moby/registry/config_test.go
Sebastiaan van Stijn 97a5b797b6
Use designated test domains (RFC2606) in tests
Some tests were using domain names that were intended to be "fake", but are
actually registered domain names (such as domain.com, registry.com, mytest.com).

Even though we were not actually making connections to these domains, it's
better to use domains that are designated for testing/examples in RFC2606:
https://tools.ietf.org/html/rfc2606

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-04-02 14:06:27 +02:00

381 lines
10 KiB
Go

package registry // import "github.com/docker/docker/registry"
import (
"reflect"
"sort"
"strings"
"testing"
"gotest.tools/v3/assert"
is "gotest.tools/v3/assert/cmp"
)
func TestLoadAllowNondistributableArtifacts(t *testing.T) {
testCases := []struct {
registries []string
cidrStrs []string
hostnames []string
err string
}{
{
registries: []string{"1.2.3.0/24"},
cidrStrs: []string{"1.2.3.0/24"},
},
{
registries: []string{"2001:db8::/120"},
cidrStrs: []string{"2001:db8::/120"},
},
{
registries: []string{"127.0.0.1"},
hostnames: []string{"127.0.0.1"},
},
{
registries: []string{"127.0.0.1:8080"},
hostnames: []string{"127.0.0.1:8080"},
},
{
registries: []string{"2001:db8::1"},
hostnames: []string{"2001:db8::1"},
},
{
registries: []string{"[2001:db8::1]:80"},
hostnames: []string{"[2001:db8::1]:80"},
},
{
registries: []string{"[2001:db8::1]:80"},
hostnames: []string{"[2001:db8::1]:80"},
},
{
registries: []string{"1.2.3.0/24", "2001:db8::/120", "127.0.0.1", "127.0.0.1:8080"},
cidrStrs: []string{"1.2.3.0/24", "2001:db8::/120"},
hostnames: []string{"127.0.0.1", "127.0.0.1:8080"},
},
{
registries: []string{"http://myregistry.example.com"},
err: "allow-nondistributable-artifacts registry http://myregistry.example.com should not contain '://'",
},
{
registries: []string{"https://myregistry.example.com"},
err: "allow-nondistributable-artifacts registry https://myregistry.example.com should not contain '://'",
},
{
registries: []string{"HTTP://myregistry.example.com"},
err: "allow-nondistributable-artifacts registry HTTP://myregistry.example.com should not contain '://'",
},
{
registries: []string{"svn://myregistry.example.com"},
err: "allow-nondistributable-artifacts registry svn://myregistry.example.com should not contain '://'",
},
{
registries: []string{"-invalid-registry"},
err: "Cannot begin or end with a hyphen",
},
{
registries: []string{`mytest-.com`},
err: `allow-nondistributable-artifacts registry mytest-.com is not valid: invalid host "mytest-.com"`,
},
{
registries: []string{`1200:0000:AB00:1234:0000:2552:7777:1313:8080`},
err: `allow-nondistributable-artifacts registry 1200:0000:AB00:1234:0000:2552:7777:1313:8080 is not valid: invalid host "1200:0000:AB00:1234:0000:2552:7777:1313:8080"`,
},
{
registries: []string{`myregistry.example.com:500000`},
err: `allow-nondistributable-artifacts registry myregistry.example.com:500000 is not valid: invalid port "500000"`,
},
{
registries: []string{`"myregistry.example.com"`},
err: `allow-nondistributable-artifacts registry "myregistry.example.com" is not valid: invalid host "\"myregistry.example.com\""`,
},
{
registries: []string{`"myregistry.example.com:5000"`},
err: `allow-nondistributable-artifacts registry "myregistry.example.com:5000" is not valid: invalid host "\"myregistry.example.com"`,
},
}
for _, testCase := range testCases {
config := emptyServiceConfig
