Add scripts to verify Harbor DB migration

This commit is contained in:
wangyan 2018-07-25 02:46:09 -07:00
parent 43774df6f3
commit 5edd408d07
9 changed files with 561 additions and 830 deletions

View File

@ -1,150 +1,171 @@
*** settings *** *** settings ***
Library JSONLibrary
Resource ../../resources/Util.robot Resource ../../resources/Util.robot
*** Keywords *** *** Keywords ***
#for jsonpath refer to http://goessner.net/articles/JsonPath/ or https://nottyo.github.io/robotframework-jsonlibrary/JSONLibrary.html #for jsonpath refer to http://goessner.net/articles/JsonPath/ or https://nottyo.github.io/robotframework-jsonlibrary/JSONLibrary.html
${json}= Load Json From File testdata.json
Verify User Verify User
@{user}= Get Value From Json ${json} $.users..name [Arguments] ${json}
#verify user exist Init Chrome Driver
Sign In Harbor ${HARBOR_URL} %{HARBOR_ADMIN} %{HARBOR_PASSWORD} Sign In Harbor ${HARBOR_URL} ${HARBOR_ADMIN} ${HARBOR_PASSWORD}
Switch To User Tag Switch To User Tag
:For ${user} In @{user} @{user}= Get Value From Json ${json} $.users..name
\ Page Should Contain ${user} :FOR ${user} IN @{user}
\ Page Should Contain ${user}
Logout Harbor Logout Harbor
#verify user can login #verify user can login
:For ${user} In @{user} @{user}= Get Value From Json ${json} $.users..name
\ Sign In Harbor ${HARBOR_URL} ${user} %{HARBOR_PASSWORD} :FOR ${user} IN @{user}
\ Sign In Harbor ${HARBOR_URL} ${user} ${HARBOR_PASSWORD}
\ Logout Harbor \ Logout Harbor
Close Browser
Verify Project Verify Project
[Arguments] ${json}
@{project}= Get Value From Json ${json} $.projects.[*].name @{project}= Get Value From Json ${json} $.projects.[*].name
Sign In Harbor ${HARBOR_URL} %{HARBOR_ADMIN} %{HARBOR_PASSWORD} Init Chrome Driver
:For ${project} In @{project} Sign In Harbor ${HARBOR_URL} ${HARBOR_ADMIN} ${HARBOR_PASSWORD}
\ Page Should Contain ${project} :FOR ${project} IN @{project}
\ Page Should Contain ${project}
Close Browser
Verify Image Tag Verify Image Tag
[Arguments] ${json}
@{project}= Get Value From Json ${json} $.projects.[*].name @{project}= Get Value From Json ${json} $.projects.[*].name
Sign In Harbor ${HARBOR_URL} %{HARBOR_ADMIN} %{HARBOR_PASSWORD} Init Chrome Driver
:For ${project} In @{projects} Sign In Harbor ${HARBOR_URL} ${HARBOR_ADMIN} ${HARBOR_PASSWORD}
\ Go Into Project ${project} :FOR ${project} IN @{project}
\ Go Into Project ${project}
\ @{repo}= Get Value From Json ${json} $.projects[?(@name=${project})]..repo..name \ @{repo}= Get Value From Json ${json} $.projects[?(@name=${project})]..repo..name
\ @{tag}= Get Value From Json ${json} $.projects[?(@name=${project})]..repo..tag \ Loop Image Repo @{repo}
\ :For ${repo} In @{repo} \ Back To Projects
\ \ Go Into Repo ${repo} Close Browser
\ \ :For ${tag} In @{tag}
\ \ \ Page Should Contain ${tag} Loop Image Repo
\ \ \ Back To Projects [Arguments] @{repo}
:For ${repo} In @{repo}
\ Page Should Contain ${repo}
Verify Member Exist Verify Member Exist
[Arguments] ${json}
@{project}= Get Value From Json ${json} $.projects.[*].name @{project}= Get Value From Json ${json} $.projects.[*].name
Sign In Harbor ${HARBOR_URL} %{HARBOR_ADMIN} %{HAROBR_PASSWORD} Init Chrome Driver
:For ${project} In @{project} Sign In Harbor ${HARBOR_URL} ${HARBOR_ADMIN} ${HARBOR_PASSWORD}
\ Go Into Project ${projet} :For ${project} In @{project}
\ Go Into Project ${project}
\ Switch To Member \ Switch To Member
\ @{members}= Get Value From Json ${json} $.projects[?(@name=${project})].member..name \ @{members}= Get Value From Json ${json} $.projects[?(@name=${project})].member..name
\ :For ${member} In @{members} \ Loop Member @{members}
\ \ Page Should Contain ${member}
\ Back To Projects \ Back To Projects
Close Browser
Loop Member
[Arguments] @{members}
:For ${member} In @{members}
\ Page Should Contain ${member}
Verify User System Admin Role Verify User System Admin Role
[Arguments] ${json}
@{user}= Get Value From Json ${json} $.admin..name @{user}= Get Value From Json ${json} $.admin..name
:For ${user} in @{user} Init Chrome Driver
\ Sign In Harbor ${HARBOR_URL} ${user} %{HARBOR_PASSWORD} :FOR ${user} IN @{user}
\ Sign In Harbor ${HARBOR_URL} ${user} ${HARBOR_PASSWORD}
\ Page Should Contain Administration \ Page Should Contain Administration
\ Logout Harbor \ Logout Harbor
Close Browser
Verify System Label Verify System Label
[Arguments] ${json}
@{label}= Get Value From Json ${json} $..syslabel..name @{label}= Get Value From Json ${json} $..syslabel..name
Sign In Harbor ${HAROBR_URL} %{HAROBR_ADMIN} %{HAROBR_PASSWORD} Init Chrome Driver
Sign In Harbor ${HARBOR_URL} ${HARBOR_ADMIN} ${HARBOR_PASSWORD}
Switch To Configure Switch To Configure
Switch To System Labels Switch To System Labels
:For ${label} In @{label} :For ${label} In @{label}
\ Page Should Contain ${label} \ Page Should Contain ${label}
Close Browser
Verify Project Label Verify Project Label
[Arguments] ${json}
@{project}= Get Value From Json ${json} $.peoject.[*].name @{project}= Get Value From Json ${json} $.peoject.[*].name
Sign In Harbor ${HAROBR_URL} %{HAROBR_ADMIN} %{HAROBR_PASSWORD} Init Chrome Driver
:For ${project} In @{project} Sign In Harbor ${HARBOR_URL} ${HARBOR_ADMIN} ${HARBOR_PASSWORD}
:For ${project} In @{project}
\ Go Into Project ${project} \ Go Into Project ${project}
\ Switch To Project Label \ Switch To Project Label
\ @{projectlabel}= Get Value From Json ${json} $.projects[?(@.name=${project})]..labels..name \ @{projectlabel}= Get Value From Json ${json} $.projects[?(@.name=${project})]..labels..name
\ :For ${label} In @{projectlabel} \ :For ${label} In @{label}
\ \ Page Should Contain ${projectlabel} \ \ Page Should Contain ${projectlabel}
\ Back To Projects \ Back To Projects
Close Browser
Verify Endpoint Verify Endpoint
[Arguments] ${json}
@{endpoint}= Get Value From Json ${json} $.endpoint..name @{endpoint}= Get Value From Json ${json} $.endpoint..name
Sign In Harbor ${HAROBR_URL} %{HAROBR_ADMIN} %{HAROBR_PASSWORD} Init Chrome Driver
Sign In Harbor ${HARBOR_URL} ${HARBOR_ADMIN} ${HARBOR_PASSWORD}
Switch To Registries Switch To Registries
:For ${endpoint} In @{endpoint} :For ${endpoint} In @{endpoint}
\ Page Should Contain ${endpoint} \ Page Should Contain ${endpoint}
Close Browser
Verify Replicationrule Verify Replicationrule
[Arguments] ${json}
