github.com/pwn-term/docker@v0.0.0-20210616085119-6e977cce2565/moby/registry/registry_mock_test.go (about)

     1  package registry // import "github.com/docker/docker/registry"
     2  
     3  import (
     4  	"encoding/json"
     5  	"errors"
     6  	"fmt"
     7  	"io"
     8  	"io/ioutil"
     9  	"net"
    10  	"net/http"
    11  	"net/http/httptest"
    12  	"net/url"
    13  	"strconv"
    14  	"strings"
    15  	"testing"
    16  	"time"
    17  
    18  	"github.com/docker/distribution/reference"
    19  	registrytypes "github.com/docker/docker/api/types/registry"
    20  	"github.com/gorilla/mux"
    21  
    22  	"github.com/sirupsen/logrus"
    23  )
    24  
    25  var (
    26  	testHTTPServer  *httptest.Server
    27  	testHTTPSServer *httptest.Server
    28  	testLayers      = map[string]map[string]string{
    29  		"77dbf71da1d00e3fbddc480176eac8994025630c6590d11cfc8fe1209c2a1d20": {
    30  			"json": `{"id":"77dbf71da1d00e3fbddc480176eac8994025630c6590d11cfc8fe1209c2a1d20",
    31  				"comment":"test base image","created":"2013-03-23T12:53:11.10432-07:00",
    32  				"container_config":{"Hostname":"","User":"","Memory":0,"MemorySwap":0,
    33  				"CpuShares":0,"AttachStdin":false,"AttachStdout":false,"AttachStderr":false,
    34  				"Tty":false,"OpenStdin":false,"StdinOnce":false,
    35  				"Env":null,"Cmd":null,"Dns":null,"Image":"","Volumes":null,
    36  				"VolumesFrom":"","Entrypoint":null},"Size":424242}`,
    37  			"checksum_simple": "sha256:1ac330d56e05eef6d438586545ceff7550d3bdcb6b19961f12c5ba714ee1bb37",
    38  			"checksum_tarsum": "tarsum+sha256:4409a0685741ca86d38df878ed6f8cbba4c99de5dc73cd71aef04be3bb70be7c",
    39  			"ancestry":        `["77dbf71da1d00e3fbddc480176eac8994025630c6590d11cfc8fe1209c2a1d20"]`,
    40  			"layer": string([]byte{
    41  				0x1f, 0x8b, 0x08, 0x08, 0x0e, 0xb0, 0xee, 0x51, 0x02, 0x03, 0x6c, 0x61, 0x79, 0x65,
    42  				0x72, 0x2e, 0x74, 0x61, 0x72, 0x00, 0xed, 0xd2, 0x31, 0x0e, 0xc2, 0x30, 0x0c, 0x05,
    43  				0x50, 0xcf, 0x9c, 0xc2, 0x27, 0x48, 0xed, 0x38, 0x4e, 0xce, 0x13, 0x44, 0x2b, 0x66,
    44  				0x62, 0x24, 0x8e, 0x4f, 0xa0, 0x15, 0x63, 0xb6, 0x20, 0x21, 0xfc, 0x96, 0xbf, 0x78,
    45  				0xb0, 0xf5, 0x1d, 0x16, 0x98, 0x8e, 0x88, 0x8a, 0x2a, 0xbe, 0x33, 0xef, 0x49, 0x31,
    46  				0xed, 0x79, 0x40, 0x8e, 0x5c, 0x44, 0x85, 0x88, 0x33, 0x12, 0x73, 0x2c, 0x02, 0xa8,
    47  				0xf0, 0x05, 0xf7, 0x66, 0xf5, 0xd6, 0x57, 0x69, 0xd7, 0x7a, 0x19, 0xcd, 0xf5, 0xb1,
    48  				0x6d, 0x1b, 0x1f, 0xf9, 0xba, 0xe3, 0x93, 0x3f, 0x22, 0x2c, 0xb6, 0x36, 0x0b, 0xf6,
    49  				0xb0, 0xa9, 0xfd, 0xe7, 0x94, 0x46, 0xfd, 0xeb, 0xd1, 0x7f, 0x2c, 0xc4, 0xd2, 0xfb,
    50  				0x97, 0xfe, 0x02, 0x80, 0xe4, 0xfd, 0x4f, 0x77, 0xae, 0x6d, 0x3d, 0x81, 0x73, 0xce,
    51  				0xb9, 0x7f, 0xf3, 0x04, 0x41, 0xc1, 0xab, 0xc6, 0x00, 0x0a, 0x00, 0x00,
    52  			}),
    53  		},
    54  		"42d718c941f5c532ac049bf0b0ab53f0062f09a03afd4aa4a02c098e46032b9d": {
    55  			"json": `{"id":"42d718c941f5c532ac049bf0b0ab53f0062f09a03afd4aa4a02c098e46032b9d",
    56  				"parent":"77dbf71da1d00e3fbddc480176eac8994025630c6590d11cfc8fe1209c2a1d20",
