github.com/containers/podman/v5@v5.1.0-rc1/test/system/330-corrupt-images.bats (about) 1 #!/usr/bin/env bats -*- bats -*- 2 # 3 # All tests in here perform nasty manipulations on image storage. 4 # 5 6 load helpers 7 8 ############################################################################### 9 # BEGIN setup/teardown 10 11 # Create a scratch directory; this is what we'll use for image store and cache 12 if [ -z "${PODMAN_CORRUPT_TEST_WORKDIR}" ]; then 13 export PODMAN_CORRUPT_TEST_WORKDIR=$(mktemp -d --tmpdir=${BATS_TMPDIR:-${TMPDIR:-/tmp}} podman_corrupt_test.XXXXXX) 14 fi 15 16 PODMAN_CORRUPT_TEST_IMAGE_CANONICAL_FQIN=quay.io/libpod/alpine@sha256:634a8f35b5f16dcf4aaa0822adc0b1964bb786fca12f6831de8ddc45e5986a00 17 PODMAN_CORRUPT_TEST_IMAGE_TAGGED_FQIN=${PODMAN_CORRUPT_TEST_IMAGE_CANONICAL_FQIN%%@sha256:*}:test 18 PODMAN_CORRUPT_TEST_IMAGE_ID=961769676411f082461f9ef46626dd7a2d1e2b2a38e6a44364bcbecf51e66dd4 19 20 function setup() { 21 skip_if_remote "none of these tests run under podman-remote" 22 23 # DANGER! This completely changes the behavior of run_podman, 24 # forcing it to use a quarantined directory. Make certain that 25 # it gets unset in teardown. 26 _PODMAN_TEST_OPTS="--storage-driver=vfs $(podman_isolation_opts ${PODMAN_CORRUPT_TEST_WORKDIR})" 27 } 28 29 function teardown() { 30 # No other tests should ever run with these scratch options 31 unset _PODMAN_TEST_OPTS 32 33 is_remote && return 34 35 # Clean up 36 umount ${PODMAN_CORRUPT_TEST_WORKDIR}/root/overlay || true 37 if is_rootless; then 38 run_podman unshare rm -rf ${PODMAN_CORRUPT_TEST_WORKDIR}/root 39 else 40 rm -rf ${PODMAN_CORRUPT_TEST_WORKDIR}/root 41 fi 42 } 43 44 # END setup/teardown 45 ############################################################################### 46 # BEGIN primary test helper 47 48 # This is our main action, invoked by every actual test. It: 49 # - creates a new empty rootdir 50 # - populates it with our crafted test image 51 # - removes [ manifest, blob ] 52 # - confirms that "podman images" throws an error 53 # - runs the specified command (rmi -a -f, prune, reset, etc) 54 # - confirms that it succeeds, and also emits expected warnings 55 function _corrupt_image_test() { 56 # Run this test twice: once removing manifest, once removing blob 57 for what_to_rm in manifest blob; do 58 # I have no idea, but this sometimes remains mounted 59 umount ${PODMAN_CORRUPT_TEST_WORKDIR}/root/overlay || true 60 # Start with a fresh storage root, load prefetched image into it. 61 /bin/rm -rf ${PODMAN_CORRUPT_TEST_WORKDIR}/root 62 mkdir -p ${PODMAN_CORRUPT_TEST_WORKDIR}/root 63 run_podman load -i ${PODMAN_CORRUPT_TEST_WORKDIR}/img.tar 64 # "podman load" restores it without a tag, which (a) causes rmi-by-name 65 # to fail, and (b) causes "podman images" to exit 0 instead of 125 66 run_podman tag ${PODMAN_CORRUPT_TEST_IMAGE_ID} ${PODMAN_CORRUPT_TEST_IMAGE_TAGGED_FQIN} 67 68 # shortcut variable name 69 local id=${PODMAN_CORRUPT_TEST_IMAGE_ID} 70 71 case "$what_to_rm" in 72 manifest) rm_path=manifest ;; 73 blob) rm_path="=$(echo -n "sha256:$id" | base64 -w0)" ;; 74 *) die "Internal error: unknown action '$what_to_rm'" ;; 75 esac 76 77 # Corruptify, and confirm that 'podman images' throws an error 78 rm -v ${PODMAN_CORRUPT_TEST_WORKDIR}/root/*-images/$id/${rm_path} 79 run_podman 125 images 80 is "$output" "Error: locating item named \".*\" for image with ID \"$id\" (consider removing the image to resolve the issue): file does not exist.*" 81 82 # Run the requested command. Confirm it succeeds, with suitable warnings. 83 run_podman 0+w $* 84 # There are three different variations on the warnings, allow each... 85 allow_warnings "Failed to determine parent of image: .*, ignoring the error" \ 86 "Failed to determine if an image is a parent: .*, ignoring the error" \ 87 "Failed to determine if an image is a manifest list: .*, ignoring the error" 88 # ...but make sure we get at least one 89 require_warning "Failed to determine (parent|if an image is) .*, ignoring the error" 90 91 run_podman images -a --noheading 92 is "$output" "" "podman images -a, after $*, is empty" 93 done 94 } 95 96 # END primary test helper 97 ############################################################################### 98 # BEGIN first "test" does a one-time pull of our desired image 99 100 @test "podman corrupt images - initialize" { 101 # Pull once, save cached copy. 102 run_podman pull $PODMAN_CORRUPT_TEST_IMAGE_CANONICAL_FQIN 103 run_podman save -o ${PODMAN_CORRUPT_TEST_WORKDIR}/img.tar \ 104 $PODMAN_CORRUPT_TEST_IMAGE_CANONICAL_FQIN 105 } 106 107 # END first "test" does a one-time pull of our desired image 108 ############################################################################### 109 # BEGIN actual tests 110 111 @test "podman corrupt images - rmi -f <image-id>" { 112 _corrupt_image_test "rmi -f ${PODMAN_CORRUPT_TEST_IMAGE_ID}" 113 } 114 115 @test "podman corrupt images - rmi -f <image-tagged-name>" { 116 _corrupt_image_test "rmi -f ${PODMAN_CORRUPT_TEST_IMAGE_TAGGED_FQIN}" 117 } 118 119 @test "podman corrupt images - rmi -f -a" { 120 _corrupt_image_test "rmi -f -a" 121 } 122 123 @test "podman corrupt images - image prune" { 124 _corrupt_image_test "image prune -a -f" 125 } 126 127 @test "podman corrupt images - system reset" { 128 _corrupt_image_test "system reset -f" 129 } 130 131 # END actual tests 132 ############################################################################### 133 # BEGIN final cleanup 134 135 @test "podman corrupt images - cleanup" { 136 rm -rf ${PODMAN_CORRUPT_TEST_WORKDIR} 137 } 138 139 # END final cleanup 140 ############################################################################### 141 142 # vim: filetype=sh