mirror of
https://github.com/containers/podman.git
synced 2025-05-21 00:56:36 +08:00
e2e: reduce dependency on /tmp for e2e tests
- Use filepath.Join(podmanTest.TempDir, "any") instead of "/tmp/any" - Add generatePolicyFile() to avoid the hardcording of "keyPath": "tmp/key.gpg" Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
This commit is contained in:
Toshiki Sonoda
@ -505,7 +505,7 @@ var _ = Describe("Podman checkpoint", func() {
|
||||
Expect(session).Should(Exit(0))
|
||||
Expect(podmanTest.NumberOfContainersRunning()).To(Equal(1))
|
||||
cid := session.OutputToString()
|
||||
fileName := "/tmp/checkpoint-" + cid + ".tar.gz"
|
||||
fileName := filepath.Join(podmanTest.TempDir, "/checkpoint-"+cid+".tar.gz")
|
||||
|
||||
result := podmanTest.Podman([]string{"container", "checkpoint", cid, "-e", fileName})
|
||||
result.WaitWithDefaultTimeout()
|
||||
@ -556,7 +556,7 @@ var _ = Describe("Podman checkpoint", func() {
|
||||
Expect(session).Should(Exit(0))
|
||||
Expect(podmanTest.NumberOfContainersRunning()).To(Equal(1))
|
||||
cid := session.OutputToString()
|
||||
fileName := "/tmp/checkpoint-" + cid + ".tar"
|
||||
fileName := filepath.Join(podmanTest.TempDir, "/checkpoint-"+cid+".tar.gz")
|
||||
|
||||
// Checkpoint with the default algorithm
|
||||
result := podmanTest.Podman([]string{"container", "checkpoint", cid, "-e", fileName})
|
||||
@ -661,7 +661,7 @@ var _ = Describe("Podman checkpoint", func() {
|
||||
Expect(session).Should(Exit(0))
|
||||
Expect(podmanTest.NumberOfContainersRunning()).To(Equal(1))
|
||||
cid := session.OutputToString()
|
||||
fileName := "/tmp/checkpoint-" + cid + ".tar.gz"
|
||||
fileName := filepath.Join(podmanTest.TempDir, "/checkpoint-"+cid+".tar.gz")
|
||||
|
||||
// Change the container's root file-system
|
||||
result := podmanTest.Podman([]string{"exec", cid, "/bin/sh", "-c", "echo test" + cid + "test > /test.output"})
|
||||
@ -723,7 +723,7 @@ var _ = Describe("Podman checkpoint", func() {
|
||||
Expect(session).Should(Exit(0))
|
||||
Expect(podmanTest.NumberOfContainersRunning()).To(Equal(1))
|
||||
cid := session.OutputToString()
|
||||
fileName := "/tmp/checkpoint-" + cid + ".tar.gz"
|
||||
fileName := filepath.Join(podmanTest.TempDir, "/checkpoint-"+cid+".tar.gz")
|
||||
|
||||
// Change the container's root file-system
|
||||
result := podmanTest.Podman([]string{"exec", cid, "/bin/sh", "-c", "echo test" + cid + "test > /test.output"})
|
||||
@ -765,7 +765,7 @@ var _ = Describe("Podman checkpoint", func() {
|
||||
Expect(session).Should(Exit(0))
|
||||
Expect(podmanTest.NumberOfContainersRunning()).To(Equal(1))
|
||||
cid := session.OutputToString()
|
||||
fileName := "/tmp/checkpoint-" + cid + ".tar.gz"
|
||||
fileName := filepath.Join(podmanTest.TempDir, "/checkpoint-"+cid+".tar.gz")
|
||||
|
||||
// Change the container's root file-system
|
||||
result := podmanTest.Podman([]string{"exec", cid, "/bin/sh", "-c", "echo test" + cid + "test > /test.output"})
|
||||
@ -808,7 +808,7 @@ var _ = Describe("Podman checkpoint", func() {
|
||||
Expect(session).Should(Exit(0))
|
||||
