github.com/containers/libpod@v1.9.4-0.20220419124438-4284fd425507/test/e2e/login_logout_test.go (about) 1 // +build !remoteclient 2 3 package integration 4 5 import ( 6 "encoding/json" 7 "fmt" 8 "io/ioutil" 9 "os" 10 "path/filepath" 11 "strconv" 12 "strings" 13 14 . "github.com/containers/libpod/test/utils" 15 . "github.com/onsi/ginkgo" 16 "github.com/onsi/ginkgo/config" 17 . "github.com/onsi/gomega" 18 ) 19 20 var _ = Describe("Podman login and logout", func() { 21 var ( 22 tempdir string 23 err error 24 podmanTest *PodmanTestIntegration 25 authPath string 26 certPath string 27 certDirPath string 28 port int 29 server string 30 testImg string 31 registriesConfWithSearch []byte 32 ) 33 34 BeforeEach(func() { 35 tempdir, err = CreateTempDirInTempDir() 36 if err != nil { 37 os.Exit(1) 38 } 39 podmanTest = PodmanTestCreate(tempdir) 40 podmanTest.RestoreAllArtifacts() 41 42 authPath = filepath.Join(podmanTest.TempDir, "auth") 43 os.Mkdir(authPath, os.ModePerm) 44 45 if IsCommandAvailable("getenforce") { 46 ge := SystemExec("getenforce", []string{}) 47 ge.WaitWithDefaultTimeout() 48 if ge.OutputToString() == "Enforcing" { 49 se := SystemExec("setenforce", []string{"0"}) 50 se.WaitWithDefaultTimeout() 51 if se.ExitCode() != 0 { 52 Skip("Can not disable selinux, this may cause problem for reading cert files inside container.") 53 } 54 defer SystemExec("setenforce", []string{"1"}) 55 } 56 } 57 58 session := podmanTest.Podman([]string{"run", "--entrypoint", "htpasswd", "registry:2.6", "-Bbn", "podmantest", "test"}) 59 session.WaitWithDefaultTimeout() 60 Expect(session.ExitCode()).To(Equal(0)) 61 62 f, _ := os.Create(filepath.Join(authPath, "htpasswd")) 63 defer f.Close() 64 65 f.WriteString(session.OutputToString()) 66 f.Sync() 67 port = 4999 + config.GinkgoConfig.ParallelNode 68 server = strings.Join([]string{"localhost", strconv.Itoa(port)}, ":") 69 70 registriesConfWithSearch = []byte(fmt.Sprintf("[registries.search]\nregistries = ['%s']", server)) 71 72 testImg = strings.Join([]string{server, "test-apline"}, "/") 73 74 certDirPath = filepath.Join(os.Getenv("HOME"), ".config/containers/certs.d", server) 75 os.MkdirAll(certDirPath, os.ModePerm) 76 cwd, _ := os.Getwd() 77 certPath = filepath.Join(cwd, "../", "certs") 78 79 setup := SystemExec("cp", []string{filepath.Join(certPath, "domain.crt"), filepath.Join(certDirPath, "ca.crt")}) 80 setup.WaitWithDefaultTimeout() 81 82 session = podmanTest.Podman([]string{"run", "-d", "-p", strings.Join([]string{strconv.Itoa(port), strconv.Itoa(port)}, ":"), 83 "-e", strings.Join([]string{"REGISTRY_HTTP_ADDR=0.0.0.0", strconv.Itoa(port)}, ":"), "--name", "registry", "-v", 84 strings.Join([]string{authPath, "/auth"}, ":"), "-e", "REGISTRY_AUTH=htpasswd", "-e", 85 "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm", "-e", "REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd", 86 "-v", strings.Join([]string{certPath, "/certs"}, ":"), "-e", "REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt", 87 "-e", "REGISTRY_HTTP_TLS_KEY=/certs/domain.key", "registry:2.6"}) 88 session.WaitWithDefaultTimeout() 89 Expect(session.ExitCode()).To(Equal(0)) 90 91 if !WaitContainerReady(podmanTest, "registry", "listening on", 20, 1) { 92 Skip("Can not start docker registry.") 