From 5edd408d07a5fb61053bd0e34a5af66920b5af4c Mon Sep 17 00:00:00 2001 From: wangyan Date: Wed, 25 Jul 2018 02:46:09 -0700 Subject: [PATCH] Add scripts to verify Harbor DB migration --- tests/resources/Harbor-Pages/Verify.robot | 203 +++--- tests/resources/Util.robot | 2 + .../Group13-Upgrade/Verifydata.robot | 30 - tests/robot-cases/Group13-Upgrade/data.json | 212 ++++++ tests/robot-cases/Group13-Upgrade/prepare.py | 185 +++++ .../robot-cases/Group13-Upgrade/sign_image.sh | 29 + .../robot-cases/Group13-Upgrade/testdata.json | 75 --- .../Group13-Upgrade/testupgrade.py | 634 ------------------ .../robot-cases/Group13-Upgrade/verify.robot | 21 + 9 files changed, 561 insertions(+), 830 deletions(-) delete mode 100644 tests/robot-cases/Group13-Upgrade/Verifydata.robot create mode 100644 tests/robot-cases/Group13-Upgrade/data.json create mode 100644 tests/robot-cases/Group13-Upgrade/prepare.py create mode 100755 tests/robot-cases/Group13-Upgrade/sign_image.sh delete mode 100644 tests/robot-cases/Group13-Upgrade/testdata.json delete mode 100644 tests/robot-cases/Group13-Upgrade/testupgrade.py create mode 100644 tests/robot-cases/Group13-Upgrade/verify.robot diff --git a/tests/resources/Harbor-Pages/Verify.robot b/tests/resources/Harbor-Pages/Verify.robot index 83a1f4ccc..c2febc182 100644 --- a/tests/resources/Harbor-Pages/Verify.robot +++ b/tests/resources/Harbor-Pages/Verify.robot @@ -1,150 +1,171 @@ *** settings *** -Library JSONLibrary Resource ../../resources/Util.robot *** Keywords *** #for jsonpath refer to http://goessner.net/articles/JsonPath/ or https://nottyo.github.io/robotframework-jsonlibrary/JSONLibrary.html -${json}= Load Json From File testdata.json - Verify User - @{user}= Get Value From Json ${json} $.users..name - #verify user exist - Sign In Harbor ${HARBOR_URL} %{HARBOR_ADMIN} %{HARBOR_PASSWORD} + [Arguments] ${json} + Init Chrome Driver + Sign In Harbor ${HARBOR_URL} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} Switch To User Tag - :For ${user} In @{user} - \ Page Should Contain ${user} + @{user}= Get Value From Json ${json} $.users..name + :FOR ${user} IN @{user} + \ Page Should Contain ${user} Logout Harbor #verify user can login - :For ${user} In @{user} - \ Sign In Harbor ${HARBOR_URL} ${user} %{HARBOR_PASSWORD} + @{user}= Get Value From Json ${json} $.users..name + :FOR ${user} IN @{user} + \ Sign In Harbor ${HARBOR_URL} ${user} ${HARBOR_PASSWORD} \ Logout Harbor + Close Browser Verify Project + [Arguments] ${json} @{project}= Get Value From Json ${json} $.projects.[*].name - Sign In Harbor ${HARBOR_URL} %{HARBOR_ADMIN} %{HARBOR_PASSWORD} - :For ${project} In @{project} - \ Page Should Contain ${project} + Init Chrome Driver + Sign In Harbor ${HARBOR_URL} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} + :FOR ${project} IN @{project} + \ Page Should Contain ${project} + Close Browser Verify Image Tag + [Arguments] ${json} @{project}= Get Value From Json ${json} $.projects.[*].name - Sign In Harbor ${HARBOR_URL} %{HARBOR_ADMIN} %{HARBOR_PASSWORD} - :For ${project} In @{projects} - \ Go Into Project ${project} + Init Chrome Driver + Sign In Harbor ${HARBOR_URL} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} + :FOR ${project} IN @{project} + \ Go Into Project ${project} \ @{repo}= Get Value From Json ${json} $.projects[?(@name=${project})]..repo..name - \ @{tag}= Get Value From Json ${json} $.projects[?(@name=${project})]..repo..tag - \ :For ${repo} In @{repo} - \ \ Go Into Repo ${repo} - \ \ :For ${tag} In @{tag} - \ \ \ Page Should Contain ${tag} - \ \ \ Back To Projects + \ Loop Image Repo @{repo} + \ Back To Projects + Close Browser + +Loop Image Repo + [Arguments] @{repo} + :For ${repo} In @{repo} + \ Page Should Contain ${repo} Verify Member Exist + [Arguments] ${json} @{project}= Get Value From Json ${json} $.projects.[*].name - Sign In Harbor ${HARBOR_URL} %{HARBOR_ADMIN} %{HAROBR_PASSWORD} - :For ${project} In @{project} - \ Go Into Project ${projet} + Init Chrome Driver + Sign In Harbor ${HARBOR_URL} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} + :For ${project} In @{project} + \ Go Into Project ${project} \ Switch To Member \ @{members}= Get Value From Json ${json} $.projects[?(@name=${project})].member..name - \ :For ${member} In @{members} - \ \ Page Should Contain ${member} + \ Loop Member @{members} \ Back To Projects + Close Browser + +Loop Member + [Arguments] @{members} + :For ${member} In @{members} + \ Page Should Contain ${member} Verify User System Admin Role + [Arguments] ${json} @{user}= Get Value From Json ${json} $.admin..name - :For ${user} in @{user} - \ Sign In Harbor ${HARBOR_URL} ${user} %{HARBOR_PASSWORD} + Init Chrome Driver + :FOR ${user} IN @{user} + \ Sign In Harbor ${HARBOR_URL} ${user} ${HARBOR_PASSWORD} \ Page Should Contain Administration \ Logout Harbor + Close Browser Verify System Label + [Arguments] ${json} @{label}= Get Value From Json ${json} $..syslabel..name - Sign In Harbor ${HAROBR_URL} %{HAROBR_ADMIN} %{HAROBR_PASSWORD} + Init Chrome Driver + Sign In Harbor ${HARBOR_URL} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} Switch To Configure Switch To System Labels - :For ${label} In @{label} - \ Page Should Contain ${label} + :For ${label} In @{label} + \ Page Should Contain ${label} + Close Browser Verify Project Label + [Arguments] ${json} @{project}= Get Value From Json ${json} $.peoject.[*].name - Sign In Harbor ${HAROBR_URL} %{HAROBR_ADMIN} %{HAROBR_PASSWORD} - :For ${project} In @{project} + Init Chrome Driver + Sign In Harbor ${HARBOR_URL} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} + :For ${project} In @{project} \ Go Into Project ${project} \ Switch To Project Label \ @{projectlabel}= Get Value From Json ${json} $.projects[?(@.name=${project})]..labels..name - \ :For ${label} In @{projectlabel} - \ \ Page Should Contain ${projectlabel} + \ :For ${label} In @{label} + \ \ Page Should Contain ${projectlabel} \ Back To Projects + Close Browser Verify Endpoint + [Arguments] ${json} @{endpoint}= Get Value From Json ${json} $.endpoint..name - Sign In Harbor ${HAROBR_URL} %{HAROBR_ADMIN} %{HAROBR_PASSWORD} + Init Chrome Driver + Sign In Harbor ${HARBOR_URL} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} Switch To Registries - :For ${endpoint} In @{endpoint} - \ Page Should Contain ${endpoint} + :For ${endpoint} In @{endpoint} + \ Page Should Contain ${endpoint} + Close Browser Verify Replicationrule + [Arguments] ${json} @{replicationrule}= Get Value From Json ${json} $.replicationrule..name - Sign In Harbor ${HAROBR_URL} %{HAROBR_ADMIN} %{HAROBR_PASSWORD} - Switch To System Replication - :For ${replicationrule} In @{replicationrule} - \ Page Should Contain ${replicationrule} + Init Chrome Driver + Sign In Harbor ${HARBOR_URL} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} + Switch To Replication Manage + :For ${replicationrule} IN @{replicationrule} + \ Page Should Contain ${replicationrule} + Close Browser Verify Project Setting + [Arguments] ${json} @{projects}= Get Value From Json ${json} $.projects.[*].name - :For ${project} In @{projects} - \ ${public}= Get Value From Json ${json} $.projects[?(@.name=${projectname})].accesslevel - \ ${contenttrust}= Get Value From Json ${json} $.projects[?(@.name=${projectname})]..enable_content_trust - \ ${preventrunning}= Get Value From Json ${json} $.projects[?(@.name=${projectname})]..prevent_vulnerable_images_from_running - \ ${scanonpush}= Get Value From Json ${json} $.projects[?