github.com/kaisenlinux/docker.io@v0.0.0-20230510090727-ea55db55fac7/cli/e2e/internal/fixtures/fixtures.go

github.com/kaisenlinux/docker.io@v0.0.0-20230510090727-ea55db55fac7/cli/e2e/internal/fixtures/fixtures.go (about)

     1  package fixtures
     2  
     3  import (
     4  	"fmt"
     5  	"os"
     6  	"testing"
     7  
     8  	"gotest.tools/v3/fs"
     9  	"gotest.tools/v3/icmd"
    10  )
    11  
    12  const (
    13  	// NotaryURL is the location of the notary server
    14  	NotaryURL = "https://notary-server:4443"
    15  	// EvilNotaryURL is the location of the evil notary server
    16  	EvilNotaryURL = "https://evil-notary-server:4444"
    17  	// AlpineImage is an image in the test registry
    18  	AlpineImage = "registry:5000/alpine:3.6"
    19  	// AlpineSha is the sha of the alpine image
    20  	AlpineSha = "641b95ddb2ea9dc2af1a0113b6b348ebc20872ba615204fbe12148e98fd6f23d"
    21  	// BusyboxImage is an image in the test registry
    22  	BusyboxImage = "registry:5000/busybox:1.27.2"
    23  	// BusyboxSha is the sha of the busybox image
    24  	BusyboxSha = "030fcb92e1487b18c974784dcc110a93147c9fc402188370fbfd17efabffc6af"
    25  )
    26  
    27  // SetupConfigFile creates a config.json file for testing
    28  func SetupConfigFile(t *testing.T) fs.Dir {
    29  	t.Helper()
    30  	return SetupConfigWithNotaryURL(t, "trust_test", NotaryURL)
    31  }
    32  
    33  // SetupConfigWithNotaryURL creates a config.json file for testing in the given path
    34  // with the given notaryURL
    35  func SetupConfigWithNotaryURL(t *testing.T, path, notaryURL string) fs.Dir {
    36  	t.Helper()
    37  	dir := fs.NewDir(t, path, fs.WithMode(0700), fs.WithFile("config.json", fmt.Sprintf(`
    38  	{
    39  		"auths": {
    40  			"registry:5000": {
    41  				"auth": "ZWlhaXM6cGFzc3dvcmQK"
    42  			},
    43  			"%s": {
    44  				"auth": "ZWlhaXM6cGFzc3dvcmQK"
    45  			}
    46  		},
    47  		"experimental": "enabled"
    48  	}
    49  	`, notaryURL)), fs.WithDir("trust", fs.WithDir("private")))
    50  	return *dir
    51  }
    52  
    53  // WithConfig sets an environment variable for the docker config location
    54  func WithConfig(dir string) func(cmd *icmd.Cmd) {
    55  	return func(cmd *icmd.Cmd) {
    56  		env := append(os.Environ(),
    57  			"DOCKER_CONFIG="+dir,
    58  		)
    59  		cmd.Env = append(cmd.Env, env...)
    60  	}
    61  }
    62  
    63  // WithPassphrase sets environment variables for passphrases
    64  func WithPassphrase(rootPwd, repositoryPwd string) func(cmd *icmd.Cmd) {
    65  	return func(cmd *icmd.Cmd) {
    66  		env := append(os.Environ(),
    67  			"DOCKER_CONTENT_TRUST_ROOT_PASSPHRASE="+rootPwd,
    68  			"DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE="+repositoryPwd,
    69  		)
    70  		cmd.Env = append(cmd.Env, env...)
    71  	}
    72  }
    73  
    74  // WithTrust sets DOCKER_CONTENT_TRUST to 1
    75  func WithTrust(cmd *icmd.Cmd) {
    76  	env := append(os.Environ(),
    77  		"DOCKER_CONTENT_TRUST=1",
    78  	)
    79  	cmd.Env = append(cmd.Env, env...)
    80  }
    81  
    82  // WithNotary sets the location of the notary server
    83  func WithNotary(cmd *icmd.Cmd) {
    84  	env := append(os.Environ(),
    85  		"DOCKER_CONTENT_TRUST_SERVER="+NotaryURL,
    86  	)
    87  	cmd.Env = append(cmd.Env, env...)
    88  }
    89  
    90  // WithHome sets the HOME environment variable
    91  func WithHome(path string) func(*icmd.Cmd) {
    92  	return func(cmd *icmd.Cmd) {
    93  		cmd.Env = append(cmd.Env, "HOME="+path)
    94  	}
    95  }
    96  
    97  // WithNotaryServer sets the location of the notary server
    98  func WithNotaryServer(notaryURL string) func(*icmd.Cmd) {
    99  	return func(cmd *icmd.Cmd) {
   100  		env := append(os.Environ(),
   101  			"DOCKER_CONTENT_TRUST_SERVER="+notaryURL,
   102  		)
   103  		cmd.Env = append(cmd.Env, env...)
   104  	}
   105  }
   106  
   107  // CreateMaskedTrustedRemoteImage creates a remote image that is signed with
   108  // content trust, then pushes a different untrusted image at the same tag.
   109  func CreateMaskedTrustedRemoteImage(t *testing.T, registryPrefix, repo, tag string) string {
   110  	t.Helper()
   111  	image := createTrustedRemoteImage(t, registryPrefix, repo, tag)
   112  	createNamedUnsignedImageFromBusyBox(t, image)
   113  	return image
   114  }
   115  
   116  func createTrustedRemoteImage(t *testing.T, registryPrefix, repo, tag string) string {
   117  	t.Helper()
   118  	image := fmt.Sprintf("%s/%s:%s", registryPrefix, repo, tag)
   119  	icmd.RunCommand("docker", "image", "pull", AlpineImage).Assert(t, icmd.Success)
   120  	icmd.RunCommand("docker", "image", "tag", AlpineImage, image).Assert(t, icmd.Success)
   121  	result := icmd.RunCmd(
   122  		icmd.Command("docker", "image", "push", image),
   123  		WithPassphrase("root_password", "repo_password"), WithTrust, WithNotary)
   124  	result.Assert(t, icmd.Success)
   125  	icmd.RunCommand("docker", "image", "rm", image).Assert(t, icmd.Success)
   126  	return image
   127  }
   128  
   129  func createNamedUnsignedImageFromBusyBox(t *testing.T, image string) {
   130  	t.Helper()
   131  	icmd.RunCommand("docker", "image", "pull", BusyboxImage).Assert(t, icmd.Success)
   132  	icmd.RunCommand("docker", "image", "tag", BusyboxImage, image).Assert(t, icmd.Success)
   133  	icmd.RunCommand("docker", "image", "push", image).Assert(t, icmd.Success)
   134  	icmd.RunCommand("docker", "image", "rm", image).Assert(t, icmd.Success)
   135  }