From e7204178e175d8ad619faa626ba284c777886cd3 Mon Sep 17 00:00:00 2001 From: Aditya Rajan Date: Fri, 26 Nov 2021 18:18:30 +0530 Subject: podman-remote: copy secret to contextdir is absolute path on host Podman remote must treat build secrets as part of context directory. If secret path is absolute path on host copy it to tar file and pass it to remote server. Signed-off-by: Aditya Rajan --- test/e2e/build/Dockerfile.with-multiple-secret | 3 +++ test/e2e/build/Dockerfile.with-secret | 2 ++ test/e2e/build/anothersecret.txt | 1 + test/e2e/build/secret.txt | 1 + test/e2e/build_test.go | 23 +++++++++++++++++++++++ 5 files changed, 30 insertions(+) create mode 100644 test/e2e/build/Dockerfile.with-multiple-secret create mode 100644 test/e2e/build/Dockerfile.with-secret create mode 100644 test/e2e/build/anothersecret.txt create mode 100644 test/e2e/build/secret.txt (limited to 'test') diff --git a/test/e2e/build/Dockerfile.with-multiple-secret b/test/e2e/build/Dockerfile.with-multiple-secret new file mode 100644 index 000000000..f3478914f --- /dev/null +++ b/test/e2e/build/Dockerfile.with-multiple-secret @@ -0,0 +1,3 @@ +FROM alpine +RUN --mount=type=secret,id=mysecret cat /run/secrets/mysecret +RUN --mount=type=secret,id=mysecret2 cat /run/secrets/mysecret2 diff --git a/test/e2e/build/Dockerfile.with-secret b/test/e2e/build/Dockerfile.with-secret new file mode 100644 index 000000000..920663a92 --- /dev/null +++ b/test/e2e/build/Dockerfile.with-secret @@ -0,0 +1,2 @@ +FROM alpine +RUN --mount=type=secret,id=mysecret cat /run/secrets/mysecret diff --git a/test/e2e/build/anothersecret.txt b/test/e2e/build/anothersecret.txt new file mode 100644 index 000000000..bc5fdbd32 --- /dev/null +++ b/test/e2e/build/anothersecret.txt @@ -0,0 +1 @@ +anothersecret diff --git a/test/e2e/build/secret.txt b/test/e2e/build/secret.txt new file mode 100644 index 000000000..d9106c0af --- /dev/null +++ b/test/e2e/build/secret.txt @@ -0,0 +1 @@ +somesecret diff --git a/test/e2e/build_test.go b/test/e2e/build_test.go index 420ed929f..ad401ca83 100644 --- a/test/e2e/build_test.go +++ b/test/e2e/build_test.go @@ -59,6 +59,29 @@ var _ = Describe("Podman build", func() { Expect(session).Should(Exit(0)) }) + It("podman build with a secret from file", func() { + session := podmanTest.Podman([]string{"build", "-f", "build/Dockerfile.with-secret", "-t", "secret-test", "--secret", "id=mysecret,src=build/secret.txt", "build/"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + Expect(session.OutputToString()).To(ContainSubstring("somesecret")) + + session = podmanTest.Podman([]string{"rmi", "secret-test"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + }) + + It("podman build with multiple secrets from files", func() { + session := podmanTest.Podman([]string{"build", "-f", "build/Dockerfile.with-multiple-secret", "-t", "multiple-secret-test", "--secret", "id=mysecret,src=build/secret.txt", "--secret", "id=mysecret2,src=build/anothersecret.txt", "build/"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + Expect(session.OutputToString()).To(ContainSubstring("somesecret")) + Expect(session.OutputToString()).To(ContainSubstring("anothersecret")) + + session = podmanTest.Podman([]string{"rmi", "multiple-secret-test"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + }) + It("podman build with logfile", func() { logfile := filepath.Join(podmanTest.TempDir, "logfile") session := podmanTest.Podman([]string{"build", "--pull-never", "--tag", "test", "--logfile", logfile, "build/basicalpine"}) -- cgit v1.2.3-54-g00ecf