def test_sha(self, m):
"""
Test sha method
"""
registry = DockerRegistry(DOCKER_HUB_DOMAIN, token_url=DOCKER_HUB_TOKEN_REQUEST)
image = DockerImage('library/monimage', registry, tag='tag')
m.get(DOCKER_HUB_TOKEN_REQUEST.format(image=image), json=self.token_json)
m.get(registry.get_manifest_url(image), json=self.manifest_json,
headers={'Authorization': 'Bearer {token}'.format(token=self.token)})
self.assertEqual("58c0a48e3b6a2c9f3b1d8166e096789f20b769f538f4aecaa73d5eae15672b2b", image.sha)
self.assertEqual("58c0a48e3b6a", image.short_sha)
def test_get_layers_docker_hub_v2(self, m):
"""
Test de la méthode get_layer
"""
registry = DockerRegistry(DOCKER_HUB_DOMAIN, token_url=DOCKER_HUB_TOKEN_REQUEST)
image = DockerImage('library/monimage', registry, tag='tag')
m.get(DOCKER_HUB_TOKEN_REQUEST.format(image=image), json=self.token_json)
m.get(registry.get_manifest_url(image), json=self.manifestv2_json,
headers={'Authorization': 'Bearer {token}'.format(token=self.token)})
layers = image.get_layers()
self.assertEqual(layers, self.EXPECTED_LAYERS_V2)
def test_get_layers_artifactory(self, m):
"""
Test de la méthode get_layer
"""
artifactory_registry = 'registry.artifactory.net'
token_url = "https://{registry.domain}/api/docker/{image.repository}/v2/token?service={registry.domain}"
registry = DockerRegistry(artifactory_registry, token_url=token_url, protocol="http")
image = DockerImage('monimage', registry)
m.get(token_url.format(image=image, registry=registry), json=self.token_json)
m.get(registry.get_manifest_url(image), json=self.manifest_json,
headers={'Authorization': 'Bearer {token}'.format(token=self.token)})
layers = image.get_layers()
self.assertEqual(layers, self.EXPECTED_LAYERS)
def test_token_endpoint(self, m):
"""
Test de la méthode token_endpoint
"""
m.register_uri('GET', "https://{}/v2/".format(DOCKER_HUB_DOMAIN), status_code=401,
headers={'Www-Authenticate':
'Bearer realm="https://auth.docker.io/token",service="registry.docker.io"'})
registry = DockerRegistry(DOCKER_HUB_DOMAIN)
self.assertEqual(registry.token_url, DOCKER_HUB_TOKEN_REQUEST)
m.register_uri('GET', "https://{}/v2/".format(DOCKER_HUB_DOMAIN), headers={})
with self.assertRaises(RegistryAccessError):
registry = DockerRegistry(DOCKER_HUB_DOMAIN)
print(registry.token_url)
def test_get_token(self, m):
"""
Test de la méthode get_token
"""
domain_lambda = 'registery.host'
registry = DockerRegistry(domain_lambda, token=self.token, token_type='Basic')
image = DockerImage('monimage', registry)
# Manifest
m.register_uri('GET', registry.get_manifest_url(image), json=self.manifestv2_json,
request_headers={'Authorization': 'Basic {token}'.format(token=self.token)})
layers = image.get_layers()
self.assertTrue(m.called)
self.assertEqual(layers, self.EXPECTED_LAYERS_V2)
def __init__(self, clair, registries=None):
"""
Constructor
:param clair: ClairRequests object
:param registries: registries' configuration {'registry1_domain': {'conf': ...},
'registry2_domain': {'conf': ...}}
"""
super().__init__(clair, "Docker")
registries = registries or {}
self.__registries = {domain: DockerRegistry(domain, **conf) for domain, conf in registries.items()}
self.__docker_hub = DockerRegistry(DOCKER_HUB_DOMAIN)
self._pattern = re.compile(REGEX['domain'] + REGEX['name'] + REGEX['tag'])
self._domain_pattern = re.compile(r'(?P<repository>[a-zA-Z0-9-]*)\.(?P<domain>[a-zA-Z0-9-.]*)$')
def test_get_layers_other_registery_v2(self, m):
"""
Test de la méthode get_layer
"""
domain_lambda = 'registery.host'
registry = DockerRegistry(domain_lambda, token_url="https://token_url")
image = DockerImage('monimage', registry)
# Token
m.get("https://token_url", json=self.token_json)
# Manifest
m.get(registry.get_manifest_url(image), json=self.manifestv2_json,
headers={'Authorization': 'Bearer {token}'.format(token=self.token)})
layers = image.get_layers()
self.assertEqual(layers, self.EXPECTED_LAYERS_V2)
def test_manifest_http_error(self, m):
"""
Http Error en cas d'erreur d'accès à la registry
"""
domain_lambda = 'registery.host'
registry = DockerRegistry(domain_lambda, token_url="https://token_url")
image = DockerImage('monimage', registry)
# Token
m.get("https://token_url", json=self.token_json)
# Manifest
m.register_uri('GET', registry.get_manifest_url(image), json=self.manifest_json,
headers={'Authorization': 'Beare {token}'.format(token=self.token)}, status_code=401)
with self.assertRaises(RegistryAccessError):
image.get_layers()
def create_docker_image(self, name):
"""
Create docker image
:param name: image's name
:return: paclair.docker.DockerImage
"""
matcher = self._pattern.match(name)
if not matcher:
raise ResourceNotFoundException("Incorrect image name: {}".format(name))
# Base docker image
if matcher.group("domain") is None:
return DockerImage("library/" + matcher.group("name"), self.__docker_hub,
tag=matcher.group("tag") or 'latest')
domain_regex_matcher = self._domain_pattern.search(matcher.group("domain") or "")
# Repo docker
if domain_regex_matcher is None:
return DockerImage("{}/{}".format(matcher.group("domain"), matcher.group("name")), self.__docker_hub,
tag=matcher.group("tag") or 'latest')
# Find the registry
repo = ""
if domain_regex_matcher.group("domain") in self.__registries:
registry = self.__registries[domain_regex_matcher.group("domain")]
repo = domain_regex_matcher.group("repository") or ""
elif matcher.group("domain") in self.__registries:
registry = self.__registries[matcher.group("domain")]
else:
registry = DockerRegistry(matcher.group("domain"))
return DockerImage(matcher.group("name"), registry, repo, tag=matcher.group("tag") or 'latest')