2023-09-07 21:06:21 +03:00
# Note: Intended to be run as "make run-blackbox-tests" or "make run-blackbox-ci"
2023-08-30 22:24:28 +03:00
# Makefile target installs & checks all necessary tooling
# Extra tools that are not covered in Makefile target needs to be added in verify_prerequisites()
2022-04-27 09:00:20 +03:00
2023-08-30 22:24:28 +03:00
load helpers_zot
function verify_prerequisites {
if [ ! $(command -v curl) ]; then
echo "you need to install curl as a prerequisite to running the tests" >&3
return 1
fi
if [ ! $(command -v jq) ]; then
echo "you need to install jq as a prerequisite to running the tests" >&3
return 1
fi
2022-04-27 09:00:20 +03:00
2023-08-30 22:24:28 +03:00
return 0
}
function setup_file() {
export REGISTRY_NAME=main
2022-04-27 09:00:20 +03:00
# Verify prerequisites are available
2023-08-30 22:24:28 +03:00
if ! $(verify_prerequisites); then
2022-04-27 09:00:20 +03:00
exit 1
fi
# Download test data to folder common for the entire suite, not just this file
2023-02-17 13:54:49 -08:00
skopeo --insecure-policy copy --format=oci docker://ghcr.io/project-zot/golang:1.20 oci:${TEST_DATA_DIR}/golang:1.20
2022-04-27 09:00:20 +03:00
# Setup zot server
local zot_root_dir=${BATS_FILE_TMPDIR}/zot
local zot_config_file=${BATS_FILE_TMPDIR}/zot_config.json
mkdir -p ${zot_root_dir}
2023-11-21 16:31:12 +02:00
zot_port=$(get_free_port)
echo ${zot_port} > ${BATS_FILE_TMPDIR}/zot.port
2022-04-27 09:00:20 +03:00
cat >${zot_config_file} <<EOF
{
2024-02-20 13:27:21 +02:00
"distSpecVersion": "1.1.0",
2022-04-27 09:00:20 +03:00
"storage": {
"rootDirectory": "${zot_root_dir}"
},
"http": {
"address": "0.0.0.0",
2023-11-21 16:31:12 +02:00
"port": "${zot_port}"
2022-04-27 09:00:20 +03:00
},
"log": {
2023-09-07 21:06:21 +03:00
"level": "debug",
"output": "${BATS_FILE_TMPDIR}/zot.log"
2022-04-27 09:00:20 +03:00
},
"extensions": {
"search": {
"enable": true,
"cve": {
"updateInterval": "24h"
}
}
}
}
EOF
2023-08-30 22:24:28 +03:00
zot_serve ${ZOT_PATH} ${zot_config_file}
2023-11-21 16:31:12 +02:00
wait_zot_reachable ${zot_port}
2022-04-27 09:00:20 +03:00
# setup zli to add zot registry to configs
2023-11-21 16:31:12 +02:00
local registry_url="http://127.0.0.1:${zot_port}/"
zli_add_config ${REGISTRY_NAME} ${registry_url}
2022-04-27 09:00:20 +03:00
}
2023-09-07 21:06:21 +03:00
function teardown() {
# conditionally printing on failure is possible from teardown but not from from teardown_file
cat ${BATS_FILE_TMPDIR}/zot.log
}
2022-04-27 09:00:20 +03:00
function teardown_file() {
2023-08-30 22:24:28 +03:00
zot_stop_all
2022-04-27 09:00:20 +03:00
}
@test "cve by image name and tag" {
2023-11-21 16:31:12 +02:00
zot_port=`cat ${BATS_FILE_TMPDIR}/zot.port`
2022-04-27 09:00:20 +03:00
run skopeo --insecure-policy copy --dest-tls-verify=false \
2023-02-17 13:54:49 -08:00
oci:${TEST_DATA_DIR}/golang:1.20 \
2023-11-21 16:31:12 +02:00
docker://127.0.0.1:${zot_port}/golang:1.20
2022-04-27 09:00:20 +03:00
[ "$status" -eq 0 ]
2023-11-21 16:31:12 +02:00
run curl http://127.0.0.1:${zot_port}/v2/_catalog
2022-04-27 09:00:20 +03:00
[ "$status" -eq 0 ]
[ $(echo "${lines[-1]}" | jq '.repositories[]') = '"golang"' ]
2023-11-21 16:31:12 +02:00
run curl http://127.0.0.1:${zot_port}/v2/golang/tags/list
2022-04-27 09:00:20 +03:00
[ "$status" -eq 0 ]
2023-02-17 13:54:49 -08:00
[ $(echo "${lines[-1]}" | jq '.tags[]') = '"1.20"' ]
2023-09-08 15:12:47 +03:00
run ${ZLI_PATH} cve list golang:1.20 --config ${REGISTRY_NAME}
2022-04-27 09:00:20 +03:00
[ "$status" -eq 0 ]
2023-03-23 20:11:29 +02:00
2023-09-08 15:12:47 +03:00
echo ${lines[@]}
found=0
2023-03-23 20:11:29 +02:00
for i in "${lines[@]}"
do
2023-06-15 13:22:29 +03:00
if [[ "$i" = *"CVE-2011-4915 LOW fs/proc/base.c in the Linux kernel through 3..."* ]]; then
2023-03-23 20:11:29 +02:00
found=1
fi
done
[ "$found" -eq 1 ]
2022-04-27 09:00:20 +03:00
}