From 0ce552de40189ec61add31d29e3cc10ee9a2167b Mon Sep 17 00:00:00 2001 From: "James E. Blair" Date: Wed, 9 Oct 2019 15:44:45 -0700 Subject: [PATCH] Run docker and podman push/pull tests This runs equivalent tests on the registry in the standard (ie, intermediate) configuration using both docker and podman. A later change will add the same for running the registry in the namespaced (ie, buildset) configuration. Change-Id: Ieeb1e7a75f6ca931d2275e3306f987aea2ba677f --- playbooks/functional-test/docker-compose.yaml | 4 +- playbooks/functional-test/docker.yaml | 58 ++++++++++++++++ playbooks/functional-test/localtest.yaml | 8 ++- playbooks/functional-test/main.yaml | 68 ------------------- .../functional-test/namespaced-compose.yaml | 13 ++++ .../{conf => namespaced-conf}/registry.yaml | 0 playbooks/functional-test/podman.yaml | 58 ++++++++++++++++ playbooks/functional-test/run.yaml | 9 ++- playbooks/functional-test/setup.yaml | 42 ++++++++++++ .../functional-test/standard-compose.yaml | 12 ++++ .../standard-conf/registry.yaml | 14 ++++ 11 files changed, 212 insertions(+), 74 deletions(-) create mode 100644 playbooks/functional-test/docker.yaml delete mode 100644 playbooks/functional-test/main.yaml create mode 100644 playbooks/functional-test/namespaced-compose.yaml rename playbooks/functional-test/{conf => namespaced-conf}/registry.yaml (100%) create mode 100644 playbooks/functional-test/podman.yaml create mode 100644 playbooks/functional-test/setup.yaml create mode 100644 playbooks/functional-test/standard-compose.yaml create mode 100644 playbooks/functional-test/standard-conf/registry.yaml diff --git a/playbooks/functional-test/docker-compose.yaml b/playbooks/functional-test/docker-compose.yaml index 7bb4965..949cc4f 100644 --- a/playbooks/functional-test/docker-compose.yaml +++ b/playbooks/functional-test/docker-compose.yaml @@ -3,10 +3,10 @@ version: '2' services: - zuul-registry: + registry: image: zuul/zuul-registry volumes: - - "./conf/:/conf/:z" + - "./standard-conf/:/conf/:z" - "/tmp/registry-test/storage/:/storage:z" - "/tmp/registry-test/tls/:/tls:z" ports: diff --git a/playbooks/functional-test/docker.yaml b/playbooks/functional-test/docker.yaml new file mode 100644 index 0000000..42ea0bd --- /dev/null +++ b/playbooks/functional-test/docker.yaml @@ -0,0 +1,58 @@ +# Test push and pull from the standard registry + +- name: Start the standard registry + shell: + cmd: docker-compose -f standard-compose.yaml up -d + chdir: "{{ ansible_user_dir }}/src/opendev.org/zuul/zuul-registry/playbooks/functional-test" + +- name: Print list of images + command: docker image ls --all --digests --no-trunc + register: image_list + failed_when: "'test/image' in image_list.stdout" + +- name: Copy the test image into local docker image storage + command: > + skopeo copy + docker-archive:{{ workspace }}/test.img + docker-daemon:localhost:9000/test/image:latest + +- name: Log in to registry + command: docker login localhost:9000 -u testuser -p testpass + +- name: Push the test image to the standard registry + command: docker push localhost:9000/test/image + +- name: Remove the test image from the local cache + command: docker rmi localhost:9000/test/image + +- name: Clean up the local image cache + command: docker image prune -f + +- name: Print list of images + command: docker image ls --all --digests --no-trunc + register: image_list + failed_when: "'test/image' in image_list.stdout" + +- name: Pull the image from the standard registry + command: docker pull localhost:9000/test/image + +- name: Print list of images + command: docker image ls --all --digests --no-trunc + register: image_list + failed_when: "'test/image' not in image_list.stdout" + +- name: Try to pull an image that does not exist + command: docker pull localhost:9000/test/dne + register: result + failed_when: result.rc != 1 + +- name: Stop the standard registry + shell: + cmd: docker-compose -f standard-compose.yaml down + chdir: "{{ ansible_user_dir }}/src/opendev.org/zuul/zuul-registry/playbooks/functional-test" + +- name: Clean up docker volumes + command: docker volume prune -f + +- name: Log out of registry + command: docker logout localhost:9000 diff --git a/playbooks/functional-test/localtest.yaml b/playbooks/functional-test/localtest.yaml index 4961395..6fb2797 100644 --- a/playbooks/functional-test/localtest.yaml +++ b/playbooks/functional-test/localtest.yaml @@ -3,5 +3,9 @@ workspace: /tmp/registry-test local: true tasks: - - name: Run main tasks - include_tasks: main.yaml + - name: Run setup tasks + include_tasks: setup.yaml + - name: Run docker test tasks + include_tasks: docker.yaml + - name: Run podman test tasks + include_tasks: podman.yaml diff --git a/playbooks/functional-test/main.yaml b/playbooks/functional-test/main.yaml deleted file mode 100644 index 844372a..0000000 --- a/playbooks/functional-test/main.yaml +++ /dev/null @@ -1,68 +0,0 @@ -- name: Create workspace directory - file: - state: directory - path: "{{ workspace }}" - -- name: Create storage directory - file: - state: directory - path: "{{ workspace }}/storage" - -- name: Create TLS directory - file: - state: directory - path: "{{ workspace }}/tls" - -- name: Generate a TLS key for the registry - command: "openssl req -x509 -newkey rsa:2048 -keyout {{ workspace }}/tls/cert.key -out {{ workspace }}/tls/cert.pem -days 365 -nodes -subj '/C=US/ST=California/L=Oakland/O=Company Name/OU=Org/CN=127.0.0.1'" - -- name: Run docker-compose up - shell: - cmd: docker-compose up -d - chdir: "{{ ansible_user_dir }}/src/opendev.org/zuul/zuul-registry/playbooks/functional-test" - -- name: Print list of images - command: docker image ls --all --digests --no-trunc - -- name: Pull the test image from Docker Hub - command: docker pull alpine - -- name: Tag the test image with a realistic name - command: docker tag alpine localhost:9000/test/registry - -- name: Log in to local registry - command: docker login localhost:9000 -u testuser -p testpass - ignore_errors: true - -- name: Push the test image to zuul-registry - command: docker image push localhost:9000/test/registry - -- name: Remove the test image from the local cache - command: docker rmi localhost:9000/test/registry - -- name: Remove the test image from the local cache - command: docker rmi alpine:latest - -- name: Clean up the local image cache - command: docker image prune -f - -- name: Print list of images - command: docker image ls --all --digests --no-trunc - -- name: Pull the image from zuul-registry - command: docker image pull localhost:9000/test/registry - -- name: Print list of images - command: docker image ls --all --digests --no-trunc - -- name: Create a local containers/image - shell: buildah commit --rm $(buildah from scratch) local-test - -- name: Check the local image is there - command: skopeo inspect containers-storage:localhost/local-test:latest - -- name: Copy the local image to the registry - command: > - skopeo copy --dest-creds testuser:testpass --dest-tls-verify=false - containers-storage:localhost/local-test:latest - docker://127.0.0.1:9000/test diff --git a/playbooks/functional-test/namespaced-compose.yaml b/playbooks/functional-test/namespaced-compose.yaml new file mode 100644 index 0000000..487ed70 --- /dev/null +++ b/playbooks/functional-test/namespaced-compose.yaml @@ -0,0 +1,13 @@ +# Version 2 is the latest that is supported by docker-compose in +# Ubuntu Xenial. +version: '2' + +services: + registry: + image: zuul/zuul-registry + volumes: + - "./namespaced-conf/:/conf/:z" + - "/tmp/registry-test/storage/:/storage:z" + - "/tmp/registry-test/tls/:/tls:z" + ports: + - "9000:9000" diff --git a/playbooks/functional-test/conf/registry.yaml b/playbooks/functional-test/namespaced-conf/registry.yaml similarity index 100% rename from playbooks/functional-test/conf/registry.yaml rename to playbooks/functional-test/namespaced-conf/registry.yaml diff --git a/playbooks/functional-test/podman.yaml b/playbooks/functional-test/podman.yaml new file mode 100644 index 0000000..4f25cde --- /dev/null +++ b/playbooks/functional-test/podman.yaml @@ -0,0 +1,58 @@ +# Test push and pull from the standard registry + +- name: Start the standard registry + shell: + cmd: docker-compose -f standard-compose.yaml up -d + chdir: "{{ ansible_user_dir }}/src/opendev.org/zuul/zuul-registry/playbooks/functional-test" + +- name: Print list of images + command: podman image ls --all --digests --no-trunc + register: image_list + failed_when: "'test/image' in image_list.stdout" + +- name: Copy the test image into local containers image storage + command: > + skopeo copy + docker-archive:{{ workspace }}/test.img + containers-storage:localhost:9000/test/image:latest + +- name: Log in to registry + command: podman login