mirror of
https://github.com/docker/compose.git
synced 2025-07-22 13:14:29 +02:00
Merge pull request #427 from docker/fix-invalid-creds
Fix invalid creds
This commit is contained in:
commit
40dd4fd8ed
@ -73,8 +73,10 @@ func getRegistryCredentials(project compose.Project, registryLoader registryConf
|
|||||||
var registryCreds []containerinstance.ImageRegistryCredential
|
var registryCreds []containerinstance.ImageRegistryCredential
|
||||||
for name, oneCred := range allCreds {
|
for name, oneCred := range allCreds {
|
||||||
parsedURL, err := url.Parse(name)
|
parsedURL, err := url.Parse(name)
|
||||||
|
// Credentials can contain some garbage, we don't return the error here
|
||||||
|
// because we don't care about these garbage creds.
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
continue
|
||||||
}
|
}
|
||||||
|
|
||||||
hostname := parsedURL.Host
|
hostname := parsedURL.Host
|
||||||
|
@ -20,129 +20,135 @@ import (
|
|||||||
"strconv"
|
"strconv"
|
||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
|
"github.com/Azure/azure-sdk-for-go/profiles/latest/containerinstance/mgmt/containerinstance"
|
||||||
"github.com/Azure/go-autorest/autorest/to"
|
"github.com/Azure/go-autorest/autorest/to"
|
||||||
"github.com/compose-spec/compose-go/types"
|
"github.com/compose-spec/compose-go/types"
|
||||||
cliconfigtypes "github.com/docker/cli/cli/config/types"
|
cliconfigtypes "github.com/docker/cli/cli/config/types"
|
||||||
|
|
||||||
"github.com/Azure/azure-sdk-for-go/profiles/latest/containerinstance/mgmt/containerinstance"
|
|
||||||
|
|
||||||
. "github.com/onsi/gomega"
|
|
||||||
"github.com/stretchr/testify/mock"
|
"github.com/stretchr/testify/mock"
|
||||||
"github.com/stretchr/testify/suite"
|
"gotest.tools/v3/assert"
|
||||||
|
"gotest.tools/v3/assert/cmp"
|
||||||
)
|
)
|
||||||
|
|
||||||
const getAllCredentials = "getAllRegistryCredentials"
|
const getAllCredentials = "getAllRegistryCredentials"
|
||||||
|
|
||||||
type RegistryConvertTestSuite struct {
|
func TestHubPrivateImage(t *testing.T) {
|
||||||
suite.Suite
|
loader := &MockRegistryLoader{}
|
||||||
loader *MockRegistryLoader
|
loader.On(getAllCredentials).Return(registry("https://index.docker.io", userPwdCreds("toto", "pwd")), nil)
|
||||||
}
|
|
||||||
|
|
||||||
func (suite *RegistryConvertTestSuite) BeforeTest(suiteName, testName string) {
|
creds, err := getRegistryCredentials(composeServices("gtardif/privateimg"), loader)
|
||||||
suite.loader = &MockRegistryLoader{}
|
assert.NilError(t, err)
|
||||||
}
|
assert.DeepEqual(t, creds, []containerinstance.ImageRegistryCredential{
|
||||||
|
|
||||||
func (suite *RegistryConvertTestSuite) TestHubPrivateImage() {
|
|
||||||
suite.loader.On(getAllCredentials).Return(registry("https://index.docker.io", userPwdCreds("toto", "pwd")), nil)
|
|
||||||
|
|
||||||
creds, err := getRegistryCredentials(composeServices("gtardif/privateimg"), suite.loader)
|
|
||||||
Expect(err).To(BeNil())
|
|
||||||
Expect(creds).To(Equal([]containerinstance.ImageRegistryCredential{
|
|
||||||
{
|
{
|
||||||
Server: to.StringPtr(dockerHub),
|
Server: to.StringPtr(dockerHub),
|
||||||
Username: to.StringPtr("toto"),
|
Username: to.StringPtr("toto"),
|
||||||
Password: to.StringPtr("pwd"),
|
Password: to.StringPtr("pwd"),
|
||||||
},
|
},
|
||||||
}))
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
func (suite *RegistryConvertTestSuite) TestRegistryNameWithoutProtocol() {
|
func TestRegistryNameWithoutProtocol(t *testing.T) {
|
||||||
