ConfigurationUtil.initialize(config); RegistryState registryState = new RegistryState(); registryState.name = UUID.randomUUID().toString(); registryState.address = host.getUri().toString();
RegistryState registryState = new RegistryState(); registryState.address = "http://0.0.0.0"; registryState.customProperties = new HashMap<>();
AuthCredentialsService.FACTORY_LINK).documentSelfLink; RegistryState registryState = new RegistryState(); registryState.authCredentialsLink = authStateLink; registryState.address = "https://test.registry.com:5000";
RegistryState rs = new RegistryState(); rs.name = UUID.randomUUID().toString(); rs.address = rs.name;
@Test public void testCreateRegistryThroughRegistryHostconfigServiceWithIntercept() throws Throwable { String uuid = UUID.randomUUID().toString(); RegistryHostSpec hostSpec = new RegistryHostSpec(); hostSpec.hostState = new RegistryState(); hostSpec.hostState.address = uuid; hostSpec.hostState.name = uuid; hostSpec.hostState.endpointType = RegistryState.DOCKER_REGISTRY_ENDPOINT_TYPE; hostSpec.acceptHostAddress = true; String[] registryLink = new String[1]; Operation put = Operation.createPut(host, RegistryHostConfigService.SELF_LINK) .setReferer("/") .addRequestHeader(OperationUtil.PROJECT_ADMIRAL_HEADER, project.documentSelfLink) .setBodyNoCloning(hostSpec) .setCompletion((o, ex) -> { if (ex != null) { host.log(Level.SEVERE, "Failed to create registry: %s", Utils.toString(ex)); host.failIteration(ex); } else { registryLink[0] = o.getResponseHeader(Operation.LOCATION_HEADER); host.completeIteration(); } }); host.testStart(1); host.send(put); host.testWait(); assertNotNull("Registry link must not be null after creation.", registryLink[0]); RegistryState registryState = getDocument(RegistryState.class, registryLink[0]); assertTrue(registryState.tenantLinks.contains(project.documentSelfLink)); }
@Test public void testPlainHttpRegistriesDisabledByDefault() throws Throwable { // default behavior - plain HTTP registries not allowed ConfigurationUtil.initialize((ConfigurationState[]) null); RegistryState registryState = new RegistryState(); registryState.name = UUID.randomUUID().toString(); registryState.address = host.getUri().toString(); assertTrue(registryState.address.startsWith("http://")); registryState.endpointType = RegistryState.DOCKER_REGISTRY_ENDPOINT_TYPE; RegistryHostSpec registryHostSpec = new RegistryHostSpec(); registryHostSpec.hostState = registryState; URI registryUri = UriUtils.buildUri(host, RegistryHostConfigService.SELF_LINK); // Try to create/update the registry try { doOperation(registryHostSpec, registryUri, RegistryHostSpec.class, true, Action.PUT); fail("Plain HTTP shouldn't be supported!"); } catch (LocalizableValidationException e) { assertEquals("compute.registry.plain.http.not.allowed", e.getErrorMessageCode()); } // Try to validate the registry registryUri = UriUtils.buildUri(host, RegistryHostConfigService.SELF_LINK, UriUtils.buildUriQuery(REQUEST_PARAM_VALIDATE_OPERATION_NAME, Boolean.toString(true))); try { doOperation(registryHostSpec, registryUri, RegistryHostSpec.class, true, Action.PUT); fail("Plain HTTP shouldn't be supported!"); } catch (LocalizableValidationException e) { assertEquals("compute.registry.plain.http.not.allowed", e.getErrorMessageCode()); } }
private void createHarborRegistry(Operation post, String harborUrl, String authCredentialsLink) { RegistryState state = new RegistryState(); state.documentSelfLink = Harbor.DEFAULT_REGISTRY_LINK; state.address = harborUrl; state.name = Harbor.DEFAULT_REGISTRY_NAME; state.endpointType = RegistryState.DOCKER_REGISTRY_ENDPOINT_TYPE; state.authCredentialsLink = authCredentialsLink; state.customProperties = new HashMap<>(); state.customProperties.put(RegistryService.API_VERSION_PROP_NAME, RegistryService.ApiVersion.V2.toString()); sendRequest(Operation .createPost(UriUtils.buildUri(getHost(), RegistryFactoryService.SELF_LINK)) .setBodyNoCloning(state) .addPragmaDirective(Operation.PRAGMA_DIRECTIVE_FORCE_INDEX_UPDATE) .setCompletion((o, e) -> { if (e != null) { logSevere("Unable to create default harbor registry: %s", Utils.toString(e)); post.fail(e); return; } post.complete(); })); }