Expect(podmanTest.NumberOfContainersRunning()).To(Equal(1))
|
||||
cid := session.OutputToString()
|
||||
fileName := "/tmp/checkpoint-" + cid + ".tar.gz"
|
||||
fileName := filepath.Join(podmanTest.TempDir, "/checkpoint-"+cid+".tar.gz")
|
||||
|
||||
// Checkpoint the container
|
||||
result := podmanTest.Podman([]string{"container", "checkpoint", cid, "-e", fileName})
|
||||
@ -857,7 +857,7 @@ var _ = Describe("Podman checkpoint", func() {
|
||||
Expect(result.ErrorToString()).To(ContainSubstring("cannot checkpoint containers that have been started with '--rm'"))
|
||||
|
||||
// Checkpointing with --export should still work
|
||||
fileName := "/tmp/checkpoint-" + cid + ".tar.gz"
|
||||
fileName := filepath.Join(podmanTest.TempDir, "/checkpoint-"+cid+".tar.gz")
|
||||
|
||||
result = podmanTest.Podman([]string{"container", "checkpoint", cid, "-e", fileName})
|
||||
result.WaitWithDefaultTimeout()
|
||||
@ -929,7 +929,7 @@ var _ = Describe("Podman checkpoint", func() {
|
||||
result.WaitWithDefaultTimeout()
|
||||
Expect(result).Should(Exit(0))
|
||||
|
||||
checkpointFileName := "/tmp/checkpoint-" + cid + ".tar.gz"
|
||||
checkpointFileName := filepath.Join(podmanTest.TempDir, "/checkpoint-"+cid+".tar.gz")
|
||||
|
||||
// Checkpoint the container
|
||||
result = podmanTest.Podman([]string{"container", "checkpoint", cid, "-e", checkpointFileName})
|
||||
@ -1024,8 +1024,8 @@ var _ = Describe("Podman checkpoint", func() {
|
||||
session.WaitWithDefaultTimeout()
|
||||
Expect(session).Should(Exit(0))
|
||||
cid := session.OutputToString()
|
||||
preCheckpointFileName := "/tmp/pre-checkpoint-" + cid + ".tar.gz"
|
||||
checkpointFileName := "/tmp/checkpoint-" + cid + ".tar.gz"
|
||||
preCheckpointFileName := filepath.Join(podmanTest.TempDir, "/pre-checkpoint-"+cid+".tar.gz")
|
||||
checkpointFileName := filepath.Join(podmanTest.TempDir, "/checkpoint-"+cid+".tar.gz")
|
||||
|
||||
result := podmanTest.Podman([]string{"container", "checkpoint", "-P", "-e", preCheckpointFileName, cid})
|
||||
result.WaitWithDefaultTimeout()
|
||||
@ -1066,7 +1066,7 @@ var _ = Describe("Podman checkpoint", func() {
|
||||
session.WaitWithDefaultTimeout()
|
||||
Expect(session).Should(Exit(0))
|
||||
cid := session.OutputToString()
|
||||
fileName := "/tmp/checkpoint-" + cid + ".tar.gz"
|
||||
fileName := filepath.Join(podmanTest.TempDir, "/checkpoint-"+cid+".tar.gz")
|
||||
|
||||
if !WaitContainerReady(podmanTest, cid, "Ready to accept connections", 20, 1) {
|
||||
Fail("Container failed to get ready")
|
||||
@ -1167,7 +1167,7 @@ var _ = Describe("Podman checkpoint", func() {
|
||||
Expect(session).To(Exit(0))
|
||||
cid := session.OutputToString()
|
||||
|
||||
fileName := "/tmp/checkpoint-" + cid + ".tar.gz"
|
||||
fileName := filepath.Join(podmanTest.TempDir, "/checkpoint-"+cid+".tar.gz")
|
||||
|
||||
// Checkpoint the container
|
||||
result := podmanTest.Podman([]string{
|
||||
@ -1286,7 +1286,7 @@ var _ = Describe("Podman checkpoint", func() {
|
||||
Expect(session).Should(Exit(0))
|
||||
Expect(podmanTest.NumberOfContainersRunning()).To(Equal(1))
|
||||
cid := session.OutputToString()
