Upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor.git synced 2025-01-03 14:37:44 +01:00
Code Issues Projects Releases Wiki Activity

add test case project level policy content trust. (#6309)

Browse Source 
Add test case project level policy content trust.
Signed-off-by: danfengliu <danfengl@vmware.com>
This commit is contained in:
danfengliu 2018-11-21 12:19:28 +08:00 committed by GitHub
parent 88cab5bc35
commit ad77098acf
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 130 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
tests/apitests/python/library/docker_api.py
View File

@ -19,16 +19,20 @@ class DockerAPI(object):
except docker.errors.APIError, e:
raise Exception(r" Docker login failed, error is [{}]".format (e.message))
def docker_image_pull(self, image, tag = None):
_tag = "latest"
def docker_image_pull(self, image, tag = None, expected_error_message = None):
if tag is not None:
_tag = tag
else:
_tag = "latest"
try:
tag = base._random_name("tag")
pull_ret = base._get_string_from_unicode(self.DCLIENT.pull('{}:{}'.format(image, _tag)))
print "pull_ret:", pull_ret
except docker.errors.APIError, e:
raise Exception(r" Docker pull image {} failed, error is [{}]".format (image, e.message))
base._get_string_from_unicode(self.DCLIENT.pull(r'{}:{}'.format(image, _tag)))
except Exception, err:
if expected_error_message is not None:
print "docker image pull error:", str(err)
if str(err).lower().find(expected_error_message.lower()) < 0:
raise Exception(r"Pull image: Return message {} is not as expected {}".format(return_message, expected_error_message))
else:
raise Exception(r" Docker pull image {} failed, error is [{}]".format (image, e.message))
def docker_image_tag(self, image, harbor_registry, tag = None):
_tag = base._random_name("tag")

27
tests/apitests/python/library/repository.py
View File

@ -5,12 +5,24 @@ import base
import swagger_client
from docker_api import DockerAPI
def pull_harbor_image(registry, username, password, image, tag, expected_error_message = None):
_docker_api = DockerAPI()
_docker_api.docker_login(registry, username, password)
time.sleep(2)
_docker_api.docker_image_pull(r'{}/{}'.format(registry, image), tag = tag, expected_error_message = expected_error_message)
def pull_harbor_image_successfully(registry, username, password, image, tag):
pull_harbor_image(registry, username, password, image, tag)
def pull_harbor_image_unsuccessfully(registry, username, password, image, tag, expected_error_message):
pull_harbor_image(registry, username, password, image, tag, expected_error_message = expected_error_message)
def push_image_to_project(project_name, registry, username, password, image, tag):
_docker_api = DockerAPI()
_docker_api.docker_login(registry, username, password)
time.sleep(2)
_docker_api.docker_image_pull(image, tag)
_docker_api.docker_image_pull(image, tag = tag)
time.sleep(2)
new_harbor_registry, new_tag = _docker_api.docker_image_tag(image, r'{}/{}/{}'.format(registry, project_name, image))
@ -20,6 +32,13 @@ def push_image_to_project(project_name, registry, username, password, image, tag
return r'{}/{}'.format(project_name, image), new_tag
def is_repo_exist_in_project(repositories, repo_name):
result = False
for reop in repositories:
if reop.name == repo_name:
return True
return result
class Repository(base.Base):
def list_tags(self, repository, **kwargs):
@ -108,3 +127,9 @@ class Repository(base.Base):
self.scan_image(repo_name, tag, **kwargs)
self.check_image_scan_result(repo_name, tag, **kwargs)
def repository_should_exist(self, project_id, repo_name, **kwargs):
repositories = self.get_repository(project_id, **kwargs)
if is_repo_exist_in_project(repositories, repo_name) == False:
raise Exception("Repository {} is not exist.".format(repo_name))

90
tests/apitests/python/test_project_level_policy_content_trust.py Normal file
View File

