summaryrefslogtreecommitdiff
path: root/test
diff options
context:
space:
mode:
authorOpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com>2021-11-30 16:30:23 +0100
committerGitHub <noreply@github.com>2021-11-30 16:30:23 +0100
commit771f8c628bef17eb183efce8c7ee7a91cbf4087b (patch)
treeadad2324e3c5f094785a411cb537d8f922a3fafc /test
parent8de68b170716dd1293c5a044f3e9cfd962fdbfb1 (diff)
parent5bdd571b1e46f26e23f030456efb009cbb765e4c (diff)
downloadpodman-771f8c628bef17eb183efce8c7ee7a91cbf4087b.tar.gz
podman-771f8c628bef17eb183efce8c7ee7a91cbf4087b.tar.bz2
podman-771f8c628bef17eb183efce8c7ee7a91cbf4087b.zip
Merge pull request #12435 from vrothberg/fix-12320
compat API: allow enforcing short-names resolution to Docker Hub
Diffstat (limited to 'test')
-rw-r--r--test/apiv2/12-imagesMore.at3
-rw-r--r--test/apiv2/70-short-names.at148
-rw-r--r--test/apiv2/containers.conf8
3 files changed, 157 insertions, 2 deletions
diff --git a/test/apiv2/12-imagesMore.at b/test/apiv2/12-imagesMore.at
index 144b83194..3a5d5c096 100644
--- a/test/apiv2/12-imagesMore.at
+++ b/test/apiv2/12-imagesMore.at
@@ -47,8 +47,7 @@ t POST "images/localhost:5000/myrepo/push?tlsVerify=false&tag=mytag" 200
t POST "libpod/images/$iid/untag?repo=localhost:5000/myrepo&tag=mytag" 201
# Try to push non-existing image
-t POST "images/localhost:5000/idonotexist/push?tlsVerify=false" 200
-jq -re 'select(.errorDetail)' <<<"$output" &>/dev/null || echo -e "${red}not ok: error message not found in output${nc}" 1>&2
+t POST "images/localhost:5000/idonotexist/push?tlsVerify=false" 404
t GET libpod/images/$IMAGE/json 200 \
.RepoTags[-1]=$IMAGE
diff --git a/test/apiv2/70-short-names.at b/test/apiv2/70-short-names.at
new file mode 100644
index 000000000..a5087c115
--- /dev/null
+++ b/test/apiv2/70-short-names.at
@@ -0,0 +1,148 @@
+# -*- sh -*-
+#
+# Tests for exercising short-name resolution in the compat API.
+#
+
+# Pull the libpod/quay image which is used in all tests below.
+t POST "images/create?fromImage=quay.io/libpod/alpine:latest" 200 .error~null .status~".*Download complete.*"
+
+
+########## TAG
+
+t POST "images/quay.io/libpod/alpine/tag?repo=foo" 201
+t DELETE "images/foo" 200
+
+
+########## BUILD
+
+function test_build {
+ from=$1
+ tag=$2
+ fqn=$3
+
+ TMPD=$(mktemp -d podman-apiv2-test.build.XXXXXXXX)
+ CONTAINERFILE_TAR="${TMPD}/containerfile.tar"
+ cat > $TMPD/containerfile << EOF
+FROM $from
+RUN touch /foo
+EOF
+ tar --format=posix -C $TMPD -cvf ${CONTAINERFILE_TAR} containerfile &> /dev/null
+
+ curl -XPOST --data-binary @<(cat $CONTAINERFILE_TAR) \
+ -H "content-type: application/x-tar" \
+ --dump-header "${TMPD}/headers.txt" \
+ -o "${TMPD}/response.txt" \
+ "http://$HOST:$PORT/build?dockerfile=containerfile&t=$tag" &> /dev/null
+
+ if ! grep -q '200 OK' "${TMPD}/headers.txt"; then
+ cat "${TMPD}/headers.txt"
+ cat "${TMPD}/response.txt"
+ echo -e "${red}NOK: Image build from tar failed response was not 200 OK (application/x-tar)"
+ exit 1
+ fi
+
+ rm -rf $TMPD
+ t DELETE "images/$fqn" 200
+}
+
+t POST "images/quay.io/libpod/alpine/tag?repo=foo" 201
+test_build foo bar "docker.io/library/bar:latest"
+t DELETE "images/foo" 200
+
+
+########## TAG
+
+# Looking up 'alpine' will fail as it gets normalized to docker.io.
+t POST "images/alpine/tag?repo=foo" 404 .cause="image not known"
+
+# The libpod endpoint will resolve to it without issues.
