Add registry auth, add env support

commander-cli · May 23, 2020 · dfdbce5 · dfdbce5
1 parent d2b4251
commit dfdbce5
Show file tree

Hide file tree

Showing 4 changed files with 81 additions and 47 deletions.
diff --git a/examples/docker.yaml b/examples/docker.yaml
@@ -0,0 +1,18 @@
+nodes:
+  ubuntu:
+    type: docker
+    image: docker.io/simonbaeumer/test-private:latest
+    user: $COMMANDER_REGISTRY_USER
+    pass: $COMMANDER_REGISTRY_PASS
+
+tests:
+  cat /etc/lsb-release:
+    config:
+      nodes:
+        - ubuntu
+    stdout:
+      contains:
+        - Ubuntu
+        - "18.04"
+        - bionic
+    exit-code: 0
diff --git a/pkg/runtime/docker_executor.go b/pkg/runtime/docker_executor.go
@@ -3,6 +3,8 @@ package runtime
 import (
 	"bytes"
 	"context"
+	"encoding/base64"
+	"encoding/json"
 	"fmt"
 	"github.com/docker/docker/api/types"
 	"github.com/docker/docker/api/types/container"
@@ -15,9 +17,11 @@ import (
 
 // DockerExecutor executes the test inside a docker container
 type DockerExecutor struct {
-	Image      string // Image which is started to execute the test
-	Privileged bool   // Enable privileged mode for the container
-	User       string // User defines which user executes the test
+	Image        string // Image which is started to execute the test
+	Privileged   bool   // Enable privileged mode for the container
+	ExecUser     string // ExecUser defines which user executes the docker container
+	RegistryUser string
+	RegistryPass string
 }
 
 // Execute executes the script inside a docker container
@@ -31,8 +35,20 @@ func (e DockerExecutor) Execute(test TestCase) TestResult {
 		}
 	}
 
+	authConfig := types.AuthConfig{
+		Username: e.RegistryUser,
+		Password: e.RegistryPass,
+	}
+	encodedJSON, err := json.Marshal(authConfig)
+	if err != nil {
+		panic(err)
+	}
+	authStr := base64.URLEncoding.EncodeToString(encodedJSON)
+
 	log.Printf("Pulling image %s\n", e.Image)
-	reader, err := cli.ImagePull(ctx, e.Image, types.ImagePullOptions{})
+	reader, err := cli.ImagePull(ctx, e.Image, types.ImagePullOptions{
+		RegistryAuth: authStr,
+	})
 	if err != nil {
 		test.Result.Error = fmt.Errorf("could not pull image '%s' with error: '%s'", e.Image, err)
 		return TestResult{
@@ -53,7 +69,7 @@ func (e DockerExecutor) Execute(test TestCase) TestResult {
 		Image:      e.Image,
 		WorkingDir: test.Command.Dir,
 		Env:        env,
-		User:       e.User,
+		User:       e.ExecUser,
 		Cmd:        []string{"/bin/sh", "-c", test.Command.Cmd},
 		Tty:        false,
 	}, nil, nil, "")

diff --git a/pkg/runtime/runtime.go b/pkg/runtime/runtime.go
@@ -61,14 +61,15 @@ type TestCase struct {
 // which is defined in the type property
 // If the type is not available the test will fail and stop its execution
 type Node struct {
-	Name         string
-	Type         string
-	User         string
-	Pass         string
-	Addr         string
-	Image        string
-	IdentityFile string
-	Privileged   bool
+	Name           string
+	Type           string
+	User           string
+	Pass           string
+	Addr           string
+	Image          string
+	IdentityFile   string
+	Privileged     bool
+	DockerExecUser string
 }
 
