mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 211 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
13580 Commits
17 Branches
Tree: a3d55ac523
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'a3d55ac523'
${ noResults }
gitea/integrations/api_packages_container_test.go

api_packages_container_test.go 23KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539 
  1. // Copyright 2022 The Gitea Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package integrations

  6. 

  7. import (

  8. 	"bytes"

  9. 	"encoding/base64"

  10. 	"fmt"

  11. 	"net/http"

  12. 	"strings"

  13. 	"testing"

  14. 

  15. 	"code.gitea.io/gitea/models/db"

  16. 	packages_model "code.gitea.io/gitea/models/packages"

  17. 	container_model "code.gitea.io/gitea/models/packages/container"

  18. 	"code.gitea.io/gitea/models/unittest"

  19. 	user_model "code.gitea.io/gitea/models/user"

  20. 	container_module "code.gitea.io/gitea/modules/packages/container"

  21. 	"code.gitea.io/gitea/modules/packages/container/oci"

  22. 	"code.gitea.io/gitea/modules/setting"

  23. 	api "code.gitea.io/gitea/modules/structs"

  24. 

  25. 	"github.com/stretchr/testify/assert"

  26. )

  27. 

  28. func TestPackageContainer(t *testing.T) {

  29. 	defer prepareTestEnv(t)()

  30. 	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2}).(*user_model.User)

  31. 

  32. 	has := func(l packages_model.PackagePropertyList, name string) bool {

  33. 		for _, pp := range l {

  34. 			if pp.Name == name {

  35. 				return true

  36. 			}

  37. 		}

  38. 		return false

  39. 	}

  40. 

  41. 	images := []string{"test", "te/st"}

  42. 	tags := []string{"latest", "main"}

  43. 	multiTag := "multi"

  44. 

  45. 	unknownDigest := "sha256:0000000000000000000000000000000000000000000000000000000000000000"

  46. 

  47. 	blobDigest := "sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4"

  48. 	blobContent, _ := base64.StdEncoding.DecodeString(`H4sIAAAJbogA/2IYBaNgFIxYAAgAAP//Lq+17wAEAAA=`)

  49. 

  50. 	configDigest := "sha256:4607e093bec406eaadb6f3a340f63400c9d3a7038680744c406903766b938f0d"

  51. 	configContent := `{"architecture":"amd64","config":{"Env":["PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"],"Cmd":["/true"],"ArgsEscaped":true,"Image":"sha256:9bd8b88dc68b80cffe126cc820e4b52c6e558eb3b37680bfee8e5f3ed7b8c257"},"container":"b89fe92a887d55c0961f02bdfbfd8ac3ddf66167db374770d2d9e9fab3311510","container_config":{"Hostname":"b89fe92a887d","Env":["PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"],"Cmd":["/bin/sh","-c","#(nop) ","CMD [\"/true\"]"],"ArgsEscaped":true,"Image":"sha256:9bd8b88dc68b80cffe126cc820e4b52c6e558eb3b37680bfee8e5f3ed7b8c257"},"created":"2022-01-01T00:00:00.000000000Z","docker_version":"20.10.12","history":[{"created":"2022-01-01T00:00:00.000000000Z","created_by":"/bin/sh -c #(nop) COPY file:0e7589b0c800daaf6fa460d2677101e4676dd9491980210cb345480e513f3602 in /true "},{"created":"2022-01-01T00:00:00.000000001Z","created_by":"/bin/sh -c #(nop)  CMD [\"/true\"]","empty_layer":true}],"os":"linux","rootfs":{"type":"layers","diff_ids":["sha256:0ff3b91bdf21ecdf2f2f3d4372c2098a14dbe06cd678e8f0a85fd4902d00e2e2"]}}`

  52. 

  53. 	manifestDigest := "sha256:4f10484d1c1bb13e3956b4de1cd42db8e0f14a75be1617b60f2de3cd59c803c6"

  54. 	manifestContent := `{"schemaVersion":2,"mediaType":"` + oci.MediaTypeDockerManifest + `","config":{"mediaType":"application/vnd.docker.container.image.v1+json","digest":"sha256:4607e093bec406eaadb6f3a340f63400c9d3a7038680744c406903766b938f0d","size":1069},"layers":[{"mediaType":"application/vnd.docker.image.rootfs.diff.tar.gzip","digest":"sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4","size":32}]}`

  55. 

