Clean up tests to remove duplicate code
Add tests which run pull and create in an isolated configuration directory.
Add build test for untrusted tag
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
... | ... |
@@ -5328,3 +5328,48 @@ func (s *DockerSuite) TestBuildRUNErrMsg(c *check.C) { |
5328 | 5328 |
c.Fatalf("RUN doesn't have the correct output:\nGot:%s\nExpected:%s", out, exp) |
5329 | 5329 |
} |
5330 | 5330 |
} |
5331 |
+ |
|
5332 |
+func (s *DockerTrustSuite) TestTrustedBuild(c *check.C) { |
|
5333 |
+ repoName := s.setupTrustedImage(c, "trusted-build") |
|
5334 |
+ dockerFile := fmt.Sprintf(` |
|
5335 |
+ FROM %s |
|
5336 |
+ RUN [] |
|
5337 |
+ `, repoName) |
|
5338 |
+ |
|
5339 |
+ name := "testtrustedbuild" |
|
5340 |
+ |
|
5341 |
+ buildCmd := buildImageCmd(name, dockerFile, true) |
|
5342 |
+ s.trustedCmd(buildCmd) |
|
5343 |
+ out, _, err := runCommandWithOutput(buildCmd) |
|
5344 |
+ if err != nil { |
|
5345 |
+ c.Fatalf("Error running trusted build: %s\n%s", err, out) |
|
5346 |
+ } |
|
5347 |
+ |
|
5348 |
+ if !strings.Contains(out, fmt.Sprintf("FROM %s@sha", repoName[:len(repoName)-7])) { |
|
5349 |
+ c.Fatalf("Unexpected output on trusted build:\n%s", out) |
|
5350 |
+ } |
|
5351 |
+ |
|
5352 |
+ // Build command does not create untrusted tag |
|
5353 |
+ //dockerCmd(c, "rmi", repoName) |
|
5354 |
+} |
|
5355 |
+ |
|
5356 |
+func (s *DockerTrustSuite) TestTrustedBuildUntrustedTag(c *check.C) { |
|
5357 |
+ repoName := fmt.Sprintf("%v/dockercli/build-untrusted-tag:latest", privateRegistryURL) |
|
5358 |
+ dockerFile := fmt.Sprintf(` |
|
5359 |
+ FROM %s |
|
5360 |
+ RUN [] |
|
5361 |
+ `, repoName) |
|
5362 |
+ |
|
5363 |
+ name := "testtrustedbuilduntrustedtag" |
|
5364 |
+ |
|
5365 |
+ buildCmd := buildImageCmd(name, dockerFile, true) |
|
5366 |
+ s.trustedCmd(buildCmd) |
|
5367 |
+ out, _, err := runCommandWithOutput(buildCmd) |
|
5368 |
+ if err == nil { |
|
5369 |
+ c.Fatalf("Expected error on trusted build with untrusted tag: %s\n%s", err, out) |
|
5370 |
+ } |
|
5371 |
+ |
|
5372 |
+ if !strings.Contains(out, fmt.Sprintf("no trust data available")) { |
|
5373 |
+ c.Fatalf("Unexpected output on trusted build with untrusted tag:\n%s", out) |
|
5374 |
+ } |
|
5375 |
+} |
... | ... |
@@ -275,26 +275,12 @@ func (s *DockerSuite) TestCreateModeIpcContainer(c *check.C) { |
275 | 275 |
} |
276 | 276 |
|
277 | 277 |
func (s *DockerTrustSuite) TestTrustedCreate(c *check.C) { |
278 |
- repoName := fmt.Sprintf("%v/dockerclicreate/trusted:latest", privateRegistryURL) |
|
279 |
- // tag the image and upload it to the private registry |
|
280 |
- dockerCmd(c, "tag", "busybox", repoName) |
|
281 |
- |
|
282 |
- pushCmd := exec.Command(dockerBinary, "push", repoName) |
|
283 |
- s.trustedCmd(pushCmd) |
|
284 |
- out, _, err := runCommandWithOutput(pushCmd) |
|
285 |
- if err != nil { |
|
286 |
- c.Fatalf("Error running trusted push: %s\n%s", err, out) |
|
287 |
- } |
|
288 |
- if !strings.Contains(string(out), "Signing and pushing trust metadata") { |
|
289 |
- c.Fatalf("Missing expected output on trusted push:\n%s", out) |
|
290 |
- } |
|
291 |
- |
|
292 |
- dockerCmd(c, "rmi", repoName) |
|
278 |
