github.com/containers/podman/v4@v4.9.4/pkg/bindings/test/auth_test.go

github.com/containers/podman/v4@v4.9.4/pkg/bindings/test/auth_test.go (about)

     1  package bindings_test
     2  
     3  import (
     4  	"os"
     5  	"time"
     6  
     7  	"github.com/containers/common/pkg/auth"
     8  	"github.com/containers/image/v5/types"
     9  	podmanRegistry "github.com/containers/podman/v4/hack/podman-registry-go"
    10  	"github.com/containers/podman/v4/pkg/bindings/images"
    11  	. "github.com/onsi/ginkgo/v2"
    12  	. "github.com/onsi/gomega"
    13  	"github.com/onsi/gomega/gexec"
    14  )
    15  
    16  var _ = Describe("Podman images", func() {
    17  	var (
    18  		registry *podmanRegistry.Registry
    19  		bt       *bindingTest
    20  		s        *gexec.Session
    21  		err      error
    22  	)
    23  
    24  	BeforeEach(func() {
    25  		registryOptions := &podmanRegistry.Options{
    26  			PodmanPath: getPodmanBinary(),
    27  		}
    28  
    29  		// Note: we need to start the registry **before** setting up
    30  		// the test. Otherwise, the registry is not reachable for
    31  		// currently unknown reasons.
    32  		registry, err = podmanRegistry.StartWithOptions(registryOptions)
    33  		Expect(err).ToNot(HaveOccurred())
    34  
    35  		bt = newBindingTest()
    36  		bt.RestoreImagesFromCache()
    37  		s = bt.startAPIService()
    38  		time.Sleep(1 * time.Second)
    39  		err := bt.NewConnection()
    40  		Expect(err).ToNot(HaveOccurred())
    41  	})
    42  
    43  	AfterEach(func() {
    44  		s.Kill()
    45  		bt.cleanup()
    46  		err := registry.Stop()
    47  		Expect(err).ToNot(HaveOccurred())
    48  	})
    49  
    50  	// Test using credentials.
    51  	It("tag + push + pull + search (with credentials)", func() {
    52  
    53  		imageRep := "localhost:" + registry.Port + "/test"
    54  		imageTag := "latest"
    55  		imageRef := imageRep + ":" + imageTag
    56  
    57  		// Tag the alpine image and verify it has worked.
    58  		err = images.Tag(bt.conn, alpine.shortName, imageTag, imageRep, nil)
    59  		Expect(err).ToNot(HaveOccurred())
    60  		_, err = images.GetImage(bt.conn, imageRef, nil)
    61  		Expect(err).ToNot(HaveOccurred())
    62  
    63  		// Now push the image.
    64  		pushOpts := new(images.PushOptions)
    65  		err = images.Push(bt.conn, imageRef, imageRef, pushOpts.WithUsername(registry.User).WithPassword(registry.Password).WithSkipTLSVerify(true))
    66  		Expect(err).ToNot(HaveOccurred())
    67  
    68  		// Now pull the image.
    69  		pullOpts := new(images.PullOptions)
    70  		_, err = images.Pull(bt.conn, imageRef, pullOpts.WithSkipTLSVerify(true).WithPassword(registry.Password).WithUsername(registry.User))
    71  		Expect(err).ToNot(HaveOccurred())
    72  
    73  		// Last, but not least, exercise search.
    74  		searchOptions := new(images.SearchOptions)
    75  		_, err = images.Search(bt.conn, imageRef, searchOptions.WithSkipTLSVerify(true).WithPassword(registry.Password).WithUsername(registry.User))
    76  		Expect(err).ToNot(HaveOccurred())
    77  	})
    78  
    79  	// Test using authfile.
    80  	It("tag + push + pull + search (with authfile)", func() {
    81  
    82  		imageRep := "localhost:" + registry.Port + "/test"
    83  		imageTag := "latest"
    84  		imageRef := imageRep + ":" + imageTag
    85  
    86  		// Create a temporary authentication file.
    87  		tmpFile, err := os.CreateTemp("", "auth.json.")
    88  		Expect(err).ToNot(HaveOccurred())
    89  		_, err = tmpFile.Write([]byte{'{', '}'})
    90  		Expect(err).ToNot(HaveOccurred())
    91  		err = tmpFile.Close()
    92  		Expect(err).ToNot(HaveOccurred())
    93  
    94  		authFilePath := tmpFile.Name()
    95  
    96  		// Now login to a) test the credentials and to b) store them in
    97  		// the authfile for later use.
    98  		sys := types.SystemContext{
    99  			AuthFilePath:                authFilePath,
   100  			DockerInsecureSkipTLSVerify: types.OptionalBoolTrue,
   101  		}
   102  		loginOptions := auth.LoginOptions{
   103  			Username: registry.User,
   104  			Password: registry.Password,
   105  			AuthFile: authFilePath,
   106  			Stdin:    os.Stdin,
   107  			Stdout:   os.Stdout,
   108  		}
   109  		err = auth.Login(bt.conn, &sys, &loginOptions, []string{imageRep})
   110  		Expect(err).ToNot(HaveOccurred())
   111  
   112  		// Tag the alpine image and verify it has worked.
   113  		err = images.Tag(bt.conn, alpine.shortName, imageTag, imageRep, nil)
   114  		Expect(err).ToNot(HaveOccurred())
   115  		_, err = images.GetImage(bt.conn, imageRef, nil)
   116  		Expect(err).ToNot(HaveOccurred())
   117  
   118  		// Now push the image.
   119  		pushOpts := new(images.PushOptions)
   120  		err = images.Push(bt.conn, imageRef, imageRef, pushOpts.WithAuthfile(authFilePath).WithSkipTLSVerify(true))
   121  		Expect(err).ToNot(HaveOccurred())
   122  
   123  		// Now pull the image.
   124  		pullOpts := new(images.PullOptions)
   125  		_, err = images.Pull(bt.conn, imageRef, pullOpts.WithAuthfile(authFilePath).WithSkipTLSVerify(true))
   126  		Expect(err).ToNot(HaveOccurred())
   127  
   128  		// Last, but not least, exercise search.
   129  		searchOptions := new(images.SearchOptions)
   130  		_, err = images.Search(bt.conn, imageRef, searchOptions.WithSkipTLSVerify(true).WithAuthfile(authFilePath))
   131  		Expect(err).ToNot(HaveOccurred())
   132  	})
   133  
   134  })