mirror of
https://github.com/genuinetools/reg.git
synced 2024-06-28 10:24:17 -04:00
update tests
Signed-off-by: Jess Frazelle <acidburn@google.com>
This commit is contained in:
parent
2b87c8ea68
commit
aa124e3ecb
|
@ -45,7 +45,7 @@ func TestMain(m *testing.M) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// start registry
|
// start registry
|
||||||
regID, addr, err := testutils.StartRegistry(dcli)
|
regID, addr, err := testutils.StartRegistry(dcli, "basicauth.yml", "admin", "testing")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
testutils.RemoveContainer(dcli, regID)
|
testutils.RemoveContainer(dcli, regID)
|
||||||
panic(fmt.Errorf("starting registry container failed: %v", err))
|
panic(fmt.Errorf("starting registry container failed: %v", err))
|
||||||
|
@ -78,7 +78,7 @@ func run(args ...string) (string, error) {
|
||||||
func TestList(t *testing.T) {
|
func TestList(t *testing.T) {
|
||||||
out, err := run("ls")
|
out, err := run("ls")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Fatal(err)
|
t.Fatalf("output: %s, error: %v", string(out), err)
|
||||||
}
|
}
|
||||||
expected := `Repositories for localhost:5000
|
expected := `Repositories for localhost:5000
|
||||||
REPO TAGS
|
REPO TAGS
|
||||||
|
|
21
testutils/configs/basicauth.yml
Normal file
21
testutils/configs/basicauth.yml
Normal file
|
@ -0,0 +1,21 @@
|
||||||
|
version: 0.1
|
||||||
|
log:
|
||||||
|
level: debug
|
||||||
|
formatter: text
|
||||||
|
fields:
|
||||||
|
service: registry
|
||||||
|
storage:
|
||||||
|
filesystem:
|
||||||
|
rootdirectory: /var/lib/registry
|
||||||
|
http:
|
||||||
|
addr: 0.0.0.0:5000
|
||||||
|
headers:
|
||||||
|
X-Content-Type-Options: [nosniff]
|
||||||
|
host: https://localhost:5000
|
||||||
|
tls:
|
||||||
|
certificate: /etc/docker/registry/ssl/cert.pem
|
||||||
|
key: /etc/docker/registry/ssl/key.pem
|
||||||
|
auth:
|
||||||
|
htpasswd:
|
||||||
|
realm: basic-realm
|
||||||
|
path: /etc/docker/registry/htpasswd
|
1
testutils/configs/htpasswd
Normal file
1
testutils/configs/htpasswd
Normal file
|
@ -0,0 +1 @@
|
||||||
|
admin:$2y$05$TpcLzA8b5hMLptNGRIRWXuOI7KmAOqIuRhHAv15qHNrJaxuyIhCg6
|
17
testutils/configs/noauth.yml
Normal file
17
testutils/configs/noauth.yml
Normal file
|
@ -0,0 +1,17 @@
|
||||||
|
version: 0.1
|
||||||
|
log:
|
||||||
|
level: debug
|
||||||
|
formatter: text
|
||||||
|
fields:
|
||||||
|
service: registry
|
||||||
|
storage:
|
||||||
|
filesystem:
|
||||||
|
rootdirectory: /var/lib/registry
|
||||||
|
http:
|
||||||
|
addr: 0.0.0.0:5000
|
||||||
|
headers:
|
||||||
|
X-Content-Type-Options: [nosniff]
|
||||||
|
host: https://localhost:5000
|
||||||
|
tls:
|
||||||
|
certificate: /etc/docker/registry/ssl/cert.pem
|
||||||
|
key: /etc/docker/registry/ssl/key.pem
|
|
@ -1,18 +1,19 @@
|
