From 2ddf4a1a612a2f9fccd7c4a9ebd8ec6762a58c08 Mon Sep 17 00:00:00 2001 From: Antti Auhtola Date: Fri, 18 Aug 2023 11:47:27 +0300 Subject: [PATCH 1/4] feat: support RsaPrivateCrtKeyParameters being resolved from key pem file --- .../MTlsEndpointAuthenticationProvider.cs | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/src/Testcontainers/Builders/MTlsEndpointAuthenticationProvider.cs b/src/Testcontainers/Builders/MTlsEndpointAuthenticationProvider.cs index 31d3e73cd..7dafe866c 100644 --- a/src/Testcontainers/Builders/MTlsEndpointAuthenticationProvider.cs +++ b/src/Testcontainers/Builders/MTlsEndpointAuthenticationProvider.cs @@ -8,6 +8,7 @@ namespace DotNet.Testcontainers.Builders using DotNet.Testcontainers.Configurations; using JetBrains.Annotations; using Org.BouncyCastle.Crypto; + using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.OpenSsl; using Org.BouncyCastle.Pkcs; using Org.BouncyCastle.Security; @@ -79,11 +80,13 @@ private static X509Certificate2 CreateFromPemFile(string certPemFilePath, string var password = Guid.NewGuid().ToString("D"); - var keyPair = (AsymmetricCipherKeyPair)new PemReader(keyPairStream).ReadObject(); + var keyObject = new PemReader(keyPairStream).ReadObject(); var certificateEntry = new X509CertificateEntry(certificate); - var keyEntry = new AsymmetricKeyEntry(keyPair.Private); + var keyParameter = ResolveKeyParameter(keyObject); + + var keyEntry = new AsymmetricKeyEntry(keyParameter); store.SetKeyEntry(certificate.SubjectDN + "_key", keyEntry, new[] { certificateEntry }); using (var certificateStream = new MemoryStream()) @@ -93,5 +96,17 @@ private static X509Certificate2 CreateFromPemFile(string certPemFilePath, string } } } + private static AsymmetricKeyParameter ResolveKeyParameter(object keyObject) + { + switch (keyObject) + { + case AsymmetricCipherKeyPair ackp: + return ackp.Private; + case RsaPrivateCrtKeyParameters rpckp: + return rpckp; + default: + throw new ArgumentOutOfRangeException(nameof(keyObject), "Unsupported type when reading key pem file"); + } + } } } From 60eb15e0fbded829ce6cab1b226146fb513e9025 Mon Sep 17 00:00:00 2001 From: Antti Auhtola Date: Mon, 21 Aug 2023 21:41:46 +0300 Subject: [PATCH 2/4] test: Refactor Mtls with parametrized docker-in-docker images version. --- .../Unix/{DockerMTlsFixture.cs => DockerMTls.cs} | 8 +++----- .../Fixtures/Containers/Unix/DockerTlsFixture.cs | 3 ++- .../Fixtures/Containers/Unix/OpenSsl1_1_1Fixture.cs | 13 +++++++++++++ .../Containers/Unix/ProtectDockerDaemonSocket.cs | 13 +++++++------ .../Unix/ProtectDockerDaemonSocketTest.cs | 9 ++++----- 5 files changed, 29 insertions(+), 17 deletions(-) rename tests/Testcontainers.Tests/Fixtures/Containers/Unix/{DockerMTlsFixture.cs => DockerMTls.cs} (69%) create mode 100644 tests/Testcontainers.Tests/Fixtures/Containers/Unix/OpenSsl1_1_1Fixture.cs diff --git a/tests/Testcontainers.Tests/Fixtures/Containers/Unix/DockerMTlsFixture.cs b/tests/Testcontainers.Tests/Fixtures/Containers/Unix/DockerMTls.cs similarity index 69% rename from tests/Testcontainers.Tests/Fixtures/Containers/Unix/DockerMTlsFixture.cs rename to tests/Testcontainers.Tests/Fixtures/Containers/Unix/DockerMTls.cs index c140635f4..84265df0f 100644 --- a/tests/Testcontainers.Tests/Fixtures/Containers/Unix/DockerMTlsFixture.cs +++ b/tests/Testcontainers.Tests/Fixtures/Containers/Unix/DockerMTls.cs @@ -2,13 +2,11 @@ namespace DotNet.Testcontainers.Tests.Fixtures { using System.Collections.Generic; using DotNet.Testcontainers.Builders; - using JetBrains.Annotations; - [UsedImplicitly] - public sealed class DockerMTlsFixture : ProtectDockerDaemonSocket + public abstract class DockerMTls : ProtectDockerDaemonSocket { - public DockerMTlsFixture() - : base(new ContainerBuilder()) + public DockerMTls(string dockerImageVersion) + : base(new ContainerBuilder(), dockerImageVersion) { } diff --git a/tests/Testcontainers.Tests/Fixtures/Containers/Unix/DockerTlsFixture.cs b/tests/Testcontainers.Tests/Fixtures/Containers/Unix/DockerTlsFixture.cs index a3c643606..a557a78dd 100644 --- a/tests/Testcontainers.Tests/Fixtures/Containers/Unix/DockerTlsFixture.cs +++ b/tests/Testcontainers.Tests/Fixtures/Containers/Unix/DockerTlsFixture.cs @@ -7,9 +7,10 @@ namespace DotNet.Testcontainers.Tests.Fixtures [UsedImplicitly] public sealed class DockerTlsFixture : ProtectDockerDaemonSocket { + public const string DockerVersion = "20.10.18"; public DockerTlsFixture() : base(new ContainerBuilder() - .WithCommand("--tlsverify=false")) + .WithCommand("--tlsverify=false"), DockerVersion) { } diff --git a/tests/Testcontainers.Tests/Fixtures/Containers/Unix/OpenSsl1_1_1Fixture.cs b/tests/Testcontainers.Tests/Fixtures/Containers/Unix/OpenSsl1_1_1Fixture.cs new file mode 100644 index 000000000..0ed7553aa --- /dev/null +++ b/tests/Testcontainers.Tests/Fixtures/Containers/Unix/OpenSsl1_1_1Fixture.cs @@ -0,0 +1,13 @@ +namespace DotNet.Testcontainers.Tests.Fixtures +{ + using JetBrains.Annotations; + + [UsedImplicitly] + public sealed class OpenSsl1_1_1Fixture : DockerMTls + { + public const string DockerVersion = "20.10.18"; + public OpenSsl1_1_1Fixture() : base(DockerVersion) + { + } + } +} diff --git a/tests/Testcontainers.Tests/Fixtures/Containers/Unix/ProtectDockerDaemonSocket.cs b/tests/Testcontainers.Tests/Fixtures/Containers/Unix/ProtectDockerDaemonSocket.cs index 1e0b88736..9397e0b07 100644 --- a/tests/Testcontainers.Tests/Fixtures/Containers/Unix/ProtectDockerDaemonSocket.cs +++ b/tests/Testcontainers.Tests/Fixtures/Containers/Unix/ProtectDockerDaemonSocket.cs @@ -12,8 +12,6 @@ namespace DotNet.Testcontainers.Tests.Fixtures public abstract class ProtectDockerDaemonSocket : IAsyncLifetime { - public const string DockerVersion = "20.10.18"; - private const string CertsDirectoryName = "certs"; private const ushort TlsPort = 2376; @@ -22,14 +20,12 @@ public abstract class ProtectDockerDaemonSocket : IAsyncLifetime private readonly string _containerCertsDirectoryPath = Path.Combine("/", CertsDirectoryName); - private readonly IImage _image = new DockerImage(string.Empty, "docker", DockerVersion + "-dind"); - private readonly IContainer _container; - protected ProtectDockerDaemonSocket(ContainerBuilder containerConfiguration) + protected ProtectDockerDaemonSocket(ContainerBuilder containerConfiguration, string dockerImageVersion) { _container = containerConfiguration - .WithImage(_image) + .WithImage(DockerImage(dockerImageVersion)) .WithPrivileged(true) .WithPortBinding(TlsPort, true) .WithBindMount(_hostCertsDirectoryPath, _containerCertsDirectoryPath, AccessMode.ReadWrite) @@ -48,6 +44,11 @@ public virtual IList CustomProperties } } + private static IImage DockerImage(string dockerImageVersion) + { + return new DockerImage(string.Empty, "docker", dockerImageVersion + "-dind"); + } + private Uri TcpEndpoint { get diff --git a/tests/Testcontainers.Tests/Unit/Containers/Unix/ProtectDockerDaemonSocketTest.cs b/tests/Testcontainers.Tests/Unit/Containers/Unix/ProtectDockerDaemonSocketTest.cs index e4f10ea46..5d666827d 100644 --- a/tests/Testcontainers.Tests/Unit/Containers/Unix/ProtectDockerDaemonSocketTest.cs +++ b/tests/Testcontainers.Tests/Unit/Containers/Unix/ProtectDockerDaemonSocketTest.cs @@ -18,11 +18,11 @@ private static IDockerEndpointAuthenticationConfiguration GetAuthConfig(ProtectD return new IDockerEndpointAuthenticationProvider[] { new MTlsEndpointAuthenticationProvider(customConfiguration), new TlsEndpointAuthenticationProvider(customConfiguration) }.First(authProvider => authProvider.IsApplicable()).GetAuthConfig(); } - public sealed class MTls : IClassFixture + public sealed class MTlsOpenSsl1_1_1 : IClassFixture { private readonly IDockerEndpointAuthenticationConfiguration _authConfig; - public MTls(DockerMTlsFixture dockerMTlsFixture) + public MTlsOpenSsl1_1_1(OpenSsl1_1_1Fixture dockerMTlsFixture) { _authConfig = GetAuthConfig(dockerMTlsFixture); } @@ -32,13 +32,12 @@ public async Task GetVersionReturnsVersion() { // Given var client = new TestcontainersClient(Guid.Empty, _authConfig, NullLogger.Instance); - // When var version = await client.System.GetVersionAsync() .ConfigureAwait(false); // Then - Assert.Equal(ProtectDockerDaemonSocket.DockerVersion, version.Version); + Assert.Equal(OpenSsl1_1_1Fixture.DockerVersion, version.Version); } } @@ -62,7 +61,7 @@ public async Task GetVersionReturnsVersion() .ConfigureAwait(false); // Then - Assert.Equal(ProtectDockerDaemonSocket.DockerVersion, version.Version); + Assert.Equal(DockerTlsFixture.DockerVersion, version.Version); } } } From c0a568e7d9f8bfa6c6ba7cd4746cb366f3a3fe9d Mon Sep 17 00:00:00 2001 From: Antti Auhtola Date: Mon, 21 Aug 2023 22:14:33 +0300 Subject: [PATCH 3/4] test: Add test to verify key created with openssl 3.1 is working. Verify key types in both tests --- .../Fixtures/Containers/Unix/DockerMTls.cs | 11 +++++++ .../Containers/Unix/OpenSsl3_1Fixture.cs | 13 ++++++++ .../Unix/ProtectDockerDaemonSocket.cs | 4 +-- .../Unix/ProtectDockerDaemonSocketTest.cs | 33 +++++++++++++++++++ 4 files changed, 59 insertions(+), 2 deletions(-) create mode 100644 tests/Testcontainers.Tests/Fixtures/Containers/Unix/OpenSsl3_1Fixture.cs diff --git a/tests/Testcontainers.Tests/Fixtures/Containers/Unix/DockerMTls.cs b/tests/Testcontainers.Tests/Fixtures/Containers/Unix/DockerMTls.cs index 84265df0f..46ec9d527 100644 --- a/tests/Testcontainers.Tests/Fixtures/Containers/Unix/DockerMTls.cs +++ b/tests/Testcontainers.Tests/Fixtures/Containers/Unix/DockerMTls.cs @@ -1,7 +1,9 @@ namespace DotNet.Testcontainers.Tests.Fixtures { using System.Collections.Generic; + using System.IO; using DotNet.Testcontainers.Builders; + using Org.BouncyCastle.OpenSsl; public abstract class DockerMTls : ProtectDockerDaemonSocket { @@ -10,6 +12,15 @@ public DockerMTls(string dockerImageVersion) { } + public object ClientCertificateKey() + { + var path = Path.Combine(_hostCertsDirectoryPath, "client", "key.pem"); + using (var keyFileStream = new StreamReader(path)) + { + return new PemReader(keyFileStream).ReadObject(); + } + } + public override IList CustomProperties { get diff --git a/tests/Testcontainers.Tests/Fixtures/Containers/Unix/OpenSsl3_1Fixture.cs