2019-08-20 16:13:20 +08:00
|
|
|
#!/usr/bin/env bash
|
2017-03-07 07:11:40 +08:00
|
|
|
|
2022-04-26 22:03:44 +08:00
|
|
|
# Directory in which tests live
|
|
|
|
|
TEST_SOURCES=${TEST_SOURCES:-$(dirname ${BASH_SOURCE})}
|
|
|
|
|
|
|
|
|
|
BUILDAH_BINARY=${BUILDAH_BINARY:-$TEST_SOURCES/../bin/buildah}
|
|
|
|
|
IMGTYPE_BINARY=${IMGTYPE_BINARY:-$TEST_SOURCES/../bin/imgtype}
|
|
|
|
|
COPY_BINARY=${COPY_BINARY:-$TEST_SOURCES/../bin/copy}
|
2022-07-22 05:21:43 +08:00
|
|
|
TUTORIAL_BINARY=${TUTORIAL_BINARY:-$TEST_SOURCES/../bin/tutorial}
|
2024-10-16 06:04:53 +08:00
|
|
|
INET_BINARY=${INET_BINARY:-$TEST_SOURCES/../bin/inet}
|
2025-04-23 05:46:03 +08:00
|
|
|
DUMPSPEC_BINARY=${DUMPSPEC_BINARY:-$TEST_SOURCES/../bin/dumpspec}
|
2025-07-04 23:33:17 +08:00
|
|
|
PASSWD_BINARY=${PASSWD_BINARY:-$TEST_SOURCES/../bin/passwd}
|
2017-06-17 02:21:43 +08:00
|
|
|
STORAGE_DRIVER=${STORAGE_DRIVER:-vfs}
|
2021-05-12 00:21:09 +08:00
|
|
|
PATH=$(dirname ${BASH_SOURCE})/../bin:${PATH}
|
2025-06-17 21:19:10 +08:00
|
|
|
OCI=${BUILDAH_RUNTIME:-$(${BUILDAH_BINARY} info --format '{{.host.OCIRuntime}}' || command -v runc || command -v crun)}
|
2019-04-02 05:56:29 +08:00
|
|
|
# Default timeout for a buildah command.
|
2019-04-03 21:38:25 +08:00
|
|
|
BUILDAH_TIMEOUT=${BUILDAH_TIMEOUT:-300}
|
2019-04-02 05:56:29 +08:00
|
|
|
|
2022-10-26 19:58:14 +08:00
|
|
|
# Safe reliable unchanging test image
|
|
|
|
|
SAFEIMAGE_REGISTRY=${SAFEIMAGE_REGISTRY:-quay.io}
|
|
|
|
|
SAFEIMAGE_USER=${SAFEIMAGE_USER:-libpod}
|
|
|
|
|
SAFEIMAGE_NAME=${SAFEIMAGE_NAME:-testimage}
|
|
|
|
|
SAFEIMAGE_TAG=${SAFEIMAGE_TAG:-20221018}
|
|
|
|
|
SAFEIMAGE="${SAFEIMAGE:-$SAFEIMAGE_REGISTRY/$SAFEIMAGE_USER/$SAFEIMAGE_NAME:$SAFEIMAGE_TAG}"
|
|
|
|
|
|
System test cleanup: document, clarify, fix
Primary purpose: fix "preconfigured TARGETARCH/etc" test so
it will work under podman and on multiarch.
Root cause of it not working: I mistakenly advised @flouthoc,
in #4310, to write a containerfile in $TEST_SCRATCH_DIR. I
thought it was an empty directory. Big, big mistake. (Sorry,
Aditya). Document this near the variable definition, and
fix the test once again.
@nalind pointed out that the containerfile doesn't need to
be generated on-the-fly, so, use a static one. In the spirit
of DIE, read the TARGETxxx vars from it. Not that we're
expecting more variables, but, it's just cleaner.
Also, as long as I'm here: in run_buildah, when logging the
command being run, use #/$ prompt for root/rootless. I was
getting too confused looking at logs of root runs.
Signed-off-by: Ed Santiago <santiago@redhat.com>
2022-10-06 01:28:24 +08:00
|
|
|
# Prompt to display when logging buildah commands; distinguish root/rootless
|
|
|
|
|
_LOG_PROMPT='$'
|
|
|
|
|
if [ $(id -u) -eq 0 ]; then
|
|
|
|
|
_LOG_PROMPT='#'
|
|
|
|
|
fi
|
|
|
|
|
|
2022-04-26 21:56:21 +08:00
|
|
|
# Shortcut for directory containing Containerfiles for bud.bats
|
2022-04-26 22:03:44 +08:00
|
|
|
BUDFILES=${TEST_SOURCES}/bud
|
2022-04-26 21:56:21 +08:00
|
|
|
|
2022-04-26 21:47:03 +08:00
|
|
|
# Used hundreds of times throughout all the tests
|
2022-04-26 22:03:44 +08:00
|
|
|
WITH_POLICY_JSON="--signature-policy ${TEST_SOURCES}/policy.json"
|
2022-04-26 21:47:03 +08:00
|
|
|
|
2020-01-30 00:05:20 +08:00
|
|
|
# We don't invoke gnupg directly in many places, but this avoids ENOTTY errors
|
|
|
|
|
# when we invoke it directly in batch mode, and CI runs us without a terminal
|
|
|
|
|
# attached.
|
|
|
|
|
export GPG_TTY=/dev/null
|
|
|
|
|
|
2021-07-26 14:07:23 +08:00
|
|
|
function setup(){
|
|
|
|
|
setup_tests
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function setup_tests() {
|
2021-03-31 04:35:49 +08:00
|
|
|
pushd "$(dirname "$(readlink -f "$BASH_SOURCE")")"
|
2020-09-18 22:15:36 +08:00
|
|
|
|
System test cleanup: document, clarify, fix
Primary purpose: fix "preconfigured TARGETARCH/etc" test so
it will work under podman and on multiarch.
Root cause of it not working: I mistakenly advised @flouthoc,
in #4310, to write a containerfile in $TEST_SCRATCH_DIR. I
thought it was an empty directory. Big, big mistake. (Sorry,
Aditya). Document this near the variable definition, and
fix the test once again.
@nalind pointed out that the containerfile doesn't need to
be generated on-the-fly, so, use a static one. In the spirit
of DIE, read the TARGETxxx vars from it. Not that we're
expecting more variables, but, it's just cleaner.
Also, as long as I'm here: in run_buildah, when logging the
command being run, use #/$ prompt for root/rootless. I was
getting too confused looking at logs of root runs.