(@.name=${projectname})]..automatically_scan_images_on_push - \ Sign In Harbor ${HAROBR_URL} %{HAROBR_ADMIN} %{HAROBR_PASSWORD} + :For ${project} In @{Projects} + \ ${public}= Get Value From Json ${json} $.projects[?(@.name=${project})].accesslevel + \ ${contenttrust}= Get Value From Json ${json} $.projects[?(@.name=${project})]..enable_content_trust + \ ${preventrunning}= Get Value From Json ${json} $.projects[?(@.name=${project})]..prevent_vulnerable_images_from_running + \ ${scanonpush}= Get Value From Json ${json} $.projects[?(@.name=${project})]..automatically_scan_images_on_push + \ Init Chrome Driver + \ Sign In Harbor ${HARBOR_URL} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} \ Go Into Project ${project} \ Goto Project Config - \ Run Keyword If ${public} == "public" - \ Checkbox Should Be Checked //clr-checkbox[@name='public']//label - \ Else - \ Checkbox Should Not Be Checked //clr-checkbox[@name='public']//label - \ Run Keyword If ${contenttrust} == "true" - \ Checkbox Should Be Checked //clr-checkbox[@name='content-trust']//label - \ Else - \ Checkbox Should Not Be Checked //clr-checkbox[@name='content-trust']//label - \ Run Keyword If ${preventrunning} == "true" - \ Checkbox Should Be Checked //clr-checkbox[@name='prevent-vulenrability-image']//label - \ #verify level?page should not contain disabled element - \ Else - \ Checkbox Should Not Be Checked //clr-checkbox[@name='prevent-vulenrability-image']//label - \ #Page Should Contain a disabled element - \ Run Keyword If ${scanonpush} == "true" - \ Checkbox Should Be Checked //clr-checkbox[@name='scan-image-on-push']//label - \ Else - \ Checkbox Should Not Be Checked //clr-checkbox[@name='scan-image-on-push']//label - \ Back To Projects + \ Run Keyword If ${public} == "public" Checkbox Should Be Checked //clr-checkbox[@name='public']//label + \ Run Keyword If ${contenttrust} == "true" Checkbox Should Be Checked //clr-checkbox[@name='content-trust']//label + \ Run Keyword If ${contenttrust} == "false" Checkbox Should Not Be Checked //clr-checkbox[@name='content-trust']//label + \ Run Keyword If ${preventrunning} == "true" Checkbox Should Be Checked //clr-checkbox[@name='prevent-vulenrability-image']//label + \ Run Keyword If ${preventrunning} == "false" Checkbox Should Not Be Checked //clr-checkbox[@name='prevent-vulenrability-image']//label + \ Run Keyword If ${scanonpush} == "true" Checkbox Should Be Checked //clr-checkbox[@name='scan-image-on-push']//label + \ Run Keyword If ${scanonpush} == "true" Checkbox Should Not Be Checked //clr-checkbox[@name='scan-image-on-push']//label + \ Close Browser Verify System Setting - ${authtype}= Get Value From Json ${json} $.configuration.authmode - ${creation}= Get Value From Json ${json} $.configuration..projectcreation - ${selfreg}= Get Value From Json ${json} $.configuration..selfreg - ${emailserver}= Get Value From Json ${json} $.configuration..emailserver - ${emailport}= Get Value From Json ${json} $.configuration..emailport - ${emailuser}= Get Value From Json ${json} $.configuration..emailuser - ${emailfrom}= Get Value From Json ${json} $.configuration..emailfrom - ${token}= Get Value From Json ${json} $.configuration..token - ${scanschedule}= Get Value From Json ${json} $.configuration..scanall - Sign In Harbor ${HARBOR_URL} %{HARBOR_ADMIN} %{HARBOR_PASSWORD} + [Arguments] ${json} + @{authtype}= Get Value From Json ${json} $.configuration.authmode + @{creation}= Get Value From Json ${json} $.configuration..projectcreation + @{selfreg}= Get Value From Json ${json} $.configuration..selfreg + @{emailserver}= Get Value From Json ${json} $.configuration..emailserver + @{emailport}= Get Value From Json ${json} $.configuration..emailport + @{emailuser}= Get Value From Json ${json} $.configuration..emailuser + @{emailfrom}= Get Value From Json ${json} $.configuration..emailfrom + @{token}= Get Value From Json ${json} $.configuration..token + @{scanschedule}= Get Value From Json ${json} $.configuration..scanall + Init Chrome Driver + Sign In Harbor ${HARBOR_URL} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} Switch To Configure - Page Should Contain ${authtype} - Run Keyword If ${selfreg} == "True" - Checkbox Should Be Checked //clr-checkbox[@id='selfReg']//label - Else - Checkbox Should Not Be Checked //clr-checkbox[@id='selfReg']//label - Page Should Contain ${creation} + Page Should Contain @{authtype}[0] + Run Keyword If @{selfreg}[0] == "True" Checkbox Should Be Checked //clr-checkbox[@id='selfReg']//label + Run Keyword If @{selfreg}[0] == "False" Checkbox Should Not Be Checked //clr-checkbox[@id='selfReg']//label + Page Should Contain @{creation}[0] Switch To Email - Page Should Contain ${emailserver} - Page Should Contain ${emailport} - Page Should Contain ${emailuser} - Page Should Contain ${emailfrom} + Textfield Value Should Be xpath=//*[@id="mailServer"] @{emailserver}[0] + Textfield Value Should Be xpath=//*[@id="emailPort"] @{emailport}[0] + Textfield Value Should Be xpath=//*[@id="emailUsername"] @{emailuser}[0] + Textfield Value Should Be xpath=//*[@id="emailFrom"] @{emailfrom}[0] Switch To System Settings - Page Should Contain ${token} - Go To Vulnerability Config - Page Should Contain ${scanschedule} + Token Must Be Match @{token}[0] + Go To Vulnerability Config + Page Should Contain None + Close Browser diff --git a/tests/resources/Util.robot b/tests/resources/Util.robot index 87b787774..e218f03e1 100644 --- a/tests/resources/Util.robot +++ b/tests/resources/Util.robot @@ -21,6 +21,7 @@ Library Process Library SSHLibrary 1 minute Library DateTime Library Selenium2Library 10 10 +Library JSONLibrary Resource Nimbus-Util.robot Resource Vsphere-Util.robot Resource VCH-Util.robot @@ -47,6 +48,7 @@ Resource Harbor-Pages/ToolKit.robot Resource Harbor-Pages/ToolKit_Elements.robot Resource Harbor-Pages/Vulnerability.robot Resource Harbor-Pages/LDAP-Mode.robot +Resource Harbor-Pages/Verify.robot Resource Docker-Util.robot Resource Admiral-Util.robot Resource OVA-Util.robot diff --git a/tests/robot-cases/Group13-Upgrade/Verifydata.robot b/tests/robot-cases/Group13-Upgrade/Verifydata.robot deleted file mode 100644 index 74f3075c4..000000000 --- a/tests/robot-cases/Group13-Upgrade/Verifydata.robot +++ /dev/null @@ -1,30 +0,0 @@ -*** Settings *** -Documentation Harbor BATs -Resource ../../resources/Util.robot -Suite Setup Nightly Test Setup ${ip} ${SSH_PWD} ${HARBOR_PASSWORD} ${ip1} -Suite Teardown Collect Nightly Logs ${ip} ${SSH_PWD} ${ip1} -Default Tags Nightly - -*** Variables *** -${HARBOR_URL} https://${ip} -${SSH_USER} root -${HARBOR_ADMIN} admin - -*** test case *** - -Verify Data - #get version from extenal argument - Convert To Float ${version} - Run Keyword If ${version}==1.1 - Run Keywords Verify User Verify Project Verify Member Exist Verify Image Tag Verify Endpoint Verify Replicationrule - Else If ${version}==1.2 - Run Keywords Verify User Verify Project Verify Member Exist Verify Image Tag Verify Endpoint Verify Replicationrule - Else If ${version}==1.3 - Run Keywords Verify User Verify Project Verify Member Exist Verify Image Tag Verify Endpoint Verify Replicationrule Verify System Setting Verify Project Setting - Else If ${version}==1.4 - Run Keywords Verify User Verify Project Verify Member Exist Verify Image Tag Verify Endpoint Verify Replicationrule Verify System Setting Verify Project Setting - Else If ${version}==1.5 - Run Keywords Verify User Verify