Merge pull request #11054 from saschagrunert/login-logout-path-tests

Add `--accept-repositories` integration tests

Author: openshift-ci[bot]

cmd/podman/login.go

@@ -52,6 +52,7 @@ func init() {
 	loginOptions.Stdin = os.Stdin
 	loginOptions.Stdout = os.Stdout
 	loginOptions.AcceptUnspecifiedRegistry = true
+	loginOptions.AcceptRepositories = true
 }
 
 // Implementation of podman-login.

cmd/podman/logout.go

@@ -43,6 +43,7 @@ func init() {
 
 	logoutOptions.Stdout = os.Stdout
 	logoutOptions.AcceptUnspecifiedRegistry = true
+	logoutOptions.AcceptRepositories = true
 }
 
 // Implementation of podman-logout.

go.mod

@@ -12,7 +12,7 @@ require (
 	github.com/containernetworking/cni v0.8.1
 	github.com/containernetworking/plugins v0.9.1
 	github.com/containers/buildah v1.21.1-0.20210721171232-54cafea4c933
-	github.com/containers/common v0.41.1-0.20210721172332-291287e9d060
+	github.com/containers/common v0.41.1-0.20210730122913-cd6c45fd20e3
 	github.com/containers/conmon v2.0.20+incompatible
 	github.com/containers/image/v5 v5.14.0
 	github.com/containers/ocicrypt v1.1.2

go.sum

@@ -242,8 +242,8 @@ github.com/containernetworking/plugins v0.9.1/go.mod h1:xP/idU2ldlzN6m4p5LmGiwRD
 github.com/containers/buildah v1.21.1-0.20210721171232-54cafea4c933 h1:jqO3hDypBoKM5be+fVcqGHOpX2fOiQy2DFEeb/VKpsk=
 github.com/containers/buildah v1.21.1-0.20210721171232-54cafea4c933/go.mod h1:9gspFNeUJxIK72n1IMIKIHmtcePEZQsv0tjo+1LqkCo=
 github.com/containers/common v0.41.1-0.20210721112610-c95d2f794edf/go.mod h1:Ba5YVNCnyX6xDtg1JqEHa2EMVMW5UbHmIyEqsEwpeGE=
-github.com/containers/common v0.41.1-0.20210721172332-291287e9d060 h1:HgGff2MeEKfYoKp2WQFl9xdsgP7KV8rr/1JZRIuPXmg=
-github.com/containers/common v0.41.1-0.20210721172332-291287e9d060/go.mod h1:Ba5YVNCnyX6xDtg1JqEHa2EMVMW5UbHmIyEqsEwpeGE=
+github.com/containers/common v0.41.1-0.20210730122913-cd6c45fd20e3 h1:lHOZ+G5B7aP2YPsbDo4DtALFAuFG5PWH3Pv5zL2bC08=
+github.com/containers/common v0.41.1-0.20210730122913-cd6c45fd20e3/go.mod h1:UzAAjDsxwd4qkN1mgsk6aspduBY5bspxvKgwQElaBwk=
 github.com/containers/conmon v2.0.20+incompatible h1:YbCVSFSCqFjjVwHTPINGdMX1F6JXHGTUje2ZYobNrkg=
 github.com/containers/conmon v2.0.20+incompatible/go.mod h1:hgwZ2mtuDrppv78a/cOBNiCm6O0UMWGx1mu7P00nu5I=
 github.com/containers/image/v5 v5.13.2/go.mod h1:GkWursKDlDcUIT7L7vZf70tADvZCk/Ga0wgS0MuF0ag=

test/e2e/login_logout_test.go

@@ -97,6 +97,24 @@ var _ = Describe("Podman login and logout", func() {
 		os.RemoveAll(certDirPath)
 	})
 
