harbor/tests/apitests/python/test_sign_image.py

from __future__ import absolute_import
import unittest

from testutils import ADMIN_CLIENT, suppress_urllib3_warning
from testutils import harbor_server
from testutils import TEARDOWN
from library.sign import sign_image
from library.artifact import Artifact
from library.project import Project
from library.user import User
from library.repository import Repository
from library.repository import push_special_image_to_project

class TestProjects(unittest.TestCase):
    @suppress_urllib3_warning
    def setUp(self):
        self.project = Project()
        self.user = User()
        self.artifact = Artifact()
        self.repo = Repository()
        self.repo_name_1 = "test1_sign"

    @unittest.skipIf(TEARDOWN == False, "Test data won't be erased.")
    def tearDown(self):
        # remove the deletion as the signed image cannot be deleted.
        #1. Delete repository(RA) by user(UA);
        #self.repo.delete_repository(TestProjects.project_sign_image_name, TestProjects.repo_name.split('/')[1], **TestProjects.USER_sign_image_CLIENT)

        #2. Delete project(PA);
        #self.project.delete_project(TestProjects.project_sign_image_id, **TestProjects.USER_sign_image_CLIENT)

        #3. Delete user(UA);
        self.user.delete_user(TestProjects.user_sign_image_id, **ADMIN_CLIENT)

    def testSignImage(self):
        """
        Test case:
            Sign A Image
        Test step and expected result:
            1. Create a new user(UA);
            2. Create a new private project(PA) by user(UA);
            3. Add user(UA) as a member of project(PA) with project-admin role;
            4. Get private project of user(UA), user(UA) can see only one private project which is project(PA);
            5. Create a new repository(RA) and tag(TA) in project(PA) by user(UA);
            6. Sign image with tag(TA) which was tagged by step #5;
            7. Get signature of image with tag(TA), it should be exist.
        Tear down:
            NA
        """
        url = ADMIN_CLIENT["endpoint"]
        user_001_password = "Aa123456"

        #1. Create user-001
        TestProjects.user_sign_image_id, user_sign_image_name = self.user.create_user(user_password = user_001_password, **ADMIN_CLIENT)

        TestProjects.USER_sign_image_CLIENT=dict(with_signature = True, endpoint = url, username = user_sign_image_name, password = user_001_password)

        #2. Create a new private project(PA) by user(UA);
        TestProjects.project_sign_image_id, TestProjects.project_sign_image_name = self.project.create_project(metadata = {"public": "false"}, **ADMIN_CLIENT)

        #3. Add user(UA) as a member of project(PA) with project-admin role;
        self.project.add_project_members(TestProjects.project_sign_image_id, user_id=TestProjects.user_sign_image_id, **ADMIN_CLIENT)

        #4. Get private project of user(UA), user(UA) can see only one private project which is project(PA);
        self.project.projects_should_exist(dict(public=False), expected_count = 1,
            expected_project_id = TestProjects.project_sign_image_id, **TestProjects.USER_sign_image_CLIENT)

        #Note:busybox is pulled in setup phase, and setup is a essential phase.
        image = "busybox"
        tag = "latest"
        #5. Create a new repository(RA) and tag(TA) in project(PA) by user(UA);
        #TestProjects.repo_name, tag = push_self_build_image_to_project(TestProjects.project_sign_image_name, harbor_server, user_sign_image_name, user_001_password, image, src_tag)

        #6. Sign image with tag(TA) which was tagged by step #5;
        sign_image(harbor_server, TestProjects.project_sign_image_name, image, tag)

        #7. Get signature of image with tag(TA), it should be exist.
        artifact = self.artifact.get_reference_info(TestProjects.project_sign_image_name, image, tag, **TestProjects.USER_sign_image_CLIENT)
        self.assertEqual(artifact.tags[0].signed, True)

        push_special_image_to_project(TestProjects.project_sign_image_name, harbor_server, user_sign_image_name, user_001_password, self.repo_name_1, ['1.0'])
        self.repo.delete_repository(TestProjects.project_sign_image_name, self.repo_name_1, **TestProjects.USER_sign_image_CLIENT)

        self.repo.delete_repository(TestProjects.project_sign_image_name, image, expect_status_code=412, expect_response_body = "with signature cannot be deleted", **TestProjects.USER_sign_image_CLIENT)

if __name__ == '__main__':
    unittest.main()
Add API test case sign image back to travis, despite codacy block it when pulling a pr. Signed-off-by: wang yan <wangyan@vmware.com> 2019-08-09 04:50:06 +02:00			`from __future__ import absolute_import`
			`import unittest`