Signed-off-by: Ed Santiago <santiago@redhat.com>
2022-10-06 01:28:24 +08:00
|
|
|
# $TEST_SCRATCH_DIR is a custom scratch directory for each @test,
|
|
|
|
|
# but it is NOT EMPTY! It is the caller's responsibility to make
|
|
|
|
|
# empty subdirectories as needed. All of it will be deleted upon
|
|
|
|
|
# test completion.
|
|
|
|
|
#
|
2021-05-14 05:08:35 +08:00
|
|
|
# buildah/podman: "repository name must be lowercase".
|
|
|
|
|
# me: "but it's a local file path, not a repository name!"
|
|
|
|
|
# buildah/podman: "i dont care. no caps anywhere!"
|
2022-04-26 23:09:11 +08:00
|
|
|
TEST_SCRATCH_DIR=$(mktemp -d --dry-run --tmpdir=${BATS_TMPDIR:-${TMPDIR:-/tmp}} buildah_tests.XXXXXX | tr A-Z a-z)
|
|
|
|
|
mkdir --mode=0700 $TEST_SCRATCH_DIR
|
2021-05-14 05:08:35 +08:00
|
|
|
|
2022-04-26 23:09:11 +08:00
|
|
|
mkdir -p ${TEST_SCRATCH_DIR}/{root,runroot,sigstore,registries.d}
|
|
|
|
|
cat >${TEST_SCRATCH_DIR}/registries.d/default.yaml <<EOF
|
2021-05-14 05:08:35 +08:00
|
|
|
default-docker:
|
2022-04-26 23:09:11 +08:00
|
|
|
sigstore-staging: file://${TEST_SCRATCH_DIR}/sigstore
|
2021-05-14 05:08:35 +08:00
|
|
|
docker:
|
|
|
|
|
registry.access.redhat.com:
|
|
|
|
|
sigstore: https://access.redhat.com/webassets/docker/content/sigstore
|
|
|
|
|
registry.redhat.io:
|
|
|
|
|
sigstore: https://registry.redhat.io/containers/sigstore
|
|
|
|
|
EOF
|
|
|
|
|
|
2021-04-13 00:22:36 +08:00
|
|
|
# Common options for all buildah and podman invocations
|
2022-04-26 23:09:11 +08:00
|
|
|
ROOTDIR_OPTS="--root ${TEST_SCRATCH_DIR}/root --runroot ${TEST_SCRATCH_DIR}/runroot --storage-driver ${STORAGE_DRIVER}"
|
2024-06-12 00:10:22 +08:00
|
|
|
|
|
|
|
|
# When running in CI, use a local registry for all image pulls
|
|
|
|
|
local cached=
|
|
|
|
|
if [[ -n "$CI_USE_REGISTRY_CACHE" ]]; then
|
|
|
|
|
cached="-cached"
|
|
|
|
|
fi
|
|
|
|
|
regconfopt="--registries-conf ${TEST_SOURCES}/registries$cached.conf"
|
|
|
|
|
regconfdir="--registries-conf-dir ${TEST_SCRATCH_DIR}/registries.d"
|
|
|
|
|
BUILDAH_REGISTRY_OPTS="${regconfopt} ${regconfdir} --short-name-alias-conf ${TEST_SCRATCH_DIR}/cache/shortnames.conf"
|
|
|
|
|
COPY_REGISTRY_OPTS="${BUILDAH_REGISTRY_OPTS}"
|
|
|
|
|
PODMAN_REGISTRY_OPTS="${regconfopt}"
|
2017-03-07 07:11:40 +08:00
|
|
|
}
|
|
|
|
|
|
2024-07-25 05:32:48 +08:00
|
|
|
function starthttpd() { # directory [working-directory-or-"" [certfile, keyfile]]
|
|
|
|
|
if test -n "$4" ; then
|
|
|
|
|
if ! openssl req -newkey rsa:4096 -nodes -sha256 -keyout "$4" -x509 -days 2 -addext "subjectAltName = DNS:localhost" -out "$3" -subj "/CN=localhost" ; then
|
|
|
|
|
die error creating new key and certificate
|
|
|
|
|
fi
|
|
|
|
|
chmod 644 "$3"
|
|
|
|
|
chmod 600 "$4"
|
|
|
|
|
fi
|
2022-04-26 23:09:11 +08:00
|
|
|
pushd ${2:-${TEST_SCRATCH_DIR}} > /dev/null
|
2022-04-26 22:03:44 +08:00
|
|
|
go build -o serve ${TEST_SOURCES}/serve/serve.go
|
2021-08-13 01:46:09 +08:00
|
|
|
portfile=$(mktemp)
|
|
|
|
|
if test -z "${portfile}"; then
|
2024-07-25 05:32:48 +08:00
|
|
|
echo error creating temporary file
|
|
|
|
|
exit 1
|
|
|
|
|
fi
|
|
|
|
|
pidfile=$(mktemp)
|
|
|
|
|
if test -z "${pidfile}"; then
|
|
|
|
|
echo error creating temporary file
|
2021-08-13 01:46:09 +08:00
|
|
|
exit 1
|
|
|
|
|
fi
|
2024-07-20 02:07:25 +08:00
|
|
|
sh -c "./serve ${1:-${BATS_TMPDIR}} 0 \"${portfile}\" \"${3}\" \"${4}\" ${pidfile} &"
|
2024-07-25 05:32:48 +08:00
|
|
|
waited=0
|
|
|
|
|
while ! test -s ${pidfile} ; do
|
|
|
|
|
sleep 0.1
|
|
|
|
|
if test $((++waited)) -ge 300 ; then
|
|
|
|
|
echo test http server did not write pid file within timeout
|
|
|
|
|
exit 1
|
|
|
|
|
fi
|
|
|
|
|
done
|
|
|
|
|
HTTP_SERVER_PID=$(cat ${pidfile})
|
|
|
|
|
rm -f ${pidfile}
|
2021-08-13 01:46:09 +08:00
|
|
|
waited=0
|
|
|
|
|
while ! test -s ${portfile} ; do
|
|
|
|
|
sleep 0.1
|
|
|
|
|
if test $((++waited)) -ge 300 ; then
|
2024-07-25 05:32:48 +08:00
|
|
|
echo test http server did not start listening within timeout
|
2021-08-13 01:46:09 +08:00
|
|
|
exit 1
|
|
|
|
|
fi
|
|
|
|
|
done
|
|
|
|
|
HTTP_SERVER_PORT=$(cat ${portfile})
|
|
|
|
|
rm -f ${portfile}
|
2021-03-31 04:35:49 +08:00
|
|
|
popd > /dev/null
|
2017-03-28 15:01:59 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function stophttpd() {
|
2021-03-31 04:35:49 +08:00
|
|
|
if test -n "$HTTP_SERVER_PID" ; then
|
|
|
|
|
kill -HUP ${HTTP_SERVER_PID}
|
|
|
|
|
unset HTTP_SERVER_PID
|
|
|
|
|
unset HTTP_SERVER_PORT
|
|
|
|
|
fi
|
|
|
|
|
true
|
2017-03-28 15:01:59 +08:00
|
|
|
}
|
|
|
|
|
|
2021-07-26 14:07:23 +08:00
|
|
|
function teardown(){
|
|
|
|
|
teardown_tests
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function teardown_tests() {
|
2021-03-31 04:35:49 +08:00
|
|
|
stophttpd
|
2022-01-12 00:00:05 +08:00
|
|
|
stop_git_daemon
|
2022-03-10 23:22:37 +08:00
|
|
|
stop_registry
|
2020-02-27 03:23:33 +08:00
|
|
|
|
2021-03-31 04:35:49 +08:00
|
|
|
# Workaround for #1991 - buildah + overlayfs leaks mount points.
|
|
|
|
|
# Many tests leave behind /var/tmp/.../root/overlay and sub-mounts;
|
|
|
|
|
# let's find those and clean them up, otherwise 'rm -rf' fails.
|
|
|
|
|
# 'sort -r' guarantees that we umount deepest subpaths first.
|
|
|
|
|
mount |\
|
2022-04-26 23:09:11 +08:00
|
|
|
awk '$3 ~ testdir { print $3 }' testdir="^${TEST_SCRATCH_DIR}/" |\
|
2021-03-31 04:35:49 +08:00
|
|
|
sort -r |\
|
|
|
|
|
xargs --no-run-if-empty --max-lines=1 umount
|
2020-02-27 03:23:33 +08:00
|
|
|
|
2022-04-26 23:09:11 +08:00
|
|
|
rm -fr ${TEST_SCRATCH_DIR}
|
2020-09-18 22:15:36 +08:00
|
|
|
|
2021-03-31 04:35:49 +08:00
|
|
|
popd
|
2017-03-07 07:11:40 +08:00
|
|
|
}
|
|
|
|
|
|
2021-05-12 00:21:09 +08:00
|
|
|
function normalize_image_name() {
|
|
|
|
|
for img in "$@"; do
|
|
|
|
|
if [[ "${img##*/}" == "$img" ]] ; then
|
|
|
|
|
echo -n docker.io/library/"$img"
|
|
|
|
|
elif [[ docker.io/"${img##*/}" == "$img" ]] ; then
|
|
|
|
|
echo -n docker.io/library/"${img##*/}"
|
|
|
|
|
else
|
|
|
|
|
echo -n "$img"
|
|
|
|
|
fi
|
|
|
|
|
done
|
|
|
|
|
}
|
|
|
|
|
|
2019-12-09 21:45:52 +08:00
|
|
|
function _prefetch() {
|
2021-03-31 04:35:49 +08:00
|
|
|
if [ -z "${_BUILDAH_IMAGE_CACHEDIR}" ]; then
|
2024-11-19 00:04:16 +08:00
|
|
|
export _BUILDAH_IMAGE_CACHEDIR=${BATS_SUITE_TMPDIR}/buildah-image-cache
|
2021-03-31 04:35:49 +08:00
|
|
|
mkdir -p ${_BUILDAH_IMAGE_CACHEDIR}
|
2024-11-19 00:04:16 +08:00
|
|
|
|
|
|
|
|
# It's 700 by default; that prevents 'unshare' from reading cached images
|
|
|
|
|
chmod 711 ${BATS_SUITE_TMPDIR:?is unset} ${BATS_SUITE_TMPDIR}/..
|
2021-03-31 04:35:49 +08:00
|
|
|
fi
|
2019-12-09 21:45:52 +08:00
|
|
|
|
2022-03-10 23:22:37 +08:00
|
|
|
local storage=
|
2021-03-31 04:35:49 +08:00
|
|
|
for img in "$@"; do
|
2022-03-10 23:22:37 +08:00
|
|
|
if [[ "$img" =~ '[vfs@' ]] ; then
|
|
|
|
|
storage="$img"
|
|
|
|
|
continue
|
|
|
|
|
fi
|
2021-05-12 00:21:09 +08:00
|
|
|
img=$(normalize_image_name "$img")
|
2021-03-31 04:35:49 +08:00
|
|
|
echo "# [checking for: $img]" >&2
|
|
|
|
|
fname=$(tr -c a-zA-Z0-9.- - <<< "$img")
|
2024-11-19 00:04:16 +08:00
|
|
|
( flock --timeout 300 9 || die "Could not flock"; _prefetch_locksafe $img $fname ) 9> $_BUILDAH_IMAGE_CACHEDIR/$fname.lock
|
2021-03-31 04:35:49 +08:00
|
|
|
done
|
2019-12-09 21:45:52 +08:00
|
|
|
}
|
|
|
|
|
|
2024-11-19 00:04:16 +08:00
|
|
|
# DO NOT CALL THIS. EVER. This must only be called from _prefetch().
|
|
|
|
|
function _prefetch_locksafe() {
|
|
|
|
|
local img="$1"
|
|
|
|
|
local fname="$2"
|
|
|
|
|
|
|
|
|
|
if [ -d $_BUILDAH_IMAGE_CACHEDIR/$fname ]; then
|
|
|
|
|
echo "# [restoring from cache: $_BUILDAH_IMAGE_CACHEDIR / $img]" >&2
|
|
|
|
|
copy dir:$_BUILDAH_IMAGE_CACHEDIR/$fname containers-storage:"$storage""$img"
|
|
|
|
|
else
|
|
|
|
|
rm -fr ${_BUILDAH_IMAGE_CACHEDIR:?THIS CAN NEVER HAPPEN}/$fname
|
|
|
|
|
echo "# [copy docker://$img dir:$_BUILDAH_IMAGE_CACHEDIR/$fname]" >&2
|
|
|
|
|
for attempt in $(seq 3) ; do
|
|
|
|
|
if copy $COPY_REGISTRY_OPTS docker://"$img" dir:$_BUILDAH_IMAGE_CACHEDIR/$fname ; then
|
|
|
|
|
break
|
|
|
|
|
else
|
|
|
|
|
# Failed. Clean up, so we don't leave incomplete remnants
|
|
|
|
|
rm -fr ${_BUILDAH_IMAGE_CACHEDIR:?THIS CAN NEVER HAPPEN EITHER}/$fname
|
|
|
|
|
fi
|
|
|
|
|
sleep 5
|
|
|
|
|
done
|
|
|
|
|
echo "# [copy dir:$_BUILDAH_IMAGE_CACHEDIR/$fname containers-storage:$storage$img]" >&2
|
|
|
|
|
copy dir:$_BUILDAH_IMAGE_CACHEDIR/$fname containers-storage:"$storage""$img"
|
|
|
|
|
fi
|
|
|
|
|
}
|
|
|
|
|
|
2017-03-07 07:11:40 +08:00
|
|
|
function createrandom() {
|
2021-03-31 04:35:49 +08:00
|
|
|
dd if=/dev/urandom bs=1 count=${2:-256} of=${1:-${BATS_TMPDIR}/randomfile} status=none
