From c09e53902788896c6f6e5ca224ace1882821424d Mon Sep 17 00:00:00 2001 From: Yang Jiao <72076317+YangJiao0817@users.noreply.github.com> Date: Fri, 28 Apr 2023 16:09:40 +0800 Subject: [PATCH] Remove notary test cases (#18620) Fix #17955 Signed-off-by: Yang Jiao --- tests/apitests/python/library/sign.py | 15 -- tests/apitests/python/sign_image.sh | 25 --- ...test_project_level_policy_content_trust.py | 8 +- .../python/test_push_files_by_oras.py | 6 +- .../test_push_image_with_special_name.py | 1 - .../python/test_scan_image_artifact.py | 4 +- tests/apitests/python/test_sign_image.py | 87 --------- tests/apitests/python/testutils.py | 1 - tests/notarytest.sh | 19 -- .../Harbor-Pages/Project-Config.robot | 7 - tests/resources/Harbor-Pages/Project.robot | 6 +- tests/resources/Harbor-Pages/Verify.robot | 9 - tests/resources/Harbor-Util.robot | 42 ++--- tests/resources/Nightly-Util.robot | 4 - tests/resources/TestCaseBody.robot | 27 --- tests/robot-cases/Group0-BAT/API_DB.robot | 4 - tests/robot-cases/Group0-BAT/BAT.robot | 18 +- .../Group0-Util/notary-push-image.sh | 26 --- tests/robot-cases/Group0-Util/notary-util.sh | 33 ---- tests/robot-cases/Group1-Nightly/Notary.robot | 71 ------- .../Group1-Nightly/Replication.robot | 175 ------------------ .../robot-cases/Group1-Nightly/Upgrade.robot | 4 - tests/robot-cases/Group3-Upgrade/prepare.py | 13 -- .../robot-cases/Group3-Upgrade/sign_image.sh | 35 ---- tests/robot-cases/Group3-Upgrade/verify.robot | 2 - 25 files changed, 23 insertions(+), 619 deletions(-) delete mode 100644 tests/apitests/python/library/sign.py delete mode 100755 tests/apitests/python/sign_image.sh delete mode 100644 tests/apitests/python/test_sign_image.py delete mode 100755 tests/notarytest.sh delete mode 100755 tests/robot-cases/Group0-Util/notary-push-image.sh delete mode 100755 tests/robot-cases/Group0-Util/notary-util.sh delete mode 100644 tests/robot-cases/Group1-Nightly/Notary.robot delete mode 100755 tests/robot-cases/Group3-Upgrade/sign_image.sh diff --git a/tests/apitests/python/library/sign.py b/tests/apitests/python/library/sign.py deleted file mode 100644 index 788481073..000000000 --- a/tests/apitests/python/library/sign.py +++ /dev/null @@ -1,15 +0,0 @@ -# -*- coding: utf-8 -*- -import subprocess -from testutils import notary_url, BASE_IMAGE_ABS_PATH_NAME -from docker_api import docker_load_image, docker_image_clean_all - -def sign_image(registry_ip, project_name, image, tag): - docker_load_image(BASE_IMAGE_ABS_PATH_NAME) - try: - ret = subprocess.check_output(["./tests/apitests/python/sign_image.sh", registry_ip, project_name, image, tag, notary_url], shell=False) - print("sign_image return: ", ret) - except subprocess.CalledProcessError as e: - raise Exception("Failed to sign image error is {} {}.".format(e.returncode, e.output)) - finally: - docker_image_clean_all() - diff --git a/tests/apitests/python/sign_image.sh b/tests/apitests/python/sign_image.sh deleted file mode 100755 index 6877e3f56..000000000 --- a/tests/apitests/python/sign_image.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/sh -IP=$1 -NOTARY_URL=$5 -PASSHRASE='Harbor12345' -IMAGE=$IP/$2/$3:$4 - -echo $IP - -export DOCKER_CONTENT_TRUST=1 -export DOCKER_CONTENT_TRUST_SERVER=$NOTARY_URL - -export NOTARY_ROOT_PASSPHRASE=$PASSHRASE -export NOTARY_TARGETS_PASSPHRASE=$PASSHRASE -export NOTARY_SNAPSHOT_PASSPHRASE=$PASSHRASE -export DOCKER_CONTENT_TRUST_ROOT_PASSPHRASE=$PASSHRASE -export DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE=$PASSHRASE -export DOCKER_CONTENT_TRUST_OFFLINE_PASSPHRASE=$PASSHRASE -export DOCKER_CONTENT_TRUST_TAGGING_PASSPHRASE=$PASSHRASE - -docker login -u admin -p Harbor12345 $IP - -docker tag $3:$4 $IMAGE -docker push $IMAGE -docker rmi -f $IMAGE - diff --git a/tests/apitests/python/test_project_level_policy_content_trust.py b/tests/apitests/python/test_project_level_policy_content_trust.py index 88eea0fbe..2ebe8a2bb 100644 --- a/tests/apitests/python/test_project_level_policy_content_trust.py +++ b/tests/apitests/python/test_project_level_policy_content_trust.py @@ -45,7 +45,7 @@ class TestProjects(unittest.TestCase): 4. Image(IA) should exist; 5. Pull image(IA) successfully; 6. Enable content trust in project(PA) configuration; - 7. Pull image(IA) failed and the reason is "The image is not signed in Notary". + 7. Pull image(IA) failed and the reason is "The image is not signed in Cosign". Tear down: 1. Delete repository(RA) by user(UA); 2. Delete project(PA); @@ -76,15 +76,15 @@ class TestProjects(unittest.TestCase): self.project.get_project(TestProjects.project_content_trust_id) #6. Enable content trust in project(PA) configuration; - self.project.update_project(TestProjects.project_content_trust_id, metadata = {"enable_content_trust": "true"}, **TestProjects.USER_CONTENT_TRUST_CLIENT) + self.project.update_project(TestProjects.project_content_trust_id, metadata = {"enable_content_trust_cosign": "true"}, **TestProjects.USER_CONTENT_TRUST_CLIENT) self.project.get_project(TestProjects.project_content_trust_id) - #7. Pull image(IA) failed and the reason is "The image is not signed in Notary". + #7. Pull image(IA) failed and the reason is "The image is not signed in Cosign". docker_image_clean_all() restart_process("containerd") restart_process("dockerd") time.sleep(30) - pull_harbor_image(harbor_server, ADMIN_CLIENT["username"], ADMIN_CLIENT["password"], TestProjects.repo_name, tag, expected_error_message = "The image is not signed in Notary") + pull_harbor_image(harbor_server, ADMIN_CLIENT["username"], ADMIN_CLIENT["password"], TestProjects.repo_name, tag, expected_error_message = "The image is not signed in Cosign") if __name__ == '__main__': unittest.main() diff --git