cnabio
diff --git a/‎imagestore/construction/construction.go
+1-1 b/‎imagestore/construction/construction.go
+1-1
diff --git a/‎imagestore/ocilayout/ocilayout.go
+4-4 b/‎imagestore/ocilayout/ocilayout.go
+4-4
diff --git a/‎imagestore/ocilayout/ocilayout_integration_test.go
+99 b/‎imagestore/ocilayout/ocilayout_integration_test.go
+99
diff --git a/‎imagestore/ocilayout/testdata/artifacts/layout/blobs/sha256/2db29710123e3e53a794f2694094b9b4338aa9ee5c40b930cb8063a1be392c54
2.42 KB b/‎imagestore/ocilayout/testdata/artifacts/layout/blobs/sha256/2db29710123e3e53a794f2694094b9b4338aa9ee5c40b930cb8063a1be392c54
2.42 KB
diff --git a/‎imagestore/ocilayout/testdata/artifacts/layout/blobs/sha256/f54a58bc1aac5ea1a25d796ae155dc228b3f0e11d046ae276b39c4bf2f13d8c4
+16 b/‎imagestore/ocilayout/testdata/artifacts/layout/blobs/sha256/f54a58bc1aac5ea1a25d796ae155dc228b3f0e11d046ae276b39c4bf2f13d8c4
+16
diff --git a/‎imagestore/ocilayout/testdata/artifacts/layout/blobs/sha256/feb5d9fea6a5e9606aa995e879d862b825965ba48de054caab5ef356dc6b3412
+1 b/‎imagestore/ocilayout/testdata/artifacts/layout/blobs/sha256/feb5d9fea6a5e9606aa995e879d862b825965ba48de054caab5ef356dc6b3412
+1
diff --git a/‎imagestore/ocilayout/testdata/artifacts/layout/index.json
+29 b/‎imagestore/ocilayout/testdata/artifacts/layout/index.json
+29
diff --git a/‎imagestore/ocilayout/testdata/artifacts/layout/oci-layout
+3 b/‎imagestore/ocilayout/testdata/artifacts/layout/oci-layout
+3
diff --git a/‎imagestore/remote/remote.go
+3-2 b/‎imagestore/remote/remote.go
+3-2
diff --git a/‎imagestore/remote/remote_integration_test.go
+58 b/‎imagestore/remote/remote_integration_test.go
+58
diff --git a/‎imagestore/store.go
+29-1 b/‎imagestore/store.go
+29-1
diff --git a/‎imagestore/tests/doc.go
+3 b/‎imagestore/tests/doc.go
+3
@@ -25,7 +25,7 @@ func NewLocatingConstructor() imagestore.Constructor {
 		if thin(parms.ArchiveDir) {
 			return remote.Create()
 		}
-		return ocilayout.LocateOciLayout(parms.ArchiveDir)
+		return ocilayout.LocateOciLayout(parms)
 	}
 }
 
 
@@ -27,7 +27,7 @@ func Create(options ...imagestore.Option) (imagestore.Store, error) {
 		return nil, err
 	}
 
-	layout, err := ggcr.NewRegistryClient().NewLayout(layoutDir)
+	layout, err := ggcr.NewRegistryClient(parms.BuildRegistryOptions()...).NewLayout(layoutDir)
 	if err != nil {
 		return nil, err
 	}
@@ -38,12 +38,12 @@ func Create(options ...imagestore.Option) (imagestore.Store, error) {
 	}, nil
 }
 
-func LocateOciLayout(archiveDir string) (imagestore.Store, error) {
-	layoutDir := filepath.Join(archiveDir, "artifacts", "layout")
+func LocateOciLayout(parms imagestore.Parameters) (imagestore.Store, error) {
+	layoutDir := filepath.Join(parms.ArchiveDir, "artifacts", "layout")
 	if _, err := os.Stat(layoutDir); os.IsNotExist(err) {
 		return nil, err
 	}
-	layout, err := ggcr.NewRegistryClient().ReadLayout(layoutDir)
+	layout, err := ggcr.NewRegistryClient(parms.BuildRegistryOptions()...).ReadLayout(layoutDir)
 	if err != nil {
 		return nil, err
 	}
 
@@ -0,0 +1,99 @@
+package ocilayout
+
+import (
+	"fmt"
+	"net/http"
+	"os/exec"
+	"testing"
+
+	"github.com/pivotal/image-relocation/pkg/image"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+
+	"github.com/cnabio/cnab-go/imagestore"
+	"github.com/cnabio/cnab-go/imagestore/tests"
+)
+