|
2017-03-07 07:11:40 +08:00
|
|
|
}
|
|
|
|
|
|
2022-04-19 16:55:16 +08:00
|
|
|
###################
|
|
|
|
|
# random_string # Returns a pseudorandom human-readable string
|
|
|
|
|
###################
|
|
|
|
|
#
|
|
|
|
|
# Numeric argument, if present, is desired length of string
|
|
|
|
|
#
|
|
|
|
|
function random_string() {
|
|
|
|
|
local length=${1:-10}
|
|
|
|
|
|
|
|
|
|
head /dev/urandom | tr -dc a-zA-Z0-9 | head -c$length
|
|
|
|
|
}
|
|
|
|
|
|
2024-10-30 04:30:56 +08:00
|
|
|
##############
|
|
|
|
|
# safename # Returns a pseudorandom string suitable for container/image/etc names
|
|
|
|
|
##############
|
|
|
|
|
#
|
|
|
|
|
# Name will include the bats test number and a pseudorandom element,
|
|
|
|
|
# eg "t123-xyz123". safename() will return the same string across
|
|
|
|
|
# multiple invocations within a given test; this makes it easier for
|
|
|
|
|
# a maintainer to see common name patterns.
|
|
|
|
|
#
|
|
|
|
|
# String is lower-case so it can be used as an image name
|
|
|
|
|
#
|
|
|
|
|
function safename() {
|
|
|
|
|
safenamepath=$BATS_SUITE_TMPDIR/.safename.$BATS_SUITE_TEST_NUMBER
|
|
|
|
|
if [[ ! -e $safenamepath ]]; then
|
|
|
|
|
echo -n "t${BATS_SUITE_TEST_NUMBER}-$(random_string 8 | tr A-Z a-z)" >$safenamepath
|
|
|
|
|
fi
|
|
|
|
|
cat $safenamepath
|
|
|
|
|
}
|
|
|
|
|
|
2017-03-07 07:11:40 +08:00
|
|
|
function buildah() {
|
2021-05-05 04:34:28 +08:00
|
|
|
${BUILDAH_BINARY} ${BUILDAH_REGISTRY_OPTS} ${ROOTDIR_OPTS} "$@"
|
2017-03-07 07:11:40 +08:00
|
|
|
}
|
2017-05-23 00:08:20 +08:00
|
|
|
|
|
|
|
|
function imgtype() {
|
2021-04-13 00:22:36 +08:00
|
|
|
${IMGTYPE_BINARY} ${ROOTDIR_OPTS} "$@"
|
|
|
|
|
}
|
|
|
|
|
|
2021-06-16 02:43:00 +08:00
|
|
|
function copy() {
|
2021-08-30 22:36:14 +08:00
|
|
|
${COPY_BINARY} --max-parallel-downloads=1 ${ROOTDIR_OPTS} ${BUILDAH_REGISTRY_OPTS} "$@"
|
2021-06-16 02:43:00 +08:00
|
|
|
}
|
|
|
|
|
|
2021-04-13 00:22:36 +08:00
|
|
|
function podman() {
|
2022-03-10 23:22:37 +08:00
|
|
|
command ${PODMAN_BINARY:-podman} ${PODMAN_REGISTRY_OPTS} ${ROOTDIR_OPTS} "$@"
|
2017-05-23 00:08:20 +08:00
|
|
|
}
|
2018-09-03 19:20:52 +08:00
|
|
|
|
2022-03-09 04:53:20 +08:00
|
|
|
# There are various scenarios where we would like to execute `tests` as rootless user, however certain commands like `buildah mount`
|
|
|
|
|
# do not work in rootless session since a normal user cannot mount a filesystem unless they're in a user namespace along with its
|
|
|
|
|
# own mount namespace. In order to run such specific commands from a rootless session we must perform `buildah unshare`.
|
|
|
|
|
# Following function makes sure that invoked command is triggered inside a `buildah unshare` session if env is rootless.
|
|
|
|
|
function run_unshared() {
|
|
|
|
|
if is_rootless; then
|
|
|
|
|
$BUILDAH_BINARY unshare "$@"
|
|
|
|
|
else
|
|
|
|
|
command "$@"
|
|
|
|
|
fi
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function mkdir() {
|
|
|
|
|
run_unshared mkdir "$@"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function touch() {
|
|
|
|
|
run_unshared touch "$@"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function cp() {
|
|
|
|
|
run_unshared cp "$@"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function rm() {
|
|
|
|
|
run_unshared rm "$@"
|
|
|
|
|
}
|
|
|
|
|
|
2025-02-18 06:23:26 +08:00
|
|
|
#################
|
|
|
|
|
# run_with_log # Logs command before running it
|
|
|
|
|
#################
|
|
|
|
|
#
|
|
|
|
|
function run_with_log() {
|
|
|
|
|
local expected_rc=0
|
|
|
|
|
local retry=1
|
|
|
|
|
local cmd="$*"
|
|
|
|
|
case "$1" in
|
|
|
|
|
[0-9]) expected_rc=$1; shift;;
|
|
|
|
|
[1-9][0-9]) expected_rc=$1; shift;;
|
|
|
|
|
[12][0-9][0-9]) expected_rc=$1; shift;;
|
|
|
|
|
'?') expected_rc= ; shift;; # ignore exit code
|
|
|
|
|
--retry) retry=3; shift;; # retry with sleep of 1 sec
|
|
|
|
|
esac
|
|
|
|
|
while [ $retry -gt 0 ]; do
|
|
|
|
|
retry=$(( retry - 1 ))
|
|
|
|
|
echo "$_LOG_PROMPT $cmd"
|
|
|
|
|
run "$@"
|
|
|
|
|
echo "$output"
|
|
|
|
|
if [ "$status" -ne 0 ]; then
|
|
|
|
|
echo -n "[ rc=$status ";
|
|
|
|
|
if [ -n "$expected_rc" ]; then
|
|
|
|
|
if [ "$status" -eq "$expected_rc" ]; then
|
|
|
|
|
echo -n "(expected) ";
|
|
|
|
|
else
|
|
|
|
|
echo -n "(** EXPECTED $expected_rc **) ";
|
|
|
|
|
fi
|
|
|
|
|
fi
|
|
|
|
|
echo "]"
|
|
|
|
|
fi
|
|
|
|
|
if [ -n "$expected_rc" ]; then
|
|
|
|
|
if [ "$status" -eq "$expected_rc" ]; then
|
|
|
|
|
return
|
|
|
|
|
elif [ $retry -gt 0 ]; then
|
|
|
|
|
echo "[ RETRYING ]" >&2
|
|
|
|
|
sleep 1
|
|
|
|
|
else
|
|
|
|
|
die "exit code is $status; expected $expected_rc"
|
|
|
|
|
fi
|
|
|
|
|
fi
|
|
|
|
|
done
|
|
|
|
|
}
|
2022-03-09 04:53:20 +08:00
|
|
|
|
2019-04-02 05:56:29 +08:00
|
|
|
#################
|
|
|
|
|
# run_buildah # Invoke buildah, with timeout, using BATS 'run'
|
|
|
|
|
#################
|
|
|
|
|
#
|
|
|
|
|
# This is the preferred mechanism for invoking buildah:
|
|
|
|
|
#
|
|
|
|
|
# * we use 'timeout' to abort (with a diagnostic) if something
|
|
|
|
|
# takes too long; this is preferable to a CI hang.
|
|
|
|
|
# * we log the command run and its output. This doesn't normally
|
|
|
|
|
# appear in BATS output, but it will if there's an error.
|
|
|
|
|
# * we check exit status. Since the normal desired code is 0,
|
|
|
|
|
# that's the default; but the first argument can override:
|
|
|
|
|
#
|
|
|
|
|
# run_buildah 125 nonexistent-subcommand
|
|
|
|
|
# run_buildah '?' some-other-command # let our caller check status
|
|
|
|
|
#
|
|
|
|
|
# Since we use the BATS 'run' mechanism, $output and $status will be
|
|
|
|
|
# defined for our caller.
|
|
|
|
|
#
|
|
|
|
|
function run_buildah() {
|
|
|
|
|
# Number as first argument = expected exit code; default 0
|
BATS tests: make more robust
Add a --retry flag to run_buildah; intended for tests which
really need to pull an image, and can't rely on prefetch().
It will try a failed buildah command three times, waiting
thirty seconds between retries.
This is imperfect: there's no way to specify the number of
retries, no way to specify the timeout, and no way to
combine --retry with an expected (i.e. nonzero) exit
status. (FWIW I can't think of any possible use for that).
It is, though, quick, minimal-impact, easy to remember
and use.
Add --retry option to various tests in pull.bats and
registries.bats.
And, while I'm at it, add expect_output checks to many
of the new encryption checks in pull.bats and from.bats.
This actually caught a bug in a test, a check that was
failing (expected) but for the wrong reason (missing
file, not wrong key). Have I mentioned, lately, that
tests should check error message strings, not just
exit status?
Fixes: #2473
Signed-off-by: Ed Santiago <santiago@redhat.com>
2020-07-17 04:54:34 +08:00
|
|
|
# --retry as first argument = retry 3 times on error (eg registry flakes)
|
|
|
|
|
local expected_rc=0
|
|
|
|
|
local retry=1
|
2019-04-02 05:56:29 +08:00
|
|
|
case "$1" in
|
|
|
|
|
[0-9]) expected_rc=$1; shift;;
|
|
|
|
|
[1-9][0-9]) expected_rc=$1; shift;;
|
|
|
|
|
[12][0-9][0-9]) expected_rc=$1; shift;;
|
|
|
|
|
'?') expected_rc= ; shift;; # ignore exit code
|
BATS tests: make more robust
Add a --retry flag to run_buildah; intended for tests which
really need to pull an image, and can't rely on prefetch().
It will try a failed buildah command three times, waiting
thirty seconds between retries.
This is imperfect: there's no way to specify the number of
retries, no way to specify the timeout, and no way to
combine --retry with an expected (i.e. nonzero) exit
status. (FWIW I can't think of any possible use for that).
It is, though, quick, minimal-impact, easy to remember
and use.
