mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 211 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
13283 Commits
17 Branches
Tree: 7671a3322b
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '7671a3322b'
${ noResults }
gitea/integrations/api_packages_container_test.go

api_packages_container_test.go 23KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531 
  1. // Copyright 2022 The Gitea Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package integrations

  6. 

  7. import (

  8. 	"bytes"

  9. 	"encoding/base64"

  10. 	"fmt"

  11. 	"net/http"

  12. 	"strings"

  13. 	"testing"

  14. 

  15. 	"code.gitea.io/gitea/models/db"

  16. 	packages_model "code.gitea.io/gitea/models/packages"

  17. 	container_model "code.gitea.io/gitea/models/packages/container"

  18. 	"code.gitea.io/gitea/models/unittest"

  19. 	user_model "code.gitea.io/gitea/models/user"

  20. 	container_module "code.gitea.io/gitea/modules/packages/container"

  21. 	"code.gitea.io/gitea/modules/packages/container/oci"

  22. 	"code.gitea.io/gitea/modules/setting"

  23. 

  24. 	"github.com/stretchr/testify/assert"

  25. )

  26. 

  27. func TestPackageContainer(t *testing.T) {

  28. 	defer prepareTestEnv(t)()

  29. 	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2}).(*user_model.User)

  30. 

  31. 	has := func(l packages_model.PackagePropertyList, name string) bool {

  32. 		for _, pp := range l {

  33. 			if pp.Name == name {

  34. 				return true

  35. 			}

  36. 		}

  37. 		return false

  38. 	}

  39. 

  40. 	images := []string{"test", "te/st"}

  41. 	tags := []string{"latest", "main"}

  42. 	multiTag := "multi"

  43. 

  44. 	unknownDigest := "sha256:0000000000000000000000000000000000000000000000000000000000000000"

  45. 

  46. 	blobDigest := "sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4"

  47. 	blobContent, _ := base64.StdEncoding.DecodeString(`H4sIAAAJbogA/2IYBaNgFIxYAAgAAP//Lq+17wAEAAA=`)

  48. 

  49. 	configDigest := "sha256:4607e093bec406eaadb6f3a340f63400c9d3a7038680744c406903766b938f0d"

  50. 	configContent := `{"architecture":"amd64","config":{"Env":["PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"],"Cmd":["/true"],"ArgsEscaped":true,"Image":"sha256:9bd8b88dc68b80cffe126cc820e4b52c6e558eb3b37680bfee8e5f3ed7b8c257"},"container":"b89fe92a887d55c0961f02bdfbfd8ac3ddf66167db374770d2d9e9fab3311510","container_config":{"Hostname":"b89fe92a887d","Env":["PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"],"Cmd":["/bin/sh","-c","#(nop) ","CMD [\"/true\"]"],"ArgsEscaped":true,"Image":"sha256:9bd8b88dc68b80cffe126cc820e4b52c6e558eb3b37680bfee8e5f3ed7b8c257"},"created":"2022-01-01T00:00:00.000000000Z","docker_version":"20.10.12","history":[{"created":"2022-01-01T00:00:00.000000000Z","created_by":"/bin/sh -c #(nop) COPY file:0e7589b0c800daaf6fa460d2677101e4676dd9491980210cb345480e513f3602 in /true "},{"created":"2022-01-01T00:00:00.000000001Z","created_by":"/bin/sh -c #(nop)  CMD [\"/true\"]","empty_layer":true}],"os":"linux","rootfs":{"type":"layers","diff_ids":["sha256:0ff3b91bdf21ecdf2f2f3d4372c2098a14dbe06cd678e8f0a85fd4902d00e2e2"]}}`

  51. 

  52. 	manifestDigest := "sha256:4f10484d1c1bb13e3956b4de1cd42db8e0f14a75be1617b60f2de3cd59c803c6"

  53. 	manifestContent := `{"schemaVersion":2,"mediaType":"` + oci.MediaTypeDockerManifest + `","config":{"mediaType":"application/vnd.docker.container.image.v1+json","digest":"sha256:4607e093bec406eaadb6f3a340f63400c9d3a7038680744c406903766b938f0d","size":1069},"layers":[{"mediaType":"application/vnd.docker.image.rootfs.diff.tar.gzip","digest":"sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4","size":32}]}`

  54. 

