[cherry-pick]Update e2e engine image (#18749)

Update e2e engine image

1. Update containerd version to 1.7.1
2. Update docker compose version to 2.18.1
3. Update helm version to 3.12.0
4. Update ORAS version to 1.0.0
5. Update CNAB version to 0.4.0
6. Update imgpkg version to 0.36.2
7. Update cosign version to 2.0.2
8. Update docker version to 24.0.2
9. Update chromedriver version to 114.0.5735.16

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
This commit is contained in:
Yang Jiao 2023-05-30 16:50:12 +08:00 committed by GitHub
parent 40a0e37f6b
commit d130e7bb5b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
13 changed files with 59 additions and 90 deletions

View File

@ -6,5 +6,5 @@ def generate_key_pair():
base.run_command(command)
def sign_artifact(artifact):
command = ["cosign", "sign", "--allow-insecure-registry", "--key", "cosign.key", artifact]
command = ["cosign", "sign", "-y", "--allow-insecure-registry", "--key", "cosign.key", artifact]
base.run_command(command)

View File

@ -1,17 +1,16 @@
# -*- coding: utf-8 -*-
import os
import base
def helm3_7_registry_login(ip, user, password):
command = ["helm3.7", "registry", "login", ip, "-u", user, "-p", password]
def helm_registry_login(ip, user, password):
command = ["helm", "registry", "login", ip, "-u", user, "-p", password, "--insecure"]
base.run_command(command)
def helm3_7_package(file_path):
command = ["helm3.7", "package", file_path]
def helm_package(file_path):
command = ["helm", "package", file_path]
base.run_command(command)
def helm3_7_push(file_path, ip, project_name):
command = ["helm3.7", "push", file_path, "oci://{}/{}".format(ip, project_name)]
def helm_push(file_path, ip, project_name):
command = ["helm", "push", file_path, "oci://{}/{}".format(ip, project_name), "--insecure-skip-tls-verify"]
base.run_command(command)

View File

@ -47,11 +47,11 @@ class TestProjects(unittest.TestCase):
def testPushChartByHelmChartCLI(self):
"""
Test case:
Push Chart File By Helm3.7 CLI
Push Chart File By Helm CLI
Test step and expected result:
1. Create a new user(UA);
2. Create a new project(PA) by user(UA);
3. Push an chart(CA) to Harbor by helm3.7 CLI successfully;
3. Push an chart(CA) to Harbor by helm CLI successfully;
4. List artifacts successfully;
5. Get chart(CA) by reference successfully;
6. Get addition successfully;
@ -70,15 +70,15 @@ class TestProjects(unittest.TestCase):
TestProjects.project_push_chart_id, TestProjects.project_push_chart_name = self.project.create_project(
metadata={"public": "false"}, **TestProjects.USER_CLIENT)
# 3 Push an chart(CA) to Harbor by helm3.7 CLI successfully;
# 3 Push an chart(CA) to Harbor by hel CLI successfully;
command = ["tar", "zxf", self.chart_file_path]
base.run_command(command)
# 3.1 helm3_7_registry_login;
helm.helm3_7_registry_login(ip=harbor_server, user=user_name, password=self.user_push_chart_password)
# 3.2 helm3_7_package;
helm.helm3_7_package(file_path=self.chart_file_name)
# 3.2 helm3_7_push;
helm.helm3_7_push(file_path=self.chart_file_package_name, ip=harbor_server,
# 3.1 helm_registry_login;
helm.helm_registry_login(ip=harbor_server, user=user_name, password=self.user_push_chart_password)
# 3.2 helm_package;
helm.helm_package(file_path=self.chart_file_name)
# 3.2 helm_push;
helm.helm_push(file_path=self.chart_file_package_name, ip=harbor_server,
project_name=TestProjects.project_push_chart_name)
# 4. List artifacts successfully;