Add --retry option to various tests in pull.bats and
registries.bats.
And, while I'm at it, add expect_output checks to many
of the new encryption checks in pull.bats and from.bats.
This actually caught a bug in a test, a check that was
failing (expected) but for the wrong reason (missing
file, not wrong key). Have I mentioned, lately, that
tests should check error message strings, not just
exit status?
Fixes: #2473
Signed-off-by: Ed Santiago <santiago@redhat.com>
2020-07-17 04:54:34 +08:00
|
|
|
--retry) retry=3; shift;; # retry network flakes
|
2019-04-02 05:56:29 +08:00
|
|
|
esac
|
|
|
|
|
|
2019-04-05 21:56:11 +08:00
|
|
|
# Remember command args, for possible use in later diagnostic messages
|
|
|
|
|
MOST_RECENT_BUILDAH_COMMAND="buildah $*"
|
|
|
|
|
|
2022-03-09 04:53:20 +08:00
|
|
|
# If session is rootless and `buildah mount` is invoked, perform unshare,
|
|
|
|
|
# since normal user cannot mount a filesystem unless they're in a user namespace along with its own mount namespace.
|
|
|
|
|
if is_rootless; then
|
|
|
|
|
if [[ "$1" =~ mount ]]; then
|
|
|
|
|
set "unshare" "$BUILDAH_BINARY" ${BUILDAH_REGISTRY_OPTS} ${ROOTDIR_OPTS} "$@"
|
|
|
|
|
fi
|
|
|
|
|
fi
|
|
|
|
|
|
BATS tests: make more robust
Add a --retry flag to run_buildah; intended for tests which
really need to pull an image, and can't rely on prefetch().
It will try a failed buildah command three times, waiting
thirty seconds between retries.
This is imperfect: there's no way to specify the number of
retries, no way to specify the timeout, and no way to
combine --retry with an expected (i.e. nonzero) exit
status. (FWIW I can't think of any possible use for that).
It is, though, quick, minimal-impact, easy to remember
and use.
Add --retry option to various tests in pull.bats and
registries.bats.
And, while I'm at it, add expect_output checks to many
of the new encryption checks in pull.bats and from.bats.
This actually caught a bug in a test, a check that was
failing (expected) but for the wrong reason (missing
file, not wrong key). Have I mentioned, lately, that
tests should check error message strings, not just
exit status?
Fixes: #2473
Signed-off-by: Ed Santiago <santiago@redhat.com>
2020-07-17 04:54:34 +08:00
|
|
|
while [ $retry -gt 0 ]; do
|
|
|
|
|
retry=$(( retry - 1 ))
|
|
|
|
|
|
|
|
|
|
# stdout is only emitted upon error; this echo is to help a debugger
|
System test cleanup: document, clarify, fix
Primary purpose: fix "preconfigured TARGETARCH/etc" test so
it will work under podman and on multiarch.
Root cause of it not working: I mistakenly advised @flouthoc,
in #4310, to write a containerfile in $TEST_SCRATCH_DIR. I
thought it was an empty directory. Big, big mistake. (Sorry,
Aditya). Document this near the variable definition, and
fix the test once again.
@nalind pointed out that the containerfile doesn't need to
be generated on-the-fly, so, use a static one. In the spirit
of DIE, read the TARGETxxx vars from it. Not that we're
expecting more variables, but, it's just cleaner.
Also, as long as I'm here: in run_buildah, when logging the
command being run, use #/$ prompt for root/rootless. I was
getting too confused looking at logs of root runs.
Signed-off-by: Ed Santiago <santiago@redhat.com>
2022-10-06 01:28:24 +08:00
|
|
|
echo "${_LOG_PROMPT} $BUILDAH_BINARY $*"
|
2021-05-12 00:21:09 +08:00
|
|
|
run env CONTAINERS_CONF=${CONTAINERS_CONF:-$(dirname ${BASH_SOURCE})/containers.conf} timeout --foreground --kill=10 $BUILDAH_TIMEOUT ${BUILDAH_BINARY} ${BUILDAH_REGISTRY_OPTS} ${ROOTDIR_OPTS} "$@"
|
BATS tests: make more robust
Add a --retry flag to run_buildah; intended for tests which
really need to pull an image, and can't rely on prefetch().
It will try a failed buildah command three times, waiting
thirty seconds between retries.
This is imperfect: there's no way to specify the number of
retries, no way to specify the timeout, and no way to
combine --retry with an expected (i.e. nonzero) exit
status. (FWIW I can't think of any possible use for that).
It is, though, quick, minimal-impact, easy to remember
and use.
Add --retry option to various tests in pull.bats and
registries.bats.
And, while I'm at it, add expect_output checks to many
of the new encryption checks in pull.bats and from.bats.
This actually caught a bug in a test, a check that was
failing (expected) but for the wrong reason (missing
file, not wrong key). Have I mentioned, lately, that
tests should check error message strings, not just
exit status?
Fixes: #2473
Signed-off-by: Ed Santiago <santiago@redhat.com>
2020-07-17 04:54:34 +08:00
|
|
|
# without "quotes", multiple lines are glommed together into one
|
|
|
|
|
if [ -n "$output" ]; then
|
|
|
|
|
echo "$output"
|
|
|
|
|
fi
|
|
|
|
|
if [ "$status" -ne 0 ]; then
|
|
|
|
|
echo -n "[ rc=$status ";
|
|
|
|
|
if [ -n "$expected_rc" ]; then
|
|
|
|
|
if [ "$status" -eq "$expected_rc" ]; then
|
|
|
|
|
echo -n "(expected) ";
|
|
|
|
|
else
|
|
|
|
|
echo -n "(** EXPECTED $expected_rc **) ";
|
|
|
|
|
fi
|
|
|
|
|
fi
|
|
|
|
|
echo "]"
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
if [ "$status" -eq 124 -o "$status" -eq 137 ]; then
|
|
|
|
|
# FIXME: 'timeout -v' requires coreutils-8.29; travis seems to have
|
|
|
|
|
# an older version. If/when travis updates, please add -v
|
|
|
|
|
# to the 'timeout' command above, and un-comment this out:
|
|
|
|
|
# if expr "$output" : ".*timeout: sending" >/dev/null; then
|
|
|
|
|
echo "*** TIMED OUT ***"
|
|
|
|
|
# This does not get the benefit of a retry
|
|
|
|
|
false
|
|
|
|
|
fi
|
|
|
|
|
|
2019-04-02 05:56:29 +08:00
|
|
|
if [ -n "$expected_rc" ]; then
|
|
|
|
|
if [ "$status" -eq "$expected_rc" ]; then
|
BATS tests: make more robust
Add a --retry flag to run_buildah; intended for tests which
really need to pull an image, and can't rely on prefetch().
It will try a failed buildah command three times, waiting
thirty seconds between retries.
This is imperfect: there's no way to specify the number of
retries, no way to specify the timeout, and no way to
combine --retry with an expected (i.e. nonzero) exit
status. (FWIW I can't think of any possible use for that).
It is, though, quick, minimal-impact, easy to remember
and use.
Add --retry option to various tests in pull.bats and
registries.bats.
And, while I'm at it, add expect_output checks to many
of the new encryption checks in pull.bats and from.bats.
This actually caught a bug in a test, a check that was
failing (expected) but for the wrong reason (missing
file, not wrong key). Have I mentioned, lately, that
tests should check error message strings, not just
exit status?
Fixes: #2473
Signed-off-by: Ed Santiago <santiago@redhat.com>
2020-07-17 04:54:34 +08:00
|
|
|
return
|
|
|
|
|
elif [ $retry -gt 0 ]; then
|
|
|
|
|
echo "[ RETRYING ]" >&2
|
|
|
|
|
sleep 30
|
2019-04-02 05:56:29 +08:00
|
|
|
else
|
BATS tests: make more robust
Add a --retry flag to run_buildah; intended for tests which
really need to pull an image, and can't rely on prefetch().
It will try a failed buildah command three times, waiting
thirty seconds between retries.
This is imperfect: there's no way to specify the number of
retries, no way to specify the timeout, and no way to
combine --retry with an expected (i.e. nonzero) exit
status. (FWIW I can't think of any possible use for that).
It is, though, quick, minimal-impact, easy to remember
and use.
Add --retry option to various tests in pull.bats and
registries.bats.
And, while I'm at it, add expect_output checks to many
of the new encryption checks in pull.bats and from.bats.
This actually caught a bug in a test, a check that was
failing (expected) but for the wrong reason (missing
file, not wrong key). Have I mentioned, lately, that
tests should check error message strings, not just
exit status?
Fixes: #2473
Signed-off-by: Ed Santiago <santiago@redhat.com>
2020-07-17 04:54:34 +08:00
|
|
|
die "exit code is $status; expected $expected_rc"
|
2019-04-02 05:56:29 +08:00
|
|
|
fi
|
|
|
|
|
fi
|
BATS tests: make more robust
Add a --retry flag to run_buildah; intended for tests which
really need to pull an image, and can't rely on prefetch().
It will try a failed buildah command three times, waiting
thirty seconds between retries.
This is imperfect: there's no way to specify the number of
retries, no way to specify the timeout, and no way to
combine --retry with an expected (i.e. nonzero) exit
status. (FWIW I can't think of any possible use for that).
It is, though, quick, minimal-impact, easy to remember
and use.
Add --retry option to various tests in pull.bats and
registries.bats.
And, while I'm at it, add expect_output checks to many
of the new encryption checks in pull.bats and from.bats.
This actually caught a bug in a test, a check that was
failing (expected) but for the wrong reason (missing
file, not wrong key). Have I mentioned, lately, that
tests should check error message strings, not just
exit status?
