helm/pkg/pusher/ocipusher_test.go

/*
Copyright The Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/

package pusher

import (
	"path/filepath"
	"testing"

	"helm.sh/helm/v3/pkg/registry"
)

func TestNewOCIPusher(t *testing.T) {
	p, err := NewOCIPusher()
	if err != nil {
		t.Fatal(err)
	}

	if _, ok := p.(*OCIPusher); !ok {
		t.Fatal("Expected NewOCIPusher to produce an *OCIPusher")
	}

	cd := "../../testdata"
	join := filepath.Join
	ca, pub, priv := join(cd, "rootca.crt"), join(cd, "crt.pem"), join(cd, "key.pem")
	insecureSkipTLSverify := false
	plainHTTP := false

	// Test with options
	p, err = NewOCIPusher(
		WithTLSClientConfig(pub, priv, ca),
		WithInsecureSkipTLSVerify(insecureSkipTLSverify),
		WithPlainHTTP(plainHTTP),
	)
	if err != nil {
		t.Fatal(err)
	}

	op, ok := p.(*OCIPusher)
	if !ok {
		t.Fatal("Expected NewOCIPusher to produce an *OCIPusher")
	}

	if op.opts.certFile != pub {
		t.Errorf("Expected NewOCIPusher to contain %q as the public key file, got %q", pub, op.opts.certFile)
	}

	if op.opts.keyFile != priv {
		t.Errorf("Expected NewOCIPusher to contain %q as the private key file, got %q", priv, op.opts.keyFile)
	}

	if op.opts.caFile != ca {
		t.Errorf("Expected NewOCIPusher to contain %q as the CA file, got %q", ca, op.opts.caFile)
	}

	if op.opts.plainHTTP != plainHTTP {
		t.Errorf("Expected NewOCIPusher to have plainHTTP as %t, got %t", plainHTTP, op.opts.plainHTTP)
	}

	if op.opts.insecureSkipTLSverify != insecureSkipTLSverify {
		t.Errorf("Expected NewOCIPusher to have insecureSkipVerifyTLS as %t, got %t", insecureSkipTLSverify, op.opts.insecureSkipTLSverify)
	}

	// Test if setting registryClient is being passed to the ops
	registryClient, err := registry.NewClient()
	if err != nil {
		t.Fatal(err)
	}

	p, err = NewOCIPusher(
		WithRegistryClient(registryClient),
	)
	if err != nil {
		t.Fatal(err)
	}
	op, ok = p.(*OCIPusher)
	if !ok {
		t.Fatal("expected NewOCIPusher to produce an *OCIPusher")
	}

	if op.opts.registryClient != registryClient {
		t.Errorf("Expected NewOCIPusher to contain %p as RegistryClient, got %p", registryClient, op.opts.registryClient)
	}
}
Helm 3: registry login/logout (#5597) * login/logout placeholders Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * use latest oras Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * use docker auth system Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * working login+push Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * working on tests Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * fix typo in htpasswd Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * rename credsfile to config.json Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * add flags for username/password Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * disable logout test broken on linux Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * upgrade to oras 0.4.0 Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * re-enable logout test Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * panic for uncaught errors Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * move login/logout to new registry subcommand Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> 6 years ago			`/*`
			`Copyright The Helm Authors.`
			`Licensed under the Apache License, Version 2.0 (the "License");`
			`you may not use this file except in compliance with the License.`
			`You may obtain a copy of the License at`

Implement changes proposed in HIP 6 For more information, please see the following URL: https://github.com/helm/community/blob/main/hips/hip-0006.md Note: OCI support remains experimental, and you are still required to set HELM_EXPERIMENTAL_OCI=1 in your environment. Signed-off-by: Josh Dolitsky <josh@dolit.ski> 3 years ago			`http://www.apache.org/licenses/LICENSE-2.0`
Helm 3: registry login/logout (#5597) * login/logout placeholders Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * use latest oras Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * use docker auth system Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * working login+push Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * working on tests Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * fix typo in htpasswd Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * rename credsfile to config.json Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * add flags for username/password Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * disable logout test broken on linux Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * upgrade to oras 0.4.0 Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * re-enable logout test Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * panic for uncaught errors Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * move login/logout to new registry subcommand Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> 6 years ago
			`Unless required by applicable law or agreed to in writing, software`
			`distributed under the License is distributed on an "AS IS" BASIS,`
			`WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`See the License for the specific language governing permissions and`
			`limitations under the License.`
			`*/`