View File

@ -8,7 +8,7 @@ sudo gsutil version -l
harbor_logs_bucket="harbor-ci-logs"
DIR="$(cd "$(dirname "$0")" && pwd)"
E2E_IMAGE="goharbor/harbor-e2e-engine:latest-api"
E2E_IMAGE="goharbor/harbor-e2e-engine:5.0.1-api"
# GS util
function uploader {
@ -21,7 +21,7 @@ set +e
docker ps
# run db auth api cases
if [ "$1" = 'DB' ]; then
docker run -i --privileged -v $DIR/../../:/drone -v $DIR/../:/ca -w /drone $E2E_IMAGE robot --exclude proxy_cache --exclude push_chart --exclude push_chart_by_Helm3.7 -v DOCKER_USER:${DOCKER_USER} -v DOCKER_PWD:${DOCKER_PWD} -v ip:$2 -v ip1: -v http_get_ca:false -v HARBOR_PASSWORD:Harbor12345 /drone/tests/robot-cases/Group1-Nightly/Setup.robot /drone/tests/robot-cases/Group0-BAT/API_DB.robot
docker run -i --privileged -v $DIR/../../:/drone -v $DIR/../:/ca -w /drone $E2E_IMAGE robot --exclude proxy_cache -v DOCKER_USER:${DOCKER_USER} -v DOCKER_PWD:${DOCKER_PWD} -v ip:$2 -v ip1: -v http_get_ca:false -v HARBOR_PASSWORD:Harbor12345 /drone/tests/robot-cases/Group1-Nightly/Setup.robot /drone/tests/robot-cases/Group0-BAT/API_DB.robot
elif [ "$1" = 'PROXY_CACHE' ]; then
docker run -i --privileged -v $DIR/../../:/drone -v $DIR/../:/ca -w /drone $E2E_IMAGE robot --include setup --include proxy_cache -v DOCKER_USER:${DOCKER_USER} -v DOCKER_PWD:${DOCKER_PWD} -v ip:$2 -v ip1: -v http_get_ca:false -v HARBOR_PASSWORD:Harbor12345 /drone/tests/robot-cases/Group1-Nightly/Setup.robot /drone/tests/robot-cases/Group0-BAT/API_DB.robot
elif [ "$1" = 'LDAP' ]; then

View File

@ -24,9 +24,9 @@ Cosign Generate Key Pair
Cosign Sign
[Arguments] ${artifact}
Wait Unitl Command Success cosign sign --allow-insecure-registry --key cosign.key ${artifact}
Wait Unitl Command Success cosign sign -y --allow-insecure-registry --key cosign.key ${artifact}
Cosign Verify
[Arguments] ${artifact} ${signed}
Run Keyword If ${signed}==${true} Wait Unitl Command Success cosign verify --key cosign.pub ${artifact}
... ELSE Command Should be Failed cosign verify --key cosign.pub ${artifact}
... ELSE Command Should be Failed cosign verify --key cosign.pub ${artifact}

View File

@ -18,22 +18,22 @@ Library OperatingSystem
Library Process
*** Keywords ***
Helm3.7 Registry Login
Helm Registry Login
[Arguments] ${ip} ${user} ${password}
Wait Unitl Command Success helm3.7 registry login ${ip} -u ${user} -p ${password}
Wait Unitl Command Success helm registry login ${ip} -u ${user} -p ${password} --insecure
Helm3.7 Package
Helm Package
[Arguments] ${file_path}
Wait Unitl Command Success helm3.7 package ${file_path}
Wait Unitl Command Success helm package ${file_path}
Helm3.7 Push
Helm Push
[Arguments] ${file_path} ${ip} ${repo_name}
Wait Unitl Command Success helm3.7 push ${file_path} oci://${ip}/${repo_name}
Wait Unitl Command Success helm push ${file_path} oci://${ip}/${repo_name} --insecure-skip-tls-verify
Helm3.7 Pull
Helm Pull
[Arguments] ${ip} ${repo_name} ${version}
Wait Unitl Command Success helm3.7 pull oci://${ip}/${repo_name}/harbor --version ${version}
Wait Unitl Command Success helm pull oci://${ip}/${repo_name}/harbor --version ${version} --insecure-skip-tls-verify
Helm3.7 Registry Logout
Helm Registry Logout
[Arguments] ${ip}
Wait Unitl Command Success helm3.7 registry logout ${ip}
Wait Unitl Command Success helm registry logout ${ip}

