containers
/
podman
mirror of https://github.com/containers/podman.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #23379 from mtrmac/chunked-tests 

Prepare tests for better reuse with zstd:chunked pulls
This commit is contained in:
openshift-merge-bot[bot] 2024-07-24 19:53:52 +00:00 committed by GitHub
parent 443b04ba00 84eb640160
commit 85358aed81
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 13 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
test/e2e/pull_test.go
View File

@ -599,7 +599,7 @@ var _ = Describe("Podman pull", func() {
Describe("podman pull and decrypt", func() { Describe("podman pull and decrypt", func() {
decryptionTestHelper := func(imgPath string, expectedError1 string) *PodmanSessionIntegration { decryptionTestHelper := func(imgPath string) *PodmanSessionIntegration {
bitSize := 1024 bitSize := 1024
keyFileName := filepath.Join(podmanTest.TempDir, "key,withcomma") keyFileName := filepath.Join(podmanTest.TempDir, "key,withcomma")
publicKeyFileName, privateKeyFileName, err := WriteRSAKeyPair(keyFileName, bitSize) publicKeyFileName, privateKeyFileName, err := WriteRSAKeyPair(keyFileName, bitSize)
@ -617,9 +617,9 @@ var _ = Describe("Podman pull", func() {
Expect(session).Should(ExitCleanly()) Expect(session).Should(ExitCleanly())
// Pulling encrypted image without key should fail // Pulling encrypted image without key should fail
session = podmanTest.Podman([]string{"pull", imgPath}) session = podmanTest.Podman([]string{"pull", "--tls-verify=false", imgPath})
session.WaitWithDefaultTimeout() session.WaitWithDefaultTimeout()
Expect(session).Should(ExitWithError(125, expectedError1)) Expect(session).Should(ExitWithError(125, "invalid tar header"))
// Pulling encrypted image with wrong key should fail // Pulling encrypted image with wrong key should fail
session = podmanTest.Podman([]string{"pull", "-q", "--decryption-key", wrongPrivateKeyFileName, "--tls-verify=false", imgPath}) session = podmanTest.Podman([]string{"pull", "-q", "--decryption-key", wrongPrivateKeyFileName, "--tls-verify=false", imgPath})
@ -646,7 +646,7 @@ var _ = Describe("Podman pull", func() {
imgName := "localhost/name:tag" imgName := "localhost/name:tag"
imgPath := fmt.Sprintf("oci:%s:%s", bbdir, imgName) imgPath := fmt.Sprintf("oci:%s:%s", bbdir, imgName)
session := decryptionTestHelper(imgPath, "invalid tar header") session := decryptionTestHelper(imgPath)
Expect(session.LineInOutputContainsTag("localhost/name", "tag")).To(BeTrue()) Expect(session.LineInOutputContainsTag("localhost/name", "tag")).To(BeTrue())
}) })
@ -674,9 +674,9 @@ var _ = Describe("Podman pull", func() {
Skip("Cannot start docker registry.") Skip("Cannot start docker registry.")
} }
imgPath := "localhost:5012/my-alpine" imgPath := "localhost:5012/my-alpine-pull-and-decrypt"
session = decryptionTestHelper(imgPath, `initializing source docker://localhost:5012/my-alpine:latest: pinging container registry localhost:5012: Get "https://localhost:5012/v2/": http: server gave HTTP response to HTTPS client`) session = decryptionTestHelper(imgPath)
Expect(session.LineInOutputContainsTag(imgPath, "latest")).To(BeTrue()) Expect(session.LineInOutputContainsTag(imgPath, "latest")).To(BeTrue())
}) })

8
test/e2e/push_test.go
View File

@ -175,7 +175,9 @@ var _ = Describe("Podman push", func() {
Expect(err).ToNot(HaveOccurred()) Expect(err).ToNot(HaveOccurred())
if !IsRemote() { // Remote does not support --encryption-key if !IsRemote() { // Remote does not support --encryption-key
push = podmanTest.Podman([]string{"push", "-q", "--encryption-key", "jwe:" + publicKeyFileName, "--tls-verify=false", "--remove-signatures", ALPINE, "localhost:5003/my-alpine"}) // Explicitly specify compression-format because encryption and zstd:chunked together triggers a warning:
// Compression using zstd:chunked is not beneficial for encrypted layers, using plain zstd instead
push = podmanTest.Podman([]string{"push", "-q", "--encryption-key", "jwe:" + publicKeyFileName, "--tls-verify=false", "--remove-signatures", "--compression-format=zstd", ALPINE, "localhost:5003/my-alpine"})
push.WaitWithDefaultTimeout() push.WaitWithDefaultTimeout()
Expect(push).Should(ExitCleanly()) Expect(push).Should(ExitCleanly())
} }
@ -352,7 +354,9 @@ var _ = Describe("Podman push", func() {
publicKeyFileName, _, err := WriteRSAKeyPair(keyFileName, bitSize) publicKeyFileName, _, err := WriteRSAKeyPair(keyFileName, bitSize)
Expect(err).ToNot(HaveOccurred()) Expect(err).ToNot(HaveOccurred())
session := podmanTest.Podman([]string{"push", "-q", "--encryption-key", "jwe:" + publicKeyFileName, ALPINE, fmt.Sprintf("oci:%s", bbdir)}) // Explicitly specify compression-format because encryption and zstd:chunked together triggers a warning:
// Compression using zstd:chunked is not beneficial for encrypted layers, using plain zstd instead
session := podmanTest.Podman([]string{"push", "-q", "--encryption-key", "jwe:" + publicKeyFileName, "--compression-format=zstd", ALPINE, fmt.Sprintf("oci:%s", bbdir)})
session.WaitWithDefaultTimeout() session.WaitWithDefaultTimeout()
Expect(session).Should(ExitCleanly()) Expect(session).Should(ExitCleanly())

2
test/e2e/run_test.go
View File

@ -2173,7 +2173,7 @@ WORKDIR /madethis`, BB)
publicKeyFileName, privateKeyFileName, err := WriteRSAKeyPair(keyFileName, bitSize) publicKeyFileName, privateKeyFileName, err := WriteRSAKeyPair(keyFileName, bitSize)
Expect(err).ToNot(HaveOccurred()) Expect(err).ToNot(HaveOccurred())
imgPath := "localhost:5006/my-alpine" imgPath := "localhost:5006/my-alpine-podman-run-and-decrypt"
session = podmanTest.Podman([]string{"push", "--encryption-key", "jwe:" + publicKeyFileName, "--tls-verify=false", "--remove-signatures", ALPINE, imgPath}) session = podmanTest.Podman([]string{"push", "--encryption-key", "jwe:" + publicKeyFileName, "--tls-verify=false", "--remove-signatures", ALPINE, imgPath})
session.WaitWithDefaultTimeout() session.WaitWithDefaultTimeout()