suite.loader.On(getAllCredentials).Return(registry("index.docker.io", userPwdCreds("toto", "pwd")), nil)
|
loader := &MockRegistryLoader{}
|
||||||
|
loader.On(getAllCredentials).Return(registry("index.docker.io", userPwdCreds("toto", "pwd")), nil)
|
||||||
|
|
||||||
creds, err := getRegistryCredentials(composeServices("gtardif/privateimg"), suite.loader)
|
creds, err := getRegistryCredentials(composeServices("gtardif/privateimg"), loader)
|
||||||
Expect(err).To(BeNil())
|
assert.NilError(t, err)
|
||||||
Expect(creds).To(Equal([]containerinstance.ImageRegistryCredential{
|
assert.DeepEqual(t, creds, []containerinstance.ImageRegistryCredential{
|
||||||
{
|
{
|
||||||
Server: to.StringPtr(dockerHub),
|
Server: to.StringPtr(dockerHub),
|
||||||
Username: to.StringPtr("toto"),
|
Username: to.StringPtr("toto"),
|
||||||
Password: to.StringPtr("pwd"),
|
Password: to.StringPtr("pwd"),
|
||||||
},
|
},
|
||||||
}))
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
func (suite *RegistryConvertTestSuite) TestImageWithDotInName() {
|
func TestInvalidCredentials(t *testing.T) {
|
||||||
suite.loader.On(getAllCredentials).Return(registry("index.docker.io", userPwdCreds("toto", "pwd")), nil)
|
loader := &MockRegistryLoader{}
|
||||||
|
loader.On(getAllCredentials).Return(registry("18.195.159.6:444", userPwdCreds("toto", "pwd")), nil)
|
||||||
|
|
||||||
creds, err := getRegistryCredentials(composeServices("my.image"), suite.loader)
|
creds, err := getRegistryCredentials(composeServices("gtardif/privateimg"), loader)
|
||||||
Expect(err).To(BeNil())
|
assert.NilError(t, err)
|
||||||
Expect(creds).To(Equal([]containerinstance.ImageRegistryCredential{
|
assert.Equal(t, len(creds), 0)
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestImageWithDotInName(t *testing.T) {
|
||||||
|
loader := &MockRegistryLoader{}
|
||||||
|
loader.On(getAllCredentials).Return(registry("index.docker.io", userPwdCreds("toto", "pwd")), nil)
|
||||||
|
|
||||||
|
creds, err := getRegistryCredentials(composeServices("my.image"), loader)
|
||||||
|
assert.NilError(t, err)
|
||||||
|
assert.DeepEqual(t, creds, []containerinstance.ImageRegistryCredential{
|
||||||
{
|
{
|
||||||
Server: to.StringPtr(dockerHub),
|
Server: to.StringPtr(dockerHub),
|
||||||
Username: to.StringPtr("toto"),
|
Username: to.StringPtr("toto"),
|
||||||
Password: to.StringPtr("pwd"),
|
Password: to.StringPtr("pwd"),
|
||||||
},
|
},
|
||||||
}))
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
func (suite *RegistryConvertTestSuite) TestAcrPrivateImage() {
|
func TestAcrPrivateImage(t *testing.T) {
|
||||||
suite.loader.On(getAllCredentials).Return(registry("https://mycontainerregistrygta.azurecr.io", tokenCreds("123456")), nil)
|
loader := &MockRegistryLoader{}
|
||||||
|
loader.On(getAllCredentials).Return(registry("https://mycontainerregistrygta.azurecr.io", tokenCreds("123456")), nil)
|
||||||
|
|
||||||
creds, err := getRegistryCredentials(composeServices("mycontainerregistrygta.azurecr.io/privateimg"), suite.loader)
|
creds, err := getRegistryCredentials(composeServices("mycontainerregistrygta.azurecr.io/privateimg"), loader)
|
||||||
Expect(err).To(BeNil())
|
assert.NilError(t, err)
|
||||||
Expect(creds).To(Equal([]containerinstance.ImageRegistryCredential{
|
assert.DeepEqual(t, creds, []containerinstance.ImageRegistryCredential{
|
||||||
{
|
{
|
||||||
Server: to.StringPtr("mycontainerregistrygta.azurecr.io"),
|
Server: to.StringPtr("mycontainerregistrygta.azurecr.io"),
|
||||||
Username: to.StringPtr(tokenUsername),
|
Username: to.StringPtr(tokenUsername),
|
||||||
