From 210186f4798453d4c6c785cd14736c609638b24c Mon Sep 17 00:00:00 2001 From: Yang Jiao <72076317+YangJiao0817@users.noreply.github.com> Date: Mon, 29 May 2023 11:55:14 +0800 Subject: [PATCH] Update e2e engine image (#18747) 1. Update containerd version to 1.7.1 2. Update docker compose version to 2.18.1 3. Update helm version to 3.12.0 4. Update ORAS version to 1.0.0 5. Update CNAB version to 0.4.0 6. Update imgpkg version to 0.36.2 7. Update cosign version to 2.0.2 8. Update docker version to 24.0.2 9. Update chromedriver version to 114.0.5735.16 Signed-off-by: Yang Jiao --- tests/apitests/python/library/cosign.py | 2 +- tests/apitests/python/library/helm.py | 13 ++++--- ...y => test_push_chart_by_helm_chart_cli.py} | 18 +++++----- tests/ci/api_run.sh | 2 +- tests/resources/Cosign_Util.robot | 4 +-- tests/resources/Helm-Util.robot | 20 +++++------ tests/resources/TestCaseBody.robot | 12 +++---- tests/robot-cases/Group0-BAT/API_DB.robot | 6 ++-- .../Group0-Util/helm_push_chart.sh | 24 ------------- tests/robot-cases/Group1-Nightly/Common.robot | 4 +-- tests/test-engine-image/Dockerfile.api_test | 2 ++ tests/test-engine-image/Dockerfile.common | 36 ++++++------------- tests/test-engine-image/Dockerfile.ui_test | 8 +++-- 13 files changed, 58 insertions(+), 93 deletions(-) rename tests/apitests/python/{test_push_chart_by_helm3.7_chart_cli.py => test_push_chart_by_helm_chart_cli.py} (89%) delete mode 100755 tests/robot-cases/Group0-Util/helm_push_chart.sh diff --git a/tests/apitests/python/library/cosign.py b/tests/apitests/python/library/cosign.py index d41b1dc3e..df3c4cdf4 100644 --- a/tests/apitests/python/library/cosign.py +++ b/tests/apitests/python/library/cosign.py @@ -6,5 +6,5 @@ def generate_key_pair(): base.run_command(command) def sign_artifact(artifact): - command = ["cosign", "sign", "--allow-insecure-registry", "--key", "cosign.key", artifact] + command = ["cosign", "sign", "-y", "--allow-insecure-registry", "--key", "cosign.key", artifact] base.run_command(command) diff --git a/tests/apitests/python/library/helm.py b/tests/apitests/python/library/helm.py index ebc3a3b73..d475a71ae 100644 --- a/tests/apitests/python/library/helm.py +++ b/tests/apitests/python/library/helm.py @@ -1,17 +1,16 @@ # -*- coding: utf-8 -*- -import os import base -def helm3_7_registry_login(ip, user, password): - command = ["helm3.7", "registry", "login", ip, "-u", user, "-p", password] +def helm_registry_login(ip, user, password): + command = ["helm", "registry", "login", ip, "-u", user, "-p", password, "--insecure"] base.run_command(command) -def helm3_7_package(file_path): - command = ["helm3.7", "package", file_path] +def helm_package(file_path): + command = ["helm", "package", file_path] base.run_command(command) -def helm3_7_push(file_path, ip, project_name): - command = ["helm3.7", "push", file_path, "oci://{}/{}".format(ip, project_name)] +def helm_push(file_path, ip, project_name): + command = ["helm", "push", file_path, "oci://{}/{}".format(ip, project_name), "--insecure-skip-tls-verify"] base.run_command(command) diff --git a/tests/apitests/python/test_push_chart_by_helm3.7_chart_cli.py