93 } 94 }) 95 96 AfterEach(func() { 97 podmanTest.Cleanup() 98 os.RemoveAll(authPath) 99 os.RemoveAll(certDirPath) 100 }) 101 102 It("podman login and logout", func() { 103 session := podmanTest.Podman([]string{"login", "-u", "podmantest", "-p", "test", server}) 104 session.WaitWithDefaultTimeout() 105 Expect(session.ExitCode()).To(Equal(0)) 106 107 session = podmanTest.Podman([]string{"push", ALPINE, testImg}) 108 session.WaitWithDefaultTimeout() 109 Expect(session.ExitCode()).To(Equal(0)) 110 111 session = podmanTest.Podman([]string{"logout", server}) 112 session.WaitWithDefaultTimeout() 113 Expect(session.ExitCode()).To(Equal(0)) 114 115 session = podmanTest.Podman([]string{"push", ALPINE, testImg}) 116 session.WaitWithDefaultTimeout() 117 Expect(session).To(ExitWithError()) 118 }) 119 120 It("podman login and logout without registry parameter", func() { 121 SkipIfRootless() 122 123 registriesConf, err := ioutil.TempFile("", "TestLoginWithoutParameter") 124 Expect(err).To(BeNil()) 125 defer registriesConf.Close() 126 defer os.Remove(registriesConf.Name()) 127 128 err = ioutil.WriteFile(registriesConf.Name(), []byte(registriesConfWithSearch), os.ModePerm) 129 Expect(err).To(BeNil()) 130 131 // Environment is per-process, so this looks very unsafe; actually it seems fine because tests are not 132 // run in parallel unless they opt in by calling t.Parallel(). So don’t do that. 133 oldRCP, hasRCP := os.LookupEnv("REGISTRIES_CONFIG_PATH") 134 defer func() { 135 if hasRCP { 136 os.Setenv("REGISTRIES_CONFIG_PATH", oldRCP) 137 } else { 138 os.Unsetenv("REGISTRIES_CONFIG_PATH") 139 } 140 }() 141 os.Setenv("REGISTRIES_CONFIG_PATH", registriesConf.Name()) 142 143 session := podmanTest.Podman([]string{"login", "-u", "podmantest", "-p", "test"}) 144 session.WaitWithDefaultTimeout() 145 Expect(session.ExitCode()).To((Equal(0))) 146 147 session = podmanTest.Podman([]string{"logout"}) 148 session.WaitWithDefaultTimeout() 149 Expect(session.ExitCode()).To(Equal(0)) 150 }) 151 152 It("podman login and logout with flag --authfile", func() { 153 authFile := filepath.Join(podmanTest.TempDir, "auth.json") 154 session := podmanTest.Podman([]string{"login", "--username", "podmantest", "--password", "test", "--authfile", authFile, server}) 155 session.WaitWithDefaultTimeout() 156 Expect(session.ExitCode()).To(Equal(0)) 157 158 authInfo, _ := ioutil.ReadFile(authFile) 159 var info map[string]interface{} 160 json.Unmarshal(authInfo, &info) 161 fmt.Println(info) 162 163 // push should fail with nonexist authfile 164 session = podmanTest.Podman([]string{"push", "--authfile", "/tmp/nonexist", ALPINE, testImg}) 165 session.WaitWithDefaultTimeout() 166 Expect(session.ExitCode()).To(Not(Equal(0))) 167 168 session = podmanTest.Podman([]string{"push", "--authfile", authFile, ALPINE, testImg}) 169 session.WaitWithDefaultTimeout() 170 Expect(session.ExitCode()).To(Equal(0)) 171 172 session = podmanTest.Podman([]string{"run", "--authfile", authFile, testImg}) 173 session.WaitWithDefaultTimeout() 174 Expect(session.ExitCode()).To(Equal(0)) 175 176 // logout should fail with nonexist authfile 177 session = podmanTest.Podman([]string{"logout", "--authfile", "/tmp/nonexist", server}) 178 session.WaitWithDefaultTimeout() 179 Expect(session.ExitCode()).To(Not(Equal(0))) 180 181 session = podmanTest.Podman([]string{"logout", "--authfile", authFile, server}) 182 }) 183 184 It("podman login and logout with --tls-verify", func() { 185 session := podmanTest.Podman([]string{"login", "--username", "podmantest", "--password", "test", "--tls-verify=false", server}) 186 session.WaitWithDefaultTimeout() 187 Expect(session.ExitCode()).To(Equal(0)) 188 189 session = podmanTest.Podman([]string{"push", ALPINE, testImg}) 190 session.WaitWithDefaultTimeout() 191 Expect(session.ExitCode()).To(Equal(0)) 192 193 session = podmanTest.Podman([]string{"logout", server}) 194 session.WaitWithDefaultTimeout() 195 Expect(session.ExitCode()).To(Equal(0)) 196 }) 197 It("podman login and logout with --cert-dir", func() { 198 certDir := filepath.Join(podmanTest.TempDir, "certs") 199 os.MkdirAll(certDir, os.ModePerm) 200 201 setup := SystemExec("cp", []string{filepath.Join(certPath, "domain.crt"), filepath.Join(certDir, "ca.crt")}) 202 setup.WaitWithDefaultTimeout() 203 204 session := podmanTest.Podman([]string{"login", "--username", "podmantest", "--password", "test", "--cert-dir", certDir, server}) 