||||||
-----BEGIN CERTIFICATE-----
|
-----BEGIN CERTIFICATE-----
|
||||||
MIIC+jCCAeKgAwIBAgIRAL2r7p95pcuHeAPmoZZVW0swDQYJKoZIhvcNAQELBQAw
|
MIIDAjCCAeqgAwIBAgIQC+Tw335jnu9Z46unSVFfeTANBgkqhkiG9w0BAQsFADAS
|
||||||
EjEQMA4GA1UEChMHQWNtZSBDbzAeFw0xNzA0MDQxNTIzMDlaFw0xODA0MDQxNTIz
|
MRAwDgYDVQQKEwdBY21lIENvMB4XDTE3MDYwNjAwMDAyNFoXDTE4MDYwNjAwMDAy
|
||||||
MDlaMBIxEDAOBgNVBAoTB0FjbWUgQ28wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
|
NFowEjEQMA4GA1UEChMHQWNtZSBDbzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
|
||||||
ggEKAoIBAQDPJAPV5w++SOU9YMur9jppXWTyhsSlUFXiFJebvmDErUFvFUUMY4Sm
|
AQoCggEBAN8/Xqef2iozUMXLRCvHnGc+SMaEDuW/iM9n/IL68F11esAR6tXhaiRQ
|
||||||
EWbbwLsVM+teOi923EazOgtUWfw+U5ZBZhG3zEu+jTa8R4+0S7P4rj2eNDIJOMCp
|
RdEsM9MyfyDYt9juE+XLaMyqhTAXwK9YzULE4BTVbAr9uOgxLtyWspA4uWfxhcrq
|
||||||
DomTqhm5k74SdZvwkUH0RGHEqVW2fdQ0t6qa7F2D/HaBBAnsACvtvXe6k+ssbk8i
|
CqQTRc0U95ZEnAVSjytDAXtLQyP+UlnMzmMhDpzRuH1YXqm6qB07G5yOJyPKkDrq
|
||||||
BR9pt4gouXdQAX2OkXvHxlKeeYeeoXNxZxE63mxNq7UXZ5vYDICzv7kj3etvAPOJ
|
EyqUsjqBJmBkUJiYfSx95Jen+4ZzlSR7wOsoxei09QYyvo3DMfcJO8Wb8IQFjOT0
|
||||||
Y7s5oLZKTEpVfPKexFkI89IwvSa9AhPgNGUQdtzjqpM1Xx/tGWHI861oTouQRs6J
|
ohhBFBR3v1HOOT6bKuhUHif3K+STguMEhHrgAFmcFW3NPQ3It2SyKfGBZ8nbmSA9
|
||||||
ZhxyPs8jBzDLFiubr8XzqqZtmB2IxYTHAgMBAAGjSzBJMA4GA1UdDwEB/wQEAwIF
|
2tjojQEFUHqRKp0UWyObuUmNAo1U1w8CAwEAAaNUMFIwDgYDVR0PAQH/BAQDAgKk
|
||||||
oDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAAMBQGA1UdEQQNMAuC
|
MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wGgYDVR0RBBMw
|
||||||
CWxvY2FsaG9zdDANBgkqhkiG9w0BAQsFAAOCAQEAxi37jKRlnPfloYMSZOCGOgC/
|
EYIJbG9jYWxob3N0hwR/AAABMA0GCSqGSIb3DQEBCwUAA4IBAQCl+yJgekN3dMbR
|
||||||
IkwSB/t2jTLfW6BfP4MKI9dOvbANR1v5fK0ITLDJXBEcP7xWdzMmAjo0rtMCnnkb
|
mxs7B8VSFv5a7zElDvTnagX3pSBHq7fLf45qVHOmZK/esgD3K8H5Kvft6u100b1j
|
||||||
t/OIPafUeXc51i+oo5J4kgFUnzOlZrN6RgtsFk33AWCzTS1d97/Om2dGEiwWAXel
|
4TLn2oFYVMME8BV0qNl5wgynNrJs131G3jgxcrgqu9NdlFpWZm8S+DCHo+h1ZH4Z
|
||||||
4jlX/kJQ0k5r+cN6M+P84TFW8Y1rmSXIyFPP6yzD4utwNBxOyPFXFQNbPBEOgWn4
|
LmlUt2uvwCbmZK/e6U0ZDICDKRwMaC6LdUCfLfn9F+ACpPTpAZBVbi0rpAYimBDf
|
||||||
wmb86+71XzXrfoge0aHJJnVeLmU68+60qcevqnAGOTR+uRU9YUmwRm4Rlb177QsI
|
j2QZJBWD9tV5xUVSLEmqFvi42g2khK43HFu9N35vPIqyrl4Gh5x3erZR7t8pGEu0
|
||||||
WtQeMwIrjXOP5nnrVWY9m7tr6a/mp9WRQkE3vywHNR2S/YsYTW+KLPINVTetRQ==
|
kOiqfCmV1GHL8egxYew4wJ1P6TzhYNk/7vpiJxrwPs3vW+WXaSBFdvoV1qQ6onjm
|
||||||
|
CxG31l+z
|
||||||
-----END CERTIFICATE-----
|
-----END CERTIFICATE-----
|
||||||
|
|
|
@ -1,27 +1,27 @@
|
||||||
-----BEGIN RSA PRIVATE KEY-----
|
-----BEGIN RSA PRIVATE KEY-----
|
||||||
MIIEpgIBAAKCAQEAzyQD1ecPvkjlPWDLq/Y6aV1k8obEpVBV4hSXm75gxK1BbxVF
|
MIIEowIBAAKCAQEA3z9ep5/aKjNQxctEK8ecZz5IxoQO5b+Iz2f8gvrwXXV6wBHq
|
||||||
DGOEphFm28C7FTPrXjovdtxGszoLVFn8PlOWQWYRt8xLvo02vEePtEuz+K49njQy
|
