mirror of https://github.com/docker/cli.git
Merge pull request #685 from eiais/e2e
docker trust sign: add e2e testing
This commit is contained in:
commit
365c525fab
|
@ -1,13 +1,12 @@
|
||||||
package trust
|
package trust
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"bytes"
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
"os"
|
"os"
|
||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
"bytes"
|
|
||||||
|
|
||||||
"github.com/docker/cli/cli/config"
|
"github.com/docker/cli/cli/config"
|
||||||
"github.com/docker/cli/cli/trust"
|
"github.com/docker/cli/cli/trust"
|
||||||
"github.com/docker/cli/internal/test"
|
"github.com/docker/cli/internal/test"
|
||||||
|
|
|
@ -0,0 +1,17 @@
|
||||||
|
package trust
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"os"
|
||||||
|
"testing"
|
||||||
|
|
||||||
|
"github.com/docker/cli/internal/test/environment"
|
||||||
|
)
|
||||||
|
|
||||||
|
func TestMain(m *testing.M) {
|
||||||
|
if err := environment.Setup(); err != nil {
|
||||||
|
fmt.Println(err.Error())
|
||||||
|
os.Exit(3)
|
||||||
|
}
|
||||||
|
os.Exit(m.Run())
|
||||||
|
}
|
|
@ -0,0 +1,84 @@
|
||||||
|
package trust
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"os"
|
||||||
|
"testing"
|
||||||
|
|
||||||
|
"github.com/gotestyourself/gotestyourself/fs"
|
||||||
|
"github.com/gotestyourself/gotestyourself/icmd"
|
||||||
|
"github.com/stretchr/testify/assert"
|
||||||
|
)
|
||||||
|
|
||||||
|
const (
|
||||||
|
notaryURL = "https://notary-server:4443"
|
||||||
|
alpineImage = "registry:5000/alpine:3.6"
|
||||||
|
alpineSha = "641b95ddb2ea9dc2af1a0113b6b348ebc20872ba615204fbe12148e98fd6f23d"
|
||||||
|
busyboxImage = "registry:5000/busybox:1.27.2"
|
||||||
|
busyboxSha = "030fcb92e1487b18c974784dcc110a93147c9fc402188370fbfd17efabffc6af"
|
||||||
|
localImage = "registry:5000/signlocal:v1"
|
||||||
|
signImage = "registry:5000/sign:v1"
|
||||||
|
)
|
||||||
|
|
||||||
|
func TestSignLocalImage(t *testing.T) {
|
||||||
|
dir := setupConfigFile(t)
|
||||||
|
defer dir.Remove()
|
||||||
|
icmd.RunCmd(icmd.Command("docker", "pull", alpineImage)).Assert(t, icmd.Success)
|
||||||
|
icmd.RunCommand("docker", "tag", alpineImage, signImage).Assert(t, icmd.Success)
|
||||||
|
result := icmd.RunCmd(
|
||||||
|
icmd.Command("docker", "trust", "sign", signImage),
|
||||||
|
withTrustAndPassphrase("root_password", "repo_password", dir))
|
||||||
|
result.Assert(t, icmd.Success)
|
||||||
|
assert.Contains(t, result.Stdout(), fmt.Sprintf("v1: digest: sha256:%s", alpineSha))
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestSignWithLocalFlag(t *testing.T) {
|
||||||
|
dir := setupConfigFile(t)
|
||||||
|
defer dir.Remove()
|
||||||
|
setupTrustedImageForOverwrite(t, dir)
|
||||||
|
result := icmd.RunCmd(
|
||||||
|
icmd.Command("docker", "trust", "sign", "--local", localImage),
|
||||||
|
withTrustAndPassphrase("root_password", "repo_password", dir))
|
||||||
|
result.Assert(t, icmd.Success)
|
||||||
|
assert.Contains(t, result.Stdout(), fmt.Sprintf("v1: digest: sha256:%s", busyboxSha))
|
||||||
|
}
|
||||||
|
|
||||||
|
func withTrustAndPassphrase(rootPwd, repositoryPwd string, dir fs.Dir) func(cmd *icmd.Cmd) {
|
||||||
|
return func(cmd *icmd.Cmd) {
|
||||||
|
env := append(os.Environ(),
|
||||||
|
"DOCKER_CONTENT_TRUST_SERVER="+notaryURL,
|
||||||
|
"DOCKER_CONTENT_TRUST_ROOT_PASSPHRASE="+rootPwd,
|
||||||
|
"DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE="+repositoryPwd,
|
||||||
|
"DOCKER_CONFIG="+dir.Path(),
|
||||||
|
)
|
||||||
|
cmd.Env = append(cmd.Env, env...)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func setupConfigFile(t *testing.T) fs.Dir {
|
||||||
|
dir := fs.NewDir(t, "trust_test", fs.WithMode(0700), fs.WithFile("config.json", `
|
||||||
|
{
|
||||||
|
"auths": {
|
||||||
|
"registry:5000": {
|
||||||
|
"auth": "ZWlhaXM6cGFzc3dvcmQK"
|
||||||
|
},
|
||||||
|
"https://notary-server:4443": {
|
||||||
|
"auth": "ZWlhaXM6cGFzc3dvcmQK"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
`))
|
||||||
|
return *dir
|
||||||
|
}
|
||||||
|
|
||||||
|
func setupTrustedImageForOverwrite(t *testing.T, dir fs.Dir) {
|
||||||
|
icmd.RunCmd(icmd.Command("docker", "pull", alpineImage)).Assert(t, icmd.Success)
|
||||||
|
icmd.RunCommand("docker", "tag", alpineImage, localImage).Assert(t, icmd.Success)
|
||||||
|
result := icmd.RunCmd(
|
||||||
|
icmd.Command("docker", "-D", "trust", "sign", localImage),
|
||||||
|
withTrustAndPassphrase("root_password", "repo_password", dir))
|
||||||
|
result.Assert(t, icmd.Success)
|
||||||
|
assert.Contains(t, result.Stdout(), fmt.Sprintf("v1: digest: sha256:%s", alpineSha))
|
||||||
|
icmd.RunCommand("docker", "tag", busyboxImage, localImage).Assert(t, icmd.Success)
|
||||||
|
}
|
Loading…
Reference in New Issue