mirror of https://github.com/k3s-io/k3s
1360 lines
32 KiB
Go
1360 lines
32 KiB
Go
package containerd
|
|
|
|
import (
|
|
"net"
|
|
"net/url"
|
|
"os"
|
|
"path/filepath"
|
|
"strings"
|
|
"testing"
|
|
|
|
"github.com/k3s-io/k3s/pkg/agent/templates"
|
|
"github.com/k3s-io/k3s/pkg/daemons/config"
|
|
"github.com/k3s-io/k3s/pkg/spegel"
|
|
"github.com/rancher/wharfie/pkg/registries"
|
|
"github.com/sirupsen/logrus"
|
|
"github.com/stretchr/testify/assert"
|
|
)
|
|
|
|
func init() {
|
|
logrus.SetLevel(logrus.DebugLevel)
|
|
}
|
|
|
|
func u(s string) *url.URL {
|
|
u, err := url.Parse(s)
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
return u
|
|
}
|
|
|
|
func Test_UnitGetHostConfigs(t *testing.T) {
|
|
type args struct {
|
|
registryContent string
|
|
noDefaultEndpoint bool
|
|
mirrorAddr string
|
|
}
|
|
tests := []struct {
|
|
name string
|
|
args args
|
|
want HostConfigs
|
|
}{
|
|
{
|
|
name: "no registries",
|
|
want: HostConfigs{},
|
|
},
|
|
{
|
|
name: "registry with default endpoint",
|
|
args: args{
|
|
registryContent: `
|
|
mirrors:
|
|
docker.io:
|
|
`,
|
|
},
|
|
want: HostConfigs{},
|
|
},
|
|
{
|
|
name: "registry with default endpoint explicitly listed",
|
|
args: args{
|
|
registryContent: `
|
|
mirrors:
|
|
docker.io:
|
|
endpoint:
|
|
- docker.io
|
|
`,
|
|
},
|
|
want: HostConfigs{},
|
|
},
|
|
{
|
|
name: "registry with default endpoint - embedded registry",
|
|
args: args{
|
|
mirrorAddr: "127.0.0.1:6443",
|
|
registryContent: `
|
|
mirrors:
|
|
docker.io:
|
|
`,
|
|
},
|
|
want: HostConfigs{
|
|
"docker.io": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://registry-1.docker.io/v2"),
|
|
},
|
|
Endpoints: []templates.RegistryEndpoint{
|
|
{
|
|
URL: u("https://127.0.0.1:6443/v2"),
|
|
Config: registries.RegistryConfig{
|
|
TLS: ®istries.TLSConfig{
|
|
CAFile: "server-ca",
|
|
KeyFile: "client-key",
|
|
CertFile: "client-cert",
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
"127.0.0.1:6443": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://127.0.0.1:6443/v2"),
|
|
Config: registries.RegistryConfig{
|
|
TLS: ®istries.TLSConfig{
|
|
CAFile: "server-ca",
|
|
KeyFile: "client-key",
|
|
CertFile: "client-cert",
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
name: "registry with default endpoint and creds",
|
|
args: args{
|
|
registryContent: `
|
|
mirrors:
|
|
docker.io:
|
|
configs:
|
|
docker.io:
|
|
auth:
|
|
username: user
|
|
password: pass
|
|
`,
|
|
},
|
|
want: HostConfigs{
|
|
"docker.io": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://registry-1.docker.io/v2"),
|
|
Config: registries.RegistryConfig{
|
|
Auth: ®istries.AuthConfig{
|
|
Username: "user",
|
|
Password: "pass",
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
name: "registry with default endpoint explicitly listed and creds",
|
|
args: args{
|
|
registryContent: `
|
|
mirrors:
|
|
docker.io:
|
|
endpoint:
|
|
- docker.io
|
|
configs:
|
|
docker.io:
|
|
auth:
|
|
username: user
|
|
password: pass
|
|
`,
|
|
},
|
|
want: HostConfigs{
|
|
"docker.io": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://registry-1.docker.io/v2"),
|
|
Config: registries.RegistryConfig{
|
|
Auth: ®istries.AuthConfig{
|
|
Username: "user",
|
|
Password: "pass",
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
|
|
{
|
|
name: "registry with only creds",
|
|
args: args{
|
|
registryContent: `
|
|
configs:
|
|
docker.io:
|
|
auth:
|
|
username: user
|
|
password: pass
|
|
`,
|
|
},
|
|
want: HostConfigs{
|
|
"docker.io": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://registry-1.docker.io/v2"),
|
|
Config: registries.RegistryConfig{
|
|
Auth: ®istries.AuthConfig{