1eFqJFBF0Swz0zJ/INi32O4T5ctozKqFMBfAr1jNQsTgFNVsCv246DEu3JaykDi5
|
||||||
CTjAqQ6Jk6oZuZO+EnWb8JFB9ERhxKlVtn3UNLeqmuxdg/x2gQQJ7AAr7b13upPr
|
Z/GFyuoKpBNFzRT3lkScBVKPK0MBe0tDI/5SWczOYyEOnNG4fVheqbqoHTsbnI4n
|
||||||
LG5PIgUfabeIKLl3UAF9jpF7x8ZSnnmHnqFzcWcROt5sTau1F2eb2AyAs7+5I93r
|
I8qQOuoTKpSyOoEmYGRQmJh9LH3kl6f7hnOVJHvA6yjF6LT1BjK+jcMx9wk7xZvw
|
||||||
bwDziWO7OaC2SkxKVXzynsRZCPPSML0mvQIT4DRlEHbc46qTNV8f7RlhyPOtaE6L
|
hAWM5PSiGEEUFHe/Uc45Ppsq6FQeJ/cr5JOC4wSEeuAAWZwVbc09Dci3ZLIp8YFn
|
||||||
kEbOiWYccj7PIwcwyxYrm6/F86qmbZgdiMWExwIDAQABAoIBAQDJzJVsA2JECDJE
|
yduZID3a2OiNAQVQepEqnRRbI5u5SY0CjVTXDwIDAQABAoIBACw3LNQeQONiznie
|
||||||
vJNPoV9AnPsmh4L2ZrB0w4j78tnFYeD4fmk5a46kVxm1Byt7uYwYzWjGTE0YeHjn
|
TZ4uJrf8CgXnWdv/F2WcvtJiSQD5p5oq8kvyHUeb7ngDPTBzK+KhiagZXy+AHf2L
|
||||||
IY9rjPU6G10xiXdVWa+0d6cZiBL6N43SHZmNgFu5l28Si8nqEHRA+ZEFKg5uEVyK
|
OF3SFoOkHuM+gvMdYgy7O8ghFZry7eLKmU4Q8+LAf+MHPifkIzVL2Wrkcx6qYry8
|
||||||
Qko9spJVFYXAzntAhWlRwYSFBZnGTmiT6HC/d6/VB889kM0ipmzGtTAcR0nanqmM
|
p0uVr1HB0o6nmXFNyDBrNDSBl5JSJ+IyvtPr7ow5iO2iZLh0nV5CfM65vX2ESkvD
|
||||||
2pQqHO561zndpuNeTl/Qr2SmdRVRCUgGr3PLiD3/vN0SKpIaJ/ajHcbIQynLle14
|
+uil1uFfLdmNkfItK/0oTLngiXzJBCgPzTwBnKGlmoYzWvO/CMMIEkv0tdy/b1l9
|
||||||
GZusDCPsXtrhcvX56/gnGor5sWUzVKEz0OdQgRA4Q+0rvtre//6QVe/1x0wYIWiP
|
BTXiuRQEBy+CzSmoPyNnBCE/SOhZLH8+eGzsnlaty66AKWA1EwSjq7lDO1MOAL5Y
|
||||||
CbE0PfM5AoGBANaakZx30Pu2Q2/pH0VFqX+8FfqRkU4x6L2ZViWN6jPVOXNtCnq1
|
dPqwk8ECgYEA51T895d707Hl2/ggpEP1Wg8p96nz2iCt903WIOLn2X/9su2mNu5r
|
||||||
uWflIFZ0g8b8PCqVdtM2S9lI4mze/aXfADtr8wSvxYnOPyM3Ce7yoEqgsXzfy83j
|
+Xtkd39ZYUuJIIja8hyx3q9E761jSI/F3lr4jwhTYO15aNvyD9S0supqASVodT33
|
||||||
GfWNIFL9GxkQQD3YFWOBAjl6Q502sLkg+xPGPIVTt0MvzP7JILuFrtI1AoGBAPcY
|
VKYxrFH2PbRfb7RyuTUjlusJeP0QFz7hZ81eooYcgqkv8Gim14Y6XgkCgYEA9w2w
|
||||||
6HBg3l04szCX6xm7E5gUu2fICFAf1VRnTeuyD6dIZzD0z2F33OHBXBA7/RWj319C
|
P5bTEPHweGCJ8I9AgCGUsg39x23qwN8xkxKb6jQcj6wHBpSw/yAPpAZ/1o+GFWDO
|
||||||
YxdT0vjJveI3JUMnTFwbxfH/x5ntSSuVzhEo2kIcaY6w4RwwsTKLe1U6+JdEL+Me
|
xiiNfqc+pLHAgPwEY2iUFKKJtKaS1kFIljTK353HVrDcqviCa4GCpSlBRi4xBkfi
|
||||||
KoqAWD8SfoPmrxxGiymvFEKuHzY6ebJ3bwWbgBqLAoGBAL2TkeotFhomKnCj+ZHS
|
vxS81eKaf8ChoiqfOuz3g6dHl6n3RGoQ8KpgUlcCgYBzbJh8AX2rdww14WyICdCW
|
||||||
Nie22ZueGESBZl6HJEjMkwXy6GuE+eroub6D9AsrpnWTwPrFSlDO+DYcYplWa6+p
|
CxLpnEcsAzpKNvAsoIsGnzI64REaP4RoiwTqCwTR4xqcvSxhuaeWcOV4oY70Wahk
|
||||||
zaSwed+7/r77yV6sckP5ZYxHZEMx1/IrGnWGk/V7zgJYDsgTKOHbx0FLNoudEoSY
|
9gcndwQDTPpTM8tn0r4Gt6gEwmGIfk62UeZfENZIm4My/Vpwxu7nEoc7cylgL+PQ
|
||||||
E/Sl/DSzfYMGqQqyVg4RzBu5AoGBAJ4f52c65jG7vhfjsAR4TjKtWbwxKvizVl47
|
I0yg00HOgBSHY/A7gaIF4QKBgQDwjfaQZEaOGFYCkFWf04yFdq03lmIF/qP3Oxwl
|
||||||
+YZSHWhMkhSnJSrXfJdPmK2e5fd6NdCM+EKOVtz0pTnlVkgiFuB+uW6C42WijoeA
|
TZhdOnKY/nM02DFjqY8xMlblz4hKZqHP1wq3SRe4+48qyLlpJhoR4ZXePdd6IcUQ
|
||||||
xyz9+qYB7p7snDHhCxQwZE2Hflu2u/pYbJrTRSWfnSyla/vpPNcA/jMpoDmgtA48
