zotregistry.io/zot@v1.4.4-0.20231124084042-02a8ed785457/test/blackbox/metrics_minimal.bats (about) 1 # Note: Intended to be run as "make run-blackbox-tests" or "make run-blackbox-ci" 2 # Makefile target installs & checks all necessary tooling 3 # Extra tools that are not covered in Makefile target needs to be added in verify_prerequisites() 4 5 load helpers_zot 6 load helpers_metrics 7 8 function verify_prerequisites() { 9 if [ ! $(command -v curl) ]; then 10 echo "you need to install curl as a prerequisite to running the tests" >&3 11 return 1 12 fi 13 14 if [ ! $(command -v htpasswd) ]; then 15 echo "you need to install htpasswd as a prerequisite to running the tests" >&3 16 return 1 17 fi 18 19 return 0 20 } 21 22 function setup_file() { 23 # verify prerequisites are available 24 if ! $(verify_prerequisites); then 25 exit 1 26 fi 27 28 # Setup zot server 29 zot_root_dir=${BATS_FILE_TMPDIR}/zot 30 echo ${zot_root_dir} >&3 31 zot_log_file=${zot_root_dir}/zot-log.json 32 zot_config_file=${BATS_FILE_TMPDIR}/zot_config.json 33 zot_htpasswd_file=${BATS_FILE_TMPDIR}/zot_htpasswd 34 zot_port=$(get_free_port) 35 echo ${zot_port} > ${BATS_FILE_TMPDIR}/zot.port 36 htpasswd -Bbn ${AUTH_USER} ${AUTH_PASS} >> ${zot_htpasswd_file} 37 htpasswd -Bbn ${METRICS_USER} ${METRICS_PASS} >> ${zot_htpasswd_file} 38 39 mkdir -p ${zot_root_dir} 40 touch ${zot_log_file} 41 cat >${zot_config_file} <<EOF 42 { 43 "distSpecVersion": "1.1.0-dev", 44 "storage": { 45 "rootDirectory": "${zot_root_dir}" 46 }, 47 "http": { 48 "address": "0.0.0.0", 49 "port": "${zot_port}", 50 "auth": { 51 "htpasswd": { 52 "path": "${zot_htpasswd_file}" 53 } 54 }, 55 "accessControl": { 56 "metrics":{ 57 "users": ["${METRICS_USER}"] 58 }, 59 "repositories": { 60 "**": { 61 "anonymousPolicy": [ 62 "read", 63 "create" 64 ], 65 "defaultPolicy": ["read"] 66 } 67 } 68 } 69 }, 70 "log": { 71 "level": "debug", 72 "output": "${zot_log_file}" 73 } 74 } 75 EOF 76 77 zot_serve ${ZOT_MINIMAL_PATH} ${zot_config_file} 78 wait_zot_reachable ${zot_port} 79 80 } 81 82 function teardown() { 83 # conditionally printing on failure is possible from teardown but not from from teardown_file 84 cat ${BATS_FILE_TMPDIR}/zot/zot-log.json 85 } 86 87 function teardown_file() { 88 zot_stop_all 89 } 90 91 @test "unauthorized request to metrics" { 92 # anonymous policy: metrics endpoint should not be available 93 # 401 - http.StatusUnauthorized 94 zot_port=`cat ${BATS_FILE_TMPDIR}/zot.port` 95 run metrics_route_check ${zot_port} "" 401 96 [ "$status" -eq 0 ] 97 # user is not in htpasswd 98 run metrics_route_check ${zot_port} "-u test:wrongpass" 401 99 [ "$status" -eq 0 ] 100 # proper user/pass tuple from htpasswd, but user not allowed to access metrics 101 # 403 - http.StatusForbidden 102 run metrics_route_check ${zot_port} "-u ${AUTH_USER}:${AUTH_PASS}" 403 103 [ "$status" -eq 0 ] 104 } 105 106 @test "authorized request: metrics enabled" { 107 zot_port=`cat ${BATS_FILE_TMPDIR}/zot.port` 108 run metrics_route_check ${zot_port} "-u ${METRICS_USER}:${METRICS_PASS}" 200 109 [ "$status" -eq 0 ] 110 }