+t GET "libpod/images/alpine/exists" 204
+
+# Now let's tag the image with 'foo'. Remember, it will be normalized to
+# docker.io/library/foo.
+t GET "libpod/images/docker.io/library/foo/exists" 404
+t POST "images/quay.io/libpod/alpine/tag?repo=foo" 201
+t GET "libpod/images/docker.io/library/foo/exists" 204
+
+
+########## REMOVE
+
+t DELETE "images/alpine" 404 .cause="image not known" # fails since docker.io/library/alpine does not exist
+t DELETE "images/foo" 200 # removes the previously tagged image
+
+
+########## GET
+
+# Same procedure as above but with the /get endpoint.
+t GET "images/alpine/get" 404 .cause="image not known"
+t POST "images/quay.io/libpod/alpine/tag?repo=foo" 201
+t GET "images/foo/get" 200 '[POSIX tar archive]'
+t DELETE "images/foo" 200
+
+
+########## HISTORY
+
+t GET "images/alpine/history" 404 .cause="image not known"
+t GET "images/quay.io/libpod/alpine/history" 200
+t POST "images/quay.io/libpod/alpine/tag?repo=foo" 201
+t GET "libpod/images/foo/history" 200
+t DELETE "images/foo" 200
+
+
+########## PUSH
+
+t POST "images/alpine/push?destination=localhost:9999/do/not:exist" 404 .cause="image not known"
+t POST "images/quay.io/libpod/alpine/push?destination=localhost:9999/do/not:exist" 200 # Error is in the response
+t POST "images/quay.io/libpod/alpine/tag?repo=foo" 201
+t POST "images/foo/push?destination=localhost:9999/do/not:exist" 200 # Error is in the response
+t DELETE "images/foo" 200
+
+
+########## CREATE A CONTAINER
+
+t POST "containers/create" Image=alpine 404 .cause="image not known"
+t POST "containers/create" Image=quay.io/libpod/alpine:latest 201
+cid=$(jq -r '.Id' <<<"$output")
+t POST "images/quay.io/libpod/alpine/tag?repo=foo" 201
+t POST "containers/create" Image=foo 201
+cid=$(jq -r '.Id' <<<"$output")
+t DELETE "images/foo" 200
+t DELETE "containers/$cid" 204
+
+########## COMMIT CONTAINER
+
+t POST "containers/create" Image=quay.io/libpod/alpine:latest 201
+cid=$(jq -r '.Id' <<<"$output")
+t GET "images/alpine/get" 404 .cause="image not known"
+t POST "commit?container=$cid&repo=foo&tag=tag" 201
+t GET "images/foo/get" 404 .cause="image not known"
+t GET "images/foo:tag/get" 200
+t DELETE "images/docker.io/library/foo:tag" 200
+t DELETE "containers/$cid" 204
+
+
+######### SMOKE TESTS WITHOUT DOCKER.IO ENFORCEMENT
+
+# Note that we need to restart the service with a custom containers.conf to
+# disable the docker.io enforcement.
+
+stop_service
+CONTAINERS_CONF=$(pwd)/test/apiv2/containers.conf start_service
+
+t POST "images/create?fromImage=quay.io/libpod/alpine:latest" 200 .error~null .status~".*Download complete.*"
+t POST "images/alpine/tag?repo=foo" 201
+t GET "images/localhost/foo:latest/get" 200
+t DELETE "images/foo" 200
+t GET "images/alpine/history" 200
+t POST "images/alpine/push?destination=localhost:9999/do/not:exist" 200 # Error is in the response
+t POST "containers/create" Image=alpine 201
+cid=$(jq -r '.Id' <<<"$output")
+t POST "commit?container=$cid&repo=foo&tag=tag" 201
+t DELETE "images/localhost/foo:tag" 200
+t DELETE "containers/$cid" 204
+
+test_build alpine bar "localhost/bar:latest"
+
+
+stop_service
+start_service
diff --git a/test/apiv2/containers.conf b/test/apiv2/containers.conf
new file mode 100644
index 000000000..24762192f
--- /dev/null
+++ b/test/apiv2/containers.conf
@@ -0,0 +1,8 @@
+# This containers.conf file is used to test enforcing short-name resolution to
+# docker.io for Podman's *compat* API. By default, the compat API defaults to
+# resolving to docker.io only. The behavior can be altered by configuring the
+# containers.conf as done below in which case short names are subject to aliases,
+# "localhost/" and the unqualified-search registries.
+
+[engine]
+compat_api_enforce_docker_hub=false