def test_parse(image_data: TypingGetTestData): """Test initialization via parsed strings.""" image_name = ImageName.parse(image_data["string"]) assert image_name.digest == image_data["digest"] assert image_name.endpoint == image_data["endpoint"] assert image_name.image == image_data["image"] assert image_name.tag == image_data["tag"] with pytest.raises(ValueError) as exception: ImageName.parse("a:b:c:d") assert str(exception.value).startswith("Unable to parse string:")
def test_parse_string(image_data: TypingGetTestData): """Test string parsing for complex image names.""" result = ImageName._parse_string(image_data["string"]) assert result["digest"] == image_data["digest"] assert result["endpoint"] == image_data["endpoint"] assert result["image"] == image_data["image"] assert result["tag"] == image_data["tag"]
def test_docker_registry_insecure_list( docker_registry_insecure_list: List[DockerRegistryInsecure], pdrf_scale_factor: int ): """Test that an insecure docker registry can be instantiated without images.""" for i in range(pdrf_scale_factor): assert "127.0.0.1" in docker_registry_insecure_list[i].endpoint # Should be there from session level import of 'push_image' decorator on 'test_docker_registry_secure_images' image_name = ImageName.parse("busybox:1.30.1") # Version response = requests.head( f"http://{docker_registry_insecure_list[i].endpoint}/v2/" ) assert response.status_code == 200 if i > 0: continue # Tag list response = requests.get( f"http://{docker_registry_insecure_list[i].endpoint}/v2/{image_name.image}/tags/list" ) assert response.status_code == 200 assert image_name.tag in response.json()["tags"] # Manifest response = requests.head( f"http://{docker_registry_insecure_list[i].endpoint}/v2/{image_name.image}/manifests/{image_name.tag}" ) assert response.status_code == 200 assert "Docker-Content-Digest" in response.headers assert no_duplicates([str(i) for i in docker_registry_insecure_list])
def test___init__(image_data: TypingGetTestData): """Test that image name can be instantiated.""" assert ImageName( digest=image_data["digest"], endpoint=image_data["endpoint"], image=image_data["image"], tag=image_data["tag"], )
def test_docker_registry_secure_list( docker_registry_secure_list: List[DockerRegistrySecure], pdrf_scale_factor: int, request, ): """Test that an secure docker registry can be instantiated with images.""" for i in range(pdrf_scale_factor): assert "127.0.0.1" in docker_registry_secure_list[i].endpoint image_name = ImageName.parse(get_pushed_images(request)[0]) # Version response = requests.head( f"https://{docker_registry_secure_list[i].endpoint}/v2/", headers=docker_registry_secure_list[i].auth_header, verify=str(docker_registry_secure_list[i].cacerts), ) assert response.status_code == 200 if i < 1: # Tag list response = requests.get( f"https://{docker_registry_secure_list[i].endpoint}/v2/{image_name.image}/tags/list", headers=docker_registry_secure_list[i].auth_header, verify=str(docker_registry_secure_list[i].cacerts), ) assert response.status_code == 200 assert image_name.tag in response.json()["tags"] # Manifest response = requests.head( f"https://{docker_registry_secure_list[i].endpoint}/v2/{image_name.image}/manifests/{image_name.tag}", headers=docker_registry_secure_list[i].auth_header, verify=str(docker_registry_secure_list[i].cacerts), ) assert response.status_code == 200 assert "Docker-Content-Digest" in response.headers # Error: Unauthenticated response = requests.head( f"https://{docker_registry_secure_list[i].endpoint}/v2/", verify=str(docker_registry_secure_list[i].cacerts), ) assert response.status_code == 401 # Error: CA not trusted with pytest.raises(SSLError) as exc_info: requests.head( f"https://{docker_registry_secure_list[i].endpoint}/v2/", headers=docker_registry_secure_list[i].auth_header, ) assert "CERTIFICATE_VERIFY_FAILED" in str(exc_info.value) assert no_duplicates([str(i) for i in docker_registry_secure_list])
def test_replicate_image(docker_registry_secure: DockerRegistrySecure, image: str): """Tests that images can be replicated.""" image_name = ImageName.parse(image) replicate_image( docker_registry_secure.docker_client, image_name, docker_registry_secure.endpoint, ) media_type = "application/vnd.docker.distribution.manifest.v2+json" https_connection = HTTPSConnection( context=docker_registry_secure.ssl_context, host=docker_registry_secure.endpoint) if image_name.digest: https_connection.request( "GET", url=f"/v2/{image_name.image}/manifests/{image_name.digest}", headers={ "Accept": media_type, **docker_registry_secure.auth_header }, ) verify_http_response(https_connection, image_name, media_type) if image_name.tag: # TODO: Fixgure out why HTTPSConnection cannot perform multiple requests ?!? https_connection = HTTPSConnection( context=docker_registry_secure.ssl_context, host=docker_registry_secure.endpoint, ) https_connection.request( "GET", url=f"/v2/{image_name.image}/manifests/{image_name.tag}", headers={ "Accept": media_type, **docker_registry_secure.auth_header }, ) verify_http_response(https_connection, image_name, media_type)