+ repoName := s.setupTrustedImage(c, "trusted-create") |
|
293 | 279 |
|
294 | 280 |
// Try create |
295 | 281 |
createCmd := exec.Command(dockerBinary, "create", repoName) |
296 | 282 |
s.trustedCmd(createCmd) |
297 |
- out, _, err = runCommandWithOutput(createCmd) |
|
283 |
+ out, _, err := runCommandWithOutput(createCmd) |
|
298 | 284 |
if err != nil { |
299 | 285 |
c.Fatalf("Error running trusted create: %s\n%s", err, out) |
300 | 286 |
} |
... | ... |
@@ -338,22 +324,26 @@ func (s *DockerTrustSuite) TestUntrustedCreate(c *check.C) { |
338 | 338 |
} |
339 | 339 |
} |
340 | 340 |
|
341 |
-func (s *DockerTrustSuite) TestCreateWhenCertExpired(c *check.C) { |
|
342 |
- repoName := fmt.Sprintf("%v/dockercli/trusted:latest", privateRegistryURL) |
|
343 |
- // tag the image and upload it to the private registry |
|
344 |
- dockerCmd(c, "tag", "busybox", repoName) |
|
341 |
+func (s *DockerTrustSuite) TestTrustedIsolatedCreate(c *check.C) { |
|
342 |
+ repoName := s.setupTrustedImage(c, "trusted-isolated-create") |
|
345 | 343 |
|
346 |
- pushCmd := exec.Command(dockerBinary, "push", repoName) |
|
347 |
- s.trustedCmd(pushCmd) |
|
348 |
- out, _, err := runCommandWithOutput(pushCmd) |
|
344 |
+ // Try create |
|
345 |
+ createCmd := exec.Command(dockerBinary, "--config", "/tmp/docker-isolated-create", "create", repoName) |
|
346 |
+ s.trustedCmd(createCmd) |
|
347 |
+ out, _, err := runCommandWithOutput(createCmd) |
|
349 | 348 |
if err != nil { |
350 |
- c.Fatalf("Error running trusted push: %s\n%s", err, out) |
|
349 |
+ c.Fatalf("Error running trusted create: %s\n%s", err, out) |
|
351 | 350 |
} |
352 |
- if !strings.Contains(string(out), "Signing and pushing trust metadata") { |
|
351 |
+ |
|
352 |
+ if !strings.Contains(string(out), "Tagging") { |
|
353 | 353 |
c.Fatalf("Missing expected output on trusted push:\n%s", out) |
354 | 354 |
} |
355 | 355 |
|
356 | 356 |
dockerCmd(c, "rmi", repoName) |
357 |
+} |
|
358 |
+ |
|
359 |
+func (s *DockerTrustSuite) TestCreateWhenCertExpired(c *check.C) { |
|
360 |
+ repoName := s.setupTrustedImage(c, "trusted-create-expired") |
|
357 | 361 |
|
358 | 362 |
// Certificates have 10 years of expiration |
359 | 363 |
elevenYearsFromNow := time.Now().Add(time.Hour * 24 * 365 * 11) |
... | ... |
@@ -362,7 +352,7 @@ func (s *DockerTrustSuite) TestCreateWhenCertExpired(c *check.C) { |
362 | 362 |
// Try create |
363 | 363 |
createCmd := exec.Command(dockerBinary, "create", repoName) |
364 | 364 |
s.trustedCmd(createCmd) |
365 |
- out, _, err = runCommandWithOutput(createCmd) |
|
365 |
+ out, _, err := runCommandWithOutput(createCmd) |
|
366 | 366 |
if err == nil { |
367 | 367 |
c.Fatalf("Error running trusted create in the distant future: %s\n%s", err, out) |
368 | 368 |
} |
... | ... |
@@ -376,7 +366,7 @@ func (s *DockerTrustSuite) TestCreateWhenCertExpired(c *check.C) { |
376 | 376 |
// Try create |
377 | 377 |
createCmd := exec.Command(dockerBinary, "create", "--untrusted", repoName) |
378 | 378 |
s.trustedCmd(createCmd) |
379 |
- out, _, err = runCommandWithOutput(createCmd) |
|
379 |
+ out, _, err := runCommandWithOutput(createCmd) |
|
380 | 380 |
if err != nil { |
381 | 381 |