b/tests/apitests/python/test_push_chart_by_helm_chart_cli.py similarity index 89% rename from tests/apitests/python/test_push_chart_by_helm3.7_chart_cli.py rename to tests/apitests/python/test_push_chart_by_helm_chart_cli.py index 066773700..2ca59e511 100644 --- a/tests/apitests/python/test_push_chart_by_helm3.7_chart_cli.py +++ b/tests/apitests/python/test_push_chart_by_helm_chart_cli.py @@ -47,11 +47,11 @@ class TestProjects(unittest.TestCase): def testPushChartByHelmChartCLI(self): """ Test case: - Push Chart File By Helm3.7 CLI + Push Chart File By Helm CLI Test step and expected result: 1. Create a new user(UA); 2. Create a new project(PA) by user(UA); - 3. Push an chart(CA) to Harbor by helm3.7 CLI successfully; + 3. Push an chart(CA) to Harbor by helm CLI successfully; 4. List artifacts successfully; 5. Get chart(CA) by reference successfully; 6. Get addition successfully; @@ -70,15 +70,15 @@ class TestProjects(unittest.TestCase): TestProjects.project_push_chart_id, TestProjects.project_push_chart_name = self.project.create_project( metadata={"public": "false"}, **TestProjects.USER_CLIENT) - # 3 Push an chart(CA) to Harbor by helm3.7 CLI successfully; + # 3 Push an chart(CA) to Harbor by hel CLI successfully; command = ["tar", "zxf", self.chart_file_path] base.run_command(command) - # 3.1 helm3_7_registry_login; - helm.helm3_7_registry_login(ip=harbor_server, user=user_name, password=self.user_push_chart_password) - # 3.2 helm3_7_package; - helm.helm3_7_package(file_path=self.chart_file_name) - # 3.2 helm3_7_push; - helm.helm3_7_push(file_path=self.chart_file_package_name, ip=harbor_server, + # 3.1 helm_registry_login; + helm.helm_registry_login(ip=harbor_server, user=user_name, password=self.user_push_chart_password) + # 3.2 helm_package; + helm.helm_package(file_path=self.chart_file_name) + # 3.2 helm_push; + helm.helm_push(file_path=self.chart_file_package_name, ip=harbor_server, project_name=TestProjects.project_push_chart_name) # 4. List artifacts successfully; diff --git a/tests/ci/api_run.sh b/tests/ci/api_run.sh index e152ff8e5..83f60ffd8 100755 --- a/tests/ci/api_run.sh +++ b/tests/ci/api_run.sh @@ -21,7 +21,7 @@ set +e docker ps # run db auth api cases if [ "$1" = 'DB' ]; then - docker run -i --privileged -v $DIR/../../:/drone -v $DIR/../:/ca -w /drone $E2E_IMAGE robot --exclude proxy_cache --exclude push_chart --exclude push_chart_by_Helm3.7 -v DOCKER_USER:${DOCKER_USER} -v DOCKER_PWD:${DOCKER_PWD} -v ip:$2 -v ip1: -v http_get_ca:false -v HARBOR_PASSWORD:Harbor12345 /drone/tests/robot-cases/Group1-Nightly/Setup.robot /drone/tests/robot-cases/Group0-BAT/API_DB.robot + docker run -i --privileged -v $DIR/../../:/drone -v $DIR/../:/ca -w /drone $E2E_IMAGE robot --exclude proxy_cache -v DOCKER_USER:${DOCKER_USER} -v DOCKER_PWD:${DOCKER_PWD} -v ip:$2 -v ip1: -v http_get_ca:false -v HARBOR_PASSWORD:Harbor12345 /drone/tests/robot-cases/Group1-Nightly/Setup.robot /drone/tests/robot-cases/Group0-BAT/API_DB.robot elif [ "$1" = 'PROXY_CACHE' ]; then docker run -i --privileged -v $DIR/../../:/drone -v $DIR/../:/ca -w /drone $E2E_IMAGE robot --include setup --include proxy_cache -v