  55. 	untaggedManifestDigest := "sha256:4305f5f5572b9a426b88909b036e52ee3cf3d7b9c1b01fac840e90747f56623d"

  56. 	untaggedManifestContent := `{"schemaVersion":2,"mediaType":"` + oci.MediaTypeImageManifest + `","config":{"mediaType":"application/vnd.docker.container.image.v1+json","digest":"sha256:4607e093bec406eaadb6f3a340f63400c9d3a7038680744c406903766b938f0d","size":1069},"layers":[{"mediaType":"application/vnd.docker.image.rootfs.diff.tar.gzip","digest":"sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4","size":32}]}`

  57. 

  58. 	indexManifestDigest := "sha256:bab112d6efb9e7f221995caaaa880352feb5bd8b1faf52fae8d12c113aa123ec"

  59. 	indexManifestContent := `{"schemaVersion":2,"mediaType":"` + oci.MediaTypeImageIndex + `","manifests":[{"mediaType":"` + oci.MediaTypeDockerManifest + `","digest":"` + manifestDigest + `","platform":{"os":"linux","architecture":"arm","variant":"v7"}},{"mediaType":"` + oci.MediaTypeImageManifest + `","digest":"` + untaggedManifestDigest + `","platform":{"os":"linux","architecture":"arm64","variant":"v8"}}]}`

  60. 

  61. 	anonymousToken := ""

  62. 	userToken := ""

  63. 

  64. 	t.Run("Authenticate", func(t *testing.T) {

  65. 		type TokenResponse struct {

  66. 			Token string `json:"token"`

  67. 		}

  68. 

  69. 		authenticate := []string{`Bearer realm="` + setting.AppURL + `v2/token"`}

  70. 

  71. 		t.Run("Anonymous", func(t *testing.T) {

  72. 			defer PrintCurrentTest(t)()

  73. 

  74. 			req := NewRequest(t, "GET", fmt.Sprintf("%sv2", setting.AppURL))

  75. 			resp := MakeRequest(t, req, http.StatusUnauthorized)

  76. 

  77. 			assert.ElementsMatch(t, authenticate, resp.Header().Values("WWW-Authenticate"))

  78. 

  79. 			req = NewRequest(t, "GET", fmt.Sprintf("%sv2/token", setting.AppURL))

  80. 			resp = MakeRequest(t, req, http.StatusOK)

  81. 

  82. 			tokenResponse := &TokenResponse{}

  83. 			DecodeJSON(t, resp, &tokenResponse)

  84. 

  85. 			assert.NotEmpty(t, tokenResponse.Token)

  86. 

  87. 			anonymousToken = fmt.Sprintf("Bearer %s", tokenResponse.Token)

  88. 

  89. 			req = NewRequest(t, "GET", fmt.Sprintf("%sv2", setting.AppURL))

  90. 			addTokenAuthHeader(req, anonymousToken)

  91. 			resp = MakeRequest(t, req, http.StatusOK)

  92. 		})

  93. 

  94. 		t.Run("User", func(t *testing.T) {

  95. 			defer PrintCurrentTest(t)()

  96. 

  97. 			req := NewRequest(t, "GET", fmt.Sprintf("%sv2", setting.AppURL))

  98. 			resp := MakeRequest(t, req, http.StatusUnauthorized)

  99. 

  100. 			assert.ElementsMatch(t, authenticate, resp.Header().Values("WWW-Authenticate"))

  101. 

  102. 			req = NewRequest(t, "GET", fmt.Sprintf("%sv2/token", setting.AppURL))

  103. 			req = AddBasicAuthHeader(req, user.Name)

  104. 			resp = MakeRequest(t, req, http.StatusOK)

  105. 

  106. 			tokenResponse := &TokenResponse{}

  107. 			DecodeJSON(t, resp, &tokenResponse)

  108. 

  109. 			assert.NotEmpty(t, tokenResponse.Token)

  110. 

  111. 			userToken = fmt.Sprintf("Bearer %s", tokenResponse.Token)

  112. 

  113. 			req = NewRequest(t, "GET", fmt.Sprintf("%sv2", setting.AppURL))

  114. 			addTokenAuthHeader(req, userToken)

  115. 			resp = MakeRequest(t, req, http.StatusOK)

  116. 		})

  117. 	})

  118. 

