mirror
/
repo2docker
kopia lustrzana https://github.com/jupyterhub/repo2docker
1
0
Forkuj 0
Kod Zgłoszenia Projekty Wydania Wiki Aktywność

[pre-commit.ci] auto fixes from pre-commit.com hooks 

for more information, see https://pre-commit.ci
pull/1421/head
pre-commit-ci[bot] 2025-02-28 21:44:59 +00:00
rodzic aa948e08af
commit ad29ffd8e6
2 zmienionych plików z 52 dodań i 25 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

76
tests/norun/test_registry.py
Wyświetl plik

@ -4,12 +4,12 @@ import secrets
import shutil import shutil
import socket import socket
import subprocess import subprocess
from tempfile import TemporaryDirectory
from base64 import b64encode
import time import time
import bcrypt from base64 import b64encode
from pathlib import Path from pathlib import Path
from tempfile import TemporaryDirectory
import bcrypt
import pytest import pytest
import requests import requests
@ -87,7 +87,9 @@ def registry(host_ip):
port = get_free_port() port = get_free_port()
username = "user" username = "user"
password = secrets.token_hex(16) password = secrets.token_hex(16)
bcrypted_pw = bcrypt.hashpw(password.encode("utf-8"), bcrypt.gensalt(rounds=12)).decode("utf-8") bcrypted_pw = bcrypt.hashpw(
password.encode("utf-8"), bcrypt.gensalt(rounds=12)
).decode("utf-8")
# We put our password here, and mount it into the container. # We put our password here, and mount it into the container.
# put it in current dir than in /tmp because on macos, current dir is likely to # put it in current dir than in /tmp because on macos, current dir is likely to
@ -100,12 +102,22 @@ def registry(host_ip):
registry_image = "registry:3.0.0-rc.3" registry_image = "registry:3.0.0-rc.3"
subprocess.check_call(["docker", "pull", registry_image]) subprocess.check_call(["docker", "pull", registry_image])
cmd = ["docker", "run", "--rm", cmd = [
"-e", "REGISTRY_AUTH=htpasswd", "docker",
"-e", "REGISTRY_AUTH_HTPASSWD_REALM=basic", "run",
"-e", "REGISTRY_AUTH_HTPASSWD_PATH=/opt/htpasswd/htpasswd.conf", "--rm",
"--mount", f"type=bind,src={htpasswd_dir},dst=/opt/htpasswd", "-e",
"-p", f"{port}:5000", registry_image] "REGISTRY_AUTH=htpasswd",
"-e",
"REGISTRY_AUTH_HTPASSWD_REALM=basic",
"-e",
"REGISTRY_AUTH_HTPASSWD_PATH=/opt/htpasswd/htpasswd.conf",
"--mount",
f"type=bind,src={htpasswd_dir},dst=/opt/htpasswd",
"-p",
f"{port}:5000",
registry_image,
]
proc = subprocess.Popen(cmd) proc = subprocess.Popen(cmd)
health_url = f"http://{host_ip}:{port}/v2" health_url = f"http://{host_ip}:{port}/v2"
# Wait for the registry to actually come up # Wait for the registry to actually come up
@ -144,19 +156,24 @@ def test_registry_explicit_creds(registry, dind):
os.environ["DOCKER_HOST"] = docker_host os.environ["DOCKER_HOST"] = docker_host
os.environ["DOCKER_CERT_PATH"] = str(cert_dir / "client") os.environ["DOCKER_CERT_PATH"] = str(cert_dir / "client")
os.environ["DOCKER_TLS_VERIFY"] = "1" os.environ["DOCKER_TLS_VERIFY"] = "1"
os.environ["CONTAINER_ENGINE_REGISTRY_CREDENTIALS"] = json.dumps({ os.environ["CONTAINER_ENGINE_REGISTRY_CREDENTIALS"] = json.dumps(
"registry": f"http://{registry_host}", {
"username": username, "registry": f"http://{registry_host}",
"password": password "username": username,
}) "password": password,
}
)
r2d.start() r2d.start()
proc = subprocess.run(
proc = subprocess.run(["docker", "manifest", "inspect", "--insecure", image_name]) ["docker", "manifest", "inspect", "--insecure", image_name]
)
assert proc.returncode == 0 assert proc.returncode == 0
# Validate that we didn't leak our registry creds into existing docker config # Validate that we didn't leak our registry creds into existing docker config
docker_config_path = Path(os.environ.get("DOCKER_CONFIG", "~/.docker/config.json")).expanduser() docker_config_path = Path(
os.environ.get("DOCKER_CONFIG", "~/.docker/config.json")
).expanduser()
if docker_config_path.exists(): if docker_config_path.exists():
# Just check that our randomly generated password is not in this file # Just check that our randomly generated password is not in this file
# Can this cause a conflict? Sure, if there's a different randomly generated password in here # Can this cause a conflict? Sure, if there's a different randomly generated password in here
@ -184,15 +201,26 @@ def test_registry_no_explicit_creds(registry, dind):
os.environ["DOCKER_CERT_PATH"] = str(cert_dir / "client") os.environ["DOCKER_CERT_PATH"] = str(cert_dir / "client")
os.environ["DOCKER_TLS_VERIFY"] = "1" os.environ["DOCKER_TLS_VERIFY"] = "1"
with TemporaryDirectory() as d: with TemporaryDirectory() as d:
(Path(d) / "config.json").write_text(json.dumps( (Path(d) / "config.json").write_text(
({"auths":{f"http://{registry_host}":{"auth":b64encode(f"{username}:{password}".encode()).decode()}}}) json.dumps(
)) {
"auths": {
f"http://{registry_host}": {
"auth": b64encode(
f"{username}:{password}".encode()
).decode()
}
}
}
)
)
os.environ["DOCKER_CONFIG"] = d os.environ["DOCKER_CONFIG"] = d
r2d.start() r2d.start()
proc = subprocess.run(
proc = subprocess.run(["docker", "manifest", "inspect", "--insecure", image_name]) ["docker", "manifest", "inspect", "--insecure", image_name]
)
assert proc.returncode == 0 assert proc.returncode == 0
finally: finally:
os.environ.clear() os.environ.clear()
os.environ.update(old_environ) os.environ.update(old_environ)

1
tests/unit/test_argumentvalidation.py
Wyświetl plik

@ -212,7 +212,6 @@ def test_invalid_container_port_protocol_mapping_fail(temp_cwd):
assert not validate_arguments(builddir, args_list, "Port specification") assert not validate_arguments(builddir, args_list, "Port specification")
def test_docker_no_build_success(temp_cwd): def test_docker_no_build_success(temp_cwd):
""" """
Test to check if r2d succeeds with --no-build argument with not being able to connect to docker daemon Test to check if r2d succeeds with --no-build argument with not being able to connect to docker daemon