View File

@ -190,20 +190,20 @@ Manage Project Member Without Sign In Harbor
Push image ${ip} ${sign_in_user} ${sign_in_pwd} project${d} hello-world
User Should Be Guest ${test_user2} ${sign_in_pwd} project${d} is_oidc_mode=${is_oidc_mode}
Helm3.7 CLI Work Flow
Helm CLI Work Flow
[Arguments] ${sign_in_user} ${sign_in_pwd}
${d}= Get Current Date result_format=%m%s
Create An New Project And Go Into Project project${d}
Run rm -rf ./${harbor_helm_name}
Wait Unitl Command Success tar zxf ${files_directory}/${harbor_helm_filename}
Helm3.7 Registry Login ${ip} ${sign_in_user} ${sign_in_pwd}
Helm3.7 Package ./${harbor_helm_name}
Helm3.7 Push ${harbor_helm_package} ${ip} project${d}
Helm Registry Login ${ip} ${sign_in_user} ${sign_in_pwd}
Helm Package ./${harbor_helm_name}
Helm Push ${harbor_helm_package} ${ip} project${d}
Run rm -rf ./${harbor_helm_package}
Retry File Should Not Exist ./${harbor_helm_package}
Helm3.7 Pull ${ip} project${d} ${harbor_helm_version}
Helm Pull ${ip} project${d} ${harbor_helm_version}
Retry File Should Exist ./${harbor_helm_package}
Helm3.7 Registry Logout ${ip}
Helm Registry Logout ${ip}
#Important Note: All CVE IDs in CVE Allowlist cases must unique!
Body Of Verfiy System Level CVE Allowlist

View File

@ -88,9 +88,9 @@ Test Case - Push Index By Docker Manifest
[Tags] push_index
Harbor API Test ./tests/apitests/python/test_push_index_by_docker_manifest.py
Test Case - Push Chart By Helm3.7 Chart CLI
[Tags] push_chart_by_Helm3.7
Harbor API Test ./tests/apitests/python/test_push_chart_by_helm3.7_chart_cli.py
Test Case - Push Chart By Helm Chart CLI
[Tags] push_chart_by_helm
Harbor API Test ./tests/apitests/python/test_push_chart_by_helm_chart_cli.py
Test Case - Push Cnab Bundle
[Tags] push_cnab

View File

@ -1,24 +0,0 @@
#!/bin/bash
IP=$1
USER=$2
PWD=$3
CHART_FILE=$4
ARCHIVE=$5
PROJECT=$6
REPOSITORY=$7
VERSION=$8
echo $IP
export HELM_EXPERIMENTAL_OCI=1
wget $CHART_FILE
echo "========================"
echo ${CHART_FILE##*/}
echo "========================"
tar xvf ${CHART_FILE##*/}
helm3 registry login $IP -u $USER -p $PWD
helm3 chart save $ARCHIVE $IP/$PROJECT/$REPOSITORY
helm3 chart push $IP/$PROJECT/$REPOSITORY:$VERSION

View File

@ -1004,13 +1004,13 @@ Test Case - Export CVE
Lists Should Be Equal ${expected_cve_data} ${actual_cve_data} ignore_order=True
Close Browser
Test Case - Helm3.7 CLI Push And Pull In Harbor
Test Case - Helm CLI Push And Pull In Harbor
[Tags] helm_push_and_push
Init Chrome Driver
${user}= Set Variable user004
${pwd}= Set Variable Test1@34
Sign In Harbor ${HARBOR_URL} ${user} ${pwd}
Retry Keyword N Times When Error 4 Helm3.7 CLI Work Flow ${user} ${pwd}
Retry Keyword N Times When Error 4 Helm CLI Work Flow ${user} ${pwd}
Close Browser
Test Case - Job Service Dashboard Job Queues