205 session.WaitWithDefaultTimeout() 206 Expect(session.ExitCode()).To(Equal(0)) 207 208 session = podmanTest.Podman([]string{"push", "--cert-dir", certDir, ALPINE, testImg}) 209 session.WaitWithDefaultTimeout() 210 Expect(session.ExitCode()).To(Equal(0)) 211 212 session = podmanTest.Podman([]string{"logout", server}) 213 session.WaitWithDefaultTimeout() 214 Expect(session.ExitCode()).To(Equal(0)) 215 }) 216 It("podman login and logout with multi registry", func() { 217 certDir := filepath.Join(os.Getenv("HOME"), ".config/containers/certs.d", "localhost:9001") 218 os.MkdirAll(certDir, os.ModePerm) 219 220 cwd, _ := os.Getwd() 221 certPath = filepath.Join(cwd, "../", "certs") 222 223 setup := SystemExec("cp", []string{filepath.Join(certPath, "domain.crt"), filepath.Join(certDir, "ca.crt")}) 224 setup.WaitWithDefaultTimeout() 225 defer os.RemoveAll(certDir) 226 227 session := podmanTest.Podman([]string{"run", "-d", "-p", "9001:9001", "-e", "REGISTRY_HTTP_ADDR=0.0.0.0:9001", "--name", "registry1", "-v", 228 strings.Join([]string{authPath, "/auth"}, ":"), "-e", "REGISTRY_AUTH=htpasswd", "-e", 229 "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm", "-e", "REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd", 230 "-v", strings.Join([]string{certPath, "/certs"}, ":"), "-e", "REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt", 231 "-e", "REGISTRY_HTTP_TLS_KEY=/certs/domain.key", "registry:2.6"}) 232 session.WaitWithDefaultTimeout() 233 Expect(session.ExitCode()).To(Equal(0)) 234 235 if !WaitContainerReady(podmanTest, "registry1", "listening on", 20, 1) { 236 Skip("Can not start docker registry.") 237 } 238 239 session = podmanTest.Podman([]string{"login", "--username", "podmantest", "--password", "test", server}) 240 session.WaitWithDefaultTimeout() 241 Expect(session.ExitCode()).To(Equal(0)) 242 243 session = podmanTest.Podman([]string{"push", ALPINE, testImg}) 244 session.WaitWithDefaultTimeout() 245 Expect(session.ExitCode()).To(Equal(0)) 246 247 session = podmanTest.Podman([]string{"push", ALPINE, "localhost:9001/test-alpine"}) 248 session.WaitWithDefaultTimeout() 249 Expect(session).To(ExitWithError()) 250 251 session = podmanTest.Podman([]string{"login", "--username", "podmantest", "--password", "test", "localhost:9001"}) 252 session.WaitWithDefaultTimeout() 253 Expect(session.ExitCode()).To(Equal(0)) 254 255 session = podmanTest.Podman([]string{"push", ALPINE, testImg}) 256 session.WaitWithDefaultTimeout() 257 Expect(session.ExitCode()).To(Equal(0)) 258 259 session = podmanTest.Podman([]string{"push", ALPINE, "localhost:9001/test-alpine"}) 260 session.WaitWithDefaultTimeout() 261 Expect(session.ExitCode()).To(Equal(0)) 262 263 session = podmanTest.Podman([]string{"logout", server}) 264 session.WaitWithDefaultTimeout() 265 Expect(session.ExitCode()).To(Equal(0)) 266 267 session = podmanTest.Podman([]string{"push", ALPINE, testImg}) 268 session.WaitWithDefaultTimeout() 269 Expect(session).To(ExitWithError()) 270 271 session = podmanTest.Podman([]string{"push", ALPINE, "localhost:9001/test-alpine"}) 272 session.WaitWithDefaultTimeout() 273 Expect(session.ExitCode()).To(Equal(0)) 274 275 session = podmanTest.Podman([]string{"login", "--username", "podmantest", "--password", "test", "localhost:9001"}) 276 session.WaitWithDefaultTimeout() 277 Expect(session.ExitCode()).To(Equal(0)) 278 279 session = podmanTest.Podman([]string{"logout", "-a"}) 280 session.WaitWithDefaultTimeout() 281 Expect(session.ExitCode()).To(Equal(0)) 282 283 session = podmanTest.Podman([]string{"push", ALPINE, testImg}) 284 session.WaitWithDefaultTimeout() 285 Expect(session).To(ExitWithError()) 286 287 session = podmanTest.Podman([]string{"push", ALPINE, "localhost:9001/test-alpine"}) 288 session.WaitWithDefaultTimeout() 289 Expect(session).To(ExitWithError()) 290 }) 291 })