What is the problem you're trying to solve
Right now, we do test most of our registry operations against a locally started distribution registry + cesanta token auth server.
This is good, but has limits. Specifically, Docker Hub resolution mechanisms are "special", be it the way the credentials are stored in the store, or how short names resolve to fully qualified url - and also their token auth server is proprietary IIRC, which might entail some specific behaviors.
We do not currently test that, and have seen a couple of regression recently (#3484, #3485) that could have been caught if we did.
Testing against Hub comes with challenges:
- we would need a dummy account, and a pair of access tokens
- it is doubtful we could keep these secrets (as obviously PRs would have access to it) if that was enabled on PR testing
- hub is notorious for 429-ing when things heat up a little bit - failing the build because of that is a royal PITA
A possible solution would be to run these tests against Hub solely on master (after merge).
This ticket is related to #3257 - and also testing against Gitlab.
Describe the solution you'd like
na
Additional context
No response
What is the problem you're trying to solve
Right now, we do test most of our registry operations against a locally started distribution registry + cesanta token auth server.
This is good, but has limits. Specifically, Docker Hub resolution mechanisms are "special", be it the way the credentials are stored in the store, or how short names resolve to fully qualified url - and also their token auth server is proprietary IIRC, which might entail some specific behaviors.
We do not currently test that, and have seen a couple of regression recently (#3484, #3485) that could have been caught if we did.
Testing against Hub comes with challenges:
A possible solution would be to run these tests against Hub solely on master (after merge).
This ticket is related to #3257 - and also testing against Gitlab.
Describe the solution you'd like
na
Additional context
No response