    57  				"comment":"test base image","created":"2013-03-23T12:55:11.10432-07:00",
    58  				"container_config":{"Hostname":"","User":"","Memory":0,"MemorySwap":0,
    59  				"CpuShares":0,"AttachStdin":false,"AttachStdout":false,"AttachStderr":false,
    60  				"Tty":false,"OpenStdin":false,"StdinOnce":false,
    61  				"Env":null,"Cmd":null,"Dns":null,"Image":"","Volumes":null,
    62  				"VolumesFrom":"","Entrypoint":null},"Size":424242}`,
    63  			"checksum_simple": "sha256:bea7bf2e4bacd479344b737328db47b18880d09096e6674165533aa994f5e9f2",
    64  			"checksum_tarsum": "tarsum+sha256:68fdb56fb364f074eec2c9b3f85ca175329c4dcabc4a6a452b7272aa613a07a2",
    65  			"ancestry": `["42d718c941f5c532ac049bf0b0ab53f0062f09a03afd4aa4a02c098e46032b9d",
    66  				"77dbf71da1d00e3fbddc480176eac8994025630c6590d11cfc8fe1209c2a1d20"]`,
    67  			"layer": string([]byte{
    68  				0x1f, 0x8b, 0x08, 0x08, 0xbd, 0xb3, 0xee, 0x51, 0x02, 0x03, 0x6c, 0x61, 0x79, 0x65,
    69  				0x72, 0x2e, 0x74, 0x61, 0x72, 0x00, 0xed, 0xd1, 0x31, 0x0e, 0xc2, 0x30, 0x0c, 0x05,
    70  				0x50, 0xcf, 0x9c, 0xc2, 0x27, 0x48, 0x9d, 0x38, 0x8e, 0xcf, 0x53, 0x51, 0xaa, 0x56,
    71  				0xea, 0x44, 0x82, 0xc4, 0xf1, 0x09, 0xb4, 0xea, 0x98, 0x2d, 0x48, 0x08, 0xbf, 0xe5,
    72  				0x2f, 0x1e, 0xfc, 0xf5, 0xdd, 0x00, 0xdd, 0x11, 0x91, 0x8a, 0xe0, 0x27, 0xd3, 0x9e,
    73  				0x14, 0xe2, 0x9e, 0x07, 0xf4, 0xc1, 0x2b, 0x0b, 0xfb, 0xa4, 0x82, 0xe4, 0x3d, 0x93,
    74  				0x02, 0x0a, 0x7c, 0xc1, 0x23, 0x97, 0xf1, 0x5e, 0x5f, 0xc9, 0xcb, 0x38, 0xb5, 0xee,
    75  				0xea, 0xd9, 0x3c, 0xb7, 0x4b, 0xbe, 0x7b, 0x9c, 0xf9, 0x23, 0xdc, 0x50, 0x6e, 0xb9,
    76  				0xb8, 0xf2, 0x2c, 0x5d, 0xf7, 0x4f, 0x31, 0xb6, 0xf6, 0x4f, 0xc7, 0xfe, 0x41, 0x55,
    77  				0x63, 0xdd, 0x9f, 0x89, 0x09, 0x90, 0x6c, 0xff, 0xee, 0xae, 0xcb, 0xba, 0x4d, 0x17,
    78  				0x30, 0xc6, 0x18, 0xf3, 0x67, 0x5e, 0xc1, 0xed, 0x21, 0x5d, 0x00, 0x0a, 0x00, 0x00,
    79  			}),
    80  		},
    81  	}
    82  	testRepositories = map[string]map[string]string{
    83  		"foo42/bar": {
    84  			"latest": "42d718c941f5c532ac049bf0b0ab53f0062f09a03afd4aa4a02c098e46032b9d",
    85  			"test":   "42d718c941f5c532ac049bf0b0ab53f0062f09a03afd4aa4a02c098e46032b9d",
    86  		},
    87  	}
    88  	mockHosts = map[string][]net.IP{
    89  		"":            {net.ParseIP("0.0.0.0")},
    90  		"localhost":   {net.ParseIP("127.0.0.1"), net.ParseIP("::1")},
    91  		"example.com": {net.ParseIP("42.42.42.42")},
    92  		"other.com":   {net.ParseIP("43.43.43.43")},
    93  	}
    94  )
    95  
    96  func init() {
    97  	r := mux.NewRouter()
    98  
    99  	// /v1/
   100  	r.HandleFunc("/v1/_ping", handlerGetPing).Methods(http.MethodGet)
   101  	r.HandleFunc("/v1/images/{image_id:[^/]+}/{action:json|layer|ancestry}", handlerGetImage).Methods(http.MethodGet)
   102  	r.HandleFunc("/v1/images/{image_id:[^/]+}/{action:json|layer|checksum}", handlerPutImage).Methods(http.MethodPut)
   103  	r.HandleFunc("/v1/repositories/{repository:.+}/tags", handlerGetDeleteTags).Methods(http.MethodGet, http.MethodDelete)
   104  	r.HandleFunc("/v1/repositories/{repository:.+}/tags/{tag:.+}", handlerGetTag).Methods(http.MethodGet)
