Merge pull request #10034 from BbolroC/hide-repack_secure_image-from-test

tests: Call repack_secure_image() in set_metadata_annotation()
This commit is contained in:
Greg Kurz 2024-07-18 23:03:41 +02:00 committed by GitHub
commit fc4357f642
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 9 additions and 18 deletions

View File

@ -44,15 +44,6 @@ setup() {
set_metadata_annotation "${K8S_TEST_YAML}" \
"${kernel_params_annotation}" \
"${kernel_params_value}"
# A secure boot image for IBM SE should be rebuilt according to the KBS configuration.
if [ "${KATA_HYPERVISOR}" == "qemu-se" ]; then
if [ -z "${IBM_SE_CREDS_DIR:-}" ]; then
>&2 echo "ERROR: IBM_SE_CREDS_DIR is empty"
return 1
fi
repack_secure_image "${kernel_params_value}" "${IBM_SE_CREDS_DIR}" "true"
fi
}
@test "Get CDH resource" {

View File

@ -90,15 +90,6 @@ function create_pod_yaml_with_private_image() {
"${kernel_params_annotation}" \
"${kernel_params_value}"
# A secure boot image for IBM SE should be rebuilt according to the KBS configuration.
if [ "${KATA_HYPERVISOR}" == "qemu-se" ]; then
if [ -z "${IBM_SE_CREDS_DIR:-}" ]; then
>&2 echo "ERROR: IBM_SE_CREDS_DIR is empty"
return 1
fi
repack_secure_image "${kernel_params_value} agent.log=debug" "${IBM_SE_CREDS_DIR}" "true"
fi
# Set annotation to pull image in guest
set_metadata_annotation "${kata_pod_with_private_image}" \
"io.containerd.cri.runtime-handler" \

View File

@ -191,6 +191,15 @@ set_metadata_annotation() {
# yq set annotations in yaml. Quoting the key because it can have
# dots.
yq -i ".${annotation_key} = \"${value}\"" "${yaml}"
if [[ "${key}" =~ kernel_params ]] && [[ "${KATA_HYPERVISOR}" == "qemu-se" ]]; then
# A secure boot image for IBM SE should be rebuilt according to the KBS configuration.
if [ -z "${IBM_SE_CREDS_DIR:-}" ]; then
>&2 echo "ERROR: IBM_SE_CREDS_DIR is empty"
return 1
fi
repack_secure_image "${value}" "${IBM_SE_CREDS_DIR}" "true"
fi
}
# Set the command for container spec.