integration-tests: remove dependenciy on dockerhub

Integration tests previously took advantage of a container registry
container image hosted on dockerhub. This modifies the integration tests
to use the integrated krane-static crate to host a local registry.

Cargo.toml

@@ -51,7 +51,7 @@ bottlerocket-types = { version = "0.0.14", git = "https://github.com/bottlerocke
 bottlerocket-variant = { version = "0.1", path = "tools/bottlerocket-variant" }
 buildsys = { version = "0.1", path = "tools/buildsys", lib = true, artifact = [ "bin:buildsys" ] }
 buildsys-config = { version = "0.1", path = "tools/buildsys-config" }
-krane-static = { version = "0.1", path = "tools/krane" }
+krane-static = { version = "0.1", path = "tools/krane", artifact = [ "bin:krane-static" ], lib = true }
 oci-cli-wrapper = { version = "0.1", path = "tools/oci-cli-wrapper" }
 parse-datetime = { version = "0.1", path = "tools/parse-datetime" }
 pipesys = { version = "0.1", path = "tools/pipesys", lib = true, artifact = [ "bin:pipesys" ] }

tests/integration-tests/Cargo.toml

@@ -5,8 +5,7 @@ edition = "2021"
 license = "MIT OR Apache-2.0"
 
 [dev-dependencies]
-libc.workspace = true
+krane-static.workspace = true
 tempfile.workspace = true
-tokio = { workspace = true, features = ["fs", "process", "rt-multi-thread"] }
 toml.workspace = true
-twoliter = { workspace = true }
+twoliter.workspace = true

tests/integration-tests/src/lib.rs

@@ -8,6 +8,7 @@ use tempfile::TempDir;
 mod twoliter_update;
 
 pub const TWOLITER_PATH: &'static str = env!("CARGO_BIN_FILE_TWOLITER");
+pub const KRANE_STATIC_PATH: &'static str = env!("CARGO_BIN_FILE_KRANE_STATIC");
 
 pub fn test_projects_dir() -> PathBuf {
     let mut p = PathBuf::from(env!("CARGO_MANIFEST_DIR"));
@@ -44,80 +45,35 @@ where
 }
 
 struct KitRegistry {
-    temp_dir: TempDir,
-    container_id: String,
+    _temp_dir: TempDir,
+    child: std::process::Child,
 }
 
 impl KitRegistry {
     fn new() -> Self {
         let temp_dir = TempDir::new().expect("failed to create path for oci registry spinup");
 
-        let cert_dir = temp_dir.path().join("certs");
-        let cert_file = cert_dir.join("registry.crt");
-        std::fs::create_dir_all(&cert_dir).expect("failed to create nginx dir");
-        let output = run_command(
-            "openssl",
-            [
-                "req",
-                "-x509",
-                "-nodes",
-                "-days",
-                "365",
-                "-newkey",
-                "rsa:2048",
-                "-keyout",
-                cert_dir.join("registry.key").to_str().unwrap(),
-                "-out",
-                cert_file.to_str().unwrap(),
-                "-batch",
-                "-addext",
-                "subjectAltName=DNS:localhost",
-            ],
-            [],
-        );
-        assert!(
-            output.status.success(),
-            "generate openssl self-signed certificates"
-        );
-
-        let output = run_command(
-            "docker",
-            [
-                "run",
-                "-d",
-                "--rm",
-                "--volume",
-                "./certs:/auth/certs",
-                "-e REGISTRY_HTTP_RELATIVEURLS=true",
-                "-e REGISTRY_HTTP_ADDR=0.0.0.0:5000",
-                "-e REGISTRY_HTTP_TLS_CERTIFICATE=/auth/certs/registry.crt",
-                "-e REGISTRY_HTTP_TLS_KEY=/auth/certs/registry.key",
-                "-p",
-                "5000:5000",
-                "public.ecr.aws/docker/library/registry:2.8.3",
-            ],
-            [],
-        );
-        assert!(output.status.success(), "failed to start oci registry");
-        let container_id = String::from_utf8(output.stdout).unwrap().trim().to_string();
+        let child = Command::new(KRANE_STATIC_PATH)
+            .args(&[
+                "registry",
+                "serve",
+                "--address",
+                "127.0.0.1:5000",
+                "--disk",
+                temp_dir.path().to_str().unwrap(),
+            ])
+            .spawn()
+            .expect("Failed to spawn registry process");
 
         Self {
-            temp_dir,
-            container_id,
+            _temp_dir: temp_dir,
+            child,
         }
     }
-
-    fn cert_file(&self) -> PathBuf {
-        self.temp_dir
-            .path()
-            .join("certs/registry.crt")
-            .to_path_buf()
-    }
 }
 
 impl Drop for KitRegistry {
     fn drop(&mut self) {
-        let output = run_command("docker", ["kill", &self.container_id], []);
-        assert!(output.status.success(), "failed to stop oci registry");
+        self.child.kill().ok();
     }
 }

tests/integration-tests/src/twoliter_update.rs

@@ -34,10 +34,7 @@ fn test_twoliter_build_and_update() {
             "--project-path",
             external_kit.join("Twoliter.toml").to_str().unwrap(),
         ],
-        [
-            ("TWOLITER_KIT_IMAGE_TOOL", "crane"),
-            ("SSL_CERT_FILE", registry.cert_file().to_str().unwrap()),
-        ],
+        [],
     );
 
     assert!(output.status.success());
@@ -73,7 +70,7 @@ fn test_twoliter_build_and_update() {
 struct LocalKit;
 
 impl LocalKit {
-    fn build(registry: &KitRegistry) {
+    fn build(_registry: &KitRegistry) {
         let local_kit = test_projects_dir().join("local-kit");
 
         run_command(
@@ -120,7 +117,7 @@ impl LocalKit {
                 "bottlerocket",
                 "core-kit-overridden",
             ],
-            [("SSL_CERT_FILE", registry.cert_file().to_str().unwrap())],
+            [],
         );
     }
 }

tools/krane/src/main.rs

@@ -0,0 +1,11 @@
+use anyhow::{Context, Result};
+use krane_static::call_krane_inherited_io;
+
+fn main() -> Result<()> {
+    let krane_args = &std::env::args().collect::<Vec<_>>()[1..];
+    let krane_status = call_krane_inherited_io(&krane_args)
+        .with_context(|| format!("Failed to run krane with args {krane_args:?}"))?;
+
+    anyhow::ensure!(krane_status.success(), "Krane exited with non-zero status");
+    Ok(())
+}