Merge pull request #279 from stickycode/registry-can-have-a-port

Registry can have a port
keel-hq · Sep 27, 2018 · fbaa04e · fbaa04e
2 parents 4a59bf4 + 5971cf2
commit fbaa04e
Show file tree

Hide file tree

Showing 2 changed files with 74 additions and 2 deletions.
diff --git a/secrets/secrets.go b/secrets/secrets.go
@@ -235,10 +235,20 @@ func (g *DefaultGetter) getCredentialsFromSecret(image *types.TrackedImage) (*ty
 func credentialsFromConfig(image *types.TrackedImage, cfg DockerCfg) (*types.Credentials, bool) {
 	credentials := &types.Credentials{}
 	found := false
+
+	imageRegistry, err := domainOnly(image.Image.Registry())
+	if err != nil {
+		log.WithFields(log.Fields{
+			"image":     image.Image.Repository(),
+			"namespace": image.Namespace,
+			"error":     err,
+		}).Error("secrets.credentialsFromConfig: failed to parse registry hostname")
+		return credentials, false
+    }
 	// looking for our registry
 	for registry, auth := range cfg {
 		h, err := hostname(registry)
-
+		
 		if err != nil {
 			log.WithFields(log.Fields{
 				"image":     image.Image.Repository(),
@@ -249,7 +259,7 @@ func credentialsFromConfig(image *types.TrackedImage, cfg DockerCfg) (*types.Cre
 			continue
 		}
 
-		if h == image.Image.Registry() {
+		if h == imageRegistry {
 			if auth.Username != "" && auth.Password != "" {
 				credentials.Username = auth.Username
 				credentials.Password = auth.Password
@@ -317,6 +327,14 @@ func hostname(registry string) (string, error) {
 	return registry, nil
 }
 
+func domainOnly(registry string) (string, error) {
+	if strings.Contains(registry, ":") {
+		return strings.Split(registry, ":")[0], nil
+	}
+
+	return registry, nil
+}
+
 func decodeSecret(data []byte) (DockerCfg, error) {
 	var cfg DockerCfg
 	err := json.Unmarshal(data, &cfg)

diff --git a/secrets/secrets_test.go b/secrets/secrets_test.go
@@ -332,6 +332,54 @@ func TestLookupHelmNoSecretsFound(t *testing.T) {
 	}
 }
 
+var secretDataPayloadWithPort = `{"https://example.com:3456":{"username":"user-x","password":"pass-x","email":"karolis.rusenas@gmail.com","auth":"somethinghere"}}`
+
+func TestLookupWithPortedRegistry(t *testing.T) {
+	imgRef, _ := image.Parse("https://example.com:3456/karolisr/webhook-demo:0.0.11")
+
+	impl := &testutil.FakeK8sImplementer{
+		AvailablePods: &v1.PodList{
+			Items: []v1.Pod{
+				v1.Pod{
+					Spec: v1.PodSpec{ImagePullSecrets: []v1.LocalObjectReference{
+						v1.LocalObjectReference{
+							Name: "example.com",
+						},
+					},
+					},
+				},
+			},
+		},
+		AvailableSecret: &v1.Secret{
+			Data: map[string][]byte{
+				dockerConfigKey: []byte(secretDataPayloadWithPort),
+			},
+			Type: v1.SecretTypeDockercfg,
+		},
+	}
+
+	getter := NewGetter(impl, nil)
+
+	trackedImage := &types.TrackedImage{
+		Image:     imgRef,
+		Namespace: "default",
+		Secrets:   []string{"example.com"},
+	}
+
+	creds, err := getter.Get(trackedImage)
+	if err != nil {
+		t.Errorf("failed to get creds: %s", err)
+	}
+
+	if creds.Username != "user-x" {
+		t.Errorf("unexpected username: %s", creds.Username)
+	}
+
+	if creds.Password != "pass-x" {
+		t.Errorf("unexpected pass: %s", creds.Password)
+	}
+}
+
 func Test_decodeBase64Secret(t *testing.T) {
 	type args struct {
 		authSecret string
@@ -404,6 +452,12 @@ func Test_hostname(t *testing.T) {
 			want:    "quay.io",
 			wantErr: false,
 		},
+                {
+                        name:    "withport",
+                        args:    args{registry: "https://example.com:3456"},
+                        want:    "example.com",
+                        wantErr: false,
+                },
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {