automated commit

Signed-off-by: Public copy <41898282+github-actions[bot]@users.noreply.github.com>
chainguard-images · Feb 4, 2025 · b6ca1b0 · b6ca1b0
1 parent ee10903
commit b6ca1b0
Show file tree

Hide file tree

Showing 36 changed files with 391 additions and 269 deletions.
diff --git a/images/busybox/tests/main.tf b/images/busybox/tests/main.tf
@@ -1,14 +1,26 @@
-terraform {
-  required_providers {
-    oci = { source = "chainguard-dev/oci" }
-  }
-}
-
 variable "digest" {
   description = "The image digest to run tests over."
 }
 
-data "oci_exec_test" "runs" {
-  digest = var.digest
-  script = "${path.module}/runs.sh"
+variable "target_repository" {}
+
+module "bash_sandbox" {
+  source            = "../../../tflib/imagetest/sandboxes/bash"
+  target_repository = var.target_repository
+}
+
+module "dind_test" {
+  source = "../../../tflib/imagetest/tests/docker-in-docker"
+
+  images = { busybox = var.digest }
+
+  tests = [
+    {
+      name    = "basic functionality"
+      image   = module.bash_sandbox.image_ref
+      content = [{ source = path.module }]
+      cmd     = "./test.sh"
+    }
+  ]
 }
+
diff --git a/images/busybox/tests/runs.sh → images/busybox/tests/test.sh b/images/busybox/tests/runs.sh → images/busybox/tests/test.sh
@@ -2,20 +2,23 @@
 
 set -o errexit -o nounset -o errtrace -o pipefail -x
 
-docker run --rm $IMAGE_NAME ls >/dev/null
+image=$(echo "$IMAGES" | jq -r '.busybox.ref')
+
+docker run --rm "$image" ls >/dev/null
 
 # The image runs as nonroot by default.
-docker run --rm --entrypoint '' $IMAGE_NAME whoami | grep "^nonroot$"
+docker run --rm --entrypoint '' "$image" whoami | grep "^nonroot$"
 
 # The image contains many common utilities (some in /usr/bin and some in /bin)
 for cmd in awk basename cat chmod chown cp cut date dirname du echo egrep expr find grep head id ln ls mkdir mktemp mv printf pwd rm rmdir sed sh sort tail tar tee test touch tr uname uniq wc xargs; do
-	docker run --rm $IMAGE_NAME which $cmd | grep "/bin/$cmd$"
+  docker run --rm "$image" which "$cmd" | grep "/bin/$cmd$"
 done
 
 # The image can be used as a base image.
 cat <<EOF | docker build -t version -
-FROM ${IMAGE_NAME}
+FROM ${image}
 RUN busybox
 ENTRYPOINT ["busybox"]
 EOF
 docker run --rm version | grep "BusyBox .* multi-call binary."
+
diff --git a/images/busybox/wolfi.tf b/images/busybox/wolfi.tf
@@ -11,6 +11,7 @@ module "latest-wolfi" {
 }
 
 module "test-latest-wolfi" {
-  source = "./tests"
-  digest = module.latest-wolfi.image_ref
+  source            = "./tests"
+  digest            = module.latest-wolfi.image_ref
+  target_repository = var.target_repository
 }
diff --git a/images/crane/main.tf b/images/crane/main.tf
@@ -27,9 +27,10 @@ module "versioned" {
 }
 
 module "test-versioned" {
-  digest   = module.versioned[each.key].image_ref
-  for_each = module.versions.versions
-  source   = "./tests"
+  digest            = module.versioned[each.key].image_ref
+  for_each          = module.versions.versions
+  source            = "./tests"
+  target_repository = var.target_repository
 }
 
 module "tagger" {

diff --git a/images/crane/tests/02-manifest.sh b/images/crane/tests/02-manifest.sh
diff --git a/images/crane/tests/03-digest.sh b/images/crane/tests/03-digest.sh
diff --git a/images/crane/tests/04-ls.sh b/images/crane/tests/04-ls.sh
diff --git a/images/crane/tests/05-config.sh b/images/crane/tests/05-config.sh
diff --git a/images/crane/tests/main.tf b/images/crane/tests/main.tf
@@ -8,28 +8,24 @@ variable "digest" {
   description = "The image digest to run tests over."
 }
 
-data "oci_exec_test" "version" {
-  digest = var.digest
-  script = "docker run --rm $IMAGE_NAME version"
+variable "target_repository" {
 }
 
-data "oci_exec_test" "manifest" {
-  digest = var.digest
-  script = "${path.module}/02-manifest.sh"
+module "bash_sandbox" {
+  source            = "../../../tflib/imagetest/sandboxes/bash"
+  target_repository = var.target_repository
 }
 
