github.com/containerd/nerdctl@v1.7.7/cmd/nerdctl/login_linux_test.go (about) 1 /* 2 Copyright The containerd Authors. 3 4 Licensed under the Apache License, Version 2.0 (the "License"); 5 you may not use this file except in compliance with the License. 6 You may obtain a copy of the License at 7 8 http://www.apache.org/licenses/LICENSE-2.0 9 10 Unless required by applicable law or agreed to in writing, software 11 distributed under the License is distributed on an "AS IS" BASIS, 12 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 See the License for the specific language governing permissions and 14 limitations under the License. 15 */ 16 17 package main 18 19 import ( 20 "fmt" 21 "net" 22 "path" 23 "strconv" 24 "testing" 25 26 "github.com/containerd/nerdctl/pkg/testutil" 27 "github.com/containerd/nerdctl/pkg/testutil/testregistry" 28 ) 29 30 func TestLogin(t *testing.T) { 31 // Skip docker, because Docker doesn't have `--hosts-dir` option, and we don't want to contaminate the global /etc/docker/certs.d during this test 32 testutil.DockerIncompatible(t) 33 34 base := testutil.NewBase(t) 35 reg := testregistry.NewHTTPS(base, "admin", "validTestPassword") 36 defer reg.Cleanup() 37 38 regHost := net.JoinHostPort(reg.IP.String(), strconv.Itoa(reg.ListenPort)) 39 40 t.Logf("Good password") 41 base.Cmd("--debug-full", "--hosts-dir", reg.HostsDir, "login", "-u", "admin", "-p", "validTestPassword", regHost).AssertOK() 42 43 t.Logf("Bad password") 44 base.Cmd("--debug-full", "--hosts-dir", reg.HostsDir, "login", "-u", "admin", "-p", "invalidTestPassword", regHost).AssertFail() 45 } 46 47 func TestLoginWithSpecificRegHosts(t *testing.T) { 48 // Skip docker, because Docker doesn't have `--hosts-dir` option, and we don't want to contaminate the global /etc/docker/certs.d during this test 49 testutil.DockerIncompatible(t) 50 51 base := testutil.NewBase(t) 52 reg := testregistry.NewHTTPS(base, "admin", "validTestPassword") 53 defer reg.Cleanup() 54 55 regHost := net.JoinHostPort(reg.IP.String(), strconv.Itoa(reg.ListenPort)) 56 57 t.Logf("Prepare regHost URL with path and Scheme") 58 59 type testCase struct { 60 url string 61 log string 62 } 63 testCases := []testCase{ 64 { 65 url: "https://" + path.Join(regHost, "test"), 66 log: "Login with repository containing path and scheme in the URL", 67 }, 68 { 69 url: path.Join(regHost, "test"), 70 log: "Login with repository containing path and without scheme in the URL", 71 }, 72 } 73 for _, tc := range testCases { 74 t.Log(tc.log) 75 base.Cmd("--debug-full", "--hosts-dir", reg.HostsDir, "login", "-u", "admin", "-p", "validTestPassword", tc.url).AssertOK() 76 } 77 78 } 79 80 func TestLoginWithPlainHttp(t *testing.T) { 81 testutil.DockerIncompatible(t) 82 base := testutil.NewBase(t) 83 reg5000 := testregistry.NewAuthWithHTTP(base, "admin", "validTestPassword", 5000, 5001) 84 reg80 := testregistry.NewAuthWithHTTP(base, "admin", "validTestPassword", 80, 5002) 85 defer reg5000.Cleanup() 86 defer reg80.Cleanup() 87 testCasesForPort5000 := []struct { 88 regHost string 89 regPort int 90 useRegPort bool 91 username string 92 password string 93 shouldSuccess bool 94 registry *testregistry.TestRegistry 95 shouldUseInSecure bool 96 }{ 97 { 98 regHost: "127.0.0.1", 99 regPort: 5000, 100 useRegPort: true, 101 username: "admin", 102 password: "validTestPassword", 103 shouldSuccess: true, 104 registry: reg5000, 105 shouldUseInSecure: true, 106 }, 107 { 108 regHost: "127.0.0.1", 109 regPort: 5000, 110 useRegPort: true, 111 username: "admin", 112 password: "invalidTestPassword", 113 shouldSuccess: false, 114 registry: reg5000, 115 shouldUseInSecure: true, 116 }, 117 { 118 regHost: "127.0.0.1", 119 regPort: 5000, 120 useRegPort: true, 121 username: "admin", 122 password: "validTestPassword", 123 // Following the merging of the below, any localhost/loopback registries will 124 // get automatically downgraded to HTTP so this will still succceed: 125 // https://github.com/containerd/containerd/pull/7393 126 shouldSuccess: true, 127 registry: reg5000, 128 shouldUseInSecure: false, 129 }, 130 { 131 regHost: "127.0.0.1", 132 regPort: 80, 133 useRegPort: false, 134 username: "admin", 135 password: "validTestPassword", 136 shouldSuccess: true, 137 registry: reg80, 138 shouldUseInSecure: true, 139 }, 140 { 141 regHost: "127.0.0.1", 142 regPort: 80, 143 useRegPort: false, 144 username: "admin", 145 password: "invalidTestPassword", 146 shouldSuccess: false, 147 registry: reg80, 148 shouldUseInSecure: true, 149 }, 150 { 151 regHost: "127.0.0.1", 152 regPort: 80, 153 useRegPort: false, 154 username: "admin", 155 password: "validTestPassword", 156 // Following the merging of the below, any localhost/loopback registries will 157 // get automatically downgraded to HTTP so this will still succceed: 158 // https://github.com/containerd/containerd/pull/7393 159 shouldSuccess: true, 160 registry: reg80, 161 shouldUseInSecure: false, 162 }, 163 } 164 for _, tc := range testCasesForPort5000 { 165 tcName := fmt.Sprintf("%+v", tc) 166 t.Run(tcName, func(t *testing.T) { 167 regHost := tc.regHost 168 if tc.useRegPort { 169 regHost = fmt.Sprintf("%s:%d", regHost, tc.regPort) 170 } 171 if tc.shouldSuccess { 172 t.Logf("Good password") 173 } else { 174 t.Logf("Bad password") 175 } 176 var args []string 177 if tc.shouldUseInSecure { 178 args = append(args, "--insecure-registry") 179 } 180 args = append(args, []string{ 181 "--debug-full", "--hosts-dir", tc.registry.HostsDir, "login", "-u", tc.username, "-p", tc.password, regHost, 182 }...) 183 cmd := base.Cmd(args...) 184 if tc.shouldSuccess { 185 cmd.AssertOK() 186 } else { 187 cmd.AssertFail() 188 } 189 }) 190 } 191 }