Infrastructure/zot
0
Fork 0
mirror of https://github.com/project-zot/zot.git synced 2024-12-16 21:56:37 -05:00
Code Issues Activity

test: add test images build instructions and stacker.yamls (#2249)

Browse source 
Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
This commit is contained in:
Andrei Aaron 2024-02-15 13:49:25 +02:00 committed by GitHub
parent d04568b853
commit cc2eda0335
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
4 changed files with 81 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

39
test/images/README.md Normal file
View file

@ -0,0 +1,39 @@
# Build scripts for images used in tests
## General instructions
This folder contains build files used to produce oci images used in zot tests.
Build them using stacker, and copy them over to ghrc.io using skopeo.
For example in case of the java image:
```bash
stacker build -f stacker-java.yaml
```
Check the image is scanned correctly using a trivy binary, in order to make sure it does
or does not contain expected vulnerabilities, in case the image is to be used for CVE scanning.
```bash
trivy image scan --input oci:java-test
```
Copy the new image over to ghcr.io using skopeo
```bash
skopeo copy --dest-creds=<user>:<token> oci:oci:java-test docker://ghcr.io/project-zot/test-images/java:0.0.1
```
## Images
### Java
The file stacker-java.yaml is used to produce the images in the repo at: ghcr.io/project-zot/test-images/java
Basically we compile a simple java file and without any vulnerabilities.
We can test the CVE scanning of Java images, including zot downloading the Java vulnerability DB.
### Spring
The file stacker-spring.yaml is used to produce the images in the repo at: ghcr.io/project-zot/test-images/spring-web
We just copy and download the already compiled spring jar file.
It can be scanned to identify at least one Java specific vulnerability in zot tests.

31
test/images/stacker-java.yaml Normal file
View file

@ -0,0 +1,31 @@
build-java-test:
from:
type: docker
url: docker://zothub.io/c3/ubuntu/openj9-devel-amd64:11
import:
- test.java
run: |
. /etc/profile
env # export PATH=$PATH:/bin:/usr/bin
javac -version
java -version
mkdir /workspace
cp /stacker/test.java /workspace/
cd /workspace/
mkdir META-INF
echo "Main-Class: test" > META-INF/MANIFEST.MF
javac test.java
ls
java test
jar cmvf META-INF/MANIFEST.MF test.jar test.class
ls
jar tf test.jar
java -jar test.jar
build_only: true
java-test:
from:
type: scratch
import:
path: stacker://build-java-test/workspace/
dest: /

6
test/images/stacker-spring.yaml Normal file
View file

@ -0,0 +1,6 @@
spring-test:
from:
type: scratch
import:
- path: "https://repo1.maven.org/maven2/org/springframework/spring-web/5.3.31/spring-web-5.3.31.jar"
dest: /usr/local/artifacts/

5
test/images/test.java Normal file
View file

@ -0,0 +1,5 @@
public class test {
public static void main(String[] args) {
System.out.println("hello world!");
}
}