def test_resolve_registry_and_auth(self): auth_config = { 'https://index.docker.io/v1/': {'auth': 'indexuser'}, 'my.registry.net': {'auth': 'privateuser'}, } # library image image = 'image' self.assertEqual( resolve_authconfig(auth_config, resolve_repository_name(image)[0]), {'auth': 'indexuser'}, ) # docker hub image image = 'username/image' self.assertEqual( resolve_authconfig(auth_config, resolve_repository_name(image)[0]), {'auth': 'indexuser'}, ) # private registry image = 'my.registry.net/image' self.assertEqual( resolve_authconfig(auth_config, resolve_repository_name(image)[0]), {'auth': 'privateuser'}, ) # unauthenticated registry image = 'other.registry.net/image' self.assertEqual( resolve_authconfig(auth_config, resolve_repository_name(image)[0]), None, )
def test_resolve_repository_name(self): # docker hub library image self.assertEqual(resolve_repository_name("image"), ("index.docker.io", "image")) # docker hub image self.assertEqual(resolve_repository_name("username/image"), ("index.docker.io", "username/image")) # private registry self.assertEqual(resolve_repository_name("my.registry.net/image"), ("my.registry.net", "image")) # private registry with port self.assertEqual(resolve_repository_name("my.registry.net:5000/image"), ("my.registry.net:5000", "image")) # private registry with username self.assertEqual( resolve_repository_name("my.registry.net/username/image"), ("my.registry.net", "username/image") ) # no dots but port self.assertEqual(resolve_repository_name("hostname:5000/image"), ("hostname:5000", "image")) # no dots but port and username self.assertEqual(resolve_repository_name("hostname:5000/username/image"), ("hostname:5000", "username/image")) # localhost self.assertEqual(resolve_repository_name("localhost/image"), ("localhost", "image")) # localhost with username self.assertEqual(resolve_repository_name("localhost/username/image"), ("localhost", "username/image"))
def test_resolve_repository_name(self): # docker hub library image self.assertEqual( resolve_repository_name('image'), ('index.docker.io', 'image'), ) # docker hub image self.assertEqual( resolve_repository_name('username/image'), ('index.docker.io', 'username/image'), ) # private registry self.assertEqual( resolve_repository_name('my.registry.net/image'), ('my.registry.net', 'image'), ) # private registry with port self.assertEqual( resolve_repository_name('my.registry.net:5000/image'), ('my.registry.net:5000', 'image'), ) # private registry with username self.assertEqual( resolve_repository_name('my.registry.net/username/image'), ('my.registry.net', 'username/image'), ) # no dots but port self.assertEqual( resolve_repository_name('hostname:5000/image'), ('hostname:5000', 'image'), ) # no dots but port and username self.assertEqual( resolve_repository_name('hostname:5000/username/image'), ('hostname:5000', 'username/image'), ) # localhost self.assertEqual( resolve_repository_name('localhost/image'), ('localhost', 'image'), ) # localhost with username self.assertEqual( resolve_repository_name('localhost/username/image'), ('localhost', 'username/image'), )
def find_image(self, name, tag): ''' Lookup an image and return the inspection results. ''' if not name: return None self.log("Find image %s:%s" % (name, tag)) images = self._image_lookup(name, tag) if len(images) == 0: # In API <= 1.20 seeing 'docker.io/<name>' as the name of images pulled from docker hub registry, repo_name = auth.resolve_repository_name(name) if registry == 'docker.io': # the name does not contain a registry, so let's see if docker.io works lookup = "docker.io/%s" % name self.log("Check for docker.io image: %s" % lookup) images = self._image_lookup(lookup, tag) if len(images) > 1: self.fail("Registry returned more than one result for %s:%s" % (name, tag)) if len(images) == 1: try: inspection = self.inspect_image(images[0]['Id']) except Exception, exc: self.fail("Error inspecting image %s:%s - %s" % (name, tag, str(exc))) return inspection
def pull(self, repository, tag=None, stream=False): registry, repo_name = auth.resolve_repository_name(repository) if repo_name.count(":") == 1: repository, tag = repository.rsplit(":", 1) params = { 'tag': tag, 'fromImage': repository } headers = {} if utils.compare_version('1.5', self._version) >= 0: if getattr(self, '_cfg', None) is None: self._cfg = auth.load_config() authcfg = auth.resolve_authconfig(self._cfg, registry) # do not fail if no atuhentication exists # for this specific registry as we can have a readonly pull if authcfg: headers['X-Registry-Auth'] = auth.encode_header(authcfg) u = self._url("/images/create") response = self._post(u, params=params, headers=headers, stream=stream, timeout=None) if stream: return self._stream_helper(response) else: return self._result(response)
