Skip to content

Commit

Permalink
tests: auth image test
Browse files Browse the repository at this point in the history
Signed-off-by: Colin Walters <[email protected]>
  • Loading branch information
cgwalters committed Jun 5, 2024
1 parent fd2e428 commit 0f56cb7
Show file tree
Hide file tree
Showing 2 changed files with 23 additions and 2 deletions.
8 changes: 6 additions & 2 deletions .github/workflows/rust.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ name: Rust

permissions:
actions: read
packages: write

on:
push:
Expand All @@ -14,6 +15,7 @@ on:
workflow_dispatch: {}

env:
REGISTRY: ghcr.io
CARGO_TERM_COLOR: always

jobs:
Expand Down Expand Up @@ -133,7 +135,7 @@ jobs:
needs: build
runs-on: ubuntu-latest
container:
image: quay.io/fedora/fedora-coreos:testing-devel
image: quay.io/fedora/fedora-bootc:40
options: "--privileged --pid=host -v /var/tmp:/var/tmp -v /run/dbus:/run/dbus -v /run/systemd:/run/systemd -v /:/run/host"
steps:
- name: Checkout repository
Expand All @@ -144,8 +146,10 @@ jobs:
name: ostree-ext-cli
- name: Install
run: install ostree-ext-cli /usr/bin && rm -v ostree-ext-cli
- name: login
run: podman login --authfile=auth.json --username ${{ github.actor }} --password ${{ secrets.GITHUB_TOKEN }} ${{ env.REGISTRY }}
- name: Integration tests
run: ./ci/priv-integration.sh
run: env TEST_AUTH_FILE=$(pwd)/auth.json ./ci/priv-integration.sh
container-build:
name: "Container build"
needs: build
Expand Down
17 changes: 17 additions & 0 deletions ci/priv-integration.sh
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,23 @@ ostree-ext-cli container image prune-images --sysroot "${sysroot}"
ostree-ext-cli container image list --repo "${sysroot}/ostree/repo" > out.txt
test $(stat -c '%s' out.txt) = 0

if test -n "${TEST_AUTH_FILE}"; then
# REGISTRY must also be set
test -n "${REGISTRY}"
mkdir -p /etc/ostree
auth_image=$REGISTRY/testimage
skopeo copy --authfile ${TEST_AUTH_FILE} docker://${image} docker://$REGISTRY/testimage
if skopeo inspect -n --no-creds docker://$REGISTRY/testimage >/dev/null; then
echo "should have failed to access image"; exit 1
fi
auth_imgref=ostree-unverified-registry:${image}
if ostree-ext-cli container image pull --repo "${sysroot}/repo" "${auth_imgref}"; then
echo "should have failed to deploy authenticated image"; exit 1
fi
cp -p $TEST_AUTH_FILE /etc/ostree/auth.json
ostree-ext-cli container image pull --repo "${sysroot}/repo" "${auth_imgref}"
fi

for img in "${image}"; do
ostree-ext-cli container image deploy --sysroot "${sysroot}" \
--stateroot "${stateroot}" --imgref ostree-unverified-registry:"${img}"
Expand Down

0 comments on commit 0f56cb7

Please sign in to comment.