Password: to.StringPtr("123456"),
|
Password: to.StringPtr("123456"),
|
||||||
},
|
},
|
||||||
}))
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
func (suite *RegistryConvertTestSuite) TestAcrPrivateImageLinux() {
|
func TestAcrPrivateImageLinux(t *testing.T) {
|
||||||
|
loader := &MockRegistryLoader{}
|
||||||
token := tokenCreds("123456")
|
token := tokenCreds("123456")
|
||||||
token.Username = tokenUsername
|
token.Username = tokenUsername
|
||||||
suite.loader.On(getAllCredentials).Return(registry("https://mycontainerregistrygta.azurecr.io", token), nil)
|
loader.On(getAllCredentials).Return(registry("https://mycontainerregistrygta.azurecr.io", token), nil)
|
||||||
|
|
||||||
creds, err := getRegistryCredentials(composeServices("mycontainerregistrygta.azurecr.io/privateimg"), suite.loader)
|
creds, err := getRegistryCredentials(composeServices("mycontainerregistrygta.azurecr.io/privateimg"), loader)
|
||||||
Expect(err).To(BeNil())
|
assert.NilError(t, err)
|
||||||
Expect(creds).To(Equal([]containerinstance.ImageRegistryCredential{
|
assert.DeepEqual(t, creds, []containerinstance.ImageRegistryCredential{
|
||||||
{
|
{
|
||||||
Server: to.StringPtr("mycontainerregistrygta.azurecr.io"),
|
Server: to.StringPtr("mycontainerregistrygta.azurecr.io"),
|
||||||
Username: to.StringPtr(tokenUsername),
|
Username: to.StringPtr(tokenUsername),
|
||||||
Password: to.StringPtr("123456"),
|
Password: to.StringPtr("123456"),
|
||||||
},
|
},
|
||||||
}))
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
func (suite *RegistryConvertTestSuite) TestNoMoreRegistriesThanImages() {
|
func TestNoMoreRegistriesThanImages(t *testing.T) {
|
||||||
|
loader := &MockRegistryLoader{}
|
||||||
configs := map[string]cliconfigtypes.AuthConfig{
|
configs := map[string]cliconfigtypes.AuthConfig{
|
||||||
"https://mycontainerregistrygta.azurecr.io": tokenCreds("123456"),
|
"https://mycontainerregistrygta.azurecr.io": tokenCreds("123456"),
|
||||||
"https://index.docker.io": userPwdCreds("toto", "pwd"),
|
"https://index.docker.io": userPwdCreds("toto", "pwd"),
|
||||||
}
|
}
|
||||||
suite.loader.On(getAllCredentials).Return(configs, nil)
|
loader.On(getAllCredentials).Return(configs, nil)
|
||||||
|
|
||||||
creds, err := getRegistryCredentials(composeServices("mycontainerregistrygta.azurecr.io/privateimg"), suite.loader)
|
creds, err := getRegistryCredentials(composeServices("mycontainerregistrygta.azurecr.io/privateimg"), loader)
|
||||||
Expect(err).To(BeNil())
|
assert.NilError(t, err)
|
||||||
Expect(creds).To(Equal([]containerinstance.ImageRegistryCredential{
|
assert.DeepEqual(t, creds, []containerinstance.ImageRegistryCredential{
|
||||||
{
|
{
|
||||||
Server: to.StringPtr("mycontainerregistrygta.azurecr.io"),
|
Server: to.StringPtr("mycontainerregistrygta.azurecr.io"),
|
||||||
Username: to.StringPtr(tokenUsername),
|
Username: to.StringPtr(tokenUsername),
|
||||||
Password: to.StringPtr("123456"),
|
Password: to.StringPtr("123456"),
|
||||||
},
|
},
|
||||||
}))
|
})
|
||||||
|
|
||||||
creds, err = getRegistryCredentials(composeServices("someuser/privateimg"), suite.loader)
|
creds, err = getRegistryCredentials(composeServices("someuser/privateimg"), loader)
|
||||||
Expect(err).To(BeNil())
|
assert.NilError(t, err)
|
||||||
Expect(creds).To(Equal([]containerinstance.ImageRegistryCredential{
|
assert.DeepEqual(t, creds, []containerinstance.ImageRegistryCredential{
|
||||||
{
|
{
|
||||||
Server: to.StringPtr(dockerHub),
|
Server: to.StringPtr(dockerHub),
|
||||||
Username: to.StringPtr("toto"),
|
