Run docker and podman push/pull tests

This runs equivalent tests on the registry in the standard (ie,
intermediate) configuration using both docker and podman.

A later change will add the same for running the registry in the
namespaced (ie, buildset) configuration.

Change-Id: Ieeb1e7a75f6ca931d2275e3306f987aea2ba677f
This commit is contained in:
James E. Blair 2019-10-09 15:44:45 -07:00
parent a2dcc167a2
commit 0ce552de40
11 changed files with 212 additions and 74 deletions

View File

@ -3,10 +3,10 @@
version: '2'
services:
zuul-registry:
registry:
image: zuul/zuul-registry
volumes:
- "./conf/:/conf/:z"
- "./standard-conf/:/conf/:z"
- "/tmp/registry-test/storage/:/storage:z"
- "/tmp/registry-test/tls/:/tls:z"
ports:

View File

@ -0,0 +1,58 @@
# Test push and pull from the standard registry
- name: Start the standard registry
shell:
cmd: docker-compose -f standard-compose.yaml up -d
chdir: "{{ ansible_user_dir }}/src/opendev.org/zuul/zuul-registry/playbooks/functional-test"
- name: Print list of images
command: docker image ls --all --digests --no-trunc
register: image_list
failed_when: "'test/image' in image_list.stdout"
- name: Copy the test image into local docker image storage
command: >
skopeo copy
docker-archive:{{ workspace }}/test.img
docker-daemon:localhost:9000/test/image:latest
- name: Log in to registry
command: docker login localhost:9000 -u testuser -p testpass
- name: Push the test image to the standard registry
command: docker push localhost:9000/test/image
- name: Remove the test image from the local cache
command: docker rmi localhost:9000/test/image
- name: Clean up the local image cache
command: docker image prune -f
- name: Print list of images
command: docker image ls --all --digests --no-trunc
register: image_list
failed_when: "'test/image' in image_list.stdout"
- name: Pull the image from the standard registry
command: docker pull localhost:9000/test/image
- name: Print list of images
command: docker image ls --all --digests --no-trunc
register: image_list
failed_when: "'test/image' not in image_list.stdout"
- name: Try to pull an image that does not exist
command: docker pull localhost:9000/test/dne
register: result
failed_when: result.rc != 1
- name: Stop the standard registry
shell:
cmd: docker-compose -f standard-compose.yaml down
chdir: "{{ ansible_user_dir }}/src/opendev.org/zuul/zuul-registry/playbooks/functional-test"
- name: Clean up docker volumes
command: docker volume prune -f
- name: Log out of registry
command: docker logout localhost:9000

View File

@ -3,5 +3,9 @@
workspace: /tmp/registry-test
local: true
tasks:
- name: Run main tasks
include_tasks: main.yaml
- name: Run setup tasks
include_tasks: setup.yaml
- name: Run docker test tasks
include_tasks: docker.yaml
- name: Run podman test tasks
include_tasks: podman.yaml

View File

@ -1,68 +0,0 @@
- name: Create workspace directory
file:
state: directory
path: "{{ workspace }}"
- name: Create storage directory
file:
state: directory
path: "{{ workspace }}/storage"
- name: Create TLS directory
file:
state: directory
path: "{{ workspace }}/tls"
- name: Generate a TLS key for the registry
command: "openssl req -x509 -newkey rsa:2048 -keyout {{ workspace }}/tls/cert.key -out {{ workspace }}/tls/cert.pem -days 365 -nodes -subj '/C=US/ST=California/L=Oakland/O=Company Name/OU=Org/CN=127.0.0.1'"
- name: Run docker-compose up
shell:
cmd: docker-compose up -d
chdir: "{{ ansible_user_dir }}/src/opendev.org/zuul/zuul-registry/playbooks/functional-test"
- name: Print list of images
command: docker image ls --all --digests --no-trunc
- name: Pull the test image from Docker Hub
command: docker pull alpine
- name: Tag the test image with a realistic name
command: docker tag alpine localhost:9000/test/registry
- name: Log in to local registry
command: docker login localhost:9000 -u testuser -p testpass
ignore_errors: true
- name: Push the test image to zuul-registry
command: docker image push localhost:9000/test/registry
- name: Remove the test image from the local cache
command: docker rmi localhost:9000/test/registry
- name: Remove the test image from the local cache
command: docker rmi alpine:latest
- name: Clean up the local image cache
command: docker image prune -f
- name: Print list of images
command: docker image ls --all --digests --no-trunc
- name: Pull the image from zuul-registry
command: docker image pull localhost:9000/test/registry
- name: Print list of images
command: docker image ls --all --digests --no-trunc
- name: Create a local containers/image
shell: buildah commit --rm $(buildah from scratch) local-test
- name: Check the local image is there
command: skopeo inspect containers-storage:localhost/local-test:latest
- name: Copy the local image to the registry
command: >
skopeo copy --dest-creds testuser:testpass --dest-tls-verify=false
containers-storage:localhost/local-test:latest
docker://127.0.0.1:9000/test