@{replicationrule}= Get Value From Json ${json} $.replicationrule..name @{replicationrule}= Get Value From Json ${json} $.replicationrule..name
Sign In Harbor ${HAROBR_URL} %{HAROBR_ADMIN} %{HAROBR_PASSWORD} Init Chrome Driver
Switch To System Replication Sign In Harbor ${HARBOR_URL} ${HARBOR_ADMIN} ${HARBOR_PASSWORD}
:For ${replicationrule} In @{replicationrule} Switch To Replication Manage
\ Page Should Contain ${replicationrule} :For ${replicationrule} IN @{replicationrule}
\ Page Should Contain ${replicationrule}
Close Browser
Verify Project Setting Verify Project Setting
[Arguments] ${json}
@{projects}= Get Value From Json ${json} $.projects.[*].name @{projects}= Get Value From Json ${json} $.projects.[*].name
:For ${project} In @{projects} :For ${project} In @{Projects}
\ ${public}= Get Value From Json ${json} $.projects[?(@.name=${projectname})].accesslevel \ ${public}= Get Value From Json ${json} $.projects[?(@.name=${project})].accesslevel
\ ${contenttrust}= Get Value From Json ${json} $.projects[?(@.name=${projectname})]..enable_content_trust \ ${contenttrust}= Get Value From Json ${json} $.projects[?(@.name=${project})]..enable_content_trust
\ ${preventrunning}= Get Value From Json ${json} $.projects[?(@.name=${projectname})]..prevent_vulnerable_images_from_running \ ${preventrunning}= Get Value From Json ${json} $.projects[?(@.name=${project})]..prevent_vulnerable_images_from_running
\ ${scanonpush}= Get Value From Json ${json} $.projects[?(@.name=${projectname})]..automatically_scan_images_on_push \ ${scanonpush}= Get Value From Json ${json} $.projects[?(@.name=${project})]..automatically_scan_images_on_push
\ Sign In Harbor ${HAROBR_URL} %{HAROBR_ADMIN} %{HAROBR_PASSWORD} \ Init Chrome Driver
\ Sign In Harbor ${HARBOR_URL} ${HARBOR_ADMIN} ${HARBOR_PASSWORD}
\ Go Into Project ${project} \ Go Into Project ${project}
\ Goto Project Config \ Goto Project Config
\ Run Keyword If ${public} == "public" \ Run Keyword If ${public} == "public" Checkbox Should Be Checked //clr-checkbox[@name='public']//label
\ Checkbox Should Be Checked //clr-checkbox[@name='public']//label \ Run Keyword If ${contenttrust} == "true" Checkbox Should Be Checked //clr-checkbox[@name='content-trust']//label
\ Else \ Run Keyword If ${contenttrust} == "false" Checkbox Should Not Be Checked //clr-checkbox[@name='content-trust']//label
\ Checkbox Should Not Be Checked //clr-checkbox[@name='public']//label \ Run Keyword If ${preventrunning} == "true" Checkbox Should Be Checked //clr-checkbox[@name='prevent-vulenrability-image']//label
\ Run Keyword If ${contenttrust} == "true" \ Run Keyword If ${preventrunning} == "false" Checkbox Should Not Be Checked //clr-checkbox[@name='prevent-vulenrability-image']//label
\ Checkbox Should Be Checked //clr-checkbox[@name='content-trust']//label \ Run Keyword If ${scanonpush} == "true" Checkbox Should Be Checked //clr-checkbox[@name='scan-image-on-push']//label
\ Else \ Run Keyword If ${scanonpush} == "true" Checkbox Should Not Be Checked //clr-checkbox[@name='scan-image-on-push']//label
\ Checkbox Should Not Be Checked //clr-checkbox[@name='content-trust']//label \ Close Browser
\ Run Keyword If ${preventrunning} == "true"
\ Checkbox Should Be Checked //clr-checkbox[@name='prevent-vulenrability-image']//label
\ #verify level?page should not contain disabled element
\ Else
\ Checkbox Should Not Be Checked //clr-checkbox[@name='prevent-vulenrability-image']//label
\ #Page Should Contain a disabled element
\ Run Keyword If ${scanonpush} == "true"
\ Checkbox Should Be Checked //clr-checkbox[@name='scan-image-on-push']//label
\ Else
\ Checkbox Should Not Be Checked //clr-checkbox[@name='scan-image-on-push']//label
\ Back To Projects
Verify System Setting Verify System Setting
${authtype}= Get Value From Json ${json} $.configuration.authmode [Arguments] ${json}
${creation}= Get Value From Json ${json} $.configuration..projectcreation @{authtype}= Get Value From Json ${json} $.configuration.authmode
${selfreg}= Get Value From Json ${json} $.configuration..selfreg @{creation}= Get Value From Json ${json} $.configuration..projectcreation
${emailserver}= Get Value From Json ${json} $.configuration..emailserver @{selfreg}= Get Value From Json ${json} $.configuration..selfreg
${emailport}= Get Value From Json ${json} $.configuration..emailport @{emailserver}= Get Value From Json ${json} $.configuration..emailserver
${emailuser}= Get Value From Json ${json} $.configuration..emailuser @{emailport}= Get Value From Json ${json} $.configuration..emailport
${emailfrom}= Get Value From Json ${json} $.configuration..emailfrom @{emailuser}= Get Value From Json ${json} $.configuration..emailuser
${token}= Get Value From Json ${json} $.configuration..token @{emailfrom}= Get Value From Json ${json} $.configuration..emailfrom
${scanschedule}= Get Value From Json ${json} $.configuration..scanall @{token}= Get Value From Json ${json} $.configuration..token
Sign In Harbor ${HARBOR_URL} %{HARBOR_ADMIN} %{HARBOR_PASSWORD} @{scanschedule}= Get Value From Json ${json} $.configuration..scanall
Init Chrome Driver
Sign In Harbor ${HARBOR_URL} ${HARBOR_ADMIN} ${HARBOR_PASSWORD}
Switch To Configure Switch To Configure
Page Should Contain ${authtype} Page Should Contain @{authtype}[0]
Run Keyword If ${selfreg} == "True" Run Keyword If @{selfreg}[0] == "True" Checkbox Should Be Checked //clr-checkbox[@id='selfReg']//label
Checkbox Should Be Checked //clr-checkbox[@id='selfReg']//label Run Keyword If @{selfreg}[0] == "False" Checkbox Should Not Be Checked //clr-checkbox[@id='selfReg']//label
Else Page Should Contain @{creation}[0]
Checkbox Should Not Be Checked //clr-checkbox[@id='selfReg']//label
Page Should Contain ${creation}
Switch To Email Switch To Email
Page Should Contain ${emailserver} Textfield Value Should Be xpath=//*[@id="mailServer"] @{emailserver}[0]
Page Should Contain ${emailport} Textfield Value Should Be xpath=//*[@id="emailPort"] @{emailport}[0]
Page Should Contain ${emailuser} Textfield Value Should Be xpath=//*[@id="emailUsername"] @{emailuser}[0]
Page Should Contain ${emailfrom} Textfield Value Should Be xpath=//*[@id="emailFrom"] @{emailfrom}[0]
Switch To System Settings Switch To System Settings
Page Should Contain ${token} Token Must Be Match @{token}[0]
Go To Vulnerability Config Go To Vulnerability Config
Page Should Contain ${scanschedule} Page Should Contain None
Close Browser

