2017-11-15 14:50:33 -05:00
|
|
|
package trust
|
|
|
|
|
|
|
|
|
|
import (
|
2022-02-25 08:33:57 -05:00
|
|
|
"io"
|
2017-11-15 14:50:33 -05:00
|
|
|
"testing"
|
|
|
|
|
|
2018-08-08 13:50:00 -04:00
|
|
|
"github.com/docker/cli/cli/trust"
|
2017-11-15 14:50:33 -05:00
|
|
|
"github.com/docker/cli/internal/test"
|
2018-03-08 08:35:17 -05:00
|
|
|
"github.com/docker/cli/internal/test/notary"
|
2018-08-08 13:50:00 -04:00
|
|
|
"github.com/theupdateframework/notary/client"
|
2020-02-22 12:12:14 -05:00
|
|
|
"gotest.tools/v3/assert"
|
|
|
|
|
"gotest.tools/v3/golden"
|
2017-11-15 14:50:33 -05:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
func TestTrustInspectCommandErrors(t *testing.T) {
|
|
|
|
|
testCases := []struct {
|
|
|
|
|
name string
|
|
|
|
|
args []string
|
|
|
|
|
expectedError string
|
|
|
|
|
}{
|
|
|
|
|
{
|
|
|
|
|
name: "not-enough-args",
|
2018-03-09 12:37:43 -05:00
|
|
|
expectedError: "requires at least 1 argument",
|
2017-11-15 14:50:33 -05:00
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
name: "sha-reference",
|
|
|
|
|
args: []string{"870d292919d01a0af7e7f056271dc78792c05f55f49b9b9012b6d89725bd9abd"},
|
|
|
|
|
expectedError: "invalid repository name",
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
name: "invalid-img-reference",
|
|
|
|
|
args: []string{"ALPINE"},
|
|
|
|
|
expectedError: "invalid reference format",
|
|
|
|
|
},
|
|
|
|
|
}
|
|
|
|
|
for _, tc := range testCases {
|
2018-03-09 12:37:43 -05:00
|
|
|
cmd := newInspectCommand(
|
2017-11-15 14:50:33 -05:00
|
|
|
test.NewFakeCli(&fakeClient{}))
|
2018-03-09 12:37:43 -05:00
|
|
|
cmd.Flags().Set("pretty", "true")
|
2017-11-15 14:50:33 -05:00
|
|
|
cmd.SetArgs(tc.args)
|
2022-02-25 08:33:57 -05:00
|
|
|
cmd.SetOut(io.Discard)
|
2018-03-06 14:03:47 -05:00
|
|
|
assert.ErrorContains(t, cmd.Execute(), tc.expectedError)
|
2017-11-15 14:50:33 -05:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2018-08-08 13:50:00 -04:00
|
|
|
func TestTrustInspectCommandRepositoryErrors(t *testing.T) {
|
|
|
|
|
testCases := []struct {
|
|
|
|
|
doc string
|
|
|
|
|
args []string
|
|
|
|
|
notaryRepository func(trust.ImageRefAndAuth, []string) (client.Repository, error)
|
|
|
|
|
err string
|
|
|
|
|
golden string
|
|
|
|
|
}{
|
|
|
|
|
{
|
|
|
|
|
doc: "OfflineErrors",
|
|
|
|
|
args: []string{"nonexistent-reg-name.io/image"},
|
|
|
|
|
notaryRepository: notary.GetOfflineNotaryRepository,
|
linting: ST1005: error strings should not be capitalized (stylecheck)
While fixing, also updated errors without placeholders to `errors.New()`, and
updated some code to use pkg/errors if it was already in use in the file.