|
|
Username: "user",
|
|
Password: "pass",
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
name: "private registry with default endpoint",
|
|
args: args{
|
|
registryContent: `
|
|
mirrors:
|
|
registry.example.com:
|
|
`,
|
|
},
|
|
want: HostConfigs{},
|
|
},
|
|
{
|
|
name: "private registry with default endpoint and creds",
|
|
args: args{
|
|
registryContent: `
|
|
mirrors:
|
|
registry.example.com:
|
|
configs:
|
|
registry.example.com:
|
|
auth:
|
|
username: user
|
|
password: pass
|
|
`,
|
|
},
|
|
want: HostConfigs{
|
|
"registry.example.com": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://registry.example.com/v2"),
|
|
Config: registries.RegistryConfig{
|
|
Auth: ®istries.AuthConfig{
|
|
Username: "user",
|
|
Password: "pass",
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
name: "private registry with only creds",
|
|
args: args{
|
|
registryContent: `
|
|
configs:
|
|
registry.example.com:
|
|
auth:
|
|
username: user
|
|
password: pass
|
|
`,
|
|
},
|
|
want: HostConfigs{
|
|
"registry.example.com": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://registry.example.com/v2"),
|
|
Config: registries.RegistryConfig{
|
|
Auth: ®istries.AuthConfig{
|
|
Username: "user",
|
|
Password: "pass",
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
name: "registry with mirror endpoint - full URL with override path",
|
|
args: args{
|
|
registryContent: `
|
|
mirrors:
|
|
docker.io:
|
|
endpoint:
|
|
- https://registry.example.com/prefix/v2
|
|
`,
|
|
},
|
|
want: HostConfigs{
|
|
"docker.io": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://registry-1.docker.io/v2"),
|
|
},
|
|
Endpoints: []templates.RegistryEndpoint{
|
|
{
|
|
OverridePath: true,
|
|
URL: u("https://registry.example.com/prefix/v2"),
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
name: "registry with mirror endpoint - hostname only with override path",
|
|
args: args{
|
|
registryContent: `
|
|
mirrors:
|
|
docker.io:
|
|
endpoint:
|
|
- registry.example.com/prefix/v2
|
|
`,
|
|
},
|
|
want: HostConfigs{
|
|
"docker.io": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://registry-1.docker.io/v2"),
|
|
},
|
|
Endpoints: []templates.RegistryEndpoint{
|
|
{
|
|
OverridePath: true,
|
|
URL: u("https://registry.example.com/prefix/v2"),
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
name: "registry with mirror endpoint - hostname only with default path",
|
|
args: args{
|
|
registryContent: `
|
|
mirrors:
|
|
docker.io:
|
|
endpoint:
|
|
- registry.example.com/v2
|
|
`,
|
|
},
|
|
want: HostConfigs{
|
|
"docker.io": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://registry-1.docker.io/v2"),
|
|
},
|
|
Endpoints: []templates.RegistryEndpoint{
|
|
{
|
|
URL: u("https://registry.example.com/v2"),
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
name: "registry with mirror endpoint - full URL",
|
|
args: args{
|
|
registryContent: `
|
|
mirrors:
|
|
docker.io:
|
|
endpoint:
|
|
- https://registry.example.com/v2
|
|
`,
|
|
},
|
|
want: HostConfigs{
|
|
"docker.io": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://registry-1.docker.io/v2"),
|
|
},
|
|
Endpoints: []templates.RegistryEndpoint{
|
|
{
|
|
URL: u("https://registry.example.com/v2"),
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
name: "registry with mirror endpoint - URL without path",
|
|
args: args{
|
|
registryContent: `
|
|
mirrors:
|
|
docker.io:
|
|
endpoint:
|
|
- https://registry.example.com
|
|
`,
|
|
},
|
|
want: HostConfigs{
|
|
"docker.io": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://registry-1.docker.io/v2"),
|
|
},
|
|
Endpoints: []templates.RegistryEndpoint{