c.Fatalf("Error running untrusted create in the distant future: %s\n%s", err, out) |
382 | 382 |
} |
... | ... |
@@ -155,26 +155,12 @@ func (s *DockerSuite) TestPullImageWithAllTagFromCentralRegistry(c *check.C) { |
155 | 155 |
} |
156 | 156 |
|
157 | 157 |
func (s *DockerTrustSuite) TestTrustedPull(c *check.C) { |
158 |
- repoName := fmt.Sprintf("%v/dockerclipull/trusted:latest", privateRegistryURL) |
|
159 |
- // tag the image and upload it to the private registry |
|
160 |
- dockerCmd(c, "tag", "busybox", repoName) |
|
161 |
- |
|
162 |
- pushCmd := exec.Command(dockerBinary, "push", repoName) |
|
163 |
- s.trustedCmd(pushCmd) |
|
164 |
- out, _, err := runCommandWithOutput(pushCmd) |
|
165 |
- if err != nil { |
|
166 |
- c.Fatalf("Error running trusted push: %s\n%s", err, out) |
|
167 |
- } |
|
168 |
- if !strings.Contains(string(out), "Signing and pushing trust metadata") { |
|
169 |
- c.Fatalf("Missing expected output on trusted push:\n%s", out) |
|
170 |
- } |
|
171 |
- |
|
172 |
- dockerCmd(c, "rmi", repoName) |
|
158 |
+ repoName := s.setupTrustedImage(c, "trusted-pull") |
|
173 | 159 |
|
174 | 160 |
// Try pull |
175 | 161 |
pullCmd := exec.Command(dockerBinary, "pull", repoName) |
176 | 162 |
s.trustedCmd(pullCmd) |
177 |
- out, _, err = runCommandWithOutput(pullCmd) |
|
163 |
+ out, _, err := runCommandWithOutput(pullCmd) |
|
178 | 164 |
if err != nil { |
179 | 165 |
c.Fatalf("Error running trusted pull: %s\n%s", err, out) |
180 | 166 |
} |
... | ... |
@@ -198,6 +184,24 @@ func (s *DockerTrustSuite) TestTrustedPull(c *check.C) { |
198 | 198 |
} |
199 | 199 |
} |
200 | 200 |
|
201 |
+func (s *DockerTrustSuite) TestTrustedIsolatedPull(c *check.C) { |
|
202 |
+ repoName := s.setupTrustedImage(c, "trusted-isolatd-pull") |
|
203 |
+ |
|
204 |
+ // Try pull (run from isolated directory without trust information) |
|
205 |
+ pullCmd := exec.Command(dockerBinary, "--config", "/tmp/docker-isolated", "pull", repoName) |
|
206 |
+ s.trustedCmd(pullCmd) |
|
207 |
+ out, _, err := runCommandWithOutput(pullCmd) |
|
208 |
+ if err != nil { |
|
209 |
+ c.Fatalf("Error running trusted pull: %s\n%s", err, out) |
|
210 |
+ } |
|
211 |
+ |
|
212 |
+ if !strings.Contains(string(out), "Tagging") { |
|
213 |
+ c.Fatalf("Missing expected output on trusted push:\n%s", out) |
|
214 |
+ } |
|
215 |
+ |
|
216 |
+ dockerCmd(c, "rmi", repoName) |
|
217 |
+} |
|
218 |
+ |
|
201 | 219 |
func (s *DockerTrustSuite) TestUntrustedPull(c *check.C) { |
202 | 220 |
repoName := fmt.Sprintf("%v/dockercli/trusted:latest", privateRegistryURL) |
203 | 221 |
// tag the image and upload it to the private registry |
... | ... |
@@ -219,21 +223,7 @@ func (s *DockerTrustSuite) TestUntrustedPull(c *check.C) { |
219 | 219 |
} |
220 | 220 |
|
221 | 221 |
func (s *DockerTrustSuite) TestPullWhenCertExpired(c *check.C) { |
222 |
- repoName := fmt.Sprintf("%v/dockercli/trusted:latest", privateRegistryURL) |
|
223 |
- // tag the image and upload it to the private registry |
|
224 |
- dockerCmd(c, "tag", "busybox", repoName) |
|
225 |
- |
|
226 |
- pushCmd := exec.Command(dockerBinary, "push", repoName) |
|
227 |
- s.trustedCmd(pushCmd) |
|
228 |
- out, _, err := runCommandWithOutput(pushCmd) |
