diff --git a/tests/add.bats b/tests/add.bats index 66807ee90..a12329571 100644 --- a/tests/add.bats +++ b/tests/add.bats @@ -14,8 +14,8 @@ load helpers } @test "add-local-plain" { - createrandom ${TESTDIR}/randomfile - createrandom ${TESTDIR}/other-randomfile + createrandom ${TEST_SCRATCH_DIR}/randomfile + createrandom ${TEST_SCRATCH_DIR}/other-randomfile run_buildah from $WITH_POLICY_JSON scratch cid=$output @@ -24,18 +24,18 @@ load helpers mkdir $root/subdir $root/other-subdir # Copy a file to the working directory run_buildah config --workingdir=/ $cid - run_buildah add $cid ${TESTDIR}/randomfile + run_buildah add $cid ${TEST_SCRATCH_DIR}/randomfile # Copy a file to a specific subdirectory - run_buildah add $cid ${TESTDIR}/randomfile /subdir + run_buildah add $cid ${TEST_SCRATCH_DIR}/randomfile /subdir # Copy two files to a specific subdirectory - run_buildah add $cid ${TESTDIR}/randomfile ${TESTDIR}/other-randomfile /other-subdir + run_buildah add $cid ${TEST_SCRATCH_DIR}/randomfile ${TEST_SCRATCH_DIR}/other-randomfile /other-subdir # Copy two files to a specific location, which succeeds because we can create it as a directory. - run_buildah add $cid ${TESTDIR}/randomfile ${TESTDIR}/other-randomfile /notthereyet-subdir + run_buildah add $cid ${TEST_SCRATCH_DIR}/randomfile ${TEST_SCRATCH_DIR}/other-randomfile /notthereyet-subdir # Copy two files to a specific location, which fails because it's not a directory. - run_buildah 125 add $cid ${TESTDIR}/randomfile ${TESTDIR}/other-randomfile /randomfile + run_buildah 125 add $cid ${TEST_SCRATCH_DIR}/randomfile ${TEST_SCRATCH_DIR}/other-randomfile /randomfile # Copy a file to a different working directory run_buildah config --workingdir=/cwd $cid - run_buildah add $cid ${TESTDIR}/randomfile + run_buildah add $cid ${TEST_SCRATCH_DIR}/randomfile run_buildah unmount $cid run_buildah commit $WITH_POLICY_JSON $cid containers-storage:new-image run_buildah rm $cid @@ -45,47 +45,47 @@ load helpers run_buildah mount $newcid newroot=$output test -s $newroot/randomfile - cmp ${TESTDIR}/randomfile $newroot/randomfile + cmp ${TEST_SCRATCH_DIR}/randomfile $newroot/randomfile test -s $newroot/subdir/randomfile - cmp ${TESTDIR}/randomfile $newroot/subdir/randomfile + cmp ${TEST_SCRATCH_DIR}/randomfile $newroot/subdir/randomfile test -s $newroot/other-subdir/randomfile - cmp ${TESTDIR}/randomfile $newroot/other-subdir/randomfile + cmp ${TEST_SCRATCH_DIR}/randomfile $newroot/other-subdir/randomfile test -s $newroot/other-subdir/other-randomfile - cmp ${TESTDIR}/other-randomfile $newroot/other-subdir/other-randomfile + cmp ${TEST_SCRATCH_DIR}/other-randomfile $newroot/other-subdir/other-randomfile test -d $newroot/cwd test -s $newroot/cwd/randomfile - cmp ${TESTDIR}/randomfile $newroot/cwd/randomfile + cmp ${TEST_SCRATCH_DIR}/randomfile $newroot/cwd/randomfile run_buildah rm $newcid } @test "add-local-archive" { - createrandom ${TESTDIR}/randomfile - createrandom ${TESTDIR}/other-randomfile + createrandom ${TEST_SCRATCH_DIR}/randomfile + createrandom ${TEST_SCRATCH_DIR}/other-randomfile run_buildah from $WITH_POLICY_JSON scratch cid=$output - dd if=/dev/urandom bs=1024 count=4 of=${TESTDIR}/random1 - dd if=/dev/urandom bs=1024 count=4 of=${TESTDIR}/random2 - tar -c -C ${TESTDIR} -f ${TESTDIR}/tarball1.tar random1 random2 - mkdir ${TESTDIR}/tarball2 - dd if=/dev/urandom bs=1024 count=4 of=${TESTDIR}/tarball2/tarball2.random1 - dd if=/dev/urandom bs=1024 count=4 of=${TESTDIR}/tarball2/tarball2.random2 - tar -c -C ${TESTDIR} -z -f ${TESTDIR}/tarball2.tar.gz tarball2 - mkdir ${TESTDIR}/tarball3 - dd if=/dev/urandom bs=1024 count=4 of=${TESTDIR}/tarball3/tarball3.random1 - dd if=/dev/urandom bs=1024 count=4 of=${TESTDIR}/tarball3/tarball3.random2 - tar -c -C ${TESTDIR} -j -f ${TESTDIR}/tarball3.tar.bz2 tarball3 - mkdir ${TESTDIR}/tarball4 - dd if=/dev/urandom bs=1024 count=4 of=${TESTDIR}/tarball4/tarball4.random1 - dd if=/dev/urandom bs=1024 count=4 of=${TESTDIR}/tarball4/tarball4.random2 - tar -c -C ${TESTDIR} -j -f ${TESTDIR}/tarball4.tar.bz2 tarball4 + dd if=/dev/urandom bs=1024 count=4 of=${TEST_SCRATCH_DIR}/random1 + dd if=/dev/urandom bs=1024 count=4 of=${TEST_SCRATCH_DIR}/random2 + tar -c -C ${TEST_SCRATCH_DIR} -f ${TEST_SCRATCH_DIR}/tarball1.tar random1 random2 + mkdir ${TEST_SCRATCH_DIR}/tarball2 + dd if=/dev/urandom bs=1024 count=4 of=${TEST_SCRATCH_DIR}/tarball2/tarball2.random1 + dd if=/dev/urandom bs=1024 count=4 of=${TEST_SCRATCH_DIR}/tarball2/tarball2.random2 + tar -c -C ${TEST_SCRATCH_DIR} -z -f ${TEST_SCRATCH_DIR}/tarball2.tar.gz tarball2 + mkdir ${TEST_SCRATCH_DIR}/tarball3 + dd if=/dev/urandom bs=1024 count=4 of=${TEST_SCRATCH_DIR}/tarball3/tarball3.random1 + dd if=/dev/urandom bs=1024 count=4 of=${TEST_SCRATCH_DIR}/tarball3/tarball3.random2 + tar -c -C ${TEST_SCRATCH_DIR} -j -f ${TEST_SCRATCH_DIR}/tarball3.tar.bz2 tarball3 + mkdir ${TEST_SCRATCH_DIR}/tarball4 + dd if=/dev/urandom bs=1024 count=4 of=${TEST_SCRATCH_DIR}/tarball4/tarball4.random1 + dd if=/dev/urandom bs=1024 count=4 of=${TEST_SCRATCH_DIR}/tarball4/tarball4.random2 + tar -c -C ${TEST_SCRATCH_DIR} -j -f ${TEST_SCRATCH_DIR}/tarball4.tar.bz2 tarball4 # Add the files to the working directory, which should extract them all. run_buildah config --workingdir=/ $cid - run_buildah add $cid ${TESTDIR}/tarball1.tar - run_buildah add $cid ${TESTDIR}/tarball2.tar.gz - run_buildah add $cid ${TESTDIR}/tarball3.tar.bz2 - run_buildah add $cid ${TESTDIR}/tarball4.tar.bz2 + run_buildah add $cid ${TEST_SCRATCH_DIR}/tarball1.tar + run_buildah add $cid ${TEST_SCRATCH_DIR}/tarball2.tar.gz + run_buildah add $cid ${TEST_SCRATCH_DIR}/tarball3.tar.bz2 + run_buildah add $cid ${TEST_SCRATCH_DIR}/tarball4.tar.bz2 run_buildah commit $WITH_POLICY_JSON $cid containers-storage:new-image run_buildah rm $cid @@ -94,32 +94,32 @@ load helpers run_buildah mount $newcid newroot=$output test -s $newroot/random1 - cmp ${TESTDIR}/random1 $newroot/random1 + cmp ${TEST_SCRATCH_DIR}/random1 $newroot/random1 test -s $newroot/random2 - cmp ${TESTDIR}/random2 $newroot/random2 + cmp ${TEST_SCRATCH_DIR}/random2 $newroot/random2 test -s $newroot/tarball2/tarball2.random1 - cmp ${TESTDIR}/tarball2/tarball2.random1 $newroot/tarball2/tarball2.random1 + cmp ${TEST_SCRATCH_DIR}/tarball2/tarball2.random1 $newroot/tarball2/tarball2.random1 test -s $newroot/tarball2/tarball2.random2 - cmp ${TESTDIR}/tarball2/tarball2.random2 $newroot/tarball2/tarball2.random2 + cmp ${TEST_SCRATCH_DIR}/tarball2/tarball2.random2 $newroot/tarball2/tarball2.random2 test -s $newroot/tarball3/tarball3.random1 - cmp ${TESTDIR}/tarball3/tarball3.random1 $newroot/tarball3/tarball3.random1 + cmp ${TEST_SCRATCH_DIR}/tarball3/tarball3.random1 $newroot/tarball3/tarball3.random1 test -s $newroot/tarball3/tarball3.random2 - cmp ${TESTDIR}/tarball3/tarball3.random2 $newroot/tarball3/tarball3.random2 + cmp ${TEST_SCRATCH_DIR}/tarball3/tarball3.random2 $newroot/tarball3/tarball3.random2 test -s $newroot/tarball4/tarball4.random1 - cmp ${TESTDIR}/tarball4/tarball4.random1 $newroot/tarball4/tarball4.random1 + cmp ${TEST_SCRATCH_DIR}/tarball4/tarball4.random1 $newroot/tarball4/tarball4.random1 test -s $newroot/tarball4/tarball4.random2 - cmp ${TESTDIR}/tarball4/tarball4.random2 $newroot/tarball4/tarball4.random2 + cmp ${TEST_SCRATCH_DIR}/tarball4/tarball4.random2 $newroot/tarball4/tarball4.random2 } @test "add single file creates absolute path with correct permissions" { _prefetch ubuntu imgName=ubuntu-image - createrandom ${TESTDIR}/distutils.cfg - permission=$(stat -c "%a" ${TESTDIR}/distutils.cfg) + createrandom ${TEST_SCRATCH_DIR}/distutils.cfg + permission=$(stat -c "%a" ${TEST_SCRATCH_DIR}/distutils.cfg) run_buildah from --quiet $WITH_POLICY_JSON ubuntu cid=$output - run_buildah add $cid ${TESTDIR}/distutils.cfg /usr/lib/python3.7/distutils + run_buildah add $cid ${TEST_SCRATCH_DIR}/distutils.cfg /usr/lib/python3.7/distutils run_buildah run $cid stat -c "%a" /usr/lib/python3.7/distutils expect_output $permission run_buildah commit $WITH_POLICY_JSON $cid containers-storage:${imgName} @@ -134,12 +134,12 @@ load helpers @test "add single file creates relative path with correct permissions" { _prefetch ubuntu imgName=ubuntu-image - createrandom ${TESTDIR}/distutils.cfg - permission=$(stat -c "%a" ${TESTDIR}/distutils.cfg) + createrandom ${TEST_SCRATCH_DIR}/distutils.cfg + permission=$(stat -c "%a" ${TEST_SCRATCH_DIR}/distutils.cfg) run_buildah from --quiet $WITH_POLICY_JSON ubuntu cid=$output - run_buildah add $cid ${TESTDIR}/distutils.cfg lib/custom + run_buildah add $cid ${TEST_SCRATCH_DIR}/distutils.cfg lib/custom run_buildah run $cid stat -c "%a" lib/custom expect_output $permission run_buildah commit $WITH_POLICY_JSON $cid containers-storage:${imgName} @@ -153,10 +153,10 @@ load helpers @test "add with chown" { _prefetch busybox - createrandom ${TESTDIR}/randomfile + createrandom ${TEST_SCRATCH_DIR}/randomfile run_buildah from --quiet $WITH_POLICY_JSON busybox cid=$output - run_buildah add --chown bin:bin $cid ${TESTDIR}/randomfile /tmp/random + run_buildah add --chown bin:bin $cid ${TEST_SCRATCH_DIR}/randomfile /tmp/random run_buildah run $cid ls -l /tmp/random expect_output --substring bin.*bin @@ -164,10 +164,10 @@ load helpers @test "add with chmod" { _prefetch busybox - createrandom ${TESTDIR}/randomfile + createrandom ${TEST_SCRATCH_DIR}/randomfile run_buildah from --quiet $WITH_POLICY_JSON busybox cid=$output - run_buildah add --chmod 777 $cid ${TESTDIR}/randomfile /tmp/random + run_buildah add --chmod 777 $cid ${TEST_SCRATCH_DIR}/randomfile /tmp/random run_buildah run $cid ls -l /tmp/random expect_output --substring rwxrwxrwx @@ -201,7 +201,7 @@ load helpers } @test "add --ignorefile" { - mytest=${TESTDIR}/mytest + mytest=${TEST_SCRATCH_DIR}/mytest mkdir -p ${mytest} touch ${mytest}/mystuff touch ${mytest}/source.go @@ -235,24 +235,24 @@ stuff/mystuff" @test "add quietly" { _prefetch busybox - createrandom ${TESTDIR}/randomfile + createrandom ${TEST_SCRATCH_DIR}/randomfile run_buildah from --quiet $WITH_POLICY_JSON busybox cid=$output - run_buildah add --quiet $cid ${TESTDIR}/randomfile /tmp/random + run_buildah add --quiet $cid ${TEST_SCRATCH_DIR}/randomfile /tmp/random expect_output "" run_buildah mount $cid croot=$output - cmp ${TESTDIR}/randomfile ${croot}/tmp/random + cmp ${TEST_SCRATCH_DIR}/randomfile ${croot}/tmp/random } @test "add from container" { _prefetch busybox - createrandom ${TESTDIR}/randomfile + createrandom ${TEST_SCRATCH_DIR}/randomfile run_buildah from --quiet $WITH_POLICY_JSON busybox from=$output run_buildah from --quiet $WITH_POLICY_JSON busybox cid=$output - run_buildah add --quiet $from ${TESTDIR}/randomfile /tmp/random + run_buildah add --quiet $from ${TEST_SCRATCH_DIR}/randomfile /tmp/random expect_output "" run_buildah add --quiet $WITH_POLICY_JSON --from $from $cid /tmp/random /tmp/random # absolute path expect_output "" @@ -260,8 +260,8 @@ stuff/mystuff" expect_output "" run_buildah mount $cid croot=$output - cmp ${TESTDIR}/randomfile ${croot}/tmp/random - cmp ${TESTDIR}/randomfile ${croot}/tmp/random2 + cmp ${TEST_SCRATCH_DIR}/randomfile ${croot}/tmp/random + cmp ${TEST_SCRATCH_DIR}/randomfile ${croot}/tmp/random2 } @test "add from image" { diff --git a/tests/authenticate.bats b/tests/authenticate.bats index e6d4ca97a..2aa8e5316 100644 --- a/tests/authenticate.bats +++ b/tests/authenticate.bats @@ -60,8 +60,8 @@ load helpers expect_output --from="${lines[-1]}" "my-alpine-work-ctr" # Create Dockerfile for bud tests - mkdir -p ${TESTDIR}/dockerdir - DOCKERFILE=${TESTDIR}/dockerdir/Dockerfile + mkdir -p ${TEST_SCRATCH_DIR}/dockerdir + DOCKERFILE=${TEST_SCRATCH_DIR}/dockerdir/Dockerfile /bin/cat <$DOCKERFILE FROM localhost:$REGISTRY_PORT/my-alpine EOM @@ -105,8 +105,8 @@ EOM run_buildah commit $WITH_POLICY_JSON --cert-dir=$REGISTRY_DIR --tls-verify=true --creds=testuser:testpassword $cid docker://localhost:$REGISTRY_PORT/my-alpine # Create Dockerfile for bud tests - mkdir -p ${TESTDIR}/dockerdir - DOCKERFILE=${TESTDIR}/dockerdir/Dockerfile + mkdir -p ${TEST_SCRATCH_DIR}/dockerdir + DOCKERFILE=${TEST_SCRATCH_DIR}/dockerdir/Dockerfile /bin/cat <$DOCKERFILE FROM localhost:$REGISTRY_PORT/my-alpine RUN rm testfile diff --git a/tests/basic.bats b/tests/basic.bats index 62097b4f5..8d900632b 100644 --- a/tests/basic.bats +++ b/tests/basic.bats @@ -58,17 +58,17 @@ load helpers } @test "commit" { - createrandom ${TESTDIR}/randomfile - createrandom ${TESTDIR}/other-randomfile + createrandom ${TEST_SCRATCH_DIR}/randomfile + createrandom ${TEST_SCRATCH_DIR}/other-randomfile run_buildah from $WITH_POLICY_JSON scratch cid=$output run_buildah mount $cid root=$output - cp ${TESTDIR}/randomfile $root/randomfile + cp ${TEST_SCRATCH_DIR}/randomfile $root/randomfile run_buildah unmount $cid - run_buildah commit --iidfile ${TESTDIR}/output.iid $WITH_POLICY_JSON $cid containers-storage:new-image - iid=$(< ${TESTDIR}/output.iid) + run_buildah commit --iidfile ${TEST_SCRATCH_DIR}/output.iid $WITH_POLICY_JSON $cid containers-storage:new-image + iid=$(< ${TEST_SCRATCH_DIR}/output.iid) assert "$iid" =~ "sha256:[0-9a-f]{64}" run_buildah rmi $iid run_buildah commit $WITH_POLICY_JSON $cid containers-storage:new-image @@ -78,8 +78,8 @@ load helpers run_buildah mount $newcid newroot=$output test -s $newroot/randomfile - cmp ${TESTDIR}/randomfile $newroot/randomfile - cp ${TESTDIR}/other-randomfile $newroot/other-randomfile + cmp ${TEST_SCRATCH_DIR}/randomfile $newroot/randomfile + cp ${TEST_SCRATCH_DIR}/other-randomfile $newroot/other-randomfile run_buildah commit $WITH_POLICY_JSON $newcid containers-storage:other-new-image # Not an allowed ordering of arguments and flags. Check that it's rejected. run_buildah 125 commit $newcid $WITH_POLICY_JSON containers-storage:rejected-new-image @@ -94,9 +94,9 @@ load helpers run_buildah mount $othernewcid othernewroot=$output test -s $othernewroot/randomfile - cmp ${TESTDIR}/randomfile $othernewroot/randomfile + cmp ${TEST_SCRATCH_DIR}/randomfile $othernewroot/randomfile test -s $othernewroot/other-randomfile - cmp ${TESTDIR}/other-randomfile $othernewroot/other-randomfile + cmp ${TEST_SCRATCH_DIR}/other-randomfile $othernewroot/other-randomfile run_buildah rm $othernewcid run_buildah from --quiet $WITH_POLICY_JSON another-new-image @@ -104,9 +104,9 @@ load helpers run_buildah mount $anothernewcid anothernewroot=$output test -s $anothernewroot/randomfile - cmp ${TESTDIR}/randomfile $anothernewroot/randomfile + cmp ${TEST_SCRATCH_DIR}/randomfile $anothernewroot/randomfile test -s $anothernewroot/other-randomfile - cmp ${TESTDIR}/other-randomfile $anothernewroot/other-randomfile + cmp ${TEST_SCRATCH_DIR}/other-randomfile $anothernewroot/other-randomfile run_buildah rm $anothernewcid run_buildah from --quiet $WITH_POLICY_JSON yet-another-new-image @@ -114,9 +114,9 @@ load helpers run_buildah mount $yetanothernewcid yetanothernewroot=$output test -s $yetanothernewroot/randomfile - cmp ${TESTDIR}/randomfile $yetanothernewroot/randomfile + cmp ${TEST_SCRATCH_DIR}/randomfile $yetanothernewroot/randomfile test -s $yetanothernewroot/other-randomfile - cmp ${TESTDIR}/other-randomfile $yetanothernewroot/other-randomfile + cmp ${TEST_SCRATCH_DIR}/other-randomfile $yetanothernewroot/other-randomfile run_buildah delete $yetanothernewcid run_buildah from --quiet $WITH_POLICY_JSON new-image diff --git a/tests/blobcache.bats b/tests/blobcache.bats index 3880c3e99..0ae9b765c 100644 --- a/tests/blobcache.bats +++ b/tests/blobcache.bats @@ -3,7 +3,7 @@ load helpers @test "blobcache-pull" { - blobcachedir=${TESTDIR}/cache + blobcachedir=${TEST_SCRATCH_DIR}/cache mkdir -p ${blobcachedir} # Pull an image using a fresh directory for the blob cache. run_buildah pull --blob-cache=${blobcachedir} $WITH_POLICY_JSON k8s.gcr.io/pause @@ -15,7 +15,7 @@ load helpers } @test "blobcache-from" { - blobcachedir=${TESTDIR}/cache + blobcachedir=${TEST_SCRATCH_DIR}/cache mkdir -p ${blobcachedir} # Pull an image using a fresh directory for the blob cache. run_buildah from --blob-cache=${blobcachedir} $WITH_POLICY_JSON k8s.gcr.io/pause @@ -56,7 +56,7 @@ function _check_matches() { } @test "blobcache-commit" { - blobcachedir=${TESTDIR}/cache + blobcachedir=${TEST_SCRATCH_DIR}/cache mkdir -p ${blobcachedir} # Pull an image using a fresh directory for the blob cache. run_buildah from --quiet --blob-cache=${blobcachedir} $WITH_POLICY_JSON k8s.gcr.io/pause @@ -64,7 +64,7 @@ function _check_matches() { run_buildah add ${ctr} $BUDFILES/add-file/file / # Commit the image without using the blob cache, using compression so that uncompressed blobs # in the cache which we inherited from our base image won't be matched. - doomeddir=${TESTDIR}/doomed + doomeddir=${TEST_SCRATCH_DIR}/doomed mkdir -p ${doomeddir} run_buildah commit $WITH_POLICY_JSON --disable-compression=false ${ctr} dir:${doomeddir} _check_matches $doomeddir $blobcachedir \ @@ -74,7 +74,7 @@ function _check_matches() { # Commit the image using the blob cache, again using compression. We'll have recorded the # compressed digests that match the uncompressed digests the last time around, so we should # get some matches this time. - destdir=${TESTDIR}/dest + destdir=${TEST_SCRATCH_DIR}/dest mkdir -p ${destdir} ls -l ${blobcachedir} run_buildah commit $WITH_POLICY_JSON --blob-cache=${blobcachedir} --disable-compression=false ${ctr} dir:${destdir} @@ -85,7 +85,7 @@ function _check_matches() { @test "blobcache-push" { target=targetimage - blobcachedir=${TESTDIR}/cache + blobcachedir=${TEST_SCRATCH_DIR}/cache mkdir -p ${blobcachedir} # Pull an image using a fresh directory for the blob cache. run_buildah from --quiet --blob-cache=${blobcachedir} $WITH_POLICY_JSON k8s.gcr.io/pause @@ -95,7 +95,7 @@ function _check_matches() { ls -l ${blobcachedir} run_buildah commit $WITH_POLICY_JSON --blob-cache=${blobcachedir} --disable-compression=false ${ctr} ${target} # Try to push the image without the blob cache. - doomeddir=${TESTDIR}/doomed + doomeddir=${TEST_SCRATCH_DIR}/doomed mkdir -p ${doomeddir} ls -l ${blobcachedir} run_buildah push $WITH_POLICY_JSON ${target} dir:${doomeddir} @@ -104,7 +104,7 @@ function _check_matches() { 4 "version, manifest, base layers" # Now try to push the image using the blob cache. - destdir=${TESTDIR}/dest + destdir=${TEST_SCRATCH_DIR}/dest mkdir -p ${destdir} ls -l ${blobcachedir} @@ -115,7 +115,7 @@ function _check_matches() { } @test "blobcache-build-compressed-using-dockerfile-explicit-push" { - blobcachedir=${TESTDIR}/cache + blobcachedir=${TEST_SCRATCH_DIR}/cache mkdir -p ${blobcachedir} target=new-image # Build an image while pulling the base image. Compress the layers so that they get added @@ -125,7 +125,7 @@ function _check_matches() { # compressed version of a blob if it's been told that we want to compress things, so # we also request compression here to avoid having the copy logic just compress the # uncompressed copy again. - destdir=${TESTDIR}/dest + destdir=${TEST_SCRATCH_DIR}/dest mkdir -p ${destdir} run_buildah push $WITH_POLICY_JSON --blob-cache=${blobcachedir} --disable-compression=false ${target} dir:${destdir} _check_matches $destdir $blobcachedir \ @@ -134,13 +134,13 @@ function _check_matches() { } @test "blobcache-build-uncompressed-using-dockerfile-explicit-push" { - blobcachedir=${TESTDIR}/cache + blobcachedir=${TEST_SCRATCH_DIR}/cache mkdir -p ${blobcachedir} target=new-image # Build an image while pulling the base image. run_buildah build-using-dockerfile -t ${target} -D --pull-always --blob-cache=${blobcachedir} $WITH_POLICY_JSON $BUDFILES/add-file # Now try to push the image using the blob cache. - destdir=${TESTDIR}/dest + destdir=${TEST_SCRATCH_DIR}/dest mkdir -p ${destdir} run_buildah push $WITH_POLICY_JSON --blob-cache=${blobcachedir} ${target} dir:${destdir} _check_matches $destdir $blobcachedir \ @@ -149,10 +149,10 @@ function _check_matches() { } @test "blobcache-build-compressed-using-dockerfile-implicit-push" { - blobcachedir=${TESTDIR}/cache + blobcachedir=${TEST_SCRATCH_DIR}/cache mkdir -p ${blobcachedir} target=new-image - destdir=${TESTDIR}/dest + destdir=${TEST_SCRATCH_DIR}/dest mkdir -p ${destdir} # Build an image while pulling the base image, implicitly pushing while writing. run_buildah build-using-dockerfile -t dir:${destdir} --pull-always --blob-cache=${blobcachedir} $WITH_POLICY_JSON $BUDFILES/add-file @@ -162,10 +162,10 @@ function _check_matches() { } @test "blobcache-build-uncompressed-using-dockerfile-implicit-push" { - blobcachedir=${TESTDIR}/cache + blobcachedir=${TEST_SCRATCH_DIR}/cache mkdir -p ${blobcachedir} target=new-image - destdir=${TESTDIR}/dest + destdir=${TEST_SCRATCH_DIR}/dest mkdir -p ${destdir} # Build an image while pulling the base image, implicitly pushing while writing. run_buildah build-using-dockerfile -t dir:${destdir} -D --pull-always --blob-cache=${blobcachedir} $WITH_POLICY_JSON $BUDFILES/add-file diff --git a/tests/bud.bats b/tests/bud.bats index b1709e9ed..6b79fd3c6 100644 --- a/tests/bud.bats +++ b/tests/bud.bats @@ -68,15 +68,15 @@ load helpers # on rawhide no longer packages circular symlinks (rpm issue #1159). # We used to include these symlinks in git and the rpm; now we need to # set them up manually as part of test setup to be able to package tests. - cp -a $BUDFILES/dockerignore2 ${TESTDIR}/dockerignore2 + cp -a $BUDFILES/dockerignore2 ${TEST_SCRATCH_DIR}/dockerignore2 # Create symlinks, including bad ones - ln -sf subdir ${TESTDIR}/dockerignore2/symlink - ln -sf circular-link ${TESTDIR}/dockerignore2/subdir/circular-link - ln -sf no-such-file ${TESTDIR}/dockerignore2/subdir/dangling-link + ln -sf subdir ${TEST_SCRATCH_DIR}/dockerignore2/symlink + ln -sf circular-link ${TEST_SCRATCH_DIR}/dockerignore2/subdir/circular-link + ln -sf no-such-file ${TEST_SCRATCH_DIR}/dockerignore2/subdir/dangling-link # Build, create a container, mount it, and list all files therein - run_buildah build -t testbud2 $WITH_POLICY_JSON ${TESTDIR}/dockerignore2 + run_buildah build -t testbud2 $WITH_POLICY_JSON ${TEST_SCRATCH_DIR}/dockerignore2 run_buildah from --pull=false testbud2 cid=$output @@ -121,7 +121,7 @@ symlink(subdir)" # Issue: https://github.com/containers/buildah/issues/3712 @test "build-with-inline-platform" { # Host arch - mkdir -p ${TESTDIR}/bud/platform + mkdir -p ${TEST_SCRATCH_DIR}/bud/platform run_buildah info --format '{{.host.arch}}' myarch="$output" otherarch="arm64" @@ -131,12 +131,12 @@ symlink(subdir)" otherarch="amd64" fi # ...create a Containerfile with --platform=linux/$otherarch - cat > ${TESTDIR}/bud/platform/Dockerfile << _EOF + cat > ${TEST_SCRATCH_DIR}/bud/platform/Dockerfile << _EOF FROM --platform=linux/${otherarch} alpine RUN uname -m _EOF - run_buildah '?' build $WITH_POLICY_JSON -t test ${TESTDIR}/bud/platform + run_buildah '?' build $WITH_POLICY_JSON -t test ${TEST_SCRATCH_DIR}/bud/platform if [[ $status -eq 0 ]]; then run_buildah inspect --format '{{ .OCIv1.Architecture }}' test expect_output --substring "$otherarch" @@ -150,7 +150,7 @@ _EOF # Test for use-case described here: https://github.com/containers/buildah/issues/3261 @test "build-with-inline-platform-amd-but-tag-as-arm" { # Host arch - mkdir -p ${TESTDIR}/bud/platform + mkdir -p ${TEST_SCRATCH_DIR}/bud/platform run_buildah info --format '{{.host.arch}}' myarch="$output" targetarch="arm64" @@ -159,28 +159,28 @@ _EOF targetarch="amd64" fi - cat > ${TESTDIR}/bud/platform/Dockerfile << _EOF + cat > ${TEST_SCRATCH_DIR}/bud/platform/Dockerfile << _EOF FROM --platform=linux/${myarch} alpine RUN uname -m _EOF # Tries building image where baseImage has --platform=linux/HostArch - run_buildah build --platform linux/${targetarch} $WITH_POLICY_JSON -t test ${TESTDIR}/bud/platform + run_buildah build --platform linux/${targetarch} $WITH_POLICY_JSON -t test ${TEST_SCRATCH_DIR}/bud/platform run_buildah inspect --format '{{ .OCIv1.Architecture }}' test # base image is pulled as HostArch but tagged as non host arch expect_output --substring $targetarch } @test "bud with --layers and --no-cache flags" { - cp -a $BUDFILES/use-layers ${TESTDIR}/use-layers + cp -a $BUDFILES/use-layers ${TEST_SCRATCH_DIR}/use-layers # Run with --pull-always to have a regression test for # containers/podman/issues/10307. - run_buildah build --pull-always $WITH_POLICY_JSON --layers -t test1 ${TESTDIR}/use-layers + run_buildah build --pull-always $WITH_POLICY_JSON --layers -t test1 ${TEST_SCRATCH_DIR}/use-layers run_buildah images -a expect_line_count 8 - run_buildah build --pull-never $WITH_POLICY_JSON --layers -t test2 ${TESTDIR}/use-layers + run_buildah build --pull-never $WITH_POLICY_JSON --layers -t test2 ${TEST_SCRATCH_DIR}/use-layers run_buildah images -a expect_line_count 10 run_buildah inspect --format "{{index .Docker.ContainerConfig.Env 1}}" test1 @@ -194,25 +194,25 @@ _EOF run_buildah inspect --format "{{index .Docker.History 2}}" test1 expect_output --substring "FROM docker.io/library/alpine:latest" - run_buildah build $WITH_POLICY_JSON --layers -t test3 -f Dockerfile.2 ${TESTDIR}/use-layers + run_buildah build $WITH_POLICY_JSON --layers -t test3 -f Dockerfile.2 ${TEST_SCRATCH_DIR}/use-layers run_buildah images -a expect_line_count 12 - mkdir -p ${TESTDIR}/use-layers/mount/subdir - run_buildah build $WITH_POLICY_JSON --layers -t test4 -f Dockerfile.3 ${TESTDIR}/use-layers + mkdir -p ${TEST_SCRATCH_DIR}/use-layers/mount/subdir + run_buildah build $WITH_POLICY_JSON --layers -t test4 -f Dockerfile.3 ${TEST_SCRATCH_DIR}/use-layers run_buildah images -a expect_line_count 14 - run_buildah build $WITH_POLICY_JSON --layers -t test5 -f Dockerfile.3 ${TESTDIR}/use-layers + run_buildah build $WITH_POLICY_JSON --layers -t test5 -f Dockerfile.3 ${TEST_SCRATCH_DIR}/use-layers run_buildah images -a expect_line_count 15 - touch ${TESTDIR}/use-layers/mount/subdir/file.txt - run_buildah build $WITH_POLICY_JSON --layers -t test6 -f Dockerfile.3 ${TESTDIR}/use-layers + touch ${TEST_SCRATCH_DIR}/use-layers/mount/subdir/file.txt + run_buildah build $WITH_POLICY_JSON --layers -t test6 -f Dockerfile.3 ${TEST_SCRATCH_DIR}/use-layers run_buildah images -a expect_line_count 17 - run_buildah build $WITH_POLICY_JSON --no-cache -t test7 -f Dockerfile.2 ${TESTDIR}/use-layers + run_buildah build $WITH_POLICY_JSON --no-cache -t test7 -f Dockerfile.2 ${TEST_SCRATCH_DIR}/use-layers run_buildah images -a expect_line_count 18 } @@ -247,30 +247,30 @@ _EOF @test "bud with --layers, multistage, and COPY with --from" { _prefetch alpine - cp -a $BUDFILES/use-layers ${TESTDIR}/use-layers + cp -a $BUDFILES/use-layers ${TEST_SCRATCH_DIR}/use-layers - mkdir -p ${TESTDIR}/use-layers/uuid - uuidgen > ${TESTDIR}/use-layers/uuid/data - mkdir -p ${TESTDIR}/use-layers/date - date > ${TESTDIR}/use-layers/date/data + mkdir -p ${TEST_SCRATCH_DIR}/use-layers/uuid + uuidgen > ${TEST_SCRATCH_DIR}/use-layers/uuid/data + mkdir -p ${TEST_SCRATCH_DIR}/use-layers/date + date > ${TEST_SCRATCH_DIR}/use-layers/date/data - run_buildah build $WITH_POLICY_JSON --layers -t test1 -f Dockerfile.multistage-copy ${TESTDIR}/use-layers + run_buildah build $WITH_POLICY_JSON --layers -t test1 -f Dockerfile.multistage-copy ${TEST_SCRATCH_DIR}/use-layers run_buildah images -a expect_line_count 6 # The second time through, the layers should all get reused. - run_buildah build $WITH_POLICY_JSON --layers -t test1 -f Dockerfile.multistage-copy ${TESTDIR}/use-layers + run_buildah build $WITH_POLICY_JSON --layers -t test1 -f Dockerfile.multistage-copy ${TEST_SCRATCH_DIR}/use-layers run_buildah images -a expect_line_count 6 # The third time through, the layers should all get reused, but we'll have a new line of output for the new name. - run_buildah build $WITH_POLICY_JSON --layers -t test2 -f Dockerfile.multistage-copy ${TESTDIR}/use-layers + run_buildah build $WITH_POLICY_JSON --layers -t test2 -f Dockerfile.multistage-copy ${TEST_SCRATCH_DIR}/use-layers run_buildah images -a expect_line_count 7 # Both interim images will be different, and all of the layers in the final image will be different. - uuidgen > ${TESTDIR}/use-layers/uuid/data - date > ${TESTDIR}/use-layers/date/data - run_buildah build $WITH_POLICY_JSON --layers -t test3 -f Dockerfile.multistage-copy ${TESTDIR}/use-layers + uuidgen > ${TEST_SCRATCH_DIR}/use-layers/uuid/data + date > ${TEST_SCRATCH_DIR}/use-layers/date/data + run_buildah build $WITH_POLICY_JSON --layers -t test3 -f Dockerfile.multistage-copy ${TEST_SCRATCH_DIR}/use-layers run_buildah images -a expect_line_count 11 # No leftover containers, just the header line. @@ -285,7 +285,7 @@ _EOF test -e $mnt/date # Layers won't get reused because this build won't use caching. - run_buildah build $WITH_POLICY_JSON -t test4 -f Dockerfile.multistage-copy ${TESTDIR}/use-layers + run_buildah build $WITH_POLICY_JSON -t test4 -f Dockerfile.multistage-copy ${TEST_SCRATCH_DIR}/use-layers run_buildah images -a expect_line_count 12 } @@ -355,34 +355,34 @@ _EOF @test "bud with --layers and symlink file" { _prefetch alpine - cp -a $BUDFILES/use-layers ${TESTDIR}/use-layers - echo 'echo "Hello World!"' > ${TESTDIR}/use-layers/hello.sh - ln -s hello.sh ${TESTDIR}/use-layers/hello_world.sh - run_buildah build $WITH_POLICY_JSON --layers -t test -f Dockerfile.4 ${TESTDIR}/use-layers + cp -a $BUDFILES/use-layers ${TEST_SCRATCH_DIR}/use-layers + echo 'echo "Hello World!"' > ${TEST_SCRATCH_DIR}/use-layers/hello.sh + ln -s hello.sh ${TEST_SCRATCH_DIR}/use-layers/hello_world.sh + run_buildah build $WITH_POLICY_JSON --layers -t test -f Dockerfile.4 ${TEST_SCRATCH_DIR}/use-layers run_buildah images -a expect_line_count 4 - run_buildah build $WITH_POLICY_JSON --layers -t test1 -f Dockerfile.4 ${TESTDIR}/use-layers + run_buildah build $WITH_POLICY_JSON --layers -t test1 -f Dockerfile.4 ${TEST_SCRATCH_DIR}/use-layers run_buildah images -a expect_line_count 5 - echo 'echo "Hello Cache!"' > ${TESTDIR}/use-layers/hello.sh - run_buildah build $WITH_POLICY_JSON --layers -t test2 -f Dockerfile.4 ${TESTDIR}/use-layers + echo 'echo "Hello Cache!"' > ${TEST_SCRATCH_DIR}/use-layers/hello.sh + run_buildah build $WITH_POLICY_JSON --layers -t test2 -f Dockerfile.4 ${TEST_SCRATCH_DIR}/use-layers run_buildah images -a expect_line_count 7 } @test "bud with --layers and dangling symlink" { _prefetch alpine - cp -a $BUDFILES/use-layers ${TESTDIR}/use-layers - mkdir ${TESTDIR}/use-layers/blah - ln -s ${TEST_SOURCES}/policy.json ${TESTDIR}/use-layers/blah/policy.json + cp -a $BUDFILES/use-layers ${TEST_SCRATCH_DIR}/use-layers + mkdir ${TEST_SCRATCH_DIR}/use-layers/blah + ln -s ${TEST_SOURCES}/policy.json ${TEST_SCRATCH_DIR}/use-layers/blah/policy.json - run_buildah build $WITH_POLICY_JSON --layers -t test -f Dockerfile.dangling-symlink ${TESTDIR}/use-layers + run_buildah build $WITH_POLICY_JSON --layers -t test -f Dockerfile.dangling-symlink ${TEST_SCRATCH_DIR}/use-layers run_buildah images -a expect_line_count 3 - run_buildah build $WITH_POLICY_JSON --layers -t test1 -f Dockerfile.dangling-symlink ${TESTDIR}/use-layers + run_buildah build $WITH_POLICY_JSON --layers -t test1 -f Dockerfile.dangling-symlink ${TEST_SCRATCH_DIR}/use-layers run_buildah images -a expect_line_count 4 @@ -506,7 +506,7 @@ _EOF @test "build with --no-cache and --layer" { _prefetch alpine - mytmpdir=${TESTDIR}/my-dir + mytmpdir=${TEST_SCRATCH_DIR}/my-dir mkdir -p $mytmpdir cat > $mytmpdir/Containerfile << _EOF FROM alpine @@ -526,7 +526,7 @@ _EOF @test "build --unsetenv PATH" { _prefetch alpine - mytmpdir=${TESTDIR}/my-dir + mytmpdir=${TEST_SCRATCH_DIR}/my-dir mkdir -p $mytmpdir cat > $mytmpdir/Containerfile << _EOF FROM alpine @@ -552,8 +552,8 @@ _EOF } @test "bud-from-scratch-untagged" { - run_buildah build --iidfile ${TESTDIR}/output.iid $WITH_POLICY_JSON $BUDFILES/from-scratch - iid=$(cat ${TESTDIR}/output.iid) + run_buildah build --iidfile ${TEST_SCRATCH_DIR}/output.iid $WITH_POLICY_JSON $BUDFILES/from-scratch + iid=$(cat ${TEST_SCRATCH_DIR}/output.iid) expect_output --substring --from="$iid" '^sha256:[0-9a-f]{64}$' run_buildah from ${iid} buildctr="$output" @@ -588,8 +588,8 @@ _EOF @test "bud-from-scratch-iid" { target=scratch-image - run_buildah build --iidfile ${TESTDIR}/output.iid $WITH_POLICY_JSON -t ${target} $BUDFILES/from-scratch - iid=$(cat ${TESTDIR}/output.iid) + run_buildah build --iidfile ${TEST_SCRATCH_DIR}/output.iid $WITH_POLICY_JSON -t ${target} $BUDFILES/from-scratch + iid=$(cat ${TEST_SCRATCH_DIR}/output.iid) expect_output --substring --from="$iid" '^sha256:[0-9a-f]{64}$' run_buildah from ${iid} expect_output "${target}-working-container" @@ -1329,9 +1329,9 @@ function _test_http() { @test "bud-logfile" { _prefetch alpine - rm -f ${TESTDIR}/logfile - run_buildah build --logfile ${TESTDIR}/logfile $WITH_POLICY_JSON $BUDFILES/preserve-volumes - test -s ${TESTDIR}/logfile + rm -f ${TEST_SCRATCH_DIR}/logfile + run_buildah build --logfile ${TEST_SCRATCH_DIR}/logfile $WITH_POLICY_JSON $BUDFILES/preserve-volumes + test -s ${TEST_SCRATCH_DIR}/logfile } @test "bud with ARGS" { @@ -1711,13 +1711,13 @@ function _test_http() { @test "bud with copy-from and cache" { _prefetch busybox target=busybox-image - run_buildah build $WITH_POLICY_JSON --layers --iidfile ${TESTDIR}/iid1 -f $BUDFILES/copy-from/Dockerfile2 $BUDFILES/copy-from - cat ${TESTDIR}/iid1 - test -s ${TESTDIR}/iid1 - run_buildah build $WITH_POLICY_JSON --layers --iidfile ${TESTDIR}/iid2 -f $BUDFILES/copy-from/Dockerfile2 $BUDFILES/copy-from - cat ${TESTDIR}/iid2 - test -s ${TESTDIR}/iid2 - cmp ${TESTDIR}/iid1 ${TESTDIR}/iid2 + run_buildah build $WITH_POLICY_JSON --layers --iidfile ${TEST_SCRATCH_DIR}/iid1 -f $BUDFILES/copy-from/Dockerfile2 $BUDFILES/copy-from + cat ${TEST_SCRATCH_DIR}/iid1 + test -s ${TEST_SCRATCH_DIR}/iid1 + run_buildah build $WITH_POLICY_JSON --layers --iidfile ${TEST_SCRATCH_DIR}/iid2 -f $BUDFILES/copy-from/Dockerfile2 $BUDFILES/copy-from + cat ${TEST_SCRATCH_DIR}/iid2 + test -s ${TEST_SCRATCH_DIR}/iid2 + cmp ${TEST_SCRATCH_DIR}/iid1 ${TEST_SCRATCH_DIR}/iid2 } @test "bud with copy-from in Dockerfile no prior FROM" { @@ -1913,7 +1913,7 @@ function _test_http() { } @test "buildah bud --volume" { - voldir=${TESTDIR}/bud-volume + voldir=${TEST_SCRATCH_DIR}/bud-volume mkdir -p ${voldir} _prefetch alpine @@ -1927,16 +1927,16 @@ function _test_http() { @test "bud-copy-dot with --layers picks up changed file" { _prefetch alpine - cp -a $BUDFILES/use-layers ${TESTDIR}/use-layers + cp -a $BUDFILES/use-layers ${TEST_SCRATCH_DIR}/use-layers - mkdir -p ${TESTDIR}/use-layers/subdir - touch ${TESTDIR}/use-layers/subdir/file.txt - run_buildah build $WITH_POLICY_JSON --layers --iidfile ${TESTDIR}/iid1 -f Dockerfile.7 ${TESTDIR}/use-layers + mkdir -p ${TEST_SCRATCH_DIR}/use-layers/subdir + touch ${TEST_SCRATCH_DIR}/use-layers/subdir/file.txt + run_buildah build $WITH_POLICY_JSON --layers --iidfile ${TEST_SCRATCH_DIR}/iid1 -f Dockerfile.7 ${TEST_SCRATCH_DIR}/use-layers - touch ${TESTDIR}/use-layers/subdir/file.txt - run_buildah build $WITH_POLICY_JSON --layers --iidfile ${TESTDIR}/iid2 -f Dockerfile.7 ${TESTDIR}/use-layers + touch ${TEST_SCRATCH_DIR}/use-layers/subdir/file.txt + run_buildah build $WITH_POLICY_JSON --layers --iidfile ${TEST_SCRATCH_DIR}/iid2 -f Dockerfile.7 ${TEST_SCRATCH_DIR}/use-layers - if [[ $(cat ${TESTDIR}/iid1) != $(cat ${TESTDIR}/iid2) ]]; then + if [[ $(cat ${TEST_SCRATCH_DIR}/iid1) != $(cat ${TEST_SCRATCH_DIR}/iid2) ]]; then echo "Expected image id to not change after touching a file copied into the image" >&2 false fi @@ -1953,7 +1953,7 @@ function _test_http() { run_buildah build --signature-policy ${TEST_SOURCES}/docker.json -t ${target} -v ${TEST_SOURCES}:/testdir $BUDFILES/mount # A deny-all policy shouldn't break pushing, since policy is only evaluated # on the source image, and we force it to allow local storage. - run_buildah push --signature-policy ${TEST_SOURCES}/deny.json ${target} dir:${TESTDIR}/mount + run_buildah push --signature-policy ${TEST_SOURCES}/deny.json ${target} dir:${TEST_SCRATCH_DIR}/mount run_buildah rmi ${target} # A docker-only policy should allow us to pull the base image first... @@ -1962,29 +1962,29 @@ function _test_http() { run_buildah build --signature-policy ${TEST_SOURCES}/deny.json -t ${target} -v ${TEST_SOURCES}:/testdir $BUDFILES/mount # A deny-all policy shouldn't break pushing, since policy is only evaluated # on the source image, and we force it to allow local storage. - run_buildah push --signature-policy ${TEST_SOURCES}/deny.json ${target} dir:${TESTDIR}/mount + run_buildah push --signature-policy ${TEST_SOURCES}/deny.json ${target} dir:${TEST_SCRATCH_DIR}/mount # Similarly, a deny-all policy shouldn't break committing directly to other locations. - run_buildah build --signature-policy ${TEST_SOURCES}/deny.json -t dir:${TESTDIR}/mount -v ${TEST_SOURCES}:/testdir $BUDFILES/mount + run_buildah build --signature-policy ${TEST_SOURCES}/deny.json -t dir:${TEST_SCRATCH_DIR}/mount -v ${TEST_SOURCES}:/testdir $BUDFILES/mount } @test "bud-copy-replace-symlink" { - mkdir -p ${TESTDIR}/top - cp $BUDFILES/symlink/Dockerfile.replace-symlink ${TESTDIR}/top/ - ln -s Dockerfile.replace-symlink ${TESTDIR}/top/symlink - echo foo > ${TESTDIR}/top/.dockerignore - run_buildah build $WITH_POLICY_JSON -f ${TESTDIR}/top/Dockerfile.replace-symlink ${TESTDIR}/top + mkdir -p ${TEST_SCRATCH_DIR}/top + cp $BUDFILES/symlink/Dockerfile.replace-symlink ${TEST_SCRATCH_DIR}/top/ + ln -s Dockerfile.replace-symlink ${TEST_SCRATCH_DIR}/top/symlink + echo foo > ${TEST_SCRATCH_DIR}/top/.dockerignore + run_buildah build $WITH_POLICY_JSON -f ${TEST_SCRATCH_DIR}/top/Dockerfile.replace-symlink ${TEST_SCRATCH_DIR}/top } @test "bud-copy-recurse" { - mkdir -p ${TESTDIR}/recurse - cp $BUDFILES/recurse/Dockerfile ${TESTDIR}/recurse - echo foo > ${TESTDIR}/recurse/.dockerignore - run_buildah build $WITH_POLICY_JSON ${TESTDIR}/recurse + mkdir -p ${TEST_SCRATCH_DIR}/recurse + cp $BUDFILES/recurse/Dockerfile ${TEST_SCRATCH_DIR}/recurse + echo foo > ${TEST_SCRATCH_DIR}/recurse/.dockerignore + run_buildah build $WITH_POLICY_JSON ${TEST_SCRATCH_DIR}/recurse } @test "bud copy with .dockerignore #1" { _prefetch alpine - mytmpdir=${TESTDIR}/my-dir + mytmpdir=${TEST_SCRATCH_DIR}/my-dir mkdir -p $mytmpdir/stuff/huge/usr/bin/ touch $mytmpdir/stuff/huge/usr/bin/{file1,file2} touch $mytmpdir/stuff/huge/usr/file3 @@ -2008,7 +2008,7 @@ _EOF @test "bud copy with .dockerignore #2" { _prefetch alpine - mytmpdir=${TESTDIR}/my-dir1 + mytmpdir=${TEST_SCRATCH_DIR}/my-dir1 mkdir -p $mytmpdir/stuff/huge/usr/bin/ touch $mytmpdir/stuff/huge/usr/bin/{file1,file2} @@ -2123,14 +2123,14 @@ _EOF @test "bud-copy-dockerignore-hardlinks" { target=image - mkdir -p ${TESTDIR}/hardlinks/subdir - cp $BUDFILES/recurse/Dockerfile ${TESTDIR}/hardlinks - echo foo > ${TESTDIR}/hardlinks/.dockerignore - echo test1 > ${TESTDIR}/hardlinks/subdir/test1.txt - ln ${TESTDIR}/hardlinks/subdir/test1.txt ${TESTDIR}/hardlinks/subdir/test2.txt - ln ${TESTDIR}/hardlinks/subdir/test2.txt ${TESTDIR}/hardlinks/test3.txt - ln ${TESTDIR}/hardlinks/test3.txt ${TESTDIR}/hardlinks/test4.txt - run_buildah build $WITH_POLICY_JSON -t ${target} ${TESTDIR}/hardlinks + mkdir -p ${TEST_SCRATCH_DIR}/hardlinks/subdir + cp $BUDFILES/recurse/Dockerfile ${TEST_SCRATCH_DIR}/hardlinks + echo foo > ${TEST_SCRATCH_DIR}/hardlinks/.dockerignore + echo test1 > ${TEST_SCRATCH_DIR}/hardlinks/subdir/test1.txt + ln ${TEST_SCRATCH_DIR}/hardlinks/subdir/test1.txt ${TEST_SCRATCH_DIR}/hardlinks/subdir/test2.txt + ln ${TEST_SCRATCH_DIR}/hardlinks/subdir/test2.txt ${TEST_SCRATCH_DIR}/hardlinks/test3.txt + ln ${TEST_SCRATCH_DIR}/hardlinks/test3.txt ${TEST_SCRATCH_DIR}/hardlinks/test4.txt + run_buildah build $WITH_POLICY_JSON -t ${target} ${TEST_SCRATCH_DIR}/hardlinks run_buildah from ${target} ctrid="$output" run_buildah mount "$ctrid" @@ -2247,9 +2247,9 @@ _EOF _prefetch alpine target=alpine-image - mkdir -p ${TESTDIR}/foo - mknod ${TESTDIR}/foo/null c 1 3 - run_buildah build $WITH_POLICY_JSON --device ${TESTDIR}/foo:/dev/fuse -t ${target} -f $BUDFILES/device/Dockerfile $BUDFILES/device + mkdir -p ${TEST_SCRATCH_DIR}/foo + mknod ${TEST_SCRATCH_DIR}/foo/null c 1 3 + run_buildah build $WITH_POLICY_JSON --device ${TEST_SCRATCH_DIR}/foo:/dev/fuse -t ${target} -f $BUDFILES/device/Dockerfile $BUDFILES/device expect_output --substring "null" } @@ -2431,14 +2431,14 @@ _EOF } @test "bud COPY with URL should fail" { - mkdir ${TESTDIR}/budcopy - FILE=${TESTDIR}/budcopy/Dockerfile.url + mkdir ${TEST_SCRATCH_DIR}/budcopy + FILE=${TEST_SCRATCH_DIR}/budcopy/Dockerfile.url /bin/cat <$FILE FROM alpine:latest COPY https://getfedora.org/index.html . EOM - run_buildah 125 build $WITH_POLICY_JSON -t foo -f ${TESTDIR}/budcopy/Dockerfile.url + run_buildah 125 build $WITH_POLICY_JSON -t foo -f ${TEST_SCRATCH_DIR}/budcopy/Dockerfile.url expect_output --substring "error building .* source can.t be a URL for COPY" } @@ -2578,30 +2578,30 @@ EOM @test "bud with encrypted FROM image" { _prefetch busybox - mkdir ${TESTDIR}/tmp - openssl genrsa -out ${TESTDIR}/tmp/mykey.pem 1024 - openssl genrsa -out ${TESTDIR}/tmp/mykey2.pem 1024 - openssl rsa -in ${TESTDIR}/tmp/mykey.pem -pubout > ${TESTDIR}/tmp/mykey.pub + mkdir ${TEST_SCRATCH_DIR}/tmp + openssl genrsa -out ${TEST_SCRATCH_DIR}/tmp/mykey.pem 1024 + openssl genrsa -out ${TEST_SCRATCH_DIR}/tmp/mykey2.pem 1024 + openssl rsa -in ${TEST_SCRATCH_DIR}/tmp/mykey.pem -pubout > ${TEST_SCRATCH_DIR}/tmp/mykey.pub start_registry - run_buildah push $WITH_POLICY_JSON --tls-verify=false --creds testuser:testpassword --encryption-key jwe:${TESTDIR}/tmp/mykey.pub busybox docker://localhost:${REGISTRY_PORT}/buildah/busybox_encrypted:latest + run_buildah push $WITH_POLICY_JSON --tls-verify=false --creds testuser:testpassword --encryption-key jwe:${TEST_SCRATCH_DIR}/tmp/mykey.pub busybox docker://localhost:${REGISTRY_PORT}/buildah/busybox_encrypted:latest target=busybox-image - echo FROM localhost:${REGISTRY_PORT}/buildah/busybox_encrypted:latest > ${TESTDIR}/tmp/Dockerfile + echo FROM localhost:${REGISTRY_PORT}/buildah/busybox_encrypted:latest > ${TEST_SCRATCH_DIR}/tmp/Dockerfile # Try to build from encrypted image without key - run_buildah 125 build $WITH_POLICY_JSON --tls-verify=false --creds testuser:testpassword -t ${target} -f ${TESTDIR}/tmp/Dockerfile + run_buildah 125 build $WITH_POLICY_JSON --tls-verify=false --creds testuser:testpassword -t ${target} -f ${TEST_SCRATCH_DIR}/tmp/Dockerfile assert "$output" =~ "missing private key needed for decryption" # Try to build from encrypted image with wrong key - run_buildah 125 build $WITH_POLICY_JSON --tls-verify=false --creds testuser:testpassword --decryption-key ${TESTDIR}/tmp/mykey2.pem -t ${target} -f ${TESTDIR}/tmp/Dockerfile + run_buildah 125 build $WITH_POLICY_JSON --tls-verify=false --creds testuser:testpassword --decryption-key ${TEST_SCRATCH_DIR}/tmp/mykey2.pem -t ${target} -f ${TEST_SCRATCH_DIR}/tmp/Dockerfile assert "$output" =~ "no suitable key found for decrypting layer key" assert "$output" =~ "- JWE: No suitable private key found for decryption" # Try to build with the correct key - run_buildah build $WITH_POLICY_JSON --tls-verify=false --creds testuser:testpassword --decryption-key ${TESTDIR}/tmp/mykey.pem -t ${target} -f ${TESTDIR}/tmp/Dockerfile + run_buildah build $WITH_POLICY_JSON --tls-verify=false --creds testuser:testpassword --decryption-key ${TEST_SCRATCH_DIR}/tmp/mykey.pem -t ${target} -f ${TEST_SCRATCH_DIR}/tmp/Dockerfile assert "$output" =~ "Successfully tagged localhost:$REGISTRY_PORT/" - rm -rf ${TESTDIR}/tmp + rm -rf ${TEST_SCRATCH_DIR}/tmp } @test "bud with --build-arg" { @@ -2680,7 +2680,7 @@ EOM run_buildah images --format "{{.Created}}" timestamp expect_output ${timestamp} - rm -rf ${TESTDIR}/tmp + rm -rf ${TEST_SCRATCH_DIR}/tmp } @test "bud timestamp compare" { @@ -2695,7 +2695,7 @@ EOM run_buildah build --timestamp=${TIMESTAMP} --quiet --pull=false $WITH_POLICY_JSON -t timestamp -f Dockerfile.1 $BUDFILES/cache-stages expect_output "$cid" - rm -rf ${TESTDIR}/tmp + rm -rf ${TEST_SCRATCH_DIR}/tmp } @test "bud with-rusage" { @@ -2708,12 +2708,12 @@ EOM @test "bud with-rusage-logfile" { _prefetch alpine - run_buildah build --log-rusage --rusage-logfile ${TESTDIR}/foo.log --layers --pull=false --format docker $WITH_POLICY_JSON $BUDFILES/shell + run_buildah build --log-rusage --rusage-logfile ${TEST_SCRATCH_DIR}/foo.log --layers --pull=false --format docker $WITH_POLICY_JSON $BUDFILES/shell # the logfile should exist - if [ ! -e ${TESTDIR}/foo.log ]; then die "rusage-logfile foo.log did not get created!"; fi + if [ ! -e ${TEST_SCRATCH_DIR}/foo.log ]; then die "rusage-logfile foo.log did not get created!"; fi # expect that foo.log only contains lines that were formatted using pkg/rusage.FormatDiff() - formatted_lines=$(grep ".*\(system\).*\(user\).*\(elapsed\).*input.*output" ${TESTDIR}/foo.log | wc -l) - line_count=$(wc -l <${TESTDIR}/foo.log) + formatted_lines=$(grep ".