1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
|
package main
import (
"bytes"
"fmt"
"os"
"os/exec"
"path/filepath"
"strings"
"testing"
"gotest.tools/v3/assert"
)
func (s *DockerRegistryAuthHtpasswdSuite) TestLogoutWithExternalAuth(c *testing.T) {
s.d.StartWithBusybox(c)
workingDir, err := os.Getwd()
assert.NilError(c, err)
absolute, err := filepath.Abs(filepath.Join(workingDir, "fixtures", "auth"))
assert.NilError(c, err)
osPath := os.Getenv("PATH")
testPath := fmt.Sprintf("%s%c%s", osPath, filepath.ListSeparator, absolute)
c.Setenv("PATH", testPath)
repoName := fmt.Sprintf("%v/dockercli/busybox:authtest", privateRegistryURL)
tmp, err := os.MkdirTemp("", "integration-cli-")
assert.NilError(c, err)
defer os.RemoveAll(tmp)
externalAuthConfig := `{ "credsStore": "shell-test" }`
configPath := filepath.Join(tmp, "config.json")
err = os.WriteFile(configPath, []byte(externalAuthConfig), 0644)
assert.NilError(c, err)
_, err = s.d.Cmd("--config", tmp, "login", "-u", s.reg.Username(), "-p", s.reg.Password(), privateRegistryURL)
assert.NilError(c, err)
b, err := os.ReadFile(configPath)
assert.NilError(c, err)
assert.Assert(c, !strings.Contains(string(b), `"auth":`))
assert.Assert(c, strings.Contains(string(b), privateRegistryURL))
_, err = s.d.Cmd("--config", tmp, "tag", "busybox", repoName)
assert.NilError(c, err)
_, err = s.d.Cmd("--config", tmp, "push", repoName)
assert.NilError(c, err)
_, err = s.d.Cmd("--config", tmp, "logout", privateRegistryURL)
assert.NilError(c, err)
b, err = os.ReadFile(configPath)
assert.NilError(c, err)
assert.Assert(c, !strings.Contains(string(b), privateRegistryURL))
// check I cannot pull anymore
out, err := s.d.Cmd("--config", tmp, "pull", repoName)
assert.ErrorContains(c, err, "", out)
assert.Assert(c, strings.Contains(out, "no basic auth credentials"))
}
// #23100
func (s *DockerRegistryAuthHtpasswdSuite) TestLogoutWithWrongHostnamesStored(c *testing.T) {
workingDir, err := os.Getwd()
assert.NilError(c, err)
absolute, err := filepath.Abs(filepath.Join(workingDir, "fixtures", "auth"))
assert.NilError(c, err)
osPath := os.Getenv("PATH")
testPath := fmt.Sprintf("%s%c%s", osPath, filepath.ListSeparator, absolute)
c.Setenv("PATH", testPath)
cmd := exec.Command("docker-credential-shell-test", "store")
stdin := bytes.NewReader([]byte(fmt.Sprintf(`{"ServerURL": "https://%s", "Username": "%s", "Secret": "%s"}`, privateRegistryURL, s.reg.Username(), s.reg.Password())))
cmd.Stdin = stdin
assert.NilError(c, cmd.Run())
tmp, err := os.MkdirTemp("", "integration-cli-")
assert.NilError(c, err)
externalAuthConfig := fmt.Sprintf(`{ "auths": {"https://%s": {}}, "credsStore": "shell-test" }`, privateRegistryURL)
configPath := filepath.Join(tmp, "config.json")
err = os.WriteFile(configPath, []byte(externalAuthConfig), 0644)
assert.NilError(c, err)
dockerCmd(c, "--config", tmp, "login", "-u", s.reg.Username(), "-p", s.reg.Password(), privateRegistryURL)
b, err := os.ReadFile(configPath)
assert.NilError(c, err)
assert.Assert(c, strings.Contains(string(b), fmt.Sprintf(`"https://%s": {}`, privateRegistryURL)))
assert.Assert(c, strings.Contains(string(b), fmt.Sprintf(`"%s": {}`, privateRegistryURL)))
dockerCmd(c, "--config", tmp, "logout", privateRegistryURL)
b, err = os.ReadFile(configPath)
assert.NilError(c, err)
assert.Assert(c, !strings.Contains(string(b), fmt.Sprintf(`"https://%s": {}`, privateRegistryURL)))
assert.Assert(c, !strings.Contains(string(b), fmt.Sprintf(`"%s": {}`, privateRegistryURL)))
}
|