err := config.LoadAllowNondistributableArtifacts(testCase.registries)
if testCase.err == "" {
if err != nil {
t.Fatalf("expect no error, got '%s'", err)
}
var cidrStrs []string
for _, c := range config.AllowNondistributableArtifactsCIDRs {
cidrStrs = append(cidrStrs, c.String())
}
sort.Strings(testCase.cidrStrs)
sort.Strings(cidrStrs)
if (len(testCase.cidrStrs) > 0 || len(cidrStrs) > 0) && !reflect.DeepEqual(testCase.cidrStrs, cidrStrs) {
t.Fatalf("expect AllowNondistributableArtifactsCIDRs to be '%+v', got '%+v'", testCase.cidrStrs, cidrStrs)
}
sort.Strings(testCase.hostnames)
sort.Strings(config.AllowNondistributableArtifactsHostnames)
if (len(testCase.hostnames) > 0 || len(config.AllowNondistributableArtifactsHostnames) > 0) && !reflect.DeepEqual(testCase.hostnames, config.AllowNondistributableArtifactsHostnames) {
t.Fatalf("expect AllowNondistributableArtifactsHostnames to be '%+v', got '%+v'", testCase.hostnames, config.AllowNondistributableArtifactsHostnames)
}
} else {
if err == nil {
t.Fatalf("expect error '%s', got no error", testCase.err)
}
if !strings.Contains(err.Error(), testCase.err) {
t.Fatalf("expect error '%s', got '%s'", testCase.err, err)
}
}
}
}
func TestValidateMirror(t *testing.T) {
valid := []string{
"http://mirror-1.example.com",
"http://mirror-1.example.com/",
"https://mirror-1.example.com",
"https://mirror-1.example.com/",
"http://localhost",
"https://localhost",
"http://localhost:5000",
"https://localhost:5000",
"http://127.0.0.1",
"https://127.0.0.1",
"http://127.0.0.1:5000",
"https://127.0.0.1:5000",
}
invalid := []string{
"!invalid!://%as%",
"ftp://mirror-1.example.com",
"http://mirror-1.example.com/?q=foo",
"http://mirror-1.example.com/v1/",
"http://mirror-1.example.com/v1/?q=foo",
"http://mirror-1.example.com/v1/?q=foo#frag",
"http://mirror-1.example.com?q=foo",
"https://mirror-1.example.com#frag",
"https://mirror-1.example.com/#frag",
"http://foo:bar@mirror-1.example.com/",
"https://mirror-1.example.com/v1/",
"https://mirror-1.example.com/v1/#",
"https://mirror-1.example.com?q",
}
for _, address := range valid {
if ret, err := ValidateMirror(address); err != nil || ret == "" {
t.Errorf("ValidateMirror(`"+address+"`) got %s %s", ret, err)
}
}
for _, address := range invalid {
if ret, err := ValidateMirror(address); err == nil || ret != "" {
t.Errorf("ValidateMirror(`"+address+"`) got %s %s", ret, err)
}
}
}
func TestLoadInsecureRegistries(t *testing.T) {
testCases := []struct {
registries []string
index string
err string
}{
{
registries: []string{"127.0.0.1"},
index: "127.0.0.1",
},
{
registries: []string{"127.0.0.1:8080"},
index: "127.0.0.1:8080",
},
{
registries: []string{"2001:db8::1"},
index: "2001:db8::1",
},
{
registries: []string{"[2001:db8::1]:80"},
index: "[2001:db8::1]:80",
},
{
registries: []string{"http://myregistry.example.com"},
index: "myregistry.example.com",
},
{
registries: []string{"https://myregistry.example.com"},
index: "myregistry.example.com",
},
{
registries: []string{"HTTP://myregistry.example.com"},
index: "myregistry.example.com",
},
{
registries: []string{"svn://myregistry.example.com"},
err: "insecure registry svn://myregistry.example.com should not contain '://'",
},
{
registries: []string{"-invalid-registry"},
err: "Cannot begin or end with a hyphen",
},
{
registries: []string{`mytest-.com`},
err: `insecure registry mytest-.com is not valid: invalid host "mytest-.com"`,
},
{
registries: []string{`1200:0000:AB00:1234:0000:2552:7777:1313:8080`},
