From 2fcd1d7b4dca2619277607da7c8d22e9ec7620a2 Mon Sep 17 00:00:00 2001
From: Qi Wang <qiwan@redhat.com>
Date: Sun, 13 Sep 2020 15:40:41 -0400
Subject: Supports import&run--signature-policy

Enables podman create, pull, run, import to use --signature-policy option. Set it as hidden flag to be consistent with other commands.

Signed-off-by: Qi Wang <qiwan@redhat.com>
---
 test/e2e/create_test.go | 11 +++++++++++
 test/e2e/import_test.go | 17 +++++++++++++++++
 test/e2e/run_test.go    | 11 +++++++++++
 3 files changed, 39 insertions(+)

(limited to 'test/e2e')

diff --git a/test/e2e/create_test.go b/test/e2e/create_test.go
index 9cfed263a..6022be5f6 100644
--- a/test/e2e/create_test.go
+++ b/test/e2e/create_test.go
@@ -345,6 +345,17 @@ var _ = Describe("Podman create", func() {
 		Expect(session).To(Not(Equal(0)))
 	})
 
+	It("podman create --signature-policy", func() {
+		SkipIfRemote() // SigPolicy not handled by remote
+		session := podmanTest.Podman([]string{"create", "--pull=always", "--signature-policy", "/no/such/file", ALPINE})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(Not(Equal(0)))
+
+		session = podmanTest.Podman([]string{"create", "--pull=always", "--signature-policy", "/etc/containers/policy.json", ALPINE})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(Equal(0))
+	})
+
 	It("podman create with unset label", func() {
 		// Alpine is assumed to have no labels here, which seems safe
 		ctrName := "testctr"
diff --git a/test/e2e/import_test.go b/test/e2e/import_test.go
index feedb2a31..9c6f4381d 100644
--- a/test/e2e/import_test.go
+++ b/test/e2e/import_test.go
@@ -152,4 +152,21 @@ var _ = Describe("Podman import", func() {
 		Expect(imageData[0].Config.Cmd[0]).To(Equal("/bin/bash"))
 	})
 
+	It("podman import with signature", func() {
+		outfile := filepath.Join(podmanTest.TempDir, "container.tar")
+		_, ec, cid := podmanTest.RunLsContainer("")
+		Expect(ec).To(Equal(0))
+
+		export := podmanTest.Podman([]string{"export", "-o", outfile, cid})
+		export.WaitWithDefaultTimeout()
+		Expect(export.ExitCode()).To(Equal(0))
+
+		importImage := podmanTest.Podman([]string{"import", "--signature-policy", "/no/such/file", outfile})
+		importImage.WaitWithDefaultTimeout()
+		Expect(importImage.ExitCode()).To(Not(Equal(0)))
+
+		result := podmanTest.Podman([]string{"import", "--signature-policy", "/etc/containers/policy.json", outfile})
+		result.WaitWithDefaultTimeout()
+		Expect(result.ExitCode()).To(Equal(0))
+	})
 })
diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go
index a67f7df92..cbfb6bf59 100644
--- a/test/e2e/run_test.go
+++ b/test/e2e/run_test.go
@@ -58,6 +58,17 @@ var _ = Describe("Podman run", func() {
 		Expect(session.ExitCode()).To(Equal(0))
 	})
 
+	It("podman run --signature-policy", func() {
+		SkipIfRemote() // SigPolicy not handled by remote
+		session := podmanTest.Podman([]string{"run", "--pull=always", "--signature-policy", "/no/such/file", ALPINE})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(Not(Equal(0)))
+
+		session = podmanTest.Podman([]string{"run", "--pull=always", "--signature-policy", "/etc/containers/policy.json", ALPINE})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(Equal(0))
+	})
+
 	It("podman run a container based on on a short name with localhost", func() {
 		tag := podmanTest.Podman([]string{"tag", nginx, "localhost/libpod/alpine_nginx:latest"})
 		tag.WaitWithDefaultTimeout()
-- 
cgit v1.2.3-54-g00ecf