  56. 	untaggedManifestDigest := "sha256:4305f5f5572b9a426b88909b036e52ee3cf3d7b9c1b01fac840e90747f56623d"

  57. 	untaggedManifestContent := `{"schemaVersion":2,"mediaType":"` + oci.MediaTypeImageManifest + `","config":{"mediaType":"application/vnd.docker.container.image.v1+json","digest":"sha256:4607e093bec406eaadb6f3a340f63400c9d3a7038680744c406903766b938f0d","size":1069},"layers":[{"mediaType":"application/vnd.docker.image.rootfs.diff.tar.gzip","digest":"sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4","size":32}]}`

  58. 

  59. 	indexManifestDigest := "sha256:bab112d6efb9e7f221995caaaa880352feb5bd8b1faf52fae8d12c113aa123ec"

  60. 	indexManifestContent := `{"schemaVersion":2,"mediaType":"` + oci.MediaTypeImageIndex + `","manifests":[{"mediaType":"` + oci.MediaTypeDockerManifest + `","digest":"` + manifestDigest + `","platform":{"os":"linux","architecture":"arm","variant":"v7"}},{"mediaType":"` + oci.MediaTypeImageManifest + `","digest":"` + untaggedManifestDigest + `","platform":{"os":"linux","architecture":"arm64","variant":"v8"}}]}`

  61. 

  62. 	anonymousToken := ""

  63. 	userToken := ""

  64. 

  65. 	t.Run("Authenticate", func(t *testing.T) {

  66. 		type TokenResponse struct {

  67. 			Token string `json:"token"`

  68. 		}

  69. 

  70. 		authenticate := []string{`Bearer realm="` + setting.AppURL + `v2/token"`}

  71. 

  72. 		t.Run("Anonymous", func(t *testing.T) {

  73. 			defer PrintCurrentTest(t)()

  74. 

  75. 			req := NewRequest(t, "GET", fmt.Sprintf("%sv2", setting.AppURL))

  76. 			resp := MakeRequest(t, req, http.StatusUnauthorized)

  77. 

  78. 			assert.ElementsMatch(t, authenticate, resp.Header().Values("WWW-Authenticate"))

  79. 

  80. 			req = NewRequest(t, "GET", fmt.Sprintf("%sv2/token", setting.AppURL))

  81. 			resp = MakeRequest(t, req, http.StatusOK)

  82. 

  83. 			tokenResponse := &TokenResponse{}

  84. 			DecodeJSON(t, resp, &tokenResponse)

  85. 

  86. 			assert.NotEmpty(t, tokenResponse.Token)

  87. 

  88. 			anonymousToken = fmt.Sprintf("Bearer %s", tokenResponse.Token)

  89. 

  90. 			req = NewRequest(t, "GET", fmt.Sprintf("%sv2", setting.AppURL))

  91. 			addTokenAuthHeader(req, anonymousToken)

  92. 			MakeRequest(t, req, http.StatusOK)

  93. 		})

  94. 

  95. 		t.Run("User", func(t *testing.T) {

  96. 			defer PrintCurrentTest(t)()

  97. 

  98. 			req := NewRequest(t, "GET", fmt.Sprintf("%sv2", setting.AppURL))

  99. 			resp := MakeRequest(t, req, http.StatusUnauthorized)

  100. 

  101. 			assert.ElementsMatch(t, authenticate, resp.Header().Values("WWW-Authenticate"))

  102. 

  103. 			req = NewRequest(t, "GET", fmt.Sprintf("%sv2/token", setting.AppURL))

  104. 			req = AddBasicAuthHeader(req, user.Name)

  105. 			resp = MakeRequest(t, req, http.StatusOK)

  106. 

  107. 			tokenResponse := &TokenResponse{}

  108. 			DecodeJSON(t, resp, &tokenResponse)

  109. 

  110. 			assert.NotEmpty(t, tokenResponse.Token)

  111. 

  112. 			userToken = fmt.Sprintf("Bearer %s", tokenResponse.Token)

  113. 

  114. 			req = NewRequest(t, "GET", fmt.Sprintf("%sv2", setting.AppURL))

  115. 			addTokenAuthHeader(req, userToken)

  116. 			MakeRequest(t, req, http.StatusOK)

  117. 		})

  118. 	})

  119. 