   105  	r.HandleFunc("/v1/repositories/{repository:.+}/tags/{tag:.+}", handlerPutTag).Methods(http.MethodPut)
   106  	r.HandleFunc("/v1/users{null:.*}", handlerUsers).Methods(http.MethodGet, http.MethodPost, http.MethodPut)
   107  	r.HandleFunc("/v1/repositories/{repository:.+}{action:/images|/}", handlerImages).Methods(http.MethodGet, http.MethodPut, http.MethodDelete)
   108  	r.HandleFunc("/v1/repositories/{repository:.+}/auth", handlerAuth).Methods(http.MethodPut)
   109  	r.HandleFunc("/v1/search", handlerSearch).Methods(http.MethodGet)
   110  
   111  	// /v2/
   112  	r.HandleFunc("/v2/version", handlerGetPing).Methods(http.MethodGet)
   113  
   114  	testHTTPServer = httptest.NewServer(handlerAccessLog(r))
   115  	testHTTPSServer = httptest.NewTLSServer(handlerAccessLog(r))
   116  
   117  	// override net.LookupIP
   118  	lookupIP = func(host string) ([]net.IP, error) {
   119  		if host == "127.0.0.1" {
   120  			// I believe in future Go versions this will fail, so let's fix it later
   121  			return net.LookupIP(host)
   122  		}
   123  		for h, addrs := range mockHosts {
   124  			if host == h {
   125  				return addrs, nil
   126  			}
   127  			for _, addr := range addrs {
   128  				if addr.String() == host {
   129  					return []net.IP{addr}, nil
   130  				}
   131  			}
   132  		}
   133  		return nil, errors.New("lookup: no such host")
   134  	}
   135  }
   136  
   137  func handlerAccessLog(handler http.Handler) http.Handler {
   138  	logHandler := func(w http.ResponseWriter, r *http.Request) {
   139  		logrus.Debugf("%s \"%s %s\"", r.RemoteAddr, r.Method, r.URL)
   140  		handler.ServeHTTP(w, r)
   141  	}
   142  	return http.HandlerFunc(logHandler)
   143  }
   144  
   145  func makeURL(req string) string {
   146  	return testHTTPServer.URL + req
   147  }
   148  
   149  func makeHTTPSURL(req string) string {
   150  	return testHTTPSServer.URL + req
   151  }
   152  
   153  func makeIndex(req string) *registrytypes.IndexInfo {
   154  	index := &registrytypes.IndexInfo{
   155  		Name: makeURL(req),
   156  	}
   157  	return index
   158  }
   159  
   160  func makeHTTPSIndex(req string) *registrytypes.IndexInfo {
   161  	index := &registrytypes.IndexInfo{
   162  		Name: makeHTTPSURL(req),
   163  	}
   164  	return index
   165  }
   166  
   167  func makePublicIndex() *registrytypes.IndexInfo {
   168  	index := &registrytypes.IndexInfo{
   169  		Name:     IndexServer,
   170  		Secure:   true,
   171  		Official: true,
   172  	}
   173  	return index
   174  }
   175  
   176  func makeServiceConfig(mirrors []string, insecureRegistries []string) (*serviceConfig, error) {
   177  	options := ServiceOptions{
   178  		Mirrors:            mirrors,
   179  		InsecureRegistries: insecureRegistries,
   180  	}
   181  
   182  	return newServiceConfig(options)
   183  }
   184  
   185  func writeHeaders(w http.ResponseWriter) {
   186  	h := w.Header()
   187  	h.Add("Server", "docker-tests/mock")
   188  	h.Add("Expires", "-1")
   189  	h.Add("Content-Type", "application/json")
   190  	h.Add("Pragma", "no-cache")
   191  	h.Add("Cache-Control", "no-cache")
   192  	h.Add("X-Docker-Registry-Version", "0.0.0")
