github.com/pwn-term/docker@v0.0.0-20210616085119-6e977cce2565/moby/registry/config_test.go (about) 1 package registry // import "github.com/docker/docker/registry" 2 3 import ( 4 "reflect" 5 "sort" 6 "strings" 7 "testing" 8 9 "gotest.tools/v3/assert" 10 is "gotest.tools/v3/assert/cmp" 11 ) 12 13 func TestLoadAllowNondistributableArtifacts(t *testing.T) { 14 testCases := []struct { 15 registries []string 16 cidrStrs []string 17 hostnames []string 18 err string 19 }{ 20 { 21 registries: []string{"1.2.3.0/24"}, 22 cidrStrs: []string{"1.2.3.0/24"}, 23 }, 24 { 25 registries: []string{"2001:db8::/120"}, 26 cidrStrs: []string{"2001:db8::/120"}, 27 }, 28 { 29 registries: []string{"127.0.0.1"}, 30 hostnames: []string{"127.0.0.1"}, 31 }, 32 { 33 registries: []string{"127.0.0.1:8080"}, 34 hostnames: []string{"127.0.0.1:8080"}, 35 }, 36 { 37 registries: []string{"2001:db8::1"}, 38 hostnames: []string{"2001:db8::1"}, 39 }, 40 { 41 registries: []string{"[2001:db8::1]:80"}, 42 hostnames: []string{"[2001:db8::1]:80"}, 43 }, 44 { 45 registries: []string{"[2001:db8::1]:80"}, 46 hostnames: []string{"[2001:db8::1]:80"}, 47 }, 48 { 49 registries: []string{"1.2.3.0/24", "2001:db8::/120", "127.0.0.1", "127.0.0.1:8080"}, 50 cidrStrs: []string{"1.2.3.0/24", "2001:db8::/120"}, 51 hostnames: []string{"127.0.0.1", "127.0.0.1:8080"}, 52 }, 53 54 { 55 registries: []string{"http://mytest.com"}, 56 err: "allow-nondistributable-artifacts registry http://mytest.com should not contain '://'", 57 }, 58 { 59 registries: []string{"https://mytest.com"}, 60 err: "allow-nondistributable-artifacts registry https://mytest.com should not contain '://'", 61 }, 62 { 63 registries: []string{"HTTP://mytest.com"}, 64 err: "allow-nondistributable-artifacts registry HTTP://mytest.com should not contain '://'", 65 }, 66 { 67 registries: []string{"svn://mytest.com"}, 68 err: "allow-nondistributable-artifacts registry svn://mytest.com should not contain '://'", 69 }, 70 { 71 registries: []string{"-invalid-registry"}, 72 err: "Cannot begin or end with a hyphen", 73 }, 74 { 75 registries: []string{`mytest-.com`}, 76 err: `allow-nondistributable-artifacts registry mytest-.com is not valid: invalid host "mytest-.com"`, 77 }, 78 { 79 registries: []string{`1200:0000:AB00:1234:0000:2552:7777:1313:8080`}, 80 err: `allow-nondistributable-artifacts registry 1200:0000:AB00:1234:0000:2552:7777:1313:8080 is not valid: invalid host "1200:0000:AB00:1234:0000:2552:7777:1313:8080"`, 81 }, 82 { 83 registries: []string{`mytest.com:500000`}, 84 err: `allow-nondistributable-artifacts registry mytest.com:500000 is not valid: invalid port "500000"`, 85 }, 86 { 87 registries: []string{`"mytest.com"`}, 88 err: `allow-nondistributable-artifacts registry "mytest.com" is not valid: invalid host "\"mytest.com\""`, 89 }, 90 { 91 registries: []string{`"mytest.com:5000"`}, 92 err: `allow-nondistributable-artifacts registry "mytest.com:5000" is not valid: invalid host "\"mytest.com"`, 93 }, 94 } 95 for _, testCase := range testCases { 96 config := emptyServiceConfig 97 err := config.LoadAllowNondistributableArtifacts(testCase.registries) 98 if testCase.err == "" { 99 if err != nil { 100 t.Fatalf("expect no error, got '%s'", err) 101 } 102 103 var cidrStrs []string 104 for _, c := range config.AllowNondistributableArtifactsCIDRs { 105 cidrStrs = append(cidrStrs, c.String()) 106 } 107 108 sort.Strings(testCase.cidrStrs) 109 sort.Strings(cidrStrs) 110 if (len(testCase.cidrStrs) > 0 || len(cidrStrs) > 0) && !reflect.DeepEqual(testCase.cidrStrs, cidrStrs) { 111 t.Fatalf("expect