View File

@ -21,6 +21,7 @@ Library Process
Library SSHLibrary 1 minute Library SSHLibrary 1 minute
Library DateTime Library DateTime
Library Selenium2Library 10 10 Library Selenium2Library 10 10
Library JSONLibrary
Resource Nimbus-Util.robot Resource Nimbus-Util.robot
Resource Vsphere-Util.robot Resource Vsphere-Util.robot
Resource VCH-Util.robot Resource VCH-Util.robot
@ -47,6 +48,7 @@ Resource Harbor-Pages/ToolKit.robot
Resource Harbor-Pages/ToolKit_Elements.robot Resource Harbor-Pages/ToolKit_Elements.robot
Resource Harbor-Pages/Vulnerability.robot Resource Harbor-Pages/Vulnerability.robot
Resource Harbor-Pages/LDAP-Mode.robot Resource Harbor-Pages/LDAP-Mode.robot
Resource Harbor-Pages/Verify.robot
Resource Docker-Util.robot Resource Docker-Util.robot
Resource Admiral-Util.robot Resource Admiral-Util.robot
Resource OVA-Util.robot Resource OVA-Util.robot

View File

@ -1,30 +0,0 @@
*** Settings ***
Documentation Harbor BATs
Resource ../../resources/Util.robot
Suite Setup Nightly Test Setup ${ip} ${SSH_PWD} ${HARBOR_PASSWORD} ${ip1}
Suite Teardown Collect Nightly Logs ${ip} ${SSH_PWD} ${ip1}
Default Tags Nightly
*** Variables ***
${HARBOR_URL} https://${ip}
${SSH_USER} root
${HARBOR_ADMIN} admin
*** test case ***
Verify Data
#get version from extenal argument
Convert To Float ${version}
Run Keyword If ${version}==1.1
Run Keywords Verify User Verify Project Verify Member Exist Verify Image Tag Verify Endpoint Verify Replicationrule
Else If ${version}==1.2
Run Keywords Verify User Verify Project Verify Member Exist Verify Image Tag Verify Endpoint Verify Replicationrule
Else If ${version}==1.3
Run Keywords Verify User Verify Project Verify Member Exist Verify Image Tag Verify Endpoint Verify Replicationrule Verify System Setting Verify Project Setting
Else If ${version}==1.4
Run Keywords Verify User Verify Project Verify Member Exist Verify Image Tag Verify Endpoint Verify Replicationrule Verify System Setting Verify Project Setting
Else If ${version}==1.5
Run Keywords Verify User Verify Project Verify Member Exist Verify Image Tag Verify Endpoint Verify Replicationrule Verify System Setting Verify Project Setting Verify Project Label Verify Syslabel
Else
Log To Consle "Version Not Supported"

View File

@ -0,0 +1,212 @@
{
"users":[
{
"name":"user1"
},
{
"name":"user2"
},
{
"name":"user3"
},
{
"name":"user4"
},
{
"name":"user5"
}
],
"admin":[
{
"name":"user1",
"has_admin":true
},
{
"name":"user2",
"has_admin":true
}
],
"endpoint":[
{
"url":"http://url",
"name":"endpoint1",
"user":"endpointuser",
"pass":"endpointpass"
}
],
"replicationrule":[
{
"project":"project1",
"endpoint":"endpoint1",
"trigger":"Manual",
"rulename":"rulename"
},
{
"project":"library",
"endpoint":"endpoint1",
"trigger":"Manual",
"rulename":"rulelibrary"
}
],
"configuration":{
"authmode":"Database",
"projectcreation":"everyone",
"selfreg":false,
"emailsetting":{
"emailserver":"emailserver",
"emailport":"2220",
"emailuser":"emailuser",
"emailfrom":"emailfrom",
"emailssl":false,
"verifycert":false
},
"token":"40",
"readonly":false,
"scanall":{
"type":"none",
"param":{
"daily":0
}
},
"syslabel":[
{
"name":"label1"
},
{
"name":"label2"
},
{
"name":"label3"
},
{
"name":"label4"
},
{
"name":"label5"
},
{
"name":"label6"
}
]
},
"projects":[
{
"name":"project1",
"accesslevel":"public",
"repocounts":2,
"repo":[
{
"name":"busybox",
"tag":"latest",
"signed":"False"
},
{
"name":"alpine",
"tag":"latest",
"signed":"True"
}
],
"member":[
{
"name":"user1",
"role":1
},
{
"name":"user2",
"role":2
},
{
"name":"user3",
"role":3
}
],
"replications":{
"rulename":"ruleproject1",
"endpointname":"endpoint1",
"trigger":"Manual"
},
"labels":[
{
"name":"proj1label1"
},
{
"name":"proj1label2"
},
{
"name":"proj1label3"
}
],
"logs":[
{
"name":"admin",
"operation":"create"
}
],
"configuration":{
"enable_content_trust":"true",
"automatically_scan_images_on_push":"true",
"prevent_vulnerable_images_from_running":"true",
"prevent_vlunerable_images_from_running_severity":"High"
}
},
{
"name":"project2",
"accesslevel":"public",
"repocounts":2,
"repo":[
{
"name":"busybox",
"tag":"latest",
"signed":"False"
},
{
"name":"alpine",
"tag":"latest",
"signed":"True"
}
],
"member":[
{
"name":"user1",
"role":1
},
{
"name":"user2",
"role":2
},
{
"name":"user3",
"role":3
}
],
"replications":{
"rulename":"rulename1",
"endpointname":"endpoint1",
"trigger":"Manual"
},
"labels":[
{
"name":"proj2label1"
},
{
"name":"proj2label2"
},
{
"name":"proj2label3"
}
],
"logs":[
{
"name":"admin",
"operation":"create"
}
],
"configuration":{
"enable_content_trust":"True",
"automatically_scan_images_on_push":"True",
"prevent_vulnerable_images_from_running":"True",
"prevent_vlunerable_images_from_running_severity":"High"
}
}
]
}

