add integration test

sreya · sreya · commit d8251f0d2019 · 2024-10-21T00:00:07.000Z
diff --git a/integration/docker_test.go b/integration/docker_test.go
@@ -4,6 +4,7 @@
 package integration_test
 
 import (
+	"encoding/json"
 	"fmt"
 	"net"
 	"os"
@@ -17,6 +18,7 @@ import (
 	"github.com/stretchr/testify/require"
 
 	"github.com/coder/envbox/cli"
+	"github.com/coder/envbox/dockerutil"
 	"github.com/coder/envbox/integration/integrationtest"
 )
 
@@ -318,19 +320,38 @@ func TestDocker(t *testing.T) {
 		regKeyPath := filepath.Join(certDir, "registry_key.pem")
 		integrationtest.WriteCertificate(t, dockerCert, regCertPath, regKeyPath)
 
+		username := "coder"
+		password := "helloworld"
+		htpasswdPath := integrationtest.GenerateRegistryAuth(t, dir, username, password)
+
 		// Start up the docker registry and push an image
 		// to it that we can reference.
 		image := integrationtest.RunLocalDockerRegistry(t, pool, integrationtest.RegistryConfig{
 			HostCertPath: regCertPath,
 			HostKeyPath:  regKeyPath,
 			Image:        integrationtest.UbuntuImage,
 			TLSPort:      strconv.Itoa(registryAddr.Port),
+			PasswordPath: htpasswdPath,
 		})
 
+		type authConfigs struct {
+			Auths map[string]dockerutil.AuthConfig `json:"auths"`
+		}
+
+		auths := authConfigs{
+			Auths: map[string]dockerutil.AuthConfig{
+				image.Registry(): {Username: username, Password: password},
+			},
+		}
+
+		authStr, err := json.Marshal(auths)
+		require.NoError(t, err)
+
 		envs := []string{
 			integrationtest.EnvVar(cli.EnvAgentToken, "faketoken"),
 			integrationtest.EnvVar(cli.EnvAgentURL, fmt.Sprintf("https://%s:%d", "host.docker.internal", coderAddr.Port)),
 			integrationtest.EnvVar(cli.EnvExtraCertsPath, "/tmp/certs"),
+			integrationtest.EnvVar(cli.EnvBoxPullImageSecretEnvVar, string(authStr)),
 		}
 
 		// Run the envbox container.
diff --git a/integration/integrationtest/docker.go b/integration/integrationtest/docker.go
@@ -20,6 +20,7 @@ import (
 	"github.com/ory/dockertest/v3"
 	"github.com/ory/dockertest/v3/docker"
 	"github.com/stretchr/testify/require"
+	"golang.org/x/crypto/bcrypt"
 	"golang.org/x/xerrors"
 
 	"github.com/coder/envbox/buildlog"
@@ -361,6 +362,7 @@ type RegistryConfig struct {
 	HostKeyPath  string
 	TLSPort      string
 	Image        string
+	PasswordPath string
 }
 
 type RegistryImage string
@@ -381,14 +383,31 @@ func RunLocalDockerRegistry(t testing.TB, pool *dockertest.Pool, conf RegistryCo
 		keyPath  = "/certs/key.pem"
 	)
 
-	resource, err := pool.RunWithOptions(&dockertest.RunOptions{
-		Repository: registryImage,
-		Tag:        registryTag,
-		Env: []string{
+	var (
+		envs = []string{
+			EnvVar("REGISTRY_HTTP_ADDR", "0.0.0.0:443"),
+		}
+	)
+
+	if conf.HostCertPath != "" && conf.HostKeyPath != "" {
+		envs = append(envs,
 			EnvVar("REGISTRY_HTTP_TLS_CERTIFICATE", certPath),
 			EnvVar("REGISTRY_HTTP_TLS_KEY", keyPath),
-			EnvVar("REGISTRY_HTTP_ADDR", "0.0.0.0:443"),
-		},
+		)
+	}
+
+	if conf.PasswordPath != "" {
+		envs = append(envs,
+			EnvVar("REGISTRY_AUTH", "htpasswd"),
+			EnvVar("REGISTRY_AUTH_HTPASSWD_REALM", "Test Registry"),
+			EnvVar("REGISTRY_AUTH_HTPASSWD_PATH", conf.PasswordPath),
+		)
+	}
+
+	resource, err := pool.RunWithOptions(&dockertest.RunOptions{
+		Repository:   registryImage,
+		Tag:          registryTag,
+		Env:          envs,
 		ExposedPorts: []string{"443/tcp"},
 	}, func(host *docker.HostConfig) {
 		host.Binds = []string{
@@ -516,3 +535,15 @@ func BindMount(src, dst string, ro bool) docker.HostMount {
 		Type:     "bind",
 	}
 }
+
+func GenerateRegistryAuth(t *testing.T, directory, username, password string) string {
+	t.Helper()
+
+	p, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
+	require.NoError(t, err)
+
+	authFile := filepath.Join(directory, "htpasswd")
+	WriteFile(t, authFile, fmt.Sprintf("%s:%s", username, string(p)))
+
+	return authFile
+}