+func TestOCILayout_PushToInsecureRegistry(t *testing.T) {
+	// Start an insecure registry and get the port that it's running on
+	regPort := tests.StartTestRegistry(t)
+	registry := fmt.Sprintf("localhost:%s", regPort)
+
+	// Using hello-world
+	srcDigest, err := image.NewDigest("sha256:f54a58bc1aac5ea1a25d796ae155dc228b3f0e11d046ae276b39c4bf2f13d8c4")
+	require.NoError(t, err, "image.NewDigest failed")
+	sourceImg, err := image.NewName(fmt.Sprintf("docker.io/library/hello-world@%s", srcDigest.String()))
+	require.NoError(t, err, "image.NewName failed")
+	destImg, err := image.NewName(fmt.Sprintf("%s/hello-world:latest", registry))
+	require.NoError(t, err, "image.NewName failed")
+
+	t.Run("failed push", func(t *testing.T) {
+		// Try to push without passing in a http client with skipTLS set to true
+		store, err := Create(imagestore.WithArchiveDir(t.TempDir()))
+		require.NoError(t, err, "ocilayout.Create failed")
+
+		// Add the source image to our registry
+		dig, err := store.Add(sourceImg.String())
+		require.NoError(t, err, "Add failed")
+		assert.Equal(t, srcDigest.String(), dig, "incorrect content digest returned by Add")
+
+		err = store.Push(srcDigest, sourceImg, destImg)
+		require.Errorf(t, err, "expected push to fail because skipTLS was not specified")
+		assert.Contains(t, err.Error(), "Client sent an HTTP request to an HTTPS server", "expected push to fail because TLS wasn't configured properly")
+	})
+
+	t.Run("successful push", func(t *testing.T) {
+		// Create a http transport that allows connecting to our insecure registry
+		skipTLS := http.DefaultTransport.(*http.Transport).Clone()
+		skipTLS.TLSClientConfig.InsecureSkipVerify = true
+
+		store, err := Create(imagestore.WithTransport(skipTLS), imagestore.WithArchiveDir(t.TempDir()))
+		require.NoError(t, err, "ocilayout.Create failed")
+
+		// Add the source image to our registry
+		dig, err := store.Add(sourceImg.String())
+		require.NoError(t, err, "Add failed")
+		assert.Equal(t, srcDigest.String(), dig, "incorrect content digest returned by Add")
+
+		// Push a test container (hello-world) into our registry
+		err = store.Push(srcDigest, sourceImg, destImg)
+		require.NoError(t, err, "Push failed")
+
+		// Validate the image was copied to the new location
+		err = exec.Command("docker", "pull", destImg.String()).Run()
+		require.NoError(t, err, "the image was not present in the destination registry")
+	})
+
+	t.Run("push from archive", func(t *testing.T) {
+		// Create a http transport that allows connecting to our insecure registry
+		skipTLS := http.DefaultTransport.(*http.Transport).Clone()
+		skipTLS.TLSClientConfig.InsecureSkipVerify = true
+
+		parms := imagestore.Create(
+			imagestore.WithArchiveDir("testdata"),
+			imagestore.WithTransport(skipTLS))
+		layout, err := LocateOciLayout(parms)
+		require.NoError(t, err, "LocateOciLayout failed")
+
+		//
+		// Add the image from the archive into the index
+		//
+		img, err := image.NewName("docker.io/library/hello-world@sha256:f54a58bc1aac5ea1a25d796ae155dc228b3f0e11d046ae276b39c4bf2f13d8c4")
+		require.NoError(t, err, "NewName failed")
+
+		dig, err := layout.Add(img.String())
+		require.NoError(t, err, "Add failed")
+		assert.Equal(t, "sha256:f54a58bc1aac5ea1a25d796ae155dc228b3f0e11d046ae276b39c4bf2f13d8c4", dig, "incorrect content digest returned by Add")
