Skip to content

Commit

Permalink
Exporter now accept insecure registries
Browse files Browse the repository at this point in the history
Signed-off-by: Domenico Luciani <[email protected]>
  • Loading branch information
Domenico Luciani committed Aug 18, 2023
1 parent f2fe896 commit e30eee1
Show file tree
Hide file tree
Showing 5 changed files with 48 additions and 1 deletion.
27 changes: 27 additions & 0 deletions acceptance/exporter_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -259,6 +259,33 @@ func testExporterFunc(platformAPI string) func(t *testing.T, when spec.G, it spe
})
})

when("app using insecure registry", func() {
it.Before(func() {
h.SkipIf(t, api.MustParse(platformAPI).LessThan("0.12"), "")
})

it("does an http request", func() {
var exportFlags []string
exportArgs := append([]string{ctrPath(exporterPath)}, exportFlags...)
exportedImageName = exportTest.RegRepoName("some-insecure-exported-image-" + h.RandString(10))
exportArgs = append(exportArgs, exportedImageName)
insecureRegistry := "host.docker.internal/bar"
insecureAnalyzed := "/layers/analyzed_insecure.toml"

_, _, err := h.DockerRunWithError(t,
exportImage,
h.WithFlags(
"--env", "CNB_PLATFORM_API="+platformAPI,
"--env", "CNB_INSECURE_REGISTRIES="+insecureRegistry,
"--env", "CNB_ANALYZED_PATH="+insecureAnalyzed,
"--network", exportRegNetwork,
),
h.WithArgs(exportArgs...),
)
h.AssertStringContains(t, err.Error(), "http://host.docker.internal")
})
})

when("SOURCE_DATE_EPOCH is set", func() {
it("Image CreatedAt is set to SOURCE_DATE_EPOCH", func() {
h.SkipIf(t, api.MustParse(platformAPI).LessThan("0.9"), "SOURCE_DATE_EPOCH support added in 0.9")
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
[run-image]
reference = "host.docker.internal/bar"
11 changes: 11 additions & 0 deletions cmd/lifecycle/exporter.go
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ import (
"os"
"path/filepath"
"strconv"
"strings"
"time"

"github.com/BurntSushi/toml"
Expand Down Expand Up @@ -75,6 +76,7 @@ func (e *exportCmd) DefineFlags() {
cli.FlagRunImage(&e.RunImageRef) // FIXME: this flag isn't valid on Platform 0.7 and later
cli.FlagUID(&e.UID)
cli.FlagUseDaemon(&e.UseDaemon)
cli.FlagInsecureRegistries(&e.InsecureRegistries)

cli.DeprecatedFlagRunImage(&e.DeprecatedRunImageRef) // FIXME: this flag isn't valid on Platform 0.7 and later
}
Expand Down Expand Up @@ -355,6 +357,15 @@ func (e *exportCmd) initRemoteAppImage(analyzedMD files.Analyzed) (imgutil.Image
opts = append(opts, remote.WithHistory())
}

if len(e.InsecureRegistries) > 0 {
cmd.DefaultLogger.Infof("Found Insecure Registries: %+q", e.InsecureRegistries)
for _, insecureRegistry := range e.InsecureRegistries {
if strings.HasPrefix(e.RunImageRef, insecureRegistry) {
opts = append(opts, remote.WithRegistrySetting(insecureRegistry, true, true))
}
}
}

if analyzedMD.PreviousImageRef() != "" {
cmd.DefaultLogger.Infof("Reusing layers from image '%s'", analyzedMD.PreviousImageRef())
opts = append(opts, remote.WithPreviousImage(analyzedMD.PreviousImageRef()))
Expand Down
2 changes: 1 addition & 1 deletion cmd/lifecycle/restorer.go
Original file line number Diff line number Diff line change
Expand Up @@ -127,7 +127,7 @@ func (r *restoreCmd) Exec() error {
}
} else if r.supportsTargetData() && needsUpdating(analyzedMD.RunImage) {
cmd.DefaultLogger.Debugf("Updating run image info in analyzed metadata...")
h := image.NewHandler(r.docker, r.keychain, r.LayoutDir, r.UseLayout)
h := image.NewHandler(r.docker, r.keychain, r.LayoutDir, r.UseLayout, r.InsecureRegistries)
runImage, err = h.InitImage(runImageName)
if err != nil || !runImage.Found() {
return cmd.FailErr(err, fmt.Sprintf("pull run image %s", runImageName))
Expand Down
7 changes: 7 additions & 0 deletions testhelpers/docker.go
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,13 @@ func DockerRun(t *testing.T, image string, ops ...DockerCmdOp) string {
return Run(t, exec.Command("docker", append([]string{"run", "--rm"}, args...)...)) // #nosec G204
}

// DockerRunWithError allows to run docker command that might fail, reporting the error back to the caller
func DockerRunWithError(t *testing.T, image string, ops ...DockerCmdOp) (string, int, error) {
t.Helper()
args := formatArgs([]string{image}, ops...)
return RunE(exec.Command("docker", append([]string{"run", "--rm"}, args...)...)) // #nosec G204
}

func DockerRunWithCombinedOutput(t *testing.T, image string, ops ...DockerCmdOp) string {
t.Helper()
args := formatArgs([]string{image}, ops...)
Expand Down

0 comments on commit e30eee1

Please sign in to comment.