zotregistry.io/zot@v1.4.4-0.20231124084042-02a8ed785457/test/blackbox/cloud_only.bats (about) 1 # Note: Intended to be run as "make run-blackbox-tests" or "make run-blackbox-cloud-ci" 2 # Makefile target installs & checks all necessary tooling 3 # Extra tools that are not covered in Makefile target needs to be added in verify_prerequisites() 4 5 load helpers_cloud 6 load helpers_wait 7 8 function setup() { 9 # Verify prerequisites are available 10 if ! $(verify_prerequisites); then 11 exit 1 12 fi 13 14 # Setup zot server 15 local zot_root_dir=${BATS_FILE_TMPDIR}/zot 16 local zot_config_file=${BATS_FILE_TMPDIR}/zot_config.json 17 18 echo ${zot_root_dir} >&3 19 20 mkdir -p ${zot_root_dir} 21 22 cat > ${zot_config_file}<<EOF 23 { 24 "distSpecVersion": "1.1.0-dev", 25 "storage": { 26 "rootDirectory": "${zot_root_dir}", 27 "dedupe": true, 28 "remoteCache": true, 29 "storageDriver": { 30 "name": "s3", 31 "rootdirectory": "/zot", 32 "region": "us-east-2", 33 "regionendpoint": "localhost:4566", 34 "bucket": "zot-storage", 35 "secure": false, 36 "skipverify": false 37 }, 38 "cacheDriver": { 39 "name": "dynamodb", 40 "endpoint": "http://localhost:4566", 41 "region": "us-east-2", 42 "cacheTablename": "BlobTable", 43 "repoMetaTablename": "RepoMetadataTable", 44 "imageMetaTablename": "ImageMetaTable", 45 "repoBlobsInfoTablename": "RepoBlobsInfoTable", 46 "userDataTablename": "UserDataTable", 47 "apiKeyTablename":"ApiKeyTable", 48 "versionTablename": "Version" 49 } 50 }, 51 "http": { 52 "address": "127.0.0.1", 53 "port": "8080", 54 "realm": "zot", 55 "auth": { 56 "openid": { 57 "providers": { 58 "oidc": { 59 "issuer": "http://127.0.0.1:5556/dex", 60 "clientid": "zot-client", 61 "clientsecret": "ZXhhbXBsZS1hcHAtc2VjcmV0", 62 "scopes": ["openid", "email", "groups"] 63 } 64 } 65 }, 66 "failDelay": 5 67 }, 68 "accessControl": { 69 "repositories": { 70 "**": { 71 "anonymousPolicy": ["read", "create"] 72 } 73 } 74 } 75 }, 76 "log": { 77 "level": "debug" 78 }, 79 "extensions": { 80 "metrics": { 81 "enable": true, 82 "prometheus": { 83 "path": "/metrics" 84 } 85 }, 86 "search": { 87 "enable": true 88 }, 89 "scrub": { 90 "enable": true, 91 "interval": "24h" 92 } 93 } 94 } 95 EOF 96 awslocal s3 --region "us-east-2" mb s3://zot-storage 97 awslocal dynamodb --region "us-east-2" create-table --table-name "BlobTable" --attribute-definitions AttributeName=Digest,AttributeType=S --key-schema AttributeName=Digest,KeyType=HASH --provisioned-throughput ReadCapacityUnits=10,WriteCapacityUnits=5 98 zot_serve_strace ${zot_config_file} 99 wait_zot_reachable 8080 100 } 101 102 function teardown() { 103 local zot_root_dir=${BATS_FILE_TMPDIR}/zot 104 zot_stop 105 rm -rf ${zot_root_dir} 106 awslocal s3 rb s3://"zot-storage" --force 107 awslocal dynamodb --region "us-east-2" delete-table --table-name "BlobTable" 108 } 109 110 dex_session () { 111 STATE=$(curl -L -f -s http://localhost:8080/zot/auth/login?provider=oidc | grep -m 1 -oP '(?<=state=)[^ ]*"' | cut -d \" -f1) 112 echo $STATE >&3 113 curl -L -f -s "http://127.0.0.1:5556/dex/auth/mock?client_id=zot-client&redirect_uri=http%3A%2F%2F127.0.0.1%3A8080%2Fzot%2Fauth%2Fcallback%2Foidc&response_type=code&scope=profile+email+groups+openid&state=$STATE" 114 } 115 116 @test "check dex is working" { 117 run dex_session 118 [ "$status" -eq 0 ] 119 } 120 121 @test "check for local disk writes" { 122 run skopeo --insecure-policy copy --dest-tls-verify=false \ 123 docker://centos:centos8 docker://localhost:8080/centos:8 124 [ "$status" -eq 0 ] 125 cat strace.txt | grep openat | grep -v O_RDONLY | grep -Eo '\".*\"' | while read -r line ; do 126 echo ${line} >&3 127 [[ "$line" =~ .*metadata.* || "$line" =~ .*trivy.* ]] 128 done 129 }