View File

@ -3,6 +3,8 @@ FROM photon:4.0
ENV LANG C.UTF-8
ENV HELM_EXPERIMENTAL_OCI=1
ENV COSIGN_PASSWORD=Harbor12345
ENV COSIGN_EXPERIMENTAL=1
ENV COSIGN_OCI_EXPERIMENTAL=1
COPY --from=tool_builder /tool/tools.tar.gz /usr/local/bin

View File

@ -22,30 +22,20 @@ RUN apt-get update && apt-get install -y software-properties-common && \
RUN pwd && mkdir /tool/binary && \
# Install CONTAINERD
CONTAINERD_VERSION=1.6.9 && \
CONTAINERD_VERSION=1.7.1 && \
wget https://github.com/containerd/containerd/releases/download/v$CONTAINERD_VERSION/containerd-$CONTAINERD_VERSION-linux-amd64.tar.gz && \
tar zxvf containerd-$CONTAINERD_VERSION-linux-amd64.tar.gz && \
cd bin && cp -f containerd ctr /tool/binary/ && \
# docker compose
curl -L "https://github.com/docker/compose/releases/download/v2.12.2/docker-compose-$(uname -s)-$(uname -m)" -o /tool/binary/docker-compose && \
curl -L "https://github.com/docker/compose/releases/download/v2.18.1/docker-compose-$(uname -s)-$(uname -m)" -o /tool/binary/docker-compose && \
chmod +x /tool/binary/docker-compose && \
# Install helm v2
HELM2_VERSION=2.16.12 && wget https://get.helm.sh/helm-v$HELM2_VERSION-linux-amd64.tar.gz && \
tar zxvf helm-v$HELM2_VERSION-linux-amd64.tar.gz && \
cp linux-amd64/helm /tool/binary/helm && \
cp linux-amd64/helm /tool/binary/helm2 && \
# Install helm v3
HELM3_VERSION=3.3.3 && wget https://get.helm.sh/helm-v$HELM3_VERSION-linux-amd64.tar.gz && \
tar zxvf helm-v$HELM3_VERSION-linux-amd64.tar.gz && \
# Install helm
HELM_VERSION=3.12.0 && wget https://get.helm.sh/helm-v$HELM_VERSION-linux-amd64.tar.gz && \
tar zxvf helm-v$HELM_VERSION-linux-amd64.tar.gz && \
ls || pwd && \
mv linux-amd64/helm /tool/binary/helm3 && \
# Install helm v3.10
HELM3_10_VERSION=3.10.1 && wget https://get.helm.sh/helm-v$HELM3_10_VERSION-linux-amd64.tar.gz && \
tar zxvf helm-v$HELM3_10_VERSION-linux-amd64.tar.gz && \
ls || pwd && \
mv linux-amd64/helm /tool/binary/helm3.7 && \
mv linux-amd64/helm /tool/binary/helm && \
# Install ORAS
ORAS_VERSION=0.16.0 && curl -LO https://github.com/deislabs/oras/releases/download/v$ORAS_VERSION/oras_${ORAS_VERSION}_linux_amd64.tar.gz && \
ORAS_VERSION=1.0.0 && curl -LO https://github.com/deislabs/oras/releases/download/v$ORAS_VERSION/oras_${ORAS_VERSION}_linux_amd64.tar.gz && \
mkdir -p oras-install/ && \
tar -zxf oras_${ORAS_VERSION}_*.tar.gz -C oras-install/ && \
mv oras-install/oras /tool/binary/ && \
@ -56,7 +46,7 @@ RUN pwd && mkdir /tool/binary && \
# Install CNAB
CNAB_PATH=$(go env GOPATH)/src/github.com/cnabio && \
mkdir -p $CNAB_PATH && cd $CNAB_PATH && git clone https://github.com/cnabio/cnab-to-oci.git && \
cd cnab-to-oci && git checkout v0.3.7 && \
cd cnab-to-oci && git checkout v0.4.0 && \
go list && \
make build && \
mv bin/cnab-to-oci /tool/binary/ && \
@ -68,12 +58,12 @@ RUN pwd && mkdir /tool/binary && \
WASM_TO_OCI_VERSION=0.1.2 && wget https://github.com/engineerd/wasm-to-oci/releases/download/v${WASM_TO_OCI_VERSION}/linux-amd64-wasm-to-oci && \
chmod +x linux-amd64-wasm-to-oci && mv linux-amd64-wasm-to-oci /tool/binary/wasm-to-oci && \
# Install imgpkg
IMGPKG_VERSION=0.33.0 && wget https://github.com/vmware-tanzu/carvel-imgpkg/releases/download/v$IMGPKG_VERSION/imgpkg-linux-amd64 && \
IMGPKG_VERSION=0.36.2 && wget https://github.com/vmware-tanzu/carvel-imgpkg/releases/download/v$IMGPKG_VERSION/imgpkg-linux-amd64 && \
mv imgpkg-linux-amd64 /tool/binary/imgpkg && chmod +x /tool/binary/imgpkg && \
# Install cosign
COSIGN_VERSION=1.13.1 && wget https://github.com/sigstore/cosign/releases/download/v$COSIGN_VERSION/cosign-linux-amd64 && \
COSIGN_VERSION=2.0.2 && wget https://github.com/sigstore/cosign/releases/download/v$COSIGN_VERSION/cosign-linux-amd64 && \
mv cosign-linux-amd64 /tool/binary/cosign && chmod +x /tool/binary/cosign && \
pwd
RUN cd /tool/binary/ && tar czvf tools.tar.gz * && cp tools.tar.gz /tool
# --- End of base file ---
# --- End of base file ---

