We use cookies to ensure you get the best experience on our website
Главная Обзор Помощь
Регистрация Вход
0ct0pu5
/
moby
1
0
Ответвить 0
Файлы Задачи 0 Запросы на слияние 0 Вики
Дерево: e60bddcc60
Ветки Метки
moby
/
integration
/
plugin
/
common
/
plugin_test.go

plugin_test.go 9.2 KB
История Исходник

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315 
  1. package common // import "github.com/docker/docker/integration/plugin/common"
    2. 

  2. 

  3. import (
    4. 

  4. 	"context"
    5. 

  5. 	"encoding/base64"
    6. 

  6. 	"encoding/json"
    7. 

  7. 	"fmt"
    8. 

  8. 	"io"
    9. 

  9. 	"net"
    10. 

  10. 	"net/http"
    11. 

  11. 	"os"
    12. 

  12. 	"path"
    13. 

  13. 	"path/filepath"
    14. 

  14. 	"strings"
    15. 

  15. 	"testing"
    16. 

  16. 

  17. 	"github.com/containerd/containerd/images"
    18. 

  18. 	"github.com/containerd/containerd/remotes/docker"
    19. 

  19. 	"github.com/docker/docker/api/types"
    20. 

  20. 	registrytypes "github.com/docker/docker/api/types/registry"
    21. 

  21. 	"github.com/docker/docker/pkg/jsonmessage"
    22. 

  22. 	"github.com/docker/docker/testutil/daemon"
    23. 

  23. 	"github.com/docker/docker/testutil/fixtures/plugin"
    24. 

  24. 	"github.com/docker/docker/testutil/registry"
    25. 

  25. 	"github.com/docker/docker/testutil/request"
    26. 

  26. 	v1 "github.com/opencontainers/image-spec/specs-go/v1"
    27. 

  27. 	"gotest.tools/v3/assert"
    28. 

  28. 	"gotest.tools/v3/assert/cmp"
    29. 

  29. 	is "gotest.tools/v3/assert/cmp"
    30. 

  30. 	"gotest.tools/v3/skip"
    31. 

  31. )
    32. 

  32. 

  33. // TestPluginInvalidJSON tests that POST endpoints that expect a body return
    34. 

  34. // the correct error when sending invalid JSON requests.
    35. 

  35. func TestPluginInvalidJSON(t *testing.T) {
    36. 

  36. 	defer setupTest(t)()
    37. 

  37. 

  38. 	// POST endpoints that accept / expect a JSON body;
    39. 

  39. 	endpoints := []string{
    40. 

  40. 		"/plugins/foobar/set",
    41. 

  41. 		"/plugins/foobar/upgrade",
    42. 

  42. 		"/plugins/pull",
    43. 

  43. 	}
    44. 

  44. 

  45. 	for _, ep := range endpoints {
    46. 

  46. 		ep := ep
    47. 

  47. 		t.Run(ep[1:], func(t *testing.T) {
    48. 

  48. 			t.Parallel()
    49. 

  49. 

  50. 			t.Run("invalid content type", func(t *testing.T) {
    51. 

  51. 				res, body, err := request.Post(ep, request.RawString("[]"), request.ContentType("text/plain"))
    52. 

  52. 				assert.NilError(t, err)
    53. 

  53. 				assert.Check(t, is.Equal(res.StatusCode, http.StatusBadRequest))
    54. 

  54. 

  55. 				buf, err := request.ReadBody(body)
    56. 

  56. 				assert.NilError(t, err)
    57. 

  57. 				assert.Check(t, is.Contains(string(buf), "unsupported Content-Type header (text/plain): must be 'application/json'"))
    58. 

  58. 			})
    59. 

  59. 

  60. 			t.Run("invalid JSON", func(t *testing.T) {
    61. 

  61. 				res, body, err := request.Post(ep, request.RawString("{invalid json"), request.JSON)
    62. 

  62. 				assert.NilError(t, err)
    63. 

  63. 				assert.Check(t, is.Equal(res.StatusCode, http.StatusBadRequest))
    64. 

  64. 

  65. 				buf, err := request.ReadBody(body)
    66. 

  66. 				assert.NilError(t, err)
    67. 

  67. 				assert.Check(t, is.Contains(string(buf), "invalid JSON: invalid character 'i' looking for beginning of object key string"))
    68. 

  68. 			})
    69. 

  69. 

  70. 			t.Run("extra content after JSON", func(t *testing.T) {
    71. 

  71. 				res, body, err := request.Post(ep, request.RawString(`[] trailing content`), request.JSON)
    72. 

  72. 				assert.NilError(t, err)
    73. 

