@@ -12,7 +12,6 @@ import (
1212 "github.com/docker/go-connections/nat"
1313 "github.com/stretchr/testify/assert"
1414 "github.com/stretchr/testify/require"
15- "golang.org/x/crypto/bcrypt"
1615
1716 "github.com/testcontainers/testcontainers-go"
1817 testregistry "github.com/testcontainers/testcontainers-go/modules/registry"
@@ -41,16 +40,6 @@ type DockerClientSuite struct {
4140 dockerClient command.Command
4241}
4342
44- func (s * DockerClientSuite ) assertContainerIsStopped (t * testing.T , containerID string ) {
45- inspect := s .dockerHelper .InspectContainer (t , containerID )
46- assert .False (t , inspect .State .Running , "Container should be stopped" )
47- }
48-
49- func (s * DockerClientSuite ) assertContainerExists (t * testing.T , containerID string ) {
50- _ , err := s .dockerHelper .Client .ContainerInspect (t .Context (), containerID )
51- require .NoErrorf (t , err , "Container %q should exist" , containerID )
52- }
53-
5443func (s * DockerClientSuite ) assertImageExists (t * testing.T , imageRef string ) {
5544 inspect , err := s .dockerClient .Inspect (t .Context (), imageRef )
5645 assert .NoError (t , err , "Failed to inspect image %q" , imageRef )
@@ -63,34 +52,24 @@ func (s *DockerClientSuite) assertNoImageExists(t *testing.T, imageRef string) {
6352 assert .Nil (t , inspect , "Image should not exist" )
6453}
6554
66- // pickFreePort returns a TCP port in [min,max] that’ s free *right now*.
67- // There’ s still a small race between closing the listener and Docker grabbing
68- // the port, but it’ s good enough for test code.
69- func pickFreePort (min , max int ) (int , error ) {
70- if min < 1024 { // || max > 9999 || min > max {
55+ // pickFreePort returns a TCP port in [min,max] that' s free *right now*.
56+ // There' s still a small race between closing the listener and Docker grabbing
57+ // the port, but it' s good enough for test code.
58+ func pickFreePort (minPort , maxPort int ) (int , error ) {
59+ if minPort < 1024 || maxPort > 99999 || minPort > maxPort {
7160 return 0 , fmt .Errorf ("invalid port range" )
7261 }
7362
74- rng := rand .New (rand .NewSource (time .Now ().UnixNano ()))
75- for tries := 0 ; tries < 20 ; tries ++ { // avoid infinite loops
76- p := rng .Intn (max - min + 1 ) + min
63+ rng := rand .New (rand .NewSource (time .Now ().UnixNano ())) // #nosec G404 - using math/rand is fine for test port selection
64+ for tries := 0 ; tries < 20 ; tries ++ { // avoid infinite loops
65+ p := rng .Intn (maxPort - minPort + 1 ) + minPort
7766 l , err := net .Listen ("tcp" , fmt .Sprintf ("127.0.0.1:%d" , p ))
7867 if err == nil {
7968 l .Close ()
8069 return p , nil // looks free
8170 }
8271 }
83- return 0 , fmt .Errorf ("could not find free port in range %d-%d" , min , max )
84- }
85-
86- func makeHtpasswd (user , pass string ) (string , error ) {
87- hash , err := bcrypt .GenerateFromPassword ([]byte (pass ), bcrypt .DefaultCost )
88- if err != nil {
89- return "" , err
90- }
91-
92- line := user + ":" + string (hash ) + "\n "
93- return line , nil
72+ return 0 , fmt .Errorf ("could not find free port in range %d-%d" , minPort , maxPort )
9473}
9574
9675func (s * DockerClientSuite ) runImageInspectTests (t * testing.T ) {
@@ -119,15 +98,13 @@ func (s *DockerClientSuite) runImageInspectTests(t *testing.T) {
11998
12099func (s * DockerClientSuite ) runPullTests (t * testing.T ) {
121100 fmt .Println ("runPullTests" )
122- // htpasswd, err := makeHtpasswd("user", "pass")
123- // require.NoError(t, err, "Failed to make htpasswd")
124- // port, err := pickFreePort(10000, 60000)
125- // require.NoError(t, err, "Failed to pick free port")
126101 registryContainer , err := testregistry .Run (
127102 t .Context (),
128103 "registry:2" ,
129- // testregistry.WithHtpasswd(htpasswd),
130104 testcontainers .WithHostConfigModifier (func (hostConfig * container.HostConfig ) {
105+ // docker only considers localhost:1 through localhost:9999 as insecure. testcontainers
106+ // picks higher ports by default, so we need to pick one ourselves to allow insecure access
107+ // without modifying the daemon config.
131108 port , err := pickFreePort (1024 , 9999 )
132109 require .NoError (t , err , "Failed to pick free port" )
133110 hostConfig .PortBindings = map [nat.Port ][]nat.PortBinding {
@@ -138,10 +115,6 @@ func (s *DockerClientSuite) runPullTests(t *testing.T) {
138115 defer testcontainers .CleanupContainer (t , registryContainer )
139116 require .NoError (t , err , "Failed to start registry container" )
140117
141- // restore, err := testregistry.SetDockerAuthConfig(registryContainer.RegistryName, "user", "pass")
142- // require.NoError(t, err, "Failed to set docker auth config")
143- // defer restore()
144-
145118 t .Run ("RemoteImageExists" , func (t * testing.T ) {
146119 imageRef := dockertest .ImageRefWithRegistry (t , registryContainer .RegistryName , "" )
147120
@@ -168,7 +141,6 @@ func (s *DockerClientSuite) runPullTests(t *testing.T) {
168141 // so we handle other failure cases, like failed auth, unknown tag, and unknown repo
169142 require .Error (t , err , "Failed to pull image %q" , imageRef )
170143 assert .ErrorIs (t , err , & command.NotFoundError {Object : "manifest" , Ref : imageRef })
171- // assert.ErrorContains(t, err, "failed to resolve reference")
172144 })
173145
174146 t .Run ("InvalidAuth" , func (t * testing.T ) {
@@ -200,8 +172,6 @@ func (s *DockerClientSuite) runContainerStopTests(t *testing.T) {
200172 err = s .dockerClient .ContainerStop (t .Context (), container .ID )
201173 require .NoError (t , err , "Failed to stop container %q" , container .ID )
202174
203- container .IsRunning ()
204-
205175 state , err := container .State (t .Context ())
206176 require .NoError (t , err , "Failed to get container state" )
207177 assert .Equal (t , state .Running , false )
0 commit comments