mirror of
https://github.com/containers/podman.git
synced 2025-05-21 00:56:36 +08:00
e2e: reduce dependency on /tmp for e2e tests
- Use filepath.Join(podmanTest.TempDir, "any") instead of "/tmp/any" - Add generatePolicyFile() to avoid the hardcording of "keyPath": "tmp/key.gpg" Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
This commit is contained in:
Toshiki Sonoda
@ -505,7 +505,7 @@ var _ = Describe("Podman checkpoint", func() {
|
|||||||
Expect(session).Should(Exit(0))
|
Expect(session).Should(Exit(0))
|
||||||
Expect(podmanTest.NumberOfContainersRunning()).To(Equal(1))
|
Expect(podmanTest.NumberOfContainersRunning()).To(Equal(1))
|
||||||
cid := session.OutputToString()
|
cid := session.OutputToString()
|
||||||
fileName := "/tmp/checkpoint-" + cid + ".tar.gz"
|
fileName := filepath.Join(podmanTest.TempDir, "/checkpoint-"+cid+".tar.gz")
|
||||||
|
|
||||||
result := podmanTest.Podman([]string{"container", "checkpoint", cid, "-e", fileName})
|
result := podmanTest.Podman([]string{"container", "checkpoint", cid, "-e", fileName})
|
||||||
result.WaitWithDefaultTimeout()
|
result.WaitWithDefaultTimeout()
|
||||||
@ -556,7 +556,7 @@ var _ = Describe("Podman checkpoint", func() {
|
|||||||
Expect(session).Should(Exit(0))
|
Expect(session).Should(Exit(0))
|
||||||
Expect(podmanTest.NumberOfContainersRunning()).To(Equal(1))
|
Expect(podmanTest.NumberOfContainersRunning()).To(Equal(1))
|
||||||
cid := session.OutputToString()
|
cid := session.OutputToString()
|
||||||
fileName := "/tmp/checkpoint-" + cid + ".tar"
|
fileName := filepath.Join(podmanTest.TempDir, "/checkpoint-"+cid+".tar.gz")
|
||||||
|
|
||||||
// Checkpoint with the default algorithm
|
// Checkpoint with the default algorithm
|
||||||
result := podmanTest.Podman([]string{"container", "checkpoint", cid, "-e", fileName})
|
result := podmanTest.Podman([]string{"container", "checkpoint", cid, "-e", fileName})
|
||||||
@ -661,7 +661,7 @@ var _ = Describe("Podman checkpoint", func() {
|
|||||||
Expect(session).Should(Exit(0))
|
Expect(session).Should(Exit(0))
|
||||||
Expect(podmanTest.NumberOfContainersRunning()).To(Equal(1))
|
Expect(podmanTest.NumberOfContainersRunning()).To(Equal(1))
|
||||||
cid := session.OutputToString()
|
cid := session.OutputToString()
|
||||||
fileName := "/tmp/checkpoint-" + cid + ".tar.gz"
|
fileName := filepath.Join(podmanTest.TempDir, "/checkpoint-"+cid+".tar.gz")
|
||||||
|
|
||||||
// Change the container's root file-system
|
// Change the container's root file-system
|
||||||
result := podmanTest.Podman([]string{"exec", cid, "/bin/sh", "-c", "echo test" + cid + "test > /test.output"})
|
result := podmanTest.Podman([]string{"exec", cid, "/bin/sh", "-c", "echo test" + cid + "test > /test.output"})
|
||||||
@ -723,7 +723,7 @@ var _ = Describe("Podman checkpoint", func() {
|
|||||||
Expect(session).Should(Exit(0))
|
Expect(session).Should(Exit(0))
|
||||||
Expect(podmanTest.NumberOfContainersRunning()).To(Equal(1))
|
Expect(podmanTest.NumberOfContainersRunning()).To(Equal(1))
|
||||||
cid := session.OutputToString()
|
cid := session.OutputToString()
|
||||||
fileName := "/tmp/checkpoint-" + cid + ".tar.gz"
|
fileName := filepath.Join(podmanTest.TempDir, "/checkpoint-"+cid+".tar.gz")
|
||||||
|
|
||||||
// Change the container's root file-system
|
// Change the container's root file-system
|
||||||
result := podmanTest.Podman([]string{"exec", cid, "/bin/sh", "-c", "echo test" + cid + "test > /test.output"})
