notkshitij/docker-credential-helpers
1
0
Fork 0
mirror of https://github.com/docker/docker-credential-helpers.git synced 2026-06-15 08:52:10 +05:30
Code Releases 1 Activity

Merge pull request #275 from thaJeztah/subtests

Browse Source 
rewrite tests to use sub-tests, improve error-handling in tests, and use t.Cleanup()
This commit is contained in:
Sebastiaan van Stijn
2023-05-27 19:18:19 +02:00
committed by GitHub
parent 6f4e3abfc8 14d46ffd7e
commit f8e94d91c0
5 changed files with 344 additions and 220 deletions
Download Patch File Download Diff File Expand all files Collapse all files
client/client_test.go
+19 -12
View File
@@ -113,7 +113,7 @@ func TestStore(t *testing.T) {
for _, v := range valid { for _, v := range valid {
if err := Store(mockProgramFn, &v); err != nil { if err := Store(mockProgramFn, &v); err != nil {
t.Fatal(err) t.Error(err)
} }
} }
@@ -123,7 +123,7 @@ func TestStore(t *testing.T) {
for _, v := range invalid { for _, v := range invalid {
if err := Store(mockProgramFn, &v); err == nil { if err := Store(mockProgramFn, &v); err == nil {
t.Fatalf("Expected error for server %s, got nil", v.ServerURL) t.Errorf("Expected error for server %s, got nil", v.ServerURL)
} }
} }
} }
@@ -152,10 +152,10 @@ func TestGet(t *testing.T) {
} }
if c.Username != v.Username { if c.Username != v.Username {
t.Fatalf("expected username `%s`, got %s", v.Username, c.Username) t.Errorf("expected username `%s`, got %s", v.Username, c.Username)
} }
if c.Secret != v.Secret { if c.Secret != v.Secret {
t.Fatalf("expected secret `%s`, got %s", v.Secret, c.Secret) t.Errorf("expected secret `%s`, got %s", v.Secret, c.Secret)
} }
} }
@@ -165,10 +165,17 @@ func TestGet(t *testing.T) {
serverURL string serverURL string
err string err string
}{ }{
{missingCredsAddress, credentials.NewErrCredentialsNotFound().Error()}, {
{invalidServerAddress, "error getting credentials - err: exited 1, out: `program failed`"}, serverURL: missingCredsAddress,
{"", fmt.Sprintf("error getting credentials - err: %s, out: `%s`", err: credentials.NewErrCredentialsNotFound().Error(),
missingServerURLErr.Error(), missingServerURLErr.Error())}, },
{
serverURL: invalidServerAddress,
err: "error getting credentials - err: exited 1, out: `program failed`",
},
{
err: fmt.Sprintf("error getting credentials - err: %s, out: `%s`", missingServerURLErr.Error(), missingServerURLErr.Error()),
},
} }
for _, v := range invalid { for _, v := range invalid {
@@ -177,7 +184,7 @@ func TestGet(t *testing.T) {
t.Fatalf("Expected error for server %s, got nil", v.serverURL) t.Fatalf("Expected error for server %s, got nil", v.serverURL)
} }
if err.Error() != v.err { if err.Error() != v.err {
t.Fatalf("Expected error `%s`, got `%v`", v.err, err) t.Errorf("Expected error `%s`, got `%v`", v.err, err)
} }
} }
} }
@@ -192,11 +199,11 @@ func ExampleErase() {
func TestErase(t *testing.T) { func TestErase(t *testing.T) {
if err := Erase(mockProgramFn, validServerAddress); err != nil { if err := Erase(mockProgramFn, validServerAddress); err != nil {
t.Fatal(err) t.Error(err)
} }
if err := Erase(mockProgramFn, invalidServerAddress); err == nil { if err := Erase(mockProgramFn, invalidServerAddress); err == nil {
t.Fatalf("Expected error for server %s, got nil", invalidServerAddress) t.Errorf("Expected error for server %s, got nil", invalidServerAddress)
} }
} }
@@ -207,6 +214,6 @@ func TestList(t *testing.T) {
} }
