||||
},
|
||||
{
|
||||
prefix: "[::1]",
|
||||
expectedAddress: "[::1]",
|
||||
expectedAuthCfg: registry.AuthConfig{Username: "username", Password: "password", ServerAddress: "[::1]"},
|
||||
},
|
||||
{
|
||||
prefix: "[::1]:5000",
|
||||
expectedAddress: "[::1]:5000",
|
||||
expectedAuthCfg: registry.AuthConfig{Username: "username", Password: "password", ServerAddress: "[::1]:5000"},
|
||||
},
|
||||
{
|
||||
prefix: "127.0.0.1",
|
||||
expectedAddress: "127.0.0.1",
|
||||
expectedAuthCfg: registry.AuthConfig{Username: "username", Password: "password", ServerAddress: "127.0.0.1"},
|
||||
},
|
||||
{
|
||||
prefix: "localhost",
|
||||
expectedAddress: "localhost",
|
||||
expectedAuthCfg: registry.AuthConfig{Username: "username", Password: "password", ServerAddress: "localhost"},
|
||||
},
|
||||
{
|
||||
prefix: "localhost:5000",
|
||||
expectedAddress: "localhost:5000",
|
||||
expectedAuthCfg: registry.AuthConfig{Username: "username", Password: "password", ServerAddress: "localhost:5000"},
|
||||
},
|
||||
{
|
||||
prefix: "no-auth.example.com",
|
||||
expectedAuthCfg: registry.AuthConfig{},
|
||||
},
|
||||
}
|
||||
|
||||
for _, tc := range tests {
|
||||
tcName := tc.prefix
|
||||
if tc.prefix == "" {
|
||||
tcName = "no-prefix"
|
||||
}
|
||||
t.Run(tcName, func(t *testing.T) {
|
||||
for _, remoteRef := range remoteRefs {
|
||||
imageRef := path.Join(tc.prefix, remoteRef)
|
||||
actual, err := command.RetrieveAuthTokenFromImage(&cfg, imageRef)
|
||||
assert.NilError(t, err)
|
||||
ac, err := registry.DecodeAuthConfig(actual)
|
||||
assert.NilError(t, err)
|
||||
assert.Check(t, is.DeepEqual(*ac, tc.expectedAuthCfg))
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user