a/tests/apitests/python/test_push_files_by_oras.py b/tests/apitests/python/test_push_files_by_oras.py index c8d3d04ad..5e9ad2f04 100644 --- a/tests/apitests/python/test_push_files_by_oras.py +++ b/tests/apitests/python/test_push_files_by_oras.py @@ -1,12 +1,10 @@ from __future__ import absolute_import import unittest -import urllib from testutils import ADMIN_CLIENT, suppress_urllib3_warning from testutils import harbor_server from testutils import TEARDOWN import library.oras -from library.sign import sign_image from library.user import User from library.project import Project from library.repository import Repository @@ -26,7 +24,7 @@ class TestProjects(unittest.TestCase): @unittest.skipIf(TEARDOWN == False, "Test data won't be erased.") def tearDown(self): #1. Delete user(UA); - self.user.delete_user(TestProjects.user_sign_image_id, **ADMIN_CLIENT) + self.user.delete_user(TestProjects.user_id, **ADMIN_CLIENT) def testOrasCli(self): """ @@ -47,7 +45,7 @@ class TestProjects(unittest.TestCase): user_001_password = "Aa123456" #1. Create user-001 - TestProjects.user_sign_image_id, user_name = self.user.create_user(user_password = user_001_password, **ADMIN_CLIENT) + TestProjects.user_id, user_name = self.user.create_user(user_password = user_001_password, **ADMIN_CLIENT) TestProjects.USER_CLIENT=dict(with_signature = True, endpoint = url, username = user_name, password = user_001_password) diff --git a/tests/apitests/python/test_push_image_with_special_name.py b/tests/apitests/python/test_push_image_with_special_name.py index 69dd627ef..b2e082516 100644 --- a/tests/apitests/python/test_push_image_with_special_name.py +++ b/tests/apitests/python/test_push_image_with_special_name.py @@ -5,7 +5,6 @@ import urllib from testutils import ADMIN_CLIENT, suppress_urllib3_warning from testutils import harbor_server from testutils import TEARDOWN -from library.sign import sign_image from library.artifact import Artifact from library.project import Project from library.user import User diff --git a/tests/apitests/python/test_scan_image_artifact.py b/tests/apitests/python/test_scan_image_artifact.py index 0ba1ca683..1095a8313 100644 --- a/tests/apitests/python/test_scan_image_artifact.py +++ b/tests/apitests/python/test_scan_image_artifact.py @@ -11,7 +11,6 @@ from library.repository import Repository from library.repository import push_self_build_image_to_project from library.artifact import Artifact from library.scan import Scan -from library.sign import sign_image class TestScan(unittest.TestCase): @suppress_urllib3_warning @@ -105,8 +104,7 @@ class TestScan(unittest.TestCase): image = BASE_IMAGE['name'] tag = BASE_IMAGE['tag'] #5. Create a new repository(RA) and tag(TA) in project(PA) by user(UA); - # Push base image in function sign_image. - sign_image(harbor_server, self.project_name, image, tag) + push_self_build_image_to_project(self.project_name, harbor_server, self.user_name, self.user_password, image, tag) #6. Send scan image command and get tag(TA) information to check scan result, it should be finished; self.scan.scan_artifact(self.project_name, image, tag, **self.USER_CLIENT) diff --git a/tests/apitests/python/test_sign_image.py b/tests/apitests/python/test_sign_image.py deleted file mode 100644 index 0825a7a35..000000000 --- a/tests/apitests/python/test_sign_image.py +++ /dev/null @@ -1,87 +0,0 @@ -from __future__ import absolute_import -import unittest - -from testutils import ADMIN_CLIENT, suppress_urllib3_warning -from testutils import harbor_server -from testutils import TEARDOWN -from library.sign import sign_image -from library.artifact import Artifact -from library.project import Project -from library.user import User -from library.repository import Repository -from library.repository import push_special_image_to_project - -class TestProjects(unittest.TestCase): - @suppress_urllib3_warning - def setUp(self): - self.project = Project() - self.user = User() - self.artifact = Artifact() - self.repo = Repository() - self.repo_name_1 = "test1_sign" - - @unittest.skipIf(TEARDOWN == False, "Test data won't be erased.") - def tearDown(self): - # remove the deletion as the signed image cannot be deleted. - #1. Delete repository(RA) by user(UA); - #self.repo.delete_repository(TestProjects.project_sign_image_name, TestProjects.repo_name.split('/')[1], **TestProjects.USER_sign_image_CLIENT) - - #2. Delete project(PA); - #self.project.delete_project(TestProjects.project_sign_image_id, **TestProjects.USER_sign_image_CLIENT) - - #3. Delete user(UA); - self.user.delete_user(TestProjects.user_sign_image_id, **ADMIN_CLIENT) - - def testSignImage(self): - """ - Test case: - Sign A Image - Test step and expected result: - 1. Create a new user(UA); - 2. Create a new private project(PA) by user(UA); - 3. Add user(UA) as a member of project(PA) with project-admin role; - 4. Get private project of user(UA), user(UA) can see only one private project which is project(PA); - 5. Create a new repository(RA) and tag(TA) in project(PA) by user(UA); - 6. Sign image with tag(TA) which was tagged by step #5; - 7. Get signature of image with tag(TA), it should be exist. - Tear down: - NA - """ - url = ADMIN_CLIENT["endpoint"] - user_001_password = "Aa123456" - - #1. Create user-001 - TestProjects.user_sign_image_id, user_sign_image_name = self.user.create_user(user_password = user_001_password, **ADMIN_CLIENT) - - TestProjects.USER_sign_image_CLIENT=dict(with_signature = True, endpoint = url, username = user_sign_image_name, password = user_001_password) - - #2. Create a new private project(PA) by user(UA); - TestProjects.project_sign_image_id, TestProjects.project_sign_image_name = self.project.create_project(metadata = {"public": "false"}, **ADMIN_CLIENT) - - #3. Add user(UA) as a member of project(PA) with project-admin role; - self.project.add_project_members(TestProjects.project_sign_image_id, user_id=TestProjects.user_sign_image_id, **ADMIN_CLIENT) - - #4. Get private project of user(UA), user(UA) can see only one private project which is project(PA); - self.project.projects_should_exist(dict(public=False), expected_count = 1, - expected_project_id = TestProjects.project_sign_image_id, **TestProjects.USER_sign_image_CLIENT) - - #Note:busybox is pulled in setup phase, and setup is a essential phase. - image = "busybox" - tag = "latest" - #5. Create a new repository(RA) and tag(TA) in project(PA) by user(UA); - #TestProjects.repo_name, tag = push_self_build_image_to_project(TestProjects.project_sign_image_name, harbor_server, user_sign_image_name, user_001_password, image, src_tag) - - #6. Sign image with tag(TA) which was tagged by step #5; - sign_image(harbor_server, TestProjects.project_sign_image_name, image, tag) - - #7. Get signature of image with tag(TA), it should be exist. - artifact = self.artifact.get_reference_info(TestProjects.project_sign_image_name, image, tag, **TestProjects.USER_sign_image_CLIENT) - self.assertEqual(artifact.tags[0].signed, True) - - push_special_image_to_project(TestProjects.project_sign_image_name, harbor_server, user_sign_image_name, user_001_password, self.repo_name_1, ['1.0']) - self.repo.delete_repository(TestProjects.project_sign_image_name, self.repo_name_1, **TestProjects.USER_sign_image_CLIENT) - - self.repo.delete_repository(TestProjects.project_sign_image_name, image, expect_status_code=412, expect_response_body = "with signature cannot be deleted", **TestProjects.USER_sign_image_CLIENT) - -if __name__ == '__main__': - unittest.main() diff --git a/tests/apitests/python/testutils.py b/tests/apitests/python/testutils.py index 9d80b1580..8ec925b42 100644 --- a/tests/apitests/python/testutils.py +++ b/tests/apitests/python/testutils.py @@ -27,7 +27,6 @@ ADMIN_CLIENT=dict(endpoint = os.environ.get("HARBOR_HOST_SCHEMA", "https")+ ":// CHART_API_CLIENT=dict(endpoint = os.environ.get("HARBOR_HOST_SCHEMA", "https")+ "://"+harbor_server+"/api", username = admin_user, password = admin_pwd) USER_ROLE=dict(admin=0,normal=1) TEARDOWN = os.environ.get('TEARDOWN', 'true').lower() in ('true', 'yes') -notary_url = os.environ.get('NOTARY_URL', 'https://'+harbor_server+':4443') DOCKER_USER = os.environ.get('DOCKER_USER', '') DOCKER_PWD = os.environ.get('DOCKER_PWD', '') METRIC_URL = os.environ.get('METRIC_URL', 'http://'+harbor_server+':9090') diff --git a/tests/notarytest.sh b/tests/notarytest.sh deleted file mode 100755 index 4cdd515cb..000000000 --- a/tests/notarytest.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/sh - -set -e - -TIMEOUT=10 -while [ $TIMEOUT -gt 0 ]; do - STATUS=$(curl -s -o /dev/null -w '%{http_code}' https://127.0.0.1:4443/v2/ -kv) - if [ $STATUS -eq 401 ]; then - echo "Notary is running success." - break - fi - TIMEOUT=$(($TIMEOUT - 1)) - sleep 5 -done - -if [ $TIMEOUT -eq 0 ]; then - echo "Notary is running fail." - exit 1 -fi diff --git a/tests/resources/Harbor-Pages/Project-Config.robot b/tests/resources/Harbor-Pages/Project-Config.robot index bf892006b..bacbd7116 100644 --- a/tests/resources/Harbor-Pages/Project-Config.robot +++ b/tests/resources/Harbor-Pages/Project-Config.robot @@ -17,10 +17,6 @@ Click Project Public Mouse Down //hbr-project-policy-config//input[@name='public'] Mouse Up //hbr-project-policy-config//input[@name='public'] -Click Notary Deployment Security - Mouse Down //input[@id='content-trust'] - Mouse Up //input[@id='content-trust'] - Click Cosign Deployment Security Mouse Down //input[@id='content-trust-cosign'] Mouse Up //input[@id='content-trust-cosign'] @@ -50,9 +46,6 @@ Project Should Be Public [Arguments] ${projectName} Retry Wait Until Page Contains Element //clr-dg-row[contains(.,'${projectName}')]//clr-dg-cell[contains(.,'Public')] -Content Notary Deployment security Be Selected - Checkbox Should Be Selected //input[@id='content-trust'] - Content Cosign Deployment security Be Selected Checkbox Should Be Selected //input[@id='content-trust-cosign'] diff --git a/tests/resources/Harbor-Pages/Project.robot b/tests/resources/Harbor-Pages/Project.robot index fd62084b4..ca72c6b60 100644 --- a/tests/resources/Harbor-Pages/Project.robot +++ b/tests/resources/Harbor-Pages/Project.robot @@ -382,10 +382,6 @@ Should Be Signed By Cosign [Arguments] ${tag} Retry Wait Element Visible //clr-dg-row[contains(.,'${tag}')]//clr-icon[contains(@class,'signed')] -Should Be Signed By Notary - [Arguments] ${tag} - Retry Wait Element Visible //clr-dg-row[contains(.,'${tag}')]//clr-icon[contains(@class,'color-green')] - Delete Accessory [Arguments] ${tag} Retry Button Click //clr-dg-row[contains(.,'${tag}')]//button[contains(@class,'datagrid-expandable-caret-button')] @@ -420,4 +416,4 @@ Download Latest CVE CSV File ${csv_file_path}= Set Variable ${download_directory}/${csv_file_name}.csv Retry Double Keywords When Error Retry Element Click ${latest_download_cve_csv_file_xpath} Retry Wait Until Page Does Not Contains ${csv_file_name} Retry File Should Exist ${csv_file_path} - [Return] ${csv_file_path} \ No newline at end of file + [Return] ${csv_file_path} diff --git a/tests/resources/Harbor-Pages/Verify.robot b/tests/resources/Harbor-Pages/Verify.robot index ff61742e9..e9a48bafd 100644 --- a/tests/resources/Harbor-Pages/Verify.robot +++ b/tests/resources/Harbor-Pages/Verify.robot @@ -557,12 +557,3 @@ Verify Quotas Display Should Match Regexp ${storage_quota_ret} ${str_expected} END Close Browser - - -Verify Re-sign Image - [Arguments] ${json} - Log To Console "Verify Quotas Display..." - @{project}= Get Value From Json ${json} $.notary_projects.