b/tests/Testcontainers.Tests/Fixtures/Containers/Unix/OpenSsl3_1Fixture.cs new file mode 100644 index 000000000..4109d61aa --- /dev/null +++ b/tests/Testcontainers.Tests/Fixtures/Containers/Unix/OpenSsl3_1Fixture.cs @@ -0,0 +1,13 @@ +namespace DotNet.Testcontainers.Tests.Fixtures +{ + using JetBrains.Annotations; + + [UsedImplicitly] + public sealed class OpenSsl3_1Fixture : DockerMTls + { + public const string DockerVersion = "24.0.5"; + public OpenSsl3_1Fixture() : base(DockerVersion) + { + } + } +} diff --git a/tests/Testcontainers.Tests/Fixtures/Containers/Unix/ProtectDockerDaemonSocket.cs b/tests/Testcontainers.Tests/Fixtures/Containers/Unix/ProtectDockerDaemonSocket.cs index 9397e0b07..9803d603a 100644 --- a/tests/Testcontainers.Tests/Fixtures/Containers/Unix/ProtectDockerDaemonSocket.cs +++ b/tests/Testcontainers.Tests/Fixtures/Containers/Unix/ProtectDockerDaemonSocket.cs @@ -16,12 +16,12 @@ public abstract class ProtectDockerDaemonSocket : IAsyncLifetime private const ushort TlsPort = 2376; - private readonly string _hostCertsDirectoryPath = Path.Combine(Path.GetTempPath(), Guid.NewGuid().ToString("D"), CertsDirectoryName); - private readonly string _containerCertsDirectoryPath = Path.Combine("/", CertsDirectoryName); private readonly IContainer _container; + protected readonly string _hostCertsDirectoryPath = Path.Combine(Path.GetTempPath(), Guid.NewGuid().ToString("D"), CertsDirectoryName); + protected ProtectDockerDaemonSocket(ContainerBuilder containerConfiguration, string dockerImageVersion) { _container = containerConfiguration diff --git a/tests/Testcontainers.Tests/Unit/Containers/Unix/ProtectDockerDaemonSocketTest.cs b/tests/Testcontainers.Tests/Unit/Containers/Unix/ProtectDockerDaemonSocketTest.cs index 5d666827d..003f81a47 100644 --- a/tests/Testcontainers.Tests/Unit/Containers/Unix/ProtectDockerDaemonSocketTest.cs +++ b/tests/Testcontainers.Tests/Unit/Containers/Unix/ProtectDockerDaemonSocketTest.cs @@ -8,6 +8,8 @@ namespace DotNet.Testcontainers.Tests.Unit using DotNet.Testcontainers.Configurations; using DotNet.Testcontainers.Tests.Fixtures; using Microsoft.Extensions.Logging.Abstractions; + using Org.BouncyCastle.Crypto; + using Org.BouncyCastle.Crypto.Parameters; using Xunit; public static class ProtectDockerDaemonSocketTest @@ -20,10 +22,12 @@ private static IDockerEndpointAuthenticationConfiguration GetAuthConfig(ProtectD public sealed class MTlsOpenSsl1_1_1 : IClassFixture { + private readonly OpenSsl1_1_1Fixture _fixture; private readonly IDockerEndpointAuthenticationConfiguration _authConfig; public MTlsOpenSsl1_1_1(OpenSsl1_1_1Fixture dockerMTlsFixture) { + _fixture = dockerMTlsFixture; _authConfig = GetAuthConfig(dockerMTlsFixture); } @@ -35,9 +39,38 @@ public async Task GetVersionReturnsVersion() // When var version = await client.System.GetVersionAsync() .ConfigureAwait(false); + var key = _fixture.ClientCertificateKey(); // Then Assert.Equal(OpenSsl1_1_1Fixture.DockerVersion, version.Version); + Assert.IsType(key); + } + } + + public sealed class MTlsOpenSsl3_1 : IClassFixture + { + private readonly OpenSsl3_1Fixture _fixture; + private readonly IDockerEndpointAuthenticationConfiguration _authConfig; + + public MTlsOpenSsl3_1(OpenSsl3_1Fixture dockerMTlsFixture) + { + _fixture = dockerMTlsFixture; + _authConfig = GetAuthConfig(dockerMTlsFixture); + } + + [Fact] + public