  120. 	t.Run("DetermineSupport", func(t *testing.T) {

  121. 		defer PrintCurrentTest(t)()

  122. 

  123. 		req := NewRequest(t, "GET", fmt.Sprintf("%sv2", setting.AppURL))

  124. 		addTokenAuthHeader(req, userToken)

  125. 		resp := MakeRequest(t, req, http.StatusOK)

  126. 		assert.Equal(t, "registry/2.0", resp.Header().Get("Docker-Distribution-Api-Version"))

  127. 	})

  128. 

  129. 	for _, image := range images {

  130. 		t.Run(fmt.Sprintf("[Image:%s]", image), func(t *testing.T) {

  131. 			url := fmt.Sprintf("%sv2/%s/%s", setting.AppURL, user.Name, image)

  132. 

  133. 			t.Run("UploadBlob/Monolithic", func(t *testing.T) {

  134. 				defer PrintCurrentTest(t)()

  135. 

  136. 				req := NewRequest(t, "POST", fmt.Sprintf("%s/blobs/uploads", url))

  137. 				addTokenAuthHeader(req, anonymousToken)

  138. 				MakeRequest(t, req, http.StatusUnauthorized)

  139. 

  140. 				req = NewRequestWithBody(t, "POST", fmt.Sprintf("%s/blobs/uploads?digest=%s", url, unknownDigest), bytes.NewReader(blobContent))

  141. 				addTokenAuthHeader(req, userToken)

  142. 				MakeRequest(t, req, http.StatusBadRequest)

  143. 

  144. 				req = NewRequestWithBody(t, "POST", fmt.Sprintf("%s/blobs/uploads?digest=%s", url, blobDigest), bytes.NewReader(blobContent))

  145. 				addTokenAuthHeader(req, userToken)

  146. 				resp := MakeRequest(t, req, http.StatusCreated)

  147. 

  148. 				assert.Equal(t, fmt.Sprintf("/v2/%s/%s/blobs/%s", user.Name, image, blobDigest), resp.Header().Get("Location"))

  149. 				assert.Equal(t, blobDigest, resp.Header().Get("Docker-Content-Digest"))

  150. 

  151. 				pv, err := packages_model.GetInternalVersionByNameAndVersion(db.DefaultContext, user.ID, packages_model.TypeContainer, image, container_model.UploadVersion)

  152. 				assert.NoError(t, err)

  153. 

  154. 				pfs, err := packages_model.GetFilesByVersionID(db.DefaultContext, pv.ID)

  155. 				assert.NoError(t, err)

  156. 				assert.Len(t, pfs, 1)

  157. 

  158. 				pb, err := packages_model.GetBlobByID(db.DefaultContext, pfs[0].BlobID)

  159. 				assert.NoError(t, err)

  160. 				assert.EqualValues(t, len(blobContent), pb.Size)

  161. 			})

  162. 

  163. 			t.Run("UploadBlob/Chunked", func(t *testing.T) {

  164. 				defer PrintCurrentTest(t)()

  165. 

  166. 				req := NewRequest(t, "POST", fmt.Sprintf("%s/blobs/uploads", url))

  167. 				addTokenAuthHeader(req, userToken)

  168. 				resp := MakeRequest(t, req, http.StatusAccepted)

  169. 

  170. 				uuid := resp.Header().Get("Docker-Upload-Uuid")

  171. 				assert.NotEmpty(t, uuid)

  172. 

  173. 				pbu, err := packages_model.GetBlobUploadByID(db.DefaultContext, uuid)

  174. 				assert.NoError(t, err)

  175. 				assert.EqualValues(t, 0, pbu.BytesReceived)

  176. 

  177. 				uploadURL := resp.Header().Get("Location")

  178. 				assert.NotEmpty(t, uploadURL)

  179. 

  180. 				req = NewRequestWithBody(t, "PATCH", setting.AppURL+uploadURL[1:]+"000", bytes.NewReader(blobContent))

  181. 				addTokenAuthHeader(req, userToken)

  182. 				MakeRequest(t, req, http.StatusNotFound)

  183. 

  184. 				req = NewRequestWithBody(t, "PATCH", setting.AppURL+uploadURL[1:], bytes.NewReader(blobContent))

  185. 				addTokenAuthHeader(req, userToken)

  186. 

  187. 				req.Header.Set("Content-Range", "1-10")

  188. 				MakeRequest(t, req, http.StatusRequestedRangeNotSatisfiable)

  189. 

