Add secrets patch to crio

Allows the user to define secret paths in /etc/containers/mounts.conf These are then volume mounted into the container Signed-off-by: umohnani8 <umohnani@redhat.com>
2017-09-22 11:10:15 -04:00 · 2017-09-22 11:10:15 -04:00 · d5b5028cb9
commit d5b5028cb9
parent d7cbdfce76
7 changed files with 282 additions and 1 deletions
--- a/test/crio_secrets.bats
+++ b/test/crio_secrets.bats
@ -0,0 +1,44 @@
+#!/usr/bin/env bats
+
+load helpers
+
+IMAGE="redis:alpine"
+
+function teardown() {
+	cleanup_test
+}
+
+function setup() {
+    MOUNT_PATH="$TESTDIR/secrets"
+    mkdir ${MOUNT_PATH}
+    MOUNT_FILE="${MOUNT_PATH}/test.txt"
+    touch ${MOUNT_FILE}
+    echo "Testing secrets mounts!" > ${MOUNT_FILE}
+
+    echo "${MOUNT_PATH}:/container/path1" > ${DEFAULT_MOUNTS_FILE}
+}
+
+@test "bind secrets mounts to container" {
+    start_crio
+    run crioctl pod run --config "$TESTDATA"/sandbox_config.json
+    echo "$output"
+    [ "$status" -eq 0 ]
+    pod_id="$output"
+    run crioctl image pull "$IMAGE"
+    [ "$status" -eq 0 ]
+    run crioctl ctr create --config "$TESTDATA"/container_redis.json --pod "$pod_id"
+    echo "$output"
+    [ "$status" -eq 0 ]
+    ctr_id="$output"
+    run crioctl ctr execsync --id "$ctr_id" mount
+    echo "$output"
+    [ "$status" -eq 0 ]
+    mount_info="$output"
+    grep $ctr_id/userdata/container/path1 <<< "$mount_info"
+    echo "$output"
+    [ "$status" -eq 0 ]
+    rm -rf MOUNT_PATH
+    cleanup_ctrs
+    cleanup_pods
+    stop_crio
+}