|
result := podmanTest.Podman([]string{"exec", cid, "/bin/sh", "-c", "echo test" + cid + "test > /test.output"})
|
||||||
@ -765,7 +765,7 @@ var _ = Describe("Podman checkpoint", func() {
|
|||||||
Expect(session).Should(Exit(0))
|
Expect(session).Should(Exit(0))
|
||||||
Expect(podmanTest.NumberOfContainersRunning()).To(Equal(1))
|
Expect(podmanTest.NumberOfContainersRunning()).To(Equal(1))
|
||||||
cid := session.OutputToString()
|
cid := session.OutputToString()
|
||||||
fileName := "/tmp/checkpoint-" + cid + ".tar.gz"
|
fileName := filepath.Join(podmanTest.TempDir, "/checkpoint-"+cid+".tar.gz")
|
||||||
|
|
||||||
// Change the container's root file-system
|
// Change the container's root file-system
|
||||||
result := podmanTest.Podman([]string{"exec", cid, "/bin/sh", "-c", "echo test" + cid + "test > /test.output"})
|
result := podmanTest.Podman([]string{"exec", cid, "/bin/sh", "-c", "echo test" + cid + "test > /test.output"})
|
||||||
@ -808,7 +808,7 @@ var _ = Describe("Podman checkpoint", func() {
|
|||||||
Expect(session).Should(Exit(0))
|
Expect(session).Should(Exit(0))
|
||||||
Expect(podmanTest.NumberOfContainersRunning()).To(Equal(1))
|
Expect(podmanTest.NumberOfContainersRunning()).To(Equal(1))
|
||||||
cid := session.OutputToString()
|
cid := session.OutputToString()
|
||||||
fileName := "/tmp/checkpoint-" + cid + ".tar.gz"
|
fileName := filepath.Join(podmanTest.TempDir, "/checkpoint-"+cid+".tar.gz")
|
||||||
|
|
||||||
// Checkpoint the container
|
// Checkpoint the container
|
||||||
result := podmanTest.Podman([]string{"container", "checkpoint", cid, "-e", fileName})
|
result := podmanTest.Podman([]string{"container", "checkpoint", cid, "-e", fileName})
|
||||||
@ -857,7 +857,7 @@ var _ = Describe("Podman checkpoint", func() {
|
|||||||
Expect(result.ErrorToString()).To(ContainSubstring("cannot checkpoint containers that have been started with '--rm'"))
|
Expect(result.ErrorToString()).To(ContainSubstring("cannot checkpoint containers that have been started with '--rm'"))
|
||||||
|
|
||||||
// Checkpointing with --export should still work
|
// Checkpointing with --export should still work
|
||||||
fileName := "/tmp/checkpoint-" + cid + ".tar.gz"
|
fileName := filepath.Join(podmanTest.TempDir, "/checkpoint-"+cid+".tar.gz")
|
||||||
|
|
||||||
result = podmanTest.Podman([]string{"container", "checkpoint", cid, "-e", fileName})
|
result = podmanTest.Podman([]string{"container", "checkpoint", cid, "-e", fileName})
|
||||||
result.WaitWithDefaultTimeout()
|
result.WaitWithDefaultTimeout()
|
||||||
@ -929,7 +929,7 @@ var _ = Describe("Podman checkpoint", func() {
|
|||||||
result.WaitWithDefaultTimeout()
|
result.WaitWithDefaultTimeout()
|
||||||
Expect(result).Should(Exit(0))
|
Expect(result).Should(Exit(0))
|
||||||
|
|
||||||
checkpointFileName := "/tmp/checkpoint-" + cid + ".tar.gz"
|
checkpointFileName := filepath.Join(podmanTest.TempDir, "/checkpoint-"+cid+".tar.gz")
|
||||||
|
|
||||||
// Checkpoint the container
|
// Checkpoint the container
|
||||||
result = podmanTest.Podman([]string{"container", "checkpoint", cid, "-e", checkpointFileName})
|
result = podmanTest.Podman([]string{"container", "checkpoint", cid, "-e", checkpointFileName})
|
||||||
@ -1024,8 +1024,8 @@ var _ = Describe("Podman checkpoint", func() {
|
|||||||
session.WaitWithDefaultTimeout()
|
session.WaitWithDefaultTimeout()
|
||||||
Expect(session).Should(Exit(0))
|
Expect(session).Should(Exit(0))
|
||||||
cid := session.OutputToString()
|
cid := session.OutputToString()
|
||||||
preCheckpointFileName := "/tmp/pre-checkpoint-" + cid + ".tar.gz"
|
preCheckpointFileName := filepath.Join(podmanTest.TempDir, "/pre-checkpoint-"+cid+".tar.gz")
|
||||||
checkpointFileName := "/tmp/checkpoint-" + cid + ".tar.gz"
|
checkpointFileName := filepath.Join(podmanTest.TempDir, "/checkpoint-"+cid+".tar.gz")
|
||||||
|
|
||||||
result := podmanTest.Podman([]string{"container", "checkpoint", "-P", "-e", preCheckpointFileName, cid})
|
result := podmanTest.Podman([]string{"container", "checkpoint", "-P", "-e", preCheckpointFileName, cid})
|
||||||
result.WaitWithDefaultTimeout()
|
result.WaitWithDefaultTimeout()
|
||||||
@ -1066,7 +1066,7 @@ var _ = Describe("Podman checkpoint", func() {
|
|||||||
session.WaitWithDefaultTimeout()
|
session.WaitWithDefaultTimeout()
|
||||||
Expect(session).Should(Exit(0))
|
Expect(session).Should(Exit(0))
|
||||||
cid := session.OutputToString()
|
cid := session.OutputToString()
|
||||||
fileName := "/tmp/checkpoint-" + cid + ".tar.gz"
|
fileName := filepath.Join(podmanTest.TempDir, "/checkpoint-"+cid+".tar.gz")
|
||||||
|
|
||||||
if !WaitContainerReady(podmanTest, cid, "Ready to accept connections", 20, 1) {
|
if !WaitContainerReady(podmanTest, cid, "Ready to accept connections", 20, 1) {
|
||||||
Fail("Container failed to get ready")
|
Fail("Container failed to get ready")
|
||||||
@ -1167,7 +1167,7 @@ var _ = Describe("Podman checkpoint", func() {
|
|||||||
Expect(session).To(Exit(0))
|
Expect(session).To(Exit(0))
|
||||||
cid := session.OutputToString()
|
cid := session.OutputToString()
|
||||||
|
|
||||||
fileName := "/tmp/checkpoint-" + cid + ".tar.gz"
|
fileName := filepath.Join(podmanTest.TempDir, "/checkpoint-"+cid+".tar.gz")
|
||||||
|
|
||||||
// Checkpoint the container
|
// Checkpoint the container
|
||||||
result := podmanTest.Podman([]string{
|
result := podmanTest.Podman([]string{
|
||||||
@ -1286,7 +1286,7 @@ var _ = Describe("Podman checkpoint", func() {
|
|||||||
Expect(session).Should(Exit(0))
|
Expect(session).Should(Exit(0))
|
||||||
Expect(podmanTest.NumberOfContainersRunning()).To(Equal(1))
|
Expect(podmanTest.NumberOfContainersRunning()).To(Equal(1))
|
||||||
cid := session.OutputToString()
|
cid := session.OutputToString()
|
||||||
fileName := "/tmp/checkpoint-" + cid + ".tar.gz"
|
fileName := filepath.Join(podmanTest.TempDir, "/checkpoint-"+cid+".tar.gz")
|
||||||
|
|
||||||
result := podmanTest.Podman([]string{"container", "checkpoint", cid, "-e", fileName})
|
result := podmanTest.Podman([]string{"container", "checkpoint", cid, "-e", fileName})
|
||||||
result.WaitWithDefaultTimeout()
|
result.WaitWithDefaultTimeout()
|
||||||
@ -1326,7 +1326,7 @@ var _ = Describe("Podman checkpoint", func() {
|
|||||||
Expect(session).Should(Exit(0))
|
Expect(session).Should(Exit(0))
|
||||||
Expect(podmanTest.NumberOfContainersRunning()).To(Equal(1))
|
Expect(podmanTest.NumberOfContainersRunning()).To(Equal(1))
|
||||||
cid := session.OutputToString()
|
cid := session.OutputToString()
|
||||||
fileName := "/tmp/checkpoint-" + cid + ".tar.gz"
|
fileName := filepath.Join(podmanTest.TempDir, "/checkpoint-"+cid+".tar.gz")
|
||||||
|
|
||||||
result := podmanTest.Podman([]string{
|
result := podmanTest.Podman([]string{
|
||||||
"container",
|
"container",
|
||||||
@ -1514,7 +1514,7 @@ var _ = Describe("Podman checkpoint", func() {
|
|||||||
Expect(session).Should(Exit(0))
|
Expect(session).Should(Exit(0))
|
||||||
runtime := session.OutputToString()
|
runtime := session.OutputToString()
|
||||||
|
|
||||||
fileName := "/tmp/checkpoint-" + cid + ".tar.gz"
|
fileName := filepath.Join(podmanTest.TempDir, "/checkpoint-"+cid+".tar.gz")
|
||||||
|
|
||||||
result := podmanTest.Podman([]string{
|
result := podmanTest.Podman([]string{
|
||||||
"container",
|
"container",
|
||||||
@ -1616,7 +1616,7 @@ var _ = Describe("Podman checkpoint", func() {
|
|||||||
Expect(session).Should(Exit(0))
|
Expect(session).Should(Exit(0))
|
||||||
Expect(session.OutputToString()).To(Equal("runc"))
|
Expect(session.OutputToString()).To(Equal("runc"))
|
||||||
|
|
||||||
checkpointExportPath := "/tmp/checkpoint-" + cid + ".tar.gz"
|
checkpointExportPath := filepath.Join(podmanTest.TempDir, "/checkpoint-"+cid+".tar.gz")
|
||||||
|
|
||||||
session = podmanTest.Podman([]string{"container", "checkpoint", cid, "-e", checkpointExportPath})
|
session = podmanTest.Podman([]string{"container", "checkpoint", cid, "-e", checkpointExportPath})
|
||||||
session.WaitWithDefaultTimeout()
|
session.WaitWithDefaultTimeout()
|
||||||
@ -1685,7 +1685,7 @@ var _ = Describe("Podman checkpoint", func() {
|
|||||||
Expect(session).Should(Exit(0))
|
Expect(session).Should(Exit(0))
|
||||||
runtime := session.OutputToString()
|
runtime := session.OutputToString()
|
||||||
|
|
||||||
fileName := "/tmp/checkpoint-" + cid + ".tar.gz"
|
fileName := filepath.Join(podmanTest.TempDir, "/checkpoint-"+cid+".tar.gz")
|
||||||
|
|
||||||
result := podmanTest.Podman([]string{
|
result := podmanTest.Podman([]string{
|
||||||
"container",
|
"container",
|
||||||
@ -1769,7 +1769,7 @@ var _ = Describe("Podman checkpoint", func() {
|
|||||||
Expect(session).Should(Exit(0))
|
Expect(session).Should(Exit(0))
|
||||||
runtime := session.OutputToString()
|
runtime := session.OutputToString()
|
||||||
|
|
||||||
checkpointFileName := "/tmp/checkpoint-" + cid + ".tar.gz"
|
checkpointFileName := filepath.Join(podmanTest.TempDir, "/checkpoint-"+cid+".tar.gz")
|
||||||
result = podmanTest.Podman([]string{"container", "checkpoint", cid, "-e", checkpointFileName})
|
result = podmanTest.Podman([]string{"container", "checkpoint", cid, "-e", checkpointFileName})
|
||||||
result.WaitWithDefaultTimeout()
|
result.WaitWithDefaultTimeout()
|
||||||
|
|
||||||
|
|||||||
@ -111,7 +111,7 @@ var _ = SynchronizedBeforeSuite(func() []byte {
|
|||||||
// Cache images
|
// Cache images
|
||||||
cwd, _ := os.Getwd()
|
cwd, _ := os.Getwd()
|
||||||
INTEGRATION_ROOT = filepath.Join(cwd, "../../")
|
INTEGRATION_ROOT = filepath.Join(cwd, "../../")
|
||||||
podman := PodmanTestSetup("/tmp")
|
podman := PodmanTestSetup(os.TempDir())
|
||||||
|
|
||||||
// Pull cirros but don't put it into the cache
|
// Pull cirros but don't put it into the cache
|
||||||
pullImages := []string{CIRROS_IMAGE, fedoraToolbox, volumeTest}
|
pullImages := []string{CIRROS_IMAGE, fedoraToolbox, volumeTest}
|
||||||
@ -988,6 +988,41 @@ func (p *PodmanTestIntegration) removeNetwork(name string) {
|
|||||||
Expect(session.ExitCode()).To(BeNumerically("<=", 1), "Exit code must be 0 or 1")
|
Expect(session.ExitCode()).To(BeNumerically("<=", 1), "Exit code must be 0 or 1")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// generatePolicyFile generates a signature verification policy file.
|
||||||
|
// it returns the policy file path.
|
||||||
|
func generatePolicyFile(tempDir string) string {
|
||||||
|
keyPath := filepath.Join(tempDir, "key.gpg")
|
||||||
|
policyPath := filepath.Join(tempDir, "policy.json")
|
||||||
|
conf := fmt.Sprintf(`
|
||||||
|
{
|
||||||
|
"default": [
|
||||||
|
{
|
||||||
|
"type": "insecureAcceptAnything"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"transports": {
|
||||||
|
"docker": {
|
||||||
|
"localhost:5000": [
|
||||||
|
{
|
||||||
|
"type": "signedBy",
|
||||||
|
"keyType": "GPGKeys",
|
||||||
|
"keyPath": "%s"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"localhost:5000/sigstore-signed": [
|
||||||
|
{
|
||||||
|
"type": "sigstoreSigned",
|
||||||
|
"keyPath": "testdata/sigstore-key.pub"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
`, keyPath)
|
||||||
|
writeConf([]byte(conf), policyPath)
|
||||||
|
return policyPath
|
||||||
|
}
|
||||||
|
|
||||||
func (s *PodmanSessionIntegration) jq(jqCommand string) (string, error) {
|
func (s *PodmanSessionIntegration) jq(jqCommand string) (string, error) {
|
||||||
var out bytes.Buffer
|
var out bytes.Buffer
|
||||||
cmd := exec.Command("jq", jqCommand)
|
cmd := exec.Command("jq", jqCommand)
|
||||||
|
|||||||
@ -57,11 +57,12 @@ var _ = Describe("Podman mount", func() {
|
|||||||
opts := podmanTest.PodmanMakeOptions([]string{"mount", cid}, false, false)
|
opts := podmanTest.PodmanMakeOptions([]string{"mount", cid}, false, false)
|
||||||
args = append(args, opts...)
|
args = append(args, opts...)
|
||||||
|
|
||||||
// container root file system location is /tmp/... because "--root /tmp/..."
|
// container root file system location is podmanTest.TempDir/...
|
||||||
|
// because "--root podmanTest.TempDir/..."
|
||||||
session := podmanTest.Podman(args)
|
session := podmanTest.Podman(args)
|
||||||
session.WaitWithDefaultTimeout()
|
session.WaitWithDefaultTimeout()
|
||||||
Expect(session).Should(Exit(0))
|
Expect(session).Should(Exit(0))
|
||||||
Expect(session.OutputToString()).To(ContainSubstring("/tmp"))
|
Expect(session.OutputToString()).To(ContainSubstring(podmanTest.TempDir))
|
||||||
})
|
})
|
||||||
|
|
||||||
It("podman image mount", func() {
|
It("podman image mount", func() {
|
||||||
@ -83,10 +84,10 @@ var _ = Describe("Podman mount", func() {
|
|||||||
opts := podmanTest.PodmanMakeOptions([]string{"image", "mount", ALPINE}, false, false)
|
opts := podmanTest.PodmanMakeOptions([]string{"image", "mount", ALPINE}, false, false)
|
||||||
args = append(args, opts...)
