cli/command: add unit-test for RetrieveAuthTokenFromImage
It's currently slower because it calls registry.ParseRepositoryInfo,
which does a DNS lookup for hostnames to determine if they're a loopback
address (and marked "insecure");
go test -v -run TestRetrieveAuthTokenFromImage
=== RUN TestRetrieveAuthTokenFromImage
=== RUN TestRetrieveAuthTokenFromImage/no-prefix
=== RUN TestRetrieveAuthTokenFromImage/docker.io
=== RUN TestRetrieveAuthTokenFromImage/index.docker.io
=== RUN TestRetrieveAuthTokenFromImage/registry-1.docker.io
=== RUN TestRetrieveAuthTokenFromImage/registry.hub.docker.com
=== RUN TestRetrieveAuthTokenFromImage/[::1]
=== RUN TestRetrieveAuthTokenFromImage/[::1]:5000
=== RUN TestRetrieveAuthTokenFromImage/127.0.0.1
=== RUN TestRetrieveAuthTokenFromImage/localhost
=== RUN TestRetrieveAuthTokenFromImage/localhost:5000
=== RUN TestRetrieveAuthTokenFromImage/no-auth.example.com
--- PASS: TestRetrieveAuthTokenFromImage (0.35s)
--- PASS: TestRetrieveAuthTokenFromImage/no-prefix (0.00s)
--- PASS: TestRetrieveAuthTokenFromImage/docker.io (0.00s)
--- PASS: TestRetrieveAuthTokenFromImage/index.docker.io (0.00s)
--- PASS: TestRetrieveAuthTokenFromImage/registry-1.docker.io (0.08s)
--- PASS: TestRetrieveAuthTokenFromImage/registry.hub.docker.com (0.12s)
--- PASS: TestRetrieveAuthTokenFromImage/[::1] (0.13s)
--- PASS: TestRetrieveAuthTokenFromImage/[::1]:5000 (0.00s)
--- PASS: TestRetrieveAuthTokenFromImage/127.0.0.1 (0.00s)
--- PASS: TestRetrieveAuthTokenFromImage/localhost (0.00s)
--- PASS: TestRetrieveAuthTokenFromImage/localhost:5000 (0.00s)
--- PASS: TestRetrieveAuthTokenFromImage/no-auth.example.com (0.01s)
PASS
ok github.com/docker/cli/cli/command 1.367s
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This commit is contained in:
Sebastiaan van Stijn
parent
b8034c0ed7
commit
15b95beac7
@ -1,6 +1,8 @@
|
|||||||
package command_test
|
package command_test
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"bytes"
|
||||||
|
"path"
|
||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
"github.com/docker/cli/cli/command"
|
"github.com/docker/cli/cli/command"
|
||||||
@ -80,3 +82,113 @@ func TestGetDefaultAuthConfig_HelperError(t *testing.T) {
|
|||||||
assert.Check(t, is.DeepEqual(expectedAuthConfig, authconfig))
|
assert.Check(t, is.DeepEqual(expectedAuthConfig, authconfig))
|
||||||
assert.Check(t, is.ErrorContains(err, "docker-credential-fake-does-not-exist"))
|
assert.Check(t, is.ErrorContains(err, "docker-credential-fake-does-not-exist"))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestRetrieveAuthTokenFromImage(t *testing.T) {
|
||||||
|
// configFileContent contains a plain-text "username:password", as stored by
|
||||||
|
// the plain-text store;
|
||||||
|
// https://github.com/docker/cli/blob/v28.0.4/cli/config/configfile/file.go#L218-L229
|
||||||
|
const configFileContent = `{"auths": {
|
||||||
|
"https://index.docker.io/v1/": {"auth": "dXNlcm5hbWU6cGFzc3dvcmQ="},
|
||||||
|
"[::1]": {"auth": "dXNlcm5hbWU6cGFzc3dvcmQ="},
|
||||||
|
"[::1]:5000": {"auth": "dXNlcm5hbWU6cGFzc3dvcmQ="},
|
||||||
|
"127.0.0.1": {"auth": "dXNlcm5hbWU6cGFzc3dvcmQ="},
|
||||||
|
"127.0.0.1:5000": {"auth": "dXNlcm5hbWU6cGFzc3dvcmQ="},
|
||||||
|
"localhost": {"auth": "dXNlcm5hbWU6cGFzc3dvcmQ="},
|
||||||
|
"localhost:5000": {"auth": "dXNlcm5hbWU6cGFzc3dvcmQ="},
|
||||||
|
"registry-1.docker.io": {"auth": "dXNlcm5hbWU6cGFzc3dvcmQ="},
|
||||||
|
"registry.hub.docker.com": {"auth": "dXNlcm5hbWU6cGFzc3dvcmQ="}
|
||||||
|
}
|
||||||
|
}`
|
||||||
|
cfg := configfile.ConfigFile{}
|
||||||
|
err := cfg.LoadFromReader(bytes.NewReader([]byte(configFileContent)))
|
||||||
|
assert.NilError(t, err)
|
||||||
|
|
||||||
|
remoteRefs := []string{
|
||||||
|
"ubuntu",
|
||||||
|
"ubuntu:latest",
|
||||||
|
"ubuntu:latest@sha256:72297848456d5d37d1262630108ab308d3e9ec7ed1c3286a32fe09856619a782",
|
||||||
|
"ubuntu@sha256:72297848456d5d37d1262630108ab308d3e9ec7ed1c3286a32fe09856619a782",
|
||||||
|