|
|
{
|
|
URL: u("https://registry.example.com/v2"),
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
name: "registry with mirror endpoint - hostname only",
|
|
args: args{
|
|
registryContent: `
|
|
mirrors:
|
|
docker.io:
|
|
endpoint:
|
|
- registry.example.com
|
|
`,
|
|
},
|
|
want: HostConfigs{
|
|
"docker.io": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://registry-1.docker.io/v2"),
|
|
},
|
|
Endpoints: []templates.RegistryEndpoint{
|
|
{
|
|
URL: u("https://registry.example.com/v2"),
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
name: "registry with mirror endpoint - hostname and port only",
|
|
args: args{
|
|
registryContent: `
|
|
mirrors:
|
|
docker.io:
|
|
endpoint:
|
|
- registry.example.com:443
|
|
`,
|
|
},
|
|
want: HostConfigs{
|
|
"docker.io": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://registry-1.docker.io/v2"),
|
|
},
|
|
Endpoints: []templates.RegistryEndpoint{
|
|
{
|
|
URL: u("https://registry.example.com:443/v2"),
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
name: "registry with mirror endpoint - ip address only",
|
|
args: args{
|
|
registryContent: `
|
|
mirrors:
|
|
docker.io:
|
|
endpoint:
|
|
- 1.2.3.4
|
|
`,
|
|
},
|
|
want: HostConfigs{
|
|
"docker.io": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://registry-1.docker.io/v2"),
|
|
},
|
|
Endpoints: []templates.RegistryEndpoint{
|
|
{
|
|
URL: u("https://1.2.3.4/v2"),
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
name: "registry with mirror endpoint - ip and port only",
|
|
args: args{
|
|
registryContent: `
|
|
mirrors:
|
|
docker.io:
|
|
endpoint:
|
|
- 1.2.3.4:443
|
|
`,
|
|
},
|
|
want: HostConfigs{
|
|
"docker.io": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://registry-1.docker.io/v2"),
|
|
},
|
|
Endpoints: []templates.RegistryEndpoint{
|
|
{
|
|
URL: u("https://1.2.3.4:443/v2"),
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
name: "registry with mirror endpoint - localhost and port only",
|
|
args: args{
|
|
registryContent: `
|
|
mirrors:
|
|
docker.io:
|
|
endpoint:
|
|
- localhost:5000
|
|
`,
|
|
},
|
|
want: HostConfigs{
|
|
"docker.io": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://registry-1.docker.io/v2"),
|
|
},
|
|
Endpoints: []templates.RegistryEndpoint{
|
|
{
|
|
URL: u("http://localhost:5000/v2"),
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
name: "registry with mirror endpoint - localhost and port with scheme",
|
|
args: args{
|
|
registryContent: `
|
|
mirrors:
|
|
docker.io:
|
|
endpoint:
|
|
- https://localhost:5000
|
|
`,
|
|
},
|
|
want: HostConfigs{
|
|
"docker.io": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://registry-1.docker.io/v2"),
|
|
},
|
|
Endpoints: []templates.RegistryEndpoint{
|
|
{
|
|
URL: u("https://localhost:5000/v2"),
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
name: "registry with mirror endpoint - loopback ip and port only",
|
|
args: args{
|
|
registryContent: `
|
|
mirrors:
|
|
docker.io:
|
|
endpoint:
|
|
- 127.0.0.1:5000
|
|
`,
|
|
},
|
|
want: HostConfigs{
|
|
"docker.io": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://registry-1.docker.io/v2"),
|
|
},
|
|
Endpoints: []templates.RegistryEndpoint{
|
|
{
|
|
URL: u("http://127.0.0.1:5000/v2"),
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
name: "registry with mirror endpoint - loopback ip and port with scheme",
|
|
args: args{
|
|
registryContent: `
|
|
mirrors:
|
|
docker.io:
|
|
endpoint:
|
|
- https://127.0.0.1:5000
|
|
`,
|
|
},
|
|
want: HostConfigs{
|
|
"docker.io": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://registry-1.docker.io/v2"),
|
|
},
|
|