  119. 	t.Run("DetermineSupport", func(t *testing.T) {

  120. 		defer PrintCurrentTest(t)()

  121. 

  122. 		req := NewRequest(t, "GET", fmt.Sprintf("%sv2", setting.AppURL))

  123. 		addTokenAuthHeader(req, userToken)

  124. 		resp := MakeRequest(t, req, http.StatusOK)

  125. 		assert.Equal(t, "registry/2.0", resp.Header().Get("Docker-Distribution-Api-Version"))

  126. 	})

  127. 

  128. 	for _, image := range images {

  129. 		t.Run(fmt.Sprintf("[Image:%s]", image), func(t *testing.T) {

  130. 			url := fmt.Sprintf("%sv2/%s/%s", setting.AppURL, user.Name, image)

  131. 

  132. 			t.Run("UploadBlob/Monolithic", func(t *testing.T) {

  133. 				defer PrintCurrentTest(t)()

  134. 

  135. 				req := NewRequest(t, "POST", fmt.Sprintf("%s/blobs/uploads", url))

  136. 				addTokenAuthHeader(req, anonymousToken)

  137. 				MakeRequest(t, req, http.StatusUnauthorized)

  138. 

  139. 				req = NewRequestWithBody(t, "POST", fmt.Sprintf("%s/blobs/uploads?digest=%s", url, unknownDigest), bytes.NewReader(blobContent))

  140. 				addTokenAuthHeader(req, userToken)

  141. 				MakeRequest(t, req, http.StatusBadRequest)

  142. 

  143. 				req = NewRequestWithBody(t, "POST", fmt.Sprintf("%s/blobs/uploads?digest=%s", url, blobDigest), bytes.NewReader(blobContent))

  144. 				addTokenAuthHeader(req, userToken)

  145. 				resp := MakeRequest(t, req, http.StatusCreated)

  146. 

  147. 				assert.Equal(t, fmt.Sprintf("/v2/%s/%s/blobs/%s", user.Name, image, blobDigest), resp.Header().Get("Location"))

  148. 				assert.Equal(t, blobDigest, resp.Header().Get("Docker-Content-Digest"))

  149. 

  150. 				pv, err := packages_model.GetInternalVersionByNameAndVersion(db.DefaultContext, user.ID, packages_model.TypeContainer, image, container_model.UploadVersion)

  151. 				assert.NoError(t, err)

  152. 

  153. 				pfs, err := packages_model.GetFilesByVersionID(db.DefaultContext, pv.ID)

  154. 				assert.NoError(t, err)

  155. 				assert.Len(t, pfs, 1)

  156. 

  157. 				pb, err := packages_model.GetBlobByID(db.DefaultContext, pfs[0].BlobID)

  158. 				assert.NoError(t, err)

  159. 				assert.EqualValues(t, len(blobContent), pb.Size)

  160. 			})

  161. 

  162. 			t.Run("UploadBlob/Chunked", func(t *testing.T) {

  163. 				defer PrintCurrentTest(t)()

  164. 

  165. 				req := NewRequest(t, "POST", fmt.Sprintf("%s/blobs/uploads", url))

  166. 				addTokenAuthHeader(req, userToken)

  167. 				resp := MakeRequest(t, req, http.StatusAccepted)

  168. 

  169. 				uuid := resp.Header().Get("Docker-Upload-Uuid")

  170. 				assert.NotEmpty(t, uuid)

  171. 

  172. 				pbu, err := packages_model.GetBlobUploadByID(db.DefaultContext, uuid)

  173. 				assert.NoError(t, err)

  174. 				assert.EqualValues(t, 0, pbu.BytesReceived)

  175. 

  176. 				uploadURL := resp.Header().Get("Location")

  177. 				assert.NotEmpty(t, uploadURL)

  178. 

  179. 				req = NewRequestWithBody(t, "PATCH", setting.AppURL+uploadURL[1:]+"000", bytes.NewReader(blobContent))

  180. 				addTokenAuthHeader(req, userToken)

  181. 				MakeRequest(t, req, http.StatusNotFound)

  182. 

  183. 				req = NewRequestWithBody(t, "PATCH", setting.AppURL+uploadURL[1:], bytes.NewReader(blobContent))

  184. 				addTokenAuthHeader(req, userToken)

  185. 