View File

@ -0,0 +1,185 @@
import os
import json
import argparse
import requests
from requests.packages.urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
parser = argparse.ArgumentParser(description='The script to generate data for harbor v1.4.0')
parser.add_argument('--endpoint', '-e', dest='endpoint', required=True, help='The endpoint to harbor')
args = parser.parse_args()
url = "https://"+args.endpoint+"/api/"
print url
class HarborAPI:
def create_project(self, project_name):
r = requests.post(url+"projects", auth=("admin", "Harbor12345"), json={"project_name": ""+project_name+"", "metadata": {"public": "true"}}, verify=False)
print(r.status_code)
def create_user(self, username):
payload = {"username":username, "email":username+"@vmware.com", "password":"Harbor12345", "realname":username, "commment":"string"}
r = requests.post(url+"users", auth=("admin", "Harbor12345"), json=payload, verify=False)
print(r.status_code)
def set_user_admin(self, user):
r = requests.get(url+"users?username="+user+"", auth=("admin", "Harbor12345"), verify=False)
userid = str(r.json()[0]['user_id'])
r = requests.put(url+"users/"+userid+"/sysadmin", auth=("admin", "Harbor12345"), json={"has_admin_role": 1}, verify=False)
print(r.status_code)
def add_member(self, project, user, role):
r = requests.get(url+"projects?name="+project+"", auth=("admin", "Harbor12345"), verify=False)
projectid = str(r.json()[0]['project_id'])
payload = {"roles": [role], "username":""+user+""}
r = requests.post(url+"projects/"+projectid+"/members", auth=("admin", "Harbor12345"), json=payload, verify=False)
print(r.status_code)
def add_endpoint(self, endpointurl, endpointname, username, password, insecure):
payload = {"endpoint": ""+endpointurl+"", "name": ""+endpointname+"", "username": ""+username+"", "password": ""+password+"", "insecure": insecure}
r = requests.post(url+"targets", auth=("admin", "Harbor12345"), json=payload, verify=False)
print(r.status_code)
def add_replication_rule(self, project, target, trigger, rulename):
r = requests.get(url+"projects?name="+project+"", auth=("admin", "Harbor12345"), verify=False)
projectid = r.json()[0]['project_id']
r = requests.get(url+"targets?name="+target+"", auth=("admin", "Harbor12345"), verify=False)
targetid = r.json()[0]['id']
payload = {"name": ""+rulename+"", "description": "string", "projects": [{"project_id": projectid,}], "targets": [{"id": targetid,}], "trigger": {"kind": ""+trigger+"", "schedule_param": {"type": "weekly", "weekday": 1, "offtime": 0}}}
r = requests.post(url+"policies/replication", auth=("admin", "Harbor12345"), json=payload, verify=False)
print(r.status_code)
def update_project_setting(self, project, contenttrust, preventrunning, preventseverity, scanonpush):
r = requests.get(url+"projects?name="+project+"", auth=("admin", "Harbor12345"), verify=False)
projectid = str(r.json()[0]['project_id'])
payload = {
"project_name": ""+project+"",
"metadata": {
"public": "True",
"enable_content_trust": contenttrust,
"prevent_vulnerable_images_from_running": preventrunning,
"prevent_vulnerable_images_from_running_severity": preventseverity,
"automatically_scan_images_on_push": scanonpush
}
}
r = requests.put(url+"projects/"+projectid+"", auth=("admin", "Harbor12345"), json=payload, verify=False)
print(r.status_code)
def update_systemsetting(self, emailfrom, emailhost, emailport, emailuser, creation, selfreg, token):
payload = {
"auth_mode": "db_auth",
"email_from": emailfrom,
"email_host": emailhost,
"email_port": emailport,
"email_identity": "string",
"email_username": emailuser,
"email_ssl": True,
"email_insecure": True,
"project_creation_restriction": creation,
"read_only": False,
"self_registration": selfreg,
"token_expiration": token,
"verify_remote_cert": True,
"scan_all_policy": {
"type": "none",
"parameter": {
"daily_time": 0
}
}
}
r = requests.put(url+"configurations", auth=("admin", "Harbor12345"), json=payload, verify=False)
print(r.status_code)
def update_repoinfo(self, reponame):
r = requests.put(url+"repositories/"+reponame+"", auth=("admin", "Harbor12345"), json={"description": "testdescription"}, verify=False)
print(r.status_code)
def get_ca(self, target='/harbor/ca/ca.crt'):
ca_content = request(args.endpoint, '/systeminfo/getcert', 'get', "admin", "Harbor12345")
ca_path = '/harbor/ca'
if not os.path.exists(ca_path):
try:
os.makedirs(ca_path)
except Exception, e:
pass
open(target, 'wb').write(ca_content)
def request(harbor_endpoint, url, method, user, pwd, **kwargs):
url = "https://" + harbor_endpoint + "/api" + url
kwargs.setdefault('headers', kwargs.get('headers', {}))
kwargs['headers']['Accept'] = 'application/json'
if 'body' in kwargs:
kwargs['headers']['Content-Type'] = 'application/json'
kwargs['data'] = json.dumps(kwargs['body'])
del kwargs['body']
resp = requests.request(method, url, verify=False, auth=(user, pwd), **kwargs)
if resp.status_code >= 400:
raise Exception("Error: %s" % resp.text)
try:
body = json.loads(resp.text)
except ValueError:
body = resp.text
return body
with open("data.json") as f:
data = json.load(f)
def pull_image(*image):
for i in image:
os.system("docker pull "+i)
def push_image(image, project):
os.system("docker tag "+image+" "+args.endpoint+"/"+project+"/"+image)
os.system("docker login "+args.endpoint+" -u Admin"+" -p Harbor12345")
os.system("docker push "+args.endpoint+"/"+project+"/"+image)
def push_signed_image(image, project, tag):
os.system("./sign_image.sh" + " " + args.endpoint + " " + project + " " + image + " " + tag)
def do_data_creation():
harborAPI = HarborAPI()
harborAPI.get_ca()
for user in data["users"]:
harborAPI.create_user(user["name"])
for user in data["admin"]:
harborAPI.set_user_admin(user["name"])
for project in data["projects"]:
harborAPI.create_project(project["name"])
for member in project["member"]:
harborAPI.add_member(project["name"], member["name"], member["role"])
pull_image("busybox", "redis", "haproxy", "alpine", "httpd:2")
push_image("busybox", data["projects"][0]["name"])
push_signed_image("alpine", data["projects"][0]["name"], "latest")
for endpoint in data["endpoint"]:
harborAPI.add_endpoint(endpoint["url"], endpoint["name"], endpoint["user"], endpoint["pass"], False)
for replicationrule in data["replicationrule"]:
harborAPI.add_replication_rule(replicationrule["project"],
replicationrule["endpoint"], replicationrule["trigger"],
replicationrule["rulename"])
for project in data["projects"]:
harborAPI.update_project_setting(project["name"],
project["configuration"]["enable_content_trust"],
project["configuration"]["prevent_vulnerable_images_from_running"],
project["configuration"]["prevent_vlunerable_images_from_running_severity"],
project["configuration"]["automatically_scan_images_on_push"])
harborAPI.update_systemsetting(data["configuration"]["emailsetting"]["emailfrom"],
data["configuration"]["emailsetting"]["emailserver"],
float(data["configuration"]["emailsetting"]["emailport"]),
data["configuration"]["emailsetting"]["emailuser"],
data["configuration"]["projectcreation"],
data["configuration"]["selfreg"],
float(data["configuration"]["token"]))
do_data_creation()

View File

@ -0,0 +1,29 @@
#!/bin/bash
docker pull $3:$4
IP=$1
PASSHRASE='Harbor12345'
echo $IP
mkdir -p /etc/docker/certs.d/$IP/
mkdir -p ~/.docker/tls/$IP:4443/
cp /harbor/ca/ca.crt /etc/docker/certs.d/$IP/
cp /harbor/ca/ca.crt ~/.docker/tls/$IP:4443/
export DOCKER_CONTENT_TRUST=1
export DOCKER_CONTENT_TRUST_SERVER=https://$IP:4443
export NOTARY_ROOT_PASSPHRASE=$PASSHRASE
export NOTARY_TARGETS_PASSPHRASE=$PASSHRASE
export NOTARY_SNAPSHOT_PASSPHRASE=$PASSHRASE
export DOCKER_CONTENT_TRUST_ROOT_PASSPHRASE=$PASSHRASE
export DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE=$PASSHRASE
export DOCKER_CONTENT_TRUST_OFFLINE_PASSPHRASE=$PASSHRASE
export DOCKER_CONTENT_TRUST_TAGGING_PASSPHRASE=$PASSHRASE
docker login -u admin -p Harbor12345 $IP
docker tag $3:$4 $IP/$2/$3:$4
docker push $IP/$2/$3:$4

View File

@ -1,75 +0,0 @@
{"users":[
{"name": "user1"},
{"name": "user2"},
{"name": "user3"},
{"name": "user4"},
{"name": "user5"}
],
"admin":[
{"name": "user1", "has_admin": true},
{"name": "user2", "has_admin": true}
],
"endpoint":[{"url": "http://url", "name": "endpoint1", "user": "endpointuser", "pass": "endpointpass"}],
"replicationrule":[
{"project": "project1", "endpoint": "endpoint1", "trigger": "Manual", "rulename": "rulename"},
{"project": "library", "endpoint": "endpoint1", "trigger": "Manual", "rulename": "rulelibrary"}
],
"configuration": {"authmode": "Database", "projectcreation": "everyone", "selfreg": false,
"emailsetting":{"emailserver": "emailserver", "emailport": "2220", "emailuser": "emailuser", "emailfrom": "emailfrom", "emailssl": false, "verifycert": false},
"token": 30, "readonly": false,
"scanall": {"type": "none", "param":{"daily": 0}},
"syslabel":[
{"name": "label1"},
{"name": "label2"},
{"name": "label3"},
{"name": "label4"},
{"name": "label5"},
{"name": "label6"}
]
},
"projects":[
{"name": "project1",
"accesslevel": "public",
"repocounts": 2,
"repo": [
{"name": "busybox", "tag": "latest", "signed": "False"},
{"name": "alpine", "tag": "latest", "signed": "True"}
],
"member":[
{"name": "user1", "role": 1},
{"name": "user2", "role": 2},
{"name": "user3", "role": 3}
],
"replications": {"rulename": "ruleproject1", "endpointname": "endpoint1", "trigger": "Manual"},
"labels": [{"name": "proj1label1"},{"name": "proj1label2"},{"name": "proj1label3"}],
"logs": [{"name": "admin", "operation": "create"}],
"configuration": {"enable_content_trust": "true",
"automatically_scan_images_on_push": "true",
"prevent_vulnerable_images_from_running": "true",
"prevent_vlunerable_images_from_running_severity": "High"
}
},
{"name": "project2",
"accesslevel": "public",
"repocounts": 2,
"repo": [
{"name": "busybox", "tag": "latest", "signed": "False"},
{"name": "alpine", "tag": "latest", "signed": "True"}
],
"member":[
{"name": "user1", "role": 1},
{"name": "user2", "role": 2},
{"name": "user3", "role": 3}
],
"replications": {"rulename": "rulename1", "endpointname": "endpoint1", "trigger": "Manual"},
"labels": [{"name": "proj2label1"},{"name": "proj2label2"},{"name": "proj2label3"}],
"logs": [{"name": "admin", "operation": "create"}],
"configuration": {"enable_content_trust": "True",
"automatically_scan_images_on_push": "True",
"prevent_vulnerable_images_from_running": "True",
"prevent_vlunerable_images_from_running_severity": "High"
}
}
]
}

