# Add E2E tests for FUNC_USERNAME/FUNC_PASSWORD credentials

[Kunal1522]

Summary

Add integration tests verifying FUNC_USERNAME/FUNC_PASSWORD environment variables are correctly read, propagated, and logged across all builders (host, pack, s2i).

Note: This test validates the credential flow (env vars → viper → pushers → logging) rather than actual registry authentication, since the test registry (localhost:50000) does not require authentication. The test ensures credentials are properly handled by the system and would be available for authenticated registries.

Changes

1. New E2E Test (e2e/e2e_credentials_test.go)

• TestCredentials_DockerPusher_EnvUsed - Validates credential flow for all 3 builders (host/pack/s2i)

2. OCI Pusher Enhancement (pkg/oci/pusher.go)

Added credential logging for consistency with docker pusher:

if credentials.Username != "" {
    fmt.Fprintf(os.Stderr, "Pushing function image to the registry %q using the %q user credentials\n", 
        registry, credentials.Username)
}

This provides:

• Consistent user feedback across all builders
• Enables E2E test validation for host builder
• Improves debugging of authentication issues

How to Test Locally

Prerequisites

./hack/registry.sh   # Setup local registry
./hack/cluster.sh    # Setup cluster with Tekton
make build           # Build func binary

Run Tests

# Or specifically:
go test -v -tags e2e ./e2e -run TestCredentials_DockerPusher_EnvUsed -timeout 2
go test -v -tags e2e ./e2e -run TestCredentials_DockerPusher_EnvUsed -timeout 30m
go test -v -tags e2e ./e2e -run TestCredentials_RemoteSecretContainsAuth -timeout 30m

Verify Results

curl http://localhost:50000/v2/_catalog
# Should show: {"repositories":["func/func-e2e-creds-docker-host","func/func-e2e-creds-docker-pack","func/func-e2e-creds-docker-s2i"]}

What This Validates

• FUNC_USERNAME/FUNC_PASSWORD environment variables are correctly read by viper
• Credentials flow through command layer to all pushers
• Local builds push successfully with credentials (host/pack/s2i)
• All builders log credentials consistently for better UX

Fixes #3314

[knative-prow]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: Kunal1522
Once this PR has been reviewed and has the lgtm label, please assign lkingland for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[knative-prow]

Hi @Kunal1522. Thanks for your PR.

I'm waiting for a knative member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 54.54%. Comparing base (ab8d8ad) to head (5753534).
⚠️ Report is 15 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #3394      +/-   ##
==========================================
- Coverage   55.73%   54.54%   -1.20%     
==========================================
  Files         170      173       +3     
  Lines       19963    19701     -262     
==========================================
- Hits        11127    10746     -381     
- Misses       7727     7834     +107     
- Partials     1109     1121      +12     

Flag	Coverage Δ
e2e	37.95% <60.00%> (-1.79%)	⬇️
e2e go	33.62% <60.00%> (-1.86%)	⬇️
e2e node	29.28% <0.00%> (-1.85%)	⬇️
e2e python	33.14% <60.00%> (-1.99%)	⬇️
e2e quarkus	29.41% <0.00%> (-1.87%)	⬇️
e2e rust	28.76% <0.00%> (-1.98%)	⬇️
e2e springboot	27.23% <0.00%> (-1.96%)	⬇️
e2e typescript	29.39% <0.00%> (-1.85%)	⬇️
integration	16.59% <0.00%> (-2.05%)	⬇️
unit macos-14	43.31% <100.00%> (-1.80%)	⬇️
unit macos-latest	43.31% <100.00%> (-1.80%)	⬇️
unit ubuntu-24.04-arm	43.64% <100.00%> (-1.59%)	⬇️
unit ubuntu-latest	44.23% <100.00%> (-1.78%)	⬇️
unit windows-latest	43.33% <100.00%> (-1.80%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[matejvasek]

Use t.Setenv().