def test_resolve_registry_and_auth_hub_image(self): image = 'username/image' self.assertEqual( auth.resolve_authconfig( self.auth_config, auth.resolve_repository_name(image)[0] )['username'], 'indexuser', )
def test_resolve_registry_and_auth_explicit_legacy_hub(self): image = 'index.docker.io/username/image' self.assertEqual( auth.resolve_authconfig( self.auth_config, auth.resolve_repository_name(image)[0] )['username'], 'indexuser', )
def test_resolve_registry_and_auth_private_registry(self): image = 'my.registry.net/image' self.assertEqual( auth.resolve_authconfig( self.auth_config, auth.resolve_repository_name(image)[0] )['username'], 'privateuser', )
def test_resolve_registry_and_auth_unauthenticated_registry(self): image = 'other.registry.net/image' self.assertEqual( auth.resolve_authconfig( self.auth_config, auth.resolve_repository_name(image)[0] ), None, )
def test_resolve_registry_and_auth_library_image(self): image = 'image' self.assertEqual( auth.resolve_authconfig( self.auth_config, auth.resolve_repository_name(image)[0] ), {'auth': 'indexuser'}, )
def test_resolve_registry_and_auth(self): auth_config = {"https://index.docker.io/v1/": {"auth": "indexuser"}, "my.registry.net": {"auth": "privateuser"}} # library image image = "image" self.assertEqual(resolve_authconfig(auth_config, resolve_repository_name(image)[0]), {"auth": "indexuser"}) # docker hub image image = "username/image" self.assertEqual(resolve_authconfig(auth_config, resolve_repository_name(image)[0]), {"auth": "indexuser"}) # private registry image = "my.registry.net/image" self.assertEqual(resolve_authconfig(auth_config, resolve_repository_name(image)[0]), {"auth": "privateuser"}) # unauthenticated registry image = "other.registry.net/image" self.assertEqual(resolve_authconfig(auth_config, resolve_repository_name(image)[0]), None)
def test_resolve_repository_name(self): self.assertEqual(resolve_repository_name("root"), (INDEX_URL, "root")) self.assertEqual(resolve_repository_name("root:tag"), (INDEX_URL, "root:tag")) self.assertEqual(resolve_repository_name("root:tag.minor"), (INDEX_URL, "root:tag.minor")) self.assertEqual(resolve_repository_name("user/repo"), (INDEX_URL, "user/repo")) self.assertEqual(resolve_repository_name("user/repo:tag"), (INDEX_URL, "user/repo:tag")) self.assertEqual(resolve_repository_name("localhost:5000/user/repo"), ("http://localhost:5000/v1/", "user/repo")) self.assertEqual(resolve_repository_name("localhost:5000/user/repo:tag"), ("http://localhost:5000/v1/", "user/repo:tag")) self.assertEqual(resolve_repository_name("domain.name:5000/user/repo"), ("http://domain.name:5000/v1/", "user/repo")) self.assertEqual(resolve_repository_name("domain.name:5000/user/repo:tag"), ("http://domain.name:5000/v1/", "user/repo:tag"))
def push(self, repository): registry, repo_name = auth.resolve_repository_name(repository) u = self._url("/images/{0}/push".format(repository)) headers = {} if getattr(self, '_cfg', None) is None: self._cfg = auth.load_config() authcfg = auth.resolve_authconfig(self._cfg, registry) if utils.compare_version('1.5', self._version) >= 0: # do not fail if no atuhentication exists # for this specific registry as we can have an anon push if authcfg: headers['X-Registry-Auth'] = auth.encode_header(authcfg) return self._result(self._post_json(u, None, headers=headers)) return self._result(self._post_json(u, authcfg))
def push(self, repository, authcfg=None): registry, _ = auth.resolve_repository_name(repository) u = self._url("/images/{0}/push".format(repository)) headers = {} if authcfg is None: if getattr(self, '_cfg', None) is None: self._cfg = auth.load_config() authcfg = auth.resolve_authconfig(self._cfg, registry) if utils.compare_version('1.5', self._version) >= 0: # do not fail if no atuhentication exists # for this specific registry as we can have an anon push if authcfg: headers['X-Registry-Auth'] = auth.encode_header(authcfg) response = self._post_json(u, None, headers=headers, stream=True) else: response = self._post_json(u, authcfg, stream=True) response.raise_for_status() return response.iter_content(1)
