From 6583f784fc2911139773fb65823c81b8ed74b3dd Mon Sep 17 00:00:00 2001 From: RTann Date: Tue, 3 Dec 2024 08:44:46 -0800 Subject: [PATCH] ci: replace docker with quay --- e2etests/testcase_test.go | 139 ++++++++++++++++++++++++-------------- 1 file changed, 88 insertions(+), 51 deletions(-) diff --git a/e2etests/testcase_test.go b/e2etests/testcase_test.go index 323752bf9..29e8166b3 100644 --- a/e2etests/testcase_test.go +++ b/e2etests/testcase_test.go @@ -45,8 +45,10 @@ func init() { // Cases which rely on a disabled feature flag are filtered out. var testCases = []testCase{ { - image: "ubuntu:16.04", - registry: "https://registry-1.docker.io", + image: "quay.io/rhacs-eng/qa:ubuntu-16.04", + registry: "https://quay.io", + username: os.Getenv("QUAY_RHACS_ENG_RO_USERNAME"), + password: os.Getenv("QUAY_RHACS_ENG_RO_PASSWORD"), source: "NVD", onlyCheckSpecifiedVulns: true, checkProvidedExecutables: true, @@ -91,8 +93,10 @@ var testCases = []testCase{ }, }, { - image: "docker.io/library/nginx:1.10", - registry: "https://registry-1.docker.io", + image: "quay.io/rhacs-eng/qa:nginx-1.10", + registry: "https://quay.io", + username: os.Getenv("QUAY_RHACS_ENG_RO_USERNAME"), + password: os.Getenv("QUAY_RHACS_ENG_RO_PASSWORD"), source: "NVD", namespace: "debian:8", expectedFeatures: []apiV1.Feature{ @@ -102,7 +106,7 @@ var testCases = []testCase{ VersionFormat: "dpkg", Version: "1:3.3-1", Vulnerabilities: nil, - AddedBy: "sha256:6d827a3ef358f4fa21ef8251f95492e667da826653fd43641cef5a877dc03a70", + AddedBy: "sha256:b87f0972440570029cb139e9ea513c3b9aad24cc0051d7c50226dd7f345af109", }, { Name: "coreutils", @@ -160,13 +164,15 @@ var testCases = []testCase{ }, }, }, - AddedBy: "sha256:6d827a3ef358f4fa21ef8251f95492e667da826653fd43641cef5a877dc03a70", + AddedBy: "sha256:b87f0972440570029cb139e9ea513c3b9aad24cc0051d7c50226dd7f345af109", }, }, }, { - image: "docker.io/kaizheh/apache-struts2-cve-2017-5638:latest", - registry: "https://registry-1.docker.io", + image: "quay.io/rhacs-eng/qa:kaizheh-apache-struts2-cve-2017-5638-latest", + registry: "https://quay.io", + username: os.Getenv("QUAY_RHACS_ENG_RO_USERNAME"), + password: os.Getenv("QUAY_RHACS_ENG_RO_PASSWORD"), source: "NVD", checkProvidedExecutables: true, namespace: "debian:8", @@ -530,14 +536,16 @@ var testCases = []testCase{ FixedBy: "1.0.9.8.6", }, }, - AddedBy: "sha256:9f0706ba7422412cd468804fee456786f88bed94bf9aea6dde2a47f770d19d27", + AddedBy: "sha256:a725810793221ffd6cc25a40bf9439d1bc10605735ca4da28af1e712ab8420de", FixedBy: "1.0.9.8.6", }, }, }, { - image: "docker.io/anchore/anchore-engine:v0.5.0", - registry: "https://registry-1.docker.io", + image: "quay.io/rhacs-eng/qa:anchore-anchore-engine-v0.5.0", + registry: "https://quay.io", + username: os.Getenv("QUAY_RHACS_ENG_RO_USERNAME"), + password: os.Getenv("QUAY_RHACS_ENG_RO_PASSWORD"), source: "Red Hat", namespace: "centos:7", // This image is older than June 2020, so we need to explicitly request for an uncertified scan. @@ -1004,7 +1012,7 @@ var testCases = []testCase{ }, }, }, - AddedBy: "sha256:c8d67acdb2ffaebd638cf55a8fccc63693211060670aa7f0ea1d65b5d2c674dd", + AddedBy: "sha256:3a7df7a31d0379653de0a8eb812af69dbaa65e84e6dfa8da0162d23a2da5b26d", }, }, }, @@ -2479,8 +2487,11 @@ var testCases = []testCase{ // Verify digest-based scanning and also a v1 versioned image // This image result has two layers with the same digests, so it checks a duplicate layer case { - image: "docker.io/richxsl/rhel7@sha256:8f3aae325d2074d2dc328cb532d6e7aeb0c588e15ddf847347038fe0566364d6", - registry: "https://registry-1.docker.io", + // quay.io/rhacs-eng/qa:richxsl-rhel7-sha256-8f3aae325d2074d2dc328cb532d6e7aeb0c588e15ddf847347038fe0566364d6 + image: "quay.io/rhacs-eng/qa@sha256:092233f7907ea86d4480a2b3fd82fb836f518b9bff48aa9a73463fab4af40f65", + registry: "https://quay.io", + username: os.Getenv("QUAY_RHACS_ENG_RO_USERNAME"), + password: os.Getenv("QUAY_RHACS_ENG_RO_PASSWORD"), source: "NVD", uncertifiedRHEL: true, namespace: "centos:7", @@ -2490,7 +2501,7 @@ var testCases = []testCase{ NamespaceName: "centos:7", VersionFormat: "rpm", Version: "1.4.1-5.el7", - AddedBy: "sha256:1de5db95c59529b8423a336fac27e0bf8a9f4fced0fcc32377c9170ab481a8e9", + AddedBy: "sha256:17b2a618d73663dfbfc53ad5b0d74894ce659b6685d12301e13d2cebfa454b39", }, }, }, @@ -2511,8 +2522,10 @@ var testCases = []testCase{ }, }, { - image: "alpine:3.13.0", - registry: "https://registry-1.docker.io", + image: "quay.io/rhacs-eng/qa:alpine-3.13.0", + registry: "https://quay.io", + username: os.Getenv("QUAY_RHACS_ENG_RO_USERNAME"), + password: os.Getenv("QUAY_RHACS_ENG_RO_PASSWORD"), source: "NVD", onlyCheckSpecifiedVulns: true, namespace: "alpine:v3.13", @@ -2573,7 +2586,7 @@ var testCases = []testCase{ FixedBy: "2.12.6-r0", }, }, - AddedBy: "sha256:596ba82af5aaa3e2fd9d6f955b8b94f0744a2b60710e3c243ba3e4a467f051d1", + AddedBy: "sha256:9c4afaba1fb00d8f884dad50e7fd333196cbb2e03734c5b34bbcbfc5e38a9387", FixedBy: "2.12.6-r0", Executables: []*v1.Executable{ { @@ -2627,7 +2640,7 @@ var testCases = []testCase{ FixedBy: "1.32.1-r4", }, }, - AddedBy: "sha256:596ba82af5aaa3e2fd9d6f955b8b94f0744a2b60710e3c243ba3e4a467f051d1", + AddedBy: "sha256:9c4afaba1fb00d8f884dad50e7fd333196cbb2e03734c5b34bbcbfc5e38a9387", FixedBy: "1.32.1-r9", Executables: []*v1.Executable{ { @@ -2663,8 +2676,10 @@ var testCases = []testCase{ }, }, { - image: "alpine:3.14.0", - registry: "https://registry-1.docker.io", + image: "quay.io/rhacs-eng/qa:alpine-3.14.0", + registry: "https://quay.io", + username: os.Getenv("QUAY_RHACS_ENG_RO_USERNAME"), + password: os.Getenv("QUAY_RHACS_ENG_RO_PASSWORD"), source: "NVD", onlyCheckSpecifiedVulns: true, namespace: "alpine:v3.14", @@ -2700,7 +2715,7 @@ var testCases = []testCase{ FixedBy: "2.12.6-r0", }, }, - AddedBy: "sha256:5843afab387455b37944e709ee8c78d7520df80f8d01cf7f861aae63beeddb6b", + AddedBy: "sha256:27d926d71d0bbab9c30ef1caf3f631514971f7c7c9435f6ac7967ea0d1705e22", FixedBy: "2.12.6-r0", }, { @@ -2708,14 +2723,16 @@ var testCases = []testCase{ NamespaceName: "alpine:v3.14", VersionFormat: "apk", Version: "1.33.1-r2", - AddedBy: "sha256:5843afab387455b37944e709ee8c78d7520df80f8d01cf7f861aae63beeddb6b", + AddedBy: "sha256:27d926d71d0bbab9c30ef1caf3f631514971f7c7c9435f6ac7967ea0d1705e22", FixedBy: "1.33.1-r7", }, }, }, { - image: "alpine:3.15.0", - registry: "https://registry-1.docker.io", + image: "quay.io/rhacs-eng/qa:alpine-3.15.0", + registry: "https://quay.io", + username: os.Getenv("QUAY_RHACS_ENG_RO_USERNAME"), + password: os.Getenv("QUAY_RHACS_ENG_RO_PASSWORD"), source: "NVD", onlyCheckSpecifiedVulns: true, namespace: "alpine:v3.15", @@ -2725,21 +2742,23 @@ var testCases = []testCase{ NamespaceName: "alpine:v3.15", VersionFormat: "apk", Version: "2.12.7-r3", - AddedBy: "sha256:59bf1c3509f33515622619af21ed55bbe26d24913cedbca106468a5fb37a50c3", + AddedBy: "sha256:f4a33864689e6fb2f052728abdf9e2ca75d28ee36cfafe0bda5b98efdea5772d", }, { Name: "busybox", NamespaceName: "alpine:v3.15", VersionFormat: "apk", Version: "1.34.1-r3", - AddedBy: "sha256:59bf1c3509f33515622619af21ed55bbe26d24913cedbca106468a5fb37a50c3", + AddedBy: "sha256:f4a33864689e6fb2f052728abdf9e2ca75d28ee36cfafe0bda5b98efdea5772d", FixedBy: "1.34.1-r5", }, }, }, { - image: "alpine:3.16.0", - registry: "https://registry-1.docker.io", + image: "quay.io/rhacs-eng/qa:alpine-3.16.0", + registry: "https://quay.io", + username: os.Getenv("QUAY_RHACS_ENG_RO_USERNAME"), + password: os.Getenv("QUAY_RHACS_ENG_RO_PASSWORD"), source: "NVD", onlyCheckSpecifiedVulns: true, namespace: "alpine:v3.16", @@ -2822,8 +2841,10 @@ var testCases = []testCase{ }, }, { - image: "alpine:3.17.0", - registry: "https://registry-1.docker.io", + image: "quay.io/rhacs-eng/qa:alpine-3.17.0", + registry: "https://quay.io", + username: os.Getenv("QUAY_RHACS_ENG_RO_USERNAME"), + password: os.Getenv("QUAY_RHACS_ENG_RO_PASSWORD"), source: "NVD", onlyCheckSpecifiedVulns: true, namespace: "alpine:v3.17", @@ -2833,7 +2854,7 @@ var testCases = []testCase{ NamespaceName: "alpine:v3.17", VersionFormat: "apk", Version: "2.12.10-r1", - AddedBy: "sha256:c158987b05517b6f2c5913f3acef1f2182a32345a304fe357e3ace5fadcad715", + AddedBy: "sha256:2815b02d45841c8d883e7b46b390e60fdfed11a471cccc85254595147e8e4588", }, }, }, @@ -2905,8 +2926,10 @@ var testCases = []testCase{ }, }, { - image: "docker.io/anchore/anchore-engine:v0.9.4", - registry: "https://registry-1.docker.io", + image: "quay.io/rhacs-eng/qa:anchore-anchore-engine-v0.9.4", + registry: "https://quay.io", + username: os.Getenv("QUAY_RHACS_ENG_RO_USERNAME"), + password: os.Getenv("QUAY_RHACS_ENG_RO_PASSWORD"), source: "NVD", namespace: "rhel:8", unexpectedFeatures: []apiV1.Feature{ @@ -2917,8 +2940,10 @@ var testCases = []testCase{ }, }, { - image: "elastic/logstash:7.13.3", - registry: "https://registry-1.docker.io", + image: "quay.io/rhacs-eng/qa:elastic-logstash-7.13.3", + registry: "https://quay.io", + username: os.Getenv("QUAY_RHACS_ENG_RO_USERNAME"), + password: os.Getenv("QUAY_RHACS_ENG_RO_PASSWORD"), source: "NVD", namespace: "centos:7", expectedFeatures: []apiV1.Feature{ @@ -3241,8 +3266,10 @@ var testCases = []testCase{ }, }, { - image: "docker.io/busybox:1.35.0", - registry: "https://registry-1.docker.io", + image: "quay.io/rhacs-eng/qa:busybox-1.35.0", + registry: "https://quay.io", + username: os.Getenv("QUAY_RHACS_ENG_RO_USERNAME"), + password: os.Getenv("QUAY_RHACS_ENG_RO_PASSWORD"), source: "NVD", namespace: "busybox:1.35.0", }, @@ -3379,8 +3406,10 @@ var testCases = []testCase{ }, }, { - image: "ubuntu:22.04@sha256:cd3d86f1fb368c6a53659d467560010ab9e0695528127ea336fe32f68f7ba09f", - registry: "https://registry-1.docker.io", + image: "quay.io/rhacs-eng/qa:ubuntu-22.04-sha256-cd3d86f1fb368c6a53659d467560010ab9e0695528127ea336fe32f68f7ba09f", + registry: "https://quay.io", + username: os.Getenv("QUAY_RHACS_ENG_RO_USERNAME"), + password: os.Getenv("QUAY_RHACS_ENG_RO_PASSWORD"), source: "NVD", onlyCheckSpecifiedVulns: true, namespace: "ubuntu:22.04", @@ -3402,8 +3431,10 @@ var testCases = []testCase{ }, }, { - image: "ubuntu:22.10@sha256:4f9ec2c0aa321966bfe625bc485aa1d6e96549679cfdf98bb404dfcb8e141a7f", - registry: "https://registry-1.docker.io", + image: "quay.io/rhacs-eng/qa:ubuntu-22.10-sha256-4f9ec2c0aa321966bfe625bc485aa1d6e96549679cfdf98bb404dfcb8e141a7f", + registry: "https://quay.io", + username: os.Getenv("QUAY_RHACS_ENG_RO_USERNAME"), + password: os.Getenv("QUAY_RHACS_ENG_RO_PASSWORD"), source: "NVD", onlyCheckSpecifiedVulns: true, namespace: "ubuntu:22.10", @@ -4087,8 +4118,10 @@ All OpenShift Container Platform 4.10 users are advised to upgrade to these upda }, }, { - image: "alpine:3.18.3", - registry: "https://registry-1.docker.io", + image: "quay.io/rhacs-eng/qa:alpine-3.18.3", + registry: "https://quay.io", + username: os.Getenv("QUAY_RHACS_ENG_RO_USERNAME"), + password: os.Getenv("QUAY_RHACS_ENG_RO_PASSWORD"), source: "NVD", onlyCheckSpecifiedVulns: true, namespace: "alpine:v3.18", @@ -4098,13 +4131,15 @@ All OpenShift Container Platform 4.10 users are advised to upgrade to these upda NamespaceName: "alpine:v3.18", VersionFormat: "apk", Version: "2.14.0-r2", - AddedBy: "sha256:7264a8db6415046d36d16ba98b79778e18accee6ffa71850405994cffa9be7de", + AddedBy: "sha256:97d7b294855ea22919bd873ce14c0bde0ba6702a2324133153d589153d96bd93", }, }, }, { - image: "debian:12.0", - registry: "https://registry-1.docker.io", + image: "quay.io/rhacs-eng/qa:debian-12.0", + registry: "https://quay.io", + username: os.Getenv("QUAY_RHACS_ENG_RO_USERNAME"), + password: os.Getenv("QUAY_RHACS_ENG_RO_PASSWORD"), source: "NVD", onlyCheckSpecifiedVulns: true, namespace: "debian:12", @@ -4155,8 +4190,10 @@ All OpenShift Container Platform 4.10 users are advised to upgrade to these upda }, }, { - image: "nginx:1.25.0-alpine", - registry: "https://registry-1.docker.io", + image: "quay.io/rhacs-eng/qa:nginx-1.25.0-alpine", + registry: "https://quay.io", + username: os.Getenv("QUAY_RHACS_ENG_RO_USERNAME"), + password: os.Getenv("QUAY_RHACS_ENG_RO_PASSWORD"), source: "NVD", namespace: "alpine:v3.17", onlyCheckSpecifiedVulns: true, @@ -4193,7 +4230,7 @@ All OpenShift Container Platform 4.10 users are advised to upgrade to these upda }, }, FixedBy: "1.8.7-r0", - AddedBy: "sha256:4aacde79cec42c8d0c5886185e70a16b107ae8c6b1a67d63d6efdb6d6978ed97", + AddedBy: "sha256:8ba39c19cf5d314e89905dfbfe4100fb747ecee0cba4a16104f4c3d904b22f21", }, { Name: "nghttp2", @@ -4227,7 +4264,7 @@ All OpenShift Container Platform 4.10 users are advised to upgrade to these upda }, }, FixedBy: "1.51.0-r2", - AddedBy: "sha256:4aacde79cec42c8d0c5886185e70a16b107ae8c6b1a67d63d6efdb6d6978ed97", + AddedBy: "sha256:8ba39c19cf5d314e89905dfbfe4100fb747ecee0cba4a16104f4c3d904b22f21", }, }, },