Endpoints: []templates.RegistryEndpoint{
|
|
{
|
|
URL: u("https://127.0.0.1:5000/v2"),
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
name: "registry with mirror endpoint and mirror creds",
|
|
args: args{
|
|
registryContent: `
|
|
mirrors:
|
|
docker.io:
|
|
endpoint:
|
|
- https://registry.example.com/v2
|
|
configs:
|
|
registry.example.com:
|
|
auth:
|
|
username: user
|
|
password: pass
|
|
`,
|
|
},
|
|
want: HostConfigs{
|
|
"docker.io": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://registry-1.docker.io/v2"),
|
|
},
|
|
Endpoints: []templates.RegistryEndpoint{
|
|
{
|
|
URL: u("https://registry.example.com/v2"),
|
|
Config: registries.RegistryConfig{
|
|
Auth: ®istries.AuthConfig{
|
|
Username: "user",
|
|
Password: "pass",
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
"registry.example.com": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://registry.example.com/v2"),
|
|
Config: registries.RegistryConfig{
|
|
Auth: ®istries.AuthConfig{
|
|
Username: "user",
|
|
Password: "pass",
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
name: "registry with mirror endpoint and mirror creds - override path with v2",
|
|
args: args{
|
|
registryContent: `
|
|
mirrors:
|
|
docker.io:
|
|
endpoint:
|
|
- https://registry.example.com/prefix/v2
|
|
registry.example.com:
|
|
endpoint:
|
|
- https://registry.example.com/prefix/v2
|
|
configs:
|
|
registry.example.com:
|
|
auth:
|
|
username: user
|
|
password: pass
|
|
`,
|
|
},
|
|
want: HostConfigs{
|
|
"docker.io": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://registry-1.docker.io/v2"),
|
|
},
|
|
Endpoints: []templates.RegistryEndpoint{
|
|
{
|
|
OverridePath: true,
|
|
URL: u("https://registry.example.com/prefix/v2"),
|
|
Config: registries.RegistryConfig{
|
|
Auth: ®istries.AuthConfig{
|
|
Username: "user",
|
|
Password: "pass",
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
"registry.example.com": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://registry.example.com/v2"),
|
|
Config: registries.RegistryConfig{
|
|
Auth: ®istries.AuthConfig{
|
|
Username: "user",
|
|
Password: "pass",
|
|
},
|
|
},
|
|
},
|
|
Endpoints: []templates.RegistryEndpoint{
|
|
{
|
|
OverridePath: true,
|
|
URL: u("https://registry.example.com/prefix/v2"),
|
|
Config: registries.RegistryConfig{
|
|
Auth: ®istries.AuthConfig{
|
|
Username: "user",
|
|
Password: "pass",
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
name: "registry with mirror endpoint and mirror creds - override path without v2",
|
|
args: args{
|
|
registryContent: `
|
|
mirrors:
|
|
docker.io:
|
|
endpoint:
|
|
- https://registry.example.com/project/registry
|
|
registry.example.com:
|
|
endpoint:
|
|
- https://registry.example.com/project/registry
|
|
configs:
|
|
registry.example.com:
|
|
auth:
|
|
username: user
|
|
password: pass
|
|
`,
|
|
},
|
|
want: HostConfigs{
|
|
"docker.io": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://registry-1.docker.io/v2"),
|
|
},
|
|
Endpoints: []templates.RegistryEndpoint{
|
|
{
|
|
OverridePath: true,
|
|
URL: u("https://registry.example.com/project/registry"),
|
|
Config: registries.RegistryConfig{
|
|
Auth: ®istries.AuthConfig{
|
|
Username: "user",
|
|
Password: "pass",
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
"registry.example.com": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://registry.example.com/v2"),
|
|
Config: registries.RegistryConfig{
|
|
Auth: ®istries.AuthConfig{
|
|
Username: "user",
|
|
Password: "pass",
|
|
},
|
|
},
|
|
},
|
|
Endpoints: []templates.RegistryEndpoint{
|
|
{
|
|
OverridePath: true,
|
|
URL: u("https://registry.example.com/project/registry"),