|
229 |
- if err != nil { |
|
230 |
- c.Fatalf("Error running trusted push: %s\n%s", err, out) |
|
231 |
- } |
|
232 |
- if !strings.Contains(string(out), "Signing and pushing trust metadata") { |
|
233 |
- c.Fatalf("Missing expected output on trusted push:\n%s", out) |
|
234 |
- } |
|
235 |
- |
|
236 |
- dockerCmd(c, "rmi", repoName) |
|
222 |
+ repoName := s.setupTrustedImage(c, "trusted-cert-expired") |
|
237 | 223 |
|
238 | 224 |
// Certificates have 10 years of expiration |
239 | 225 |
elevenYearsFromNow := time.Now().Add(time.Hour * 24 * 365 * 11) |
... | ... |
@@ -242,7 +232,7 @@ func (s *DockerTrustSuite) TestPullWhenCertExpired(c *check.C) { |
242 | 242 |
// Try pull |
243 | 243 |
pullCmd := exec.Command(dockerBinary, "pull", repoName) |
244 | 244 |
s.trustedCmd(pullCmd) |
245 |
- out, _, err = runCommandWithOutput(pullCmd) |
|
245 |
+ out, _, err := runCommandWithOutput(pullCmd) |
|
246 | 246 |
if err == nil { |
247 | 247 |
c.Fatalf("Error running trusted pull in the distant future: %s\n%s", err, out) |
248 | 248 |
} |
... | ... |
@@ -256,7 +246,7 @@ func (s *DockerTrustSuite) TestPullWhenCertExpired(c *check.C) { |
256 | 256 |
// Try pull |
257 | 257 |
pullCmd := exec.Command(dockerBinary, "pull", "--untrusted", repoName) |
258 | 258 |
s.trustedCmd(pullCmd) |
259 |
- out, _, err = runCommandWithOutput(pullCmd) |
|
259 |
+ out, _, err := runCommandWithOutput(pullCmd) |
|
260 | 260 |
if err != nil { |
261 | 261 |
c.Fatalf("Error running untrusted pull in the distant future: %s\n%s", err, out) |
262 | 262 |
} |
... | ... |
@@ -281,7 +281,7 @@ func (s *DockerTrustSuite) TestTrustedPushWithIncorrectPassphraseForNonRoot(c *c |
281 | 281 |
c.Fatalf("Error missing from trusted push with short targets passphrase: \n%s", out) |
282 | 282 |
} |
283 | 283 |
|
284 |
- if !strings.Contains(string(out), "Password Invalid, operation has failed") { |
|
284 |
+ if !strings.Contains(string(out), "password invalid, operation has failed") { |
|
285 | 285 |
c.Fatalf("Missing expected output on trusted push with short targets/snapsnot passphrase:\n%s", out) |
286 | 286 |
} |
287 | 287 |
} |
... | ... |
@@ -2549,26 +2549,12 @@ func (s *DockerSuite) TestRunNetworkFilesBindMount(c *check.C) { |
2549 | 2549 |
} |
2550 | 2550 |
|
2551 | 2551 |
func (s *DockerTrustSuite) TestTrustedRun(c *check.C) { |
2552 |
- repoName := fmt.Sprintf("%v/dockerclirun/trusted:latest", privateRegistryURL) |
|
2553 |
- // tag the image and upload it to the private registry |
|
2554 |
- dockerCmd(c, "tag", "busybox", repoName) |
|
2555 |
- |
|
2556 |
- pushCmd := exec.Command(dockerBinary, "push", repoName) |
|
2557 |
- s.trustedCmd(pushCmd) |
|
2558 |
- out, _, err := runCommandWithOutput(pushCmd) |
|
2559 |
- if err != nil { |
|
2560 |
- c.Fatalf("Error running trusted push: %s\n%s", err, out) |
|
2561 |
- } |
|
2562 |
- if !strings.Contains(string(out), "Signing and pushing trust metadata") { |
|
2563 |
- c.Fatalf("Missing expected output on trusted push:\n%s", out) |
|
2564 |
- } |
|
2565 |
- |
|
2566 |
- dockerCmd(c, "rmi", repoName) |
|
2552 |
+ repoName := s.setupTrustedImage(c, "trusted-run") |
|
2567 | 2553 |
|
2568 | 2554 |
// Try run |
