add

project-stacker · Dec 11, 2023 · 996acb3 · 996acb3
1 parent b4193b6
commit 996acb3
Showing 1 changed file with 46 additions and 45 deletions.
diff --git a/test/bom.bats b/test/bom.bats
@@ -155,51 +155,6 @@ EOF
     stacker clean
 }
 
-@test "bom for alpine-based image" {
-  cat > stacker.yaml <<EOF
-bom-alpine:
-  from:
-    type: oci
-    url: $ALPINE_OCI
-  bom:
-    generate: true
-    packages:
-      - name: pkg1
-        version: 1.0.0
-        license: Apache-2.0
-        paths: [/file1]
-  annotations:
-    org.opencontainers.image.authors: bom-alpine
-    org.opencontainers.image.vendor: bom-alpine
-    org.opencontainers.image.licenses: MIT
-  run: |
-    # discover installed pkgs
-    /stacker/bin/stacker bom discover
-    # run our cmds
-    ls -al  /
-    # some changes
-    touch /file1
-    # cleanup
-    rm -f /etc/alpine-release /etc/apk/arch /etc/apk/repositories /etc/apk/world /etc/issue /etc/os-release /etc/secfixes.d/alpine /lib/apk/db/installed /lib/apk/db/lock /lib/apk/db/scripts.tar /lib/apk/db/triggers
-EOF
-    stacker build
-    [ -f .stacker/artifacts/bom-alpine/installed-packages.json ]
-    # a full inventory for this image
-    [ -f .stacker/artifacts/bom-alpine/inventory.json ]
-    # sbom for this image
-    [ -f .stacker/artifacts/bom-alpine/bom-alpine.json ]
-    if [ -n "${ZOT_HOST}:${ZOT_PORT}" ]; then
-      zot_setup
-      stacker publish --skip-tls --url docker://${ZOT_HOST}:${ZOT_PORT} --tag latest
-      refs=$(regctl artifact tree ${ZOT_HOST}:${ZOT_PORT}/bom-alpine:latest --format "{{json .}}" | jq '.referrer | length')
-      [ $refs -eq 2 ]
-      refs=$(regctl artifact get --subject ${ZOT_HOST}:${ZOT_PORT}/bom-alpine:latest --filter-artifact-type "application/spdx+json" | jq '.SPDXID')
-      [ $refs == \"SPDXRef-DOCUMENT\" ]
-      zot_teardown
-    fi
-    stacker clean
-}
-
 @test "pull and verify boms of published images" {
   #skip_slow_test
   cat > stacker.yaml <<EOF
@@ -290,3 +245,49 @@ EOF
     fi
     stacker clean
 }
+
+@test "bom for alpine-based image" {
+  cat > stacker.yaml <<EOF
+bom-alpine:
+  from:
+    type: oci
+    url: $ALPINE_OCI
+  bom:
+    generate: true
+    packages:
+      - name: pkg1
+        version: 1.0.0
+        license: Apache-2.0
+        paths: [/file1]
+  annotations:
+    org.opencontainers.image.authors: bom-alpine
+    org.opencontainers.image.vendor: bom-alpine
+    org.opencontainers.image.licenses: MIT
+  run: |
+    # discover installed pkgs
+    /stacker/bin/stacker bom discover
+    # run our cmds
+    ls -al  /
+    # some changes
+    touch /file1
+    # cleanup
+    rm -f /etc/alpine-release /etc/apk/arch /etc/apk/repositories /etc/apk/world /etc/issue /etc/os-release /etc/secfixes.d/alpine /lib/apk/db/installed /lib/apk/db/lock /lib/apk/db/scripts.tar /lib/apk/db/triggers
+EOF
+    stacker build
+    [ -f .stacker/artifacts/bom-alpine/installed-packages.json ]
+    # a full inventory for this image
+    [ -f .stacker/artifacts/bom-alpine/inventory.json ]
+    # sbom for this image
+    [ -f .stacker/artifacts/bom-alpine/bom-alpine.json ]
+    if [ -n "${ZOT_HOST}:${ZOT_PORT}" ]; then
+      zot_setup
+      stacker publish --skip-tls --url docker://${ZOT_HOST}:${ZOT_PORT} --tag latest
+      refs=$(regctl artifact tree ${ZOT_HOST}:${ZOT_PORT}/bom-alpine:latest --format "{{json .}}" | jq '.referrer | length')
+      [ $refs -eq 2 ]
+      refs=$(regctl artifact get --subject ${ZOT_HOST}:${ZOT_PORT}/bom-alpine:latest --filter-artifact-type "application/spdx+json" | jq '.SPDXID')
+      [ $refs == \"SPDXRef-DOCUMENT\" ]
+      zot_teardown
+    fi
+    stacker clean
+}
+