if username, exists := auths[validServerAddress]; !exists || username != validUsername { if username, exists := auths[validServerAddress]; !exists || username != validUsername {
t.Fatalf("auths[%s] returned %s, %t; expected %s, %t", validServerAddress, username, exists, validUsername, true) t.Errorf("auths[%s] returned %s, %t; expected %s, %t", validServerAddress, username, exists, validUsername, true)
} }
} }
credentials/credentials_test.go
+14 -14
View File
@@ -42,7 +42,7 @@ func (m *memoryStore) List() (map[string]string, error) {
} }
func TestStore(t *testing.T) { func TestStore(t *testing.T) {
serverURL := "https://index.docker.io/v1/" const serverURL = "https://index.docker.io/v1/"
creds := &Credentials{ creds := &Credentials{
ServerURL: serverURL, ServerURL: serverURL,
Username: "foo", Username: "foo",
@@ -65,11 +65,11 @@ func TestStore(t *testing.T) {
} }
if c.Username != "foo" { if c.Username != "foo" {
t.Fatalf("expected username foo, got %s\n", c.Username) t.Errorf("expected username foo, got %s\n", c.Username)
} }
if c.Secret != "bar" { if c.Secret != "bar" {
t.Fatalf("expected username bar, got %s\n", c.Secret) t.Errorf("expected username bar, got %s\n", c.Secret)
} }
} }
@@ -89,7 +89,7 @@ func TestStoreMissingServerURL(t *testing.T) {
h := newMemoryStore() h := newMemoryStore()
if err := Store(h, in); IsCredentialsMissingServerURL(err) == false { if err := Store(h, in); IsCredentialsMissingServerURL(err) == false {
t.Fatal(err) t.Error(err)
} }
} }
@@ -109,12 +109,12 @@ func TestStoreMissingUsername(t *testing.T) {
h := newMemoryStore() h := newMemoryStore()
if err := Store(h, in); IsCredentialsMissingUsername(err) == false { if err := Store(h, in); IsCredentialsMissingUsername(err) == false {
t.Fatal(err) t.Error(err)
} }
} }
func TestGet(t *testing.T) { func TestGet(t *testing.T) {
serverURL := "https://index.docker.io/v1/" const serverURL = "https://index.docker.io/v1/"
creds := &Credentials{ creds := &Credentials{
ServerURL: serverURL, ServerURL: serverURL,
Username: "foo", Username: "foo",
@@ -147,16 +147,16 @@ func TestGet(t *testing.T) {
} }
if c.Username != "foo" { if c.Username != "foo" {
t.Fatalf("expected username foo, got %s\n", c.Username) t.Errorf("expected username foo, got %s\n", c.Username)
} }
if c.Secret != "bar" { if c.Secret != "bar" {
t.Fatalf("expected username bar, got %s\n", c.Secret) t.Errorf("expected username bar, got %s\n", c.Secret)
} }
} }
func TestGetMissingServerURL(t *testing.T) { func TestGetMissingServerURL(t *testing.T) {
serverURL := "https://index.docker.io/v1/" const serverURL = "https://index.docker.io/v1/"
creds := &Credentials{ creds := &Credentials{
ServerURL: serverURL, ServerURL: serverURL,
Username: "foo", Username: "foo",
@@ -177,12 +177,12 @@ func TestGetMissingServerURL(t *testing.T) {
w := new(bytes.Buffer) w := new(bytes.Buffer)
if err := Get(h, buf, w); IsCredentialsMissingServerURL(err) == false { if err := Get(h, buf, w); IsCredentialsMissingServerURL(err) == false {
t.Fatal(err) t.Error(err)
} }
} }
func TestErase(t *testing.T) { func TestErase(t *testing.T) {
serverURL := "https://index.docker.io/v1/" const serverURL = "https://index.docker.io/v1/"
creds := &Credentials{ creds := &Credentials{
ServerURL: serverURL, ServerURL: serverURL,
Username: "foo", Username: "foo",
@@ -206,12 +206,12 @@ func TestErase(t *testing.T) {
w := new(bytes.Buffer) w := new(bytes.Buffer)
if err := Get(h, buf, w); err == nil { if err := Get(h, buf, w); err == nil {
