jenkins/sap-jenkins-library
1
0
Fork 0
mirror of https://github.com/SAP/jenkins-library.git synced 2024-12-12 10:55:20 +02:00
Code Issues Releases Activity

feat(ContainerPushToRegistry): add authentication for source registry (#2798)

Browse Source 
* feat(ContainerPushToRegistry): add authentication for source repository

* Adjust mocking to reflect a source and a target registry instead of an anonymous and an authenticated

Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
This commit is contained in:
Maximilian Braun 2021-05-06 11:17:02 +02:00 committed by GitHub
parent 8a111fbe40
commit 9d82bdcd20
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 83 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

98
test/groovy/ContainerPushToRegistryTest.groovy
View File

@ -39,25 +39,54 @@ class ContainerPushToRegistryTest extends BasePiperTest {
)
.around(stepRule)
def dockerMockArgs = [:]
def dockerMock = new DockerMock('test')
class DockerMock {
LinkedList<DockerRegistry> registries
String image
DockerMock(name){
dockerMockArgs.name = name
this.image = name
this.registries = [] as LinkedList
}
def withRegistry(paramRegistry, paramCredentials, paramClosure){
dockerMockArgs.paramRegistry = paramRegistry
dockerMockArgs.paramCredentials = paramCredentials
this.registries.add(new DockerRegistry(paramRegistry, paramCredentials, paramCredentials? false : true))
return paramClosure()
}
def withRegistry(paramRegistry, paramClosure){
dockerMockArgs.paramRegistryAnonymous = paramRegistry.toString()
return paramClosure()
return withRegistry(paramRegistry, null, paramClosure)
}
def image(name) {
dockerMockArgs.name = name
this.image = name
return new ContainerImageMock()
}
protected DockerRegistry getSourceRegistry() {
if (registries.size() == 1) {
return null;
}
return registries.first
}
protected DockerRegistry getTargetRegistry() {
if (registries.size() == 1) {
return registries.first
}
return registries.last
}
}
class DockerRegistry {
final boolean isAnonymous
final String credentials
final String url
DockerRegistry(url, credentials, isAnonymous) {
this.url = url
this.credentials = credentials
this.isAnonymous = isAnonymous
}
}
def dockerMockPushes = []
@ -78,7 +107,7 @@ class ContainerPushToRegistryTest extends BasePiperTest {
@Before
void init() {
binding.setVariable('docker', new DockerMock('test'))
binding.setVariable('docker', dockerMock)
Utils.metaClass.echo = { def m -> }
}
@ -106,9 +135,9 @@ class ContainerPushToRegistryTest extends BasePiperTest {
dockerImage: 'testImage:tag',
)
assertThat(dockerMockArgs.paramRegistry, is('https://testRegistry'))
assertThat(dockerMockArgs.paramCredentials, is('testCredentialsId'))
assertThat(dockerMockArgs.name, is('testImage:tag'))
assertThat(dockerMock.targetRegistry.url, is('https://testRegistry'))
assertThat(dockerMock.targetRegistry.credentials, is('testCredentialsId'))
assertThat(dockerMock.image, is('testImage:tag'))
assertThat(dockerMockPushes, hasItem('default'))
assertThat(dockerMockPushes, not(hasItem('latest')))
}
@ -124,10 +153,10 @@ class ContainerPushToRegistryTest extends BasePiperTest {
tagLatest: true
)
assertThat(dockerMockArgs.paramRegistry, is('https://testRegistry'))
assertThat(dockerMockArgs.paramCredentials, is('testCredentialsId'))
assertThat(dockerMockArgs.paramRegistryAnonymous, is(null))
assertThat(dockerMockArgs.name, is('test'))
assertThat(dockerMock.targetRegistry.url, is('https://testRegistry'))
assertThat(dockerMock.targetRegistry.credentials, is('testCredentialsId'))
assertThat(dockerMock.sourceRegistry, is (null))
assertThat(dockerMock.image, is('test'))
assertThat(dockerMockPushes, hasItem('default'))
assertThat(dockerMockPushes, hasItem('latest'))
}
@ -145,8 +174,12 @@ class ContainerPushToRegistryTest extends BasePiperTest {
