auth support for tls endpoint

Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2025-07-01 13:24:15 +00:00 · 2022-09-22 02:48:11 +02:00 · 2022-09-22 02:48:11 +02:00 · 1c2ad20e10
commit 1c2ad20e10
parent f5bc16b105
8 changed files with 239 additions and 16 deletions
--- a/tests/auth.test.ts
+++ b/tests/auth.test.ts
@ -0,0 +1,88 @@
+import {describe, expect, jest, test, beforeEach} from '@jest/globals';
+import * as fs from 'fs';
+import * as os from 'os';
+import * as path from 'path';
+import * as auth from '../src/auth';
+
+const tmpdir = fs.mkdtempSync(path.join(os.tmpdir(), 'docker-setup-buildx-jest')).split(path.sep).join(path.posix.sep);
+const dockerConfigHome = path.join(tmpdir, '.docker');
+const credsdir = path.join(dockerConfigHome, 'buildx', 'creds');
+
+describe('setCredentials', () => {
+  beforeEach(() => {
+    process.env = Object.keys(process.env).reduce((object, key) => {
+      if (!key.startsWith(auth.envPrefix)) {
+        object[key] = process.env[key];
+      }
+      return object;
+    }, {});
+  });
+
+  // prettier-ignore
+  test.each([
+    [
+      'mycontext',
+      'docker-container',
+      {},
+      [],
+      []
+    ],
+    [
+      'docker-container://mycontainer',
+      'docker-container',
+      {},
+      [],
+      []
+    ],
+    [
+      'tcp://graviton2:1234',
+      'remote',
+      {},
+      [],
+      []
+    ],
+    [
+      'tcp://graviton2:1234',
+      'remote',
+      {
+        'BUILDER_NODE_0_AUTH_TLS_CACERT': 'foo',
+        'BUILDER_NODE_0_AUTH_TLS_CERT': 'foo',
+        'BUILDER_NODE_0_AUTH_TLS_KEY': 'foo'
+      },
+      [
+        path.join(credsdir, 'cacert_graviton2-1234.pem'),
+        path.join(credsdir, 'cert_graviton2-1234.pem'),
+        path.join(credsdir, 'key_graviton2-1234.pem')
+      ],
+      [
+        `cacert=${path.join(credsdir, 'cacert_graviton2-1234.pem')}`,
+        `cert=${path.join(credsdir, 'cert_graviton2-1234.pem')}`,
+        `key=${path.join(credsdir, 'key_graviton2-1234.pem')}`
+      ]
+    ],
+    [
+      'tcp://graviton2:1234',
+      'docker-container',
+      {
+        'BUILDER_NODE_0_AUTH_TLS_CACERT': 'foo',
+        'BUILDER_NODE_0_AUTH_TLS_CERT': 'foo',
+        'BUILDER_NODE_0_AUTH_TLS_KEY': 'foo'
+      },
+      [
+        path.join(credsdir, 'cacert_graviton2-1234.pem'),
+        path.join(credsdir, 'cert_graviton2-1234.pem'),
+        path.join(credsdir, 'key_graviton2-1234.pem')
+      ],
+      []
+    ],
+  ])('given %p endpoint', async (endpoint: string, driver: string, envs: Record<string, string>, expectedFiles: Array<string>, expectedOpts: Array<string>) => {
+    fs.mkdirSync(credsdir, {recursive: true});
+    for (const [key, value] of Object.entries(envs)) {
+      process.env[key] = value;
+    }
+    expect(auth.setCredentials(credsdir, 0, driver, endpoint)).toEqual(expectedOpts);
+    expectedFiles.forEach( (file) => {
+      expect(fs.existsSync(file)).toBe(true);
+    });
+  });
+});