t.Fatal("expected error getting missing creds, got empty") t.Error("expected error getting missing creds, got empty")
} }
} }
func TestEraseMissingServerURL(t *testing.T) { func TestEraseMissingServerURL(t *testing.T) {
serverURL := "https://index.docker.io/v1/" const serverURL = "https://index.docker.io/v1/"
creds := &Credentials{ creds := &Credentials{
ServerURL: serverURL, ServerURL: serverURL,
Username: "foo", Username: "foo",
@@ -244,6 +244,6 @@ func TestList(t *testing.T) {
} }
// testing that there is an output // testing that there is an output
if out.Len() == 0 { if out.Len() == 0 {
t.Fatalf("expected output in the writer, got %d", 0) t.Error("expected output in the writer, got 0")
} }
} }
osxkeychain/osxkeychain_darwin_test.go
+129 -84
View File
@@ -60,41 +60,57 @@ func TestOSXKeychainHelper(t *testing.T) {
// through variations on the URL // through variations on the URL
func TestOSXKeychainHelperRetrieveAliases(t *testing.T) { func TestOSXKeychainHelperRetrieveAliases(t *testing.T) {
tests := []struct { tests := []struct {
doc string
storeURL string storeURL string
readURL string readURL string
}{ }{
// stored with port, retrieved without {
{"https://foobar.docker.io:2376", "https://foobar.docker.io"}, doc: "stored with port, retrieved without",
storeURL: "https://foobar.docker.io:2376",
// stored as https, retrieved without scheme readURL: "https://foobar.docker.io",
{"https://foobar.docker.io:2376", "foobar.docker.io"}, },
{
// stored with path, retrieved without doc: "stored as https, retrieved without scheme",
{"https://foobar.docker.io:1234/one/two", "https://foobar.docker.io:1234"}, storeURL: "https://foobar.docker.io:2376",
readURL: "foobar.docker.io",
},
{
doc: "stored with path, retrieved without",
storeURL: "https://foobar.docker.io:1234/one/two",
readURL: "https://foobar.docker.io:1234",
},
} }
helper := Osxkeychain{} helper := Osxkeychain{}
defer func() { t.Cleanup(func() {
for _, te := range tests { for _, tc := range tests {
helper.Delete(te.storeURL) if err := helper.Delete(tc.storeURL); err != nil && !credentials.IsErrCredentialsNotFound(err) {
t.Errorf("cleanup: failed to delete '%s': %v", tc.storeURL, err)
}
} }
}() })
// Clean store before testing. // Clean store before testing.
for _, te := range tests { for _, tc := range tests {
helper.Delete(te.storeURL) if err := helper.Delete(tc.storeURL); err != nil && !credentials.IsErrCredentialsNotFound(err) {
t.Errorf("prepare: failed to delete '%s': %v", tc.storeURL, err)
}
} }
for _, te := range tests { for _, tc := range tests {
c := &credentials.Credentials{ServerURL: te.storeURL, Username: "hello", Secret: "world"} tc := tc
if err := helper.Add(c); err != nil { t.Run(tc.doc, func(t *testing.T) {
t.Errorf("Error: failed to store secret for URL %q: %s", te.storeURL, err) c := &credentials.Credentials{ServerURL: tc.storeURL, Username: "hello", Secret: "world"}
continue if err := helper.Add(c); err != nil {
} t.Fatalf("Error: failed to store secret for URL %q: %s", tc.storeURL, err)
if _, _, err := helper.Get(te.readURL); err != nil { }
t.Errorf("Error: failed to read secret for URL %q using %q", te.storeURL, te.readURL) if _, _, err := helper.Get(tc.readURL); err != nil {
} t.Errorf("Error: failed to read secret for URL %q using %q", tc.storeURL, tc.readURL)
helper.Delete(te.storeURL) }
if err := helper.Delete(tc.storeURL); err != nil {
t.Error(err)
}
})
} }
} }
@@ -102,50 +118,74 @@ func TestOSXKeychainHelperRetrieveAliases(t *testing.T) {
// returned. // returned.