View File

@ -1,634 +0,0 @@
import os
import json
import argparse
import requests
#usage: testupgrade.py host version
parser = argparse.ArgumentParser()
parser.add_argument('x')
#
parser.add_argument('y', type=float)
parser.add_argument('--https', action="store_true", default=False)
args = parser.parse_args()
if args.https:
protocol = "https"
else:
protocol = "http"
version = args.y
host = args.x
url = ""+protocol+"://"+host+"/api/"
class Vonedotone:
def createproject(project_name):
r = requests.post(url+"projects", auth=("admin", "Harbor12345"), json={"project_name": ""+project_name+"", "metadata": {"public": "true"}}, verify=False)
print(r.status_code)
def createuser(username):
payload = {"username":""+username+"", "email":""+username+"@vmware.com", "password":"Harbor12345", "realname":""+username+"", "commment":"string"}
r = requests.post(url+"users", auth=("admin", "Harbor12345"), json=payload, verify=False)
print(r.status_code)
def setuseradmin(user):
r = requests.get(url+"users?username="+user+"", auth=("admin", "Harbor12345"), verify=False)
userid = str(r.json()[0]['user_id'])
r = requests.put(url+"users/"+userid+"/sysadmin", auth=("admin", "Harbor12345"), json={"has_admin_role": 1}, verify=False)
print(r.status_code)
def addmember(project, user, role):
r = requests.get(url+"projects?name="+project+"", auth=("admin", "Harbor12345"), verify=False)
projectid = str(r.json()[0]['project_id'])
payload = {"roles": [role], "username":""+user+""}
r = requests.post(url+"projects/"+projectid+"/members", auth=("admin", "Harbor12345"), json=payload, verify=False)
print(r.status_code)
def addendpoint(endpointurl, endpointname, username, password, insecure):
payload = {"endpoint": ""+endpointurl+"", "name": ""+endpointname+"", "username": ""+username+"", "password": ""+password+"", "insecure": insecure}
r = requests.post(url+"targets", auth=("admin", "Harbor12345"), json=payload, verify=False)
print(r.status_code)
def addreplicationrule(project, target, rulename, enable):
r = requests.get(url+"projects?name="+project+"", auth=("admin", "Harbor12345"), verify=False)
projectid = r.json()[0]['project_id']
r = requests.get(url+"targets?name="+target+"", auth=("admin", "Harbor12345"), verify=False)
targetid = r.json()[0]['id']
payload = {"project_id": projectid, "target_id": targetid, "name": ""+rulename+"", "enabled": enable}
r = requests.post(url+"policies/replication", auth=("admin", "Harbor12345"), json=payload, verify=False)
print(r.status_code)
def updateprojectsetting(project, public):
r = requests.get(url+"projects?name="+project+"", auth=("admin", "Harbor12345"), verify=False)
projectid = str(r.json()[0]['project_id'])
payload = {
"public": public
}
r = requests.put(url+"projects/"+projectid+"/publicity", auth=("admin", "Harbor12345"), json=payload, verify=False)
print(r.status_code)
def updatesystemsetting(emailfrom, emailhost, emailport, emailuser, creation):
payload = {
"auth_mode": "db_auth",
"email_from": emailfrom,
"email_host": emailhost,
"email_port": emailport,
"email_identity": "string",
"email_username": emailuser,
"email_ssl": "0",
"project_creation_restriction": creation,
"self_registration": "0",
"token_expiration": "10",
"verify_remote_cert": "0"
}
r = requests.put(url+"configurations", auth=("admin", "Harbor12345"), json=payload)
print(r.status_code)
class Vonedottwo:
def createproject(project_name):
r = requests.post(url+"projects", auth=("admin", "Harbor12345"), json={"project_name": ""+project_name+"", "metadata": {"public": "true"}}, verify=False)
print(r.status_code)
def createuser(username):
payload = {"username":""+username+"", "email":""+username+"@vmware.com", "password":"Harbor12345", "realname":""+username+"", "commment":"string"}
r = requests.post(url+"users", auth=("admin", "Harbor12345"), json=payload, verify=False)
print(r.status_code)
def setuseradmin(user):
r = requests.get(url+"users?username="+user+"", auth=("admin", "Harbor12345"), verify=False)
userid = str(r.json()[0]['user_id'])
r = requests.put(url+"users/"+userid+"/sysadmin", auth=("admin", "Harbor12345"), json={"has_admin_role": 1}, verify=False)
print(r.status_code)
def addmember(project, user, role):
r = requests.get(url+"projects?name="+project+"", auth=("admin", "Harbor12345"), verify=False)
projectid = str(r.json()[0]['project_id'])
payload = {"roles": [role], "username":""+user+""}
r = requests.post(url+"projects/"+projectid+"/members", auth=("admin", "Harbor12345"), json=payload, verify=False)
print(r.status_code)
def addendpoint(endpointurl, endpointname, username, password, insecure):
payload = {"endpoint": ""+endpointurl+"", "name": ""+endpointname+"", "username": ""+username+"", "password": ""+password+"", "insecure": insecure}
r = requests.post(url+"targets", auth=("admin", "Harbor12345"), json=payload, verify=False)
print(r.status_code)
def addreplicationrule(project, target, rulename, enable):
r = requests.get(url+"projects?name="+project+"", auth=("admin", "Harbor12345"), verify=False)
projectid = r.json()[0]['project_id']
r = requests.get(url+"targets?name="+target+"", auth=("admin", "Harbor12345"), verify=False)
targetid = r.json()[0]['id']
payload = {"project_id": projectid, "target_id": targetid, "name": ""+rulename+"", "enabled": enable}
r = requests.post(url+"policies/replication", auth=("admin", "Harbor12345"), json=payload, verify=False)
print(r.status_code)
def updateprojectsetting(project, public):
r = requests.get(url+"projects?name="+project+"", auth=("admin", "Harbor12345"), verify=False)
projectid = str(r.json()[0]['project_id'])
payload = {
"public": public
}
r = requests.put(url+"projects/"+projectid+"/publicity", auth=("admin", "Harbor12345"), json=payload, verify=False)
print(r.status_code)
def updatesystemsetting(emailfrom, emailhost, emailport, emailuser, creation, selfreg, token):
payload = {
"auth_mode": "db_auth",
"email_from": emailfrom,
"email_host": emailhost,
"email_port": emailport,
"email_identity": "string",
"email_username": emailuser,
"email_ssl": True,
"email_insecure": True,
"project_creation_restriction": creation,
"read_only": False,
"self_registration": selfreg,
"token_expiration": token,
"verify_remote_cert": True,
"scan_all_policy": {
"type": "none",
"parameter": {
"daily_time": 0
}
}
}
r = requests.put(url+"configurations", auth=("admin", "Harbor12345"), json=payload)
print(r.status_code)
class Vonedotthree:
def createproject(project_name):
r = requests.post(url+"projects", auth=("admin", "Harbor12345"), json={"project_name": ""+project_name+"", "metadata": {"public": "true"}}, verify=False)
print(r.status_code)
def createuser(username):
payload = {"username":""+username+"", "email":""+username+"@vmware.com", "password":"Harbor12345", "realname":""+username+"", "commment":"string"}
r = requests.post(url+"users", auth=("admin", "Harbor12345"), json=payload, verify=False)
print(r.status_code)
def setuseradmin(user):
r = requests.get(url+"users?username="+user+"", auth=("admin", "Harbor12345"), verify=False)
userid = str(r.json()[0]['user_id'])