|
5MSpahL/+WRUYXd0QH26Xeo98JoxuGszjXi1dljjjeiUY5X5pWT4XzhZl9i5V+G4
|
||||||
FeT9vL2/AoGBAI4TpYg1NX1Sz8uy5jApuBMYLuLtd4WJRzFhWd97lA4FJN5bH8XB
|
xNzXLwKBgHtH/cPeR5O5gSHG+Fi5Sb/Ip6YYg00N8vtGwYYyc2i/uqz1N20igHJY
|
||||||
wgCxBvIVGdwJcgkXGqR9692rVIUYAHR/VqyEAWqPXcLZbYHqA5bNQfIORFrmZ1fw
|
df7D5eYRIqrhBUVxqaqqs43oa1fi7CIFITYmof+qpxzRWKq9PPFc8D9mV0/03lba
|
||||||
sCFqjgSuA3gA+lBv68mIO1ghz4k2M4iBApr9soVDDuOIVmA9Ien5VYrM
|
0+i0kAvJB76WBiX48z8h+Rbc0IrZRDrVz9fk4Yfh+gHT4KDPmuII
|
||||||
-----END RSA PRIVATE KEY-----
|
-----END RSA PRIVATE KEY-----
|
||||||
|
|
|
@ -2,13 +2,17 @@ package testutils
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
|
"crypto/tls"
|
||||||
|
"crypto/x509"
|
||||||
"encoding/base64"
|
"encoding/base64"
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
"errors"
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
"net"
|
"net"
|
||||||
|
"net/http"
|
||||||
"os"
|
"os"
|
||||||
|
"os/exec"
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
"runtime"
|
"runtime"
|
||||||
"time"
|
"time"
|
||||||
|
@ -20,73 +24,29 @@ import (
|
||||||
"github.com/docker/docker/pkg/term"
|
"github.com/docker/docker/pkg/term"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
|
||||||
registryConfig = `version: 0.1
|
|
||||||
log:
|
|
||||||
level: debug
|
|
||||||
formatter: text
|
|
||||||
fields:
|
|
||||||
service: registry
|
|
||||||
storage:
|
|
||||||
filesystem:
|
|
||||||
rootdirectory: /var/lib/registry
|
|
||||||
http:
|
|
||||||
addr: 0.0.0.0:5000
|
|
||||||
headers:
|
|
||||||
X-Content-Type-Options: [nosniff]
|
|
||||||
host: https://localhost:5000
|
|
||||||
tls:
|
|
||||||
certificate: /etc/docker/registry/ssl/cert.pem
|
|
||||||
key: /etc/docker/registry/ssl/key.pem`
|
|
||||||
|
|
||||||
// admin:testing
|
|
||||||
htpasswd = "admin:$apr1$2a7OBK4C$pZEqDfaxN3Qaywsi5hMKt1\n"
|
|
||||||
)
|
|
||||||
|
|
||||||
// StartRegistry starts a new registry container.
|
// StartRegistry starts a new registry container.
|
||||||
func StartRegistry(dcli *client.Client) (string, string, error) {
|
func StartRegistry(dcli *client.Client, config, username, password string) (string, string, error) {
|
||||||
image := "registry:2"
|
|
||||||
|
|
||||||
hostConfig, err := createRegistryConfig()
|
|
||||||
if err != nil {
|
|
||||||
return "", "", err
|
|
||||||
}
|
|
||||||
|
|
||||||
hostHtpasswd, err := createRegistryHtpasswd()
|
|
||||||
if err != nil {
|
|
||||||
return "", "", err
|
|
||||||
}
|
|
||||||
|
|
||||||
if err := pullDockerImage(dcli, image); err != nil {
|
|
||||||
return "", "", err
|
|
||||||
}
|
|
||||||
|
|
||||||
_, filename, _, ok := runtime.Caller(0)
|
_, filename, _, ok := runtime.Caller(0)
|
||||||
if !ok {
|
if !ok {
|
||||||
return "", "", errors.New("No caller information")
