github/kata-containers
1
0
Fork 2
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-09-08 20:29:11 +00:00
Code Issues Projects Releases Wiki Activity

tests: update negative test log assertions

Browse Source 
After moving image pulling from kata-agent to CDH, the failed image pull
error messages have been slightly changed. This commit is to apply for
the change.

Note that in original and current image-rs implementation, both no key
or wrong key will result in a same error information.

Signed-off-by: Xynnn007 <xynnn@linux.alibaba.com>
This commit is contained in:
Xynnn007
2025-05-09 17:28:35 +08:00
parent 7420194ea8
commit 93826ff90c
4 changed files with 7 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
tests/integration/kubernetes/k8s-guest-pull-image-authenticated.bats
View File

@@ -87,7 +87,7 @@ function setup_kbs_credentials() {
echo "Pod ${kata_pod}: $(cat ${kata_pod})"
assert_pod_fail "${kata_pod}"
assert_logs_contain "${node}" kata "${node_start_time}" "failed to pull image"
assert_logs_contain "${node}" kata "${node_start_time}" "Not authorized"
}
@test "Test that creating a container from an authenticated image, with no credentials fails" {
@@ -100,7 +100,7 @@ function setup_kbs_credentials() {
echo "Pod ${kata_pod}: $(cat ${kata_pod})"
assert_pod_fail "${kata_pod}"
assert_logs_contain "${node}" kata "${node_start_time}" "failed to pull image"
assert_logs_contain "${node}" kata "${node_start_time}" "Not authorized"
}
teardown() {

5
tests/integration/kubernetes/k8s-guest-pull-image-encrypted.bats
View File

@@ -52,8 +52,7 @@ function setup_kbs_decryption_key() {
echo "Pod ${kata_pod}: $(cat ${kata_pod})"
assert_pod_fail "${kata_pod}"
assert_logs_contain "${node}" kata "${node_start_time}" 'decrypt image (unwrap key) failed'
assert_logs_contain "${node}" kata "${node_start_time}" 'kms interface when get KEK failed'
assert_logs_contain "${node}" kata "${node_start_time}" 'Failed to decrypt the image layer, please ensure that the decryption key is placed and correct'
}
@@ -80,7 +79,7 @@ function setup_kbs_decryption_key() {
echo "Pod ${kata_pod}: $(cat ${kata_pod})"
assert_pod_fail "${kata_pod}"
assert_logs_contain "${node}" kata "${node_start_time}" 'decrypt image (unwrap key) failed'
assert_logs_contain "${node}" kata "${node_start_time}" 'Failed to decrypt the image layer, please ensure that the decryption key is placed and correct'
}
teardown() {

4
tests/integration/kubernetes/k8s-guest-pull-image-signature.bats
View File

@@ -97,7 +97,7 @@ EOF
echo "Pod ${kata_pod}: $(cat ${kata_pod})"
assert_pod_fail "${kata_pod}"
assert_logs_contain "${node}" kata "${node_start_time}" "failed to pull image"
assert_logs_contain "${node}" kata "${node_start_time}" "Image policy rejected: Denied by policy"
}
@test "Create a pod from a signed image, on a 'restricted registry' is successful" {
@@ -123,7 +123,7 @@ EOF
echo "Pod ${kata_pod}: $(cat ${kata_pod})"
assert_pod_fail "${kata_pod}"
assert_logs_contain "${node}" kata "${node_start_time}" "failed to pull image"
assert_logs_contain "${node}" kata "${node_start_time}" "Image policy rejected: Denied by policy"
}
@test "Create a pod from an unsigned image, on a 'restricted registry' works if policy files isn't set" {

2
tests/integration/kubernetes/k8s-initdata.bats
View File

@@ -165,7 +165,7 @@ EOF
echo "Pod ${kata_pod}: $(cat ${kata_pod})"
assert_pod_fail "${kata_pod}"
assert_logs_contain "${node}" kata "${node_start_time}" "failed to pull image"
assert_logs_contain "${node}" kata "${node_start_time}" "Image policy rejected: Denied by policy"
}
@test "Test that creating a container from an rejected image not configured by initdata, fails according to CDH error" {