swarm/init: Test init --external-ca with custom cert

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
This commit is contained in:
Paweł Gronowski 2025-04-09 14:13:59 +02:00
parent 6714b50288
commit a0385bf042
No known key found for this signature in database
GPG Key ID: B85EFCFE26DEF92A
2 changed files with 37 additions and 9 deletions

View File

@ -12,7 +12,7 @@ import (
type fakeClient struct {
client.Client
infoFunc func() (system.Info, error)
swarmInitFunc func() (string, error)
swarmInitFunc func(req swarm.InitRequest) (string, error)
swarmInspectFunc func() (swarm.Swarm, error)
nodeInspectFunc func() (swarm.Node, []byte, error)
swarmGetUnlockKeyFunc func() (types.SwarmUnlockKeyResponse, error)
@ -36,9 +36,9 @@ func (cli *fakeClient) NodeInspectWithRaw(context.Context, string) (swarm.Node,
return swarm.Node{}, []byte{}, nil
}
func (cli *fakeClient) SwarmInit(context.Context, swarm.InitRequest) (string, error) {
func (cli *fakeClient) SwarmInit(_ context.Context, req swarm.InitRequest) (string, error) {
if cli.swarmInitFunc != nil {
return cli.swarmInitFunc()
return cli.swarmInitFunc(req)
}
return "", nil
}

View File

@ -4,12 +4,15 @@ import (
"errors"
"fmt"
"io"
"os"
"path/filepath"
"testing"
"github.com/docker/cli/internal/test"
"github.com/docker/docker/api/types"
"github.com/docker/docker/api/types/swarm"
"gotest.tools/v3/assert"
is "gotest.tools/v3/assert/cmp"
"gotest.tools/v3/golden"
)
@ -17,7 +20,7 @@ func TestSwarmInitErrorOnAPIFailure(t *testing.T) {
testCases := []struct {
name string
flags map[string]string
swarmInitFunc func() (string, error)
swarmInitFunc func(swarm.InitRequest) (string, error)
swarmInspectFunc func() (swarm.Swarm, error)
swarmGetUnlockKeyFunc func() (types.SwarmUnlockKeyResponse, error)
nodeInspectFunc func() (swarm.Node, []byte, error)
@ -25,14 +28,14 @@ func TestSwarmInitErrorOnAPIFailure(t *testing.T) {
}{
{
name: "init-failed",
swarmInitFunc: func() (string, error) {
swarmInitFunc: func(swarm.InitRequest) (string, error) {
return "", errors.New("error initializing the swarm")
},
expectedError: "error initializing the swarm",
},
{
name: "init-failed-with-ip-choice",
swarmInitFunc: func() (string, error) {
swarmInitFunc: func(swarm.InitRequest) (string, error) {
return "", errors.New("could not choose an IP address to advertise")
},
expectedError: "could not choose an IP address to advertise - specify one with --advertise-addr",
@ -86,14 +89,14 @@ func TestSwarmInit(t *testing.T) {
testCases := []struct {
name string
flags map[string]string
swarmInitFunc func() (string, error)
swarmInitFunc func(req swarm.InitRequest) (string, error)
swarmInspectFunc func() (swarm.Swarm, error)
swarmGetUnlockKeyFunc func() (types.SwarmUnlockKeyResponse, error)
nodeInspectFunc func() (swarm.Node, []byte, error)
}{
{
name: "init",
swarmInitFunc: func() (string, error) {
swarmInitFunc: func(swarm.InitRequest) (string, error) {
return "nodeID", nil
},
},
@ -102,7 +105,7 @@ func TestSwarmInit(t *testing.T) {
flags: map[string]string{
flagAutolock: "true",
},
swarmInitFunc: func() (string, error) {
swarmInitFunc: func(swarm.InitRequest) (string, error) {
return "nodeID", nil
},
swarmGetUnlockKeyFunc: func() (types.SwarmUnlockKeyResponse, error) {
@ -132,3 +135,28 @@ func TestSwarmInit(t *testing.T) {
})
}
}
func TestSwarmInitWithExternalCA(t *testing.T) {
cli := test.NewFakeCli(&fakeClient{
swarmInitFunc: func(req swarm.InitRequest) (string, error) {
if assert.Check(t, is.Len(req.Spec.CAConfig.ExternalCAs, 1)) {
assert.Equal(t, req.Spec.CAConfig.ExternalCAs[0].CACert, cert)
assert.Equal(t, req.Spec.CAConfig.ExternalCAs[0].Protocol, swarm.ExternalCAProtocolCFSSL)
assert.Equal(t, req.Spec.CAConfig.ExternalCAs[0].URL, "https://example.com")
}
return "nodeID", nil
},
})
tempDir := t.TempDir()
certFile := filepath.Join(tempDir, "cert.pem")
err := os.WriteFile(certFile, []byte(cert), 0644)
assert.NilError(t, err)
cmd := newInitCommand(cli)
cmd.SetArgs([]string{})
cmd.SetOut(io.Discard)
cmd.SetErr(io.Discard)
assert.NilError(t, cmd.Flags().Set(flagExternalCA, "protocol=cfssl,url=https://example.com,cacert="+certFile))
assert.NilError(t, cmd.Execute())
}