mirror of
https://github.com/project-zot/zot.git
synced 2024-12-16 21:56:37 -05:00
test: add test images build instructions and stacker.yamls (#2249)
Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
This commit is contained in:
parent
d04568b853
commit
cc2eda0335
4 changed files with 81 additions and 0 deletions
39
test/images/README.md
Normal file
39
test/images/README.md
Normal file
|
@ -0,0 +1,39 @@
|
|||
# Build scripts for images used in tests
|
||||
|
||||
## General instructions
|
||||
|
||||
This folder contains build files used to produce oci images used in zot tests.
|
||||
Build them using stacker, and copy them over to ghrc.io using skopeo.
|
||||
|
||||
For example in case of the java image:
|
||||
|
||||
```bash
|
||||
stacker build -f stacker-java.yaml
|
||||
```
|
||||
|
||||
Check the image is scanned correctly using a trivy binary, in order to make sure it does
|
||||
or does not contain expected vulnerabilities, in case the image is to be used for CVE scanning.
|
||||
|
||||
```bash
|
||||
trivy image scan --input oci:java-test
|
||||
```
|
||||
|
||||
Copy the new image over to ghcr.io using skopeo
|
||||
|
||||
```bash
|
||||
skopeo copy --dest-creds=<user>:<token> oci:oci:java-test docker://ghcr.io/project-zot/test-images/java:0.0.1
|
||||
```
|
||||
|
||||
## Images
|
||||
|
||||
### Java
|
||||
|
||||
The file stacker-java.yaml is used to produce the images in the repo at: ghcr.io/project-zot/test-images/java
|
||||
Basically we compile a simple java file and without any vulnerabilities.
|
||||
We can test the CVE scanning of Java images, including zot downloading the Java vulnerability DB.
|
||||
|
||||
### Spring
|
||||
|
||||
The file stacker-spring.yaml is used to produce the images in the repo at: ghcr.io/project-zot/test-images/spring-web
|
||||
We just copy and download the already compiled spring jar file.
|
||||
It can be scanned to identify at least one Java specific vulnerability in zot tests.
|
31
test/images/stacker-java.yaml
Normal file
31
test/images/stacker-java.yaml
Normal file
|
@ -0,0 +1,31 @@
|
|||
build-java-test:
|
||||
from:
|
||||
type: docker
|
||||
url: docker://zothub.io/c3/ubuntu/openj9-devel-amd64:11
|
||||
import:
|
||||
- test.java
|
||||
run: |
|
||||
. /etc/profile
|
||||
env # export PATH=$PATH:/bin:/usr/bin
|
||||
javac -version
|
||||
java -version
|
||||
mkdir /workspace
|
||||
cp /stacker/test.java /workspace/
|
||||
cd /workspace/
|
||||
mkdir META-INF
|
||||
echo "Main-Class: test" > META-INF/MANIFEST.MF
|
||||
javac test.java
|
||||
ls
|
||||
java test
|
||||
jar cmvf META-INF/MANIFEST.MF test.jar test.class
|
||||
ls
|
||||
jar tf test.jar
|
||||
java -jar test.jar
|
||||
build_only: true
|
||||
|
||||
java-test:
|
||||
from:
|
||||
type: scratch
|
||||
import:
|
||||
path: stacker://build-java-test/workspace/
|
||||
dest: /
|
6
test/images/stacker-spring.yaml
Normal file
6
test/images/stacker-spring.yaml
Normal file
|
@ -0,0 +1,6 @@
|
|||
spring-test:
|
||||
from:
|
||||
type: scratch
|
||||
import:
|
||||
- path: "https://repo1.maven.org/maven2/org/springframework/spring-web/5.3.31/spring-web-5.3.31.jar"
|
||||
dest: /usr/local/artifacts/
|
5
test/images/test.java
Normal file
5
test/images/test.java
Normal file
|
@ -0,0 +1,5 @@
|
|||
public class test {
|
||||
public static void main(String[] args) {
|
||||
System.out.println("hello world!");
|
||||
}
|
||||
}
|
Loading…
Reference in a new issue