2017-11-10 14:34:23 -05:00
|
|
|
package trust
|
|
|
|
|
|
|
|
import (
|
|
|
|
"fmt"
|
|
|
|
"testing"
|
|
|
|
|
2017-11-13 20:18:04 -05:00
|
|
|
"github.com/docker/cli/e2e/internal/fixtures"
|
2018-05-17 07:11:59 -04:00
|
|
|
"github.com/docker/cli/internal/test/environment"
|
2018-03-05 18:53:52 -05:00
|
|
|
"github.com/gotestyourself/gotestyourself/assert"
|
|
|
|
is "github.com/gotestyourself/gotestyourself/assert/cmp"
|
2017-11-10 14:34:23 -05:00
|
|
|
"github.com/gotestyourself/gotestyourself/fs"
|
|
|
|
"github.com/gotestyourself/gotestyourself/icmd"
|
2018-05-17 07:11:59 -04:00
|
|
|
"github.com/gotestyourself/gotestyourself/skip"
|
2017-11-10 14:34:23 -05:00
|
|
|
)
|
|
|
|
|
|
|
|
const (
|
2017-11-13 20:18:04 -05:00
|
|
|
localImage = "registry:5000/signlocal:v1"
|
|
|
|
signImage = "registry:5000/sign:v1"
|
2017-11-10 14:34:23 -05:00
|
|
|
)
|
|
|
|
|
|
|
|
func TestSignLocalImage(t *testing.T) {
|
2018-05-17 07:11:59 -04:00
|
|
|
skip.If(t, environment.RemoteDaemon())
|
|
|
|
|
2017-11-13 20:18:04 -05:00
|
|
|
dir := fixtures.SetupConfigFile(t)
|
2017-11-10 14:34:23 -05:00
|
|
|
defer dir.Remove()
|
2017-11-13 20:18:04 -05:00
|
|
|
icmd.RunCmd(icmd.Command("docker", "pull", fixtures.AlpineImage)).Assert(t, icmd.Success)
|
|
|
|
icmd.RunCommand("docker", "tag", fixtures.AlpineImage, signImage).Assert(t, icmd.Success)
|
2017-11-10 14:34:23 -05:00
|
|
|
result := icmd.RunCmd(
|
|
|
|
icmd.Command("docker", "trust", "sign", signImage),
|
2017-11-13 20:18:04 -05:00
|
|
|
fixtures.WithPassphrase("root_password", "repo_password"),
|
|
|
|
fixtures.WithConfig(dir.Path()), fixtures.WithNotary)
|
2017-11-10 14:34:23 -05:00
|
|
|
result.Assert(t, icmd.Success)
|
2018-03-05 18:53:52 -05:00
|
|
|
assert.Check(t, is.Contains(result.Stdout(), fmt.Sprintf("v1: digest: sha256:%s", fixtures.AlpineSha)))
|
2017-11-10 14:34:23 -05:00
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestSignWithLocalFlag(t *testing.T) {
|
2018-05-17 07:11:59 -04:00
|
|
|
skip.If(t, environment.RemoteDaemon())
|
|
|
|
|
2017-11-13 20:18:04 -05:00
|
|
|
dir := fixtures.SetupConfigFile(t)
|
2017-11-10 14:34:23 -05:00
|
|
|
defer dir.Remove()
|
|
|
|
setupTrustedImageForOverwrite(t, dir)
|
|
|
|
result := icmd.RunCmd(
|
|
|
|
icmd.Command("docker", "trust", "sign", "--local", localImage),
|
2017-11-13 20:18:04 -05:00
|
|
|
fixtures.WithPassphrase("root_password", "repo_password"),
|
|
|
|
fixtures.WithConfig(dir.Path()), fixtures.WithNotary)
|
2017-11-10 14:34:23 -05:00
|
|
|
result.Assert(t, icmd.Success)
|
2018-03-05 18:53:52 -05:00
|
|
|
assert.Check(t, is.Contains(result.Stdout(), fmt.Sprintf("v1: digest: sha256:%s", fixtures.BusyboxSha)))
|
2017-11-10 14:34:23 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
func setupTrustedImageForOverwrite(t *testing.T, dir fs.Dir) {
|
2017-11-13 20:18:04 -05:00
|
|
|
icmd.RunCmd(icmd.Command("docker", "pull", fixtures.AlpineImage)).Assert(t, icmd.Success)
|
|
|
|
icmd.RunCommand("docker", "tag", fixtures.AlpineImage, localImage).Assert(t, icmd.Success)
|
2017-11-10 14:34:23 -05:00
|
|
|
result := icmd.RunCmd(
|
|
|
|
icmd.Command("docker", "-D", "trust", "sign", localImage),
|
2017-11-13 20:18:04 -05:00
|
|
|
fixtures.WithPassphrase("root_password", "repo_password"),
|
|
|
|
fixtures.WithConfig(dir.Path()), fixtures.WithNotary)
|
2017-11-10 14:34:23 -05:00
|
|
|
result.Assert(t, icmd.Success)
|
2018-03-05 18:53:52 -05:00
|
|
|
assert.Check(t, is.Contains(result.Stdout(), fmt.Sprintf("v1: digest: sha256:%s", fixtures.AlpineSha)))
|
2017-11-13 20:18:04 -05:00
|
|
|
icmd.RunCmd(icmd.Command("docker", "pull", fixtures.BusyboxImage)).Assert(t, icmd.Success)
|
|
|
|
icmd.RunCommand("docker", "tag", fixtures.BusyboxImage, localImage).Assert(t, icmd.Success)
|
2017-11-10 14:34:23 -05:00
|
|
|
}
|