  186. 				req.Header.Set("Content-Range", "1-10")

  187. 				MakeRequest(t, req, http.StatusRequestedRangeNotSatisfiable)

  188. 

  189. 				contentRange := fmt.Sprintf("0-%d", len(blobContent)-1)

  190. 				req.Header.Set("Content-Range", contentRange)

  191. 				resp = MakeRequest(t, req, http.StatusAccepted)

  192. 

  193. 				assert.Equal(t, uuid, resp.Header().Get("Docker-Upload-Uuid"))

  194. 				assert.Equal(t, contentRange, resp.Header().Get("Range"))

  195. 

  196. 				pbu, err = packages_model.GetBlobUploadByID(db.DefaultContext, uuid)

  197. 				assert.NoError(t, err)

  198. 				assert.EqualValues(t, len(blobContent), pbu.BytesReceived)

  199. 

  200. 				uploadURL = resp.Header().Get("Location")

  201. 

  202. 				req = NewRequest(t, "PUT", fmt.Sprintf("%s?digest=%s", setting.AppURL+uploadURL[1:], blobDigest))

  203. 				addTokenAuthHeader(req, userToken)

  204. 				resp = MakeRequest(t, req, http.StatusCreated)

  205. 

  206. 				assert.Equal(t, fmt.Sprintf("/v2/%s/%s/blobs/%s", user.Name, image, blobDigest), resp.Header().Get("Location"))

  207. 				assert.Equal(t, blobDigest, resp.Header().Get("Docker-Content-Digest"))

  208. 			})

  209. 

  210. 			for _, tag := range tags {

  211. 				t.Run(fmt.Sprintf("[Tag:%s]", tag), func(t *testing.T) {

  212. 					t.Run("UploadManifest", func(t *testing.T) {

  213. 						defer PrintCurrentTest(t)()

  214. 

  215. 						req := NewRequestWithBody(t, "POST", fmt.Sprintf("%s/blobs/uploads?digest=%s", url, configDigest), strings.NewReader(configContent))

  216. 						addTokenAuthHeader(req, userToken)

  217. 						MakeRequest(t, req, http.StatusCreated)

  218. 

  219. 						req = NewRequestWithBody(t, "PUT", fmt.Sprintf("%s/manifests/%s", url, tag), strings.NewReader(manifestContent))

  220. 						addTokenAuthHeader(req, anonymousToken)

  221. 						req.Header.Set("Content-Type", oci.MediaTypeDockerManifest)

  222. 						MakeRequest(t, req, http.StatusUnauthorized)

  223. 

  224. 						req = NewRequestWithBody(t, "PUT", fmt.Sprintf("%s/manifests/%s", url, tag), strings.NewReader(manifestContent))

  225. 						addTokenAuthHeader(req, userToken)

  226. 						req.Header.Set("Content-Type", oci.MediaTypeDockerManifest)

  227. 						resp := MakeRequest(t, req, http.StatusCreated)

  228. 

  229. 						assert.Equal(t, manifestDigest, resp.Header().Get("Docker-Content-Digest"))

  230. 

  231. 						pv, err := packages_model.GetVersionByNameAndVersion(db.DefaultContext, user.ID, packages_model.TypeContainer, image, tag)

  232. 						assert.NoError(t, err)

  233. 

  234. 						pd, err := packages_model.GetPackageDescriptor(db.DefaultContext, pv)

  235. 						assert.NoError(t, err)

  236. 						assert.Nil(t, pd.SemVer)

  237. 						assert.Equal(t, image, pd.Package.Name)

  238. 						assert.Equal(t, tag, pd.Version.Version)

  239. 						assert.True(t, has(pd.Properties, container_module.PropertyManifestTagged))

  240. 

  241. 						assert.IsType(t, &container_module.Metadata{}, pd.Metadata)

  242. 						metadata := pd.Metadata.(*container_module.Metadata)

  243. 						assert.Equal(t, container_module.TypeOCI, metadata.Type)

  244. 						assert.Len(t, metadata.ImageLayers, 2)

  245. 						assert.Empty(t, metadata.MultiArch)

  246. 