|
|
Config: registries.RegistryConfig{
|
|
Auth: ®istries.AuthConfig{
|
|
Username: "user",
|
|
Password: "pass",
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
name: "registry with mirror endpoint and mirror creds - no default endpoint",
|
|
args: args{
|
|
noDefaultEndpoint: true,
|
|
registryContent: `
|
|
mirrors:
|
|
docker.io:
|
|
endpoint:
|
|
- https://registry.example.com/v2
|
|
configs:
|
|
registry.example.com:
|
|
auth:
|
|
username: user
|
|
password: pass
|
|
`,
|
|
},
|
|
want: HostConfigs{
|
|
"docker.io": templates.HostConfig{
|
|
Program: "k3s",
|
|
Endpoints: []templates.RegistryEndpoint{
|
|
{
|
|
URL: u("https://registry.example.com/v2"),
|
|
Config: registries.RegistryConfig{
|
|
Auth: ®istries.AuthConfig{
|
|
Username: "user",
|
|
Password: "pass",
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
"registry.example.com": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://registry.example.com/v2"),
|
|
Config: registries.RegistryConfig{
|
|
Auth: ®istries.AuthConfig{
|
|
Username: "user",
|
|
Password: "pass",
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
name: "registry with mirror endpoint and mirror creds - embedded registry",
|
|
args: args{
|
|
mirrorAddr: "127.0.0.1:6443",
|
|
registryContent: `
|
|
mirrors:
|
|
docker.io:
|
|
endpoint:
|
|
- https://registry.example.com/v2
|
|
configs:
|
|
registry.example.com:
|
|
auth:
|
|
username: user
|
|
password: pass
|
|
`,
|
|
},
|
|
want: HostConfigs{
|
|
"docker.io": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://registry-1.docker.io/v2"),
|
|
},
|
|
Endpoints: []templates.RegistryEndpoint{
|
|
{
|
|
URL: u("https://127.0.0.1:6443/v2"),
|
|
Config: registries.RegistryConfig{
|
|
TLS: ®istries.TLSConfig{
|
|
CAFile: "server-ca",
|
|
KeyFile: "client-key",
|
|
CertFile: "client-cert",
|
|
},
|
|
},
|
|
},
|
|
{
|
|
URL: u("https://registry.example.com/v2"),
|
|
Config: registries.RegistryConfig{
|
|
Auth: ®istries.AuthConfig{
|
|
Username: "user",
|
|
Password: "pass",
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
"registry.example.com": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://registry.example.com/v2"),
|
|
Config: registries.RegistryConfig{
|
|
Auth: ®istries.AuthConfig{
|
|
Username: "user",
|
|
Password: "pass",
|
|
},
|
|
},
|
|
},
|
|
},
|
|
"127.0.0.1:6443": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://127.0.0.1:6443/v2"),
|
|
Config: registries.RegistryConfig{
|
|
TLS: ®istries.TLSConfig{
|
|
CAFile: "server-ca",
|
|
KeyFile: "client-key",
|
|
CertFile: "client-cert",
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
name: "registry with mirror endpoint and mirror creds - embedded registry with rewrites",
|
|
args: args{
|
|
mirrorAddr: "127.0.0.1:6443",
|
|
registryContent: `
|
|
mirrors:
|
|
docker.io:
|
|
endpoint:
|
|
- https://registry.example.com/v2
|
|
rewrite:
|
|
"^rancher/(.*)": "docker/rancher-images/$1"
|
|
configs:
|
|
registry.example.com:
|
|
auth:
|
|
username: user
|
|
password: pass
|
|
`,
|
|
},
|
|
want: HostConfigs{
|
|
"docker.io": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://registry-1.docker.io/v2"),
|
|
},
|
|
Endpoints: []templates.RegistryEndpoint{
|
|
{
|
|
URL: u("https://127.0.0.1:6443/v2"),
|
|
Config: registries.RegistryConfig{
|
|
TLS: ®istries.TLSConfig{
|
|
CAFile: "server-ca",
|
|
KeyFile: "client-key",
|
|
CertFile: "client-cert",
|
|
},
|
|
},
|
|
},
|
|
{
|
|
URL: u("https://registry.example.com/v2"),
|
|
Config: registries.RegistryConfig{
|
|
Auth: ®istries.AuthConfig{
|
|
Username: "user",
|
|
Password: "pass",
|
|
},
|
|
},
|
|
Rewrites: map[string]string{
|
|