  73. 				assert.Check(t, is.Equal(res.StatusCode, http.StatusBadRequest))
    74. 

  74. 

  75. 				buf, err := request.ReadBody(body)
    76. 

  76. 				assert.NilError(t, err)
    77. 

  77. 				assert.Check(t, is.Contains(string(buf), "unexpected content after JSON"))
    78. 

  78. 			})
    79. 

  79. 

  80. 			t.Run("empty body", func(t *testing.T) {
    81. 

  81. 				// empty body should not produce an 500 internal server error, or
    82. 

  82. 				// any 5XX error (this is assuming the request does not produce
    83. 

  83. 				// an internal server error for another reason, but it shouldn't)
    84. 

  84. 				res, _, err := request.Post(ep, request.RawString(``), request.JSON)
    85. 

  85. 				assert.NilError(t, err)
    86. 

  86. 				assert.Check(t, res.StatusCode < http.StatusInternalServerError)
    87. 

  87. 			})
    88. 

  88. 		})
    89. 

  89. 	}
    90. 

  90. }
    91. 

  91. 

  92. func TestPluginInstall(t *testing.T) {
    93. 

  93. 	skip.If(t, testEnv.IsRemoteDaemon, "cannot run daemon when remote daemon")
    94. 

  94. 	skip.If(t, testEnv.OSType == "windows")
    95. 

  95. 	skip.If(t, testEnv.IsRootless, "rootless mode has different view of localhost")
    96. 

  96. 

  97. 	ctx := context.Background()
    98. 

  98. 	client := testEnv.APIClient()
    99. 

  99. 

  100. 	t.Run("no auth", func(t *testing.T) {
    101. 

  101. 		defer setupTest(t)()
    102. 

  102. 

  103. 		reg := registry.NewV2(t)
    104. 

  104. 		defer reg.Close()
    105. 

  105. 

  106. 		name := "test-" + strings.ToLower(t.Name())
    107. 

  107. 		repo := path.Join(registry.DefaultURL, name+":latest")
    108. 

  108. 		assert.NilError(t, plugin.CreateInRegistry(ctx, repo, nil))
    109. 

  109. 

  110. 		rdr, err := client.PluginInstall(ctx, repo, types.PluginInstallOptions{Disabled: true, RemoteRef: repo})
    111. 

  111. 		assert.NilError(t, err)
    112. 

  112. 		defer rdr.Close()
    113. 

  113. 

  114. 		_, err = io.Copy(io.Discard, rdr)
    115. 

  115. 		assert.NilError(t, err)
    116. 

  116. 

  117. 		_, _, err = client.PluginInspectWithRaw(ctx, repo)
    118. 

  118. 		assert.NilError(t, err)
    119. 

  119. 	})
    120. 

  120. 

  121. 	t.Run("with htpasswd", func(t *testing.T) {
    122. 

  122. 		defer setupTest(t)()
    123. 

  123. 

  124. 		reg := registry.NewV2(t, registry.Htpasswd)
    125. 

  125. 		defer reg.Close()
    126. 

  126. 

  127. 		name := "test-" + strings.ToLower(t.Name())
    128. 

  128. 		repo := path.Join(registry.DefaultURL, name+":latest")
    129. 

  129. 		auth := &registrytypes.AuthConfig{ServerAddress: registry.DefaultURL, Username: "testuser", Password: "testpassword"}
    130. 

  130. 		assert.NilError(t, plugin.CreateInRegistry(ctx, repo, auth))
    131. 

  131. 

  132. 		authEncoded, err := json.Marshal(auth)
    133. 

  133. 		assert.NilError(t, err)
    134. 

  134. 

  135. 		rdr, err := client.PluginInstall(ctx, repo, types.PluginInstallOptions{
    136. 

  136. 			RegistryAuth: base64.URLEncoding.EncodeToString(authEncoded),
    137. 

  137. 			Disabled:     true,
    138. 

  138. 			RemoteRef:    repo,
    139. 

  139. 		})
    140. 

  140. 		assert.NilError(t, err)
    141. 

  141. 		defer rdr.Close()
    142. 

  142. 

  143. 		_, err = io.Copy(io.Discard, rdr)
    144. 

  144. 		assert.NilError(t, err)
    145. 

  145. 

  146. 		_, _, err = client.PluginInspectWithRaw(ctx, repo)
    147. 

  147. 		assert.NilError(t, err)
    148. 

  148. 	})
    149. 

  149. 	t.Run("with insecure", func(t *testing.T) {
    150. 

  150. 		skip.If(t, !testEnv.IsLocalDaemon())
    151. 

