示例#1
0
 def test_trust_gpg_email_id(self):
     args = self.Args()
     testobj = Trust(policy_filename=os.path.join(FIXTURE_DIR, "show_policy.json"))
     testobj.atomic_config = util.get_atomic_config(atomic_config=os.path.join(FIXTURE_DIR, "atomic.conf"))
     testobj.set_args(args)
     actual = testobj.get_gpg_id(args.pubkeys)
     self.assertEqual("*****@*****.**", actual)
示例#2
0
 def TrustDelete(self, registry, sigstoretype):
     trust = Trust()
     args = self.Args()
     args.sigstoretype = sigstoretype
     args.registry = registry
     trust.set_args(args)
     trust.delete()
示例#3
0
 def TrustDelete(self, registry, sigstoretype):
     trust = Trust()
     args = self.Args()
     args.sigstoretype = sigstoretype
     args.registry = registry
     trust.set_args(args)
     trust.delete()
示例#4
0
 def test_trust_gpg_email_id(self):
     args = self.Args()
     testobj = Trust(
         policy_filename=os.path.join(FIXTURE_DIR, "show_policy.json"))
     testobj.atomic_config = util.get_atomic_config(
         atomic_config=os.path.join(FIXTURE_DIR, "atomic.conf"))
     testobj.set_args(args)
     actual = testobj.get_gpg_id(args.pubkeys)
     self.assertEqual("*****@*****.**", actual)
示例#5
0
 def test_setup_default_policy(self):
     args = self.Args()
     args.sigstoretype = "web"
     testobj = Trust()
     testobj.set_args(args)
     with open(os.path.join(FIXTURE_DIR, "default_policy.json"), "r") as default:
         policy_default = json.load(default)
     policy_default = testobj.check_policy(policy_default, "docker")
     policy_expected = {"default": [{"type": "insecureAcceptAnything"}], "transports": {"docker": {}}}
     self.assertEqual(policy_default, policy_expected)
示例#6
0
 def TrustAdd(self, registry, trusttype, pubkeys, keytype, sigstore, sigstoretype):
     trust = Trust()
     args = self.Args()
     args.registry = registry
     args.pubkeys = pubkeys
     args.keytype = keytype
     args.trust_type = trusttype
     args.sigstoretype = sigstoretype
     args.sigstore = sigstore
     trust.set_args(args)
     trust.add()
示例#7
0
 def TrustAdd(self, registry, trusttype, pubkeys, keytype, sigstore, sigstoretype):
     trust = Trust()
     args = self.Args()
     args.registry = registry
     args.pubkeys = pubkeys
     args.keytype = keytype
     args.trust_type = trusttype
     args.sigstoretype = sigstoretype
     args.sigstore = sigstore
     trust.set_args(args)
     trust.add()
示例#8
0
 def test_trust_show(self):
     args = self.Args()
     testobj = Trust(policy_filename=os.path.join(FIXTURE_DIR, "show_policy.json"))
     testobj.atomic_config = util.get_atomic_config(atomic_config=os.path.join(FIXTURE_DIR, "atomic.conf"))
     testobj.set_args(args)
     with self.captured_output() as (out, _):
         testobj.show()
     with open(os.path.join(FIXTURE_DIR, "show_policy.output"), "r") as f:
         expected = f.read()
         actual = out.getvalue()
         self.assertEqual(expected, actual)
示例#9
0
 def test_add_trust_keys(self):
     args = self.Args()
     args.sigstore = None
     testobj = Trust(policy_filename = TEST_POLICY)
     testobj.atomic_config = util.get_atomic_config(atomic_config = os.path.join(FIXTURE_DIR, "atomic.conf"))
     testobj.set_args(args)
     testobj.add()
     with open(testobj.policy_filename, 'r') as f:
         d = json.load(f)
         self.assertEqual(d["transports"]["atomic"]["docker.io"][0]["keyPath"], 
                          os.path.join(FIXTURE_DIR, "key1.pub"))
示例#10
0
 def test_add_reject_type(self):
     args = self.Args()
     args.trust_type = "reject"
     args.sigstoretype = "web"
     args.pubkeys = []
     args.registry = "registry.example.com/foo"
     testobj = Trust(policy_filename=TEST_POLICY)
     testobj.atomic_config = util.get_atomic_config(atomic_config=os.path.join(FIXTURE_DIR, "atomic.conf"))
     testobj.set_args(args)
     testobj.add()
     with open(testobj.policy_filename, "r") as f:
         d = json.load(f)
         self.assertEqual(d["transports"]["docker"][args.registry][0]["type"], args.trust_type)
示例#11
0
 def test_trust_show(self):
     args = self.Args()
     testobj = Trust(
         policy_filename=os.path.join(FIXTURE_DIR, "show_policy.json"))
     testobj.atomic_config = util.get_atomic_config(
         atomic_config=os.path.join(FIXTURE_DIR, "atomic.conf"))
     testobj.set_args(args)
     with self.captured_output() as (out, _):
         testobj.show()
     with open(os.path.join(FIXTURE_DIR, "show_policy.output"), 'r') as f:
         expected = f.read()
         actual = out.getvalue()
         self.assertEqual(expected, actual)
示例#12
0
 def test_delete_trust(self):
     args = self.Args()
     args.pubkeys = []
     args.sigstoretype = "web"
     args.registry = "registry.example.com/foo"
     args.pubkeys = None
     testobj = Trust(policy_filename=TEST_POLICY)
     testobj.atomic_config = util.get_atomic_config(atomic_config=os.path.join(FIXTURE_DIR, "atomic.conf"))
     testobj.set_args(args)
     testobj.delete()
     with open(testobj.policy_filename, "r") as f:
         d = json.load(f)
         self.assertNotIn(args.registry, d["transports"]["docker"])
示例#13
0
 def test_add_trust_keys(self):
     args = self.Args()
     args.sigstore = None
     testobj = Trust(policy_filename=TEST_POLICY)
     testobj.atomic_config = util.get_atomic_config(
         atomic_config=os.path.join(FIXTURE_DIR, "atomic.conf"))
     testobj.set_args(args)
     testobj.add()
     with open(testobj.policy_filename, 'r') as f:
         d = json.load(f)
         self.assertEqual(
             d["transports"]["atomic"]["docker.io"][0]["keyPath"],
             os.path.join(FIXTURE_DIR, "key1.pub"))
示例#14
0
 def test_delete_trust(self):
     args = self.Args()
     args.pubkeys = []
     args.sigstoretype = "web"
     args.registry = "registry.example.com/foo"
     args.pubkeys = None
     testobj = Trust(policy_filename=TEST_POLICY)
     testobj.atomic_config = util.get_atomic_config(
         atomic_config=os.path.join(FIXTURE_DIR, "atomic.conf"))
     testobj.set_args(args)
     testobj.delete()
     with open(testobj.policy_filename, 'r') as f:
         d = json.load(f)
         self.assertNotIn(args.registry, d["transports"]["docker"])
示例#15
0
 def test_add_reject_type(self):
     args = self.Args()
     args.trust_type = "reject"
     args.sigstoretype = "web"
     args.pubkeys = []
     args.registry = "registry.example.com/foo"
     testobj = Trust(policy_filename=TEST_POLICY)
     testobj.atomic_config = util.get_atomic_config(
         atomic_config=os.path.join(FIXTURE_DIR, "atomic.conf"))
     testobj.set_args(args)
     testobj.add()
     with open(testobj.policy_filename, 'r') as f:
         d = json.load(f)
         self.assertEqual(
             d["transports"]["docker"][args.registry][0]["type"],
             args.trust_type)
示例#16
0
 def test_setup_default_policy(self):
     args = self.Args()
     args.sigstoretype = "web"
     testobj = Trust()
     testobj.set_args(args)
     with open(os.path.join(FIXTURE_DIR, "default_policy.json"),
               'r') as default:
         policy_default = json.load(default)
     policy_default = testobj.check_policy(policy_default, "docker")
     policy_expected = {
         "default": [{
             "type": "insecureAcceptAnything"
         }],
         "transports": {
             "docker": {}
         }
     }
     self.assertEqual(policy_default, policy_expected)
示例#17
0
文件: _docker.py 项目: baude/atomic 
    def pull_image(self, image, pull_args):
        # Add this when atomic registry is incorporated.
        # if self.args.reg_type == "atomic":
        #     pull_uri = 'atomic:'
        # else:
        #     pull_uri = 'docker://'
        img_obj = self._make_remote_image(image)
        fq_name = img_obj.fq_name
        insecure = True if util.is_insecure_registry(self.d.info()['RegistryConfig'], util.strip_port(img_obj.registry)) else False

