From 70407d7f35936f51b7487bce9ba5727d5ea7ecf1 Mon Sep 17 00:00:00 2001
From: continuist <continuist02@gmail.com>
Date: Sun, 29 Jun 2025 13:49:31 -0400
Subject: [PATCH] Add test that unauthorized pushes are blocked

---
 CI_CD_PIPELINE_SETUP_GUIDE.md | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/CI_CD_PIPELINE_SETUP_GUIDE.md b/CI_CD_PIPELINE_SETUP_GUIDE.md
index 4ac85e5..570de27 100644
--- a/CI_CD_PIPELINE_SETUP_GUIDE.md
+++ b/CI_CD_PIPELINE_SETUP_GUIDE.md
@@ -756,13 +756,22 @@ docker pull YOUR_CI_CD_IP/APP_NAME/test:latest
 # Verify the image was pulled successfully
 docker images | grep APP_NAME/test
 
-# Clean up test image
+# Test that unauthorized push is blocked
+echo "FROM alpine:latest" > /tmp/unauthorized.Dockerfile
+echo "RUN echo 'This push should fail'" >> /tmp/unauthorized.Dockerfile
+docker build -f /tmp/unauthorized.Dockerfile -t YOUR_CI_CD_IP/APP_NAME/unauthorized:latest /tmp
+docker push YOUR_CI_CD_IP/APP_NAME/unauthorized:latest
+# Expected: This should fail with authentication error
+
+# Clean up test images
 docker rmi YOUR_CI_CD_IP/APP_NAME/test:latest
+docker rmi YOUR_CI_CD_IP/APP_NAME/unauthorized:latest
 ```
 
 **Expected behavior**:
 - ✅ **Push requires authentication**: `docker push` only works when logged in
 - ✅ **Pull works without authentication**: `docker pull` works without login for public projects
+- ✅ **Unauthorized push is blocked**: `docker push` fails when not logged in
 - ✅ **Web UI accessible**: Harbor UI is available at `https://YOUR_CI_CD_IP`
 
 #### 5.12 Harbor Access Model Summary