Suppress urllib3 warning and fix nightly element locator issue and remove switch scanner 1. Since upgrade python to 3.7, some urllib3 warnings come out during execution, because missing disconnection when using request by docker library, it's not affect script execution, therefore ignore them first. 2. Replication tests failed in nightly due to new UI code, some element locators are not valid anymore; 3. Remove switch scanner test steps, since Clair was removed. Signed-off-by: danfengliu <danfengl@vmware.com> 2020-11-04 03:13:12 +01:00			`from testutils import ADMIN_CLIENT, suppress_urllib3_warning`
Add API test case sign image back to travis, despite codacy block it when pulling a pr. Signed-off-by: wang yan <wangyan@vmware.com> 2019-08-09 04:50:06 +02:00			`from testutils import harbor_server`
			`from testutils import TEARDOWN`
Fix LDAP API test issue by upgrading python Signed-off-by: danfengliu <danfengl@vmware.com> 2020-08-07 08:56:18 +02:00			`from library.sign import sign_image`
Update existing API tests for API V2.0 Signed-off-by: danfengliu <danfengl@vmware.com> 2020-02-25 03:40:29 +01:00			`from library.artifact import Artifact`
Add API test case sign image back to travis, despite codacy block it when pulling a pr. Signed-off-by: wang yan <wangyan@vmware.com> 2019-08-09 04:50:06 +02:00			`from library.project import Project`
			`from library.user import User`
			`from library.repository import Repository`
Verify error message when deleting signed image 1. Verify error message when deleting signed image; 2. Add test case - Replication From Dockerhub; Signed-off-by: danfengliu <danfengl@vmware.com> 2020-06-30 09:56:35 +02:00			`from library.repository import push_special_image_to_project`
Add API test case sign image back to travis, despite codacy block it when pulling a pr. Signed-off-by: wang yan <wangyan@vmware.com> 2019-08-09 04:50:06 +02:00
			`class TestProjects(unittest.TestCase):`
Suppress urllib3 warning and fix nightly element locator issue and remove switch scanner 1. Since upgrade python to 3.7, some urllib3 warnings come out during execution, because missing disconnection when using request by docker library, it's not affect script execution, therefore ignore them first. 2. Replication tests failed in nightly due to new UI code, some element locators are not valid anymore; 3. Remove switch scanner test steps, since Clair was removed. Signed-off-by: danfengliu <danfengl@vmware.com> 2020-11-04 03:13:12 +01:00			`@suppress_urllib3_warning`
Add API test case sign image back to travis, despite codacy block it when pulling a pr. Signed-off-by: wang yan <wangyan@vmware.com> 2019-08-09 04:50:06 +02:00			`def setUp(self):`
Update existing API tests for API V2.0 Signed-off-by: danfengliu <danfengl@vmware.com> 2020-02-25 03:40:29 +01:00			`self.project = Project()`
			`self.user = User()`
Modify api test for test step of add addition Signed-off-by: danfengliu <danfengl@vmware.com> 2020-03-16 03:13:28 +01:00			`self.artifact = Artifact()`
			`self.repo = Repository()`
Verify error message when deleting signed image 1. Verify error message when deleting signed image; 2. Add test case - Replication From Dockerhub; Signed-off-by: danfengliu <danfengl@vmware.com> 2020-06-30 09:56:35 +02:00			`self.repo_name_1 = "test1_sign"`
Add API test case sign image back to travis, despite codacy block it when pulling a pr. Signed-off-by: wang yan <wangyan@vmware.com> 2019-08-09 04:50:06 +02:00
Update existing API tests for API V2.0 Signed-off-by: danfengliu <danfengl@vmware.com> 2020-02-25 03:40:29 +01:00			`@unittest.skipIf(TEARDOWN == False, "Test data won't be erased.")`
Suppress urllib3 warning and fix nightly element locator issue and remove switch scanner 1. Since upgrade python to 3.7, some urllib3 warnings come out during execution, because missing disconnection when using request by docker library, it's not affect script execution, therefore ignore them first. 2. Replication tests failed in nightly due to new UI code, some element locators are not valid anymore; 3. Remove switch scanner test steps, since Clair was removed. Signed-off-by: danfengliu <danfengl@vmware.com> 2020-11-04 03:13:12 +01:00			`def tearDown(self):`
add tag controller use the tag controller to handle CRUD of tags, especially the delete scenario, it could validate the immutable and signature. And move the code of tag handling from artifact controller to tag controller Signed-off-by: wang yan <wangyan@vmware.com> 2020-02-27 10:02:11 +01:00			`# remove the deletion as the signed image cannot be deleted.`
Add API test case sign image back to travis, despite codacy block it when pulling a pr. Signed-off-by: wang yan <wangyan@vmware.com> 2019-08-09 04:50:06 +02:00			`#1. Delete repository(RA) by user(UA);`
Fix repoitory -> repository typo (#13794) Signed-off-by: Dirk Mueller <dirk@dmllr.de> 2021-01-16 12:34:43 +01:00			`#self.repo.delete_repository(TestProjects.project_sign_image_name, TestProjects.repo_name.split('/')[1], **TestProjects.USER_sign_image_CLIENT)`
Add API test case sign image back to travis, despite codacy block it when pulling a pr. Signed-off-by: wang yan <wangyan@vmware.com> 2019-08-09 04:50:06 +02:00
			`#2. Delete project(PA);`
add tag controller use the tag controller to handle CRUD of tags, especially the delete scenario, it could validate the immutable and signature. And move the code of tag handling from artifact controller to tag controller Signed-off-by: wang yan <wangyan@vmware.com> 2020-02-27 10:02:11 +01:00			`#self.project.delete_project(TestProjects.project_sign_image_id, **TestProjects.USER_sign_image_CLIENT)`
Add API test case sign image back to travis, despite codacy block it when pulling a pr. Signed-off-by: wang yan <wangyan@vmware.com> 2019-08-09 04:50:06 +02:00
			`#3. Delete user(UA);`
			`self.user.delete_user(TestProjects.user_sign_image_id, **ADMIN_CLIENT)`