dockerCredentialsId: 'testCredentialsId',
)
assertThat(dockerMockArgs.paramRegistryAnonymous, is('https://testRegistry:55555'))
assertThat(dockerMockArgs.name, is('path/testImage:tag'))
assertThat(dockerMock.sourceRegistry.url, is('https://testRegistry:55555'))
assertThat(dockerMock.sourceRegistry.isAnonymous, is(true))
assertThat(dockerMock.targetRegistry.url, is('https://testRegistry'))
assertThat(dockerMock.targetRegistry.credentials, is('testCredentialsId'))
assertThat(dockerMock.targetRegistry.isAnonymous, is(false))
assertThat(dockerMock.image, is('path/testImage:tag'))
assertThat(shellCallRule.shell, hasItem('docker tag testRegistry:55555/path/testImage:tag path/testImage:tag'))
assertThat(dockerMockPull, is(true))
}
@ -161,8 +194,9 @@ class ContainerPushToRegistryTest extends BasePiperTest {
sourceRegistryUrl: 'http://testSourceRegistry'
)
assertThat(dockerMockArgs.paramRegistryAnonymous, is('http://testSourceRegistry'))
assertThat(dockerMockArgs.name, is('testSourceName:testSourceTag'))
assertThat(dockerMock.sourceRegistry.url, is('http://testSourceRegistry'))
assertThat(dockerMock.image, is('testSourceName:testSourceTag'))
assertThat(dockerMock.sourceRegistry.isAnonymous, is(true))
assertThat(shellCallRule.shell, hasItem('docker tag testSourceRegistry/testSourceName:testSourceTag testSourceName:testSourceTag'))
assertThat(dockerMockPull, is(true))
}
@ -178,8 +212,30 @@ class ContainerPushToRegistryTest extends BasePiperTest {
sourceRegistryUrl: 'http://testSourceRegistry'
)
assertThat(dockerMockArgs.paramRegistryAnonymous, is('http://testSourceRegistry'))
assertThat(dockerMockArgs.name, is('testSourceName:testSourceTag'))
assertThat(dockerMock.sourceRegistry.url, is('http://testSourceRegistry'))
assertThat(dockerMock.sourceRegistry.isAnonymous, is(true))
assertThat(dockerMock.image, is('testSourceName:testSourceTag'))
assertThat(shellCallRule.shell, hasItem('docker tag testSourceRegistry/testSourceName:testSourceTag testImage:tag'))
assertThat(dockerMockPull, is(true))
}
@Test
void testWithAuthenticatedSourceAndTarget() {
stepRule.step.containerPushToRegistry(
script: nullScript,
dockerCredentialsId: 'testCredentialsId',
dockerImage: 'testImage:tag',
dockerRegistryUrl: 'https://testRegistry',
sourceCredentialsId: 'testSourceCredentialsId',
sourceImage: 'testSourceName:testSourceTag',
sourceRegistryUrl: 'http://testSourceRegistry'
)
assertThat(dockerMock.sourceRegistry.url, is('http://testSourceRegistry'))
assertThat(dockerMock.sourceRegistry.credentials, is('testSourceCredentialsId'))
assertThat(dockerMock.targetRegistry.url, is('https://testRegistry'))
assertThat(dockerMock.targetRegistry.credentials, is('testCredentialsId'))
assertThat(dockerMock.image, is('testSourceName:testSourceTag'))
assertThat(shellCallRule.shell, hasItem('docker tag testSourceRegistry/testSourceName:testSourceTag testImage:tag'))
assertThat(dockerMockPull, is(true))
}

7
vars/containerPushToRegistry.groovy
View File

@ -38,6 +38,8 @@ import static com.sap.piper.Prerequisites.checkScript
'sourceImage',
/** Defines a registry url from where the image should optionally be pulled from, incl. the protocol like `https://my.registry.com`*/
'sourceRegistryUrl',
/** Defines the id of the Jenkins username/password credentials containing the credentials for the source Docker registry. */
'sourceCredentialsId',
/** Defines if the image should be tagged as `latest`*/
'tagLatest'
])
@ -95,7 +97,10 @@ void call(Map parameters = [:]) {
if (config.sourceRegistry && config.sourceImage) {
def sourceBuildImage = docker.image(config.sourceImage)
docker.withRegistry(config.sourceRegistryUrl) {
docker.withRegistry(
config.sourceRegistryUrl,
config.sourceCredentialsId
) {
sourceBuildImage.pull()
}
sh "docker tag ${config.sourceRegistry}/${config.sourceImage} ${config.dockerImage}"