From c39f622d0a9477302f01df24ed4edcf14cc55fd0 Mon Sep 17 00:00:00 2001 From: Nalin Dahyabhai Date: Tue, 6 Aug 2024 16:11:39 -0400 Subject: [PATCH] unit tests: use test-specific policy.json and registries.conf In unit tests that create a SystemContext, point that SystemContext at the testing signature policy and registries configuration. This should cause us to pay attention to mirroring settings for images used by this set of tests. Signed-off-by: Nalin Dahyabhai --- buildah_test.go | 11 ++++++++++- cmd/buildah/common_test.go | 5 ++++- commit_test.go | 20 +++++++++++++------- convertcw_test.go | 5 ++--- 4 files changed, 29 insertions(+), 12 deletions(-) diff --git a/buildah_test.go b/buildah_test.go index cb9284dfbb5..35c8e2e735e 100644 --- a/buildah_test.go +++ b/buildah_test.go @@ -6,6 +6,7 @@ import ( "os" "testing" + imagetypes "github.com/containers/image/v5/types" "github.com/containers/storage" "github.com/containers/storage/types" "github.com/sirupsen/logrus" @@ -13,6 +14,13 @@ import ( "github.com/stretchr/testify/require" ) +var ( + testSystemContext = imagetypes.SystemContext{ + SignaturePolicyPath: "tests/policy.json", + SystemRegistriesConfPath: "tests/registries.conf", + } +) + func TestMain(m *testing.M) { var logLevel string debug := false @@ -68,7 +76,8 @@ func TestOpenBuilderCommonBuildOpts(t *testing.T) { require.NoError(t, err) require.NotNil(t, container) b, err = ImportBuilder(ctx, store, ImportOptions{ - Container: container.ID, + Container: container.ID, + SignaturePolicyPath: testSystemContext.SignaturePolicyPath, }) require.NoError(t, err) require.NotNil(t, b.CommonBuildOpts) diff --git a/cmd/buildah/common_test.go b/cmd/buildah/common_test.go index 4571d36c45f..c55e2060712 100644 --- a/cmd/buildah/common_test.go +++ b/cmd/buildah/common_test.go @@ -18,7 +18,10 @@ import ( var ( signaturePolicyPath = "" storeOptions, _ = storage.DefaultStoreOptions() - testSystemContext = types.SystemContext{} + testSystemContext = types.SystemContext{ + SignaturePolicyPath: "../../tests/policy.json", + SystemRegistriesConfPath: "../../tests/registries.conf", + } ) func TestMain(m *testing.M) { diff --git a/commit_test.go b/commit_test.go index a3c6fa3fbbe..96f540e509a 100644 --- a/commit_test.go +++ b/commit_test.go @@ -12,7 +12,6 @@ import ( "time" imageStorage "github.com/containers/image/v5/storage" - "github.com/containers/image/v5/types" "github.com/containers/storage" storageTypes "github.com/containers/storage/types" v1 "github.com/opencontainers/image-spec/specs-go/v1" @@ -23,7 +22,6 @@ import ( func TestCommitLinkedLayers(t *testing.T) { ctx := context.TODO() - systemContext := types.SystemContext{} now := time.Now() graphDriverName := os.Getenv("STORAGE_DRIVER") @@ -84,6 +82,7 @@ func TestCommitLinkedLayers(t *testing.T) { Name: string(rspec.NetworkNamespace), Host: true, }}, + SystemContext: &testSystemContext, } b, err := NewBuilder(ctx, store, builderOptions) require.NoError(t, err, "creating builder") @@ -91,7 +90,9 @@ func TestCommitLinkedLayers(t *testing.T) { firstFile := makeFile("file0", 0) err = b.Add("/", false, AddAndCopyOptions{}, firstFile) require.NoError(t, err, "adding", firstFile) - commitOptions := CommitOptions{} + commitOptions := CommitOptions{ + SystemContext: &testSystemContext, + } ref, err := imageStorage.Transport.ParseStoreReference(store, imageName(layerNumber)) require.NoError(t, err, "parsing