github.com/khulnasoft/cli@v0.0.0-20240402070845-01bcad7beefa/e2e/plugin/trust_test.go (about) 1 package plugin 2 3 import ( 4 "encoding/json" 5 "fmt" 6 "os" 7 "os/exec" 8 "path/filepath" 9 "testing" 10 11 "github.com/docker/docker/api/types" 12 "github.com/docker/docker/api/types/versions" 13 "github.com/khulnasoft/cli/e2e/internal/fixtures" 14 "github.com/khulnasoft/cli/internal/test/environment" 15 "github.com/pkg/errors" 16 "gotest.tools/v3/assert" 17 "gotest.tools/v3/fs" 18 "gotest.tools/v3/icmd" 19 "gotest.tools/v3/skip" 20 ) 21 22 const registryPrefix = "registry:5000" 23 24 func TestInstallWithContentTrust(t *testing.T) { 25 // TODO(krissetto): remove this skip once the fix (see https://github.com/moby/moby/pull/47299) is deployed to moby versions < 25 26 skip.If(t, versions.LessThan(environment.DaemonAPIVersion(t), "1.44")) 27 skip.If(t, environment.SkipPluginTests()) 28 29 pluginName := fmt.Sprintf("%s/plugin-content-trust", registryPrefix) 30 31 dir := fixtures.SetupConfigFile(t) 32 defer dir.Remove() 33 34 pluginDir := preparePluginDir(t) 35 defer pluginDir.Remove() 36 37 icmd.RunCommand("docker", "plugin", "create", pluginName, pluginDir.Path()).Assert(t, icmd.Success) 38 result := icmd.RunCmd(icmd.Command("docker", "plugin", "push", pluginName), 39 fixtures.WithConfig(dir.Path()), 40 fixtures.WithTrust, 41 fixtures.WithNotary, 42 fixtures.WithPassphrase("foo", "bar"), 43 ) 44 result.Assert(t, icmd.Expected{ 45 Out: "Signing and pushing trust metadata", 46 }) 47 48 icmd.RunCommand("docker", "plugin", "rm", "-f", pluginName).Assert(t, icmd.Success) 49 50 result = icmd.RunCmd(icmd.Command("docker", "plugin", "install", "--grant-all-permissions", pluginName), 51 fixtures.WithConfig(dir.Path()), 52 fixtures.WithTrust, 53 fixtures.WithNotary, 54 ) 55 result.Assert(t, icmd.Expected{ 56 Out: fmt.Sprintf("Installed plugin %s", pluginName), 57 }) 58 } 59 60 func TestInstallWithContentTrustUntrusted(t *testing.T) { 61 skip.If(t, environment.SkipPluginTests()) 62 63 dir := fixtures.SetupConfigFile(t) 64 defer dir.Remove() 65 66 result := icmd.RunCmd(icmd.Command("docker", "plugin", "install", "--grant-all-permissions", "tiborvass/sample-volume-plugin:latest"), 67 fixtures.WithConfig(dir.Path()), 68 fixtures.WithTrust, 69 fixtures.WithNotary, 70 ) 71 result.Assert(t, icmd.Expected{ 72 ExitCode: 1, 73 Err: "Error: remote trust data does not exist", 74 }) 75 } 76 77 func preparePluginDir(t *testing.T) *fs.Dir { 78 t.Helper() 79 p := &types.PluginConfig{ 80 Interface: types.PluginConfigInterface{ 81 Socket: "basic.sock", 82 Types: []types.PluginInterfaceType{{Capability: "docker.dummy/1.0"}}, 83 }, 84 Entrypoint: []string{"/basic"}, 85 } 86 configJSON, err := json.Marshal(p) 87 assert.NilError(t, err) 88 89 binPath, err := ensureBasicPluginBin() 90 assert.NilError(t, err) 91 92 dir := fs.NewDir(t, "plugin_test", 93 fs.WithFile("config.json", string(configJSON), fs.WithMode(0o644)), 94 fs.WithDir("rootfs", fs.WithMode(0o755)), 95 ) 96 icmd.RunCommand("/bin/cp", binPath, dir.Join("rootfs", p.Entrypoint[0])).Assert(t, icmd.Success) 97 return dir 98 } 99 100 func ensureBasicPluginBin() (string, error) { 101 name := "docker-basic-plugin" 102 p, err := exec.LookPath(name) 103 if err == nil { 104 return p, nil 105 } 106 107 goBin, err := exec.LookPath("/usr/local/go/bin/go") 108 if err != nil { 109 return "", err 110 } 111 installPath := filepath.Join(os.Getenv("GOPATH"), "bin", name) 112 cmd := exec.Command(goBin, "build", "-o", installPath, "./basic") 113 cmd.Env = append(os.Environ(), "CGO_ENABLED=0") 114 if out, err := cmd.CombinedOutput(); err != nil { 115 return "", errors.Wrapf(err, "error building basic plugin bin: %s", string(out)) 116 } 117 return installPath, nil 118 }