DOCKER_USER:${DOCKER_USER} -v DOCKER_PWD:${DOCKER_PWD} -v ip:$2 -v ip1: -v http_get_ca:false -v HARBOR_PASSWORD:Harbor12345 /drone/tests/robot-cases/Group1-Nightly/Setup.robot /drone/tests/robot-cases/Group0-BAT/API_DB.robot elif [ "$1" = 'LDAP' ]; then diff --git a/tests/resources/Cosign_Util.robot b/tests/resources/Cosign_Util.robot index c695bac89..ed87e19a6 100644 --- a/tests/resources/Cosign_Util.robot +++ b/tests/resources/Cosign_Util.robot @@ -24,9 +24,9 @@ Cosign Generate Key Pair Cosign Sign [Arguments] ${artifact} - Wait Unitl Command Success cosign sign --allow-insecure-registry --key cosign.key ${artifact} + Wait Unitl Command Success cosign sign -y --allow-insecure-registry --key cosign.key ${artifact} Cosign Verify [Arguments] ${artifact} ${signed} Run Keyword If ${signed}==${true} Wait Unitl Command Success cosign verify --key cosign.pub ${artifact} - ... ELSE Command Should be Failed cosign verify --key cosign.pub ${artifact} \ No newline at end of file + ... ELSE Command Should be Failed cosign verify --key cosign.pub ${artifact} diff --git a/tests/resources/Helm-Util.robot b/tests/resources/Helm-Util.robot index 11a28a2f1..877b21827 100644 --- a/tests/resources/Helm-Util.robot +++ b/tests/resources/Helm-Util.robot @@ -18,22 +18,22 @@ Library OperatingSystem Library Process *** Keywords *** -Helm3.7 Registry Login +Helm Registry Login [Arguments] ${ip} ${user} ${password} - Wait Unitl Command Success helm3.7 registry login ${ip} -u ${user} -p ${password} + Wait Unitl Command Success helm registry login ${ip} -u ${user} -p ${password} --insecure -Helm3.7 Package +Helm Package [Arguments] ${file_path} - Wait Unitl Command Success helm3.7 package ${file_path} + Wait Unitl Command Success helm package ${file_path} -Helm3.7 Push +Helm Push [Arguments] ${file_path} ${ip} ${repo_name} - Wait Unitl Command Success helm3.7 push ${file_path} oci://${ip}/${repo_name} + Wait Unitl Command Success helm push ${file_path} oci://${ip}/${repo_name} --insecure-skip-tls-verify -Helm3.7 Pull +Helm Pull [Arguments] ${ip} ${repo_name} ${version} - Wait Unitl Command Success helm3.7 pull oci://${ip}/${repo_name}/harbor --version ${version} + Wait Unitl Command Success helm pull oci://${ip}/${repo_name}/harbor --version ${version} --insecure-skip-tls-verify -Helm3.7 Registry Logout +Helm Registry Logout [Arguments] ${ip} - Wait Unitl Command Success helm3.7 registry logout ${ip} + Wait Unitl Command Success helm registry logout ${ip} diff --git a/tests/resources/TestCaseBody.robot b/tests/resources/TestCaseBody.robot index 95b15de48..e2677f10f 100644 --- a/tests/resources/TestCaseBody.robot +++ b/tests/resources/TestCaseBody.robot @@ -163,20 +163,20 @@ Manage Project Member Without Sign In Harbor Push image ${ip} ${sign_in_user} ${sign_in_pwd} project${d} hello-world User Should Be Guest ${test_user2} ${sign_in_pwd} project${d} is_oidc_mode=${is_oidc_mode} -Helm3.7 CLI Work Flow +Helm CLI Work Flow [Arguments] ${sign_in_user} ${sign_in_pwd} ${d}= Get Current Date result_format=%m%s Create An New Project And Go Into Project project${d} Run rm -rf ./${harbor_helm_name} Wait Unitl Command Success