dockerfiles/tests/CONTRIBUTING.md

Contributing Guidelines

Principle of the Unit test cases

Focusing on basic tests on docker environment, may covering below:

• Quick and light, not performance test
• Check the basic functionality
• Check the ports exported
• Check the parameters passed could be recognized
• Check the ownership permission if necessary
• No dependencies for each test cases

One note of the "no dependencies" means it is suggested to keep the container lifecycle within each test case. This could be done through either of the way:

• Start the container, do something, stop/close the container in each test case.
• use BAT "setup" and "teardown" hooks.

Principle of the Security test cases

Lower container security risk level by limit container access resources, limit expose scope, limit permission...

• Verify that Linux Kernel Capabilities are restricted within containers
• Verify that the SSH server not be running within the containers
• Verify that containers are restricted from acquiring additional privileges More security checks are recommended when deploying containers in product environment.

How to add Unit and Security test cases

The test cases are for the Containers already added in the Actions CI. So for any Containers name defined in the matrix.node of .github/workflows/ tests.yml, the same name directory could be added in the directory "tests". And the same name BAT script in the new added directory will be executed for each PR/commits. For example, redis.

• First, the redis name is added in the matrix.node.

   matrix:
     node: ["redis"]

• Second, create the "redis" directory and BAT script under tests

   dockerfiles
    └── tests
        └── redis
            └── redis.bats
	    └── redis-security.bats

• Last, develop the redis BAT test cases in "redis.bats" and "redis-security.bats" following the above principles.