AllowNondistributableArtifactsCIDRs to be '%+v', got '%+v'", testCase.cidrStrs, cidrStrs) 112 } 113 114 sort.Strings(testCase.hostnames) 115 sort.Strings(config.AllowNondistributableArtifactsHostnames) 116 if (len(testCase.hostnames) > 0 || len(config.AllowNondistributableArtifactsHostnames) > 0) && !reflect.DeepEqual(testCase.hostnames, config.AllowNondistributableArtifactsHostnames) { 117 t.Fatalf("expect AllowNondistributableArtifactsHostnames to be '%+v', got '%+v'", testCase.hostnames, config.AllowNondistributableArtifactsHostnames) 118 } 119 } else { 120 if err == nil { 121 t.Fatalf("expect error '%s', got no error", testCase.err) 122 } 123 if !strings.Contains(err.Error(), testCase.err) { 124 t.Fatalf("expect error '%s', got '%s'", testCase.err, err) 125 } 126 } 127 } 128 } 129 130 func TestValidateMirror(t *testing.T) { 131 valid := []string{ 132 "http://mirror-1.com", 133 "http://mirror-1.com/", 134 "https://mirror-1.com", 135 "https://mirror-1.com/", 136 "http://localhost", 137 "https://localhost", 138 "http://localhost:5000", 139 "https://localhost:5000", 140 "http://127.0.0.1", 141 "https://127.0.0.1", 142 "http://127.0.0.1:5000", 143 "https://127.0.0.1:5000", 144 } 145 146 invalid := []string{ 147 "!invalid!://%as%", 148 "ftp://mirror-1.com", 149 "http://mirror-1.com/?q=foo", 150 "http://mirror-1.com/v1/", 151 "http://mirror-1.com/v1/?q=foo", 152 "http://mirror-1.com/v1/?q=foo#frag", 153 "http://mirror-1.com?q=foo", 154 "https://mirror-1.com#frag", 155 "https://mirror-1.com/#frag", 156 "http://foo:bar@mirror-1.com/", 157 "https://mirror-1.com/v1/", 158 "https://mirror-1.com/v1/#", 159 "https://mirror-1.com?q", 160 } 161 162 for _, address := range valid { 163 if ret, err := ValidateMirror(address); err != nil || ret == "" { 164 t.Errorf("ValidateMirror(`"+address+"`) got %s %s", ret, err) 165 } 166 } 167 168 for _, address := range invalid { 169 if ret, err := ValidateMirror(address); err == nil || ret != "" { 170 t.Errorf("ValidateMirror(`"+address+"`) got %s %s", ret, err) 171 } 172 } 173 } 174 175 func TestLoadInsecureRegistries(t *testing.T) { 176 testCases := []struct { 177 registries []string 178 index string 179 err string 180 }{ 181 { 182 registries: []string{"127.0.0.1"}, 183 index: "127.0.0.1", 184 }, 185 { 186 registries: []string{"127.0.0.1:8080"}, 187 index: "127.0.0.1:8080", 188 }, 189 { 190 registries: []string{"2001:db8::1"}, 191 index: "2001:db8::1", 192 }, 193 { 194 registries: []string{"[2001:db8::1]:80"}, 195 index: "[2001:db8::1]:80", 196 }, 197 { 198 registries: []string{"http://mytest.com"}, 199 index: "mytest.com", 200 }, 201 { 202 registries: []string{"https://mytest.com"}, 203 index: "mytest.com", 204 }, 205 { 206 registries: []string{"HTTP://mytest.com"}, 207 index: "mytest.com", 208 }, 209 { 210 registries: []string{"svn://mytest.com"}, 211 err: "insecure registry svn://mytest.com should not contain '://'", 212 }, 213 { 214 registries: []string{"-invalid-registry"}, 215 err: "Cannot begin or end with a hyphen", 216 }, 217 { 218 registries: []string{`mytest-.com`}, 219 err: `insecure registry mytest-.com is not valid: invalid host "mytest-.com"`, 220 }, 221 { 222 registries: []string{`1200:0000:AB00:1234:0000:2552:7777:1313:8080`}, 223 err: `insecure registry 1200:0000:AB00:1234:0000:2552:7777:1313:8080 is not valid: invalid host "1200:0000:AB00:1234:0000:2552:7777:1313:8080"`, 224 }, 225 { 226 registries: []string{`mytest.com:500000`}, 227 err: `insecure registry mytest.com:500000 is not valid: invalid port "500000"`, 228 }, 229 { 230 registries: []string{`"mytest.com"`}, 231 