[*].name - FOR ${project} IN @{project} - Body Of Admin Push Signed Image ${project} alpine new_tag ${HARBOR_ADMIN} ${HARBOR_PASSWORD} clear_trust_dir=${false} - END \ No newline at end of file diff --git a/tests/resources/Harbor-Util.robot b/tests/resources/Harbor-Util.robot index c0fd33707..4d466255a 100644 --- a/tests/resources/Harbor-Util.robot +++ b/tests/resources/Harbor-Util.robot @@ -38,35 +38,35 @@ Install Harbor to Test Server Generate Certificate Authority For Chrome Up Harbor - [Arguments] ${with_notary}=true - ${rc} ${output}= Run And Return Rc And Output make start -e NOTARYFLAG=${with_notary} + [Arguments] + ${rc} ${output}= Run And Return Rc And Output make start Log ${rc} Log ${output} Should Be Equal As Integers ${rc} 0 Down Harbor - [Arguments] ${with_notary}=true - ${rc} ${output}= Run And Return Rc And Output echo "Y" | make down -e NOTARYFLAG=${with_notary} + [Arguments] + ${rc} ${output}= Run And Return Rc And Output echo "Y" | make down Log ${rc} Log ${output} Should Be Equal As Integers ${rc} 0 Package Harbor Offline - [Arguments] ${with_notary}=true ${with_trivy}=true + [Arguments] ${with_trivy}=true Log To Console \nStart Docker Daemon Start Docker Daemon Locally - Log To Console make package_offline GOBUILDTAGS="include_oss include_gcs" BASEIMAGETAG=%{Harbor_Build_Base_Tag} NPM_REGISTRY=%{NPM_REGISTRY} VERSIONTAG=%{Harbor_Assets_Version} PKGVERSIONTAG=%{Harbor_Package_Version} NOTARYFLAG=${with_notary} TRIVYFLAG=${with_trivy} HTTPPROXY= - ${rc} ${output}= Run And Return Rc And Output make package_offline GOBUILDTAGS="include_oss include_gcs" BASEIMAGETAG=%{Harbor_Build_Base_Tag} NPM_REGISTRY=%{NPM_REGISTRY} VERSIONTAG=%{Harbor_Assets_Version} PKGVERSIONTAG=%{Harbor_Package_Version} NOTARYFLAG=${with_notary} TRIVYFLAG=${with_trivy} HTTPPROXY= + Log To Console make package_offline GOBUILDTAGS="include_oss include_gcs" BASEIMAGETAG=%{Harbor_Build_Base_Tag} NPM_REGISTRY=%{NPM_REGISTRY} VERSIONTAG=%{Harbor_Assets_Version} PKGVERSIONTAG=%{Harbor_Package_Version} TRIVYFLAG=${with_trivy} HTTPPROXY= + ${rc} ${output}= Run And Return Rc And Output make package_offline GOBUILDTAGS="include_oss include_gcs" BASEIMAGETAG=%{Harbor_Build_Base_Tag} NPM_REGISTRY=%{NPM_REGISTRY} VERSIONTAG=%{Harbor_Assets_Version} PKGVERSIONTAG=%{Harbor_Package_Version} TRIVYFLAG=${with_trivy} HTTPPROXY= Log To Console ${rc} Log To Console ${output} Should Be Equal As Integers ${rc} 0 Package Harbor Online - [Arguments] ${with_notary}=true ${with_trivy}=true + [Arguments] ${with_trivy}=true Log To Console \nStart Docker Daemon Start Docker Daemon Locally - Log To Console \nmake package_online GOBUILDTAGS="include_oss include_gcs" VERSIONTAG=%{Harbor_Assets_Version} PKGVERSIONTAG=%{Harbor_Package_Version} NOTARYFLAG=${with_notary} TRIVYFLAG=${with_trivy} HTTPPROXY= - ${rc} ${output}= Run And Return Rc And Output make package_online GOBUILDTAGS="include_oss include_gcs" VERSIONTAG=%{Harbor_Assets_Version} PKGVERSIONTAG=%{Harbor_Package_Version} NOTARYFLAG=${with_notary} TRIVYFLAG=${with_trivy} HTTPPROXY= + Log To Console \nmake package_online GOBUILDTAGS="include_oss include_gcs" VERSIONTAG=%{Harbor_Assets_Version} PKGVERSIONTAG=%{Harbor_Package_Version} TRIVYFLAG=${with_trivy} HTTPPROXY= + ${rc} ${output}= Run And Return Rc And Output make package_online GOBUILDTAGS="include_oss include_gcs" VERSIONTAG=%{Harbor_Assets_Version} PKGVERSIONTAG=%{Harbor_Package_Version} TRIVYFLAG=${with_trivy} HTTPPROXY= Log ${rc} Log ${output} Should Be Equal As Integers ${rc} 0 @@ -103,23 +103,9 @@ Get Harbor CA Log All ${output} Should Be Equal As Integers ${rc} 0 -Notary Remove Signature - [Arguments] ${ip} ${project} ${image} ${tag} ${user} ${pwd} - ${rc} ${output}= Run And Return Rc And Output ./tests/robot-cases/Group0-Util/notary-util.sh remove ${ip} ${project} ${image} ${tag} ${notaryServerEndpoint} ${user} ${pwd} - Log To Console ${output} - Log ${output} - Should Be Equal As Integers ${rc} 0 - -Notary Key Rotate - [Arguments] ${ip} ${project} ${image} ${tag} ${user} ${pwd} - ${rc} ${output}= Run And Return Rc And Output ./tests/robot-cases/Group0-Util/notary-util.sh key_rotate ${ip} ${project} ${image} ${tag} ${notaryServerEndpoint} ${user} ${pwd} - Log To Console ${output} - Log ${output} - Should Be Equal As Integers ${rc} 0 - Prepare - [Arguments] ${with_notary}=true - ${rc} ${output}= Run And Return Rc And Output make prepare -e NOTARYFLAG=${with_notary} + [Arguments] + ${rc} ${output}= Run And Return Rc And Output make prepare Log ${rc} Log ${output} Should Be Equal As Integers ${rc} 0 @@ -152,8 +138,8 @@ Prepare Cert Should Be Equal As Integers ${rc} 0 Compile and Up Harbor With Source Code - [Arguments] ${with_notary}=true - ${rc} ${output}= Run And Return Rc And Output make install swagger_client NOTARYFLAG=${with_notary} HTTPPROXY= + [Arguments] + ${rc} ${output}= Run And Return Rc And Output make install swagger_client HTTPPROXY= Log ${output} Should Be Equal As Integers ${rc} 0 Sleep 20 diff --git a/tests/resources/Nightly-Util.robot b/tests/resources/Nightly-Util.robot index 47820a7c7..be670846a 100644 --- a/tests/resources/Nightly-Util.robot +++ b/tests/resources/Nightly-Util.robot @@ -54,8 +54,6 @@ Nightly Test Setup In Ubuntu For Upgrade Prepare Test Tools Log To Console Start Docker Daemon Locally ... Run Keyword Start Docker Daemon Locally - #For upgrade pipeline: get notary targets key from last execution. - ${rc} ${output}= Run And Return Rc And Output [ -f "/key_store/private_keys_backup.tar.gz" ] && tar -zxvf /key_store/private_keys_backup.tar.gz -C / CA Setup In ubuntu [Arguments] ${ip} ${HARBOR_PASSWORD} ${cert} @@ -81,8 +79,6 @@ Collect Logs SSHLibrary.Get File /var/log/harbor/adminserver.log SSHLibrary.Get File /var/log/harbor/jobservice.log SSHLibrary.Get File /var/log/harbor/postgresql.log - SSHLibrary.Get File /var/log/harbor/notary-server.log - SSHLibrary.Get File /var/log/harbor/notary-signer.log SSHLibrary.Get File /var/log/harbor/registryctl.log Run rename 's/^/${ip}/' *.log Close All Connections diff --git a/tests/resources/TestCaseBody.robot b/tests/resources/TestCaseBody.robot index ec2b4d40b..95b15de48 100644 --- a/tests/resources/TestCaseBody.robot +++ b/tests/resources/TestCaseBody.robot @@ -128,33 +128,6 @@ Body Of Scan Image On Push View Repo Scan Details @{vulnerability_levels} Close Browser -Body Of Push Signed Image - Init Chrome Driver - ${d}= Get Current Date result_format=%m%s - ${user}= Set Variable user010 - ${pwd}= Set Variable Test1@34 - Sign In Harbor ${HARBOR_URL} ${user} ${pwd} - Create An New Project And Go Into Project project${d} - Body Of Admin Push Signed Image project${d} tomcat latest ${user} ${pwd} - Body Of Admin Push Signed Image project${d} alpine latest ${HARBOR_ADMIN} ${HARBOR_PASSWORD} - Close Browser - -Body Of Admin Push Signed Image - [Arguments] ${project} ${image} ${tag} ${user} ${pwd} ${with_remove}=${false} ${clear_trust_dir}=${true} - Run Keyword If ${clear_trust_dir}==${true} Wait Unitl Command Success rm -rf ~/.docker/ - ${src_tag}= Set Variable latest - ${src_image}= Set Variable ${LOCAL_REGISTRY}/${LOCAL_REGISTRY_NAMESPACE}/${image}:${src_tag} - Docker Pull ${src_image} - Wait Unitl Command Success ./tests/robot-cases/Group0-Util/notary-push-image.sh ${ip} ${project} ${image} ${tag} ${notaryServerEndpoint} ${src_image} ${user} ${pwd} - - ${rc} ${output}= Run And Return Rc And Output curl -u admin:Harbor12345 -s --insecure -H "Content-Type: application/json" -X GET "https://${ip}/api/v2.0/projects/${project}/repositories/${image}/artifacts/${tag}?with_signature=true" - - Log To Console ${output} - Should Be Equal As Integers ${rc} 0 - Should Contain ${output} "signed":true - - Run Keyword If ${with_remove} == ${true} Notary Remove Signature ${ip} ${project} ${image} ${tag} ${user} ${pwd} - Delete A Project Without Sign In Harbor [Arguments] ${harbor_ip}=${ip} ${username}=${HARBOR_ADMIN} ${password}=${HARBOR_PASSWORD} ${d}= Get Current Date result_format=%m%s diff --git a/tests/robot-cases/Group0-BAT/API_DB.robot b/tests/robot-cases/Group0-BAT/API_DB.robot index f18077268..77d17b0d7 100644 --- a/tests/robot-cases/Group0-BAT/API_DB.robot +++ b/tests/robot-cases/Group0-BAT/API_DB.robot @@ -60,10 +60,6 @@ Test Case - Robot Account [Tags] robot_account Harbor API Test ./tests/apitests/python/test_robot_account.py -Test Case - Sign A Image - [Tags] sign_image - Harbor API Test ./tests/apitests/python/test_sign_image.py - Test Case - Project Quota [Tags] quota Harbor API Test ./tests/apitests/python/test_project_quota.py diff --git a/tests/robot-cases/Group0-BAT/BAT.robot b/tests/robot-cases/Group0-BAT/BAT.robot index 91308829c..4029ea8f2 100644 --- a/tests/robot-cases/Group0-BAT/BAT.robot +++ b/tests/robot-cases/Group0-BAT/BAT.robot @@ -35,22 +35,6 @@ Test Case - Registry Basic Verfication Close Browser -Test Case - Notary Basic Verfication - Enable Notary Client - - ${rc} ${output}= Run And Return Rc And Output docker pull hello-world:latest - Log ${output} - - Push image ${ip} %{HARBOR_ADMIN} %{HARBOR_PASSWORD} library hello-world:latest - ${rc} ${output}= Run And Return Rc And Output ./tests/robot-cases/Group0-Util/notary-push-image.sh ${ip} ${notaryServerEndpoint} - Log ${output} - Should Be Equal As Integers ${rc} 0 - - ${rc} ${output}= Run And Return Rc And Output curl -u admin:Harbor12345 -s --insecure -H "Content-Type: application/json" -X GET "https://${ip}/api/repositories/library/tomcat/signatures" - Log To Console ${output} - Should Be Equal As Integers ${rc} 0 - #Should Contain ${output} sha256 - Test Case - Ldap Basic Verfication Switch To LDAP Init Chrome Driver @@ -64,4 +48,4 @@ Test Case - Ldap Basic Verfication Test Case - Run LDAP Group Related API Test Harbor API Test ./tests/apitests/python/test_ldap_admin_role.py Harbor API Test ./tests/apitests/python/test_user_group.py - Harbor API Test ./tests/apitests/python/test_assign_role_to_ldap_group.py \ No newline at end of file + Harbor API Test ./tests/apitests/python/test_assign_role_to_ldap_group.py diff --git a/tests/robot-cases/Group0-Util/notary-push-image.sh b/tests/robot-cases/Group0-Util/notary-push-image.sh deleted file mode 100755 index 3ca3b7158..000000000 --- a/tests/robot-cases/Group0-Util/notary-push-image.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash - -#docker pull $3:$4 -set -x - -IP=$1 -notaryServerEndpoint=$5 -tag_src=$6 -USER=$7 -PASSHRASE=$8 -echo $IP - -export DOCKER_CONTENT_TRUST=1 -export DOCKER_CONTENT_TRUST_SERVER=https://$notaryServerEndpoint - -export NOTARY_ROOT_PASSPHRASE=$PASSHRASE -export NOTARY_TARGETS_PASSPHRASE=$PASSHRASE -export NOTARY_SNAPSHOT_PASSPHRASE=$PASSHRASE -export DOCKER_CONTENT_TRUST_ROOT_PASSPHRASE=$PASSHRASE -export DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE=$PASSHRASE -export DOCKER_CONTENT_TRUST_OFFLINE_PASSPHRASE=$PASSHRASE -export DOCKER_CONTENT_TRUST_TAGGING_PASSPHRASE=$PASSHRASE - -docker login -u $USER -p $PASSHRASE $IP -docker tag $tag_src $IP/$2/$3:$4 -docker push $IP/$2/$3:$4 diff --git a/tests/robot-cases/Group0-Util/notary-util.sh b/tests/robot-cases/Group0-Util/notary-util.sh deleted file mode 100755 index d44ade304..000000000 --- a/tests/robot-cases/Group0-Util/notary-util.