github.com/kubeshop/testkube@v1.17.23/pkg/skopeo/client_test.go

github.com/kubeshop/testkube@v1.17.23/pkg/skopeo/client_test.go (about)

     1  package skopeo
     2  
     3  import (
     4  	"testing"
     5  
     6  	"github.com/stretchr/testify/assert"
     7  	corev1 "k8s.io/api/core/v1"
     8  	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
     9  )
    10  
    11  func TestParseSecretData(t *testing.T) {
    12  	t.Parallel()
    13  
    14  	t.Run("parse docker config base auth", func(t *testing.T) {
    15  		t.Parallel()
    16  
    17  		secret := corev1.Secret{
    18  			Data: map[string][]byte{".dockerconfigjson": []byte("{\"auths\": {\"https://index.docker.io/v1/\": {\"auth\": \"ZG9ja2VyLXVzZXJuYW1lOnlvdXItcmVhbGx5LXJlYWxseS1sb25nLWF1dGgta2V5\"}}}")},
    19  		}
    20  
    21  		out, err := ParseSecretData([]corev1.Secret{secret}, "https://index.docker.io/v1/")
    22  
    23  		assert.Equal(t, 1, len(out))
    24  		assert.Equal(t, "docker-username", out[0].Username)
    25  		assert.Equal(t, "your-really-really-long-auth-key", out[0].Password)
    26  		assert.NoError(t, err)
    27  	})
    28  
    29  	t.Run("parse docker config map", func(t *testing.T) {
    30  		t.Parallel()
    31  
    32  		secret := corev1.Secret{
    33  			Data: map[string][]byte{".dockercfg": []byte("{\"https://index.docker.io/v1/\": {\"auth\": \"ZG9ja2VyLXVzZXJuYW1lOnlvdXItcmVhbGx5LXJlYWxseS1sb25nLWF1dGgta2V5\"}}")},
    34  		}
    35  
    36  		out, err := ParseSecretData([]corev1.Secret{secret}, "https://index.docker.io/v1/")
    37  
    38  		assert.Equal(t, 1, len(out))
    39  		assert.Equal(t, "docker-username", out[0].Username)
    40  		assert.Equal(t, "your-really-really-long-auth-key", out[0].Password)
    41  		assert.NoError(t, err)
    42  	})
    43  
    44  	t.Run("parse docker config plain credentials", func(t *testing.T) {
    45  		t.Parallel()
    46  
    47  		secret := corev1.Secret{
    48  			Data: map[string][]byte{".dockerconfigjson": []byte("{\"auths\": {\"https://index.docker.io/v1/\": {\"username\": \"plainuser\", \"password\": \"plainpass\"}}}")},
    49  		}
    50  
    51  		out, err := ParseSecretData([]corev1.Secret{secret}, "https://index.docker.io/v1/")
    52  
    53  		assert.Equal(t, 1, len(out))
    54  		assert.Equal(t, "plainuser", out[0].Username)
    55  		assert.Equal(t, "plainpass", out[0].Password)
    56  		assert.NoError(t, err)
    57  	})
    58  
    59  	t.Run("parse docker config missed registry", func(t *testing.T) {
    60  		t.Parallel()
    61  
    62  		secret := corev1.Secret{
    63  			ObjectMeta: metav1.ObjectMeta{
    64  				Name: "dockercfg",
    65  			},
    66  
    67  			Data: map[string][]byte{".dockerconfigjson": []byte("{\"auths\": {\"https://index.docker.io/v1/\": {\"username\": \"plainuser\", \"password\": \"plainpass\"}}}")},
    68  		}
    69  
    70  		out, err := ParseSecretData([]corev1.Secret{secret}, "fake")
    71  
    72  		assert.Nil(t, out)
    73  		assert.EqualError(t, err, "secret dockercfg is not defined for registry: fake")
    74  	})
    75  
    76  	t.Run("parse docker config missed data", func(t *testing.T) {
    77  		t.Parallel()
    78  
    79  		secret := corev1.Secret{
    80  			ObjectMeta: metav1.ObjectMeta{
    81  				Name: "dockercfg",
    82  			},
    83  		}
    84  
    85  		out, err := ParseSecretData([]corev1.Secret{secret}, "fake")
    86  
    87  		assert.Nil(t, out)
    88  		assert.EqualError(t, err, "imagePullSecret dockercfg contains neither .dockercfg nor .dockerconfigjson")
    89  	})
    90  
    91  	t.Run("parse docker config wrong auth", func(t *testing.T) {
    92  		t.Parallel()
    93  
    94  		secret := corev1.Secret{
    95  			Data: map[string][]byte{".dockerconfigjson": []byte("{\"auths\": {\"https://index.docker.io/v1/\": {\"auth\": \"12345\"}}}")},
    96  		}
    97  
    98  		out, err := ParseSecretData([]corev1.Secret{secret}, "https://index.docker.io/v1/")
    99  
   100  		assert.Nil(t, out)
   101  		assert.ErrorContains(t, err, "illegal base64 data")
   102  	})
   103  
   104  }
   105  
   106  // TestExtractRegistry uses table-driven tests to validate the extractRegistry function.
   107  func TestExtractRegistry(t *testing.T) {
   108  	tests := []struct {
   109  		name     string
   110  		image    string
   111  		expected string
   112  	}{
   113  		{"DockerHub short", "nginx:latest", "https://index.docker.io/v1/"},
   114  		{"DockerHub long", "library/nginx:latest", "https://index.docker.io/v1/"},
   115  		{"GCR", "gcr.io/google-containers/busybox:latest", "gcr.io"},
   116  		{"ECR", "123456789012.dkr.ecr.us-east-1.amazonaws.com/my-application:latest", "123456789012.dkr.ecr.us-east-1.amazonaws.com"},
   117  		{"MCR", "mcr.microsoft.com/dotnet/core/sdk:3.1", "mcr.microsoft.com"},
   118  		{"Quay", "quay.io/bitnami/nginx:latest", "quay.io"},
   119  		{"Custom port", "localhost:5000/myimage:latest", "localhost:5000"},
   120  		{"No tag", "myregistry.com/myimage", "myregistry.com"},
   121  		{"Only image", "myimage", "https://index.docker.io/v1/"},
   122  	}
   123  
   124  	for _, tc := range tests {
   125  		tc := tc
   126  		t.Run(tc.name, func(t *testing.T) {
   127  			got := extractRegistry(tc.image)
   128  			assert.Equal(t, tc.expected, got)
   129  		})
   130  	}
   131  }