mirror of
https://github.com/projectatomic/atomic.git
synced 2026-02-05 18:45:01 +01:00
c71664ef97
Laymen users who are told to run a image may not understand the docker run switches that have security implications. We now look for the following switches: * --privileged * --cap-add * --security-opt label:disable * --net=host * --pid=host * --ipc=host and output an appropriate security message. Also, moved def run() from Atomic/atomic.py to Atomic/run.py to reduce the size and the number of definitions in Atomic/atomic.py.
33 lines
908 B
Bash
Executable File
33 lines
908 B
Bash
Executable File
#!/bin/bash -x
|
|
set -euo pipefail
|
|
IFS=$'\n\t'
|
|
|
|
# Test scripts run with PWD=tests/..
|
|
|
|
# The test harness exports some variables into the environment during
|
|
# testing: PYTHONPATH (python module import path
|
|
# WORK_DIR (a directory that is safe to modify)
|
|
# DOCKER (the docker executable location)
|
|
# ATOMIC (an invocation of 'atomic' which measures code coverage)
|
|
# SECRET (a generated sha256 hash inserted into test containers)
|
|
|
|
# In addition, the test harness creates some images for use in testing.
|
|
# See tests/test-images/
|
|
|
|
OUTPUT=$(/bin/true)
|
|
|
|
# Test standard help in man format
|
|
${ATOMIC} help atomic-test-1 1>/dev/null
|
|
|
|
# Test override label
|
|
${ATOMIC} help atomic-test-3 1>/dev/null
|
|
|
|
rc=0
|
|
${ATOMIC} help centos:latest 1>/dev/null || rc=$?
|
|
if [[ ${rc} != 1 ]]; then
|
|
# Test failed
|
|
echo "This test should result in a return code of 1"
|
|
exit 1
|
|
fi
|
|
|