tar zxf ${files_directory}/${harbor_helm_filename} - Helm3.7 Registry Login ${ip} ${sign_in_user} ${sign_in_pwd} - Helm3.7 Package ./${harbor_helm_name} - Helm3.7 Push ${harbor_helm_package} ${ip} project${d} + Helm Registry Login ${ip} ${sign_in_user} ${sign_in_pwd} + Helm Package ./${harbor_helm_name} + Helm Push ${harbor_helm_package} ${ip} project${d} Run rm -rf ./${harbor_helm_package} Retry File Should Not Exist ./${harbor_helm_package} - Helm3.7 Pull ${ip} project${d} ${harbor_helm_version} + Helm Pull ${ip} project${d} ${harbor_helm_version} Retry File Should Exist ./${harbor_helm_package} - Helm3.7 Registry Logout ${ip} + Helm Registry Logout ${ip} #Important Note: All CVE IDs in CVE Allowlist cases must unique! Body Of Verfiy System Level CVE Allowlist diff --git a/tests/robot-cases/Group0-BAT/API_DB.robot b/tests/robot-cases/Group0-BAT/API_DB.robot index d46b5b946..022e3f2aa 100644 --- a/tests/robot-cases/Group0-BAT/API_DB.robot +++ b/tests/robot-cases/Group0-BAT/API_DB.robot @@ -84,9 +84,9 @@ Test Case - Push Index By Docker Manifest [Tags] push_index Harbor API Test ./tests/apitests/python/test_push_index_by_docker_manifest.py -Test Case - Push Chart By Helm3.7 Chart CLI - [Tags] push_chart_by_Helm3.7 - Harbor API Test ./tests/apitests/python/test_push_chart_by_helm3.7_chart_cli.py +Test Case - Push Chart By Helm Chart CLI + [Tags] push_chart_by_helm + Harbor API Test ./tests/apitests/python/test_push_chart_by_helm_chart_cli.py Test Case - Push Cnab Bundle [Tags] push_cnab diff --git a/tests/robot-cases/Group0-Util/helm_push_chart.sh b/tests/robot-cases/Group0-Util/helm_push_chart.sh deleted file mode 100755 index 7191a637b..000000000 --- a/tests/robot-cases/Group0-Util/helm_push_chart.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/bash - -IP=$1 -USER=$2 -PWD=$3 -CHART_FILE=$4 -ARCHIVE=$5 -PROJECT=$6 -REPOSITORY=$7 -VERSION=$8 - -echo $IP - - -export HELM_EXPERIMENTAL_OCI=1 -wget $CHART_FILE -echo "========================" -echo ${CHART_FILE##*/} -echo "========================" -tar xvf ${CHART_FILE##*/} -helm3 registry login $IP -u $USER -p $PWD -helm3 chart save $ARCHIVE $IP/$PROJECT/$REPOSITORY -helm3 chart push $IP/$PROJECT/$REPOSITORY:$VERSION - diff --git a/tests/robot-cases/Group1-Nightly/Common.robot b/tests/robot-cases/Group1-Nightly/Common.robot index 18e71e154..7c6f8b2d1 100644 --- a/tests/robot-cases/Group1-Nightly/Common.robot +++ b/tests/robot-cases/Group1-Nightly/Common.robot @@ -1004,13 +1004,13 @@ Test Case - Export CVE Lists Should Be Equal ${expected_cve_data} ${actual_cve_data} ignore_order=True Close Browser -Test Case - Helm3.7 CLI Push And Pull In Harbor +Test Case - Helm CLI Push And Pull In Harbor [Tags] helm_push_and_push Init Chrome Driver ${user}= Set Variable user004 ${pwd}= Set Variable Test1@34 Sign In Harbor ${HARBOR_URL} ${user} ${pwd} - Retry Keyword N Times When Error 4 Helm3.7 CLI Work Flow ${user} ${pwd} + Retry Keyword N Times When Error 4 Helm CLI Work Flow ${user} ${pwd} Close Browser Test Case - Job Service Dashboard Job Queues diff --git a/tests/test-engine-image/Dockerfile.api_test b/tests/test-engine-image/Dockerfile.api_test