Username: to.StringPtr("toto"),
|
||||||
Password: to.StringPtr("pwd"),
|
Password: to.StringPtr("pwd"),
|
||||||
},
|
},
|
||||||
}))
|
})
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func (suite *RegistryConvertTestSuite) TestHubAndSeveralACRRegistries() {
|
func TestHubAndSeveralACRRegistries(t *testing.T) {
|
||||||
|
loader := &MockRegistryLoader{}
|
||||||
configs := map[string]cliconfigtypes.AuthConfig{
|
configs := map[string]cliconfigtypes.AuthConfig{
|
||||||
"https://mycontainerregistry1.azurecr.io": tokenCreds("123456"),
|
"https://mycontainerregistry1.azurecr.io": tokenCreds("123456"),
|
||||||
"https://mycontainerregistry2.azurecr.io": tokenCreds("456789"),
|
"https://mycontainerregistry2.azurecr.io": tokenCreds("456789"),
|
||||||
@ -150,21 +156,24 @@ func (suite *RegistryConvertTestSuite) TestHubAndSeveralACRRegistries() {
|
|||||||
"https://index.docker.io": userPwdCreds("toto", "pwd"),
|
"https://index.docker.io": userPwdCreds("toto", "pwd"),
|
||||||
"https://other.registry.io": userPwdCreds("user", "password"),
|
"https://other.registry.io": userPwdCreds("user", "password"),
|
||||||
}
|
}
|
||||||
suite.loader.On(getAllCredentials).Return(configs, nil)
|
loader.On(getAllCredentials).Return(configs, nil)
|
||||||
|
|
||||||
creds, err := getRegistryCredentials(composeServices("mycontainerregistry1.azurecr.io/privateimg", "someuser/privateImg2", "mycontainerregistry2.azurecr.io/privateimg"), suite.loader)
|
creds, err := getRegistryCredentials(composeServices("mycontainerregistry1.azurecr.io/privateimg", "someuser/privateImg2", "mycontainerregistry2.azurecr.io/privateimg"), loader)
|
||||||
Expect(err).To(BeNil())
|
assert.NilError(t, err)
|
||||||
Expect(creds).To(ContainElement(containerinstance.ImageRegistryCredential{
|
|
||||||
|
assert.Assert(t, cmp.Contains(creds, containerinstance.ImageRegistryCredential{
|
||||||
Server: to.StringPtr("mycontainerregistry1.azurecr.io"),
|
Server: to.StringPtr("mycontainerregistry1.azurecr.io"),
|
||||||
Username: to.StringPtr(tokenUsername),
|
Username: to.StringPtr(tokenUsername),
|
||||||
Password: to.StringPtr("123456"),
|
Password: to.StringPtr("123456"),
|
||||||
}))
|
}))
|
||||||
Expect(creds).To(ContainElement(containerinstance.ImageRegistryCredential{
|
|
||||||
|
assert.Assert(t, cmp.Contains(creds, containerinstance.ImageRegistryCredential{
|
||||||
Server: to.StringPtr("mycontainerregistry2.azurecr.io"),
|
Server: to.StringPtr("mycontainerregistry2.azurecr.io"),
|
||||||
Username: to.StringPtr(tokenUsername),
|
Username: to.StringPtr(tokenUsername),
|
||||||
Password: to.StringPtr("456789"),
|
Password: to.StringPtr("456789"),
|
||||||
}))
|
}))
|
||||||
Expect(creds).To(ContainElement(containerinstance.ImageRegistryCredential{
|
|
||||||
|
assert.Assert(t, cmp.Contains(creds, containerinstance.ImageRegistryCredential{
|
||||||
Server: to.StringPtr(dockerHub),
|
Server: to.StringPtr(dockerHub),
|
||||||
Username: to.StringPtr("toto"),
|
Username: to.StringPtr("toto"),
|
||||||
Password: to.StringPtr("pwd"),
|
Password: to.StringPtr("pwd"),
|
||||||
@ -204,11 +213,6 @@ func tokenCreds(token string) cliconfigtypes.AuthConfig {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestRegistryConvertTestSuite(t *testing.T) {
|
|
||||||
RegisterTestingT(t)
|
|
||||||
suite.Run(t, new(RegistryConvertTestSuite))
|
|
||||||
}
|
|
||||||
|
|
||||||
type MockRegistryLoader struct {
|
type MockRegistryLoader struct {
|
||||||
mock.Mock
|
mock.Mock
|
||||||
}
|
}
|
||||||
|
Loading…
x
Reference in New Issue
Block a user