DockerCLI/cli/config/configfile/file_test.go

535 lines
16 KiB
Go

package configfile
import (
"bytes"
"encoding/json"
"io/ioutil"
"os"
"testing"
"github.com/docker/cli/cli/config/credentials"
"github.com/docker/cli/cli/config/types"
"gotest.tools/assert"
is "gotest.tools/assert/cmp"
"gotest.tools/golden"
)
func TestEncodeAuth(t *testing.T) {
newAuthConfig := &types.AuthConfig{Username: "ken", Password: "test"}
authStr := encodeAuth(newAuthConfig)
expected := &types.AuthConfig{}
var err error
expected.Username, expected.Password, err = decodeAuth(authStr)
assert.NilError(t, err)
assert.Check(t, is.DeepEqual(expected, newAuthConfig))
}
func TestProxyConfig(t *testing.T) {
httpProxy := "http://proxy.mycorp.com:3128"
httpsProxy := "https://user:password@proxy.mycorp.com:3129"
ftpProxy := "http://ftpproxy.mycorp.com:21"
noProxy := "*.intra.mycorp.com"
defaultProxyConfig := ProxyConfig{
HTTPProxy: httpProxy,
HTTPSProxy: httpsProxy,
FTPProxy: ftpProxy,
NoProxy: noProxy,
}
cfg := ConfigFile{
Proxies: map[string]ProxyConfig{
"default": defaultProxyConfig,
},
}
proxyConfig := cfg.ParseProxyConfig("/var/run/docker.sock", nil)
expected := map[string]*string{
"HTTP_PROXY": &httpProxy,
"http_proxy": &httpProxy,
"HTTPS_PROXY": &httpsProxy,
"https_proxy": &httpsProxy,
"FTP_PROXY": &ftpProxy,
"ftp_proxy": &ftpProxy,
"NO_PROXY": &noProxy,
"no_proxy": &noProxy,
}
assert.Check(t, is.DeepEqual(expected, proxyConfig))
}
func TestProxyConfigOverride(t *testing.T) {
httpProxy := "http://proxy.mycorp.com:3128"
overrideHTTPProxy := "http://proxy.example.com:3128"
overrideNoProxy := ""
httpsProxy := "https://user:password@proxy.mycorp.com:3129"
ftpProxy := "http://ftpproxy.mycorp.com:21"
noProxy := "*.intra.mycorp.com"
defaultProxyConfig := ProxyConfig{
HTTPProxy: httpProxy,
HTTPSProxy: httpsProxy,
FTPProxy: ftpProxy,
NoProxy: noProxy,
}
cfg := ConfigFile{
Proxies: map[string]ProxyConfig{
"default": defaultProxyConfig,
},
}
clone := func(s string) *string {
s2 := s
return &s2
}
ropts := map[string]*string{
"HTTP_PROXY": clone(overrideHTTPProxy),
"NO_PROXY": clone(overrideNoProxy),
}
proxyConfig := cfg.ParseProxyConfig("/var/run/docker.sock", ropts)
expected := map[string]*string{
"HTTP_PROXY": &overrideHTTPProxy,
"http_proxy": &httpProxy,
"HTTPS_PROXY": &httpsProxy,
"https_proxy": &httpsProxy,
"FTP_PROXY": &ftpProxy,
"ftp_proxy": &ftpProxy,
"NO_PROXY": &overrideNoProxy,
"no_proxy": &noProxy,
}
assert.Check(t, is.DeepEqual(expected, proxyConfig))
}
func TestProxyConfigPerHost(t *testing.T) {
httpProxy := "http://proxy.mycorp.com:3128"
httpsProxy := "https://user:password@proxy.mycorp.com:3129"
ftpProxy := "http://ftpproxy.mycorp.com:21"
noProxy := "*.intra.mycorp.com"
extHTTPProxy := "http://proxy.example.com:3128"
extHTTPSProxy := "https://user:password@proxy.example.com:3129"
extFTPProxy := "http://ftpproxy.example.com:21"
extNoProxy := "*.intra.example.com"
defaultProxyConfig := ProxyConfig{
HTTPProxy: httpProxy,
HTTPSProxy: httpsProxy,
FTPProxy: ftpProxy,
NoProxy: noProxy,
}
externalProxyConfig := ProxyConfig{
HTTPProxy: extHTTPProxy,
HTTPSProxy: extHTTPSProxy,
FTPProxy: extFTPProxy,
NoProxy: extNoProxy,
}
cfg := ConfigFile{
Proxies: map[string]ProxyConfig{
"default": defaultProxyConfig,
"tcp://example.docker.com:2376": externalProxyConfig,
},
}
proxyConfig := cfg.ParseProxyConfig("tcp://example.docker.com:2376", nil)
