[bitnami/keydb] ci: VIB tests (#71060)

.vib/keydb/goss/goss.yaml

@@ -0,0 +1,15 @@
+# Copyright Broadcom, Inc. All Rights Reserved.
+# SPDX-License-Identifier: APACHE-2.0
+
+gossfile:
+  # Goss tests exclusive to the current container
+  ../../keydb/goss/keydb.yaml: {}
+  # Load scripts from .vib/common/goss/templates
+  ../../common/goss/templates/check-app-version.yaml: {}
+  ../../common/goss/templates/check-binaries.yaml: {}
+  ../../common/goss/templates/check-broken-symlinks.yaml: {}
+  ../../common/goss/templates/check-ca-certs.yaml: {}
+  ../../common/goss/templates/check-directories.yaml: {}
+  ../../common/goss/templates/check-linked-libraries.yaml: {}
+  ../../common/goss/templates/check-sed-in-place.yaml: {}
+  ../../common/goss/templates/check-spdx.yaml: {}

.vib/keydb/goss/keydb.yaml

@@ -0,0 +1,31 @@
+# Copyright Broadcom, Inc. All Rights Reserved.
+# SPDX-License-Identifier: APACHE-2.0
+
+file:
+  /opt/bitnami/keydb/etc/keydb.conf:
+    exists: true
+    mode: "0664"
+    contents:
+      - /port.*6379/
+      - /dir.*/bitnami/keydb/data/
+      - /pidfile.*/opt/bitnami/keydb/tmp/keydb.pid/
+      - "daemonize yes"
+command:
+  check-keydb-server:
+    exec: keydb-server /opt/bitnami/keydb/etc/keydb.conf && sleep 5 && ps aux
+    exit-status: 0
+    timeout: 20000
+    stdout:
+      - /keydb-server.*(127.0.0.1|localhost).*6379/
+  check-keydb-server-ssl:
+    exec: ldd /opt/bitnami/keydb/bin/keydb-server
+    exit-status: 0
+    stdout:
+      - "libcrypto.so"
+      - "libssl.so"
+  check-keydb-cli-ssl:
+    exec: ldd /opt/bitnami/keydb/bin/keydb-cli
+    exit-status: 0
+    stdout:
+      - "libcrypto.so"
+      - "libssl.so"

.vib/keydb/goss/vars.yaml

@@ -0,0 +1,16 @@
+binaries:
+  - keydb-cli
+  - keydb-server
+  - wait-for-port
+directories:
+  - mode: "0775"
+    paths:
+      - /bitnami
+      - /bitnami/keydb
+      - /bitnami/keydb/data
+      - /opt/bitnami/keydb
+      - /opt/bitnami/keydb/etc
+root_dir: /opt/bitnami
+version:
+  bin_name: keydb-server
+  flag: --version

.vib/keydb/vib-verify.json

@@ -0,0 +1,73 @@
+{
+  "context": {
+    "resources": {
+      "url": "{SHA_ARCHIVE}",
+      "path": "{VIB_ENV_PATH}"
+    },
+    "runtime_parameters": "Y29tbWFuZDogWyJ0YWlsIiwgIi1mIiwgIi9kZXYvbnVsbCJd"
+  },
+  "phases": {
+    "package": {
+      "actions": [
+        {
+          "action_id": "container-image-package",
+          "params": {
+            "application": {
+              "details": {
+                "name": "{VIB_ENV_CONTAINER}",
+                "tag": "{VIB_ENV_TAG}"
+              }
+            },
+            "architectures": [
+              "linux/amd64",
+              "linux/arm64"
+            ]
+          }
+        },
+        {
+          "action_id": "container-image-lint",
+          "params": {
+            "threshold": "error"
+          }
+        }
+      ]
+    },
+    "verify": {
+      "actions": [
+        {
+          "action_id": "goss",
+          "params": {
+            "resources": {
+              "path": "/.vib"
+            },
+            "tests_file": "keydb/goss/goss.yaml",
+            "vars_file": "keydb/goss/vars.yaml",
+            "remote": {
+              "pod": {
+                "workload": "deploy-keydb"
+              }
+            }
+          }
+        },
+        {
+          "action_id": "trivy",
+          "params": {
+            "threshold": "LOW",
+            "vuln_type": [
+              "OS"
+            ]
+          }
+        },
+        {
+          "action_id": "grype",
+          "params": {
+            "threshold": "CRITICAL",
+            "package_type": [
+              "OS"
+            ]
+          }
+        }
+      ]
+    }
+  }
+}