def test_build_remote_with_registry_auth(self):
self.client._auth_configs = auth.AuthConfig({
'auths': {
'https://example.com': {
'user': '******',
'password': '******',
'email': '*****@*****.**'
}
}
})
expected_params = {
't': None,
'q': False,
'dockerfile': None,
'rm': False,
'nocache': False,
'pull': False,
'forcerm': False,
'remote': 'https://github.com/docker-library/mongo'
}
expected_headers = {
'X-Registry-Config':
auth.encode_header(self.client._auth_configs.auths)
}
self.client.build(path='https://github.com/docker-library/mongo')
fake_request.assert_called_with('POST',
url_prefix + 'build',
stream=True,
data=None,
headers=expected_headers,
params=expected_params,
timeout=None)
def test_get_credential_store_no_default(self):
auth_config = auth.AuthConfig({
'credHelpers': {
'registry1.io': 'truesecret',
'registry2.io': 'powerlock'
},
})
assert auth_config.get_credential_store('registry2.io') == 'powerlock'
assert auth_config.get_credential_store('registry3.io') is None
def setUp(self):
self.authconfig = auth.AuthConfig({'credsStore': 'default'})
self.default_store = InMemoryStore('default')
self.authconfig._stores['default'] = self.default_store
self.default_store.store(
'https://gensokyo.jp/v2', 'sakuya', 'izayoi',
)
self.default_store.store(
'https://default.com/v2', 'user', 'hunter2',
)
def test_get_credential_store_default_index(self):
auth_config = auth.AuthConfig({
'credHelpers': {
'https://index.docker.io/v1/': 'powerlock'
},
'credsStore': 'truesecret'
})
assert auth_config.get_credential_store(None) == 'powerlock'
assert auth_config.get_credential_store('docker.io') == 'powerlock'
assert auth_config.get_credential_store('images.io') == 'truesecret'
def test_get_credential_store(self):
auth_config = auth.AuthConfig({
'credHelpers': {
'registry1.io': 'truesecret',
'registry2.io': 'powerlock'
},
'credsStore': 'blackbox',
})
assert auth_config.get_credential_store('registry1.io') == 'truesecret'
assert auth_config.get_credential_store('registry2.io') == 'powerlock'
assert auth_config.get_credential_store('registry3.io') == 'blackbox'
def test_resolve_auth_with_empty_credstore_and_auth_dict(self):
auth_config = auth.AuthConfig({
'auths':
auth.parse_auth({
'https://index.docker.io/v1/': self.index_config,
}),
'credsStore':
'blackbox'
})
with mock.patch(
'docker.auth.AuthConfig._resolve_authconfig_credstore') as m:
m.return_value = None
assert 'indexuser' == auth.resolve_authconfig(auth_config,
None)['username']
def test_set_auth_headers_with_empty_dict_and_auth_configs(self):
self.client._auth_configs = auth.AuthConfig({
'auths': {
'https://example.com': {
'user': '******',
'password': '******',
'email': '*****@*****.**'
}
}
})
headers = {}
expected_headers = {
'X-Registry-Config':
auth.encode_header(self.client._auth_configs.auths)
}
self.client._set_auth_headers(headers)
assert headers == expected_headers
class ResolveAuthTest(unittest.TestCase):
index_config = {'auth': encode_auth({'username': '******'})}
private_config = {'auth': encode_auth({'username': '******'})}
legacy_config = {'auth': encode_auth({'username': '******'})}
auth_config = auth.AuthConfig({
'auths':
auth.parse_auth({
'https://index.docker.io/v1/': index_config,
'my.registry.net': private_config,
'http://legacy.registry.url/v1/': legacy_config,
})
})
def test_resolve_authconfig_hostname_only(self):
assert auth.resolve_authconfig(
self.auth_config, 'my.registry.net')['username'] == 'privateuser'
def test_resolve_authconfig_no_protocol(self):
assert auth.resolve_authconfig(
self.auth_config,
'my.registry.net/v1/')['username'] == 'privateuser'
def test_resolve_authconfig_no_path(self):
assert auth.resolve_authconfig(
self.auth_config,
'http://my.registry.net')['username'] == 'privateuser'
def test_resolve_authconfig_no_path_trailing_slash(self):
assert auth.resolve_authconfig(
self.auth_config,
'http://my.registry.net/')['username'] == 'privateuser'
def test_resolve_authconfig_no_path_wrong_secure_proto(self):
assert auth.resolve_authconfig(
self.auth_config,
'https://my.registry.net')['username'] == 'privateuser'
def test_resolve_authconfig_no_path_wrong_insecure_proto(self):
assert auth.resolve_authconfig(
self.auth_config,
'http://index.docker.io')['username'] == 'indexuser'
def test_resolve_authconfig_path_wrong_proto(self):
assert auth.resolve_authconfig(
self.auth_config,
'https://my.registry.net/v1/')['username'] == 'privateuser'
def test_resolve_authconfig_default_registry(self):
assert auth.resolve_authconfig(
self.auth_config)['username'] == 'indexuser'
def test_resolve_authconfig_default_explicit_none(self):
assert auth.resolve_authconfig(self.auth_config,
None)['username'] == 'indexuser'
def test_resolve_authconfig_fully_explicit(self):
assert auth.resolve_authconfig(
self.auth_config,
'http://my.registry.net/v1/')['username'] == 'privateuser'
def test_resolve_authconfig_legacy_config(self):
assert auth.resolve_authconfig(
self.auth_config,
'legacy.registry.url')['username'] == 'legacyauth'
def test_resolve_authconfig_no_match(self):
assert auth.resolve_authconfig(self.auth_config,
'does.not.exist') is None
def test_resolve_registry_and_auth_library_image(self):
image = 'image'
assert auth.resolve_authconfig(
self.auth_config,
auth.resolve_repository_name(image)[0])['username'] == 'indexuser'
def test_resolve_registry_and_auth_hub_image(self):
image = 'username/image'
assert auth.resolve_authconfig(
self.auth_config,
auth.resolve_repository_name(image)[0])['username'] == 'indexuser'
def test_resolve_registry_and_auth_explicit_hub(self):
image = 'docker.io/username/image'
assert auth.resolve_authconfig(
self.auth_config,
auth.resolve_repository_name(image)[0])['username'] == 'indexuser'
def test_resolve_registry_and_auth_explicit_legacy_hub(self):
image = 'index.docker.io/username/image'
assert auth.resolve_authconfig(
self.auth_config,
auth.resolve_repository_name(image)[0])['username'] == 'indexuser'
def test_resolve_registry_and_auth_private_registry(self):
image = 'my.registry.net/image'
assert auth.resolve_authconfig(self.auth_config,
auth.resolve_repository_name(image)
[0])['username'] == 'privateuser'
def test_resolve_registry_and_auth_unauthenticated_registry(self):
image = 'other.registry.net/image'
assert auth.resolve_authconfig(
self.auth_config,
auth.resolve_repository_name(image)[0]) is None
def test_resolve_auth_with_empty_credstore_and_auth_dict(self):
auth_config = auth.AuthConfig({
'auths':
auth.parse_auth({
'https://index.docker.io/v1/': self.index_config,
}),
'credsStore':
'blackbox'
})
with mock.patch(
'docker.auth.AuthConfig._resolve_authconfig_credstore') as m:
m.return_value = None
assert 'indexuser' == auth.resolve_authconfig(auth_config,
None)['username']
