From 2fcd1d7b4dca2619277607da7c8d22e9ec7620a2 Mon Sep 17 00:00:00 2001 From: Qi Wang Date: Sun, 13 Sep 2020 15:40:41 -0400 Subject: Supports import&run--signature-policy Enables podman create, pull, run, import to use --signature-policy option. Set it as hidden flag to be consistent with other commands. Signed-off-by: Qi Wang --- test/e2e/create_test.go | 11 +++++++++++ test/e2e/import_test.go | 17 +++++++++++++++++ test/e2e/run_test.go | 11 +++++++++++ 3 files changed, 39 insertions(+) (limited to 'test/e2e') diff --git a/test/e2e/create_test.go b/test/e2e/create_test.go index 9cfed263a..6022be5f6 100644 --- a/test/e2e/create_test.go +++ b/test/e2e/create_test.go @@ -345,6 +345,17 @@ var _ = Describe("Podman create", func() { Expect(session).To(Not(Equal(0))) }) + It("podman create --signature-policy", func() { + SkipIfRemote() // SigPolicy not handled by remote + session := podmanTest.Podman([]string{"create", "--pull=always", "--signature-policy", "/no/such/file", ALPINE}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Not(Equal(0))) + + session = podmanTest.Podman([]string{"create", "--pull=always", "--signature-policy", "/etc/containers/policy.json", ALPINE}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + }) + It("podman create with unset label", func() { // Alpine is assumed to have no labels here, which seems safe ctrName := "testctr" diff --git a/test/e2e/import_test.go b/test/e2e/import_test.go index feedb2a31..9c6f4381d 100644 --- a/test/e2e/import_test.go +++ b/test/e2e/import_test.go @@ -152,4 +152,21 @@ var _ = Describe("Podman import", func() { Expect(imageData[0].Config.Cmd[0]).To(Equal("/bin/bash")) }) + It("podman import with signature", func() { + outfile := filepath.Join(podmanTest.TempDir, "container.tar") + _, ec, cid := podmanTest.RunLsContainer("") + Expect(ec).To(Equal(0)) + + export := podmanTest.Podman([]string{"export", "-o", outfile, cid}) + export.WaitWithDefaultTimeout() + Expect(export.ExitCode()).To(Equal(0)) + + importImage := podmanTest.Podman([]string{"import", "--signature-policy", "/no/such/file", outfile}) + importImage.WaitWithDefaultTimeout() + Expect(importImage.ExitCode()).To(Not(Equal(0))) + + result := podmanTest.Podman([]string{"import", "--signature-policy", "/etc/containers/policy.json", outfile}) + result.WaitWithDefaultTimeout() + Expect(result.ExitCode()).To(Equal(0)) + }) }) diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go index a67f7df92..cbfb6bf59 100644 --- a/test/e2e/run_test.go +++ b/test/e2e/run_test.go @@ -58,6 +58,17 @@ var _ = Describe("Podman run", func() { Expect(session.ExitCode()).To(Equal(0)) }) + It("podman run --signature-policy", func() { + SkipIfRemote() // SigPolicy not handled by remote + session := podmanTest.Podman([]string{"run", "--pull=always", "--signature-policy", "/no/such/file", ALPINE}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Not(Equal(0))) + + session = podmanTest.Podman([]string{"run", "--pull=always", "--signature-policy", "/etc/containers/policy.json", ALPINE}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + }) + It("podman run a container based on on a short name with localhost", func() { tag := podmanTest.Podman([]string{"tag", nginx, "localhost/libpod/alpine_nginx:latest"}) tag.WaitWithDefaultTimeout() -- cgit v1.2.3-54-g00ecf