private void verifyRegistryEditable(String documentLink, String userEmail, boolean expectEditable) throws Throwable { final String updatedName = "Updated name " + UUID.randomUUID().toString(); RegistryState patchState = new RegistryState(); patchState.name = updatedName;
@Test public void testTrustCertRemovedAfterRegistryRemoval() throws Throwable { List<String> trustCertList = getDocumentLinksOfType(SslTrustCertificateState.class); int trustCertInitialSize = trustCertList.size(); assertEquals(1, trustCertInitialSize); String trustCertLink = trustCertList.get(0); RegistryState registryState = new RegistryState(); registryState.customProperties = new HashMap<>(); registryState.customProperties.put(RegistryService.REGISTRY_TRUST_CERTS_PROP_NAME, trustCertLink); doPatch(registryState, defaultRegistryStateLink); doPatch(registryState, v2RegistryStateLink); doPatch(registryState, dockerHubRegistryStateLink); doDelete(UriUtils.buildUri(host, defaultRegistryStateLink), false); trustCertList = getDocumentLinksOfType(SslTrustCertificateState.class); assertEquals(trustCertInitialSize, trustCertList.size()); doDelete(UriUtils.buildUri(host, v2RegistryStateLink), false); trustCertList = getDocumentLinksOfType(SslTrustCertificateState.class); assertEquals(trustCertInitialSize, trustCertList.size()); doDelete(UriUtils.buildUri(host, dockerHubRegistryStateLink), false); trustCertList = getDocumentLinksOfType(SslTrustCertificateState.class); assertEquals(trustCertInitialSize - 1, trustCertList.size()); }
static ServiceDocument buildDefaultStateInstance(ServiceHost host) { RegistryState state = new RegistryState(); state.documentSelfLink = DEFAULT_INSTANCE_LINK; state.address = DEFAULT_REGISTRY_ADDRESS; state.name = DEFAULT_REGISTRY_NAME; state.endpointType = RegistryState.DOCKER_REGISTRY_ENDPOINT_TYPE; state.disabled = Boolean.FALSE; state.customProperties = new HashMap<>(); state.customProperties.put(API_VERSION_PROP_NAME, ApiVersion.V1.toString()); boolean disableDefaultRegistry = Boolean.valueOf( ConfigurationUtil.getProperty(RegistryService.DISABLE_DEFAULT_REGISTRY_PROP_NAME)); // create or delete default registry if (disableDefaultRegistry) { // ensure default registry does not exist host.registerForServiceAvailability((o, e) -> { host.log(Level.INFO, "registerForServiceAvailability: %s", RegistryFactoryService.SELF_LINK); deleteDefaultRegistry(host); }, true, RegistryFactoryService.SELF_LINK); return null; } return state; }
@Test public void testBasicUserRestrictionsToRegistries() throws Throwable { RegistryState registry = new RegistryState(); registry.name = "test"; registry.address = UUID.randomUUID().toString(); // GET host.assumeIdentity(buildUserServicePath(USER_EMAIL_ADMIN)); RegistryState createdState = doPost(registry, RegistryFactoryService.SELF_LINK); assertNotNull(createdState); assertNotNull(createdState.documentSelfLink); host.assumeIdentity(buildUserServicePath(USER_EMAIL_BASIC_USER)); RegistryState document = getDocument(RegistryState.class, createdState.documentSelfLink); assertNotNull(document); assertEquals(createdState.documentSelfLink, document.documentSelfLink); // POST registry.address = UUID.randomUUID().toString(); doPostWithRestrictionVerification(registry, RegistryFactoryService.SELF_LINK); // PUT createdState.name = "updated-name"; doPutWithRestrictionVerification(createdState, RegistryFactoryService.SELF_LINK); // DELETE doDeleteWithRestrictionVerification(createdState, RegistryFactoryService.SELF_LINK); }
