Basic validation implemented

Azure · Jul 25, 2023 · 341d000 · 341d000
1 parent 8fe9b7c
commit 341d000
Show file tree

Hide file tree

Showing 5 changed files with 83 additions and 16 deletions.
diff --git a/pkg/util/acrtoken/acrtoken.go b/pkg/util/acrtoken/acrtoken.go
@@ -173,7 +173,7 @@ func (m *manager) ValidateToken(ctx context.Context, rp *api.RegistryProfile) er
 	if err != nil {
 		return err
 	}
-	if *t.Tag.Digest == "" {
+	if t.Tag == nil || *t.Tag.Digest == "" {
 		return fmt.Errorf("unable to validate token: %v", t)
 	}
 	return nil

diff --git a/pkg/util/acrtoken/acrtoken_test.go b/pkg/util/acrtoken/acrtoken_test.go
@@ -11,6 +11,7 @@ import (
 	"github.com/Azure/azure-sdk-for-go/sdk/azcore"
 	"github.com/Azure/azure-sdk-for-go/sdk/azcore/cloud"
 	"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
+	azsdk_acr "github.com/Azure/azure-sdk-for-go/sdk/containers/azcontainerregistry"
 	mgmtcontainerregistry "github.com/Azure/azure-sdk-for-go/services/preview/containerregistry/mgmt/2020-11-01-preview/containerregistry"
 	"github.com/Azure/go-autorest/autorest/azure"
 	"github.com/Azure/go-autorest/autorest/date"
@@ -19,7 +20,9 @@ import (
 	"github.com/golang/mock/gomock"
 
 	"github.com/Azure/ARO-RP/pkg/api"
+	"github.com/Azure/ARO-RP/pkg/env"
 	"github.com/Azure/ARO-RP/pkg/util/azureclient"
+	"github.com/Azure/ARO-RP/pkg/util/azureclient/azcontainerregistry"
 	"github.com/Azure/ARO-RP/pkg/util/clusterauthorizer"
 	mock_azcontainerregistry "github.com/Azure/ARO-RP/pkg/util/mocks/azureclient/azcontainerregistry"
 	mock_containerregistry "github.com/Azure/ARO-RP/pkg/util/mocks/azureclient/mgmt/containerregistry"
@@ -174,13 +177,13 @@ func TestRotateTokenPassword(t *testing.T) {
 			controller := gomock.NewController(t)
 			tokens := mock_containerregistry.NewMockTokensClient(controller)
 			registries := mock_containerregistry.NewMockRegistriesClient(controller)
-			acr := mock_azcontainerregistry.MockACRClient()
+			acr := mock_azcontainerregistry.NewMockACRClient(controller)
 
 			tokens.EXPECT().GetTokenProperties(ctx, "global", "arointsvc", tokenName).Return(fakeTokenProperties(&tt.currentTokenPasswords), nil)
 
 			registries.EXPECT().GenerateCredentials(ctx, "global", "arointsvc", generateCredentialsParameters(tt.wantRenewalName)).Return(fakeCredentialResult(), nil)
 
-			m := setupManager(controller, tokens, registries)
+			m := setupManager(controller, tokens, registries, acr)
 
 			registryProfile := api.RegistryProfile{
 				Username: tokenName,
@@ -207,23 +210,35 @@ func toDate(t time.Time) *date.Time {
 
 func setupManager(controller *gomock.Controller, tc *mock_containerregistry.MockTokensClient, rc *mock_containerregistry.MockRegistriesClient, azacr *mock_azcontainerregistry.MockACRClient) *manager {
 	const testACRDomain = "acrdomain.io"
+	const testImage = "aro"
+	const testTag = "unknown"
+	const testDigest = "sha256:12a4808c81ea16baf83f99559c7d94a7b3f2128b16dcfbd4f1bb87d505dda9cd"
 