  190. 				contentRange := fmt.Sprintf("0-%d", len(blobContent)-1)

  191. 				req.Header.Set("Content-Range", contentRange)

  192. 				resp = MakeRequest(t, req, http.StatusAccepted)

  193. 

  194. 				assert.Equal(t, uuid, resp.Header().Get("Docker-Upload-Uuid"))

  195. 				assert.Equal(t, contentRange, resp.Header().Get("Range"))

  196. 

  197. 				pbu, err = packages_model.GetBlobUploadByID(db.DefaultContext, uuid)

  198. 				assert.NoError(t, err)

  199. 				assert.EqualValues(t, len(blobContent), pbu.BytesReceived)

  200. 

  201. 				uploadURL = resp.Header().Get("Location")

  202. 

  203. 				req = NewRequest(t, "PUT", fmt.Sprintf("%s?digest=%s", setting.AppURL+uploadURL[1:], blobDigest))

  204. 				addTokenAuthHeader(req, userToken)

  205. 				resp = MakeRequest(t, req, http.StatusCreated)

  206. 

  207. 				assert.Equal(t, fmt.Sprintf("/v2/%s/%s/blobs/%s", user.Name, image, blobDigest), resp.Header().Get("Location"))

  208. 				assert.Equal(t, blobDigest, resp.Header().Get("Docker-Content-Digest"))

  209. 			})

  210. 

  211. 			for _, tag := range tags {

  212. 				t.Run(fmt.Sprintf("[Tag:%s]", tag), func(t *testing.T) {

  213. 					t.Run("UploadManifest", func(t *testing.T) {

  214. 						defer PrintCurrentTest(t)()

  215. 

  216. 						req := NewRequestWithBody(t, "POST", fmt.Sprintf("%s/blobs/uploads?digest=%s", url, configDigest), strings.NewReader(configContent))

  217. 						addTokenAuthHeader(req, userToken)

  218. 						MakeRequest(t, req, http.StatusCreated)

  219. 

  220. 						req = NewRequestWithBody(t, "PUT", fmt.Sprintf("%s/manifests/%s", url, tag), strings.NewReader(manifestContent))

  221. 						addTokenAuthHeader(req, anonymousToken)

  222. 						req.Header.Set("Content-Type", oci.MediaTypeDockerManifest)

  223. 						MakeRequest(t, req, http.StatusUnauthorized)

  224. 

  225. 						req = NewRequestWithBody(t, "PUT", fmt.Sprintf("%s/manifests/%s", url, tag), strings.NewReader(manifestContent))

  226. 						addTokenAuthHeader(req, userToken)

  227. 						req.Header.Set("Content-Type", oci.MediaTypeDockerManifest)

  228. 						resp := MakeRequest(t, req, http.StatusCreated)

  229. 

  230. 						assert.Equal(t, manifestDigest, resp.Header().Get("Docker-Content-Digest"))

  231. 

  232. 						pv, err := packages_model.GetVersionByNameAndVersion(db.DefaultContext, user.ID, packages_model.TypeContainer, image, tag)

  233. 						assert.NoError(t, err)

  234. 

  235. 						pd, err := packages_model.GetPackageDescriptor(db.DefaultContext, pv)

  236. 						assert.NoError(t, err)

  237. 						assert.Nil(t, pd.SemVer)

  238. 						assert.Equal(t, image, pd.Package.Name)

  239. 						assert.Equal(t, tag, pd.Version.Version)

  240. 						assert.True(t, has(pd.Properties, container_module.PropertyManifestTagged))

  241. 

  242. 						assert.IsType(t, &container_module.Metadata{}, pd.Metadata)

  243. 						metadata := pd.Metadata.(*container_module.Metadata)

  244. 						assert.Equal(t, container_module.TypeOCI, metadata.Type)

  245. 						assert.Len(t, metadata.ImageLayers, 2)

  246. 						assert.Empty(t, metadata.MultiArch)

  247. 

