Add API test case sign image back to travis, despite codacy block it when pulling a pr.

Signed-off-by: wang yan <wangyan@vmware.com>

tests/apitests/python/library/sign.py

@@ -0,0 +1,10 @@
+# -*- coding: utf-8 -*-
+import subprocess
+
+def sign_image(registry_ip, project_name, image, tag):
+    try:
+        ret = subprocess.check_output(["./tests/apitests/python/sign_image.sh", registry_ip, project_name, image, tag], shell=False)
+        print "sign_image return: ", ret
+    except subprocess.CalledProcessError, exc:
+        raise Exception("Failed to sign image error is {} {}.".format(exc.returncode, exc.output))
+

tests/apitests/python/sign_image.sh

@@ -0,0 +1,20 @@
+#!/bin/sh
+IP=$1
+PASSHRASE='Harbor12345'
+
+echo $IP
+
+export DOCKER_CONTENT_TRUST=1
+export DOCKER_CONTENT_TRUST_SERVER=https://$IP:4443
+
+export NOTARY_ROOT_PASSPHRASE=$PASSHRASE
+export NOTARY_TARGETS_PASSPHRASE=$PASSHRASE
+export NOTARY_SNAPSHOT_PASSPHRASE=$PASSHRASE
+export DOCKER_CONTENT_TRUST_ROOT_PASSPHRASE=$PASSHRASE
+export DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE=$PASSHRASE
+export DOCKER_CONTENT_TRUST_OFFLINE_PASSPHRASE=$PASSHRASE
+export DOCKER_CONTENT_TRUST_TAGGING_PASSPHRASE=$PASSHRASE
+
+docker login -u admin -p Harbor12345 $IP
+docker push $IP/$2/$3:$4
+

tests/apitests/python/test_sign_image.py

@@ -0,0 +1,85 @@
+from __future__ import absolute_import
+import unittest
+
+from library.sign import sign_image
+from testutils import ADMIN_CLIENT
+from testutils import harbor_server
+from testutils import TEARDOWN
+from library.project import Project
+from library.user import User
+from library.repository import Repository
+from library.repository import push_image_to_project
+
+class TestProjects(unittest.TestCase):
+    @classmethod
+    def setUp(self):
+        project = Project()
+        self.project= project
+
+        user = User()
+        self.user= user
+
+        repo = Repository()
+        self.repo= repo
+
+    @classmethod
+    def tearDown(self):
+        print "Case completed"
+
+    @unittest.skipIf(TEARDOWN == True, "Test data won't be erased.")
+    def test_ClearData(self):
+        #1. Delete repository(RA) by user(UA);
+        self.repo.delete_repoitory(TestProjects.repo_name, **TestProjects.USER_sign_image_CLIENT)
+
+        #2. Delete project(PA);
+        self.project.delete_project(TestProjects.project_sign_image_id, **TestProjects.USER_sign_image_CLIENT)
+
+        #3. Delete user(UA);
+        self.user.delete_user(TestProjects.user_sign_image_id, **ADMIN_CLIENT)
+
+    def testSignImage(self):
+        """
+        Test case:
+            Sign A Image
+        Test step and expected result:
+            1. Create a new user(UA);
+            2. Create a new private project(PA) by user(UA);
+            3. Add user(UA) as a member of project(PA) with project-admin role;
+            4. Get private project of user(UA), user(UA) can see only one private project which is project(PA);
+            5. Create a new repository(RA) and tag(TA) in project(PA) by user(UA);
+            6. Sign image with tag(TA) which was tagged by step #5;
+            7. Get signature of image with tag(TA), it should be exist.
+        Tear down:
+            NA
+        """
+        url = ADMIN_CLIENT["endpoint"]
+        user_001_password = "Aa123456"
+
+        #1. Create user-001
+        TestProjects.user_sign_image_id, user_sign_image_name = self.user.create_user(user_password = user_001_password, **ADMIN_CLIENT)
+
+        TestProjects.USER_sign_image_CLIENT=dict(endpoint = url, username = user_sign_image_name, password = user_001_password)
+
+        #2. Create a new private project(PA) by user(UA);
+        TestProjects.project_sign_image_id, project_sign_image_name = self.project.create_project(metadata = {"public": "false"}, **ADMIN_CLIENT)
+
+        #3. Add user(UA) as a member of project(PA) with project-admin role;
+        self.project.add_project_members(TestProjects.project_sign_image_id, TestProjects.user_sign_image_id, **ADMIN_CLIENT)
+
+        #4. Get private project of user(UA), user(UA) can see only one private project which is project(PA);
+        self.project.projects_should_exist(dict(public=False), expected_count = 1,
+            expected_project_id = TestProjects.project_sign_image_id, **TestProjects.USER_sign_image_CLIENT)
+
+        image = "hello-world"
+        src_tag = "latest"
+        #5. Create a new repository(RA) and tag(TA) in project(PA) by user(UA);
+        TestProjects.repo_name, tag = push_image_to_project(project_sign_image_name, harbor_server, user_sign_image_name, user_001_password, image, src_tag)
+
+        #6. Sign image with tag(TA) which was tagged by step #5;
+        sign_image(harbor_server, project_sign_image_name, image, tag)
+
+        #7. Get signature of image with tag(TA), it should be exist.
+        self.repo.signature_should_exist(TestProjects.repo_name, tag, **TestProjects.USER_sign_image_CLIENT)
+
+if __name__ == '__main__':
+    unittest.main()

tests/robot-cases/Group0-BAT/API_DB.robot

@@ -46,4 +46,6 @@ Test Case - Assign Sys Admin
 Test Case - Retag Image
     Harbor API Test  ./tests/apitests/python/test_retag.py
 Test Case - Robot Account
-    Harbor API Test  ./tests/apitests/python/test_robot_account.py
+    Harbor API Test  ./tests/apitests/python/test_robot_account.py
+Test Case - Sign A Image
+    Harbor API Test  ./tests/apitests/python/test_sign_image.py

tests/travis/api_common_install.sh

@@ -8,7 +8,7 @@ set -e
 # prepare cert ...
 sudo sed "s/127.0.0.1/$1/" -i tests/generateCerts.sh
 sudo ./tests/generateCerts.sh
-sudo mkdir -p /etc/docker/certs.d/$1 && sudo cp ./harbor_ca.crt /etc/docker/certs.d/$1/
+sudo mkdir -p /etc/docker/certs.d/$1 && sudo cp ./tests/harbor_ca.crt /etc/docker/certs.d/$1/ && rm -rf ~/.docker/ &&  mkdir -p ~/.docker/tls/$1:4443/ && sudo cp ./tests/harbor_ca.crt ~/.docker/tls/$1:4443/
 
 sudo ./tests/hostcfg.sh