tests/e2e: test changes to the pre-install-payload image #179
Commits on Aug 25, 2023
-
pre-install-payload: Do not try to remove /opt/confidential-containers
That's a HostPath mounted, and cannot be removed from within the container. This may cause issues like: ``` Removing the /opt/confidential-containers directory rmdir: failed to remove '/opt/confidential-containers': Device or resource busy ``` Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
-
pre-install-payload: allow to pass extra flags to docker manifest
When building the pre-install-payload image for CI it needs to pull/push the image from a local registry that is not protected. The `docker manifest` commands (e.g. create) refuses to connect in an unsecure registry by default, therefore the pre-install-payload build fail. That can be solved by passing the --insecure flag to `docker manifest` thus this change allow to pass extra flags to that command. Signed-off-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
-
tests/e2e: build the pre-install-payload image
Currently changes on install/pre-install-payload directory aren't tested because the scripts aren't re-building the pre-install-payload image. With this change the image will always be built and used. It was added more two dependencies: - kustomize: used to edit the kustomization file so to update the pre-install-payload image - qemu-user-static: used by docker buildx to build the pre-install-payload image for multiple architectures. It also needs to pass the `--insecure` to `docker manifest` commands because the image is pushed/pulled to a local insecure registry, otherwise `docker manifest` fails Fixes confidential-containers#177 Signed-off-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
-
pre-install-payload: Purge manifests before creating a new one
We've seen issues like the one shown below as part of the baremetal machines: ``` 09:44:31 failed to put manifest localhost:5000/container-engine-for-cc-payload:latest: errors: 09:44:31 manifest blob unknown: blob unknown to registry 09:44:31 manifest blob unknown: blob unknown to registry 09:44:31 manifest blob unknown: blob unknown to registry 09:44:31 manifest blob unknown: blob unknown to registry ``` Those can be avoided by removing previously created ${HOME}/.docker/manifests/$manifest Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com> -
pre-install-payload: Expand the ifs ...
Instead of doing `[ ... ] && ...`, let's just expand the if as we could simply fail the first condition, making the whole script fail, leading then to a pod error. Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
-
enclave-cc: Also test the pre-install / post-uninstall images
Let's make sure that we also test the pre-install / post-uninstall images as part of the enclave-cc tests, so we make sure that any changes we do with Kata Containers in mind won't break enclave-cc. Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.