  248. 						assert.Len(t, pd.Files, 3)

  249. 						for _, pfd := range pd.Files {

  250. 							switch pfd.File.Name {

  251. 							case container_model.ManifestFilename:

  252. 								assert.True(t, pfd.File.IsLead)

  253. 								assert.Equal(t, oci.MediaTypeDockerManifest, pfd.Properties.GetByName(container_module.PropertyMediaType))

  254. 								assert.Equal(t, manifestDigest, pfd.Properties.GetByName(container_module.PropertyDigest))

  255. 							case strings.Replace(configDigest, ":", "_", 1):

  256. 								assert.False(t, pfd.File.IsLead)

  257. 								assert.Equal(t, "application/vnd.docker.container.image.v1+json", pfd.Properties.GetByName(container_module.PropertyMediaType))

  258. 								assert.Equal(t, configDigest, pfd.Properties.GetByName(container_module.PropertyDigest))

  259. 							case strings.Replace(blobDigest, ":", "_", 1):

  260. 								assert.False(t, pfd.File.IsLead)

  261. 								assert.Equal(t, "application/vnd.docker.image.rootfs.diff.tar.gzip", pfd.Properties.GetByName(container_module.PropertyMediaType))

  262. 								assert.Equal(t, blobDigest, pfd.Properties.GetByName(container_module.PropertyDigest))

  263. 							default:

  264. 								assert.Fail(t, "unknown file: %s", pfd.File.Name)

  265. 							}

  266. 						}

  267. 

  268. 						// Overwrite existing tag

  269. 						req = NewRequestWithBody(t, "PUT", fmt.Sprintf("%s/manifests/%s", url, tag), strings.NewReader(manifestContent))

  270. 						addTokenAuthHeader(req, userToken)

  271. 						req.Header.Set("Content-Type", oci.MediaTypeDockerManifest)

  272. 						MakeRequest(t, req, http.StatusCreated)

  273. 					})

  274. 

  275. 					t.Run("HeadManifest", func(t *testing.T) {

  276. 						defer PrintCurrentTest(t)()

  277. 

  278. 						req := NewRequest(t, "HEAD", fmt.Sprintf("%s/manifests/unknown-tag", url))

  279. 						addTokenAuthHeader(req, userToken)

  280. 						MakeRequest(t, req, http.StatusNotFound)

  281. 

  282. 						req = NewRequest(t, "HEAD", fmt.Sprintf("%s/manifests/%s", url, tag))

  283. 						addTokenAuthHeader(req, userToken)

  284. 						resp := MakeRequest(t, req, http.StatusOK)

  285. 

  286. 						assert.Equal(t, fmt.Sprintf("%d", len(manifestContent)), resp.Header().Get("Content-Length"))

  287. 						assert.Equal(t, manifestDigest, resp.Header().Get("Docker-Content-Digest"))

  288. 					})

  289. 

  290. 					t.Run("GetManifest", func(t *testing.T) {

  291. 						defer PrintCurrentTest(t)()

  292. 

  293. 						req := NewRequest(t, "GET", fmt.Sprintf("%s/manifests/unknown-tag", url))

  294. 						addTokenAuthHeader(req, userToken)

  295. 						MakeRequest(t, req, http.StatusNotFound)

  296. 

  297. 						req = NewRequest(t, "GET", fmt.Sprintf("%s/manifests/%s", url, tag))

  298. 						addTokenAuthHeader(req, userToken)

  299. 						resp := MakeRequest(t, req, http.StatusOK)

  300. 

  301. 						assert.Equal(t, fmt.Sprintf("%d", len(manifestContent)), resp.Header().Get("Content-Length"))

  302. 						assert.Equal(t, oci.MediaTypeDockerManifest, resp.Header().Get("Content-Type"))

  303. 						assert.Equal(t, manifestDigest, resp.Header().Get("Docker-Content-Digest"))

  304. 						assert.Equal(t, manifestContent, resp.Body.String())

  305. 					})

  306. 				})

  307. 			}

  308. 

  309. 			t.Run("UploadUntaggedManifest", func(t *testing.T) {

  310. 				defer PrintCurrentTest(t)()

  311. 

  312. 				req := NewRequestWithBody(t, "PUT", fmt.Sprintf("%s/manifests/%s", url, untaggedManifestDigest), strings.NewReader(untaggedManifestContent))

  313. 				addTokenAuthHeader(req, userToken)

  314. 				req.Header.Set("Content-Type", oci.MediaTypeImageManifest)

  315. 				resp := MakeRequest(t, req, http.StatusCreated)

  316. 

  317. 				assert.Equal(t, untaggedManifestDigest, resp.Header().Get("Docker-Content-Digest"))

  318. 