r = requests.put(url+"users/"+userid+"/sysadmin", auth=("admin", "Harbor12345"), json={"has_admin_role": 1}, verify=False)
print(r.status_code)
def addmember(project, user, role):
r = requests.get(url+"projects?name="+project+"", auth=("admin", "Harbor12345"), verify=False)
projectid = str(r.json()[0]['project_id'])
payload = {"roles": [role], "username":""+user+""}
r = requests.post(url+"projects/"+projectid+"/members", auth=("admin", "Harbor12345"), json=payload, verify=False)
print(r.status_code)
def addendpoint(endpointurl, endpointname, username, password, insecure):
payload = {"endpoint": ""+endpointurl+"", "name": ""+endpointname+"", "username": ""+username+"", "password": ""+password+"", "insecure": insecure}
r = requests.post(url+"targets", auth=("admin", "Harbor12345"), json=payload, verify=False)
print(r.status_code)
def addreplicationrule(project, target, rulename, enable):
r = requests.get(url+"projects?name="+project+"", auth=("admin", "Harbor12345"), verify=False)
projectid = r.json()[0]['project_id']
r = requests.get(url+"targets?name="+target+"", auth=("admin", "Harbor12345"), verify=False)
targetid = r.json()[0]['id']
payload = {"project_id": projectid, "target_id": targetid, "name": ""+rulename+"", "enabled": enable}
r = requests.post(url+"policies/replication", auth=("admin", "Harbor12345"), json=payload, verify=False)
print(r.status_code)
def updateprojectsetting(project, contenttrust, preventrunning, preventseverity, scanonpush):
r = requests.get(url+"projects?name="+project+"", auth=("admin", "Harbor12345"), verify=False)
projectid = str(r.json()[0]['project_id'])
payload = {
"project_name": ""+project+"",
"metadata": {
"public": "True",
"enable_content_trust": contenttrust,
"prevent_vulnerable_images_from_running": preventrunning,
"prevent_vulnerable_images_from_running_severity": preventseverity,
"automatically_scan_images_on_push": scanonpush
}
}
r = requests.put(url+"projects/"+projectid+"", auth=("admin", "Harbor12345"), json=payload, verify=False)
print(r.status_code)
def updatesystemsetting(emailfrom, emailhost, emailport, emailuser, creation, selfreg, token):
payload = {
"auth_mode": "db_auth",
"email_from": emailfrom,
"email_host": emailhost,
"email_port": emailport,
"email_identity": "string",
"email_username": emailuser,
"email_ssl": True,
"email_insecure": True,
"project_creation_restriction": creation,
"read_only": False,
"self_registration": selfreg,
"token_expiration": token,
"verify_remote_cert": True,
"scan_all_policy": {
"type": "none",
"parameter": {
"daily_time": 0
}
}
}
r = requests.put(url+"configurations", auth=("admin", "Harbor12345"), json=payload)
print(r.status_code)
def updaterepoinfo(reponame):
r = requests.put(url+"repositories/"+reponame+"", auth=("admin", "Harbor12345"), json={"description": "testdescription"}, verify=False)
print(r.status_code)
class Vonedotfour:
def createproject(project_name):
r = requests.post(url+"projects", auth=("admin", "Harbor12345"), json={"project_name": ""+project_name+"", "metadata": {"public": "true"}}, verify=False)
print(r.status_code)
def createuser(username):
payload = {"username":""+username+"", "email":""+username+"@vmware.com", "password":"Harbor12345", "realname":""+username+"", "commment":"string"}
r = requests.post(url+"users", auth=("admin", "Harbor12345"), json=payload, verify=False)
print(r.status_code)
def setuseradmin(user):
r = requests.get(url+"users?username="+user+"", auth=("admin", "Harbor12345"), verify=False)
userid = str(r.json()[0]['user_id'])
r = requests.put(url+"users/"+userid+"/sysadmin", auth=("admin", "Harbor12345"), json={"has_admin_role": 1}, verify=False)
print(r.status_code)
def addmember(project, user, role):
r = requests.get(url+"projects?name="+project+"", auth=("admin", "Harbor12345"), verify=False)
projectid = str(r.json()[0]['project_id'])
payload = {"roles": [role], "username":""+user+""}
r = requests.post(url+"projects/"+projectid+"/members", auth=("admin", "Harbor12345"), json=payload, verify=False)
print(r.status_code)
def addendpoint(endpointurl, endpointname, username, password, insecure):
payload = {"endpoint": ""+endpointurl+"", "name": ""+endpointname+"", "username": ""+username+"", "password": ""+password+"", "insecure": insecure}
r = requests.post(url+"targets", auth=("admin", "Harbor12345"), json=payload, verify=False)
print(r.status_code)
def addreplicationrule(project, target, trigger, rulename):
r = requests.get(url+"projects?name="+project+"", auth=("admin", "Harbor12345"), verify=False)
projectid = r.json()[0]['project_id']
r = requests.get(url+"targets?name="+target+"", auth=("admin", "Harbor12345"), verify=False)
targetid = r.json()[0]['id']
payload = {"name": ""+rulename+"", "description": "string", "projects": [{"project_id": projectid,}], "targets": [{"id": targetid,}], "trigger": {"kind": ""+trigger+"", "schedule_param": {"type": "weekly", "weekday": 1, "offtime": 0}}}
r = requests.post(url+"policies/replication", auth=("admin", "Harbor12345"), json=payload, verify=False)
print(r.status_code)
def updateprojectsetting(project, contenttrust, preventrunning, preventseverity, scanonpush):
r = requests.get(url+"projects?name="+project+"", auth=("admin", "Harbor12345"), verify=False)
projectid = str(r.json()[0]['project_id'])
payload = {
"project_name": ""+project+"",
"metadata": {
"public": "True",
"enable_content_trust": contenttrust,
"prevent_vulnerable_images_from_running": preventrunning,
"prevent_vulnerable_images_from_running_severity": preventseverity,
"automatically_scan_images_on_push": scanonpush
}
}
r = requests.put(url+"projects/"+projectid+"", auth=("admin", "Harbor12345"), json=payload, verify=False)
print(r.status_code)
def updatesystemsetting(emailfrom, emailhost, emailport, emailuser, creation, selfreg, token):
payload = {
"auth_mode": "db_auth",
"email_from": emailfrom,
"email_host": emailhost,
"email_port": emailport,
"email_identity": "string",
"email_username": emailuser,
"email_ssl": True,
"email_insecure": True,
"project_creation_restriction": creation,
"read_only": False,
"self_registration": selfreg,
"token_expiration": token,
"verify_remote_cert": True,
"scan_all_policy": {
"type": "none",
"parameter": {
"daily_time": 0
}
}
}
r = requests.put(url+"configurations", auth=("admin", "Harbor12345"), json=payload)
print(r.status_code)
def updaterepoinfo(reponame):
r = requests.put(url+"repositories/"+reponame+"", auth=("admin", "Harbor12345"), json={"description": "testdescription"}, verify=False)
print(r.status_code)
class Vonedotfive:
def createproject(project_name):
r = requests.post(url+"projects", auth=("admin", "Harbor12345"), json={"project_name": ""+project_name+"", "metadata": {"public": "true"}}, verify=False)
print(r.status_code)
def createuser(username):
payload = {"username":""+username+"", "email":""+username+"@vmware.com", "password":"Harbor12345", "realname":""+username+"", "commment":"string"}
r = requests.post(url+"users", auth=("admin", "Harbor12345"), json=payload, verify=False)
