diff --git a/cmd/image-syncer/image_syncer_suite_test.go b/cmd/image-syncer/image_syncer_suite_test.go new file mode 100644 index 000000000000..09f386b8a85c --- /dev/null +++ b/cmd/image-syncer/image_syncer_suite_test.go @@ -0,0 +1,13 @@ +package main + +import ( + "testing" + + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" +) + +func TestImageSyncer(t *testing.T) { + RegisterFailHandler(Fail) + RunSpecs(t, "ImageSyncer Suite") +} diff --git a/cmd/image-syncer/main.go b/cmd/image-syncer/main.go index 1932c4d27e2b..a559c3bfc2b5 100644 --- a/cmd/image-syncer/main.go +++ b/cmd/image-syncer/main.go @@ -184,13 +184,7 @@ func SyncImage(ctx context.Context, src, dest string, dryRun bool, auth authn.Au } // SyncImages is a main syncing function that takes care of copying images. -func SyncImages(ctx context.Context, cfg *Config, images *imagesync.SyncDef, authCfg []byte) error { - var auth authn.Authenticator - if cfg.TargetKeyFile != "" { - auth = &authn.Basic{Username: "_json_key", Password: string(authCfg)} - } else { - auth = &authn.Bearer{Token: string(authCfg)} - } +func SyncImages(ctx context.Context, cfg *Config, images *imagesync.SyncDef, auth authn.Authenticator) error { for _, img := range images.Images { target, err := getTarget(img.Source, cfg.TargetRepoPrefix, img.Tag) imageType := "Index" @@ -224,6 +218,35 @@ func SyncImages(ctx context.Context, cfg *Config, images *imagesync.SyncDef, aut return nil } +// newAuthenticator creates a new authenticator based on the provided configuration +// An authenticator is used to authenticate to the target repository. +func (cfg *Config) newAuthenticator() (authn.Authenticator, error) { + log.Debug("started creating new authenticator") + var ( + auth authn.Authenticator + authCfg []byte + err error + ) + + if cfg.TargetKeyFile != "" { + log.WithField("targetKeyFile", cfg.TargetKeyFile).Debug("target key file path provided, reading the file") + authCfg, err = os.ReadFile(cfg.TargetKeyFile) + if err != nil { + return nil, fmt.Errorf("could not open target auth key JSON file, error: %w", err) + } + log.Debug("target key file read successfully, creating basic authenticator") + auth = &authn.Basic{Username: "_json_key", Password: string(authCfg)} + log.WithField("username", "_json_key").Debug("basic authenticator created successfully") + return auth, nil + } + if cfg.AccessToken != "" { + log.Debug("access token provided, creating bearer authenticator") + auth = &authn.Bearer{Token: cfg.AccessToken} + return auth, nil + } + return nil, fmt.Errorf("no target auth key file or access token provided") +} + func main() { log.Out = os.Stdout var cfg Config @@ -234,7 +257,6 @@ func main() { Long: `image-syncer copies docker images. It compares checksum between source and target and protects target images against overriding`, //nolint:revive Run: func(cmd *cobra.Command, args []string) { - var authCfg []byte logLevel := logrus.InfoLevel if cfg.Debug { logLevel = logrus.DebugLevel @@ -248,28 +270,21 @@ func main() { if err != nil { log.WithError(err).Fatal("Could not parse images file") } - if cfg.TargetKeyFile != "" { - authCfg, err = os.ReadFile(cfg.TargetKeyFile) - if err != nil { - log.WithError(err).Fatal("Could not open target auth key JSON") - } - } else { - authCfg = []byte(cfg.AccessToken) + + log.Info("Creating authenticator") + auth, err := cfg.newAuthenticator() + if err != nil { + log.WithError(err).Fatal("Failed to create authenticator") } if cfg.DryRun { log.Info("Dry-Run enabled. Program will not make any