Project Verify Member Exist Verify Image Tag Verify Endpoint Verify Replicationrule Verify System Setting Verify Project Setting Verify Project Label Verify Syslabel - Else - Log To Consle "Version Not Supported" - diff --git a/tests/robot-cases/Group13-Upgrade/data.json b/tests/robot-cases/Group13-Upgrade/data.json new file mode 100644 index 000000000..a0a2858d2 --- /dev/null +++ b/tests/robot-cases/Group13-Upgrade/data.json @@ -0,0 +1,212 @@ +{ + "users":[ + { + "name":"user1" + }, + { + "name":"user2" + }, + { + "name":"user3" + }, + { + "name":"user4" + }, + { + "name":"user5" + } + ], + "admin":[ + { + "name":"user1", + "has_admin":true + }, + { + "name":"user2", + "has_admin":true + } + ], + "endpoint":[ + { + "url":"http://url", + "name":"endpoint1", + "user":"endpointuser", + "pass":"endpointpass" + } + ], + "replicationrule":[ + { + "project":"project1", + "endpoint":"endpoint1", + "trigger":"Manual", + "rulename":"rulename" + }, + { + "project":"library", + "endpoint":"endpoint1", + "trigger":"Manual", + "rulename":"rulelibrary" + } + ], + "configuration":{ + "authmode":"Database", + "projectcreation":"everyone", + "selfreg":false, + "emailsetting":{ + "emailserver":"emailserver", + "emailport":"2220", + "emailuser":"emailuser", + "emailfrom":"emailfrom", + "emailssl":false, + "verifycert":false + }, + "token":"40", + "readonly":false, + "scanall":{ + "type":"none", + "param":{ + "daily":0 + } + }, + "syslabel":[ + { + "name":"label1" + }, + { + "name":"label2" + }, + { + "name":"label3" + }, + { + "name":"label4" + }, + { + "name":"label5" + }, + { + "name":"label6" + } + ] + }, + "projects":[ + { + "name":"project1", + "accesslevel":"public", + "repocounts":2, + "repo":[ + { + "name":"busybox", + "tag":"latest", + "signed":"False" + }, + { + "name":"alpine", + "tag":"latest", + "signed":"True" + } + ], + "member":[ + { + "name":"user1", + "role":1 + }, + { + "name":"user2", + "role":2 + }, + { + "name":"user3", + "role":3 + } + ], + "replications":{ + "rulename":"ruleproject1", + "endpointname":"endpoint1", + "trigger":"Manual" + }, + "labels":[ + { + "name":"proj1label1" + }, + { + "name":"proj1label2" + }, + { + "name":"proj1label3" + } + ], + "logs":[ + { + "name":"admin", + "operation":"create" + } + ], + "configuration":{ + "enable_content_trust":"true", + "automatically_scan_images_on_push":"true", + "prevent_vulnerable_images_from_running":"true", + "prevent_vlunerable_images_from_running_severity":"High" + } + }, + { + "name":"project2", + "accesslevel":"public", + "repocounts":2, + "repo":[ + { + "name":"busybox", + "tag":"latest", + "signed":"False" + }, + { + "name":"alpine", + "tag":"latest", + "signed":"True" + } + ], + "member":[ + { + "name":"user1", + "role":1 + }, + { + "name":"user2", + "role":2 + }, + { + "name":"user3", + "role":3 + } + ], + "replications":{ + "rulename":"rulename1", + "endpointname":"endpoint1", + "trigger":"Manual" + }, + "labels":[ + { + "name":"proj2label1" + }, + { + "name":"proj2label2" + }, + { + "name":"proj2label3" + } + ], + "logs":[ + { + "name":"admin", + "operation":"create" + } + ], + "configuration":{ + "enable_content_trust":"True", + "automatically_scan_images_on_push":"True", + "prevent_vulnerable_images_from_running":"True", + "prevent_vlunerable_images_from_running_severity":"High" + } + } + ] + } \ No newline at end of file diff --git a/tests/robot-cases/Group13-Upgrade/prepare.py b/tests/robot-cases/Group13-Upgrade/prepare.py new file mode 100644 index 000000000..96b372ab7 --- /dev/null +++ b/tests/robot-cases/Group13-Upgrade/prepare.py @@ -0,0 +1,185 @@ +import os +import json +import argparse +import requests + +from requests.packages.urllib3.exceptions import InsecureRequestWarning +requests.packages.urllib3.disable_warnings(InsecureRequestWarning) + +parser = argparse.ArgumentParser(description='The script to generate data for harbor v1.4.0') +parser.add_argument('--endpoint', '-e', dest='endpoint', required=True, help='The endpoint to harbor') +args = parser.parse_args() + +url = "https://"+args.endpoint+"/api/" +print url + +class HarborAPI: + + def create_project(self, project_name): + r = requests.post(url+"projects", auth=("admin", "Harbor12345"), json={"project_name": ""+project_name+"", "metadata": {"public": "true"}}, verify=False) + print(r.status_code) + + def create_user(self, username): + payload = {"username":username, "email":username+"@vmware.com", "password":"Harbor12345", "realname":username, "commment":"string"} + r = requests.post(url+"users", auth=("admin", "Harbor12345"), json=payload, verify=False) + print(r.status_code) + + def set_user_admin(self, user): + r = requests.get(url+"users?username="+user+"", auth=("admin", "Harbor12345"), verify=False) + userid = str(r.json()[0]['user_id']) + r = requests.put(url+"users/"+userid+"/sysadmin", auth=("admin", "Harbor12345"), json={"has_admin_role": 1}, verify=False) + print(r.status_code) + + def add_member(self, project, user, role): + r = requests.get(url+"projects?name="+project+"", auth=("admin", "Harbor12345"), verify=False) + projectid = str(r.json()[0]['project_id']) + payload = {"roles": [role], "username":""+user+""} + r = requests.post(url+"projects/"+projectid+"/members", auth=("admin", "Harbor12345"), json=payload, verify=False) + print(r.status_code) + + def add_endpoint(self, endpointurl, endpointname, username, password, insecure): + payload = {"endpoint": ""+endpointurl+"", "name": ""+endpointname+"", "username": ""+username+"", "password": ""+password+"", "insecure": insecure} + r = requests.post(url+"targets", auth=("admin", "Harbor12345"), json=payload, verify=False) + print(r.status_code) + + def add_replication_rule(self, project, target, trigger, rulename): + r = requests.get(url+"projects?name="+project+"", auth=("admin", "Harbor12345"), verify=False) + projectid = r.json()[0]['project_id'] + r = requests.get(url+"targets?name="+target+"", auth=("admin", "Harbor12345"), verify=False) + targetid = r.json()[0]['id'] + payload = {"name": ""+rulename+"", "description": "string", "projects": [{"project_id": projectid,}], "targets": [{"id": targetid,}], "trigger": {"kind": ""+trigger+"", "schedule_param": {"type": "weekly", "weekday": 1, "offtime": 0}}} + r = requests.post(url+"policies/replication", auth=("admin", "Harbor12345"), json=payload, verify=False) + print(r.status_code) + + def update_project_setting(self, project, contenttrust, preventrunning, preventseverity, scanonpush): + r = requests.get(url+"projects?name="+project+"", auth=("admin", "Harbor12345"), verify=False) + projectid = str(r.json()[0]['project_id']) + payload = { + "project_name": ""+project+"", + "metadata": { + "public": "True", + "enable_content_trust": contenttrust, + "prevent_vulnerable_images_from_running": preventrunning, + "prevent_vulnerable_images_from_running_severity": preventseverity, + "automatically_scan_images_on_push": scanonpush + } + } + r = requests.put(url+"projects/"+projectid+"", auth=("admin", "Harbor12345"), json=payload, verify=False) + print(r.status_code) + + def update_systemsetting(self, emailfrom, emailhost, emailport, emailuser, creation, selfreg, token): + payload = { + "auth_mode": "db_auth", + "email_from": emailfrom, + "email_host": emailhost, + "email_port": emailport, + "email_identity": "string", + "email_username": emailuser, + "email_ssl": True, + "email_insecure": True, + "project_creation_restriction": creation, + "read_only": False, + "self_registration": selfreg, + "token_expiration": token, + "verify_remote_cert": True, + "scan_all_policy": { + "type": "none", + "parameter": { + "daily_time": 