| 4f0d95fa |
package registry // import "github.com/docker/docker/registry" |
| fc1d1d87 |
|
| 97b7b173 |
import ( |
| a1245318 |
"net/http" |
| 927d13bc |
"net/http/httputil" |
| a7999aaa |
"os" |
| 97b7b173 |
"strings"
"testing" |
| a1245318 |
|
| 0421f517 |
"github.com/docker/distribution/reference" |
| 276c640b |
"github.com/docker/distribution/registry/client/transport" |
| 91e197d6 |
"github.com/docker/docker/api/types"
registrytypes "github.com/docker/docker/api/types/registry" |
| 9f0b3f56 |
"gotest.tools/v3/assert"
"gotest.tools/v3/skip" |
| 97b7b173 |
) |
| 484ba4a8 |
|
| 752dd707 |
func spawnTestRegistrySession(t *testing.T) *Session { |
| 5b321e32 |
authConfig := &types.AuthConfig{} |
| f2d481a2 |
endpoint, err := NewV1Endpoint(makeIndex("/v1/"), "", nil) |
| 61c6f206 |
if err != nil {
t.Fatal(err)
} |
| 61a49bb6 |
userAgent := "docker test client" |
| 19515a7a |
var tr http.RoundTripper = debugTransport{NewTransport(nil), t.Log} |
| de5c80b4 |
tr = transport.NewTransport(AuthTransport(tr, authConfig, false), Headers(userAgent, nil)...) |
| a01cc3ca |
client := HTTPClient(tr)
r, err := NewSession(client, authConfig, endpoint) |
| 97b7b173 |
if err != nil {
t.Fatal(err)
} |
| a01cc3ca |
// In a normal scenario for the v1 registry, the client should send a `X-Docker-Token: true`
// header while authenticating, in order to retrieve a token that can be later used to
// perform authenticated actions.
//
// The mock v1 registry does not support that, (TODO(tiborvass): support it), instead,
// it will consider authenticated any request with the header `X-Docker-Token: fake-token`.
//
// Because we know that the client's transport is an `*authTransport` we simply cast it,
// in order to set the internal cached token to the fake token, and thus send that fake token
// upon every subsequent requests. |
| 3f7c62f6 |
r.client.Transport.(*authTransport).token = []string{"fake-token"} |
| 97b7b173 |
return r
}
func TestPingRegistryEndpoint(t *testing.T) { |
| a7999aaa |
skip.If(t, os.Getuid() != 0, "skipping test that requires root") |
| 96c10098 |
testPing := func(index *registrytypes.IndexInfo, expectedStandalone bool, assertMessage string) { |
| f2d481a2 |
ep, err := NewV1Endpoint(index, "", nil) |
| 568f86eb |
if err != nil {
t.Fatal(err)
}
regInfo, err := ep.Ping()
if err != nil {
t.Fatal(err)
}
assertEqual(t, regInfo.Standalone, expectedStandalone, assertMessage) |
| 61c6f206 |
} |
| 568f86eb |
testPing(makeIndex("/v1/"), true, "Expected standalone to be true (default)") |
| 4fcb9ac4 |
testPing(makeHTTPSIndex("/v1/"), true, "Expected standalone to be true (default)") |
| 568f86eb |
testPing(makePublicIndex(), false, "Expected standalone to be false for public index")
}
func TestEndpoint(t *testing.T) { |
| a7999aaa |
skip.If(t, os.Getuid() != 0, "skipping test that requires root") |
| 568f86eb |
// Simple wrapper to fail test if err != nil |
| f2d481a2 |
expandEndpoint := func(index *registrytypes.IndexInfo) *V1Endpoint {
endpoint, err := NewV1Endpoint(index, "", nil) |