cli/command/config/inspect.go:59:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Cannot supply extra formatting options to the pretty template")
^
cli/command/node/inspect.go:61:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Cannot supply extra formatting options to the pretty template")
^
cli/command/secret/inspect.go:57:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Cannot supply extra formatting options to the pretty template")
^
cli/command/trust/common.go:77:74: ST1005: error strings should not be capitalized (stylecheck)
return []trustTagRow{}, []client.RoleWithSignatures{}, []data.Role{}, fmt.Errorf("No signatures or cannot access %s", remote)
^
cli/command/trust/common.go:85:73: ST1005: error strings should not be capitalized (stylecheck)
return []trustTagRow{}, []client.RoleWithSignatures{}, []data.Role{}, fmt.Errorf("No signers for %s", remote)
^
cli/command/trust/sign.go:137:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("No tag specified for %s", imgRefAndAuth.Name())
^
cli/command/trust/sign.go:151:19: ST1005: error strings should not be capitalized (stylecheck)
return *target, fmt.Errorf("No tag specified")
^
cli/command/trust/signer_add.go:77:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Failed to add signer to: %s", strings.Join(errRepos, ", "))
^
cli/command/trust/signer_remove.go:52:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Error removing signer from: %s", strings.Join(errRepos, ", "))
^
cli/command/trust/signer_remove.go:67:17: ST1005: error strings should not be capitalized (stylecheck)
return false, fmt.Errorf("All signed tags are currently revoked, use docker trust sign to fix")
^
cli/command/trust/signer_remove.go:108:17: ST1005: error strings should not be capitalized (stylecheck)
return false, fmt.Errorf("No signer %s for repository %s", signerName, repoName)
^
opts/hosts.go:89:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid bind address format: %s", addr)
^
opts/hosts.go:100:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid proto, expected %s: %s", proto, addr)
^
opts/hosts.go:119:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid proto, expected tcp: %s", tryAddr)
^
opts/hosts.go:144:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid bind address format: %s", tryAddr)
^
opts/hosts.go:155:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid bind address format: %s", tryAddr)
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-02 18:04:53 -04:00
|
|
|
err: "no signatures or cannot access nonexistent-reg-name.io/image",
|
2018-08-08 13:50:00 -04:00
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
doc: "OfflineErrorsWithImageTag",
|
|
|
|
|
args: []string{"nonexistent-reg-name.io/image:tag"},
|
|
|
|
|
notaryRepository: notary.GetOfflineNotaryRepository,
|
linting: ST1005: error strings should not be capitalized (stylecheck)
While fixing, also updated errors without placeholders to `errors.New()`, and
updated some code to use pkg/errors if it was already in use in the file.
cli/command/config/inspect.go:59:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Cannot supply extra formatting options to the pretty template")
^
cli/command/node/inspect.go:61:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Cannot supply extra formatting options to the pretty template")
^
cli/command/secret/inspect.go:57:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Cannot supply extra formatting options to the pretty template")
^
cli/command/trust/common.go:77:74: ST1005: error strings should not be capitalized (stylecheck)
return []trustTagRow{}, []client.RoleWithSignatures{}, []data.Role{}, fmt.Errorf("No signatures or cannot access %s", remote)
^
cli/command/trust/common.go:85:73: ST1005: error strings should not be capitalized (stylecheck)
return []trustTagRow{}, []client.RoleWithSignatures{}, []data.Role{}, fmt.Errorf("No signers for %s", remote)
^
cli/command/trust/sign.go:137:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("No tag specified for %s", imgRefAndAuth.Name())
^
cli/command/trust/sign.go:151:19: ST1005: error strings should not be capitalized (stylecheck)
return *target, fmt.Errorf("No tag specified")
^
cli/command/trust/signer_add.go:77:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Failed to add signer to: %s", strings.Join(errRepos, ", "))
^
cli/command/trust/signer_remove.go:52:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Error removing signer from: %s", strings.Join(errRepos, ", "))
^
cli/command/trust/signer_remove.go:67:17: ST1005: error strings should not be capitalized (stylecheck)
return false, fmt.Errorf("All signed tags are currently revoked, use docker trust sign to fix")
^
cli/command/trust/signer_remove.go:108:17: ST1005: error strings should not be capitalized (stylecheck)
return false, fmt.Errorf("No signer %s for repository %s", signerName, repoName)
^
opts/hosts.go:89:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid bind address format: %s", addr)
^
opts/hosts.go:100:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid proto, expected %s: %s", proto, addr)
^
opts/hosts.go:119:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid proto, expected tcp: %s", tryAddr)
^
opts/hosts.go:144:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid bind address format: %s", tryAddr)
^
opts/hosts.go:155:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid bind address format: %s", tryAddr)
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-02 18:04:53 -04:00
|
|
|
err: "no signatures or cannot access nonexistent-reg-name.io/image:tag",
|
2018-08-08 13:50:00 -04:00
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
doc: "UninitializedErrors",
|
|
|
|
|
args: []string{"reg/unsigned-img"},
|
|
|
|
|
notaryRepository: notary.GetUninitializedNotaryRepository,
|
linting: ST1005: error strings should not be capitalized (stylecheck)
While fixing, also updated errors without placeholders to `errors.New()`, and
updated some code to use pkg/errors if it was already in use in the file.