err: `insecure registry "mytest.com" is not valid: invalid host "\"mytest.com\""`, 232 }, 233 { 234 registries: []string{`"mytest.com:5000"`}, 235 err: `insecure registry "mytest.com:5000" is not valid: invalid host "\"mytest.com"`, 236 }, 237 } 238 for _, testCase := range testCases { 239 config := emptyServiceConfig 240 err := config.LoadInsecureRegistries(testCase.registries) 241 if testCase.err == "" { 242 if err != nil { 243 t.Fatalf("expect no error, got '%s'", err) 244 } 245 match := false 246 for index := range config.IndexConfigs { 247 if index == testCase.index { 248 match = true 249 } 250 } 251 if !match { 252 t.Fatalf("expect index configs to contain '%s', got %+v", testCase.index, config.IndexConfigs) 253 } 254 } else { 255 if err == nil { 256 t.Fatalf("expect error '%s', got no error", testCase.err) 257 } 258 if !strings.Contains(err.Error(), testCase.err) { 259 t.Fatalf("expect error '%s', got '%s'", testCase.err, err) 260 } 261 } 262 } 263 } 264 265 func TestNewServiceConfig(t *testing.T) { 266 testCases := []struct { 267 opts ServiceOptions 268 errStr string 269 }{ 270 { 271 ServiceOptions{}, 272 "", 273 }, 274 { 275 ServiceOptions{ 276 Mirrors: []string{"example.com:5000"}, 277 }, 278 `invalid mirror: unsupported scheme "example.com" in "example.com:5000"`, 279 }, 280 { 281 ServiceOptions{ 282 Mirrors: []string{"http://example.com:5000"}, 283 }, 284 "", 285 }, 286 { 287 ServiceOptions{ 288 InsecureRegistries: []string{"[fe80::]/64"}, 289 }, 290 `insecure registry [fe80::]/64 is not valid: invalid host "[fe80::]/64"`, 291 }, 292 { 293 ServiceOptions{ 294 InsecureRegistries: []string{"102.10.8.1/24"}, 295 }, 296 "", 297 }, 298 { 299 ServiceOptions{ 300 AllowNondistributableArtifacts: []string{"[fe80::]/64"}, 301 }, 302 `allow-nondistributable-artifacts registry [fe80::]/64 is not valid: invalid host "[fe80::]/64"`, 303 }, 304 { 305 ServiceOptions{ 306 AllowNondistributableArtifacts: []string{"102.10.8.1/24"}, 307 }, 308 "", 309 }, 310 } 311 312 for _, testCase := range testCases { 313 _, err := newServiceConfig(testCase.opts) 314 if testCase.errStr != "" { 315 assert.Check(t, is.Error(err, testCase.errStr)) 316 } else { 317 assert.Check(t, err) 318 } 319 } 320 } 321 322 func TestValidateIndexName(t *testing.T) { 323 valid := []struct { 324 index string 325 expect string 326 }{ 327 { 328 index: "index.docker.io", 329 expect: "docker.io", 330 }, 331 { 332 index: "example.com", 333 expect: "example.com", 334 }, 335 { 336 index: "127.0.0.1:8080", 337 expect: "127.0.0.1:8080", 338 }, 339 { 340 index: "mytest-1.com", 341 expect: "mytest-1.com", 342 }, 343 { 344 index: "mirror-1.com/v1/?q=foo", 345 expect: "mirror-1.com/v1/?q=foo", 346 }, 347 } 348 349 for _, testCase := range valid { 350 result, err := ValidateIndexName(testCase.index) 351 if assert.Check(t, err) { 352 assert.Check(t, is.Equal(testCase.expect, result)) 353 } 354 355 } 356 357 } 358 359 func TestValidateIndexNameWithError(t *testing.T) { 360 invalid := []struct { 361 index string 362 err string 363 }{ 364 { 365 index: "docker.io-", 366 err: "invalid index name (docker.io-). Cannot begin or end with a hyphen", 367 }, 368 { 369 index: "-example.com", 370 err: "invalid index name (-example.com). Cannot begin or end with a hyphen", 371 }, 372 { 373 index: "mirror-1.com/v1/?q=foo-", 374 err: "invalid index name (mirror-1.com/v1/?q=foo-). Cannot begin or end with a hyphen", 375 }, 376 } 377 for _, testCase := range invalid { 378 _, err := ValidateIndexName(testCase.index) 379 assert.Check(t, is.Error(err, testCase.err)) 380 } 381 }