github.com/containers/podman/v5@v5.1.0-rc1/test/e2e/trust_test.go (about) 1 package integration 2 3 import ( 4 "encoding/json" 5 "os" 6 "path/filepath" 7 8 . "github.com/containers/podman/v5/test/utils" 9 . "github.com/onsi/ginkgo/v2" 10 . "github.com/onsi/gomega" 11 ) 12 13 // Without Ordered, tests flake with "Getting key identity" (#18358) 14 var _ = Describe("Podman trust", Ordered, func() { 15 16 BeforeEach(func() { 17 SkipIfRemote("podman-remote does not support image trust") 18 }) 19 20 It("podman image trust show", func() { 21 session := podmanTest.Podman([]string{"image", "trust", "show", "-n", "--registrypath", filepath.Join(INTEGRATION_ROOT, "test"), "--policypath", filepath.Join(INTEGRATION_ROOT, "test/policy.json")}) 22 session.WaitWithDefaultTimeout() 23 Expect(session).Should(ExitCleanly()) 24 outArray := session.OutputToStringArray() 25 Expect(outArray).To(HaveLen(3)) 26 27 // Repository order is not guaranteed. So, check that 28 // all expected lines appear in output; we also check total number of lines, so that handles all of them. 29 Expect(string(session.Out.Contents())).To(MatchRegexp(`(?m)^all\s+default\s+accept\s*$`)) 30 Expect(string(session.Out.Contents())).To(MatchRegexp(`(?m)^repository\s+docker.io/library/hello-world\s+reject\s*$`)) 31 Expect(string(session.Out.Contents())).To(MatchRegexp(`(?m)^repository\s+registry.access.redhat.com\s+signed\s+security@redhat.com, security@redhat.com\s+https://access.redhat.com/webassets/docker/content/sigstore\s*$`)) 32 }) 33 34 It("podman image trust set", func() { 35 policyJSON := filepath.Join(podmanTest.TempDir, "trust_set_test.json") 36 session := podmanTest.Podman([]string{"image", "trust", "set", "--policypath", policyJSON, "-t", "accept", "default"}) 37 session.WaitWithDefaultTimeout() 38 Expect(session).Should(ExitCleanly()) 39 var teststruct map[string][]map[string]string 40 policyContent, err := os.ReadFile(policyJSON) 41 if err != nil { 42 os.Exit(1) 43 } 44 err = json.Unmarshal(policyContent, &teststruct) 45 if err != nil { 46 os.Exit(1) 47 } 48 Expect(teststruct["default"][0]).To(HaveKeyWithValue("type", "insecureAcceptAnything")) 49 }) 50 51 It("podman image trust show --json", func() { 52 session := podmanTest.Podman([]string{"image", "trust", "show", "--registrypath", filepath.Join(INTEGRATION_ROOT, "test"), "--policypath", filepath.Join(INTEGRATION_ROOT, "test/policy.json"), "--json"}) 53 session.WaitWithDefaultTimeout() 54 Expect(session).Should(ExitCleanly()) 55 Expect(session.OutputToString()).To(BeValidJSON()) 56 var teststruct []map[string]string 57 err = json.Unmarshal(session.Out.Contents(), &teststruct) 58 Expect(err).ToNot(HaveOccurred()) 59 Expect(teststruct).To(HaveLen(3)) 60 // To ease comparison, group the unordered array of repos by repo (and we expect only one entry by repo, so order within groups doesn’t matter) 61 repoMap := map[string][]map[string]string{} 62 for _, e := range teststruct { 63 key := e["name"] 64 repoMap[key] = append(repoMap[key], e) 65 } 66 Expect(repoMap).To(Equal(map[string][]map[string]string{ 67 "* (default)": {{ 68 "type": "accept", 69 "transport": "all", 70 "name": "* (default)", 71 "repo_name": "default", 72 }}, 73 "docker.io/library/hello-world": {{ 74 "transport": "repository", 75 "name": "docker.io/library/hello-world", 76 "repo_name": "docker.io/library/hello-world", 77 "type": "reject", 78 }}, 79 "registry.access.redhat.com": {{ 80 "transport": "repository", 81 "name": "registry.access.redhat.com", 82 "repo_name": "registry.access.redhat.com", 83 "sigstore": "https://access.redhat.com/webassets/docker/content/sigstore", 84 "type": "signed", 85 "gpg_id": "security@redhat.com, security@redhat.com", 86 }}, 87 })) 88 }) 89 90 It("podman image trust show --raw", func() { 91 session := podmanTest.Podman([]string{"image", "trust", "show", "--policypath", filepath.Join(INTEGRATION_ROOT, "test/policy.json"), "--raw"}) 92 session.WaitWithDefaultTimeout() 93 Expect(session).Should(ExitCleanly()) 94 contents, err := os.ReadFile(filepath.Join(INTEGRATION_ROOT, "test/policy.json")) 95 Expect(err).ShouldNot(HaveOccurred()) 96 Expect(session.OutputToString()).To(BeValidJSON()) 97 Expect(string(session.Out.Contents())).To(Equal(string(contents) + "\n")) 98 }) 99 })