-	env := mock_env.NewMockInterface(controller)
-	env.EXPECT().ACRResourceID().AnyTimes().Return(registryResourceID)
-	env.EXPECT().TenantID().AnyTimes().Return("tenantID")
-	env.EXPECT().Environment().AnyTimes().Return(&azureclient.AROEnvironment{
+	m_env := mock_env.NewMockInterface(controller)
+	m_env.EXPECT().ACRResourceID().AnyTimes().Return(registryResourceID)
+	m_env.EXPECT().TenantID().AnyTimes().Return("tenantID")
+	m_env.EXPECT().Environment().AnyTimes().Return(&azureclient.AROEnvironment{
 		Cloud: cloud.AzurePublic,
 	})
-	env.EXPECT().ACRDomain().AnyTimes().Return(testACRDomain)
+	m_env.EXPECT().ACRDomain().AnyTimes().Return(testACRDomain)
 	r, _ := azure.ParseResourceID(registryResourceID)
+	acr := mock_azcontainerregistry.NewMockACRClient(controller)
+	acr.EXPECT().GetTagProperties(context.TODO(), testImage, testTag, nil).AnyTimes().Return(azsdk_acr.ClientGetTagPropertiesResponse{
+		ArtifactTagProperties: azsdk_acr.ArtifactTagProperties{
+			Tag: &azsdk_acr.TagAttributes{
+				Name:   to.StringPtr(testImage),
+				Digest: to.StringPtr(testDigest),
+			},
+		},
+	}, nil)
 	return &manager{
-		env:        env,
+		env:        m_env,
 		r:          r,
 		tokens:     tc,
 		registries: rc,
-		// newAzAcrClient: func(endpoint string, tc azcore.TokenCredential, co *azcontainerregistry.ClientOptions) (*azcontainerregistry.ACRClient, error) {
-		// 	return &azcontainerregistry.ACRClient{}, nil
-		// },
+		newAzAcrClient: func(i env.Interface, s string, tc azcore.TokenCredential, co *azcontainerregistry.ClientOptions) (azcontainerregistry.ACRClient, error) {
+			return acr, nil
+		},
 		getTokenCredential: func(*azureclient.AROEnvironment, *clusterauthorizer.Credentials) (azcore.TokenCredential, error) {
 			return &tokenRequirements{
 				clientSecret:  "my-secret",

diff --git a/pkg/util/azureclient/azcontainerregistry/client.go b/pkg/util/azureclient/azcontainerregistry/client.go
@@ -7,9 +7,10 @@ import (
 	"context"
 	"fmt"
 
-	"github.com/Azure/ARO-RP/pkg/env"
 	"github.com/Azure/azure-sdk-for-go/sdk/azcore"
 	"github.com/Azure/azure-sdk-for-go/sdk/containers/azcontainerregistry"
+
+	"github.com/Azure/ARO-RP/pkg/env"
 )
 
 type ClientOptions struct {

diff --git a/pkg/util/azureclient/azcontainerregistry/generate.go b/pkg/util/azureclient/azcontainerregistry/generate.go
@@ -3,6 +3,6 @@ package azcontainerregistry
 // Copyright (c) Microsoft Corporation.
 // Licensed under the Apache License 2.0.
 
-//go:generate rm -rf ../../../../../mocks/azureclient/azcontainerregistry/$GOPACKAGE
-//go:generate go run ../../../../../vendor/github.com/golang/mock/mockgen -destination=../../../mocks/azureclient/azcontainerregistry/$GOPACKAGE/tokencredential.go -source=tokencredential.go
-//go:generate go run ../../../../../vendor/golang.org/x/tools/cmd/goimports -local=github.com/Azure/ARO-RP -e -w ../../../mocks/azureclient/azcontainerregistry/$GOPACKAGE/tokencredential.go
+//go:generate rm -rf ../../../util/mocks/azureclient/$GOPACKAGE
+//go:generate go run ../../../../vendor/github.com/golang/mock/mockgen -destination=../../../util/mocks/azureclient/$GOPACKAGE/$GOPACKAGE.go github.com/Azure/ARO-RP/pkg/util/azureclient/$GOPACKAGE ACRClient
+//go:generate go run ../../../../vendor/golang.org/x/tools/cmd/goimports -local=github.com/Azure/ARO-RP -e -w ../../../util/mocks/azureclient/$GOPACKAGE/$GOPACKAGE.go
diff --git a/pkg/util/mocks/azureclient/azcontainerregistry/azcontainerregistry.go b/pkg/util/mocks/azureclient/azcontainerregistry/azcontainerregistry.go