|
||||
fileName := "/tmp/checkpoint-" + cid + ".tar.gz"
|
||||
fileName := filepath.Join(podmanTest.TempDir, "/checkpoint-"+cid+".tar.gz")
|
||||
|
||||
result := podmanTest.Podman([]string{"container", "checkpoint", cid, "-e", fileName})
|
||||
result.WaitWithDefaultTimeout()
|
||||
@ -1326,7 +1326,7 @@ var _ = Describe("Podman checkpoint", func() {
|
||||
Expect(session).Should(Exit(0))
|
||||
Expect(podmanTest.NumberOfContainersRunning()).To(Equal(1))
|
||||
cid := session.OutputToString()
|
||||
fileName := "/tmp/checkpoint-" + cid + ".tar.gz"
|
||||
fileName := filepath.Join(podmanTest.TempDir, "/checkpoint-"+cid+".tar.gz")
|
||||
|
||||
result := podmanTest.Podman([]string{
|
||||
"container",
|
||||
@ -1514,7 +1514,7 @@ var _ = Describe("Podman checkpoint", func() {
|
||||
Expect(session).Should(Exit(0))
|
||||
runtime := session.OutputToString()
|
||||
|
||||
fileName := "/tmp/checkpoint-" + cid + ".tar.gz"
|
||||
fileName := filepath.Join(podmanTest.TempDir, "/checkpoint-"+cid+".tar.gz")
|
||||
|
||||
result := podmanTest.Podman([]string{
|
||||
"container",
|
||||
@ -1616,7 +1616,7 @@ var _ = Describe("Podman checkpoint", func() {
|
||||
Expect(session).Should(Exit(0))
|
||||
Expect(session.OutputToString()).To(Equal("runc"))
|
||||
|
||||
checkpointExportPath := "/tmp/checkpoint-" + cid + ".tar.gz"
|
||||
checkpointExportPath := filepath.Join(podmanTest.TempDir, "/checkpoint-"+cid+".tar.gz")
|
||||
|
||||
session = podmanTest.Podman([]string{"container", "checkpoint", cid, "-e", checkpointExportPath})
|
||||
session.WaitWithDefaultTimeout()
|
||||
@ -1685,7 +1685,7 @@ var _ = Describe("Podman checkpoint", func() {
|
||||
Expect(session).Should(Exit(0))
|
||||
runtime := session.OutputToString()
|
||||
|
||||
fileName := "/tmp/checkpoint-" + cid + ".tar.gz"
|
||||
fileName := filepath.Join(podmanTest.TempDir, "/checkpoint-"+cid+".tar.gz")
|
||||
|
||||
result := podmanTest.Podman([]string{
|
||||
"container",
|
||||
@ -1769,7 +1769,7 @@ var _ = Describe("Podman checkpoint", func() {
|
||||
Expect(session).Should(Exit(0))
|
||||
runtime := session.OutputToString()
|
||||
|
||||
checkpointFileName := "/tmp/checkpoint-" + cid + ".tar.gz"
|
||||
checkpointFileName := filepath.Join(podmanTest.TempDir, "/checkpoint-"+cid+".tar.gz")
|
||||
result = podmanTest.Podman([]string{"container", "checkpoint", cid, "-e", checkpointFileName})
|
||||
result.WaitWithDefaultTimeout()
|
||||
|
||||
|
||||
@ -111,7 +111,7 @@ var _ = SynchronizedBeforeSuite(func() []byte {
|
||||
// Cache images
|
||||
cwd, _ := os.Getwd()
|
||||
INTEGRATION_ROOT = filepath.Join(cwd, "../../")
|
||||
podman := PodmanTestSetup("/tmp")
|
||||
podman := PodmanTestSetup(os.TempDir())
|
||||
|
||||
// Pull cirros but don't put it into the cache
|
||||
pullImages := []string{CIRROS_IMAGE, fedoraToolbox, volumeTest}
|
||||
@ -988,6 +988,41 @@ func (p *PodmanTestIntegration) removeNetwork(name string) {
|
||||
Expect(session.ExitCode()).To(BeNumerically("<=", 1), "Exit code must be 0 or 1")
|
||||
}
|
||||
|
||||
// generatePolicyFile generates a signature verification policy file.