"^rancher/(.*)": "docker/rancher-images/$1",
|
|
},
|
|
},
|
|
},
|
|
},
|
|
"registry.example.com": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://registry.example.com/v2"),
|
|
Config: registries.RegistryConfig{
|
|
Auth: ®istries.AuthConfig{
|
|
Username: "user",
|
|
Password: "pass",
|
|
},
|
|
},
|
|
},
|
|
},
|
|
"127.0.0.1:6443": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://127.0.0.1:6443/v2"),
|
|
Config: registries.RegistryConfig{
|
|
TLS: ®istries.TLSConfig{
|
|
CAFile: "server-ca",
|
|
KeyFile: "client-key",
|
|
CertFile: "client-cert",
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
name: "registry with mirror endpoint and mirror creds - embedded registry and no default endpoint",
|
|
args: args{
|
|
mirrorAddr: "127.0.0.1:6443",
|
|
noDefaultEndpoint: true,
|
|
registryContent: `
|
|
mirrors:
|
|
docker.io:
|
|
endpoint:
|
|
- https://registry.example.com/v2
|
|
configs:
|
|
registry.example.com:
|
|
auth:
|
|
username: user
|
|
password: pass
|
|
`,
|
|
},
|
|
want: HostConfigs{
|
|
"docker.io": templates.HostConfig{
|
|
Program: "k3s",
|
|
Endpoints: []templates.RegistryEndpoint{
|
|
{
|
|
URL: u("https://127.0.0.1:6443/v2"),
|
|
Config: registries.RegistryConfig{
|
|
TLS: ®istries.TLSConfig{
|
|
CAFile: "server-ca",
|
|
KeyFile: "client-key",
|
|
CertFile: "client-cert",
|
|
},
|
|
},
|
|
},
|
|
{
|
|
URL: u("https://registry.example.com/v2"),
|
|
Config: registries.RegistryConfig{
|
|
Auth: ®istries.AuthConfig{
|
|
Username: "user",
|
|
Password: "pass",
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
"registry.example.com": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://registry.example.com/v2"),
|
|
Config: registries.RegistryConfig{
|
|
Auth: ®istries.AuthConfig{
|
|
Username: "user",
|
|
Password: "pass",
|
|
},
|
|
},
|
|
},
|
|
},
|
|
"127.0.0.1:6443": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://127.0.0.1:6443/v2"),
|
|
Config: registries.RegistryConfig{
|
|
TLS: ®istries.TLSConfig{
|
|
CAFile: "server-ca",
|
|
KeyFile: "client-key",
|
|
CertFile: "client-cert",
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
name: "registry with mirror endpoint - embedded registry, default endpoint explicitly listed",
|
|
args: args{
|
|
mirrorAddr: "127.0.0.1:6443",
|
|
registryContent: `
|
|
mirrors:
|
|
docker.io:
|
|
endpoint:
|
|
- registry.example.com
|
|
- registry.example.org
|
|
- docker.io
|
|
`,
|
|
},
|
|
want: HostConfigs{
|
|
"docker.io": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://registry-1.docker.io/v2"),
|
|
},
|
|
Endpoints: []templates.RegistryEndpoint{
|
|
{
|
|
URL: u("https://127.0.0.1:6443/v2"),
|
|
Config: registries.RegistryConfig{
|
|
TLS: ®istries.TLSConfig{
|
|
CAFile: "server-ca",
|
|
KeyFile: "client-key",
|
|
CertFile: "client-cert",
|
|
},
|
|
},
|
|
},
|
|
{
|
|
URL: u("https://registry.example.com/v2"),
|
|
},
|
|
{
|
|
URL: u("https://registry.example.org/v2"),
|
|
},
|
|
},
|
|
},
|
|
"127.0.0.1:6443": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://127.0.0.1:6443/v2"),
|
|
Config: registries.RegistryConfig{
|
|
TLS: ®istries.TLSConfig{
|
|
CAFile: "server-ca",
|
|
KeyFile: "client-key",
|
|
CertFile: "client-cert",
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
name: "registry with mirror endpoint - embedded registry and no default endpoint, default endpoint explicitly listed",
|
|
args: args{
|
|
mirrorAddr: "127.0.0.1:6443",
|
|
noDefaultEndpoint: true,
|
|
registryContent: `
|
|
mirrors:
|
|
docker.io:
|
|
endpoint:
|
|
- registry.example.com
|
|
- registry.example.org
|
|
- docker.io
|
|
`,
|
|
},
|
|
want: HostConfigs{
|
|
"docker.io": templates.HostConfig{
|
|
