diff options
| author | umohnani8 <umohnani@redhat.com> | 2018-04-19 10:25:01 -0400 |
|---|---|---|
| committer | umohnani8 <umohnani@redhat.com> | 2018-04-23 13:17:12 -0400 |
| commit | 57afb7514d5c123779601cae77d016bf6de8a5f1 (patch) | |
| tree | b1500483b4172c0b05baaf5690c76c3d5486d5ad /test | |
| parent | 8493dba23c73617d9529b7ca13b400d50ac6f455 (diff) | |
| download | podman-57afb7514d5c123779601cae77d016bf6de8a5f1.tar.gz podman-57afb7514d5c123779601cae77d016bf6de8a5f1.tar.bz2 podman-57afb7514d5c123779601cae77d016bf6de8a5f1.zip | |
Add FIPS mode secret
If the host is in FIPS mode and /etc/system-fips exists
/run/secrets/system-fips is created in the container so that
the container can run in FIPS mode as well.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Diffstat (limited to 'test')
| -rw-r--r-- | test/e2e/run_test.go | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go index 66e5791a7..501434852 100644 --- a/test/e2e/run_test.go +++ b/test/e2e/run_test.go @@ -302,6 +302,20 @@ var _ = Describe("Podman run", func() { Expect(err).To(BeNil()) }) + It("podman run with FIPS mode secrets", func() { + fipsFile := "/etc/system-fips" + err = ioutil.WriteFile(fipsFile, []byte{}, 0755) + Expect(err).To(BeNil()) + + session := podmanTest.Podman([]string{"run", "--rm", ALPINE, "ls", "/run/secrets"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + Expect(session.OutputToString()).To(ContainSubstring("system-fips")) + + err = os.Remove(fipsFile) + Expect(err).To(BeNil()) + }) + It("podman run without group-add", func() { session := podmanTest.Podman([]string{"run", "--rm", ALPINE, "id"}) session.WaitWithDefaultTimeout() |