| 568f86eb |
if err != nil {
t.Fatal(err)
}
return endpoint
}
|
| 96c10098 |
assertInsecureIndex := func(index *registrytypes.IndexInfo) { |
| 568f86eb |
index.Secure = true |
| f2d481a2 |
_, err := NewV1Endpoint(index, "", nil) |
| 568f86eb |
assertNotEqual(t, err, nil, index.Name+": Expected error for insecure index")
assertEqual(t, strings.Contains(err.Error(), "insecure-registry"), true, index.Name+": Expected insecure-registry error for insecure index")
index.Secure = false
}
|
| 96c10098 |
assertSecureIndex := func(index *registrytypes.IndexInfo) { |
| 568f86eb |
index.Secure = true |
| f2d481a2 |
_, err := NewV1Endpoint(index, "", nil) |
| 568f86eb |
assertNotEqual(t, err, nil, index.Name+": Expected cert error for secure index")
assertEqual(t, strings.Contains(err.Error(), "certificate signed by unknown authority"), true, index.Name+": Expected cert error for secure index")
index.Secure = false
}
|
| 96c10098 |
index := ®istrytypes.IndexInfo{} |
| 568f86eb |
index.Name = makeURL("/v1/")
endpoint := expandEndpoint(index)
assertEqual(t, endpoint.String(), index.Name, "Expected endpoint to be "+index.Name)
assertInsecureIndex(index)
index.Name = makeURL("")
endpoint = expandEndpoint(index)
assertEqual(t, endpoint.String(), index.Name+"/v1/", index.Name+": Expected endpoint to be "+index.Name+"/v1/")
assertInsecureIndex(index)
httpURL := makeURL("")
index.Name = strings.SplitN(httpURL, "://", 2)[1]
endpoint = expandEndpoint(index)
assertEqual(t, endpoint.String(), httpURL+"/v1/", index.Name+": Expected endpoint to be "+httpURL+"/v1/")
assertInsecureIndex(index)
|
| 4fcb9ac4 |
index.Name = makeHTTPSURL("/v1/") |
| 568f86eb |
endpoint = expandEndpoint(index)
assertEqual(t, endpoint.String(), index.Name, "Expected endpoint to be "+index.Name)
assertSecureIndex(index)
|
| 4fcb9ac4 |
index.Name = makeHTTPSURL("") |
| 568f86eb |
endpoint = expandEndpoint(index)
assertEqual(t, endpoint.String(), index.Name+"/v1/", index.Name+": Expected endpoint to be "+index.Name+"/v1/")
assertSecureIndex(index)
|
| 4fcb9ac4 |
httpsURL := makeHTTPSURL("") |
| 568f86eb |
index.Name = strings.SplitN(httpsURL, "://", 2)[1]
endpoint = expandEndpoint(index)
assertEqual(t, endpoint.String(), httpsURL+"/v1/", index.Name+": Expected endpoint to be "+httpsURL+"/v1/")
assertSecureIndex(index)
badEndpoints := []string{
"http://127.0.0.1/v1/",
"https://127.0.0.1/v1/",
"http://127.0.0.1",
"https://127.0.0.1",
"127.0.0.1",
}
for _, address := range badEndpoints {
index.Name = address |
| f2d481a2 |
_, err := NewV1Endpoint(index, "", nil) |
| 568f86eb |
checkNotEqual(t, err, nil, "Expected error while expanding bad endpoint") |
| 97b7b173 |
}
}
|
| 568f86eb |
func TestParseRepositoryInfo(t *testing.T) { |
| ffded61d |
type staticRepositoryInfo struct {
Index *registrytypes.IndexInfo
RemoteName string
CanonicalName string
LocalName string
Official bool |
| 4352da78 |
}
|
| ffded61d |
expectedRepoInfos := map[string]staticRepositoryInfo{ |
| 568f86eb |
"fooo/bar": { |
| 96c10098 |
Index: ®istrytypes.IndexInfo{ |