|
return "", "", errors.New("No caller information")
|
||||||
}
|
}
|
||||||
|
|
||||||
fmt.Println(filename)
|
image := "registry:2"
|
||||||
|
|
||||||
|
if err := pullDockerImage(dcli, image); err != nil {
|
||||||
|
return "", "", err
|
||||||
|
}
|
||||||
|
|
||||||
r, err := dcli.ContainerCreate(
|
r, err := dcli.ContainerCreate(
|
||||||
context.Background(),
|
context.Background(),
|
||||||
&container.Config{
|
&container.Config{
|
||||||
Image: image,
|
Image: image,
|
||||||
/*ExposedPorts: map[nat.Port]struct{}{
|
|
||||||
"5000": {},
|
|
||||||
},*/
|
|
||||||
},
|
},
|
||||||
&container.HostConfig{
|
&container.HostConfig{
|
||||||
/* PortBindings: map[nat.Port][]nat.PortBinding{
|
|
||||||
"5000": []nat.PortBinding{{
|
|
||||||
HostIP: "0.0.0.0",
|
|
||||||
HostPort: "5000",
|
|
||||||
}},
|
|
||||||
},*/
|
|
||||||
NetworkMode: "host",
|
NetworkMode: "host",
|
||||||
Binds: []string{
|
Binds: []string{
|
||||||
hostConfig + ":" + "/etc/docker/registry/config.yml" + ":ro",
|
filepath.Join(filepath.Dir(filename), "configs", config) + ":" + "/etc/docker/registry/config.yml" + ":ro",
|
||||||
hostHtpasswd + ":" + "/etc/docker/registry/htpasswd" + ":ro",
|
filepath.Join(filepath.Dir(filename), "configs", "htpasswd") + ":" + "/etc/docker/registry/htpasswd" + ":ro",
|
||||||
filepath.Join(filepath.Dir(filename), "snakeoil") + ":" + "/etc/docker/registry/ssl" + ":ro",
|
filepath.Join(filepath.Dir(filename), "snakeoil") + ":" + "/etc/docker/registry/ssl" + ":ro",
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
@ -100,19 +60,18 @@ func StartRegistry(dcli *client.Client) (string, string, error) {
|
||||||
return r.ID, "", err
|
return r.ID, "", err
|
||||||
}
|
}
|
||||||
|
|
||||||
// get the container's IP
|
|
||||||
/*info, err := dcli.ContainerInspect(context.Background(), r.ID)
|
|
||||||
if err != nil {
|
|
||||||
return r.ID, "", err
|
|
||||||
}*/
|
|
||||||
port := ":5000"
|
port := ":5000"
|
||||||
// addr := "http://" + info.NetworkSettings.IPAddress + port
|
|
||||||
addr := "https://localhost" + port
|
addr := "https://localhost" + port
|
||||||
|
|
||||||
// waitForConn(info.NetworkSettings.IPAddress + port)
|
if err := waitForConn(addr, filepath.Join(filepath.Dir(filename), "snakeoil", "cert.pem"), filepath.Join(filepath.Dir(filename), "snakeoil", "key.pem")); err != nil {
|
||||||
waitForConn("localhost" + port)
|
return r.ID, addr, err
|
||||||
|
}
|
||||||
|
|
||||||
if err := prefillRegistry(dcli, "localhost"+port); err != nil {
|
if err := dockerLogin("localhost"+port, username, password); err != nil {
|
||||||
|
return r.ID, addr, err
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := prefillRegistry(dcli, "localhost"+port, username, password); err != nil {
|
||||||
return r.ID, addr, err
|
