mirror of
https://github.com/goharbor/harbor.git
synced 2024-09-29 13:57:33 +02:00
OIDC authentication is a new feature in version 1.8.0, so add nightly GUI test cases for OIDC authentication scenario. (#7745)
Signed-off-by: danfengliu <danfengl@vmware.com>
This commit is contained in:
parent
1ceb7a2fb9
commit
a503944110
@ -27,7 +27,7 @@ Generate Certificate Authority For Chrome
|
|||||||
${rc} ${out}= Run And Return Rc And Output certutil -d sql:$HOME/.pki/nssdb -A -t TC -f password${rand}.ca -n "Harbor${rand}" -i ./harbor_ca.crt
|
${rc} ${out}= Run And Return Rc And Output certutil -d sql:$HOME/.pki/nssdb -A -t TC -f password${rand}.ca -n "Harbor${rand}" -i ./harbor_ca.crt
|
||||||
Log ${out}
|
Log ${out}
|
||||||
Should Be Equal As Integers ${rc} 0
|
Should Be Equal As Integers ${rc} 0
|
||||||
|
|
||||||
Generate Certificate Authority
|
Generate Certificate Authority
|
||||||
# Generates CA (private/ca.key.pem, certs/ca.cert.pem, certs/STARK_ENTERPRISES_ROOT_CA.crt) in OUT_DIR
|
# Generates CA (private/ca.key.pem, certs/ca.cert.pem, certs/STARK_ENTERPRISES_ROOT_CA.crt) in OUT_DIR
|
||||||
[Arguments] ${CA_NAME}=STARK_ENTERPRISES_ROOT_CA ${OUT_DIR}=/root/ca
|
[Arguments] ${CA_NAME}=STARK_ENTERPRISES_ROOT_CA ${OUT_DIR}=/root/ca
|
||||||
|
@ -107,8 +107,8 @@ Start Docker Daemon Locally
|
|||||||
Prepare Docker Cert
|
Prepare Docker Cert
|
||||||
[Arguments] ${ip}
|
[Arguments] ${ip}
|
||||||
Wait Unitl Command Success mkdir -p /etc/docker/certs.d/${ip}
|
Wait Unitl Command Success mkdir -p /etc/docker/certs.d/${ip}
|
||||||
Wait Unitl Command Success cp harbor_ca.crt /etc/docker/certs.d/${ip}
|
Wait Unitl Command Success cp harbor_ca.crt /etc/docker/certs.d/${ip}
|
||||||
|
|
||||||
Kill Local Docker Daemon
|
Kill Local Docker Daemon
|
||||||
[Arguments] ${handle} ${dockerd-pid}
|
[Arguments] ${handle} ${dockerd-pid}
|
||||||
Terminate Process ${handle}
|
Terminate Process ${handle}
|
||||||
|
39
tests/resources/Harbor-Pages/OIDC_Auth.robot
Normal file
39
tests/resources/Harbor-Pages/OIDC_Auth.robot
Normal file
@ -0,0 +1,39 @@
|
|||||||
|
# Copyright Project Harbor Authors
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License
|
||||||
|
|
||||||
|
*** Settings ***
|
||||||
|
Documentation This resource provides any keywords related to the Harbor private registry appliance
|
||||||
|
Resource ../../resources/Util.robot
|
||||||
|
|
||||||
|
*** Variables ***
|
||||||
|
|
||||||
|
*** Keywords ***
|
||||||
|
|
||||||
|
Sign In Harbor With OIDC User
|
||||||
|
[Arguments] ${url} ${username}=${OIDC_USERNAME}
|
||||||
|
${head_username}= Set Variable xpath=//harbor-app/harbor-shell/clr-main-container/navigator/clr-header//clr-dropdown//button[contains(.,'${username}')]
|
||||||
|
Init Chrome Driver
|
||||||
|
Go To ${url}
|
||||||
|
Retry Element Click ${log_oidc_provider_btn}
|
||||||
|
Retry Text Input ${dex_login_btn} ${username}@example.com
|
||||||
|
Retry Text Input ${dex_pwd_btn} password
|
||||||
|
Retry Element Click ${submit_login_btn}
|
||||||
|
Retry Element Click ${grant_btn}
|
||||||
|
|
||||||
|
#If input box for harbor user name is visible, it means it's the 1st time login of this user,