def push(self, repository, stream=False): registry, repo_name = auth.resolve_repository_name(repository) u = self._url("/images/{0}/push".format(repository)) headers = {} if getattr(self, "_cfg", None) is None: self._cfg = auth.load_config() authcfg = auth.resolve_authconfig(self._cfg, registry) if utils.compare_version("1.5", self._version) >= 0: # do not fail if no atuhentication exists # for this specific registry as we can have an anon push if authcfg: headers["X-Registry-Auth"] = auth.encode_header(authcfg) if stream: return self._stream_helper(self._post_json(u, None, headers=headers, stream=True)) else: return self._result(self._post_json(u, None, headers=headers, stream=False)) if stream: return self._stream_helper(self._post_json(u, authcfg, stream=True)) else: return self._result(self._post_json(u, authcfg, stream=False))
def push_image(self, name, tag=None): ''' If the name of the image contains a repository path, then push the image. :param name Name of the image to push. :param tag Use a specific tag. :return: None ''' repository = name if not tag: repository, tag = parse_repository_tag(name) registry, repo_name = resolve_repository_name(repository) self.log("push %s to %s/%s:%s" % (self.name, registry, repo_name, tag)) if registry: self.results['actions'].append("Pushed image %s to %s/%s:%s" % (self.name, registry, repo_name, tag)) self.results['changed'] = True if not self.check_mode: status = None try: for line in self.client.push(repository, tag=tag, stream=True, decode=True): self.log(line, pretty_print=True) if line.get('errorDetail'): raise Exception(line['errorDetail']['message']) status = line.get('status') except Exception as exc: if re.search('unauthorized', str(exc)): if re.search('authentication required', str(exc)): self.fail("Error pushing image %s/%s:%s - %s. Try logging into %s first." % (registry, repo_name, tag, str(exc), registry)) else: self.fail("Error pushing image %s/%s:%s - %s. Does the repository exist?" % (registry, repo_name, tag, str(exc))) self.fail("Error pushing image %s: %s" % (repository, str(exc))) self.results['image'] = self.client.find_image(name=repository, tag=tag) if not self.results['image']: self.results['image'] = dict() self.results['image']['push_status'] = status
def push_image(self, name, tag=None): ''' Push an image to a repository. :param name - name of the image to push. Type: str :param tag - use a specific tag. Type: str :return: None ''' repository = name if not tag: repository, tag = utils.parse_repository_tag(name) registry, repo_name = auth.resolve_repository_name(repository) if registry: config = auth.load_config() if not auth.resolve_authconfig(config, registry): self.fail("Error: configuration for %s not found. Try logging into %s first." % registry) try: self.log("pushing image %s" % (repository)) status = None if not self.check_mode: self.results['actions'].append("Pushed image %s to %s:%s" % (self.name, self.repository, self.tag)) for line in self.client.push(repository, tag=tag, stream=True): response = json.loads(line) self.log(response, pretty_print=True) if response.get('errorDetail'): # there was an error raise Exception(response['errorDetail']['message']) status = response.get('status') self.results['changed'] = True image = self.client.find_image(name=repository, tag=tag) if image: self.results['image'] = image self.results['image']['push_status'] = status except Exception, exc: if re.search(r'unauthorized', str(exc)): self.fail("Error pushing image %s: %s. Does the repository exist?" % (repository, str(exc))) self.fail("Error pushing image %s: %s" % (repository, str(exc)))
def test_resolve_repository_name_no_dots_but_port_and_username(self): self.assertEqual( auth.resolve_repository_name('hostname:5000/username/image'), ('hostname:5000', 'username/image'), )
def test_resolve_repository_name_localhost(self): self.assertEqual( auth.resolve_repository_name('localhost/image'), ('localhost', 'image'), )
def test_resolve_repository_name_private_registry_with_username(self): assert auth.resolve_repository_name( 'my.registry.net/username/image') == ('my.registry.net', 'username/image')
def parse_id(cls, name): reg_repo, tag = parse_repository_tag(name) reg, repo = resolve_repository_name(reg_repo) return reg, repo, tag
def test_resolve_repository_name_dotted_hub_library_image(self): self.assertEqual( auth.resolve_repository_name('image.valid'), ('docker.io', 'image.valid') )
def test_resolve_repository_name_private_registry(self): assert auth.resolve_repository_name('my.registry.net/image') == ( 'my.registry.net', 'image' )
def test_resolve_repository_name_hub_image(self): self.assertEqual( auth.resolve_repository_name('username/image'), ('index.docker.io', 'username/image'), )
def test_resolve_registry_and_auth_explicit_hub(self): image = 'docker.io/username/image' assert auth.resolve_authconfig( self.auth_config, auth.resolve_repository_name(image)[0] )['username'] == 'indexuser'
def test_resolve_repository_name_hub_image(self): assert auth.resolve_repository_name('username/image') == ( 'docker.io', 'username/image' )