+	readAuthInfo := func(filePath string) map[string]interface{} {
+		authBytes, err := ioutil.ReadFile(filePath)
+		Expect(err).To(BeNil())
+
+		var authInfo map[string]interface{}
+		err = json.Unmarshal(authBytes, &authInfo)
+		Expect(err).To(BeNil())
+		fmt.Println(authInfo)
+
+		const authsKey = "auths"
+		Expect(authInfo).To(HaveKey(authsKey))
+
+		auths, ok := authInfo[authsKey].(map[string]interface{})
+		Expect(ok).To(BeTrue())
+
+		return auths
+	}
+
 	It("podman login and logout", func() {
 		session := podmanTest.Podman([]string{"login", "-u", "podmantest", "-p", "test", server})
 		session.WaitWithDefaultTimeout()
@@ -151,10 +169,7 @@ var _ = Describe("Podman login and logout", func() {
 		session.WaitWithDefaultTimeout()
 		Expect(session).Should(Exit(0))
 
-		authInfo, _ := ioutil.ReadFile(authFile)
-		var info map[string]interface{}
-		json.Unmarshal(authInfo, &info)
-		fmt.Println(info)
+		readAuthInfo(authFile)
 
 		// push should fail with nonexistent authfile
 		session = podmanTest.Podman([]string{"push", "--authfile", "/tmp/nonexistent", ALPINE, testImg})
@@ -284,4 +299,204 @@ var _ = Describe("Podman login and logout", func() {
 		session.WaitWithDefaultTimeout()
 		Expect(session).To(ExitWithError())
 	})
+
+	It("podman login and logout with repository", func() {
+		authFile := filepath.Join(podmanTest.TempDir, "auth.json")
+
+		testRepository := server + "/podmantest"
+		session := podmanTest.Podman([]string{
+			"login",
+			"-u", "podmantest",
+			"-p", "test",
+			"--authfile", authFile,
+			testRepository,
+		})
+		session.WaitWithDefaultTimeout()
+		Expect(session).Should(Exit(0))
+
+		authInfo := readAuthInfo(authFile)
+		Expect(authInfo).To(HaveKey(testRepository))
+
+		session = podmanTest.Podman([]string{
+			"logout",
+			"--authfile", authFile,
+			testRepository,
+		})
+		session.WaitWithDefaultTimeout()
+		Expect(session).Should(Exit(0))
+
+		authInfo = readAuthInfo(authFile)
+		Expect(authInfo).NotTo(HaveKey(testRepository))
+	})
+
+	It("podman login and logout with repository and specified image", func() {
+		authFile := filepath.Join(podmanTest.TempDir, "auth.json")
+
+		testTarget := server + "/podmantest/test-alpine"
+		session := podmanTest.Podman([]string{
+			"login",
+			"-u", "podmantest",
+			"-p", "test",
+			"--authfile", authFile,
+			testTarget,
+		})
+		session.WaitWithDefaultTimeout()
+		Expect(session).Should(Exit(0))
+
+		authInfo := readAuthInfo(authFile)
+		Expect(authInfo).To(HaveKey(testTarget))
+
+		session = podmanTest.Podman([]string{
+			"push",
+			"--authfile", authFile,
+			ALPINE, testTarget,
+		})
+		session.WaitWithDefaultTimeout()
+		Expect(session).Should(Exit(0))
+
+	})
+
+	It("podman login and logout with repository with fallback", func() {
+		authFile := filepath.Join(podmanTest.TempDir, "auth.json")
+
+		testRepos := []string{
+			server + "/podmantest",
+			server,
+		}
+		for _, testRepo := range testRepos {
+			session := podmanTest.Podman([]string{
+				"login",
+				"-u", "podmantest",
+				"-p", "test",
+				"--authfile", authFile,
+				testRepo,
+			})
+			session.WaitWithDefaultTimeout()
+			Expect(session).Should(Exit(0))
+		}
+
+		authInfo := readAuthInfo(authFile)
+		Expect(authInfo).To(HaveKey(testRepos[0]))
+		Expect(authInfo).To(HaveKey(testRepos[1]))
+
+		session := podmanTest.Podman([]string{
+			"push",
+			"--authfile", authFile,