cli/command/config/inspect.go:59:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Cannot supply extra formatting options to the pretty template")
^
cli/command/node/inspect.go:61:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Cannot supply extra formatting options to the pretty template")
^
cli/command/secret/inspect.go:57:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Cannot supply extra formatting options to the pretty template")
^
cli/command/trust/common.go:77:74: ST1005: error strings should not be capitalized (stylecheck)
return []trustTagRow{}, []client.RoleWithSignatures{}, []data.Role{}, fmt.Errorf("No signatures or cannot access %s", remote)
^
cli/command/trust/common.go:85:73: ST1005: error strings should not be capitalized (stylecheck)
return []trustTagRow{}, []client.RoleWithSignatures{}, []data.Role{}, fmt.Errorf("No signers for %s", remote)
^
cli/command/trust/sign.go:137:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("No tag specified for %s", imgRefAndAuth.Name())
^
cli/command/trust/sign.go:151:19: ST1005: error strings should not be capitalized (stylecheck)
return *target, fmt.Errorf("No tag specified")
^
cli/command/trust/signer_add.go:77:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Failed to add signer to: %s", strings.Join(errRepos, ", "))
^
cli/command/trust/signer_remove.go:52:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Error removing signer from: %s", strings.Join(errRepos, ", "))
^
cli/command/trust/signer_remove.go:67:17: ST1005: error strings should not be capitalized (stylecheck)
return false, fmt.Errorf("All signed tags are currently revoked, use docker trust sign to fix")
^
cli/command/trust/signer_remove.go:108:17: ST1005: error strings should not be capitalized (stylecheck)
return false, fmt.Errorf("No signer %s for repository %s", signerName, repoName)
^
opts/hosts.go:89:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid bind address format: %s", addr)
^
opts/hosts.go:100:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid proto, expected %s: %s", proto, addr)
^
opts/hosts.go:119:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid proto, expected tcp: %s", tryAddr)
^
opts/hosts.go:144:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid bind address format: %s", tryAddr)
^
opts/hosts.go:155:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid bind address format: %s", tryAddr)
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-02 18:04:53 -04:00
|
|
|
err: "no signatures or cannot access reg/unsigned-img",
|
2018-08-08 13:50:00 -04:00
|
|
|
golden: "trust-inspect-uninitialized.golden",
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
doc: "UninitializedErrorsWithImageTag",
|
|
|
|
|
args: []string{"reg/unsigned-img:tag"},
|
|
|
|
|
notaryRepository: notary.GetUninitializedNotaryRepository,
|
linting: ST1005: error strings should not be capitalized (stylecheck)
While fixing, also updated errors without placeholders to `errors.New()`, and
updated some code to use pkg/errors if it was already in use in the file.
cli/command/config/inspect.go:59:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Cannot supply extra formatting options to the pretty template")
^
cli/command/node/inspect.go:61:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Cannot supply extra formatting options to the pretty template")
^
cli/command/secret/inspect.go:57:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Cannot supply extra formatting options to the pretty template")
^
cli/command/trust/common.go:77:74: ST1005: error strings should not be capitalized (stylecheck)
return []trustTagRow{}, []client.RoleWithSignatures{}, []data.Role{}, fmt.Errorf("No signatures or cannot access %s", remote)
^
cli/command/trust/common.go:85:73: ST1005: error strings should not be capitalized (stylecheck)
return []trustTagRow{}, []client.RoleWithSignatures{}, []data.Role{}, fmt.Errorf("No signers for %s", remote)
^
cli/command/trust/sign.go:137:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("No tag specified for %s", imgRefAndAuth.Name())
^
cli/command/trust/sign.go:151:19: ST1005: error strings should not be capitalized (stylecheck)
return *target, fmt.Errorf("No tag specified")
^
cli/command/trust/signer_add.go:77:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Failed to add signer to: %s", strings.Join(errRepos, ", "))
