mirror of
https://github.com/goharbor/harbor.git
synced 2024-11-25 19:56:09 +01:00
Add cosign UI test case
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
This commit is contained in:
parent
cd8d48794a
commit
6e93089845
27
tests/resources/Cosign_Util.robot
Normal file
27
tests/resources/Cosign_Util.robot
Normal file
@ -0,0 +1,27 @@
|
||||
# Copyright Project Harbor Authors
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License
|
||||
|
||||
*** Settings ***
|
||||
Documentation This resource provides helper functions for docker operations
|
||||
Library OperatingSystem
|
||||
Library Process
|
||||
|
||||
*** Keywords ***
|
||||
Cosign Generate Key Pair
|
||||
Remove Files cosign.key cosign.pub
|
||||
Wait Unitl Command Success cosign generate-key-pair
|
||||
|
||||
Cosign Sign
|
||||
[Arguments] ${artifact}
|
||||
Wait Unitl Command Success cosign sign --allow-insecure-registry --key cosign.key ${artifact}
|
@ -22,6 +22,7 @@ ${artifact_action_copy_xpath} //clr-dropdown-menu//div[contains(.,'Copy') and @
|
||||
${artifact_achieve_icon} //artifact-list-tab//clr-datagrid//clr-dg-row[contains(.,'sha256')]//clr-dg-cell[1]//clr-tooltip//a
|
||||
${artifact_rows} //artifact-list-tab//clr-datagrid//clr-dg-row[contains(.,'sha256')]
|
||||
${archive_rows} //artifact-list-tab//clr-datagrid//clr-dg-row[contains(.,'sha256')]//clr-dg-cell[1]//clr-tooltip//a
|
||||
${artifact_list_refresh_btn} //artifact-list-tab//div//span[@class='refresh-btn']
|
||||
|
||||
${artifact_list_spinner} xpath=//clr-datagrid//clr-spinner
|
||||
${artifact_tag_component} xpath=//artifact-tag
|
||||
|
@ -17,10 +17,14 @@ Click Project Public
|
||||
Mouse Down //hbr-project-policy-config//input[@name='public']
|
||||
Mouse Up //hbr-project-policy-config//input[@name='public']
|
||||
|
||||
Click Notary Deployment security
|
||||
Click Notary Deployment Security
|
||||
Mouse Down //input[@id='content-trust']
|
||||
Mouse Up //input[@id='content-trust']
|
||||
|
||||
Click Cosign Deployment Security
|
||||
Mouse Down //input[@id='content-trust-cosign']
|
||||
Mouse Up //input[@id='content-trust-cosign']
|
||||
|
||||
Click Prevent Running
|
||||
Mouse Down //hbr-project-policy-config//input[@name='prevent-vulnerability-image']
|
||||
Mouse Up //hbr-project-policy-config//input[@name='prevent-vulnerability-image']
|
||||
@ -46,9 +50,12 @@ Project Should Be Public
|
||||
[Arguments] ${projectName}
|
||||
Retry Wait Until Page Contains Element //clr-dg-row[contains(.,'${projectName}')]//clr-dg-cell[contains(.,'Public')]
|
||||
|
||||
Content Trust Should Be Selected
|
||||
Content Notary Deployment security Be Selected
|
||||
Checkbox Should Be Selected //input[@id='content-trust']
|
||||
|
||||
Content Cosign Deployment security Be Selected
|
||||
Checkbox Should Be Selected //input[@id='content-trust-cosign']
|
||||
|
||||
Prevent Running Should Be Selected
|
||||
Checkbox Should Be Selected //hbr-project-policy-config//input[@name='prevent-vulnerability-image']
|
||||
|
||||
|
@ -376,3 +376,21 @@ Select Storage Quota unit
|
||||
[Arguments] ${unit}
|
||||
Select From List By Value ${project_add_storage_quota_unit_id} ${unit}
|
||||
|
||||
Should Not Be Signed By Cosign
|
||||
[Arguments] ${tag}
|
||||
Retry Wait Element Visible //clr-dg-row[contains(.,'latest')]//clr-icon[contains(@class,'color-red')]
|
||||
|
||||
Should Be Signed By Cosign
|
||||
[Arguments] ${tag}
|
||||
Retry Wait Element Visible //clr-dg-row[contains(.,'${tag}')]// clr-icon[contains(@class,'signed')]
|
||||
|
||||
Delete Accessory
|
||||
[Arguments] ${tag}
|
||||
Retry Button Click //clr-dg-row[contains(.,'${tag}')]//button[contains(@class,'datagrid-expandable-caret-button')]
|
||||
Retry Button Click //clr-dg-row[contains(.,'${tag}')]//button[contains(@class,'datagrid-action-toggle')]
|
||||
Retry Button Click //div[@id='clr-action-menu1']/button[@class='action-item']
|
||||
Retry Button Click //div[contains(@class,'modal-content')]//button[contains(@class,'btn-danger')]
|
||||
|
||||
Should be Accessory deleted
|
||||
[Arguments] ${tag}
|
||||
Retry Wait Until Page Not Contains Element //clr-dg-row[contains(.,'${tag}')]//button[contains(@class,'datagrid-expandable-caret-button')]
|
@ -74,6 +74,7 @@ Resource Cert-Util.robot
|
||||
Resource SeleniumUtil.robot
|
||||
Resource Nightly-Util.robot
|
||||
