github.com/juju/juju@v0.0.0-20240430160146-1752b71fcf00/docker/auth_test.go (about) 1 // Copyright 2021 Canonical Ltd. 2 // Licensed under the AGPLv3, see LICENCE file for details. 3 4 package docker_test 5 6 import ( 7 "os" 8 "path/filepath" 9 10 "github.com/juju/testing" 11 jc "github.com/juju/testing/checkers" 12 gc "gopkg.in/check.v1" 13 14 "github.com/juju/juju/docker" 15 ) 16 17 type authSuite struct { 18 testing.IsolationSuite 19 } 20 21 var _ = gc.Suite(&authSuite{}) 22 23 var ( 24 ecrContent = ` 25 { 26 "serveraddress": "66668888.dkr.ecr.eu-west-1.amazonaws.com", 27 "username": "aws_access_key_id", 28 "repository": "test-account", 29 "password": "aws_secret_access_key", 30 "identitytoken": "xxxxx==", 31 "region": "ap-southeast-2" 32 }`[1:] 33 34 quayContent = ` 35 { 36 "serveraddress": "quay.io", 37 "auth": "xxxxx==", 38 "repository": "test-account" 39 } 40 `[1:] 41 ) 42 43 func (s *authSuite) TestNewImageRepoDetailsReadFromFile(c *gc.C) { 44 filename := "my-caas-image-repo-config.json" 45 dir := c.MkDir() 46 fullpath := filepath.Join(dir, filename) 47 err := os.WriteFile(fullpath, []byte(quayContent), 0644) 48 c.Assert(err, jc.ErrorIsNil) 49 imageRepoDetails, err := docker.LoadImageRepoDetails(fullpath) 50 c.Assert(err, jc.ErrorIsNil) 51 c.Assert(imageRepoDetails, jc.DeepEquals, docker.ImageRepoDetails{ 52 Repository: "test-account", 53 ServerAddress: "quay.io", 54 BasicAuthConfig: docker.BasicAuthConfig{ 55 Auth: docker.NewToken("xxxxx=="), 56 }, 57 }) 58 } 59 60 func (s *authSuite) TestNewImageRepoDetailsReadFromContent(c *gc.C) { 61 imageRepoDetails, err := docker.NewImageRepoDetails(quayContent) 62 c.Assert(err, jc.ErrorIsNil) 63 c.Assert(imageRepoDetails, jc.DeepEquals, docker.ImageRepoDetails{ 64 Repository: "test-account", 65 ServerAddress: "quay.io", 66 BasicAuthConfig: docker.BasicAuthConfig{ 67 Auth: docker.NewToken("xxxxx=="), 68 }, 69 }) 70 71 imageRepoDetails, err = docker.NewImageRepoDetails(ecrContent) 72 c.Assert(err, jc.ErrorIsNil) 73 c.Assert(imageRepoDetails, jc.DeepEquals, docker.ImageRepoDetails{ 74 Repository: "test-account", 75 ServerAddress: "66668888.dkr.ecr.eu-west-1.amazonaws.com", 76 Region: "ap-southeast-2", 77 BasicAuthConfig: docker.BasicAuthConfig{ 78 Username: "aws_access_key_id", 79 Password: "aws_secret_access_key", 80 }, 81 TokenAuthConfig: docker.TokenAuthConfig{ 82 IdentityToken: docker.NewToken("xxxxx=="), 83 }, 84 }) 85 } 86 87 func (s *authSuite) TestNewImageRepoDetailsReadDefaultServerAddress(c *gc.C) { 88 data := ` 89 { 90 "auth": "xxxxx==", 91 "repository": "qabot" 92 } 93 `[1:] 94 imageRepoDetails, err := docker.NewImageRepoDetails(data) 95 c.Assert(err, jc.ErrorIsNil) 96 c.Assert(imageRepoDetails, jc.DeepEquals, docker.ImageRepoDetails{ 97 Repository: "qabot", 98 BasicAuthConfig: docker.BasicAuthConfig{ 99 Auth: docker.NewToken("xxxxx=="), 100 }, 101 }) 102 } 103 104 func (s *authSuite) TestValidateImageRepoDetails(c *gc.C) { 105 imageRepoDetails := docker.ImageRepoDetails{} 106 c.Assert(imageRepoDetails.Validate(), gc.ErrorMatches, `empty repository not valid`) 107 108 imageRepoDetails = docker.ImageRepoDetails{ 109 Repository: "bad repo", 110 } 111 c.Assert(imageRepoDetails.Validate(), gc.ErrorMatches, `docker image path "bad repo": invalid reference format`) 112 } 113 114 func (s *authSuite) TestSecretData(c *gc.C) { 115 imageRepoDetails := docker.ImageRepoDetails{ 116 