   193  	h.Add("X-Docker-Registry-Config", "mock")
   194  }
   195  
   196  func writeResponse(w http.ResponseWriter, message interface{}, code int) {
   197  	writeHeaders(w)
   198  	w.WriteHeader(code)
   199  	body, err := json.Marshal(message)
   200  	if err != nil {
   201  		io.WriteString(w, err.Error())
   202  		return
   203  	}
   204  	w.Write(body)
   205  }
   206  
   207  func readJSON(r *http.Request, dest interface{}) error {
   208  	body, err := ioutil.ReadAll(r.Body)
   209  	if err != nil {
   210  		return err
   211  	}
   212  	return json.Unmarshal(body, dest)
   213  }
   214  
   215  func apiError(w http.ResponseWriter, message string, code int) {
   216  	body := map[string]string{
   217  		"error": message,
   218  	}
   219  	writeResponse(w, body, code)
   220  }
   221  
   222  func assertEqual(t *testing.T, a interface{}, b interface{}, message string) {
   223  	if a == b {
   224  		return
   225  	}
   226  	if len(message) == 0 {
   227  		message = fmt.Sprintf("%v != %v", a, b)
   228  	}
   229  	t.Fatal(message)
   230  }
   231  
   232  func assertNotEqual(t *testing.T, a interface{}, b interface{}, message string) {
   233  	if a != b {
   234  		return
   235  	}
   236  	if len(message) == 0 {
   237  		message = fmt.Sprintf("%v == %v", a, b)
   238  	}
   239  	t.Fatal(message)
   240  }
   241  
   242  // Similar to assertEqual, but does not stop test
   243  func checkEqual(t *testing.T, a interface{}, b interface{}, messagePrefix string) {
   244  	if a == b {
   245  		return
   246  	}
   247  	message := fmt.Sprintf("%v != %v", a, b)
   248  	if len(messagePrefix) != 0 {
   249  		message = messagePrefix + ": " + message
   250  	}
   251  	t.Error(message)
   252  }
   253  
   254  // Similar to assertNotEqual, but does not stop test
   255  func checkNotEqual(t *testing.T, a interface{}, b interface{}, messagePrefix string) {
   256  	if a != b {
   257  		return
   258  	}
   259  	message := fmt.Sprintf("%v == %v", a, b)
   260  	if len(messagePrefix) != 0 {
   261  		message = messagePrefix + ": " + message
   262  	}
   263  	t.Error(message)
   264  }
   265  
   266  func requiresAuth(w http.ResponseWriter, r *http.Request) bool {
   267  	writeCookie := func() {
   268  		value := fmt.Sprintf("FAKE-SESSION-%d", time.Now().UnixNano())
   269  		cookie := &http.Cookie{Name: "session", Value: value, MaxAge: 3600}
   270  		http.SetCookie(w, cookie)
   271  		// FIXME(sam): this should be sent only on Index routes
   272  		value = fmt.Sprintf("FAKE-TOKEN-%d", time.Now().UnixNano())
   273  		w.Header().Add("X-Docker-Token", value)
   274  	}
   275  	if len(r.Cookies()) > 0 {
   276  		writeCookie()
   277  		return true
   278  	}
   279  	if len(r.Header.Get("Authorization")) > 0 {
   280  		writeCookie()
   281  		return true
   282  	}
   283  	w.Header().Add("WWW-Authenticate", "token")
   284  	apiError(w, "Wrong auth", http.StatusUnauthorized)
   285  	return false
   286  }
   287  
   288  func handlerGetPing(w http.ResponseWriter, r *http.Request) {
   289  	writeResponse(w, true, http.StatusOK)
   290  }
   291  
   292  func handlerGetImage(w http.ResponseWriter, r *http.Request) {