| 4fcb9ac4 |
Name: IndexName, |
| 568f86eb |
Official: true,
}, |
| ffded61d |
RemoteName: "fooo/bar",
LocalName: "fooo/bar",
CanonicalName: "docker.io/fooo/bar", |
| 568f86eb |
Official: false,
},
"library/ubuntu": { |
| 96c10098 |
Index: ®istrytypes.IndexInfo{ |
| 4fcb9ac4 |
Name: IndexName, |
| 568f86eb |
Official: true,
}, |
| ffded61d |
RemoteName: "library/ubuntu",
LocalName: "ubuntu",
CanonicalName: "docker.io/library/ubuntu", |
| 568f86eb |
Official: true,
},
"nonlibrary/ubuntu": { |
| 96c10098 |
Index: ®istrytypes.IndexInfo{ |
| 4fcb9ac4 |
Name: IndexName, |
| 568f86eb |
Official: true,
}, |
| ffded61d |
RemoteName: "nonlibrary/ubuntu",
LocalName: "nonlibrary/ubuntu",
CanonicalName: "docker.io/nonlibrary/ubuntu", |
| 568f86eb |
Official: false,
},
"ubuntu": { |
| 96c10098 |
Index: ®istrytypes.IndexInfo{ |
| 4fcb9ac4 |
Name: IndexName, |
| 568f86eb |
Official: true,
}, |
| ffded61d |
RemoteName: "library/ubuntu",
LocalName: "ubuntu",
CanonicalName: "docker.io/library/ubuntu", |
| 568f86eb |
Official: true,
},
"other/library": { |
| 96c10098 |
Index: ®istrytypes.IndexInfo{ |
| 4fcb9ac4 |
Name: IndexName, |
| 568f86eb |
Official: true,
}, |
| ffded61d |
RemoteName: "other/library",
LocalName: "other/library",
CanonicalName: "docker.io/other/library", |
| 568f86eb |
Official: false,
},
"127.0.0.1:8000/private/moonbase": { |
| 96c10098 |
Index: ®istrytypes.IndexInfo{ |
| 568f86eb |
Name: "127.0.0.1:8000",
Official: false,
}, |
| ffded61d |
RemoteName: "private/moonbase",
LocalName: "127.0.0.1:8000/private/moonbase",
CanonicalName: "127.0.0.1:8000/private/moonbase", |
| 568f86eb |
Official: false,
},
"127.0.0.1:8000/privatebase": { |
| 96c10098 |
Index: ®istrytypes.IndexInfo{ |
| 568f86eb |
Name: "127.0.0.1:8000",
Official: false,
}, |
| ffded61d |
RemoteName: "privatebase",
LocalName: "127.0.0.1:8000/privatebase",
CanonicalName: "127.0.0.1:8000/privatebase", |
| 568f86eb |
Official: false,
},
"localhost:8000/private/moonbase": { |
| 96c10098 |
Index: ®istrytypes.IndexInfo{ |
| 568f86eb |
Name: "localhost:8000",
Official: false,
}, |
| ffded61d |
RemoteName: "private/moonbase",
LocalName: "localhost:8000/private/moonbase",
CanonicalName: "localhost:8000/private/moonbase", |
| 568f86eb |
Official: false,
},
"localhost:8000/privatebase": { |
| 96c10098 |
Index: ®istrytypes.IndexInfo{ |
| 568f86eb |
Name: "localhost:8000",
Official: false,
}, |
| ffded61d |
RemoteName: "privatebase",
LocalName: "localhost:8000/privatebase",
CanonicalName: "localhost:8000/privatebase", |
| 568f86eb |
Official: false,
},
"example.com/private/moonbase": { |
| 96c10098 |
Index: ®istrytypes.IndexInfo{ |
| 568f86eb |
Name: "example.com",
Official: false,
}, |
| ffded61d |
RemoteName: "private/moonbase",
LocalName: "example.com/private/moonbase",
CanonicalName: "example.com/private/moonbase", |
| 568f86eb |
Official: false,
},
"example.com/privatebase": { |
| 96c10098 |
Index: ®istrytypes.IndexInfo{ |
| 568f86eb |
Name: "example.com",
Official: false,
}, |
| ffded61d |
RemoteName: "privatebase",