        # This needs to be re-enabled with Aaron's help
        trust = Trust()
        trust.set_args(pull_args)
        trust.discover_sigstore(fq_name)

        util.write_out("Pulling {} ...".format(fq_name))
        util.skopeo_copy("docker://{}".format(fq_name),
                         "docker-daemon:{}".format(image),
                         debug=pull_args.debug, insecure=insecure,
                         policy_filename=pull_args.policy_filename)
示例#18
0
    def pull_image(self, image, pull_args):
        # Add this when atomic registry is incorporated.
        # if self.args.reg_type == "atomic":
        #     pull_uri = 'atomic:'
        # else:
        #     pull_uri = 'docker://'
        img_obj = self._make_remote_image(image)
        fq_name = img_obj.fq_name
        insecure = True if util.is_insecure_registry(
            self.d.info()['RegistryConfig'], util.strip_port(
                img_obj.registry)) else False

        # This needs to be re-enabled with Aaron's help
        trust = Trust()
        trust.set_args(pull_args)
        trust.discover_sigstore(fq_name)

        util.write_out("Pulling {} ...".format(fq_name))
        util.skopeo_copy("docker://{}".format(fq_name),
                         "docker-daemon:{}".format(image),
                         debug=pull_args.debug,
                         insecure=insecure,
                         policy_filename=pull_args.policy_filename)
示例#19
0
 def TrustShow(self):
     trust = Trust()
     args = self.Args()
     trust.set_args(args)
     return json.dumps(trust.show_json())
示例#20
0
 def TrustDefaultPolicy(self, default_policy):
     trust = Trust()
     args = self.Args()
     args.default_policy = default_policy
     trust.set_args(args)
     return trust.modify_default()
示例#21
0
 def TrustShow(self):
     trust = Trust()
     args = self.Args()
     trust.set_args(args)
     return json.dumps(trust.show_json())
示例#22
0
 def TrustDefaultPolicy(self, default_policy):
     trust = Trust()
     args = self.Args()
     args.default_policy = default_policy
     trust.set_args(args)
     return trust.modify_default()