 //GlobalTestConfig represents the configuration for a test
@@ -204,9 +205,11 @@ func (r *Runtime) getExecutor(node string) Executor {
 			case "docker":
 				log.Println("Use docker executor")
 				return DockerExecutor{
-					Image:      n.Image,
-					Privileged: n.Privileged,
-					User:       n.User,
+					Image:        n.Image,
+					Privileged:   n.Privileged,
+					ExecUser:     n.DockerExecUser,
+					RegistryPass: n.Pass,
+					RegistryUser: n.User,
 				}
 			case "":
 				return NewLocalExecutor()

diff --git a/pkg/suite/yaml_suite.go b/pkg/suite/yaml_suite.go
@@ -4,6 +4,7 @@ import (
 	"fmt"
 	"github.com/SimonBaeumer/commander/pkg/runtime"
 	"gopkg.in/yaml.v2"
+	"os"
 	"reflect"
 	"strings"
 )
@@ -27,21 +28,15 @@ type YAMLTestConfigConf struct {
 }
 
 type YAMLNodeConf struct {
-	Name         string `yaml:"-"`
-	Type         string `yaml:"type"`
-	User         string `yaml:"user,omitempty"`
-	Pass         string `yaml:"pass,omitempty"`
-	Addr         string `yaml:"addr,omitempty"`
-	Image        string `yaml:"image,omitempty"`
-	IdentityFile string `yaml:"identity-file,omitempty"`
-	Privileged   bool   `yaml:"privileged,omitempty"`
-}
-
-// YAMLSSHConf represents the target host of the system
-type YAMLSSHConf struct {
-	Host     string `yaml:"host"`
-	User     string `yaml:"user"`
-	Password string `yaml:"password,omitempty"`
+	Name           string `yaml:"-"`
+	Type           string `yaml:"type"`
+	User           string `yaml:"user,omitempty"`
+	Pass           string `yaml:"pass,omitempty"`
+	Addr           string `yaml:"addr,omitempty"`
+	Image          string `yaml:"image,omitempty"`
+	IdentityFile   string `yaml:"identity-file,omitempty"`
+	Privileged     bool   `yaml:"privileged,omitempty"`
+	DockerExecUser string `yaml:"docker-exec-user,omitempty"`
 }
 
 // YAMLTest represents a test in the yaml test suite
@@ -84,14 +79,15 @@ func convertNodes(nodes map[string]YAMLNodeConf) []runtime.Node {
 	var n []runtime.Node
 	for _, v := range nodes {
 		n = append(n, runtime.Node{
-			Pass:         v.Pass,
-			Type:         v.Type,
-			User:         v.User,
-			Addr:         v.Addr,
-			Name:         v.Name,
-			Image:        v.Image,
-			IdentityFile: v.IdentityFile,
-			Privileged:   v.Privileged,
+			Pass:           os.ExpandEnv(v.Pass),
+			Type:           os.ExpandEnv(v.Type),
+			User:           os.ExpandEnv(v.User),
+			Addr:           os.ExpandEnv(v.Addr),
+			Name:           os.ExpandEnv(v.Name),
+			Image:          os.ExpandEnv(v.Image),
+			IdentityFile:   os.ExpandEnv(v.IdentityFile),
+			Privileged:     v.Privileged,
+			DockerExecUser: os.ExpandEnv(v.DockerExecUser),
 		})
 	}
 	return n
@@ -165,14 +161,15 @@ func (y *YAMLSuiteConf) UnmarshalYAML(unmarshal func(interface{}) error) error {
 	y.Nodes = make(map[string]YAMLNodeConf)
 	for k, v := range params.Nodes {
 		node := YAMLNodeConf{
-			Name:         k,
-			Addr:         v.Addr,
-			User:         v.User,
-			Type:         v.Type,
-			Pass:         v.Pass,
-			IdentityFile: v.IdentityFile,
-			Image:        v.Image,
-			Privileged:   v.Privileged,
+			Name:           k,
+			Addr:           v.Addr,
+			User:           v.User,
+			Type:           v.Type,
+			Pass:           v.Pass,
+			IdentityFile:   v.IdentityFile,
+			Image:          v.Image,
+			Privileged:     v.Privileged,
+			DockerExecUser: v.DockerExecUser,
 		}
 
 		y.Nodes[k] = node