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash - -CMD=$1 -HOST=$2 -PROJECT=$3 -IMAGE=$4 -TAG=$5 -NOTARY_SERVER_ENDPOINT=$6 -USER=$7 -PWD=$8 -PASSHRASE=$8 - -export DOCKER_CONTENT_TRUST=1 - -export NOTARY_ROOT_PASSPHRASE=$PASSHRASE -export NOTARY_TARGETS_PASSPHRASE=$PASSHRASE -export NOTARY_SNAPSHOT_PASSPHRASE=$PASSHRASE -export DOCKER_CONTENT_TRUST_ROOT_PASSPHRASE=$PASSHRASE -export DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE=$PASSHRASE -export DOCKER_CONTENT_TRUST_OFFLINE_PASSPHRASE=$PASSHRASE -export DOCKER_CONTENT_TRUST_TAGGING_PASSPHRASE=$PASSHRASE - -export NOTARY_AUTH=$(echo $USER:$PWD | base64) -echo $USER:$PWD - -NOTARY_CMD_OPTIONS="notary -s https://$NOTARY_SERVER_ENDPOINT -d /root/.docker/trust" -if [ "$CMD" == "key_rotate" ]; then - echo "$NOTARY_CMD_OPTIONS key rotate $HOST/$PROJECT/$IMAGE snapshot -r" - $NOTARY_CMD_OPTIONS key rotate $HOST/$PROJECT/$IMAGE snapshot -r -elif [ "$CMD" == "remove" ]; then - echo "$NOTARY_CMD_OPTIONS remove -p $HOST/$PROJECT/$IMAGE $TAG" - $NOTARY_CMD_OPTIONS remove -p $HOST/$PROJECT/$IMAGE $TAG -fi diff --git a/tests/robot-cases/Group1-Nightly/Notary.robot b/tests/robot-cases/Group1-Nightly/Notary.robot deleted file mode 100644 index 54ad8ee1a..000000000 --- a/tests/robot-cases/Group1-Nightly/Notary.robot +++ /dev/null @@ -1,71 +0,0 @@ -# Copyright Project Harbor Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License - -*** Settings *** -Documentation Harbor BATs -Resource ../../resources/Util.robot -Default Tags Nightly - -*** Variables *** -${HARBOR_URL} https://${ip} -${SSH_USER} root -${HARBOR_ADMIN} admin - -*** Test Cases *** -Test Case - Project Level Policy Notary Deployment security - Init Chrome Driver - ${d}= Get Current Date result_format=%m%s - Sign In Harbor ${HARBOR_URL} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} - Create An New Project And Go Into Project project${d} - Push Image ${ip} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} project${d} hello-world:latest - Go Into Project project${d} - Goto Project Config - Click Notary Deployment Security - Save Project Config - # Verify - # Unsigned image can not be pulled - Content Notary Deployment security Be Selected - Cannot Pull Image ${ip} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} project${d} hello-world:latest err_msg=The image is not signed in Notary - # Signed image can be pulled - Body Of Admin Push Signed Image project${d} redis latest ${HARBOR_ADMIN} ${HARBOR_PASSWORD} - Pull image ${ip} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} project${d} redis tag=latest - Close Browser - -Test Case - Admin Push Signed Image - [tags] sign_image - Body Of Push Signed Image - -Test Case - Admin Push Signed Image And Remove Signature - [tags] rm_signature - Init Chrome Driver - ${d}= Get Current Date result_format=%m%s - ${user}= Set Variable user012 - ${pwd}= Set Variable Test1@34 - Sign In Harbor ${HARBOR_URL} ${user} ${pwd} - Create An New Project And Go Into Project project${d} - Body Of Admin Push Signed Image project${d} alpine latest ${user} ${pwd} with_remove=${true} - Body Of Admin Push Signed Image project${d} busybox latest ${HARBOR_ADMIN} ${HARBOR_PASSWORD} with_remove=${true} - -Test Case - Key Rotate - [tags] key_rotate - Init Chrome Driver - ${d}= Get Current Date result_format=%m%s - ${user}= Set Variable user012 - ${pwd}= Set Variable Test1@34 - Sign In Harbor ${HARBOR_URL} ${user} ${pwd} - Create An New Project And Go Into Project project${d} - Body Of Admin Push Signed Image project${d} busybox latest ${user} ${pwd} - Notary Key Rotate ${ip} project${d} busybox latest ${user} ${pwd} - Body Of Admin Push Signed Image project${d} alpine latest ${HARBOR_ADMIN} ${HARBOR_PASSWORD} - Notary Key Rotate ${ip} project${d} alpine latest ${HARBOR_ADMIN} ${HARBOR_PASSWORD} diff --git a/tests/robot-cases/Group1-Nightly/Replication.robot b/tests/robot-cases/Group1-Nightly/Replication.robot index 015d5e1fc..5b086aabb 100644 --- a/tests/robot-cases/Group1-Nightly/Replication.robot +++ b/tests/robot-cases/Group1-Nightly/Replication.robot @@ -633,181 +633,6 @@ Test Case - Enable Replication Of Cosign Deployment Security Policy Retry Double Keywords When Error Click Index Achieve ${index_tag} Should Be Signed By Cosign ${image2_short_sha256} Close Browser -Test Case - Enable Replication Of Notary Deployment Security Policy - Init Chrome Driver - ${d}= Get Current Date result_format=%m%s - ${image1}= Set Variable hello-world - ${tag1}= Set Variable latest - ${image2}= Set Variable busybox - ${tag2}= Set Variable latest - - Sign In Harbor https://${ip1} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} - Create An New Project And Go Into Project project_push_dest${d} - Create An New Project And Go Into Project project_pull_dest${d} - Switch To Registries - Create A New Endpoint harbor e${d} https://${ip} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} - Switch To Replication Manage - Create A Rule With Existing Endpoint rule_pull_${d} pull project${d}/* image e${d} project_pull_dest${d} - Logout Harbor - - Sign In Harbor ${HARBOR_URL} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} - Create An New Project And Go Into Project project${d} - # push images - Push Image ${ip} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} project${d} ${image1}:${tag1} - Push Image ${ip} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} project${d} ${image2}:${tag2} - # enable notary deployment security policy - Goto Project Config - Click Notary Deployment Security - Save Project Config - Content Notary Deployment security Be Selected - # push mode replication should fail - Switch To Registries - Create A New Endpoint harbor e${d} https://${ip1} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} - Switch To Replication Manage - Create A Rule With Existing Endpoint rule_push_${d} push project${d}/* image e${d} project_push_dest${d} - Select Rule And Replicate rule_push_${d} - Check Latest Replication Job Status Failed - # pull mode replication should fail - Logout Harbor - Sign In Harbor https://${ip1} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} - Switch To Replication Manage - Select Rule And Replicate rule_pull_${d} - Check Latest Replication Job Status Failed - # sign - Body Of Admin Push Signed Image project${d} ${image1} ${tag1} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} - Body Of Admin Push Signed Image project${d} ${image2} ${tag2} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} - # push mode replication should success - Logout Harbor - Sign In Harbor https://${ip} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} - Switch To Replication Manage - Select Rule And Replicate rule_push_${d} - Check Latest Replication Job Status Succeeded - # pull mode replication should success - Logout Harbor - Sign In Harbor https://${ip1} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} - Switch To Replication Manage - Select Rule And Replicate rule_pull_${d} - Check Latest Replication Job Status Succeeded - # check project_pull_dest - Go Into Project project_pull_dest${d} - Switch To Project Repo - Repo Exist project_pull_dest${d} ${image1} - Repo Exist project_pull_dest${d} ${image2} - # check project_push_dest - Go Into Project project_push_dest${d} - Switch To Project Repo - Repo Exist project_push_dest${d} ${image1} - Repo Exist project_push_dest${d} ${image2} - Close Browser - -Test Case - Enable Replication Of Cosign And Notary Deployment Security Policy - Init Chrome Driver - ${d}= Get Current Date result_format=%m%s - ${image1}= Set Variable hello-world - ${tag1}= Set Variable latest - ${image2}= Set Variable busybox - ${tag2}= Set Variable latest - - Sign In Harbor https://${ip1} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} - Create An New Project And Go Into Project project_push_dest${d} - Create An New Project And Go Into Project project_pull_dest${d} - Switch To Registries - Create A New Endpoint harbor e${d} https://${ip} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} - Switch To Replication Manage - Create A Rule With Existing Endpoint rule_pull_${d} pull project${d}/* image e${d} project_pull_dest${d} - Logout Harbor - - Sign In Harbor ${HARBOR_URL} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} - Create An New Project And Go Into Project project${d} - # push images - Push Image ${ip} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} project${d} ${image1}:${tag1} - Push Image ${ip} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} project${d} ${image2}:${tag2} - # enable cosign deployment security policy - Goto Project Config - Click Cosign Deployment Security - Save Project Config - Content Cosign Deployment security Be Selected - # enable notary deployment security policy - Goto Project Config - Click Notary Deployment Security - Save Project Config - Content Notary Deployment security Be Selected - # cosign sign - Cosign Generate Key Pair - Docker Login ${ip} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} - Cosign Sign ${ip}/project${d}/${image1}:${tag1} - Cosign Sign ${ip}/project${d}/${image2}:${tag2} - Docker Logout ${ip} - # push mode replication should fail - Switch To Registries - Create A New Endpoint harbor e${d} https://${ip1} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} - Switch To Replication Manage - Create A Rule With Existing Endpoint rule_push_${d} push project${d}/* image e${d} project_push_dest${d} - Select Rule And Replicate rule_push_${d} - Check Latest Replication Job Status Failed - # pull mode replication should fail - Logout Harbor - Sign In Harbor https://${ip1} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} - Switch To Replication Manage - Select Rule And Replicate rule_pull_${d} - Check Latest Replication Job Status Failed - # notary sign - Body Of Admin Push Signed Image project${d} ${image1} ${tag1} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} - Body Of Admin Push Signed Image project${d} ${image2} ${tag2} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} - # delete cosign accessory - Logout Harbor - Sign In Harbor https://${ip} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} - Go Into Project project${d} - Go Into Repo project${d}/${image1} - Retry Double Keywords When Error Delete Accessory ${tag1} Should be Accessory deleted ${tag1} - Back Project Home project${d} - Go Into Repo project${d}/${image2} - Retry Double Keywords When Error Delete Accessory ${tag2} Should be Accessory deleted ${tag2} - # push mode replication should fail - Switch To Replication Manage - Select Rule And Replicate rule_push_${d} - Check Latest Replication Job Status Failed - # pull mode replication should fail - Logout Harbor - Sign In Harbor https://${ip1} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} - Switch To Replication Manage - Select Rule And Replicate rule_pull_${d} - Check Latest Replication Job Status Failed - # cosign sign - Docker Login ${ip} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} - Cosign Sign ${ip}/project${d}/${image1}:${tag1} - Cosign Sign ${ip}/project${d}/${image2}:${tag2} - Docker Logout ${ip} - # push mode replication should success - Logout Harbor - Sign In Harbor https://${ip} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} - Switch To Replication Manage - Select Rule And Replicate rule_push_${d} - Check Latest Replication Job Status Succeeded - # pull mode replication should success - Logout Harbor - Sign In Harbor