expected := map[string]*string{
"HTTP_PROXY": &extHTTPProxy,
"http_proxy": &extHTTPProxy,
"HTTPS_PROXY": &extHTTPSProxy,
"https_proxy": &extHTTPSProxy,
"FTP_PROXY": &extFTPProxy,
"ftp_proxy": &extFTPProxy,
"NO_PROXY": &extNoProxy,
"no_proxy": &extNoProxy,
}
assert.Check(t, is.DeepEqual(expected, proxyConfig))
}
func TestConfigFile(t *testing.T) {
configFilename := "configFilename"
configFile := New(configFilename)
assert.Check(t, is.Equal(configFilename, configFile.Filename))
}
type mockNativeStore struct {
GetAllCallCount int
authConfigs map[string]types.AuthConfig
}
func (c *mockNativeStore) Erase(registryHostname string) error {
delete(c.authConfigs, registryHostname)
return nil
}
func (c *mockNativeStore) Get(registryHostname string) (types.AuthConfig, error) {
return c.authConfigs[registryHostname], nil
}
func (c *mockNativeStore) GetAll() (map[string]types.AuthConfig, error) {
c.GetAllCallCount = c.GetAllCallCount + 1
return c.authConfigs, nil
}
func (c *mockNativeStore) Store(authConfig types.AuthConfig) error {
return nil
}
// make sure it satisfies the interface
var _ credentials.Store = (*mockNativeStore)(nil)
func NewMockNativeStore(authConfigs map[string]types.AuthConfig) credentials.Store {
return &mockNativeStore{authConfigs: authConfigs}
}
func TestGetAllCredentialsFileStoreOnly(t *testing.T) {
configFile := New("filename")
exampleAuth := types.AuthConfig{
Username: "user",
Password: "pass",
}
configFile.AuthConfigs["example.com/foo"] = exampleAuth
authConfigs, err := configFile.GetAllCredentials()
assert.NilError(t, err)
expected := make(map[string]types.AuthConfig)
expected["example.com/foo"] = exampleAuth
assert.Check(t, is.DeepEqual(expected, authConfigs))
}
func TestGetAllCredentialsCredsStore(t *testing.T) {
configFile := New("filename")
configFile.CredentialsStore = "test_creds_store"
testRegistryHostname := "example.com"
expectedAuth := types.AuthConfig{
Username: "user",
Password: "pass",
}
testCredsStore := NewMockNativeStore(map[string]types.AuthConfig{testRegistryHostname: expectedAuth})
tmpNewNativeStore := newNativeStore
defer func() { newNativeStore = tmpNewNativeStore }()
newNativeStore = func(configFile *ConfigFile, helperSuffix string) credentials.Store {
return testCredsStore
}
authConfigs, err := configFile.GetAllCredentials()
assert.NilError(t, err)
expected := make(map[string]types.AuthConfig)
expected[testRegistryHostname] = expectedAuth
assert.Check(t, is.DeepEqual(expected, authConfigs))
assert.Check(t, is.Equal(1, testCredsStore.(*mockNativeStore).GetAllCallCount))
}
func TestGetAllCredentialsCredHelper(t *testing.T) {
testCredHelperSuffix := "test_cred_helper"
testCredHelperRegistryHostname := "credhelper.com"
testExtraCredHelperRegistryHostname := "somethingweird.com"
unexpectedCredHelperAuth := types.AuthConfig{
Username: "file_store_user",
Password: "file_store_pass",
}
expectedCredHelperAuth := types.AuthConfig{
Username: "cred_helper_user",
Password: "cred_helper_pass",
}
configFile := New("filename")
configFile.CredentialHelpers = map[string]string{testCredHelperRegistryHostname: testCredHelperSuffix}
testCredHelper := NewMockNativeStore(map[string]types.AuthConfig{
testCredHelperRegistryHostname: expectedCredHelperAuth,
// Add in an extra auth entry which doesn't appear in CredentialHelpers section of the configFile.
