zotregistry.io/zot@v1.4.4-0.20231124084042-02a8ed785457/test/blackbox/metrics.bats (about) 1 # Note: Intended to be run as "make run-blackbox-tests" or "make run-blackbox-ci" 2 # Makefile target installs & checks all necessary tooling 3 # Extra tools that are not covered in Makefile target needs to be added in verify_prerequisites() 4 5 load helpers_zot 6 load helpers_metrics 7 8 function verify_prerequisites() { 9 if [ ! $(command -v curl) ]; then 10 echo "you need to install curl as a prerequisite to running the tests" >&3 11 return 1 12 fi 13 14 if [ ! $(command -v htpasswd) ]; then 15 echo "you need to install htpasswd as a prerequisite to running the tests" >&3 16 return 1 17 fi 18 19 return 0 20 } 21 22 function setup_file() { 23 # verify prerequisites are available 24 if ! $(verify_prerequisites); then 25 exit 1 26 fi 27 28 # Setup zot server 29 zot_root_dir=${BATS_FILE_TMPDIR}/zot 30 echo ${zot_root_dir} >&3 31 zot_log_file=${zot_root_dir}/zot-log.json 32 zot_config_file=${BATS_FILE_TMPDIR}/zot_config.json 33 zot_htpasswd_file=${BATS_FILE_TMPDIR}/zot_htpasswd 34 zot_port=$(get_free_port) 35 echo ${zot_port} > ${BATS_FILE_TMPDIR}/zot.port 36 htpasswd -Bbn ${AUTH_USER} ${AUTH_PASS} >> ${zot_htpasswd_file} 37 htpasswd -Bbn ${METRICS_USER} ${METRICS_PASS} >> ${zot_htpasswd_file} 38 39 mkdir -p ${zot_root_dir} 40 touch ${zot_log_file} 41 cat >${zot_config_file} <<EOF 42 { 43 "distSpecVersion": "1.1.0-dev", 44 "storage": { 45 "rootDirectory": "${zot_root_dir}" 46 }, 47 "http": { 48 "address": "0.0.0.0", 49 "port": "${zot_port}", 50 "auth": { 51 "htpasswd": { 52 "path": "${zot_htpasswd_file}" 53 } 54 }, 55 "accessControl": { 56 "metrics":{ 57 "users": ["${METRICS_USER}"] 58 }, 59 "repositories": { 60 "**": { 61 "anonymousPolicy": [ 62 "read" 63 ], 64 "defaultPolicy": ["read","create"] 65 } 66 } 67 } 68 }, 69 "log": { 70 "level": "debug", 71 "output": "${zot_log_file}" 72 }, 73 "extensions": { 74 "metrics": { 75 "enable": true, 76 "prometheus": { 77 "path": "/metrics" 78 } 79 } 80 } 81 } 82 EOF 83 84 zot_serve ${ZOT_PATH} ${zot_config_file} 85 wait_zot_reachable ${zot_port} 86 87 } 88 89 function teardown() { 90 # conditionally printing on failure is possible from teardown but not from from teardown_file 91 cat ${BATS_FILE_TMPDIR}/zot/zot-log.json 92 } 93 94 function teardown_file() { 95 zot_stop_all 96 } 97 98 @test "unauthorized request to metrics" { 99 # anonymous policy: metrics endpoint should not be available 100 # 401 - http.StatusUnauthorized 101 zot_port=`cat ${BATS_FILE_TMPDIR}/zot.port` 102 run metrics_route_check ${zot_port} "" 401 103 [ "$status" -eq 0 ] 104 # user is not in htpasswd 105 run metrics_route_check ${zot_port} "-u unlucky:wrongpass" 401 106 [ "$status" -eq 0 ] 107 # proper user/pass tuple from htpasswd, but user not allowed to access metrics 108 # 403 - http.StatusForbidden 109 run metrics_route_check ${zot_port} "-u ${AUTH_USER}:${AUTH_PASS}" 403 110 [ "$status" -eq 0 ] 111 } 112 113 @test "authorized request: metrics enabled" { 114 zot_port=`cat ${BATS_FILE_TMPDIR}/zot.port` 115 run metrics_route_check ${zot_port} "-u ${METRICS_USER}:${METRICS_PASS}" 200 116 [ "$status" -eq 0 ] 117 }