(t *testing.T)
| 201 | } |
| 202 | |
| 203 | func TestSessionCredentialFallback(t *testing.T) { |
| 204 | t.Parallel() |
| 205 | |
| 206 | tests := []struct { |
| 207 | name string |
| 208 | anonReject int |
| 209 | }{ |
| 210 | {"unauthorized", http.StatusUnauthorized}, |
| 211 | {"rate limited", http.StatusTooManyRequests}, |
| 212 | } |
| 213 | |
| 214 | for _, tt := range tests { |
| 215 | t.Run(tt.name, func(t *testing.T) { |
| 216 | t.Parallel() |
| 217 | |
| 218 | reg := newTestRegistry(t) |
| 219 | reg.anonReject = tt.anonReject |
| 220 | reg.user, reg.pass = "user", "pass" |
| 221 | server := reg.start(t) |
| 222 | |
| 223 | registry := strings.TrimPrefix(server.URL, "http://") |
| 224 | ref, err := name.ParseReference(registry + "/private:latest") |
| 225 | require.NoError(t, err) |
| 226 | |
| 227 | keychain := staticKeychain{auth: &authn.Basic{Username: "user", Password: "pass"}} |
| 228 | s := newTestSession(t, crane.WithAuthFromKeychain(keychain)) |
| 229 | |
| 230 | dig, err := s.digest(t.Context(), ref) |
| 231 | require.NoError(t, err) |
| 232 | assert.Equal(t, reg.digest, dig) |
| 233 | assert.Positive(t, reg.anonHits.Load(), "expected an initial anonymous attempt") |
| 234 | assert.Positive(t, reg.authHits.Load(), "expected a credentialed retry") |
| 235 | }) |
| 236 | } |
| 237 | } |
| 238 | |
| 239 | func TestStoreArtifactCredentialFallbackOnLayerDownload(t *testing.T) { |
| 240 | t.Parallel() |
nothing calls this directly
no test coverage detected