2569 | 2555 |
runCmd := exec.Command(dockerBinary, "run", repoName) |
2570 | 2556 |
s.trustedCmd(runCmd) |
2571 |
- out, _, err = runCommandWithOutput(runCmd) |
|
2557 |
+ out, _, err := runCommandWithOutput(runCmd) |
|
2572 | 2558 |
if err != nil { |
2573 | 2559 |
c.Fatalf("Error running trusted run: %s\n%s\n", err, out) |
2574 | 2560 |
} |
... | ... |
@@ -2613,21 +2599,7 @@ func (s *DockerTrustSuite) TestUntrustedRun(c *check.C) { |
2613 | 2613 |
} |
2614 | 2614 |
|
2615 | 2615 |
func (s *DockerTrustSuite) TestRunWhenCertExpired(c *check.C) { |
2616 |
- repoName := fmt.Sprintf("%v/dockercli/trusted:latest", privateRegistryURL) |
|
2617 |
- // tag the image and upload it to the private registry |
|
2618 |
- dockerCmd(c, "tag", "busybox", repoName) |
|
2619 |
- |
|
2620 |
- pushCmd := exec.Command(dockerBinary, "push", repoName) |
|
2621 |
- s.trustedCmd(pushCmd) |
|
2622 |
- out, _, err := runCommandWithOutput(pushCmd) |
|
2623 |
- if err != nil { |
|
2624 |
- c.Fatalf("Error running trusted push: %s\n%s", err, out) |
|
2625 |
- } |
|
2626 |
- if !strings.Contains(string(out), "Signing and pushing trust metadata") { |
|
2627 |
- c.Fatalf("Missing expected output on trusted push:\n%s", out) |
|
2628 |
- } |
|
2629 |
- |
|
2630 |
- dockerCmd(c, "rmi", repoName) |
|
2616 |
+ repoName := s.setupTrustedImage(c, "trusted-run-expired") |
|
2631 | 2617 |
|
2632 | 2618 |
// Certificates have 10 years of expiration |
2633 | 2619 |
elevenYearsFromNow := time.Now().Add(time.Hour * 24 * 365 * 11) |
... | ... |
@@ -2636,7 +2608,7 @@ func (s *DockerTrustSuite) TestRunWhenCertExpired(c *check.C) { |
2636 | 2636 |
// Try run |
2637 | 2637 |
runCmd := exec.Command(dockerBinary, "run", repoName) |
2638 | 2638 |
s.trustedCmd(runCmd) |
2639 |
- out, _, err = runCommandWithOutput(runCmd) |
|
2639 |
+ out, _, err := runCommandWithOutput(runCmd) |
|
2640 | 2640 |
if err == nil { |
2641 | 2641 |
c.Fatalf("Error running trusted run in the distant future: %s\n%s", err, out) |
2642 | 2642 |
} |
... | ... |
@@ -2650,7 +2622,7 @@ func (s *DockerTrustSuite) TestRunWhenCertExpired(c *check.C) { |
2650 | 2650 |
// Try run |
2651 | 2651 |
runCmd := exec.Command(dockerBinary, "run", "--untrusted", repoName) |
2652 | 2652 |
s.trustedCmd(runCmd) |
2653 |
- out, _, err = runCommandWithOutput(runCmd) |
|
2653 |
+ out, _, err := runCommandWithOutput(runCmd) |
|
2654 | 2654 |
if err != nil { |
2655 | 2655 |
c.Fatalf("Error running untrusted run in the distant future: %s\n%s", err, out) |
2656 | 2656 |
} |
... | ... |
@@ -969,14 +969,20 @@ func getContainerState(c *check.C, id string) (int, bool, error) { |
969 | 969 |
return exitStatus, running, nil |
970 | 970 |
} |
971 | 971 |
|
972 |
-func buildImageWithOut(name, dockerfile string, useCache bool) (string, string, error) { |
|
973 |
- args := []string{"build", "-t", name} |
|
972 |
+func buildImageCmd(name, dockerfile string, useCache bool) *exec.Cmd { |
|
973 |
+ args := []string{"-D", "build", "-t", name} |
|
974 | 974 |
if !useCache { |
975 | 975 |
args = append(args, "--no-cache") |
976 | 976 |
} |
977 | 977 |
args = append(args, "-") |
978 | 978 |
buildCmd := exec.Command(dockerBinary, args...) |
