def test_layer_exists(registry_v2_image_source: RegistryV2ImageSource, image: str): """Test layer existence.""" image_name = ImageName.parse(image) layer = registry_v2_image_source.get_manifest(image_name).get_layers()[-1] assert registry_v2_image_source.layer_exists(image_name, layer) assert not registry_v2_image_source.layer_exists(image_name, FormattedSHA256("0" * 64))
def test_get_image_layer_to_disk( registry_v2_image_source: RegistryV2ImageSource, image: str): """Test layer retrieval to disk.""" image_name = ImageName.parse(image) config_digest = registry_v2_image_source.get_manifest( image_name).get_config_digest() temp = tempfile.NamedTemporaryFile() result = registry_v2_image_source.get_image_layer_to_disk( image_name, config_digest, temp) assert result["digest"] == config_digest
def test__get_request_headers( request, registry_v2_image_source: RegistryV2ImageSource, image: str, expected_credentials: str, ): """Test request headers retrieval.""" registry_v2_image_source.credentials_store = get_test_data_path( request, "credentials_store.json") image_name = ImageName.parse(image) headers = registry_v2_image_source._get_request_headers(image_name) assert headers assert expected_credentials in headers["Authorization"]
def registry(context: Context, images: List[ImageName]): """Operates on docker registries (v2).""" ctx = get_context_object(context) ctx["images"] = images ctx["imagesource"] = RegistryV2ImageSource() verify(context)
def test_get_manifest(registry_v2_image_source: RegistryV2ImageSource, image: str): """Test manifest retrieval.""" image_name = ImageName.parse(image) manifest = registry_v2_image_source.get_manifest(image_name) assert manifest assert isinstance(manifest, RegistryV2Manifest)
def registry(context: Context, src_image_name: ImageName, dest_image_name: ImageName): """Operates on docker registries (v2).""" ctx = get_context_object(context) ctx["src_image_name"] = src_image_name ctx["dest_image_name"] = dest_image_name ctx["imagesource"] = RegistryV2ImageSource(dry_run=ctx["dry_run"]) copy(context)
def registry(context, src_image_name: ImageName, dest_image_name: ImageName): """Operates on docker registries (v2).""" context.obj["src_image_name"] = src_image_name context.obj["dest_image_name"] = dest_image_name context.obj["imagesource"] = RegistryV2ImageSource( dry_run=context.obj["dry_run"]) copy(context)
def test_get_iamge_config(registry_v2_image_source: RegistryV2ImageSource, image: str): """Test image configuration retrieval.""" image_name = ImageName.parse(image) config = registry_v2_image_source.get_image_config(image_name) assert config assert isinstance(config, ImageConfig)
def test_unsign_image_same_image_source( registry_v2_image_source: RegistryV2ImageSource, image: str): """Test image unsigning.""" src_image_name = ImageName.parse(image) dest_image_name = copy.deepcopy(src_image_name) dest_image_name.tag = "{0}_unsigned".format(dest_image_name.tag) def assertions(result: dict): assert result image_config = result["image_config"] assert image_config assert "FAKE SIGNATURE" not in str(image_config) verify_image_data = result["verify_image_data"] assert verify_image_data assert image_config == verify_image_data["image_config"] manifest = verify_image_data["manifest"] assert manifest manifest_unsigned = result["manifest_unsigned"] assert manifest_unsigned assert manifest_unsigned.get_config_digest( ) == image_config.get_config_digest() assert len(manifest_unsigned.get_layers()) == len( image_config.get_image_layers()) # 1. Pre signature assertions( registry_v2_image_source.unsign_image(src_image_name, registry_v2_image_source, dest_image_name)) # Sign registry_v2_image_source.sign_image(FakeSigner(), src_image_name, registry_v2_image_source, dest_image_name) # 2. Post signature assertions( registry_v2_image_source.unsign_image(src_image_name, registry_v2_image_source, dest_image_name))
def test__get_credentials( request, registry_v2_image_source: RegistryV2ImageSource, endpoint: str, expected_username: str, expected_password: str, ): """Test credentials retrieval.""" registry_v2_image_source.credentials_store = get_test_data_path( request, "credentials_store.json") credentials = registry_v2_image_source._get_credentials(endpoint) assert credentials decoded = base64.decodebytes(credentials.encode("utf-8")).decode("utf-8") assert decoded actual_username, actual_password = decoded.split(":") assert actual_username == expected_username assert actual_password == expected_password
async def registry_v2_image_source( credentials_store_path: Path, docker_registry_secure: DockerRegistrySecure, replicate_manifest_lists, ) -> RegistryV2ImageSource: # pylint: disable=unused-argument """Provides a RegistryV2ImageSource instance.""" # Do not use caching; get a new instance for each test async with RegistryV2ImageSource( credentials_store=credentials_store_path, ssl=docker_registry_secure.ssl_context) as registry_v2_image_source: credentials = docker_registry_secure.auth_header[ "Authorization"].split()[1] await registry_v2_image_source.docker_registry_client_async.add_credentials( docker_registry_secure.endpoint, credentials) yield registry_v2_image_source
def registry( context, keyid: str, keypass: str, sigtype: str, src_image_name: ImageName, dest_image_name: ImageName, ): """Operates on docker registries (v2).""" context.obj["keyid"] = keyid context.obj["keypass"] = keypass context.obj["sigtype"] = sigtype context.obj["src_image_name"] = src_image_name context.obj["dest_image_name"] = dest_image_name context.obj["imagesource"] = RegistryV2ImageSource( dry_run=context.obj["dry_run"]) sign(context)
def test_verify_image_integrity( registry_v2_image_source: RegistryV2ImageSource, image: str): """Test image unsigning.""" image_name = ImageName.parse(image) def assertions(result: dict): assert result image_config = result["image_config"] assert image_config manifest = result["manifest"] assert manifest assert len(result["compressed_layer_files"]) == len( result["uncompressed_layer_files"]) # 1. Unsigned assertions(registry_v2_image_source.verify_image_integrity(image_name))
def registry_v2_image_source() -> RegistryV2ImageSource: """Provides a RegistryV2ImageSource instance.""" # Do not use caching; get a new instance for each test return RegistryV2ImageSource(dry_run=True)
def registry_v2_image_source(): # Do not use caching; get a new instance for each test return RegistryV2ImageSource(dry_run=True)
def registry(context, images: List): """Operates on docker registries (v2).""" context.obj["images"] = images context.obj["imagesource"] = RegistryV2ImageSource() verify(context)
async def registry_v2_image_source() -> RegistryV2ImageSource: """Provides a RegistryV2ImageSource instance.""" # Do not use caching; get a new instance for each test # Implicitly tests __aenter__(), __aexit__(), and close() async with RegistryV2ImageSource() as registry_v2_image_source: yield registry_v2_image_source