index 2ba40a34c..ca8b39aee 100644 --- a/tests/test-engine-image/Dockerfile.api_test +++ b/tests/test-engine-image/Dockerfile.api_test @@ -3,6 +3,8 @@ FROM photon:4.0 ENV LANG C.UTF-8 ENV HELM_EXPERIMENTAL_OCI=1 ENV COSIGN_PASSWORD=Harbor12345 +ENV COSIGN_EXPERIMENTAL=1 +ENV COSIGN_OCI_EXPERIMENTAL=1 COPY --from=tool_builder /tool/tools.tar.gz /usr/local/bin diff --git a/tests/test-engine-image/Dockerfile.common b/tests/test-engine-image/Dockerfile.common index 1bc2d9d00..a859706e2 100644 --- a/tests/test-engine-image/Dockerfile.common +++ b/tests/test-engine-image/Dockerfile.common @@ -22,41 +22,27 @@ RUN apt-get update && apt-get install -y software-properties-common && \ RUN pwd && mkdir /tool/binary && \ # Install CONTAINERD - CONTAINERD_VERSION=1.6.9 && \ + CONTAINERD_VERSION=1.7.1 && \ wget https://github.com/containerd/containerd/releases/download/v$CONTAINERD_VERSION/containerd-$CONTAINERD_VERSION-linux-amd64.tar.gz && \ tar zxvf containerd-$CONTAINERD_VERSION-linux-amd64.tar.gz && \ cd bin && cp -f containerd ctr /tool/binary/ && \ # docker compose - curl -L "https://github.com/docker/compose/releases/download/v2.12.2/docker-compose-$(uname -s)-$(uname -m)" -o /tool/binary/docker-compose && \ + curl -L "https://github.com/docker/compose/releases/download/v2.18.1/docker-compose-$(uname -s)-$(uname -m)" -o /tool/binary/docker-compose && \ chmod +x /tool/binary/docker-compose && \ - # Install helm v2 - HELM2_VERSION=2.16.12 && wget https://get.helm.sh/helm-v$HELM2_VERSION-linux-amd64.tar.gz && \ - tar zxvf helm-v$HELM2_VERSION-linux-amd64.tar.gz && \ - cp linux-amd64/helm /tool/binary/helm && \ - cp linux-amd64/helm /tool/binary/helm2 && \ - # Install helm v3 - HELM3_VERSION=3.3.3 && wget https://get.helm.sh/helm-v$HELM3_VERSION-linux-amd64.tar.gz && \ - tar zxvf helm-v$HELM3_VERSION-linux-amd64.tar.gz && \ + # Install helm + HELM_VERSION=3.12.0 && wget https://get.helm.sh/helm-v$HELM_VERSION-linux-amd64.tar.gz && \ + tar zxvf helm-v$HELM_VERSION-linux-amd64.tar.gz && \ ls || pwd && \ - mv linux-amd64/helm /tool/binary/helm3 && \ - # Install helm v3.10 - HELM3_10_VERSION=3.10.1 && wget https://get.helm.sh/helm-v$HELM3_10_VERSION-linux-amd64.tar.gz && \ - tar zxvf helm-v$HELM3_10_VERSION-linux-amd64.tar.gz && \ - ls || pwd && \ - mv linux-amd64/helm /tool/binary/helm3.7 && \ + mv linux-amd64/helm /tool/binary/helm && \ # Install ORAS - ORAS_VERSION=0.16.0 && curl -LO https://github.com/deislabs/oras/releases/download/v$ORAS_VERSION/oras_${ORAS_VERSION}_linux_amd64.tar.gz && \ + ORAS_VERSION=1.0.0 && curl -LO https://github.com/deislabs/oras/releases/download/v$ORAS_VERSION/oras_${ORAS_VERSION}_linux_amd64.tar.gz && \ mkdir -p oras-install/ && \ tar -zxf oras_${ORAS_VERSION}_*.tar.gz -C oras-install/ && \ mv oras-install/oras /tool/binary/ && \ - # Install notary - NOTARY_VERSION=0.6.1 && wget https://github.com/theupdateframework/notary/releases/download/v$NOTARY_VERSION/notary-Linux-amd64 && \ - chmod +x notary-Linux-amd64 && \ - mv notary-Linux-amd64 /tool/binary/notary && \ # Install CNAB CNAB_PATH=$(go env GOPATH)/src/github.com/cnabio && \ mkdir -p $CNAB_PATH && cd $CNAB_PATH && git clone https://github.com/cnabio/cnab-to-oci.git && \ - cd cnab-to-oci && git checkout v0.3.7 && \ + cd cnab-to-oci && git checkout v0.4.0 && \ go list && \ make build && \ mv bin/cnab-to-oci /tool/binary/ && \ @@ -68,12 +54,12 @@ RUN pwd && mkdir /tool/binary && \ WASM_TO_OCI_VERSION=0.1.2 && wget https://github.com/engineerd/wasm-to-oci/releases/download/v${WASM_TO_OCI_VERSION}/linux-amd64-wasm-to-oci && \ chmod +x linux-amd64-wasm-to-oci && mv linux-amd64-wasm-to-oci /tool/binary/wasm-to-oci && \ # Install imgpkg - IMGPKG_VERSION=0.33.0 && wget https://github.com/vmware-tanzu/carvel-imgpkg/releases/download/v$IMGPKG_VERSION/imgpkg-linux-amd64 && \ + IMGPKG_VERSION=0.36.2 && wget https://github.com/vmware-tanzu/carvel-imgpkg/releases/download/v$IMGPKG_VERSION/imgpkg-linux-amd64 && \ mv imgpkg-linux-amd64 /tool/binary/imgpkg && chmod +x /tool/binary/imgpkg && \ # Install cosign - COSIGN_VERSION=1.13.1 && wget https://github.com/sigstore/cosign/releases/download/v$COSIGN_VERSION/cosign-linux-amd64 && \ + COSIGN_VERSION=2.0.2 && wget https://github.com/sigstore/cosign/releases/download/v$COSIGN_VERSION/cosign-linux-amd64 && \ mv cosign-linux-amd64 /tool/binary/cosign && chmod +x /tool/binary/cosign && \ pwd RUN cd /tool/binary/ && tar czvf tools.tar.gz * && cp tools.tar.gz /tool -# --- End of base file --- \ No newline at end of file +# --- End of base file --- diff --git a/tests/test-engine-image/Dockerfile.ui_test b/tests/test-engine-image/Dockerfile.ui_test index c97f07467..aed8dd491 100644 --- a/tests/test-engine-image/Dockerfile.ui_test +++ b/tests/test-engine-image/Dockerfile.ui_test @@ -5,6 +5,8 @@ ENV TZ=Asia/Shanghai \ ENV LANG C.UTF-8 ENV HELM_EXPERIMENTAL_OCI=1 ENV COSIGN_PASSWORD=Harbor12345 +ENV COSIGN_EXPERIMENTAL=1 +ENV COSIGN_OCI_EXPERIMENTAL=1 RUN apt-get update && apt-get install -y --no-install-recommends wget curl gnupg2 RUN apt-get install libseccomp2 RUN wget --no-check-certificate -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | apt-key add - @@ -37,8 +39,8 @@ RUN pip3 install --upgrade pip pyasn1 google-apitools==0.5.31 gsutil \ requests dbbot robotframework-seleniumlibrary robotframework-pabot \ robotframework-JSONLibrary hurry.filesize --upgrade && \ apt-get clean all -# Upgrade chromedriver version to 107.0.5304.62 -RUN wget -N https://chromedriver.storage.googleapis.com/107.0.5304.62/chromedriver_linux64.zip && \ +# Upgrade chromedriver version to 113.0.5672.24 +RUN wget -N https://chromedriver.storage.googleapis.com/113.0.5672.24/chromedriver_linux64.zip && \ unzip chromedriver_linux64.zip && \ chmod +x chromedriver && \ mv -f chromedriver /usr/local/share/chromedriver && \ @@ -47,7 +49,7 @@ RUN wget -N https://chromedriver.storage.googleapis.com/107.0.5304.62/chromedriv RUN pwd && ls && \ # Install docker - DOCKER_VERSION=20.10.3 && wget https://download.docker.com/linux/static/stable/x86_64/docker-$DOCKER_VERSION.tgz && \ + DOCKER_VERSION=24.0.2 && wget https://download.docker.com/linux/static/stable/x86_64/docker-$DOCKER_VERSION.tgz && \ tar --strip-components=1 -xvzf docker-$DOCKER_VERSION.tgz -C /usr/bin && \ rm docker-$DOCKER_VERSION.tgz