add some more tests and debug logs

2025-12-31 06:08:49 +01:00 · 2020-11-21 21:34:56 +01:00 · 2020-11-21 21:34:56 +01:00 · 0c704ce02b
commit 0c704ce02b
parent 2b68874087
9 changed files with 727 additions and 39 deletions
--- a/pkg/registry/auth/auth.go
+++ b/pkg/registry/auth/auth.go
@ -87,7 +87,7 @@ func GetBearerToken(ctx context.Context, challenge string, img string, err error
 		return "", err
 	}

-	if credentials.Username != "" && credentials.Password != "" {
+	if credentials != nil && credentials.Username != "" && credentials.Password != "" {
 		log.WithField("credentials", credentials).Debug("Found credentials. Adding basic auth.")
 		r.SetBasicAuth(credentials.Username, credentials.Password)
 	} else {
@ -124,15 +124,21 @@ func GetAuthURL(challenge string, img string) (*url2.URL, error) {
 		val := strings.Trim(kv[1], "\"")
 		values[key] = val
 	}
-
-	if values["realm"] == "" || values["service"] == "" || values["scope"] == "" {
-		return nil, fmt.Errorf("challenge header did not include all values needed to construct an auth url")
+	if values["realm"] == "" || values["service"] == "" {
+		logrus.WithFields(logrus.Fields{
+			"realm": values["realm"],
+			"service": values["service"],
+		}).Debug("Checking challenge header content")
+		return nil, fmt.Errorf("challenge header did not include all values needed to construct an auth url", )
 	}

 	authURL, _ := url2.Parse(fmt.Sprintf("%s", values["realm"]))
 	q := authURL.Query()
 	q.Add("service", values["service"])
 	scopeImage := strings.TrimPrefix(img, values["service"])
+	if !strings.Contains(scopeImage, "/") {
+		scopeImage = "library/" + scopeImage
+	}
 	scope := fmt.Sprintf("repository:%s:pull", scopeImage)
 	q.Add("scope", scope)

--- a/pkg/registry/auth/auth_test.go
+++ b/pkg/registry/auth/auth_test.go
@ -1,7 +1,12 @@
 package auth

 import (
+	"context"
+	"github.com/containrrr/watchtower/pkg/logger"
+	wtTypes "github.com/containrrr/watchtower/pkg/types"
+	"github.com/docker/docker/api/types"
 	"net/url"
+	"os"
 	"testing"
 	. "github.com/onsi/gomega"
 	. "github.com/onsi/ginkgo"
@ -11,9 +16,46 @@ func TestAuth(t *testing.T) {
 	RegisterFailHandler(Fail)
 	RunSpecs(t, "Registry Auth Suite")
 }
+func SkipIfCredentialsEmpty(credentials *wtTypes.RegistryCredentials, fn func()) func() {
+	if credentials.Username == "" {
+		return func() {
+			Skip("Username missing. Skipping integration test")
+		}
+	} else if credentials.Password == "" {
+		return func() {
+			Skip("Password missing. Skipping integration test")
+		}
+	} else {
+		return fn
+	}
+}
+
+var GHCRCredentials = &wtTypes.RegistryCredentials{
+	Username: os.Getenv("CI_INTEGRATION_TEST_REGISTRY_GH_USERNAME"),
+	Password: os.Getenv("CI_INTEGRATION_TEST_REGISTRY_GH_PASSWORD"),
+}

 var _ = Describe("the auth module", func() {
+	var ctx = logger.AddDebugLogger(context.Background())
+	var ghImage = types.ImageInspect{
+		ID: "sha256:6972c414f322dfa40324df3c503d4b217ccdec6d576e408ed10437f508f4181b",
+		RepoTags: []string{
+			"ghcr.io/k6io/operator:latest",
+		},
+		RepoDigests: []string{
+			"ghcr.io/k6io/operator@sha256:d68e1e532088964195ad3a0a71526bc2f11a78de0def85629beb75e2265f0547",
+		},
+	}
+
 	When("getting an auth url", func() {
+		It("should parse the token from the response",
+			SkipIfCredentialsEmpty(GHCRCredentials, func() {
+				token, err := GetToken(ctx, ghImage, GHCRCredentials)
+				Expect(err).NotTo(HaveOccurred())
+				Expect(token).NotTo(Equal(""))
+			}),
+		)
+
 		It("should create a valid auth url object based on the challenge header supplied", func() {
 			input := `bearer realm="https://ghcr.io/token",service="ghcr.io",scope="repository:user/image:pull"`
 			expected := &url.URL{
--- a/pkg/registry/digest/digest.go
+++ b/pkg/registry/digest/digest.go
@ -9,21 +9,17 @@ import (
 	"github.com/containrrr/watchtower/pkg/registry/manifest"
 	"github.com/containrrr/watchtower/pkg/types"
 	apiTypes "github.com/docker/docker/api/types"
+	"github.com/sirupsen/logrus"
 	"net/http"
 	"strings"
 )

-const (
-	// ManifestListV2ContentType is the Content-Type used for fetching manifest lists
-	ManifestListV2ContentType = "application/vnd.docker.distribution.manifest.list.v2+json"
-	// ContentDigestHeader is the key for the key-value pair containing the digest header
-	ContentDigestHeader = "Docker-Content-Digest"
-)
+// ContentDigestHeader is the key for the key-value pair containing the digest header
+const ContentDigestHeader = "Docker-Content-Digest"

