github.com/AbhinandanKurakure/podman/v3@v3.4.10/test/e2e/trust_test.go (about) 1 package integration 2 3 import ( 4 "encoding/json" 5 "io/ioutil" 6 "os" 7 "path/filepath" 8 9 . "github.com/containers/podman/v3/test/utils" 10 . "github.com/onsi/ginkgo" 11 . "github.com/onsi/gomega" 12 . "github.com/onsi/gomega/gexec" 13 ) 14 15 var _ = Describe("Podman trust", func() { 16 var ( 17 tempdir string 18 19 err error 20 podmanTest *PodmanTestIntegration 21 ) 22 23 BeforeEach(func() { 24 SkipIfRemote("podman-remote does not support image trust") 25 tempdir, err = CreateTempDirInTempDir() 26 if err != nil { 27 os.Exit(1) 28 } 29 podmanTest = PodmanTestCreate(tempdir) 30 podmanTest.Setup() 31 podmanTest.SeedImages() 32 }) 33 34 AfterEach(func() { 35 podmanTest.Cleanup() 36 f := CurrentGinkgoTestDescription() 37 processTestResult(f) 38 39 }) 40 41 It("podman image trust show", func() { 42 session := podmanTest.Podman([]string{"image", "trust", "show", "--registrypath", filepath.Join(INTEGRATION_ROOT, "test"), "--policypath", filepath.Join(INTEGRATION_ROOT, "test/policy.json")}) 43 session.WaitWithDefaultTimeout() 44 Expect(session).Should(Exit(0)) 45 outArray := session.OutputToStringArray() 46 Expect(len(outArray)).To(Equal(3)) 47 48 // Repository order is not guaranteed. So, check that 49 // all expected lines appear in output; we also check total number of lines, so that handles all of them. 50 Expect(string(session.Out.Contents())).To(MatchRegexp(`(?m)^default\s+accept\s*$`)) 51 Expect(string(session.Out.Contents())).To(MatchRegexp(`(?m)^docker.io/library/hello-world\s+reject\s*$`)) 52 Expect(string(session.Out.Contents())).To(MatchRegexp(`(?m)^registry.access.redhat.com\s+signedBy\s+security@redhat.com, security@redhat.com\s+https://access.redhat.com/webassets/docker/content/sigstore\s*$`)) 53 }) 54 55 It("podman image trust set", func() { 56 path, err := os.Getwd() 57 if err != nil { 58 os.Exit(1) 59 } 60 session := podmanTest.Podman([]string{"image", "trust", "set", "--policypath", filepath.Join(filepath.Dir(path), "trust_set_test.json"), "-t", "accept", "default"}) 61 session.WaitWithDefaultTimeout() 62 Expect(session).Should(Exit(0)) 63 var teststruct map[string][]map[string]string 64 policyContent, err := ioutil.ReadFile(filepath.Join(filepath.Dir(path), "trust_set_test.json")) 65 if err != nil { 66 os.Exit(1) 67 } 68 err = json.Unmarshal(policyContent, &teststruct) 69 if err != nil { 70 os.Exit(1) 71 } 72 Expect(teststruct["default"][0]["type"]).To(Equal("insecureAcceptAnything")) 73 }) 74 75 It("podman image trust show --json", func() { 76 session := podmanTest.Podman([]string{"image", "trust", "show", "--registrypath", filepath.Join(INTEGRATION_ROOT, "test"), "--policypath", filepath.Join(INTEGRATION_ROOT, "test/policy.json"), "--json"}) 77 session.WaitWithDefaultTimeout() 78 Expect(session).Should(Exit(0)) 79 Expect(session.IsJSONOutputValid()).To(BeTrue()) 80 var teststruct []map[string]string 81 json.Unmarshal(session.Out.Contents(), &teststruct) 82 Expect(len(teststruct)).To(Equal(3)) 83 // To ease comparison, group the unordered array of repos by repo (and we expect only one entry by repo, so order within groups doesn’t matter) 84 repoMap := map[string][]map[string]string{} 85 for _, e := range teststruct { 86 key := e["name"] 87 repoMap[key] = append(repoMap[key], e) 88 } 89 Expect(repoMap).To(Equal(map[string][]map[string]string{ 90 "* (default)": {{ 91 "name": "* (default)", 92 "repo_name": "default", 93 "sigstore": "", 94 "transport": "", 95 "type": "accept", 96 }}, 97 "docker.io/library/hello-world": {{ 98 "name": "docker.io/library/hello-world", 99 "repo_name": "docker.io/library/hello-world", 100 "sigstore": "", 101 "transport": "", 102 "type": "reject", 103 }}, 104 "registry.access.redhat.com": {{ 105 "name": "registry.access.redhat.com", 106 "repo_name": "registry.access.redhat.com", 107 "sigstore": "https://access.redhat.com/webassets/docker/content/sigstore", 108 "transport": "", 109 "type": "signedBy", 110 "gpg_id": "security@redhat.com, security@redhat.com", 111 }}, 112 })) 113 }) 114 115 It("podman image trust show --raw", func() { 116 session := podmanTest.Podman([]string{"image", "trust", "show", "--policypath", filepath.Join(INTEGRATION_ROOT, "test/policy.json"), "--raw"}) 117 session.WaitWithDefaultTimeout() 118 Expect(session).Should(Exit(0)) 119 contents, err := ioutil.ReadFile(filepath.Join(INTEGRATION_ROOT, "test/policy.json")) 120 Expect(err).ShouldNot(HaveOccurred()) 121 Expect(session.IsJSONOutputValid()).To(BeTrue()) 122 Expect(string(session.Out.Contents())).To(Equal(string(contents) + "\n")) 123 }) 124 })