|
||||||
|
# but if this user has been logged into harbor successfully, this input box will not show up,
|
||||||
|
# so there is condition branch for this stituation.
|
||||||
|
${isVisible}= Run Keyword And Return Status Element Should Be Visible ${oidc_username_input}
|
||||||
|
Run Keyword If '${isVisible}' == 'True' Run Keywords Retry Text Input ${oidc_username_input} ${username} AND Retry Element Click ${save_btn}
|
||||||
|
Retry Wait Element ${head_username}
|
26
tests/resources/Harbor-Pages/OIDC_Auth_Elements.robot
Normal file
26
tests/resources/Harbor-Pages/OIDC_Auth_Elements.robot
Normal file
@ -0,0 +1,26 @@
|
|||||||
|
# Copyright Project Harbor Authors
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License
|
||||||
|
|
||||||
|
*** Settings ***
|
||||||
|
Documentation This resource provides any keywords related to the Harbor private registry appliance
|
||||||
|
|
||||||
|
*** Variables ***
|
||||||
|
${log_oidc_provider_btn} //*[@id='log_oidc']
|
||||||
|
${dex_login_btn} //*[@id='login']
|
||||||
|
${dex_pwd_btn} //*[@id='password']
|
||||||
|
${submit_login_btn} //*[@id='submit-login']
|
||||||
|
${grant_btn} xpath=/html/body/div[2]/div/div[2]/div[1]/form/button
|
||||||
|
${oidc_username_input} //*[@id='oidcUsername']
|
||||||
|
${save_btn} //*[@id='saveButton']
|
||||||
|
${OIDC_USERNAME} test1
|
@ -31,7 +31,7 @@ CA Setup
|
|||||||
[Arguments] ${ip} ${HARBOR_PASSWORD} ${cert}=/ca/ca.crt
|
[Arguments] ${ip} ${HARBOR_PASSWORD} ${cert}=/ca/ca.crt
|
||||||
Run mv ${cert} harbor_ca.crt
|
Run mv ${cert} harbor_ca.crt
|
||||||
Generate Certificate Authority For Chrome ${HARBOR_PASSWORD}
|
Generate Certificate Authority For Chrome ${HARBOR_PASSWORD}
|
||||||
Prepare Docker Cert ${ip}
|
Prepare Docker Cert ${ip}
|
||||||
|
|
||||||
Collect Nightly Logs
|
Collect Nightly Logs
|
||||||
[Arguments] ${ip} ${SSH_PWD} ${ip1}==${EMPTY}
|
[Arguments] ${ip} ${SSH_PWD} ${ip1}==${EMPTY}
|
||||||
@ -45,11 +45,13 @@ Collect Logs
|
|||||||
SSHLibrary.Get File /var/log/harbor/ui.log
|
SSHLibrary.Get File /var/log/harbor/ui.log
|
||||||
SSHLibrary.Get File /var/log/harbor/registry.log
|
SSHLibrary.Get File /var/log/harbor/registry.log
|
||||||
SSHLibrary.Get File /var/log/harbor/proxy.log
|
SSHLibrary.Get File /var/log/harbor/proxy.log
|
||||||
SSHLibrary.Get File /var/log/harbor/adminserver.log
|
SSHLibrary.Get File /var/log/harbor/adminserver.log
|
||||||
SSHLibrary.Get File /var/log/harbor/clair.log
|
SSHLibrary.Get File /var/log/harbor/clair.log
|
||||||
SSHLibrary.Get File /var/log/harbor/jobservice.log
|
SSHLibrary.Get File /var/log/harbor/jobservice.log
|
||||||
SSHLibrary.Get File /var/log/harbor/postgresql.log
|
SSHLibrary.Get File /var/log/harbor/postgresql.log
|
||||||
SSHLibrary.Get File /var/log/harbor/notary-server.log
|
SSHLibrary.Get File /var/log/harbor/notary-server.log
|
||||||
SSHLibrary.Get File /var/log/harbor/notary-signer.log
|
SSHLibrary.Get File /var/log/harbor/notary-signer.log
|
||||||
|
SSHLibrary.Get File /var/log/harbor/chartmuseum.log
|
||||||
|
SSHLibrary.Get File /var/log/harbor/registryctl.log
|
||||||
Run rename 's/^/${ip}/' *.log
|
Run rename 's/^/${ip}/' *.log
|
||||||
Close All Connections
|
Close All Connections
|
@ -109,4 +109,15 @@ Body Of Admin Push Signed Image
|
|||||||
