From b49d101db01d43ccb2c974efdb7f56600a4d6e21 Mon Sep 17 00:00:00 2001
From: Karel Srot <ksrot@redhat.com>
Date: Tue, 21 Oct 2025 11:55:05 +0200
Subject: [PATCH] Preserve ssh keys and resolv.conf

---
 setup/bootc_configure_kernel_ima_module/Containerfile | 2 ++
 setup/bootc_configure_kernel_ima_module/test.sh       | 4 +++-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/setup/bootc_configure_kernel_ima_module/Containerfile b/setup/bootc_configure_kernel_ima_module/Containerfile
index 847fc630..3b6f5151 100644
--- a/setup/bootc_configure_kernel_ima_module/Containerfile
+++ b/setup/bootc_configure_kernel_ima_module/Containerfile
@@ -5,6 +5,8 @@ RUN mkdir -p /keylime-tests /etc/ima/
 COPY 10-ima_kargs.toml /usr/lib/bootc/kargs.d/10-ima_kargs.toml
 COPY ima-policy /etc/ima/ima-policy
 COPY yum.repos.d/* /etc/yum.repos.d/
+COPY .ssh /var/roothome/.ssh
+COPY resolv.conf /etc/resolv.conf
 ARG KEYLIME_BOOTC_INSTALL_PACKAGES="rsync beakerlib selinux-policy-devel swtpm swtpm-tools nmap keylime expect"
 RUN dnf -y install ${KEYLIME_BOOTC_INSTALL_PACKAGES}
 RUN sed -i '/tss/ d' /usr/lib/group; ls -ld /etc/keylime /var/lib/keylime; ls -l /etc/keylime /var/lib/keylime; /bin/true
diff --git a/setup/bootc_configure_kernel_ima_module/test.sh b/setup/bootc_configure_kernel_ima_module/test.sh
index 644f4024..f91fd727 100755
--- a/setup/bootc_configure_kernel_ima_module/test.sh
+++ b/setup/bootc_configure_kernel_ima_module/test.sh
@@ -27,7 +27,9 @@ rlJournalStart
 	rlRun "cat > 10-ima_kargs.toml <<EOF
 kargs = [\"ima_appraise=${IMA_APPRAISE}, ima_canonical_fmt, ima_policy=${IMA_POLICY}, ima_template=${IMA_TEMPLATE}\"]
 EOF"
-        # copy dnf repos
+        # copy various data to CWD so we can add them to the image
+        rlRun "cp -r /root/.ssh ."
+        rlRun "cp /etc/resolv.conf ."
 	rlRun "cp -r /etc/yum.repos.d yum.repos.d"
         # download bootc image and build and install an update
 	[ "${KEYLIME_BOOTC_BASE_IMAGE}" == "localhost/bootc:latest" ] && rlRun "bootc image copy-to-storage"