print(r.status_code)
def setuseradmin(user):
r = requests.get(url+"users?username="+user+"", auth=("admin", "Harbor12345"), verify=False)
userid = str(r.json()[0]['user_id'])
r = requests.put(url+"users/"+userid+"/sysadmin", auth=("admin", "Harbor12345"), json={"has_admin_role": 1}, verify=False)
print(r.status_code)
def addmember(project, user, role):
r = requests.get(url+"projects?name="+project+"", auth=("admin", "Harbor12345"), verify=False)
projectid = str(r.json()[0]['project_id'])
payload = {"role_id":role, "member_user":{"username":""+user+""}}
r = requests.post(url+"projects/"+projectid+"/members", auth=("admin", "Harbor12345"), json=payload, verify=False)
print(r.status_code)
#def addlabeltotag(project, tag, label):
# r = requests.put()
def addsyslabel(labelname):
payload = {"name": ""+labelname+"", "description":"string", "color":"string", "scope":"g"}
r = requests.post(url+"labels", auth=("admin", "Harbor12345"), json=payload, verify=False)
print(r.status_code)
def addprojectlabel(project, label):
r = requests.get(url+"projects?name="+project+"", auth=("admin", "Harbor12345"), verify=False)
projectid = r.json()[0]['project_id']
payload = {"name":""+label+"", "description": "string", "color": "string", "scope": "p", "project_id": projectid}
r = requests.post(url+"labels", auth=("admin", "Harbor12345"), json=payload, verify=False)
print(r.status_code)
def addendpoint(endpointurl, endpointname, username, password, insecure):
payload = {"endpoint": ""+endpointurl+"", "name": ""+endpointname+"", "username": ""+username+"", "password": ""+password+"", "insecure": insecure}
r = requests.post(url+"targets", auth=("admin", "Harbor12345"), json=payload, verify=False)
print(r.status_code)
def addreplicationrule(project, target, trigger, rulename):
r = requests.get(url+"projects?name="+project+"", auth=("admin", "Harbor12345"), verify=False)
projectid = r.json()[0]['project_id']
r = requests.get(url+"targets?name="+target+"", auth=("admin", "Harbor12345"), verify=False)
targetid = r.json()[0]['id']
payload = {"name": ""+rulename+"", "description": "string", "projects": [{"project_id": projectid,}], "targets": [{"id": targetid,}], "trigger": {"kind": ""+trigger+"", "schedule_param": {"type": "weekly", "weekday": 1, "offtime": 0}}}
r = requests.post(url+"policies/replication", auth=("admin", "Harbor12345"), json=payload, verify=False)
print(r.status_code)
def updateprojectsetting(project, contenttrust, preventrunning, preventseverity, scanonpush):
r = requests.get(url+"projects?name="+project+"", auth=("admin", "Harbor12345"), verify=False)
projectid = str(r.json()[0]['project_id'])
payload = {
"project_name": ""+project+"",
"metadata": {
"public": "True",
"enable_content_trust": contenttrust,
"prevent_vulnerable_images_from_running": preventrunning,
"prevent_vulnerable_images_from_running_severity": preventseverity,
"automatically_scan_images_on_push": scanonpush
}
}
r = requests.put(url+"projects/"+projectid+"", auth=("admin", "Harbor12345"), json=payload, verify=False)
print(r.status_code)
def updatesystemsetting(emailfrom, emailhost, emailport, emailuser, creation, selfreg, token):
payload = {
"auth_mode": "db_auth",
"email_from": emailfrom,
"email_host": emailhost,
"email_port": emailport,
"email_identity": "string",
"email_username": emailuser,
"email_ssl": True,
"email_insecure": True,
"project_creation_restriction": creation,
"read_only": False,
"self_registration": selfreg,
"token_expiration": token,
"verify_remote_cert": True,
"scan_all_policy": {
"type": "none",
"parameter": {
"daily_time": 0
}
}
}
r = requests.put(url+"configurations", auth=("admin", "Harbor12345"), json=payload, verify=False)
print(r.status_code)
def updaterepoinfo(reponame):
r = requests.put(url+"repositories/"+reponame+"", auth=("admin", "Harbor12345"), json={"description": "testdescription"}, verify=False)
print(r.status_code)
with open("testdata.json") as f:
data = json.load(f)
def pullimage(*image):
for i in image:
os.system("docker pull "+i)
def pushimage(image, project):
os.system("docker tag "+image+" "+host+"/"+project+"/"+image)
os.system("docker login "+host+" -u Admin"+" -p Harbor12345")
os.system("docker push "+host+"/"+project+"/"+image)
def pushsigned(image, project, tag):
os.system("export DOCKER_CONTENT_TRUST=1;export DOCKER_CONTENT_TRUST_SERVER=https://"+host+":4443")
os.system("export NOTARY_ROOT_PASSPHARSE=Harbor12345;export NOTARY_TARGETS_PASSPHRASE=Harbor12345;export NOTARY_SNAPSHOT_PASSPHRASE=Harbor12345")
os.system("export DOCKER_CONTENT_TRUST_ROOT_PASSPHRASE=Harbor12345; export DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE=Harbor12345")
os.system("export DOCKER_CONTENT_TRUST_OFFLINE_PASSPHRASE=Harbor12345; export DOCKER_CONTENT_TRUST_TAGGING_PASSPHRASE=Harbor12345")
os.system("docker tag "+image+":"+tag+" "+host+"/"+project+"/"+image+":"+tag)
os.system("docker login "+host+" -u Admin"+" -p Harbor12345")
os.system("docker push "+host+"/"+project+"/"+image+":"+tag)
def createonedotone():
for user in data["users"]:
Vonedotone.createuser(user["name"])
for user in data["admin"]:
Vonedotone.setuseradmin(user["name"])
for project in data["projects"]:
Vonedotone.createproject(project["name"])
for member in project["member"]:
Vonedotone.addmember(project["name"], member["name"], member["role"])
pullimage("busybox", "redis", "haproxy", "alpine", "httpd:2")
pushimage("busybox", data["projects"][0]["name"])
if protocol == "https":
pushsigned("alpine", data["projects"][0]["name"], "latest")
else:
print("http does not support notary")
for endpoint in data["endpoint"]:
Vonedotone.addendpoint(endpoint["url"], endpoint["name"], endpoint["user"], endpoint["pass"], False)
for replicationrule in data["replicationrule"]:
Vonedotone.addreplicationrule(replicationrule["project"], replicationrule["endpoint"], replicationrule["rulename"], 0)
Vonedotone.updateprojectsetting(data["projects"][0]["name"], 1)
ef = data["configuration"]["emailsetting"]["emailfrom"]
eh = data["configuration"]["emailsetting"]["emailserver"]
ep = data["configuration"]["emailsetting"]["emailport"]
eu = data["configuration"]["emailsetting"]["emailuser"]
creation = data["configuration"]["projectcreation"]
Vonedotone.updatesystemsetting(ef, eh, ep, eu, creation)
def createonedottwo():
for user in data["users"]:
Vonedottwo.createuser(user["name"])
for user in data["admin"]:
Vonedottwo.setuseradmin(user["name"])
for project in data["projects"]:
Vonedottwo.createproject(project["name"])
for member in project["member"]:
Vonedottwo.addmember(project["name"], member["name"], member["role"])
pullimage("busybox", "redis", "haproxy", "alpine", "httpd:2")
pushimage("busybox", data["projects"][0]["name"])
if protocol == "https":
pushsigned("alpine", data["projects"][0]["name"], "latest")
else:
print("http does not support notary")
for endpoint in data["endpoint"]:
Vonedottwo.addendpoint(endpoint["url"], endpoint["name"], endpoint["user"], endpoint["pass"], False)
for replicationrule in data["replicationrule"]:
