Skip to content

Commit

Permalink
Handle docker registry with a trailing slash
Browse files Browse the repository at this point in the history
  • Loading branch information
@domust
domust committed Jul 8, 2024
1 parent 88a1a2d commit 412c9e5
Show file tree
Hide file tree
Showing 2 changed files with 49 additions and 6 deletions.
3 changes: 2 additions & 1 deletion cmd/imagescan/collector/collector.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -234,7 +234,7 @@ func findRegistryAuth(cfg image.DockerConfig, imgRef name.Reference, log logrus.
log.Infof("finding registry auth for image %s", imageRepo)

authKeys := lo.Keys(cfg.Auths)
sort.Strings(authKeys)
sort.Slice(authKeys, func(i, j int) bool { return authKeys[i] > authKeys[j] })
log.Infof("the following registries were found: %s", authKeys)

for _, key := range authKeys {
Expand All @@ -252,6 +252,7 @@ func findRegistryAuth(cfg image.DockerConfig, imgRef name.Reference, log logrus.
func normalize(registryKey string) string {
trimmed := strings.TrimPrefix(registryKey, "http://")
trimmed = strings.TrimPrefix(trimmed, "https://")
trimmed = strings.TrimSuffix(trimmed, "/")
if strings.HasPrefix(trimmed, "docker.io") || strings.HasPrefix(trimmed, "index.docker.io") {
trimmed = strings.TrimSuffix(trimmed, "/v2")
}
Expand Down
52 changes: 47 additions & 5 deletions cmd/imagescan/collector/collector_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -180,23 +180,38 @@ func TestFindRegistryAuth(t *testing.T) {
name: "find auth for image",
cfg: image.DockerConfig{
Auths: map[string]image.RegistryAuth{
"a": registryAuth,
"gitlab.com": registryAuth,
"us-east4-docker.pkg.dev": registryAuth,
"us-east4-docker.pkg.dev/project": registryAuth,
"x": {},
"a": registryAuth,
"gitlab.com": registryAuth,
"us-east4-docker.pkg.dev": registryAuth,
"x": {},
},
},
imageRef: name.MustParseReference("us-east4-docker.pkg.dev/project/repo/name:tag"),
expectedFound: true,
expectedKey: "us-east4-docker.pkg.dev",
expectedAuth: registryAuth,
},
{
name: "find auth for image with trailing slash",
cfg: image.DockerConfig{
Auths: map[string]image.RegistryAuth{
"a": registryAuth,
"gitlab.com": registryAuth,
"us-east4-docker.pkg.dev/": registryAuth,
"x": {},
},
},
imageRef: name.MustParseReference("us-east4-docker.pkg.dev/project/repo/name:tag"),
expectedFound: true,
expectedKey: "us-east4-docker.pkg.dev/",
expectedAuth: registryAuth,
},
{
name: "find auth scoped by repository",
cfg: image.DockerConfig{
Auths: map[string]image.RegistryAuth{
"a": registryAuth,
"us-east4-docker.pkg.dev": registryAuth,
"us-east4-docker.pkg.dev/project/repo": registryAuth,
"x": {},
},
Expand All @@ -206,6 +221,21 @@ func TestFindRegistryAuth(t *testing.T) {
expectedKey: "us-east4-docker.pkg.dev/project/repo",
expectedAuth: registryAuth,
},
{
name: "find auth scoped by repository with trailing slash",
cfg: image.DockerConfig{
Auths: map[string]image.RegistryAuth{
"a": registryAuth,
"us-east4-docker.pkg.dev/": registryAuth,
"us-east4-docker.pkg.dev/project/repo/": registryAuth,
"x": {},
},
},
imageRef: name.MustParseReference("us-east4-docker.pkg.dev/project/repo/name:tag"),
expectedFound: true,
expectedKey: "us-east4-docker.pkg.dev/project/repo/",
expectedAuth: registryAuth,
},
{
name: "find auth for http or https prefixed auths",
cfg: image.DockerConfig{
Expand Down Expand Up @@ -282,6 +312,18 @@ func TestFindRegistryAuth(t *testing.T) {
expectedKey: "index.docker.io/v2",
expectedAuth: registryAuth,
},
{
name: "default docker registry with protocol, index and version",
cfg: image.DockerConfig{
Auths: map[string]image.RegistryAuth{
"https://index.docker.io/v2/": registryAuth,
},
},
imageRef: name.MustParseReference("nginx:latest"),
expectedFound: true,
expectedKey: "https://index.docker.io/v2/",
expectedAuth: registryAuth,
},
}

for _, test := range tests {
Expand Down

0 comments on commit 412c9e5

Please sign in to comment.