Skip to content

Commit 8fdb9ad

Browse files
author
Michal Minář
committed
extended: fixed registry tests
The extended test suite now secures the registry. This patch allows for secure connection to the registry. Signed-off-by: Michal Minář <[email protected]>
1 parent 86abb1f commit 8fdb9ad

File tree

2 files changed

+35
-12
lines changed

2 files changed

+35
-12
lines changed

test/extended/images/helper.go

+33-10
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,7 @@ package images
33
import (
44
"bytes"
55
cryptorand "crypto/rand"
6+
"crypto/tls"
67
"fmt"
78
"io"
89
"io/ioutil"
@@ -21,6 +22,7 @@ import (
2122

2223
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
2324
kerrors "k8s.io/apimachinery/pkg/util/errors"
25+
knet "k8s.io/apimachinery/pkg/util/net"
2426
"k8s.io/apimachinery/pkg/util/sets"
2527
"k8s.io/apimachinery/pkg/util/wait"
2628
"k8s.io/kubernetes/pkg/client/retry"
@@ -517,20 +519,41 @@ func MirrorBlobInRegistry(oc *exutil.CLI, dgst digest.Digest, repository string,
517519
if err != nil {
518520
return err
519521
}
520-
req, err := http.NewRequest("GET", fmt.Sprintf("http://%s/v2/%s/blobs/%s", registryURL, repository, dgst.String()), nil)
521-
if err != nil {
522-
return err
523-
}
524522
token, err := oc.Run("whoami").Args("-t").Output()
525523
if err != nil {
526524
return err
527525
}
528-
req.Header.Set("range", "bytes=0-1")
529-
req.Header.Set("Authorization", "Bearer "+token)
530-
c := http.Client{}
531-
resp, err := c.Do(req)
532-
if err != nil {
533-
return err
526+
527+
c := http.Client{
528+
Transport: knet.SetTransportDefaults(&http.Transport{
529+
TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
530+
}),
531+
}
532+
533+
peekAtBlob := func(schema string) (*http.Request, *http.Response, error) {
534+
req, err := http.NewRequest("GET", fmt.Sprintf("%s://%s/v2/%s/blobs/%s", schema, registryURL, repository, dgst.String()), nil)
535+
if err != nil {
536+
return nil, nil, err
537+
}
538+
req.Header.Set("range", "bytes=0-1")
539+
req.Header.Set("Authorization", "Bearer "+token)
540+
resp, err := c.Do(req)
541+
if err != nil {
542+
fmt.Fprintf(g.GinkgoWriter, "failed to %s %s: %v (%#+v)\n", req.Method, req.URL, err, err)
543+
return nil, nil, err
544+
}
545+
return req, resp, nil
546+
}
547+
548+
var (
549+
req *http.Request
550+
resp *http.Response
551+
getErr error
552+
)
553+
if req, resp, getErr = peekAtBlob("https"); getErr != nil {
554+
if req, resp, getErr = peekAtBlob("http"); getErr != nil {
555+
return getErr
556+
}
534557
}
535558
defer resp.Body.Close()
536559

test/extended/util/cli.go

+2-2
Original file line numberDiff line numberDiff line change
@@ -134,9 +134,9 @@ func (c *CLI) SetNamespace(ns string) *CLI {
134134
}
135135

136136
// WithoutNamespace instructs the command should be invoked without adding --namespace parameter
137-
func (c *CLI) WithoutNamespace() *CLI {
137+
func (c CLI) WithoutNamespace() *CLI {
138138
c.withoutNamespace = true
139-
return c
139+
return &c
140140
}
141141

142142
// SetOutputDir change the default output directory for temporary files

0 commit comments

Comments
 (0)