8
. "github.com/containers/podman/v5/test/utils"
9
. "github.com/onsi/ginkgo/v2"
10
. "github.com/onsi/gomega"
13
// Each of these tests runs with a different GNUPGHOME; gpg-agent blows up
14
// if these run in parallel. We use Serial, not Ordered, because tests in
15
// trust_test.go also rely on gpg and can't coexist with us.
16
var _ = Describe("Podman image sign", Serial, func() {
17
var origGNUPGHOME string
20
SkipIfRemote("podman-remote image sign is not supported")
21
tempGNUPGHOME := filepath.Join(podmanTest.TempDir, "tmpGPG")
22
err := os.Mkdir(tempGNUPGHOME, os.ModePerm)
23
Expect(err).ToNot(HaveOccurred())
25
origGNUPGHOME = os.Getenv("GNUPGHOME")
26
err = os.Setenv("GNUPGHOME", tempGNUPGHOME)
27
Expect(err).ToNot(HaveOccurred())
32
// There's no way to run gpg without an agent, so, clean up
33
// after every test. No need to check error status.
34
cmd := exec.Command("gpgconf", "--kill", "gpg-agent")
35
cmd.Stdout = GinkgoWriter
36
cmd.Stderr = GinkgoWriter
39
os.Setenv("GNUPGHOME", origGNUPGHOME)
42
It("podman sign image", func() {
43
cmd := exec.Command("gpg", "--import", "sign/secret-key.asc")
44
cmd.Stdout = GinkgoWriter
45
cmd.Stderr = GinkgoWriter
47
Expect(err).ToNot(HaveOccurred())
48
sigDir := filepath.Join(podmanTest.TempDir, "test-sign")
49
err = os.MkdirAll(sigDir, os.ModePerm)
50
Expect(err).ToNot(HaveOccurred())
51
session := podmanTest.Podman([]string{"image", "sign", "--directory", sigDir, "--sign-by", "foo@bar.com", "docker://library/alpine"})
52
session.WaitWithDefaultTimeout()
53
Expect(session).Should(ExitCleanly())
54
_, err = os.Stat(filepath.Join(sigDir, "library"))
55
Expect(err).ToNot(HaveOccurred())
58
It("podman sign --all multi-arch image", func() {
59
cmd := exec.Command("gpg", "--import", "sign/secret-key.asc")
60
cmd.Stdout = GinkgoWriter
61
cmd.Stderr = GinkgoWriter
63
Expect(err).ToNot(HaveOccurred())
64
sigDir := filepath.Join(podmanTest.TempDir, "test-sign-multi")
65
err = os.MkdirAll(sigDir, os.ModePerm)
66
Expect(err).ToNot(HaveOccurred())
67
session := podmanTest.Podman([]string{"image", "sign", "--all", "--directory", sigDir, "--sign-by", "foo@bar.com", "docker://library/alpine"})
68
session.WaitWithDefaultTimeout()
69
Expect(session).Should(ExitCleanly())
70
fInfos, err := os.ReadDir(filepath.Join(sigDir, "library"))
71
Expect(err).ToNot(HaveOccurred())
72
Expect(len(fInfos)).To(BeNumerically(">", 1), "len(fInfos)")