zotregistry.io/zot@v1.4.4-0.20231124084042-02a8ed785457/pkg/storage/local/local_elevated_test.go

zotregistry.io/zot@v1.4.4-0.20231124084042-02a8ed785457/pkg/storage/local/local_elevated_test.go (about)

     1  //go:build needprivileges
     2  // +build needprivileges
     3  
     4  package local_test
     5  
     6  import (
     7  	"bytes"
     8  	_ "crypto/sha256"
     9  	"os"
    10  	"os/exec"
    11  	"path"
    12  	"strings"
    13  	"testing"
    14  
    15  	godigest "github.com/opencontainers/go-digest"
    16  	"github.com/rs/zerolog"
    17  	. "github.com/smartystreets/goconvey/convey"
    18  
    19  	"zotregistry.io/zot/pkg/extensions/monitoring"
    20  	"zotregistry.io/zot/pkg/log"
    21  	"zotregistry.io/zot/pkg/storage"
    22  	"zotregistry.io/zot/pkg/storage/cache"
    23  	"zotregistry.io/zot/pkg/storage/local"
    24  )
    25  
    26  func TestElevatedPrivilegesInvalidDedupe(t *testing.T) {
    27  	Convey("Invalid dedupe scenarios", t, func() {
    28  		dir := t.TempDir()
    29  
    30  		log := log.Logger{Logger: zerolog.New(os.Stdout)}
    31  		metrics := monitoring.NewMetricsServer(false, log)
    32  
    33  		cacheDriver, _ := storage.Create("boltdb", cache.BoltDBDriverParameters{
    34  			RootDir:     dir,
    35  			Name:        "cache",
    36  			UseRelPaths: true,
    37  		}, log)
    38  		imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver)
    39  
    40  		upload, err := imgStore.NewBlobUpload("dedupe1")
    41  		So(err, ShouldBeNil)
    42  		So(upload, ShouldNotBeEmpty)
    43  
    44  		content := []byte("test-data3")
    45  		buf := bytes.NewBuffer(content)
    46  		buflen := buf.Len()
    47  		digest := godigest.FromBytes(content)
    48  		blob, err := imgStore.PutBlobChunkStreamed("dedupe1", upload, buf)
    49  		So(err, ShouldBeNil)
    50  		So(blob, ShouldEqual, buflen)
    51  
    52  		blobDigest1 := strings.Split(digest.String(), ":")[1]
    53  		So(blobDigest1, ShouldNotBeEmpty)
    54  
    55  		err = imgStore.FinishBlobUpload("dedupe1", upload, buf, digest)
    56  		So(err, ShouldBeNil)
    57  		So(blob, ShouldEqual, buflen)
    58  
    59  		// Create a file at the same place where FinishBlobUpload will create
    60  		err = imgStore.InitRepo("dedupe2")
    61  		So(err, ShouldBeNil)
    62  
    63  		err = os.MkdirAll(path.Join(dir, "dedupe2", "blobs/sha256"), 0o755)
    64  		if err != nil {
    65  			panic(err)
    66  		}
    67  
    68  		err = os.WriteFile(path.Join(dir, "dedupe2", "blobs/sha256", blobDigest1), content, 0o755) //nolint: gosec
    69  		if err != nil {
    70  			panic(err)
    71  		}
    72  
    73  		upload, err = imgStore.NewBlobUpload("dedupe2")
    74  		So(err, ShouldBeNil)
    75  		So(upload, ShouldNotBeEmpty)
    76  
    77  		content = []byte("test-data3")
    78  		buf = bytes.NewBuffer(content)
    79  		buflen = buf.Len()
    80  		digest = godigest.FromBytes(content)
    81  		blob, err = imgStore.PutBlobChunkStreamed("dedupe2", upload, buf)
    82  		So(err, ShouldBeNil)
    83  		So(blob, ShouldEqual, buflen)
    84  
    85  		cmd := exec.Command("chattr", "+i", path.Join(dir, "dedupe2", "blobs/sha256", blobDigest1)) //nolint: gosec
    86  		_, err = cmd.Output()
    87  		if err != nil {
    88  			panic(err)
    89  		}
    90  
    91  		err = imgStore.FinishBlobUpload("dedupe2", upload, buf, digest)
    92  		So(err, ShouldNotBeNil)
    93  		So(blob, ShouldEqual, buflen)
    94  
    95  		cmd = exec.Command("chattr", "-i", path.Join(dir, "dedupe2", "blobs/sha256", blobDigest1)) //nolint: gosec
    96  		_, err = cmd.Output()
    97  		if err != nil {
    98  			panic(err)
    99  		}
   100  
   101  		err = imgStore.FinishBlobUpload("dedupe2", upload, buf, digest)
   102  		So(err, ShouldBeNil)
   103  		So(blob, ShouldEqual, buflen)
   104  	})
   105  }