@Test public void testCloudAdminHasAccessToRegistries() throws Throwable { host.assumeIdentity(buildUserServicePath(USER_EMAIL_ADMIN)); RegistryState registry = new RegistryState(); registry.name = "test"; registry.address = UUID.randomUUID().toString(); // POST RegistryState createdState = doPost(registry, RegistryFactoryService.SELF_LINK); assertNotNull(createdState); assertNotNull(createdState.documentSelfLink); // GET RegistryState retrievedState = getDocument(RegistryState.class, createdState.documentSelfLink); assertNotNull(retrievedState); // PUT createdState.name = "updated-name"; RegistryState updatedState = doPut(createdState); assertNotNull(updatedState); assertTrue(createdState.name.equals(updatedState.name)); // DELETE doDelete(UriUtils.buildUri(host, createdState.documentSelfLink), false); retrievedState = getDocumentNoWait(RegistryState.class, createdState.documentSelfLink); assertNull(retrievedState); }
@Test public void testGetSecurityContextWithDefaultHarborRegistryCredentials() throws Throwable { AuthCredentialsServiceState credentials = new AuthCredentialsServiceState(); credentials.userEmail = UUID.randomUUID().toString(); credentials.privateKey = UUID.randomUUID().toString(); credentials.type = AuthCredentialsType.Password.toString(); credentials = getOrCreateDocument(credentials, AuthCredentialsService.FACTORY_LINK); assertNotNull("Failed to create credentials", credentials); RegistryState registryState = new RegistryState(); registryState.documentSelfLink = Harbor.DEFAULT_REGISTRY_LINK; registryState.endpointType = RegistryState.DOCKER_REGISTRY_ENDPOINT_TYPE; registryState.address = "http://harbor.vic.com"; registryState.authCredentialsLink = credentials.documentSelfLink; registryState = getOrCreateDocument(registryState, RegistryFactoryService.SELF_LINK); assertNotNull("Failed to create registry", registryState); SecurityContext securityContext = getSecurityContextByCredentials(credentials.userEmail, credentials.privateKey); assertEquals(credentials.userEmail, securityContext.id); assertEquals(1, securityContext.roles.size()); assertTrue(securityContext.roles.contains(AuthRole.CLOUD_ADMIN)); securityContext = getSecurityContextByCredentials(USER_EMAIL_GLORIA, "Password1!"); assertEquals(USER_NAME_GLORIA, securityContext.name); assertEquals(USER_EMAIL_GLORIA, securityContext.id); assertTrue(securityContext.roles.contains(AuthRole.BASIC_USER)); assertTrue(securityContext.roles.contains(AuthRole.BASIC_USER_EXTENDED)); }
@Test public void testProjectAdminRestrictionsToRegistries() throws Throwable { RegistryState registry = new RegistryState(); registry.name = "test"; registry.address = UUID.randomUUID().toString(); registry.tenantLinks = Collections.singletonList(createdProject.documentSelfLink); host.assumeIdentity(buildUserServicePath(USER_EMAIL_ADMIN)); RegistryState createdState = doPost(registry, RegistryFactoryService.SELF_LINK); assertNotNull(createdState); assertNotNull(createdState.documentSelfLink); host.assumeIdentity(buildUserServicePath(USER_EMAIL_GLORIA)); // GET getDocument(RegistryState.class, createdState.documentSelfLink); // POST registry.address = UUID.randomUUID().toString(); doPost(registry, RegistryFactoryService.SELF_LINK); // PUT createdState.name = "updated-name"; doPut(createdState); // DELETE doDelete(UriUtils.buildUri(host, createdState.documentSelfLink), false); }