Program: "k3s",
|
|
Endpoints: []templates.RegistryEndpoint{
|
|
{
|
|
URL: u("https://127.0.0.1:6443/v2"),
|
|
Config: registries.RegistryConfig{
|
|
TLS: ®istries.TLSConfig{
|
|
CAFile: "server-ca",
|
|
KeyFile: "client-key",
|
|
CertFile: "client-cert",
|
|
},
|
|
},
|
|
},
|
|
{
|
|
URL: u("https://registry.example.com/v2"),
|
|
},
|
|
{
|
|
URL: u("https://registry.example.org/v2"),
|
|
},
|
|
{
|
|
URL: u("https://registry-1.docker.io/v2"),
|
|
},
|
|
},
|
|
},
|
|
"127.0.0.1:6443": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://127.0.0.1:6443/v2"),
|
|
Config: registries.RegistryConfig{
|
|
TLS: ®istries.TLSConfig{
|
|
CAFile: "server-ca",
|
|
KeyFile: "client-key",
|
|
CertFile: "client-cert",
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
name: "wildcard mirror endpoint - full URL",
|
|
args: args{
|
|
registryContent: `
|
|
mirrors:
|
|
"*":
|
|
endpoint:
|
|
- https://registry.example.com/v2
|
|
`,
|
|
},
|
|
want: HostConfigs{
|
|
"_default": templates.HostConfig{
|
|
Program: "k3s",
|
|
Endpoints: []templates.RegistryEndpoint{
|
|
{
|
|
URL: u("https://registry.example.com/v2"),
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
name: "wildcard mirror endpoint - full URL, embedded registry",
|
|
args: args{
|
|
mirrorAddr: "127.0.0.1:6443",
|
|
registryContent: `
|
|
mirrors:
|
|
"*":
|
|
endpoint:
|
|
- https://registry.example.com/v2
|
|
`,
|
|
},
|
|
want: HostConfigs{
|
|
"_default": templates.HostConfig{
|
|
Program: "k3s",
|
|
Endpoints: []templates.RegistryEndpoint{
|
|
// note that the embedded registry mirror is NOT listed as an endpoint.
|
|
// individual registries must be enabled for mirroring by name.
|
|
{
|
|
URL: u("https://registry.example.com/v2"),
|
|
},
|
|
},
|
|
},
|
|
"127.0.0.1:6443": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://127.0.0.1:6443/v2"),
|
|
Config: registries.RegistryConfig{
|
|
TLS: ®istries.TLSConfig{
|
|
CAFile: "server-ca",
|
|
KeyFile: "client-key",
|
|
CertFile: "client-cert",
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
name: "wildcard config",
|
|
args: args{
|
|
registryContent: `
|
|
configs:
|
|
"*":
|
|
auth:
|
|
username: user
|
|
password: pass
|
|
tls:
|
|
insecure_skip_verify: true
|
|
`,
|
|
},
|
|
want: HostConfigs{
|
|
"_default": {
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
Config: registries.RegistryConfig{
|
|
Auth: ®istries.AuthConfig{
|
|
Username: "user",
|
|
Password: "pass",
|
|
},
|
|
TLS: ®istries.TLSConfig{
|
|
InsecureSkipVerify: true,
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
name: "localhost registry - default https endpoint on unspecified port",
|
|
args: args{
|
|
registryContent: `
|
|
mirrors:
|
|
"localhost":
|
|
`,
|
|
},
|
|
want: HostConfigs{},
|
|
},
|
|
{
|
|
name: "localhost registry - default https endpoint on https port",
|
|
args: args{
|
|
registryContent: `
|
|
mirrors:
|
|
"localhost:443":
|
|
`,
|
|
},
|
|
want: HostConfigs{},
|
|
},
|
|
{
|
|
name: "localhost registry - default http endpoint on odd port",
|
|
args: args{
|
|
registryContent: `
|
|
mirrors:
|
|
"localhost:5000":
|
|
`,
|
|
},
|
|
want: HostConfigs{},
|
|
},
|
|
{
|
|
name: "localhost registry - default http endpoint on http port",
|
|
args: args{
|
|
registryContent: `
|
|
mirrors:
|
|
"localhost:80":
|
|
`,
|
|
},
|
|
want: HostConfigs{},
|
|
},
|
|
{
|
|
name: "localhost registry - default http endpoint on odd port, embedded registry",
|
|
args: args{
|
|
mirrorAddr: "127.0.0.1:6443",
|
|
registryContent: `
|
|
mirrors:
|
|
"localhost:5000":
|
|
`,
|
|
},
|
|
want: HostConfigs{
|
|
// localhost registries are not handled by the embedded registry mirror.