localhost:9000 -u testuser -p testpass + +- name: Push the test image to the standard registry + command: podman push localhost:9000/test/image + +- name: Remove the test image from the local cache + command: podman rmi localhost:9000/test/image + +- name: Clean up the local image cache + command: podman image prune + +- name: Print list of images + command: podman image ls --all --digests --no-trunc + register: image_list + failed_when: "'test/image' in image_list.stdout" + +- name: Pull the image from the standard registry + command: podman pull localhost:9000/test/image + +- name: Print list of images + command: podman image ls --all --digests --no-trunc + register: image_list + failed_when: "'test/image' not in image_list.stdout" + +- name: Try to pull an image that does not exist + command: podman pull localhost:9000/test/dne + register: result + failed_when: result.rc != 125 + +- name: Stop the standard registry + shell: + cmd: docker-compose -f standard-compose.yaml down + chdir: "{{ ansible_user_dir }}/src/opendev.org/zuul/zuul-registry/playbooks/functional-test" + +- name: Clean up podman volumes + command: podman volume prune -f + +- name: Log out of registry + command: podman logout localhost:9000 diff --git a/playbooks/functional-test/run.yaml b/playbooks/functional-test/run.yaml index 991a47e..1f17224 100644 --- a/playbooks/functional-test/run.yaml +++ b/playbooks/functional-test/run.yaml @@ -20,10 +20,15 @@ - openssl - skopeo - buildah + - podman state: present become: true - - name: Run main tasks - include_tasks: main.yaml + - name: Run setup tasks + include_tasks: setup.yaml + - name: Run docker test tasks + include_tasks: docker.yaml + - name: Run podman test tasks + include_tasks: podman.yaml # If buildset_registry is defined, that means a parent job is running it; # only if it is not defined does it mean that we are running it. If we diff --git a/playbooks/functional-test/setup.yaml b/playbooks/functional-test/setup.yaml new file mode 100644 index 0000000..e852248 --- /dev/null +++ b/playbooks/functional-test/setup.yaml @@ -0,0 +1,42 @@ +- name: Create workspace directory + file: + state: directory + path: "{{ workspace }}" + +- name: Create storage directory + file: + state: directory + path: "{{ workspace }}/storage" + +- name: Create TLS directory + file: + state: directory + path: "{{ workspace }}/tls" + +- name: Generate a TLS key for the registry + command: "openssl req -x509 -newkey rsa:2048 -keyout {{ workspace }}/tls/cert.key -out {{ workspace }}/tls/cert.pem -days 365 -nodes -subj '/C=US/ST=California/L=Oakland/O=Company Name/OU=Org/CN=localhost' -addext 'subjectAltName = DNS:localhost,IP:127.0.0.1'" + +- name: Install the CA cert + command: "cp {{ workspace }}/tls/cert.pem /usr/local/share/ca-certificates/test.crt" + become: true + +- name: Update CA certs + command: update-ca-certificates + become: true + +- name: Create a local containers image + shell: buildah commit --rm $(buildah from scratch) testimage + +- name: Ensure image file is not present + file: + path: "{{ workspace }}/test.img" + state: absent + +- name: Copy the local image to a file + command: > + skopeo copy + containers-storage:localhost/testimage:latest + docker-archive:{{ workspace }}/test.img + +- name: Remove test image from containers storage + command: podman rmi localhost/testimage:latest diff --git a/playbooks/functional-test/standard-compose.yaml b/playbooks/functional-test/standard-compose.yaml new file mode 100644 index 0000000..092fe5e --- /dev/null +++ b/playbooks/functional-test/standard-compose.yaml @@ -0,0 +1,12 @@ +# Version 2 is the latest that is supported by docker-compose in +# Ubuntu Xenial. +version: '2' + +services: + registry: + image: zuul/zuul-registry + volumes: + - "./standard-conf/:/conf/:z" + - "/tmp/registry-test/tls/:/tls:z" + ports: + - "9000:9000" diff --git a/playbooks/functional-test/standard-conf/registry.yaml b/playbooks/functional-test/standard-conf/registry.yaml new file mode 100644 index 0000000..af97dd5 --- /dev/null +++ b/playbooks/functional-test/standard-conf/registry.yaml @@ -0,0 +1,14 @@ +registry: + address: '0.0.0.0' + port: 9000 + public-url: https://localhost:9000 + tls-cert: /tls/cert.pem + tls-key: /tls/cert.key + secret: test_token_secret + users: + - name: testuser + pass: testpass + access: write + storage: + driver: filesystem + root: /storage