  247. 						assert.Len(t, pd.Files, 3)

  248. 						for _, pfd := range pd.Files {

  249. 							switch pfd.File.Name {

  250. 							case container_model.ManifestFilename:

  251. 								assert.True(t, pfd.File.IsLead)

  252. 								assert.Equal(t, oci.MediaTypeDockerManifest, pfd.Properties.GetByName(container_module.PropertyMediaType))

  253. 								assert.Equal(t, manifestDigest, pfd.Properties.GetByName(container_module.PropertyDigest))

  254. 							case strings.Replace(configDigest, ":", "_", 1):

  255. 								assert.False(t, pfd.File.IsLead)

  256. 								assert.Equal(t, "application/vnd.docker.container.image.v1+json", pfd.Properties.GetByName(container_module.PropertyMediaType))

  257. 								assert.Equal(t, configDigest, pfd.Properties.GetByName(container_module.PropertyDigest))

  258. 							case strings.Replace(blobDigest, ":", "_", 1):

  259. 								assert.False(t, pfd.File.IsLead)

  260. 								assert.Equal(t, "application/vnd.docker.image.rootfs.diff.tar.gzip", pfd.Properties.GetByName(container_module.PropertyMediaType))

  261. 								assert.Equal(t, blobDigest, pfd.Properties.GetByName(container_module.PropertyDigest))

  262. 							default:

  263. 								assert.Fail(t, "unknown file: %s", pfd.File.Name)

  264. 							}

  265. 						}

  266. 

  267. 						// Overwrite existing tag

  268. 						req = NewRequestWithBody(t, "PUT", fmt.Sprintf("%s/manifests/%s", url, tag), strings.NewReader(manifestContent))

  269. 						addTokenAuthHeader(req, userToken)

  270. 						req.Header.Set("Content-Type", oci.MediaTypeDockerManifest)

  271. 						MakeRequest(t, req, http.StatusCreated)

  272. 					})

  273. 

  274. 					t.Run("HeadManifest", func(t *testing.T) {

  275. 						defer PrintCurrentTest(t)()

  276. 

  277. 						req := NewRequest(t, "HEAD", fmt.Sprintf("%s/manifests/unknown-tag", url))

  278. 						addTokenAuthHeader(req, userToken)

  279. 						MakeRequest(t, req, http.StatusNotFound)

  280. 

  281. 						req = NewRequest(t, "HEAD", fmt.Sprintf("%s/manifests/%s", url, tag))

  282. 						addTokenAuthHeader(req, userToken)

  283. 						resp := MakeRequest(t, req, http.StatusOK)

  284. 

  285. 						assert.Equal(t, fmt.Sprintf("%d", len(manifestContent)), resp.Header().Get("Content-Length"))

  286. 						assert.Equal(t, manifestDigest, resp.Header().Get("Docker-Content-Digest"))

  287. 					})

  288. 

  289. 					t.Run("GetManifest", func(t *testing.T) {

  290. 						defer PrintCurrentTest(t)()

  291. 

  292. 						req := NewRequest(t, "GET", fmt.Sprintf("%s/manifests/unknown-tag", url))

  293. 						addTokenAuthHeader(req, userToken)

  294. 						MakeRequest(t, req, http.StatusNotFound)

  295. 

  296. 						req = NewRequest(t, "GET", fmt.Sprintf("%s/manifests/%s", url, tag))

  297. 						addTokenAuthHeader(req, userToken)

  298. 						resp := MakeRequest(t, req, http.StatusOK)

  299. 

  300. 						assert.Equal(t, fmt.Sprintf("%d", len(manifestContent)), resp.Header().Get("Content-Length"))

  301. 						assert.Equal(t, oci.MediaTypeDockerManifest, resp.Header().Get("Content-Type"))

  302. 						assert.Equal(t, manifestDigest, resp.Header().Get("Docker-Content-Digest"))

  303. 						assert.Equal(t, manifestContent, resp.Body.String())

  304. 					})

  305. 				})

  306. 			}

  307. 

  308. 			t.Run("UploadUntaggedManifest", func(t *testing.T) {

  309. 				defer PrintCurrentTest(t)()

  310. 

  311. 				req := NewRequestWithBody(t, "PUT", fmt.Sprintf("%s/manifests/%s", url, untaggedManifestDigest), strings.NewReader(untaggedManifestContent))

  312. 				addTokenAuthHeader(req, userToken)

  313. 				req.Header.Set("Content-Type", oci.MediaTypeImageManifest)

  314. 				resp := MakeRequest(t, req, http.StatusCreated)

  315. 

