From 1930bcea15aa051fdf3339497f4b7ef520392073 Mon Sep 17 00:00:00 2001 From: Cori Avila <42420333+corico44@users.noreply.github.com> Date: Fri, 12 May 2023 10:06:04 +0200 Subject: [PATCH] [bitnami/harbor-notary-signer] Add VIB tests (#30799) * [bitnami/harbor-notary-signer] Add initial tests Signed-off-by: Cori Avila * [bitnami/harbor-notary-signer] Check user for notary folder Signed-off-by: Cori Avila * [bitnami/harbor-notary-signer] Fix check user for notory directory Signed-off-by: Cori Avila * [bitnami/harbor-notary-signer] Add change in docker-compose to trigger tests Signed-off-by: Cori Avila * [bitnami/harbor-notary-signer] Fix notary-signer binary Signed-off-by: Cori Avila * [bitnami/harbor-notary-signer] Delete change in docker-compose Signed-off-by: Cori Avila * [bitnami/harbor-notary-signer] Fix check for harbor user Signed-off-by: Cori Avila * [bitnami/harbor-notary-signer] Fix check-correct-user test Signed-off-by: Cori Avila * [bitnami/harbor-notary-signer] Add comment to test Signed-off-by: corico44 <42420333+corico44@users.noreply.github.com> * [bitnami/harbor-notary-signer] Remove gosu binary Signed-off-by: corico44 <42420333+corico44@users.noreply.github.com> * [bitnami/harbor-notary-signer] Fix check for /etc/notary directory Signed-off-by: Cori Avila * [bitnami/harbor-notary-signer] Add check-version test Signed-off-by: corico44 <42420333+corico44@users.noreply.github.com> * [bitnami/harbor-notary-signer] Fix name test Signed-off-by: corico44 <42420333+corico44@users.noreply.github.com> * [bitnami/harbor-notary-signer] Fix check app test Signed-off-by: corico44 <42420333+corico44@users.noreply.github.com> * [bitnami/harbor-notary-signer] Add migrate binary Signed-off-by: Cori Avila * [bitnami/harbor-notary-signer] Delete trigger in docker-compose file Signed-off-by: Cori Avila --------- Signed-off-by: Cori Avila Signed-off-by: corico44 <42420333+corico44@users.noreply.github.com> --- .vib/harbor-notary-signer/goss/goss.yaml | 10 ++++++++++ .../goss/harbor-notary-signer.yaml | 16 ++++++++++++++++ .vib/harbor-notary-signer/goss/vars.yaml | 4 ++++ .vib/harbor-notary-signer/vib-publish.json | 18 +++++++++++++++++- .vib/harbor-notary-signer/vib-verify.json | 18 +++++++++++++++++- 5 files changed, 64 insertions(+), 2 deletions(-) create mode 100644 .vib/harbor-notary-signer/goss/goss.yaml create mode 100644 .vib/harbor-notary-signer/goss/harbor-notary-signer.yaml create mode 100644 .vib/harbor-notary-signer/goss/vars.yaml diff --git a/.vib/harbor-notary-signer/goss/goss.yaml b/.vib/harbor-notary-signer/goss/goss.yaml new file mode 100644 index 000000000000..642a8510a75e --- /dev/null +++ b/.vib/harbor-notary-signer/goss/goss.yaml @@ -0,0 +1,10 @@ +gossfile: + # Goss tests exclusive to the current container + ../../harbor-notary-signer/goss/harbor-notary-signer.yaml: {} + # Load scripts from .vib/common/goss/templates + ../../common/goss/templates/check-binaries.yaml: {} + ../../common/goss/templates/check-broken-symlinks.yaml: {} + ../../common/goss/templates/check-ca-certs.yaml: {} + ../../common/goss/templates/check-linked-libraries.yaml: {} + ../../common/goss/templates/check-sed-in-place.yaml: {} + ../../common/goss/templates/check-spdx.yaml: {} diff --git a/.vib/harbor-notary-signer/goss/harbor-notary-signer.yaml b/.vib/harbor-notary-signer/goss/harbor-notary-signer.yaml new file mode 100644 index 000000000000..f615b9cc382a --- /dev/null +++ b/.vib/harbor-notary-signer/goss/harbor-notary-signer.yaml @@ -0,0 +1,16 @@ +group: + harbor: + exists: true +user: + harbor: + exists: true +file: + /etc/notary: + exists: true + mode: "0775" + owner: harbor + filetype: directory +command: + check-app-run: + exec: notary-signer --help + exit-status: 2 diff --git a/.vib/harbor-notary-signer/goss/vars.yaml b/.vib/harbor-notary-signer/goss/vars.yaml new file mode 100644 index 000000000000..e386ed7f10e3 --- /dev/null +++ b/.vib/harbor-notary-signer/goss/vars.yaml @@ -0,0 +1,4 @@ +binaries: + - notary-signer + - migrate +root_dir: /opt/bitnami diff --git a/.vib/harbor-notary-signer/vib-publish.json b/.vib/harbor-notary-signer/vib-publish.json index 8b6fe8eab4e6..cb564ae5f8b7 100644 --- a/.vib/harbor-notary-signer/vib-publish.json +++ b/.vib/harbor-notary-signer/vib-publish.json @@ -3,7 +3,8 @@ "resources": { "url": "{VIB_ENV_CONTAINER_URL}", "path": "{VIB_ENV_PATH}" - } + }, + "runtime_parameters": "Y29tbWFuZDogWyJ0YWlsIiwgIi1mIiwgIi9kZXYvbnVsbCJd" }, "phases": { "package": { @@ -33,6 +34,21 @@ }, "verify": { "actions": [ + { + "action_id": "goss", + "params": { + "resources": { + "path": "/.vib" + }, + "tests_file": "harbor-notary-signer/goss/goss.yaml", + "vars_file": "harbor-notary-signer/goss/vars.yaml", + "remote": { + "pod": { + "workload": "deploy-harbor-notary-signer" + } + } + } + }, { "action_id": "trivy", "params": { diff --git a/.vib/harbor-notary-signer/vib-verify.json b/.vib/harbor-notary-signer/vib-verify.json index a34e8aee9161..c6f98d9a8dde 100644 --- a/.vib/harbor-notary-signer/vib-verify.json +++ b/.vib/harbor-notary-signer/vib-verify.json @@ -3,7 +3,8 @@ "resources": { "url": "{SHA_ARCHIVE}", "path": "{VIB_ENV_PATH}" - } + }, + "runtime_parameters": "Y29tbWFuZDogWyJ0YWlsIiwgIi1mIiwgIi9kZXYvbnVsbCJd" }, "phases": { "package": { @@ -29,6 +30,21 @@ }, "verify": { "actions": [ + { + "action_id": "goss", + "params": { + "resources": { + "path": "/.vib" + }, + "tests_file": "harbor-notary-signer/goss/goss.yaml", + "vars_file": "harbor-notary-signer/goss/vars.yaml", + "remote": { + "pod": { + "workload": "deploy-harbor-notary-signer" + } + } + } + }, { "action_id": "trivy", "params": {