			`def testSignImage(self):`
			`"""`
			`Test case:`
			`Sign A Image`
			`Test step and expected result:`
			`1. Create a new user(UA);`
			`2. Create a new private project(PA) by user(UA);`
			`3. Add user(UA) as a member of project(PA) with project-admin role;`
			`4. Get private project of user(UA), user(UA) can see only one private project which is project(PA);`
			`5. Create a new repository(RA) and tag(TA) in project(PA) by user(UA);`
			`6. Sign image with tag(TA) which was tagged by step #5;`
			`7. Get signature of image with tag(TA), it should be exist.`
			`Tear down:`
			`NA`
			`"""`
			`url = ADMIN_CLIENT["endpoint"]`
			`user_001_password = "Aa123456"`

			`#1. Create user-001`
			`TestProjects.user_sign_image_id, user_sign_image_name = self.user.create_user(user_password = user_001_password, **ADMIN_CLIENT)`

Update existing API tests for API V2.0 Signed-off-by: danfengliu <danfengl@vmware.com> 2020-02-25 03:40:29 +01:00			`TestProjects.USER_sign_image_CLIENT=dict(with_signature = True, endpoint = url, username = user_sign_image_name, password = user_001_password)`
Add API test case sign image back to travis, despite codacy block it when pulling a pr. Signed-off-by: wang yan <wangyan@vmware.com> 2019-08-09 04:50:06 +02:00
			`#2. Create a new private project(PA) by user(UA);`
Upgrade repository API tests to V2.0 Enable _xsrf in cookies in swagger.yaml, so that scripts don't have to handle it. Signed-off-by: danfengliu <danfengl@vmware.com> 2020-02-21 10:08:27 +01:00			`TestProjects.project_sign_image_id, TestProjects.project_sign_image_name = self.project.create_project(metadata = {"public": "false"}, **ADMIN_CLIENT)`
Add API test case sign image back to travis, despite codacy block it when pulling a pr. Signed-off-by: wang yan <wangyan@vmware.com> 2019-08-09 04:50:06 +02:00
			`#3. Add user(UA) as a member of project(PA) with project-admin role;`
Re-script ldap API script 1. upgrade robotframework in git action 2. Re-script ldap API script:test_assign_role_to_ldap_group.py Signed-off-by: danfengliu <danfengl@vmware.com> 2020-08-17 08:51:18 +02:00			`self.project.add_project_members(TestProjects.project_sign_image_id, user_id=TestProjects.user_sign_image_id, **ADMIN_CLIENT)`
Add API test case sign image back to travis, despite codacy block it when pulling a pr. Signed-off-by: wang yan <wangyan@vmware.com> 2019-08-09 04:50:06 +02:00
			`#4. Get private project of user(UA), user(UA) can see only one private project which is project(PA);`
			`self.project.projects_should_exist(dict(public=False), expected_count = 1,`
			`expected_project_id = TestProjects.project_sign_image_id, **TestProjects.USER_sign_image_CLIENT)`

