aboutsummaryrefslogtreecommitdiff
path: root/test/system/750-trust.bats
blob: 0d04c33dca4bb9252fec0a4aaacf151800e1cc7f (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45

#!/usr/bin/env bats   -*- bats -*-
#
# tests for podman image trust
#

load helpers

@test "podman image trust set" {
      skip_if_remote "trust only works locally"
      policypath=$PODMAN_TMPDIR/policy.json
      run_podman 125 image trust set --policypath=$policypath --type=bogus default
      is "$output" "Error: invalid choice: bogus.*" "error from --type=bogus"

      run_podman image trust set --policypath=$policypath --type=accept default
      run_podman image trust show --policypath=$policypath
      is "$output" ".*all  *default  *accept" "default policy should be accept"

      run_podman image trust set --policypath=$policypath --type=reject default
      run_podman image trust show --policypath=$policypath
      is "$output" ".*all  *default  *reject" "default policy should be reject"

      run_podman image trust set --policypath=$policypath --type=reject docker.io
      run_podman image trust show --policypath=$policypath
      is "$output" ".*all  *default  *reject" "default policy should still be reject"
      is "$output" ".*repository  *docker.io  *reject" "docker.io should also be reject"

      run_podman image trust show --policypath=$policypath --json
      subset=$(jq -r '.[0] | .repo_name, .type' <<<"$output" | fmt)
      is "$subset" "default reject" "--json also shows default"
      subset=$(jq -r '.[1] | .repo_name, .type' <<<"$output" | fmt)
      is "$subset" "docker.io reject" "--json also shows docker.io"

      run_podman image trust set --policypath=$policypath --type=accept docker.io
      run_podman image trust show --policypath=$policypath --json
      subset=$(jq -r '.[0] | .repo_name, .type' <<<"$output" | fmt)
      is "$subset" "default reject" "--json, default is still reject"
      subset=$(jq -r '.[1] | .repo_name, .type' <<<"$output" | fmt)
      is "$subset" "docker.io accept" "--json, docker.io should now be accept"

      policy="$(< $policypath)"
      run_podman image trust show --policypath=$policypath --raw
      is "$output" "$policy" "output should show match content of policy.json"
}

# vim: filetype=sh
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-09-24 18:28:32 +0000