  151. 

  152. 		addrs, err := net.InterfaceAddrs()
    153. 

  153. 		assert.NilError(t, err)
    154. 

  154. 

  155. 		var bindTo string
    156. 

  156. 		for _, addr := range addrs {
    157. 

  157. 			ip, ok := addr.(*net.IPNet)
    158. 

  158. 			if !ok {
    159. 

  159. 				continue
    160. 

  160. 			}
    161. 

  161. 			if ip.IP.IsLoopback() || ip.IP.To4() == nil {
    162. 

  162. 				continue
    163. 

  163. 			}
    164. 

  164. 			bindTo = ip.IP.String()
    165. 

  165. 		}
    166. 

  166. 

  167. 		if bindTo == "" {
    168. 

  168. 			t.Skip("No suitable interface to bind registry to")
    169. 

  169. 		}
    170. 

  170. 

  171. 		regURL := bindTo + ":5000"
    172. 

  172. 

  173. 		d := daemon.New(t)
    174. 

  174. 		defer d.Stop(t)
    175. 

  175. 

  176. 		d.Start(t, "--insecure-registry="+regURL)
    177. 

  177. 		defer d.Stop(t)
    178. 

  178. 

  179. 		reg := registry.NewV2(t, registry.URL(regURL))
    180. 

  180. 		defer reg.Close()
    181. 

  181. 

  182. 		name := "test-" + strings.ToLower(t.Name())
    183. 

  183. 		repo := path.Join(regURL, name+":latest")
    184. 

  184. 		assert.NilError(t, plugin.CreateInRegistry(ctx, repo, nil, plugin.WithInsecureRegistry(regURL)))
    185. 

  185. 

  186. 		client := d.NewClientT(t)
    187. 

  187. 		rdr, err := client.PluginInstall(ctx, repo, types.PluginInstallOptions{Disabled: true, RemoteRef: repo})
    188. 

  188. 		assert.NilError(t, err)
    189. 

  189. 		defer rdr.Close()
    190. 

  190. 

  191. 		_, err = io.Copy(io.Discard, rdr)
    192. 

  192. 		assert.NilError(t, err)
    193. 

  193. 

  194. 		_, _, err = client.PluginInspectWithRaw(ctx, repo)
    195. 

  195. 		assert.NilError(t, err)
    196. 

  196. 	})
    197. 

  197. 	// TODO: test insecure registry with https
    198. 

  198. }
    199. 

  199. 

  200. func TestPluginsWithRuntimes(t *testing.T) {
    201. 

  201. 	skip.If(t, testEnv.IsRemoteDaemon, "cannot run daemon when remote daemon")
    202. 

  202. 	skip.If(t, testEnv.IsRootless, "Test not supported on rootless due to buggy daemon setup in rootless mode due to daemon restart")
    203. 

  203. 	skip.If(t, testEnv.OSType == "windows")
    204. 

  204. 

  205. 	dir, err := os.MkdirTemp("", t.Name())
    206. 

  206. 	assert.NilError(t, err)
    207. 

  207. 	defer os.RemoveAll(dir)
    208. 

  208. 

  209. 	d := daemon.New(t)
    210. 

  210. 	defer d.Cleanup(t)
    211. 

  211. 

  212. 	d.Start(t)
    213. 

  213. 	defer d.Stop(t)
    214. 

  214. 

  215. 	ctx := context.Background()
    216. 

  216. 	client := d.NewClientT(t)
    217. 

  217. 

  218. 	assert.NilError(t, plugin.Create(ctx, client, "test:latest"))
    219. 

  219. 	defer client.PluginRemove(ctx, "test:latest", types.PluginRemoveOptions{Force: true})
    220. 

  220. 

  221. 	assert.NilError(t, client.PluginEnable(ctx, "test:latest", types.PluginEnableOptions{Timeout: 30}))
    222. 

  222. 

  223. 	p := filepath.Join(dir, "myrt")
    224. 

  224. 	script := fmt.Sprintf(`#!/bin/sh
    225. 

  225. 	file="%s/success"
    226. 

  226. 	if [ "$1" = "someArg" ]; then
    227. 

  227. 		shift
    228. 

  228. 		file="${file}_someArg"
    229. 

  229. 	fi
    230. 

  230. 

  231. 	touch $file
    232. 

  232. 	exec runc $@
    233. 

  233. 	`, dir)
    234. 

  234. 

  235. 	assert.NilError(t, os.WriteFile(p, []byte(script), 0777))
    236. 

  236. 

  237. 	type config struct {
    238. 