-data "oci_exec_test" "digest" {
-  digest = var.digest
-  script = "${path.module}/03-digest.sh"
-}
-
-data "oci_exec_test" "ls" {
-  digest = var.digest
-  script = "${path.module}/04-ls.sh"
-}
-
-data "oci_exec_test" "config" {
-  digest = var.digest
-  script = "${path.module}/05-config.sh"
+module "dind_test" {
+  images = { crane = var.digest }
+  source = "../../../tflib/imagetest/tests/docker-in-docker"
+  tests = [
+    {
+      name    = "smoke"
+      image   = module.bash_sandbox.image_ref
+      content = [{ source = path.module }]
+      cmd     = "./smoke.sh"
+    }
+  ]
 }
 
diff --git a/images/crane/tests/smoke.sh b/images/crane/tests/smoke.sh
@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+
+image=$(echo "$IMAGES" | jq -r '.crane.ref')
+
+docker run --rm "${image}" manifest cgr.dev/chainguard/static
+docker run --rm "${image}" digest cgr.dev/chainguard/static
+docker run --rm "${image}" ls --omit-digest-tags cgr.dev/chainguard/static
+docker run --rm "${image}" config cgr.dev/chainguard/static
diff --git a/images/git/tests/main.tf b/images/git/tests/main.tf
@@ -1,30 +1,31 @@
 terraform {
   required_providers {
-    oci = { source = "chainguard-dev/oci" }
+    imagetest = { source = "chainguard-dev/imagetest" }
   }
 }
 
 variable "digest" {
   description = "The image digest to run tests over."
 }
 
-variable "check-dev" {
-  default = false
-}
+variable "target_repository" {}
 
-data "oci_exec_test" "version" {
-  digest = var.digest
-  script = "docker run --rm $IMAGE_NAME --version"
+module "bash_sandbox" {
+  source            = "../../../tflib/imagetest/sandboxes/bash"
+  target_repository = var.target_repository
 }
 
-data "oci_exec_test" "submodule" {
-  count = var.check-dev ? 1 : 0
+module "dind_test" {
+  source = "../../../tflib/imagetest/tests/docker-in-docker"
 
-  digest = var.digest
-  script = "docker run --rm $IMAGE_NAME submodule -h"
-}
+  images = { git = var.digest }
 
-data "oci_exec_test" "clone" {
-  digest = var.digest
-  script = "${path.module}/repo-clone.sh"
+  tests = [
+    {
+      name    = "smoke"
+      image   = module.bash_sandbox.image_ref
+      content = [{ source = path.module }]
+      cmd     = "./smoke.sh"
+    }
+  ]
 }
diff --git a/images/git/tests/repo-clone.sh b/images/git/tests/repo-clone.sh
diff --git a/images/git/tests/smoke.sh b/images/git/tests/smoke.sh
@@ -0,0 +1,27 @@
+#!/usr/bin/env bash
+
+set -o errexit -o nounset -o errtrace -o pipefail -x
+
+image=$(echo "$IMAGES" | jq -r '.git.ref')
+
+# Test git version
+docker run --rm "${image}" --version
+
+# Test git submodule help
+docker run --rm "${image}" submodule -h
+
+# Test repo cloning
+CLONE_URL="https://github.com/chainguard-images/.github.git"
+CLONEDIR="$(mktemp -d)"
+chmod go+wrx "${CLONEDIR}"
+
+# Clone and verify
+pushd "${CLONEDIR}"
+docker run --rm -v "${PWD}":/w -w /w "${image}" clone --depth 1 "${CLONE_URL}" .
+popd
+
+# Verify clone worked
+find "${CLONEDIR}/README.md" && echo "Clone test passed."
+
+# Cleanup
+rm -rf "${CLONEDIR}"
diff --git a/images/git/wolfi.tf b/images/git/wolfi.tf
@@ -15,14 +15,15 @@ module "latest-wolfi" {
 }
 
 module "test-latest-wolfi" {
-  for_each = local.accounts
-  source   = "./tests"
-  digest   = module.latest-wolfi[each.key].image_ref
+  for_each          = local.accounts
+  source            = "./tests"
+  digest            = module.latest-wolfi[each.key].image_ref
+  target_repository = var.target_repository
 }
 
 module "test-latest-wolfi-dev" {
-  for_each  = local.accounts
-  source    = "./tests"
-  digest    = module.latest-wolfi[each.key].dev_ref
-  check-dev = true
+  for_each          = local.accounts
+  source            = "./tests"
+  digest            = module.latest-wolfi[each.key].dev_ref
+  target_repository = var.target_repository
 }
diff --git a/images/go/main.tf b/images/go/main.tf
@@ -26,9 +26,10 @@ module "versioned" {
 }
 
 module "test-things" {
-  digest   = module.versioned[each.key].image_ref
-  for_each = module.versions.versions
-  source   = "./tests"
+  digest            = module.versioned[each.key].image_ref
+  for_each          = module.versions.versions
+  source            = "./tests"
+  target_repository = var.target_repository
 }
 
 module "tagger" {

diff --git a/images/go/tests/base-image-custom-entrypoint.sh b/images/go/tests/base-image-custom-entrypoint.sh
diff --git a/images/go/tests/base-image.sh b/images/go/tests/base-image.sh
diff --git a/images/go/tests/build-example.sh b/images/go/tests/build-example.sh