View File

@ -0,0 +1,13 @@
# Version 2 is the latest that is supported by docker-compose in
# Ubuntu Xenial.
version: '2'
services:
registry:
image: zuul/zuul-registry
volumes:
- "./namespaced-conf/:/conf/:z"
- "/tmp/registry-test/storage/:/storage:z"
- "/tmp/registry-test/tls/:/tls:z"
ports:
- "9000:9000"

View File

@ -0,0 +1,58 @@
# Test push and pull from the standard registry
- name: Start the standard registry
shell:
cmd: docker-compose -f standard-compose.yaml up -d
chdir: "{{ ansible_user_dir }}/src/opendev.org/zuul/zuul-registry/playbooks/functional-test"
- name: Print list of images
command: podman image ls --all --digests --no-trunc
register: image_list
failed_when: "'test/image' in image_list.stdout"
- name: Copy the test image into local containers image storage
command: >
skopeo copy
docker-archive:{{ workspace }}/test.img
containers-storage:localhost:9000/test/image:latest
- name: Log in to registry
command: podman login localhost:9000 -u testuser -p testpass
- name: Push the test image to the standard registry
command: podman push localhost:9000/test/image
- name: Remove the test image from the local cache
command: podman rmi localhost:9000/test/image
- name: Clean up the local image cache
command: podman image prune
- name: Print list of images
command: podman image ls --all --digests --no-trunc
register: image_list
failed_when: "'test/image' in image_list.stdout"
- name: Pull the image from the standard registry
command: podman pull localhost:9000/test/image
- name: Print list of images
command: podman image ls --all --digests --no-trunc
register: image_list
failed_when: "'test/image' not in image_list.stdout"
- name: Try to pull an image that does not exist
command: podman pull localhost:9000/test/dne
register: result
failed_when: result.rc != 125
- name: Stop the standard registry
shell:
cmd: docker-compose -f standard-compose.yaml down
chdir: "{{ ansible_user_dir }}/src/opendev.org/zuul/zuul-registry/playbooks/functional-test"
- name: Clean up podman volumes
command: podman volume prune -f
- name: Log out of registry
command: podman logout localhost:9000

View File

@ -20,10 +20,15 @@
- openssl
- skopeo
- buildah
- podman
state: present
become: true
- name: Run main tasks
include_tasks: main.yaml
- name: Run setup tasks
include_tasks: setup.yaml
- name: Run docker test tasks
include_tasks: docker.yaml
- name: Run podman test tasks
include_tasks: podman.yaml
# If buildset_registry is defined, that means a parent job is running it;
# only if it is not defined does it mean that we are running it. If we

View File

@ -0,0 +1,42 @@
- name: Create workspace directory
file:
state: directory
path: "{{ workspace }}"
- name: Create storage directory
file:
state: directory
path: "{{ workspace }}/storage"
- name: Create TLS directory
file:
state: directory
path: "{{ workspace }}/tls"
- name: Generate a TLS key for the registry
command: "openssl req -x509 -newkey rsa:2048 -keyout {{ workspace }}/tls/cert.key -out {{ workspace }}/tls/cert.pem -days 365 -nodes -subj '/C=US/ST=California/L=Oakland/O=Company Name/OU=Org/CN=localhost' -addext 'subjectAltName = DNS:localhost,IP:127.0.0.1'"
- name: Install the CA cert
command: "cp {{ workspace }}/tls/cert.pem /usr/local/share/ca-certificates/test.crt"
become: true
- name: Update CA certs
command: update-ca-certificates
become: true
- name: Create a local containers image
shell: buildah commit --rm $(buildah from scratch) testimage
- name: Ensure image file is not present
file:
path: "{{ workspace }}/test.img"
state: absent
- name: Copy the local image to a file
command: >
skopeo copy
containers-storage:localhost/testimage:latest
docker-archive:{{ workspace }}/test.img
- name: Remove test image from containers storage
command: podman rmi localhost/testimage:latest

View File

@ -0,0 +1,12 @@
# Version 2 is the latest that is supported by docker-compose in
# Ubuntu Xenial.
version: '2'
services:
registry:
image: zuul/zuul-registry
volumes:
- "./standard-conf/:/conf/:z"
- "/tmp/registry-test/tls/:/tls:z"
ports:
- "9000:9000"

View File

@ -0,0 +1,14 @@
registry:
address: '0.0.0.0'
port: 9000
public-url: https://localhost:9000
tls-cert: /tls/cert.pem
tls-key: /tls/cert.key
secret: test_token_secret
users:
- name: testuser
pass: testpass
access: write
storage:
driver: filesystem
root: /storage