Resource APITest-Util.robot
|
||||
Resource Cosign_Util.robot
|
||||
Resource TestCaseBody.robot
|
||||
|
||||
*** Keywords ***
|
||||
|
@ -863,3 +863,30 @@ Test Case - Carvel Imgpkg Push And Pull To Harbor
|
||||
Wait Unitl Command Success docker logout ${ip}
|
||||
Retry File Should Exist ${out_path}/.imgpkg/bundle.yml
|
||||
Retry File Should Exist ${out_path}/.imgpkg/images.yml
|
||||
|
||||
Test Case - Cosign And Cosign Deployment Security Policy
|
||||
[Tags] cosign
|
||||
Init Chrome Driver
|
||||
${user}= Set Variable user006
|
||||
${pwd}= Set Variable Test1@34
|
||||
${d}= Get Current Date result_format=%m%s
|
||||
${image}= Set Variable hello-world
|
||||
${tag}= Set Variable latest
|
||||
Sign In Harbor ${HARBOR_URL} ${user} ${pwd}
|
||||
Create An New Project And Go Into Project project${d}
|
||||
Goto Project Config
|
||||
Click Cosign Deployment Security
|
||||
Save Project Config
|
||||
Content Cosign Deployment security Be Selected
|
||||
|
||||
Push Image With Tag ${ip} ${user} ${pwd} project${d} ${image} ${tag}
|
||||
Go Into Project project${d}
|
||||
Retry Double Keywords When Error Go Into Repo project${d}/${image} Should Not Be Signed By Cosign ${tag}
|
||||
Cannot Pull Image ${ip} ${user} ${pwd} project${d} ${image}:${tag} err_msg=The image is not signed in Cosign.
|
||||
|
||||
Cosign Generate Key Pair
|
||||
Cosign Sign ${ip}/project${d}/${image}:${tag}
|
||||
Retry Double Keywords When Error Retry Element Click ${artifact_list_refresh_btn} Should Be Signed By Cosign ${tag}
|
||||
Pull image ${ip} ${user} ${pwd} project${d} ${image}:${tag}
|
||||
|
||||
Retry Double Keywords When Error Delete Accessory ${tag} Should be Accessory deleted ${tag}
|
@ -31,11 +31,11 @@ Test Case - Project Level Policy Notary Deployment security
|
||||
Push Image ${ip} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} project${d} hello-world:latest
|
||||
Go Into Project project${d}
|
||||
Goto Project Config
|
||||
Click Notary Deployment security
|
||||
Click Notary Deployment Security
|
||||
Save Project Config
|
||||
# Verify
|
||||
# Unsigned image can not be pulled
|
||||
Content Trust Should Be Selected
|
||||
Content Notary Deployment security Be Selected
|
||||
Cannot Pull Image ${ip} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} project${d} hello-world:latest err_msg=The image is not signed in Notary
|
||||
# Signed image can be pulled
|
||||
Body Of Admin Push Signed Image project${d} redis latest ${HARBOR_ADMIN} ${HARBOR_PASSWORD}
|
||||
|
@ -68,6 +68,9 @@ RUN pwd && mkdir /tool/binary && \
|
||||
# Install imgpkg
|
||||
IMGPKG_VERSION=0.22.0 && wget https://github.com/vmware-tanzu/carvel-imgpkg/releases/download/v$IMGPKG_VERSION/imgpkg-linux-amd64 && \
|
||||
mv imgpkg-linux-amd64 /tool/binary/imgpkg && chmod +x /tool/binary/imgpkg && \
|
||||
# Install cosign
|
||||
COSIGN_VERSION=1.4.1 && wget https://github.com/sigstore/cosign/releases/download/v$COSIGN_VERSION/cosign-linux-amd64 && \
|
||||
mv cosign-linux-amd64 /tool/binary/cosign && chmod +x /tool/binary/cosign && \
|
||||
pwd
|
||||
|
||||
#ubuntu
|
||||
|
@ -3,6 +3,7 @@
|
||||
FROM ubuntu:18.04
|
||||
ENV LANG C.UTF-8
|
||||
ENV HELM_EXPERIMENTAL_OCI=1
|
||||
ENV COSIGN_PASSWORD=Harbor12345
|
||||
RUN apt-get update && apt-get install -y --no-install-recommends wget curl gnupg2
|
||||
RUN apt-get install libseccomp2
|
||||
RUN wget --no-check-certificate -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | apt-key add -
|
||||
@ -35,8 +36,8 @@ RUN pip3 install --upgrade pip pyasn1 google-apitools==0.5.31 gsutil \
|
||||
requests dbbot robotframework-seleniumlibrary==4.3.0 robotframework-pabot \
|
||||
robotframework-JSONLibrary hurry.filesize --upgrade && \
|
||||
apt-get clean all
|
||||
# Because the old version of chromedriver can’t download files, upgrade it to version 93.0.4577.15, which can download files normally.
|
||||
RUN wget -N http://chromedriver.storage.googleapis.com/95.0.4638.54/chromedriver_linux64.zip && \
|
||||
# Upgrade chromedriver version to 97.0.4692.71
|
||||
RUN wget -N http://chromedriver.storage.googleapis.com/97.0.4692.71/chromedriver_linux64.zip && \
|
||||
unzip chromedriver_linux64.zip && \
|
||||
chmod +x chromedriver && \
|
||||
mv -f chromedriver /usr/local/share/chromedriver && \
|
||||
|
Loading…
Reference in New Issue
Block a user