979 | 979 |
buildCmd.Stdin = strings.NewReader(dockerfile) |
980 |
+ return buildCmd |
|
981 |
+ |
|
982 |
+} |
|
983 |
+ |
|
984 |
+func buildImageWithOut(name, dockerfile string, useCache bool) (string, string, error) { |
|
985 |
+ buildCmd := buildImageCmd(name, dockerfile, useCache) |
|
980 | 986 |
out, exitCode, err := runCommandWithOutput(buildCmd) |
981 | 987 |
if err != nil || exitCode != 0 { |
982 | 988 |
return "", out, fmt.Errorf("failed to build the image: %s", out) |
... | ... |
@@ -989,13 +995,7 @@ func buildImageWithOut(name, dockerfile string, useCache bool) (string, string, |
989 | 989 |
} |
990 | 990 |
|
991 | 991 |
func buildImageWithStdoutStderr(name, dockerfile string, useCache bool) (string, string, string, error) { |
992 |
- args := []string{"build", "-t", name} |
|
993 |
- if !useCache { |
|
994 |
- args = append(args, "--no-cache") |
|
995 |
- } |
|
996 |
- args = append(args, "-") |
|
997 |
- buildCmd := exec.Command(dockerBinary, args...) |
|
998 |
- buildCmd.Stdin = strings.NewReader(dockerfile) |
|
992 |
+ buildCmd := buildImageCmd(name, dockerfile, useCache) |
|
999 | 993 |
stdout, stderr, exitCode, err := runCommandWithStdoutStderr(buildCmd) |
1000 | 994 |
if err != nil || exitCode != 0 { |
1001 | 995 |
return "", stdout, stderr, fmt.Errorf("failed to build the image: %s", stdout) |
... | ... |
@@ -8,6 +8,7 @@ import ( |
8 | 8 |
"os" |
9 | 9 |
"os/exec" |
10 | 10 |
"path/filepath" |
11 |
+ "strings" |
|
11 | 12 |
"time" |
12 | 13 |
|
13 | 14 |
"github.com/docker/docker/pkg/tlsconfig" |
... | ... |
@@ -107,6 +108,7 @@ func (s *DockerTrustSuite) trustedCmdWithServer(cmd *exec.Cmd, server string) { |
107 | 107 |
pwd := "12345678" |
108 | 108 |
trustCmdEnv(cmd, server, pwd, pwd, pwd) |
109 | 109 |
} |
110 |
+ |
|
110 | 111 |
func (s *DockerTrustSuite) trustedCmdWithPassphrases(cmd *exec.Cmd, rootPwd, snapshotPwd, targetPwd string) { |
111 | 112 |
trustCmdEnv(cmd, s.not.address(), rootPwd, snapshotPwd, targetPwd) |
112 | 113 |
} |
... | ... |
@@ -121,3 +123,25 @@ func trustCmdEnv(cmd *exec.Cmd, server, rootPwd, snapshotPwd, targetPwd string) |
121 | 121 |
} |
122 | 122 |
cmd.Env = append(os.Environ(), env...) |
123 | 123 |
} |
124 |
+ |
|
125 |
+func (s *DockerTrustSuite) setupTrustedImage(c *check.C, name string) string { |
|
126 |
+ repoName := fmt.Sprintf("%v/dockercli/%s:latest", privateRegistryURL, name) |
|
127 |
+ // tag the image and upload it to the private registry |
|
128 |
+ dockerCmd(c, "tag", "busybox", repoName) |
|
129 |
+ |
|
130 |
+ pushCmd := exec.Command(dockerBinary, "push", repoName) |
|
131 |
+ s.trustedCmd(pushCmd) |
|
132 |
+ out, _, err := runCommandWithOutput(pushCmd) |
|
133 |
+ if err != nil { |
|
134 |
+ c.Fatalf("Error running trusted push: %s\n%s", err, out) |
|
135 |
+ } |
|
136 |
+ if !strings.Contains(string(out), "Signing and pushing trust metadata") { |
|
137 |
+ c.Fatalf("Missing expected output on trusted push:\n%s", out) |
|
138 |
+ } |
|
139 |
+ |
|
140 |
+ if out, status := dockerCmd(c, "rmi", repoName); status != 0 { |
|
141 |
+ c.Fatalf("Error removing image %q\n%s", repoName, out) |
|
142 |
+ } |
|
143 |
+ |
|
144 |
+ return repoName |
|
145 |
+} |