github.com/panekj/cli@v0.0.0-20230304125325-467dd2f3797e/e2e/global/cli_test.go (about) 1 package global 2 3 import ( 4 "net/http" 5 "net/http/httptest" 6 "strings" 7 "testing" 8 9 "github.com/docker/cli/internal/test/environment" 10 "gotest.tools/v3/assert" 11 "gotest.tools/v3/icmd" 12 "gotest.tools/v3/skip" 13 ) 14 15 func TestTLSVerify(t *testing.T) { 16 // Remote daemons use TLS and this test is not applicable when TLS is required. 17 skip.If(t, environment.RemoteDaemon()) 18 19 icmd.RunCmd(icmd.Command("docker", "ps")).Assert(t, icmd.Success) 20 21 // Regardless of whether we specify true or false we need to 22 // test to make sure tls is turned on if --tlsverify is specified at all 23 result := icmd.RunCmd(icmd.Command("docker", "--tlsverify=false", "ps")) 24 result.Assert(t, icmd.Expected{ExitCode: 1, Err: "unable to resolve docker endpoint:"}) 25 26 result = icmd.RunCmd(icmd.Command("docker", "--tlsverify=true", "ps")) 27 result.Assert(t, icmd.Expected{ExitCode: 1, Err: "ca.pem"}) 28 } 29 30 // TestTCPSchemeUsesHTTPProxyEnv verifies that the cli uses HTTP_PROXY if 31 // DOCKER_HOST is set to use the 'tcp://' scheme. 32 // 33 // Prior to go1.16, https:// schemes would use HTTPS_PROXY, and any other 34 // scheme would use HTTP_PROXY. However, golang/net@7b1cca2 (per a request in 35 // golang/go#40909) changed this behavior to only use HTTP_PROXY for http:// 36 // schemes, no longer using a proxy for any other scheme. 37 // 38 // Docker uses the tcp:// scheme as a default for API connections, to indicate 39 // that the API is not "purely" HTTP. Various parts in the code also *require* 40 // this scheme to be used. While we could change the default and allow http(s) 41 // schemes to be used, doing so will take time, taking into account that there 42 // are many installs in existence that have tcp:// configured as DOCKER_HOST. 43 // 44 // Note that due to Golang's use of sync.Once for proxy-detection, this test 45 // cannot be done as a unit-test, hence it being an e2e test. 46 func TestTCPSchemeUsesHTTPProxyEnv(t *testing.T) { 47 const responseJSON = `{"Version": "99.99.9", "ApiVersion": "1.41", "MinAPIVersion": "1.12"}` 48 var received string 49 proxyServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 50 received = r.Host 51 w.Header().Set("Content-Type", "application/json") 52 _, _ = w.Write([]byte(responseJSON)) 53 })) 54 defer proxyServer.Close() 55 56 // Configure the CLI to use our proxyServer. DOCKER_HOST can point to any 57 // address (as it won't be connected to), but must use tcp:// for this test, 58 // to verify it's using HTTP_PROXY. 59 result := icmd.RunCmd( 60 icmd.Command("docker", "version", "--format", "{{ .Server.Version }}"), 61 icmd.WithEnv("HTTP_PROXY="+proxyServer.URL, "DOCKER_HOST=tcp://docker.acme.example.com:2376"), 62 ) 63 // Verify the command ran successfully, and that it connected to the proxyServer 64 result.Assert(t, icmd.Success) 65 assert.Equal(t, strings.TrimSpace(result.Stdout()), "99.99.9") 66 assert.Equal(t, received, "docker.acme.example.com:2376") 67 }