|
||||
// it returns the policy file path.
|
||||
func generatePolicyFile(tempDir string) string {
|
||||
keyPath := filepath.Join(tempDir, "key.gpg")
|
||||
policyPath := filepath.Join(tempDir, "policy.json")
|
||||
conf := fmt.Sprintf(`
|
||||
{
|
||||
"default": [
|
||||
{
|
||||
"type": "insecureAcceptAnything"
|
||||
}
|
||||
],
|
||||
"transports": {
|
||||
"docker": {
|
||||
"localhost:5000": [
|
||||
{
|
||||
"type": "signedBy",
|
||||
"keyType": "GPGKeys",
|
||||
"keyPath": "%s"
|
||||
}
|
||||
],
|
||||
"localhost:5000/sigstore-signed": [
|
||||
{
|
||||
"type": "sigstoreSigned",
|
||||
"keyPath": "testdata/sigstore-key.pub"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
`, keyPath)
|
||||
writeConf([]byte(conf), policyPath)
|
||||
return policyPath
|
||||
}
|
||||
|
||||
func (s *PodmanSessionIntegration) jq(jqCommand string) (string, error) {
|
||||
var out bytes.Buffer
|
||||
cmd := exec.Command("jq", jqCommand)
|
||||
|
||||
@ -57,11 +57,12 @@ var _ = Describe("Podman mount", func() {
|
||||
opts := podmanTest.PodmanMakeOptions([]string{"mount", cid}, false, false)
|
||||
args = append(args, opts...)
|
||||
|
||||
// container root file system location is /tmp/... because "--root /tmp/..."
|
||||
// container root file system location is podmanTest.TempDir/...
|
||||
// because "--root podmanTest.TempDir/..."
|
||||
session := podmanTest.Podman(args)
|
||||
session.WaitWithDefaultTimeout()
|
||||
Expect(session).Should(Exit(0))
|
||||
Expect(session.OutputToString()).To(ContainSubstring("/tmp"))
|
||||
Expect(session.OutputToString()).To(ContainSubstring(podmanTest.TempDir))
|
||||
})
|
||||
|
||||
It("podman image mount", func() {
|
||||
@ -83,10 +84,10 @@ var _ = Describe("Podman mount", func() {
|
||||
opts := podmanTest.PodmanMakeOptions([]string{"image", "mount", ALPINE}, false, false)
|
||||
args = append(args, opts...)
|
||||
|
||||
// image location is /tmp/... because "--root /tmp/..."
|
||||
// image location is podmanTest.TempDir/... because "--root podmanTest.TempDir/..."
|
||||
session := podmanTest.Podman(args)
|
||||
session.WaitWithDefaultTimeout()
|
||||
Expect(session).Should(Exit(0))
|
||||
Expect(session.OutputToString()).To(ContainSubstring("/tmp"))
|
||||
Expect(session.OutputToString()).To(ContainSubstring(podmanTest.TempDir))
|
||||
})
|
||||
})
|
||||
|
||||
@ -139,9 +139,10 @@ var _ = Describe("Podman push", func() {
|
||||
|
||||
if !IsRemote() { // Remote does not support --digestfile
|
||||
// Test --digestfile option
|
||||
push2 := podmanTest.Podman([]string{"push", "--tls-verify=false", "--digestfile=/tmp/digestfile.txt", "--remove-signatures", ALPINE, "localhost:5000/my-alpine"})
|
||||
digestFile := filepath.Join(podmanTest.TempDir, "digestfile.txt")
|
||||
push2 := podmanTest.Podman([]string{"push", "--tls-verify=false", "--digestfile=" + digestFile, "--remove-signatures", ALPINE, "localhost:5000/my-alpine"})
|
||||
push2.WaitWithDefaultTimeout()
|
||||
fi, err := os.Lstat("/tmp/digestfile.txt")
|
||||
fi, err := os.Lstat(digestFile)
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
Expect(fi.Name()).To(Equal("digestfile.txt"))
|
||||
Expect(push2).Should(Exit(0))
|
||||
@ -162,6 +163,9 @@ var _ = Describe("Podman push", func() {
|
||||
