[bitnami/cosign] Add VIB tests (#26789)

* [bitnami/cosign] Add VIB tests Signed-off-by: FraPazGal <fdepaz@vmware.com> * Use custom version check and fix spdx test Signed-off-by: FraPazGal <fdepaz@vmware.com> * Improve spdx test sintax Signed-off-by: FraPazGal <fdepaz@vmware.com> * Remove VIB trigger Signed-off-by: FraPazGal <fdepaz@vmware.com> * Remove ending newlines Signed-off-by: FraPazGal <fdepaz@vmware.com> --------- Signed-off-by: FraPazGal <fdepaz@vmware.com>
2026-02-21 07:17:26 +08:00 · 2023-03-09 13:00:26 +01:00
parent 907ffda97e
commit bd72e47e71
6 changed files with 54 additions and 4 deletions
--- a/.vib/common/goss/scripts/check-spdx.sh
+++ b/.vib/common/goss/scripts/check-spdx.sh
@@ -6,4 +6,4 @@ set -o pipefail

 mapfile -t files < <( find /bitnami "$BITNAMI_ROOT_DIR" -name '.spdx-*.json' )

-[[ ${#files[@]} -eq 0 ]] && exit 1
+[[ ${#files[@]} -gt 0 ]]
--- a/.vib/cosign/goss/cosign.yaml
+++ b/.vib/cosign/goss/cosign.yaml
@@ -0,0 +1,9 @@
+command:
+  check-app-version:
+    exec: cosign version 2>&1
+    exit-status: 0
+    stdout:
+    - {{ .Env.APP_VERSION }}
+  initialize-sigstore:
+    exec: cosign initialize
+    exit-status: 0
--- a/.vib/cosign/goss/goss.yaml
+++ b/.vib/cosign/goss/goss.yaml
@@ -0,0 +1,10 @@
+gossfile:
+  # Goss tests exclusive to the current container
+  ../../cosign/goss/cosign.yaml: {}
+  # Load scripts from .vib/common/goss/templates
+  ../../common/goss/templates/check-binaries.yaml: {}
+  ../../common/goss/templates/check-broken-symlinks.yaml: {}
+  ../../common/goss/templates/check-ca-certs.yaml: {}
+  ../../common/goss/templates/check-linked-libraries.yaml: {}
+  ../../common/goss/templates/check-sed-in-place.yaml: {}
+  ../../common/goss/templates/check-spdx.yaml: {}
--- a/.vib/cosign/goss/vars.yaml
+++ b/.vib/cosign/goss/vars.yaml
@@ -0,0 +1,3 @@
+binaries:
+  - cosign
+root_dir: /opt/bitnami
--- a/.vib/cosign/vib-publish.json
+++ b/.vib/cosign/vib-publish.json
@@ -3,7 +3,8 @@
    "resources": {
      "url": "{VIB_ENV_CONTAINER_URL}",
      "path": "{VIB_ENV_PATH}"
-    }
+    },
+    "runtime_parameters": "Y29tbWFuZDogWyJ0YWlsIiwgIi1mIiwgIi9kZXYvbnVsbCJd"
  },
  "phases": {
    "package": {
@@ -33,6 +34,19 @@
    },
    "verify": {
      "actions": [
+        {
+          "action_id": "goss",
+          "params": {
+            "resources": {
+              "path": "/.vib"
+            },
+            "tests_file": "cosign/goss/goss.yaml",
+            "vars_file": "cosign/goss/vars.yaml",
+            "remote": {
+              "workload": "deploy-cosign"
+            }
+          }
+        },
        {
          "action_id": "trivy",
          "params": {
--- a/.vib/cosign/vib-verify.json
+++ b/.vib/cosign/vib-verify.json
@@ -3,7 +3,8 @@
    "resources": {
      "url": "{SHA_ARCHIVE}",
      "path": "{VIB_ENV_PATH}"
-    }
+    },
+    "runtime_parameters": "Y29tbWFuZDogWyJ0YWlsIiwgIi1mIiwgIi9kZXYvbnVsbCJd"
  },
  "phases": {
    "package": {
@@ -29,6 +30,19 @@
    },
    "verify": {
      "actions": [
+        {
+          "action_id": "goss",
+          "params": {
+            "resources": {
+              "path": "/.vib"
+            },
+            "tests_file": "cosign/goss/goss.yaml",
+            "vars_file": "cosign/goss/vars.yaml",
+            "remote": {
+              "workload": "deploy-cosign"
+            }
+          }
+        },
        {
          "action_id": "trivy",
          "params": {
@@ -50,4 +64,4 @@
      ]
    }
  }
-}
+}