|
|
"127.0.0.1:6443": templates.HostConfig{
|
|
Program: "k3s",
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("https://127.0.0.1:6443/v2"),
|
|
Config: registries.RegistryConfig{
|
|
TLS: ®istries.TLSConfig{
|
|
CAFile: "server-ca",
|
|
KeyFile: "client-key",
|
|
CertFile: "client-cert",
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
name: "localhost registry - https endpoint on odd port with tls verification disabled",
|
|
args: args{
|
|
registryContent: `
|
|
mirrors:
|
|
localhost:5000:
|
|
endpoint:
|
|
- https://localhost:5000
|
|
configs:
|
|
localhost:5000:
|
|
tls:
|
|
insecure_skip_verify: true
|
|
`,
|
|
},
|
|
want: HostConfigs{
|
|
"localhost:5000": templates.HostConfig{
|
|
Default: &templates.RegistryEndpoint{
|
|
URL: u("http://localhost:5000/v2"),
|
|
Config: registries.RegistryConfig{
|
|
TLS: ®istries.TLSConfig{
|
|
InsecureSkipVerify: true,
|
|
},
|
|
},
|
|
},
|
|
Program: "k3s",
|
|
Endpoints: []templates.RegistryEndpoint{
|
|
{
|
|
URL: u("https://localhost:5000/v2"),
|
|
Config: registries.RegistryConfig{
|
|
TLS: ®istries.TLSConfig{
|
|
InsecureSkipVerify: true,
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
// replace tabs from the inline yaml with spaces; yaml doesn't support tabs for indentation.
|
|
tt.args.registryContent = strings.ReplaceAll(tt.args.registryContent, "\t", " ")
|
|
tempDir := t.TempDir()
|
|
registriesFile := filepath.Join(tempDir, "registries.yaml")
|
|
os.WriteFile(registriesFile, []byte(tt.args.registryContent), 0644)
|
|
t.Logf("%s:\n%s", registriesFile, tt.args.registryContent)
|
|
|
|
registry, err := registries.GetPrivateRegistries(registriesFile)
|
|
if err != nil {
|
|
t.Fatalf("failed to parse %s: %v\n", registriesFile, err)
|
|
}
|
|
|
|
// set up embedded registry, if enabled for the test
|
|
if tt.args.mirrorAddr != "" {
|
|
conf := spegel.DefaultRegistry
|
|
conf.ServerCAFile = "server-ca"
|
|
conf.ClientKeyFile = "client-key"
|
|
conf.ClientCertFile = "client-cert"
|
|
conf.InternalAddress, conf.RegistryPort, _ = net.SplitHostPort(tt.args.mirrorAddr)
|
|
conf.InjectMirror(&config.Node{AgentConfig: config.Agent{Registry: registry.Registry}})
|
|
}
|
|
|
|
// Generate config template struct for all hosts
|
|
got := getHostConfigs(registry.Registry, tt.args.noDefaultEndpoint, tt.args.mirrorAddr)
|
|
assert.Equal(t, tt.want, got, "getHostConfigs()")
|
|
|
|
// Confirm that hosts.toml renders properly for all registries
|
|
for host, config := range got {
|
|
hostsTemplate, err := templates.ParseHostsTemplateFromConfig(templates.HostsTomlTemplate, config)
|
|
assert.NoError(t, err, "ParseHostTemplateFromConfig for %s", host)
|
|
t.Logf("%s/hosts.d/%s/hosts.toml\n%s", tempDir, host, hostsTemplate)
|
|
}
|
|
|
|
// Confirm that the main containerd config.toml renders properly
|
|
containerdConfig := templates.ContainerdConfig{
|
|
NodeConfig: &config.Node{
|
|
Containerd: config.Containerd{
|
|
Registry: tempDir + "/hosts.d",
|
|
},
|
|
},
|
|
PrivateRegistryConfig: registry.Registry,
|
|
Program: "k3s",
|
|
}
|
|
configTemplate, err := templates.ParseTemplateFromConfig(templates.ContainerdConfigTemplate, containerdConfig)
|
|
assert.NoError(t, err, "ParseTemplateFromConfig")
|
|
t.Logf("%s/config.toml\n%s", tempDir, configTemplate)
|
|
})
|
|
}
|
|
}
|