  316. 				assert.Equal(t, untaggedManifestDigest, resp.Header().Get("Docker-Content-Digest"))

  317. 

  318. 				req = NewRequest(t, "HEAD", fmt.Sprintf("%s/manifests/%s", url, untaggedManifestDigest))

  319. 				addTokenAuthHeader(req, userToken)

  320. 				resp = MakeRequest(t, req, http.StatusOK)

  321. 

  322. 				assert.Equal(t, fmt.Sprintf("%d", len(untaggedManifestContent)), resp.Header().Get("Content-Length"))

  323. 				assert.Equal(t, untaggedManifestDigest, resp.Header().Get("Docker-Content-Digest"))

  324. 

  325. 				pv, err := packages_model.GetVersionByNameAndVersion(db.DefaultContext, user.ID, packages_model.TypeContainer, image, untaggedManifestDigest)

  326. 				assert.NoError(t, err)

  327. 

  328. 				pd, err := packages_model.GetPackageDescriptor(db.DefaultContext, pv)

  329. 				assert.NoError(t, err)

  330. 				assert.Nil(t, pd.SemVer)

  331. 				assert.Equal(t, image, pd.Package.Name)

  332. 				assert.Equal(t, untaggedManifestDigest, pd.Version.Version)

  333. 				assert.False(t, has(pd.Properties, container_module.PropertyManifestTagged))

  334. 

  335. 				assert.IsType(t, &container_module.Metadata{}, pd.Metadata)

  336. 

  337. 				assert.Len(t, pd.Files, 3)

  338. 				for _, pfd := range pd.Files {

  339. 					if pfd.File.Name == container_model.ManifestFilename {

  340. 						assert.True(t, pfd.File.IsLead)

  341. 						assert.Equal(t, oci.MediaTypeImageManifest, pfd.Properties.GetByName(container_module.PropertyMediaType))

  342. 						assert.Equal(t, untaggedManifestDigest, pfd.Properties.GetByName(container_module.PropertyDigest))

  343. 					}

  344. 				}

  345. 			})

  346. 

  347. 			t.Run("UploadIndexManifest", func(t *testing.T) {

  348. 				defer PrintCurrentTest(t)()

  349. 

  350. 				req := NewRequestWithBody(t, "PUT", fmt.Sprintf("%s/manifests/%s", url, multiTag), strings.NewReader(indexManifestContent))

  351. 				addTokenAuthHeader(req, userToken)

  352. 				req.Header.Set("Content-Type", oci.MediaTypeImageIndex)

  353. 				resp := MakeRequest(t, req, http.StatusCreated)

  354. 

  355. 				assert.Equal(t, indexManifestDigest, resp.Header().Get("Docker-Content-Digest"))

  356. 

  357. 				pv, err := packages_model.GetVersionByNameAndVersion(db.DefaultContext, user.ID, packages_model.TypeContainer, image, multiTag)

  358. 				assert.NoError(t, err)

  359. 

  360. 				pd, err := packages_model.GetPackageDescriptor(db.DefaultContext, pv)

  361. 				assert.NoError(t, err)

  362. 				assert.Nil(t, pd.SemVer)

  363. 				assert.Equal(t, image, pd.Package.Name)

  364. 				assert.Equal(t, multiTag, pd.Version.Version)

  365. 				assert.True(t, has(pd.Properties, container_module.PropertyManifestTagged))

  366. 

  367. 				getAllByName := func(l packages_model.PackagePropertyList, name string) []string {

  368. 					values := make([]string, 0, len(l))

  369. 					for _, pp := range l {

  370. 						if pp.Name == name {

  371. 							values = append(values, pp.Value)

  372. 						}

  373. 					}

  374. 					return values

  375. 				}

  376. 				assert.ElementsMatch(t, []string{manifestDigest, untaggedManifestDigest}, getAllByName(pd.Properties, container_module.PropertyManifestReference))

  377. 

  378. 				assert.IsType(t, &container_module.Metadata{}, pd.Metadata)

  379. 				metadata := pd.Metadata.(*container_module.Metadata)

  380. 				assert.Equal(t, container_module.TypeOCI, metadata.Type)

  381. 				assert.Contains(t, metadata.MultiArch, "linux/arm/v7")

  382. 				assert.Equal(t, manifestDigest, metadata.MultiArch["linux/arm/v7"])

  383. 				assert.Contains(t, metadata.MultiArch, "linux/arm64/v8")

  384. 				assert.Equal(t, untaggedManifestDigest, metadata.MultiArch["linux/arm64/v8"])

  385. 