Vonedottwo.addreplicationrule(replicationrule["project"], replicationrule["endpoint"], replicationrule["rulename"], 0)
Vonedottwo.updateprojectsetting(data["projects"][0]["name"], 1)
ef = data["configuration"]["emailsetting"]["emailfrom"]
eh = data["configuration"]["emailsetting"]["emailserver"]
ep = float(data["configuration"]["emailsetting"]["emailport"])
eu = data["configuration"]["emailsetting"]["emailuser"]
creation = data["configuration"]["projectcreation"]
token = data["configuration"]["token"]
selfreg = data["configuration"]["selfreg"]
Vonedottwo.updatesystemsetting(ef, eh, ep, eu, creation, selfreg, token)
def createonedotthree():
for user in data["users"]:
Vonedotthree.createuser(user["name"])
for user in data["admin"]:
Vonedotthree.setuseradmin(user["name"])
for project in data["projects"]:
Vonedotthree.createproject(project["name"])
for member in project["member"]:
Vonedotthree.addmember(project["name"], member["name"], member["role"])
pullimage("busybox", "redis", "haproxy", "alpine", "httpd:2")
pushimage("busybox", data["projects"][0]["name"])
if protocol == "https":
pushsigned("alpine", data["projects"][0]["name"], "latest")
else:
print("http does not support notary")
for endpoint in data["endpoint"]:
Vonedotthree.addendpoint(endpoint["url"], endpoint["name"], endpoint["user"], endpoint["pass"], False)
for replicationrule in data["replicationrule"]:
Vonedotthree.addreplicationrule(replicationrule["project"], replicationrule["endpoint"], replicationrule["rulename"], 0)
for project in data["projects"]:
ct = project["configuration"]["enable_content_trust"]
pr = project["configuration"]["prevent_vulnerable_images_from_running"]
prs = project["configuration"]["prevent_vlunerable_images_from_running_severity"]
sop = project["configuration"]["automatically_scan_images_on_push"]
print(ct, pr, prs, sop)
Vonedotthree.updateprojectsetting(project["name"], ct, pr, prs, sop)
ef = data["configuration"]["emailsetting"]["emailfrom"]
eh = data["configuration"]["emailsetting"]["emailserver"]
ep = float(data["configuration"]["emailsetting"]["emailport"])
eu = data["configuration"]["emailsetting"]["emailuser"]
creation = data["configuration"]["projectcreation"]
token = data["configuration"]["token"]
selfreg = data["configuration"]["selfreg"]
Vonedotthree.updatesystemsetting(ef, eh, ep, eu, creation, selfreg, token)
def createonedotfour():
for user in data["users"]:
Vonedotfour.createuser(user["name"])
for user in data["admin"]:
Vonedotfour.setuseradmin(user["name"])
for project in data["projects"]:
Vonedotfour.createproject(project["name"])
for member in project["member"]:
Vonedotfour.addmember(project["name"], member["name"], member["role"])
pullimage("busybox", "redis", "haproxy", "alpine", "httpd:2")
pushimage("busybox", data["projects"][0]["name"])
if protocol == "https":
pushsigned("alpine", data["projects"][0]["name"], "latest")
else:
print("http does not support notary")
for endpoint in data["endpoint"]:
Vonedotfour.addendpoint(endpoint["url"], endpoint["name"], endpoint["user"], endpoint["pass"], False)
for replicationrule in data["replicationrule"]:
Vonedotfour.addreplicationrule(replicationrule["project"], replicationrule["endpoint"], replicationrule["trigger"], replicationrule["rulename"])
for project in data["projects"]:
ct = project["configuration"]["enable_content_trust"]
pr = project["configuration"]["prevent_vulnerable_images_from_running"]
prs = project["configuration"]["prevent_vlunerable_images_from_running_severity"]
sop = project["configuration"]["automatically_scan_images_on_push"]
Vonedotfour.updateprojectsetting(project["name"], ct, pr, prs, sop)
ef = data["configuration"]["emailsetting"]["emailfrom"]
eh = data["configuration"]["emailsetting"]["emailserver"]
ep = float(data["configuration"]["emailsetting"]["emailport"])
eu = data["configuration"]["emailsetting"]["emailuser"]
creation = data["configuration"]["projectcreation"]
token = data["configuration"]["token"]
selfreg = data["configuration"]["selfreg"]
Vonedotfour.updatesystemsetting(ef, eh, ep, eu, creation, selfreg, token)
def createonedotfive():
for user in data["users"]:
Vonedotfive.createuser(user["name"])
for user in data["admin"]:
Vonedotfive.setuseradmin(user["name"])
for project in data["projects"]:
Vonedotfive.createproject(project["name"])
for member in project["member"]:
Vonedotfive.addmember(project["name"], member["name"], member["role"])
for label in project["labels"]:
Vonedotfive.addprojectlabel(project["name"], label["name"])
for label in data["configuration"]["syslabel"]:
Vonedotfive.addsyslabel(label["name"])
pullimage("busybox", "redis", "haproxy", "alpine", "httpd:2")
pushimage("busybox", data["projects"][0]["name"])
if protocol == "https":
pushsigned("alpine", data["projects"][0]["name"], "latest")
else:
print("http does not support notary")
for endpoint in data["endpoint"]:
Vonedotfive.addendpoint(endpoint["url"], endpoint["name"], endpoint["user"], endpoint["pass"], False)
for replicationrule in data["replicationrule"]:
Vonedotfive.addreplicationrule(replicationrule["project"], replicationrule["endpoint"], replicationrule["trigger"], replicationrule["rulename"])
for project in data["projects"]:
ct = project["configuration"]["enable_content_trust"]
pr = project["configuration"]["prevent_vulnerable_images_from_running"]
prs = project["configuration"]["prevent_vlunerable_images_from_running_severity"]
sop = project["configuration"]["automatically_scan_images_on_push"]
Vonedotfive.updateprojectsetting(project["name"], ct, pr, prs, sop)
ef = data["configuration"]["emailsetting"]["emailfrom"]
eh = data["configuration"]["emailsetting"]["emailserver"]
ep = float(data["configuration"]["emailsetting"]["emailport"])
eu = data["configuration"]["emailsetting"]["emailuser"]
creation = data["configuration"]["projectcreation"]
token = data["configuration"]["token"]
selfreg = data["configuration"]["selfreg"]
Vonedotfive.updatesystemsetting(ef, eh, ep, eu, creation, selfreg, token)
if version == 1.1:
createdata = Vonedotone()
createonedotone()
elif version == 1.2:
createdata = Vonedottwo()
createonedottwo()
elif version == 1.3:
createdata = Vonedotthree()
createonedotthree()
elif version == 1.4:
createdata = Vonedotfour()
createonedotfour()
elif version == 1.5:
createdata = Vonedotfive()
createonedotfive()
else:
print("version not supported")

View File

@ -0,0 +1,21 @@
*** Settings ***
Documentation Harbor BATs
Resource ../../resources/Util.robot
Default Tags Nightly
*** Variables ***
${HARBOR_URL} https://${ip}
${HARBOR_ADMIN} admin
*** Test Cases ***
Test Case - Upgrade Verify
${data}= Load Json From File ${CURDIR}${/}testdata.json
Run Keyword Verify User ${data}
Run Keyword Verify Project ${data}
Run Keyword Verify Member Exist ${data}
Run Keyword Verify User System Admin Role ${data}
Run Keyword Verify Endpoint ${data}
Run Keyword Verify Replicationrule ${data}
Run Keyword Verify Project Setting ${data}
Run Keyword Verify System Setting ${data}
Run Keyword Verify Image Tag ${data}