// This verifies that only explicitly configured registries are being requested from the cred helpers.
testExtraCredHelperRegistryHostname: unexpectedCredHelperAuth,
})
tmpNewNativeStore := newNativeStore
defer func() { newNativeStore = tmpNewNativeStore }()
newNativeStore = func(configFile *ConfigFile, helperSuffix string) credentials.Store {
return testCredHelper
}
authConfigs, err := configFile.GetAllCredentials()
assert.NilError(t, err)
expected := make(map[string]types.AuthConfig)
expected[testCredHelperRegistryHostname] = expectedCredHelperAuth
assert.Check(t, is.DeepEqual(expected, authConfigs))
assert.Check(t, is.Equal(0, testCredHelper.(*mockNativeStore).GetAllCallCount))
}
func TestGetAllCredentialsFileStoreAndCredHelper(t *testing.T) {
testFileStoreRegistryHostname := "example.com"
testCredHelperSuffix := "test_cred_helper"
testCredHelperRegistryHostname := "credhelper.com"
expectedFileStoreAuth := types.AuthConfig{
Username: "file_store_user",
Password: "file_store_pass",
}
expectedCredHelperAuth := types.AuthConfig{
Username: "cred_helper_user",
Password: "cred_helper_pass",
}
configFile := New("filename")
configFile.CredentialHelpers = map[string]string{testCredHelperRegistryHostname: testCredHelperSuffix}
configFile.AuthConfigs[testFileStoreRegistryHostname] = expectedFileStoreAuth
testCredHelper := NewMockNativeStore(map[string]types.AuthConfig{testCredHelperRegistryHostname: expectedCredHelperAuth})
newNativeStore = func(configFile *ConfigFile, helperSuffix string) credentials.Store {
return testCredHelper
}
tmpNewNativeStore := newNativeStore
defer func() { newNativeStore = tmpNewNativeStore }()
authConfigs, err := configFile.GetAllCredentials()
assert.NilError(t, err)
expected := make(map[string]types.AuthConfig)
expected[testFileStoreRegistryHostname] = expectedFileStoreAuth
expected[testCredHelperRegistryHostname] = expectedCredHelperAuth
assert.Check(t, is.DeepEqual(expected, authConfigs))
assert.Check(t, is.Equal(0, testCredHelper.(*mockNativeStore).GetAllCallCount))
}
func TestGetAllCredentialsCredStoreAndCredHelper(t *testing.T) {
testCredStoreSuffix := "test_creds_store"
testCredStoreRegistryHostname := "credstore.com"
testCredHelperSuffix := "test_cred_helper"
testCredHelperRegistryHostname := "credhelper.com"
configFile := New("filename")
configFile.CredentialsStore = testCredStoreSuffix
configFile.CredentialHelpers = map[string]string{testCredHelperRegistryHostname: testCredHelperSuffix}
expectedCredStoreAuth := types.AuthConfig{
Username: "cred_store_user",
Password: "cred_store_pass",
}
expectedCredHelperAuth := types.AuthConfig{
Username: "cred_helper_user",
Password: "cred_helper_pass",
}
testCredHelper := NewMockNativeStore(map[string]types.AuthConfig{testCredHelperRegistryHostname: expectedCredHelperAuth})
testCredsStore := NewMockNativeStore(map[string]types.AuthConfig{testCredStoreRegistryHostname: expectedCredStoreAuth})
tmpNewNativeStore := newNativeStore
defer func() { newNativeStore = tmpNewNativeStore }()