reference for to-be-committed image", imageName(layerNumber)) _, _, _, err = b.Commit(ctx, ref, commitOptions) @@ -106,7 +107,9 @@ func TestCommitLinkedLayers(t *testing.T) { secondFile := makeFile("file1", 0) err = b.Add("/", false, AddAndCopyOptions{}, secondFile) require.NoError(t, err, "adding", secondFile) - commitOptions = CommitOptions{} + commitOptions = CommitOptions{ + SystemContext: &testSystemContext, + } ref, err = imageStorage.Transport.ParseStoreReference(store, imageName(layerNumber)) require.NoError(t, err, "parsing reference for to-be-committed image", imageName(layerNumber)) _, _, _, err = b.Commit(ctx, ref, commitOptions) @@ -161,6 +164,7 @@ func TestCommitLinkedLayers(t *testing.T) { }, }, }, + SystemContext: &testSystemContext, } b.AddAppendedLinkedLayer(nil, imageName(layerNumber+6), "", "", ninthArchiveFile) ref, err = imageStorage.Transport.ParseStoreReference(store, imageName(layerNumber)) @@ -177,7 +181,9 @@ func TestCommitLinkedLayers(t *testing.T) { tenthFile := makeFile("file9", 0) err = b.Add("/", false, AddAndCopyOptions{}, tenthFile) require.NoError(t, err, "adding", tenthFile) - commitOptions = CommitOptions{} + commitOptions = CommitOptions{ + SystemContext: &testSystemContext, + } ref, err = imageStorage.Transport.ParseStoreReference(store, imageName(layerNumber)) require.NoError(t, err, "parsing reference for to-be-committed image", imageName(layerNumber)) _, _, _, err = b.Commit(ctx, ref, commitOptions) @@ -186,10 +192,10 @@ func TestCommitLinkedLayers(t *testing.T) { // Get set to examine this image. At this point, each history entry // should just have "image%d" as its CreatedBy field, and each layer // should have the corresponding file (and nothing else) in it. - src, err := ref.NewImageSource(ctx, &systemContext) + src, err := ref.NewImageSource(ctx, &testSystemContext) require.NoError(t, err, "opening image source") defer src.Close() - img, err := ref.NewImage(ctx, &systemContext) + img, err := ref.NewImage(ctx, &testSystemContext) require.NoError(t, err, "opening image") defer img.Close() config, err := img.OCIConfig(ctx) diff --git a/convertcw_test.go b/convertcw_test.go index c70c18991bf..32f1fb61893 100644 --- a/convertcw_test.go +++ b/convertcw_test.go @@ -16,7 +16,6 @@ import ( "github.com/containers/buildah/internal/mkcw" mkcwtypes "github.com/containers/buildah/internal/mkcw/types" - "github.com/containers/image/v5/types" "github.com/containers/storage" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" @@ -68,7 +67,6 @@ func (d *dummyAttestationHandler) ServeHTTP(rw http.ResponseWriter, req *http.Re func TestCWConvertImage(t *testing.T) { ctx := context.TODO() - systemContext := &types.SystemContext{} for _, status := range []int{http.StatusOK, http.StatusInternalServerError} { for _, ignoreChainRetrievalErrors := range []bool{false, true} { for _, ignoreAttestationErrors := range []bool{false, true} { @@ -110,8 +108,9 @@ func TestCWConvertImage(t *testing.T) { AttestationURL: "http://" + addr.String(), IgnoreAttestationErrors: ignoreAttestationErrors, Slop: "16MB", + SignaturePolicyPath: testSystemContext.SignaturePolicyPath, } - id, _, _, err := CWConvertImage(ctx, systemContext, store, options) + id, _, _, err := CWConvertImage(ctx, &testSystemContext, store, options) if status != http.StatusOK && !ignoreAttestationErrors { assert.Error(t, err) return