${rc} ${output}= Run And Return Rc And Output curl -u admin:Harbor12345 -s --insecure -H "Content-Type: application/json" -X GET "https://${ip}/api/repositories/library/tomcat/signatures"
|
${rc} ${output}= Run And Return Rc And Output curl -u admin:Harbor12345 -s --insecure -H "Content-Type: application/json" -X GET "https://${ip}/api/repositories/library/tomcat/signatures"
|
||||||
Log To Console ${output}
|
Log To Console ${output}
|
||||||
Should Be Equal As Integers ${rc} 0
|
Should Be Equal As Integers ${rc} 0
|
||||||
Should Contain ${output} sha256
|
Should Contain ${output} sha256
|
||||||
|
|
||||||
|
Delete A Project Without Sign In Harbor
|
||||||
|
[Arguments] ${harbor_ip}=${ip} ${username}=${HARBOR_ADMIN} ${password}=${HARBOR_PASSWORD}
|
||||||
|
${d}= Get Current Date result_format=%m%s
|
||||||
|
Create An New Project project${d}
|
||||||
|
Push Image ${harbor_ip} ${username} ${password} project${d} hello-world
|
||||||
|
Project Should Not Be Deleted project${d}
|
||||||
|
Go Into Project project${d}
|
||||||
|
Delete Repo project${d}
|
||||||
|
Navigate To Projects
|
||||||
|
Project Should Be Deleted project${d}
|
@ -54,6 +54,8 @@ Resource Harbor-Pages/ToolKit.robot
|
|||||||
Resource Harbor-Pages/ToolKit_Elements.robot
|
Resource Harbor-Pages/ToolKit_Elements.robot
|
||||||
Resource Harbor-Pages/Vulnerability.robot
|
Resource Harbor-Pages/Vulnerability.robot
|
||||||
Resource Harbor-Pages/LDAP-Mode.robot
|
Resource Harbor-Pages/LDAP-Mode.robot
|
||||||
|
Resource Harbor-Pages/OIDC_Auth.robot
|
||||||
|
Resource Harbor-Pages/OIDC_Auth_Elements.robot
|
||||||
Resource Harbor-Pages/Verify.robot
|
Resource Harbor-Pages/Verify.robot
|
||||||
Resource Docker-Util.robot
|
Resource Docker-Util.robot
|
||||||
Resource Admiral-Util.robot
|
Resource Admiral-Util.robot
|
||||||
@ -196,4 +198,13 @@ Retry Double Keywords When Error
|
|||||||
\ Exit For Loop If '${out1[0]}'=='PASS' and '${out2[0]}'=='PASS'
|
\ Exit For Loop If '${out1[0]}'=='PASS' and '${out2[0]}'=='PASS'
|
||||||
\ Sleep 2
|
\ Sleep 2
|
||||||
Should Be Equal As Strings '${out1[0]}' 'PASS'
|
Should Be Equal As Strings '${out1[0]}' 'PASS'
|
||||||
Should Be Equal As Strings '${out2[0]}' 'PASS'
|
Should Be Equal As Strings '${out2[0]}' 'PASS'
|
||||||
|
|
||||||
|
Run Curl And Return Json
|
||||||
|
[Arguments] ${curl_cmd}
|
||||||
|
${json_data_file}= Set Variable ${CURDIR}${/}cur_user_info.json
|
||||||
|
${rc} ${output}= Run And Return Rc And Output ${curl_cmd}
|
||||||
|
Should Be Equal As Integers 0 ${rc}
|
||||||
|
Create File ${json_data_file} ${output}
|
||||||
|
${json}= Load Json From File ${json_data_file}
|
||||||
|
[Return] ${json}
|
@ -76,15 +76,8 @@ Test Case - Create An New Project
|
|||||||
|
|
||||||
Test Case - Delete A Project
|
Test Case - Delete A Project
|
||||||
Init Chrome Driver
|
Init Chrome Driver
|
||||||
${d}= Get Current Date result_format=%m%s
|
|
||||||
Sign In Harbor ${HARBOR_URL} ${HARBOR_ADMIN} ${HARBOR_PASSWORD}
|
Sign In Harbor ${HARBOR_URL} ${HARBOR_ADMIN} ${HARBOR_PASSWORD}
|
||||||
Create An New Project project${d}
|
Delete A Project Without Sign In Harbor
|
||||||
Push Image ${ip} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} project${d} hello-world
|
|
||||||
Project Should Not Be Deleted project${d}
|
|