   293  	if !requiresAuth(w, r) {
   294  		return
   295  	}
   296  	vars := mux.Vars(r)
   297  	layer, exists := testLayers[vars["image_id"]]
   298  	if !exists {
   299  		http.NotFound(w, r)
   300  		return
   301  	}
   302  	writeHeaders(w)
   303  	layerSize := len(layer["layer"])
   304  	w.Header().Add("X-Docker-Size", strconv.Itoa(layerSize))
   305  	io.WriteString(w, layer[vars["action"]])
   306  }
   307  
   308  func handlerPutImage(w http.ResponseWriter, r *http.Request) {
   309  	if !requiresAuth(w, r) {
   310  		return
   311  	}
   312  	vars := mux.Vars(r)
   313  	imageID := vars["image_id"]
   314  	action := vars["action"]
   315  	layer, exists := testLayers[imageID]
   316  	if !exists {
   317  		if action != "json" {
   318  			http.NotFound(w, r)
   319  			return
   320  		}
   321  		layer = make(map[string]string)
   322  		testLayers[imageID] = layer
   323  	}
   324  	if checksum := r.Header.Get("X-Docker-Checksum"); checksum != "" {
   325  		if checksum != layer["checksum_simple"] && checksum != layer["checksum_tarsum"] {
   326  			apiError(w, "Wrong checksum", http.StatusBadRequest)
   327  			return
   328  		}
   329  	}
   330  	body, err := ioutil.ReadAll(r.Body)
   331  	if err != nil {
   332  		apiError(w, fmt.Sprintf("Error: %s", err), http.StatusInternalServerError)
   333  		return
   334  	}
   335  	layer[action] = string(body)
   336  	writeResponse(w, true, http.StatusOK)
   337  }
   338  
   339  func handlerGetDeleteTags(w http.ResponseWriter, r *http.Request) {
   340  	if !requiresAuth(w, r) {
   341  		return
   342  	}
   343  	repositoryName, err := reference.WithName(mux.Vars(r)["repository"])
   344  	if err != nil {
   345  		apiError(w, "Could not parse repository", http.StatusBadRequest)
   346  		return
   347  	}
   348  	tags, exists := testRepositories[repositoryName.String()]
   349  	if !exists {
   350  		apiError(w, "Repository not found", http.StatusNotFound)
   351  		return
   352  	}
   353  	if r.Method == http.MethodDelete {
   354  		delete(testRepositories, repositoryName.String())
   355  		writeResponse(w, true, http.StatusOK)
   356  		return
   357  	}
   358  	writeResponse(w, tags, http.StatusOK)
   359  }
   360  
   361  func handlerGetTag(w http.ResponseWriter, r *http.Request) {
   362  	if !requiresAuth(w, r) {
   363  		return
   364  	}
   365  	vars := mux.Vars(r)
   366  	repositoryName, err := reference.WithName(vars["repository"])
   367  	if err != nil {
   368  		apiError(w, "Could not parse repository", http.StatusBadRequest)
   369  		return
   370  	}
   371  	tagName := vars["tag"]
   372  	tags, exists := testRepositories[repositoryName.String()]
   373  	if !exists {
   374  		apiError(w, "Repository not found", http.StatusNotFound)
   375  		return
   376  	}
   377  	tag, exists := tags[tagName]
   378  	if !exists {
   379  		apiError(w, "Tag not found", http.StatusNotFound)
   380  		return
   381  	}
   382  	writeResponse(w, tag, http.StatusOK)
   383  }
   384  
   385  func handlerPutTag(w http.ResponseWriter, r *http.Request) {
   386  	if !requiresAuth(w, r) {
   387  		return
