apiv2 tests: add helpers to start/stop a local registry

...and a rudimentary set of /auth tests for PR#9589 (disabled).

This simply adds a new start_registry() helper function that
allocates a random unused port, pulls a registry image, creates
a local certificate + random username + random password, and
fires everything up. Since none of this is (yet) used in CI,
this is very low risk.

The only infinitessimally-risky change is using a dedicated
subdirectory of $WORKDIR (instead of $WORKDIR itself) as
the podman root. This fixes a dumb oversight on my part:
the workdir has grown to be used for much more than just
podman root; this change removes clutter and makes it
easier for humans to debug in cases of problems.

Signed-off-by: Ed Santiago <santiago@redhat.com>

1 files changed, 29 insertions, 0 deletions

diff --git a/test/apiv2/60-auth.at b/test/apiv2/60-auth.at
new file mode 100644
index 000000000..378955cd7
--- /dev/null
+++ b/test/apiv2/60-auth.at
@@ -0,0 +1,29 @@
+# -*- sh -*-
+#
+# registry-related tests
+#
+
+start_registry
+
+# FIXME FIXME FIXME: remove the 'if false' for use with PR 9589
+if false; then
+
+# FIXME FIXME: please forgive the horrible POST params format; I have an
+#              upcoming PR which should fix that.
+
+# Test with wrong password. Confirm bad status and appropriate error message
+t POST /v1.40/auth "\"username\":\"${REGISTRY_USERNAME}\",\"password\":\"WrOnGPassWord\",\"serveraddress\":\"localhost:$REGISTRY_PORT/\"" \
+  400 \
+  .Status~'.* invalid username/password'
+
+# Test with the right password. Confirm status message and reasonable token
+t POST /v1.40/auth "\"username\":\"${REGISTRY_USERNAME}\",\"password\":\"${REGISTRY_PASSWORD}\",\"serveraddress\":\"localhost:$REGISTRY_PORT/\"" \
+  200 \
+  .Status="Login Succeeded" \
+  .IdentityToken~[a-zA-Z0-9]
+
+# FIXME: now what? Try something-something using that token?
+token=$(jq -r .IdentityToken <<<"$output")
+# ...
+
+fi    # FIXME FIXME FIXME: remove when working