File: ssh.bats

package info (click to toggle)
golang-github-containers-buildah 1.39.3%2Bds1-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 7,724 kB
  • sloc: sh: 2,398; makefile: 236; perl: 187; asm: 16; awk: 12; ansic: 1
file content (77 lines) | stat: -rw-r--r-- 2,585 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
 
#!/usr/bin/env bats

load helpers


function setup() {
    setup_tests
    unset SSH_AUTH_SOCK
}

function teardown(){
  if [[ -n "$SSH_AUTH_SOCK" ]]; then ssh-agent -k;fi
  teardown_tests
}

@test "bud with ssh key" {
  _prefetch alpine

  mytmpdir=${TEST_SCRATCH_DIR}/my-dir1
  mkdir -p ${mytmpdir}
  ssh-keygen -b 2048 -t rsa -f $mytmpdir/sshkey -q -N ""
  fingerprint=$(ssh-keygen -l -f $mytmpdir/sshkey -E md5 | awk '{ print $2; }')

  run_buildah bud --ssh default=$mytmpdir/sshkey $WITH_POLICY_JSON  -t sshimg -f $BUDFILES/run-mounts/Dockerfile.ssh $BUDFILES/run-mounts
  expect_output --substring $fingerprint

  run_buildah from sshimg
  run_buildah 1 run sshimg-working-container cat /run/buildkit/ssh_agent.0
  expect_output --substring "cat: can't open '/run/buildkit/ssh_agent.0': No such file or directory"
  run_buildah rm -a
}

@test "bud with ssh key secret accessed on second RUN" {
 _prefetch alpine

  mytmpdir=${TEST_SCRATCH_DIR}/my-dir1
  mkdir -p ${mytmpdir}
  ssh-keygen -b 2048 -t rsa -f $mytmpdir/sshkey -q -N ""
  fingerprint=$(ssh-keygen -l -f $mytmpdir/sshkey -E md5 | awk '{ print $2; }')

  run_buildah 2 bud --ssh default=$mytmpdir/sshkey $WITH_POLICY_JSON  -t sshimg -f $BUDFILES/run-mounts/Dockerfile.ssh_access $BUDFILES/run-mounts
  expect_output --substring "Could not open a connection to your authentication agent."
}

@test "bud with containerfile ssh options" {
  _prefetch alpine

  mytmpdir=${TEST_SCRATCH_DIR}/my-dir1
  mkdir -p ${mytmpdir}
  ssh-keygen -b 2048 -t rsa -f $mytmpdir/sshkey -q -N ""
  fingerprint=$(ssh-keygen -l -f $mytmpdir/sshkey -E md5 | awk '{ print $2; }')

  run_buildah bud --ssh default=$mytmpdir/sshkey $WITH_POLICY_JSON  -t secretopts -f $BUDFILES/run-mounts/Dockerfile.ssh_options $BUDFILES/run-mounts
  expect_output --substring "444"
  expect_output --substring "1000"
  expect_output --substring "1001"
}

@test "bud with ssh sock" {
  _prefetch alpine

  mytmpdir=${TEST_SCRATCH_DIR}/my-dir1
  mkdir -p ${mytmpdir}
  ssh-keygen -b 2048 -t rsa -f $mytmpdir/sshkey -q -N ""
  fingerprint=$(ssh-keygen -l -f $mytmpdir/sshkey -E md5 | awk '{ print $2; }')
  eval "$(ssh-agent -s)"
  ssh-add $mytmpdir/sshkey

  run_buildah bud --ssh default=$mytmpdir/sshkey $WITH_POLICY_JSON  -t sshimg -f $BUDFILES/run-mounts/Dockerfile.ssh $BUDFILES/run-mounts
  expect_output --substring $fingerprint

  run_buildah from sshimg
  run_buildah 1 run sshimg-working-container cat /run/buildkit/ssh_agent.0
  expect_output --substring "cat: can't open '/run/buildkit/ssh_agent.0': No such file or directory"
  run_buildah rm -a
}