Skip to content

Commit

Permalink
test
Browse files Browse the repository at this point in the history
  • Loading branch information
@binbin-li
binbin-li committed Apr 30, 2024
1 parent 5c39451 commit d89c430
Show file tree
Hide file tree
Showing 3 changed files with 23 additions and 2 deletions.
2 changes: 1 addition & 1 deletion scripts/azure-ci-test.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -135,7 +135,7 @@ trap cleanup EXIT
main() {
./scripts/create-azure-resources.sh
create_key_akv

local ACR_USER_NAME="00000000-0000-0000-0000-000000000000"
local ACR_PASSWORD=$(az acr login --name ${ACR_NAME} --expose-token --output tsv --query accessToken)
make e2e-azure-setup TEST_REGISTRY=$REGISTRY TEST_REGISTRY_USERNAME=${ACR_USER_NAME} TEST_REGISTRY_PASSWORD=${ACR_PASSWORD} KEYVAULT_KEY_NAME=${KEYVAULT_KEY_NAME} KEYVAULT_NAME=${KEYVAULT_NAME}
Expand Down
5 changes: 4 additions & 1 deletion test/bats/azure-test.bats
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@ SLEEP_TIME=1
assert_success
run kubectl apply -f ./library/default/samples/constraint.yaml
assert_success

# verify that the image can be run with a root cert, root verification cert should have been configured on deployment
run kubectl run demo-leaf --namespace default --image=${TEST_REGISTRY}/notation:leafSigned
assert_success
Expand Down Expand Up @@ -112,6 +112,9 @@ SLEEP_TIME=1
run kubectl apply -f ./library/default/samples/constraint.yaml
assert_success
sleep 5
run kubectl apply -f ./test/bats/tests/config/config_v1beta1_verifier_cosign_akv.yaml
assert_success
sleep 5

run kubectl run cosign-demo --namespace default --image=${TEST_REGISTRY}/cosign:signed-key
assert_success
Expand Down
18 changes: 18 additions & 0 deletions test/bats/tests/config/config_v1beta1_verifier_cosign_akv.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
apiVersion: config.ratify.deislabs.io/v1beta1
kind: Verifier
metadata:
name: verifier-cosign
annotations:
helm.sh/hook: pre-install,pre-upgrade
helm.sh/hook-weight: "5"
spec:
name: cosign
artifactTypes: application/vnd.dev.cosign.artifact.sig.v1+json
parameters:
trustPolicies:
- name: default
version: 1.0.0
scopes:
- "*"
keys:
- provider: gatekeeper-system/kmprovider-akv

0 comments on commit d89c430

Please sign in to comment.