 // CompareDigest ...
 func CompareDigest(ctx context.Context, image apiTypes.ImageInspect, credentials *types.RegistryCredentials) (bool, error) {
 	var digest string
-	log := logger.GetLogger(ctx).WithField("fun", "CompareDigest")
 	token, err := auth.GetToken(ctx, image, credentials)
 	if err != nil {
 		return false, err
@ -38,8 +34,7 @@ func CompareDigest(ctx context.Context, image apiTypes.ImageInspect, credentials
 		return false, err
 	}

-	log.WithField("Remote Digest", digest).Debug()
-	log.WithField("Local Image ID", image.ID).Debug()
+	logrus.WithField("remote", digest).Debug("Found a remote digest to compare with")

 	if image.ID == digest {
 		return true, nil
@ -47,8 +42,12 @@ func CompareDigest(ctx context.Context, image apiTypes.ImageInspect, credentials

 	for _, dig := range image.RepoDigests {
 		localDigest := strings.Split(dig, "@")[1]
-		log.WithField("Local Digest", localDigest).Debug("Comparing with local digest")
+		logrus.WithFields(logrus.Fields{
+			"local": localDigest,
+			"remote": digest,
+		}).Debug("Comparing")
 		if localDigest == digest {
+			logrus.Debug("Found a match")
 			return true, nil
 		}
 	}
@ -68,9 +67,10 @@ func GetDigest(ctx context.Context, url string, token string) (string, error) {

 	req, _ := http.NewRequest("HEAD", url, nil)
 	req.Header.Add("Authorization", "Bearer "+token)
-	req.Header.Add("Accept", "*")
+	req.Header.Add("Accept", "*/*")
+
+	logrus.WithField("url", url).Debug("Doing a HEAD request to fetch a digest")

-	log.WithField("url", url).Debug("Doing a HEAD request to fetch a digest")
 	res, err := client.Do(req)
 	if err != nil {
 		return "", err
--- a/pkg/registry/digest/digest_test.go
+++ b/pkg/registry/digest/digest_test.go
@ -4,21 +4,21 @@ import (
 	"context"
 	"fmt"
 	"github.com/containrrr/watchtower/pkg/logger"
-	"github.com/containrrr/watchtower/pkg/registry/auth"
 	wtTypes "github.com/containrrr/watchtower/pkg/types"
 	"github.com/docker/docker/api/types"
 	. "github.com/onsi/ginkgo"
 	. "github.com/onsi/gomega"
 	"os"
+	"testing"
 )

-var _ = Describe("Testing with Ginkgo", func() {
-	It("digest", func() {

-		RegisterFailHandler(Fail)
-		RunSpecs(GinkgoT(), "Digest Suite")
-	})
-})
+
+func TestDigest(t *testing.T) {
+
+	RegisterFailHandler(Fail)
+	RunSpecs(GinkgoT(), "Digest Suite")
+}

 var ghImage = types.ImageInspect{
 	ID: "sha256:6972c414f322dfa40324df3c503d4b217ccdec6d576e408ed10437f508f4181b",
@ -56,16 +56,6 @@ func SkipIfCredentialsEmpty(credentials *wtTypes.RegistryCredentials, fn func())
 var _ = Describe("Digests", func() {
 	var ctx = logger.AddDebugLogger(context.Background())

-	When("fetching a bearer token", func() {
-
-		It("should parse the token from the response",
-			SkipIfCredentialsEmpty(GHCRCredentials, func() {
-				token, err := auth.GetToken(ctx, ghImage, GHCRCredentials)
-				Expect(err).NotTo(HaveOccurred())
-				Expect(token).NotTo(Equal(""))
-			}),
-		)
-	})
 	When("a digest comparison is done", func() {
 		It("should return true if digests match",
 			SkipIfCredentialsEmpty(GHCRCredentials, func() {
@ -83,9 +73,11 @@ var _ = Describe("Digests", func() {
 		})
 	})
 	When("using different registries", func() {
-		It("should work with DockerHub", func() {
-
-		})
+		It("should work with DockerHub",
+			SkipIfCredentialsEmpty(DockerHubCredentials, func() {
+				fmt.Println(DockerHubCredentials != nil) // to avoid crying linters
+			}),
+		)
 		It("should work with GitHub Container Registry",
 			SkipIfCredentialsEmpty(GHCRCredentials, func() {
 				fmt.Println(GHCRCredentials != nil) // to avoid crying linters
--- a/pkg/registry/helpers/helpers.go
+++ b/pkg/registry/helpers/helpers.go
@ -12,7 +12,6 @@ func ConvertToHostname(url string) (string, string, error) {
 	if err != nil {
 		return "", "", err
 	}
-	fmt.Println(url, err)
 	hostName := u.Hostname()
 	port := u.Port()

--- a/pkg/registry/manifest/manifest.go
+++ b/pkg/registry/manifest/manifest.go
@ -12,7 +12,6 @@ import (
 // BuildManifestURL from raw image data
 func BuildManifestURL(image apiTypes.ImageInspect) (string, error) {
 	img, tag := extractImageAndTag(image)
-
 	hostName, err := ref.ParseNormalizedNamed(img)
 	if err != nil {
 		return "", err
@ -23,6 +22,9 @@ func BuildManifestURL(image apiTypes.ImageInspect) (string, error) {
 		return "", err
 	}
 	img = strings.TrimPrefix(img, fmt.Sprintf("%s/", host))
+	if !strings.Contains(img, "/") {
+		img = "library/" + img
+	}
 	url := url2.URL{
 		Scheme: "https",
 		Host:   host,