Merge pull request #1987 from sigsbee/group9

update content trust test case

tests/testcases/Group9-Content-trust/9-01-DB-user-push-signed-images.md

@@ -3,21 +3,33 @@ Test 9-01 User push signed images(DB mode)
 
 # Purpose:
 
-TBD
+To verify user can push images with content trust enabled.
 
 # References:
 User guide
 
 # Environment:
 
+* This test requires one Harbor instance is runnning and available.  
+* A Linux host with Docker CLI installed (Docker client).  
 
 # Test Steps:
+**NOTE:**  
+In below test, <harbor_ip> should be replaced by your harbor's ip or FQDN. If you are using a self-signed certificate,make sure to copy the CA root cert into ```/etc/docker/certs.d/<harbor_ip>``` and ```$HOME/.docker/tls/<harbor_ip>:4443/```  
+
+1. Login UI and create a project.  
+2. On Docker clinet, run  
+```sh
+export DOCKER_CONTENT_TRUST=1
+export DOCKER_CONTNET_TRUST_SERVER=https://<harbor_ip>:4443
+```
+and login Harbor.  
+3. Push an image to the project created in step1.  
 
-TBD
 
 # Expected Outcome:
 
-TBD
+* In step3, Docker client will sign and push the image, a green tick will show in UI.  
 
 # Possible Problems:
 None

tests/testcases/Group9-Content-trust/9-02-DB-user-push-unsigned-images.md

@@ -3,21 +3,25 @@ Test 9-02 User Push unsigned images(DB mode)
 
 # Purpose:
 
-TBD
+To verify UI will difference unsigned images from signed images.
 
 # References:
 User guide
 
 # Environment:
 
+* This test requires one Harbor instance is runnning and available.
+* A Linux host with Docker CLI (Docker client) installed.
 
 # Test Steps:
 
-TBD
+1. Login UI and create a project.
+2. Unset DOCKER_CONTENT_TRUST on Docker client and login Harbor.
+3. Push a image to project created in step1.
 
 # Expected Outcome:
 
-TBD
+* A red cross will displayed under signed colume in UI.
 
 # Possible Problems:
 None

tests/testcases/Group9-Content-trust/9-03-DB-user-pull-signed-images.md

@@ -3,21 +3,32 @@ Test 9-03 User pull signed images(DB mode)
 
 # Purpose:
 
-TBD
+To verify user can pull signed images.
 
 # References:
 User guide
 
 # Environment:
 
+* This test requires one Harbor instance is running and available.
+* A Linux machine with Docker CLI(Docker client) installed.
 
 # Test Steps:
+**NOTE:**  
+In below test, project X should be replaced by an existing project and <harbor_ip> should be replaced by your harbor's ip or FQDN. If you are using a self-signed certificate,make sure to copy the CA root cert into ```/etc/docker/certs.d/<harbor_ip>``` and ```$HOME/.docker/tls/<harbor_ip>:4443/```  
 
-TBD
+1. Login UI.
+2. On Docker client, run 
+```sh
+export DOCKER_CONTENT_TRUST=1  
+export DOCKER_CONTENT_TRUST_SERVER=https://<harbor_ip>:4443  
+```
+and login Harobr.  
+3. Pull an image from project X.  
 
 # Expected Outcome:
 
-TBD
+* Image can be pulled successful.
 
 # Possible Problems:
 None

tests/testcases/Group9-Content-trust/9-04-DB-user-pull-unsigned-images.md

@@ -3,21 +3,28 @@ Test 9-04 User pull unsigned images(DB mode)
 
 # Purpose:
 
-TBD
+To verify whether user can pull unsigned images with content trust enabled.
 
 # References:
 User guide
 
 # Environment:
 
+* This test requires one Harbor instance is running and available.
+* Harbor is set to authenticate against a local database.The user data is stored in a local database.  
+* A Linux host with Docker CLI(Docker client) installed.
 
 # Test Steps:
 
-TBD
+1. Login UI and create a project.
+2. On Docker client, unset DOCKER_CONTENT_TRUST and login Harbor.  
+3. Push an image to the project created in step1.  
+4. Reset DOCKER_CONTENT_TRUST to 1.
+5. Pull the unsigned image.
 
 # Expected Outcome:
 
-TBD
+* User cannot pull unsigned images with content trust enabled.
 
 # Possible Problems:
 None

tests/testcases/Group9-Content-trust/9-05-DB-user-delete-signed-images.md

@@ -1,23 +1,38 @@
-Test User delete signed images(DB mode)
+Test 9-05 User delete signed images(DB mode)
 =======
 
 # Purpose:
 
-TBD
+To verify whether user can delete signed images.
 
 # References:
 User guide
 
 # Environment:
 
+* This test requires one Harbor instance is running and avialable.  
+* A Linux host with Docker CLI(Docker client) installed.  
 
