github.com/thajeztah/cli@v0.0.0-20240223162942-dc6bfac81a8b/cli/command/trust/revoke_test.go (about) 1 package trust 2 3 import ( 4 "io" 5 "testing" 6 7 "github.com/docker/cli/cli/trust" 8 "github.com/docker/cli/internal/test" 9 "github.com/docker/cli/internal/test/notary" 10 "github.com/theupdateframework/notary/client" 11 "github.com/theupdateframework/notary/passphrase" 12 "github.com/theupdateframework/notary/trustpinning" 13 "gotest.tools/v3/assert" 14 is "gotest.tools/v3/assert/cmp" 15 ) 16 17 func TestTrustRevokeCommandErrors(t *testing.T) { 18 testCases := []struct { 19 name string 20 args []string 21 expectedError string 22 }{ 23 { 24 name: "not-enough-args", 25 expectedError: "requires exactly 1 argument", 26 }, 27 { 28 name: "too-many-args", 29 args: []string{"remote1", "remote2"}, 30 expectedError: "requires exactly 1 argument", 31 }, 32 { 33 name: "sha-reference", 34 args: []string{"870d292919d01a0af7e7f056271dc78792c05f55f49b9b9012b6d89725bd9abd"}, 35 expectedError: "invalid repository name", 36 }, 37 { 38 name: "invalid-img-reference", 39 args: []string{"ALPINE"}, 40 expectedError: "invalid reference format", 41 }, 42 { 43 name: "digest-reference", 44 args: []string{"ubuntu@sha256:45b23dee08af5e43a7fea6c4cf9c25ccf269ee113168c19722f87876677c5cb2"}, 45 expectedError: "cannot use a digest reference for IMAGE:TAG", 46 }, 47 } 48 for _, tc := range testCases { 49 cmd := newRevokeCommand( 50 test.NewFakeCli(&fakeClient{})) 51 cmd.SetArgs(tc.args) 52 cmd.SetOut(io.Discard) 53 assert.ErrorContains(t, cmd.Execute(), tc.expectedError) 54 } 55 } 56 57 func TestTrustRevokeCommand(t *testing.T) { 58 testCases := []struct { 59 doc string 60 notaryRepository func(trust.ImageRefAndAuth, []string) (client.Repository, error) 61 args []string 62 expectedErr string 63 expectedMessage string 64 }{ 65 { 66 doc: "OfflineErrors_Confirm", 67 notaryRepository: notary.GetOfflineNotaryRepository, 68 args: []string{"reg-name.io/image"}, 69 expectedMessage: "Please confirm you would like to delete all signature data for reg-name.io/image? [y/N] \nAborting action.", 70 }, 71 { 72 doc: "OfflineErrors_Offline", 73 notaryRepository: notary.GetOfflineNotaryRepository, 74 args: []string{"reg-name.io/image", "-y"}, 75 expectedErr: "could not remove signature for reg-name.io/image: client is offline", 76 }, 77 { 78 doc: "OfflineErrors_WithTag_Offline", 79 notaryRepository: notary.GetOfflineNotaryRepository, 80 args: []string{"reg-name.io/image:tag"}, 81 expectedErr: "could not remove signature for reg-name.io/image:tag: client is offline", 82 }, 83 { 84 doc: "UninitializedErrors_Confirm", 85 notaryRepository: notary.GetUninitializedNotaryRepository, 86 args: []string{"reg-name.io/image"}, 87 expectedMessage: "Please confirm you would like to delete all signature data for reg-name.io/image? [y/N] \nAborting action.", 88 }, 89 { 90 doc: "UninitializedErrors_NoTrustData", 91 notaryRepository: notary.GetUninitializedNotaryRepository, 92 args: []string{"reg-name.io/image", "-y"}, 93 expectedErr: "could not remove signature for reg-name.io/image: does not have trust data for", 94 }, 95 { 96 doc: "UninitializedErrors_WithTag_NoTrustData", 97 notaryRepository: notary.GetUninitializedNotaryRepository, 98 args: []string{"reg-name.io/image:tag"}, 99 expectedErr: "could not remove signature for reg-name.io/image:tag: does not have trust data for", 100 }, 101 { 102 doc: "EmptyNotaryRepo_Confirm", 103 notaryRepository: notary.GetEmptyTargetsNotaryRepository, 104 args: []string{"reg-name.io/image"}, 105 expectedMessage: "Please confirm you would like to delete all signature data for reg-name.io/image? [y/N] \nAborting action.", 106 }, 107 { 108 doc: "EmptyNotaryRepo_NoSignedTags", 109 notaryRepository: notary.GetEmptyTargetsNotaryRepository, 110 args: []string{"reg-name.io/image", "-y"}, 111 expectedErr: "could not remove signature for reg-name.io/image: no signed tags to remove", 112 }, 113 { 114 doc: "EmptyNotaryRepo_NoValidTrustData", 115 notaryRepository: notary.GetEmptyTargetsNotaryRepository, 116 args: []string{"reg-name.io/image:tag"}, 117 expectedErr: "could not remove signature for reg-name.io/image:tag: No valid trust data for tag", 118 }, 119 { 120 doc: "AllSigConfirmation", 121 notaryRepository: notary.GetEmptyTargetsNotaryRepository, 122 args: []string{"alpine"}, 123 expectedMessage: "Please confirm you would like to delete all signature data for alpine? [y/N] \nAborting action.", 124 }, 125 } 126 127 for _, tc := range testCases { 128 t.Run(tc.doc, func(t *testing.T) { 129 cli := test.NewFakeCli(&fakeClient{}) 130 cli.SetNotaryClient(tc.notaryRepository) 131 cmd := newRevokeCommand(cli) 132 cmd.SetArgs(tc.args) 133 cmd.SetOut(io.Discard) 134 if tc.expectedErr != "" { 135 assert.ErrorContains(t, cmd.Execute(), tc.expectedErr) 136 return 137 } 138 assert.NilError(t, cmd.Execute()) 139 assert.Check(t, is.Contains(cli.OutBuffer().String(), tc.expectedMessage)) 140 }) 141 } 142 } 143 144 func TestGetSignableRolesForTargetAndRemoveError(t *testing.T) { 145 notaryRepo, err := client.NewFileCachedRepository(t.TempDir(), "gun", "https://localhost", nil, passphrase.ConstantRetriever("password"), trustpinning.TrustPinConfig{}) 146 assert.NilError(t, err) 147 target := client.Target{} 148 err = getSignableRolesForTargetAndRemove(target, notaryRepo) 149 assert.Error(t, err, "client is offline") 150 }