Fixes: #2473
Signed-off-by: Ed Santiago <santiago@redhat.com>
2020-07-17 04:54:34 +08:00
|
|
|
done
|
2019-04-02 05:56:29 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#########
|
|
|
|
|
# die # Abort with helpful message
|
|
|
|
|
#########
|
|
|
|
|
function die() {
|
|
|
|
|
echo "#/vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv" >&2
|
|
|
|
|
echo "#| FAIL: $*" >&2
|
|
|
|
|
echo "#\\^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^" >&2
|
|
|
|
|
false
|
|
|
|
|
}
|
|
|
|
|
|
2021-05-14 05:08:35 +08:00
|
|
|
############
|
|
|
|
|
# assert # Compare actual vs expected string; fail if mismatch
|
|
|
|
|
############
|
2019-04-02 05:56:29 +08:00
|
|
|
#
|
2021-05-14 05:08:35 +08:00
|
|
|
# Compares string (default: $output) against the given string argument.
|
|
|
|
|
# By default we do an exact-match comparison against $output, but there
|
|
|
|
|
# are two different ways to invoke us, each with an optional description:
|
2019-04-05 23:59:54 +08:00
|
|
|
#
|
2022-07-26 22:19:11 +08:00
|
|
|
# assert "EXPECT" [DESCRIPTION]
|
|
|
|
|
# assert "RESULT" "OP" "EXPECT" [DESCRIPTION]
|
2019-04-05 23:59:54 +08:00
|
|
|
#
|
2021-05-14 05:08:35 +08:00
|
|
|
# The first form (one or two arguments) does an exact-match comparison
|
|
|
|
|
# of "$output" against "EXPECT". The second (three or four args) compares
|
|
|
|
|
# the first parameter against EXPECT, using the given OPerator. If present,
|
|
|
|
|
# DESCRIPTION will be displayed on test failure.
|
2019-04-02 05:56:29 +08:00
|
|
|
#
|
|
|
|
|
# Examples:
|
|
|
|
|
#
|
2022-07-26 22:19:11 +08:00
|
|
|
# assert "this is exactly what we expect"
|
|
|
|
|
# assert "${lines[0]}" =~ "^abc" "first line begins with abc"
|
2021-05-14 05:08:35 +08:00
|
|
|
#
|
|
|
|
|
function assert() {
|
|
|
|
|
local actual_string="$output"
|
|
|
|
|
local operator='=='
|
|
|
|
|
local expect_string="$1"
|
|
|
|
|
local testname="$2"
|
|
|
|
|
|
|
|
|
|
case "${#*}" in
|
|
|
|
|
0) die "Internal error: 'assert' requires one or more arguments" ;;
|
|
|
|
|
1|2) ;;
|
|
|
|
|
3|4) actual_string="$1"
|
|
|
|
|
operator="$2"
|
|
|
|
|
expect_string="$3"
|
|
|
|
|
testname="$4"
|
|
|
|
|
;;
|
|
|
|
|
*) die "Internal error: too many arguments to 'assert" ;;
|
|
|
|
|
esac
|
|
|
|
|
|
|
|
|
|
# Comparisons.
|
|
|
|
|
# Special case: there is no !~ operator, so fake it via '! x =~ y'
|
|
|
|
|
local not=
|
|
|
|
|
local actual_op="$operator"
|
|
|
|
|
if [[ $operator == '!~' ]]; then
|
|
|
|
|
not='!'
|
|
|
|
|
actual_op='=~'
|
|
|
|
|
fi
|
|
|
|
|
if [[ $operator == '=' || $operator == '==' ]]; then
|
|
|
|
|
# Special case: we can't use '=' or '==' inside [[ ... ]] because
|
|
|
|
|
# the right-hand side is treated as a pattern... and '[xy]' will
|
|
|
|
|
# not compare literally. There seems to be no way to turn that off.
|
|
|
|
|
if [ "$actual_string" = "$expect_string" ]; then
|
|
|
|
|
return
|
|
|
|
|
fi
|
2022-03-24 21:49:02 +08:00
|
|
|
elif [[ $operator == '!=' ]]; then
|
|
|
|
|
# Same special case as above
|
|
|
|
|
if [ "$actual_string" != "$expect_string" ]; then
|
|
|
|
|
return
|
|
|
|
|
fi
|
2021-05-14 05:08:35 +08:00
|
|
|
else
|
|
|
|
|
if eval "[[ $not \$actual_string $actual_op \$expect_string ]]"; then
|
|
|
|
|
return
|
|
|
|
|
elif [ $? -gt 1 ]; then
|
|
|
|
|
die "Internal error: could not process 'actual' $operator 'expect'"
|
|
|
|
|
fi
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
# Test has failed. Get a descriptive test name.
|
|
|
|
|
if [ -z "$testname" ]; then
|
|
|
|
|
testname="${MOST_RECENT_BUILDAH_COMMAND:-[no test name given]}"
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
# Display optimization: the typical case for 'expect' is an
|
|
|
|
|
# exact match ('='), but there are also '=~' or '!~' or '-ge'
|
|
|
|
|
# and the like. Omit the '=' but show the others; and always
|
|
|
|
|
# align subsequent output lines for ease of comparison.
|
|
|
|
|
local op=''
|
|
|
|
|
local ws=''
|
|
|
|
|
if [ "$operator" != '==' ]; then
|
|
|
|
|
op="$operator "
|
|
|
|
|
ws=$(printf "%*s" ${#op} "")
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
# This is a multi-line message, which may in turn contain multi-line
|
|
|
|
|
# output, so let's format it ourself, readably
|
|
|
|
|
local actual_split
|
|
|
|
|
IFS=$'\n' read -rd '' -a actual_split <<<"$actual_string" || true
|
|
|
|
|
printf "#/vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv\n" >&2
|
|
|
|
|
printf "#| FAIL: %s\n" "$testname" >&2
|
|
|
|
|
printf "#| expected: %s'%s'\n" "$op" "$expect_string" >&2
|
|
|
|
|
printf "#| actual: %s'%s'\n" "$ws" "${actual_split[0]}" >&2
|
|
|
|
|
local line
|
|
|
|
|
for line in "${actual_split[@]:1}"; do
|
|
|
|
|
printf "#| > %s'%s'\n" "$ws" "$line" >&2
|
|
|
|
|
done
|
|
|
|
|
printf "#\\^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n" >&2
|
|
|
|
|
false
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
###################
|
|
|
|
|
# expect_output # [obsolete; kept for compatibility]
|
|
|
|
|
###################
|
|
|
|
|
#
|
|
|
|
|
# An earlier version of assert().
|
2019-04-02 05:56:29 +08:00
|
|
|
#
|
2019-04-05 23:59:54 +08:00
|
|
|
function expect_output() {
|
|
|
|
|
# By default we examine $output, the result of run_buildah
|
|
|
|
|
local actual="$output"
|
2021-05-14 05:08:35 +08:00
|
|
|
local operator='=='
|
2019-04-05 23:59:54 +08:00
|
|
|
|
|
|
|
|
# option processing: recognize --from="...", --substring
|
|
|
|
|
local opt
|
|
|
|
|
for opt; do
|
|
|
|
|
local value=$(expr "$opt" : '[^=]*=\(.*\)')
|
|
|
|
|
case "$opt" in
|
|
|
|
|
--from=*) actual="$value"; shift;;
|
2021-05-14 05:08:35 +08:00
|
|
|
--substring) operator='=~'; shift;;
|
2019-04-05 23:59:54 +08:00
|
|
|
--) shift; break;;
|
|
|
|
|
-*) die "Invalid option '$opt'" ;;
|
|
|
|
|
*) break;;
|
|
|
|
|
esac
|
|
|
|
|
done
|
|
|
|
|
|
2021-05-14 05:08:35 +08:00
|
|
|
assert "$actual" "$operator" "$@"
|
2019-04-02 05:56:29 +08:00
|
|
|
}
|
|
|
|
|
|
2019-04-05 21:56:11 +08:00
|
|
|
#######################
|
|
|
|
|
# expect_line_count # Check the expected number of output lines
|
|
|
|
|
#######################
|
|
|
|
|
#
|
|
|
|
|
# ...from the most recent run_buildah command
|
|
|
|
|
#
|
|
|
|
|
function expect_line_count() {
|
|
|
|
|
local expect="$1"
|
|
|
|
|
local testname="${2:-${MOST_RECENT_BUILDAH_COMMAND:-[no test name given]}}"
|
|
|
|
|
|
|
|
|
|
local actual="${#lines[@]}"
|
|
|
|
|
if [ "$actual" -eq "$expect" ]; then
|
|
|
|
|
return
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
printf "#/vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv\n" >&2
|
|
|
|
|
printf "#| FAIL: $testname\n" >&2
|
|
|
|
|
printf "#| Expected %d lines of output, got %d\n" $expect $actual >&2
|
|
|
|
|
printf "#| Output was:\n" >&2
|
|
|
|
|
local line
|
|
|
|
|
for line in "${lines[@]}"; do
|
|
|
|
|
printf "#| >%s\n" "$line" >&2
|
|
|
|
|
done
|
|
|
|
|
printf "#\\^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n" >&2
|
|
|
|
|
false
|
|
|
|
|
}
|
2019-04-02 05:56:29 +08:00
|
|
|
|
2018-09-03 19:20:52 +08:00
|
|
|
function check_options_flag_err() {
|
|
|
|
|
flag="$1"
|
2020-04-16 21:48:43 +08:00
|
|
|
[ "$status" -eq 125 ]
|
2022-07-06 17:14:06 +08:00
|
|
|
[[ $output = *"no options ($flag) can be specified after"* ]]
|
2018-09-03 19:20:52 +08:00
|
|
|
}
|
2019-11-06 02:22:07 +08:00
|
|
|
|
2021-08-04 18:31:13 +08:00
|
|
|
#################
|
|
|
|
|
# is_rootless # Check if we run as normal user
|
|
|
|
|
#################
|
|
|
|
|
function is_rootless() {
|
|
|
|
|
[ "$(id -u)" -ne 0 ]
|
|
|
|
|
}
|
|
|
|
|
|
2025-06-18 03:55:11 +08:00
|
|
|
#############################
|
2022-12-22 03:51:59 +08:00
|
|
|