||||||
Go Into Project project${d}
|
|
||||||
Delete Repo project${d}
|
|
||||||
Navigate To Projects
|
|
||||||
Project Should Be Deleted project${d}
|
|
||||||
Close Browser
|
Close Browser
|
||||||
|
|
||||||
Test Case - Read Only Mode
|
Test Case - Read Only Mode
|
||||||
|
@ -39,7 +39,7 @@ Test Case - Ldap Sign in and out
|
|||||||
Sign In Harbor ${HARBOR_URL} mike zhu88jie
|
Sign In Harbor ${HARBOR_URL} mike zhu88jie
|
||||||
Close Browser
|
Close Browser
|
||||||
|
|
||||||
Test Case - System Admin On-board New Member
|
Test Case - System Admin On-board New Member
|
||||||
Init Chrome Driver
|
Init Chrome Driver
|
||||||
${d}= Get Current Date result_format=%m%s
|
${d}= Get Current Date result_format=%m%s
|
||||||
Sign In Harbor ${HARBOR_URL} ${HARBOR_ADMIN} ${HARBOR_PASSWORD}
|
Sign In Harbor ${HARBOR_URL} ${HARBOR_ADMIN} ${HARBOR_PASSWORD}
|
||||||
@ -53,7 +53,7 @@ Test Case - System Admin On-board New Member
|
|||||||
Page Should Contain mike02
|
Page Should Contain mike02
|
||||||
Close Browser
|
Close Browser
|
||||||
|
|
||||||
Test Case - LDAP User On-borad New Member
|
Test Case - LDAP User On-borad New Member
|
||||||
Init Chrome Driver
|
Init Chrome Driver
|
||||||
${d}= Get Current Date result_format=%m%s
|
${d}= Get Current Date result_format=%m%s
|
||||||
Sign In Harbor ${HARBOR_URL} mike03 zhu88jie
|
Sign In Harbor ${HARBOR_URL} mike03 zhu88jie
|
||||||
@ -70,7 +70,7 @@ Test Case - Home Page Differences With DB Mode
|
|||||||
Sign In Harbor ${HARBOR_URL} ${HARBOR_ADMIN} ${HARBOR_PASSWORD}
|
Sign In Harbor ${HARBOR_URL} ${HARBOR_ADMIN} ${HARBOR_PASSWORD}
|
||||||
Logout Harbor
|
Logout Harbor
|
||||||
Sleep 2
|
Sleep 2
|
||||||
Page Should Not Contain Sign up
|
Page Should Not Contain Sign up
|
||||||
Page Should Not Contain Forgot password
|
Page Should Not Contain Forgot password
|
||||||
Close Browser
|
Close Browser
|
||||||
|
|
||||||
@ -101,7 +101,7 @@ Test Case - Ldap User Push An Image
|
|||||||
${d}= Get Current Date result_format=%m%s
|
${d}= Get Current Date result_format=%m%s
|
||||||
Sign In Harbor ${HARBOR_URL} mike zhu88jie
|
Sign In Harbor ${HARBOR_URL} mike zhu88jie
|
||||||
Create An New Project project${d}
|
Create An New Project project${d}
|
||||||
|
|
||||||
Push Image ${ip} mike zhu88jie project${d} hello-world:latest
|
Push Image ${ip} mike zhu88jie project${d} hello-world:latest
|
||||||
Go Into Project project${d}
|
Go Into Project project${d}
|
||||||
Wait Until Page Contains project${d}/hello-world
|
Wait Until Page Contains project${d}/hello-world
|
||||||
|
65
tests/robot-cases/Group1-Nightly/OIDC.robot
Normal file
65
tests/robot-cases/Group1-Nightly/OIDC.robot
Normal file
@ -0,0 +1,65 @@
|
|||||||
|
// Copyright Project Harbor Authors
|
||||||
|
//
|
||||||
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
// you may not use this file except in compliance with the License.
|
||||||
|
// You may obtain a copy of the License at
|
||||||
|
//
|
||||||
|
// http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
//
|
||||||
|
// Unless required by applicable law or agreed to in writing, software
|
||||||
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
// See the License for the specific language governing permissions and
|
||||||
|
// limitations under the License.