View File

@ -5,6 +5,8 @@ ENV TZ=Asia/Shanghai \
ENV LANG C.UTF-8
ENV HELM_EXPERIMENTAL_OCI=1
ENV COSIGN_PASSWORD=Harbor12345
ENV COSIGN_EXPERIMENTAL=1
ENV COSIGN_OCI_EXPERIMENTAL=1
RUN apt-get update && apt-get install -y --no-install-recommends wget curl gnupg2
RUN apt-get install libseccomp2
RUN wget --no-check-certificate -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | apt-key add -
@ -37,8 +39,8 @@ RUN pip3 install --upgrade pip pyasn1 google-apitools==0.5.31 gsutil \
requests dbbot robotframework-seleniumlibrary robotframework-pabot \
robotframework-JSONLibrary hurry.filesize --upgrade && \
apt-get clean all
# Upgrade chromedriver version to 107.0.5304.62
RUN wget -N https://chromedriver.storage.googleapis.com/107.0.5304.62/chromedriver_linux64.zip && \
# Upgrade chromedriver version to 113.0.5672.24
RUN wget -N https://chromedriver.storage.googleapis.com/113.0.5672.24/chromedriver_linux64.zip && \
unzip chromedriver_linux64.zip && \
chmod +x chromedriver && \
mv -f chromedriver /usr/local/share/chromedriver && \
@ -47,7 +49,7 @@ RUN wget -N https://chromedriver.storage.googleapis.com/107.0.5304.62/chromedriv
RUN pwd && ls && \
# Install docker
DOCKER_VERSION=20.10.3 && wget https://download.docker.com/linux/static/stable/x86_64/docker-$DOCKER_VERSION.tgz && \
DOCKER_VERSION=24.0.2 && wget https://download.docker.com/linux/static/stable/x86_64/docker-$DOCKER_VERSION.tgz && \
tar --strip-components=1 -xvzf docker-$DOCKER_VERSION.tgz -C /usr/bin && \
rm docker-$DOCKER_VERSION.tgz