zotregistry.io/zot@v1.4.4-0.20231124084042-02a8ed785457/test/blackbox/pushpull_authn.bats

zotregistry.io/zot@v1.4.4-0.20231124084042-02a8ed785457/test/blackbox/pushpull_authn.bats (about)

     1  load helpers_zot
     2  
     3  function verify_prerequisites {
     4      if [ ! $(command -v curl) ]; then
     5          echo "you need to install curl as a prerequisite to running the tests" >&3
     6          return 1
     7      fi
     8  
     9      if [ ! $(command -v jq) ]; then
    10          echo "you need to install jq as a prerequisite to running the tests" >&3
    11          return 1
    12      fi
    13  
    14      if [ ! $(command -v htpasswd) ]; then
    15          echo "you need to install htpasswd as a prerequisite to running the tests" >&3
    16          return 1
    17      fi
    18  
    19      return 0
    20  }
    21  
    22  function setup_file() {
    23      # Verify prerequisites are available
    24      if ! $(verify_prerequisites); then
    25          exit 1
    26      fi
    27  
    28      # Download test data to folder common for the entire suite, not just this file
    29      skopeo --insecure-policy copy --format=oci docker://ghcr.io/project-zot/test-images/busybox:1.36 oci:${TEST_DATA_DIR}/busybox:1.36
    30  
    31      # Setup zot server
    32      local zot_root_dir=${BATS_FILE_TMPDIR}/zot
    33      local zot_config_file=${BATS_FILE_TMPDIR}/zot_config.json
    34      local zot_htpasswd_file=${BATS_FILE_TMPDIR}/zot_htpasswd
    35      zot_port=$(get_free_port)
    36      echo ${zot_port} > ${BATS_FILE_TMPDIR}/zot.port
    37      htpasswd -Bbn ${AUTH_USER} ${AUTH_PASS} >> ${zot_htpasswd_file}
    38  
    39      echo ${zot_root_dir} >&3
    40  
    41      mkdir -p ${zot_root_dir}
    42  
    43      cat > ${zot_config_file}<<EOF
    44  {
    45    "distSpecVersion":"1.1.0-dev",
    46    "storage":{
    47      "dedupe": true,
    48      "gc": true,
    49      "gcDelay": "1h",
    50      "gcInterval": "6h",
    51      "rootDirectory": "${zot_root_dir}"
    52    },
    53    "http": {
    54  		"address": "127.0.0.1",
    55  		"port": "${zot_port}",
    56      "realm":"zot",
    57      "auth": {
    58        "htpasswd": {
    59          "path": "${zot_htpasswd_file}"
    60        },
    61        "failDelay": 5
    62      },
    63      "accessControl": {
    64        "repositories": {
    65          "**": {
    66            "anonymousPolicy": ["read"],
    67            "defaultPolicy": ["read", "create"]
    68          }
    69        },
    70        "adminPolicy": {
    71          "users": ["admin"],
    72          "actions": ["read", "create", "update", "delete"]
    73        }
    74      }
    75    },
    76    "log":{
    77      "level":"debug",
    78      "output": "${BATS_FILE_TMPDIR}/zot.log"
    79    }
    80  }
    81  EOF
    82      zot_serve ${ZOT_PATH} ${zot_config_file}
    83      wait_zot_reachable ${zot_port}
    84  }
    85  
    86  function teardown() {
    87      # conditionally printing on failure is possible from teardown but not from from teardown_file
    88      cat ${BATS_FILE_TMPDIR}/zot.log
    89  }
    90  
    91  function teardown_file() {
    92      zot_stop_all
    93  }
    94  
    95  @test "push image with regclient" {
    96      zot_port=`cat ${BATS_FILE_TMPDIR}/zot.port`
    97      run regctl registry set localhost:${zot_port} --tls disabled
    98      run regctl registry login localhost:${zot_port} -u ${AUTH_USER} -p ${AUTH_PASS}
    99      [ "$status" -eq 0 ]
   100      run regctl image copy ocidir://${TEST_DATA_DIR}/busybox:1.36 localhost:${zot_port}/test-regclient
   101      [ "$status" -eq 0 ]
   102  }
   103  
   104  @test "pull image with regclient" {
   105      zot_port=`cat ${BATS_FILE_TMPDIR}/zot.port`