+
+		imgDig, err := image.NewDigest(dig)
+		require.NoError(t, err, "NewDigest failed")
+
+		// Push the image
+		err = layout.Push(imgDig, img, destImg)
+		require.NoError(t, err, "Push failed")
+
+		// Validate the image was copied to the new location
+		err = exec.Command("docker", "pull", destImg.String()).Run()
+		require.NoError(t, err, "the image was not present in the destination registry")
+	})
+}
@@ -0,0 +1,16 @@
+{
+   "schemaVersion": 2,
+   "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
+   "config": {
+      "mediaType": "application/vnd.docker.container.image.v1+json",
+      "size": 1469,
+      "digest": "sha256:feb5d9fea6a5e9606aa995e879d862b825965ba48de054caab5ef356dc6b3412"
+   },
+   "layers": [
+      {
+         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
+         "size": 2479,
+         "digest": "sha256:2db29710123e3e53a794f2694094b9b4338aa9ee5c40b930cb8063a1be392c54"
+      }
+   ]
+}
@@ -0,0 +1 @@
+{"architecture":"amd64","config":{"Hostname":"","Domainname":"","User":"","AttachStdin":false,"AttachStdout":false,"AttachStderr":false,"Tty":false,"OpenStdin":false,"StdinOnce":false,"Env":["PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"],"Cmd":["/hello"],"Image":"sha256:b9935d4e8431fb1a7f0989304ec86b3329a99a25f5efdc7f09f3f8c41434ca6d","Volumes":null,"WorkingDir":"","Entrypoint":null,"OnBuild":null,"Labels":null},"container":"8746661ca3c2f215da94e6d3f7dfdcafaff5ec0b21c9aff6af3dc379a82fbc72","container_config":{"Hostname":"8746661ca3c2","Domainname":"","User":"","AttachStdin":false,"AttachStdout":false,"AttachStderr":false,"Tty":false,"OpenStdin":false,"StdinOnce":false,"Env":["PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"],"Cmd":["/bin/sh","-c","#(nop) ","CMD [\"/hello\"]"],"Image":"sha256:b9935d4e8431fb1a7f0989304ec86b3329a99a25f5efdc7f09f3f8c41434ca6d","Volumes":null,"WorkingDir":"","Entrypoint":null,"OnBuild":null,"Labels":{}},"created":"2021-09-23T23:47:57.442225064Z","docker_version":"20.10.7","history":[{"created":"2021-09-23T23:47:57.098990892Z","created_by":"/bin/sh -c #(nop) COPY file:50563a97010fd7ce1ceebd1fa4f4891ac3decdf428333fb2683696f4358af6c2 in / "},{"created":"2021-09-23T23:47:57.442225064Z","created_by":"/bin/sh -c #(nop)  CMD [\"/hello\"]","empty_layer":true}],"os":"linux","rootfs":{"type":"layers","diff_ids":["sha256:e07ee1baac5fae6a26f30cabfe54a36d3402f96afda318fe0a96cec4ca393359"]}}
@@ -0,0 +1,29 @@
+{
+   "schemaVersion": 2,
+   "manifests": [
+      {
+         "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
+         "size": 525,
+         "digest": "sha256:f54a58bc1aac5ea1a25d796ae155dc228b3f0e11d046ae276b39c4bf2f13d8c4",
+         "annotations": {
+            "org.opencontainers.image.ref.name": "docker.io/library/hello-world@sha256:f54a58bc1aac5ea1a25d796ae155dc228b3f0e11d046ae276b39c4bf2f13d8c4"
+         }
+      },
+      {
+         "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
+         "size": 525,
+         "digest": "sha256:f54a58bc1aac5ea1a25d796ae155dc228b3f0e11d046ae276b39c4bf2f13d8c4",
+         "annotations": {
+            "org.opencontainers.image.ref.name": "docker.io/library/hello-world@sha256:f54a58bc1aac5ea1a25d796ae155dc228b3f0e11d046ae276b39c4bf2f13d8c4"
+         }
+      },
+      {
