Merge pull request #7893 from danfengliu/add-oidc-test-case-secret-verify-1

Add test case secret-verify for oidc-auth-mode feature

tests/resources/Docker-Util.robot

@@ -50,15 +50,19 @@ Push Image With Tag
     Wait Unitl Command Success  docker push ${ip}/${project}/${image}:${tag}
     Wait Unitl Command Success  docker logout ${ip}
 
+Cannot Docker Login Harbor
+    [Arguments]  ${ip}  ${user}  ${pwd}
+    Command Should be Failed  docker login -u ${user} -p ${pwd} ${ip}
+
 Cannot Pull image
     [Arguments]  ${ip}  ${user}  ${pwd}  ${project}  ${image}
     Wait Unitl Command Success  docker login -u ${user} -p ${pwd} ${ip}
-    Wait Unitl Command Success  docker pull ${ip}/${project}/${image}  positive=${false}
+    Command Should be Failed  docker pull ${ip}/${project}/${image}
 
 Cannot Pull Unsigned Image
-    [Arguments]  ${ip}  ${user}  ${pass}  ${proj}  ${imagewithtag}  
+    [Arguments]  ${ip}  ${user}  ${pass}  ${proj}  ${imagewithtag}
     Wait Unitl Command Success  docker login -u ${user} -p ${pass} ${ip}
-    ${output}=  Wait Unitl Command Success  docker pull ${ip}/${proj}/${imagewithtag}  positive=${false}
+    ${output}=  Command Should be Failed  docker pull ${ip}/${proj}/${imagewithtag}
     Should Contain  ${output}  The image is not signed in Notary
 
 Cannot Push image
@@ -67,7 +71,7 @@ Cannot Push image
     Wait Unitl Command Success  docker pull ${image}
     Wait Unitl Command Success  docker login -u ${user} -p ${pwd} ${ip}
     Wait Unitl Command Success  docker tag ${image} ${ip}/${project}/${image}
-    Wait Unitl Command Success  docker push ${ip}/${project}/${image}  positive=${false}
+    Command Should be Failed  docker push ${ip}/${project}/${image}
     Wait Unitl Command Success  docker logout ${ip}
 
 Wait Until Container Stops
@@ -118,7 +122,7 @@ Kill Local Docker Daemon
 Docker Login Fail
     [Arguments]  ${ip}  ${user}  ${pwd}
     Log To Console  \nRunning docker login ${ip} ...
-    ${output}=  Wait Unitl Command Success  docker login -u ${user} -p ${pwd} ${ip}  positive=${false}
+    ${output}=  Command Should be Failed  docker login -u ${user} -p ${pwd} ${ip}
     Should Contain  ${output}  unauthorized: authentication required
     Should Not Contain  ${output}  500 Internal Server Error
 
@@ -136,4 +140,4 @@ Docker Tag
 
 Docker Push
     [Arguments]  ${image}
-    Wait Unitl Command Success  docker push ${image}
+    Wait Unitl Command Success  docker push ${image}

tests/resources/Harbor-Pages/OIDC_Auth.robot

@@ -46,3 +46,14 @@ Get Secrete By API
     ${json}=  Run Curl And Return Json   curl -s -k -X GET --header 'Accept: application/json' -u '${HARBOR_ADMIN}:${HARBOR_PASSWORD}' '${url}/api/users/${user_id}'
     ${secret}=    Set Variable    ${json["oidc_user_meta"]["secret"]}
     [Return]  ${secret}
+
+Generate And Return Secret
+    [Arguments]  ${url}
+    Retry Element Click  ${head_admin_xpath}
+    Retry Element Click  ${user_profile_xpath}
+    Retry Element Click  ${more_btn}
+    Retry Element Click  ${generate_secret_btn}
+    Retry Double Keywords When Error  Retry Element Click  ${confirm_btn}  Retry Wait Until Page Not Contains Element  ${confirm_btn}
+    Retry Wait Until Page Contains  generate CLI secret success
+    ${secret}=  Get Secrete By API  ${url}
+    [Return]  ${secret}

tests/resources/Harbor-Pages/OIDC_Auth_Elements.robot

@@ -23,4 +23,6 @@ ${submit_login_btn}    //*[@id='submit-login']
 ${grant_btn}      xpath=/html/body/div[2]/div/div[2]/div[1]/form/button
 ${oidc_username_input}    //*[@id='oidcUsername']
 ${save_btn}       //*[@id='saveButton']
-${OIDC_USERNAME}  test1
+${OIDC_USERNAME}  test1
+${generate_secret_btn}       //*[@id='generate-cli-btn']
+${more_btn}       //*[@id='hidden-generate-cli']

tests/resources/Util.robot

@@ -163,16 +163,20 @@ Wait Unitl Vul Data Ready
     Run Keyword If  ${i+1}==${n}  Fail  The vul data is not ready
 
 Wait Unitl Command Success
-    [Arguments]  ${cmd}  ${times}=8  ${positive}=${true}
+    [Arguments]  ${cmd}  ${times}=8
     :FOR  ${n}  IN RANGE  1  ${times}
     \    Log  Trying ${cmd}: ${n} ...  console=True
     \    ${rc}  ${output}=  Run And Return Rc And Output  ${cmd}
-    \    Run Keyword If  ${positive} == ${true}  Exit For Loop If  '${rc}'=='0'
-    \    ...  ELSE  Exit For Loop If  '${rc}'!='0'
+    \    Exit For Loop If  '${rc}'=='0'
     \    Sleep  2
     Log  Command Result is ${output}
-    Run Keyword If  ${positive} == ${true}  Should Be Equal As Strings  '${rc}'  '0'
-    ...  ELSE  Should Not Be Equal As Strings  '${rc}'  '0'
+    Should Be Equal As Strings  '${rc}'  '0'
+    [Return]  ${output}
+
+Command Should be Failed
+    [Arguments]  ${cmd}
+    ${rc}  ${output}=  Run And Return Rc And Output  ${cmd}
+    Should Not Be Equal As Strings  '${rc}'  '0'
     [Return]  ${output}
 
 Retry Keyword When Error

tests/robot-cases/Group1-Nightly/OIDC.robot

@@ -67,3 +67,19 @@ Test Case - Manage Project Member
     ${secret}=  Get Secrete By API  ${HARBOR_URL}
     Manage Project Member Without Sign In Harbor  sign_in_user=${OIDC_USERNAME}  sign_in_pwd=${secret}  test_user1=test2  test_user2=test3  is_oidc_mode=${true}
     Close Browser
+
+Test Case - Generate User CLI Secret
+    Init Chrome Driver
+    ${d}=    Get current Date  result_format=%m%s
+    ${image}=  Set Variable  hello-world
+    Sign In Harbor With OIDC User  ${HARBOR_URL}
+    Create An New Project  project${d}
+    ${secret_old}=  Get Secrete By API  ${HARBOR_URL}
+    Push image  ip=${ip}  user=${OIDC_USERNAME}  pwd=${secret_old}  project=project${d}  image=${image}
+    ${secret_new}=  Generate And Return Secret  ${HARBOR_URL}
+    Log To Console  ${secret_old}
+    Log To Console  ${secret_new}
+    Should Not Be Equal As Strings  '${secret_old}'  '${secret_new}'
+    Cannot Docker Login Harbor  ${ip}  ${OIDC_USERNAME}  ${secret_old}
+    Pull image  ${ip}  ${OIDC_USERNAME}  ${secret_new}  project${d}  ${image}
+    Push image  ${ip}  ${OIDC_USERNAME}  ${secret_new}  project${d}  ${image}