diff options
Diffstat (limited to 'test')
| -rw-r--r-- | test/apiv2/12-imagesMore.at | 25 | ||||
| -rw-r--r-- | test/apiv2/23-containersArchive.at | 9 | ||||
| -rw-r--r-- | test/apiv2/35-networks.at | 3 | ||||
| -rw-r--r-- | test/apiv2/50-secrets.at | 36 | ||||
| -rwxr-xr-x | test/apiv2/test-apiv2 | 33 | ||||
| -rw-r--r-- | test/e2e/build_test.go | 53 | ||||
| -rw-r--r-- | test/e2e/commit_test.go | 25 | ||||
| -rw-r--r-- | test/e2e/common_test.go | 15 | ||||
| -rw-r--r-- | test/e2e/config/containers.conf | 2 | ||||
| -rw-r--r-- | test/e2e/containers_conf_test.go | 11 | ||||
| -rw-r--r-- | test/e2e/generate_kube_test.go | 35 | ||||
| -rw-r--r-- | test/e2e/run_test.go | 32 | ||||
| -rw-r--r-- | test/e2e/secret_test.go | 202 | ||||
| -rw-r--r-- | test/system/600-completion.bats | 22 |
14 files changed, 482 insertions, 21 deletions
diff --git a/test/apiv2/12-imagesMore.at b/test/apiv2/12-imagesMore.at index 896e685cd..4f3ddf925 100644 --- a/test/apiv2/12-imagesMore.at +++ b/test/apiv2/12-imagesMore.at @@ -3,6 +3,9 @@ # Tests for more image-related endpoints # +red='\e[31m' +nc='\e[0m' + podman pull -q $IMAGE t GET libpod/images/json 200 \ @@ -24,13 +27,21 @@ t GET libpod/images/$IMAGE/json 200 \ # Run registry container podman run -d --name registry -p 5000:5000 quay.io/libpod/registry:2.6 /entrypoint.sh /etc/docker/registry/config.yml +wait_for_port localhost 5000 + +# Push to local registry and check output +while read -r LINE +do + if echo "${LINE}" | jq --exit-status 'select( .status != null) | select ( .status | contains("digest: sha256:"))' &>/dev/null; then + GOT_DIGEST="1" + fi +done < <(curl -sL "http://$HOST:$PORT/images/localhost:5000/myrepo/push?tlsVerify=false&tag=mytag" -XPOST) +if [ -z "${GOT_DIGEST}" ] ; then + echo -e "${red}not ok: did not found digest in output${nc}" 1>&2; +fi # Push to local registry -# FIXME: this is failing: -# "cause": "received unexpected HTTP status: 500 Internal Server Error", -# "message": "error pushing image \"localhost:5000/myrepo:mytag\": error copying image to the remote destination: Error writing blob: Error initiating layer upload to /v2/myrepo/blobs/uploads/ in localhost:5000: received unexpected HTTP status: 500 Internal Server Error", -# "response": 400 -#t POST libpod/images/localhost:5000/myrepo:mytag/push\?tlsVerify\=false '' 200 +t POST "images/localhost:5000/myrepo/push?tlsVerify=false&tag=mytag" '' 200 # Untag the image t POST "libpod/images/$iid/untag?repo=localhost:5000/myrepo&tag=mytag" '' 201 @@ -46,3 +57,7 @@ t DELETE libpod/images/$IMAGE 200 \ .ExitCode=0 t DELETE libpod/images/quay.io/libpod/registry:2.6 200 \ .ExitCode=0 + +if [ -z "${GOT_DIGEST}" ] ; then + exit 1; +fi diff --git a/test/apiv2/23-containersArchive.at b/test/apiv2/23-containersArchive.at index 459800196..688ca9f06 100644 --- a/test/apiv2/23-containersArchive.at +++ b/test/apiv2/23-containersArchive.at @@ -13,13 +13,10 @@ podman rm -a -f &>/dev/null CTR="ArchiveTestingCtr" -TMPD=$(mktemp -d) -pushd "${TMPD}" -echo "Hello" > "hello.txt" -tar --format=posix -cvf "hello.tar" "hello.txt" &> /dev/null -popd - +TMPD=$(mktemp -d podman-apiv2-test.archive.XXXXXXXX) HELLO_TAR="${TMPD}/hello.tar" +echo "Hello" > $TMPD/hello.txt +tar --format=posix -C $TMPD -cvf ${HELLO_TAR} hello.txt &> /dev/null podman run -d --name "${CTR}" "${IMAGE}" top diff --git a/test/apiv2/35-networks.at b/test/apiv2/35-networks.at index 5327bd076..7ce109913 100644 --- a/test/apiv2/35-networks.at +++ b/test/apiv2/35-networks.at @@ -46,6 +46,9 @@ length=1 \ # invalid filter filters={"dangling":["1"]} t GET