-
Notifications
You must be signed in to change notification settings - Fork 58
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
tests/e2e: test changes to the pre-install-payload image #179
tests/e2e: test changes to the pre-install-payload image #179
Commits on Aug 25, 2023
-
pre-install-payload: Do not try to remove /opt/confidential-containers
That's a HostPath mounted, and cannot be removed from within the container. This may cause issues like: ``` Removing the /opt/confidential-containers directory rmdir: failed to remove '/opt/confidential-containers': Device or resource busy ``` Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
Configuration menu - View commit details
-
Copy full SHA for da298b9 - Browse repository at this point
Copy the full SHA da298b9View commit details -
pre-install-payload: allow to pass extra flags to docker manifest
When building the pre-install-payload image for CI it needs to pull/push the image from a local registry that is not protected. The `docker manifest` commands (e.g. create) refuses to connect in an unsecure registry by default, therefore the pre-install-payload build fail. That can be solved by passing the --insecure flag to `docker manifest` thus this change allow to pass extra flags to that command. Signed-off-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
Configuration menu - View commit details
-
Copy full SHA for 6a5e3c7 - Browse repository at this point
Copy the full SHA 6a5e3c7View commit details -
tests/e2e: build the pre-install-payload image
Currently changes on install/pre-install-payload directory aren't tested because the scripts aren't re-building the pre-install-payload image. With this change the image will always be built and used. It was added more two dependencies: - kustomize: used to edit the kustomization file so to update the pre-install-payload image - qemu-user-static: used by docker buildx to build the pre-install-payload image for multiple architectures. It also needs to pass the `--insecure` to `docker manifest` commands because the image is pushed/pulled to a local insecure registry, otherwise `docker manifest` fails Fixes confidential-containers#177 Signed-off-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
Configuration menu - View commit details
-
Copy full SHA for de8465f - Browse repository at this point
Copy the full SHA de8465fView commit details -
pre-install-payload: Purge manifests before creating a new one
We've seen issues like the one shown below as part of the baremetal machines: ``` 09:44:31 failed to put manifest localhost:5000/container-engine-for-cc-payload:latest: errors: 09:44:31 manifest blob unknown: blob unknown to registry 09:44:31 manifest blob unknown: blob unknown to registry 09:44:31 manifest blob unknown: blob unknown to registry 09:44:31 manifest blob unknown: blob unknown to registry ``` Those can be avoided by removing previously created ${HOME}/.docker/manifests/$manifest Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
Configuration menu - View commit details
-
Copy full SHA for 4440e71 - Browse repository at this point
Copy the full SHA 4440e71View commit details -
pre-install-payload: Expand the ifs ...
Instead of doing `[ ... ] && ...`, let's just expand the if as we could simply fail the first condition, making the whole script fail, leading then to a pod error. Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
Configuration menu - View commit details
-
Copy full SHA for 8454ffe - Browse repository at this point
Copy the full SHA 8454ffeView commit details -
enclave-cc: Also test the pre-install / post-uninstall images
Let's make sure that we also test the pre-install / post-uninstall images as part of the enclave-cc tests, so we make sure that any changes we do with Kata Containers in mind won't break enclave-cc. Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
Configuration menu - View commit details
-
Copy full SHA for a648dbc - Browse repository at this point
Copy the full SHA a648dbcView commit details