diff options
author | haircommander <pehunt@redhat.com> | 2018-06-08 17:56:25 -0400 |
---|---|---|
committer | Atomic Bot <atomic-devel@projectatomic.io> | 2018-06-15 17:09:33 +0000 |
commit | b43677c9fd7f04c1ebf8265a0b14fc8ed70e4d66 (patch) | |
tree | 7789d0838adc805bcddd680ceb06fadd77195a4f /test | |
parent | 894ae2bf76ec9877f8a4707d5b978bc23f6556f8 (diff) | |
download | podman-b43677c9fd7f04c1ebf8265a0b14fc8ed70e4d66.tar.gz podman-b43677c9fd7f04c1ebf8265a0b14fc8ed70e4d66.tar.bz2 podman-b43677c9fd7f04c1ebf8265a0b14fc8ed70e4d66.zip |
Added --tls-verify functionality to podman search, with tests
Signed-off-by: haircommander <pehunt@redhat.com>
Closes: #932
Approved by: baude
Diffstat (limited to 'test')
-rw-r--r-- | test/e2e/libpod_suite_test.go | 33 | ||||
-rw-r--r-- | test/e2e/search_test.go | 144 |
2 files changed, 175 insertions, 2 deletions
diff --git a/test/e2e/libpod_suite_test.go b/test/e2e/libpod_suite_test.go index 9f59eb4a6..d06818fd3 100644 --- a/test/e2e/libpod_suite_test.go +++ b/test/e2e/libpod_suite_test.go @@ -2,6 +2,7 @@ package integration import ( "context" + "encoding/json" "fmt" "io/ioutil" "os" @@ -12,8 +13,6 @@ import ( "testing" "time" - "encoding/json" - "github.com/containers/image/copy" "github.com/containers/image/signature" "github.com/containers/image/storage" @@ -268,6 +267,36 @@ func (s *PodmanSession) OutputToStringArray() []string { return strings.Split(output, "\n") } +// ErrorGrepString takes session stderr output and behaves like grep. it returns a bool +// if successful and an array of strings on positive matches +func (s *PodmanSession) ErrorGrepString(term string) (bool, []string) { + var ( + greps []string + matches bool + ) + + for _, line := range strings.Split(s.ErrorToString(), "\n") { + if strings.Contains(line, term) { + matches = true + greps = append(greps, line) + } + } + return matches, greps +} + +// ErrorToString formats session stderr to string +func (s *PodmanSession) ErrorToString() string { + fields := strings.Fields(fmt.Sprintf("%s", s.Err.Contents())) + return strings.Join(fields, " ") +} + +// ErrorToStringArray returns the stderr output as a []string +// where each array item is a line split by newline +func (s *PodmanSession) ErrorToStringArray() []string { + output := fmt.Sprintf("%s", s.Err.Contents()) + return strings.Split(output, "\n") +} + // IsJSONOutputValid attempts to unmarshal the session buffer // and if successful, returns true, else false func (s *PodmanSession) IsJSONOutputValid() bool { diff --git a/test/e2e/search_test.go b/test/e2e/search_test.go index 5a814b139..96e1422ed 100644 --- a/test/e2e/search_test.go +++ b/test/e2e/search_test.go @@ -1,7 +1,9 @@ package integration import ( + "io/ioutil" "os" + "path/filepath" "strconv" . "github.com/onsi/ginkgo" @@ -14,13 +16,26 @@ var _ = Describe("Podman search", func() { err error podmanTest PodmanTest ) + const regFileContents = ` + [registries.search] + registries = ['localhost:5000'] + [registries.insecure] + registries = ['localhost:5000']` + + const badRegFileContents = ` + [registries.search] + registries = ['localhost:5000'] + # empty + [registries.insecure] + registries = []` BeforeEach(func() { tempdir, err = CreateTempDirInTempDir() if err != nil { os.Exit(1) } podmanTest = PodmanCreate(tempdir) + podmanTest.RestoreAllArtifacts() }) AfterEach(func() { @@ -96,4 +111,133 @@ var _ = Describe("Podman search", func() { Expect(output[i]).To(Equal("")) } }) + + It("podman search attempts HTTP if tls-verify flag is set false", func() { + fakereg := podmanTest.Podman([]string{"run", "-d", "--name", "registry", "-p", "5000:5000", "docker.io/library/registry:2", "/entrypoint.sh", "/etc/docker/registry/config.yml"}) + fakereg.WaitWithDefaultTimeout() + Expect(fakereg.ExitCode()).To(Equal(0)) + + if !WaitContainerReady(&podmanTest, "registry", "listening on", 20, 1) { + Skip("Can not start docker registry.") + } + + search := podmanTest.Podman([]string{"search", "--registry", "localhost:5000", "fake/image:andtag", "--tls-verify=false"}) + search.WaitWithDefaultTimeout() + + // if this test succeeded, there will be no output (there is no entry named fake/image:andtag in an empty registry) + // and the exit code will be 0 + Expect(search.ExitCode()).To(Equal(0)) + Expect(search.OutputToString()).Should(BeEmpty()) + Expect(search.ErrorToString()).Should(BeEmpty()) + }) + + It("podman search in local registry", func() { + registry := podmanTest.Podman([]string{"run", "-d", "--name", "registry3", "-p", "5000:5000", "docker.io/library/registry:2", "/entrypoint.sh", "/etc/docker/registry/config.yml"}) + registry.WaitWithDefaultTimeout() + Expect(registry.ExitCode()).To(Equal(0)) + + if !WaitContainerReady(&podmanTest, "registry3", "listening on", 20, 1) { + Skip("Can not start docker registry.") + } + + push := podmanTest.Podman([]string{"push", "--tls-verify=false", "--remove-signatures", ALPINE, "localhost:5000/my-alpine"}) + push.WaitWithDefaultTimeout() + Expect(push.ExitCode()).To(Equal(0)) + search := podmanTest.Podman([]string{"search", "--registry", "localhost:5000", "my-alpine", "--tls-verify=false"}) + search.WaitWithDefaultTimeout() + + Expect(search.ExitCode()).To(Equal(0)) + Expect(search.OutputToString()).ShouldNot(BeEmpty()) + }) + + It("podman search attempts HTTP if registry is in registries.insecure and force secure is false", func() { + registry := podmanTest.Podman([]string{"run", "-d", "--name", "registry4", "-p", "5000:5000", "docker.io/library/registry:2", "/entrypoint.sh", "/etc/docker/registry/config.yml"}) + registry.WaitWithDefaultTimeout() + Expect(registry.ExitCode()).To(Equal(0)) + + if !WaitContainerReady(&podmanTest, "registry4", "listening on", 20, 1) { + Skip("Can not start docker registry.") + } + + push := podmanTest.Podman([]string{"push", "--tls-verify=false", "--remove-signatures", ALPINE, "localhost:5000/my-alpine"}) + push.WaitWithDefaultTimeout() + Expect(push.ExitCode()).To(Equal(0)) + + // registries.conf set up + regFileBytes := []byte(regFileContents) + outfile := filepath.Join(podmanTest.TempDir, "registries.conf") + os.Setenv("REGISTRIES_CONFIG_PATH", outfile) + ioutil.WriteFile(outfile, regFileBytes, 0644) + + search := podmanTest.Podman([]string{"search", "--registry", "localhost:5000", "my-alpine"}) + search.WaitWithDefaultTimeout() + + Expect(search.ExitCode()).To(Equal(0)) + match, _ := search.GrepString("my-alpine") + Expect(match).Should(BeTrue()) + Expect(search.ErrorToString()).Should(BeEmpty()) + + // cleanup + os.Setenv("REGISTRIES_CONFIG_PATH", "") + }) + + It("podman search doesn't attempt HTTP if force secure is true", func() { + registry := podmanTest.Podman([]string{"run", "-d", "-p", "5000:5000", "--name", "registry5", "registry:2"}) + registry.WaitWithDefaultTimeout() + Expect(registry.ExitCode()).To(Equal(0)) + + if !WaitContainerReady(&podmanTest, "registry5", "listening on", 20, 1) { + Skip("Can not start docker registry.") + } + push := podmanTest.Podman([]string{"push", "--tls-verify=false", "--remove-signatures", ALPINE, "localhost:5000/my-alpine"}) + push.WaitWithDefaultTimeout() + Expect(push.ExitCode()).To(Equal(0)) + + // registries.conf set up + regFileBytes := []byte(regFileContents) + outfile := filepath.Join(podmanTest.TempDir, "registries.conf") + os.Setenv("REGISTRIES_CONFIG_PATH", outfile) + ioutil.WriteFile(outfile, regFileBytes, 0644) + + search := podmanTest.Podman([]string{"search", "--registry", "localhost:5000", "my-alpine", "--tls-verify=true"}) + search.WaitWithDefaultTimeout() + + Expect(search.ExitCode()).To(Equal(0)) + Expect(search.OutputToString()).Should(BeEmpty()) + match, _ := search.ErrorGrepString("error") + Expect(match).Should(BeTrue()) + + // cleanup + os.Setenv("REGISTRIES_CONFIG_PATH", "") + }) + + It("podman search doesn't attempt HTTP if registry is not listed as insecure", func() { + registry := podmanTest.Podman([]string{"run", "-d", "-p", "5000:5000", "--name", "registry6", "registry:2"}) + registry.WaitWithDefaultTimeout() + Expect(registry.ExitCode()).To(Equal(0)) + + if !WaitContainerReady(&podmanTest, "registry6", "listening on", 20, 1) { + Skip("Can not start docker registry.") + } + push := podmanTest.Podman([]string{"push", "--tls-verify=false", "--remove-signatures", ALPINE, "localhost:5000/my-alpine"}) + push.WaitWithDefaultTimeout() + Expect(push.ExitCode()).To(Equal(0)) + + // registries.conf set up + regFileBytes := []byte(badRegFileContents) + outfile := filepath.Join(podmanTest.TempDir, "registries.conf") + os.Setenv("REGISTRIES_CONFIG_PATH", outfile) + ioutil.WriteFile(outfile, regFileBytes, 0644) + + search := podmanTest.Podman([]string{"search", "--registry", "localhost:5000", "my-alpine"}) + search.WaitWithDefaultTimeout() + + Expect(search.ExitCode()).To(Equal(0)) + Expect(search.OutputToString()).Should(BeEmpty()) + match, _ := search.ErrorGrepString("error") + Expect(match).Should(BeTrue()) + + // cleanup + os.Setenv("REGISTRIES_CONFIG_PATH", "") + }) }) |