diff --git a/go.mod b/go.mod index 8aa3251c..a14fabd0 100644 --- a/go.mod +++ b/go.mod @@ -19,6 +19,7 @@ require ( github.com/docker/docker v23.0.5+incompatible github.com/docker/docker-credential-helpers v0.7.0 github.com/docker/go-connections v0.4.0 + github.com/elazarl/goproxy v0.0.0-20221015165544-a0805db90819 github.com/google/go-containerregistry v0.15.1 github.com/hashicorp/go-getter v1.7.1 github.com/mesosphere/dkp-cli-runtime/core v0.7.1 diff --git a/go.sum b/go.sum index 6c39894c..a414e3bd 100644 --- a/go.sum +++ b/go.sum @@ -347,6 +347,10 @@ github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3 github.com/dsnet/compress v0.0.2-0.20210315054119-f66993602bf5 h1:iFaUwBSo5Svw6L7HYpRu/0lE3e0BaElwnNO1qkNQxBY= github.com/dsnet/compress v0.0.2-0.20210315054119-f66993602bf5/go.mod h1:qssHWj60/X5sZFNxpG4HBPDHVqxNm4DfnCKgrbZOT+s= github.com/dsnet/golib v0.0.0-20171103203638-1ea166775780/go.mod h1:Lj+Z9rebOhdfkVLjJ8T6VcRQv3SXugXy999NBtR9aFY= +github.com/elazarl/goproxy v0.0.0-20221015165544-a0805db90819 h1:RIB4cRk+lBqKK3Oy0r2gRX4ui7tuhiZq2SuTtTCi0/0= +github.com/elazarl/goproxy v0.0.0-20221015165544-a0805db90819/go.mod h1:Ro8st/ElPeALwNFlcTpWmkr6IoMFfkjXAvTHpevnDsM= +github.com/elazarl/goproxy/ext v0.0.0-20190711103511-473e67f1d7d2 h1:dWB6v3RcOy03t/bUadywsbyrQwCqZeNIEX6M1OtSZOM= +github.com/elazarl/goproxy/ext v0.0.0-20190711103511-473e67f1d7d2/go.mod h1:gNh8nYJoAm43RfaxurUnxr+N1PwuFV3ZMl/efxlIlY8= github.com/emicklei/go-restful/v3 v3.10.1 h1:rc42Y5YTp7Am7CS630D7JmhRjq4UlEUuEKfrDac4bSQ= github.com/emicklei/go-restful/v3 v3.10.1/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= @@ -818,6 +822,7 @@ github.com/rivo/uniseg v0.4.4 h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis= github.com/rivo/uniseg v0.4.4/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= +github.com/rogpeppe/go-charset v0.0.0-20180617210344-2471d30d28b4/go.mod h1:qgYeAmZ5ZIpBWTGllZSQnw97Dj+woV0toclVaRGI8pc= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= github.com/rogpeppe/go-internal v1.8.0/go.mod h1:WmiCO8CzOY8rg0OYDC4/i/2WRWAB6poM+XZ2dLUbcbE= diff --git a/test/e2e/imagebundle/push_image_bundle_test.go b/test/e2e/imagebundle/push_image_bundle_test.go index 7d80b64e..590247a1 100644 --- a/test/e2e/imagebundle/push_image_bundle_test.go +++ b/test/e2e/imagebundle/push_image_bundle_test.go @@ -9,10 +9,12 @@ import ( "context" "fmt" "net" + "net/http/httptest" "path/filepath" "runtime" "strconv" + "github.com/elazarl/goproxy" v1 "github.com/google/go-containerregistry/pkg/v1" "github.com/google/go-containerregistry/pkg/v1/remote" . "github.com/onsi/ginkgo/v2" @@ -45,103 +47,104 @@ var _ = Describe("Push Bundle", func() { ) }) - DescribeTable( - "Success", - func( - registryHost string, - registryScheme string, - registryInsecure bool, - ) { - helpers.CreateBundle( + runTest := func( + registryHost string, + registryScheme string, + registryInsecure bool, + ) { + helpers.CreateBundle( + GinkgoT(), + bundleFile, + filepath.Join("testdata", "create-success.yaml"), + ) + + registryCACertFile := "" + registryCertFile := "" + registryKeyFile := "" + if registryHost != "localhost" && registryScheme != "http" { + tempCertDir := GinkgoT().TempDir() + registryCACertFile, _, registryCertFile, registryKeyFile = helpers.GenerateCertificateAndKeyWithIPSAN( GinkgoT(), - bundleFile, - filepath.Join("testdata", "create-success.yaml"), + tempCertDir, + net.ParseIP(registryHost), ) + } + + port, err := freeport.GetFreePort() + Expect(err).NotTo(HaveOccurred()) + reg, err := registry.NewRegistry(registry.Config{ + StorageDirectory: filepath.Join(tmpDir, "registry"), + Host: registryHost, + Port: uint16(port), + TLS: registry.TLS{ + Certificate: registryCertFile, + Key: registryKeyFile, + }, + }) + Expect(err).NotTo(HaveOccurred()) - registryCACertFile := "" - registryCertFile := "" - registryKeyFile := "" - if registryHost != "localhost" && registryScheme != "http" { - tempCertDir := GinkgoT().TempDir() - registryCACertFile, _, registryCertFile, registryKeyFile = helpers.GenerateCertificateAndKeyWithIPSAN( - GinkgoT(), - tempCertDir, - net.ParseIP(registryHost), - ) - } - - port, err := freeport.GetFreePort() - Expect(err).NotTo(HaveOccurred()) - reg, err := registry.NewRegistry(registry.Config{ - StorageDirectory: filepath.Join(tmpDir, "registry"), - Host: registryHost, - Port: uint16(port), - TLS: registry.TLS{ - Certificate: registryCertFile, - Key: registryKeyFile, - }, - }) - Expect(err).NotTo(HaveOccurred()) - - done := make(chan struct{}) - go func() { - defer GinkgoRecover() - - Expect(reg.ListenAndServe()).To(Succeed()) - - close(done) - }() - - helpers.WaitForTCPPort(GinkgoT(), registryHost, port) - - registryHostWithOptionalScheme := fmt.Sprintf("%s:%d", registryHost, port) - if registryScheme != "" { - registryHostWithOptionalScheme = fmt.Sprintf( - "%s://%s", - registryScheme, - registryHostWithOptionalScheme, - ) - } - - args := []string{ - "--image-bundle", bundleFile, - "--to-registry", registryHostWithOptionalScheme, - } - if registryInsecure { - args = append(args, "--to-registry-insecure-skip-tls-verify") - } else if registryCACertFile != "" { - args = append(args, "--to-registry-ca-cert-file", registryCACertFile) - } - - cmd.SetArgs(args) - - Expect(cmd.Execute()).To(Succeed()) - - testRoundTripper, err := httputils.TLSConfiguredRoundTripper( - remote.DefaultTransport, - net.JoinHostPort(registryHost, strconv.Itoa(port)), - registryCACertFile != "", - registryCACertFile, - ) - Expect(err).NotTo(HaveOccurred()) + done := make(chan struct{}) + go func() { + defer GinkgoRecover() - helpers.ValidateImageIsAvailable( - GinkgoT(), - registryHost, - port, - "stefanprodan/podinfo", - "6.2.0", - []*v1.Platform{{ - OS: "linux", - Architecture: runtime.GOARCH, - }}, - remote.WithTransport(testRoundTripper), + Expect(reg.ListenAndServe()).To(Succeed()) + + close(done) + }() + + helpers.WaitForTCPPort(GinkgoT(), registryHost, port) + + registryHostWithOptionalScheme := fmt.Sprintf("%s:%d", registryHost, port) + if registryScheme != "" { + registryHostWithOptionalScheme = fmt.Sprintf( + "%s://%s", + registryScheme, + registryHostWithOptionalScheme, ) + } - Expect(reg.Shutdown(context.Background())).To((Succeed())) + args := []string{ + "--image-bundle", bundleFile, + "--to-registry", registryHostWithOptionalScheme, + } + if registryInsecure { + args = append(args, "--to-registry-insecure-skip-tls-verify") + } else if registryCACertFile != "" { + args = append(args, "--to-registry-ca-cert-file", registryCACertFile) + } + + cmd.SetArgs(args) + + Expect(cmd.Execute()).To(Succeed()) + + testRoundTripper, err := httputils.TLSConfiguredRoundTripper( + remote.DefaultTransport, + net.JoinHostPort(registryHost, strconv.Itoa(port)), + registryCACertFile != "", + registryCACertFile, + ) + Expect(err).NotTo(HaveOccurred()) - Eventually(done).Should(BeClosed()) - }, + helpers.ValidateImageIsAvailable( + GinkgoT(), + registryHost, + port, + "stefanprodan/podinfo", + "6.2.0", + []*v1.Platform{{ + OS: "linux", + Architecture: runtime.GOARCH, + }}, + remote.WithTransport(testRoundTripper), + ) + + Expect(reg.Shutdown(context.Background())).To((Succeed())) + + Eventually(done).Should(BeClosed()) + } + + DescribeTable("Success", + runTest, Entry("Without TLS", "localhost", "", true), @@ -175,4 +178,18 @@ var _ = Describe("Push Bundle", func() { cmd.Execute(), ).To(MatchError(fmt.Sprintf("did find any matching files for %q", bundleFile))) }) + + It("Success using a proxy", Serial, func() { + proxy := goproxy.NewProxyHttpServer() + proxy.Verbose = true + proxy.Logger = GinkgoWriter + + proxyServer := httptest.NewServer(proxy) + defer proxyServer.Close() + + GinkgoT().Setenv("http_proxy", proxyServer.URL) + GinkgoT().Setenv("https_proxy", proxyServer.URL) + + runTest(helpers.GetFirstNonLoopbackIP(GinkgoT()).String(), "", false) + }) })