@ -0,0 +1,90 @@
from __future__ import absolute_import
import unittest
from testutils import ADMIN_CLIENT
from testutils import harbor_server
from testutils import TEARDOWN
from library.project import Project
from library.user import User
from library.repository import Repository
from library.repository import push_image_to_project
from library.repository import pull_harbor_image_successfully
from library.repository import pull_harbor_image_unsuccessfully
class TestProjects(unittest.TestCase):
@classmethod
def setUp(self):
project = Project()
self.project= project
user = User()
self.user= user
repo = Repository()
self.repo= repo
@classmethod
def tearDown(self):
print "Case completed"
@unittest.skipIf(TEARDOWN == False, "Test data should be remain in the harbor.")
def test_ClearData(self):
#1. Delete repository(RA) by user(UA);
self.repo.delete_repoitory(TestProjects.repo_name, **TestProjects.USER_CONTENT_TRUST_CLIENT)
#2. Delete project(PA);
self.project.delete_project(TestProjects.project_content_trust_id, **TestProjects.USER_CONTENT_TRUST_CLIENT)
#3. Delete user(UA);
self.user.delete_user(TestProjects.user_content_trust_id, **ADMIN_CLIENT)
def testProjectLevelPolicyContentTrust(self):
"""
Test case:
Project Level Policy Content Trust
Test step & Expectation:
1. Create a new user(UA);
2. Create a new project(PA) by user(UA);
3. Push a new image(IA) in project(PA) by admin;
4. Image(IA) should exist;
5. Pull image(IA) successfully;
6. Enable content trust in project(PA) configuration;
7. Pull image(IA) failed and the reason is "The image is not signed in Notary".
Tear down:
1. Delete repository(RA) by user(UA);
2. Delete project(PA);
3. Delete user(UA);
"""
url = ADMIN_CLIENT["endpoint"]
admin_name = ADMIN_CLIENT["username"]
admin_password = ADMIN_CLIENT["password"]
user_content_trust_password = "Aa123456"
#1. Create a new user(UA);
TestProjects.user_content_trust_id, user_content_trust_name = self.user.create_user_success(user_password = user_content_trust_password, **ADMIN_CLIENT)
TestProjects.USER_CONTENT_TRUST_CLIENT=dict(endpoint = url, username = user_content_trust_name, password = user_content_trust_password)
#2. Create a new project(PA) by user(UA);
TestProjects.project_content_trust_id, project_content_trust_name = self.project.create_project(metadata = {"public": "false"}, **TestProjects.USER_CONTENT_TRUST_CLIENT)
#3. Push a new image(IA) in project(PA) by admin;
TestProjects.repo_name, tag = push_image_to_project(project_content_trust_name, harbor_server, admin_name, admin_password, "hello-world", "latest")
#4. Image(IA) should exist;
self.repo.image_should_exist(TestProjects.repo_name, tag, **TestProjects.USER_CONTENT_TRUST_CLIENT)
#5. Pull image(IA) successfully;
pull_harbor_image_successfully(harbor_server, admin_name, admin_password, TestProjects.repo_name, tag)
#6. Enable content trust in project(PA) configuration;
self.project.update_project(TestProjects.project_content_trust_id, metadata = {"enable_content_trust": "true"}, **TestProjects.USER_CONTENT_TRUST_CLIENT)
#7. Pull image(IA) failed and the reason is "The image is not signed in Notary".
pull_harbor_image_unsuccessfully(harbor_server, admin_name, admin_password, TestProjects.repo_name, tag, "The image is not signed in Notary")
if __name__ == '__main__':
unittest.main()

4
tests/robot-cases/Group0-BAT/API_DB.robot
View File

@ -30,4 +30,6 @@ Test Case - Edit Project Creation
Test Case - Scan Image
Harbor API Test ./tests/apitests/python/test_scan_image.py
Test Case - Manage Project Member
Harbor API Test ./tests/apitests/python/test_manage_project_member.py
Harbor API Test ./tests/apitests/python/test_manage_project_member.py
Test Case - Project Level Policy Content Trust
Harbor API Test ./tests/apitests/python/test_project_level_policy_content_trust.py