*\(system\).*\(user\).*\(elapsed\).*input.*output" ${TEST_SCRATCH_DIR}/foo.log | wc -l) + line_count=$(wc -l <${TEST_SCRATCH_DIR}/foo.log) if [[ "$formatted_lines" -ne "$line_count" ]]; then die "Got ${formatted_lines} lines formatted with pkg/rusage.FormatDiff() but rusage-logfile has ${line_count} lines" fi @@ -2775,7 +2775,7 @@ EOM @test "bud does not gobble stdin" { _prefetch alpine - ctxdir=${TESTDIR}/bud + ctxdir=${TEST_SCRATCH_DIR}/bud mkdir -p $ctxdir cat >$ctxdir/Dockerfile < $mytmpdir/Containerfile << _EOF FROM alpine @@ -2936,7 +2936,7 @@ _EOF @test "bud with --arch flag" { _prefetch alpine - mytmpdir=${TESTDIR}/my-dir + mytmpdir=${TEST_SCRATCH_DIR}/my-dir mkdir -p ${mytmpdir} cat > $mytmpdir/Containerfile << _EOF FROM alpine @@ -2954,7 +2954,7 @@ _EOF @test "bud with --manifest flag new manifest" { _prefetch alpine - mytmpdir=${TESTDIR}/my-dir + mytmpdir=${TEST_SCRATCH_DIR}/my-dir mkdir -p ${mytmpdir} cat > $mytmpdir/Containerfile << _EOF from alpine @@ -2975,7 +2975,7 @@ _EOF @test "bud with --manifest flag existing manifest" { _prefetch alpine - mytmpdir=${TESTDIR}/my-dir + mytmpdir=${TEST_SCRATCH_DIR}/my-dir mkdir -p ${mytmpdir} cat > $mytmpdir/Containerfile << _EOF from alpine @@ -2998,7 +2998,7 @@ _EOF @test "bud test empty newdir" { _prefetch alpine - mytmpdir=${TESTDIR}/my-dir + mytmpdir=${TEST_SCRATCH_DIR}/my-dir mkdir -p ${mytmpdir} cat > $mytmpdir/Containerfile << _EOF FROM alpine as galaxy @@ -3020,7 +3020,7 @@ _EOF @test "bud retain intermediary image" { _prefetch alpine - mytmpdir=${TESTDIR}/my-dir + mytmpdir=${TEST_SCRATCH_DIR}/my-dir mkdir -p ${mytmpdir} cat > $mytmpdir/Containerfile.a << _EOF FROM alpine @@ -3045,7 +3045,7 @@ _EOF } @test "bud --pull=false --arch test" { - mytmpdir=${TESTDIR}/my-dir + mytmpdir=${TEST_SCRATCH_DIR}/my-dir mkdir -p ${mytmpdir} cat > $mytmpdir/Containerfile << _EOF FROM registry.access.redhat.com/ubi8-minimal @@ -3070,7 +3070,7 @@ _EOF @test "bud --file with directory" { _prefetch alpine - mytmpdir=${TESTDIR}/my-dir1 + mytmpdir=${TEST_SCRATCH_DIR}/my-dir1 mkdir -p ${mytmpdir} cat > $mytmpdir/Containerfile << _EOF FROM alpine @@ -3082,23 +3082,23 @@ _EOF @test "bud --authfile" { _prefetch alpine start_registry - run_buildah login --tls-verify=false --authfile ${TESTDIR}/test.auth --username testuser --password testpassword localhost:${REGISTRY_PORT} - run_buildah push $WITH_POLICY_JSON --tls-verify=false --authfile ${TESTDIR}/test.auth alpine docker://localhost:${REGISTRY_PORT}/buildah/alpine + run_buildah login --tls-verify=false --authfile ${TEST_SCRATCH_DIR}/test.auth --username testuser --password testpassword localhost:${REGISTRY_PORT} + run_buildah push $WITH_POLICY_JSON --tls-verify=false --authfile ${TEST_SCRATCH_DIR}/test.auth alpine docker://localhost:${REGISTRY_PORT}/buildah/alpine - mytmpdir=${TESTDIR}/my-dir + mytmpdir=${TEST_SCRATCH_DIR}/my-dir mkdir -p ${mytmpdir} cat > $mytmpdir/Containerfile << _EOF FROM localhost:${REGISTRY_PORT}/buildah/alpine RUN touch /test _EOF - run_buildah build -t myalpine --authfile ${TESTDIR}/test.auth --tls-verify=false $WITH_POLICY_JSON --file ${mytmpdir} . + run_buildah build -t myalpine --authfile ${TEST_SCRATCH_DIR}/test.auth --tls-verify=false $WITH_POLICY_JSON --file ${mytmpdir} . run_buildah rmi localhost:${REGISTRY_PORT}/buildah/alpine run_buildah rmi myalpine } @test "bud with undefined build arg directory" { _prefetch alpine - mytmpdir=${TESTDIR}/my-dir1 + mytmpdir=${TEST_SCRATCH_DIR}/my-dir1 mkdir -p ${mytmpdir} cat > $mytmpdir/Containerfile << _EOF ARG SECRET="Itismysecret" @@ -3126,7 +3126,7 @@ _EOF _prefetch alpine - mytmpdir=${TESTDIR}/my-dir + mytmpdir=${TEST_SCRATCH_DIR}/my-dir mkdir -p ${mytmpdir} cat > $mytmpdir/Containerfile << _EOF from alpine @@ -3162,7 +3162,7 @@ _EOF found_runtime=y # Use seccomp to make crun output a warning message because crun writes few logs. - cat > ${TESTDIR}/seccomp.json << _EOF + cat > ${TEST_SCRATCH_DIR}/seccomp.json << _EOF { "defaultAction": "SCMP_ACT_ALLOW", "syscalls": [ @@ -3174,7 +3174,7 @@ _EOF } _EOF - run_buildah build --runtime=crun --runtime-flag=debug --security-opt seccomp=${TESTDIR}/seccomp.json \ + run_buildah build --runtime=crun --runtime-flag=debug --security-opt seccomp=${TEST_SCRATCH_DIR}/seccomp.json \ -q -t alpine-bud-crun $WITH_POLICY_JSON --file ${mytmpdir} . expect_output --substring "unknown seccomp syscall" fi @@ -3191,7 +3191,7 @@ _EOF _prefetch alpine - mytmpdir=${TESTDIR}/my-dir + mytmpdir=${TEST_SCRATCH_DIR}/my-dir mkdir -p ${mytmpdir} cat > $mytmpdir/Containerfile << _EOF from alpine @@ -3212,7 +3212,7 @@ _EOF _prefetch alpine - mytmpdir=${TESTDIR}/my-dir + mytmpdir=${TEST_SCRATCH_DIR}/my-dir mkdir -p ${mytmpdir} cat > $mytmpdir/Containerfile << _EOF from alpine @@ -3241,7 +3241,7 @@ _EOF _prefetch alpine - mytmpdir=${TESTDIR}/my-dir + mytmpdir=${TEST_SCRATCH_DIR}/my-dir mkdir -p ${mytmpdir} cat > $mytmpdir/Containerfile << _EOF from alpine @@ -3272,7 +3272,7 @@ _EOF _prefetch alpine - mytmpdir=${TESTDIR}/my-dir + mytmpdir=${TEST_SCRATCH_DIR}/my-dir mkdir -p ${mytmpdir} if is_cgroupsv2; then @@ -3294,7 +3294,7 @@ _EOF @test "bud check mount /sys/fs/cgroup" { skip_if_rootless_and_cgroupv1 - mytmpdir=${TESTDIR}/my-dir + mytmpdir=${TEST_SCRATCH_DIR}/my-dir mkdir -p ${mytmpdir} cat > $mytmpdir/Containerfile << _EOF @@ -3317,7 +3317,7 @@ _EOF local shares=12345 local expect= - mytmpdir=${TESTDIR}/my-dir + mytmpdir=${TEST_SCRATCH_DIR}/my-dir mkdir -p ${mytmpdir} if is_cgroupsv2; then @@ -3347,7 +3347,7 @@ _EOF _prefetch alpine - mytmpdir=${TESTDIR}/my-dir + mytmpdir=${TEST_SCRATCH_DIR}/my-dir mkdir -p ${mytmpdir} if is_cgroupsv2; then @@ -3375,7 +3375,7 @@ _EOF _prefetch alpine - mytmpdir=${TESTDIR}/my-dir + mytmpdir=${TEST_SCRATCH_DIR}/my-dir mkdir -p ${mytmpdir} if is_cgroupsv2; then @@ -3402,7 +3402,7 @@ _EOF _prefetch alpine - mytmpdir=${TESTDIR}/my-dir + mytmpdir=${TEST_SCRATCH_DIR}/my-dir mkdir -p ${mytmpdir} cat > $mytmpdir/Containerfile << _EOF from alpine @@ -3433,7 +3433,7 @@ _EOF _prefetch alpine - mytmpdir=${TESTDIR}/my-dir + mytmpdir=${TEST_SCRATCH_DIR}/my-dir mkdir -p ${mytmpdir} local expect_swap= @@ -3465,7 +3465,7 @@ _EOF _prefetch alpine - mytmpdir=${TESTDIR}/my-dir + mytmpdir=${TEST_SCRATCH_DIR}/my-dir mkdir -p ${mytmpdir} cat > $mytmpdir/Containerfile << _EOF from alpine @@ -3480,7 +3480,7 @@ _EOF @test "bud with --ulimit" { _prefetch alpine - mytmpdir=${TESTDIR}/my-dir + mytmpdir=${TEST_SCRATCH_DIR}/my-dir mkdir -p ${mytmpdir} cat > $mytmpdir/Containerfile << _EOF from alpine @@ -3502,7 +3502,7 @@ _EOF @test "bud with containerfile secret" { _prefetch alpine - mytmpdir=${TESTDIR}/my-dir1 + mytmpdir=${TEST_SCRATCH_DIR}/my-dir1 mkdir -p ${mytmpdir} cat > $mytmpdir/mysecret << _EOF SOMESECRETDATA @@ -3519,7 +3519,7 @@ _EOF @test "bud with containerfile secret accessed on second RUN" { _prefetch alpine - mytmpdir=${TESTDIR}/my-dir1 + mytmpdir=${TEST_SCRATCH_DIR}/my-dir1 mkdir -p ${mytmpdir} cat > $mytmpdir/mysecret << _EOF SOMESECRETDATA @@ -3532,7 +3532,7 @@ _EOF @test "bud with default mode perms" { _prefetch alpine - mytmpdir=${TESTDIR}/my-dir1 + mytmpdir=${TEST_SCRATCH_DIR}/my-dir1 mkdir -p ${mytmpdir} cat > $mytmpdir/mysecret << _EOF SOMESECRETDATA @@ -3544,7 +3544,7 @@ _EOF @test "bud with containerfile secret options" { _prefetch alpine - mytmpdir=${TESTDIR}/my-dir1 + mytmpdir=${TEST_SCRATCH_DIR}/my-dir1 mkdir -p ${mytmpdir} cat > $mytmpdir/mysecret << _EOF SOMESECRETDATA @@ -3590,7 +3590,7 @@ _EOF @test "bud with containerfile env secret priority" { _prefetch alpine - mytmpdir=${TESTDIR}/my-dir1 + mytmpdir=${TEST_SCRATCH_DIR}/my-dir1 mkdir -p ${mytmpdir} cat > $mytmpdir/mysecret << _EOF SOMESECRETDATA @@ -3757,19 +3757,19 @@ _EOF # Create target dir where we will export tar target=cleanable - mkdir ${TESTDIR}/${target} + mkdir ${TEST_SCRATCH_DIR}/${target} # Build and export container to tar run_buildah build --no-cache $WITH_POLICY_JSON -t ${target} -f $BUDFILES/containerfile/Containerfile.in $BUDFILES/containerfile - podman export $(podman create --name ${target} --net=host ${target}) --output=${TESTDIR}/${target}.tar + podman export $(podman create --name ${target} --net=host ${target}) --output=${TEST_SCRATCH_DIR}/${target}.tar # We are done exporting so remove images and containers which are not needed podman rm -f ${target} run_buildah rmi ${target} # Explode tar - tar -xf ${TESTDIR}/${target}.tar -C ${TESTDIR}/${target} - count=$(ls -A ${TESTDIR}/${target}/run | wc -l) + tar -xf ${TEST_SCRATCH_DIR}/${target}.tar -C ${TEST_SCRATCH_DIR}/${target} + count=$(ls -A ${TEST_SCRATCH_DIR}/${target}/run | wc -l) ## exported /run should be empty assert "$count" == "0" } @@ -3780,19 +3780,19 @@ _EOF # Create target dir where we will export tar target=cleanable - mkdir ${TESTDIR}/${target} + mkdir ${TEST_SCRATCH_DIR}/${target} # Build and export container to tar run_buildah build --no-cache $WITH_POLICY_JSON -t ${target} -f $BUDFILES/add-run-dir - podman export $(podman create --name ${target} --net=host ${target}) --output=${TESTDIR}/${target}.tar + podman export $(podman create --name ${target} --net=host ${target}) --output=${TEST_SCRATCH_DIR}/${target}.tar # We are done exporting so remove images and containers which are not needed podman rm -f ${target} run_buildah rmi ${target} # Explode tar - tar -xf ${TESTDIR}/${target}.tar -C ${TESTDIR}/${target} - count=$(ls -A ${TESTDIR}/${target}/run | wc -l) + tar -xf ${TEST_SCRATCH_DIR}/${target}.tar -C ${TEST_SCRATCH_DIR}/${target} + count=$(ls -A ${TEST_SCRATCH_DIR}/${target}/run | wc -l) ## exported /run should not be empty assert "$count" == "1" } @@ -3800,8 +3800,8 @@ _EOF @test "bud-with-mount-like-buildkit" { skip_if_no_runtime skip_if_in_container - cp -R $BUDFILES/buildkit-mount ${TESTDIR}/buildkit-mount - run_buildah build -t testbud $WITH_POLICY_JSON -f ${TESTDIR}/buildkit-mount/Dockerfile ${TESTDIR}/buildkit-mount/ + cp -R $BUDFILES/buildkit-mount ${TEST_SCRATCH_DIR}/buildkit-mount + run_buildah build -t testbud $WITH_POLICY_JSON -f ${TEST_SCRATCH_DIR}/buildkit-mount/Dockerfile ${TEST_SCRATCH_DIR}/buildkit-mount/ expect_output --substring "hello" run_buildah rmi -f testbud } @@ -3809,8 +3809,8 @@ _EOF @test "bud-with-mount-no-source-like-buildkit" { skip_if_no_runtime skip_if_in_container - cp -R $BUDFILES/buildkit-mount ${TESTDIR}/buildkit-mount - run_buildah build -t testbud $WITH_POLICY_JSON -f ${TESTDIR}/buildkit-mount/Dockerfile2 ${TESTDIR}/buildkit-mount/ + cp -R $BUDFILES/buildkit-mount ${TEST_SCRATCH_DIR}/buildkit-mount + run_buildah build -t testbud $WITH_POLICY_JSON -f ${TEST_SCRATCH_DIR}/buildkit-mount/Dockerfile2 ${TEST_SCRATCH_DIR}/buildkit-mount/ expect_output --substring "hello" run_buildah rmi -f testbud } @@ -3818,8 +3818,8 @@ _EOF @test "bud-with-mount-no-subdir-like-buildkit" { skip_if_no_runtime skip_if_in_container - cp -R $BUDFILES/buildkit-mount ${TESTDIR}/buildkit-mount - run_buildah build -t testbud $WITH_POLICY_JSON -f ${TESTDIR}/buildkit-mount/Dockerfile ${TESTDIR}/buildkit-mount/subdir/ + cp -R $BUDFILES/buildkit-mount ${TEST_SCRATCH_DIR}/buildkit-mount + run_buildah build -t testbud $WITH_POLICY_JSON -f ${TEST_SCRATCH_DIR}/buildkit-mount/Dockerfile ${TEST_SCRATCH_DIR}/buildkit-mount/subdir/ expect_output --substring "hello" run_buildah rmi -f testbud } @@ -3827,8 +3827,8 @@ _EOF @test "bud-with-mount-relative-path-like-buildkit" { skip_if_no_runtime skip_if_in_container - cp -R $BUDFILES/buildkit-mount ${TESTDIR}/buildkit-mount - run_buildah build -t testbud $WITH_POLICY_JSON -f ${TESTDIR}/buildkit-mount/Dockerfile4 ${TESTDIR}/buildkit-mount/ + cp -R $BUDFILES/buildkit-mount ${TEST_SCRATCH_DIR}/buildkit-mount + run_buildah build -t testbud $WITH_POLICY_JSON -f ${TEST_SCRATCH_DIR}/buildkit-mount/Dockerfile4 ${TEST_SCRATCH_DIR}/buildkit-mount/ expect_output --substring "hello" run_buildah rmi -f testbud } @@ -3836,8 +3836,8 @@ _EOF @test "bud-with-mount-with-rw-like-buildkit" { skip_if_no_runtime skip_if_in_container - cp -R $BUDFILES/buildkit-mount ${TESTDIR}/buildkit-mount - run_buildah build --isolation chroot -t testbud $WITH_POLICY_JSON -f ${TESTDIR}/buildkit-mount/Dockerfile3 ${TESTDIR}/buildkit-mount/subdir/ + cp -R $BUDFILES/buildkit-mount ${TEST_SCRATCH_DIR}/buildkit-mount + run_buildah build --isolation chroot -t testbud $WITH_POLICY_JSON -f ${TEST_SCRATCH_DIR}/buildkit-mount/Dockerfile3 ${TEST_SCRATCH_DIR}/buildkit-mount/subdir/ expect_output --substring "world" run_buildah rmi -f testbud } @@ -3845,9 +3845,9 @@ _EOF @test "bud-with-mount-with-tmpfs-like-buildkit" { skip_if_no_runtime skip_if_in_container - cp -R $BUDFILES/buildkit-mount ${TESTDIR}/buildkit-mount + cp -R $BUDFILES/buildkit-mount ${TEST_SCRATCH_DIR}/buildkit-mount # tmpfs mount: target should be available on container without creating any special directory on container - run_buildah build -t testbud $WITH_POLICY_JSON -f ${TESTDIR}/buildkit-mount/Dockerfiletmpfs + run_buildah build -t testbud $WITH_POLICY_JSON -f ${TEST_SCRATCH_DIR}/buildkit-mount/Dockerfiletmpfs [ "$status" -eq 0 ] run_buildah rmi -f testbud } @@ -3855,8 +3855,8 @@ _EOF @test "bud-with-mount-with-tmpfs-with-copyup-like-buildkit" { skip_if_no_runtime skip_if_in_container - cp -R $BUDFILES/buildkit-mount ${TESTDIR}/buildkit-mount - run_buildah build -t testbud $WITH_POLICY_JSON -f ${TESTDIR}/buildkit-mount/Dockerfiletmpfscopyup + cp -R $BUDFILES/buildkit-mount ${TEST_SCRATCH_DIR}/buildkit-mount + run_buildah build -t testbud $WITH_POLICY_JSON -f ${TEST_SCRATCH_DIR}/buildkit-mount/Dockerfiletmpfscopyup expect_output --substring "certs" run_buildah rmi -f testbud } @@ -3864,11 +3864,11 @@ _EOF @test "bud-with-mount-cache-like-buildkit" { skip_if_no_runtime skip_if_in_container - cp -R $BUDFILES/buildkit-mount ${TESTDIR}/buildkit-mount + cp -R $BUDFILES/buildkit-mount ${TEST_SCRATCH_DIR}/buildkit-mount # try writing something to persistent cache - run_buildah build -t testbud $WITH_POLICY_JSON -f ${TESTDIR}/buildkit-mount/Dockerfilecachewrite + run_buildah build -t testbud $WITH_POLICY_JSON -f ${TEST_SCRATCH_DIR}/buildkit-mount/Dockerfilecachewrite # try reading something from persistent cache in a different build - run_buildah build -t testbud2 $WITH_POLICY_JSON -f ${TESTDIR}/buildkit-mount/Dockerfilecacheread + run_buildah build -t testbud2 $WITH_POLICY_JSON -f ${TEST_SCRATCH_DIR}/buildkit-mount/Dockerfilecacheread expect_output --substring "hello" run_buildah rmi -f testbud run_buildah rmi -f testbud2 @@ -3878,9 +3878,9 @@ _EOF # Note: this test is just testing syntax for sharing, actual behviour test needs parallel build in order to test locking. skip_if_no_runtime skip_if_in_container - cp -R $BUDFILES/buildkit-mount ${TESTDIR}/buildkit-mount + cp -R $BUDFILES/buildkit-mount ${TEST_SCRATCH_DIR}/buildkit-mount # try writing something to persistent cache - run_buildah build -t testbud $WITH_POLICY_JSON -f ${TESTDIR}/buildkit-mount/Dockerfilecachewritesharing + run_buildah build -t testbud $WITH_POLICY_JSON -f ${TEST_SCRATCH_DIR}/buildkit-mount/Dockerfilecachewritesharing expect_output --substring "world" run_buildah rmi -f testbud } @@ -3892,7 +3892,7 @@ _EOF @test "build proxy" { _prefetch alpine - mytmpdir=${TESTDIR}/my-dir + mytmpdir=${TEST_SCRATCH_DIR}/my-dir mkdir -p $mytmpdir cat > $mytmpdir/Containerfile << _EOF FROM alpine @@ -3913,12 +3913,12 @@ _EOF @test "bud-with-mount-bind-from-like-buildkit" { skip_if_no_runtime skip_if_in_container - mkdir ${TESTDIR}/bud - cp -R $BUDFILES/buildkit-mount-from ${TESTDIR}/bud/buildkit-mount-from + mkdir ${TEST_SCRATCH_DIR}/bud + cp -R $BUDFILES/buildkit-mount-from ${TEST_SCRATCH_DIR}/bud/buildkit-mount-from # build base image which we will use as our `from` - run_buildah build -t buildkitbase $WITH_POLICY_JSON -f ${TESTDIR}/bud/buildkit-mount-from/Dockerfilebuildkitbase ${TESTDIR}/bud/buildkit-mount-from/ + run_buildah build -t buildkitbase $WITH_POLICY_JSON -f ${TEST_SCRATCH_DIR}/bud/buildkit-mount-from/Dockerfilebuildkitbase ${TEST_SCRATCH_DIR}/bud/buildkit-mount-from/ # try reading something from another image in a different build - run_buildah build -t testbud $WITH_POLICY_JSON -f ${TESTDIR}/bud/buildkit-mount-from/Dockerfilebindfrom + run_buildah build -t testbud $WITH_POLICY_JSON -f ${TEST_SCRATCH_DIR}/bud/buildkit-mount-from/Dockerfilebindfrom expect_output --substring "hello" run_buildah rmi -f buildkitbase run_buildah rmi -f testbud @@ -3927,12 +3927,12 @@ _EOF @test "bud-with-writeable-mount-bind-from-like-buildkit" { skip_if_no_runtime skip_if_in_container - mkdir ${TESTDIR}/bud - cp -R $BUDFILES/buildkit-mount-from ${TESTDIR}/bud/buildkit-mount-from + mkdir ${TEST_SCRATCH_DIR}/bud + cp -R $BUDFILES/buildkit-mount-from ${TEST_SCRATCH_DIR}/bud/buildkit-mount-from # build base image which we will use as our `from` - run_buildah build -t buildkitbase $WITH_POLICY_JSON -f ${TESTDIR}/bud/buildkit-mount-from/Dockerfilebuildkitbase ${TESTDIR}/bud/buildkit-mount-from/ + run_buildah build -t buildkitbase $WITH_POLICY_JSON -f ${TEST_SCRATCH_DIR}/bud/buildkit-mount-from/Dockerfilebuildkitbase ${TEST_SCRATCH_DIR}/bud/buildkit-mount-from/ # try reading something from another image in a different build - run_buildah build -t testbud $WITH_POLICY_JSON -f ${TESTDIR}/bud/buildkit-mount-from/Dockerfilebindfromwriteable + run_buildah build -t testbud $WITH_POLICY_JSON -f ${TEST_SCRATCH_DIR}/bud/buildkit-mount-from/Dockerfilebindfromwriteable expect_output --substring "world" run_buildah rmi -f buildkitbase run_buildah rmi -f testbud @@ -3941,12 +3941,12 @@ _EOF @test "bud-with-mount-bind-from-without-source-like-buildkit" { skip_if_no_runtime skip_if_in_container - mkdir ${TESTDIR}/bud - cp -R $BUDFILES/buildkit-mount-from ${TESTDIR}/bud/buildkit-mount-from + mkdir ${TEST_SCRATCH_DIR}/bud + cp -R $BUDFILES/buildkit-mount-from ${TEST_SCRATCH_DIR}/bud/buildkit-mount-from # build base image which we will use as our `from` - run_buildah build -t buildkitbase $WITH_POLICY_JSON -f ${TESTDIR}/bud/buildkit-mount-from/Dockerfilebuildkitbase ${TESTDIR}/bud/buildkit-mount-from/ + run_buildah build -t buildkitbase $WITH_POLICY_JSON -f ${TEST_SCRATCH_DIR}/bud/buildkit-mount-from/Dockerfilebuildkitbase ${TEST_SCRATCH_DIR}/bud/buildkit-mount-from/ # try reading something from another image in a different build - run_buildah build -t testbud $WITH_POLICY_JSON -f ${TESTDIR}/bud/buildkit-mount-from/Dockerfilebindfromwithoutsource + run_buildah build -t testbud $WITH_POLICY_JSON -f ${TEST_SCRATCH_DIR}/bud/buildkit-mount-from/Dockerfilebindfromwithoutsource expect_output --substring "hello" run_buildah rmi -f buildkitbase run_buildah rmi -f testbud @@ -3955,12 +3955,12 @@ _EOF @test "bud-with-mount-bind-from-with-empty-from-like-buildkit" { skip_if_no_runtime skip_if_in_container - mkdir ${TESTDIR}/bud - cp -R $BUDFILES/buildkit-mount-from ${TESTDIR}/bud/buildkit-mount-from + mkdir ${TEST_SCRATCH_DIR}/bud + cp -R $BUDFILES/buildkit-mount-from ${TEST_SCRATCH_DIR}/bud/buildkit-mount-from # build base image which we will use as our `from` - run_buildah build -t buildkitbase $WITH_POLICY_JSON -f ${TESTDIR}/bud/buildkit-mount-from/Dockerfilebuildkitbase ${TESTDIR}/bud/buildkit-mount-from/ + run_buildah build -t buildkitbase $WITH_POLICY_JSON -f ${TEST_SCRATCH_DIR}/bud/buildkit-mount-from/Dockerfilebuildkitbase ${TEST_SCRATCH_DIR}/bud/buildkit-mount-from/ # try reading something from image in a different build - run_buildah 125 build -t testbud $WITH_POLICY_JSON -f ${TESTDIR}/bud/buildkit-mount-from/Dockerfilebindfromwithemptyfrom + run_buildah 125 build -t testbud $WITH_POLICY_JSON -f ${TEST_SCRATCH_DIR}/bud/buildkit-mount-from/Dockerfilebindfromwithemptyfrom expect_output --substring "points to an empty value" run_buildah rmi -f buildkitbase } @@ -3968,10 +3968,10 @@ _EOF @test "bud-with-mount-cache-from-like-buildkit" { skip_if_no_runtime skip_if_in_container - mkdir ${TESTDIR}/bud - cp -R $BUDFILES/buildkit-mount-from ${TESTDIR}/bud/buildkit-mount-from + mkdir ${TEST_SCRATCH_DIR}/bud + cp -R $BUDFILES/buildkit-mount-from ${TEST_SCRATCH_DIR}/bud/buildkit-mount-from # try reading something from persistent cache in a different build - run_buildah build -t testbud $WITH_POLICY_JSON -f ${TESTDIR}/bud/buildkit-mount-from/Dockerfilecachefrom ${TESTDIR}/bud/buildkit-mount-from/ + run_buildah build -t testbud $WITH_POLICY_JSON -f ${TEST_SCRATCH_DIR}/bud/buildkit-mount-from/Dockerfilecachefrom ${TEST_SCRATCH_DIR}/bud/buildkit-mount-from/ expect_output --substring "hello" run_buildah rmi -f testbud } @@ -3980,14 +3980,14 @@ _EOF @test "bud-with-mount-cache-image-from-like-buildkit" { skip_if_no_runtime skip_if_in_container - mkdir ${TESTDIR}/bud - cp -R $BUDFILES/buildkit-mount-from ${TESTDIR}/bud/buildkit-mount-from + mkdir ${TEST_SCRATCH_DIR}/bud + cp -R $BUDFILES/buildkit-mount-from ${TEST_SCRATCH_DIR}/bud/buildkit-mount-from # build base image which we will use as our `from` - run_buildah build -t buildkitbase $WITH_POLICY_JSON -f ${TESTDIR}/bud/buildkit-mount-from/Dockerfilebuildkitbase ${TESTDIR}/bud/buildkit-mount-from/ + run_buildah build -t buildkitbase $WITH_POLICY_JSON -f ${TEST_SCRATCH_DIR}/bud/buildkit-mount-from/Dockerfilebuildkitbase ${TEST_SCRATCH_DIR}/bud/buildkit-mount-from/ # try reading something from persistent cache in a different build - run_buildah 125 build -t testbud $WITH_POLICY_JSON -f ${TESTDIR}/bud/buildkit-mount-from/Dockerfilecachefromimage + run_buildah 125 build -t testbud $WITH_POLICY_JSON -f ${TEST_SCRATCH_DIR}/bud/buildkit-mount-from/Dockerfilecachefromimage expect_output --substring "no stage found with name buildkitbase" run_buildah rmi -f buildkitbase } @@ -3995,10 +3995,10 @@ _EOF @test "bud-with-mount-cache-multiple-from-like-buildkit" { skip_if_no_runtime skip_if_in_container - mkdir ${TESTDIR}/bud - cp -R $BUDFILES/buildkit-mount-from ${TESTDIR}/bud/buildkit-mount-from + mkdir ${TEST_SCRATCH_DIR}/bud + cp -R $BUDFILES/buildkit-mount-from ${TEST_SCRATCH_DIR}/bud/buildkit-mount-from # try reading something from persistent cache in a different build - run_buildah build -t testbud $WITH_POLICY_JSON -f ${TESTDIR}/bud/buildkit-mount-from/Dockerfilecachemultiplefrom ${TESTDIR}/bud/buildkit-mount-from/ + run_buildah build -t testbud $WITH_POLICY_JSON -f ${TEST_SCRATCH_DIR}/bud/buildkit-mount-from/Dockerfilecachemultiplefrom ${TEST_SCRATCH_DIR}/bud/buildkit-mount-from/ expect_output --substring "hello" expect_output --substring "hello2" run_buildah rmi -f testbud @@ -4007,24 +4007,24 @@ _EOF @test "bud-with-mount-bind-from-relative-like-buildkit" { skip_if_no_runtime skip_if_in_container - mkdir ${TESTDIR}/bud - cp -R $BUDFILES/buildkit-mount-from ${TESTDIR}/bud/buildkit-mount-from + mkdir ${TEST_SCRATCH_DIR}/bud + cp -R $BUDFILES/buildkit-mount-from ${TEST_SCRATCH_DIR}/bud/buildkit-mount-from # build base image which we will use as our `from` - run_buildah build -t buildkitbaserelative $WITH_POLICY_JSON -f ${TESTDIR}/bud/buildkit-mount-from/Dockerfilebuildkitbaserelative ${TESTDIR}/bud/buildkit-mount-from/ + run_buildah build -t buildkitbaserelative $WITH_POLICY_JSON -f ${TEST_SCRATCH_DIR}/bud/buildkit-mount-from/Dockerfilebuildkitbaserelative ${TEST_SCRATCH_DIR}/bud/buildkit-mount-from/ # try reading something from image in a different build - run_buildah build -t testbud $WITH_POLICY_JSON -f ${TESTDIR}/bud/buildkit-mount-from/Dockerfilebindfromrelative + run_buildah build -t testbud $WITH_POLICY_JSON -f ${TEST_SCRATCH_DIR}/bud/buildkit-mount-from/Dockerfilebindfromrelative expect_output --substring "hello" run_buildah rmi -f buildkitbaserelative run_buildah rmi -f testbud } @test "bud-with-mount-bind-from-multistage-relative-like-buildkit" { - mkdir ${TESTDIR}/bud - cp -R $BUDFILES/buildkit-mount-from ${TESTDIR}/bud/buildkit-mount-from + mkdir ${TEST_SCRATCH_DIR}/bud + cp -R $BUDFILES/buildkit-mount-from ${TEST_SCRATCH_DIR}/bud/buildkit-mount-from skip_if_no_runtime skip_if_in_container # build base image which we will use as our `from` - run_buildah build -t testbud $WITH_POLICY_JSON -f ${TESTDIR}/bud/buildkit-mount-from/Dockerfilemultistagefrom ${TESTDIR}/bud/buildkit-mount-from/ + run_buildah build -t testbud $WITH_POLICY_JSON -f ${TEST_SCRATCH_DIR}/bud/buildkit-mount-from/Dockerfilemultistagefrom ${TEST_SCRATCH_DIR}/bud/buildkit-mount-from/ expect_output --substring "hello" run_buildah rmi -f testbud } @@ -4032,10 +4032,10 @@ _EOF @test "bud-with-mount-bind-from-cache-multistage-relative-like-buildkit" { skip_if_no_runtime skip_if_in_container - mkdir ${TESTDIR}/bud - cp -R $BUDFILES/buildkit-mount-from ${TESTDIR}/bud/buildkit-mount-from + mkdir ${TEST_SCRATCH_DIR}/bud + cp -R $BUDFILES/buildkit-mount-from ${TEST_SCRATCH_DIR}/bud/buildkit-mount-from # build base image which we will use as our `from` - run_buildah build -t testbud $WITH_POLICY_JSON -f ${TESTDIR}/bud/buildkit-mount-from/Dockerfilemultistagefromcache ${TESTDIR}/bud/buildkit-mount-from/ + run_buildah build -t testbud $WITH_POLICY_JSON -f ${TEST_SCRATCH_DIR}/bud/buildkit-mount-from/Dockerfilemultistagefromcache ${TEST_SCRATCH_DIR}/bud/buildkit-mount-from/ expect_output --substring "hello" expect_output --substring "hello2" run_buildah rmi -f testbud @@ -4071,13 +4071,13 @@ _EOF _prefetch alpine - mkfifo ${TESTDIR}/pipe + mkfifo ${TEST_SCRATCH_DIR}/pipe # start the build running in the background - don't use the function wrapper because that sets '$!' to a value that's not what we want - ${BUILDAH_BINARY} ${BUILDAH_REGISTRY_OPTS} ${ROOTDIR_OPTS} $WITH_POLICY_JSON build $BUDFILES/long-sleep > ${TESTDIR}/pipe 2>&1 & + ${BUILDAH_BINARY} ${BUILDAH_REGISTRY_OPTS} ${ROOTDIR_OPTS} $WITH_POLICY_JSON build $BUDFILES/long-sleep > ${TEST_SCRATCH_DIR}/pipe 2>&1 & buildah_pid="${!