2018-11-15 08:18:35 +01:00
|
|
|
from __future__ import absolute_import
|
|
|
|
import unittest
|
2020-11-03 08:32:13 +01:00
|
|
|
import sys
|
2018-11-15 08:18:35 +01:00
|
|
|
|
2020-11-04 03:13:12 +01:00
|
|
|
from testutils import harbor_server, suppress_urllib3_warning
|
2018-11-15 08:18:35 +01:00
|
|
|
from testutils import TEARDOWN
|
Upgrade docker and containerd
1. Fix E2E quotas issue, push the same image but with different name;
2. Add checkpoint for robot account test;
3. Upgraded docker and containerd in E2E image;
4. Package base image sample(busybox) into E2E image, so in E2E
container, all local docker images can be cleaned up, once base image is needed for
building image, it can be loaded locally;
5. Adapt OIDC service of supporting LDAP user, and add OIDC group user
test;
6. Restart docker deamon before content trust test, both in API and UI
test;
7. Add retry for keyword "Add A Tag Immutability Rule";
8. Fix tag retention test issue, missing click angle icon, and enhance
checkpoint of dry run and real run;
9. Fix schedule test issue for wrong cron string;
10. Disable quotas verification, it's not stable for script defect;
Signed-off-by: danfengliu <danfengl@vmware.com>
2021-01-29 08:52:21 +01:00
|
|
|
from testutils import ADMIN_CLIENT, BASE_IMAGE, BASE_IMAGE_ABS_PATH_NAME
|
2018-11-15 08:18:35 +01:00
|
|
|
from library.project import Project
|
|
|
|
from library.user import User
|
|
|
|
from library.repository import Repository
|
2020-12-04 11:28:29 +01:00
|
|
|
from library.repository import push_self_build_image_to_project
|
2020-03-10 07:55:55 +01:00
|
|
|
from library.artifact import Artifact
|
|
|
|
from library.scan import Scan
|
2020-11-03 08:32:13 +01:00
|
|
|
|
|
|
|
class TestScan(unittest.TestCase):
|
2020-11-04 03:13:12 +01:00
|
|
|
@suppress_urllib3_warning
|
2018-11-15 08:18:35 +01:00
|
|
|
def setUp(self):
|
2020-02-25 03:40:29 +01:00
|
|
|
self.project= Project()
|
|
|
|
self.user= User()
|
2020-03-16 03:13:28 +01:00
|
|
|
self.artifact = Artifact()
|
|
|
|
self.repo = Repository()
|
|
|
|
self.scan = Scan()
|
2018-11-15 08:18:35 +01:00
|
|
|
|
2020-11-03 08:32:13 +01:00
|
|
|
self.url = ADMIN_CLIENT["endpoint"]
|
|
|
|
self.user_password = "Aa123456"
|
2020-12-13 11:00:16 +01:00
|
|
|
self.project_id, self.project_name, self.user_id, self.user_name, self.repo_name1 = [None] * 5
|
2020-11-03 08:32:13 +01:00
|
|
|
self.user_id, self.user_name = self.user.create_user(user_password = self.user_password, **ADMIN_CLIENT)
|
|
|
|
self.USER_CLIENT = dict(with_signature = True, with_immutable_status = True, endpoint = self.url, username = self.user_name, password = self.user_password, with_scan_overview = True)
|
|
|
|
|
|
|
|
|
|
|
|
#2. Create a new private project(PA) by user(UA);
|
|
|
|
self.project_id, self.project_name = self.project.create_project(metadata = {"public": "false"}, **ADMIN_CLIENT)
|
|
|
|
|
|
|
|
#3. Add user(UA) as a member of project(PA) with project-admin role;
|
|
|
|
self.project.add_project_members(self.project_id, user_id = self.user_id, **ADMIN_CLIENT)
|
|
|
|
|
2020-12-13 11:00:16 +01:00
|
|
|
@unittest.skipIf(TEARDOWN == False, "Test data won't be erased.")
