enclave-cc: Also test the pre-install / post-uninstall images

Let's make sure that we also test the pre-install / post-uninstall images as part of the enclave-cc tests, so we make sure that any changes we do with Kata Containers in mind won't break enclave-cc. Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
confidential-containers · Aug 29, 2023 · d144296 · d144296
1 parent 6451fba
commit d144296
Show file tree

Hide file tree

Showing 5 changed files with 23 additions and 4 deletions.
diff --git a/.github/workflows/e2e.yaml b/.github/workflows/e2e.yaml
@@ -25,13 +25,21 @@ jobs:
         with:
           driver-opts: network=host
 
-      - name: Build and push to local registry
+      - name: Build and push the operator image to local registry
         run: |
           make docker-build
           make docker-push
         env:
           IMG: localhost:5000/cc-operator:latest
 
+      - name: Build and push the pre-install to local registry
+        run: |
+          pushd install/pre-install-payload
+          make containerd registry="${REGISTRY}" extra_docker_manifest_flags="--insecure"
+          popd
+        env:
+          REGISTRY: localhost:5000/container-engine-for-cc-payload
+
       - name: Build custom kind node image
         uses: docker/build-push-action@v4
         with:
@@ -57,7 +65,9 @@ jobs:
 
       - name: Install enclave-cc sim
         run: |
-          kubectl apply -k config/samples/enclave-cc/sim
+          cd config/samples/enclave-cc/sim
+          kustomize edit set image quay.io/confidential-containers/container-engine-for-cc-payload=localhost:5000/container-engine-for-cc-payload:latest
+          kubectl apply -k . 
           sleep 1
           kubectl wait --for=jsonpath='{.status.runtimeClass}'=enclave-cc ccruntime/ccruntime-enclave-cc-sgx-mode-sim --timeout=90s
 

diff --git a/config/samples/enclave-cc/base/ccruntime-enclave-cc.yaml b/config/samples/enclave-cc/base/ccruntime-enclave-cc.yaml
@@ -47,7 +47,7 @@ spec:
     - name: "enclave-cc"
       snapshotter: "overlayfs"
     postUninstall:
-      image: quay.io/confidential-containers/container-engine-for-cc-payload:98a790e8abdcc06c4b629b290ebaa217bf82e305
+      image: quay.io/confidential-containers/container-engine-for-cc-payload
       volumeMounts:
         - mountPath: /opt/confidential-containers/
           name: confidential-containers-artifacts
@@ -75,7 +75,7 @@ spec:
             type: ""
           name: systemd
     preInstall:
-      image: quay.io/confidential-containers/container-engine-for-cc-payload:98a790e8abdcc06c4b629b290ebaa217bf82e305
+      image: quay.io/confidential-containers/container-engine-for-cc-payload
       volumeMounts:
         - mountPath: /opt/confidential-containers/
           name: confidential-containers-artifacts

diff --git a/config/samples/enclave-cc/base/kustomizeconfig.yaml b/config/samples/enclave-cc/base/kustomizeconfig.yaml
@@ -1,3 +1,7 @@
 images:
 - path: spec/config/payloadImage
   kind: CcRuntime
+- path: spec/config/preInstall/image
+  kind: CcRuntime
+- path: spec/config/postUninstall/image
+  kind: CcRuntime
diff --git a/config/samples/enclave-cc/hw/kustomization.yaml b/config/samples/enclave-cc/hw/kustomization.yaml
@@ -5,3 +5,6 @@ resources:
 - ../base
 
 nameSuffix: -sgx-mode-hw
+
+- name: quay.io/confidential-containers/container-engine-for-cc-payload
+  newTag: 98a790e8abdcc06c4b629b290ebaa217bf82e305
diff --git a/config/samples/enclave-cc/sim/kustomization.yaml b/config/samples/enclave-cc/sim/kustomization.yaml
@@ -6,3 +6,5 @@ nameSuffix: -sgx-mode-sim
 images:
 - name: quay.io/confidential-containers/runtime-payload-ci
   newTag: enclave-cc-SIM-sample-kbc-latest
+- name: quay.io/confidential-containers/container-engine-for-cc-payload
+  newTag: 98a790e8abdcc06c4b629b290ebaa217bf82e305