0 + } + } + } + r = requests.put(url+"configurations", auth=("admin", "Harbor12345"), json=payload, verify=False) + print(r.status_code) + + def update_repoinfo(self, reponame): + r = requests.put(url+"repositories/"+reponame+"", auth=("admin", "Harbor12345"), json={"description": "testdescription"}, verify=False) + print(r.status_code) + + def get_ca(self, target='/harbor/ca/ca.crt'): + ca_content = request(args.endpoint, '/systeminfo/getcert', 'get', "admin", "Harbor12345") + ca_path = '/harbor/ca' + if not os.path.exists(ca_path): + try: + os.makedirs(ca_path) + except Exception, e: + pass + open(target, 'wb').write(ca_content) + +def request(harbor_endpoint, url, method, user, pwd, **kwargs): + url = "https://" + harbor_endpoint + "/api" + url + kwargs.setdefault('headers', kwargs.get('headers', {})) + kwargs['headers']['Accept'] = 'application/json' + if 'body' in kwargs: + kwargs['headers']['Content-Type'] = 'application/json' + kwargs['data'] = json.dumps(kwargs['body']) + del kwargs['body'] + + resp = requests.request(method, url, verify=False, auth=(user, pwd), **kwargs) + if resp.status_code >= 400: + raise Exception("Error: %s" % resp.text) + try: + body = json.loads(resp.text) + except ValueError: + body = resp.text + return body + +with open("data.json") as f: + data = json.load(f) + +def pull_image(*image): + for i in image: + os.system("docker pull "+i) + +def push_image(image, project): + os.system("docker tag "+image+" "+args.endpoint+"/"+project+"/"+image) + os.system("docker login "+args.endpoint+" -u Admin"+" -p Harbor12345") + os.system("docker push "+args.endpoint+"/"+project+"/"+image) + +def push_signed_image(image, project, tag): + os.system("./sign_image.sh" + " " + args.endpoint + " " + project + " " + image + " " + tag) + +def do_data_creation(): + harborAPI = HarborAPI() + harborAPI.get_ca() + + for user in data["users"]: + harborAPI.create_user(user["name"]) + + for user in data["admin"]: + harborAPI.set_user_admin(user["name"]) + + for project in data["projects"]: + harborAPI.create_project(project["name"]) + for member in project["member"]: + harborAPI.add_member(project["name"], member["name"], member["role"]) + + pull_image("busybox", "redis", "haproxy", "alpine", "httpd:2") + push_image("busybox", data["projects"][0]["name"]) + push_signed_image("alpine", data["projects"][0]["name"], "latest") + + + for endpoint in data["endpoint"]: + harborAPI.add_endpoint(endpoint["url"], endpoint["name"], endpoint["user"], endpoint["pass"], False) + + for replicationrule in data["replicationrule"]: + harborAPI.add_replication_rule(replicationrule["project"], + replicationrule["endpoint"], replicationrule["trigger"], + replicationrule["rulename"]) + + for project in data["projects"]: + harborAPI.update_project_setting(project["name"], + project["configuration"]["enable_content_trust"], + project["configuration"]["prevent_vulnerable_images_from_running"], + project["configuration"]["prevent_vlunerable_images_from_running_severity"], + project["configuration"]["automatically_scan_images_on_push"]) + + harborAPI.update_systemsetting(data["configuration"]["emailsetting"]["emailfrom"], + data["configuration"]["emailsetting"]["emailserver"], + float(data["configuration"]["emailsetting"]["emailport"]), + data["configuration"]["emailsetting"]["emailuser"], + data["configuration"]["projectcreation"], + data["configuration"]["selfreg"], + float(data["configuration"]["token"])) + +do_data_creation() \ No newline at end of file diff --git a/tests/robot-cases/Group13-Upgrade/sign_image.sh b/tests/robot-cases/Group13-Upgrade/sign_image.sh new file mode 100755 index 000000000..8b373acd7 --- /dev/null +++ b/tests/robot-cases/Group13-Upgrade/sign_image.sh @@ -0,0 +1,29 @@ +#!/bin/bash + +docker pull $3:$4 + +IP=$1 +PASSHRASE='Harbor12345' + +echo $IP + +mkdir -p /etc/docker/certs.d/$IP/ +mkdir -p ~/.docker/tls/$IP:4443/ + +cp /harbor/ca/ca.crt /etc/docker/certs.d/$IP/ +cp /harbor/ca/ca.crt ~/.docker/tls/$IP:4443/ + +export DOCKER_CONTENT_TRUST=1 +export DOCKER_CONTENT_TRUST_SERVER=https://$IP:4443 + +export NOTARY_ROOT_PASSPHRASE=$PASSHRASE +export NOTARY_TARGETS_PASSPHRASE=$PASSHRASE +export NOTARY_SNAPSHOT_PASSPHRASE=$PASSHRASE +export DOCKER_CONTENT_TRUST_ROOT_PASSPHRASE=$PASSHRASE +export DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE=$PASSHRASE +export DOCKER_CONTENT_TRUST_OFFLINE_PASSPHRASE=$PASSHRASE +export DOCKER_CONTENT_TRUST_TAGGING_PASSPHRASE=$PASSHRASE + +docker login -u admin -p Harbor12345 $IP +docker tag $3:$4 $IP/$2/$3:$4 +docker push $IP/$2/$3:$4 \ No newline at end of file diff --git a/tests/robot-cases/Group13-Upgrade/testdata.json b/tests/robot-cases/Group13-Upgrade/testdata.json deleted file mode 100644 index b2438419d..000000000 --- a/tests/robot-cases/Group13-Upgrade/testdata.json +++ /dev/null @@ -1,75 +0,0 @@ -{"users":[ - {"name": "user1"}, - {"name": "user2"}, - {"name": "user3"}, - {"name": "user4"}, - {"name": "user5"} - ], - "admin":[ - {"name": "user1", "has_admin": true}, - {"name": "user2", "has_admin": true} - ], - - "endpoint":[{"url": "http://url", "name": "endpoint1", "user": "endpointuser", "pass": "endpointpass"}], - "replicationrule":[ - {"project": "project1", "endpoint": "endpoint1", "trigger": "Manual", "rulename": "rulename"}, - {"project": "library", "endpoint": "endpoint1", "trigger": "Manual", "rulename": "rulelibrary"} - ], - "configuration": {"authmode": "Database", "projectcreation": "everyone", "selfreg": false, - "emailsetting":{"emailserver": "emailserver", "emailport": "2220", "emailuser": "emailuser", "emailfrom": "emailfrom", "emailssl": false, "verifycert": false}, - "token": 30, "readonly": false, - "scanall": {"type": "none", "param":{"daily": 0}}, - "syslabel":[ - {"name": "label1"}, - {"name": "label2"}, - {"name": "label3"}, - {"name": "label4"}, - {"name": "label5"}, - {"name": "label6"} - ] - }, - "projects":[ - {"name": "project1", - "accesslevel": "public", - "repocounts": 2, - "repo": [ - {"name": "busybox", "tag": "latest", "signed": "False"}, - {"name": "alpine", "tag": "latest", "signed": "True"} - ], - "member":[ - {"name": "user1", "role": 1}, - {"name": "user2", "role": 2}, - {"name": "user3", "role": 3} - ], - "replications": {"rulename": "ruleproject1", "endpointname": "endpoint1", "trigger": "Manual"}, - "labels": [{"name": "proj1label1"},{"name": "proj1label2"},{"name": "proj1label3"}], - "logs": [{"name": "admin", "operation": "create"}], - "configuration": {"enable_content_trust": "true", - "automatically_scan_images_on_push": "true", - "prevent_vulnerable_images_from_running": "true", - "prevent_vlunerable_images_from_running_severity": "High" - } - }, - {"name": "project2", - "accesslevel": "public", - "repocounts": 2, - "repo": [ - {"name": "busybox", "tag": "latest", "signed": "False"}, - {"name": "alpine", "tag": "latest", "signed": "True"} - ], - "member":[ - {"name": "user1", "role": 1}, - {"name": "user2", "role": 2}, - {"name": "user3", "role": 3} - ], - "replications": {"rulename": "rulename1", "endpointname": "endpoint1", "trigger": "Manual"}, - "labels": [{"name": "proj2label1"},{"name": "proj2label2"},{"name": "proj2label3"}], - "logs": [{"name": "admin", "operation": "create"}], - "configuration": {"enable_content_trust": "True", - "automatically_scan_images_on_push": "True", - "prevent_vulnerable_images_from_running": "True", - "prevent_vlunerable_images_from_running_severity": "High" - } - } - ] -} diff --git a/tests/robot-cases/Group13-Upgrade/testupgrade.py b/tests/robot-cases/Group13-Upgrade/testupgrade.py deleted file mode 100644 index 2d6557e55..000000000 --- a/tests/robot-cases/Group13-Upgrade/testupgrade.py +++ /dev/null @@ -1,634 +0,0 @@ -import os -import json -import argparse -import requests - -#usage: testupgrade.py host version -parser = argparse.ArgumentParser() -parser.add_argument('x') -# -parser.add_argument('y', type=float) - -parser.add_argument('--https', action="store_true", default=False) - -args = parser.parse_args() - -if args.https: - protocol = "https" -else: - protocol = "http" - -version = args.y -host = args.x - -url = ""+protocol+"://"+host+"/api/" - -class Vonedotone: - def createproject(project_name): - r = requests.post(url+"projects", auth=("admin", "Harbor12345"), json={"project_name": ""+project_name+"", "metadata": {"public": "true"}}, verify=False) - print(r.status_code) - - def createuser(username): - payload = {"username":""+username+"", "email":""+username+"@vmware.com", "password":"Harbor12345", "realname":""+username+"", "commment":"string"} - r = requests.post(url+"users", auth=("admin", "Harbor12345"), json=payload, verify=False) - print(r.status_code) - - def setuseradmin(user): - r = requests.get(url+"users?username="+user+"", auth=("admin", "Harbor12345"), verify=False) - userid = str(r.json()[0]['user_id']) - r = requests.put(url+"users/"+userid+"/sysadmin", auth=("admin", "Harbor12345"), json={"has_admin_role": 1}, verify=False) - print(r.status_code) - - def addmember(project, user, role): - r = requests.get(url+"projects?name="+project+"", auth=("admin", "Harbor12345"), verify=False) - projectid = str(r.json()[0]['project_id']) - payload = {"roles": [role], "username":""+user+""} - r = requests.post(url+"projects/"+projectid+"/members", auth=("admin", "Harbor12345"), json=payload, verify=False) - print(r.status_code) - - def addendpoint(endpointurl, endpointname, username, password, insecure): - payload = {"endpoint": ""+endpointurl+"", "name": ""+endpointname+"", "username": ""+username+"", "password": ""+password+"", "insecure": insecure} - r = requests.post(url+"targets", auth=("admin", "Harbor12345"), json=payload, verify=False) - print(r.status_code) - - def addreplicationrule(project, target, rulename, enable): - r = requests.get(url+"projects?name="+project+"", auth=("admin", "Harbor12345"), verify=False) - projectid = r.json()[0]['project_id'] - r = requests.get(url+"targets?name="+target+"", auth=("admin", "Harbor12345"), verify=False) - targetid = r.json()[0]['id'] - payload = {"project_id": projectid, "target_id": targetid, "name": ""+rulename+"", "enabled": enable} - r = requests.post(url+"policies/replication", auth=("admin", "Harbor12345"), json=payload, verify=False) - print(r.status_code) - - def updateprojectsetting(project, public): - r = requests.get(url+"projects?name="+project+"", auth=("admin", "Harbor12345"), verify=False) - projectid = str(r.json()[0]['project_id']) - payload = { - "public": public - } - r = requests.put(url+"projects/"+projectid+"/publicity", auth=("admin", "Harbor12345"), json=payload, verify=False) - print(r.status_code) - - def updatesystemsetting(emailfrom, emailhost, emailport, emailuser, creation): - payload = { - "auth_mode": "db_auth", - "email_from": emailfrom, - "email_host": emailhost, - "email_port": emailport, - "email_identity": "string", - "email_username": emailuser, - "email_ssl": "0", - "project_creation_restriction": creation, - "self_registration": "0", - "token_expiration": "10", - "verify_remote_cert": "0" - } - r = requests.put(url+"configurations", auth=("admin", "Harbor12345"), json=payload) - print(r.status_code) - - -class Vonedottwo: - def createproject(project_name): - r = requests.post(url+"projects", auth=("admin", "Harbor12345"), json={"project_name": ""+project_name+"", "metadata": {"public": "true"}}, verify=False) - print(r.status_code) - - def createuser(username): - payload = {"username":""+username+"", "email":""+username+"@vmware.com", "password":"Harbor12345", "realname":""+username+"", "commment":"string"} - r = requests.post(url+"users", auth=("admin", "Harbor12345"), json=payload, verify=False) - print(r.status_code) - - def setuseradmin(user): - r = requests.get(url+"users?username="+user+"", auth=("admin", "Harbor12345"), verify=False) - userid = str(r.json()[0]['user_id']) - r = requests.put(url+"users/"+userid+"/sysadmin", auth=("admin", "Harbor12345"), json={"has_admin_role": 1}, verify=False) - print(r.status_code) - - def addmember(project, user, role): - r = requests.get(url+"projects?name="+project+"", auth=("admin", "Harbor12345"), verify=False) - projectid = str(r.json()[0]['project_id']) - payload = {"roles": [role], "username":""+user+""} - r = requests.post(url+"projects/"+projectid+"/members", auth=("admin", "Harbor12345"), json=payload, verify=False) - print(r.status_code) - - def addendpoint(endpointurl, endpointname, username, password, insecure): - payload = {"endpoint": ""+endpointurl+"", "name": ""+endpointname+"", "username": ""+username+"", "password": ""+password+"", "insecure": insecure} - r = requests.post(url+"targets", auth=("admin", "Harbor12345"), json=payload, verify=False) - print(r.status_code) - - def addreplicationrule(project, target, rulename, enable): - r = requests.get(url+"projects?name="+project+"", auth=("admin", "Harbor12345"), verify=False) - projectid = r.json()[0]['project_id'] - r = requests.get(url+"targets?name="+target+"", auth=("admin", "Harbor12345"), verify=False) - targetid = r.json()[0]['id'] - payload = {"project_id": projectid, "target_id": targetid, "name": ""+rulename+"", "enabled": enable} - r = requests.post(url+"policies/replication", auth=("admin", "Harbor12345"), json=payload, verify=False) - print(r.status_code) - - def updateprojectsetting(project, public): - r = requests.get(url+"projects?name="+project+"", auth=("admin", "Harbor12345"), verify=False) - projectid = str(r.json()[0]['project_id']) - payload = { - "public": public - } - r = requests.put(url+"projects/"+projectid+"/publicity", auth=("admin", "Harbor12345"), json=payload, verify=False) - print(r.status_code) - - def updatesystemsetting(emailfrom, emailhost, emailport, emailuser, creation, selfreg, token): - payload = { - "auth_mode": "db_auth", - "email_from": emailfrom, - "email_host": emailhost, - "email_port": emailport, - "email_identity": "string", - "email_username": emailuser, - "email_ssl": True, - "email_insecure": True, - "project_creation_restriction": creation, - "read_only": False, - "self_registration": selfreg, - "token_expiration": token, - "verify_remote_cert": True, - "scan_all_policy": { - "type": "none", - "parameter": { - "daily_time": 0 - } - } - } - r = requests.put(url+"configurations", auth=("admin", "Harbor12345"), json=payload) - print(r.status_code) - -class Vonedotthree: - def createproject(project_name): - r = requests.post(url+"projects", auth=("admin", "Harbor12345"), json={"project_name": ""+project_name+"", "metadata": {"public": "true"}}, verify=False) - print(r.status_code) - - def createuser(username): - payload = {"username":""+username+"", "email":""+username+"@vmware.com", "password":"Harbor12345", "realname":""+username+"", "commment":"string"} - r = requests.post(url+"users", auth=("admin", "Harbor12345"), json=payload, verify=False) - print(r.status_code) - - def setuseradmin(user): - r = requests.get(url+"users?username="+user+"", auth=("admin", "Harbor12345"), verify=False) - userid = str(r.json()[0]['user_id']) - r = requests.put(url+"users/"+userid+"/sysadmin", auth=("admin", "Harbor12345"), json={"has_admin_role": 1}, verify=False) - print(r.status_code) - - def addmember(project, user, role): - r = requests.get(url+"projects?name="+project+"", auth=("admin", "Harbor12345"), verify=False) - projectid = str(r.json()[0]['project_id']) - payload = {"roles": [role], "username":""+user+""} - r = requests.post(url+"projects/"+projectid+"/members", auth=("admin", "Harbor12345"), json=payload, verify=False) - print(r.status_code) - - def addendpoint(endpointurl, endpointname, username, password, insecure): - payload = {"endpoint": ""+endpointurl+"", "name": ""+endpointname+"", "username": ""+username+"", "password": ""+password+"", "insecure": insecure} - r = requests.post(url+"targets", auth=("admin", "Harbor12345"), json=payload, verify=False) - print(r.status_code) - - def addreplicationrule(project, target, rulename, enable): - r = requests.get(url+"projects?name="+project+"", auth=("admin", "Harbor12345"), verify=False) - projectid = r.json()[0]['project_id'] - r = requests.get(url+"targets?name="+target+"", auth=("admin", "Harbor12345"), verify=False) - targetid = r.json()[0]['id'] - payload = {"project_id": projectid, "target_id": targetid, "name": ""+rulename+"", "enabled": enable} - r = requests.post(url+"policies/replication", auth=("admin", "Harbor12345"), json=payload, verify=False) - print(r.status_code) - - def updateprojectsetting(project, contenttrust, preventrunning, preventseverity, scanonpush): - r = requests.get(url+"projects?name="+project+"", auth=("admin", "Harbor12345"), verify=False) - projectid = str(r.json()[0]['project_id']) - payload = { - "project_name": ""+project+"", - "metadata": { - "public": "True", - "enable_content_trust": contenttrust, - "prevent_vulnerable_images_from_running": preventrunning, - "prevent_vulnerable_images_from_running_severity": preventseverity, - "automatically_scan_images_on_push": scanonpush - } - } - r = requests.put(url+"projects/"+projectid+"", auth=("admin", "Harbor12345"), json=payload, verify=False) - print(r.status_code) - - def updatesystemsetting(emailfrom, emailhost, emailport, emailuser, creation, selfreg, token): - payload = { - "auth_mode": "db_auth", - "email_from": emailfrom, - "email_host": emailhost, - "email_port": emailport, - "email_identity": "string", - "email_username": emailuser, - "email_ssl": True, - "email_insecure": True, - "project_creation_restriction": creation, - "read_only": False, - "self_registration": selfreg, - "token_expiration": token, - "verify_remote_cert": True, - "scan_all_policy": { - "type": "none", - "parameter": { - "daily_time": 0 - } - } - } - r = requests.put(url+"configurations", auth=("admin", "Harbor12345"), json=payload) - print(r.status_code) - - def updaterepoinfo(reponame): - r = requests.put(url+"repositories/"+reponame+"", auth=("admin", "Harbor12345"), json={"description": "testdescription"}, verify=False) - print(r.status_code) - - -class Vonedotfour: - def createproject(project_name): - r = requests.post(url+"projects", auth=("admin", "Harbor12345"), json={"project_name": ""+project_name+"", "metadata": {"public": "true"}}, verify=False) - print(r.status_code) - - def createuser(username): - payload = {"username":""+username+"", "email":""+username+"@vmware.com", "password":"Harbor12345", "realname":""+username+"", "commment":"string"} - r = requests.post(url+"users", auth=("admin", "Harbor12345"), json=payload, verify=False) - print(r.status_code) - - def setuseradmin(user): - r = requests.get(url+"users?username="+user+"", auth=("admin", "Harbor12345"), verify=False) - userid = str(r.json()[0]['user_id']) - r = requests.put(url+"users/"+userid+"/sysadmin", auth=("admin", "Harbor12345"), json={"has_admin_role": 1}, verify=False) - print(r.status_code) - - def addmember(project, user, role): - r = requests.get(url+"projects?name="+project+"", auth=("admin", "Harbor12345"), verify=False) - projectid = str(r.json()[0]['project_id']) - payload = {"roles": [role], "username":""+user+""} - r = requests.post(url+"projects/"+projectid+"/members", auth=("admin", "Harbor12345"), json=payload, verify=False) - print(r.status_code) - - def addendpoint(endpointurl, endpointname, username, password, insecure): - payload = {"endpoint": ""+endpointurl+"", "name": ""+endpointname+"", "username": ""+username+"", "password": ""+password+"", "insecure": insecure} - r = requests.post(url+"targets", auth=("admin", "Harbor12345"), json=payload, verify=False) - print(r.status_code) - - def addreplicationrule(project, target, trigger, rulename): - r = requests.get(url+"projects?name="+project+"", auth=("admin", "Harbor12345"), verify=False) - projectid = r.json()[0]['project_id'] - r = requests.get(url+"targets?name="+target+"", auth=("admin", "Harbor12345"), verify=False) - targetid = r.json()[0]['id'] - payload = {"name": ""+rulename+"", "description": "string", "projects": [{"project_id": projectid,}], "targets": [{"id": targetid,}], "trigger": {"kind": ""+trigger+"", "schedule_param": {"type": "weekly", "weekday": 1, "offtime": 0}}} - r = requests.post(url+"policies/replication", auth=("admin", "Harbor12345"), json=payload, verify=False) - print(r.status_code) - - def updateprojectsetting(project, contenttrust, preventrunning, preventseverity, scanonpush): - r = requests.get(url+"projects?name="+project+"", auth=("admin", "Harbor12345"), verify=False) - projectid = str(r.json()[0]['project_id']) - payload = { - "project_name": ""+project+"", - "metadata": { - "public": "True", - "enable_content_trust": contenttrust, - "prevent_vulnerable_images_from_running": preventrunning, - "prevent_vulnerable_images_from_running_severity": preventseverity, - "automatically_scan_images_on_push": scanonpush - } - } - r = requests.put(url+"projects/"+projectid+"", auth=("admin", "Harbor12345"), json=payload, verify=False) - print(r.status_code) - - def updatesystemsetting(emailfrom, emailhost, emailport, emailuser, creation, selfreg, token): - payload = { - "auth_mode": "db_auth", - "email_from": emailfrom, - "email_host": emailhost, - "email_port": emailport, - "email_identity": "string", - "email_username": emailuser, - "email_ssl": True, - "email_insecure": True, - "project_creation_restriction": creation, - "read_only": False, - "self_registration": selfreg, - "token_expiration": token, - "verify_remote_cert": True, - "scan_all_policy": { - "type": "none", - "parameter": { - "daily_time": 0 - } - } - } - r = requests.put(url+"configurations", auth=("admin", "Harbor12345"), json=payload) - print(r.status_code) - - def updaterepoinfo(reponame): - r = requests.put(url+"repositories/"+reponame+"", auth=("admin", "Harbor12345"), json={"description": "testdescription"}, verify=False) - print(r.status_code) - - -class Vonedotfive: - def createproject(project_name): - r = requests.post(url+"projects", auth=("admin", "Harbor12345"), json={"project_name": ""+project_name+"", "metadata": {"public": "true"}}, verify=False) - print(r.status_code) - - def createuser(username): - payload = {"username":""+username+"", "email":""+username+"@vmware.com", "password":"Harbor12345", "realname":""+username+"", "commment":"string"} - r = requests.post(url+"users", auth=("admin", "Harbor12345"), json=payload, verify=False) - print(r.status_code) - - def setuseradmin(user): - r = requests.get(url+"users?username="+user+"", auth=("admin", "Harbor12345"), verify=False) - userid = str(r.json()[0]['user_id']) - r = requests.put(url+"users/"+userid+"/sysadmin", auth=("admin", "Harbor12345"), json={"has_admin_role": 1}, verify=False) - print(r.status_code) - - def addmember(project, user, role): - r = requests.get(url+"projects?name="+project+"", auth=("admin", "Harbor12345"), verify=False) - projectid = str(r.json()[0]['project_id']) - payload = {"role_id":role, "member_user":{"username":""+user+""}} - r = requests.post(url+"projects/"+projectid+"/members", auth=("admin", "Harbor12345"), json=payload, verify=False) - print(r.status_code) - - #def addlabeltotag(project, tag, label): - # r = requests.put() - - def addsyslabel(labelname): - payload = {"name": ""+labelname+"", "description":"string", "color":"string", "scope":"g"} - r = requests.post(url+"labels", auth=("admin", "Harbor12345"), json=payload, verify=False) - print(r.status_code) - - def addprojectlabel(project, label): - r = requests.get(url+"projects?name="+project+"", auth=("admin", "Harbor12345"), verify=False) - projectid = r.json()[0]['project_id'] - payload = {"name":""+label+"", "description": "string", "color": "string", "scope": "p", "project_id": projectid} - r = requests.post(url+"labels", auth=("admin", "Harbor12345"), json=payload, verify=False) - print(r.status_code) - - def addendpoint(endpointurl, endpointname, username, password, insecure): - payload = {"endpoint": ""+endpointurl+"", "name": ""+endpointname+"", "username": ""+username+"", "password": ""+password+"", "insecure": insecure} - r = requests.post(url+"targets", auth=("admin", "Harbor12345"), json=payload, verify=False) - print(r.status_code) - - def addreplicationrule(project, target, trigger, rulename): - r = requests.get(url+"projects?name="+project+"", auth=("admin", "Harbor12345"), verify=False) - projectid = r.json()[0]['project_id'] - r = requests.get(url+"targets?name="+target+"", auth=("admin", "Harbor12345"), verify=False) - targetid = r.json()[0]['id'] - payload = {"name": ""+rulename+"", "description": "string", "projects": [{"project_id": projectid,}], "targets": [{"id": targetid,}], "trigger": {"kind": ""+trigger+"", "schedule_param": {"type": "weekly", "weekday": 1, "offtime": 0}}} - r = requests.post(url+"policies/replication", auth=("admin", "Harbor12345"), json=payload, verify=False) - print(r.status_code) - - def updateprojectsetting(project, contenttrust, preventrunning, preventseverity, scanonpush): - r = requests.get(url+"projects?name="+project+"", auth=("admin", "Harbor12345"), verify=False) - projectid = str(r.json()[0]['project_id']) - payload = { - "project_name": ""+project+"", - "metadata": { - "public": "True", - "enable_content_trust": contenttrust, - "prevent_vulnerable_images_from_running": preventrunning, - "prevent_vulnerable_images_from_running_severity": preventseverity, - "automatically_scan_images_on_push": scanonpush - } - } - r = requests.put(url+"projects/"+projectid+"", auth=("admin", "Harbor12345"), json=payload, verify=False) - print(r.status_code) - - def updatesystemsetting(emailfrom, emailhost, emailport, emailuser, creation, selfreg, token): - payload = { - "auth_mode": "db_auth", - "email_from": emailfrom, - "email_host": emailhost, - "email_port": emailport, - "email_identity": "string", - "email_username": emailuser, - "email_ssl": True, - "email_insecure": True, - "project_creation_restriction": creation, - "read_only": False, - "self_registration": selfreg, - "token_expiration": token, - "verify_remote_cert": True, - "scan_all_policy": { - "type": "none", - "parameter": { - "daily_time": 0 - } - } - } - r = requests.put(url+"configurations", auth=("admin", "Harbor12345"), json=payload, verify=False) - print(r.status_code) - - def updaterepoinfo(reponame): - r = requests.put(url+"repositories/"+reponame+"", auth=("admin", "Harbor12345"), json={"description": "testdescription"}, verify=False) - print(r.status_code) - - -with open("testdata.json") as f: - data = json.load(f) - -def pullimage(*image): - for i in image: - os.system("docker pull "+i) - -def pushimage(image, project): - os.system("docker tag "+image+" "+host+"/"+project+"/"+image) - os.system("docker login "+host+" -u Admin"+" -p Harbor12345") - os.system("docker push "+host+"/"+project+"/"+image) - -def pushsigned(image, project, tag): - os.system("export DOCKER_CONTENT_TRUST=1;export DOCKER_CONTENT_TRUST_SERVER=https://"+host+":4443") - os.system("export NOTARY_ROOT_PASSPHARSE=Harbor12345;export NOTARY_TARGETS_PASSPHRASE=Harbor12345;export NOTARY_SNAPSHOT_PASSPHRASE=Harbor12345") - os.system("export DOCKER_CONTENT_TRUST_ROOT_PASSPHRASE=Harbor12345; export DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE=Harbor12345") - os.system("export DOCKER_CONTENT_TRUST_OFFLINE_PASSPHRASE=Harbor12345; export DOCKER_CONTENT_TRUST_TAGGING_PASSPHRASE=Harbor12345") - os.system("docker tag "+image+":"+tag+" "+host+"/"+project+"/"+image+":"+tag) - os.system("docker login "+host+" -u Admin"+" -p Harbor12345") - os.system("docker push "+host+"/"+project+"/"+image+":"+tag) - -def createonedotone(): - for user in data["users"]: - Vonedotone.createuser(user["name"]) - for user in data["admin"]: - Vonedotone.setuseradmin(user["name"]) - for project in data["projects"]: - Vonedotone.createproject(project["name"]) - for member in project["member"]: - Vonedotone.addmember(project["name"], member["name"], member["role"]) - pullimage("busybox", "redis", "haproxy", "alpine", "httpd:2") - pushimage("busybox", data["projects"][0]["name"]) - if protocol == "https": - pushsigned("alpine", data["projects"][0]["name"], "latest") - else: - print("http does not support notary") - - for endpoint in data["endpoint"]: - Vonedotone.addendpoint(endpoint["url"], endpoint["name"], endpoint["user"], endpoint["pass"], False) - for replicationrule in data["replicationrule"]: - Vonedotone.addreplicationrule(replicationrule["project"], replicationrule["endpoint"], replicationrule["rulename"], 0) - Vonedotone.updateprojectsetting(data["projects"][0]["name"], 1) - ef = data["configuration"]["emailsetting"]["emailfrom"] - eh = data["configuration"]["emailsetting"]["emailserver"] - ep = data["configuration"]["emailsetting"]["emailport"] - eu = data["configuration"]["emailsetting"]["emailuser"] - creation = data["configuration"]["projectcreation"] - Vonedotone.updatesystemsetting(ef, eh, ep, eu, creation) - -def createonedottwo(): - for user in data["users"]: - Vonedottwo.createuser(user["name"]) - for user in data["admin"]: - Vonedottwo.setuseradmin(user["name"]) - for project in data["projects"]: - Vonedottwo.createproject(project["name"]) - for member in project["member"]: - Vonedottwo.addmember(project["name"], member["name"], member["role"]) - pullimage("busybox", "redis", "haproxy", "alpine", "httpd:2") - pushimage("busybox", data["projects"][0]["name"]) - if protocol == "https": - pushsigned("alpine", data["projects"][0]["name"], "latest") - else: - print("http does not support notary") - - for endpoint in data["endpoint"]: - Vonedottwo.addendpoint(endpoint["url"], endpoint["name"], endpoint["user"], endpoint["pass"], False) - for replicationrule in data["replicationrule"]: - Vonedottwo.addreplicationrule(replicationrule["project"], replicationrule["endpoint"], replicationrule["rulename"], 