Skip to content

Commit 15b95be

Browse files
thaJeztahthaJeztah
committed
cli/command: add unit-test for RetrieveAuthTokenFromImage
It's currently slower because it calls registry.ParseRepositoryInfo, which does a DNS lookup for hostnames to determine if they're a loopback address (and marked "insecure"); go test -v -run TestRetrieveAuthTokenFromImage === RUN TestRetrieveAuthTokenFromImage === RUN TestRetrieveAuthTokenFromImage/no-prefix === RUN TestRetrieveAuthTokenFromImage/docker.io === RUN TestRetrieveAuthTokenFromImage/index.docker.io === RUN TestRetrieveAuthTokenFromImage/registry-1.docker.io === RUN TestRetrieveAuthTokenFromImage/registry.hub.docker.com === RUN TestRetrieveAuthTokenFromImage/[::1] === RUN TestRetrieveAuthTokenFromImage/[::1]:5000 === RUN TestRetrieveAuthTokenFromImage/127.0.0.1 === RUN TestRetrieveAuthTokenFromImage/localhost === RUN TestRetrieveAuthTokenFromImage/localhost:5000 === RUN TestRetrieveAuthTokenFromImage/no-auth.example.com --- PASS: TestRetrieveAuthTokenFromImage (0.35s) --- PASS: TestRetrieveAuthTokenFromImage/no-prefix (0.00s) --- PASS: TestRetrieveAuthTokenFromImage/docker.io (0.00s) --- PASS: TestRetrieveAuthTokenFromImage/index.docker.io (0.00s) --- PASS: TestRetrieveAuthTokenFromImage/registry-1.docker.io (0.08s) --- PASS: TestRetrieveAuthTokenFromImage/registry.hub.docker.com (0.12s) --- PASS: TestRetrieveAuthTokenFromImage/[::1] (0.13s) --- PASS: TestRetrieveAuthTokenFromImage/[::1]:5000 (0.00s) --- PASS: TestRetrieveAuthTokenFromImage/127.0.0.1 (0.00s) --- PASS: TestRetrieveAuthTokenFromImage/localhost (0.00s) --- PASS: TestRetrieveAuthTokenFromImage/localhost:5000 (0.00s) --- PASS: TestRetrieveAuthTokenFromImage/no-auth.example.com (0.01s) PASS ok github.com/docker/cli/cli/command 1.367s Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
1 parent b8034c0 commit 15b95be

1 file changed

Lines changed: 112 additions & 0 deletions

File tree

cli/command/registry_test.go

Lines changed: 112 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,8 @@
11
package command_test
22