+         "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
+         "size": 525,
+         "digest": "sha256:f54a58bc1aac5ea1a25d796ae155dc228b3f0e11d046ae276b39c4bf2f13d8c4",
+         "annotations": {
+            "org.opencontainers.image.ref.name": "docker.io/library/hello-world@sha256:f54a58bc1aac5ea1a25d796ae155dc228b3f0e11d046ae276b39c4bf2f13d8c4"
+         }
+      }
+   ]
+}
@@ -0,0 +1,3 @@
+{
+    "imageLayoutVersion": "1.0.0"
+}
@@ -15,9 +15,10 @@ type remote struct {
 	registryClient registry.Client
 }
 
-func Create(...imagestore.Option) (imagestore.Store, error) {
+func Create(options ...imagestore.Option) (imagestore.Store, error) {
+	parms := imagestore.Create(options...)
 	return &remote{
-		registryClient: ggcr.NewRegistryClient(),
+		registryClient: ggcr.NewRegistryClient(parms.BuildRegistryOptions()...),
 	}, nil
 }
 
 
@@ -0,0 +1,58 @@
+package remote
+
+import (
+	"fmt"
+	"net/http"
+	"os/exec"
+	"testing"
+
+	"github.com/pivotal/image-relocation/pkg/image"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+
+	"github.com/cnabio/cnab-go/imagestore"
+	"github.com/cnabio/cnab-go/imagestore/tests"
+)
+
+func TestRemote_PushToInsecureRegistry(t *testing.T) {
+	// Start an insecure registry and get the port that it's running on
+	regPort := tests.StartTestRegistry(t)
+	registry := fmt.Sprintf("localhost:%s", regPort)
+
+	// Using hello-world
+	srcDigest, err := image.NewDigest("sha256:f54a58bc1aac5ea1a25d796ae155dc228b3f0e11d046ae276b39c4bf2f13d8c4")
+	require.NoError(t, err, "image.NewDigest failed")
+	sourceImg, err := image.NewName(fmt.Sprintf("docker.io/library/hello-world@%s", srcDigest.String()))
+	require.NoError(t, err, "image.NewName failed")
+	destImg, err := image.NewName(fmt.Sprintf("%s/hello-world:latest", registry))
+	require.NoError(t, err, "image.NewName failed")
+
+	t.Run("failed push", func(t *testing.T) {
+		// Try to push without passing in a http client with skipTLS set to true
+		store, err := Create()
+		require.NoError(t, err, "remote.Create failed")
+
+		err = store.Push(srcDigest, sourceImg, destImg)
+		require.Errorf(t, err, "expected push to fail because skipTLS was not specified")
+		assert.Contains(t, err.Error(), "Client sent an HTTP request to an HTTPS server", "expected push to fail because TLS wasn't configured properly")
+	})
+
+	t.Run("successful push", func(t *testing.T) {
+		// Create a http transport that allows connecting to our insecure registry
+		skipTLS := http.DefaultTransport.(*http.Transport).Clone()
+		skipTLS.TLSClientConfig.InsecureSkipVerify = true
+
+		// Push a test container (hello-world) into our registry
+		store, err := Create(imagestore.WithTransport(skipTLS))
+		require.NoError(t, err, "remote.Create failed")
+
+		// Remote doesn't implement add so we arne't calling it
+
+		err = store.Push(srcDigest, sourceImg, destImg)
+		require.NoError(t, err, "Push failed")
+
+		// Validate the image was copied to the new location
+		err = exec.Command("docker", "pull", destImg.String()).Run()
+		require.NoError(t, err, "the image was not present in the destination registry")
+	})
+}
@@ -3,8 +3,10 @@ package imagestore
 import (
 	"io"
 	"io/ioutil"
+	"net/http"
 
 	"github.com/pivotal/image-relocation/pkg/image"
+	"github.com/pivotal/image-relocation/pkg/registry/ggcr"
 )
 
 // Store is an abstract image store.