"library/ubuntu",
|
||||||
|
"library/ubuntu:latest",
|
||||||
|
"library/ubuntu:latest@sha256:72297848456d5d37d1262630108ab308d3e9ec7ed1c3286a32fe09856619a782",
|
||||||
|
"library/ubuntu@sha256:72297848456d5d37d1262630108ab308d3e9ec7ed1c3286a32fe09856619a782",
|
||||||
|
}
|
||||||
|
|
||||||
|
tests := []struct {
|
||||||
|
prefix string
|
||||||
|
expectedAddress string
|
||||||
|
expectedAuthCfg registry.AuthConfig
|
||||||
|
}{
|
||||||
|
{
|
||||||
|
prefix: "",
|
||||||
|
expectedAddress: "https://index.docker.io/v1/",
|
||||||
|
expectedAuthCfg: registry.AuthConfig{Username: "username", Password: "password", ServerAddress: "https://index.docker.io/v1/"},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
prefix: "docker.io",
|
||||||
|
expectedAddress: "https://index.docker.io/v1/",
|
||||||
|
expectedAuthCfg: registry.AuthConfig{Username: "username", Password: "password", ServerAddress: "https://index.docker.io/v1/"},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
prefix: "index.docker.io",
|
||||||
|
expectedAddress: "https://index.docker.io/v1/",
|
||||||
|
expectedAuthCfg: registry.AuthConfig{Username: "username", Password: "password", ServerAddress: "https://index.docker.io/v1/"},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
// FIXME(thaJeztah): registry-1.docker.io (the actual registry) is the odd one out, and is stored separate from other URLs used for docker hub's registry
|
||||||
|
prefix: "registry-1.docker.io",
|
||||||
|
expectedAuthCfg: registry.AuthConfig{Username: "username", Password: "password", ServerAddress: "registry-1.docker.io"},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
// FIXME(thaJeztah): registry.hub.docker.com is stored separate from other URLs used for docker hub's registry
|
||||||
|
prefix: "registry.hub.docker.com",
|
||||||
|
expectedAuthCfg: registry.AuthConfig{Username: "username", Password: "password", ServerAddress: "registry.hub.docker.com"},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
prefix: "[::1]",
|
||||||
|
expectedAddress: "[::1]",
|
||||||
|
expectedAuthCfg: registry.AuthConfig{Username: "username", Password: "password", ServerAddress: "[::1]"},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
prefix: "[::1]:5000",
|
||||||
|
expectedAddress: "[::1]:5000",
|
||||||
|
expectedAuthCfg: registry.AuthConfig{Username: "username", Password: "password", ServerAddress: "[::1]:5000"},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
prefix: "127.0.0.1",
|
||||||
|
expectedAddress: "127.0.0.1",
|
||||||
|
expectedAuthCfg: registry.AuthConfig{Username: "username", Password: "password", ServerAddress: "127.0.0.1"},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
prefix: "localhost",
|
||||||
|
expectedAddress: "localhost",
|
||||||
|
expectedAuthCfg: registry.AuthConfig{Username: "username", Password: "password", ServerAddress: "localhost"},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
prefix: "localhost:5000",
|
||||||
|
expectedAddress: "localhost:5000",
|
||||||
|
expectedAuthCfg: registry.AuthConfig{Username: "username", Password: "password", ServerAddress: "localhost:5000"},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
prefix: "no-auth.example.com",
|
||||||
|
expectedAuthCfg: registry.AuthConfig{},
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
for _, tc := range tests {
|
||||||
|
tcName := tc.prefix
|
||||||
|
if tc.prefix == "" {
|
||||||
|
tcName = "no-prefix"
|
||||||
|
}
|
||||||
|
t.Run(tcName, func(t *testing.T) {
|
||||||
|
for _, remoteRef := range remoteRefs {
|
||||||
|
imageRef := path.Join(tc.prefix, remoteRef)
|
||||||
|
actual, err := command.RetrieveAuthTokenFromImage(&cfg, imageRef)
|
||||||
|
assert.NilError(t, err)
|
||||||
|
ac, err := registry.DecodeAuthConfig(actual)
|
||||||
|
assert.NilError(t, err)
|
||||||
|
assert.Check(t, is.DeepEqual(*ac, tc.expectedAuthCfg))
|
||||||
|
}
|
||||||
|
})
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user