Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
K
k3s
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Jacklull
k3s
Commits
607bdd57
Commit
607bdd57
authored
May 03, 2017
by
Yu-Ju Hong
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Move docker keyring lookup test to pkg/credentailprovider
Also remove unused image tests in docker_test.go
parent
5644587e
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
117 additions
and
162 deletions
+117
-162
keyring_test.go
pkg/credentialprovider/keyring_test.go
+117
-0
docker_test.go
pkg/kubelet/dockertools/docker_test.go
+0
-162
No files found.
pkg/credentialprovider/keyring_test.go
View file @
607bdd57
...
...
@@ -19,7 +19,10 @@ package credentialprovider
import
(
"encoding/base64"
"fmt"
"reflect"
"testing"
dockertypes
"github.com/docker/engine-api/types"
)
func
TestUrlsMatch
(
t
*
testing
.
T
)
{
...
...
@@ -499,3 +502,117 @@ func TestLazyKeyring(t *testing.T) {
t
.
Errorf
(
"Unexpected number of Provide calls: %v"
,
provider
.
Count
)
}
}
func
TestDockerKeyringLookup
(
t
*
testing
.
T
)
{
ada
:=
LazyAuthConfiguration
{
AuthConfig
:
dockertypes
.
AuthConfig
{
Username
:
"ada"
,
Password
:
"smash"
,
Email
:
"ada@example.com"
,
},
}
grace
:=
LazyAuthConfiguration
{
AuthConfig
:
dockertypes
.
AuthConfig
{
Username
:
"grace"
,
Password
:
"squash"
,
Email
:
"grace@example.com"
,
},
}
dk
:=
&
BasicDockerKeyring
{}
dk
.
Add
(
DockerConfig
{
"bar.example.com/pong"
:
DockerConfigEntry
{
Username
:
grace
.
Username
,
Password
:
grace
.
Password
,
Email
:
grace
.
Email
,
},
"bar.example.com"
:
DockerConfigEntry
{
Username
:
ada
.
Username
,
Password
:
ada
.
Password
,
Email
:
ada
.
Email
,
},
})
tests
:=
[]
struct
{
image
string
match
[]
LazyAuthConfiguration
ok
bool
}{
// direct match
{
"bar.example.com"
,
[]
LazyAuthConfiguration
{
ada
},
true
},
// direct match deeper than other possible matches
{
"bar.example.com/pong"
,
[]
LazyAuthConfiguration
{
grace
,
ada
},
true
},
// no direct match, deeper path ignored
{
"bar.example.com/ping"
,
[]
LazyAuthConfiguration
{
ada
},
true
},
// match first part of path token
{
"bar.example.com/pongz"
,
[]
LazyAuthConfiguration
{
grace
,
ada
},
true
},
// match regardless of sub-path
{
"bar.example.com/pong/pang"
,
[]
LazyAuthConfiguration
{
grace
,
ada
},
true
},
// no host match
{
"example.com"
,
[]
LazyAuthConfiguration
{},
false
},
{
"foo.example.com"
,
[]
LazyAuthConfiguration
{},
false
},
}
for
i
,
tt
:=
range
tests
{
match
,
ok
:=
dk
.
Lookup
(
tt
.
image
)
if
tt
.
ok
!=
ok
{
t
.
Errorf
(
"case %d: expected ok=%t, got %t"
,
i
,
tt
.
ok
,
ok
)
}
if
!
reflect
.
DeepEqual
(
tt
.
match
,
match
)
{
t
.
Errorf
(
"case %d: expected match=%#v, got %#v"
,
i
,
tt
.
match
,
match
)
}
}
}
// This validates that dockercfg entries with a scheme and url path are properly matched
// by images that only match the hostname.
// NOTE: the above covers the case of a more specific match trumping just hostname.
func
TestIssue3797
(
t
*
testing
.
T
)
{
rex
:=
LazyAuthConfiguration
{
AuthConfig
:
dockertypes
.
AuthConfig
{
Username
:
"rex"
,
Password
:
"tiny arms"
,
Email
:
"rex@example.com"
,
},
}
dk
:=
&
BasicDockerKeyring
{}
dk
.