|
2020-11-04 03:13:12 +01:00
|
|
|
def do_tearDown(self):
|
2018-11-15 08:18:35 +01:00
|
|
|
#1. Delete repository(RA) by user(UA);
|
2021-01-16 12:34:43 +01:00
|
|
|
self.repo.delete_repository(self.project_name, self.repo_name1.split('/')[1], **self.USER_CLIENT)
|
2018-11-15 08:18:35 +01:00
|
|
|
|
|
|
|
#2. Delete project(PA);
|
2020-11-03 08:32:13 +01:00
|
|
|
self.project.delete_project(self.project_id, **self.USER_CLIENT)
|
2018-11-15 08:18:35 +01:00
|
|
|
|
|
|
|
#3. Delete user(UA);
|
2020-11-03 08:32:13 +01:00
|
|
|
self.user.delete_user(self.user_id, **ADMIN_CLIENT)
|
2018-11-15 08:18:35 +01:00
|
|
|
|
2020-03-10 07:55:55 +01:00
|
|
|
def testScanImageArtifact(self):
|
2018-11-15 08:18:35 +01:00
|
|
|
"""
|
|
|
|
Test case:
|
2020-03-10 07:55:55 +01:00
|
|
|
Scan An Image Artifact
|
2018-12-04 05:26:12 +01:00
|
|
|
Test step and expected result:
|
2018-11-15 08:18:35 +01:00
|
|
|
1. Create a new user(UA);
|
|
|
|
2. Create a new private project(PA) by user(UA);
|
|
|
|
3. Add user(UA) as a member of project(PA) with project-admin role;
|
|
|
|
4. Get private project of user(UA), user(UA) can see only one private project which is project(PA);
|
|
|
|
5. Create a new repository(RA) and tag(TA) in project(PA) by user(UA);
|
2019-01-31 14:49:06 +01:00
|
|
|
6. Send scan image command and get tag(TA) information to check scan result, it should be finished;
|
2021-03-03 05:23:36 +01:00
|
|
|
7. Send scan another image command and get tag(TA) information to check scan result, it should be finished.
|
2018-11-15 08:18:35 +01:00
|
|
|
Tear down:
|
|
|
|
1. Delete repository(RA) by user(UA);
|
|
|
|
2. Delete project(PA);
|
|
|
|
3. Delete user(UA);
|
|
|
|
"""
|
|
|
|
|
|
|
|
#4. Get private project of user(UA), user(UA) can see only one private project which is project(PA);
|
|
|
|
self.project.projects_should_exist(dict(public=False), expected_count = 1,
|
2020-11-03 08:32:13 +01:00
|
|
|
expected_project_id = self.project_id, **self.USER_CLIENT)
|
2018-11-15 08:18:35 +01:00
|
|
|
|
|
|
|
#Note: Please make sure that this Image has never been pulled before by any other cases,
|
2020-03-16 03:13:28 +01:00
|
|
|
# so it is a not-scanned image right after repository creation.
|
2018-12-18 03:21:03 +01:00
|
|
|
image = "docker"
|
|
|
|
src_tag = "1.13"
|
2018-11-15 08:18:35 +01:00
|
|
|
#5. Create a new repository(RA) and tag(TA) in project(PA) by user(UA);
|
2020-12-04 11:28:29 +01:00
|
|
|
self.repo_name1, tag = push_self_build_image_to_project(self.project_name, harbor_server, self.user_name, self.user_password, image, src_tag)
|
2020-03-10 07:55:55 +01:00
|
|
|
|
|
|
|
#6. Send scan image command and get tag(TA) information to check scan result, it should be finished;
|
2020-11-04 03:13:12 +01:00
|
|
|
self.scan.scan_artifact(self.project_name, self.repo_name1.split('/')[1], tag, **self.USER_CLIENT)
|
2020-11-03 08:32:13 +01:00
|
|
|
self.artifact.check_image_scan_result(self.project_name, image, tag, **self.USER_CLIENT)
|
2018-11-15 08:18:35 +01:00
|
|
|
|
2020-11-04 03:13:12 +01:00
|
|
|
self.do_tearDown()
|
2020-11-03 08:32:13 +01:00
|
|
|
|
|
|
|
def testScanSignedImage(self):
|
|
|
|
"""
|
|
|
|
Test case:
|
|
|
|
Scan A Signed Image
|
|
|
|
Test step and expected result:
|
|
|
|
1. Create a new user(UA);
|
|
|
|
2. Create a new private project(PA) by user(UA);
|
|
|
|
3. Add user(UA) as a member of project(PA) with project-admin role;
|
|
|
|
4. Get private project of user(UA), user(UA) can see only one private project which is project(PA);
|
|
|
|
5. Create a new repository(RA) and tag(TA) in project(PA) by user(UA);
|
|
|
|
6. Send scan image command and get tag(TA) information to check scan result, it should be finished;
|
2021-03-03 05:23:36 +01:00
|
|
|
7. Send scan another image command and get tag(TA) information to check scan result, it should be finished.
|
2020-11-03 08:32:13 +01:00
|
|
|
Tear down:
|
|
|
|
1. Delete repository(RA) by user(UA);
|
|
|
|
2. Delete project(PA);
|
|
|
|
3. Delete user(UA);
|
|
|
|
"""
|
|
|
|
|
|
|
|
#Note: Please make sure that this Image has never been pulled before by any other cases,
|
|
|
|
# so it is a not-scanned image right after repository creation.
|
Upgrade docker and containerd
1. Fix E2E quotas issue, push the same image but with different name;
2. Add checkpoint for robot account test;
3. Upgraded docker and containerd in E2E image;
4. Package base image sample(busybox) into E2E image, so in E2E
container, all local docker images can be cleaned up, once base image is needed for
building image, it can be loaded locally;
5. Adapt OIDC service of supporting LDAP user, and add OIDC group user
test;
6. Restart docker deamon before content trust test, both in API and UI
test;
7. Add retry for keyword "Add A Tag Immutability Rule";
8. Fix tag retention test issue, missing click angle icon, and enhance
checkpoint of dry run and real run;
9. Fix schedule test issue for wrong cron string;
10. Disable quotas verification, it's not stable for script defect;
Signed-off-by: danfengliu <danfengl@vmware.com>
2021-01-29 08:52:21 +01:00
|
|
|
#Note:busybox is pulled in setup phase, and setup is an essential phase before scripts execution.
|
|
|
|
image = BASE_IMAGE['name']
|
|
|
|
tag = BASE_IMAGE['tag']
|
2020-11-03 08:32:13 +01:00
|
|
|
#5. Create a new repository(RA) and tag(TA) in project(PA) by user(UA);
|
2023-04-28 10:09:40 +02:00
|
|
|
push_self_build_image_to_project(self.project_name, harbor_server, self.user_name, self.user_password, image, tag)
|
2020-11-03 08:32:13 +01:00
|
|
|
|
|
|
|
#6. Send scan image command and get tag(TA) information to check scan result, it should be finished;
|
2020-12-04 11:28:29 +01:00
|
|
|
self.scan.scan_artifact(self.project_name, image, tag, **self.USER_CLIENT)
|
2020-11-03 08:32:13 +01:00
|
|
|
self.artifact.check_image_scan_result(self.project_name, image, tag, **self.USER_CLIENT)
|
2018-11-15 08:18:35 +01:00
|
|
|
|
|
|
|
if __name__ == '__main__':
|
2020-11-03 08:32:13 +01:00
|
|
|
suite = unittest.TestSuite(unittest.makeSuite(TestScan))
|
|
|
|
result = unittest.TextTestRunner(sys.stdout, verbosity=2, failfast=True).run(suite)
|
|
|
|
if not result.wasSuccessful():
|
2020-12-04 11:27:59 +01:00
|
|
|
raise Exception(r"Scan test failed: {}".format(result))
|