# has_supplemental_groups # Check that account has additional groups
|
2025-06-18 03:55:11 +08:00
|
|
|
#############################
|
2022-12-22 03:51:59 +08:00
|
|
|
function has_supplemental_groups() {
|
|
|
|
|
[ "$(id -g)" != "$(id -G)" ]
|
|
|
|
|
}
|
|
|
|
|
|
2022-03-04 18:38:38 +08:00
|
|
|
#################################
|
|
|
|
|
# skip_if_rootless_environment # `mount` or its variant needs unshare
|
|
|
|
|
#################################
|
|
|
|
|
function skip_if_rootless_environment() {
|
|
|
|
|
if is_rootless; then
|
|
|
|
|
skip "${1:-test is being invoked from rootless environment and might need unshare}"
|
|
|
|
|
fi
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-01 21:28:53 +08:00
|
|
|
#################################
|
|
|
|
|
# skip_if_root_environment #
|
|
|
|
|
#################################
|
|
|
|
|
function skip_if_root_environment() {
|
|
|
|
|
if ! is_rootless; then
|
|
|
|
|
skip "${1:-test is being invoked from root environment}"
|
|
|
|
|
fi
|
|
|
|
|
}
|
|
|
|
|
|
2019-11-06 02:22:07 +08:00
|
|
|
####################
|
|
|
|
|
# skip_if_chroot #
|
|
|
|
|
####################
|
|
|
|
|
function skip_if_chroot() {
|
|
|
|
|
if test "$BUILDAH_ISOLATION" = "chroot"; then
|
|
|
|
|
skip "${1:-test does not work when \$BUILDAH_ISOLATION = chroot}"
|
|
|
|
|
fi
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
######################
|
|
|
|
|
# skip_if_rootless #
|
|
|
|
|
######################
|
|
|
|
|
function skip_if_rootless() {
|
|
|
|
|
if test "$BUILDAH_ISOLATION" = "rootless"; then
|
|
|
|
|
skip "${1:-test does not work when \$BUILDAH_ISOLATION = rootless}"
|
|
|
|
|
fi
|
|
|
|
|
}
|
|
|
|
|
|
2021-11-19 04:20:50 +08:00
|
|
|
##################################
|
|
|
|
|
# skip_if_rootless_and_cgroupv1 #
|
|
|
|
|
##################################
|
|
|
|
|
function skip_if_rootless_and_cgroupv1() {
|
|
|
|
|
if test "$BUILDAH_ISOLATION" = "rootless"; then
|
2022-02-22 03:58:40 +08:00
|
|
|
if ! is_cgroupsv2; then
|
|
|
|
|
skip "${1:-test does not work when \$BUILDAH_ISOLATION = rootless} and not cgroupv2"
|
|
|
|
|
fi
|
2021-11-19 04:20:50 +08:00
|
|
|
fi
|
|
|
|
|
}
|
|
|
|
|
|
2019-11-06 02:22:07 +08:00
|
|
|
########################
|
|
|
|
|
# skip_if_no_runtime # 'buildah run' can't work without a runtime
|
|
|
|
|
########################
|
|
|
|
|
function skip_if_no_runtime() {
|
2020-04-28 02:12:30 +08:00
|
|
|
if type -p "${OCI}" &> /dev/null; then
|
2019-11-06 02:22:07 +08:00
|
|
|
return
|
|
|
|
|
fi
|
|
|
|
|
|
2020-04-28 02:12:30 +08:00
|
|
|
skip "runtime \"$OCI\" not found"
|
2019-11-06 02:22:07 +08:00
|
|
|
}
|
2019-11-06 01:06:42 +08:00
|
|
|
|
2022-03-10 23:22:37 +08:00
|
|
|
#######################
|
|
|
|
|
# skip_if_no_podman # we need 'podman' to test how we interact with podman
|
|
|
|
|
#######################
|
|
|
|
|
function skip_if_no_podman() {
|
|
|
|
|
run which ${PODMAN_BINARY:-podman}
|
|
|
|
|
if [[ $status -ne 0 ]]; then
|
|
|
|
|
skip "podman is not installed"
|
|
|
|
|
fi
|
|
|
|
|
}
|
|
|
|
|
|
2019-11-06 01:06:42 +08:00
|
|
|
##################
|
|
|
|
|
# is_cgroupsv2 # Returns true if host system has cgroupsv2 enabled
|
|
|
|
|
##################
|
|
|
|
|
function is_cgroupsv2() {
|
|
|
|
|
local cgroupfs_t=$(stat -f -c %T /sys/fs/cgroup)
|
|
|
|
|
test "$cgroupfs_t" = "cgroup2fs"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#######################
|
|
|
|
|
# skip_if_cgroupsv2 # Some tests don't work with cgroupsv2
|
|
|
|
|
#######################
|
|
|
|
|
function skip_if_cgroupsv2() {
|
|
|
|
|
if is_cgroupsv2; then
|
|
|
|
|
skip "${1:-test does not work with cgroups v2}"
|
|
|
|
|
fi
|
|
|
|
|
}
|
2020-08-24 16:48:58 +08:00
|
|
|
|
2021-11-19 04:20:50 +08:00
|
|
|
#######################
|
|
|
|
|
# skip_if_cgroupsv1 # Some tests don't work with cgroupsv1
|
|
|
|
|
#######################
|
|
|
|
|
function skip_if_cgroupsv1() {
|
2022-02-22 03:58:40 +08:00
|
|
|
if ! is_cgroupsv2; then
|
2021-11-19 04:20:50 +08:00
|
|
|
skip "${1:-test does not work with cgroups v1}"
|
|
|
|
|
fi
|
|
|
|
|
}
|
|
|
|
|
|
2020-08-24 16:48:58 +08:00
|
|
|
##########################
|
|
|
|
|
# skip_if_in_container #
|
|
|
|
|
##########################
|
|
|
|
|
function skip_if_in_container() {
|
|
|
|
|
if test "$CONTAINER" = "podman"; then
|
|
|
|
|
skip "This test is not working inside a container"
|
|
|
|
|
fi
|
|
|
|
|
}
|
2021-04-21 05:55:25 +08:00
|
|
|
|
|
|
|
|
#######################
|
|
|
|
|
# skip_if_no_docker #
|
|
|
|
|
#######################
|
|
|
|
|
function skip_if_no_docker() {
|
|
|
|
|
which docker || skip "docker is not installed"
|
|
|
|
|
systemctl -q is-active docker || skip "docker.service is not active"
|
|
|
|
|
|
|
|
|
|
# Confirm that this is really truly docker, not podman.
|
|
|
|
|
docker_version=$(docker --version)
|
|
|
|
|
if [[ $docker_version =~ podman ]]; then
|
|
|
|
|
skip "this test needs actual docker, not podman-docker"
|
|
|
|
|
fi
|
|
|
|
|
}
|
2022-01-12 00:00:05 +08:00
|
|
|
|
2025-05-16 02:19:36 +08:00
|
|
|
########################
|
|
|
|
|
# skip_if_no_unshare #
|
|
|
|
|
########################
|
2023-10-05 05:07:30 +08:00
|
|
|
function skip_if_no_unshare() {
|
|
|
|
|
run which ${UNSHARE_BINARY:-unshare}
|
|
|
|
|
if [[ $status -ne 0 ]]; then
|
|
|
|
|
skip "unshare is not installed"
|
|
|
|
|
fi
|
|
|
|
|
if ! unshare -Ur true ; then
|
|
|
|
|
skip "unshare was not able to create a user namespace"
|
|
|
|
|
fi
|
|
|
|
|
if ! unshare -Urm true ; then
|
|
|
|
|
skip "unshare was not able to create a mount namespace"
|
|
|
|
|
fi
|
|
|
|
|
if ! unshare -Urmpf true ; then
|
|
|
|
|
skip "unshare was not able to create a pid namespace"
|
|
|
|
|
fi
|
2023-11-28 00:49:18 +08:00
|
|
|
if ! unshare -U --map-users $(id -u),0,1 true ; then
|
|
|
|
|
skip "unshare does not support --map-users"
|
|
|
|
|
fi
|
2024-02-28 01:27:31 +08:00
|
|
|
if ! unshare -Ur --setuid 0 true ; then
|
|
|
|
|
skip "unshare does not support --setuid"
|
|
|
|
|
fi
|
2023-10-05 05:07:30 +08:00
|
|
|
}
|
|
|
|
|
|
2025-05-16 02:19:36 +08:00
|
|
|
######################
|
|
|
|
|
# start_git_daemon #
|
|
|
|
|
######################
|
2022-01-12 00:00:05 +08:00
|
|
|
function start_git_daemon() {
|
2022-04-26 23:09:11 +08:00
|
|
|
daemondir=${TEST_SCRATCH_DIR}/git-daemon
|
2022-01-12 00:00:05 +08:00
|
|
|
mkdir -p ${daemondir}/repo
|
2022-04-26 22:03:44 +08:00
|
|
|
gzip -dc < ${1:-${TEST_SOURCES}/git-daemon/repo.tar.gz} | tar x -C ${daemondir}/repo
|
2024-05-29 18:20:55 +08:00
|
|
|
|
|
|
|
|
# git >=2.45 aborts with "dubious ownership" error if serving other user's files as root
|
|
|
|
|
if ! is_rootless; then
|
|
|
|
|
chown -R root:root ${daemondir}/repo
|
|
|
|
|
fi
|
|
|
|
|
|
2024-10-16 06:04:53 +08:00
|
|
|
${INET_BINARY} -port-file ${TEST_SCRATCH_DIR}/git-daemon/port -pid-file=${TEST_SCRATCH_DIR}/git-daemon/pid -- git daemon --inetd --base-path=${daemondir} ${daemondir} &
|
|
|
|
|
|
|
|
|
|
local waited=0
|
|
|
|
|
while ! test -s ${TEST_SCRATCH_DIR}/git-daemon/pid ; do
|
|
|
|
|
sleep 0.1
|
|
|
|
|
if test $((++waited)) -ge 300 ; then
|
|
|
|
|
echo test git server did not write pid file within timeout
|
|
|
|
|
exit 1
|
|
|
|
|
fi
|
|
|
|
|
done
|
|
|
|
|
GITPORT=$(cat ${TEST_SCRATCH_DIR}/git-daemon/port)
|
2022-01-12 00:00:05 +08:00
|
|
|
}
|
|
|
|
|
|
2025-05-16 02:19:36 +08:00
|
|
|
#####################
|
|
|
|
|
# stop_git_daemon #
|
|
|
|
|
#####################
|
2022-01-12 00:00:05 +08:00
|
|
|
function stop_git_daemon() {
|
2022-04-26 23:09:11 +08:00
|
|
|
if test -s ${TEST_SCRATCH_DIR}/git-daemon/pid ; then
|
|
|
|
|
kill $(cat ${TEST_SCRATCH_DIR}/git-daemon/pid)