LocalName: "example.com/privatebase",
CanonicalName: "example.com/privatebase", |
| 568f86eb |
Official: false,
},
"example.com:8000/private/moonbase": { |
| 96c10098 |
Index: ®istrytypes.IndexInfo{ |
| 568f86eb |
Name: "example.com:8000",
Official: false,
}, |
| ffded61d |
RemoteName: "private/moonbase",
LocalName: "example.com:8000/private/moonbase",
CanonicalName: "example.com:8000/private/moonbase", |
| 568f86eb |
Official: false,
},
"example.com:8000/privatebase": { |
| 96c10098 |
Index: ®istrytypes.IndexInfo{ |
| 568f86eb |
Name: "example.com:8000",
Official: false,
}, |
| ffded61d |
RemoteName: "privatebase",
LocalName: "example.com:8000/privatebase",
CanonicalName: "example.com:8000/privatebase", |
| 568f86eb |
Official: false,
},
"localhost/private/moonbase": { |
| 96c10098 |
Index: ®istrytypes.IndexInfo{ |
| 568f86eb |
Name: "localhost",
Official: false,
}, |
| ffded61d |
RemoteName: "private/moonbase",
LocalName: "localhost/private/moonbase",
CanonicalName: "localhost/private/moonbase", |
| 568f86eb |
Official: false,
},
"localhost/privatebase": { |
| 96c10098 |
Index: ®istrytypes.IndexInfo{ |
| 568f86eb |
Name: "localhost",
Official: false,
}, |
| ffded61d |
RemoteName: "privatebase",
LocalName: "localhost/privatebase",
CanonicalName: "localhost/privatebase", |
| 568f86eb |
Official: false,
}, |
| 4fcb9ac4 |
IndexName + "/public/moonbase": { |
| 96c10098 |
Index: ®istrytypes.IndexInfo{ |
| 4fcb9ac4 |
Name: IndexName, |
| 568f86eb |
Official: true,
}, |
| ffded61d |
RemoteName: "public/moonbase",
LocalName: "public/moonbase",
CanonicalName: "docker.io/public/moonbase", |
| 568f86eb |
Official: false,
}, |
| 4fcb9ac4 |
"index." + IndexName + "/public/moonbase": { |
| 96c10098 |
Index: ®istrytypes.IndexInfo{ |
| 4fcb9ac4 |
Name: IndexName, |
| 568f86eb |
Official: true,
}, |
| ffded61d |
RemoteName: "public/moonbase",
LocalName: "public/moonbase",
CanonicalName: "docker.io/public/moonbase", |
| 568f86eb |
Official: false,
},
"ubuntu-12.04-base": { |
| 96c10098 |
Index: ®istrytypes.IndexInfo{ |
| 4fcb9ac4 |
Name: IndexName, |
| 568f86eb |
Official: true,
}, |
| ffded61d |
RemoteName: "library/ubuntu-12.04-base",
LocalName: "ubuntu-12.04-base",
CanonicalName: "docker.io/library/ubuntu-12.04-base", |
| 568f86eb |
Official: true,
}, |
| 4fcb9ac4 |
IndexName + "/ubuntu-12.04-base": { |
| 96c10098 |
Index: ®istrytypes.IndexInfo{ |
| 4fcb9ac4 |
Name: IndexName, |
| 568f86eb |
Official: true,
}, |
| ffded61d |
RemoteName: "library/ubuntu-12.04-base",
LocalName: "ubuntu-12.04-base",
CanonicalName: "docker.io/library/ubuntu-12.04-base", |
| 568f86eb |
Official: true,
}, |
| 4fcb9ac4 |
"index." + IndexName + "/ubuntu-12.04-base": { |
| 96c10098 |
Index: ®istrytypes.IndexInfo{ |
| 4fcb9ac4 |
Name: IndexName, |
| 568f86eb |
Official: true,
}, |
| ffded61d |
RemoteName: "library/ubuntu-12.04-base",
LocalName: "ubuntu-12.04-base",
CanonicalName: "docker.io/library/ubuntu-12.04-base", |
| 568f86eb |
Official: true,
},
}
for reposName, expectedRepoInfo := range expectedRepoInfos { |
| 0421f517 |
