| 410 | } |
| 411 | |
| 412 | func RunLocalDockerRegistry(t *testing.T, pool *dockertest.Pool, conf RegistryConfig) RegistryImage { |
| 413 | t.Helper() |
| 414 | |
| 415 | const ( |
| 416 | certPath = "/certs/cert.pem" |
| 417 | keyPath = "/certs/key.pem" |
| 418 | authPath = "/auth/htpasswd" |
| 419 | ) |
| 420 | |
| 421 | var ( |
| 422 | envs = []string{ |
| 423 | EnvVar("REGISTRY_HTTP_ADDR", "0.0.0.0:443"), |
| 424 | } |
| 425 | binds []string |
| 426 | ) |
| 427 | |
| 428 | if conf.HostCertPath != "" && conf.HostKeyPath != "" { |
| 429 | envs = append(envs, |
| 430 | EnvVar("REGISTRY_HTTP_TLS_CERTIFICATE", certPath), |
| 431 | EnvVar("REGISTRY_HTTP_TLS_KEY", keyPath), |
| 432 | ) |
| 433 | binds = append(binds, |
| 434 | mountBinding(conf.HostCertPath, certPath), |
| 435 | mountBinding(conf.HostKeyPath, keyPath), |
| 436 | ) |
| 437 | } |
| 438 | |
| 439 | if conf.PasswordDir != "" { |
| 440 | authFile := GenerateRegistryAuth(t, conf.PasswordDir, conf.Username, conf.Password) |
| 441 | envs = append(envs, |
| 442 | EnvVar("REGISTRY_AUTH", "htpasswd"), |
| 443 | EnvVar("REGISTRY_AUTH_HTPASSWD_REALM", "Test Registry"), |
| 444 | EnvVar("REGISTRY_AUTH_HTPASSWD_PATH", authPath), |
| 445 | ) |
| 446 | binds = append(binds, mountBinding(authFile, authPath)) |
| 447 | } |
| 448 | |
| 449 | resource, err := pool.RunWithOptions(&dockertest.RunOptions{ |
| 450 | Repository: registryImage, |
| 451 | Tag: registryTag, |
| 452 | Env: envs, |
| 453 | ExposedPorts: []string{"443/tcp"}, |
| 454 | }, func(host *docker.HostConfig) { |
| 455 | host.Binds = binds |
| 456 | host.ExtraHosts = []string{"host.docker.internal:host-gateway"} |
| 457 | host.PortBindings = map[docker.Port][]docker.PortBinding{ |
| 458 | "443/tcp": {{ |
| 459 | HostIP: "0.0.0.0", |
| 460 | HostPort: conf.TLSPort, |
| 461 | }}, |
| 462 | } |
| 463 | }) |
| 464 | require.NoError(t, err) |
| 465 | |
| 466 | t.Cleanup(func() { |
| 467 | if !t.Failed() { |
| 468 | _ = pool.Purge(resource) |
| 469 | } |