diff --git a/tests/resources/Cosign_Util.robot b/tests/resources/Cosign_Util.robot index 7f9b1c2b9..c695bac89 100644 --- a/tests/resources/Cosign_Util.robot +++ b/tests/resources/Cosign_Util.robot @@ -24,4 +24,9 @@ Cosign Generate Key Pair Cosign Sign [Arguments] ${artifact} - Wait Unitl Command Success cosign sign --allow-insecure-registry --key cosign.key ${artifact} \ No newline at end of file + Wait Unitl Command Success cosign sign --allow-insecure-registry --key cosign.key ${artifact} + +Cosign Verify + [Arguments] ${artifact} ${signed} + Run Keyword If ${signed}==${true} Wait Unitl Command Success cosign verify --key cosign.pub ${artifact} + ... ELSE Command Should be Failed cosign verify --key cosign.pub ${artifact} \ No newline at end of file diff --git a/tests/robot-cases/Group1-Nightly/Common.robot b/tests/robot-cases/Group1-Nightly/Common.robot index d8c59abbc..381a26fe9 100644 --- a/tests/robot-cases/Group1-Nightly/Common.robot +++ b/tests/robot-cases/Group1-Nightly/Common.robot @@ -913,9 +913,11 @@ Test Case - Cosign And Cosign Deployment Security Policy Go Into Project project${d} Retry Double Keywords When Error Go Into Repo project${d}/${image} Should Not Be Signed By Cosign ${tag} Cannot Pull Image ${ip} ${user} ${pwd} project${d} ${image}:${tag} err_msg=The image is not signed in Cosign. - Cosign Generate Key Pair + Cosign Verify ${ip}/project${d}/${image}:${tag} ${false} + Cosign Sign ${ip}/project${d}/${image}:${tag} + Cosign Verify ${ip}/project${d}/${image}:${tag} ${true} Retry Double Keywords When Error Retry Element Click ${artifact_list_refresh_btn} Should Be Signed By Cosign ${tag} Pull image ${ip} ${user} ${pwd} project${d} ${image}:${tag} diff --git a/tests/test-engine-image/Dockerfile.common b/tests/test-engine-image/Dockerfile.common index dbf713853..2e4cfbea4 100644 --- a/tests/test-engine-image/Dockerfile.common +++ b/tests/test-engine-image/Dockerfile.common @@ -69,7 +69,7 @@ RUN pwd && mkdir /tool/binary && \ IMGPKG_VERSION=0.22.0 && wget https://github.com/vmware-tanzu/carvel-imgpkg/releases/download/v$IMGPKG_VERSION/imgpkg-linux-amd64 && \ mv imgpkg-linux-amd64 /tool/binary/imgpkg && chmod +x /tool/binary/imgpkg && \ # Install cosign - COSIGN_VERSION=1.4.1 && wget https://github.com/sigstore/cosign/releases/download/v$COSIGN_VERSION/cosign-linux-amd64 && \ + COSIGN_VERSION=1.8.0 && wget https://github.com/sigstore/cosign/releases/download/v$COSIGN_VERSION/cosign-linux-amd64 && \ mv cosign-linux-amd64 /tool/binary/cosign && chmod +x /tool/binary/cosign && \ pwd diff --git a/tests/test-engine-image/Dockerfile.ui_test b/tests/test-engine-image/Dockerfile.ui_test index 1a5d79363..dc3fc2aaf 100644 --- a/tests/test-engine-image/Dockerfile.ui_test +++ b/tests/test-engine-image/Dockerfile.ui_test @@ -36,8 +36,8 @@ RUN pip3 install --upgrade pip pyasn1 google-apitools==0.5.31 gsutil \ requests dbbot robotframework-seleniumlibrary==4.3.0 robotframework-pabot \ robotframework-JSONLibrary hurry.filesize --upgrade && \ apt-get clean all -# Upgrade chromedriver version to 97.0.4692.71 -RUN wget -N http://chromedriver.storage.googleapis.com/97.0.4692.71/chromedriver_linux64.zip && \ +# Upgrade chromedriver version to 101.0.4951.41 +RUN wget -N https://chromedriver.storage.googleapis.com/101.0.4951.41/chromedriver_linux64.zip && \ unzip chromedriver_linux64.zip && \ chmod +x chromedriver && \ mv -f chromedriver /usr/local/share/chromedriver && \