|
|
|
|
|
rm -f ${TEST_SCRATCH_DIR}/git-daemon/pid
|
2022-01-12 00:00:05 +08:00
|
|
|
fi
|
|
|
|
|
}
|
2022-03-10 23:22:37 +08:00
|
|
|
|
2025-05-16 02:19:36 +08:00
|
|
|
####################
|
|
|
|
|
# start_registry #
|
|
|
|
|
####################
|
2022-03-10 23:22:37 +08:00
|
|
|
# Bring up a registry server using buildah with vfs and chroot as a cheap
|
|
|
|
|
# substitute for podman, accessible only to user $1 using password $2 on the
|
|
|
|
|
# local system at a dynamically-allocated port.
|
|
|
|
|
# Requires openssl.
|
|
|
|
|
# A user name and password can be supplied as the two parameters, or default
|
|
|
|
|
# values of "testuser" and "testpassword" will be used.
|
|
|
|
|
# Sets REGISTRY_PID, REGISTRY_PORT (to append to "localhost:"), and
|
|
|
|
|
# REGISTRY_DIR (where the CA cert can be found) on success.
|
|
|
|
|
function start_registry() {
|
|
|
|
|
local testuser="${1:-testuser}"
|
|
|
|
|
local testpassword="${2:-testpassword}"
|
2024-06-12 00:10:22 +08:00
|
|
|
local REGISTRY_IMAGE=quay.io/libpod/registry:2.8.2
|
2022-03-10 23:22:37 +08:00
|
|
|
local config='
|
|
|
|
|
version: 0.1
|
|
|
|
|
log:
|
|
|
|
|
fields:
|
|
|
|
|
service: registry
|
|
|
|
|
storage:
|
|
|
|
|
cache:
|
|
|
|
|
blobdescriptor: inmemory
|
|
|
|
|
filesystem:
|
|
|
|
|
rootdirectory: /var/lib/registry
|
|
|
|
|
http:
|
|
|
|
|
addr: :0
|
|
|
|
|
headers:
|
|
|
|
|
X-Content-Type-Options: [nosniff]
|
|
|
|
|
tls:
|
|
|
|
|
certificate: /etc/docker/registry/localhost.crt
|
|
|
|
|
key: /etc/docker/registry/localhost.key
|
|
|
|
|
health:
|
|
|
|
|
storagedriver:
|
|
|
|
|
enabled: true
|
|
|
|
|
interval: 10s
|
|
|
|
|
threshold: 3
|
|
|
|
|
auth:
|
|
|
|
|
htpasswd:
|
|
|
|
|
realm: buildah-realm
|
|
|
|
|
path: /etc/docker/registry/htpasswd
|
|
|
|
|
'
|
|
|
|
|
# roughly equivalent to "htpasswd -nbB testuser testpassword", the registry uses
|
|
|
|
|
# the same package this does for verifying passwords against hashes in htpasswd files
|
2025-07-04 23:33:17 +08:00
|
|
|
htpasswd=${testuser}:$(${PASSWD_BINARY} ${testpassword})
|
2022-03-10 23:22:37 +08:00
|
|
|
|
|
|
|
|
# generate the htpasswd and config.yml files for the registry
|
2022-04-26 23:09:11 +08:00
|
|
|
mkdir -p "${TEST_SCRATCH_DIR}"/registry/root "${TEST_SCRATCH_DIR}"/registry/run "${TEST_SCRATCH_DIR}"/registry/certs "${TEST_SCRATCH_DIR}"/registry/config
|
|
|
|
|
cat > "${TEST_SCRATCH_DIR}"/registry/config/htpasswd <<< "$htpasswd"
|
|
|
|
|
cat > "${TEST_SCRATCH_DIR}"/registry/config/config.yml <<< "$config"
|
|
|
|
|
chmod 644 "${TEST_SCRATCH_DIR}"/registry/config/htpasswd "${TEST_SCRATCH_DIR}"/registry/config/config.yml
|
2022-03-10 23:22:37 +08:00
|
|
|
|
|
|
|
|
# generate a new key and certificate
|
2022-04-26 23:09:11 +08:00
|
|
|
if ! openssl req -newkey rsa:4096 -nodes -sha256 -keyout "${TEST_SCRATCH_DIR}"/registry/certs/localhost.key -x509 -days 2 -addext "subjectAltName = DNS:localhost" -out "${TEST_SCRATCH_DIR}"/registry/certs/localhost.crt -subj "/CN=localhost" ; then
|
2022-03-10 23:22:37 +08:00
|
|
|
die error creating new key and certificate
|
|
|
|
|
fi
|
2022-04-26 23:09:11 +08:00
|
|
|
chmod 644 "${TEST_SCRATCH_DIR}"/registry/certs/localhost.crt
|
|
|
|
|
chmod 600 "${TEST_SCRATCH_DIR}"/registry/certs/localhost.key
|
2022-03-10 23:22:37 +08:00
|
|
|
# use a copy of the server's certificate for validation from a client
|
2022-04-26 23:09:11 +08:00
|
|
|
cp "${TEST_SCRATCH_DIR}"/registry/certs/localhost.crt "${TEST_SCRATCH_DIR}"/registry/
|
2022-03-10 23:22:37 +08:00
|
|
|
|
|
|
|
|
# create a container in its own storage
|
2022-04-26 23:09:11 +08:00
|
|
|
_prefetch "[vfs@${TEST_SCRATCH_DIR}/registry/root+${TEST_SCRATCH_DIR}/registry/run]" ${REGISTRY_IMAGE}
|
|
|
|
|
ctr=$(${BUILDAH_BINARY} --storage-driver vfs --root "${TEST_SCRATCH_DIR}"/registry/root --runroot "${TEST_SCRATCH_DIR}"/registry/run from --quiet --pull-never ${REGISTRY_IMAGE})
|
|
|
|
|
${BUILDAH_BINARY} --storage-driver vfs --root "${TEST_SCRATCH_DIR}"/registry/root --runroot "${TEST_SCRATCH_DIR}"/registry/run copy $ctr "${TEST_SCRATCH_DIR}"/registry/config/htpasswd "${TEST_SCRATCH_DIR}"/registry/config/config.yml "${TEST_SCRATCH_DIR}"/registry/certs/localhost.key "${TEST_SCRATCH_DIR}"/registry/certs/localhost.crt /etc/docker/registry/
|
2022-03-10 23:22:37 +08:00
|
|
|
|
|
|
|
|
# fire it up
|
2022-04-26 23:09:11 +08:00
|
|
|
coproc ${BUILDAH_BINARY} --storage-driver vfs --root "${TEST_SCRATCH_DIR}"/registry/root --runroot "${TEST_SCRATCH_DIR}"/registry/run run --net host "$ctr" /entrypoint.sh /etc/docker/registry/config.yml 2> "${TEST_SCRATCH_DIR}"/registry/registry.log
|
2022-03-10 23:22:37 +08:00
|
|
|
|
|
|
|
|
# record the coprocess's ID and try to parse the listening port from the log
|
|
|
|
|
# we're separating all of this from the storage for any test that might call
|
|
|
|
|
# this function and using vfs to minimize the cleanup required
|
|
|
|
|
REGISTRY_PID="${COPROC_PID}"
|
2022-04-26 23:09:11 +08:00
|
|
|
REGISTRY_DIR="${TEST_SCRATCH_DIR}"/registry
|
2022-03-10 23:22:37 +08:00
|
|
|
REGISTRY_PORT=
|
|
|
|
|
local waited=0
|
|
|
|
|
while [ -z "${REGISTRY_PORT}" ] ; do
|
|
|
|
|
if [ $waited -ge $BUILDAH_TIMEOUT ] ; then
|
|
|
|
|
echo Could not determine listening port from log:
|
2022-04-26 23:09:11 +08:00
|
|
|
sed -e 's/^/ >/' ${TEST_SCRATCH_DIR}/registry/registry.log
|
2022-03-10 23:22:37 +08:00
|
|
|
stop_registry
|
|
|
|
|
false
|
|
|
|
|
fi
|
|
|
|
|
waited=$((waited+1))
|
|
|
|
|
sleep 1
|
2022-04-26 23:09:11 +08:00
|
|
|
REGISTRY_PORT=$(sed -ne 's^.*listening on.*:\([0-9]\+\),.*^\1^p' ${TEST_SCRATCH_DIR}/registry/registry.log)
|
2022-03-10 23:22:37 +08:00
|
|
|
done
|
|
|
|
|
|
|
|
|
|
# push the registry image we just started... to itself, as a confidence check
|
|
|
|
|
if ! ${BUILDAH_BINARY} --storage-driver vfs --root "${REGISTRY_DIR}"/root --runroot "${REGISTRY_DIR}"/run push --cert-dir "${REGISTRY_DIR}" --creds "${testuser}":"${testpassword}" "${REGISTRY_IMAGE}" localhost:"${REGISTRY_PORT}"/registry; then
|
|
|
|
|
echo error pushing to /registry repository at localhost:$REGISTRY_PORT
|
|
|
|
|
stop_registry
|
|
|
|
|
false
|
|
|
|
|
fi
|
|
|
|
|
}
|
|
|
|
|
|
2025-05-16 02:19:36 +08:00
|
|
|
###################
|
|
|
|
|
# stop_registry #
|
|
|
|
|
###################
|
2022-03-10 23:22:37 +08:00
|
|
|
function stop_registry() {
|
|
|
|
|
if test -n "${REGISTRY_PID}" ; then
|
|
|
|
|
kill "${REGISTRY_PID}"
|
|
|
|
|
wait "${REGISTRY_PID}" || true
|
|
|
|
|
fi
|
|
|
|
|
unset REGISTRY_PID
|
|
|
|
|
unset REGISTRY_PORT
|
|
|
|
|
if test -n "${REGISTRY_DIR}" ; then
|
|
|
|
|
${BUILDAH_BINARY} --storage-driver vfs --root "${REGISTRY_DIR}"/root --runroot "${REGISTRY_DIR}"/run rmi -a -f
|
|
|
|
|
rm -fr "${REGISTRY_DIR}"
|
|
|
|
|
fi
|
|
|
|
|
unset REGISTRY_DIR
|
|
|
|
|
}
|
2025-05-16 02:19:36 +08:00
|
|
|
|
|
|
|
|
###############################
|
|
|
|
|
# oci_image_manifest_digest #
|
|
|
|
|
###############################
|
|
|
|
|
# prints the digest of the form "sha256:xxx" of the manifest for the main image
|
|
|
|
|
# in an OCI layout in "$1"
|
|
|
|
|
function oci_image_manifest_digest() {
|
|
|
|
|
run jq -r '.manifests[0].digest' "$1"/index.json
|
|
|
|
|
assert $status = 0 "looking for the digest of the image manifest"
|
|
|
|
|
assert "$output" != ""
|
|
|
|
|
echo "$output"
|
|
|
|
|
}
|
|
|
|
|
|
2025-06-21 03:05:20 +08:00
|
|
|
########################
|
|
|
|
|
# oci_image_manifest #
|
|