Add
(
DockerConfig
{
"https://quay.io/v1/"
:
DockerConfigEntry
{
Username
:
rex
.
Username
,
Password
:
rex
.
Password
,
Email
:
rex
.
Email
,
},
})
tests
:=
[]
struct
{
image
string
match
[]
LazyAuthConfiguration
ok
bool
}{
// direct match
{
"quay.io"
,
[]
LazyAuthConfiguration
{
rex
},
true
},
// partial matches
{
"quay.io/foo"
,
[]
LazyAuthConfiguration
{
rex
},
true
},
{
"quay.io/foo/bar"
,
[]
LazyAuthConfiguration
{
rex
},
true
},
}
for
i
,
tt
:=
range
tests
{
match
,
ok
:=
dk
.
Lookup
(
tt
.
image
)
if
tt
.
ok
!=
ok
{
t
.
Errorf
(
"case %d: expected ok=%t, got %t"
,
i
,
tt
.
ok
,
ok
)
}
if
!
reflect
.
DeepEqual
(
tt
.
match
,
match
)
{
t
.
Errorf
(
"case %d: expected match=%#v, got %#v"
,
i
,
tt
.
match
,
match
)
}
}
}
pkg/kubelet/dockertools/docker_test.go
View file @
607bdd57
...
...
@@ -544,168 +544,6 @@ func TestPullWithSecrets(t *testing.T) {
}
}
func
TestDockerKeyringLookupFails
(
t
*
testing
.
T
)
{
fakeKeyring
:=
&
credentialprovider
.
FakeKeyring
{}
fakeClient
:=
NewFakeDockerClient
()
fakeClient
.
InjectError
(
"pull"
,
fmt
.
Errorf
(
"test error"
))
dp
:=
dockerPuller
{
client
:
fakeClient
,
keyring
:
fakeKeyring
,
}
err
:=
dp
.
Pull
(
"host/repository/image:version"
,
[]
v1
.
Secret
{})
if
err
==
nil
{
t
.
Errorf
(
"unexpected non-error"
)
}
msg
:=
"image pull failed for host/repository/image:version, this may be because there are no credentials on this request. details: (test error)"
if
err
.
Error
()
!=
msg
{
t
.
Errorf
(
"expected: %s, saw: %s"
,
msg
,
err
.
Error
())
}
}
func
TestDockerKeyringLookup
(
t
*
testing
.
T
)
{
ada
:=
credentialprovider
.
LazyAuthConfiguration
{
AuthConfig
:
dockertypes
.
AuthConfig
{
Username
:
"ada"
,
Password
:
"smash"
,
Email
:
"ada@example.com"
,
},
}
grace
:=
credentialprovider
.
LazyAuthConfiguration
{
AuthConfig
:
dockertypes
.
AuthConfig
{
Username
:
"grace"
,
Password
:
"squash"
,
Email
:
"grace@example.com"
,
},
}
dk
:=
&
credentialprovider
.
BasicDockerKeyring
{}
dk
.
Add
(
credentialprovider
.
DockerConfig
{
"bar.example.com/pong"
:
credentialprovider
.
DockerConfigEntry
{
Username
:
grace
.
Username
,
Password
:
grace
.
Password
,
Email
:
grace
.
Email
,
},
"bar.example.com"
:
credentialprovider
.
DockerConfigEntry
{
Username
:
ada
.
Username
,
Password
:
ada
.
Password
,
Email
:
ada
.
Email
,
},
})
tests
:=
[]
struct
{
image
string
match
[]
credentialprovider
.
LazyAuthConfiguration
ok
bool
}{
// direct match
{
"bar.example.com"
,
[]
credentialprovider
.
LazyAuthConfiguration
{
ada
},
true
},
// direct match deeper than other possible matches
{
"bar.example.com/pong"
,
[]
credentialprovider
.
LazyAuthConfiguration
{
grace
,
ada
},
true
},
// no direct match, deeper path ignored
{
"bar.example.com/ping"
,
[]
credentialprovider
.
LazyAuthConfiguration
{
ada
},
true
},
// match first part of path token
{
"bar.example.com/pongz"
,
[]
credentialprovider
.