err := os.Remove(systemRegistriesDAddition)
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
}()
|
||||
// Generate a signature verification policy file
|
||||
policyPath := generatePolicyFile(podmanTest.TempDir)
|
||||
defer os.Remove(policyPath)
|
||||
|
||||
// Verify that the policy rejects unsigned images
|
||||
push := podmanTest.Podman([]string{"push", "-q", "--tls-verify=false", "--remove-signatures", ALPINE, "localhost:5000/sigstore-signed"})
|
||||
@ -169,7 +173,7 @@ var _ = Describe("Podman push", func() {
|
||||
Expect(push).Should(Exit(0))
|
||||
Expect(push.ErrorToString()).To(BeEmpty())
|
||||
|
||||
pull := podmanTest.Podman([]string{"pull", "-q", "--tls-verify=false", "--signature-policy", "sign/policy.json", "localhost:5000/sigstore-signed"})
|
||||
pull := podmanTest.Podman([]string{"pull", "-q", "--tls-verify=false", "--signature-policy", policyPath, "localhost:5000/sigstore-signed"})
|
||||
pull.WaitWithDefaultTimeout()
|
||||
Expect(pull).To(ExitWithError())
|
||||
Expect(pull.ErrorToString()).To(ContainSubstring("A signature was required, but no signature exists"))
|
||||
@ -180,7 +184,7 @@ var _ = Describe("Podman push", func() {
|
||||
Expect(push).Should(Exit(0))
|
||||
Expect(push.ErrorToString()).To(BeEmpty())
|
||||
|
||||
pull = podmanTest.Podman([]string{"pull", "-q", "--tls-verify=false", "--signature-policy", "sign/policy.json", "localhost:5000/sigstore-signed"})
|
||||
pull = podmanTest.Podman([]string{"pull", "-q", "--tls-verify=false", "--signature-policy", policyPath, "localhost:5000/sigstore-signed"})
|
||||
pull.WaitWithDefaultTimeout()
|
||||
Expect(pull).Should(Exit(0))
|
||||
}
|
||||
|
||||
@ -185,8 +185,11 @@ var _ = Describe("Podman save", func() {
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
}()
|
||||
|
||||
cmd = exec.Command("cp", "sign/key.gpg", "/tmp/key.gpg")
|
||||
keyPath := filepath.Join(podmanTest.TempDir, "key.gpg")
|
||||
cmd = exec.Command("cp", "sign/key.gpg", keyPath)
|
||||
Expect(cmd.Run()).To(Succeed())
|
||||
defer os.Remove(keyPath)
|
||||
|
||||
sigstore := `
|
||||
default-docker:
|
||||
sigstore: file:///var/lib/containers/sigstore
|
||||
@ -207,7 +210,11 @@ default-docker:
|
||||
Expect(session).Should(Exit(0))
|
||||
|
||||
if !IsRemote() {
|
||||
session = podmanTest.Podman([]string{"pull", "--tls-verify=false", "--signature-policy=sign/policy.json", "localhost:5000/alpine"})
|
||||
// Generate a signature verification policy file
|
||||
policyPath := generatePolicyFile(podmanTest.TempDir)
|
||||
defer os.Remove(policyPath)
|
||||
|
||||
session = podmanTest.Podman([]string{"pull", "--tls-verify=false", "--signature-policy", policyPath, "localhost:5000/alpine"})
|
||||
session.WaitWithDefaultTimeout()
|
||||
Expect(session).Should(Exit(0))
|
||||
|
||||
|
||||
@ -1,24 +0,0 @@
|
||||
{
|
||||
"default": [
|
||||
{
|
||||
"type": "insecureAcceptAnything"
|
||||
}
|
||||
],
|
||||
"transports": {
|
||||
"docker": {
|
||||
"localhost:5000": [
|
||||
{
|
||||
"type": "signedBy",
|
||||
"keyType": "GPGKeys",
|
||||
"keyPath": "/tmp/key.gpg"
|
||||
}
|
||||
],
|
||||
"localhost:5000/sigstore-signed": [
|
||||
{
|
||||
"type": "sigstoreSigned",
|
||||
"keyPath": "testdata/sigstore-key.pub"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user