named, err := reference.ParseNormalizedNamed(reposName) |
| 4352da78 |
if err != nil {
t.Error(err)
}
repoInfo, err := ParseRepositoryInfo(named) |
| 568f86eb |
if err != nil {
t.Error(err)
} else {
checkEqual(t, repoInfo.Index.Name, expectedRepoInfo.Index.Name, reposName) |
| 3a127939 |
checkEqual(t, reference.Path(repoInfo.Name), expectedRepoInfo.RemoteName, reposName)
checkEqual(t, reference.FamiliarName(repoInfo.Name), expectedRepoInfo.LocalName, reposName)
checkEqual(t, repoInfo.Name.Name(), expectedRepoInfo.CanonicalName, reposName) |
| 568f86eb |
checkEqual(t, repoInfo.Index.Official, expectedRepoInfo.Index.Official, reposName)
checkEqual(t, repoInfo.Official, expectedRepoInfo.Official, reposName)
}
}
}
func TestNewIndexInfo(t *testing.T) { |
| 59586d02 |
testIndexInfo := func(config *serviceConfig, expectedIndexInfos map[string]*registrytypes.IndexInfo) { |
| 568f86eb |
for indexName, expectedIndexInfo := range expectedIndexInfos { |
| 96c10098 |
index, err := newIndexInfo(config, indexName) |
| 568f86eb |
if err != nil {
t.Fatal(err)
} else {
checkEqual(t, index.Name, expectedIndexInfo.Name, indexName+" name")
checkEqual(t, index.Official, expectedIndexInfo.Official, indexName+" is official")
checkEqual(t, index.Secure, expectedIndexInfo.Secure, indexName+" is secure")
checkEqual(t, len(index.Mirrors), len(expectedIndexInfo.Mirrors), indexName+" mirrors")
}
}
}
|
| 5258297d |
config := emptyServiceConfig |
| f23c00d8 |
var noMirrors []string |
| 96c10098 |
expectedIndexInfos := map[string]*registrytypes.IndexInfo{ |
| 4fcb9ac4 |
IndexName: {
Name: IndexName, |
| 568f86eb |
Official: true,
Secure: true,
Mirrors: noMirrors,
}, |
| 4fcb9ac4 |
"index." + IndexName: {
Name: IndexName, |
| 568f86eb |
Official: true,
Secure: true,
Mirrors: noMirrors,
},
"example.com": {
Name: "example.com",
Official: false,
Secure: true,
Mirrors: noMirrors,
},
"127.0.0.1:5000": {
Name: "127.0.0.1:5000",
Official: false,
Secure: false,
Mirrors: noMirrors,
},
}
testIndexInfo(config, expectedIndexInfos)
publicMirrors := []string{"http://mirror1.local", "http://mirror2.local"} |
| 5258297d |
var err error
config, err = makeServiceConfig(publicMirrors, []string{"example.com"})
if err != nil {
t.Fatal(err)
} |
| 568f86eb |
|
| 96c10098 |
expectedIndexInfos = map[string]*registrytypes.IndexInfo{ |
| 4fcb9ac4 |
IndexName: {
Name: IndexName, |
| 568f86eb |
Official: true,
Secure: true,
Mirrors: publicMirrors,
}, |
| 4fcb9ac4 |
"index." + IndexName: {
Name: IndexName, |
| 568f86eb |
Official: true,
Secure: true,
Mirrors: publicMirrors,
},
"example.com": {
Name: "example.com",
Official: false,
Secure: false,
Mirrors: noMirrors,
},
"example.com:5000": {
Name: "example.com:5000",
Official: false,
Secure: true,
Mirrors: noMirrors,
},
"127.0.0.1": {
Name: "127.0.0.1",
Official: false,
Secure: false,
Mirrors: noMirrors,
},
"127.0.0.1:5000": {
Name: "127.0.0.1:5000",
Official: false,
Secure: false,
Mirrors: noMirrors,
},
"other.com": {
Name: "other.com",
Official: false,
Secure: true,
Mirrors: noMirrors,
},