newNativeStore = func(configFile *ConfigFile, helperSuffix string) credentials.Store {
if helperSuffix == testCredHelperSuffix {
return testCredHelper
}
return testCredsStore
}
authConfigs, err := configFile.GetAllCredentials()
assert.NilError(t, err)
expected := make(map[string]types.AuthConfig)
expected[testCredStoreRegistryHostname] = expectedCredStoreAuth
expected[testCredHelperRegistryHostname] = expectedCredHelperAuth
assert.Check(t, is.DeepEqual(expected, authConfigs))
assert.Check(t, is.Equal(1, testCredsStore.(*mockNativeStore).GetAllCallCount))
assert.Check(t, is.Equal(0, testCredHelper.(*mockNativeStore).GetAllCallCount))
}
func TestGetAllCredentialsCredHelperOverridesDefaultStore(t *testing.T) {
testCredStoreSuffix := "test_creds_store"
testCredHelperSuffix := "test_cred_helper"
testRegistryHostname := "example.com"
configFile := New("filename")
configFile.CredentialsStore = testCredStoreSuffix
configFile.CredentialHelpers = map[string]string{testRegistryHostname: testCredHelperSuffix}
unexpectedCredStoreAuth := types.AuthConfig{
Username: "cred_store_user",
Password: "cred_store_pass",
}
expectedCredHelperAuth := types.AuthConfig{
Username: "cred_helper_user",
Password: "cred_helper_pass",
}
testCredHelper := NewMockNativeStore(map[string]types.AuthConfig{testRegistryHostname: expectedCredHelperAuth})
testCredsStore := NewMockNativeStore(map[string]types.AuthConfig{testRegistryHostname: unexpectedCredStoreAuth})
tmpNewNativeStore := newNativeStore
defer func() { newNativeStore = tmpNewNativeStore }()
newNativeStore = func(configFile *ConfigFile, helperSuffix string) credentials.Store {
if helperSuffix == testCredHelperSuffix {
return testCredHelper
}
return testCredsStore
}
authConfigs, err := configFile.GetAllCredentials()
assert.NilError(t, err)
expected := make(map[string]types.AuthConfig)
expected[testRegistryHostname] = expectedCredHelperAuth
assert.Check(t, is.DeepEqual(expected, authConfigs))
assert.Check(t, is.Equal(1, testCredsStore.(*mockNativeStore).GetAllCallCount))
assert.Check(t, is.Equal(0, testCredHelper.(*mockNativeStore).GetAllCallCount))
}
func TestLoadFromReaderWithUsernamePassword(t *testing.T) {
configFile := New("test-load")
defer os.Remove("test-load")
want := types.AuthConfig{
Username: "user",
Password: "pass",
}
for _, tc := range []types.AuthConfig{
want,
{
Auth: encodeAuth(&want),
},
} {
cf := ConfigFile{
AuthConfigs: map[string]types.AuthConfig{
"example.com/foo": tc,
},
}
b, err := json.Marshal(cf)
assert.NilError(t, err)
err = configFile.LoadFromReader(bytes.NewReader(b))
assert.NilError(t, err)
got, err := configFile.GetAuthConfig("example.com/foo")
assert.NilError(t, err)
assert.Check(t, is.DeepEqual(want.Username, got.Username))
assert.Check(t, is.DeepEqual(want.Password, got.Password))
}
}
func TestCheckKubernetesConfigurationRaiseAnErrorOnInvalidValue(t *testing.T) {
testCases := []struct {
name string
config *KubernetesConfig
expectError bool
}{
{
"no kubernetes config is valid",
nil,
false,
},
{
"enabled is valid",
&KubernetesConfig{AllNamespaces: "enabled"},
false,
},