def get_test_data() -> Generator[TypingGetTestData, None, None]: """Dynamically initializes test data.""" for endpoint in ["endpoint.io", "endpoint:port", None]: for image in [ "image", "ns0/image", "ns0/ns1/image", "ns0/ns1/ns2/image" ]: for tag in ["tag", None]: for digest in ["sha256:ABCD1234", None]: # Construct a complex string ... string = image if tag: string = f"{string}:{tag}" if digest: string = f"{string}@{digest}" if endpoint: string = f"{endpoint}/{string}" yield { "digest": digest, "endpoint": endpoint, "image": image, "object": ImageName.parse(string), "string": string, "tag": tag, }
def test_docker_registry_insecure(docker_registry_insecure: DockerRegistryInsecure): """Test that an insecure docker registry can be instantiated without images.""" assert "127.0.0.1" in docker_registry_insecure.endpoint # Should be there from session level import of 'push_image' decorator on 'test_docker_registry_secure_images' image_name = ImageName.parse("busybox:1.30.1") # Version response = requests.head(f"http://{docker_registry_insecure.endpoint}/v2/") assert response.status_code == 200 # Tag list response = requests.get( f"http://{docker_registry_insecure.endpoint}/v2/{image_name.image}/tags/list" ) assert response.status_code == 200 assert image_name.tag in response.json()["tags"] # Manifest response = requests.head( f"http://{docker_registry_insecure.endpoint}/v2/{image_name.image}/manifests/{image_name.tag}" ) assert response.status_code == 200 assert "Docker-Content-Digest" in response.headers
def test_replicate_manifest_list(docker_registry_secure: DockerRegistrySecure, manifest_list: str): """Tests that manifest lists can be replicated.""" image_name = ImageName.parse(manifest_list) # Try to retrieve credentials first ... auth_header_src = get_auth_headers(docker_registry_secure, image_name) if not auth_header_src: pytest.skip("Unable to retrieve credentials for: %s", image_name.endpoint) # Replicate all of the manifests referenced in the manifest list ... for image in [ "library/busybox@sha256:4fe8827f51a5e11bb83afa8227cbccb402df840d32c6b633b7ad079bc8144100", "library/busybox@sha256:abc043b5132f825e44eefffc35535b1f24bd3f1bb60b11943863563a46795fdc", "library/busybox@sha256:07717dd5f074de0cf4f7ca8f635cb63aef63d789f15a22ab482a3d27a0a1f881", "library/busybox@sha256:8dfe92e22300734a185375b6316d01aa1a2b0623d425a5e6e406771ba5642bf1", "library/busybox@sha256:3bdba83255bf7c575e31e129b2ddf1c0c32382e112cb051af6c5143c24a5ddbd", "library/busybox@sha256:bb87f507b42a6efe6f1d5382c826f914673a065f4d777b54b52f5414d688837a", "library/busybox@sha256:a09f03056efb5d3facb5077a9e58e83e9bba74ad4d343b2afa92c70b5ae01e2b", "library/busybox@sha256:0b671b6a323d86aa6165883f698b557ca257c3a3ffa1e3152ffb6467e7ac11b3", ]: img_name = ImageName.parse(image) replicate_image( docker_registry_secure.docker_client, img_name, docker_registry_secure.endpoint, ) # Replicate the manifest list ... replicate_manifest_list( image_name, docker_registry_secure.endpoint, auth_header_dest=docker_registry_secure.auth_header, auth_header_src=auth_header_src, ssl_context_dest=docker_registry_secure.ssl_context, ) media_type = "application/vnd.docker.distribution.manifest.list.v2+json" https_connection = HTTPSConnection( context=docker_registry_secure.ssl_context, host=docker_registry_secure.endpoint) if image_name.digest: https_connection.request( "GET", url=f"/v2/{image_name.image}/manifests/{image_name.digest}", headers={ "Accept": media_type, **docker_registry_secure.auth_header }, ) verify_http_response(https_connection, image_name, media_type) if image_name.tag: # TODO: Figure out why HTTPSConnection cannot perform multiple requests ?!? https_connection = HTTPSConnection( context=docker_registry_secure.ssl_context, host=docker_registry_secure.endpoint, ) https_connection.request( "GET", url=f"/v2/{image_name.image}/manifests/{image_name.tag}", headers={ "Accept": media_type, **docker_registry_secure.auth_header }, ) verify_http_response(https_connection, image_name, media_type)