  319. 				req = NewRequest(t, "HEAD", fmt.Sprintf("%s/manifests/%s", url, untaggedManifestDigest))

  320. 				addTokenAuthHeader(req, userToken)

  321. 				resp = MakeRequest(t, req, http.StatusOK)

  322. 

  323. 				assert.Equal(t, fmt.Sprintf("%d", len(untaggedManifestContent)), resp.Header().Get("Content-Length"))

  324. 				assert.Equal(t, untaggedManifestDigest, resp.Header().Get("Docker-Content-Digest"))

  325. 

  326. 				pv, err := packages_model.GetVersionByNameAndVersion(db.DefaultContext, user.ID, packages_model.TypeContainer, image, untaggedManifestDigest)

  327. 				assert.NoError(t, err)

  328. 

  329. 				pd, err := packages_model.GetPackageDescriptor(db.DefaultContext, pv)

  330. 				assert.NoError(t, err)

  331. 				assert.Nil(t, pd.SemVer)

  332. 				assert.Equal(t, image, pd.Package.Name)

  333. 				assert.Equal(t, untaggedManifestDigest, pd.Version.Version)

  334. 				assert.False(t, has(pd.Properties, container_module.PropertyManifestTagged))

  335. 

  336. 				assert.IsType(t, &container_module.Metadata{}, pd.Metadata)

  337. 

  338. 				assert.Len(t, pd.Files, 3)

  339. 				for _, pfd := range pd.Files {

  340. 					if pfd.File.Name == container_model.ManifestFilename {

  341. 						assert.True(t, pfd.File.IsLead)

  342. 						assert.Equal(t, oci.MediaTypeImageManifest, pfd.Properties.GetByName(container_module.PropertyMediaType))

  343. 						assert.Equal(t, untaggedManifestDigest, pfd.Properties.GetByName(container_module.PropertyDigest))

  344. 					}

  345. 				}

  346. 			})

  347. 

  348. 			t.Run("UploadIndexManifest", func(t *testing.T) {

  349. 				defer PrintCurrentTest(t)()

  350. 

  351. 				req := NewRequestWithBody(t, "PUT", fmt.Sprintf("%s/manifests/%s", url, multiTag), strings.NewReader(indexManifestContent))

  352. 				addTokenAuthHeader(req, userToken)

  353. 				req.Header.Set("Content-Type", oci.MediaTypeImageIndex)

  354. 				resp := MakeRequest(t, req, http.StatusCreated)

  355. 

  356. 				assert.Equal(t, indexManifestDigest, resp.Header().Get("Docker-Content-Digest"))

  357. 

  358. 				pv, err := packages_model.GetVersionByNameAndVersion(db.DefaultContext, user.ID, packages_model.TypeContainer, image, multiTag)

  359. 				assert.NoError(t, err)

  360. 

  361. 				pd, err := packages_model.GetPackageDescriptor(db.DefaultContext, pv)

  362. 				assert.NoError(t, err)

  363. 				assert.Nil(t, pd.SemVer)

  364. 				assert.Equal(t, image, pd.Package.Name)

  365. 				assert.Equal(t, multiTag, pd.Version.Version)

  366. 				assert.True(t, has(pd.Properties, container_module.PropertyManifestTagged))

  367. 

  368. 				getAllByName := func(l packages_model.PackagePropertyList, name string) []string {

  369. 					values := make([]string, 0, len(l))

  370. 					for _, pp := range l {

  371. 						if pp.Name == name {

  372. 							values = append(values, pp.Value)

  373. 						}

  374. 					}

  375. 					return values

  376. 				}

  377. 				assert.ElementsMatch(t, []string{manifestDigest, untaggedManifestDigest}, getAllByName(pd.Properties, container_module.PropertyManifestReference))

  378. 

  379. 				assert.IsType(t, &container_module.Metadata{}, pd.Metadata)

  380. 				metadata := pd.Metadata.(*container_module.Metadata)

  381. 				assert.Equal(t, container_module.TypeOCI, metadata.Type)

  382. 				assert.Contains(t, metadata.MultiArch, "linux/arm/v7")

  383. 				assert.Equal(t, manifestDigest, metadata.MultiArch["linux/arm/v7"])

  384. 				assert.Contains(t, metadata.MultiArch, "linux/arm64/v8")

  385. 				assert.Equal(t, untaggedManifestDigest, metadata.MultiArch["linux/arm64/v8"])

  386. 