changes to the target repository.") } - // This error looks like some leftover. - if err != nil { - log.WithError(err).Fatal("Failed to create signer instance") - } - if err := SyncImages(ctx, &cfg, imagesFile, authCfg); err != nil { + if err := SyncImages(ctx, &cfg, imagesFile, auth); err != nil { log.WithError(err).Fatal("Failed to sync images") - } else { - log.Info("All images synced successfully") } + log.Info("All images synced successfully") }, } diff --git a/cmd/image-syncer/main_test.go b/cmd/image-syncer/main_test.go new file mode 100644 index 000000000000..a03d84668d22 --- /dev/null +++ b/cmd/image-syncer/main_test.go @@ -0,0 +1,55 @@ +package main + +import ( + "github.com/google/go-containerregistry/pkg/authn" + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" +) + +var _ = Describe("newAuthenticator", func() { + var cfg Config + + BeforeEach(func() { + cfg = Config{} + }) + + Context("when TargetKeyFile is provided", func() { + It("should create a basic authenticator", func() { + cfg.TargetKeyFile = "./test-fixtures/keyfile.json" + auth, err := cfg.newAuthenticator() + Expect(err).NotTo(HaveOccurred()) + Expect(auth).To(Equal(&authn.Basic{ + Username: "_json_key", + Password: "test_content", + })) + }) + + It("should return an error if the key file cannot be read", func() { + cfg.TargetKeyFile = "./test-fixtures/invalid_keyfile.json" + auth, err := cfg.newAuthenticator() + Expect(err).To(HaveOccurred()) + Expect(auth).To(BeNil()) + }) + }) + + Context("when AccessToken is provided", func() { + It("should create a bearer authenticator", func() { + cfg.AccessToken = "valid-access-token" + auth, err := cfg.newAuthenticator() + Expect(err).NotTo(HaveOccurred()) + Expect(auth).To(Equal(&authn.Bearer{ + Token: "valid-access-token", + })) + }) + }) + + Context("when neither TargetKeyFile nor AccessToken is provided", func() { + It("should return an error", func() { + cfg.TargetKeyFile = "" + cfg.AccessToken = "" + auth, err := cfg.newAuthenticator() + Expect(err).To(HaveOccurred()) + Expect(auth).To(BeNil()) + }) + }) +}) diff --git a/cmd/image-syncer/test-fixtures/keyfile.json b/cmd/image-syncer/test-fixtures/keyfile.json new file mode 100644 index 000000000000..f650831fc641 --- /dev/null +++ b/cmd/image-syncer/test-fixtures/keyfile.json @@ -0,0 +1 @@ +test_content \ No newline at end of file diff --git a/go.mod b/go.mod index 944637a9653b..c90bbf50e51d 100644 --- a/go.mod +++ b/go.mod @@ -25,7 +25,7 @@ require ( github.com/jamiealquiza/envy v1.1.0 github.com/jinzhu/copier v0.4.0 github.com/microsoft/azure-devops-go-api/azuredevops/v7 v7.1.0 - github.com/onsi/ginkgo/v2 v2.20.2 + github.com/onsi/ginkgo/v2 v2.20.1 github.com/onsi/gomega v1.34.2 github.com/pkg/errors v0.9.1 github.com/sirupsen/logrus v1.9.3 diff --git a/go.sum b/go.sum index ae6a136f42cf..a06f4b264162 100644 --- a/go.sum +++ b/go.sum @@ -548,8 +548,8 @@ github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+ github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.11.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo/v2 v2.20.2 h1:7NVCeyIWROIAheY21RLS+3j2bb52W0W82tkberYytp4= -github.com/onsi/ginkgo/v2 v2.20.2/go.mod h1:K9gyxPIlb+aIvnZ8bd9Ak+YP18w3APlR+5coaZoE2ag= +github.com/onsi/ginkgo/v2 v2.20.1 h1:YlVIbqct+ZmnEph770q9Q7NVAz4wwIiVNahee6JyUzo= +github.com/onsi/ginkgo/v2 v2.20.1/go.mod h1:lG9ey2Z29hR41WMVthyJBGUBcBhGOtoPF2VFMvBXFCI= github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= github.com/onsi/gomega v1.34.2 h1:pNCwDkzrsv7MS9kpaQvVb1aVLahQXyJ/Tv5oAZMI3i8=