github.com/khulnasoft/cli@v0.0.0-20240402070845-01bcad7beefa/e2e/internal/fixtures/fixtures.go (about) 1 package fixtures 2 3 import ( 4 "fmt" 5 "os" 6 "testing" 7 8 "github.com/khulnasoft/cli/cli/config" 9 "gotest.tools/v3/fs" 10 "gotest.tools/v3/icmd" 11 ) 12 13 const ( 14 // NotaryURL is the location of the notary server 15 NotaryURL = "https://notary-server:4443" 16 // EvilNotaryURL is the location of the evil notary server 17 EvilNotaryURL = "https://evil-notary-server:4444" 18 // AlpineImage is an image in the test registry 19 AlpineImage = "registry:5000/alpine:frozen" 20 // AlpineSha is the sha of the alpine image 21 AlpineSha = "e2e16842c9b54d985bf1ef9242a313f36b856181f188de21313820e177002501" // #nosec G101 -- ignoring: Potential hardcoded credentials (gosec) 22 // BusyboxImage is an image in the test registry 23 BusyboxImage = "registry:5000/busybox:frozen" 24 // BusyboxSha is the sha of the busybox image 25 BusyboxSha = "030fcb92e1487b18c974784dcc110a93147c9fc402188370fbfd17efabffc6af" // #nosec G101 -- ignoring: Potential hardcoded credentials (gosec) 26 ) 27 28 // SetupConfigFile creates a config.json file for testing 29 func SetupConfigFile(t *testing.T) fs.Dir { 30 t.Helper() 31 return SetupConfigWithNotaryURL(t, "trust_test", NotaryURL) 32 } 33 34 // SetupConfigWithNotaryURL creates a config.json file for testing in the given path 35 // with the given notaryURL 36 func SetupConfigWithNotaryURL(t *testing.T, path, notaryURL string) fs.Dir { 37 t.Helper() 38 dir := fs.NewDir(t, path, fs.WithMode(0o700), fs.WithFile("config.json", fmt.Sprintf(` 39 { 40 "auths": { 41 "registry:5000": { 42 "auth": "ZWlhaXM6cGFzc3dvcmQK" 43 }, 44 "%s": { 45 "auth": "ZWlhaXM6cGFzc3dvcmQK" 46 } 47 }, 48 "experimental": "enabled" 49 } 50 `, notaryURL)), fs.WithDir("trust", fs.WithDir("private"))) 51 return *dir 52 } 53 54 // WithConfig sets an environment variable for the docker config location 55 func WithConfig(dir string) func(cmd *icmd.Cmd) { 56 return func(cmd *icmd.Cmd) { 57 addEnvs(cmd, config.EnvOverrideConfigDir+"="+dir) 58 } 59 } 60 61 // WithPassphrase sets environment variables for passphrases 62 func WithPassphrase(rootPwd, repositoryPwd string) func(cmd *icmd.Cmd) { 63 return func(cmd *icmd.Cmd) { 64 addEnvs(cmd, 65 "DOCKER_CONTENT_TRUST_ROOT_PASSPHRASE="+rootPwd, 66 "DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE="+repositoryPwd, 67 ) 68 } 69 } 70 71 // WithTrust sets DOCKER_CONTENT_TRUST to 1 72 func WithTrust(cmd *icmd.Cmd) { 73 addEnvs(cmd, "DOCKER_CONTENT_TRUST=1") 74 } 75 76 // WithNotary sets the location of the notary server 77 func WithNotary(cmd *icmd.Cmd) { 78 addEnvs(cmd, "DOCKER_CONTENT_TRUST_SERVER="+NotaryURL) 79 } 80 81 // WithHome sets the HOME environment variable 82 func WithHome(path string) func(*icmd.Cmd) { 83 return func(cmd *icmd.Cmd) { 84 addEnvs(cmd, "HOME="+path) 85 } 86 } 87 88 // WithNotaryServer sets the location of the notary server 89 func WithNotaryServer(notaryURL string) func(*icmd.Cmd) { 90 return func(cmd *icmd.Cmd) { 91 addEnvs(cmd, "DOCKER_CONTENT_TRUST_SERVER="+notaryURL) 92 } 93 } 94 95 // CreateMaskedTrustedRemoteImage creates a remote image that is signed with 96 // content trust, then pushes a different untrusted image at the same tag. 97 func CreateMaskedTrustedRemoteImage(t *testing.T, registryPrefix, repo, tag string) string { 98 t.Helper() 99 image := createTrustedRemoteImage(t, registryPrefix, repo, tag) 100 createNamedUnsignedImageFromBusyBox(t, image) 101 return image 102 } 103 104 func createTrustedRemoteImage(t *testing.T, registryPrefix, repo, tag string) string { 105 t.Helper() 106 image := fmt.Sprintf("%s/%s:%s", registryPrefix, repo, tag) 107 icmd.RunCommand("docker", "image", "pull", AlpineImage).Assert(t, icmd.Success) 108 icmd.RunCommand("docker", "image", "tag", AlpineImage, image).Assert(t, icmd.Success) 109 result := icmd.RunCmd( 110 icmd.Command("docker", "image", "push", image), 111 WithPassphrase("root_password", "repo_password"), WithTrust, WithNotary) 112 result.Assert(t, icmd.Success) 113 icmd.RunCommand("docker", "image", "rm", image).Assert(t, icmd.Success) 114 return image 115 } 116 117 func createNamedUnsignedImageFromBusyBox(t *testing.T, image string) { 118 t.Helper() 119 icmd.RunCommand("docker", "image", "pull", BusyboxImage).Assert(t, icmd.Success) 120 icmd.RunCommand("docker", "image", "tag", BusyboxImage, image).Assert(t, icmd.Success) 121 icmd.RunCommand("docker", "image", "push", image).Assert(t, icmd.Success) 122 icmd.RunCommand("docker", "image", "rm", image).Assert(t, icmd.Success) 123 } 124 125 // addEnvs adds environment variables to cmd, making sure to preserve the 126 // current os.Environ(), which would otherwise be omitted (for non-empty .Env). 127 func addEnvs(cmd *icmd.Cmd, envs ...string) { 128 if len(cmd.Env) == 0 { 129 cmd.Env = os.Environ() 130 } 131 cmd.Env = append(cmd.Env, envs...) 132 }