 # Test Steps:
+**NOTE:**  
+In below test,<harbor_ip> should be replaced by your harbor's ip or FQDN. If you are using a self-signed certificate,make sure to copy the CA root cert into ```/etc/docker/certs.d/<harbor_ip>``` and ```$HOME/.docker/tls/<harbor_ip>:4443/```  
 
-TBD
+1. Login UI and create a project.  
+2. On a Docker client,run 
+```sh
+export DOCKER_CONTENT_TRUST=1
+export DOCKER_CONTENT_TRUST_SERVER=https://<harbor_ip>:4443
+``` 
+and login Harbor.  
+3. Push an image to project created in step1.  
+4. Delete the pushed image.  
+5. Delete notary tag according to message from UI in step4.  
+6. Delete the image again.
 
 # Expected Outcome:
 
-TBD
+* In step4, image cannot be deleted.  
+* In step6, image can be deleted.
 
 # Possible Problems:
 None

tests/testcases/Group9-Content-trust/9-11-LDAP-user-push-signed-images.md

@@ -3,21 +3,24 @@ Test 9-11 User push signed images(LDAP mode)
 
 # Purpose:
 
-TBD
+To verify user can sign and push images(LDAP mode)
 
 # References:
 User guide
 
 # Environment:
 
+* This test requires that a Harbor instance is running and available.  
+* Harbor is set to authenticate against an LDAP or AD server.(auth_mode is set to ldap_auth.) The user data is stored in an LDAP or AD server.  
+* A Linux host with Docker CLI(Docker client) installed.
 
 # Test Steps:
 
-TBD
+Same as Test 9-01 except that users are from LDAP/AD.
 
 # Expected Outcome:
 
-TBD
+* Same as Test 9-01.
 
 # Possible Problems:
 None

tests/testcases/Group9-Content-trust/9-12-LDAP-user-push-unsigned-images.md

@@ -3,21 +3,25 @@ Test 9-12 User push unsigned images(LDAP mode)
 
 # Purpose:
 
-TBD
+To verify UI will difference unsiged images from signed.
 
 # References:
 User guide
 
 # Environment:
 
+* This test requires that a Harbor instance is running and available.  
+* Harbor is set to authenticate against a LDAP or AD server.   
+* A Linux host with Docker CLI(Docker client)installed.  
+* A non-admin user that has at least a project as project admin.
 
 # Test Steps:
 
-TBD
+Same as Test 9-02 except that users are from LDAP/AD.
 
 # Expected Outcome:
 
-TBD
+* Same as Test 9-02.
 
 # Possible Problems:
 None

tests/testcases/Group9-Content-trust/9-13-LDAP-user-pull-signed-images.md

@@ -3,21 +3,25 @@ Test 9-13 User pull signed images(LDAP mode)
 
 # Purpose:
 
-TBD
+To verify whether user can pull signed images with content trust enabled.
 
 # References:
 User guide
 
 # Environment:
 
+* This test requires that a Harbor instance is running and available.  
+* Harbor is set to authenticate against an LDAP or AD server.  
+* A Linux host with Docker CLI(Docker client)installed.  
+* A non-admin user that has at least one proejct as project admin.
 
 # Test Steps:
 
-TBD
+Same as Test 9-03 except that users are from LDAP/AD.
 
 # Expected Outcome:
 
-TBD
+* Same as Test 9-03.
 
 # Possible Problems:
 None

tests/testcases/Group9-Content-trust/9-14-LDAP-user-pull-unsigned-images.md

@@ -3,21 +3,25 @@ Test 9-14 User pull unsigned images(LDAP images)
 
 # Purpose:
 
-TBD
+To verify whether user can pull unsigned images with content trust enabled.
 
 # References:
 User guide
 
 # Environment:
 
+* This test requires that a Harbor instance is running and available.  
+* Harbor is set to authenticate against a LDAP or AD server.  
+* A Linux host with Docker CLI(Docker client)installed.  
+* A non-admin user that has at least one project as project admin.  
 
 # Test Steps:
 
-TBD
+Same as Test 9-04 except that users are from LDAP/AD.
 
 # Expected Outcome:
 
-TBD
+* Same as Test 9-04.
 
 # Possible Problems:
 None

tests/testcases/Group9-Content-trust/9-15-LDAP-user-delete-signed-images.md

@@ -3,21 +3,25 @@ Test 9-15 User delete signed images(LDAP mode)
 
 # Purpose:
 
-TBD
+To verify user can delete signed images with content trust enabled.
 
 # References:
 User guide
 
 # Environment:
 
+* This test requries a Harbor istance is running and available.  
+* Harbor is set authenticate against an LDAP or AD server.  
+* A Linux host with Docker CLI(Docker client)installed.  
+* A non-admin user that has at least one project as project admin.
 
 # Test Steps:
 
-TBD
+Same as Test 9-05 except that users are from LDAP/AD.
 
 # Expected Outcome:
 
-TBD
+* Same as Test 9-05.
 
 # Possible Problems:
 None