}
testIndexInfo(config, expectedIndexInfos)
|
| 5258297d |
config, err = makeServiceConfig(nil, []string{"42.42.0.0/16"})
if err != nil {
t.Fatal(err)
} |
| 96c10098 |
expectedIndexInfos = map[string]*registrytypes.IndexInfo{ |
| 568f86eb |
"example.com": {
Name: "example.com",
Official: false,
Secure: false,
Mirrors: noMirrors,
},
"example.com:5000": {
Name: "example.com:5000",
Official: false,
Secure: false,
Mirrors: noMirrors,
},
"127.0.0.1": {
Name: "127.0.0.1",
Official: false,
Secure: false,
Mirrors: noMirrors,
},
"127.0.0.1:5000": {
Name: "127.0.0.1:5000",
Official: false,
Secure: false,
Mirrors: noMirrors,
},
"other.com": {
Name: "other.com",
Official: false,
Secure: true,
Mirrors: noMirrors,
}, |
| d61fce9a |
} |
| 568f86eb |
testIndexInfo(config, expectedIndexInfos) |
| 97b7b173 |
}
|
| c016d2de |
func TestMirrorEndpointLookup(t *testing.T) { |
| a7999aaa |
skip.If(t, os.Getuid() != 0, "skipping test that requires root") |
| c016d2de |
containsMirror := func(endpoints []APIEndpoint) bool {
for _, pe := range endpoints { |
| 79db131a |
if pe.URL.Host == "my.mirror" { |
| c016d2de |
return true
}
}
return false
} |
| 5258297d |
cfg, err := makeServiceConfig([]string{"https://my.mirror"}, nil)
if err != nil {
t.Fatal(err)
}
s := DefaultService{config: cfg} |
| c016d2de |
|
| 4352da78 |
imageName, err := reference.WithName(IndexName + "/test/image")
if err != nil {
t.Error(err)
} |
| 0421f517 |
pushAPIEndpoints, err := s.LookupPushEndpoints(reference.Domain(imageName)) |
| c016d2de |
if err != nil {
t.Fatal(err)
}
if containsMirror(pushAPIEndpoints) {
t.Fatal("Push endpoint should not contain mirror")
}
|
| 0421f517 |
pullAPIEndpoints, err := s.LookupPullEndpoints(reference.Domain(imageName)) |
| c016d2de |
if err != nil {
t.Fatal(err)
}
if !containsMirror(pullAPIEndpoints) {
t.Fatal("Pull endpoint should contain mirror")
}
}
|
| 97b7b173 |
func TestSearchRepositories(t *testing.T) { |
| 752dd707 |
r := spawnTestRegistrySession(t) |
| 92f10fe2 |
results, err := r.SearchRepositories("fakequery", 25) |
| 97b7b173 |
if err != nil {
t.Fatal(err)
}
if results == nil {
t.Fatal("Expected non-nil SearchResults object")
} |
| 9a0d7fe0 |
assertEqual(t, results.NumResults, 1, "Expected 1 search results")
assertEqual(t, results.Query, "fakequery", "Expected 'fakequery' as query") |
| 3941623f |
assertEqual(t, results.Results[0].StarCount, 42, "Expected 'fakeimage' to have 42 stars") |
| 484ba4a8 |
} |
| 5867f9e7 |
|
| a1245318 |
func TestTrustedLocation(t *testing.T) { |
| 80825765 |
for _, url := range []string{"http://example.com", "https://example.com:7777", "http://docker.io", "http://test.docker.com", "https://fakedocker.com"} { |
| 441b031b |
req, _ := http.NewRequest(http.MethodGet, url, nil) |
| 6be0f709 |
assert.Check(t, !trustedLocation(req)) |
| a1245318 |
}
|
| 80825765 |
for _, url := range []string{"https://docker.io", "https://test.docker.com:80"} { |
| 441b031b |
req, _ := http.NewRequest(http.MethodGet, url, nil) |
| 6be0f709 |
assert.Check(t, trustedLocation(req)) |