   106      run regctl image copy localhost:${zot_port}/test-regclient ocidir://${TEST_DATA_DIR}/busybox:latest
   107      [ "$status" -eq 0 ]
   108  }
   109  
   110  @test "push OCI artifact with regclient" {
   111      zot_port=`cat ${BATS_FILE_TMPDIR}/zot.port`
   112      run regctl artifact put localhost:${zot_port}/artifact:demo <<EOF
   113  this is an artifact
   114  EOF
   115      [ "$status" -eq 0 ]
   116  }
   117  
   118  @test "pull OCI artifact with regclient" {
   119      zot_port=`cat ${BATS_FILE_TMPDIR}/zot.port`
   120      run regctl manifest get localhost:${zot_port}/artifact:demo
   121      [ "$status" -eq 0 ]
   122      run regctl artifact get localhost:${zot_port}/artifact:demo
   123      [ "$status" -eq 0 ]
   124      [ "${lines[-1]}" == "this is an artifact" ]
   125  }
   126  
   127  @test "push OCI artifact references with regclient" {
   128      zot_port=`cat ${BATS_FILE_TMPDIR}/zot.port`
   129      run regctl artifact put localhost:${zot_port}/manifest-ref:demo <<EOF
   130  test artifact
   131  EOF
   132      [ "$status" -eq 0 ]
   133      run regctl artifact list localhost:${zot_port}/manifest-ref:demo --format raw-body
   134      [ "$status" -eq 0 ]
   135      [ $(echo "${lines[-1]}" | jq '.manifests | length') -eq 0 ]
   136      run regctl artifact put --annotation  demo=true --annotation format=oci --artifact-type "application/vnd.example.icecream.v1" --subject localhost:${zot_port}/manifest-ref:demo << EOF
   137  test reference
   138  EOF
   139      [ "$status" -eq 0 ]
   140      # with artifact media-type
   141      run regctl artifact put localhost:${zot_port}/artifact-ref:demo <<EOF
   142  test artifact
   143  EOF
   144      [ "$status" -eq 0 ]
   145      run regctl artifact list localhost:${zot_port}/artifact-ref:demo --format raw-body
   146      [ "$status" -eq 0 ]
   147      [ $(echo "${lines[-1]}" | jq '.manifests | length') -eq 0 ]
   148      run regctl artifact put --annotation  demo=true --annotation format=oci --artifact-type "application/vnd.example.icecream.v1" --subject localhost:${zot_port}/artifact-ref:demo << EOF
   149  test reference
   150  EOF
   151      [ "$status" -eq 0 ]
   152  }
   153  
   154  @test "list OCI artifact references with regclient" {
   155      zot_port=`cat ${BATS_FILE_TMPDIR}/zot.port`
   156      run regctl artifact list localhost:${zot_port}/manifest-ref:demo --format raw-body
   157      [ "$status" -eq 0 ]
   158      [ $(echo "${lines[-1]}" | jq '.manifests | length') -eq 1 ]
   159      run regctl artifact list --filter-artifact-type "application/vnd.example.icecream.v1" localhost:${zot_port}/manifest-ref:demo --format raw-body
   160      [ "$status" -eq 0 ]
   161      [ $(echo "${lines[-1]}" | jq '.manifests | length') -eq 1 ]
   162      run regctl artifact list --filter-artifact-type "application/invalid" localhost:${zot_port}/manifest-ref:demo --format raw-body
   163      [ "$status" -eq 0 ]
   164      [ $(echo "${lines[-1]}" | jq '.manifests | length') -eq 0 ]
   165      # with artifact media-type
   166      run regctl artifact list localhost:${zot_port}/artifact-ref:demo --format raw-body
   167      [ "$status" -eq 0 ]
   168      [ $(echo "${lines[-1]}" | jq '.manifests | length') -eq 1 ]
   169      run regctl artifact list --filter-artifact-type "application/vnd.example.icecream.v1" localhost:${zot_port}/artifact-ref:demo --format raw-body
   170      [ "$status" -eq 0 ]
   171      [ $(echo "${lines[-1]}" | jq '.manifests | length') -eq 1 ]
   172      run regctl artifact list --filter-artifact-type "application/invalid" localhost:${zot_port}/artifact-ref:demo --format raw-body
   173      [ "$status" -eq 0 ]
   174      [ $(echo "${lines[-1]}" | jq '.manifests | length') -eq 0 ]
   175  }