async Task GetVersionReturnsVersion() + { + // Given + var client = new TestcontainersClient(Guid.Empty, _authConfig, NullLogger.Instance); + // When + var version = await client.System.GetVersionAsync() + .ConfigureAwait(false); + var key = _fixture.ClientCertificateKey(); + + // Then + Assert.Equal(OpenSsl3_1Fixture.DockerVersion, version.Version); + Assert.IsType(key); } } From 9491afde3e8f597f23beaa369802e6bf594b6d81 Mon Sep 17 00:00:00 2001 From: Andre Hofmeister <9199345+HofmeisterAn@users.noreply.github.com> Date: Mon, 28 Aug 2023 18:02:19 +0200 Subject: [PATCH 4/4] chore: Apply minor simplifications --- .../MTlsEndpointAuthenticationProvider.cs | 3 ++- .../Fixtures/Containers/Unix/DockerMTls.cs | 11 --------- .../Containers/Unix/DockerTlsFixture.cs | 3 +-- .../Containers/Unix/OpenSsl1_1_1Fixture.cs | 3 +-- .../Containers/Unix/OpenSsl3_1Fixture.cs | 3 +-- .../Unix/ProtectDockerDaemonSocket.cs | 23 ++++++++++++------- .../Unix/ProtectDockerDaemonSocketTest.cs | 23 +++++++++++-------- 7 files changed, 34 insertions(+), 35 deletions(-) diff --git a/src/Testcontainers/Builders/MTlsEndpointAuthenticationProvider.cs b/src/Testcontainers/Builders/MTlsEndpointAuthenticationProvider.cs index 7dafe866c..3f203c01d 100644 --- a/src/Testcontainers/Builders/MTlsEndpointAuthenticationProvider.cs +++ b/src/Testcontainers/Builders/MTlsEndpointAuthenticationProvider.cs @@ -96,6 +96,7 @@ private static X509Certificate2 CreateFromPemFile(string certPemFilePath, string } } } + private static AsymmetricKeyParameter ResolveKeyParameter(object keyObject) { switch (keyObject) @@ -105,7 +106,7 @@ private static AsymmetricKeyParameter ResolveKeyParameter(object keyObject) case RsaPrivateCrtKeyParameters rpckp: return rpckp; default: - throw new ArgumentOutOfRangeException(nameof(keyObject), "Unsupported type when reading key pem file"); + throw new ArgumentOutOfRangeException(nameof(keyObject), $"Unsupported asymmetric key entry encountered while trying to resolve key from input object '{keyObject.GetType()}'."); } } } diff --git a/tests/Testcontainers.Tests/Fixtures/Containers/Unix/DockerMTls.cs b/tests/Testcontainers.Tests/Fixtures/Containers/Unix/DockerMTls.cs index 46ec9d527..84265df0f 100644 --- a/tests/Testcontainers.Tests/Fixtures/Containers/Unix/DockerMTls.cs +++ b/tests/Testcontainers.Tests/Fixtures/Containers/Unix/DockerMTls.cs @@ -1,9 +1,7 @@ namespace DotNet.Testcontainers.Tests.Fixtures { using System.Collections.Generic; - using System.IO; using DotNet.Testcontainers.Builders; - using Org.BouncyCastle.OpenSsl; public abstract class DockerMTls : ProtectDockerDaemonSocket { @@ -12,15 +10,6 @@ public DockerMTls(string dockerImageVersion) { } - public object ClientCertificateKey() - { - var path = Path.Combine(_hostCertsDirectoryPath, "client", "key.pem"); - using (var keyFileStream = new StreamReader(path)) - { - return new PemReader(keyFileStream).ReadObject(); - } - } - public override IList CustomProperties { get diff --git a/tests/Testcontainers.Tests/Fixtures/Containers/Unix/DockerTlsFixture.cs b/tests/Testcontainers.Tests/Fixtures/Containers/Unix/DockerTlsFixture.cs index a557a78dd..1ed591185 100644 --- a/tests/Testcontainers.Tests/Fixtures/Containers/Unix/DockerTlsFixture.cs +++ b/tests/Testcontainers.Tests/Fixtures/Containers/Unix/DockerTlsFixture.cs @@ -7,10 +7,9 @@ namespace