  387. 				assert.Len(t, pd.Files, 1)

  388. 				assert.True(t, pd.Files[0].File.IsLead)

  389. 				assert.Equal(t, oci.MediaTypeImageIndex, pd.Files[0].Properties.GetByName(container_module.PropertyMediaType))

  390. 				assert.Equal(t, indexManifestDigest, pd.Files[0].Properties.GetByName(container_module.PropertyDigest))

  391. 			})

  392. 

  393. 			t.Run("UploadBlob/Mount", func(t *testing.T) {

  394. 				defer PrintCurrentTest(t)()

  395. 

  396. 				req := NewRequest(t, "POST", fmt.Sprintf("%s/blobs/uploads?mount=%s", url, unknownDigest))

  397. 				addTokenAuthHeader(req, userToken)

  398. 				MakeRequest(t, req, http.StatusAccepted)

  399. 

  400. 				req = NewRequest(t, "POST", fmt.Sprintf("%s/blobs/uploads?mount=%s", url, blobDigest))

  401. 				addTokenAuthHeader(req, userToken)

  402. 				resp := MakeRequest(t, req, http.StatusCreated)

  403. 

  404. 				assert.Equal(t, fmt.Sprintf("/v2/%s/%s/blobs/%s", user.Name, image, blobDigest), resp.Header().Get("Location"))

  405. 				assert.Equal(t, blobDigest, resp.Header().Get("Docker-Content-Digest"))

  406. 			})

  407. 

  408. 			t.Run("HeadBlob", func(t *testing.T) {

  409. 				defer PrintCurrentTest(t)()

  410. 

  411. 				req := NewRequest(t, "HEAD", fmt.Sprintf("%s/blobs/%s", url, unknownDigest))

  412. 				addTokenAuthHeader(req, userToken)

  413. 				MakeRequest(t, req, http.StatusNotFound)

  414. 

  415. 				req = NewRequest(t, "HEAD", fmt.Sprintf("%s/blobs/%s", url, blobDigest))

  416. 				addTokenAuthHeader(req, userToken)

  417. 				resp := MakeRequest(t, req, http.StatusOK)

  418. 

  419. 				assert.Equal(t, fmt.Sprintf("%d", len(blobContent)), resp.Header().Get("Content-Length"))

  420. 				assert.Equal(t, blobDigest, resp.Header().Get("Docker-Content-Digest"))

  421. 			})

  422. 

  423. 			t.Run("GetBlob", func(t *testing.T) {

  424. 				defer PrintCurrentTest(t)()

  425. 

  426. 				req := NewRequest(t, "GET", fmt.Sprintf("%s/blobs/%s", url, unknownDigest))

  427. 				addTokenAuthHeader(req, userToken)

  428. 				MakeRequest(t, req, http.StatusNotFound)

  429. 

  430. 				req = NewRequest(t, "GET", fmt.Sprintf("%s/blobs/%s", url, blobDigest))

  431. 				addTokenAuthHeader(req, userToken)

  432. 				resp := MakeRequest(t, req, http.StatusOK)

  433. 

  434. 				assert.Equal(t, fmt.Sprintf("%d", len(blobContent)), resp.Header().Get("Content-Length"))

  435. 				assert.Equal(t, blobDigest, resp.Header().Get("Docker-Content-Digest"))

  436. 				assert.Equal(t, blobContent, resp.Body.Bytes())

  437. 			})

  438. 

  439. 			t.Run("GetTagList", func(t *testing.T) {

  440. 				defer PrintCurrentTest(t)()

  441. 