func TestOSXKeychainHelperRetrieveStrict(t *testing.T) { func TestOSXKeychainHelperRetrieveStrict(t *testing.T) {
tests := []struct { tests := []struct {
doc string
storeURL string storeURL string
readURL string readURL string
}{ }{
// stored as https, retrieved using http {
{"https://foobar.docker.io:2376", "http://foobar.docker.io:2376"}, doc: "stored as https, retrieved using http",
storeURL: "https://foobar.docker.io:2376",
// stored as http, retrieved using https readURL: "http://foobar.docker.io:2376",
{"http://foobar.docker.io:2376", "https://foobar.docker.io:2376"}, },
{
// same: stored as http, retrieved without a scheme specified (hence, using the default https://) doc: "stored as http, retrieved using https",
{"http://foobar.docker.io", "foobar.docker.io:5678"}, storeURL: "http://foobar.docker.io:2376",
readURL: "https://foobar.docker.io:2376",
// non-matching ports },
{"https://foobar.docker.io:1234", "https://foobar.docker.io:5678"}, {
// stored as http, retrieved without a scheme specified (hence, using the default https://)
// non-matching ports TODO is this desired behavior? The other way round does work doc: "stored as http, retrieved without scheme",
//{"https://foobar.docker.io", "https://foobar.docker.io:5678"}, storeURL: "http://foobar.docker.io",
readURL: "foobar.docker.io:5678",
// non-matching paths },
{"https://foobar.docker.io:1234/one/two", "https://foobar.docker.io:1234/five/six"}, {
doc: "non-matching ports",
storeURL: "https://foobar.docker.io:1234",
readURL: "https://foobar.docker.io:5678",
},
// TODO: is this desired behavior? The other way round does work
// {
// doc: "non-matching ports (stored without port)",
// storeURL: "https://foobar.docker.io",
// readURL: "https://foobar.docker.io:5678",
// },
{
doc: "non-matching paths",
storeURL: "https://foobar.docker.io:1234/one/two",
readURL: "https://foobar.docker.io:1234/five/six",
},
} }
helper := Osxkeychain{} helper := Osxkeychain{}
defer func() { t.Cleanup(func() {
for _, te := range tests { for _, tc := range tests {
helper.Delete(te.storeURL) if err := helper.Delete(tc.storeURL); err != nil && !credentials.IsErrCredentialsNotFound(err) {
t.Errorf("cleanup: failed to delete '%s': %v", tc.storeURL, err)
}
} }
}() })
// Clean store before testing. // Clean store before testing.
for _, te := range tests { for _, tc := range tests {
helper.Delete(te.storeURL) if err := helper.Delete(tc.storeURL); err != nil && !credentials.IsErrCredentialsNotFound(err) {
t.Errorf("prepare: failed to delete '%s': %v", tc.storeURL, err)
}
} }
for _, te := range tests { for _, tc := range tests {
c := &credentials.Credentials{ServerURL: te.storeURL, Username: "hello", Secret: "world"} tc := tc
if err := helper.Add(c); err != nil { t.Run(tc.doc, func(t *testing.T) {
t.Errorf("Error: failed to store secret for URL %q: %s", te.storeURL, err) c := &credentials.Credentials{ServerURL: tc.storeURL, Username: "hello", Secret: "world"}
continue if err := helper.Add(c); err != nil {
} t.Fatalf("Error: failed to store secret for URL %q: %s", tc.storeURL, err)
if _, _, err := helper.Get(te.readURL); err == nil { }
t.Errorf("Error: managed to read secret for URL %q using %q, but should not be able to", te.storeURL, te.readURL) if _, _, err := helper.Get(tc.readURL); err == nil {
} t.Errorf("Error: managed to read secret for URL %q using %q, but should not be able to", tc.storeURL, tc.readURL)
helper.Delete(te.storeURL) }
if err := helper.Delete(tc.storeURL); err != nil {
t.Error(err)
}
})
} }
} }
@@ -166,41 +206,46 @@ func TestOSXKeychainHelperStoreRetrieve(t *testing.T) {
} }
helper := Osxkeychain{} helper := Osxkeychain{}
defer func() { t.Cleanup(func() {
for _, te := range tests { for _, tc := range tests {
helper.Delete(te.url) if err := helper.Delete(tc.url); err != nil && !credentials.IsErrCredentialsNotFound(err) {
t.Errorf("cleanup: failed to delete '%s': %v", tc.url, err)
}
} }
}() })
// Clean store before testing. // Clean store before testing.
