System tests - get working under podman-in-podman

Skopeo CI tests run under podman; hence the registries run in the tests will be podman-in-podman. This requires complex muckery to make work: - install bats, jq, and podman in the test image - add new test-system Make target. It runs podman with /var/lib/containers bind-mounted to a tmpdir and with other necessary options; and invokes a test script that hack-edits /etc/containers/storage.conf before running podman for the first time. - add --cgroup-manager=cgroupfs option to podman invocations in BATS: without this, podman-in-podman fails with: systemd cgroup flag passed, but systemd support for managing cgroups is not available Also: gpg --pinentry-mode option is not available on all our test platforms. Check for it before using. Signed-off-by: Ed Santiago <santiago@redhat.com>
2025-09-17 07:19:37 +00:00 · 2019-05-28 09:11:25 -06:00
parent 5dd3b2bffd
commit 47e7cda4e9
5 changed files with 47 additions and 4 deletions
--- a/systemtest/050-signing.bats
+++ b/systemtest/050-signing.bats
@@ -11,8 +11,17 @@ function setup() {
    # Create dummy gpg keys
    export GNUPGHOME=$TESTDIR/skopeo-gpg
    mkdir --mode=0700 $GNUPGHOME
+
+    # gpg on f30 needs this, otherwise:
+    #   gpg: agent_genkey failed: Inappropriate ioctl for device
+    # ...but gpg on f29 (and, probably, Ubuntu) doesn't grok this
+    GPGOPTS='--pinentry-mode loopback'
+    if gpg --pinentry-mode asdf 2>&1 | grep -qi 'Invalid option'; then
+        GPGOPTS=
+    fi
+
    for k in alice bob;do
-        gpg --batch --pinentry-mode loopback --gen-key --passphrase '' <<END_GPG
+        gpg --batch $GPGOPTS --gen-key --passphrase '' <<END_GPG
 Key-Type: RSA
 Name-Real: Test key - $k
 Name-email: $k@test.redhat.com
--- a/systemtest/helpers.bash
+++ b/systemtest/helpers.bash
@@ -265,6 +265,10 @@ start_registry() {

    local -a reg_args=(-v $AUTHDIR:/auth:Z -p $port:5000)

+    # cgroup option necessary under podman-in-podman (CI tests),
+    # and doesn't seem to do any harm otherwise.
+    PODMAN="podman --cgroup-manager=cgroupfs"
+
    # Called with --testuser? Create an htpasswd file
    if [[ -n $testuser ]]; then
        if [[ -z $testpassword ]]; then
@@ -272,7 +276,7 @@ start_registry() {
        fi

        if ! egrep -q "^$testuser:" $AUTHDIR/htpasswd; then
-            podman run --rm --entrypoint htpasswd registry:2 \
+            $PODMAN run --rm --entrypoint htpasswd registry:2 \
                   -Bbn $testuser $testpassword >> $AUTHDIR/htpasswd
        fi

@@ -305,7 +309,7 @@ start_registry() {
        cp $CERT $TESTDIR/client-auth/
    fi

-    podman run -d --name $name "${reg_args[@]}" registry:2
+    $PODMAN run -d --name $name "${reg_args[@]}" registry:2
 }

 # END   helpers for starting/stopping registries