|
||||||
|
|
||||||
|
*** Settings ***
|
||||||
|
Documentation Harbor BATs
|
||||||
|
Resource ../../resources/Util.robot
|
||||||
|
Default Tags Nightly
|
||||||
|
|
||||||
|
*** Variables ***
|
||||||
|
${HARBOR_URL} https://${OIDC_HOSTNAME}
|
||||||
|
${HARBOR_ADMIN} admin
|
||||||
|
|
||||||
|
*** Test Cases ***
|
||||||
|
Test Case - Get Harbor Version
|
||||||
|
#Just get harbor version and log it
|
||||||
|
Get Harbor Version
|
||||||
|
|
||||||
|
Test Case - OIDC User Sign In
|
||||||
|
Sign In Harbor With OIDC User ${HARBOR_URL}
|
||||||
|
Sleep 2
|
||||||
|
Sign In Harbor With OIDC User ${HARBOR_URL} test2
|
||||||
|
Sleep 2
|
||||||
|
Sign In Harbor With OIDC User ${HARBOR_URL} test3
|
||||||
|
Sleep 2
|
||||||
|
Sign In Harbor With OIDC User ${HARBOR_URL} test4
|
||||||
|
Sleep 2
|
||||||
|
Sign In Harbor With OIDC User ${HARBOR_URL} test5
|
||||||
|
Sleep 2
|
||||||
|
Sign In Harbor With OIDC User ${HARBOR_URL} test6
|
||||||
|
Sleep 2
|
||||||
|
Sign In Harbor With OIDC User ${HARBOR_URL} test7
|
||||||
|
Sleep 2
|
||||||
|
Sign In Harbor With OIDC User ${HARBOR_URL} test8
|
||||||
|
Sleep 2
|
||||||
|
Sign In Harbor With OIDC User ${HARBOR_URL} test9
|
||||||
|
Sleep 2
|
||||||
|
Close Browser
|
||||||
|
|
||||||
|
Test Case - Create An New Project
|
||||||
|
Sign In Harbor With OIDC User ${HARBOR_URL}
|
||||||
|
${d}= Get Current Date result_format=%M%S
|
||||||
|
Create An New Project test${d}
|
||||||
|
Close Browser
|
||||||
|
|
||||||
|
Test Case - Delete A Project
|
||||||
|
Init Chrome Driver
|
||||||
|
Sign In Harbor With OIDC User ${HARBOR_URL}
|
||||||
|
${json}= Run Curl And Return Json curl -s -k -X GET --header 'Accept: application/json' -u '${HARBOR_ADMIN}:${HARBOR_PASSWORD}' 'https://${ip}/api/users/search?username=${OIDC_USERNAME}'
|
||||||
|
${user_info}= Set Variable ${json[0]}
|
||||||
|
${user_id}= Set Variable ${user_info["user_id"]}
|
||||||
|
${json}= Run Curl And Return Json curl -s -k -X GET --header 'Accept: application/json' -u '${HARBOR_ADMIN}:${HARBOR_PASSWORD}' 'https://${ip}/api/users/${user_id}'
|
||||||
|
${secret}= Set Variable ${json["oidc_user_meta"]["secret"]}
|
||||||
|
Delete A Project Without Sign In Harbor harbor_ip=${OIDC_HOSTNAME} username=${OIDC_USERNAME} password=${secret}
|
||||||
|
Close Browser
|
@ -10,8 +10,8 @@ ${HARBOR_ADMIN} admin
|
|||||||
*** Test Cases ***
|
*** Test Cases ***
|
||||||
Test Case - Upgrade Verify
|
Test Case - Upgrade Verify
|
||||||
${data}= Load Json From File ${CURDIR}${/}data.json
|
${data}= Load Json From File ${CURDIR}${/}data.json
|
||||||
Run Keyword Verify User ${data}
|
Run Keyword Verify User ${data}
|
||||||
Run Keyword Verify Project ${data}
|
Run Keyword Verify Project ${data}
|
||||||
Run Keyword Verify Member Exist ${data}
|
Run Keyword Verify Member Exist ${data}
|
||||||
Run Keyword Verify User System Admin Role ${data}
|
Run Keyword Verify User System Admin Role ${data}
|
||||||
Run Keyword Verify Endpoint ${data}
|
Run Keyword Verify Endpoint ${data}
|
||||||
|
Loading…
Reference in New Issue
Block a user