Merge pull request #1490 from coreos-inc/aci-reproduce
Make ACI generation consistent across calls
This commit is contained in:
josephschorr
commit
47afbb65dc
5 changed files with 60 additions and 16 deletions
|
|
@ -19,7 +19,7 @@ from cryptography.x509 import load_pem_x509_certificate
|
|||
from cryptography.hazmat.backends import default_backend
|
||||
|
||||
from app import app, storage
|
||||
from data.database import close_db_filter, configure
|
||||
from data.database import close_db_filter, configure, DerivedStorageForImage
|
||||
from data import model
|
||||
from endpoints.v1 import v1_bp
|
||||
from endpoints.v2 import v2_bp
|
||||
|
|
@ -83,6 +83,12 @@ def set_feature(feature_name):
|
|||
return jsonify({'old_value': old_value})
|
||||
|
||||
|
||||
@testbp.route('/clearderivedcache', methods=['POST'])
|
||||
def clearderivedcache():
|
||||
DerivedStorageForImage.delete().execute()
|
||||
return 'OK'
|
||||
|
||||
|
||||
@testbp.route('/removeuncompressed/<image_id>', methods=['POST'])
|
||||
def removeuncompressed(image_id):
|
||||
image = model.image.get_image_by_id('devtable', 'newrepo', image_id)
|
||||
|
|
@ -1449,7 +1455,7 @@ class ACIConversionTests(RegistryTestCaseMixin, V1RegistryPushMixin, LiveServerT
|
|||
|
||||
def get_converted_signature(self):
|
||||
# Give time for the signature to be written before continuing.
|
||||
time.sleep(1)
|
||||
time.sleep(2)
|
||||
response = self.conduct('GET', '/c1/aci/localhost:5000/devtable/newrepo/latest/aci.asc/linux/amd64/', auth='sig')
|
||||
return response.content
|
||||
|
||||
|
|
@ -1485,6 +1491,7 @@ class ACIConversionTests(RegistryTestCaseMixin, V1RegistryPushMixin, LiveServerT
|
|||
# Pull the squashed version of the tag.
|
||||
tar, converted = self.get_converted_image()
|
||||
signature = self.get_converted_signature()
|
||||
first_hash = hashlib.sha256(converted).hexdigest()
|
||||
|
||||
# Verify the manifest.
|
||||
self.assertEquals(['manifest', 'rootfs', 'rootfs/contents'], tar.getnames())
|
||||
|
|
@ -1523,6 +1530,24 @@ class ACIConversionTests(RegistryTestCaseMixin, V1RegistryPushMixin, LiveServerT
|
|||
# Verify the signature.
|
||||
self._verify_signature(signature, converted)
|
||||
|
||||
# Clear the cache and pull again, ensuring that the hash does not change even for a completely
|
||||
# new generation of the image.
|
||||
self.conduct('POST', '/__test/clearderivedcache')
|
||||
|
||||
_, converted_again = self.get_converted_image()
|
||||
second_hash = hashlib.sha256(converted_again).hexdigest()
|
||||
self.assertEquals(second_hash, first_hash)
|
||||
|
||||
# Ensure we have a different signature (and therefore the cache was broken).
|
||||
signature_again = self.get_converted_signature()
|
||||
self.assertNotEquals(signature_again, signature)
|
||||
|
||||
# Ensure *both* signatures work for both images.
|
||||
self._verify_signature(signature, converted_again)
|
||||
self._verify_signature(signature_again, converted)
|
||||
self._verify_signature(signature_again, converted_again)
|
||||
|
||||
|
||||
def test_multilayer_conversion(self):
|
||||
images = [
|
||||
{
|
||||
|
|
|
|||
Reference in a new issue