for _, te := range tests { for _, tc := range tests {
helper.Delete(te.url) if err := helper.Delete(tc.url); err != nil && !credentials.IsErrCredentialsNotFound(err) {
t.Errorf("prepare: failed to delete '%s': %v", tc.url, err)
}
} }
// Note that we don't delete between individual tests here, to verify that // Note that we don't delete between individual tests here, to verify that
// subsequent stores/overwrites don't affect storing / retrieving secrets. // subsequent stores/overwrites don't affect storing / retrieving secrets.
for i, te := range tests { for i, tc := range tests {
c := &credentials.Credentials{ tc := tc
ServerURL: te.url, t.Run(tc.url, func(t *testing.T) {
Username: fmt.Sprintf("user-%d", i), c := &credentials.Credentials{
Secret: fmt.Sprintf("secret-%d", i), ServerURL: tc.url,
} Username: fmt.Sprintf("user-%d", i),
Secret: fmt.Sprintf("secret-%d", i),
}
if err := helper.Add(c); err != nil { if err := helper.Add(c); err != nil {
t.Errorf("Error: failed to store secret for URL: %s: %s", te.url, err) t.Fatalf("Error: failed to store secret for URL: %s: %s", tc.url, err)
continue }
} user, secret, err := helper.Get(tc.url)
user, secret, err := helper.Get(te.url) if err != nil {
if err != nil { t.Fatalf("Error: failed to read secret for URL %q: %s", tc.url, err)
t.Errorf("Error: failed to read secret for URL %q: %s", te.url, err) }
continue if user != c.Username {
} t.Errorf("Error: expected username %s, got username %s for URL: %s", c.Username, user, tc.url)
if user != c.Username { }
t.Errorf("Error: expected username %s, got username %s for URL: %s", c.Username, user, te.url) if secret != c.Secret {
} t.Errorf("Error: expected secret %s, got secret %s for URL: %s", c.Secret, secret, tc.url)
if secret != c.Secret { }
t.Errorf("Error: expected secret %s, got secret %s for URL: %s", c.Secret, secret, te.url) })
}
} }
} }
registryurl/parse_test.go
+53 -26
View File
@@ -13,34 +13,61 @@ func TestHelperParseURL(t *testing.T) {
expectedURL string expectedURL string
err error err error
}{ }{
{url: "foobar.docker.io", expectedURL: "//foobar.docker.io"}, {
{url: "foobar.docker.io:2376", expectedURL: "//foobar.docker.io:2376"}, url: "foobar.docker.io",
{url: "//foobar.docker.io:2376", expectedURL: "//foobar.docker.io:2376"}, expectedURL: "//foobar.docker.io",
{url: "http://foobar.docker.io:2376", expectedURL: "http://foobar.docker.io:2376"}, },
{url: "https://foobar.docker.io:2376", expectedURL: "https://foobar.docker.io:2376"}, {
{url: "https://foobar.docker.io:2376/some/path", expectedURL: "https://foobar.docker.io:2376/some/path"}, url: "foobar.docker.io:2376",
{url: "https://foobar.docker.io:2376/some/other/path?foo=bar", expectedURL: "https://foobar.docker.io:2376/some/other/path"}, expectedURL: "//foobar.docker.io:2376",
{url: "/foobar.docker.io", err: errors.New("no hostname in URL")}, },
{url: "ftp://foobar.docker.io:2376", err: errors.New("unsupported scheme: ftp")}, {
url: "//foobar.docker.io:2376",
expectedURL: "//foobar.docker.io:2376",
},
{
url: "http://foobar.docker.io:2376",
expectedURL: "http://foobar.docker.io:2376",
},
{
url: "https://foobar.docker.io:2376",