DotNet.Testcontainers.Tests.Fixtures [UsedImplicitly] public sealed class DockerTlsFixture : ProtectDockerDaemonSocket { - public const string DockerVersion = "20.10.18"; public DockerTlsFixture() : base(new ContainerBuilder() - .WithCommand("--tlsverify=false"), DockerVersion) + .WithCommand("--tlsverify=false"), "20.10.18") { } diff --git a/tests/Testcontainers.Tests/Fixtures/Containers/Unix/OpenSsl1_1_1Fixture.cs b/tests/Testcontainers.Tests/Fixtures/Containers/Unix/OpenSsl1_1_1Fixture.cs index 0ed7553aa..37705ec29 100644 --- a/tests/Testcontainers.Tests/Fixtures/Containers/Unix/OpenSsl1_1_1Fixture.cs +++ b/tests/Testcontainers.Tests/Fixtures/Containers/Unix/OpenSsl1_1_1Fixture.cs @@ -5,8 +5,7 @@ namespace DotNet.Testcontainers.Tests.Fixtures [UsedImplicitly] public sealed class OpenSsl1_1_1Fixture : DockerMTls { - public const string DockerVersion = "20.10.18"; - public OpenSsl1_1_1Fixture() : base(DockerVersion) + public OpenSsl1_1_1Fixture() : base("20.10.18") { } } diff --git a/tests/Testcontainers.Tests/Fixtures/Containers/Unix/OpenSsl3_1Fixture.cs b/tests/Testcontainers.Tests/Fixtures/Containers/Unix/OpenSsl3_1Fixture.cs index 4109d61aa..0a4768b96 100644 --- a/tests/Testcontainers.Tests/Fixtures/Containers/Unix/OpenSsl3_1Fixture.cs +++ b/tests/Testcontainers.Tests/Fixtures/Containers/Unix/OpenSsl3_1Fixture.cs @@ -5,8 +5,7 @@ namespace DotNet.Testcontainers.Tests.Fixtures [UsedImplicitly] public sealed class OpenSsl3_1Fixture : DockerMTls { - public const string DockerVersion = "24.0.5"; - public OpenSsl3_1Fixture() : base(DockerVersion) + public OpenSsl3_1Fixture() : base("24.0.5") { } } diff --git a/tests/Testcontainers.Tests/Fixtures/Containers/Unix/ProtectDockerDaemonSocket.cs b/tests/Testcontainers.Tests/Fixtures/Containers/Unix/ProtectDockerDaemonSocket.cs index 9803d603a..3c49167ca 100644 --- a/tests/Testcontainers.Tests/Fixtures/Containers/Unix/ProtectDockerDaemonSocket.cs +++ b/tests/Testcontainers.Tests/Fixtures/Containers/Unix/ProtectDockerDaemonSocket.cs @@ -8,6 +8,7 @@ namespace DotNet.Testcontainers.Tests.Fixtures using DotNet.Testcontainers.Configurations; using DotNet.Testcontainers.Containers; using DotNet.Testcontainers.Images; + using Org.BouncyCastle.OpenSsl; using Xunit; public abstract class ProtectDockerDaemonSocket : IAsyncLifetime @@ -16,16 +17,16 @@ public abstract class ProtectDockerDaemonSocket : IAsyncLifetime private const ushort TlsPort = 2376; + private readonly string _hostCertsDirectoryPath = Path.Combine(Path.GetTempPath(), Guid.NewGuid().ToString("D"), CertsDirectoryName); + private readonly string _containerCertsDirectoryPath = Path.Combine("/", CertsDirectoryName); private readonly IContainer _container; - protected readonly string _hostCertsDirectoryPath = Path.Combine(Path.GetTempPath(), Guid.NewGuid().ToString("D"), CertsDirectoryName); - protected ProtectDockerDaemonSocket(ContainerBuilder containerConfiguration, string dockerImageVersion) { _container = containerConfiguration - .WithImage(DockerImage(dockerImageVersion)) + .WithImage(new DockerImage(string.Empty, "docker", dockerImageVersion + "-dind")) .WithPrivileged(true) .WithPortBinding(TlsPort, true) .WithBindMount(_hostCertsDirectoryPath, _containerCertsDirectoryPath, AccessMode.ReadWrite) @@ -38,22 +39,28 @@ public virtual IList CustomProperties get { var customProperties = new