LazyAuthConfiguration
{
grace
,
ada
},
true
},
// match regardless of sub-path
{
"bar.example.com/pong/pang"
,
[]
credentialprovider
.
LazyAuthConfiguration
{
grace
,
ada
},
true
},
// no host match
{
"example.com"
,
[]
credentialprovider
.
LazyAuthConfiguration
{},
false
},
{
"foo.example.com"
,
[]
credentialprovider
.
LazyAuthConfiguration
{},
false
},
}
for
i
,
tt
:=
range
tests
{
match
,
ok
:=
dk
.
Lookup
(
tt
.
image
)
if
tt
.
ok
!=
ok
{
t
.
Errorf
(
"case %d: expected ok=%t, got %t"
,
i
,
tt
.
ok
,
ok
)
}
if
!
reflect
.
DeepEqual
(
tt
.
match
,
match
)
{
t
.
Errorf
(
"case %d: expected match=%#v, got %#v"
,
i
,
tt
.
match
,
match
)
}
}
}
// This validates that dockercfg entries with a scheme and url path are properly matched
// by images that only match the hostname.
// NOTE: the above covers the case of a more specific match trumping just hostname.
func
TestIssue3797
(
t
*
testing
.
T
)
{
rex
:=
credentialprovider
.
LazyAuthConfiguration
{
AuthConfig
:
dockertypes
.
AuthConfig
{
Username
:
"rex"
,
Password
:
"tiny arms"
,
Email
:
"rex@example.com"
,
},
}
dk
:=
&
credentialprovider
.
BasicDockerKeyring
{}
dk
.
Add
(
credentialprovider
.
DockerConfig
{
"https://quay.io/v1/"
:
credentialprovider
.
DockerConfigEntry
{
Username
:
rex
.
Username
,
Password
:
rex
.
Password
,
Email
:
rex
.
Email
,
},
})
tests
:=
[]
struct
{
image
string
match
[]
credentialprovider
.
LazyAuthConfiguration
ok
bool
}{
// direct match
{
"quay.io"
,
[]
credentialprovider
.
LazyAuthConfiguration
{
rex
},
true
},
// partial matches
{
"quay.io/foo"
,
[]
credentialprovider
.
LazyAuthConfiguration
{
rex
},
true
},
{
"quay.io/foo/bar"
,
[]
credentialprovider
.
LazyAuthConfiguration
{
rex
},
true
},
}
for
i
,
tt
:=
range
tests
{
match
,
ok
:=
dk
.
Lookup
(
tt
.
image
)
if
tt
.
ok
!=
ok
{
t
.
Errorf
(
"case %d: expected ok=%t, got %t"
,
i
,
tt
.
ok
,
ok
)
}
if
!
reflect
.
DeepEqual
(
tt
.
match
,
match
)
{
t
.
Errorf
(
"case %d: expected match=%#v, got %#v"
,
i
,
tt
.
match
,
match
)
}
}
}
type
imageTrackingDockerClient
struct
{
*
FakeDockerClient
imageName
string
}
func
(
f
*
imageTrackingDockerClient
)
InspectImageByID
(
name
string
)
(
image
*
dockertypes
.
ImageInspect
,
err
error
)
{
image
,
err
=
f
.
FakeDockerClient
.
InspectImageByID
(
name
)
f
.
imageName
=
name
return
}
func
(
f
*
imageTrackingDockerClient
)
InspectImageByRef
(
name
string
)
(
image
*
dockertypes
.
ImageInspect
,
err
error
)
{
image
,
err
=
f
.
FakeDockerClient
.
InspectImageByRef
(
name
)
f
.
imageName
=
name
return
}
func
TestGetImageRef
(
t
*
testing
.
T
)
{
cl
:=
&
imageTrackingDockerClient
{
NewFakeDockerClient
(),
""
}
puller
:=
&
dockerPuller
{
client
:
cl
,
}
_
,
_
=
puller
.
GetImageRef
(
"abc:123"
)
if
cl
.
imageName
!=
"abc:123"
{
t
.
Errorf
(
"expected inspection of image abc:123, instead inspected image %v"
,
cl
.
imageName
)
}
}
const
letterBytes
=
"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
func
randStringBytes
(
n
int
)
string
{
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment