DockerCLI/e2e/trust/sign_test.go

68 lines
2.5 KiB
Go
Raw Normal View History

package trust
import (
"testing"
"github.com/docker/cli/e2e/internal/fixtures"
"github.com/docker/cli/internal/test/environment"
"gotest.tools/v3/assert"
is "gotest.tools/v3/assert/cmp"
"gotest.tools/v3/fs"
"gotest.tools/v3/icmd"
"gotest.tools/v3/skip"
)
const (
localImage = "registry:5000/signlocal:v1"
signImage = "registry:5000/sign:v1"
)
func TestSignLocalImage(t *testing.T) {
skip.If(t, environment.RemoteDaemon())
// Digests in golden files are linux/amd64 specific.
// TODO: Fix this test and make it work on all platforms.
environment.SkipIfNotPlatform(t, "linux/amd64")
dir := fixtures.SetupConfigFile(t)
defer dir.Remove()
icmd.RunCmd(icmd.Command("docker", "pull", fixtures.AlpineImage)).Assert(t, icmd.Success)
icmd.RunCommand("docker", "tag", fixtures.AlpineImage, signImage).Assert(t, icmd.Success)
result := icmd.RunCmd(
icmd.Command("docker", "trust", "sign", signImage),
fixtures.WithPassphrase("root_password", "repo_password"),
fixtures.WithConfig(dir.Path()), fixtures.WithNotary)
result.Assert(t, icmd.Success)
linting: fmt.Sprintf can be replaced with string concatenation (perfsprint) cli/registry/client/endpoint.go:128:34: fmt.Sprintf can be replaced with string concatenation (perfsprint) req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", th.token)) ^ cli/command/telemetry_docker.go:88:14: fmt.Sprintf can be replaced with string concatenation (perfsprint) endpoint = fmt.Sprintf("unix://%s", path.Join(u.Host, u.Path)) ^ cli/command/cli_test.go:195:47: fmt.Sprintf can be replaced with string concatenation (perfsprint) opts := &flags.ClientOptions{Hosts: []string{fmt.Sprintf("unix://%s", socket)}} ^ cli/command/registry_test.go:59:24: fmt.Sprintf can be replaced with string concatenation (perfsprint) inputServerAddress: fmt.Sprintf("https://%s", testAuthConfigs[1].ServerAddress), ^ cli/command/container/opts_test.go:338:35: fmt.Sprintf can be replaced with string concatenation (perfsprint) if config, _, _ := mustParse(t, fmt.Sprintf("--hostname=%s", hostname)); config.Hostname != expectedHostname { ^ cli/command/context/options.go:79:24: fmt.Sprintf can be replaced with string concatenation (perfsprint) errs = append(errs, fmt.Sprintf("%s: unrecognized config key", k)) ^ cli/command/image/build.go:461:68: fmt.Sprintf can be replaced with string concatenation (perfsprint) line = dockerfileFromLinePattern.ReplaceAllLiteralString(line, fmt.Sprintf("FROM %s", reference.FamiliarString(trustedRef))) ^ cli/command/image/remove_test.go:21:9: fmt.Sprintf can be replaced with string concatenation (perfsprint) return fmt.Sprintf("Error: No such image: %s", n.imageID) ^ cli/command/image/build/context.go:229:102: fmt.Sprintf can be replaced with string concatenation (perfsprint) progReader := progress.NewProgressReader(response.Body, progressOutput, response.ContentLength, "", fmt.Sprintf("Downloading build context from remote url: %s", remoteURL)) ^ cli/command/service/logs.go:215:16: fmt.Sprintf can be replaced with string concatenation (perfsprint) taskName += fmt.Sprintf(".%s", task.ID) ^ cli/command/service/logs.go:217:16: fmt.Sprintf can be replaced with string concatenation (perfsprint) taskName += fmt.Sprintf(".%s", stringid.TruncateID(task.ID)) ^ cli/command/service/progress/progress_test.go:877:18: fmt.Sprintf can be replaced with string concatenation (perfsprint) ID: fmt.Sprintf("task%s", nodeID), ^ cli/command/stack/swarm/remove.go:61:24: fmt.Sprintf can be replaced with string concatenation (perfsprint) errs = append(errs, fmt.Sprintf("Failed to remove some resources from stack: %s", namespace)) ^ cli/command/swarm/ipnet_slice_test.go:32:9: fmt.Sprintf can be replaced with string concatenation (perfsprint) arg := fmt.Sprintf("--cidrs=%s", strings.Join(vals, ",")) ^ cli/command/swarm/ipnet_slice_test.go:137:30: fmt.Sprintf can be replaced with string concatenation (perfsprint) if err := f.Parse([]string{fmt.Sprintf("--cidrs=%s", strings.Join(test.FlagArg, ","))}); err != nil { ^ cli/compose/schema/schema.go:105:11: fmt.Sprintf can be replaced with string concatenation (perfsprint) return fmt.Sprintf("must be a %s", humanReadableType(expectedType)) ^ cli/manifest/store/store.go:165:9: fmt.Sprintf can be replaced with string concatenation (perfsprint) return fmt.Sprintf("No such manifest: %s", n.object) ^ e2e/image/push_test.go:340:4: fmt.Sprintf can be replaced with string concatenation (perfsprint) fmt.Sprintf("NOTARY_ROOT_PASSPHRASE=%s", pwd), ^ e2e/image/push_test.go:341:4: fmt.Sprintf can be replaced with string concatenation (perfsprint) fmt.Sprintf("NOTARY_TARGETS_PASSPHRASE=%s", pwd), ^ e2e/image/push_test.go:342:4: fmt.Sprintf can be replaced with string concatenation (perfsprint) fmt.Sprintf("NOTARY_SNAPSHOT_PASSPHRASE=%s", pwd), ^ e2e/image/push_test.go:343:4: fmt.Sprintf can be replaced with string concatenation (perfsprint) fmt.Sprintf("NOTARY_DELEGATION_PASSPHRASE=%s", pwd), ^ e2e/plugin/trust_test.go:23:16: fmt.Sprintf can be replaced with string concatenation (perfsprint) pluginName := fmt.Sprintf("%s/plugin-content-trust", registryPrefix) ^ e2e/plugin/trust_test.go:53:8: fmt.Sprintf can be replaced with string concatenation (perfsprint) Out: fmt.Sprintf("Installed plugin %s", pluginName), ^ e2e/trust/revoke_test.go:62:57: fmt.Sprintf can be replaced with string concatenation (perfsprint) icmd.RunCommand("docker", "tag", fixtures.AlpineImage, fmt.Sprintf("%s:v1", revokeRepo)).Assert(t, icmd.Success) ^ e2e/trust/revoke_test.go:64:49: fmt.Sprintf can be replaced with string concatenation (perfsprint) icmd.Command("docker", "-D", "trust", "sign", fmt.Sprintf("%s:v1", revokeRepo)), ^ e2e/trust/revoke_test.go:68:58: fmt.Sprintf can be replaced with string concatenation (perfsprint) icmd.RunCommand("docker", "tag", fixtures.BusyboxImage, fmt.Sprintf("%s:v2", revokeRepo)).Assert(t, icmd.Success) ^ e2e/trust/revoke_test.go:70:49: fmt.Sprintf can be replaced with string concatenation (perfsprint) icmd.Command("docker", "-D", "trust", "sign", fmt.Sprintf("%s:v2", revokeRepo)), ^ e2e/trust/sign_test.go:36:47: fmt.Sprintf can be replaced with string concatenation (perfsprint) assert.Check(t, is.Contains(result.Stdout(), fmt.Sprintf("v1: digest: sha256:%s", fixtures.AlpineSha))) ^ e2e/trust/sign_test.go:53:47: fmt.Sprintf can be replaced with string concatenation (perfsprint) assert.Check(t, is.Contains(result.Stdout(), fmt.Sprintf("v1: digest: sha256:%s", fixtures.BusyboxSha))) ^ e2e/trust/sign_test.go:65:47: fmt.Sprintf can be replaced with string concatenation (perfsprint) assert.Check(t, is.Contains(result.Stdout(), fmt.Sprintf("v1: digest: sha256:%s", fixtures.AlpineSha))) ^ opts/file.go:21:9: fmt.Sprintf can be replaced with string concatenation (perfsprint) return fmt.Sprintf("poorly formatted environment: %s", e.msg) ^ opts/hosts_test.go:26:31: fmt.Sprintf can be replaced with string concatenation (perfsprint) "tcp://host:": fmt.Sprintf("tcp://host:%s", defaultHTTPPort), ^ Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-06-10 15:07:37 -04:00
assert.Check(t, is.Contains(result.Stdout(), "v1: digest: sha256:"+fixtures.AlpineSha))
}
func TestSignWithLocalFlag(t *testing.T) {
skip.If(t, environment.RemoteDaemon())
// Digests in golden files are linux/amd64 specific.