private RegistryState createRegistry(String name, String address, String projectLink) throws Throwable { RegistryState registry = new RegistryState(); registry.name = name; registry.address = address; registry.endpointType = RegistryState.DOCKER_REGISTRY_ENDPOINT_TYPE; registry.customProperties = new HashMap<>(); registry.customProperties.put(RegistryService.API_VERSION_PROP_NAME, ApiVersion.V1.toString()); if (projectLink != null && !projectLink.isEmpty()) { registry.tenantLinks = Collections.singletonList(projectLink); } RegistryState resultRegistry = doPost(registry, RegistryFactoryService.SELF_LINK); host.log(Level.INFO, "Created %s registry '%s' [%s].", address == null ? "global" : "project-specific", name, resultRegistry.documentSelfLink); return resultRegistry; }
@Test public void testDeleteDefaultRegistryOnStartup() throws Throwable { RegistryState registryState = new RegistryState(); registryState.documentSelfLink = RegistryService.DEFAULT_INSTANCE_LINK; registryState.endpointType = RegistryState.DOCKER_REGISTRY_ENDPOINT_TYPE; registryState.address = RegistryService.DEFAULT_REGISTRY_ADDRESS; registryState = doPost(registryState, RegistryFactoryService.SELF_LINK); assertNotNull("Failed to create default registry", registryState); ConfigurationState config = new ConfigurationState(); config.key = RegistryService.DISABLE_DEFAULT_REGISTRY_PROP_NAME; config.value = Boolean.toString(true); ConfigurationUtil.initialize(config); RegistryService.buildDefaultStateInstance(host); waitFor("Ensure default registry is deleted.", () -> { List<String> resourceLinks = findResourceLinks(RegistryState.class, Collections.singletonList(RegistryService.DEFAULT_INSTANCE_LINK)); return resourceLinks.size() == 0; }); } }
public static RegistryAuthState create( AuthCredentialsServiceState authCredentials, RegistryState registryState) { RegistryAuthState regWithAuth = new RegistryAuthState(); registryState.copyTo(regWithAuth); regWithAuth.address = registryState.address; regWithAuth.protocolType = registryState.protocolType; regWithAuth.endpointType = registryState.endpointType; regWithAuth.tenantLinks = registryState.tenantLinks; regWithAuth.name = registryState.name; regWithAuth.disabled = registryState.disabled; regWithAuth.address = registryState.address; regWithAuth.customProperties = registryState.customProperties; regWithAuth.authCredentials = authCredentials; regWithAuth.authCredentialsLink = authCredentials.documentSelfLink; return regWithAuth; } }
@Test public void testSameRegistryTwoDifferentProjectsNotRemoveOldTenantLinkShouldFail() throws Throwable { RegistryState registryState = new RegistryState(); registryState.address = "http://0.0.0.0"; registryState.name = "TestRegistry"; registryState.tenantLinks = new ArrayList<>(); registryState.tenantLinks.add("test-project1"); doPost(registryState, RegistryFactoryService.SELF_LINK); registryState.tenantLinks.add("test-project2"); try { doPost(registryState, RegistryFactoryService.SELF_LINK); fail("Should not be possible to add the same registry in two different projects"); } catch (Exception e) { assertTrue(e.getMessage().contains(RegistryFactoryService.REGISTRY_ALREADY_EXISTS)); } }
@Test public void testDuplicateRegistryInsideProjectShouldFail() throws Throwable { RegistryState registryState = new RegistryState(); registryState.address = "http://0.0.0.0"; registryState.name = "TestRegistry"; registryState.tenantLinks = new ArrayList<>(); registryState.tenantLinks.add("test-project"); doPost(registryState, RegistryFactoryService.SELF_LINK); try { doPost(registryState, RegistryFactoryService.SELF_LINK); fail("Should not be possible to add the same registry twice in the same scope"); } catch (Exception e) { assertTrue(e.getMessage().contains(RegistryFactoryService.REGISTRY_ALREADY_EXISTS)); } }
private void createBaseRegistryState() throws Throwable { baseRegistryState = new RegistryState(); baseRegistryState.address = BASE_REGISTRY_PATH; baseRegistryState.name = ""; doPost(baseRegistryState, RegistryFactoryService.SELF_LINK); }