expectedURL: "https://foobar.docker.io:2376",
},
{
url: "https://foobar.docker.io:2376/some/path",
expectedURL: "https://foobar.docker.io:2376/some/path",
},
{
url: "https://foobar.docker.io:2376/some/other/path?foo=bar",
expectedURL: "https://foobar.docker.io:2376/some/other/path",
},
{
url: "/foobar.docker.io",
err: errors.New("no hostname in URL"),
},
{
url: "ftp://foobar.docker.io:2376",
err: errors.New("unsupported scheme: ftp"),
},
} }
for _, te := range tests { for _, tc := range tests {
u, err := Parse(te.url) tc := tc
t.Run(tc.url, func(t *testing.T) {
u, err := Parse(tc.url)
if te.err == nil && err != nil { if tc.err == nil && err != nil {
t.Errorf("Error: failed to parse URL %q: %s", te.url, err) t.Fatalf("Error: failed to parse URL %q: %s", tc.url, err)
continue }
} if tc.err != nil && err == nil {
if te.err != nil && err == nil { t.Fatalf("Error: expected error %q, got none when parsing URL %q", tc.err, tc.url)
t.Errorf("Error: expected error %q, got none when parsing URL %q", te.err, te.url) }
continue if tc.err != nil && err.Error() != tc.err.Error() {
} t.Fatalf("Error: expected error %q, got %q when parsing URL %q", tc.err, err, tc.url)
if te.err != nil && err.Error() != te.err.Error() { }
t.Errorf("Error: expected error %q, got %q when parsing URL %q", te.err, err, te.url) if u != nil && u.String() != tc.expectedURL {
continue t.Errorf("Error: expected URL: %q, but got %q for URL: %q", tc.expectedURL, u.String(), tc.url)
} }
if u != nil && u.String() != te.expectedURL { })
t.Errorf("Error: expected URL: %q, but got %q for URL: %q", te.expectedURL, u.String(), te.url)
}
} }
} }
wincred/wincred_windows_test.go
+129 -84
View File
@@ -91,41 +91,57 @@ func TestWinCredHelper(t *testing.T) {
// through variations on the URL // through variations on the URL
func TestWinCredHelperRetrieveAliases(t *testing.T) { func TestWinCredHelperRetrieveAliases(t *testing.T) {
tests := []struct { tests := []struct {
doc string
storeURL string storeURL string
readURL string readURL string
}{ }{
// stored with port, retrieved without {
{"https://foobar.docker.io:2376", "https://foobar.docker.io"}, doc: "stored with port, retrieved without",
storeURL: "https://foobar.docker.io:2376",
// stored as https, retrieved without scheme readURL: "https://foobar.docker.io",
{"https://foobar.docker.io", "foobar.docker.io"}, },
{
// stored with path, retrieved without doc: "stored as https, retrieved without scheme",
{"https://foobar.docker.io/one/two", "https://foobar.docker.io"}, storeURL: "https://foobar.docker.io",
readURL: "foobar.docker.io",
},
{
doc: "stored with path, retrieved without",
storeURL: "https://foobar.docker.io/one/two",
readURL: "https://foobar.docker.io",
},
} }
helper := Wincred{} helper := Wincred{}
defer func() { t.Cleanup(func() {
for _, te := range tests { for _, tc := range tests {
helper.Delete(te.storeURL) if err := helper.Delete(tc.storeURL); err != nil && !credentials.IsErrCredentialsNotFound(err) {
t.Errorf("cleanup: failed to delete '%s': %v", tc.storeURL, err)
}
} }
}() })
// Clean store before testing. // Clean store before testing.