https://${ip1} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} - Switch To Replication Manage - Select Rule And Replicate rule_pull_${d} - Check Latest Replication Job Status Succeeded - # check project_pull_dest - Go Into Project project_pull_dest${d} - Switch To Project Repo - Repo Exist project_pull_dest${d} ${image1} - Repo Exist project_pull_dest${d} ${image2} - Retry Double Keywords When Error Go Into Repo project_pull_dest${d}/${image1} Should Be Signed By Cosign ${tag1} - Back Project Home project_pull_dest${d} - Retry Double Keywords When Error Go Into Repo project_pull_dest${d}/${image2} Should Be Signed By Cosign ${tag2} - # check project_push_dest - Go Into Project project_push_dest${d} - Switch To Project Repo - Repo Exist project_push_dest${d} ${image1} - Repo Exist project_push_dest${d} ${image2} - Retry Double Keywords When Error Go Into Repo project_push_dest${d}/${image1} Should Be Signed By Cosign ${tag1} - Back Project Home project_push_dest${d} - Retry Double Keywords When Error Go Into Repo project_push_dest${d}/${image2} Should Be Signed By Cosign ${tag2} - Close Browser - Test Case - Carvel Imgpkg Copy To Harbor [Tags] imgpkg_copy Init Chrome Driver diff --git a/tests/robot-cases/Group1-Nightly/Upgrade.robot b/tests/robot-cases/Group1-Nightly/Upgrade.robot index 1cd7354a4..2eaa9dca6 100644 --- a/tests/robot-cases/Group1-Nightly/Upgrade.robot +++ b/tests/robot-cases/Group1-Nightly/Upgrade.robot @@ -29,7 +29,3 @@ Test Case - Manage project publicity Test Case - Scan A Tag In The Repo [Tags] trivy Body Of Scan A Tag In The Repo vmware/photon 1.0 - -Test Case - Admin Push Signed Image - [tags] sign_image - Body Of Push Signed Image diff --git a/tests/robot-cases/Group3-Upgrade/prepare.py b/tests/robot-cases/Group3-Upgrade/prepare.py index 569ed126e..409a29a66 100644 --- a/tests/robot-cases/Group3-Upgrade/prepare.py +++ b/tests/robot-cases/Group3-Upgrade/prepare.py @@ -495,9 +495,6 @@ class HarborAPI: } ], "event_types":[ - "downloadChart", - "deleteChart", - "uploadChart", "deleteImage", "pullImage", "pushImage", @@ -522,9 +519,6 @@ class HarborAPI: "DELETE_ARTIFACT", "PULL_ARTIFACT", "PUSH_ARTIFACT", - "DELETE_CHART", - "DOWNLOAD_CHART", - "UPLOAD_CHART", "QUOTA_EXCEED", "QUOTA_WARNING", "REPLICATION", @@ -621,10 +615,6 @@ def push_image(image, project): os.system("docker login "+args.endpoint+" -u admin"+" -p Harbor12345") os.system("docker push "+args.endpoint+"/"+project+"/library/"+image) -def push_signed_image(image, project, tag): - print("LOCAL_REGISTRY:{} LOCAL_REGISTRY_NAMESPACE:{}".format(args.LOCAL_REGISTRY, args.LOCAL_REGISTRY_NAMESPACE)) - os.system("./sign_image.sh" + " " + args.endpoint + " " + project + " " + image + " " + tag + " " + args.LOCAL_REGISTRY + " " + args.LOCAL_REGISTRY_NAMESPACE) - @get_feature_branch def set_url(**kwargs): global url @@ -653,14 +643,11 @@ def do_data_creation(): harborAPI.add_distribution(distribution, version=args.version) harborAPI.populate_projects("projects", version=args.version) - harborAPI.populate_projects("notary_projects", create_project_only=True, version=args.version) harborAPI.populate_quotas(version=args.version) harborAPI.push_artifact_index(data["projects"][0]["name"], data["projects"][0]["artifact_index"]["name"], data["projects"][0]["artifact_index"]["tag"], version=args.version) #pull_image("busybox", "redis", "haproxy", "alpine", "httpd:2") push_self_build_image_to_project(data["projects"][0]["name"], args.endpoint, 'admin', 'Harbor12345', "busybox", "latest") - for project in data["notary_projects"]: - push_signed_image("alpine", project["name"], "latest") for replicationrule in data["replicationrule"]: harborAPI.add_replication_rule(replicationrule, version=args.version) diff --git a/tests/robot-cases/Group3-Upgrade/sign_image.sh b/tests/robot-cases/Group3-Upgrade/sign_image.sh deleted file mode 100755 index fa85e278a..000000000 --- a/tests/robot-cases/Group3-Upgrade/sign_image.sh +++ /dev/null @@ -1,35 +0,0 @@ -#!/bin/bash -set -x -set -e - -echo "registry:"$5 -echo "repo:"$6 -docker pull $5/$6/$3:$4 - -IP=$1 -PASSHRASE='Harbor12345' - -echo $IP - -mkdir -p /etc/docker/certs.d/$IP/ -mkdir -p ~/.docker/tls/$IP:4443/ - -cp /harbor/ca/ca.crt /etc/docker/certs.d/$IP/ -cp /harbor/ca/ca.crt ~/.docker/tls/$IP:4443/ - -export DOCKER_CONTENT_TRUST=1 -export DOCKER_CONTENT_TRUST_SERVER=https://$IP:4443 - -export NOTARY_ROOT_PASSPHRASE=$PASSHRASE -export NOTARY_TARGETS_PASSPHRASE=$PASSHRASE -export NOTARY_SNAPSHOT_PASSPHRASE=$PASSHRASE -export DOCKER_CONTENT_TRUST_ROOT_PASSPHRASE=$PASSHRASE -export DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE=$PASSHRASE -export DOCKER_CONTENT_TRUST_OFFLINE_PASSPHRASE=$PASSHRASE -export DOCKER_CONTENT_TRUST_TAGGING_PASSPHRASE=$PASSHRASE - -docker login -u admin -p Harbor12345 $IP -docker tag $5/$6/$3:$4 $IP/$2/$3:$4 -docker push $IP/$2/$3:$4 -rm -rf /key_store/* -umask 077; tar -zcvf /key_store/private_keys_backup.tar.gz ~/.docker/trust/private; umask 022 \ No newline at end of file diff --git a/tests/robot-cases/Group3-Upgrade/verify.robot b/tests/robot-cases/Group3-Upgrade/verify.robot index 1bc192aa3..903b2f1a4 100644 --- a/tests/robot-cases/Group3-Upgrade/verify.robot +++ b/tests/robot-cases/Group3-Upgrade/verify.robot @@ -88,7 +88,6 @@ Test Case - Upgrade Verify Run Keyword Verify Trivy Is Default Scanner Run Keyword Verify Artifact Index ${data} Run Keyword Verify Quotas Display ${data} - Run Keyword Verify Re-sign Image ${data} Test Case - Upgrade Verify [Tags] 2.1-latest @@ -116,4 +115,3 @@ Test Case - Upgrade Verify Run Keyword Verify Distributions ${data} Run Keyword Verify P2P Preheat Policy ${data} Run Keyword Verify Quotas Display ${data} - Run Keyword Verify Re-sign Image ${data}