Repository: "quay.io/test-account", 117 ServerAddress: "quay.io", 118 BasicAuthConfig: docker.BasicAuthConfig{ 119 Auth: docker.NewToken("xxxxx=="), 120 }, 121 } 122 data, err := imageRepoDetails.SecretData() 123 c.Assert(err, jc.ErrorIsNil) 124 c.Assert(string(data), jc.DeepEquals, `{"auths":{"quay.io":{"auth":"xxxxx==","username":"","password":"","serveraddress":"quay.io"}}}`) 125 126 imageRepoDetails = docker.ImageRepoDetails{ 127 Repository: "test-account", 128 ServerAddress: "quay.io", 129 } 130 data, err = imageRepoDetails.SecretData() 131 c.Assert(err, jc.ErrorIsNil) 132 c.Assert(len(data), jc.DeepEquals, 0) 133 } 134 135 func (s *authSuite) TestIsPrivate(c *gc.C) { 136 imageRepoDetails := docker.ImageRepoDetails{ 137 Repository: "test-account", 138 ServerAddress: "quay.io", 139 BasicAuthConfig: docker.BasicAuthConfig{ 140 Auth: docker.NewToken("xxxxx=="), 141 }, 142 } 143 c.Assert(imageRepoDetails.IsPrivate(), jc.DeepEquals, true) 144 145 imageRepoDetails = docker.ImageRepoDetails{ 146 Repository: "test-account", 147 ServerAddress: "quay.io", 148 } 149 c.Assert(imageRepoDetails.IsPrivate(), jc.DeepEquals, false) 150 } 151 152 func (s *authSuite) TestAuthEqual(c *gc.C) { 153 imageRepoDetails := docker.ImageRepoDetails{ 154 Repository: "test-account", 155 ServerAddress: "quay.io", 156 BasicAuthConfig: docker.BasicAuthConfig{ 157 Auth: docker.NewToken("xxxxx=="), 158 }, 159 } 160 c.Assert(imageRepoDetails.AuthEqual(imageRepoDetails), jc.DeepEquals, true) 161 162 imageRepoDetails2 := docker.ImageRepoDetails{ 163 Repository: "test-account", 164 BasicAuthConfig: docker.BasicAuthConfig{ 165 Auth: docker.NewToken("xxxxx=="), 166 }, 167 } 168 c.Assert(imageRepoDetails.AuthEqual(imageRepoDetails2), jc.DeepEquals, true) 169 170 imageRepoDetails3 := docker.ImageRepoDetails{ 171 Repository: "test-account", 172 ServerAddress: "quay.io", 173 BasicAuthConfig: docker.BasicAuthConfig{}, 174 } 175 c.Assert(imageRepoDetails.AuthEqual(imageRepoDetails3), jc.DeepEquals, false) 176 } 177 178 func (s *authSuite) TestTokenAuthConfigEmpty(c *gc.C) { 179 cfg := docker.TokenAuthConfig{} 180 c.Assert(cfg.Empty(), jc.DeepEquals, true) 181 182 cfg = docker.TokenAuthConfig{ 183 IdentityToken: docker.NewToken("xxx"), 184 } 185 c.Assert(cfg.Empty(), jc.DeepEquals, false) 186 } 187 188 func (s *authSuite) TestBasicAuthConfigEmpty(c *gc.C) { 189 cfg := docker.BasicAuthConfig{} 190 c.Assert(cfg.Empty(), jc.DeepEquals, true) 191 192 cfg = docker.BasicAuthConfig{ 193 Auth: docker.NewToken("xxxx=="), 194 } 195 c.Assert(cfg.Empty(), jc.DeepEquals, false) 196 cfg = docker.BasicAuthConfig{ 197 Username: "xxx", 198 } 199 c.Assert(cfg.Empty(), jc.DeepEquals, false) 200 cfg = docker.BasicAuthConfig{ 201 Password: "xxx", 202 } 203 c.Assert(cfg.Empty(), jc.DeepEquals, false) 204 } 205 206 func (s *authSuite) TestToken(c *gc.C) { 207 token := docker.NewToken("xxxx==") 208 c.Assert(token, gc.DeepEquals, &docker.Token{Value: "xxxx=="}) 209 c.Assert(token.String(), jc.DeepEquals, `******`) 210 c.Assert(token.Content(), jc.DeepEquals, `xxxx==`) 211 c.Assert(token.Empty(), jc.IsFalse) 212 data, err := token.MarshalJSON() 213 c.Assert(err, jc.ErrorIsNil) 214 c.Assert(data, jc.DeepEquals, []byte(`"xxxx=="`)) 215 216 token.Value = "" 217 c.Assert(token.Empty(), jc.IsTrue) 218 219 token = docker.NewToken("") 220 c.Assert(token.Empty(), jc.IsTrue) 221 c.Assert(token, gc.IsNil) 222 }