for _, te := range tests { for _, tc := range tests {
helper.Delete(te.storeURL) if err := helper.Delete(tc.storeURL); err != nil && !credentials.IsErrCredentialsNotFound(err) {
t.Errorf("prepare: failed to delete '%s': %v", tc.storeURL, err)
}
} }
for _, te := range tests { for _, tc := range tests {
c := &credentials.Credentials{ServerURL: te.storeURL, Username: "hello", Secret: "world"} tc := tc
if err := helper.Add(c); err != nil { t.Run(tc.doc, func(t *testing.T) {
t.Errorf("Error: failed to store secret for URL %q: %s", te.storeURL, err) c := &credentials.Credentials{ServerURL: tc.storeURL, Username: "hello", Secret: "world"}
continue if err := helper.Add(c); err != nil {
} t.Fatalf("Error: failed to store secret for URL %q: %s", tc.storeURL, err)
if _, _, err := helper.Get(te.readURL); err != nil { }
t.Errorf("Error: failed to read secret for URL %q using %q", te.storeURL, te.readURL) if _, _, err := helper.Get(tc.readURL); err != nil {
} t.Errorf("Error: failed to read secret for URL %q using %q", tc.storeURL, tc.readURL)
helper.Delete(te.storeURL) }
if err := helper.Delete(tc.storeURL); err != nil {
t.Error(err)
}
})
} }
} }
@@ -133,50 +149,74 @@ func TestWinCredHelperRetrieveAliases(t *testing.T) {
// returned. // returned.
func TestWinCredHelperRetrieveStrict(t *testing.T) { func TestWinCredHelperRetrieveStrict(t *testing.T) {
tests := []struct { tests := []struct {
doc string
storeURL string storeURL string
readURL string readURL string
}{ }{
// stored as https, retrieved using http {
{"https://foobar.docker.io:2376", "http://foobar.docker.io:2376"}, doc: "stored as https, retrieved using http",
storeURL: "https://foobar.docker.io:2376",
// stored as http, retrieved using https readURL: "http://foobar.docker.io:2376",
{"http://foobar.docker.io:2376", "https://foobar.docker.io:2376"}, },
{
// same: stored as http, retrieved without a scheme specified (hence, using the default https://) doc: "stored as http, retrieved using https",
{"http://foobar.docker.io", "foobar.docker.io:5678"}, storeURL: "http://foobar.docker.io:2376",
readURL: "https://foobar.docker.io:2376",
// non-matching ports },
{"https://foobar.docker.io:1234", "https://foobar.docker.io:5678"}, {
// stored as http, retrieved without a scheme specified (hence, using the default https://)
// non-matching ports TODO is this desired behavior? The other way round does work doc: "stored as http, retrieved without scheme",
//{"https://foobar.docker.io", "https://foobar.docker.io:5678"}, storeURL: "http://foobar.docker.io",
readURL: "foobar.docker.io:5678",
// non-matching paths },
{"https://foobar.docker.io:1234/one/two", "https://foobar.docker.io:1234/five/six"}, {
doc: "non-matching ports",
storeURL: "https://foobar.docker.io:1234",
readURL: "https://foobar.docker.io:5678",
},
// TODO: is this desired behavior? The other way round does work
// {
// doc: "non-matching ports (stored without port)",
// storeURL: "https://foobar.docker.io",
// readURL: "https://foobar.docker.io:5678",
// },
{
doc: "non-matching paths",
storeURL: "https://foobar.docker.io:1234/one/two",
readURL: "https://foobar.docker.io:1234/five/six",
},
} }
helper := Wincred{} helper := Wincred{}
defer func() { t.Cleanup(func() {
for _, te := range tests { for _, tc := range tests {
helper.Delete(te.storeURL) if err := helper.Delete(tc.storeURL); err != nil && !credentials.IsErrCredentialsNotFound(err) {
t.Errorf("cleanup: failed to delete '%s': %v", tc.storeURL, err)
}
} }
}() })
// Clean store before testing. // Clean store before testing.