@@ -24,6 +26,19 @@ type Constructor func(...Option) (Store, error)
 type Parameters struct {
 	ArchiveDir string
 	Logs       io.Writer
+
+	// Transport is http.Transport to use when communicating with an OCI registry.
+	Transport *http.Transport
+}
+
+// BuildRegistryOptions returns a list of applicable ggcr.Option values
+// to use when calling ggcr.NewRegistryClient().
+func (p Parameters) BuildRegistryOptions() []ggcr.Option {
+	var regOpts []ggcr.Option
+	if p.Transport != nil {
+		regOpts = append(regOpts, ggcr.WithTransport(p.Transport))
+	}
+	return regOpts
 }
 
 // Options is a function which returns updated parameters.
@@ -45,16 +60,29 @@ func WithArchiveDir(archiveDir string) Option {
 		return Parameters{
 			ArchiveDir: archiveDir,
 			Logs:       b.Logs,
+			Transport:  b.Transport,
 		}
 	}
 }
 
-// WithArchiveDir return an option to set the logs parameter.
+// WithLogs return an option to set the logs parameter.
 func WithLogs(logs io.Writer) Option {
 	return func(b Parameters) Parameters {
 		return Parameters{
 			ArchiveDir: b.ArchiveDir,
 			Logs:       logs,
+			Transport:  b.Transport,
+		}
+	}
+}
+
+// WithTransport returns an option with the Transport parameter set.
+func WithTransport(transport *http.Transport) Option {
+	return func(b Parameters) Parameters {
+		return Parameters{
+			ArchiveDir: b.ArchiveDir,
+			Logs:       b.Logs,
+			Transport:  transport,
 		}
 	}
 }
@@ -0,0 +1,3 @@
+// Package tests is a set of test helpers that other tests in the imagestore
+// package tree may use for common test setup
+package tests
Original file line number	Diff line number	Diff line change
`@@ -25,7 +25,7 @@ func NewLocatingConstructor() imagestore.Constructor {`
`25`	`25`	`if thin(parms.ArchiveDir) {`
`26`	`26`	`return remote.Create()`
`27`	`27`	`}`
`28`		`- return ocilayout.LocateOciLayout(parms.ArchiveDir)`
	`28`	`+ return ocilayout.LocateOciLayout(parms)`
`29`	`29`	`}`
`30`	`30`	`}`
`31`	`31`
Original file line number	Diff line number	Diff line change
`@@ -27,7 +27,7 @@ func Create(options ...imagestore.Option) (imagestore.Store, error) {`
`27`	`27`	`return nil, err`
`28`	`28`	`}`
`29`	`29`
`30`		`- layout, err := ggcr.NewRegistryClient().NewLayout(layoutDir)`
	`30`	`+ layout, err := ggcr.NewRegistryClient(parms.BuildRegistryOptions()...).NewLayout(layoutDir)`
`31`	`31`	`if err != nil {`
`32`	`32`	`return nil, err`
`33`	`33`	`}`
`@@ -38,12 +38,12 @@ func Create(options ...imagestore.Option) (imagestore.Store, error) {`
`38`	`38`	`}, nil`
`39`	`39`	`}`
`40`	`40`
`41`		`-func LocateOciLayout(archiveDir string) (imagestore.Store, error) {`
`42`		`- layoutDir := filepath.Join(archiveDir, "artifacts", "layout")`
	`41`	`+func LocateOciLayout(parms imagestore.Parameters) (imagestore.Store, error) {`
	`42`	`+ layoutDir := filepath.Join(parms.ArchiveDir, "artifacts", "layout")`
`43`	`43`	`if _, err := os.Stat(layoutDir); os.IsNotExist(err) {`
`44`	`44`	`return nil, err`
`45`	`45`	`}`
`46`		`- layout, err := ggcr.NewRegistryClient().ReadLayout(layoutDir)`
	`46`	`+ layout, err := ggcr.NewRegistryClient(parms.BuildRegistryOptions()...).ReadLayout(layoutDir)`
`47`	`47`	`if err != nil {`
`48`	`48`	`return nil, err`
`49`	`49`	`}`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	+{"architecture":"amd64","config":{"Hostname":"","Domainname":"","User":"","AttachStdin":false,"AttachStdout":false,"AttachStderr":false,"Tty":false,"OpenStdin":false,"StdinOnce":false,"Env":["PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"],"Cmd":["/hello"],"Image":"sha256:b9935d4e8431fb1a7f0989304ec86b3329a99a25f5efdc7f09f3f8c41434ca6d","Volumes":null,"WorkingDir":"","Entrypoint":null,"OnBuild":null,"Labels":null},"container":"8746661ca3c2f215da94e6d3f7dfdcafaff5ec0b21c9aff6af3dc379a82fbc72","container_config":{"Hostname":"8746661ca3c2","Domainname":"","User":"","AttachStdin":false,"AttachStdout":false,"AttachStderr":false,"Tty":false,"OpenStdin":false,"StdinOnce":false,"Env":["PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"],"Cmd":["/bin/sh","-c","#(nop) ","CMD [\"/hello\"]"],"Image":"sha256:b9935d4e8431fb1a7f0989304ec86b3329a99a25f5efdc7f09f3f8c41434ca6d","Volumes":null,"WorkingDir":"","Entrypoint":null,"OnBuild":null,"Labels":{}},"created":"2021-09-23T23:47:57.442225064Z","docker_version":"20.10.7","history":[{"created":"2021-09-23T23:47:57.098990892Z","created_by":"/bin/sh -c #(nop) COPY file:50563a97010fd7ce1ceebd1fa4f4891ac3decdf428333fb2683696f4358af6c2 in / "},{"created":"2021-09-23T23:47:57.442225064Z","created_by":"/bin/sh -c #(nop) CMD [\"/hello\"]","empty_layer":true}],"os":"linux","rootfs":{"type":"layers","diff_ids":["sha256:e07ee1baac5fae6a26f30cabfe54a36d3402f96afda318fe0a96cec4ca393359"]}}
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+{`
	`2`	`+ "imageLayoutVersion": "1.0.0"`
	`3`	`+}`
Original file line number	Diff line number	Diff line change
`@@ -15,9 +15,10 @@ type remote struct {`
`15`	`15`	`registryClient registry.Client`
`16`	`16`	`}`
`17`	`17`
`18`		`-func Create(...imagestore.Option) (imagestore.Store, error) {`
	`18`	`+func Create(options ...imagestore.Option) (imagestore.Store, error) {`
	`19`	`+ parms := imagestore.Create(options...)`
`19`	`20`	`return &remote{`
`20`		`- registryClient: ggcr.NewRegistryClient(),`
	`21`	`+ registryClient: ggcr.NewRegistryClient(parms.BuildRegistryOptions()...),`
`21`	`22`	`}, nil`
`22`	`23`	`}`
`23`	`24`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+// Package tests is a set of test helpers that other tests in the imagestore`
	`2`	`+// package tree may use for common test setup`
	`3`	`+package tests`