From 49152b55db1ede5f37fad2d110142befe32646b6 Mon Sep 17 00:00:00 2001
From: Ivan Ilves <ivan.ilves@schibsted.com>
Date: Tue, 31 Oct 2017 20:27:51 +0100
Subject: [PATCH] Added handling for possibly corrupt configs

---
 docker/config/config.go             | 21 ++++++++++++++++++-
 docker/config/config_test.go        | 31 ++++++++++++++++++++++++++++-
 fixtures/docker/config.json.corrupt | 10 ++++++++++
 3 files changed, 60 insertions(+), 2 deletions(-)
 create mode 100644 fixtures/docker/config.json.corrupt

diff --git a/docker/config/config.go b/docker/config/config.go
index f36ba58..2027b66 100644
--- a/docker/config/config.go
+++ b/docker/config/config.go
@@ -3,6 +3,7 @@ package config
 import (
 	"encoding/base64"
 	"encoding/json"
+	"errors"
 	"fmt"
 	"os"
 	"strings"
@@ -73,7 +74,25 @@ func Load(fileName string) (*Config, error) {
 			return nil, err
 		}
 
-		usernameAndPassword := strings.Split(string(b), ":")
+		authenticationToken := string(b)
+		usernameAndPassword := strings.Split(authenticationToken, ":")
+
+		if len(usernameAndPassword) != 2 {
+			if fileName != DefaultDockerJSON {
+				errStr := "Invalid auth for Docker registry: %s\nBase64-encoded string is wrong: %s (%s)\n"
+
+				return nil, errors.New(
+					fmt.Sprint(
+						errStr,
+						registry,
+						a.B64Auth,
+						authenticationToken,
+					),
+				)
+			}
+
+			continue
+		}
 
 		c.usernames[registry] = usernameAndPassword[0]
 		c.passwords[registry] = usernameAndPassword[1]
diff --git a/docker/config/config_test.go b/docker/config/config_test.go
index f417a63..af4b953 100644
--- a/docker/config/config_test.go
+++ b/docker/config/config_test.go
@@ -7,6 +7,7 @@ import (
 const configFile = "../../fixtures/docker/config.json"
 const irrelevantConfigFile = "../../fixtures/docker/config.json.irrelevant"
 const invalidConfigFile = "../../fixtures/docker/config.json.invalid"
+const corruptConfigFile = "../../fixtures/docker/config.json.corrupt"
 
 func TestLoad(t *testing.T) {
 	examples := map[string]string{
@@ -76,6 +77,34 @@ func TestLoadWithAbsentConfigFile(t *testing.T) {
 
 	_, err = Load("i/exist/only/in/your/magination")
 	if err != nil {
-		t.Fatalf("Expected NOT to fail while trying to load absent config file from a default path")
+		t.Fatalf(
+			"Expected NOT to fail while trying to load absent config file from a default path: %s",
+			err.Error(),
+		)
+	}
+}
+
+// Corrupt file = valid JSON file with badly encoded auth
+func TestLoadWithCorruptConfigFile(t *testing.T) {
+	const corruptRegistry = "registry.valencia.io"
+
+	_, err := Load(corruptConfigFile)
+	if err == nil {
+		t.Fatalf("Expected to fail while loading corrupt config file")
+	}
+
+	DefaultDockerJSON = corruptConfigFile
+
+	c, err := Load(corruptConfigFile)
+	if err != nil {
+		t.Fatalf(
+			"Expected NOT to fail while loading corrupt config file from a default path: %s",
+			err.Error(),
+		)
+	}
+
+	_, _, defined := c.GetCredentials(corruptRegistry)
+	if defined {
+		t.Fatalf("Should NOT get credentials from a corrupt registry record: %s", corruptRegistry)
 	}
 }
diff --git a/fixtures/docker/config.json.corrupt b/fixtures/docker/config.json.corrupt
new file mode 100644
index 0000000..72feede
--- /dev/null
+++ b/fixtures/docker/config.json.corrupt
@@ -0,0 +1,10 @@
+{
+	"auths": {
+		"registry.galicia.io": {
+			"auth": "ZnJhbmNvOmZyYW5jbw=="
+		},
+		"registry.valencia.io": {
+			"auth": "bWFjb3N1YXU="
+		}
+  }
+}