networks?filters=%7B%22dangling%22%3A%5B%221%22%5D%7D 500 \ .cause='invalid filter "dangling"' +# (#9293 with no networks the endpoint should return empty array instead of null) +t GET networks?filters=%7B%22name%22%3A%5B%22doesnotexists%22%5D%7D 200 \ +"[]" # network inspect docker t GET networks/a7662f44d65029fd4635c91feea3d720a57cef52e2a9fcc7772b69072cc1ccd1 200 \ diff --git a/test/apiv2/50-secrets.at b/test/apiv2/50-secrets.at new file mode 100644 index 000000000..1ef43381a --- /dev/null +++ b/test/apiv2/50-secrets.at @@ -0,0 +1,36 @@ +# -*- sh -*- +# +# secret-related tests +# + +# secret create +t POST secrets/create '"Name":"mysecret","Data":"c2VjcmV0"' 200\ + .ID~.* \ + +# secret create unsupported labels +t POST secrets/create '"Name":"mysecret","Data":"c2VjcmV0","Labels":{"fail":"fail"}' 400 + +# secret create name already in use +t POST secrets/create '"Name":"mysecret","Data":"c2VjcmV0"' 409 + +# secret inspect +t GET secrets/mysecret 200\ + .Spec.Name=mysecret + +# secret inspect non-existent secret +t GET secrets/bogus 404 + +# secret list +t GET secrets 200\ + length=1 + +# secret list unsupported filters +t GET secrets?filters=%7B%22name%22%3A%5B%22foo1%22%5D%7D 400 + +# secret rm +t DELETE secrets/mysecret 204 +# secret rm non-existent secret +t DELETE secrets/bogus 404 + +# secret update not implemented +t POST secrets/mysecret/update "" 501 diff --git a/test/apiv2/test-apiv2 b/test/apiv2/test-apiv2 index c8ca9df3f..5b1e2ef80 100755 --- a/test/apiv2/test-apiv2 +++ b/test/apiv2/test-apiv2 @@ -84,7 +84,9 @@ function like() { if expr "$actual" : "$expect" &>/dev/null; then # On success, include expected value; this helps readers understand - _show_ok 1 "$testname ('$actual') ~ $expect" + # (but don't show enormous multi-line output like 'generate kube') + blurb=$(head -n1 <<<"$actual") + _show_ok 1 "$testname ('$blurb') ~ $expect" return fi _show_ok 0 "$testname" "~ $expect" "$actual" @@ -231,14 +233,17 @@ function t() { if [[ $content_type =~ /octet ]]; then output="[$(file --brief $WORKDIR/curl.result.out)]" echo "$output" >>$LOG - else + elif [[ -e $WORKDIR/curl.result.out ]]; then output=$(< $WORKDIR/curl.result.out) - if [[ $content_type =~ application/json ]]; then + if [[ $content_type =~ application/json ]] && [[ $method != "HEAD" ]]; then jq . <<<"$output" >>$LOG else echo "$output" >>$LOG fi + else + output= + echo "[no output]" >>$LOG fi # Test return code @@ -305,10 +310,20 @@ function start_service() { &> $WORKDIR/server.log & service_pid=$! + wait_for_port $HOST $PORT +} + +################### +# wait_for_port # Returns once port is available on host +################### +function wait_for_port() { + local host=$1 # Probably "localhost" + local port=$2 # Numeric port + local timeout=${3:-5} # Optional; default to 5 seconds + # Wait - local _timeout=5 - while [ $_timeout -gt 0 ]; do - { exec 3<> /dev/tcp/$HOST/$PORT; } &>/dev/null && return + while [ $timeout -gt 0 ]; do + { exec 3<> /dev/tcp/$host/$port; } &>/dev/null && return sleep 1 _timeout=$(( $_timeout - 1 )) done @@ -385,6 +400,12 @@ done # Clean up if [ -n "$service_pid" ]; then + # Remove any containers and images; this prevents the following warning: + # 'rm: cannot remove '/.../overlay': Device or resource busy + podman rm -a + podman rmi -af + + # Stop the server kill $service_pid wait $service_pid fi diff --git a/test/e2e/build_test.go b/test/e2e/build_test.go index 71b4c0089..9bab4c926 100644 --- a/test/e2e/build_test.go +++ b/test/e2e/build_test.go @@ -194,7 +194,7 @@ var _ = Describe("Podman build", func() { inspect := podmanTest.Podman([]string{"inspect", string(id)}) inspect.WaitWithDefaultTimeout() data := inspect.InspectImageJSON() - Expect(data[0].ID).To(Equal(string(id))) + Expect("sha256:" + data[0].ID).To(Equal(string(id))) }) It("podman Test PATH in built image", func() { @@ -458,4 +458,55 @@ RUN [[ -L /test/dummy-symlink ]] && echo SYMLNKOK || echo SYMLNKERR` Expect(ok).To(BeTrue()) }) + It("podman build --from, --add-host, --cap-drop, --cap-add", func() { + targetPath, err := CreateTempDirInTempDir() + Expect(err).To(BeNil()) + + containerFile := filepath.Join(targetPath, "Containerfile") + content := `FROM scratch +RUN cat /etc/hosts +RUN grep CapEff /proc/self/status` + + Expect(ioutil.WriteFile(containerFile, []byte(content), 0755)).To(BeNil()) + + defer func() { + Expect(os.RemoveAll(containerFile)).To(BeNil()) + }() + + // When + session := podmanTest.Podman([]string{ + "build", "--cap-drop=all", "--cap-add=net_bind_service", "--add-host", "testhost:1.2.3.4", "--from", "alpine", targetPath, + }) + session.WaitWithDefaultTimeout() + + // Then + Expect(session.ExitCode()).To(Equal(0)) + Expect(strings.Fields(session.OutputToString())). + To(ContainElement("alpine")) + Expect(strings.Fields(session.OutputToString())). + To(ContainElement("testhost")) + Expect(strings.Fields(session.OutputToString())). + To(ContainElement("0000000000000400")) + }) + + It("podman build --arch", func() { + targetPath, err := CreateTempDirInTempDir() + Expect(err).To(BeNil()) + + containerFile := filepath.Join(targetPath, "Containerfile") + Expect(ioutil.WriteFile(containerFile, []byte("FROM alpine"), 0755)).To(BeNil()) + + defer func() { + Expect(os.RemoveAll(containerFile)).To(BeNil()) + }() + + // When + session := podmanTest.Podman([]string{ + "build", "--arch", "arm64", targetPath, + }) + session.WaitWithDefaultTimeout() + + // Then + Expect(session.ExitCode()).To(Equal(0)) + }) }) diff --git a/test/e2e/commit_test.go b/test/e2e/commit_test.go index 3c7bbca66..8760978fd 100644 --- a/test/e2e/commit_test.go +++ b/test/e2e/commit_test.go @@ -279,4 +279,29 @@ var _ = Describe("Podman commit", func() { data := check.InspectImageJSON() Expect(data[0].ID).To(Equal(string(id))) }) + + It("podman commit should not commit secret", func() { + secretsString := "somesecretdata" + secretFilePath := filepath.Join(podmanTest.TempDir, "secret") + err := ioutil.WriteFile(secretFilePath, []byte(secretsString), 0755) + Expect(err).To(BeNil()) + + session := podmanTest.Podman([]string{"secret", "create", "mysecret", secretFilePath}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + session = podmanTest.Podman([]string{"run", "--secret", "mysecret", "--name", "secr", ALPINE, "cat", "/run/secrets/mysecret"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + Expect(session.OutputToString()).To(Equal(secretsString)) + + session = podmanTest.Podman([]string{"commit", "secr", "foobar.com/test1-image:latest"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + session = podmanTest.Podman([]string{"run", "foobar.com/test1-image:latest", "cat", "/run/secrets/mysecret"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Not(Equal(0))) + + }) }) diff --git a/test/e2e/common_test.go b/test/e2e/common_test.go index 54d801e12..53810d882 100644 --- a/test/e2e/common_test.go +++ b/test/e2e/common_test.go @@ -491,6 +491,21 @@ func (p *PodmanTestIntegration) CleanupVolume() { p.Cleanup() } +// CleanupSecret cleans up the temporary store +func (p *PodmanTestIntegration) CleanupSecrets() { + // Remove all containers + session := p.Podman([]string{"secret", "rm", "-a"}) + session.Wait(90) + + // Stop