^
cli/command/trust/signer_remove.go:52:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Error removing signer from: %s", strings.Join(errRepos, ", "))
^
cli/command/trust/signer_remove.go:67:17: ST1005: error strings should not be capitalized (stylecheck)
return false, fmt.Errorf("All signed tags are currently revoked, use docker trust sign to fix")
^
cli/command/trust/signer_remove.go:108:17: ST1005: error strings should not be capitalized (stylecheck)
return false, fmt.Errorf("No signer %s for repository %s", signerName, repoName)
^
opts/hosts.go:89:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid bind address format: %s", addr)
^
opts/hosts.go:100:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid proto, expected %s: %s", proto, addr)
^
opts/hosts.go:119:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid proto, expected tcp: %s", tryAddr)
^
opts/hosts.go:144:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid bind address format: %s", tryAddr)
^
opts/hosts.go:155:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid bind address format: %s", tryAddr)
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-02 18:04:53 -04:00
|
|
|
err: "no signatures or cannot access reg/unsigned-img:tag",
|
2018-08-08 13:50:00 -04:00
|
|
|
golden: "trust-inspect-uninitialized.golden",
|
|
|
|
|
},
|
|
|
|
|
}
|
2017-11-15 14:50:33 -05:00
|
|
|
|
2018-08-08 13:50:00 -04:00
|
|
|
for _, tc := range testCases {
|
|
|
|
|
t.Run(tc.doc, func(t *testing.T) {
|
|
|
|
|
cli := test.NewFakeCli(&fakeClient{})
|
|
|
|
|
cli.SetNotaryClient(tc.notaryRepository)
|
|
|
|
|
cmd := newInspectCommand(cli)
|
|
|
|
|
cmd.SetArgs(tc.args)
|
2022-02-25 08:33:57 -05:00
|
|
|
cmd.SetOut(io.Discard)
|
2018-08-08 13:50:00 -04:00
|
|
|
assert.ErrorContains(t, cmd.Execute(), tc.err)
|
|
|
|
|
if tc.golden != "" {
|
|
|
|
|
golden.Assert(t, cli.OutBuffer().String(), tc.golden)
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
}
|
2017-11-15 14:50:33 -05:00
|
|
|
}
|
|
|
|
|
|
2018-08-08 13:50:00 -04:00
|
|
|
func TestTrustInspectCommand(t *testing.T) {
|
|
|
|
|
testCases := []struct {
|
|
|
|
|
doc string
|
|
|
|
|
args []string
|
|
|
|
|
notaryRepository func(trust.ImageRefAndAuth, []string) (client.Repository, error)
|
|
|
|
|
golden string
|
|
|
|
|
}{
|
|
|
|
|
{
|
|
|
|
|
doc: "EmptyNotaryRepo",
|
|
|
|
|
args: []string{"reg/img:unsigned-tag"},
|
|
|
|
|
notaryRepository: notary.GetEmptyTargetsNotaryRepository,
|
|
|
|
|
golden: "trust-inspect-empty-repo.golden",
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
doc: "FullRepoWithoutSigners",
|
|
|
|
|
args: []string{"signed-repo"},
|
|
|
|
|
notaryRepository: notary.GetLoadedWithNoSignersNotaryRepository,
|
|
|
|
|
golden: "trust-inspect-full-repo-no-signers.golden",
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
doc: "OneTagWithoutSigners",
|
|
|
|
|
args: []string{"signed-repo:green"},
|
|
|
|
|
notaryRepository: notary.GetLoadedWithNoSignersNotaryRepository,
|
|
|
|
|
golden: "trust-inspect-one-tag-no-signers.golden",
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
doc: "FullRepoWithSigners",
|
|
|
|
|
args: []string{"signed-repo"},
|
|
|
|
|
notaryRepository: notary.GetLoadedNotaryRepository,
|
|
|
|
|
golden: "trust-inspect-full-repo-with-signers.golden",
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
doc: "MultipleFullReposWithSigners",
|
|
|
|
|
args: []string{"signed-repo", "signed-repo"},
|
|
|
|
|
notaryRepository: notary.GetLoadedNotaryRepository,
|
|
|
|
|
golden: "trust-inspect-multiple-repos-with-signers.golden",
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
doc: "UnsignedTagInSignedRepo",
|
|
|
|
|
args: []string{"signed-repo:unsigned"},
|
|
|
|
|
notaryRepository: notary.GetLoadedNotaryRepository,
|
|
|
|
|
golden: "trust-inspect-unsigned-tag-with-signers.golden",
|
|
|
|
|
},
|
|
|
|
|
}
|
2017-11-16 13:09:57 -05:00
|
|
|
|
2018-08-08 13:50:00 -04:00
|
|
|
for _, tc := range testCases {
|
|
|
|
|
t.Run(tc.doc, func(t *testing.T) {
|
|
|
|
|
cli := test.NewFakeCli(&fakeClient{})
|
|
|
|
|
cli.SetNotaryClient(tc.notaryRepository)
|
|
|
|
|
cmd := newInspectCommand(cli)
|
|
|
|
|
cmd.SetArgs(tc.args)
|
|
|
|
|
assert.NilError(t, cmd.Execute())
|
|
|
|
|
golden.Assert(t, cli.OutBuffer().String(), tc.golden)
|
|
|
|
|
})
|
|
|
|
|
}
|
2017-11-15 14:50:33 -05:00
|
|
|
}
|