  386. 				assert.Len(t, pd.Files, 1)

  387. 				assert.True(t, pd.Files[0].File.IsLead)

  388. 				assert.Equal(t, oci.MediaTypeImageIndex, pd.Files[0].Properties.GetByName(container_module.PropertyMediaType))

  389. 				assert.Equal(t, indexManifestDigest, pd.Files[0].Properties.GetByName(container_module.PropertyDigest))

  390. 			})

  391. 

  392. 			t.Run("UploadBlob/Mount", func(t *testing.T) {

  393. 				defer PrintCurrentTest(t)()

  394. 

  395. 				req := NewRequest(t, "POST", fmt.Sprintf("%s/blobs/uploads?mount=%s", url, unknownDigest))

  396. 				addTokenAuthHeader(req, userToken)

  397. 				MakeRequest(t, req, http.StatusAccepted)

  398. 

  399. 				req = NewRequest(t, "POST", fmt.Sprintf("%s/blobs/uploads?mount=%s", url, blobDigest))

  400. 				addTokenAuthHeader(req, userToken)

  401. 				resp := MakeRequest(t, req, http.StatusCreated)

  402. 

  403. 				assert.Equal(t, fmt.Sprintf("/v2/%s/%s/blobs/%s", user.Name, image, blobDigest), resp.Header().Get("Location"))

  404. 				assert.Equal(t, blobDigest, resp.Header().Get("Docker-Content-Digest"))

  405. 			})

  406. 

  407. 			t.Run("HeadBlob", func(t *testing.T) {

  408. 				defer PrintCurrentTest(t)()

  409. 

  410. 				req := NewRequest(t, "HEAD", fmt.Sprintf("%s/blobs/%s", url, unknownDigest))

  411. 				addTokenAuthHeader(req, userToken)

  412. 				MakeRequest(t, req, http.StatusNotFound)

  413. 

  414. 				req = NewRequest(t, "HEAD", fmt.Sprintf("%s/blobs/%s", url, blobDigest))

  415. 				addTokenAuthHeader(req, userToken)

  416. 				resp := MakeRequest(t, req, http.StatusOK)

  417. 

  418. 				assert.Equal(t, fmt.Sprintf("%d", len(blobContent)), resp.Header().Get("Content-Length"))

  419. 				assert.Equal(t, blobDigest, resp.Header().Get("Docker-Content-Digest"))

  420. 			})

  421. 

  422. 			t.Run("GetBlob", func(t *testing.T) {

  423. 				defer PrintCurrentTest(t)()

  424. 

  425. 				req := NewRequest(t, "GET", fmt.Sprintf("%s/blobs/%s", url, unknownDigest))

  426. 				addTokenAuthHeader(req, userToken)

  427. 				MakeRequest(t, req, http.StatusNotFound)

  428. 

  429. 				req = NewRequest(t, "GET", fmt.Sprintf("%s/blobs/%s", url, blobDigest))

  430. 				addTokenAuthHeader(req, userToken)

  431. 				resp := MakeRequest(t, req, http.StatusOK)

  432. 

  433. 				assert.Equal(t, fmt.Sprintf("%d", len(blobContent)), resp.Header().Get("Content-Length"))

  434. 				assert.Equal(t, blobDigest, resp.Header().Get("Docker-Content-Digest"))

  435. 				assert.Equal(t, blobContent, resp.Body.Bytes())

  436. 			})

  437. 

  438. 			t.Run("GetTagList", func(t *testing.T) {

  439. 				defer PrintCurrentTest(t)()

  440. 