|
args = append(args, opts...)
|
||||||
|
|
||||||
// image location is /tmp/... because "--root /tmp/..."
|
// image location is podmanTest.TempDir/... because "--root podmanTest.TempDir/..."
|
||||||
session := podmanTest.Podman(args)
|
session := podmanTest.Podman(args)
|
||||||
session.WaitWithDefaultTimeout()
|
session.WaitWithDefaultTimeout()
|
||||||
Expect(session).Should(Exit(0))
|
Expect(session).Should(Exit(0))
|
||||||
Expect(session.OutputToString()).To(ContainSubstring("/tmp"))
|
Expect(session.OutputToString()).To(ContainSubstring(podmanTest.TempDir))
|
||||||
})
|
})
|
||||||
})
|
})
|
||||||
|
|||||||
@ -139,9 +139,10 @@ var _ = Describe("Podman push", func() {
|
|||||||
|
|
||||||
if !IsRemote() { // Remote does not support --digestfile
|
if !IsRemote() { // Remote does not support --digestfile
|
||||||
// Test --digestfile option
|
// Test --digestfile option
|
||||||
push2 := podmanTest.Podman([]string{"push", "--tls-verify=false", "--digestfile=/tmp/digestfile.txt", "--remove-signatures", ALPINE, "localhost:5000/my-alpine"})
|
digestFile := filepath.Join(podmanTest.TempDir, "digestfile.txt")
|
||||||
|
push2 := podmanTest.Podman([]string{"push", "--tls-verify=false", "--digestfile=" + digestFile, "--remove-signatures", ALPINE, "localhost:5000/my-alpine"})
|
||||||
push2.WaitWithDefaultTimeout()
|
push2.WaitWithDefaultTimeout()
|
||||||
fi, err := os.Lstat("/tmp/digestfile.txt")
|
fi, err := os.Lstat(digestFile)
|
||||||
Expect(err).ToNot(HaveOccurred())
|
Expect(err).ToNot(HaveOccurred())
|
||||||
Expect(fi.Name()).To(Equal("digestfile.txt"))
|
Expect(fi.Name()).To(Equal("digestfile.txt"))
|
||||||
Expect(push2).Should(Exit(0))
|
Expect(push2).Should(Exit(0))
|
||||||
@ -162,6 +163,9 @@ var _ = Describe("Podman push", func() {
|
|||||||
err := os.Remove(systemRegistriesDAddition)
|
err := os.Remove(systemRegistriesDAddition)
|
||||||
Expect(err).ToNot(HaveOccurred())
|
Expect(err).ToNot(HaveOccurred())
|
||||||
}()
|
}()
|
||||||
|
// Generate a signature verification policy file
|
||||||
|
policyPath := generatePolicyFile(podmanTest.TempDir)
|
||||||
|
defer os.Remove(policyPath)
|
||||||
|
|
||||||
// Verify that the policy rejects unsigned images
|
// Verify that the policy rejects unsigned images
|
||||||
push := podmanTest.Podman([]string{"push", "-q", "--tls-verify=false", "--remove-signatures", ALPINE, "localhost:5000/sigstore-signed"})
|
push := podmanTest.Podman([]string{"push", "-q", "--tls-verify=false", "--remove-signatures", ALPINE, "localhost:5000/sigstore-signed"})
|
||||||
@ -169,7 +173,7 @@ var _ = Describe("Podman push", func() {
|
|||||||
Expect(push).Should(Exit(0))
|
Expect(push).Should(Exit(0))
|
||||||
Expect(push.ErrorToString()).To(BeEmpty())
|
Expect(push.ErrorToString()).To(BeEmpty())
|
||||||
|
|
||||||
pull := podmanTest.Podman([]string{"pull", "-q", "--tls-verify=false", "--signature-policy", "sign/policy.json", "localhost:5000/sigstore-signed"})
|
pull := podmanTest.Podman([]string{"pull", "-q", "--tls-verify=false", "--signature-policy", policyPath, "localhost:5000/sigstore-signed"})
|
||||||
pull.WaitWithDefaultTimeout()