  238. 		Runtimes map[string]types.Runtime `json:"runtimes"`
    239. 

  239. 	}
    240. 

  240. 

  241. 	cfg, err := json.Marshal(config{
    242. 

  242. 		Runtimes: map[string]types.Runtime{
    243. 

  243. 			"myrt":     {Path: p},
    244. 

  244. 			"myrtArgs": {Path: p, Args: []string{"someArg"}},
    245. 

  245. 		},
    246. 

  246. 	})
    247. 

  247. 	configPath := filepath.Join(dir, "config.json")
    248. 

  248. 	os.WriteFile(configPath, cfg, 0644)
    249. 

  249. 

  250. 	t.Run("No Args", func(t *testing.T) {
    251. 

  251. 		d.Restart(t, "--default-runtime=myrt", "--config-file="+configPath)
    252. 

  252. 		_, err = os.Stat(filepath.Join(dir, "success"))
    253. 

  253. 		assert.NilError(t, err)
    254. 

  254. 	})
    255. 

  255. 

  256. 	t.Run("With Args", func(t *testing.T) {
    257. 

  257. 		d.Restart(t, "--default-runtime=myrtArgs", "--config-file="+configPath)
    258. 

  258. 		_, err = os.Stat(filepath.Join(dir, "success_someArg"))
    259. 

  259. 		assert.NilError(t, err)
    260. 

  260. 	})
    261. 

  261. }
    262. 

  262. 

  263. func TestPluginBackCompatMediaTypes(t *testing.T) {
    264. 

  264. 	skip.If(t, testEnv.IsRemoteDaemon, "cannot run daemon when remote daemon")
    265. 

  265. 	skip.If(t, testEnv.OSType == "windows")
    266. 

  266. 	skip.If(t, testEnv.IsRootless, "Rootless has a different view of localhost (needed for test registry access)")
    267. 

  267. 

  268. 	defer setupTest(t)()
    269. 

  269. 

  270. 	reg := registry.NewV2(t)
    271. 

  271. 	defer reg.Close()
    272. 

  272. 	reg.WaitReady(t)
    273. 

  273. 

  274. 	repo := path.Join(registry.DefaultURL, strings.ToLower(t.Name())+":latest")
    275. 

  275. 

  276. 	client := testEnv.APIClient()
    277. 

  277. 

  278. 	ctx := context.Background()
    279. 

  279. 	assert.NilError(t, plugin.Create(ctx, client, repo))
    280. 

  280. 

  281. 	rdr, err := client.PluginPush(ctx, repo, "")
    282. 

  282. 	assert.NilError(t, err)
    283. 

  283. 	defer rdr.Close()
    284. 

  284. 

  285. 	buf := &strings.Builder{}
    286. 

  286. 	assert.NilError(t, jsonmessage.DisplayJSONMessagesStream(rdr, buf, 0, false, nil), buf)
    287. 

  287. 

  288. 	// Use custom header here because older versions of the registry do not
    289. 

  289. 	// parse the accept header correctly and does not like the accept header
    290. 

  290. 	// that the default resolver code uses. "Older registries" here would be
    291. 

  291. 	// like the one currently included in the test suite.
    292. 

  292. 	headers := http.Header{}
    293. 

  293. 	headers.Add("Accept", images.MediaTypeDockerSchema2Manifest)
    294. 

  294. 

  295. 	resolver := docker.NewResolver(docker.ResolverOptions{
    296. 

  296. 		Headers: headers,
    297. 

  297. 	})
    298. 

  298. 	assert.NilError(t, err)
    299. 

  299. 

  300. 	n, desc, err := resolver.Resolve(ctx, repo)
    301. 

  301. 	assert.NilError(t, err, repo)
    302. 

  302. 

  303. 	fetcher, err := resolver.Fetcher(ctx, n)
    304. 

  304. 	assert.NilError(t, err)
    305. 

  305. 

  306. 	rdr, err = fetcher.Fetch(ctx, desc)
    307. 

  307. 	assert.NilError(t, err)
    308. 

  308. 	defer rdr.Close()
    309. 

  309. 

  310. 	var m v1.Manifest
    311. 

  311. 	assert.NilError(t, json.NewDecoder(rdr).Decode(&m))
    312. 

  312. 	assert.Check(t, cmp.Equal(m.MediaType, images.MediaTypeDockerSchema2Manifest))
    313. 

  313. 	assert.Check(t, cmp.Len(m.Layers, 1))
    314. 

  314. 	assert.Check(t, cmp.Equal(m.Layers[0].MediaType, images.MediaTypeDockerSchema2LayerGzip))
    315. 

  315. }
    316.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5