return r.ID, addr, err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -132,8 +91,18 @@ func RemoveContainer(dcli *client.Client, ctrID string) error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// dockerLogin logins via the command line to a docker registry
|
||||||
|
func dockerLogin(addr, username, password string) error {
|
||||||
|
cmd := exec.Command("docker", "login", addr, "--username", username, "--password", password)
|
||||||
|
out, err := cmd.CombinedOutput()
|
||||||
|
if err != nil {
|
||||||
|
return fmt.Errorf("docker login failed with output %q and error: %v", string(out), err)
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
// prefillRegistry adds images to a registry.
|
// prefillRegistry adds images to a registry.
|
||||||
func prefillRegistry(dcli *client.Client, addr string) error {
|
func prefillRegistry(dcli *client.Client, addr, username, password string) error {
|
||||||
image := "alpine:latest"
|
image := "alpine:latest"
|
||||||
|
|
||||||
if err := pullDockerImage(dcli, image); err != nil {
|
if err := pullDockerImage(dcli, image); err != nil {
|
||||||
|
@ -144,7 +113,7 @@ func prefillRegistry(dcli *client.Client, addr string) error {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
auth, err := constructRegistryAuth("admin", "testing")
|
auth, err := constructRegistryAuth(username, password)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
@ -196,57 +165,70 @@ func imageExists(dcli *client.Client, image string) (bool, error) {
|
||||||
return false, err
|
return false, err
|
||||||
}
|
}
|
||||||
|
|
||||||
func createRegistryConfig() (string, error) {
|
|
||||||
tmpfile, err := ioutil.TempFile("", "registry")
|
|
||||||
if err != nil {
|
|
||||||
return "", err
|
|
||||||
}
|
|
||||||
|
|
||||||
if _, err := tmpfile.WriteString(registryConfig); err != nil {
|
|
||||||
return "", err
|
|
||||||
}
|
|
||||||
if err := tmpfile.Close(); err != nil {
|
|
||||||
return "", err
|
|
||||||
}
|
|
||||||
|
|
||||||
return tmpfile.Name(), nil
|
|
||||||
}
|
|
||||||
|
|
||||||
func createRegistryHtpasswd() (string, error) {
|
|
||||||
tmpfile, err := ioutil.TempFile("", "registry-htpasswd")
|
|
||||||
if err != nil {
|
|
||||||
return "", err
|
|
||||||
}
|
|
||||||
|
|
||||||
if _, err := tmpfile.WriteString(htpasswd); err != nil {
|
|
||||||
return "", err
|
|
||||||
}
|
|
||||||
if err := tmpfile.Close(); err != nil {
|
|
||||||
return "", err
|
|
||||||
}
|
|
||||||
|
|
||||||
return tmpfile.Name(), nil
|
|
||||||
}
|
|
||||||
|
|
||||||
// waitForConn takes a tcp addr and waits until it is reachable
|
// waitForConn takes a tcp addr and waits until it is reachable
|
||||||
func waitForConn(addr string) {
|
func waitForConn(addr, cert, key string) error {
|
||||||
|
