github/kata-containers
1
0
Fork 1
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-06-27 07:48:55 +00:00
Code Issues Projects Releases Wiki Activity
topic/debug-ci
kata-containers/tests/functional/kata-agent-apis/api-tests/test_set_policy.bats
Sumedh Alok Sharma 18c887f055 agent-ctl: Add SetPolicy support 
This patch adds support to call kata agents SetPolicy
API. Also adds tests for SetPolicy API using agent-ctl.

Fixes #9711

Signed-off-by: Sumedh Alok Sharma <sumsharma@microsoft.com>
2024-09-18 10:53:49 +05:30

45 lines
1.2 KiB
Bash
Executable File
Raw Permalink Blame History

#!/usr/bin/env bats
# Copyright (c) 2024 Microsoft Corporation
#
# SPDX-License-Identifier: Apache-2.0
load "${BATS_TEST_DIRNAME}/../../../common.bash"
load "${BATS_TEST_DIRNAME}/../setup_common.sh"
setup_file() {
info "setup"
}
@test "Test SetPolicy API: Set allow all policy" {
info "Upload policy document from under src/kata-opa"
repo_root_dir="${BATS_TEST_DIRNAME}/../../../../"
policy_dir="${repo_root_dir}/src/kata-opa"
policy_file="${policy_dir}/allow-all.rego"
local cmds=()
cmds+=("-c 'SetPolicy json://{\"policy_file\": \"$policy_file\"}'")
run_agent_ctl "${cmds[@]}"
}
@test "Test SetPolicy API: Block CopyFile in policy" {
policy_file=$(mktemp)
deny_single_api_in_policy ${policy_file} "CopyFileRequest"
local cmds=()
cmds+=("-c 'SetPolicy json://{\"policy_file\": \"$policy_file\"}'")
run_agent_ctl "${cmds[@]}"
src_file=$(mktemp)
local cmds=()
cmds+=("-c 'CopyFile json://{\"src\": \"$src_file\", \"dest\":\"/run/kata-containers/foo\"}'")
run run_agent_ctl "${cmds[@]}"
[ "$status" -ne 0 ]
rm $src_file
rm $policy_file
}
teardown_file() {
info "teardown"
sudo rm -r /run/kata-containers/ || echo "Failed to clean /run/kata-containers"
}
Reference in New Issue View Git Blame Copy Permalink