  442. 				cases := []struct {

  443. 					URL          string

  444. 					ExpectedTags []string

  445. 					ExpectedLink string

  446. 				}{

  447. 					{

  448. 						URL:          fmt.Sprintf("%s/tags/list", url),

  449. 						ExpectedTags: []string{"latest", "main", "multi"},

  450. 						ExpectedLink: fmt.Sprintf(`</v2/%s/%s/tags/list?last=multi>; rel="next"`, user.Name, image),

  451. 					},

  452. 					{

  453. 						URL:          fmt.Sprintf("%s/tags/list?n=0", url),

  454. 						ExpectedTags: []string{},

  455. 						ExpectedLink: "",

  456. 					},

  457. 					{

  458. 						URL:          fmt.Sprintf("%s/tags/list?n=2", url),

  459. 						ExpectedTags: []string{"latest", "main"},

  460. 						ExpectedLink: fmt.Sprintf(`</v2/%s/%s/tags/list?last=main&n=2>; rel="next"`, user.Name, image),

  461. 					},

  462. 					{

  463. 						URL:          fmt.Sprintf("%s/tags/list?last=main", url),

  464. 						ExpectedTags: []string{"multi"},

  465. 						ExpectedLink: fmt.Sprintf(`</v2/%s/%s/tags/list?last=multi>; rel="next"`, user.Name, image),

  466. 					},

  467. 					{

  468. 						URL:          fmt.Sprintf("%s/tags/list?n=1&last=latest", url),

  469. 						ExpectedTags: []string{"main"},

  470. 						ExpectedLink: fmt.Sprintf(`</v2/%s/%s/tags/list?last=main&n=1>; rel="next"`, user.Name, image),

  471. 					},

  472. 				}

  473. 

  474. 				for _, c := range cases {

  475. 					req := NewRequest(t, "GET", c.URL)

  476. 					addTokenAuthHeader(req, userToken)

  477. 					resp := MakeRequest(t, req, http.StatusOK)

  478. 

  479. 					type TagList struct {

  480. 						Name string   `json:"name"`

  481. 						Tags []string `json:"tags"`

  482. 					}

  483. 

  484. 					tagList := &TagList{}

  485. 					DecodeJSON(t, resp, &tagList)

  486. 

  487. 					assert.Equal(t, user.Name+"/"+image, tagList.Name)

  488. 					assert.Equal(t, c.ExpectedTags, tagList.Tags)

  489. 					assert.Equal(t, c.ExpectedLink, resp.Header().Get("Link"))

  490. 				}

  491. 

  492. 				req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/packages/%s?type=container&q=%s", user.Name, image))

  493. 				resp := MakeRequest(t, req, http.StatusOK)

  494. 

  495. 				var apiPackages []*api.Package

  496. 				DecodeJSON(t, resp, &apiPackages)

  497. 				assert.Len(t, apiPackages, 4) // "latest", "main", "multi", "sha256:..."

  498. 			})

  499. 

  500. 			t.Run("Delete", func(t *testing.T) {

  501. 				t.Run("Blob", func(t *testing.T) {

  502. 					defer PrintCurrentTest(t)()

  503. 

  504. 					req := NewRequest(t, "DELETE", fmt.Sprintf("%s/blobs/%s", url, blobDigest))

  505. 					addTokenAuthHeader(req, userToken)

  506. 					MakeRequest(t, req, http.StatusAccepted)

  507. 

  508. 					req = NewRequest(t, "HEAD", fmt.Sprintf("%s/blobs/%s", url, blobDigest))

  509. 					addTokenAuthHeader(req, userToken)

  510. 					MakeRequest(t, req, http.StatusNotFound)

  511. 				})

  512. 

  513. 				t.Run("ManifestByDigest", func(t *testing.T) {

  514. 					defer PrintCurrentTest(t)()

  515. 

  516. 					req := NewRequest(t, "DELETE", fmt.Sprintf("%s/manifests/%s", url, untaggedManifestDigest))

  517. 					addTokenAuthHeader(req, userToken)

  518. 					MakeRequest(t, req, http.StatusAccepted)

  519. 

  520. 					req = NewRequest(t, "HEAD", fmt.Sprintf("%s/manifests/%s", url, untaggedManifestDigest))

  521. 					addTokenAuthHeader(req, userToken)

  522. 					MakeRequest(t, req, http.StatusNotFound)

  523. 				})

  524. 

  525. 				t.Run("ManifestByTag", func(t *testing.T) {

  526. 					defer PrintCurrentTest(t)()

  527. 

  528. 					req := NewRequest(t, "DELETE", fmt.Sprintf("%s/manifests/%s", url, multiTag))

  529. 					addTokenAuthHeader(req, userToken)

  530. 					MakeRequest(t, req, http.StatusAccepted)

  531. 

  532. 					req = NewRequest(t, "HEAD", fmt.Sprintf("%s/manifests/%s", url, multiTag))

  533. 					addTokenAuthHeader(req, userToken)

  534. 					MakeRequest(t, req, http.StatusNotFound)

  535. 				})

  536. 			})

  537. 		})

  538. 	}

  539. }