{
"disabled is valid",
&KubernetesConfig{AllNamespaces: "disabled"},
false,
},
{
"empty string is valid",
&KubernetesConfig{AllNamespaces: ""},
false,
},
{
"other value is invalid",
&KubernetesConfig{AllNamespaces: "unknown"},
true,
},
}
for _, test := range testCases {
err := checkKubernetesConfiguration(test.config)
if test.expectError {
assert.Assert(t, err != nil, test.name)
} else {
assert.NilError(t, err, test.name)
}
}
}
func TestSave(t *testing.T) {
configFile := New("test-save")
defer os.Remove("test-save")
err := configFile.Save()
assert.NilError(t, err)
cfg, err := ioutil.ReadFile("test-save")
assert.NilError(t, err)
assert.Check(t, is.Equal(string(cfg), "{\n \"auths\": {}\n}"))
}
func TestPluginConfig(t *testing.T) {
configFile := New("test-plugin")
defer os.Remove("test-plugin")
// Populate some initial values
configFile.SetPluginConfig("plugin1", "data1", "some string")
configFile.SetPluginConfig("plugin1", "data2", "42")
configFile.SetPluginConfig("plugin2", "data3", "some other string")
// Save a config file with some plugin config
err := configFile.Save()
assert.NilError(t, err)
// Read it back and check it has the expected content
cfg, err := ioutil.ReadFile("test-plugin")
assert.NilError(t, err)
golden.Assert(t, string(cfg), "plugin-config.golden")
// Load it, resave and check again that the content is
// preserved through a load/save cycle.
configFile = New("test-plugin2")
defer os.Remove("test-plugin2")
assert.NilError(t, configFile.LoadFromReader(bytes.NewReader(cfg)))
err = configFile.Save()
assert.NilError(t, err)
cfg, err = ioutil.ReadFile("test-plugin2")
assert.NilError(t, err)
golden.Assert(t, string(cfg), "plugin-config.golden")
// Check that the contents was reloaded properly
v, ok := configFile.PluginConfig("plugin1", "data1")
assert.Assert(t, ok)
assert.Equal(t, v, "some string")
v, ok = configFile.PluginConfig("plugin1", "data2")
assert.Assert(t, ok)
assert.Equal(t, v, "42")
v, ok = configFile.PluginConfig("plugin1", "data3")
assert.Assert(t, !ok)
assert.Equal(t, v, "")
v, ok = configFile.PluginConfig("plugin2", "data3")
assert.Assert(t, ok)
assert.Equal(t, v, "some other string")
v, ok = configFile.PluginConfig("plugin2", "data4")
assert.Assert(t, !ok)
assert.Equal(t, v, "")
v, ok = configFile.PluginConfig("plugin3", "data5")
assert.Assert(t, !ok)
assert.Equal(t, v, "")
// Add, remove and modify
configFile.SetPluginConfig("plugin1", "data1", "some replacement string") // replacing a key
configFile.SetPluginConfig("plugin1", "data2", "") // deleting a key
configFile.SetPluginConfig("plugin1", "data3", "some additional string") // new key
configFile.SetPluginConfig("plugin2", "data3", "") // delete the whole plugin, since this was the only data
configFile.SetPluginConfig("plugin3", "data5", "a new plugin") // add a new plugin
err = configFile.Save()
assert.NilError(t, err)
// Read it back and check it has the expected content again
cfg, err = ioutil.ReadFile("test-plugin2")
assert.NilError(t, err)
golden.Assert(t, string(cfg), "plugin-config-2.golden")
}