Change image source in e2e pytest (#13640) Change source of most of test image samples from docker-hub to local building ones, so it will cost less docker-hub pull requests. And some of cases like push cnab, they have to use docker-hub, but image samples in cnab test will cost 17 quotas, in this PR, we replace those samples, now cnab case will cost 6 quotas. Signed-off-by: danfengliu <danfengl@vmware.com> 2020-12-04 11:28:29 +01:00			`#Note:busybox is pulled in setup phase, and setup is a essential phase.`
			`image = "busybox"`
			`tag = "latest"`
Add API test case sign image back to travis, despite codacy block it when pulling a pr. Signed-off-by: wang yan <wangyan@vmware.com> 2019-08-09 04:50:06 +02:00			`#5. Create a new repository(RA) and tag(TA) in project(PA) by user(UA);`
Change image source in e2e pytest (#13640) Change source of most of test image samples from docker-hub to local building ones, so it will cost less docker-hub pull requests. And some of cases like push cnab, they have to use docker-hub, but image samples in cnab test will cost 17 quotas, in this PR, we replace those samples, now cnab case will cost 6 quotas. Signed-off-by: danfengliu <danfengl@vmware.com> 2020-12-04 11:28:29 +01:00			`#TestProjects.repo_name, tag = push_self_build_image_to_project(TestProjects.project_sign_image_name, harbor_server, user_sign_image_name, user_001_password, image, src_tag)`
Add API test case sign image back to travis, despite codacy block it when pulling a pr. Signed-off-by: wang yan <wangyan@vmware.com> 2019-08-09 04:50:06 +02:00
			`#6. Sign image with tag(TA) which was tagged by step #5;`
Upgrade repository API tests to V2.0 Enable _xsrf in cookies in swagger.yaml, so that scripts don't have to handle it. Signed-off-by: danfengliu <danfengl@vmware.com> 2020-02-21 10:08:27 +01:00			`sign_image(harbor_server, TestProjects.project_sign_image_name, image, tag)`
Add API test case sign image back to travis, despite codacy block it when pulling a pr. Signed-off-by: wang yan <wangyan@vmware.com> 2019-08-09 04:50:06 +02:00
			`#7. Get signature of image with tag(TA), it should be exist.`
Update existing API tests for API V2.0 Signed-off-by: danfengliu <danfengl@vmware.com> 2020-02-25 03:40:29 +01:00			`artifact = self.artifact.get_reference_info(TestProjects.project_sign_image_name, image, tag, **TestProjects.USER_sign_image_CLIENT)`
Add API test scripts for tag immutability and scan signed image 1. Add 7 API python test scripts for tag immutability; 2. Swagger file has object struct defination issue on imuutability policy rule, because this policy is in shared with retention rule, therefore, they should be unified to the same type of rule; 3. Fixed a timeout issue of action keyword, waiting for a long period; 4. Add API test scripts for scan signed image. Signed-off-by: danfengliu <danfengl@vmware.com> 2020-11-03 08:32:13 +01:00			`self.assertEqual(artifact.tags[0].signed, True)`
Add API test case sign image back to travis, despite codacy block it when pulling a pr. Signed-off-by: wang yan <wangyan@vmware.com> 2019-08-09 04:50:06 +02:00
Verify error message when deleting signed image 1. Verify error message when deleting signed image; 2. Add test case - Replication From Dockerhub; Signed-off-by: danfengliu <danfengl@vmware.com> 2020-06-30 09:56:35 +02:00			`push_special_image_to_project(TestProjects.project_sign_image_name, harbor_server, user_sign_image_name, user_001_password, self.repo_name_1, ['1.0'])`
Fix repoitory -> repository typo (#13794) Signed-off-by: Dirk Mueller <dirk@dmllr.de> 2021-01-16 12:34:43 +01:00			`self.repo.delete_repository(TestProjects.project_sign_image_name, self.repo_name_1, **TestProjects.USER_sign_image_CLIENT)`
Verify error message when deleting signed image 1. Verify error message when deleting signed image; 2. Add test case - Replication From Dockerhub; Signed-off-by: danfengliu <danfengl@vmware.com> 2020-06-30 09:56:35 +02:00
Fix repoitory -> repository typo (#13794) Signed-off-by: Dirk Mueller <dirk@dmllr.de> 2021-01-16 12:34:43 +01:00			`self.repo.delete_repository(TestProjects.project_sign_image_name, image, expect_status_code=412, expect_response_body = "with signature cannot be deleted", **TestProjects.USER_sign_image_CLIENT)`
Verify error message when deleting signed image 1. Verify error message when deleting signed image; 2. Add test case - Replication From Dockerhub; Signed-off-by: danfengliu <danfengl@vmware.com> 2020-06-30 09:56:35 +02:00
Add API test case sign image back to travis, despite codacy block it when pulling a pr. Signed-off-by: wang yan <wangyan@vmware.com> 2019-08-09 04:50:06 +02:00			`if __name__ == '__main__':`
			`unittest.main()`