Implement changes proposed in HIP 6 For more information, please see the following URL: https://github.com/helm/community/blob/main/hips/hip-0006.md Note: OCI support remains experimental, and you are still required to set HELM_EXPERIMENTAL_OCI=1 in your environment. Signed-off-by: Josh Dolitsky <josh@dolit.ski> 3 years ago			`package pusher`
Helm 3: registry login/logout (#5597) * login/logout placeholders Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * use latest oras Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * use docker auth system Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * working login+push Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * working on tests Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * fix typo in htpasswd Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * rename credsfile to config.json Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * add flags for username/password Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * disable logout test broken on linux Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * upgrade to oras 0.4.0 Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * re-enable logout test Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * panic for uncaught errors Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * move login/logout to new registry subcommand Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> 6 years ago
			`import (`
Enable custom certificates option for OCI If implemented, users will be able to use custom certificates and CA to while interacting with OCI registries. Signed-off-by: Soule BA <bah.soule@gmail.com> 2 years ago			`"path/filepath"`
Implement changes proposed in HIP 6 For more information, please see the following URL: https://github.com/helm/community/blob/main/hips/hip-0006.md Note: OCI support remains experimental, and you are still required to set HELM_EXPERIMENTAL_OCI=1 in your environment. Signed-off-by: Josh Dolitsky <josh@dolit.ski> 3 years ago			`"testing"`
Enable custom certificates option for OCI If implemented, users will be able to use custom certificates and CA to while interacting with OCI registries. Signed-off-by: Soule BA <bah.soule@gmail.com> 2 years ago
			`"helm.sh/helm/v3/pkg/registry"`
Helm 3: registry login/logout (#5597) * login/logout placeholders Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * use latest oras Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * use docker auth system Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * working login+push Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * working on tests Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * fix typo in htpasswd Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * rename credsfile to config.json Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * add flags for username/password Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * disable logout test broken on linux Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * upgrade to oras 0.4.0 Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * re-enable logout test Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * panic for uncaught errors Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * move login/logout to new registry subcommand Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> 6 years ago			`)`

Implement changes proposed in HIP 6 For more information, please see the following URL: https://github.com/helm/community/blob/main/hips/hip-0006.md Note: OCI support remains experimental, and you are still required to set HELM_EXPERIMENTAL_OCI=1 in your environment. Signed-off-by: Josh Dolitsky <josh@dolit.ski> 3 years ago			`func TestNewOCIPusher(t *testing.T) {`
Enable custom certificates option for OCI If implemented, users will be able to use custom certificates and CA to while interacting with OCI registries. Signed-off-by: Soule BA <bah.soule@gmail.com> 2 years ago			`p, err := NewOCIPusher()`
			`if err != nil {`
			`t.Fatal(err)`
Helm 3: registry login/logout (#5597) * login/logout placeholders Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * use latest oras Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * use docker auth system Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * working login+push Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * working on tests Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * fix typo in htpasswd Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * rename credsfile to config.json Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * add flags for username/password Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * disable logout test broken on linux Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * upgrade to oras 0.4.0 Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * re-enable logout test Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * panic for uncaught errors Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> * move login/logout to new registry subcommand Signed-off-by: Josh Dolitsky <jdolitsky@gmail.com> 6 years ago			`}`
Implement changes proposed in HIP 6 For more information, please see the following URL: https://github.com/helm/community/blob/main/hips/hip-0006.md Note: OCI support remains experimental, and you are still required to set HELM_EXPERIMENTAL_OCI=1 in your environment. Signed-off-by: Josh Dolitsky <josh@dolit.ski> 3 years ago
Enable custom certificates option for OCI If implemented, users will be able to use custom certificates and CA to while interacting with OCI registries. Signed-off-by: Soule BA <bah.soule@gmail.com> 2 years ago			`if _, ok := p.(*OCIPusher); !ok {`
			`t.Fatal("Expected NewOCIPusher to produce an *OCIPusher")`
Better NewOCIPusher test, add ORAS link Signed-off-by: Josh Dolitsky <josh@dolit.ski> 3 years ago			`}`
Enable custom certificates option for OCI If implemented, users will be able to use custom certificates and CA to while interacting with OCI registries. Signed-off-by: Soule BA <bah.soule@gmail.com> 2 years ago
			`cd := "../../testdata"`
			`join := filepath.Join`
			`ca, pub, priv := join(cd, "rootca.crt"), join(cd, "crt.pem"), join(cd, "key.pem")`
Added support for insecure OCI registries Signed-off-by: Andrew Block <andy.block@gmail.com> 2 years ago			`insecureSkipTLSverify := false`
oci: add tests for plain HTTP and insecure HTTPS registries Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com> 1 year ago			`plainHTTP := false`
Enable custom certificates option for OCI If implemented, users will be able to use custom certificates and CA to while interacting with OCI registries. Signed-off-by: Soule BA <bah.soule@gmail.com> 2 years ago
			`// Test with options`
			`p, err = NewOCIPusher(`
			`WithTLSClientConfig(pub, priv, ca),`
Added support for insecure OCI registries Signed-off-by: Andrew Block <andy.block@gmail.com> 2 years ago			`WithInsecureSkipTLSVerify(insecureSkipTLSverify),`
oci: add tests for plain HTTP and insecure HTTPS registries Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com> 1 year ago			`WithPlainHTTP(plainHTTP),`
Enable custom certificates option for OCI If implemented, users will be able to use custom certificates and CA to while interacting with OCI registries. Signed-off-by: Soule BA <bah.soule@gmail.com> 2 years ago			`)`
Better NewOCIPusher test, add ORAS link Signed-off-by: Josh Dolitsky <josh@dolit.ski> 3 years ago			`if err != nil {`
Enable custom certificates option for OCI If implemented, users will be able to use custom certificates and CA to while interacting with OCI registries. Signed-off-by: Soule BA <bah.soule@gmail.com> 2 years ago			`t.Fatal(err)`
			`}`

