LDAP group has different role, user in group has the same role, as groups with different roles were added in project
member list, user should act like in different roles. for admin and dev role, there should be checkpoints to verify priviledges of each own.
Signed-off-by: danfengliu <danfengl@vmware.com>
Robot tests have been always executed in docker container, but API pyt-test is not,
so rebuild Dockerfile for it. During that, some of tools have been upgraded, so API py-test
scripts need some modification.
Signed-off-by: danfengliu <danfengl@vmware.com>
1.Separate Dockerfile to drone and nightly e2e, one Dockerfile should cover
both scenarios, it will be resolved later;
2.Fix docker api err type issue, API error has no message attibute;
3.Upgrade docker in nightly e2e images.
Signed-off-by: danfengliu <danfengl@vmware.com>
1. Upgrade robot-framework to 3.1 and Selenium library to 4.4.0.
2. Fix a registry issue for clear filter text input.
Signed-off-by: danfengliu <danfengl@vmware.com>
* add debugging env for GC time window
For debugging, the tester/users wants to run GC to delete the removed artifact immediately instead of waitting for two hours, add the env(GC_BLOB_TIME_WINDOW) to meet this.
Signed-off-by: wang yan <wangyan@vmware.com>
two phases:
1, mark, select the gc candidates bases on the DB and mark them as status delete.
2, sweep, select the candidate and mark it as status deleting and remove it from backend and database.
Signed-off-by: wang yan <wangyan@vmware.com>
1. Fix issue of keyword Go Into Repo, the verification logic could be more strict;
2. Add API E2E pytest of GC with untag flag enabled;
3. Add sleep in test_user_view_logs.py for delete log ocurred;
4. Test Case - Tag CRUD is not stable. Although add button was clicked, but the tag was'nt added successfully.
Signed-off-by: danfengliu <danfengl@vmware.com>
1. Add oras cli py-test;
2. Add env for notary url, allow to input different notary port instead of solid 4443;
3. Add retry for keyword Cannot Pull Image and make it longer during retry.
Signed-off-by: danfengliu <danfengl@vmware.com>
1. Manifest list can be pulled by ctr;
2. ui-test missing key checkpoint, fix it by add checking scan detail result;
3. add tag retension untag image test;
Signed-off-by: danfengliu <danfengl@vmware.com>
1. Enable `security` in the swagger.yaml.
2. Include `basic` auth in `security` to make the generated python
client by `swagger-codegen-cli` work with basic authorization.
3. Include `anonymous` auth in `security` to make APIs of v2.0 generated
by `goswagger` work with `security` middleware.
Closes#11771
Signed-off-by: He Weiwei <hweiwei@vmware.com>
Fixes#11225
As registry changes to basic auth, the push action lost the pull permission.
Add it in the robot security context.
Signed-off-by: wang yan <wangyan@vmware.com>
1, enable user view log api test case
2, update project logs api permission check
3, use project ctl instead in permission check base method
Signed-off-by: wang yan <wangyan@vmware.com>
1. Add basic authorizer for registry which modify the request
to add basic authorization header to request based on configuration.
2. Set basic auth header for proxy when accessing registry
3. Switche the registry to use basic auth by default and use the basic
authorizer to access Harbor.
4. Make necessary change to test cases, particularly
"test_robot_account.py" and "docker_api.py", because the error is
changed after siwtched to basic auth from token auth. #10604 is opened
to track the follow up work.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
Seperate the HasAdminRole(In DB) with the privileges from external auth, and use user.HasAdminPrivilege to check
Signed-off-by: stonezdj <stonezdj@gmail.com>
1. Create a new user(UA);
2. Create a new private project(PA) by user(UA);
3. Add user(UA) as a member of project(PA) with project-admin role;
4. Push an image to project(PA) by user(UA), then check the project quota usage;
5. Check quota change
6. Delete image, the quota should be changed to 0.
Signed-off-by: wang yan <wangyan@vmware.com>
This commit update test case to cover project level CVE whitelist.
It also fixes the swagger doc to add missing attributes
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
* Refactor scan all api
This commit is to let scan all api using admin job to handle schedule
management. After the PR, GC and scan all share unified code path.
Signed-off-by: wang yan <wangyan@vmware.com>
* update admin job api code according to review comments
Signed-off-by: wang yan <wangyan@vmware.com>
* Update test code and comments per review
Signed-off-by: wang yan <wangyan@vmware.com>
1. Fix#5102 by checking the existence of name when creating/editing replication rule
2. Add unique constraint to the name of replication policy and target
3. Fix bugs of testing library
Signed-off-by: Wenkai Yin <yinw@vmware.com>
Add API test case for garbage collection, and add swagger.yaml, GC and chart feature were updated in swagger.yaml.
Signed-off-by: danfengliu <danfengl@vmware.com>
Move admin_client to testutil.py as global parameter.
Change create_repository function name to push_image_to_project to make it reasonable.
Signed-off-by: danfengliu <danfengl@vmware.com>
Add API test libraries which were based on swagger doc,
it's including user and project , also add one scenario
test case which is test_add_member_to_private_project to
verify a user can see a project when the uesr is the member of it.
Delete 2 old test case.Delete a quota.
Signed-off-by: danfengliu <danfengl@vmware.com>