|
|
|
########################
|
|
|
|
|
# prints the relative path of the manifest for the main image in an OCI
|
|
|
|
|
# layout in "$1"
|
|
|
|
|
function oci_image_manifest() {
|
|
|
|
|
local diff_id=$(oci_image_manifest_digest "$@")
|
|
|
|
|
local alg=${diff_id%%:*}
|
|
|
|
|
local val=${diff_id##*:}
|
|
|
|
|
echo blobs/"$alg"/"$val"
|
|
|
|
|
}
|
|
|
|
|
|
2025-05-16 02:19:36 +08:00
|
|
|
#############################
|
|
|
|
|
# oci_image_config_digest #
|
|
|
|
|
#############################
|
|
|
|
|
# prints the digest of the form "sha256:xxx" of the config blob for the main
|
|
|
|
|
# image in an OCI layout in "$1"
|
|
|
|
|
function oci_image_config_digest() {
|
|
|
|
|
local digest=$(oci_image_manifest_digest "$1")
|
|
|
|
|
local alg=${digest%%:*}
|
|
|
|
|
local val=${digest##*:}
|
|
|
|
|
run jq -r '.config.digest' "$1"/blobs/"$alg"/"$val"
|
|
|
|
|
assert $status = 0 "looking for the digest of the image config"
|
|
|
|
|
assert "$output" != ""
|
|
|
|
|
echo "$output"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
######################
|
|
|
|
|
# oci_image_config #
|
|
|
|
|
######################
|
|
|
|
|
# prints the relative path of the config blob for the main image in an OCI
|
|
|
|
|
# layout in "$1"
|
|
|
|
|
function oci_image_config() {
|
|
|
|
|
local diff_id=$(oci_image_config_digest "$@")
|
|
|
|
|
local alg=${diff_id%%:*}
|
|
|
|
|
local val=${diff_id##*:}
|
|
|
|
|
echo blobs/"$alg"/"$val"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
########################
|
|
|
|
|
# oci_image_diff_ids #
|
|
|
|
|
########################
|
|
|
|
|
# prints the list of digests of the diff IDs for the main image in an OCI
|
|
|
|
|
# layout in "$1"
|
|
|
|
|
function oci_image_diff_ids() {
|
|
|
|
|
local digest=$(oci_image_config_digest "$1")
|
|
|
|
|
local alg=${digest%%:*}
|
|
|
|
|
local val=${digest##*:}
|
|
|
|
|
run jq -r '.rootfs.diff_ids[]' "$1"/blobs/"$alg"/"$val"
|
|
|
|
|
assert $status = 0 "looking for the diff IDs in the image config"
|
|
|
|
|
assert "$output" != ""
|
|
|
|
|
echo "$output"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#######################
|
|
|
|
|
# oci_image_diff_id #
|
|
|
|
|
#######################
|
|
|
|
|
# prints a single diff ID for the main image in an OCI layout in "$1", choosing
|
|
|
|
|
# which one to print based on an index and arithmetic operands passed in
|
|
|
|
|
# subsequent arguments
|
|
|
|
|
function oci_image_diff_id() {
|
|
|
|
|
local diff_ids=($(oci_image_diff_ids "$1"))
|
|
|
|
|
shift
|
|
|
|
|
case "$*" in
|
|
|
|
|
-*) echo ${diff_ids[$((${#diff_ids[@]} "$@"))]} ;;
|
|
|
|
|
*) echo ${diff_ids[$(("$@"))]} ;;
|
|
|
|
|
esac
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
############################
|
|
|
|
|
# oci_image_last_diff_id #
|
|
|
|
|
############################
|
|
|
|
|
# prints the diff ID of the most recent layer for the main image in an OCI
|
|
|
|
|
# layout in "$1"
|
|
|
|
|
function oci_image_last_diff_id() {
|
|
|
|
|
local diff_id=($(oci_image_diff_id "$1" - 1))
|
|
|
|
|
echo "$diff_id"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
####################
|
|
|
|
|
# oci_image_diff #
|
|
|
|
|
####################
|
|
|
|
|
# prints the relative path of a single layer diff for the main image in an OCI
|
|
|
|
|
# layout in "$1", choosing which one to print based on an index and arithmetic
|
|
|
|
|
# operands passed in subsequent arguments
|
|
|
|
|
function oci_image_diff() {
|
|
|
|
|
local diff_id=$(oci_image_diff_id "$@")
|
|
|
|
|
local alg=${diff_id%%:*}
|
|
|
|
|
local val=${diff_id##*:}
|
|
|
|
|
echo blobs/"$alg"/"$val"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#########################
|
|
|
|
|
# oci_image_last_diff #
|
|
|
|
|
#########################
|
|
|
|
|
# prints the relative path of the most recent layer for the main image in an
|
|
|
|
|
# OCI layout in "$1"
|
|
|
|
|
function oci_image_last_diff() {
|
|
|
|
|
local output=$(oci_image_diff "$1" - 1)
|
|
|
|
|
echo "$output"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#############################
|
|
|
|
|
# dir_image_config_digest #
|
|
|
|
|
#############################
|
|
|
|
|
# prints the digest of the form "sha256:xxx" of the config blob for the "dir"
|
|
|
|
|
# image in "$1"
|
|
|
|
|
function dir_image_config_digest() {
|
|
|
|
|
run jq -r '.config.digest' "$1"/manifest.json
|
|
|
|
|
assert $status = 0 "looking for the digest of the image config"
|
|
|
|
|
assert "$output" != ""
|
|
|
|
|
echo "$output"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
########################
|
|
|
|
|
# dir_image_diff_ids #
|
|
|
|
|
########################
|
|
|
|
|
# prints the list of digests of the diff IDs for the "dir" image in "$1"
|
|
|
|
|
function dir_image_diff_ids() {
|
|
|
|
|
local digest=$(dir_image_config_digest "$1")
|
|
|
|
|
local alg=${digest%%:*}
|
|
|
|
|
local val=${digest##*:}
|
|
|
|
|
run jq -r '.rootfs.diff_ids[]' "$1"/"$val"
|
|
|
|
|
assert $status = 0 "looking for the diff IDs in the image config"
|
|
|
|
|
assert "$output" != ""
|
|
|
|
|
echo "$output"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#######################
|
|
|
|
|
# dir_image_diff_id #
|
|
|
|
|
#######################
|
|
|
|
|
# prints a single diff ID for the "dir" image in "$1", choosing which one to
|
|
|
|
|
# print based on an index and arithmetic operands passed in subsequent
|
|
|
|
|
# arguments
|
|
|
|
|
function dir_image_diff_id() {
|
|
|
|
|
local diff_ids=($(dir_image_diff_ids "$1"))
|
|
|
|
|
shift
|
|
|
|
|
case "$*" in
|
|
|
|
|
-*) echo ${diff_ids[$((${#diff_ids[@]} "$@"))]} ;;
|
|
|
|
|
*) echo ${diff_ids[$(("$@"))]} ;;
|
|
|
|
|
esac
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
############################
|
|
|
|
|
# dir_image_last_diff_id #
|
|
|
|
|
############################
|
|
|
|
|
# prints the diff ID of the most recent layer for "dir" image in "$1"
|
|
|
|
|
function dir_image_last_diff_id() {
|
|
|
|
|
local diff_id=($(dir_image_diff_id "$1" - 1))
|
|
|
|
|
echo "$diff_id"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
######################
|
|
|
|
|
# dir_image_config #
|
|
|
|
|
######################
|
|
|
|
|
# prints the relative path of the config blob for the "dir" image in "$1"
|
|
|
|
|
function dir_image_config() {
|
|
|
|
|
local diff_id=$(dir_image_config_digest "$@")
|
|
|
|
|
local alg=${diff_id%%:*}
|
|
|
|
|
local val=${diff_id##*:}
|
|
|
|
|
echo "$val"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
####################
|
|
|
|
|
# dir_image_diff #
|
|
|
|
|
####################
|
|
|
|
|
# prints the relative path of a single layer diff for the "dir" image in "$1",
|
|
|
|
|
# choosing which one to print based on an index and arithmetic operands passed
|
|
|
|
|
# in subsequent arguments
|
|
|
|
|
function dir_image_diff() {
|
|
|
|
|
local diff_id=$(dir_image_diff_id "$@")
|
|
|
|
|
local alg=${diff_id%%:*}
|
|
|
|
|
local val=${diff_id##*:}
|
|
|
|
|
echo "$val"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#########################
|
|
|
|
|
# dir_image_last_diff #
|
|
|
|
|
#########################
|
|
|
|
|
# prints the relative path of the most recent layer for "dir" image in "$1"
|
|
|
|
|
function dir_image_last_diff() {
|
2025-04-30 05:04:20 +08:00
|
|
|
local output=$(dir_image_diff "$1" - 1)
|
2025-05-16 02:19:36 +08:00
|
|
|
echo "$output"
|
|
|
|
|
}
|