0) - Vonedottwo.updateprojectsetting(data["projects"][0]["name"], 1) - ef = data["configuration"]["emailsetting"]["emailfrom"] - eh = data["configuration"]["emailsetting"]["emailserver"] - ep = float(data["configuration"]["emailsetting"]["emailport"]) - eu = data["configuration"]["emailsetting"]["emailuser"] - creation = data["configuration"]["projectcreation"] - token = data["configuration"]["token"] - selfreg = data["configuration"]["selfreg"] - Vonedottwo.updatesystemsetting(ef, eh, ep, eu, creation, selfreg, token) - -def createonedotthree(): - for user in data["users"]: - Vonedotthree.createuser(user["name"]) - for user in data["admin"]: - Vonedotthree.setuseradmin(user["name"]) - for project in data["projects"]: - Vonedotthree.createproject(project["name"]) - for member in project["member"]: - Vonedotthree.addmember(project["name"], member["name"], member["role"]) - pullimage("busybox", "redis", "haproxy", "alpine", "httpd:2") - pushimage("busybox", data["projects"][0]["name"]) - if protocol == "https": - pushsigned("alpine", data["projects"][0]["name"], "latest") - else: - print("http does not support notary") - - for endpoint in data["endpoint"]: - Vonedotthree.addendpoint(endpoint["url"], endpoint["name"], endpoint["user"], endpoint["pass"], False) - for replicationrule in data["replicationrule"]: - Vonedotthree.addreplicationrule(replicationrule["project"], replicationrule["endpoint"], replicationrule["rulename"], 0) - for project in data["projects"]: - ct = project["configuration"]["enable_content_trust"] - pr = project["configuration"]["prevent_vulnerable_images_from_running"] - prs = project["configuration"]["prevent_vlunerable_images_from_running_severity"] - sop = project["configuration"]["automatically_scan_images_on_push"] - print(ct, pr, prs, sop) - Vonedotthree.updateprojectsetting(project["name"], ct, pr, prs, sop) - ef = data["configuration"]["emailsetting"]["emailfrom"] - eh = data["configuration"]["emailsetting"]["emailserver"] - ep = float(data["configuration"]["emailsetting"]["emailport"]) - eu = data["configuration"]["emailsetting"]["emailuser"] - creation = data["configuration"]["projectcreation"] - token = data["configuration"]["token"] - selfreg = data["configuration"]["selfreg"] - Vonedotthree.updatesystemsetting(ef, eh, ep, eu, creation, selfreg, token) - -def createonedotfour(): - for user in data["users"]: - Vonedotfour.createuser(user["name"]) - for user in data["admin"]: - Vonedotfour.setuseradmin(user["name"]) - for project in data["projects"]: - Vonedotfour.createproject(project["name"]) - for member in project["member"]: - Vonedotfour.addmember(project["name"], member["name"], member["role"]) - pullimage("busybox", "redis", "haproxy", "alpine", "httpd:2") - pushimage("busybox", data["projects"][0]["name"]) - if protocol == "https": - pushsigned("alpine", data["projects"][0]["name"], "latest") - else: - print("http does not support notary") - - for endpoint in data["endpoint"]: - Vonedotfour.addendpoint(endpoint["url"], endpoint["name"], endpoint["user"], endpoint["pass"], False) - for replicationrule in data["replicationrule"]: - Vonedotfour.addreplicationrule(replicationrule["project"], replicationrule["endpoint"], replicationrule["trigger"], replicationrule["rulename"]) - for project in data["projects"]: - ct = project["configuration"]["enable_content_trust"] - pr = project["configuration"]["prevent_vulnerable_images_from_running"] - prs = project["configuration"]["prevent_vlunerable_images_from_running_severity"] - sop = project["configuration"]["automatically_scan_images_on_push"] - Vonedotfour.updateprojectsetting(project["name"], ct, pr, prs, sop) - ef = data["configuration"]["emailsetting"]["emailfrom"] - eh = data["configuration"]["emailsetting"]["emailserver"] - ep = float(data["configuration"]["emailsetting"]["emailport"]) - eu = data["configuration"]["emailsetting"]["emailuser"] - creation = data["configuration"]["projectcreation"] - token = data["configuration"]["token"] - selfreg = data["configuration"]["selfreg"] - Vonedotfour.updatesystemsetting(ef, eh, ep, eu, creation, selfreg, token) - - -def createonedotfive(): - for user in data["users"]: - Vonedotfive.createuser(user["name"]) - for user in data["admin"]: - Vonedotfive.setuseradmin(user["name"]) - for project in data["projects"]: - Vonedotfive.createproject(project["name"]) - for member in project["member"]: - Vonedotfive.addmember(project["name"], member["name"], member["role"]) - for label in project["labels"]: - Vonedotfive.addprojectlabel(project["name"], label["name"]) - for label in data["configuration"]["syslabel"]: - Vonedotfive.addsyslabel(label["name"]) - pullimage("busybox", "redis", "haproxy", "alpine", "httpd:2") - pushimage("busybox", data["projects"][0]["name"]) - if protocol == "https": - pushsigned("alpine", data["projects"][0]["name"], "latest") - else: - print("http does not support notary") - - for endpoint in data["endpoint"]: - Vonedotfive.addendpoint(endpoint["url"], endpoint["name"], endpoint["user"], endpoint["pass"], False) - for replicationrule in data["replicationrule"]: - Vonedotfive.addreplicationrule(replicationrule["project"], replicationrule["endpoint"], replicationrule["trigger"], replicationrule["rulename"]) - for project in data["projects"]: - ct = project["configuration"]["enable_content_trust"] - pr = project["configuration"]["prevent_vulnerable_images_from_running"] - prs = project["configuration"]["prevent_vlunerable_images_from_running_severity"] - sop = project["configuration"]["automatically_scan_images_on_push"] - Vonedotfive.updateprojectsetting(project["name"], ct, pr, prs, sop) - ef = data["configuration"]["emailsetting"]["emailfrom"] - eh = data["configuration"]["emailsetting"]["emailserver"] - ep = float(data["configuration"]["emailsetting"]["emailport"]) - eu = data["configuration"]["emailsetting"]["emailuser"] - creation = data["configuration"]["projectcreation"] - token = data["configuration"]["token"] - selfreg = data["configuration"]["selfreg"] - Vonedotfive.updatesystemsetting(ef, eh, ep, eu, creation, selfreg, token) - -if version == 1.1: - createdata = Vonedotone() - createonedotone() -elif version == 1.2: - createdata = Vonedottwo() - createonedottwo() -elif version == 1.3: - createdata = Vonedotthree() - createonedotthree() -elif version == 1.4: - createdata = Vonedotfour() - createonedotfour() -elif version == 1.5: - createdata = Vonedotfive() - createonedotfive() -else: - print("version not supported") - - - diff --git a/tests/robot-cases/Group13-Upgrade/verify.robot b/tests/robot-cases/Group13-Upgrade/verify.robot new file mode 100644 index 000000000..2a3fc21a4 --- /dev/null +++ b/tests/robot-cases/Group13-Upgrade/verify.robot @@ -0,0 +1,21 @@ +*** Settings *** +Documentation Harbor BATs +Resource ../../resources/Util.robot +Default Tags Nightly + +*** Variables *** +${HARBOR_URL} https://${ip} +${HARBOR_ADMIN} admin + +*** Test Cases *** +Test Case - Upgrade Verify + ${data}= Load Json From File ${CURDIR}${/}testdata.json + Run Keyword Verify User ${data} + Run Keyword Verify Project ${data} + Run Keyword Verify Member Exist ${data} + Run Keyword Verify User System Admin Role ${data} + Run Keyword Verify Endpoint ${data} + Run Keyword Verify Replicationrule ${data} + Run Keyword Verify Project Setting ${data} + Run Keyword Verify System Setting ${data} + Run Keyword Verify Image Tag ${data} \ No newline at end of file