1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
|
#!/usr/bin/env bats
load helpers
function testconfighistory() {
config="$1"
expected="$2"
container=$(echo "c$config" | sed -E -e 's|[[:blank:]]|_|g' -e "s,[-=/:'],_,g" | tr '[A-Z]' '[a-z]')
image=$(echo "i$config" | sed -E -e 's|[[:blank:]]|_|g' -e "s,[-=/:'],_,g" | tr '[A-Z]' '[a-z]')
run_buildah from --name "$container" --format docker scratch
run_buildah config $config --add-history "$container"
run_buildah commit $WITH_POLICY_JSON "$container" "$image"
run_buildah inspect --format '{{range .Docker.History}}{{println .CreatedBy}}{{end}}' "$image"
run_buildah inspect --format '{{range .Docker.History}}{{println .CreatedBy}}{{end}}' "$image"
expect_output --substring "$expected"
if test "$3" != "not-oci" ; then
run_buildah inspect --format '{{range .OCIv1.History}}{{println .CreatedBy}}{{end}}' "$image"
expect_output --substring "$expected"
fi
}
@test "history-cmd" {
testconfighistory "--cmd /foo" "CMD /foo"
}
@test "history-entrypoint" {
testconfighistory "--entrypoint /foo" "ENTRYPOINT /foo"
}
@test "history-env" {
testconfighistory "--env FOO=BAR" "ENV FOO=BAR"
}
@test "history-healthcheck" {
run_buildah from --name healthcheckctr --format docker scratch
run_buildah config --healthcheck "CMD /foo" --healthcheck-timeout=10s --healthcheck-interval=20s --healthcheck-retries=7 --healthcheck-start-period=30s --add-history healthcheckctr
run_buildah commit $WITH_POLICY_JSON healthcheckctr healthcheckimg
run_buildah inspect --format '{{range .Docker.History}}{{println .CreatedBy}}{{end}}' healthcheckimg
run_buildah inspect --format '{{range .Docker.History}}{{println .CreatedBy}}{{end}}' healthcheckimg
expect_output --substring "HEALTHCHECK --interval=20s --retries=7 --start-period=30s --timeout=10s CMD /foo"
}
@test "history-label" {
testconfighistory "--label FOO=BAR" "LABEL FOO=BAR"
}
@test "history-onbuild" {
run_buildah from --name onbuildctr --format docker scratch
run_buildah config --onbuild "CMD /foo" --add-history onbuildctr
run_buildah commit $WITH_POLICY_JSON onbuildctr onbuildimg
run_buildah inspect --format '{{range .Docker.History}}{{println .CreatedBy}}{{end}}' onbuildimg
run_buildah inspect --format '{{range .Docker.History}}{{println .CreatedBy}}{{end}}' onbuildimg
expect_output --substring "ONBUILD CMD /foo"
}
@test "commit-with-omit-history-set-to-true" {
run_buildah from --name onbuildctr --format docker scratch
run_buildah config --onbuild "CMD /foo" --add-history onbuildctr
run_buildah commit --omit-history $WITH_POLICY_JSON onbuildctr onbuildimg
run_buildah inspect --format "{{index .Docker.History}}" onbuildimg
expect_output "[]"
}
@test "history-port" {
testconfighistory "--port 80/tcp" "EXPOSE 80/tcp"
}
@test "history-shell" {
testconfighistory "--shell /bin/wish" "SHELL /bin/wish"
}
@test "history-stop-signal" {
testconfighistory "--stop-signal SIGHUP" "STOPSIGNAL SIGHUP" not-oci
}
@test "history-user" {
testconfighistory "--user 10:10" "USER 10:10"
}
@test "history-volume" {
testconfighistory "--volume /foo" "VOLUME /foo"
}
@test "history-workingdir" {
testconfighistory "--workingdir /foo" "WORKDIR /foo"
}
@test "history-add" {
createrandom ${TEST_SCRATCH_DIR}/randomfile
run_buildah from --name addctr --format docker scratch
run_buildah add --add-history addctr ${TEST_SCRATCH_DIR}/randomfile
digest="$output"
run_buildah commit $WITH_POLICY_JSON addctr addimg
run_buildah inspect --format '{{range .Docker.History}}{{println .CreatedBy}}{{end}}' addimg
run_buildah inspect --format '{{range .Docker.History}}{{println .CreatedBy}}{{end}}' addimg
expect_output --substring "ADD file:$digest"
}
@test "history-copy" {
createrandom ${TEST_SCRATCH_DIR}/randomfile
run_buildah from --name copyctr --format docker scratch
run_buildah copy --add-history copyctr ${TEST_SCRATCH_DIR}/randomfile
digest="$output"
run_buildah commit $WITH_POLICY_JSON copyctr copyimg
run_buildah inspect --format '{{range .Docker.History}}{{println .CreatedBy}}{{end}}' copyimg
run_buildah inspect --format '{{range .Docker.History}}{{println .CreatedBy}}{{end}}' copyimg
expect_output --substring "COPY file:$digest"
}
@test "history-run" {
_prefetch busybox
run_buildah from --name runctr --format docker $WITH_POLICY_JSON busybox
run_buildah run --add-history runctr -- uname -a
run_buildah commit $WITH_POLICY_JSON runctr runimg
run_buildah inspect --format '{{range .Docker.History}}{{println .CreatedBy}}{{end}}' runimg
run_buildah inspect --format '{{range .Docker.History}}{{println .CreatedBy}}{{end}}' runimg
expect_output --substring "/bin/sh -c uname -a"
}
@test "history should not contain vars in allowlist unless set in ARG" {
_prefetch busybox
ctxdir=${TEST_SCRATCH_DIR}/bud
mkdir -p $ctxdir
cat >$ctxdir/Dockerfile <<EOF
FROM busybox
RUN echo \$HTTP_PROXY
EOF
run_buildah build $WITH_POLICY_JSON -t test --build-arg HTTP_PROXY="helloworld" ${ctxdir}
expect_output --substring 'helloworld'
run_buildah inspect --format '{{range .Docker.History}}{{println .CreatedBy}}{{end}}' test
# history should not contain value for HTTP_PROXY since it was not in Containerfile
assert "$output" !~ 'HTTP_PROXY=helloworld'
assert "$output" !~ 'helloworld'
}
@test "history should contain vars in allowlist when set in ARG" {
_prefetch busybox
ctxdir=${TEST_SCRATCH_DIR}/bud
mkdir -p $ctxdir
cat >$ctxdir/Dockerfile <<EOF
FROM busybox
ARG HTTP_PROXY
RUN echo \$HTTP_PROXY
EOF
run_buildah build $WITH_POLICY_JSON -t test --build-arg HTTP_PROXY="helloworld" ${ctxdir}
expect_output --substring 'helloworld'
run_buildah inspect --format '{{range .Docker.History}}{{println .CreatedBy}}{{end}}' test
# history should not contain value for HTTP_PROXY since it was not in Containerfile
expect_output --substring 'HTTP_PROXY=helloworld'
}
|