List(); - customProperties.Add($"docker.host={TcpEndpoint}"); + customProperties.Add($"docker.host={new UriBuilder("tcp", _container.Hostname, _container.GetMappedPublicPort(TlsPort))}"); customProperties.Add($"docker.cert.path={Path.Combine(_hostCertsDirectoryPath, "client")}"); return customProperties; } } - private static IImage DockerImage(string dockerImageVersion) + public IImage Image { - return new DockerImage(string.Empty, "docker", dockerImageVersion + "-dind"); + get + { + return _container.Image; + } } - private Uri TcpEndpoint + public object TlsKey { get { - return new UriBuilder("tcp", _container.Hostname, _container.GetMappedPublicPort(TlsPort)).Uri; + using (var tlsKeyStream = new StreamReader(Path.Combine(_hostCertsDirectoryPath, "client", "key.pem"))) + { + return new PemReader(tlsKeyStream).ReadObject(); + } } } diff --git a/tests/Testcontainers.Tests/Unit/Containers/Unix/ProtectDockerDaemonSocketTest.cs b/tests/Testcontainers.Tests/Unit/Containers/Unix/ProtectDockerDaemonSocketTest.cs index 003f81a47..5a11e2e82 100644 --- a/tests/Testcontainers.Tests/Unit/Containers/Unix/ProtectDockerDaemonSocketTest.cs +++ b/tests/Testcontainers.Tests/Unit/Containers/Unix/ProtectDockerDaemonSocketTest.cs @@ -22,7 +22,8 @@ private static IDockerEndpointAuthenticationConfiguration GetAuthConfig(ProtectD public sealed class MTlsOpenSsl1_1_1 : IClassFixture { - private readonly OpenSsl1_1_1Fixture _fixture; + private readonly ProtectDockerDaemonSocket _fixture; + private readonly IDockerEndpointAuthenticationConfiguration _authConfig; public MTlsOpenSsl1_1_1(OpenSsl1_1_1Fixture dockerMTlsFixture) @@ -36,20 +37,21 @@ public async Task GetVersionReturnsVersion() { // Given var client = new TestcontainersClient(Guid.Empty, _authConfig, NullLogger.Instance); + // When var version = await client.System.GetVersionAsync() .ConfigureAwait(false); - var key = _fixture.ClientCertificateKey(); // Then - Assert.Equal(OpenSsl1_1_1Fixture.DockerVersion, version.Version); - Assert.IsType(key); + Assert.StartsWith(version.Version, _fixture.Image.Tag); + Assert.IsType(_fixture.TlsKey); } } public sealed class MTlsOpenSsl3_1 : IClassFixture { - private readonly OpenSsl3_1Fixture _fixture; + private readonly ProtectDockerDaemonSocket _fixture; + private readonly IDockerEndpointAuthenticationConfiguration _authConfig; public MTlsOpenSsl3_1(OpenSsl3_1Fixture dockerMTlsFixture) @@ -63,23 +65,26 @@ public async Task GetVersionReturnsVersion() { // Given var client = new TestcontainersClient(Guid.Empty, _authConfig, NullLogger.Instance); + // When var version = await client.System.GetVersionAsync() .ConfigureAwait(false); - var key = _fixture.ClientCertificateKey(); // Then - Assert.Equal(OpenSsl3_1Fixture.DockerVersion, version.Version); - Assert.IsType(key); + Assert.StartsWith(version.Version, _fixture.Image.Tag); + Assert.IsType(_fixture.TlsKey); } } public sealed class Tls : IClassFixture { + private readonly ProtectDockerDaemonSocket _fixture; + private readonly IDockerEndpointAuthenticationConfiguration _authConfig; public Tls(DockerTlsFixture dockerTlsFixture) { + _fixture = dockerTlsFixture; _authConfig = GetAuthConfig(dockerTlsFixture); } @@ -94,7 +99,7 @@ public async Task GetVersionReturnsVersion() .ConfigureAwait(false); // Then - Assert.Equal(DockerTlsFixture.DockerVersion, version.Version); + Assert.StartsWith(version.Version, _fixture.Image.Tag); } } }