for _, te := range tests { for _, tc := range tests {
helper.Delete(te.storeURL) if err := helper.Delete(tc.storeURL); err != nil && !credentials.IsErrCredentialsNotFound(err) {
t.Errorf("prepare: failed to delete '%s': %v", tc.storeURL, err)
}
} }
for _, te := range tests { for _, tc := range tests {
c := &credentials.Credentials{ServerURL: te.storeURL, Username: "hello", Secret: "world"} tc := tc
if err := helper.Add(c); err != nil { t.Run(tc.doc, func(t *testing.T) {
t.Errorf("Error: failed to store secret for URL %q: %s", te.storeURL, err) c := &credentials.Credentials{ServerURL: tc.storeURL, Username: "hello", Secret: "world"}
continue if err := helper.Add(c); err != nil {
} t.Fatalf("Error: failed to store secret for URL %q: %s", tc.storeURL, err)
if _, _, err := helper.Get(te.readURL); err == nil { }
t.Errorf("Error: managed to read secret for URL %q using %q, but should not be able to", te.storeURL, te.readURL) if _, _, err := helper.Get(tc.readURL); err == nil {
} t.Errorf("Error: managed to read secret for URL %q using %q, but should not be able to", tc.storeURL, tc.readURL)
helper.Delete(te.storeURL) }
if err := helper.Delete(tc.storeURL); err != nil {
t.Error(err)
}
})
} }
} }
@@ -197,41 +237,46 @@ func TestWinCredHelperStoreRetrieve(t *testing.T) {
} }
helper := Wincred{} helper := Wincred{}
defer func() { t.Cleanup(func() {
for _, te := range tests { for _, tc := range tests {
helper.Delete(te.url) if err := helper.Delete(tc.url); err != nil && !credentials.IsErrCredentialsNotFound(err) {
t.Errorf("cleanup: failed to delete '%s': %v", tc.url, err)
}
} }
}() })
// Clean store before testing. // Clean store before testing.
for _, te := range tests { for _, tc := range tests {
helper.Delete(te.url) if err := helper.Delete(tc.url); err != nil && !credentials.IsErrCredentialsNotFound(err) {
t.Errorf("prepare: failed to delete '%s': %v", tc.url, err)
}
} }
// Note that we don't delete between individual tests here, to verify that // Note that we don't delete between individual tests here, to verify that
// subsequent stores/overwrites don't affect storing / retrieving secrets. // subsequent stores/overwrites don't affect storing / retrieving secrets.
for i, te := range tests { for i, tc := range tests {
c := &credentials.Credentials{ tc := tc
ServerURL: te.url, t.Run(tc.url, func(t *testing.T) {
Username: fmt.Sprintf("user-%d", i), c := &credentials.Credentials{
Secret: fmt.Sprintf("secret-%d", i), ServerURL: tc.url,
} Username: fmt.Sprintf("user-%d", i),
Secret: fmt.Sprintf("secret-%d", i),
}
if err := helper.Add(c); err != nil { if err := helper.Add(c); err != nil {
t.Errorf("Error: failed to store secret for URL: %s: %s", te.url, err) t.Fatalf("Error: failed to store secret for URL: %s: %s", tc.url, err)
continue }
} user, secret, err := helper.Get(tc.url)
user, secret, err := helper.Get(te.url) if err != nil {
if err != nil { t.Fatalf("Error: failed to read secret for URL %q: %s", tc.url, err)
t.Errorf("Error: failed to read secret for URL %q: %s", te.url, err) }
continue if user != c.Username {
} t.Errorf("Error: expected username %s, got username %s for URL: %s", c.Username, user, tc.url)
if user != c.Username { }
t.Errorf("Error: expected username %s, got username %s for URL: %s", c.Username, user, te.url) if secret != c.Secret {
} t.Errorf("Error: expected secret %s, got secret %s for URL: %s", c.Secret, secret, tc.url)
if secret != c.Secret { }
t.Errorf("Error: expected secret %s, got secret %s for URL: %s", c.Secret, secret, te.url) })
}
} }
} }