diff --git a/__tests__/docker.test.ts b/__tests__/docker.test.ts index ba836ad..a7d20fd 100644 --- a/__tests__/docker.test.ts +++ b/__tests__/docker.test.ts @@ -1,26 +1,27 @@ -import {expect, test, vi} from 'vitest'; -import * as path from 'path'; +import {afterEach, beforeEach, expect, test, vi} from 'vitest'; import {Docker} from '@docker/actions-toolkit/lib/docker/docker.js'; import {loginStandard, logout} from '../src/docker.js'; -process.env['RUNNER_TEMP'] = path.join(__dirname, 'runner'); +beforeEach(() => { + delete process.env.DOCKER_LOGIN_SKIP_IF_MISSING_CREDS; +}); + +afterEach(() => { + delete process.env.DOCKER_LOGIN_SKIP_IF_MISSING_CREDS; +}); test('loginStandard calls exec', async () => { - // eslint-disable-next-line @typescript-eslint/ban-ts-comment - // @ts-ignore - const execSpy = vi.spyOn(Docker, 'getExecOutput').mockImplementation(async () => { - return { - exitCode: expect.any(Number), - stdout: expect.any(Function), - stderr: expect.any(Function) - }; + const execSpy = vi.spyOn(Docker, 'getExecOutput').mockResolvedValue({ + exitCode: 0, + stdout: '', + stderr: '' }); const username = 'dbowie'; const password = 'groundcontrol'; - const registry = 'https://ghcr.io'; + const registry = 'ghcr.io'; await loginStandard(registry, username, password); @@ -30,6 +31,7 @@ test('loginStandard calls exec', async () => { // we don't want to check env opt callfunc[1].env = undefined; } + expect(execSpy).toHaveBeenCalledWith(['login', '--password-stdin', '--username', username, registry], { input: Buffer.from(password), silent: true, @@ -37,27 +39,68 @@ test('loginStandard calls exec', async () => { }); }); +test('loginStandard throws if username and password are missing', () => { + const execSpy = vi.spyOn(Docker, 'getExecOutput'); + const login = loginStandard('ghcr.io', '', ''); + expect(execSpy).not.toHaveBeenCalled(); + return expect(login).rejects.toThrow('Username and password required'); +}); + +test('loginStandard throws if username is missing', () => { + const execSpy = vi.spyOn(Docker, 'getExecOutput'); + const login = loginStandard('ghcr.io', '', 'groundcontrol'); + expect(execSpy).not.toHaveBeenCalled(); + return expect(login).rejects.toThrow('Username required'); +}); + +test('loginStandard throws if password is missing', () => { + const execSpy = vi.spyOn(Docker, 'getExecOutput'); + const login = loginStandard('ghcr.io', 'dbowie', ''); + expect(execSpy).not.toHaveBeenCalled(); + return expect(login).rejects.toThrow('Password required'); +}); + +test('loginStandard skips if both credentials are missing and env opt-in is enabled', () => { + process.env.DOCKER_LOGIN_SKIP_IF_MISSING_CREDS = 'true'; + const execSpy = vi.spyOn(Docker, 'getExecOutput'); + const login = loginStandard('ghcr.io', '', ''); + expect(execSpy).not.toHaveBeenCalled(); + return expect(login).resolves.toBeUndefined(); +}); + +test('loginStandard skips if username is missing and env opt-in is enabled', () => { + process.env.DOCKER_LOGIN_SKIP_IF_MISSING_CREDS = 'true'; + const execSpy = vi.spyOn(Docker, 'getExecOutput'); + const login = loginStandard('ghcr.io', '', 'groundcontrol'); + expect(execSpy).not.toHaveBeenCalled(); + return expect(login).resolves.toBeUndefined(); +}); + +test('loginStandard skips if password is missing and env opt-in is enabled', () => { + process.env.DOCKER_LOGIN_SKIP_IF_MISSING_CREDS = 'true'; + const execSpy = vi.spyOn(Docker, 'getExecOutput'); + const login = loginStandard('ghcr.io', 'dbowie', ''); + expect(execSpy).not.toHaveBeenCalled(); + return expect(login).resolves.toBeUndefined(); +}); + test('logout calls exec', async () => { - // eslint-disable-next-line @typescript-eslint/ban-ts-comment - // @ts-ignore - const execSpy = vi.spyOn(Docker, 'getExecOutput').mockImplementation(async () => { - return { - exitCode: expect.any(Number), - stdout: expect.any(Function), - stderr: expect.any(Function) - }; + const execSpy = vi.spyOn(Docker, 'getExecOutput').mockResolvedValue({ + exitCode: 0, + stdout: '', + stderr: '' }); - const registry = 'https://ghcr.io'; - + const registry = 'ghcr.io'; await logout(registry, ''); - expect(execSpy).toHaveBeenCalledTimes(1); + const callfunc = execSpy.mock.calls[0]; if (callfunc && callfunc[1]) { // we don't want to check env opt callfunc[1].env = undefined; } + expect(execSpy).toHaveBeenCalledWith(['logout', registry], { ignoreReturnCode: true }); diff --git a/src/docker.ts b/src/docker.ts index e81349b..6d63b20 100644 --- a/src/docker.ts +++ b/src/docker.ts @@ -1,6 +1,7 @@ import * as core from '@actions/core'; import {Docker} from '@docker/actions-toolkit/lib/docker/docker.js'; +import {Util} from '@docker/actions-toolkit/lib/util.js'; import * as aws from './aws.js'; import * as context from './context.js'; @@ -34,6 +35,10 @@ export async function logout(registry: string, configDir: string): Promise } export async function loginStandard(registry: string, username: string, password: string, scope?: string): Promise { + if ((!username || !password) && skipLoginIfMissingCredsEnabled()) { + core.info(`Skipping login to ${registry}. Username or password is not set and DOCKER_LOGIN_SKIP_IF_MISSING_CREDS is enabled.`); + return; + } if (!username && !password) { throw new Error('Username and password required'); } @@ -79,3 +84,10 @@ async function loginExec(registry: string, username: string, password: string, s core.info('Login Succeeded!'); }); } + +function skipLoginIfMissingCredsEnabled(): boolean { + if (process.env.DOCKER_LOGIN_SKIP_IF_MISSING_CREDS) { + return Util.parseBool(process.env.DOCKER_LOGIN_SKIP_IF_MISSING_CREDS); + } + return false; +}