remove service on secret cleanup + p.StopRemoteService() + + // Nuke tempdir + if err := os.RemoveAll(p.TempDir); err != nil { + fmt.Printf("%q\n", err) + } +} + // InspectContainerToJSON takes the session output of an inspect // container and returns json func (s *PodmanSessionIntegration) InspectContainerToJSON() []define.InspectContainerData { diff --git a/test/e2e/config/containers.conf b/test/e2e/config/containers.conf index 5a5e4b7a5..fdf679664 100644 --- a/test/e2e/config/containers.conf +++ b/test/e2e/config/containers.conf @@ -53,6 +53,8 @@ tz = "Pacific/Honolulu" umask = "0002" +annotations=["run.oci.keep_original_groups=1",] + [engine] network_cmd_options=["allow_host_loopback=true"] diff --git a/test/e2e/containers_conf_test.go b/test/e2e/containers_conf_test.go index 719ac9fac..c78c93b8c 100644 --- a/test/e2e/containers_conf_test.go +++ b/test/e2e/containers_conf_test.go @@ -320,4 +320,15 @@ var _ = Describe("Podman run", func() { Expect(session.OutputToString()).To(Equal("0022")) }) + It("podman run containers.conf annotations test", func() { + //containers.conf is set to "run.oci.keep_original_groups=1" + session := podmanTest.Podman([]string{"create", "--rm", "--name", "test", fedoraMinimal}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + inspect := podmanTest.Podman([]string{"inspect", "--format", "{{ .Config.Annotations }}", "test"}) + inspect.WaitWithDefaultTimeout() + Expect(inspect.OutputToString()).To(ContainSubstring("run.oci.keep_original_groups:1")) + }) + }) diff --git a/test/e2e/generate_kube_test.go b/test/e2e/generate_kube_test.go index bcfab0f68..cd949c666 100644 --- a/test/e2e/generate_kube_test.go +++ b/test/e2e/generate_kube_test.go @@ -699,4 +699,39 @@ ENTRYPOINT /bin/sleep` Expect(containers[0].Command).To(Equal([]string{"/bin/sh", "-c", "/bin/sleep"})) Expect(containers[0].Args).To(Equal([]string{"10s"})) }) + + It("podman generate kube - --privileged container", func() { + session := podmanTest.Podman([]string{"create", "--pod", "new:testpod", "--privileged", ALPINE, "ls"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + kube := podmanTest.Podman([]string{"generate", "kube", "testpod"}) + kube.WaitWithDefaultTimeout() + Expect(kube.ExitCode()).To(Equal(0)) + + // Now make sure that the capabilities aren't set. + pod := new(v1.Pod) + err := yaml.Unmarshal(kube.Out.Contents(), pod) + Expect(err).To(BeNil()) + + containers := pod.Spec.Containers + Expect(len(containers)).To(Equal(1)) + Expect(containers[0].SecurityContext.Capabilities).To(BeNil()) + + // Now make sure we can also `play` it. + kubeFile := filepath.Join(podmanTest.TempDir, "kube.yaml") + + kube = podmanTest.Podman([]string{"generate", "kube", "testpod", "-f", kubeFile}) + kube.WaitWithDefaultTimeout() + Expect(kube.ExitCode()).To(Equal(0)) + + // Remove the pod so play can recreate it. + kube = podmanTest.Podman([]string{"pod", "rm", "-f", "testpod"}) + kube.WaitWithDefaultTimeout() + Expect(kube.ExitCode()).To(Equal(0)) + + kube = podmanTest.Podman([]string{"play", "kube", kubeFile}) + kube.WaitWithDefaultTimeout() + Expect(kube.ExitCode()).To(Equal(0)) + }) }) diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go index caeaf190e..934b78202 100644 --- a/test/e2e/run_test.go +++ b/test/e2e/run_test.go @@ -332,6 +332,9 @@ var _ = Describe("Podman run", func() { It("podman run user capabilities test", func() { // We need to ignore the containers.conf on the test distribution for this test os.Setenv("CONTAINERS_CONF", "/dev/null") + if IsRemote() { + podmanTest.RestartRemoteService() + } session := podmanTest.Podman([]string{"run", "--rm", "--user", "bin", ALPINE, "grep", "CapBnd", "/proc/self/status"}) session.WaitWithDefaultTimeout() Expect(session.ExitCode()).To(Equal(0)) @@ -424,6 +427,9 @@ var _ = Describe("Podman run", func() { It("podman run user capabilities test with image", func() { // We need to ignore the containers.conf on the test distribution for this test os.Setenv("CONTAINERS_CONF", "/dev/null") + if IsRemote() { + podmanTest.RestartRemoteService() + } dockerfile := `FROM busybox USER bin` podmanTest.BuildImage(dockerfile, "test", "false") @@ -668,8 +674,8 @@ USER bin` Expect(session.ExitCode()).To(Equal(0)) }) - It("podman run with secrets", func() { - SkipIfRemote("--default-mounts-file option is not supported in podman-remote") + It("podman run with subscription secrets", func() { + SkipIfRemote("--default-mount-file option is not supported in podman-remote") containersDir := filepath.Join(podmanTest.TempDir, "containers") err := os.MkdirAll(containersDir, 0755) Expect(err).To(BeNil()) @@ -1448,4 +1454,26 @@ WORKDIR /madethis` Expect(session.ExitCode()).To(Equal(0)) Expect(session.OutputToString()).To(ContainSubstring(hostnameEnv)) }) + + It("podman run --secret", func() { + secretsString := "somesecretdata" + secretFilePath := filepath.Join(podmanTest.TempDir, "secret") + err := ioutil.WriteFile(secretFilePath, []byte(secretsString), 0755) + Expect(err).To(BeNil()) + + session := podmanTest.Podman([]string{"secret", "create", "mysecret", secretFilePath}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + session = podmanTest.Podman([]string{"run", "--secret", "mysecret", "--name", "secr", ALPINE, "cat", "/run/secrets/mysecret"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + Expect(session.OutputToString()).To(Equal(secretsString)) + + session = podmanTest.Podman([]string{"inspect", "secr", "--format", " {{(index .Config.Secrets 0).Name}}"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + Expect(session.OutputToString()).To(ContainSubstring("mysecret")) + + }) }) diff --git a/test/e2e/secret_test.go b/test/e2e/secret_test.go new file mode 100644 index 000000000..6dad605c5 --- /dev/null +++ b/test/e2e/secret_test.go @@ -0,0 +1,202 @@ +package integration + +import ( + "io/ioutil" + "os" + "path/filepath" + + . "github.com/containers/podman/v2/test/utils" + . "github.com/onsi/ginkgo" + . "github.com/onsi/gomega" +) + +var _ = Describe("Podman secret", func() { + var ( + tempdir string + err error + podmanTest *PodmanTestIntegration + ) + + BeforeEach(func() { + tempdir, err = CreateTempDirInTempDir() + if err != nil { + os.Exit(1) + } + podmanTest = PodmanTestCreate(tempdir) + podmanTest.Setup() + podmanTest.SeedImages() + }) + + AfterEach(func() { + podmanTest.CleanupSecrets() + f := CurrentGinkgoTestDescription() + processTestResult(f) + + }) + + It("podman secret create", func() { + secretFilePath := filepath.Join(podmanTest.TempDir, "secret") + err := ioutil.WriteFile(secretFilePath, []byte("mysecret"), 0755) + Expect(err).To(BeNil()) + + session := podmanTest.Podman([]string{"secret", "create", "a", secretFilePath}) + session.WaitWithDefaultTimeout() + secrID := session.OutputToString() + Expect(session.ExitCode()).To(Equal(0)) + + inspect := podmanTest.Podman([]string{"secret", "inspect", "--format", "{{.ID}}", secrID}) + inspect.WaitWithDefaultTimeout() + Expect(inspect.ExitCode()).To(Equal(0)) + Expect(inspect.OutputToString()).To(Equal(secrID)) + }) + + It("podman secret create bad name should fail", func() { + secretFilePath := filepath.Join(podmanTest.TempDir, "secret") + err := ioutil.WriteFile(secretFilePath, []byte("mysecret"), 0755) + Expect(err).To(BeNil()) + + session := podmanTest.Podman([]string{"secret", "create", "?!", secretFilePath}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Not(Equal(0))) + }) + + It("podman secret inspect", func() { + secretFilePath := filepath.Join(podmanTest.TempDir, "secret") + err := ioutil.WriteFile(secretFilePath, []byte("mysecret"), 0755) + Expect(err).To(BeNil()) + + session := podmanTest.Podman([]string{"secret", "create", "a", secretFilePath}) + session.WaitWithDefaultTimeout() + secrID := session.OutputToString() + Expect(session.ExitCode()).To(Equal(0)) + + inspect := podmanTest.Podman([]string{"secret", "inspect", secrID}) + inspect.WaitWithDefaultTimeout() + Expect(inspect.ExitCode()).To(Equal(0)) + Expect(inspect.IsJSONOutputValid()).To(BeTrue()) + }) + + It("podman secret inspect with --format", func() { + secretFilePath := filepath.Join(podmanTest.TempDir, "secret") + err := ioutil.WriteFile(secretFilePath, []byte("mysecret"), 0755) + Expect(err).To(BeNil()) + + session := podmanTest.Podman([]string{"secret", "create", "a", secretFilePath}) + session.WaitWithDefaultTimeout() + secrID := session.OutputToString() + Expect(session.ExitCode()).To(Equal(0)) + + inspect := podmanTest.Podman([]string{"secret", "inspect", "--format", "{{.ID}}", secrID}) + inspect.WaitWithDefaultTimeout() + Expect(inspect.ExitCode()).To(Equal(0)) + Expect(inspect.OutputToString()).To(Equal(secrID)) + }) + + It("podman secret inspect multiple secrets", func() { + secretFilePath := filepath.Join(podmanTest.TempDir, "secret") + err := ioutil.WriteFile(secretFilePath, []byte("mysecret"), 0755) + Expect(err).To(BeNil()) + + session := podmanTest.Podman([]string{"secret", "create", "a", secretFilePath}) + session.WaitWithDefaultTimeout() + secrID := session.OutputToString() + Expect(session.ExitCode()).To(Equal(0)) + + session2 := podmanTest.Podman([]string{"secret", "create", "b", secretFilePath}) + session2.WaitWithDefaultTimeout() + secrID2 := session2.OutputToString() + Expect(session2.ExitCode()).To(Equal(0)) + + inspect := podmanTest.Podman([]string{"secret", "inspect", secrID, secrID2}) + inspect.WaitWithDefaultTimeout() + Expect(inspect.ExitCode()).To(Equal(0)) + Expect(inspect.IsJSONOutputValid()).To(BeTrue()) + }) + + It("podman secret inspect bogus", func() { + secretFilePath := filepath.Join(podmanTest.TempDir, "secret") + err := ioutil.WriteFile(secretFilePath, []byte("mysecret"), 0755) + Expect(err).To(BeNil()) + + inspect := podmanTest.Podman([]string{"secret", "inspect", "bogus"}) + inspect.WaitWithDefaultTimeout() + Expect(inspect.ExitCode()).To(Not(Equal(0))) + + }) + + It("podman secret ls", func() { + secretFilePath := filepath.Join(podmanTest.TempDir, "secret") + err := ioutil.WriteFile(secretFilePath, []byte("mysecret"), 0755) + Expect(err).To(BeNil()) + + session := podmanTest.Podman([]string{"secret", "create", "a", secretFilePath}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + list := podmanTest.Podman([]string{"secret", "ls"}) + list.WaitWithDefaultTimeout() + Expect(list.ExitCode()).To(Equal(0)) + Expect(len(list.OutputToStringArray())).To(Equal(2)) + + }) + + It("podman secret ls with Go template", func() { + secretFilePath := filepath.Join(podmanTest.TempDir, "secret") + err := ioutil.WriteFile(secretFilePath, []byte("mysecret"), 0755) + Expect(err).To(BeNil()) + + session := podmanTest.Podman([]string{"secret", "create", "a", secretFilePath}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + list := podmanTest.Podman([]string{"secret", "ls", "--format", "table {{.Name}}"}) + list.WaitWithDefaultTimeout() + + Expect(list.ExitCode()).To(Equal(0)) + Expect(len(list.OutputToStringArray())).To(Equal(2), list.OutputToString()) + }) + + It("podman secret rm", func() { + secretFilePath := filepath.Join(podmanTest.TempDir, "secret") + err := ioutil.WriteFile(secretFilePath, []byte("mysecret"), 0755) + Expect(err).To(BeNil()) + + session := podmanTest.Podman([]string{"secret", "create", "a", secretFilePath}) + session.WaitWithDefaultTimeout() + secrID := session.OutputToString() + Expect(session.ExitCode()).To(Equal(0)) + + removed := podmanTest.Podman([]string{"secret", "rm", "a"}) + removed.WaitWithDefaultTimeout() + Expect(removed.ExitCode()).To(Equal(0)) + Expect(removed.OutputToString()).To(Equal(secrID)) + + session = podmanTest.Podman([]string{"secret", "ls"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + Expect(len(session.OutputToStringArray())).To(Equal(1)) + }) + + It("podman secret rm --all", func() { + secretFilePath := filepath.Join(podmanTest.TempDir, "secret") + err := ioutil.WriteFile(secretFilePath, []byte("mysecret"), 0755) + Expect(err).To(BeNil()) + + session := podmanTest.Podman([]string{"secret", "create", "a", secretFilePath}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + session = podmanTest.Podman([]string{"secret", "create", "b", secretFilePath}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + removed := podmanTest.Podman([]string{"secret", "rm", "-a"}) + removed.WaitWithDefaultTimeout() + Expect(removed.ExitCode()).To(Equal(0)) + + session = podmanTest.Podman([]string{"secret", "ls"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + Expect(len(session.OutputToStringArray())).To(Equal(1)) + }) + +}) diff --git a/test/system/600-completion.bats b/test/system/600-completion.bats index 8cac2c9aa..fbb0da231 100644 --- a/test/system/600-completion.bats +++ b/test/system/600-completion.bats @@ -157,7 +157,17 @@ function check_shell_completion() { # resume ;;& - *PATH* | *CONTEXT* | *KUBEFILE* | *COMMAND* | *ARG...* | *URI*) + *SECRET*) + run_completion "$@" $cmd "${extra_args[@]}" "" + is "$output" ".*$random_secret_name${nl}" \ + "$* $cmd: actual secret listed in suggestions" + _check_completion_end NoFileComp + + match=true + # resume + ;;& + + *PATH* | *CONTEXT* | *FILE* | *COMMAND* | *ARG...* | *URI*) # default shell completion should be done for everything which accepts a path run_completion "$@" $cmd "${extra_args[@]}" "" @@ -232,6 +242,11 @@ function _check_completion_end() { random_image_tag=$(random_string 5) random_network_name=$(random_string 30) random_volume_name=$(random_string 30) + random_secret_name=$(random_string 30) + random_secret_content=$(random_string 30) + secret_file=$PODMAN_TMPDIR/$(random_string 10) + + echo $random_secret_content > $secret_file # create a container for each state since some commands are only suggesting running container for example run_podman create --name created-$random_container_name $IMAGE @@ -263,6 +278,8 @@ function _check_completion_end() { # create volume run_podman volume create $random_volume_name + # create secret + run_podman secret create $random_secret_name $secret_file # $PODMAN may be a space-separated string, e.g. if we include a --url. local -a podman_as_array=($PODMAN) @@ -274,6 +291,9 @@ function _check_completion_end() { check_shell_completion # cleanup + run_podman secret rm $random_secret_name + rm -f $secret_file + run_podman volume rm $random_volume_name run_podman network rm $random_network_name |