def test_resolve_repository_name_private_registry(self): assert auth.resolve_repository_name('my.registry.net/image') == ( 'my.registry.net', 'image')
def test_resolve_repository_name_localhost(self): assert auth.resolve_repository_name('localhost/image') == ('localhost', 'image')
def test_resolve_repository_name_no_dots_but_port_and_username(self): assert auth.resolve_repository_name( 'hostname:5000/username/image') == ('hostname:5000', 'username/image')
def test_resolve_repository_name_private_registry_with_username(self): self.assertEqual( auth.resolve_repository_name('my.registry.net/username/image'), ('my.registry.net', 'username/image'), )
def test_resolve_repository_name_private_registry_with_username(self): assert auth.resolve_repository_name( 'my.registry.net/username/image' ) == ('my.registry.net', 'username/image')
def test_resolve_repository_name_private_registry_with_port(self): self.assertEqual( auth.resolve_repository_name('my.registry.net:5000/image'), ('my.registry.net:5000', 'image'), )
def test_resolve_repository_name_localhost(self): assert auth.resolve_repository_name('localhost/image') == ( 'localhost', 'image' )
def test_explicit_hub_index_library_image(self): self.assertEqual( auth.resolve_repository_name('docker.io/image'), ('docker.io', 'image') )
def test_invalid_index_name(self): with pytest.raises(errors.InvalidRepository): auth.resolve_repository_name('-gecko.com/image')
def test_invalid_index_name(self): self.assertRaises( errors.InvalidRepository, lambda: auth.resolve_repository_name('-gecko.com/image') )
def test_resolve_repository_name_localhost_with_username(self): self.assertEqual( auth.resolve_repository_name('localhost/username/image'), ('localhost', 'username/image'), )
def test_explicit_legacy_hub_index_library_image(self): assert auth.resolve_repository_name('index.docker.io/image') == ( 'docker.io', 'image')
def test_resolve_repository_name_localhost_with_username(self): assert auth.resolve_repository_name('localhost/username/image') == ( 'localhost', 'username/image')
def test_resolve_repository_name_private_registry_with_port(self): assert auth.resolve_repository_name('my.registry.net:5000/image') == ( 'my.registry.net:5000', 'image')
def test_resolve_registry_and_auth_library_image(self): image = 'image' assert auth.resolve_authconfig( self.auth_config, auth.resolve_repository_name(image)[0] )['username'] == 'indexuser'
def test_resolve_repository_name_dotted_hub_library_image(self): assert auth.resolve_repository_name('image.valid') == ( 'docker.io', 'image.valid' )
def test_resolve_registry_and_auth_hub_image(self): image = 'username/image' assert auth.resolve_authconfig( self.auth_config, auth.resolve_repository_name(image)[0])['username'] == 'indexuser'
def test_explicit_legacy_hub_index_library_image(self): assert auth.resolve_repository_name('index.docker.io/image') == ( 'docker.io', 'image' )
def test_resolve_registry_and_auth_explicit_legacy_hub(self): image = 'index.docker.io/username/image' assert auth.resolve_authconfig( self.auth_config, auth.resolve_repository_name(image)[0])['username'] == 'indexuser'
def test_resolve_repository_name_private_registry_with_port(self): assert auth.resolve_repository_name('my.registry.net:5000/image') == ( 'my.registry.net:5000', 'image' )
def test_resolve_registry_and_auth_private_registry(self): image = 'my.registry.net/image' assert auth.resolve_authconfig(self.auth_config, auth.resolve_repository_name(image) [0])['username'] == 'privateuser'
def test_resolve_repository_name_no_dots_but_port_and_username(self): assert auth.resolve_repository_name( 'hostname:5000/username/image' ) == ('hostname:5000', 'username/image')
def test_resolve_registry_and_auth_unauthenticated_registry(self): image = 'other.registry.net/image' assert auth.resolve_authconfig( self.auth_config, auth.resolve_repository_name(image)[0]) is None
def test_resolve_repository_name_localhost_with_username(self): assert auth.resolve_repository_name('localhost/username/image') == ( 'localhost', 'username/image' )
def test_resolve_repository_name_dotted_hub_library_image(self): assert auth.resolve_repository_name('image.valid') == ('docker.io', 'image.valid')
def test_resolve_repository_name_hub_image(self): assert auth.resolve_repository_name('username/image') == ( 'docker.io', 'username/image')
def parse_image_name(image): repository, tag = docker_utils.parse_repository_tag(image) registry, name = docker_auth.resolve_repository_name(repository) if registry == docker_auth.INDEX_NAME: registry = '' return registry, name, tag