// TODO: Fix this test and make it work on all platforms.
environment.SkipIfNotPlatform(t, "linux/amd64")
dir := fixtures.SetupConfigFile(t)
defer dir.Remove()
setupTrustedImageForOverwrite(t, dir)
result := icmd.RunCmd(
icmd.Command("docker", "trust", "sign", "--local", localImage),
fixtures.WithPassphrase("root_password", "repo_password"),
fixtures.WithConfig(dir.Path()), fixtures.WithNotary)
result.Assert(t, icmd.Success)
linting: fmt.Sprintf can be replaced with string concatenation (perfsprint) cli/registry/client/endpoint.go:128:34: fmt.Sprintf can be replaced with string concatenation (perfsprint) req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", th.token)) ^ cli/command/telemetry_docker.go:88:14: fmt.Sprintf can be replaced with string concatenation (perfsprint) endpoint = fmt.Sprintf("unix://%s", path.Join(u.Host, u.Path)) ^ cli/command/cli_test.go:195:47: fmt.Sprintf can be replaced with string concatenation (perfsprint) opts := &flags.ClientOptions{Hosts: []string{fmt.Sprintf("unix://%s", socket)}} ^ cli/command/registry_test.go:59:24: fmt.Sprintf can be replaced with string concatenation (perfsprint) inputServerAddress: fmt.Sprintf("https://%s", testAuthConfigs[1].ServerAddress), ^ cli/command/container/opts_test.go:338:35: fmt.Sprintf can be replaced with string concatenation (perfsprint) if config, _, _ := mustParse(t, fmt.Sprintf("--hostname=%s", hostname)); config.Hostname != expectedHostname { ^ cli/command/context/options.go:79:24: fmt.Sprintf can be replaced with string concatenation (perfsprint) errs = append(errs, fmt.Sprintf("%s: unrecognized config key", k)) ^ cli/command/image/build.go:461:68: fmt.Sprintf can be replaced with string concatenation (perfsprint) line = dockerfileFromLinePattern.ReplaceAllLiteralString(line, fmt.Sprintf("FROM %s", reference.FamiliarString(trustedRef))) ^ cli/command/image/remove_test.go:21:9: fmt.Sprintf can be replaced with string concatenation (perfsprint) return fmt.Sprintf("Error: No such image: %s", n.imageID) ^ cli/command/image/build/context.go:229:102: fmt.Sprintf can be replaced with string concatenation (perfsprint) progReader := progress.NewProgressReader(response.Body, progressOutput, response.ContentLength, "", fmt.Sprintf("Downloading build context from remote url: %s", remoteURL)) ^ cli/command/service/logs.go:215:16: fmt.Sprintf can be replaced with string concatenation (perfsprint) taskName += fmt.Sprintf(".%s", task.ID) ^ cli/command/service/logs.go:217:16: fmt.Sprintf can be replaced with string concatenation (perfsprint) taskName += fmt.Sprintf(".%s", stringid.TruncateID(task.ID)) ^ cli/command/service/progress/progress_test.go:877:18: fmt.Sprintf can be replaced with string concatenation (perfsprint) ID: fmt.Sprintf("task%s", nodeID), ^ cli/command/stack/swarm/remove.go:61:24: fmt.Sprintf can be replaced with string concatenation (perfsprint) errs = append(errs, fmt.Sprintf("Failed to remove some resources from stack: %s", namespace)) ^ cli/command/swarm/ipnet_slice_test.go:32:9: fmt.Sprintf can be replaced with string concatenation (perfsprint) arg := fmt.Sprintf("--cidrs=%s", strings.Join(vals, ",")) ^ cli/command/swarm/ipnet_slice_test.go:137:30: fmt.Sprintf can be replaced with string concatenation (perfsprint) if err := f.Parse([]string{fmt.Sprintf("--cidrs=%s", strings.Join(test.FlagArg, ","))}); err != nil { ^ cli/compose/schema/schema.go:105:11: fmt.Sprintf can be replaced with string concatenation (perfsprint) return fmt.Sprintf("must be a %s", humanReadableType(expectedType)) ^ cli/manifest/store/store.go:165:9: fmt.Sprintf can be replaced with string concatenation (perfsprint) return fmt.Sprintf("No such manifest: %s", n.object) ^ e2e/image/push_test.go:340:4: fmt.Sprintf can be replaced with string concatenation (perfsprint) fmt.Sprintf("NOTARY_ROOT_PASSPHRASE=%s", pwd), ^ e2e/image/push_test.go:341:4: fmt.Sprintf can be replaced with string concatenation (perfsprint) fmt.Sprintf("NOTARY_TARGETS_PASSPHRASE=%s", pwd), ^ e2e/image/push_test.go:342:4: fmt.Sprintf can be replaced with string concatenation (perfsprint) fmt.Sprintf("NOTARY_SNAPSHOT_PASSPHRASE=%s", pwd), ^ e2e/image/push_test.go:343:4: fmt.Sprintf can be replaced with string concatenation (perfsprint) fmt.Sprintf("NOTARY_DELEGATION_PASSPHRASE=%s", pwd), ^ e2e/plugin/trust_test.go:23:16: fmt.Sprintf can be replaced with string concatenation (perfsprint) pluginName := fmt.Sprintf("%s/plugin-content-trust", registryPrefix) ^ e2e/plugin/trust_test.go:53:8: fmt.Sprintf can be replaced with string concatenation (perfsprint) Out: fmt.Sprintf("Installed plugin %s", pluginName), ^ e2e/trust/revoke_test.go:62:57: fmt.Sprintf can be replaced with string concatenation (perfsprint) icmd.RunCommand("docker", "tag", fixtures.AlpineImage, fmt.Sprintf("%s:v1", revokeRepo)).Assert(t, icmd.Success) ^ e2e/trust/revoke_test.go:64:49: fmt.Sprintf can be replaced with string concatenation (perfsprint) icmd.Command("docker", "-D", "trust", "sign", fmt.Sprintf("%s:v1", revokeRepo)), ^ e2e/trust/revoke_test.go:68:58: fmt.Sprintf can be replaced with string concatenation (perfsprint) icmd.RunCommand("docker", "tag", fixtures.BusyboxImage, fmt.Sprintf("%s:v2", revokeRepo)).Assert(t, icmd.Success) ^ e2e/trust/revoke_test.go:70:49: fmt.Sprintf can be replaced with string concatenation (perfsprint) icmd.Command("docker", "-D", "trust", "sign", fmt.Sprintf("%s:v2", revokeRepo)), ^ e2e/trust/sign_test.go:36:47: fmt.Sprintf can be replaced with string concatenation (perfsprint) assert.Check(t, is.Contains(result.Stdout(), fmt.Sprintf("v1: digest: sha256:%s", fixtures.AlpineSha))) ^ e2e/trust/sign_test.go:53:47: fmt.Sprintf can be replaced with string concatenation (perfsprint) assert.Check(t, is.Contains(result.Stdout(), fmt.Sprintf("v1: digest: sha256:%s", fixtures.BusyboxSha))) ^ e2e/trust/sign_test.go:65:47: fmt.Sprintf can be replaced with string concatenation (perfsprint) assert.Check(t, is.Contains(result.Stdout(), fmt.Sprintf("v1: digest: sha256:%s", fixtures.AlpineSha))) ^ opts/file.go:21:9: fmt.Sprintf can be replaced with string concatenation (perfsprint) return fmt.Sprintf("poorly formatted environment: %s", e.msg) ^ opts/hosts_test.go:26:31: fmt.Sprintf can be replaced with string concatenation (perfsprint) "tcp://host:": fmt.Sprintf("tcp://host:%s", defaultHTTPPort), ^ Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-06-10 15:07:37 -04:00
assert.Check(t, is.Contains(result.Stdout(), "v1: digest: sha256:"+fixtures.BusyboxSha))
}
func setupTrustedImageForOverwrite(t *testing.T, dir fs.Dir) {
t.Helper()