| a1245318 |
}
}
func TestAddRequiredHeadersToRedirectedRequests(t *testing.T) {
for _, urls := range [][]string{
{"http://docker.io", "https://docker.com"},
{"https://foo.docker.io:7777", "http://bar.docker.com"},
{"https://foo.docker.io", "https://example.com"},
} { |
| 441b031b |
reqFrom, _ := http.NewRequest(http.MethodGet, urls[0], nil) |
| a1245318 |
reqFrom.Header.Add("Content-Type", "application/json")
reqFrom.Header.Add("Authorization", "super_secret") |
| 441b031b |
reqTo, _ := http.NewRequest(http.MethodGet, urls[1], nil) |
| a1245318 |
|
| 4fcb9ac4 |
addRequiredHeadersToRedirectedRequests(reqTo, []*http.Request{reqFrom}) |
| a1245318 |
if len(reqTo.Header) != 1 { |
| f08cd445 |
t.Fatalf("Expected 1 headers, got %d", len(reqTo.Header)) |
| a1245318 |
}
if reqTo.Header.Get("Content-Type") != "application/json" {
t.Fatal("'Content-Type' should be 'application/json'")
}
if reqTo.Header.Get("Authorization") != "" {
t.Fatal("'Authorization' should be empty")
}
}
for _, urls := range [][]string{
{"https://docker.io", "https://docker.com"},
{"https://foo.docker.io:7777", "https://bar.docker.com"},
} { |
| 441b031b |
reqFrom, _ := http.NewRequest(http.MethodGet, urls[0], nil) |
| a1245318 |
reqFrom.Header.Add("Content-Type", "application/json")
reqFrom.Header.Add("Authorization", "super_secret") |
| 441b031b |
reqTo, _ := http.NewRequest(http.MethodGet, urls[1], nil) |
| a1245318 |
|
| 4fcb9ac4 |
addRequiredHeadersToRedirectedRequests(reqTo, []*http.Request{reqFrom}) |
| a1245318 |
if len(reqTo.Header) != 2 { |
| f08cd445 |
t.Fatalf("Expected 2 headers, got %d", len(reqTo.Header)) |
| a1245318 |
}
if reqTo.Header.Get("Content-Type") != "application/json" {
t.Fatal("'Content-Type' should be 'application/json'")
}
if reqTo.Header.Get("Authorization") != "super_secret" {
t.Fatal("'Authorization' should be 'super_secret'")
}
}
} |
| 75e3b35b |
|
| 67fdf574 |
func TestAllowNondistributableArtifacts(t *testing.T) {
tests := []struct {
addr string
registries []string
expected bool
}{
{IndexName, nil, false},
{"example.com", []string{}, false},
{"example.com", []string{"example.com"}, true},
{"localhost", []string{"localhost:5000"}, false},
{"localhost:5000", []string{"localhost:5000"}, true},
{"localhost", []string{"example.com"}, false},
{"127.0.0.1:5000", []string{"127.0.0.1:5000"}, true},
{"localhost", nil, false},
{"localhost:5000", nil, false},
{"127.0.0.1", nil, false},
{"localhost", []string{"example.com"}, false},
{"127.0.0.1", []string{"example.com"}, false},
{"example.com", nil, false},
{"example.com", []string{"example.com"}, true},
{"127.0.0.1", []string{"example.com"}, false},
{"127.0.0.1:5000", []string{"example.com"}, false},
{"example.com:5000", []string{"42.42.0.0/16"}, true},
{"example.com", []string{"42.42.0.0/16"}, true},
{"example.com:5000", []string{"42.42.42.42/8"}, true},
{"127.0.0.1:5000", []string{"127.0.0.0/8"}, true},
{"42.42.42.42:5000", []string{"42.1.1.1/8"}, true},
{"invalid.domain.com", []string{"42.42.0.0/16"}, false},