  441. 				cases := []struct {

  442. 					URL          string

  443. 					ExpectedTags []string

  444. 					ExpectedLink string

  445. 				}{

  446. 					{

  447. 						URL:          fmt.Sprintf("%s/tags/list", url),

  448. 						ExpectedTags: []string{"latest", "main", "multi"},

  449. 						ExpectedLink: fmt.Sprintf(`</v2/%s/%s/tags/list?last=multi>; rel="next"`, user.Name, image),

  450. 					},

  451. 					{

  452. 						URL:          fmt.Sprintf("%s/tags/list?n=0", url),

  453. 						ExpectedTags: []string{},

  454. 						ExpectedLink: "",

  455. 					},

  456. 					{

  457. 						URL:          fmt.Sprintf("%s/tags/list?n=2", url),

  458. 						ExpectedTags: []string{"latest", "main"},

  459. 						ExpectedLink: fmt.Sprintf(`</v2/%s/%s/tags/list?last=main&n=2>; rel="next"`, user.Name, image),

  460. 					},

  461. 					{

  462. 						URL:          fmt.Sprintf("%s/tags/list?last=main", url),

  463. 						ExpectedTags: []string{"multi"},

  464. 						ExpectedLink: fmt.Sprintf(`</v2/%s/%s/tags/list?last=multi>; rel="next"`, user.Name, image),

  465. 					},

  466. 					{

  467. 						URL:          fmt.Sprintf("%s/tags/list?n=1&last=latest", url),

  468. 						ExpectedTags: []string{"main"},

  469. 						ExpectedLink: fmt.Sprintf(`</v2/%s/%s/tags/list?last=main&n=1>; rel="next"`, user.Name, image),

  470. 					},

  471. 				}

  472. 

  473. 				for _, c := range cases {

  474. 					req := NewRequest(t, "GET", c.URL)

  475. 					addTokenAuthHeader(req, userToken)

  476. 					resp := MakeRequest(t, req, http.StatusOK)

  477. 

  478. 					type TagList struct {

  479. 						Name string   `json:"name"`

  480. 						Tags []string `json:"tags"`

  481. 					}

  482. 

  483. 					tagList := &TagList{}

  484. 					DecodeJSON(t, resp, &tagList)

  485. 

  486. 					assert.Equal(t, user.Name+"/"+image, tagList.Name)

  487. 					assert.Equal(t, c.ExpectedTags, tagList.Tags)

  488. 					assert.Equal(t, c.ExpectedLink, resp.Header().Get("Link"))

  489. 				}

  490. 			})

  491. 

  492. 			t.Run("Delete", func(t *testing.T) {

  493. 				t.Run("Blob", func(t *testing.T) {

  494. 					defer PrintCurrentTest(t)()

  495. 

  496. 					req := NewRequest(t, "DELETE", fmt.Sprintf("%s/blobs/%s", url, blobDigest))

  497. 					addTokenAuthHeader(req, userToken)

  498. 					MakeRequest(t, req, http.StatusAccepted)

  499. 

  500. 					req = NewRequest(t, "HEAD", fmt.Sprintf("%s/blobs/%s", url, blobDigest))

  501. 					addTokenAuthHeader(req, userToken)

  502. 					MakeRequest(t, req, http.StatusNotFound)

  503. 				})

  504. 

  505. 				t.Run("ManifestByDigest", func(t *testing.T) {

  506. 					defer PrintCurrentTest(t)()

  507. 

  508. 					req := NewRequest(t, "DELETE", fmt.Sprintf("%s/manifests/%s", url, untaggedManifestDigest))

  509. 					addTokenAuthHeader(req, userToken)

  510. 					MakeRequest(t, req, http.StatusAccepted)

  511. 

  512. 					req = NewRequest(t, "HEAD", fmt.Sprintf("%s/manifests/%s", url, untaggedManifestDigest))

  513. 					addTokenAuthHeader(req, userToken)

  514. 					MakeRequest(t, req, http.StatusNotFound)

  515. 				})

  516. 

  517. 				t.Run("ManifestByTag", func(t *testing.T) {

  518. 					defer PrintCurrentTest(t)()

  519. 

  520. 					req := NewRequest(t, "DELETE", fmt.Sprintf("%s/manifests/%s", url, multiTag))

  521. 					addTokenAuthHeader(req, userToken)

  522. 					MakeRequest(t, req, http.StatusAccepted)

  523. 

  524. 					req = NewRequest(t, "HEAD", fmt.Sprintf("%s/manifests/%s", url, multiTag))

  525. 					addTokenAuthHeader(req, userToken)

  526. 					MakeRequest(t, req, http.StatusNotFound)

  527. 				})

  528. 			})

  529. 		})

  530. 	}

  531. }