33
import (
4+
"bytes"
5+
"path"
46
"testing"
57

68
"github.com/docker/cli/cli/command"
@@ -80,3 +82,113 @@ func TestGetDefaultAuthConfig_HelperError(t *testing.T) {
8082
assert.Check(t, is.DeepEqual(expectedAuthConfig, authconfig))
8183
assert.Check(t, is.ErrorContains(err, "docker-credential-fake-does-not-exist"))
8284
}
85+
86+
func TestRetrieveAuthTokenFromImage(t *testing.T) {
87+
// configFileContent contains a plain-text "username:password", as stored by
88+
// the plain-text store;
89+
// https://github.com/docker/cli/blob/v28.0.4/cli/config/configfile/file.go#L218-L229
90+
const configFileContent = `{"auths": {
91+
"https://index.docker.io/v1/": {"auth": "dXNlcm5hbWU6cGFzc3dvcmQ="},
92+
"[::1]": {"auth": "dXNlcm5hbWU6cGFzc3dvcmQ="},
93+
"[::1]:5000": {"auth": "dXNlcm5hbWU6cGFzc3dvcmQ="},
94+
"127.0.0.1": {"auth": "dXNlcm5hbWU6cGFzc3dvcmQ="},
95+
"127.0.0.1:5000": {"auth": "dXNlcm5hbWU6cGFzc3dvcmQ="},
96+
"localhost": {"auth": "dXNlcm5hbWU6cGFzc3dvcmQ="},
97+
"localhost:5000": {"auth": "dXNlcm5hbWU6cGFzc3dvcmQ="},
98+
"registry-1.docker.io": {"auth": "dXNlcm5hbWU6cGFzc3dvcmQ="},
99+
"registry.hub.docker.com": {"auth": "dXNlcm5hbWU6cGFzc3dvcmQ="}
100+
}
101+
}`
102+
cfg := configfile.ConfigFile{}
103+
err := cfg.LoadFromReader(bytes.NewReader([]byte(configFileContent)))
104+
assert.NilError(t, err)
105+
106+
remoteRefs := []string{
107+
"ubuntu",
108+
"ubuntu:latest",
109+
"ubuntu:latest@sha256:72297848456d5d37d1262630108ab308d3e9ec7ed1c3286a32fe09856619a782",
110+
"ubuntu@sha256:72297848456d5d37d1262630108ab308d3e9ec7ed1c3286a32fe09856619a782",
111+
"library/ubuntu",
112+
"library/ubuntu:latest",
113+
"library/ubuntu:latest@sha256:72297848456d5d37d1262630108ab308d3e9ec7ed1c3286a32fe09856619a782",
114+
"library/ubuntu@sha256:72297848456d5d37d1262630108ab308d3e9ec7ed1c3286a32fe09856619a782",
115+
}
116+
117+
tests := []struct {
118+
prefix string
119+
expectedAddress string
120+
expectedAuthCfg registry.AuthConfig
121+
}{
122+
{
123+
prefix: "",
124+
expectedAddress: "https://index.docker.io/v1/",
125+
expectedAuthCfg: registry.AuthConfig{Username: "username", Password: "password", ServerAddress: "https://index.docker.io/v1/"},
126+
},
127+
{
128+
prefix: "docker.io",
129+
expectedAddress: "https://index.docker.io/v1/",
130+
expectedAuthCfg: registry.AuthConfig{Username: "username", Password: "password", ServerAddress: "https://index.docker.io/v1/"},
131+
},
132+
{
133+
prefix: "index.docker.io",
134+
expectedAddress: "https://index.docker.io/v1/",
135+
expectedAuthCfg: registry.AuthConfig{Username: "username", Password: "password", ServerAddress: "https://index.docker.io/v1/"},
136+
},
137+
{
138+
// FIXME(thaJeztah): registry-1.docker.io (the actual registry) is the odd one out, and is stored separate from other URLs used for docker hub's registry
139+
prefix: "registry-1.docker.io",
140+
expectedAuthCfg: registry.AuthConfig{Username: "username", Password: "password", ServerAddress: "registry-1.docker.io"},
141+
},
142+
{
143+
// FIXME(thaJeztah): registry.hub.docker.com is stored separate from other URLs used for docker hub's registry
144+
prefix: "registry.hub.docker.com",
145+
expectedAuthCfg: registry.AuthConfig{Username: "username", Password: "password", ServerAddress: "registry.hub.docker.com"},
146+
},
147+
{
148+
prefix: "[::1]",
149+
expectedAddress: "[::1]",
150+
expectedAuthCfg: registry.AuthConfig{Username: "username", Password: "password", ServerAddress: "[::1]"},
151+
},
152+
{
153+
prefix: "[::1]:5000",
154+
expectedAddress: "[::1]:5000",
155+
expectedAuthCfg: registry.AuthConfig{Username: "username", Password: "password", ServerAddress: "[::1]:5000"},
156+
},
157+
{
158+
prefix: "127.0.0.1",
159+
expectedAddress: "127.0.0.1",
160+
expectedAuthCfg: registry.AuthConfig{Username: "username", Password: "password", ServerAddress: "127.0.0.1"},
161+
},
162+
{
163+
prefix: "localhost",
164+
expectedAddress: "localhost",
165+
expectedAuthCfg: registry.AuthConfig{Username: "username", Password: "password", ServerAddress: "localhost"},
166+
},
167+
{
168+
prefix: "localhost:5000",
169+
expectedAddress: "localhost:5000",
170+
expectedAuthCfg: registry.AuthConfig{Username: "username", Password: "password", ServerAddress: "localhost:5000"},
171+
},
172+
{
173+
prefix: "no-auth.example.com",
174+
expectedAuthCfg: registry.AuthConfig{},
175+
},
176+
}
177+
178+
for _, tc := range tests {
179+
tcName := tc.prefix
180+
if tc.prefix == "" {
181+
tcName = "no-prefix"
182+
}
183+
t.Run(tcName, func(t *testing.T) {
184+
for _, remoteRef := range remoteRefs {
185+
imageRef := path.Join(tc.prefix, remoteRef)
186+
actual, err := command.RetrieveAuthTokenFromImage(&cfg, imageRef)
187+
assert.NilError(t, err)
188+
ac, err := registry.DecodeAuthConfig(actual)
189+
assert.NilError(t, err)
190+
assert.Check(t, is.DeepEqual(*ac, tc.expectedAuthCfg))
191+
}
192+
})
193+
}
194+
}

0 commit comments

Comments
 (0)