github.com/panekj/cli@v0.0.0-20230304125325-467dd2f3797e/e2e/global/cli_test.go

github.com/panekj/cli@v0.0.0-20230304125325-467dd2f3797e/e2e/global/cli_test.go (about)

     1  package global
     2  
     3  import (
     4  	"net/http"
     5  	"net/http/httptest"
     6  	"strings"
     7  	"testing"
     8  
     9  	"github.com/docker/cli/internal/test/environment"
    10  	"gotest.tools/v3/assert"
    11  	"gotest.tools/v3/icmd"
    12  	"gotest.tools/v3/skip"
    13  )
    14  
    15  func TestTLSVerify(t *testing.T) {
    16  	// Remote daemons use TLS and this test is not applicable when TLS is required.
    17  	skip.If(t, environment.RemoteDaemon())
    18  
    19  	icmd.RunCmd(icmd.Command("docker", "ps")).Assert(t, icmd.Success)
    20  
    21  	// Regardless of whether we specify true or false we need to
    22  	// test to make sure tls is turned on if --tlsverify is specified at all
    23  	result := icmd.RunCmd(icmd.Command("docker", "--tlsverify=false", "ps"))
    24  	result.Assert(t, icmd.Expected{ExitCode: 1, Err: "unable to resolve docker endpoint:"})
    25  
    26  	result = icmd.RunCmd(icmd.Command("docker", "--tlsverify=true", "ps"))
    27  	result.Assert(t, icmd.Expected{ExitCode: 1, Err: "ca.pem"})
    28  }
    29  
    30  // TestTCPSchemeUsesHTTPProxyEnv verifies that the cli uses HTTP_PROXY if
    31  // DOCKER_HOST is set to use the 'tcp://' scheme.
    32  //
    33  // Prior to go1.16, https:// schemes would use HTTPS_PROXY, and any other
    34  // scheme would use HTTP_PROXY. However, golang/net@7b1cca2 (per a request in
    35  // golang/go#40909) changed this behavior to only use HTTP_PROXY for http://
    36  // schemes, no longer using a proxy for any other scheme.
    37  //
    38  // Docker uses the tcp:// scheme as a default for API connections, to indicate
    39  // that the API is not "purely" HTTP. Various parts in the code also *require*
    40  // this scheme to be used. While we could change the default and allow http(s)
    41  // schemes to be used, doing so will take time, taking into account that there
    42  // are many installs in existence that have tcp:// configured as DOCKER_HOST.
    43  //
    44  // Note that due to Golang's use of sync.Once for proxy-detection, this test
    45  // cannot be done as a unit-test, hence it being an e2e test.
    46  func TestTCPSchemeUsesHTTPProxyEnv(t *testing.T) {
    47  	const responseJSON = `{"Version": "99.99.9", "ApiVersion": "1.41", "MinAPIVersion": "1.12"}`
    48  	var received string
    49  	proxyServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
    50  		received = r.Host
    51  		w.Header().Set("Content-Type", "application/json")
    52  		_, _ = w.Write([]byte(responseJSON))
    53  	}))
    54  	defer proxyServer.Close()
    55  
    56  	// Configure the CLI to use our proxyServer. DOCKER_HOST can point to any
    57  	// address (as it won't be connected to), but must use tcp:// for this test,
    58  	// to verify it's using HTTP_PROXY.
    59  	result := icmd.RunCmd(
    60  		icmd.Command("docker", "version", "--format", "{{ .Server.Version }}"),
    61  		icmd.WithEnv("HTTP_PROXY="+proxyServer.URL, "DOCKER_HOST=tcp://docker.acme.example.com:2376"),
    62  	)
    63  	// Verify the command ran successfully, and that it connected to the proxyServer
    64  	result.Assert(t, icmd.Success)
    65  	assert.Equal(t, strings.TrimSpace(result.Stdout()), "99.99.9")
    66  	assert.Equal(t, received, "docker.acme.example.com:2376")
    67  }