+			ALPINE, testRepos[0] + "/test-image-alpine",
+		})
+		session.WaitWithDefaultTimeout()
+		Expect(session).Should(Exit(0))
+
+		session = podmanTest.Podman([]string{
+			"logout",
+			"--authfile", authFile,
+			testRepos[0],
+		})
+		session.WaitWithDefaultTimeout()
+		Expect(session).Should(Exit(0))
+
+		session = podmanTest.Podman([]string{
+			"push",
+			"--authfile", authFile,
+			ALPINE, testRepos[0] + "/test-image-alpine",
+		})
+		session.WaitWithDefaultTimeout()
+		Expect(session).Should(Exit(0))
+
+		session = podmanTest.Podman([]string{
+			"logout",
+			"--authfile", authFile,
+			testRepos[1],
+		})
+		session.WaitWithDefaultTimeout()
+		Expect(session).Should(Exit(0))
+
+		authInfo = readAuthInfo(authFile)
+		Expect(authInfo).NotTo(HaveKey(testRepos[0]))
+		Expect(authInfo).NotTo(HaveKey(testRepos[1]))
+	})
+
+	It("podman login with repository invalid arguments", func() {
+		authFile := filepath.Join(podmanTest.TempDir, "auth.json")
+
+		for _, invalidArg := range []string{
+			"https://" + server + "/podmantest",
+			server + "/podmantest/image:latest",
+		} {
+			session := podmanTest.Podman([]string{
+				"login",
+				"-u", "podmantest",
+				"-p", "test",
+				"--authfile", authFile,
+				invalidArg,
+			})
+			session.WaitWithDefaultTimeout()
+			Expect(session).Should(ExitWithError())
+		}
+	})
+
+	It("podman login and logout with repository push with invalid auth.json credentials", func() {
+		authFile := filepath.Join(podmanTest.TempDir, "auth.json")
+		// only `server` contains the correct login data
+		err := ioutil.WriteFile(authFile, []byte(fmt.Sprintf(`{"auths": {
+			"%s/podmantest": { "auth": "cG9kbWFudGVzdDp3cm9uZw==" },
+			"%s": { "auth": "cG9kbWFudGVzdDp0ZXN0" }
+		}}`, server, server)), 0644)
+		Expect(err).To(BeNil())
+
+		session := podmanTest.Podman([]string{
+			"push",
+			"--authfile", authFile,
+			ALPINE, server + "/podmantest/test-image",
+		})
+		session.WaitWithDefaultTimeout()
+		Expect(session).To(ExitWithError())
+
+		session = podmanTest.Podman([]string{
+			"push",
+			"--authfile", authFile,
+			ALPINE, server + "/test-image",
+		})
+		session.WaitWithDefaultTimeout()
+		Expect(session).To(Exit(0))
+	})
+
+	It("podman login and logout with repository pull with wrong auth.json credentials", func() {
+		authFile := filepath.Join(podmanTest.TempDir, "auth.json")
+
+		testTarget := server + "/podmantest/test-alpine"
+		session := podmanTest.Podman([]string{
+			"login",
+			"-u", "podmantest",
+			"-p", "test",
+			"--authfile", authFile,
+			testTarget,
+		})
+		session.WaitWithDefaultTimeout()
+		Expect(session).Should(Exit(0))
+
+		session = podmanTest.Podman([]string{
+			"push",
+			"--authfile", authFile,
+			ALPINE, testTarget,
+		})
+		session.WaitWithDefaultTimeout()
+		Expect(session).Should(Exit(0))
+
+		// only `server + /podmantest` and `server` have the correct login data
+		err := ioutil.WriteFile(authFile, []byte(fmt.Sprintf(`{"auths": {
+			"%s/podmantest/test-alpine": { "auth": "cG9kbWFudGVzdDp3cm9uZw==" },
+			"%s/podmantest": { "auth": "cG9kbWFudGVzdDp0ZXN0" },
+			"%s": { "auth": "cG9kbWFudGVzdDp0ZXN0" }
+		}}`, server, server, server)), 0644)
+		Expect(err).To(BeNil())
+
+		session = podmanTest.Podman([]string{
+			"pull",
+			"--authfile", authFile,
+			server + "/podmantest/test-alpine",
+		})
+		session.WaitWithDefaultTimeout()
+		Expect(session).To(ExitWithError())
+	})
 })