icmd.RunCmd(icmd.Command("docker", "pull", fixtures.AlpineImage)).Assert(t, icmd.Success)
icmd.RunCommand("docker", "tag", fixtures.AlpineImage, localImage).Assert(t, icmd.Success)
result := icmd.RunCmd(
icmd.Command("docker", "-D", "trust", "sign", localImage),
fixtures.WithPassphrase("root_password", "repo_password"),
fixtures.WithConfig(dir.Path()), fixtures.WithNotary)
result.Assert(t, icmd.Success)
linting: fmt.Sprintf can be replaced with string concatenation (perfsprint) cli/registry/client/endpoint.go:128:34: fmt.Sprintf can be replaced with string concatenation (perfsprint) req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", th.token)) ^ cli/command/telemetry_docker.go:88:14: fmt.Sprintf can be replaced with string concatenation (perfsprint) endpoint = fmt.Sprintf("unix://%s", path.Join(u.Host, u.Path)) ^ cli/command/cli_test.go:195:47: fmt.Sprintf can be replaced with string concatenation (perfsprint) opts := &flags.ClientOptions{Hosts: []string{fmt.Sprintf("unix://%s", socket)}} ^ cli/command/registry_test.go:59:24: fmt.Sprintf can be replaced with string concatenation (perfsprint) inputServerAddress: fmt.Sprintf("https://%s", testAuthConfigs[1].ServerAddress), ^ cli/command/container/opts_test.go:338:35: fmt.Sprintf can be replaced with string concatenation (perfsprint) if config, _, _ := mustParse(t, fmt.Sprintf("--hostname=%s", hostname)); config.Hostname != expectedHostname { ^ cli/command/context/options.go:79:24: fmt.Sprintf can be replaced with string concatenation (perfsprint) errs = append(errs, fmt.Sprintf("%s: unrecognized config key", k)) ^ cli/command/image/build.go:461:68: fmt.Sprintf can be replaced with string concatenation (perfsprint) line = dockerfileFromLinePattern.ReplaceAllLiteralString(line, fmt.Sprintf("FROM %s", reference.FamiliarString(trustedRef))) ^ cli/command/image/remove_test.go:21:9: fmt.Sprintf can be replaced with string concatenation (perfsprint) return fmt.Sprintf("Error: No such image: %s", n.imageID) ^ cli/command/image/build/context.go:229:102: fmt.Sprintf can be replaced with string concatenation (perfsprint) progReader := progress.NewProgressReader(response.Body, progressOutput, response.ContentLength, "", fmt.Sprintf("Downloading build context from remote url: %s", remoteURL)) ^ cli/command/service/logs.go:215:16: fmt.Sprintf can be replaced with string concatenation (perfsprint) taskName += fmt.Sprintf(".%s", task.ID) ^ cli/command/service/logs.go:217:16: fmt.Sprintf can be replaced with string concatenation (perfsprint) taskName += fmt.Sprintf(".%s", stringid.TruncateID(task.ID)) ^ cli/command/service/progress/progress_test.go:877:18: fmt.Sprintf can be replaced with string concatenation (perfsprint) ID: fmt.Sprintf("task%s", nodeID), ^ cli/command/stack/swarm/remove.go:61:24: fmt.Sprintf can be replaced with string concatenation (perfsprint) errs = append(errs, fmt.Sprintf("Failed to remove some resources from stack: %s", namespace)) ^ cli/command/swarm/ipnet_slice_test.go:32:9: fmt.Sprintf can be replaced with string concatenation (perfsprint) arg := fmt.Sprintf("--cidrs=%s", strings.Join(vals, ",")) ^ cli/command/swarm/ipnet_slice_test.go:137:30: fmt.Sprintf can be replaced with string concatenation (perfsprint) if err := f.Parse([]string{fmt.Sprintf("--cidrs=%s", strings.Join(test.FlagArg, ","))}); err != nil { ^ cli/compose/schema/schema.go:105:11: fmt.Sprintf can be replaced with string concatenation (perfsprint) return fmt.Sprintf("must be a %s", humanReadableType(expectedType)) ^ cli/manifest/store/store.go:165:9: fmt.Sprintf can be replaced with string concatenation (perfsprint) return fmt.Sprintf("No such manifest: %s", n.object) ^ e2e/image/push_test.go:340:4: fmt.Sprintf can be replaced with string concatenation (perfsprint) fmt.Sprintf("NOTARY_ROOT_PASSPHRASE=%s", pwd), ^ e2e/image/push_test.go:341:4: fmt.Sprintf can be replaced with string concatenation (perfsprint) fmt.Sprintf("NOTARY_TARGETS_PASSPHRASE=%s", pwd), ^ e2e/image/push_test.go:342:4: fmt.Sprintf can be replaced with string concatenation (perfsprint) fmt.Sprintf("NOTARY_SNAPSHOT_PASSPHRASE=%s", pwd), ^ e2e/image/push_test.go:343:4: fmt.Sprintf can be replaced with string concatenation (perfsprint) fmt.Sprintf("NOTARY_DELEGATION_PASSPHRASE=%s", pwd), ^ e2e/plugin/trust_test.go:23:16: fmt.Sprintf can be replaced with string concatenation (perfsprint) pluginName := fmt.Sprintf("%s/plugin-content-trust", registryPrefix) ^ e2e/plugin/trust_test.go:53:8: fmt.Sprintf can be replaced with string concatenation (perfsprint) Out: fmt.Sprintf("Installed plugin %s", pluginName), ^ e2e/trust/revoke_test.go:62:57: fmt.Sprintf can be replaced with string concatenation (perfsprint) icmd.RunCommand("docker", "tag", fixtures.AlpineImage, fmt.Sprintf("%s:v1", revokeRepo)).Assert(t, icmd.Success) ^ e2e/trust/revoke_test.go:64:49: fmt.Sprintf can be replaced with string concatenation (perfsprint) icmd.Command("docker", "-D", "trust", "sign", fmt.Sprintf("%s:v1", revokeRepo)), ^ e2e/trust/revoke_test.go:68:58: fmt.Sprintf can be replaced with string concatenation (perfsprint) icmd.RunCommand("docker", "tag", fixtures.BusyboxImage, fmt.Sprintf("%s:v2", revokeRepo)).Assert(t, icmd.Success) ^ e2e/trust/revoke_test.go:70:49: fmt.Sprintf can be replaced with string concatenation (perfsprint) icmd.Command("docker", "-D", "trust", "sign", fmt.Sprintf("%s:v2", revokeRepo)), ^ e2e/trust/sign_test.go:36:47: fmt.Sprintf can be replaced with string concatenation (perfsprint) assert.Check(t, is.Contains(result.Stdout(), fmt.Sprintf("v1: digest: sha256:%s", fixtures.AlpineSha))) ^ e2e/trust/sign_test.go:53:47: fmt.Sprintf can be replaced with string concatenation (perfsprint) assert.Check(t, is.Contains(result.Stdout(), fmt.Sprintf("v1: digest: sha256:%s", fixtures.BusyboxSha))) ^ e2e/trust/sign_test.go:65:47: fmt.Sprintf can be replaced with string concatenation (perfsprint) assert.Check(t, is.Contains(result.Stdout(), fmt.Sprintf("v1: digest: sha256:%s", fixtures.AlpineSha))) ^ opts/file.go:21:9: fmt.Sprintf can be replaced with string concatenation (perfsprint) return fmt.Sprintf("poorly formatted environment: %s", e.msg) ^ opts/hosts_test.go:26:31: fmt.Sprintf can be replaced with string concatenation (perfsprint) "tcp://host:": fmt.Sprintf("tcp://host:%s", defaultHTTPPort), ^ Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-06-10 15:07:37 -04:00
assert.Check(t, is.Contains(result.Stdout(), "v1: digest: sha256:"+fixtures.AlpineSha))
icmd.RunCmd(icmd.Command("docker", "pull", fixtures.BusyboxImage)).Assert(t, icmd.Success)
icmd.RunCommand("docker", "tag", fixtures.BusyboxImage, localImage).Assert(t, icmd.Success)
}