   388  	}
   389  	vars := mux.Vars(r)
   390  	repositoryName, err := reference.WithName(vars["repository"])
   391  	if err != nil {
   392  		apiError(w, "Could not parse repository", http.StatusBadRequest)
   393  		return
   394  	}
   395  	tagName := vars["tag"]
   396  	tags, exists := testRepositories[repositoryName.String()]
   397  	if !exists {
   398  		tags = make(map[string]string)
   399  		testRepositories[repositoryName.String()] = tags
   400  	}
   401  	tagValue := ""
   402  	readJSON(r, tagValue)
   403  	tags[tagName] = tagValue
   404  	writeResponse(w, true, http.StatusOK)
   405  }
   406  
   407  func handlerUsers(w http.ResponseWriter, r *http.Request) {
   408  	code := http.StatusOK
   409  	if r.Method == http.MethodPost {
   410  		code = http.StatusCreated
   411  	} else if r.Method == http.MethodPut {
   412  		code = http.StatusNoContent
   413  	}
   414  	writeResponse(w, "", code)
   415  }
   416  
   417  func handlerImages(w http.ResponseWriter, r *http.Request) {
   418  	u, _ := url.Parse(testHTTPServer.URL)
   419  	w.Header().Add("X-Docker-Endpoints", fmt.Sprintf("%s 	,  %s ", u.Host, "test.example.com"))
   420  	w.Header().Add("X-Docker-Token", fmt.Sprintf("FAKE-SESSION-%d", time.Now().UnixNano()))
   421  	if r.Method == http.MethodPut {
   422  		if strings.HasSuffix(r.URL.Path, "images") {
   423  			writeResponse(w, "", http.StatusNoContent)
   424  			return
   425  		}
   426  		writeResponse(w, "", http.StatusOK)
   427  		return
   428  	}
   429  	if r.Method == http.MethodDelete {
   430  		writeResponse(w, "", http.StatusNoContent)
   431  		return
   432  	}
   433  	var images []map[string]string
   434  	for imageID, layer := range testLayers {
   435  		image := make(map[string]string)
   436  		image["id"] = imageID
   437  		image["checksum"] = layer["checksum_tarsum"]
   438  		image["Tag"] = "latest"
   439  		images = append(images, image)
   440  	}
   441  	writeResponse(w, images, http.StatusOK)
   442  }
   443  
   444  func handlerAuth(w http.ResponseWriter, r *http.Request) {
   445  	writeResponse(w, "OK", http.StatusOK)
   446  }
   447  
   448  func handlerSearch(w http.ResponseWriter, r *http.Request) {
   449  	result := &registrytypes.SearchResults{
   450  		Query:      "fakequery",
   451  		NumResults: 1,
   452  		Results:    []registrytypes.SearchResult{{Name: "fakeimage", StarCount: 42}},
   453  	}
   454  	writeResponse(w, result, http.StatusOK)
   455  }
   456  
   457  func TestPing(t *testing.T) {
   458  	res, err := http.Get(makeURL("/v1/_ping"))
   459  	if err != nil {
   460  		t.Fatal(err)
   461  	}
   462  	assertEqual(t, res.StatusCode, http.StatusOK, "")
   463  	assertEqual(t, res.Header.Get("X-Docker-Registry-Config"), "mock",
   464  		"This is not a Mocked Registry")
   465  }
   466  
   467  /* Uncomment this to test Mocked Registry locally with curl
   468   * WARNING: Don't push on the repos uncommented, it'll block the tests
   469   *
   470  func TestWait(t *testing.T) {
   471  	logrus.Println("Test HTTP server ready and waiting:", testHTTPServer.URL)
   472  	c := make(chan int)
   473  	<-c
   474  }
   475  
   476  //*/