|
pull.WaitWithDefaultTimeout()
|
||||||
Expect(pull).To(ExitWithError())
|
Expect(pull).To(ExitWithError())
|
||||||
Expect(pull.ErrorToString()).To(ContainSubstring("A signature was required, but no signature exists"))
|
Expect(pull.ErrorToString()).To(ContainSubstring("A signature was required, but no signature exists"))
|
||||||
@ -180,7 +184,7 @@ var _ = Describe("Podman push", func() {
|
|||||||
Expect(push).Should(Exit(0))
|
Expect(push).Should(Exit(0))
|
||||||
Expect(push.ErrorToString()).To(BeEmpty())
|
Expect(push.ErrorToString()).To(BeEmpty())
|
||||||
|
|
||||||
pull = podmanTest.Podman([]string{"pull", "-q", "--tls-verify=false", "--signature-policy", "sign/policy.json", "localhost:5000/sigstore-signed"})
|
pull = podmanTest.Podman([]string{"pull", "-q", "--tls-verify=false", "--signature-policy", policyPath, "localhost:5000/sigstore-signed"})
|
||||||
pull.WaitWithDefaultTimeout()
|
pull.WaitWithDefaultTimeout()
|
||||||
Expect(pull).Should(Exit(0))
|
Expect(pull).Should(Exit(0))
|
||||||
}
|
}
|
||||||
|
|||||||
@ -185,8 +185,11 @@ var _ = Describe("Podman save", func() {
|
|||||||
Expect(err).ToNot(HaveOccurred())
|
Expect(err).ToNot(HaveOccurred())
|
||||||
}()
|
}()
|
||||||
|
|
||||||
cmd = exec.Command("cp", "sign/key.gpg", "/tmp/key.gpg")
|
keyPath := filepath.Join(podmanTest.TempDir, "key.gpg")
|
||||||
|
cmd = exec.Command("cp", "sign/key.gpg", keyPath)
|
||||||
Expect(cmd.Run()).To(Succeed())
|
Expect(cmd.Run()).To(Succeed())
|
||||||
|
defer os.Remove(keyPath)
|
||||||
|
|
||||||
sigstore := `
|
sigstore := `
|
||||||
default-docker:
|
default-docker:
|
||||||
sigstore: file:///var/lib/containers/sigstore
|
sigstore: file:///var/lib/containers/sigstore
|
||||||
@ -207,7 +210,11 @@ default-docker:
|
|||||||
Expect(session).Should(Exit(0))
|
Expect(session).Should(Exit(0))
|
||||||
|
|
||||||
if !IsRemote() {
|
if !IsRemote() {
|
||||||
session = podmanTest.Podman([]string{"pull", "--tls-verify=false", "--signature-policy=sign/policy.json", "localhost:5000/alpine"})
|
// Generate a signature verification policy file
|
||||||
|
policyPath := generatePolicyFile(podmanTest.TempDir)
|
||||||
|
defer os.Remove(policyPath)
|
||||||
|
|
||||||
|
session = podmanTest.Podman([]string{"pull", "--tls-verify=false", "--signature-policy", policyPath, "localhost:5000/alpine"})
|
||||||
session.WaitWithDefaultTimeout()
|
session.WaitWithDefaultTimeout()
|
||||||
Expect(session).Should(Exit(0))
|
Expect(session).Should(Exit(0))
|
||||||
|
|
||||||
|
|||||||
@ -1,24 +0,0 @@
|
|||||||
{
|
|
||||||
"default": [
|
|
||||||
{
|
|
||||||
"type": "insecureAcceptAnything"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"transports": {
|
|
||||||
"docker": {
|
|
||||||
"localhost:5000": [
|
|
||||||
{
|
|
||||||
"type": "signedBy",
|
|
||||||
"keyType": "GPGKeys",
|
|
||||||
"keyPath": "/tmp/key.gpg"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"localhost:5000/sigstore-signed": [
|
|
||||||
{
|
|
||||||
"type": "sigstoreSigned",
|
|
||||||
"keyPath": "testdata/sigstore-key.pub"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
Reference in New Issue
Block a user