bake target to generate certs for e2e tets

Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2023-03-27 12:53:56 +02:00 · 2023-03-27 12:53:56 +02:00 · d234a81de7
parent 59ec357996
commit d234a81de7
3 changed files with 25 additions and 12 deletions
--- a/docker-bake.hcl
+++ b/docker-bake.hcl
@ -159,3 +159,9 @@ target "e2e-image" {
        VERSION = VERSION
    }
 }
+
+target "e2e-gencerts" {
+    inherits = ["_common"]
+    dockerfile = "./e2e/testdata/Dockerfile.gencerts"
+    output = ["./e2e/testdata"]
+}
--- a/e2e/testdata/Dockerfile.gencerts
+++ b/e2e/testdata/Dockerfile.gencerts
@ -0,0 +1,19 @@
+# syntax=docker/dockerfile:1
+
+ARG GO_VERSION=1.19.7
+
+FROM golang:${GO_VERSION}-alpine AS generated
+RUN go install github.com/dmcgowan/quicktls@master
+WORKDIR /tmp/gencerts/notary
+RUN --mount=type=bind,source=e2e/testdata/notary,target=/tmp/gencerts/notary,rw <<EOT
+  set -eu
+  mkdir -p ../notary-evil /out
+  quicktls -org=Docker -with-san notary-server notaryserver evil-notary-server evilnotaryserver localhost 127.0.0.1
+  cat ca.pem >> notary-server.cert
+  mv ca.pem root-ca.cert
+  cp notary-server.cert notary-server.key root-ca.cert ../notary-evil
+  cp -r /tmp/gencerts/notary* /out/
+EOT
+
+FROM scratch
+COPY --from=generated /out /
--- a/e2e/testdata/gen-certs.sh
+++ b/e2e/testdata/gen-certs.sh
@ -1,12 +0,0 @@
-#!/usr/bin/env sh
-set -eu
-
-# This script is used to generate the test-certificates in the notary-server and
-# evil-notary-server directories. Run this script to update the certificates if
-# they expire.
-GO111MODULE=off go get -u github.com/dmcgowan/quicktls
-cd notary
-quicktls -org=Docker -with-san notary-server notaryserver evil-notary-server evilnotaryserver localhost 127.0.0.1
-cat ca.pem >> notary-server.cert
-mv ca.pem root-ca.cert
-cp notary-server.cert notary-server.key root-ca.cert ../notary-evil/