err: `insecure registry 1200:0000:AB00:1234:0000:2552:7777:1313:8080 is not valid: invalid host "1200:0000:AB00:1234:0000:2552:7777:1313:8080"`,
},
{
registries: []string{`myregistry.example.com:500000`},
err: `insecure registry myregistry.example.com:500000 is not valid: invalid port "500000"`,
},
{
registries: []string{`"myregistry.example.com"`},
err: `insecure registry "myregistry.example.com" is not valid: invalid host "\"myregistry.example.com\""`,
},
{
registries: []string{`"myregistry.example.com:5000"`},
err: `insecure registry "myregistry.example.com:5000" is not valid: invalid host "\"myregistry.example.com"`,
},
}
for _, testCase := range testCases {
config := emptyServiceConfig
err := config.LoadInsecureRegistries(testCase.registries)
if testCase.err == "" {
if err != nil {
t.Fatalf("expect no error, got '%s'", err)
}
match := false
for index := range config.IndexConfigs {
if index == testCase.index {
match = true
}
}
if !match {
t.Fatalf("expect index configs to contain '%s', got %+v", testCase.index, config.IndexConfigs)
}
} else {
if err == nil {
t.Fatalf("expect error '%s', got no error", testCase.err)
}
if !strings.Contains(err.Error(), testCase.err) {
t.Fatalf("expect error '%s', got '%s'", testCase.err, err)
}
}
}
}
func TestNewServiceConfig(t *testing.T) {
testCases := []struct {
opts ServiceOptions
errStr string
}{
{
ServiceOptions{},
"",
},
{
ServiceOptions{
Mirrors: []string{"example.com:5000"},
},
`invalid mirror: unsupported scheme "example.com" in "example.com:5000"`,
},
{
ServiceOptions{
Mirrors: []string{"http://example.com:5000"},
},
"",
},
{
ServiceOptions{
InsecureRegistries: []string{"[fe80::]/64"},
},
`insecure registry [fe80::]/64 is not valid: invalid host "[fe80::]/64"`,
},
{
ServiceOptions{
InsecureRegistries: []string{"102.10.8.1/24"},
},
"",
},
{
ServiceOptions{
AllowNondistributableArtifacts: []string{"[fe80::]/64"},
},
`allow-nondistributable-artifacts registry [fe80::]/64 is not valid: invalid host "[fe80::]/64"`,
},
{
ServiceOptions{
AllowNondistributableArtifacts: []string{"102.10.8.1/24"},
},
"",
},
}
for _, testCase := range testCases {
_, err := newServiceConfig(testCase.opts)
if testCase.errStr != "" {
assert.Check(t, is.Error(err, testCase.errStr))
} else {
assert.Check(t, err)
}
}
}
func TestValidateIndexName(t *testing.T) {
valid := []struct {
index string
expect string
}{
{
index: "index.docker.io",
expect: "docker.io",
},
{
index: "example.com",
expect: "example.com",
},
{
index: "127.0.0.1:8080",
expect: "127.0.0.1:8080",
},
{
index: "mytest-1.com",
expect: "mytest-1.com",
},
{
index: "mirror-1.example.com/v1/?q=foo",
expect: "mirror-1.example.com/v1/?q=foo",
},
}
for _, testCase := range valid {
result, err := ValidateIndexName(testCase.index)
if assert.Check(t, err) {
assert.Check(t, is.Equal(testCase.expect, result))
}
}
}
func TestValidateIndexNameWithError(t *testing.T) {
invalid := []struct {
index string
err string
}{
{
index: "docker.io-",
err: "invalid index name (docker.io-). Cannot begin or end with a hyphen",
},
{
index: "-example.com",
err: "invalid index name (-example.com). Cannot begin or end with a hyphen",
},
{
index: "mirror-1.example.com/v1/?q=foo-",
err: "invalid index name (mirror-1.example.com/v1/?q=foo-). Cannot begin or end with a hyphen",
},
}
for _, testCase := range invalid {
_, err := ValidateIndexName(testCase.index)
assert.Check(t, is.Error(err, testCase.err))
}
}