2016-08-29 14:45:29 -04:00
|
|
|
package image
|
2016-09-08 13:11:39 -04:00
|
|
|
|
|
|
|
import (
|
2017-08-24 18:42:21 -04:00
|
|
|
"io/ioutil"
|
2016-09-08 13:11:39 -04:00
|
|
|
"os"
|
|
|
|
"testing"
|
|
|
|
|
2017-04-17 18:07:56 -04:00
|
|
|
"github.com/docker/cli/cli/trust"
|
2016-09-08 13:11:39 -04:00
|
|
|
registrytypes "github.com/docker/docker/api/types/registry"
|
2017-10-30 12:21:41 -04:00
|
|
|
"github.com/theupdateframework/notary/client"
|
|
|
|
"github.com/theupdateframework/notary/passphrase"
|
|
|
|
"github.com/theupdateframework/notary/trustpinning"
|
2020-02-22 12:12:14 -05:00
|
|
|
"gotest.tools/v3/assert"
|
2016-09-08 13:11:39 -04:00
|
|
|
)
|
|
|
|
|
|
|
|
func unsetENV() {
|
|
|
|
os.Unsetenv("DOCKER_CONTENT_TRUST")
|
|
|
|
os.Unsetenv("DOCKER_CONTENT_TRUST_SERVER")
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestENVTrustServer(t *testing.T) {
|
|
|
|
defer unsetENV()
|
|
|
|
indexInfo := ®istrytypes.IndexInfo{Name: "testserver"}
|
|
|
|
if err := os.Setenv("DOCKER_CONTENT_TRUST_SERVER", "https://notary-test.com:5000"); err != nil {
|
|
|
|
t.Fatal("Failed to set ENV variable")
|
|
|
|
}
|
2016-12-05 19:06:29 -05:00
|
|
|
output, err := trust.Server(indexInfo)
|
2016-09-08 13:11:39 -04:00
|
|
|
expectedStr := "https://notary-test.com:5000"
|
|
|
|
if err != nil || output != expectedStr {
|
|
|
|
t.Fatalf("Expected server to be %s, got %s", expectedStr, output)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestHTTPENVTrustServer(t *testing.T) {
|
|
|
|
defer unsetENV()
|
|
|
|
indexInfo := ®istrytypes.IndexInfo{Name: "testserver"}
|
|
|
|
if err := os.Setenv("DOCKER_CONTENT_TRUST_SERVER", "http://notary-test.com:5000"); err != nil {
|
|
|
|
t.Fatal("Failed to set ENV variable")
|
|
|
|
}
|
2016-12-05 19:06:29 -05:00
|
|
|
_, err := trust.Server(indexInfo)
|
2016-09-08 13:11:39 -04:00
|
|
|
if err == nil {
|
|
|
|
t.Fatal("Expected error with invalid scheme")
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestOfficialTrustServer(t *testing.T) {
|
|
|
|
indexInfo := ®istrytypes.IndexInfo{Name: "testserver", Official: true}
|
2016-12-05 19:06:29 -05:00
|
|
|
output, err := trust.Server(indexInfo)
|
2018-03-27 17:11:29 -04:00
|
|
|
if err != nil || output != trust.NotaryServer {
|
|
|
|
t.Fatalf("Expected server to be %s, got %s", trust.NotaryServer, output)
|
2016-09-08 13:11:39 -04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestNonOfficialTrustServer(t *testing.T) {
|
|
|
|
indexInfo := ®istrytypes.IndexInfo{Name: "testserver", Official: false}
|
2016-12-05 19:06:29 -05:00
|
|
|
output, err := trust.Server(indexInfo)
|
2016-09-08 13:11:39 -04:00
|
|
|
expectedStr := "https://" + indexInfo.Name
|
|
|
|
if err != nil || output != expectedStr {
|
|
|
|
t.Fatalf("Expected server to be %s, got %s", expectedStr, output)
|
|
|
|
}
|
|
|
|
}
|
2017-08-24 18:42:21 -04:00
|
|
|
|
|
|
|
func TestAddTargetToAllSignableRolesError(t *testing.T) {
|
|
|
|
tmpDir, err := ioutil.TempDir("", "notary-test-")
|
2018-03-06 14:44:13 -05:00
|
|
|
assert.NilError(t, err)
|
2017-08-24 18:42:21 -04:00
|
|
|
defer os.RemoveAll(tmpDir)
|
|
|
|
|
2017-09-11 17:07:00 -04:00
|
|
|
notaryRepo, err := client.NewFileCachedRepository(tmpDir, "gun", "https://localhost", nil, passphrase.ConstantRetriever("password"), trustpinning.TrustPinConfig{})
|
2018-03-05 18:53:52 -05:00
|
|
|
assert.NilError(t, err)
|
2017-08-24 18:42:21 -04:00
|
|
|
target := client.Target{}
|
|
|
|
err = AddTargetToAllSignableRoles(notaryRepo, &target)
|
2018-03-06 15:54:24 -05:00
|
|
|
assert.Error(t, err, "client is offline")
|
2017-08-24 18:42:21 -04:00
|
|
|
}
|