1 package plugin
2
3 import (
4 "encoding/json"
5 "fmt"
6 "os"
7 "os/exec"
8 "path/filepath"
9 "testing"
10
11 "github.com/docker/cli/e2e/internal/fixtures"
12 "github.com/docker/cli/internal/test/environment"
13 "github.com/docker/docker/api/types"
14 "github.com/docker/docker/api/types/versions"
15 "github.com/pkg/errors"
16 "gotest.tools/v3/assert"
17 "gotest.tools/v3/fs"
18 "gotest.tools/v3/icmd"
19 "gotest.tools/v3/skip"
20 )
21
22 const registryPrefix = "registry:5000"
23
24 func TestInstallWithContentTrust(t *testing.T) {
25
26 skip.If(t, versions.LessThan(environment.DaemonAPIVersion(t), "1.44"))
27 skip.If(t, environment.SkipPluginTests())
28
29 pluginName := fmt.Sprintf("%s/plugin-content-trust", registryPrefix)
30
31 dir := fixtures.SetupConfigFile(t)
32 defer dir.Remove()
33
34 pluginDir := preparePluginDir(t)
35 defer pluginDir.Remove()
36
37 icmd.RunCommand("docker", "plugin", "create", pluginName, pluginDir.Path()).Assert(t, icmd.Success)
38 result := icmd.RunCmd(icmd.Command("docker", "plugin", "push", pluginName),
39 fixtures.WithConfig(dir.Path()),
40 fixtures.WithTrust,
41 fixtures.WithNotary,
42 fixtures.WithPassphrase("foo", "bar"),
43 )
44 result.Assert(t, icmd.Expected{
45 Out: "Signing and pushing trust metadata",
46 })
47
48 icmd.RunCommand("docker", "plugin", "rm", "-f", pluginName).Assert(t, icmd.Success)
49
50 result = icmd.RunCmd(icmd.Command("docker", "plugin", "install", "--grant-all-permissions", pluginName),
51 fixtures.WithConfig(dir.Path()),
52 fixtures.WithTrust,
53 fixtures.WithNotary,
54 )
55 result.Assert(t, icmd.Expected{
56 Out: fmt.Sprintf("Installed plugin %s", pluginName),
57 })
58 }
59
60 func TestInstallWithContentTrustUntrusted(t *testing.T) {
61 skip.If(t, environment.SkipPluginTests())
62
63 dir := fixtures.SetupConfigFile(t)
64 defer dir.Remove()
65
66 result := icmd.RunCmd(icmd.Command("docker", "plugin", "install", "--grant-all-permissions", "tiborvass/sample-volume-plugin:latest"),
67 fixtures.WithConfig(dir.Path()),
68 fixtures.WithTrust,
69 fixtures.WithNotary,
70 )
71 result.Assert(t, icmd.Expected{
72 ExitCode: 1,
73 Err: "Error: remote trust data does not exist",
74 })
75 }
76
77 func preparePluginDir(t *testing.T) *fs.Dir {
78 t.Helper()
79 p := &types.PluginConfig{
80 Interface: types.PluginConfigInterface{
81 Socket: "basic.sock",
82 Types: []types.PluginInterfaceType{{Capability: "docker.dummy/1.0"}},
83 },
84 Entrypoint: []string{"/basic"},
85 }
86 configJSON, err := json.Marshal(p)
87 assert.NilError(t, err)
88
89 binPath, err := ensureBasicPluginBin()
90 assert.NilError(t, err)
91
92 dir := fs.NewDir(t, "plugin_test",
93 fs.WithFile("config.json", string(configJSON), fs.WithMode(0o644)),
94 fs.WithDir("rootfs", fs.WithMode(0o755)),
95 )
96 icmd.RunCommand("/bin/cp", binPath, dir.Join("rootfs", p.Entrypoint[0])).Assert(t, icmd.Success)
97 return dir
98 }
99
100 func ensureBasicPluginBin() (string, error) {
101 name := "docker-basic-plugin"
102 p, err := exec.LookPath(name)
103 if err == nil {
104 return p, nil
105 }
106
107 goBin, err := exec.LookPath("/usr/local/go/bin/go")
108 if err != nil {
109 return "", err
110 }
111 installPath := filepath.Join(os.Getenv("GOPATH"), "bin", name)
112 cmd := exec.Command(goBin, "build", "-o", installPath, "./basic")
113 cmd.Env = append(os.Environ(), "CGO_ENABLED=0")
114 if out, err := cmd.CombinedOutput(); err != nil {
115 return "", errors.Wrapf(err, "error building basic plugin bin: %s", string(out))
116 }
117 return installPath, nil
118 }
119
View as plain text