tlsCert, err := tls.LoadX509KeyPair(cert, key)
|
||||||
|
if err != nil {
|
||||||
|
return fmt.Errorf("Could not load X509 key pair: %v. Make sure the key is not encrypted", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
certPool, err := x509.SystemCertPool()
|
||||||
|
if err != nil {
|
||||||
|
return fmt.Errorf("failed to read system certificates: %v", err)
|
||||||
|
}
|
||||||
|
pem, err := ioutil.ReadFile(cert)
|
||||||
|
if err != nil {
|
||||||
|
return fmt.Errorf("could not read CA certificate %s: %v", cert, err)
|
||||||
|
}
|
||||||
|
if !certPool.AppendCertsFromPEM(pem) {
|
||||||
|
return fmt.Errorf("failed to append certificates from PEM file: %s", cert)
|
||||||
|
}
|
||||||
|
|
||||||
|
c := http.Client{
|
||||||
|
Transport: &http.Transport{
|
||||||
|
Proxy: http.ProxyFromEnvironment,
|
||||||
|
DialContext: (&net.Dialer{
|
||||||
|
Timeout: 30 * time.Second,
|
||||||
|
KeepAlive: 30 * time.Second,
|
||||||
|
DualStack: true,
|
||||||
|
}).DialContext,
|
||||||
|
MaxIdleConns: 100,
|
||||||
|
IdleConnTimeout: 90 * time.Second,
|
||||||
|
TLSHandshakeTimeout: 10 * time.Second,
|
||||||
|
ExpectContinueTimeout: 1 * time.Second,
|
||||||
|
TLSClientConfig: &tls.Config{
|
||||||
|
Certificates: []tls.Certificate{tlsCert},
|
||||||
|
MinVersion: tls.VersionTLS12,
|
||||||
|
CipherSuites: []uint16{
|
||||||
|
tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
|
||||||
|
tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
|
||||||
|
tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
|
||||||
|
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
|
||||||
|
},
|
||||||
|
RootCAs: certPool,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
n := 0
|
n := 0
|
||||||
max := 10
|
max := 10
|
||||||
for n < max {
|
for n < max {
|
||||||
if _, err := net.Dial("tcp", addr); err != nil {
|
if _, err := c.Get(addr + "/v2/"); err != nil {
|
||||||
fmt.Printf("try number %d to dial %s: %v\n", n, addr, err)
|
fmt.Printf("try number %d to %s: %v\n", n, addr, err)
|
||||||
n++
|
n++
|
||||||
if n != max {
|
if n != max {
|
||||||
fmt.Println("sleeping for 1 second then will try again...")
|
fmt.Println("sleeping for 1 second then will try again...")
|
||||||
time.Sleep(time.Second)
|
time.Sleep(time.Second)
|
||||||
} else {
|
} else {
|
||||||
fmt.Printf("[WHOOPS]: maximum retries for %s exceeded\n", addr)
|
return fmt.Errorf("[WHOOPS]: maximum retries for %s exceeded\n", addr)
|
||||||
}
|
}
|
||||||
continue
|
continue
|
||||||
} else {
|
} else {
|
||||||
break
|
break
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// constructRegistryAuth serializes the auth configuration as JSON base64 payload.
|
// constructRegistryAuth serializes the auth configuration as JSON base64 payload.
|
||||||
|
|
Loading…
Reference in a new issue