			`op, ok := p.(*OCIPusher)`
			`if !ok {`
			`t.Fatal("Expected NewOCIPusher to produce an *OCIPusher")`
			`}`

			`if op.opts.certFile != pub {`
			`t.Errorf("Expected NewOCIPusher to contain %q as the public key file, got %q", pub, op.opts.certFile)`
			`}`

			`if op.opts.keyFile != priv {`
			`t.Errorf("Expected NewOCIPusher to contain %q as the private key file, got %q", priv, op.opts.keyFile)`
			`}`

			`if op.opts.caFile != ca {`
			`t.Errorf("Expected NewOCIPusher to contain %q as the CA file, got %q", ca, op.opts.caFile)`
			`}`

oci: add tests for plain HTTP and insecure HTTPS registries Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com> 1 year ago			`if op.opts.plainHTTP != plainHTTP {`
			`t.Errorf("Expected NewOCIPusher to have plainHTTP as %t, got %t", plainHTTP, op.opts.plainHTTP)`
			`}`

			`if op.opts.insecureSkipTLSverify != insecureSkipTLSverify {`
			`t.Errorf("Expected NewOCIPusher to have insecureSkipVerifyTLS as %t, got %t", insecureSkipTLSverify, op.opts.insecureSkipTLSverify)`
			`}`

Enable custom certificates option for OCI If implemented, users will be able to use custom certificates and CA to while interacting with OCI registries. Signed-off-by: Soule BA <bah.soule@gmail.com> 2 years ago			`// Test if setting registryClient is being passed to the ops`
			`registryClient, err := registry.NewClient()`
			`if err != nil {`
			`t.Fatal(err)`
			`}`

			`p, err = NewOCIPusher(`
			`WithRegistryClient(registryClient),`
			`)`
			`if err != nil {`
			`t.Fatal(err)`
			`}`
			`op, ok = p.(*OCIPusher)`
			`if !ok {`
			`t.Fatal("expected NewOCIPusher to produce an *OCIPusher")`
			`}`

			`if op.opts.registryClient != registryClient {`
			`t.Errorf("Expected NewOCIPusher to contain %p as RegistryClient, got %p", registryClient, op.opts.registryClient)`
Better NewOCIPusher test, add ORAS link Signed-off-by: Josh Dolitsky <josh@dolit.ski> 3 years ago			`}`
Implement changes proposed in HIP 6 For more information, please see the following URL: https://github.com/helm/community/blob/main/hips/hip-0006.md Note: OCI support remains experimental, and you are still required to set HELM_EXPERIMENTAL_OCI=1 in your environment. Signed-off-by: Josh Dolitsky <josh@dolit.ski> 3 years ago			`}`