{"invalid.domain.com", []string{"invalid.domain.com"}, true},
{"invalid.domain.com:5000", []string{"invalid.domain.com"}, false},
{"invalid.domain.com:5000", []string{"invalid.domain.com:5000"}, true},
}
for _, tt := range tests { |
| 5258297d |
config, err := newServiceConfig(ServiceOptions{ |
| 67fdf574 |
AllowNondistributableArtifacts: tt.registries,
}) |
| 5258297d |
if err != nil {
t.Error(err)
} |
| 67fdf574 |
if v := allowNondistributableArtifacts(config, tt.addr); v != tt.expected {
t.Errorf("allowNondistributableArtifacts failed for %q %v, expected %v got %v", tt.addr, tt.registries, tt.expected, v)
}
}
}
|
| 568f86eb |
func TestIsSecureIndex(t *testing.T) { |
| 75e3b35b |
tests := []struct {
addr string
insecureRegistries []string
expected bool
}{ |
| 4fcb9ac4 |
{IndexName, nil, true}, |
| 75e3b35b |
{"example.com", []string{}, true},
{"example.com", []string{"example.com"}, false}, |
| 11380a10 |
{"localhost", []string{"localhost:5000"}, false}, |
| 75e3b35b |
{"localhost:5000", []string{"localhost:5000"}, false}, |
| 11380a10 |
{"localhost", []string{"example.com"}, false}, |
| 75e3b35b |
{"127.0.0.1:5000", []string{"127.0.0.1:5000"}, false}, |
| 6aba75db |
{"localhost", nil, false},
{"localhost:5000", nil, false},
{"127.0.0.1", nil, false}, |
| 11380a10 |
{"localhost", []string{"example.com"}, false},
{"127.0.0.1", []string{"example.com"}, false}, |
| 6aba75db |
{"example.com", nil, true}, |
| 28ee373e |
{"example.com", []string{"example.com"}, false}, |
| 11380a10 |
{"127.0.0.1", []string{"example.com"}, false},
{"127.0.0.1:5000", []string{"example.com"}, false}, |
| 6aba75db |
{"example.com:5000", []string{"42.42.0.0/16"}, false},
{"example.com", []string{"42.42.0.0/16"}, false},
{"example.com:5000", []string{"42.42.42.42/8"}, false},
{"127.0.0.1:5000", []string{"127.0.0.0/8"}, false},
{"42.42.42.42:5000", []string{"42.1.1.1/8"}, false}, |
| a70d7aaf |
{"invalid.domain.com", []string{"42.42.0.0/16"}, true},
{"invalid.domain.com", []string{"invalid.domain.com"}, false}, |
| 9a50dd5f |
{"invalid.domain.com:5000", []string{"invalid.domain.com"}, true},
{"invalid.domain.com:5000", []string{"invalid.domain.com:5000"}, false}, |
| 28ee373e |
}
for _, tt := range tests { |
| 5258297d |
config, err := makeServiceConfig(nil, tt.insecureRegistries)
if err != nil {
t.Error(err)
} |
| 96c10098 |
if sec := isSecureIndex(config, tt.addr); sec != tt.expected { |
| 568f86eb |
t.Errorf("isSecureIndex failed for %q %v, expected %v got %v", tt.addr, tt.insecureRegistries, tt.expected, sec) |
| 28ee373e |
}
}
} |
| 927d13bc |
type debugTransport struct {
http.RoundTripper
log func(...interface{})
}
func (tr debugTransport) RoundTrip(req *http.Request) (*http.Response, error) {
dump, err := httputil.DumpRequestOut(req, false)
if err != nil {
tr.log("could not dump request")
}
tr.log(string(dump))
resp, err := tr.RoundTripper.RoundTrip(req)
if err != nil {
return nil, err
}
dump, err = httputil.DumpResponse(resp, false)
if err != nil {
tr.log("could not dump response")
}
tr.log(string(dump))
return resp, err
} |