}" echo buildah is pid ${buildah_pid} # save what's written to the fifo to a plain file - coproc cat ${TESTDIR}/pipe > ${TESTDIR}/log + coproc cat ${TEST_SCRATCH_DIR}/pipe > ${TEST_SCRATCH_DIR}/log cat_pid="${COPROC_PID}" echo cat is pid ${cat_pid} # kill the buildah process early @@ -4086,7 +4086,7 @@ _EOF # wait for output to stop getting written from anywhere wait "${buildah_pid}" "${cat_pid}" echo log: - cat ${TESTDIR}/log + cat ${TEST_SCRATCH_DIR}/log echo checking: - ! grep 'not fully killed' ${TESTDIR}/log + ! grep 'not fully killed' ${TEST_SCRATCH_DIR}/log } diff --git a/tests/bud_overlay_leaks.bats b/tests/bud_overlay_leaks.bats index bdae11875..f4b1c7787 100644 --- a/tests/bud_overlay_leaks.bats +++ b/tests/bud_overlay_leaks.bats @@ -11,7 +11,7 @@ load helpers run_buildah 125 --storage-driver=overlay bud $WITH_POLICY_JSON -t ${target} --pull-never $BUDFILES/pull expect_output --substring "image not known" - leftover=$(mount | grep $TESTDIR | cat) + leftover=$(mount | grep $TEST_SCRATCH_DIR | cat) if [ -n "$leftover" ]; then die "buildah leaked a mount on error: $leftover" fi diff --git a/tests/byid.bats b/tests/byid.bats index 5a6745c00..68cf27278 100644 --- a/tests/byid.bats +++ b/tests/byid.bats @@ -61,7 +61,7 @@ load helpers echo pulling/pushing image $image _prefetch $image - TARGET=${TESTDIR}/subdir-$(basename $image) + TARGET=${TEST_SCRATCH_DIR}/subdir-$(basename $image) mkdir -p $TARGET $TARGET-truncated # Pull down the image, if we have to. diff --git a/tests/commit.bats b/tests/commit.bats index 4d3b0d0a4..9ec45f8d0 100644 --- a/tests/commit.bats +++ b/tests/commit.bats @@ -85,9 +85,9 @@ load helpers run_buildah from --quiet --pull=false $WITH_POLICY_JSON alpine cid=$output echo COMMIT - run_buildah commit $WITH_POLICY_JSON $cid "containers-storage:[vfs@${TESTDIR}/root2+${TESTDIR}/runroot2]newimage" + run_buildah commit $WITH_POLICY_JSON $cid "containers-storage:[vfs@${TEST_SCRATCH_DIR}/root2+${TEST_SCRATCH_DIR}/runroot2]newimage" echo FROM - run_buildah --storage-driver vfs --root ${TESTDIR}/root2 --runroot ${TESTDIR}/runroot2 from $WITH_POLICY_JSON newimage + run_buildah --storage-driver vfs --root ${TEST_SCRATCH_DIR}/root2 --runroot ${TEST_SCRATCH_DIR}/runroot2 from $WITH_POLICY_JSON newimage } @test "commit-rejected-name" { @@ -207,28 +207,28 @@ load helpers @test "commit encrypted local oci image" { skip_if_rootless_environment _prefetch busybox - mkdir ${TESTDIR}/tmp - openssl genrsa -out ${TESTDIR}/tmp/mykey.pem 1024 - openssl rsa -in ${TESTDIR}/tmp/mykey.pem -pubout > ${TESTDIR}/tmp/mykey.pub + mkdir ${TEST_SCRATCH_DIR}/tmp + openssl genrsa -out ${TEST_SCRATCH_DIR}/tmp/mykey.pem 1024 + openssl rsa -in ${TEST_SCRATCH_DIR}/tmp/mykey.pem -pubout > ${TEST_SCRATCH_DIR}/tmp/mykey.pub run_buildah from --quiet --pull=false $WITH_POLICY_JSON busybox cid=$output - run_buildah commit --iidfile /dev/null $WITH_POLICY_JSON --encryption-key jwe:${TESTDIR}/tmp/mykey.pub -q $cid oci:${TESTDIR}/tmp/busybox_enc - imgtype -show-manifest oci:${TESTDIR}/tmp/busybox_enc | grep "+encrypted" - rm -rf ${TESTDIR}/tmp + run_buildah commit --iidfile /dev/null $WITH_POLICY_JSON --encryption-key jwe:${TEST_SCRATCH_DIR}/tmp/mykey.pub -q $cid oci:${TEST_SCRATCH_DIR}/tmp/busybox_enc + imgtype -show-manifest oci:${TEST_SCRATCH_DIR}/tmp/busybox_enc | grep "+encrypted" + rm -rf ${TEST_SCRATCH_DIR}/tmp } @test "commit oci encrypt to registry" { _prefetch busybox - mkdir ${TESTDIR}/tmp - openssl genrsa -out ${TESTDIR}/tmp/mykey.pem 1024 - openssl rsa -in ${TESTDIR}/tmp/mykey.pem -pubout > ${TESTDIR}/tmp/mykey.pub + mkdir ${TEST_SCRATCH_DIR}/tmp + openssl genrsa -out ${TEST_SCRATCH_DIR}/tmp/mykey.pem 1024 + openssl rsa -in ${TEST_SCRATCH_DIR}/tmp/mykey.pem -pubout > ${TEST_SCRATCH_DIR}/tmp/mykey.pub start_registry run_buildah from --quiet --pull=false $WITH_POLICY_JSON busybox cid=$output - run_buildah commit --iidfile /dev/null --tls-verify=false --creds testuser:testpassword $WITH_POLICY_JSON --encryption-key jwe:${TESTDIR}/tmp/mykey.pub -q $cid docker://localhost:${REGISTRY_PORT}/buildah/busybox_encrypted:latest + run_buildah commit --iidfile /dev/null --tls-verify=false --creds testuser:testpassword $WITH_POLICY_JSON --encryption-key jwe:${TEST_SCRATCH_DIR}/tmp/mykey.pub -q $cid docker://localhost:${REGISTRY_PORT}/buildah/busybox_encrypted:latest # this test, just checks the ability to commit an image to a registry # there is no good way to test the details of the image unless with ./buildah pull, test will be in pull.bats - rm -rf ${TESTDIR}/tmp + rm -rf ${TEST_SCRATCH_DIR}/tmp } @test "commit omit-timestamp" { @@ -248,7 +248,7 @@ load helpers run_buildah run $cid ls -l /test expect_output --substring "1970" - rm -rf ${TESTDIR}/tmp + rm -rf ${TEST_SCRATCH_DIR}/tmp } @test "commit timestamp" { @@ -268,7 +268,7 @@ load helpers run_buildah run $cid ls -l /test expect_output --substring "1970" - rm -rf ${TESTDIR}/tmp + rm -rf ${TEST_SCRATCH_DIR}/tmp } @test "commit with authfile" { @@ -278,7 +278,7 @@ load helpers run_buildah run $cid touch /test start_registry - run_buildah login --authfile ${TESTDIR}/test.auth --username testuser --password testpassword --tls-verify=false localhost:${REGISTRY_PORT} - run_buildah commit --authfile ${TESTDIR}/test.auth $WITH_POLICY_JSON --tls-verify=false $cid docker://localhost:${REGISTRY_PORT}/buildah/my-busybox + run_buildah login --authfile ${TEST_SCRATCH_DIR}/test.auth --username testuser --password testpassword --tls-verify=false localhost:${REGISTRY_PORT} + run_buildah commit --authfile ${TEST_SCRATCH_DIR}/test.auth $WITH_POLICY_JSON --tls-verify=false $cid docker://localhost:${REGISTRY_PORT}/buildah/my-busybox expect_output --substring "Writing manifest to image destination" } diff --git a/tests/config.bats b/tests/config.bats index 2bcebdb86..5025b7c54 100644 --- a/tests/config.bats +++ b/tests/config.bats @@ -299,7 +299,7 @@ function check_matrix() { @test "docker formatted builds must inherit healthcheck from base image" { _prefetch busybox - ctxdir=${TESTDIR}/bud + ctxdir=${TEST_SCRATCH_DIR}/bud mkdir -p $ctxdir cat >$ctxdir/Dockerfile < ${TESTDIR}/containers.conf + sed "s/^label = true/label = false/g" ${TEST_SOURCES}/containers.conf > ${TEST_SCRATCH_DIR}/containers.conf cid=$(buildah from $WITH_POLICY_JSON alpine) - CONTAINERS_CONF=${TESTDIR}/containers.conf run_buildah 1 --log-level=error run $cid sh -c "cat /proc/self/attr/current | grep container_t" + CONTAINERS_CONF=${TEST_SCRATCH_DIR}/containers.conf run_buildah 1 --log-level=error run $cid sh -c "cat /proc/self/attr/current | grep container_t" } @test "containers.conf ulimit test" { @@ -46,11 +46,11 @@ load helpers CONTAINERS_CONF=$CONTAINERS_CONF run_buildah 1 --log-level=error run $cid ls /dev/foo1 run_buildah rm $cid - sed '/^devices.*/a "\/dev\/foo:\/dev\/foo1:rmw",' ${TEST_SOURCES}/containers.conf > ${TESTDIR}/containers.conf + sed '/^devices.*/a "\/dev\/foo:\/dev\/foo1:rmw",' ${TEST_SOURCES}/containers.conf > ${TEST_SCRATCH_DIR}/containers.conf rm -f /dev/foo; mknod /dev/foo c 1 1 - CONTAINERS_CONF=${TESTDIR}/containers.conf run_buildah from --quiet $WITH_POLICY_JSON alpine + CONTAINERS_CONF=${TEST_SCRATCH_DIR}/containers.conf run_buildah from --quiet $WITH_POLICY_JSON alpine cid="$output" - CONTAINERS_CONF=${TESTDIR}/containers.conf run_buildah --log-level=error run $cid ls /dev/foo1 + CONTAINERS_CONF=${TEST_SCRATCH_DIR}/containers.conf run_buildah --log-level=error run $cid ls /dev/foo1 rm -f /dev/foo } @@ -64,11 +64,11 @@ load helpers expect_output "00000000a80425fb" run_buildah rm $cid - sed "/AUDIT_WRITE/d" ${TEST_SOURCES}/containers.conf > ${TESTDIR}/containers.conf - CONTAINERS_CONF=${TESTDIR}/containers.conf run_buildah from --quiet $WITH_POLICY_JSON alpine + sed "/AUDIT_WRITE/d" ${TEST_SOURCES}/containers.conf > ${TEST_SCRATCH_DIR}/containers.conf + CONTAINERS_CONF=${TEST_SCRATCH_DIR}/containers.conf run_buildah from --quiet $WITH_POLICY_JSON alpine cid="$output" - CONTAINERS_CONF=${TESTDIR}/containers.conf run_buildah --log-level=error run $cid sh -c 'grep CapEff /proc/self/status | cut -f2' + CONTAINERS_CONF=${TEST_SCRATCH_DIR}/containers.conf run_buildah --log-level=error run $cid sh -c 'grep CapEff /proc/self/status | cut -f2' run_buildah rm $cid test "$output" != "$CapEff" @@ -93,16 +93,16 @@ load helpers test -x /usr/bin/crun || skip "/usr/bin/crun doesn't exist" - ln -s /usr/bin/crun ${TESTDIR}/runtime + ln -s /usr/bin/crun ${TEST_SCRATCH_DIR}/runtime - cat >${TESTDIR}/containers.conf << EOF + cat >${TEST_SCRATCH_DIR}/containers.conf << EOF [engine] runtime = "nonstandard_runtime_name" [engine.runtimes] -nonstandard_runtime_name = ["${TESTDIR}/runtime"] +nonstandard_runtime_name = ["${TEST_SCRATCH_DIR}/runtime"] EOF _prefetch alpine cid=$(buildah from $WITH_POLICY_JSON alpine) - CONTAINERS_CONF=${TESTDIR}/containers.conf run_buildah --log-level=error run $cid true + CONTAINERS_CONF=${TEST_SCRATCH_DIR}/containers.conf run_buildah --log-level=error run $cid true } diff --git a/tests/copy.bats b/tests/copy.bats index 163c1d784..2f300d2f4 100644 --- a/tests/copy.bats +++ b/tests/copy.bats @@ -14,23 +14,23 @@ load helpers } @test "copy-local-multiple" { - createrandom ${TESTDIR}/randomfile - createrandom ${TESTDIR}/other-randomfile - createrandom ${TESTDIR}/third-randomfile + createrandom ${TEST_SCRATCH_DIR}/randomfile + createrandom ${TEST_SCRATCH_DIR}/other-randomfile + createrandom ${TEST_SCRATCH_DIR}/third-randomfile run_buildah from $WITH_POLICY_JSON scratch cid=$output run_buildah mount $cid root=$output run_buildah config --workingdir / $cid - # copy ${TESTDIR}/randomfile to a file of the same name in the container's working directory - run_buildah copy $cid ${TESTDIR}/randomfile - # copy ${TESTDIR}/other-randomfile and ${TESTDIR}/third-randomfile to a new directory named ${TESTDIR}/randomfile in the container - run_buildah copy $cid ${TESTDIR}/other-randomfile ${TESTDIR}/third-randomfile ${TESTDIR}/randomfile - # try to copy ${TESTDIR}/other-randomfile and ${TESTDIR}/third-randomfile to a /randomfile, which already exists and is a file - run_buildah 125 copy $cid ${TESTDIR}/other-randomfile ${TESTDIR}/third-randomfile /randomfile - # copy ${TESTDIR}/other-randomfile and ${TESTDIR}/third-randomfile to previously-created directory named ${TESTDIR}/randomfile in the container - run_buildah copy $cid ${TESTDIR}/other-randomfile ${TESTDIR}/third-randomfile ${TESTDIR}/randomfile + # copy ${TEST_SCRATCH_DIR}/randomfile to a file of the same name in the container's working directory + run_buildah copy $cid ${TEST_SCRATCH_DIR}/randomfile + # copy ${TEST_SCRATCH_DIR}/other-randomfile and ${TEST_SCRATCH_DIR}/third-randomfile to a new directory named ${TEST_SCRATCH_DIR}/randomfile in the container + run_buildah copy $cid ${TEST_SCRATCH_DIR}/other-randomfile ${TEST_SCRATCH_DIR}/third-randomfile ${TEST_SCRATCH_DIR}/randomfile + # try to copy ${TEST_SCRATCH_DIR}/other-randomfile and ${TEST_SCRATCH_DIR}/third-randomfile to a /randomfile, which already exists and is a file + run_buildah 125 copy $cid ${TEST_SCRATCH_DIR}/other-randomfile ${TEST_SCRATCH_DIR}/third-randomfile /randomfile + # copy ${TEST_SCRATCH_DIR}/other-randomfile and ${TEST_SCRATCH_DIR}/third-randomfile to previously-created directory named ${TEST_SCRATCH_DIR}/randomfile in the container + run_buildah copy $cid ${TEST_SCRATCH_DIR}/other-randomfile ${TEST_SCRATCH_DIR}/third-randomfile ${TEST_SCRATCH_DIR}/randomfile run_buildah rm $cid _prefetch alpine @@ -39,8 +39,8 @@ load helpers run_buildah mount $cid root=$output run_buildah config --workingdir / $cid - run_buildah copy $cid ${TESTDIR}/randomfile - run_buildah copy $cid ${TESTDIR}/other-randomfile ${TESTDIR}/third-randomfile ${TESTDIR}/randomfile /etc + run_buildah copy $cid ${TEST_SCRATCH_DIR}/randomfile + run_buildah copy $cid ${TEST_SCRATCH_DIR}/other-randomfile ${TEST_SCRATCH_DIR}/third-randomfile ${TEST_SCRATCH_DIR}/randomfile /etc run_buildah rm $cid run_buildah from --quiet --pull=false $WITH_POLICY_JSON alpine @@ -48,22 +48,22 @@ load helpers run_buildah mount $cid root=$output run_buildah config --workingdir / $cid - run_buildah copy $cid "${TESTDIR}/*randomfile" /etc - (cd ${TESTDIR}; for i in *randomfile; do cmp $i ${root}/etc/$i; done) + run_buildah copy $cid "${TEST_SCRATCH_DIR}/*randomfile" /etc + (cd ${TEST_SCRATCH_DIR}; for i in *randomfile; do cmp $i ${root}/etc/$i; done) } @test "copy-local-plain" { - createrandom ${TESTDIR}/randomfile - createrandom ${TESTDIR}/other-randomfile - createrandom ${TESTDIR}/third-randomfile + createrandom ${TEST_SCRATCH_DIR}/randomfile + createrandom ${TEST_SCRATCH_DIR}/other-randomfile + createrandom ${TEST_SCRATCH_DIR}/third-randomfile run_buildah from $WITH_POLICY_JSON scratch cid=$output run_buildah mount $cid root=$output run_buildah config --workingdir / $cid - run_buildah copy $cid ${TESTDIR}/randomfile - run_buildah copy $cid ${TESTDIR}/other-randomfile + run_buildah copy $cid ${TEST_SCRATCH_DIR}/randomfile + run_buildah copy $cid ${TEST_SCRATCH_DIR}/other-randomfile run_buildah unmount $cid run_buildah commit $WITH_POLICY_JSON $cid containers-storage:new-image run_buildah rm $cid @@ -73,98 +73,98 @@ load helpers run_buildah mount $newcid newroot=$output test -s $newroot/randomfile - cmp ${TESTDIR}/randomfile $newroot/randomfile + cmp ${TEST_SCRATCH_DIR}/randomfile $newroot/randomfile test -s $newroot/other-randomfile - cmp ${TESTDIR}/other-randomfile $newroot/other-randomfile + cmp ${TEST_SCRATCH_DIR}/other-randomfile $newroot/other-randomfile } @test "copy-local-subdirectory" { - mkdir -p ${TESTDIR}/subdir - createrandom ${TESTDIR}/subdir/randomfile - createrandom ${TESTDIR}/subdir/other-randomfile + mkdir -p ${TEST_SCRATCH_DIR}/subdir + createrandom ${TEST_SCRATCH_DIR}/subdir/randomfile + createrandom ${TEST_SCRATCH_DIR}/subdir/other-randomfile run_buildah from $WITH_POLICY_JSON scratch cid=$output run_buildah config --workingdir /container-subdir $cid - run_buildah copy $cid ${TESTDIR}/subdir + run_buildah copy $cid ${TEST_SCRATCH_DIR}/subdir run_buildah mount $cid root=$output test -s $root/container-subdir/randomfile - cmp ${TESTDIR}/subdir/randomfile $root/container-subdir/randomfile + cmp ${TEST_SCRATCH_DIR}/subdir/randomfile $root/container-subdir/randomfile test -s $root/container-subdir/other-randomfile - cmp ${TESTDIR}/subdir/other-randomfile $root/container-subdir/other-randomfile - run_buildah copy $cid ${TESTDIR}/subdir /other-subdir + cmp ${TEST_SCRATCH_DIR}/subdir/other-randomfile $root/container-subdir/other-randomfile + run_buildah copy $cid ${TEST_SCRATCH_DIR}/subdir /other-subdir test -s $root/other-subdir/randomfile - cmp ${TESTDIR}/subdir/randomfile $root/other-subdir/randomfile + cmp ${TEST_SCRATCH_DIR}/subdir/randomfile $root/other-subdir/randomfile test -s $root/other-subdir/other-randomfile - cmp ${TESTDIR}/subdir/other-randomfile $root/other-subdir/other-randomfile + cmp ${TEST_SCRATCH_DIR}/subdir/other-randomfile $root/other-subdir/other-randomfile } @test "copy-local-force-directory" { - createrandom ${TESTDIR}/randomfile + createrandom ${TEST_SCRATCH_DIR}/randomfile run_buildah from $WITH_POLICY_JSON scratch cid=$output run_buildah config --workingdir / $cid - run_buildah copy $cid ${TESTDIR}/randomfile /randomfile + run_buildah copy $cid ${TEST_SCRATCH_DIR}/randomfile /randomfile run_buildah mount $cid root=$output test -s $root/randomfile - cmp ${TESTDIR}/randomfile $root/randomfile + cmp ${TEST_SCRATCH_DIR}/randomfile $root/randomfile run_buildah rm $cid run_buildah from $WITH_POLICY_JSON scratch cid=$output run_buildah config --workingdir / $cid - run_buildah copy $cid ${TESTDIR}/randomfile /randomsubdir/ + run_buildah copy $cid ${TEST_SCRATCH_DIR}/randomfile /randomsubdir/ run_buildah mount $cid root=$output test -s $root/randomsubdir/randomfile - cmp ${TESTDIR}/randomfile $root/randomsubdir/randomfile + cmp ${TEST_SCRATCH_DIR}/randomfile $root/randomsubdir/randomfile } @test "copy-url-mtime" { # Create a file with random content and a non-now timestamp (so we can # can trust that buildah correctly set mtime on copy) - createrandom ${TESTDIR}/randomfile - touch -t 201910310123.45 ${TESTDIR}/randomfile + createrandom ${TEST_SCRATCH_DIR}/randomfile + touch -t 201910310123.45 ${TEST_SCRATCH_DIR}/randomfile run_buildah from $WITH_POLICY_JSON scratch cid=$output run_buildah config --workingdir / $cid - starthttpd ${TESTDIR} + starthttpd ${TEST_SCRATCH_DIR} run_buildah copy $cid http://0.0.0.0:${HTTP_SERVER_PORT}/randomfile /urlfile stophttpd run_buildah mount $cid root=$output test -s $root/urlfile - cmp ${TESTDIR}/randomfile $root/urlfile + cmp ${TEST_SCRATCH_DIR}/randomfile $root/urlfile # Compare timestamps. Display them in human-readable form, so if there's # a mismatch it will be shown in the test log. - mtime_randomfile=$(stat --format %y ${TESTDIR}/randomfile) + mtime_randomfile=$(stat --format %y ${TEST_SCRATCH_DIR}/randomfile) mtime_urlfile=$(stat --format %y $root/urlfile) expect_output --from="$mtime_randomfile" "$mtime_urlfile" "mtime[randomfile] == mtime[urlfile]" } @test "copy --chown" { - mkdir -p ${TESTDIR}/subdir - mkdir -p ${TESTDIR}/other-subdir - createrandom ${TESTDIR}/subdir/randomfile - createrandom ${TESTDIR}/subdir/other-randomfile - createrandom ${TESTDIR}/randomfile - createrandom ${TESTDIR}/other-subdir/randomfile - createrandom ${TESTDIR}/other-subdir/other-randomfile + mkdir -p ${TEST_SCRATCH_DIR}/subdir + mkdir -p ${TEST_SCRATCH_DIR}/other-subdir + createrandom ${TEST_SCRATCH_DIR}/subdir/randomfile + createrandom ${TEST_SCRATCH_DIR}/subdir/other-randomfile + createrandom ${TEST_SCRATCH_DIR}/randomfile + createrandom ${TEST_SCRATCH_DIR}/other-subdir/randomfile + createrandom ${TEST_SCRATCH_DIR}/other-subdir/other-randomfile _prefetch alpine run_buildah from --quiet $WITH_POLICY_JSON alpine cid=$output run_buildah config --workingdir / $cid - run_buildah copy --chown 1:1 $cid ${TESTDIR}/randomfile - run_buildah copy --chown root:1 $cid ${TESTDIR}/randomfile /randomfile2 - run_buildah copy --chown nobody $cid ${TESTDIR}/randomfile /randomfile3 - run_buildah copy --chown nobody:root $cid ${TESTDIR}/subdir /subdir + run_buildah copy --chown 1:1 $cid ${TEST_SCRATCH_DIR}/randomfile + run_buildah copy --chown root:1 $cid ${TEST_SCRATCH_DIR}/randomfile /randomfile2 + run_buildah copy --chown nobody $cid ${TEST_SCRATCH_DIR}/randomfile /randomfile3 + run_buildah copy --chown nobody:root $cid ${TEST_SCRATCH_DIR}/subdir /subdir run_buildah run $cid stat -c "%u:%g" /randomfile expect_output "1:1" "stat ug /randomfile" @@ -183,7 +183,7 @@ load helpers run_buildah run $cid stat -c "%U:%G" /subdir expect_output "nobody:root" "stat UG /subdir" - run_buildah copy --chown root:root $cid ${TESTDIR}/other-subdir /subdir + run_buildah copy --chown root:root $cid ${TEST_SCRATCH_DIR}/other-subdir /subdir for i in randomfile other-randomfile ; do run_buildah run $cid stat -c "%U:%G" /subdir/$i expect_output "root:root" "stat UG /subdir/$i (after chown)" @@ -195,22 +195,22 @@ load helpers } @test "copy --chmod" { - mkdir -p ${TESTDIR}/subdir - mkdir -p ${TESTDIR}/other-subdir - createrandom ${TESTDIR}/subdir/randomfile - createrandom ${TESTDIR}/subdir/other-randomfile - createrandom ${TESTDIR}/randomfile - createrandom ${TESTDIR}/other-subdir/randomfile - createrandom ${TESTDIR}/other-subdir/other-randomfile + mkdir -p ${TEST_SCRATCH_DIR}/subdir + mkdir -p ${TEST_SCRATCH_DIR}/other-subdir + createrandom ${TEST_SCRATCH_DIR}/subdir/randomfile + createrandom ${TEST_SCRATCH_DIR}/subdir/other-randomfile + createrandom ${TEST_SCRATCH_DIR}/randomfile + createrandom ${TEST_SCRATCH_DIR}/other-subdir/randomfile + createrandom ${TEST_SCRATCH_DIR}/other-subdir/other-randomfile _prefetch alpine run_buildah from --quiet $WITH_POLICY_JSON alpine cid=$output run_buildah config --workingdir / $cid - run_buildah copy --chmod 777 $cid ${TESTDIR}/randomfile - run_buildah copy --chmod 700 $cid ${TESTDIR}/randomfile /randomfile2 - run_buildah copy --chmod 755 $cid ${TESTDIR}/randomfile /randomfile3 - run_buildah copy --chmod 660 $cid ${TESTDIR}/subdir /subdir + run_buildah copy --chmod 777 $cid ${TEST_SCRATCH_DIR}/randomfile + run_buildah copy --chmod 700 $cid ${TEST_SCRATCH_DIR}/randomfile /randomfile2 + run_buildah copy --chmod 755 $cid ${TEST_SCRATCH_DIR}/randomfile /randomfile3 + run_buildah copy --chmod 660 $cid ${TEST_SCRATCH_DIR}/subdir /subdir run_buildah run $cid ls -l /randomfile expect_output --substring rwxrwxrwx @@ -229,7 +229,7 @@ load helpers run_buildah run $cid ls -l /subdir expect_output --substring rw-rw---- - run_buildah copy --chmod 600 $cid ${TESTDIR}/other-subdir /subdir + run_buildah copy --chmod 600 $cid ${TEST_SCRATCH_DIR}/other-subdir /subdir for i in randomfile other-randomfile ; do run_buildah run $cid ls -l /subdir/$i expect_output --substring rw------- @@ -237,15 +237,15 @@ load helpers } @test "copy-symlink" { - createrandom ${TESTDIR}/randomfile - ln -s ${TESTDIR}/randomfile ${TESTDIR}/link-randomfile + createrandom ${TEST_SCRATCH_DIR}/randomfile + ln -s ${TEST_SCRATCH_DIR}/randomfile ${TEST_SCRATCH_DIR}/link-randomfile run_buildah from $WITH_POLICY_JSON scratch cid=$output run_buildah mount $cid root=$output run_buildah config --workingdir / $cid - run_buildah copy $cid ${TESTDIR}/link-randomfile + run_buildah copy $cid ${TEST_SCRATCH_DIR}/link-randomfile run_buildah unmount $cid run_buildah commit $WITH_POLICY_JSON $cid containers-storage:new-image run_buildah rm $cid @@ -256,22 +256,22 @@ load helpers newroot=$output test -s $newroot/link-randomfile test -f $newroot/link-randomfile - cmp ${TESTDIR}/randomfile $newroot/link-randomfile + cmp ${TEST_SCRATCH_DIR}/randomfile $newroot/link-randomfile } @test "ignore-socket" { - createrandom ${TESTDIR}/randomfile + createrandom ${TEST_SCRATCH_DIR}/randomfile # This seems to be the least-worst way to create a socket: run and kill nc - nc -lkU ${TESTDIR}/test.socket & + nc -lkU ${TEST_SCRATCH_DIR}/test.socket & nc_pid=$! # This should succeed fairly quickly. We test with a timeout in case of # failure (likely reason: 'nc' not installed.) retries=50 - while ! test -e ${TESTDIR}/test.socket; do + while ! test -e ${TEST_SCRATCH_DIR}/test.socket; do sleep 0.1 retries=$((retries - 1)) if [[ $retries -eq 0 ]]; then - die "Timed out waiting for ${TESTDIR}/test.socket (is nc installed?)" + die "Timed out waiting for ${TEST_SCRATCH_DIR}/test.socket (is nc installed?)" fi done kill $nc_pid @@ -293,15 +293,15 @@ load helpers } @test "copy-symlink-archive-suffix" { - createrandom ${TESTDIR}/randomfile.tar.gz - ln -s ${TESTDIR}/randomfile.tar.gz ${TESTDIR}/link-randomfile.tar.gz + createrandom ${TEST_SCRATCH_DIR}/randomfile.tar.gz + ln -s ${TEST_SCRATCH_DIR}/randomfile.tar.gz ${TEST_SCRATCH_DIR}/link-randomfile.tar.gz run_buildah from $WITH_POLICY_JSON scratch cid=$output run_buildah mount $cid root=$output run_buildah config --workingdir / $cid - run_buildah copy $cid ${TESTDIR}/link-randomfile.tar.gz + run_buildah copy $cid ${TEST_SCRATCH_DIR}/link-randomfile.tar.gz run_buildah unmount $cid run_buildah commit $WITH_POLICY_JSON $cid containers-storage:new-image run_buildah rm $cid @@ -312,22 +312,22 @@ load helpers newroot=$output test -s $newroot/link-randomfile.tar.gz test -f $newroot/link-randomfile.tar.gz - cmp ${TESTDIR}/randomfile.tar.gz $newroot/link-randomfile.tar.gz + cmp ${TEST_SCRATCH_DIR}/randomfile.tar.gz $newroot/link-randomfile.tar.gz } @test "copy-detect-missing-data" { _prefetch busybox - : > ${TESTDIR}/Dockerfile - echo FROM busybox AS builder >> ${TESTDIR}/Dockerfile - echo FROM scratch >> ${TESTDIR}/Dockerfile - echo COPY --from=builder /bin/-no-such-file-error- /usr/bin >> ${TESTDIR}/Dockerfile - run_buildah 125 build-using-dockerfile $WITH_POLICY_JSON ${TESTDIR} + : > ${TEST_SCRATCH_DIR}/Dockerfile + echo FROM busybox AS builder >> ${TEST_SCRATCH_DIR}/Dockerfile + echo FROM scratch >> ${TEST_SCRATCH_DIR}/Dockerfile + echo COPY --from=builder /bin/-no-such-file-error- /usr/bin >> ${TEST_SCRATCH_DIR}/Dockerfile + run_buildah 125 build-using-dockerfile $WITH_POLICY_JSON ${TEST_SCRATCH_DIR} expect_output --substring "no such file or directory" } @test "copy --ignorefile" { - mytest=${TESTDIR}/mytest + mytest=${TEST_SCRATCH_DIR}/mytest mkdir -p ${mytest} touch ${mytest}/mystuff touch ${mytest}/source.go @@ -360,27 +360,27 @@ stuff/mystuff" } @test "copy-quiet" { - createrandom ${TESTDIR}/randomfile + createrandom ${TEST_SCRATCH_DIR}/randomfile _prefetch alpine run_buildah from --quiet --pull=false $WITH_POLICY_JSON alpine cid=$output run_buildah mount $cid root=$output - run_buildah copy --quiet $cid ${TESTDIR}/randomfile / + run_buildah copy --quiet $cid ${TEST_SCRATCH_DIR}/randomfile / expect_output "" - cmp ${TESTDIR}/randomfile $root/randomfile + cmp ${TEST_SCRATCH_DIR}/randomfile $root/randomfile run_buildah umount $cid run_buildah rm $cid } @test "copy-from-container" { _prefetch busybox - createrandom ${TESTDIR}/randomfile + createrandom ${TEST_SCRATCH_DIR}/randomfile run_buildah from --quiet $WITH_POLICY_JSON busybox from=$output run_buildah from --quiet $WITH_POLICY_JSON busybox cid=$output - run_buildah copy --quiet $from ${TESTDIR}/randomfile /tmp/random + run_buildah copy --quiet $from ${TEST_SCRATCH_DIR}/randomfile /tmp/random expect_output "" run_buildah copy --quiet $WITH_POLICY_JSON --from $from $cid /tmp/random /tmp/random # absolute path expect_output "" @@ -388,25 +388,25 @@ stuff/mystuff" expect_output "" run_buildah mount $cid croot=$output - cmp ${TESTDIR}/randomfile ${croot}/tmp/random - cmp ${TESTDIR}/randomfile ${croot}/tmp/random2 + cmp ${TEST_SCRATCH_DIR}/randomfile ${croot}/tmp/random + cmp ${TEST_SCRATCH_DIR}/randomfile ${croot}/tmp/random2 } @test "copy-container-root" { _prefetch busybox - createrandom ${TESTDIR}/randomfile + createrandom ${TEST_SCRATCH_DIR}/randomfile run_buildah from --quiet $WITH_POLICY_JSON busybox from=$output run_buildah from --quiet $WITH_POLICY_JSON busybox cid=$output - run_buildah copy --quiet $from ${TESTDIR}/randomfile /tmp/random + run_buildah copy --quiet $from ${TEST_SCRATCH_DIR}/randomfile /tmp/random expect_output "" run_buildah copy --quiet $WITH_POLICY_JSON --from $from $cid / /tmp/ expect_output "" || \ expect_output --substring "copier: file disappeared while reading" run_buildah mount $cid croot=$output - cmp ${TESTDIR}/randomfile ${croot}/tmp/tmp/random + cmp ${TEST_SCRATCH_DIR}/randomfile ${croot}/tmp/tmp/random } @test "add-from-image" { @@ -445,16 +445,16 @@ stuff/mystuff" } @test "copy-preserving-extended-attributes" { - createrandom ${TESTDIR}/randomfile + createrandom ${TEST_SCRATCH_DIR}/randomfile # if we need to change which image we use, any image that can provide a working setattr/setcap/getfattr will do image="quay.io/libpod/fedora-minimal:34" if ! which setfattr > /dev/null 2> /dev/null; then - skip "setfattr not available, unable to check if it'll work in filesystem at ${TESTDIR}" + skip "setfattr not available, unable to check if it'll work in filesystem at ${TEST_SCRATCH_DIR}" fi - run setfattr -n user.yeah -v butno ${TESTDIR}/root + run setfattr -n user.yeah -v butno ${TEST_SCRATCH_DIR}/root if [ "$status" -ne 0 ] ; then if [[ "$output" =~ "not supported" ]] ; then - skip "setfattr not supported in filesystem at ${TESTDIR}" + skip "setfattr not supported in filesystem at ${TEST_SCRATCH_DIR}" fi skip "$output" fi @@ -462,7 +462,7 @@ stuff/mystuff" run_buildah from --quiet $WITH_POLICY_JSON $image first="$output" run_buildah run $first microdnf -y install /usr/bin/setfattr /usr/sbin/setcap - run_buildah copy $first ${TESTDIR}/randomfile / + run_buildah copy $first ${TEST_SCRATCH_DIR}/randomfile / # set security.capability run_buildah run $first setcap cap_setuid=ep /randomfile # set user.something @@ -482,13 +482,13 @@ stuff/mystuff" @test "copy-relative-context-dir" { image=busybox _prefetch $image - mkdir -p ${TESTDIR}/context - createrandom ${TESTDIR}/context/excluded_test_file - createrandom ${TESTDIR}/context/test_file - echo excluded_test_file | tee ${TESTDIR}/context/.containerignore | tee ${TESTDIR}/context/.dockerignore + mkdir -p ${TEST_SCRATCH_DIR}/context + createrandom ${TEST_SCRATCH_DIR}/context/excluded_test_file + createrandom ${TEST_SCRATCH_DIR}/context/test_file + echo excluded_test_file | tee ${TEST_SCRATCH_DIR}/context/.containerignore | tee ${TEST_SCRATCH_DIR}/context/.dockerignore run_buildah from --quiet $WITH_POLICY_JSON $image ctr="$output" - cd ${TESTDIR}/context + cd ${TEST_SCRATCH_DIR}/context run_buildah copy --contextdir . $ctr / /opt/ run_buildah run $ctr ls -1 /opt/ expect_line_count 1 diff --git a/tests/digest.bats b/tests/digest.bats index 84a917f99..3a63e17dd 100644 --- a/tests/digest.bats +++ b/tests/digest.bats @@ -17,7 +17,7 @@ fromreftest() { fi # This is all we test: basically, that buildah doesn't crash when pushing - pushdir=${TESTDIR}/fromreftest + pushdir=${TEST_SCRATCH_DIR}/fromreftest mkdir -p ${pushdir}/{1,2,3} run_buildah push $WITH_POLICY_JSON $img dir:${pushdir}/1 run_buildah commit $WITH_POLICY_JSON $cid new-image diff --git a/tests/from.bats b/tests/from.bats index aa132e565..5694adbd1 100644 --- a/tests/from.bats +++ b/tests/from.bats @@ -32,7 +32,7 @@ load helpers } @test "commit-to-from-elsewhere" { - elsewhere=${TESTDIR}/elsewhere-img + elsewhere=${TEST_SCRATCH_DIR}/elsewhere-img mkdir -p ${elsewhere} run_buildah from --pull $WITH_POLICY_JSON scratch @@ -123,22 +123,22 @@ load helpers run_buildah from --quiet --pull=true $WITH_POLICY_JSON docker:latest run_buildah rm $output - run_buildah push $WITH_POLICY_JSON alpine docker-archive:${TESTDIR}/docker-alp.tar:alpine - run_buildah push $WITH_POLICY_JSON alpine oci-archive:${TESTDIR}/oci-alp.tar:alpine - run_buildah push $WITH_POLICY_JSON alpine dir:${TESTDIR}/alp-dir + run_buildah push $WITH_POLICY_JSON alpine docker-archive:${TEST_SCRATCH_DIR}/docker-alp.tar:alpine + run_buildah push $WITH_POLICY_JSON alpine oci-archive:${TEST_SCRATCH_DIR}/oci-alp.tar:alpine + run_buildah push $WITH_POLICY_JSON alpine dir:${TEST_SCRATCH_DIR}/alp-dir run_buildah rmi alpine - run_buildah from --quiet $WITH_POLICY_JSON docker-archive:${TESTDIR}/docker-alp.tar + run_buildah from --quiet $WITH_POLICY_JSON docker-archive:${TEST_SCRATCH_DIR}/docker-alp.tar expect_output "alpine-working-container" run_buildah rm ${output} run_buildah rmi alpine - run_buildah from --quiet $WITH_POLICY_JSON oci-archive:${TESTDIR}/oci-alp.tar + run_buildah from --quiet $WITH_POLICY_JSON oci-archive:${TEST_SCRATCH_DIR}/oci-alp.tar expect_output "alpine-working-container" run_buildah rm ${output} run_buildah rmi alpine - run_buildah from --quiet $WITH_POLICY_JSON dir:${TESTDIR}/alp-dir + run_buildah from --quiet $WITH_POLICY_JSON dir:${TEST_SCRATCH_DIR}/alp-dir expect_output "dir-working-container" } @@ -147,16 +147,16 @@ load helpers run_buildah from --quiet --pull=true $WITH_POLICY_JSON alpine run_buildah rm $output - run_buildah push $WITH_POLICY_JSON alpine docker-archive:${TESTDIR}/docker-alp.tar - run_buildah push $WITH_POLICY_JSON alpine oci-archive:${TESTDIR}/oci-alp.tar + run_buildah push $WITH_POLICY_JSON alpine docker-archive:${TEST_SCRATCH_DIR}/docker-alp.tar + run_buildah push $WITH_POLICY_JSON alpine oci-archive:${TEST_SCRATCH_DIR}/oci-alp.tar run_buildah rmi alpine - run_buildah from --quiet $WITH_POLICY_JSON docker-archive:${TESTDIR}/docker-alp.tar + run_buildah from --quiet $WITH_POLICY_JSON docker-archive:${TEST_SCRATCH_DIR}/docker-alp.tar expect_output "alpine-working-container" run_buildah rm $output run_buildah rmi -a - run_buildah from --quiet $WITH_POLICY_JSON oci-archive:${TESTDIR}/oci-alp.tar + run_buildah from --quiet $WITH_POLICY_JSON oci-archive:${TEST_SCRATCH_DIR}/oci-alp.tar expect_output "oci-archive-working-container" run_buildah rm $output run_buildah rmi -a @@ -277,7 +277,7 @@ load helpers skip_if_no_runtime _prefetch alpine - run_buildah from --quiet --volume=${TESTDIR}:/myvol --pull $WITH_POLICY_JSON alpine + run_buildah from --quiet --volume=${TEST_SCRATCH_DIR}:/myvol --pull $WITH_POLICY_JSON alpine cid=$output run_buildah run $cid -- cat /proc/mounts expect_output --substring " /myvol " @@ -288,7 +288,7 @@ load helpers skip_if_no_runtime _prefetch alpine - run_buildah from --quiet --volume=${TESTDIR}:/myvol:ro --pull=false $WITH_POLICY_JSON alpine + run_buildah from --quiet --volume=${TEST_SCRATCH_DIR}:/myvol:ro --pull=false $WITH_POLICY_JSON alpine cid=$output run_buildah run $cid -- cat /proc/mounts expect_output --substring " /myvol " @@ -310,12 +310,12 @@ load helpers gidsize=$((${RANDOM}+1024)) # Create source volume. - mkdir ${TESTDIR}/testdata - touch ${TESTDIR}/testdata/testfile1.txt + mkdir ${TEST_SCRATCH_DIR}/testdata + touch ${TEST_SCRATCH_DIR}/testdata/testfile1.txt # Create a container that uses that mapping and U volume flag. _prefetch alpine - run_buildah from --pull=false $WITH_POLICY_JSON --userns-uid-map 0:$uidbase:$uidsize --userns-gid-map 0:$gidbase:$gidsize --volume ${TESTDIR}/testdata:/mnt:z,U alpine + run_buildah from --pull=false $WITH_POLICY_JSON --userns-uid-map 0:$uidbase:$uidsize --userns-gid-map 0:$gidbase:$gidsize --volume ${TEST_SCRATCH_DIR}/testdata:/mnt:z,U alpine ctr="$output" # Test mounted volume has correct UID and GID ownership. @@ -361,8 +361,8 @@ load helpers @test "from cidfile test" { _prefetch alpine - run_buildah from --cidfile ${TESTDIR}/output.cid --pull=false $WITH_POLICY_JSON alpine - cid=$(< ${TESTDIR}/output.cid) + run_buildah from --cidfile ${TEST_SCRATCH_DIR}/output.cid --pull=false $WITH_POLICY_JSON alpine + cid=$(< ${TEST_SCRATCH_DIR}/output.cid) run_buildah containers -f id=${cid} } @@ -420,49 +420,49 @@ load helpers @test "from encrypted local image" { _prefetch busybox - mkdir ${TESTDIR}/tmp - openssl genrsa -out ${TESTDIR}/tmp/mykey.pem 1024 - openssl genrsa -out ${TESTDIR}/tmp/mykey2.pem 1024 - openssl rsa -in ${TESTDIR}/tmp/mykey.pem -pubout > ${TESTDIR}/tmp/mykey.pub - run_buildah push $WITH_POLICY_JSON --tls-verify=false --creds testuser:testpassword --encryption-key jwe:${TESTDIR}/tmp/mykey.pub busybox oci:${TESTDIR}/tmp/busybox_enc + mkdir ${TEST_SCRATCH_DIR}/tmp + openssl genrsa -out ${TEST_SCRATCH_DIR}/tmp/mykey.pem 1024 + openssl genrsa -out ${TEST_SCRATCH_DIR}/tmp/mykey2.pem 1024 + openssl rsa -in ${TEST_SCRATCH_DIR}/tmp/mykey.pem -pubout > ${TEST_SCRATCH_DIR}/tmp/mykey.pub + run_buildah push $WITH_POLICY_JSON --tls-verify=false --creds testuser:testpassword --encryption-key jwe:${TEST_SCRATCH_DIR}/tmp/mykey.pub busybox oci:${TEST_SCRATCH_DIR}/tmp/busybox_enc # Try encrypted image without key should fail - run_buildah 125 from oci:${TESTDIR}/tmp/busybox_enc + run_buildah 125 from oci:${TEST_SCRATCH_DIR}/tmp/busybox_enc expect_output --substring "decrypting layer .* missing private key needed for decryption" # Try encrypted image with wrong key should fail - run_buildah 125 from --decryption-key ${TESTDIR}/tmp/mykey2.pem oci:${TESTDIR}/tmp/busybox_enc + run_buildah 125 from --decryption-key ${TEST_SCRATCH_DIR}/tmp/mykey2.pem oci:${TEST_SCRATCH_DIR}/tmp/busybox_enc expect_output --substring "decrypting layer .* no suitable key unwrapper found or none of the private keys could be used for decryption" # Providing the right key should succeed - run_buildah from --decryption-key ${TESTDIR}/tmp/mykey.pem oci:${TESTDIR}/tmp/busybox_enc + run_buildah from --decryption-key ${TEST_SCRATCH_DIR}/tmp/mykey.pem oci:${TEST_SCRATCH_DIR}/tmp/busybox_enc - rm -rf ${TESTDIR}/tmp + rm -rf ${TEST_SCRATCH_DIR}/tmp } @test "from encrypted registry image" { _prefetch busybox - mkdir ${TESTDIR}/tmp - openssl genrsa -out ${TESTDIR}/tmp/mykey.pem 2048 - openssl genrsa -out ${TESTDIR}/tmp/mykey2.pem 2048 - openssl rsa -in ${TESTDIR}/tmp/mykey.pem -pubout > ${TESTDIR}/tmp/mykey.pub + mkdir ${TEST_SCRATCH_DIR}/tmp + openssl genrsa -out ${TEST_SCRATCH_DIR}/tmp/mykey.pem 2048 + openssl genrsa -out ${TEST_SCRATCH_DIR}/tmp/mykey2.pem 2048 + openssl rsa -in ${TEST_SCRATCH_DIR}/tmp/mykey.pem -pubout > ${TEST_SCRATCH_DIR}/tmp/mykey.pub start_registry - run_buildah push $WITH_POLICY_JSON --tls-verify=false --creds testuser:testpassword --encryption-key jwe:${TESTDIR}/tmp/mykey.pub busybox docker://localhost:${REGISTRY_PORT}/buildah/busybox_encrypted:latest + run_buildah push $WITH_POLICY_JSON --tls-verify=false --creds testuser:testpassword --encryption-key jwe:${TEST_SCRATCH_DIR}/tmp/mykey.pub busybox docker://localhost:${REGISTRY_PORT}/buildah/busybox_encrypted:latest # Try encrypted image without key should fail run_buildah 125 from --tls-verify=false --creds testuser:testpassword docker://localhost:${REGISTRY_PORT}/buildah/busybox_encrypted:latest expect_output --substring "decrypting layer .* missing private key needed for decryption" # Try encrypted image with wrong key should fail - run_buildah 125 from --tls-verify=false --creds testuser:testpassword --decryption-key ${TESTDIR}/tmp/mykey2.pem docker://localhost:${REGISTRY_PORT}/buildah/busybox_encrypted:latest + run_buildah 125 from --tls-verify=false --creds testuser:testpassword --decryption-key ${TEST_SCRATCH_DIR}/tmp/mykey2.pem docker://localhost:${REGISTRY_PORT}/buildah/busybox_encrypted:latest expect_output --substring "decrypting layer .* no suitable key unwrapper found or none of the private keys could be used for decryption" # Providing the right key should succeed - run_buildah from --tls-verify=false --creds testuser:testpassword --decryption-key ${TESTDIR}/tmp/mykey.pem docker://localhost:${REGISTRY_PORT}/buildah/busybox_encrypted:latest + run_buildah from --tls-verify=false --creds testuser:testpassword --decryption-key ${TEST_SCRATCH_DIR}/tmp/mykey.pem docker://localhost:${REGISTRY_PORT}/buildah/busybox_encrypted:latest run_buildah rm -a run_buildah rmi localhost:${REGISTRY_PORT}/buildah/busybox_encrypted:latest - rm -rf ${TESTDIR}/tmp + rm -rf ${TEST_SCRATCH_DIR}/tmp } @test "from with non buildah container" { @@ -524,10 +524,10 @@ load helpers @test "from --authfile test" { _prefetch busybox start_registry - run_buildah login --tls-verify=false --authfile ${TESTDIR}/test.auth --username testuser --password testpassword localhost:${REGISTRY_PORT} - run_buildah push $WITH_POLICY_JSON --tls-verify=false --authfile ${TESTDIR}/test.auth busybox docker://localhost:${REGISTRY_PORT}/buildah/busybox:latest + run_buildah login --tls-verify=false --authfile ${TEST_SCRATCH_DIR}/test.auth --username testuser --password testpassword localhost:${REGISTRY_PORT} + run_buildah push $WITH_POLICY_JSON --tls-verify=false --authfile ${TEST_SCRATCH_DIR}/test.auth busybox docker://localhost:${REGISTRY_PORT}/buildah/busybox:latest target=busybox-image - run_buildah from -q $WITH_POLICY_JSON --tls-verify=false --authfile ${TESTDIR}/test.auth docker://localhost:${REGISTRY_PORT}/buildah/busybox:latest + run_buildah from -q $WITH_POLICY_JSON --tls-verify=false --authfile ${TEST_SCRATCH_DIR}/test.auth docker://localhost:${REGISTRY_PORT}/buildah/busybox:latest run_buildah rm $output run_buildah rmi localhost:${REGISTRY_PORT}/buildah/busybox:latest } @@ -612,8 +612,8 @@ load helpers @test "from cni config test" { _prefetch alpine - cni_config_dir=${TESTDIR}/no-cni-configs - cni_plugin_path=${TESTDIR}/no-cni-plugin + cni_config_dir=${TEST_SCRATCH_DIR}/no-cni-configs + cni_plugin_path=${TEST_SCRATCH_DIR}/no-cni-plugin mkdir -p ${cni_config_dir} mkdir -p ${cni_plugin_path} run_buildah from -q --cni-config-dir=${cni_config_dir} --cni-plugin-path=${cni_plugin_path} $WITH_POLICY_JSON alpine @@ -626,8 +626,8 @@ load helpers } @test "from-image-with-zstd-compression" { - copy --format oci --dest-compress --dest-compress-format zstd docker://quay.io/libpod/alpine_nginx:latest dir:${TESTDIR}/base-image - run_buildah from dir:${TESTDIR}/base-image + copy --format oci --dest-compress --dest-compress-format zstd docker://quay.io/libpod/alpine_nginx:latest dir:${TEST_SCRATCH_DIR}/base-image + run_buildah from dir:${TEST_SCRATCH_DIR}/base-image } @test "from proxy test" { @@ -653,14 +653,14 @@ load helpers skip_if_no_runtime _prefetch busybox - run_buildah from --cidfile ${TESTDIR}/cid busybox - cid=$(cat ${TESTDIR}/cid) - createrandom ${TESTDIR}/randomfile - run_buildah copy ${cid} ${TESTDIR}/randomfile / - run_buildah commit --iidfile ${TESTDIR}/iid ${cid} - iid=$(cat ${TESTDIR}/iid) - run_buildah from --cidfile ${TESTDIR}/cid2 ${iid} - cid2=$(cat ${TESTDIR}/cid2) + run_buildah from --cidfile ${TEST_SCRATCH_DIR}/cid busybox + cid=$(cat ${TEST_SCRATCH_DIR}/cid) + createrandom ${TEST_SCRATCH_DIR}/randomfile + run_buildah copy ${cid} ${TEST_SCRATCH_DIR}/randomfile / + run_buildah commit --iidfile ${TEST_SCRATCH_DIR}/iid ${cid} + iid=$(cat ${TEST_SCRATCH_DIR}/iid) + run_buildah from --cidfile ${TEST_SCRATCH_DIR}/cid2 ${iid} + cid2=$(cat ${TEST_SCRATCH_DIR}/cid2) run_buildah run ${cid2} cat /etc/hosts truncated=${iid##*:} truncated="${truncated:0:12}" diff --git a/tests/helpers.bash b/tests/helpers.bash index 2e4c1c9d6..e30870636 100644 --- a/tests/helpers.bash +++ b/tests/helpers.bash @@ -33,13 +33,13 @@ function setup_tests() { # buildah/podman: "repository name must be lowercase". # me: "but it's a local file path, not a repository name!" # buildah/podman: "i dont care. no caps anywhere!" - TESTDIR=$(mktemp -d --dry-run --tmpdir=${BATS_TMPDIR:-${TMPDIR:-/tmp}} buildah_tests.XXXXXX | tr A-Z a-z) - mkdir --mode=0700 $TESTDIR + TEST_SCRATCH_DIR=$(mktemp -d --dry-run --tmpdir=${BATS_TMPDIR:-${TMPDIR:-/tmp}} buildah_tests.XXXXXX | tr A-Z a-z) + mkdir --mode=0700 $TEST_SCRATCH_DIR - mkdir -p ${TESTDIR}/{root,runroot,sigstore,registries.d} - cat >${TESTDIR}/registries.d/default.yaml <${TEST_SCRATCH_DIR}/registries.d/default.yaml < /dev/null + pushd ${2:-${TEST_SCRATCH_DIR}} > /dev/null go build -o serve ${TEST_SOURCES}/serve/serve.go portfile=$(mktemp) if test -z "${portfile}"; then @@ -99,11 +99,11 @@ function teardown_tests() { # let's find those and clean them up, otherwise 'rm -rf' fails. # 'sort -r' guarantees that we umount deepest subpaths first. mount |\ - awk '$3 ~ testdir { print $3 }' testdir="^${TESTDIR}/" |\ + awk '$3 ~ testdir { print $3 }' testdir="^${TEST_SCRATCH_DIR}/" |\ sort -r |\ xargs --no-run-if-empty --max-lines=1 umount - rm -fr ${TESTDIR} + rm -fr ${TEST_SCRATCH_DIR} popd } @@ -596,17 +596,17 @@ function skip_if_no_docker() { } function start_git_daemon() { - daemondir=${TESTDIR}/git-daemon + daemondir=${TEST_SCRATCH_DIR}/git-daemon mkdir -p ${daemondir}/repo gzip -dc < ${1:-${TEST_SOURCES}/git-daemon/repo.tar.gz} | tar x -C ${daemondir}/repo GITPORT=$(($RANDOM + 32768)) - git daemon --detach --pid-file=${TESTDIR}/git-daemon/pid --reuseaddr --port=${GITPORT} --base-path=${daemondir} ${daemondir} + git daemon --detach --pid-file=${TEST_SCRATCH_DIR}/git-daemon/pid --reuseaddr --port=${GITPORT} --base-path=${daemondir} ${daemondir} } function stop_git_daemon() { - if test -s ${TESTDIR}/git-daemon/pid ; then - kill $(cat ${TESTDIR}/git-daemon/pid) - rm -f ${TESTDIR}/git-daemon/pid + if test -s ${TEST_SCRATCH_DIR}/git-daemon/pid ; then + kill $(cat ${TEST_SCRATCH_DIR}/git-daemon/pid) + rm -f ${TEST_SCRATCH_DIR}/git-daemon/pid fi } @@ -654,45 +654,45 @@ auth: htpasswd=${testuser}:$(buildah passwd ${testpassword}) # generate the htpasswd and config.yml files for the registry - mkdir -p "${TESTDIR}"/registry/root "${TESTDIR}"/registry/run "${TESTDIR}"/registry/certs "${TESTDIR}"/registry/config - cat > "${TESTDIR}"/registry/config/htpasswd <<< "$htpasswd" - cat > "${TESTDIR}"/registry/config/config.yml <<< "$config" - chmod 644 "${TESTDIR}"/registry/config/htpasswd "${TESTDIR}"/registry/config/config.yml + mkdir -p "${TEST_SCRATCH_DIR}"/registry/root "${TEST_SCRATCH_DIR}"/registry/run "${TEST_SCRATCH_DIR}"/registry/certs "${TEST_SCRATCH_DIR}"/registry/config + cat > "${TEST_SCRATCH_DIR}"/registry/config/htpasswd <<< "$htpasswd" + cat > "${TEST_SCRATCH_DIR}"/registry/config/config.yml <<< "$config" + chmod 644 "${TEST_SCRATCH_DIR}"/registry/config/htpasswd "${TEST_SCRATCH_DIR}"/registry/config/config.yml # generate a new key and certificate - if ! openssl req -newkey rsa:4096 -nodes -sha256 -keyout "${TESTDIR}"/registry/certs/localhost.key -x509 -days 2 -addext "subjectAltName = DNS:localhost" -out "${TESTDIR}"/registry/certs/localhost.crt -subj "/CN=localhost" ; then + if ! openssl req -newkey rsa:4096 -nodes -sha256 -keyout "${TEST_SCRATCH_DIR}"/registry/certs/localhost.key -x509 -days 2 -addext "subjectAltName = DNS:localhost" -out "${TEST_SCRATCH_DIR}"/registry/certs/localhost.crt -subj "/CN=localhost" ; then die error creating new key and certificate fi - chmod 644 "${TESTDIR}"/registry/certs/localhost.crt - chmod 600 "${TESTDIR}"/registry/certs/localhost.key + chmod 644 "${TEST_SCRATCH_DIR}"/registry/certs/localhost.crt + chmod 600 "${TEST_SCRATCH_DIR}"/registry/certs/localhost.key # use a copy of the server's certificate for validation from a client - cp "${TESTDIR}"/registry/certs/localhost.crt "${TESTDIR}"/registry/ + cp "${TEST_SCRATCH_DIR}"/registry/certs/localhost.crt "${TEST_SCRATCH_DIR}"/registry/ # create a container in its own storage - _prefetch "[vfs@${TESTDIR}/registry/root+${TESTDIR}/registry/run]" ${REGISTRY_IMAGE} - ctr=$(${BUILDAH_BINARY} --storage-driver vfs --root "${TESTDIR}"/registry/root --runroot "${TESTDIR}"/registry/run from --quiet --pull-never ${REGISTRY_IMAGE}) - ${BUILDAH_BINARY} --storage-driver vfs --root "${TESTDIR}"/registry/root --runroot "${TESTDIR}"/registry/run copy $ctr "${TESTDIR}"/registry/config/htpasswd "${TESTDIR}"/registry/config/config.yml "${TESTDIR}"/registry/certs/localhost.key "${TESTDIR}"/registry/certs/localhost.crt /etc/docker/registry/ + _prefetch "[vfs@${TEST_SCRATCH_DIR}/registry/root+${TEST_SCRATCH_DIR}/registry/run]" ${REGISTRY_IMAGE} + ctr=$(${BUILDAH_BINARY} --storage-driver vfs --root "${TEST_SCRATCH_DIR}"/registry/root --runroot "${TEST_SCRATCH_DIR}"/registry/run from --quiet --pull-never ${REGISTRY_IMAGE}) + ${BUILDAH_BINARY} --storage-driver vfs --root "${TEST_SCRATCH_DIR}"/registry/root --runroot "${TEST_SCRATCH_DIR}"/registry/run copy $ctr "${TEST_SCRATCH_DIR}"/registry/config/htpasswd "${TEST_SCRATCH_DIR}"/registry/config/config.yml "${TEST_SCRATCH_DIR}"/registry/certs/localhost.key "${TEST_SCRATCH_DIR}"/registry/certs/localhost.crt /etc/docker/registry/ # fire it up - coproc ${BUILDAH_BINARY} --storage-driver vfs --root "${TESTDIR}"/registry/root --runroot "${TESTDIR}"/registry/run run --net host "$ctr" /entrypoint.sh /etc/docker/registry/config.yml 2> "${TESTDIR}"/registry/registry.log + coproc ${BUILDAH_BINARY} --storage-driver vfs --root "${TEST_SCRATCH_DIR}"/registry/root --runroot "${TEST_SCRATCH_DIR}"/registry/run run --net host "$ctr" /entrypoint.sh /etc/docker/registry/config.yml 2> "${TEST_SCRATCH_DIR}"/registry/registry.log # record the coprocess's ID and try to parse the listening port from the log # we're separating all of this from the storage for any test that might call # this function and using vfs to minimize the cleanup required REGISTRY_PID="${COPROC_PID}" - REGISTRY_DIR="${TESTDIR}"/registry + REGISTRY_DIR="${TEST_SCRATCH_DIR}"/registry REGISTRY_PORT= local waited=0 while [ -z "${REGISTRY_PORT}" ] ; do if [ $waited -ge $BUILDAH_TIMEOUT ] ; then echo Could not determine listening port from log: - sed -e 's/^/ >/' ${TESTDIR}/registry/registry.log + sed -e 's/^/ >/' ${TEST_SCRATCH_DIR}/registry/registry.log stop_registry false fi waited=$((waited+1)) sleep 1 - REGISTRY_PORT=$(sed -ne 's^.*listening on.*:\([0-9]\+\),.*^\1^p' ${TESTDIR}/registry/registry.log) + REGISTRY_PORT=$(sed -ne 's^.*listening on.*:\([0-9]\+\),.*^\1^p' ${TEST_SCRATCH_DIR}/registry/registry.log) done # push the registry image we just started... to itself, as a confidence check diff --git a/tests/history.bats b/tests/history.bats index 10bd20f0d..77cbf5564 100644 --- a/tests/history.bats +++ b/tests/history.bats @@ -78,9 +78,9 @@ function testconfighistory() { } @test "history-add" { - createrandom ${TESTDIR}/randomfile + createrandom ${TEST_SCRATCH_DIR}/randomfile run_buildah from --name addctr --format docker scratch - run_buildah add --add-history addctr ${TESTDIR}/randomfile + run_buildah add --add-history addctr ${TEST_SCRATCH_DIR}/randomfile digest="$output" run_buildah commit $WITH_POLICY_JSON addctr addimg run_buildah inspect --format '{{range .Docker.History}}{{println .CreatedBy}}{{end}}' addimg @@ -89,9 +89,9 @@ function testconfighistory() { } @test "history-copy" { - createrandom ${TESTDIR}/randomfile + createrandom ${TEST_SCRATCH_DIR}/randomfile run_buildah from --name copyctr --format docker scratch - run_buildah copy --add-history copyctr ${TESTDIR}/randomfile + run_buildah copy --add-history copyctr ${TEST_SCRATCH_DIR}/randomfile digest="$output" run_buildah commit $WITH_POLICY_JSON copyctr copyimg run_buildah inspect --format '{{range .Docker.History}}{{println .CreatedBy}}{{end}}' copyimg @@ -111,7 +111,7 @@ function testconfighistory() { @test "history should not contain vars in allowlist unless set in ARG" { _prefetch busybox - ctxdir=${TESTDIR}/bud + ctxdir=${TEST_SCRATCH_DIR}/bud mkdir -p $ctxdir cat >$ctxdir/Dockerfile <$ctxdir/Dockerfile < $TESTDIR/blob << EOF + cat > $TEST_SCRATCH_DIR/blob << EOF { "architecture": "$arch", "os": "linux", @@ -219,12 +219,12 @@ load helpers ] } EOF - configdigest=$(sha256sum $TESTDIR/blob | awk '{print $1}') - configsize=$(stat -c %s $TESTDIR/blob) - mv $TESTDIR/blob $TESTDIR/blobs/sha256/${configdigest} + configdigest=$(sha256sum $TEST_SCRATCH_DIR/blob | awk '{print $1}') + configsize=$(stat -c %s $TEST_SCRATCH_DIR/blob) + mv $TEST_SCRATCH_DIR/blob $TEST_SCRATCH_DIR/blobs/sha256/${configdigest} # Create a manifest for that configuration blob and layer. - cat > $TESTDIR/blob << EOF + cat > $TEST_SCRATCH_DIR/blob << EOF { "schemaVersion": 2, "config": { @@ -241,12 +241,12 @@ EOF ] } EOF - manifestdigest=$(sha256sum $TESTDIR/blob | awk '{print $1}') - manifestsize=$(stat -c %s $TESTDIR/blob) - mv $TESTDIR/blob $TESTDIR/blobs/sha256/${manifestdigest} + manifestdigest=$(sha256sum $TEST_SCRATCH_DIR/blob | awk '{print $1}') + manifestsize=$(stat -c %s $TEST_SCRATCH_DIR/blob) + mv $TEST_SCRATCH_DIR/blob $TEST_SCRATCH_DIR/blobs/sha256/${manifestdigest} # Add the manifest to the image index. - cat > $TESTDIR/index.json << EOF + cat > $TEST_SCRATCH_DIR/index.json << EOF { "schemaVersion": 2, "manifests": [ @@ -260,10 +260,10 @@ EOF EOF # Mark the directory as a layout directory. - echo -n '{"imageLayoutVersion": "1.0.0"}' > $TESTDIR/oci-layout + echo -n '{"imageLayoutVersion": "1.0.0"}' > $TEST_SCRATCH_DIR/oci-layout # Import the image. - run_buildah pull oci:$TESTDIR + run_buildah pull oci:$TEST_SCRATCH_DIR # Inspect the image. We shouldn't crash. run_buildah inspect ${configdigest} diff --git a/tests/lists.bats b/tests/lists.bats index d9720eaed..50885a0ed 100644 --- a/tests/lists.bats +++ b/tests/lists.bats @@ -86,7 +86,7 @@ IMAGE_LIST_S390X_INSTANCE_DIGEST=sha256:882a20ee0df7399a445285361d38b711c299ca09 @test "manifest-push" { run_buildah manifest create foo run_buildah manifest add --all foo ${IMAGE_LIST} - run_buildah manifest push $WITH_POLICY_JSON foo dir:${TESTDIR}/pushed + run_buildah manifest push $WITH_POLICY_JSON foo dir:${TEST_SCRATCH_DIR}/pushed case "$(go env GOARCH 2> /dev/null)" in amd64) IMAGE_LIST_EXPECTED_INSTANCE_DIGEST=${IMAGE_LIST_AMD64_INSTANCE_DIGEST} ;; arm64) IMAGE_LIST_EXPECTED_INSTANCE_DIGEST=${IMAGE_LIST_ARM64_INSTANCE_DIGEST} ;; @@ -95,15 +95,15 @@ IMAGE_LIST_S390X_INSTANCE_DIGEST=sha256:882a20ee0df7399a445285361d38b711c299ca09 s390x) IMAGE_LIST_EXPECTED_INSTANCE_DIGEST=${IMAGE_LIST_S390X_INSTANCE_DIGEST} ;; *) skip "current arch \"$(go env GOARCH 2> /dev/null)\" not present in manifest list" ;; esac - run grep ${IMAGE_LIST_EXPECTED_INSTANCE_DIGEST##sha256} ${TESTDIR}/pushed/manifest.json + run grep ${IMAGE_LIST_EXPECTED_INSTANCE_DIGEST##sha256} ${TEST_SCRATCH_DIR}/pushed/manifest.json [ $status -eq 0 ] } @test "manifest-push-all" { run_buildah manifest create foo run_buildah manifest add --all foo ${IMAGE_LIST} - run_buildah manifest push $WITH_POLICY_JSON --all foo dir:${TESTDIR}/pushed - run sha256sum ${TESTDIR}/pushed/* + run_buildah manifest push $WITH_POLICY_JSON --all foo dir:${TEST_SCRATCH_DIR}/pushed + run sha256sum ${TEST_SCRATCH_DIR}/pushed/* expect_output --substring ${IMAGE_LIST_AMD64_INSTANCE_DIGEST##sha256:} expect_output --substring ${IMAGE_LIST_ARM_INSTANCE_DIGEST##sha256:} expect_output --substring ${IMAGE_LIST_ARM64_INSTANCE_DIGEST##sha256:} @@ -115,7 +115,7 @@ IMAGE_LIST_S390X_INSTANCE_DIGEST=sha256:882a20ee0df7399a445285361d38b711c299ca09 run_buildah manifest create foo run_buildah manifest add --arch=arm64 foo ${IMAGE_LIST} run_buildah manifest inspect foo - run_buildah manifest push $WITH_POLICY_JSON --purge foo dir:${TESTDIR}/pushed + run_buildah manifest push $WITH_POLICY_JSON --purge foo dir:${TEST_SCRATCH_DIR}/pushed run_buildah 125 manifest inspect foo } @@ -123,7 +123,7 @@ IMAGE_LIST_S390X_INSTANCE_DIGEST=sha256:882a20ee0df7399a445285361d38b711c299ca09 run_buildah manifest create foo run_buildah manifest add --arch=arm64 foo ${IMAGE_LIST} run_buildah manifest inspect foo - run_buildah manifest push $WITH_POLICY_JSON --rm foo dir:${TESTDIR}/pushed + run_buildah manifest push $WITH_POLICY_JSON --rm foo dir:${TEST_SCRATCH_DIR}/pushed run_buildah 125 manifest inspect foo } @@ -131,7 +131,7 @@ IMAGE_LIST_S390X_INSTANCE_DIGEST=sha256:882a20ee0df7399a445285361d38b711c299ca09 run_buildah manifest create foo run_buildah manifest add --arch=arm64 foo ${IMAGE_LIST} run_buildah manifest inspect foo - run_buildah 125 manifest push --authfile /tmp/nonexistent $WITH_POLICY_JSON --purge foo dir:${TESTDIR}/pushed + run_buildah 125 manifest push --authfile /tmp/nonexistent $WITH_POLICY_JSON --purge foo dir:${TEST_SCRATCH_DIR}/pushed } @@ -172,13 +172,13 @@ IMAGE_LIST_S390X_INSTANCE_DIGEST=sha256:882a20ee0df7399a445285361d38b711c299ca09 archinstance=$(jq -r '.manifests|map(select(.platform.architecture=="'$arch'"))[].digest' <<< "$output") run_buildah manifest remove test-list $archinstance # Try to build using the build cache. - mkdir ${TESTDIR}/build - echo 'much content, wow.' > ${TESTDIR}/build/content.txt - echo 'FROM scratch' > ${TESTDIR}/build/Dockerfile - echo 'ADD content.txt /' >> ${TESTDIR}/build/Dockerfile - run_buildah bud --layers --iidfile ${TESTDIR}/image-id.txt ${TESTDIR}/build + mkdir ${TEST_SCRATCH_DIR}/build + echo 'much content, wow.' > ${TEST_SCRATCH_DIR}/build/content.txt + echo 'FROM scratch' > ${TEST_SCRATCH_DIR}/build/Dockerfile + echo 'ADD content.txt /' >> ${TEST_SCRATCH_DIR}/build/Dockerfile + run_buildah bud --layers --iidfile ${TEST_SCRATCH_DIR}/image-id.txt ${TEST_SCRATCH_DIR}/build # Make sure we can add the new image to the list. - run_buildah manifest add test-list $(< ${TESTDIR}/image-id.txt) + run_buildah manifest add test-list $(< ${TEST_SCRATCH_DIR}/image-id.txt) } @test "manifest-add-to-list-from-storage" { diff --git a/tests/namespaces.bats b/tests/namespaces.bats index a9bd89929..4f1229c98 100644 --- a/tests/namespaces.bats +++ b/tests/namespaces.bats @@ -21,8 +21,8 @@ load helpers skip_if_chroot skip_if_rootless - mkdir -p $TESTDIR/no-cni-configs - RUNOPTS="--cni-config-dir=${TESTDIR}/no-cni-configs ${RUNC_BINARY:+--runtime $RUNC_BINARY}" + mkdir -p $TEST_SCRATCH_DIR/no-cni-configs + RUNOPTS="--cni-config-dir=${TEST_SCRATCH_DIR}/no-cni-configs ${RUNC_BINARY:+--runtime $RUNC_BINARY}" # Check if we're running in an environment that can even test this. run readlink /proc/self/ns/user echo "readlink /proc/self/ns/user -> $output" @@ -103,8 +103,8 @@ idmapping_check_permission() { @test "idmapping" { skip_if_rootless_environment - mkdir -p $TESTDIR/no-cni-configs - RUNOPTS="--cni-config-dir=${TESTDIR}/no-cni-configs ${RUNC_BINARY:+--runtime $RUNC_BINARY}" + mkdir -p $TEST_SCRATCH_DIR/no-cni-configs + RUNOPTS="--cni-config-dir=${TEST_SCRATCH_DIR}/no-cni-configs ${RUNC_BINARY:+--runtime $RUNC_BINARY}" # Check if we're running in an environment that can even test this. run readlink /proc/self/ns/user @@ -178,11 +178,11 @@ idmapping_check_permission() { fi fi - touch ${TESTDIR}/somefile - mkdir ${TESTDIR}/somedir - touch ${TESTDIR}/somedir/someotherfile - chmod 700 ${TESTDIR}/somedir/someotherfile - chmod u+s ${TESTDIR}/somedir/someotherfile + touch ${TEST_SCRATCH_DIR}/somefile + mkdir ${TEST_SCRATCH_DIR}/somedir + touch ${TEST_SCRATCH_DIR}/somedir/someotherfile + chmod 700 ${TEST_SCRATCH_DIR}/somedir/someotherfile + chmod u+s ${TEST_SCRATCH_DIR}/somedir/someotherfile for i in $(seq 0 "$((${#uidmaps[*]}-1))") ; do # local helper function for checking /proc/self/ns/user @@ -220,11 +220,11 @@ idmapping_check_permission() { rootgid=$rootxid # Check that if we copy a file into the container, it gets the right permissions. - run_buildah copy --chown 1:1 "$ctr" ${TESTDIR}/somefile / + run_buildah copy --chown 1:1 "$ctr" ${TEST_SCRATCH_DIR}/somefile / run_buildah run $RUNOPTS "$ctr" stat -c '%u:%g' /somefile output_file_stat="$output" # Check that if we copy a directory into the container, its contents get the right permissions. - run_buildah copy "$ctr" ${TESTDIR}/somedir /somedir + run_buildah copy "$ctr" ${TEST_SCRATCH_DIR}/somedir /somedir run_buildah run $RUNOPTS "$ctr" stat -c '%u:%g' /somedir output_dir_stat="$output" idmapping_check_permission "$output_file_stat" "$output_dir_stat" @@ -247,7 +247,7 @@ idmapping_check_permission() { # Build an image using these mappings. echo "Building image with ${uidmapargs[$i]} ${gidmapargs[$i]}" run_buildah bud ${uidmapargs[$i]} ${gidmapargs[$i]} $RUNOPTS $WITH_POLICY_JSON \ - -t localhost/alpine-bud:$i -f $BUDFILES/namespaces/Containerfile $TESTDIR + -t localhost/alpine-bud:$i -f $BUDFILES/namespaces/Containerfile $TEST_SCRATCH_DIR # If we specified mappings, expect to be in a different namespace by default. output_namespace="$(grep -A1 'ReadlinkResult' <<< "$output" | tail -n1)" idmapping_check_namespace "${output_namespace}" "bud" @@ -271,9 +271,9 @@ idmapping_check_permission() { } general_namespace() { - mkdir -p $TESTDIR/no-cni-configs - RUNOPTS="--cni-config-dir=${TESTDIR}/no-cni-configs ${RUNC_BINARY:+--runtime $RUNC_BINARY}" - mytmpdir=$TESTDIR/my-dir + mkdir -p $TEST_SCRATCH_DIR/no-cni-configs + RUNOPTS="--cni-config-dir=${TEST_SCRATCH_DIR}/no-cni-configs ${RUNC_BINARY:+--runtime $RUNC_BINARY}" + mytmpdir=$TEST_SCRATCH_DIR/my-dir mkdir -p ${mytmpdir} # The name of the /proc/self/ns/$link. @@ -440,11 +440,11 @@ _EOF @test "idmapping-and-squash" { skip_if_rootless_environment - createrandom ${TESTDIR}/randomfile + createrandom ${TEST_SCRATCH_DIR}/randomfile run_buildah from --userns-uid-map 0:32:16 --userns-gid-map 0:48:16 scratch cid=$output - run_buildah copy "$cid" ${TESTDIR}/randomfile / - run_buildah copy --chown 1:1 "$cid" ${TESTDIR}/randomfile /randomfile2 + run_buildah copy "$cid" ${TEST_SCRATCH_DIR}/randomfile / + run_buildah copy --chown 1:1 "$cid" ${TEST_SCRATCH_DIR}/randomfile /randomfile2 run_buildah commit --squash $WITH_POLICY_JSON --rm "$cid" squashed run_buildah from --quiet squashed cid=$output @@ -486,7 +486,7 @@ _EOF skip_if_chroot _prefetch alpine - containers_conf_file="$TESTDIR/containers-namespaces.conf" + containers_conf_file="$TEST_SCRATCH_DIR/containers-namespaces.conf" for mode in host private; do cat > "$containers_conf_file" << EOF diff --git a/tests/overlay.bats b/tests/overlay.bats index 6ec65fd9b..790bbe56b 100644 --- a/tests/overlay.bats +++ b/tests/overlay.bats @@ -9,10 +9,10 @@ load helpers skip "skipping overlay test because \$STORAGE_DRIVER = $STORAGE_DRIVER" fi image=alpine - mkdir ${TESTDIR}/lower - touch ${TESTDIR}/lower/foo + mkdir ${TEST_SCRATCH_DIR}/lower + touch ${TEST_SCRATCH_DIR}/lower/foo - run_buildah from --quiet -v ${TESTDIR}/lower:/lower:O --quiet $WITH_POLICY_JSON $image + run_buildah from --quiet -v ${TEST_SCRATCH_DIR}/lower:/lower:O --quiet $WITH_POLICY_JSON $image cid=$output # This should succeed @@ -27,7 +27,7 @@ load helpers run_buildah 1 run $cid ls /lower/bar # This should fail - run ls ${TESTDIR}/lower/bar + run ls ${TEST_SCRATCH_DIR}/lower/bar [ "$status" -ne 0 ] } @@ -38,10 +38,10 @@ load helpers skip "skipping overlay test because \$STORAGE_DRIVER = $STORAGE_DRIVER" fi image=alpine - mkdir -m 770 ${TESTDIR}/lower - chown 1:1 ${TESTDIR}/lower - permission=$(stat -c "%a %u %g" ${TESTDIR}/lower) - run_buildah from --quiet -v ${TESTDIR}/lower:/tmp/test:O --quiet $WITH_POLICY_JSON $image + mkdir -m 770 ${TEST_SCRATCH_DIR}/lower + chown 1:1 ${TEST_SCRATCH_DIR}/lower + permission=$(stat -c "%a %u %g" ${TEST_SCRATCH_DIR}/lower) + run_buildah from --quiet -v ${TEST_SCRATCH_DIR}/lower:/tmp/test:O --quiet $WITH_POLICY_JSON $image cid=$output # This should succeed @@ -49,7 +49,7 @@ load helpers expect_output "$permission" # Create and remove content in the overlay directory, should succeed - touch ${TESTDIR}/lower/foo + touch ${TEST_SCRATCH_DIR}/lower/foo run_buildah run $cid touch /tmp/test/bar run_buildah run $cid rm /tmp/test/foo @@ -57,7 +57,7 @@ load helpers run_buildah 1 run $cid ls /tmp/test/bar # This should fail since /tmp/test was an overlay, not a bind mount - run ls ${TESTDIR}/lower/bar + run ls ${TEST_SCRATCH_DIR}/lower/bar [ "$status" -ne 0 ] } @@ -68,19 +68,19 @@ load helpers skip "skipping overlay test because \$STORAGE_DRIVER = $STORAGE_DRIVER" fi image=alpine - mkdir ${TESTDIR}/a:lower - touch ${TESTDIR}/a:lower/foo + mkdir ${TEST_SCRATCH_DIR}/a:lower + touch ${TEST_SCRATCH_DIR}/a:lower/foo # This should succeed. # Add double backslash, because shell will escape. - run_buildah from --quiet -v ${TESTDIR}/a\\:lower:/a\\:lower:O --quiet $WITH_POLICY_JSON $image + run_buildah from --quiet -v ${TEST_SCRATCH_DIR}/a\\:lower:/a\\:lower:O --quiet $WITH_POLICY_JSON $image cid=$output # This should succeed run_buildah run $cid ls /a:lower/foo # Mount volume when run - run_buildah run -v ${TESTDIR}/a\\:lower:/b\\:lower:O $cid ls /b:lower/foo + run_buildah run -v ${TEST_SCRATCH_DIR}/a\\:lower:/b\\:lower:O $cid ls /b:lower/foo # Create and remove content in the overlay directory, should succeed, # resetting the contents between each run. @@ -91,6 +91,6 @@ load helpers run_buildah 1 run $cid ls /a:lower/bar # This should fail - run ls ${TESTDIR}/a:lower/bar + run ls ${TEST_SCRATCH_DIR}/a:lower/bar [ "$status" -ne 0 ] } \ No newline at end of file diff --git a/tests/pull.bats b/tests/pull.bats index 2214bec6f..aad6d7791 100644 --- a/tests/pull.bats +++ b/tests/pull.bats @@ -42,7 +42,7 @@ load helpers expect_output --substring "busybox:glibc" expect_output --substring "busybox:latest" # We need to see if this file is created after first pull in at least one test - [ -f ${TESTDIR}/root/defaultNetworkBackend ] + [ -f ${TEST_SCRATCH_DIR}/root/defaultNetworkBackend ] run_buildah --retry pull --registries-conf ${TEST_SOURCES}/registries.conf $WITH_POLICY_JSON quay.io/libpod/alpine_nginx:latest run_buildah images --format "{{.Name}}:{{.Tag}}" @@ -61,32 +61,32 @@ load helpers @test "pull-from-docker-archive" { run_buildah --retry pull $WITH_POLICY_JSON alpine - run_buildah push $WITH_POLICY_JSON docker.io/library/alpine:latest docker-archive:${TESTDIR}/alp.tar:alpine:latest + run_buildah push $WITH_POLICY_JSON docker.io/library/alpine:latest docker-archive:${TEST_SCRATCH_DIR}/alp.tar:alpine:latest run_buildah rmi alpine - run_buildah --retry pull $WITH_POLICY_JSON docker-archive:${TESTDIR}/alp.tar + run_buildah --retry pull $WITH_POLICY_JSON docker-archive:${TEST_SCRATCH_DIR}/alp.tar run_buildah images --format "{{.Name}}:{{.Tag}}" expect_output --substring "alpine" - run_buildah 125 pull --all-tags $WITH_POLICY_JSON docker-archive:${TESTDIR}/alp.tar + run_buildah 125 pull --all-tags $WITH_POLICY_JSON docker-archive:${TEST_SCRATCH_DIR}/alp.tar expect_output --substring "pulling all tags is not supported for docker-archive transport" } @test "pull-from-oci-archive" { run_buildah --retry pull $WITH_POLICY_JSON alpine - run_buildah push $WITH_POLICY_JSON docker.io/library/alpine:latest oci-archive:${TESTDIR}/alp.tar:alpine + run_buildah push $WITH_POLICY_JSON docker.io/library/alpine:latest oci-archive:${TEST_SCRATCH_DIR}/alp.tar:alpine run_buildah rmi alpine - run_buildah pull $WITH_POLICY_JSON oci-archive:${TESTDIR}/alp.tar + run_buildah pull $WITH_POLICY_JSON oci-archive:${TEST_SCRATCH_DIR}/alp.tar run_buildah images --format "{{.Name}}:{{.Tag}}" expect_output --substring "alpine" - run_buildah 125 pull --all-tags $WITH_POLICY_JSON oci-archive:${TESTDIR}/alp.tar + run_buildah 125 pull --all-tags $WITH_POLICY_JSON oci-archive:${TEST_SCRATCH_DIR}/alp.tar expect_output --substring "pulling all tags is not supported for oci-archive transport" } @test "pull-from-local-directory" { - mkdir ${TESTDIR}/buildahtest + mkdir ${TEST_SCRATCH_DIR}/buildahtest run_buildah --retry pull $WITH_POLICY_JSON alpine - run_buildah push $WITH_POLICY_JSON docker.io/library/alpine:latest dir:${TESTDIR}/buildahtest + run_buildah push $WITH_POLICY_JSON docker.io/library/alpine:latest dir:${TEST_SCRATCH_DIR}/buildahtest run_buildah rmi alpine - run_buildah pull --quiet $WITH_POLICY_JSON dir:${TESTDIR}/buildahtest + run_buildah pull --quiet $WITH_POLICY_JSON dir:${TEST_SCRATCH_DIR}/buildahtest imageID="$output" # Images pulled via the dir transport are untagged. run_buildah images --format "{{.Name}}:{{.Tag}}" @@ -150,12 +150,12 @@ load helpers @test "pull-from-oci-directory" { run_buildah --retry pull $WITH_POLICY_JSON alpine - run_buildah push $WITH_POLICY_JSON docker.io/library/alpine:latest oci:${TESTDIR}/alpine + run_buildah push $WITH_POLICY_JSON docker.io/library/alpine:latest oci:${TEST_SCRATCH_DIR}/alpine run_buildah rmi alpine - run_buildah pull $WITH_POLICY_JSON oci:${TESTDIR}/alpine + run_buildah pull $WITH_POLICY_JSON oci:${TEST_SCRATCH_DIR}/alpine run_buildah images --format "{{.Name}}:{{.Tag}}" - expect_output --substring "localhost${TESTDIR}/alpine:latest" - run_buildah 125 pull --all-tags $WITH_POLICY_JSON oci:${TESTDIR}/alpine + expect_output --substring "localhost${TEST_SCRATCH_DIR}/alpine:latest" + run_buildah 125 pull --all-tags $WITH_POLICY_JSON oci:${TEST_SCRATCH_DIR}/alpine expect_output --substring "pulling all tags is not supported for oci transport" } @@ -183,76 +183,76 @@ load helpers @test "pull encrypted local image" { _prefetch busybox - mkdir ${TESTDIR}/tmp - openssl genrsa -out ${TESTDIR}/tmp/mykey.pem 1024 - openssl genrsa -out ${TESTDIR}/tmp/mykey2.pem 1024 - openssl rsa -in ${TESTDIR}/tmp/mykey.pem -pubout > ${TESTDIR}/tmp/mykey.pub - run_buildah push $WITH_POLICY_JSON --encryption-key jwe:${TESTDIR}/tmp/mykey.pub busybox oci:${TESTDIR}/tmp/busybox_enc + mkdir ${TEST_SCRATCH_DIR}/tmp + openssl genrsa -out ${TEST_SCRATCH_DIR}/tmp/mykey.pem 1024 + openssl genrsa -out ${TEST_SCRATCH_DIR}/tmp/mykey2.pem 1024 + openssl rsa -in ${TEST_SCRATCH_DIR}/tmp/mykey.pem -pubout > ${TEST_SCRATCH_DIR}/tmp/mykey.pub + run_buildah push $WITH_POLICY_JSON --encryption-key jwe:${TEST_SCRATCH_DIR}/tmp/mykey.pub busybox oci:${TEST_SCRATCH_DIR}/tmp/busybox_enc # Try to pull encrypted image without key should fail - run_buildah 125 pull $WITH_POLICY_JSON oci:${TESTDIR}/tmp/busybox_enc + run_buildah 125 pull $WITH_POLICY_JSON oci:${TEST_SCRATCH_DIR}/tmp/busybox_enc expect_output --substring "decrypting layer .* missing private key needed for decryption" # Try to pull encrypted image with wrong key should fail - run_buildah 125 pull $WITH_POLICY_JSON --decryption-key ${TESTDIR}/tmp/mykey2.pem oci:${TESTDIR}/tmp/busybox_enc + run_buildah 125 pull $WITH_POLICY_JSON --decryption-key ${TEST_SCRATCH_DIR}/tmp/mykey2.pem oci:${TEST_SCRATCH_DIR}/tmp/busybox_enc expect_output --substring "decrypting layer .* no suitable key unwrapper found or none of the private keys could be used for decryption" # Providing the right key should succeed - run_buildah pull $WITH_POLICY_JSON --decryption-key ${TESTDIR}/tmp/mykey.pem oci:${TESTDIR}/tmp/busybox_enc + run_buildah pull $WITH_POLICY_JSON --decryption-key ${TEST_SCRATCH_DIR}/tmp/mykey.pem oci:${TEST_SCRATCH_DIR}/tmp/busybox_enc - rm -rf ${TESTDIR}/tmp + rm -rf ${TEST_SCRATCH_DIR}/tmp } @test "pull encrypted registry image" { _prefetch busybox start_registry - mkdir ${TESTDIR}/tmp - openssl genrsa -out ${TESTDIR}/tmp/mykey.pem 1024 - openssl genrsa -out ${TESTDIR}/tmp/mykey2.pem 1024 - openssl rsa -in ${TESTDIR}/tmp/mykey.pem -pubout > ${TESTDIR}/tmp/mykey.pub - run_buildah push $WITH_POLICY_JSON --tls-verify=false --creds testuser:testpassword --encryption-key jwe:${TESTDIR}/tmp/mykey.pub busybox docker://localhost:${REGISTRY_PORT}/buildah/busybox_encrypted:latest + mkdir ${TEST_SCRATCH_DIR}/tmp + openssl genrsa -out ${TEST_SCRATCH_DIR}/tmp/mykey.pem 1024 + openssl genrsa -out ${TEST_SCRATCH_DIR}/tmp/mykey2.pem 1024 + openssl rsa -in ${TEST_SCRATCH_DIR}/tmp/mykey.pem -pubout > ${TEST_SCRATCH_DIR}/tmp/mykey.pub + run_buildah push $WITH_POLICY_JSON --tls-verify=false --creds testuser:testpassword --encryption-key jwe:${TEST_SCRATCH_DIR}/tmp/mykey.pub busybox docker://localhost:${REGISTRY_PORT}/buildah/busybox_encrypted:latest # Try to pull encrypted image without key should fail run_buildah 125 pull $WITH_POLICY_JSON --tls-verify=false --creds testuser:testpassword docker://localhost:${REGISTRY_PORT}/buildah/busybox_encrypted:latest expect_output --substring "decrypting layer .* missing private key needed for decryption" # Try to pull encrypted image with wrong key should fail, with diff. msg - run_buildah 125 pull $WITH_POLICY_JSON --tls-verify=false --creds testuser:testpassword --decryption-key ${TESTDIR}/tmp/mykey2.pem docker://localhost:${REGISTRY_PORT}/buildah/busybox_encrypted:latest + run_buildah 125 pull $WITH_POLICY_JSON --tls-verify=false --creds testuser:testpassword --decryption-key ${TEST_SCRATCH_DIR}/tmp/mykey2.pem docker://localhost:${REGISTRY_PORT}/buildah/busybox_encrypted:latest expect_output --substring "decrypting layer .* no suitable key unwrapper found or none of the private keys could be used for decryption" # Providing the right key should succeed - run_buildah pull $WITH_POLICY_JSON --tls-verify=false --creds testuser:testpassword --decryption-key ${TESTDIR}/tmp/mykey.pem docker://localhost:${REGISTRY_PORT}/buildah/busybox_encrypted:latest + run_buildah pull $WITH_POLICY_JSON --tls-verify=false --creds testuser:testpassword --decryption-key ${TEST_SCRATCH_DIR}/tmp/mykey.pem docker://localhost:${REGISTRY_PORT}/buildah/busybox_encrypted:latest run_buildah rmi localhost:${REGISTRY_PORT}/buildah/busybox_encrypted:latest - rm -rf ${TESTDIR}/tmp + rm -rf ${TEST_SCRATCH_DIR}/tmp } @test "pull encrypted registry image from commit" { _prefetch busybox start_registry - mkdir ${TESTDIR}/tmp - openssl genrsa -out ${TESTDIR}/tmp/mykey.pem 1024 - openssl genrsa -out ${TESTDIR}/tmp/mykey2.pem 1024 - openssl rsa -in ${TESTDIR}/tmp/mykey.pem -pubout > ${TESTDIR}/tmp/mykey.pub + mkdir ${TEST_SCRATCH_DIR}/tmp + openssl genrsa -out ${TEST_SCRATCH_DIR}/tmp/mykey.pem 1024 + openssl genrsa -out ${TEST_SCRATCH_DIR}/tmp/mykey2.pem 1024 + openssl rsa -in ${TEST_SCRATCH_DIR}/tmp/mykey.pem -pubout > ${TEST_SCRATCH_DIR}/tmp/mykey.pub run_buildah from --quiet --pull=false $WITH_POLICY_JSON busybox cid=$output - run_buildah commit --iidfile /dev/null --tls-verify=false --creds testuser:testpassword $WITH_POLICY_JSON --encryption-key jwe:${TESTDIR}/tmp/mykey.pub -q $cid docker://localhost:${REGISTRY_PORT}/buildah/busybox_encrypted:latest + run_buildah commit --iidfile /dev/null --tls-verify=false --creds testuser:testpassword $WITH_POLICY_JSON --encryption-key jwe:${TEST_SCRATCH_DIR}/tmp/mykey.pub -q $cid docker://localhost:${REGISTRY_PORT}/buildah/busybox_encrypted:latest # Try to pull encrypted image without key should fail run_buildah 125 pull $WITH_POLICY_JSON --tls-verify=false --creds testuser:testpassword docker://localhost:${REGISTRY_PORT}/buildah/busybox_encrypted:latest expect_output --substring "decrypting layer .* missing private key needed for decryption" # Try to pull encrypted image with wrong key should fail - run_buildah 125 pull $WITH_POLICY_JSON --tls-verify=false --creds testuser:testpassword --decryption-key ${TESTDIR}/tmp/mykey2.pem docker://localhost:${REGISTRY_PORT}/buildah/busybox_encrypted:latest + run_buildah 125 pull $WITH_POLICY_JSON --tls-verify=false --creds testuser:testpassword --decryption-key ${TEST_SCRATCH_DIR}/tmp/mykey2.pem docker://localhost:${REGISTRY_PORT}/buildah/busybox_encrypted:latest expect_output --substring "decrypting layer .* no suitable key unwrapper found or none of the private keys could be used for decryption" # Providing the right key should succeed - run_buildah pull $WITH_POLICY_JSON --tls-verify=false --creds testuser:testpassword --decryption-key ${TESTDIR}/tmp/mykey.pem docker://localhost:${REGISTRY_PORT}/buildah/busybox_encrypted:latest + run_buildah pull $WITH_POLICY_JSON --tls-verify=false --creds testuser:testpassword --decryption-key ${TEST_SCRATCH_DIR}/tmp/mykey.pem docker://localhost:${REGISTRY_PORT}/buildah/busybox_encrypted:latest run_buildah rmi localhost:${REGISTRY_PORT}/buildah/busybox_encrypted:latest - rm -rf ${TESTDIR}/tmp + rm -rf ${TEST_SCRATCH_DIR}/tmp } @test "pull image into a full storage" { @@ -269,13 +269,13 @@ load helpers @test "pull with authfile" { _prefetch busybox start_registry - mkdir ${TESTDIR}/tmp + mkdir ${TEST_SCRATCH_DIR}/tmp run_buildah push --creds testuser:testpassword --tls-verify=false busybox docker://localhost:${REGISTRY_PORT}/buildah/busybox:latest - run_buildah login --authfile ${TESTDIR}/tmp/test.auth --username testuser --password testpassword --tls-verify=false localhost:${REGISTRY_PORT} - run_buildah pull --authfile ${TESTDIR}/tmp/test.auth --tls-verify=false docker://localhost:${REGISTRY_PORT}/buildah/busybox:latest + run_buildah login --authfile ${TEST_SCRATCH_DIR}/tmp/test.auth --username testuser --password testpassword --tls-verify=false localhost:${REGISTRY_PORT} + run_buildah pull --authfile ${TEST_SCRATCH_DIR}/tmp/test.auth --tls-verify=false docker://localhost:${REGISTRY_PORT}/buildah/busybox:latest run_buildah rmi localhost:${REGISTRY_PORT}/buildah/busybox:latest - rm -rf ${TESTDIR}/tmp + rm -rf ${TEST_SCRATCH_DIR}/tmp } @test "pull quietly" { @@ -285,7 +285,7 @@ load helpers } @test "pull-policy" { - mkdir ${TESTDIR}/buildahtest + mkdir ${TEST_SCRATCH_DIR}/buildahtest run_buildah 125 pull $WITH_POLICY_JSON --policy bogus alpine expect_output --substring "unsupported pull policy \"bogus\"" @@ -329,7 +329,7 @@ load helpers } @test "pull --arch" { - mkdir ${TESTDIR}/buildahtest + mkdir ${TEST_SCRATCH_DIR}/buildahtest run_buildah 125 pull $WITH_POLICY_JSON --arch bogus alpine expect_output --substring "no image found in manifest list" @@ -346,7 +346,7 @@ load helpers } @test "pull --platform" { - mkdir ${TESTDIR}/buildahtest + mkdir ${TEST_SCRATCH_DIR}/buildahtest run_buildah 125 pull $WITH_POLICY_JSON --platform linux/bogus alpine expect_output --substring "no image found in manifest list" @@ -364,7 +364,7 @@ load helpers @test "pull image with TMPDIR set" { skip_if_rootless_environment - testdir=${TESTDIR}/buildah-test + testdir=${TEST_SCRATCH_DIR}/buildah-test mkdir -p $testdir mount -t tmpfs -o size=1M tmpfs $testdir diff --git a/tests/push.bats b/tests/push.bats index 9b47755e9..dd93cb835 100644 --- a/tests/push.bats +++ b/tests/push.bats @@ -18,28 +18,28 @@ load helpers @test "push" { skip_if_rootless_environment - touch ${TESTDIR}/reference-time-file + touch ${TEST_SCRATCH_DIR}/reference-time-file for source in scratch scratch-image; do run_buildah from --quiet --pull=false $WITH_POLICY_JSON ${source} cid=$output for format in "" docker oci ; do - mkdir -p ${TESTDIR}/committed${format:+.${format}} + mkdir -p ${TEST_SCRATCH_DIR}/committed${format:+.${format}} # Force no compression to generate what we push. - run_buildah commit -D ${format:+--format ${format}} --reference-time ${TESTDIR}/reference-time-file $WITH_POLICY_JSON "$cid" scratch-image${format:+-${format}} - run_buildah commit -D ${format:+--format ${format}} --reference-time ${TESTDIR}/reference-time-file $WITH_POLICY_JSON "$cid" dir:${TESTDIR}/committed${format:+.${format}} - mkdir -p ${TESTDIR}/pushed${format:+.${format}} - run_buildah push -D $WITH_POLICY_JSON scratch-image${format:+-${format}} dir:${TESTDIR}/pushed${format:+.${format}} + run_buildah commit -D ${format:+--format ${format}} --reference-time ${TEST_SCRATCH_DIR}/reference-time-file $WITH_POLICY_JSON "$cid" scratch-image${format:+-${format}} + run_buildah commit -D ${format:+--format ${format}} --reference-time ${TEST_SCRATCH_DIR}/reference-time-file $WITH_POLICY_JSON "$cid" dir:${TEST_SCRATCH_DIR}/committed${format:+.${format}} + mkdir -p ${TEST_SCRATCH_DIR}/pushed${format:+.${format}} + run_buildah push -D $WITH_POLICY_JSON scratch-image${format:+-${format}} dir:${TEST_SCRATCH_DIR}/pushed${format:+.${format}} # Re-encode the manifest to lose variations due to different encoders or definitions of structures. - imgtype -expected-manifest-type "*" -rebuild-manifest -show-manifest dir:${TESTDIR}/committed${format:+.${format}} > ${TESTDIR}/manifest.committed${format:+.${format}} - imgtype -expected-manifest-type "*" -rebuild-manifest -show-manifest dir:${TESTDIR}/pushed${format:+.${format}} > ${TESTDIR}/manifest.pushed${format:+.${format}} - diff -u ${TESTDIR}/manifest.committed${format:+.${format}} ${TESTDIR}/manifest.pushed${format:+.${format}} + imgtype -expected-manifest-type "*" -rebuild-manifest -show-manifest dir:${TEST_SCRATCH_DIR}/committed${format:+.${format}} > ${TEST_SCRATCH_DIR}/manifest.committed${format:+.${format}} + imgtype -expected-manifest-type "*" -rebuild-manifest -show-manifest dir:${TEST_SCRATCH_DIR}/pushed${format:+.${format}} > ${TEST_SCRATCH_DIR}/manifest.pushed${format:+.${format}} + diff -u ${TEST_SCRATCH_DIR}/manifest.committed${format:+.${format}} ${TEST_SCRATCH_DIR}/manifest.pushed${format:+.${format}} done run_buildah rm "$cid" done } @test "push with manifest type conversion" { - mytmpdir=${TESTDIR}/my-dir + mytmpdir=${TEST_SCRATCH_DIR}/my-dir mkdir -p $mytmpdir _prefetch alpine @@ -55,7 +55,7 @@ load helpers } @test "push with imageid" { - mytmpdir=${TESTDIR}/my-dir + mytmpdir=${TEST_SCRATCH_DIR}/my-dir mkdir -p $mytmpdir _prefetch alpine @@ -67,7 +67,7 @@ load helpers } @test "push with imageid and digest file" { - mytmpdir=${TESTDIR}/my-dir + mytmpdir=${TEST_SCRATCH_DIR}/my-dir mkdir -p $mytmpdir _prefetch alpine @@ -75,9 +75,9 @@ load helpers cid=$output run_buildah images -q imageid=$output - run_buildah push --digestfile=${TESTDIR}/digest.txt $WITH_POLICY_JSON $imageid dir:$mytmpdir - cat ${TESTDIR}/digest.txt - test -s ${TESTDIR}/digest.txt + run_buildah push --digestfile=${TEST_SCRATCH_DIR}/digest.txt $WITH_POLICY_JSON $imageid dir:$mytmpdir + cat ${TEST_SCRATCH_DIR}/digest.txt + test -s ${TEST_SCRATCH_DIR}/digest.txt } @test "push without destination" { @@ -93,7 +93,7 @@ load helpers cid=$output run_buildah images -q imageid=$output - run_buildah 125 push $WITH_POLICY_JSON --authfile /tmp/nonexistent $imageid dir:${TESTDIR}/my-tmp-dir + run_buildah 125 push $WITH_POLICY_JSON --authfile /tmp/nonexistent $imageid dir:${TEST_SCRATCH_DIR}/my-tmp-dir } @test "push-denied-by-registry-sources" { @@ -132,10 +132,10 @@ load helpers @test "buildah push image to docker-archive and oci-archive" { _prefetch busybox for dest in docker-archive oci-archive; do - mkdir ${TESTDIR}/tmp - run_buildah push $WITH_POLICY_JSON busybox $dest:${TESTDIR}/tmp/busybox.tar:latest - ls ${TESTDIR}/tmp/busybox.tar - rm -rf ${TESTDIR}/tmp + mkdir ${TEST_SCRATCH_DIR}/tmp + run_buildah push $WITH_POLICY_JSON busybox $dest:${TEST_SCRATCH_DIR}/tmp/busybox.tar:latest + ls ${TEST_SCRATCH_DIR}/tmp/busybox.tar + rm -rf ${TEST_SCRATCH_DIR}/tmp done } @@ -161,24 +161,24 @@ load helpers @test "buildah oci encrypt and push local oci" { skip_if_rootless_environment _prefetch busybox - mkdir ${TESTDIR}/tmp - openssl genrsa -out ${TESTDIR}/tmp/mykey.pem 1024 - openssl rsa -in ${TESTDIR}/tmp/mykey.pem -pubout > ${TESTDIR}/tmp/mykey.pub - run_buildah push $WITH_POLICY_JSON --encryption-key jwe:${TESTDIR}/tmp/mykey.pub busybox oci:${TESTDIR}/tmp/busybox_enc - imgtype -show-manifest oci:${TESTDIR}/tmp/busybox_enc | grep "+encrypted" - rm -rf ${TESTDIR}/tmp + mkdir ${TEST_SCRATCH_DIR}/tmp + openssl genrsa -out ${TEST_SCRATCH_DIR}/tmp/mykey.pem 1024 + openssl rsa -in ${TEST_SCRATCH_DIR}/tmp/mykey.pem -pubout > ${TEST_SCRATCH_DIR}/tmp/mykey.pub + run_buildah push $WITH_POLICY_JSON --encryption-key jwe:${TEST_SCRATCH_DIR}/tmp/mykey.pub busybox oci:${TEST_SCRATCH_DIR}/tmp/busybox_enc + imgtype -show-manifest oci:${TEST_SCRATCH_DIR}/tmp/busybox_enc | grep "+encrypted" + rm -rf ${TEST_SCRATCH_DIR}/tmp } @test "buildah oci encrypt and push registry" { _prefetch busybox - mkdir ${TESTDIR}/tmp + mkdir ${TEST_SCRATCH_DIR}/tmp start_registry - openssl genrsa -out ${TESTDIR}/tmp/mykey.pem 1024 - openssl rsa -in ${TESTDIR}/tmp/mykey.pem -pubout > ${TESTDIR}/tmp/mykey.pub - run_buildah push $WITH_POLICY_JSON --tls-verify=false --creds testuser:testpassword --encryption-key jwe:${TESTDIR}/tmp/mykey.pub busybox docker://localhost:${REGISTRY_PORT}/buildah/busybox_encrypted:latest + openssl genrsa -out ${TEST_SCRATCH_DIR}/tmp/mykey.pem 1024 + openssl rsa -in ${TEST_SCRATCH_DIR}/tmp/mykey.pem -pubout > ${TEST_SCRATCH_DIR}/tmp/mykey.pub + run_buildah push $WITH_POLICY_JSON --tls-verify=false --creds testuser:testpassword --encryption-key jwe:${TEST_SCRATCH_DIR}/tmp/mykey.pub busybox docker://localhost:${REGISTRY_PORT}/buildah/busybox_encrypted:latest # this test, just checks the ability to push an image # there is no good way to test the details of the image unless with ./buildah pull, test will be in pull.bats - rm -rf ${TESTDIR}/tmp + rm -rf ${TEST_SCRATCH_DIR}/tmp } @test "buildah push to registry allowed by BUILD_REGISTRY_SOURCES" { @@ -189,20 +189,20 @@ load helpers run_buildah 125 push --creds testuser:testpassword $WITH_POLICY_JSON --tls-verify=true busybox docker://localhost:${REGISTRY_PORT}/buildah/busybox:latest expect_output --substring "certificate signed by unknown authority" - run_buildah push --creds testuser:testpassword $WITH_POLICY_JSON --cert-dir ${TESTDIR}/registry busybox docker://localhost:${REGISTRY_PORT}/buildah/busybox:latest + run_buildah push --creds testuser:testpassword $WITH_POLICY_JSON --cert-dir ${TEST_SCRATCH_DIR}/registry busybox docker://localhost:${REGISTRY_PORT}/buildah/busybox:latest } @test "push with authfile" { _prefetch busybox - mkdir ${TESTDIR}/tmp + mkdir ${TEST_SCRATCH_DIR}/tmp start_registry - run_buildah login --authfile ${TESTDIR}/tmp/test.auth --username testuser --password testpassword --tls-verify=false localhost:${REGISTRY_PORT} - run_buildah push --authfile ${TESTDIR}/tmp/test.auth $WITH_POLICY_JSON --tls-verify=false busybox docker://localhost:${REGISTRY_PORT}/buildah/busybox:latest + run_buildah login --authfile ${TEST_SCRATCH_DIR}/tmp/test.auth --username testuser --password testpassword --tls-verify=false localhost:${REGISTRY_PORT} + run_buildah push --authfile ${TEST_SCRATCH_DIR}/tmp/test.auth $WITH_POLICY_JSON --tls-verify=false busybox docker://localhost:${REGISTRY_PORT}/buildah/busybox:latest expect_output --substring "Copying" } @test "push with --quiet" { - mytmpdir=${TESTDIR}/my-dir + mytmpdir=${TEST_SCRATCH_DIR}/my-dir mkdir -p $mytmpdir _prefetch alpine @@ -216,7 +216,7 @@ load helpers cid=$output run_buildah images -q imageid=$output - run_buildah push --format oci --compression-format zstd:chunked $imageid dir:${TESTDIR}/zstd + run_buildah push --format oci --compression-format zstd:chunked $imageid dir:${TEST_SCRATCH_DIR}/zstd # Verify there is some zstd compressed layer. - grep application/vnd.oci.image.layer.v1.tar+zstd ${TESTDIR}/zstd/manifest.json + grep application/vnd.oci.image.layer.v1.tar+zstd ${TEST_SCRATCH_DIR}/zstd/manifest.json } diff --git a/tests/rmi.bats b/tests/rmi.bats index 5fb6e20ec..b64505dcd 100644 --- a/tests/rmi.bats +++ b/tests/rmi.bats @@ -76,8 +76,8 @@ load helpers @test "use prune to remove dangling images" { _prefetch busybox - createrandom ${TESTDIR}/randomfile - createrandom ${TESTDIR}/other-randomfile + createrandom ${TEST_SCRATCH_DIR}/randomfile + createrandom ${TEST_SCRATCH_DIR}/other-randomfile run_buildah from --pull=false --quiet $WITH_POLICY_JSON busybox cid=$output @@ -87,7 +87,7 @@ load helpers run_buildah mount $cid root=$output - cp ${TESTDIR}/randomfile $root/randomfile + cp ${TEST_SCRATCH_DIR}/randomfile $root/randomfile run_buildah unmount $cid run_buildah commit $WITH_POLICY_JSON $cid containers-storage:new-image @@ -96,7 +96,7 @@ load helpers run_buildah mount $cid root=$output - cp ${TESTDIR}/other-randomfile $root/other-randomfile + cp ${TEST_SCRATCH_DIR}/other-randomfile $root/other-randomfile run_buildah unmount $cid run_buildah commit $WITH_POLICY_JSON $cid containers-storage:new-image @@ -114,8 +114,8 @@ load helpers } @test "use prune to remove dangling images with parent" { - createrandom ${TESTDIR}/randomfile - createrandom ${TESTDIR}/other-randomfile + createrandom ${TEST_SCRATCH_DIR}/randomfile + createrandom ${TEST_SCRATCH_DIR}/other-randomfile run_buildah from --quiet $WITH_POLICY_JSON scratch cid=$output @@ -125,7 +125,7 @@ load helpers run_buildah mount $cid root=$output - cp ${TESTDIR}/randomfile $root/randomfile + cp ${TEST_SCRATCH_DIR}/randomfile $root/randomfile run_buildah unmount $cid run_buildah commit --quiet $WITH_POLICY_JSON $cid image=$output @@ -138,7 +138,7 @@ load helpers cid=$output run_buildah mount $cid root=$output - cp ${TESTDIR}/other-randomfile $root/other-randomfile + cp ${TEST_SCRATCH_DIR}/other-randomfile $root/other-randomfile run_buildah unmount $cid run_buildah commit $WITH_POLICY_JSON $cid run_buildah rm $cid @@ -157,7 +157,7 @@ load helpers @test "attempt to prune non-dangling empty images" { # Regression test for containers/podman/issues/10832 - ctxdir=${TESTDIR}/bud + ctxdir=${TEST_SCRATCH_DIR}/bud mkdir -p $ctxdir cat >$ctxdir/Dockerfile <> ${TESTDIR}/lower/hello + echo 'hello' >> ${TEST_SCRATCH_DIR}/lower/hello # As a baseline, this should succeed. - run_buildah run -v ${TESTDIR}/lower:/test:O,upperdir=${TESTDIR}/upperdir,workdir=${TESTDIR}/workdir${zflag:+:${zflag}} $cid cat /test/hello + run_buildah run -v ${TEST_SCRATCH_DIR}/lower:/test:O,upperdir=${TEST_SCRATCH_DIR}/upperdir,workdir=${TEST_SCRATCH_DIR}/workdir${zflag:+:${zflag}} $cid cat /test/hello expect_output "hello" - run_buildah run -v ${TESTDIR}/lower:/test:O,upperdir=${TESTDIR}/upperdir,workdir=${TESTDIR}/workdir${zflag:+:${zflag}} $cid sh -c 'echo "world" > /test/world' + run_buildah run -v ${TEST_SCRATCH_DIR}/lower:/test:O,upperdir=${TEST_SCRATCH_DIR}/upperdir,workdir=${TEST_SCRATCH_DIR}/workdir${zflag:+:${zflag}} $cid sh -c 'echo "world" > /test/world' #upper dir should persist content - result="$(cat ${TESTDIR}/upperdir/world)" + result="$(cat ${TEST_SCRATCH_DIR}/upperdir/world)" test "$result" == "world" } @@ -334,7 +334,7 @@ function configure_and_check_user() { skip_if_no_runtime # Create source volume. - mkdir ${TESTDIR}/testdata + mkdir ${TEST_SCRATCH_DIR}/testdata # Create the container. _prefetch alpine @@ -342,10 +342,10 @@ function configure_and_check_user() { ctr="$output" # Test user can create file in the mounted volume. - run_buildah run --user 888:888 --volume ${TESTDIR}/testdata:/mnt:z,U "$ctr" touch /mnt/testfile1.txt + run_buildah run --user 888:888 --volume ${TEST_SCRATCH_DIR}/testdata:/mnt:z,U "$ctr" touch /mnt/testfile1.txt # Test created file has correct UID and GID ownership. - run_buildah run --user 888:888 --volume ${TESTDIR}/testdata:/mnt:z,U "$ctr" stat -c "%u:%g" /mnt/testfile1.txt + run_buildah run --user 888:888 --volume ${TEST_SCRATCH_DIR}/testdata:/mnt:z,U "$ctr" stat -c "%u:%g" /mnt/testfile1.txt expect_output "888:888" } @@ -377,16 +377,16 @@ function configure_and_check_user() { _prefetch alpine run_buildah from --quiet --pull=false $WITH_POLICY_JSON alpine cid=$output - mkdir -p ${TESTDIR}/was:empty + mkdir -p ${TEST_SCRATCH_DIR}/was:empty # As a baseline, this should succeed. run_buildah run --mount type=tmpfs,dst=/var/tmpfs-not-empty $cid touch /var/tmpfs-not-empty/testfile - run_buildah run --mount type=bind,src=${TESTDIR}/was:empty,dst=/var/not-empty,rw${zflag:+,${zflag}} $cid touch /var/not-empty/testfile + run_buildah run --mount type=bind,src=${TEST_SCRATCH_DIR}/was:empty,dst=/var/not-empty,rw${zflag:+,${zflag}} $cid touch /var/not-empty/testfile # If we're parsing the options at all, this should be read-only, so it should fail. - run_buildah 1 run --mount type=bind,src=${TESTDIR}/was:empty,dst=/var/not-empty,ro${zflag:+,${zflag}} $cid touch /var/not-empty/testfile + run_buildah 1 run --mount type=bind,src=${TEST_SCRATCH_DIR}/was:empty,dst=/var/not-empty,ro${zflag:+,${zflag}} $cid touch /var/not-empty/testfile # Even if the parent directory doesn't exist yet, this should succeed. - run_buildah run --mount type=bind,src=${TESTDIR}/was:empty,dst=/var/multi-level/subdirectory,rw $cid touch /var/multi-level/subdirectory/testfile + run_buildah run --mount type=bind,src=${TEST_SCRATCH_DIR}/was:empty,dst=/var/multi-level/subdirectory,rw $cid touch /var/multi-level/subdirectory/testfile # And check the same for file volumes. - run_buildah run --mount type=bind,src=${TESTDIR}/was:empty/testfile,dst=/var/different-multi-level/subdirectory/testfile,rw $cid touch /var/different-multi-level/subdirectory/testfile + run_buildah run --mount type=bind,src=${TEST_SCRATCH_DIR}/was:empty/testfile,dst=/var/different-multi-level/subdirectory/testfile,rw $cid touch /var/different-multi-level/subdirectory/testfile } @test "run --mount=type=bind with from like buildkit" { @@ -429,9 +429,9 @@ function configure_and_check_user() { _prefetch alpine run_buildah from --quiet --pull=false $WITH_POLICY_JSON alpine cid=$output - mkdir -p ${TESTDIR}/tmp - ln -s tmp ${TESTDIR}/tmp2 - export TMPDIR=${TESTDIR}/tmp2 + mkdir -p ${TEST_SCRATCH_DIR}/tmp + ln -s tmp ${TEST_SCRATCH_DIR}/tmp2 + export TMPDIR=${TEST_SCRATCH_DIR}/tmp2 run_buildah run $cid id } @@ -469,9 +469,9 @@ function configure_and_check_user() { # we need to not use the list of limits that are set in our default # ${TEST_SOURCES}/containers.conf for the sake of other tests, and override # any that might be picked up from system-wide configuration - echo '[containers]' > ${TESTDIR}/containers.conf - echo 'default_ulimits = []' >> ${TESTDIR}/containers.conf - export CONTAINERS_CONF=${TESTDIR}/containers.conf + echo '[containers]' > ${TEST_SCRATCH_DIR}/containers.conf + echo 'default_ulimits = []' >> ${TEST_SCRATCH_DIR}/containers.conf + export CONTAINERS_CONF=${TEST_SCRATCH_DIR}/containers.conf _prefetch alpine maxpids=$(cat /proc/sys/kernel/pid_max) @@ -618,9 +618,9 @@ function configure_and_check_user() { hosts="127.0.0.5 host1 127.0.0.6 host2" - base_hosts_file="$TESTDIR/base_hosts" + base_hosts_file="$TEST_SCRATCH_DIR/base_hosts" echo "$hosts" > "$base_hosts_file" - containers_conf_file="$TESTDIR/containers.conf" + containers_conf_file="$TEST_SCRATCH_DIR/containers.conf" echo -e "[containers]\nbase_hosts_file = \"$base_hosts_file\"" > "$containers_conf_file" CONTAINERS_CONF="$containers_conf_file" run_buildah run --hostname $hostname $cid cat /etc/hosts expect_output --substring "127.0.0.5[[:blank:]]host1" @@ -757,7 +757,7 @@ $output" _prefetch alpine # Use seccomp to make crun output a warning message because crun writes few logs. - cat > ${TESTDIR}/seccomp.json << _EOF + cat > ${TEST_SCRATCH_DIR}/seccomp.json << _EOF { "defaultAction": "SCMP_ACT_ALLOW", "syscalls": [ @@ -768,7 +768,7 @@ $output" ] } _EOF - run_buildah from --security-opt seccomp=${TESTDIR}/seccomp.json --quiet --pull=false $WITH_POLICY_JSON alpine + run_buildah from --security-opt seccomp=${TEST_SCRATCH_DIR}/seccomp.json --quiet --pull=false $WITH_POLICY_JSON alpine cid=$output local found_runtime= diff --git a/tests/sign.bats b/tests/sign.bats index eba544e1e..a9207d687 100644 --- a/tests/sign.bats +++ b/tests/sign.bats @@ -7,7 +7,7 @@ function _gpg_setup() { skip 'gpg command not found in $PATH' fi - export GNUPGHOME=${TESTDIR}/.gnupg + export GNUPGHOME=${TEST_SCRATCH_DIR}/.gnupg mkdir -p --mode=0700 $GNUPGHOME # gpg on f30 and above needs this, otherwise: @@ -18,7 +18,7 @@ function _gpg_setup() { GPGOPTS= fi - cat > ${TESTDIR}/genkey-answers <<- EOF + cat > ${TEST_SCRATCH_DIR}/genkey-answers <<- EOF %echo Generating a basic OpenPGP key Key-Type: RSA Key-Length: 2048 @@ -28,7 +28,7 @@ function _gpg_setup() { %commit %echo done EOF - gpg --batch $GPGOPTS --gen-key --passphrase '' < ${TESTDIR}/genkey-answers + gpg --batch $GPGOPTS --gen-key --passphrase '' < ${TEST_SCRATCH_DIR}/genkey-answers } @@ -36,25 +36,25 @@ function _gpg_setup() { _gpg_setup _prefetch alpine - mkdir -p ${TESTDIR}/signed-image ${TESTDIR}/unsigned-image + mkdir -p ${TEST_SCRATCH_DIR}/signed-image ${TEST_SCRATCH_DIR}/unsigned-image run_buildah from --quiet --pull=false $WITH_POLICY_JSON alpine cid=$output run_buildah commit $WITH_POLICY_JSON --sign-by amanda@localhost $cid signed-alpine-image # Pushing should preserve the signature. - run_buildah push $WITH_POLICY_JSON signed-alpine-image dir:${TESTDIR}/signed-image - ls -l ${TESTDIR}/signed-image/ - test -s ${TESTDIR}/signed-image/signature-1 + run_buildah push $WITH_POLICY_JSON signed-alpine-image dir:${TEST_SCRATCH_DIR}/signed-image + ls -l ${TEST_SCRATCH_DIR}/signed-image/ + test -s ${TEST_SCRATCH_DIR}/signed-image/signature-1 # Pushing with --remove-signatures should remove the signature. - run_buildah push $WITH_POLICY_JSON --remove-signatures signed-alpine-image dir:${TESTDIR}/unsigned-image - ls -l ${TESTDIR}/unsigned-image/ - ! test -s ${TESTDIR}/unsigned-image/signature-1 + run_buildah push $WITH_POLICY_JSON --remove-signatures signed-alpine-image dir:${TEST_SCRATCH_DIR}/unsigned-image + ls -l ${TEST_SCRATCH_DIR}/unsigned-image/ + ! test -s ${TEST_SCRATCH_DIR}/unsigned-image/signature-1 run_buildah commit $WITH_POLICY_JSON $cid unsigned-alpine-image # Pushing with --sign-by should fail add the signature to a dir: location, if it tries to add them. - run_buildah 125 push $WITH_POLICY_JSON --sign-by amanda@localhost unsigned-alpine-image dir:${TESTDIR}/signed-image + run_buildah 125 push $WITH_POLICY_JSON --sign-by amanda@localhost unsigned-alpine-image dir:${TEST_SCRATCH_DIR}/signed-image expect_output --substring "Cannot determine canonical Docker reference" # Clear out images, so that we don't have leftover signatures when we pull in an image that will end up @@ -62,24 +62,24 @@ function _gpg_setup() { run_buildah rmi -a -f # Pulling with --remove-signatures should remove signatures, and pushing should have none to keep. - run_buildah pull $WITH_POLICY_JSON --quiet dir:${TESTDIR}/signed-image + run_buildah pull $WITH_POLICY_JSON --quiet dir:${TEST_SCRATCH_DIR}/signed-image imageID="$output" - run_buildah push $WITH_POLICY_JSON "$imageID" dir:${TESTDIR}/unsigned-image - ls -l ${TESTDIR}/unsigned-image/ - ! test -s ${TESTDIR}/unsigned-image/signature-1 + run_buildah push $WITH_POLICY_JSON "$imageID" dir:${TEST_SCRATCH_DIR}/unsigned-image + ls -l ${TEST_SCRATCH_DIR}/unsigned-image/ + ! test -s ${TEST_SCRATCH_DIR}/unsigned-image/signature-1 # Build a manifest list and try to push the list with signatures. run_buildah manifest create list run_buildah manifest add list $imageID - run_buildah 125 manifest push $WITH_POLICY_JSON --sign-by amanda@localhost --all list dir:${TESTDIR}/signed-image + run_buildah 125 manifest push $WITH_POLICY_JSON --sign-by amanda@localhost --all list dir:${TEST_SCRATCH_DIR}/signed-image expect_output --substring "Cannot determine canonical Docker reference" - run_buildah manifest push $WITH_POLICY_JSON --all list dir:${TESTDIR}/unsigned-image + run_buildah manifest push $WITH_POLICY_JSON --all list dir:${TEST_SCRATCH_DIR}/unsigned-image } @test "build-with-dockerfile-signatures" { _gpg_setup - builddir=${TESTDIR}/builddir + builddir=${TEST_SCRATCH_DIR}/builddir mkdir -p $builddir cat > ${builddir}/Dockerfile <<- EOF FROM scratch @@ -89,9 +89,9 @@ function _gpg_setup() { # We should be able to sign at build-time. run_buildah bud $WITH_POLICY_JSON --sign-by amanda@localhost -t signed-scratch-image ${builddir} - mkdir -p ${TESTDIR}/signed-image + mkdir -p ${TEST_SCRATCH_DIR}/signed-image # Pushing should preserve the signature. - run_buildah push $WITH_POLICY_JSON signed-scratch-image dir:${TESTDIR}/signed-image - ls -l ${TESTDIR}/signed-image/ - test -s ${TESTDIR}/signed-image/signature-1 + run_buildah push $WITH_POLICY_JSON signed-scratch-image dir:${TEST_SCRATCH_DIR}/signed-image + ls -l ${TEST_SCRATCH_DIR}/signed-image/ + test -s ${TEST_SCRATCH_DIR}/signed-image/signature-1 } diff --git a/tests/source.bats b/tests/source.bats index 894df8a35..4f5d64352 100644 --- a/tests/source.bats +++ b/tests/source.bats @@ -4,7 +4,7 @@ load helpers @test "source create" { # Create an empty source image and make sure it's properly initialized - srcdir=${TESTDIR}/newsource + srcdir=${TEST_SCRATCH_DIR}/newsource run_buildah source create --author="Buildah authors" $srcdir # Inspect the index.json @@ -52,7 +52,7 @@ load helpers @test "source add" { # Create an empty source image and make sure it's properly initialized. - srcdir=${TESTDIR}/newsource + srcdir=${TEST_SCRATCH_DIR}/newsource run_buildah source create $srcdir # Digest of initial manifest @@ -62,8 +62,8 @@ load helpers [ "$status" -eq 0 ] # Add layer 1 - echo 111 > ${TESTDIR}/file1 - run_buildah source add $srcdir ${TESTDIR}/file1 + echo 111 > ${TEST_SCRATCH_DIR}/file1 + run_buildah source add $srcdir ${TEST_SCRATCH_DIR}/file1 # Make sure the digest of the manifest changed run jq -r .manifests[0].digest $srcdir/index.json manifestDigestFile1=${output//sha256:/} # strip off the sha256 prefix @@ -82,8 +82,8 @@ load helpers expect_output --substring "$layer1Size" # Add layer 2 - echo 222222aBitLongerForAdifferentSize > ${TESTDIR}/file2 - run_buildah source add $srcdir ${TESTDIR}/file2 + echo 222222aBitLongerForAdifferentSize > ${TEST_SCRATCH_DIR}/file2 + run_buildah source add $srcdir ${TEST_SCRATCH_DIR}/file2 # Make sure the digest of the manifest changed run jq -r .manifests[0].digest $srcdir/index.json manifestDigestFile2=${output//sha256:/} # strip off the sha256 prefix @@ -115,20 +115,20 @@ load helpers @test "source push/pull" { # Create an empty source image and make sure it's properly initialized. - srcdir=${TESTDIR}/newsource + srcdir=${TEST_SCRATCH_DIR}/newsource run_buildah source create $srcdir # Add two layers - echo 111 > ${TESTDIR}/file1 - run_buildah source add $srcdir ${TESTDIR}/file1 - echo 222... > ${TESTDIR}/file2 - run_buildah source add $srcdir ${TESTDIR}/file2 + echo 111 > ${TEST_SCRATCH_DIR}/file1 + run_buildah source add $srcdir ${TEST_SCRATCH_DIR}/file1 + echo 222... > ${TEST_SCRATCH_DIR}/file2 + run_buildah source add $srcdir ${TEST_SCRATCH_DIR}/file2 start_registry run_buildah source push --tls-verify=false --creds testuser:testpassword $srcdir localhost:${REGISTRY_PORT}/source:test - pulldir=${TESTDIR}/pulledsource + pulldir=${TEST_SCRATCH_DIR}/pulledsource run_buildah source pull --tls-verify=false --creds testuser:testpassword localhost:${REGISTRY_PORT}/source:test $pulldir run diff -r $srcdir $pulldir diff --git a/tests/squash.bats b/tests/squash.bats index ad6ef5c6b..4eab8f44b 100644 --- a/tests/squash.bats +++ b/tests/squash.bats @@ -17,13 +17,13 @@ function check_lengths() { } @test "squash" { - createrandom ${TESTDIR}/randomfile + createrandom ${TEST_SCRATCH_DIR}/randomfile run_buildah from scratch cid=$output image=stage0 remove=(8 5) for stage in $(seq 10) ; do - run_buildah copy "$cid" ${TESTDIR}/randomfile /layer${stage} + run_buildah copy "$cid" ${TEST_SCRATCH_DIR}/randomfile /layer${stage} image=stage${stage} if test $stage -eq ${remove[0]} ; then run_buildah mount "$cid" @@ -51,30 +51,30 @@ function check_lengths() { fi continue fi - cmp $mountpoint/layer${stage} ${TESTDIR}/randomfile + cmp $mountpoint/layer${stage} ${TEST_SCRATCH_DIR}/randomfile done } @test "squash-using-dockerfile" { - createrandom ${TESTDIR}/randomfile + createrandom ${TEST_SCRATCH_DIR}/randomfile image=stage0 from=scratch for stage in $(seq 10) ; do - mkdir -p ${TESTDIR}/stage${stage} - echo FROM ${from} > ${TESTDIR}/stage${stage}/Dockerfile - cp ${TESTDIR}/randomfile ${TESTDIR}/stage${stage}/ - echo COPY randomfile /layer${stage} >> ${TESTDIR}/stage${stage}/Dockerfile + mkdir -p ${TEST_SCRATCH_DIR}/stage${stage} + echo FROM ${from} > ${TEST_SCRATCH_DIR}/stage${stage}/Dockerfile + cp ${TEST_SCRATCH_DIR}/randomfile ${TEST_SCRATCH_DIR}/stage${stage}/ + echo COPY randomfile /layer${stage} >> ${TEST_SCRATCH_DIR}/stage${stage}/Dockerfile image=stage${stage} from=${image} - run_buildah build-using-dockerfile $WITH_POLICY_JSON -t ${image} ${TESTDIR}/stage${stage} + run_buildah build-using-dockerfile $WITH_POLICY_JSON -t ${image} ${TEST_SCRATCH_DIR}/stage${stage} check_lengths $image $stage done - mkdir -p ${TESTDIR}/squashed - echo FROM ${from} > ${TESTDIR}/squashed/Dockerfile - cp ${TESTDIR}/randomfile ${TESTDIR}/squashed/ - echo COPY randomfile /layer-squashed >> ${TESTDIR}/stage${stage}/Dockerfile - run_buildah build-using-dockerfile $WITH_POLICY_JSON --squash -t squashed ${TESTDIR}/squashed + mkdir -p ${TEST_SCRATCH_DIR}/squashed + echo FROM ${from} > ${TEST_SCRATCH_DIR}/squashed/Dockerfile + cp ${TEST_SCRATCH_DIR}/randomfile ${TEST_SCRATCH_DIR}/squashed/ + echo COPY randomfile /layer-squashed >> ${TEST_SCRATCH_DIR}/stage${stage}/Dockerfile + run_buildah build-using-dockerfile $WITH_POLICY_JSON --squash -t squashed ${TEST_SCRATCH_DIR}/squashed check_lengths squashed 1 @@ -83,46 +83,46 @@ function check_lengths() { run_buildah mount $cid mountpoint=$output for stage in $(seq 10) ; do - cmp $mountpoint/layer${stage} ${TESTDIR}/randomfile + cmp $mountpoint/layer${stage} ${TEST_SCRATCH_DIR}/randomfile done - run_buildah build-using-dockerfile $WITH_POLICY_JSON --squash --layers -t squashed ${TESTDIR}/squashed + run_buildah build-using-dockerfile $WITH_POLICY_JSON --squash --layers -t squashed ${TEST_SCRATCH_DIR}/squashed run_buildah inspect -t image -f '{{len .Docker.RootFS.DiffIDs}}' squashed expect_output "1" "len(DiffIDs) - simple image" - echo FROM ${from} > ${TESTDIR}/squashed/Dockerfile - run_buildah build-using-dockerfile $WITH_POLICY_JSON --squash -t squashed ${TESTDIR}/squashed + echo FROM ${from} > ${TEST_SCRATCH_DIR}/squashed/Dockerfile + run_buildah build-using-dockerfile $WITH_POLICY_JSON --squash -t squashed ${TEST_SCRATCH_DIR}/squashed run_buildah inspect -t image -f '{{len .Docker.RootFS.DiffIDs}}' squashed expect_output "1" "len(DiffIDs) - image with FROM" - echo USER root >> ${TESTDIR}/squashed/Dockerfile - run_buildah build-using-dockerfile $WITH_POLICY_JSON --squash -t squashed ${TESTDIR}/squashed + echo USER root >> ${TEST_SCRATCH_DIR}/squashed/Dockerfile + run_buildah build-using-dockerfile $WITH_POLICY_JSON --squash -t squashed ${TEST_SCRATCH_DIR}/squashed run_buildah inspect -t image -f '{{len .Docker.RootFS.DiffIDs}}' squashed expect_output "1" "len(DiffIDs) - image with FROM and USER" - echo COPY file / >> ${TESTDIR}/squashed/Dockerfile - echo COPY file / > ${TESTDIR}/squashed/file - run_buildah build-using-dockerfile $WITH_POLICY_JSON --squash -t squashed ${TESTDIR}/squashed + echo COPY file / >> ${TEST_SCRATCH_DIR}/squashed/Dockerfile + echo COPY file / > ${TEST_SCRATCH_DIR}/squashed/file + run_buildah build-using-dockerfile $WITH_POLICY_JSON --squash -t squashed ${TEST_SCRATCH_DIR}/squashed run_buildah inspect -t image -f '{{len .Docker.RootFS.DiffIDs}}' squashed expect_output "1" "len(DiffIDs) - image with FROM, USER, and 2xCOPY" - echo FROM ${from} > ${TESTDIR}/squashed/Dockerfile - run_buildah build-using-dockerfile $WITH_POLICY_JSON --squash --layers -t squashed ${TESTDIR}/squashed + echo FROM ${from} > ${TEST_SCRATCH_DIR}/squashed/Dockerfile + run_buildah build-using-dockerfile $WITH_POLICY_JSON --squash --layers -t squashed ${TEST_SCRATCH_DIR}/squashed run_buildah inspect -t image -f '{{len .Docker.RootFS.DiffIDs}}' squashed expect_output "1" "len(DiffIDs) - image with FROM (--layers)" - echo USER root >> ${TESTDIR}/squashed/Dockerfile - run_buildah build-using-dockerfile $WITH_POLICY_JSON --squash -t squashed ${TESTDIR}/squashed + echo USER root >> ${TEST_SCRATCH_DIR}/squashed/Dockerfile + run_buildah build-using-dockerfile $WITH_POLICY_JSON --squash -t squashed ${TEST_SCRATCH_DIR}/squashed run_buildah inspect -t image -f '{{len .Docker.RootFS.DiffIDs}}' squashed expect_output "1" "len(DiffIDs) - image with FROM and USER (--layers)" - echo COPY file / >> ${TESTDIR}/squashed/Dockerfile - echo COPY file / > ${TESTDIR}/squashed/file - run_buildah build-using-dockerfile $WITH_POLICY_JSON --squash -t squashed ${TESTDIR}/squashed + echo COPY file / >> ${TEST_SCRATCH_DIR}/squashed/Dockerfile + echo COPY file / > ${TEST_SCRATCH_DIR}/squashed/file + run_buildah build-using-dockerfile $WITH_POLICY_JSON --squash -t squashed ${TEST_SCRATCH_DIR}/squashed run_buildah inspect -t image -f '{{len .Docker.RootFS.DiffIDs}}' squashed expect_output "1" "len(DiffIDs) - image with FROM, USER, and 2xCOPY (--layers)" - run_buildah build-using-dockerfile $WITH_POLICY_JSON --squash --format docker -t squashed ${TESTDIR}/squashed + run_buildah build-using-dockerfile $WITH_POLICY_JSON --squash --format docker -t squashed ${TEST_SCRATCH_DIR}/squashed run_buildah inspect -t image -f '{{.Docker.Parent}}' squashed expect_output "" "should have no parent image set" } diff --git a/tests/ssh.bats b/tests/ssh.bats index ad071c374..e696a37a8 100644 --- a/tests/ssh.bats +++ b/tests/ssh.bats @@ -16,7 +16,7 @@ function teardown(){ @test "bud with ssh key" { _prefetch alpine - mytmpdir=${TESTDIR}/my-dir1 + mytmpdir=${TEST_SCRATCH_DIR}/my-dir1 mkdir -p ${mytmpdir} ssh-keygen -b 2048 -t rsa -f $mytmpdir/sshkey -q -N "" fingerprint=$(ssh-keygen -l -f $mytmpdir/sshkey -E md5 | awk '{ print $2; }') @@ -33,7 +33,7 @@ function teardown(){ @test "bud with ssh key secret accessed on second RUN" { _prefetch alpine - mytmpdir=${TESTDIR}/my-dir1 + mytmpdir=${TEST_SCRATCH_DIR}/my-dir1 mkdir -p ${mytmpdir} ssh-keygen -b 2048 -t rsa -f $mytmpdir/sshkey -q -N "" fingerprint=$(ssh-keygen -l -f $mytmpdir/sshkey -E md5 | awk '{ print $2; }') @@ -45,7 +45,7 @@ function teardown(){ @test "bud with containerfile ssh options" { _prefetch alpine - mytmpdir=${TESTDIR}/my-dir1 + mytmpdir=${TEST_SCRATCH_DIR}/my-dir1 mkdir -p ${mytmpdir} ssh-keygen -b 2048 -t rsa -f $mytmpdir/sshkey -q -N "" fingerprint=$(ssh-keygen -l -f $mytmpdir/sshkey -E md5 | awk '{ print $2; }') @@ -59,7 +59,7 @@ function teardown(){ @test "bud with ssh sock" { _prefetch alpine - mytmpdir=${TESTDIR}/my-dir1 + mytmpdir=${TEST_SCRATCH_DIR}/my-dir1 mkdir -p ${mytmpdir} ssh-keygen -b 2048 -t rsa -f $mytmpdir/sshkey -q -N "" fingerprint=$(ssh-keygen -l -f $mytmpdir/sshkey -E md5 | awk '{ print $2; }') diff --git a/tests/subscriptions.bats b/tests/subscriptions.bats index 8c84cde45..c639eb9cf 100644 --- a/tests/subscriptions.bats +++ b/tests/subscriptions.bats @@ -6,7 +6,7 @@ load helpers skip_if_no_runtime # Setup - SECRETS_DIR=$TESTDIR/rhel/secrets + SECRETS_DIR=$TEST_SCRATCH_DIR/rhel/secrets mkdir -p $SECRETS_DIR TESTFILE1=$SECRETS_DIR/test.txt @@ -17,20 +17,20 @@ load helpers touch $TESTFILE2 chmod 604 $TESTFILE2 - TESTDIR1=$SECRETS_DIR/test-dir - mkdir -m704 $TESTDIR1 + TEST_SCRATCH_DIR1=$SECRETS_DIR/test-dir + mkdir -m704 $TEST_SCRATCH_DIR1 - TESTFILE3=$TESTDIR1/file.txt + TESTFILE3=$TEST_SCRATCH_DIR1/file.txt touch $TESTFILE3 chmod 777 $TESTFILE3 - mkdir -p $TESTDIR/symlink/target - touch $TESTDIR/symlink/target/key.pem - ln -s $TESTDIR/symlink/target $SECRETS_DIR/mysymlink + mkdir -p $TEST_SCRATCH_DIR/symlink/target + touch $TEST_SCRATCH_DIR/symlink/target/key.pem + ln -s $TEST_SCRATCH_DIR/symlink/target $SECRETS_DIR/mysymlink # prepare the test mounts file - mkdir $TESTDIR/containers - MOUNTS_PATH=$TESTDIR/containers/mounts.conf + mkdir $TEST_SCRATCH_DIR/containers + MOUNTS_PATH=$TEST_SCRATCH_DIR/containers/mounts.conf # add the mounts entries echo "$SECRETS_DIR:/run/secrets" > $MOUNTS_PATH @@ -49,7 +49,7 @@ load helpers expect_output --substring "test.txt" # test a mount without destination - run_buildah run $cid ls "$TESTDIR"/rhel/secrets + run_buildah run $cid ls "$TEST_SCRATCH_DIR"/rhel/secrets expect_output --substring "test.txt" # test a file-based mount @@ -68,14 +68,14 @@ load helpers run_buildah run $cid stat -c %a /run/secrets/test-dir/file.txt expect_output 777 - cat > $TESTDIR/Containerfile << _EOF + cat > $TEST_SCRATCH_DIR/Containerfile << _EOF from alpine run stat -c %a /run/secrets/file.txt run stat -c %a /run/secrets/test-dir run stat -c %a /run/secrets/test-dir/file.txt _EOF - run_buildah --default-mounts-file "$MOUNTS_PATH" bud $TESTDIR + run_buildah --default-mounts-file "$MOUNTS_PATH" bud $TEST_SCRATCH_DIR expect_output --substring "604" expect_output --substring "704" expect_output --substring "777"