mirror of
https://github.com/containers/podman.git
synced 2025-08-06 19:44:14 +08:00
e6ebfbd1e0
Option defaults in API must be the same as in CLI. ``` % podman image push --help % podman image pull --help % podman manifest push --help % podman image search --help ``` All of these CLI commands them have --tls-verify=true by default: ``` --tls-verify require HTTPS and verify certificates when accessing the registry (default true) ``` As for `podman image build`, it doesn't have any means to control `tlsVerify` parameter but it must be true by default. Signed-off-by: Vladimir Kochnev <hashtable@yandex.ru>
76 lines
2.3 KiB
Bash
76 lines
2.3 KiB
Bash
# -*- sh -*-
|
|
#
|
|
# Tests for more image-related endpoints
|
|
#
|
|
|
|
red='\e[31m'
|
|
nc='\e[0m'
|
|
|
|
start_registry
|
|
|
|
podman pull -q $IMAGE
|
|
|
|
t GET libpod/images/json 200 \
|
|
.[0].Id~[0-9a-f]\\{64\\}
|
|
iid=$(jq -r '.[0].Id' <<<"$output")
|
|
|
|
# Retrieve the image tree
|
|
t GET libpod/images/$IMAGE/tree 200 \
|
|
.Tree~^Image
|
|
|
|
# Tag nonesuch image
|
|
t POST "libpod/images/nonesuch/tag?repo=myrepo&tag=mytag" 404
|
|
|
|
# Tag the image
|
|
t POST "libpod/images/$IMAGE/tag?repo=localhost:$REGISTRY_PORT/myrepo&tag=mytag" 201
|
|
|
|
t GET libpod/images/$IMAGE/json 200 \
|
|
.RepoTags[1]=localhost:$REGISTRY_PORT/myrepo:mytag
|
|
|
|
# Push to local registry...
|
|
t POST "images/localhost:$REGISTRY_PORT/myrepo/push?tag=mytag" 200 \
|
|
.error~".*x509: certificate signed by unknown authority"
|
|
t POST "images/localhost:$REGISTRY_PORT/myrepo/push?tlsVerify=false&tag=mytag" 200 \
|
|
.error~null
|
|
|
|
# ...and check output. We can't use our built-in checks because this output
|
|
# is a sequence of JSON objects, i.e., individual ones, not in a JSON array.
|
|
# The lines themselves are valid JSON, but taken together they are not.
|
|
readarray lines <<<"$output"
|
|
s0=$(jq -r .status <<<"${lines[0]}")
|
|
is "$s0" "The push refers to repository [localhost:$REGISTRY_PORT/myrepo:mytag]" \
|
|
"Push to local registry: first status line"
|
|
|
|
# FIXME: is there a way to test the actual digest?
|
|
s1=$(jq -r .status <<<"${lines[1]}")
|
|
like "$s1" "mytag: digest: sha256:[0-9a-f]\{64\} size: [0-9]\+" \
|
|
"Push to local registry: second status line"
|
|
|
|
# Untag the image
|
|
t POST "libpod/images/$iid/untag?repo=localhost:$REGISTRY_PORT/myrepo&tag=mytag" 201
|
|
|
|
# Try to push non-existing image
|
|
t POST "images/localhost:$REGISTRY_PORT/idonotexist/push?tlsVerify=false" 404
|
|
|
|
t GET libpod/images/$IMAGE/json 200 \
|
|
.RepoTags[-1]=$IMAGE
|
|
|
|
# Remove image
|
|
t DELETE libpod/images/$IMAGE 200 \
|
|
.ExitCode=0
|
|
|
|
podman pull -q $IMAGE
|
|
|
|
# test podman image SCP
|
|
# ssh needs to work so we can validate that the failure is past argument parsing
|
|
podman system connection add --default test ssh://$USER@localhost/run/user/$UID/podman/podman.sock
|
|
# should fail but need to check the output...
|
|
# status 125 here means that the save/load fails due to
|
|
# cirrus weirdness with exec.Command. All of the args have been parsed successfully.
|
|
t POST "libpod/images/scp/$IMAGE?destination=QA::" 500 \
|
|
.cause="exit status 125"
|
|
t DELETE libpod/images/$IMAGE 200 \
|
|
.ExitCode=0
|
|
|
|
stop_registry
|