Commit Graph

10 Commits

Author SHA1 Message Date
Daniel Jiang
08f9ffa000 Reenable token auth for cli
Docker CLI fails if it's not logged in upon seeing "basic" realm challenging while pinging the "/v2" endpoint. (#11266)
Some CLI will send HEAD to artifact endpoint before pushing (#11188)(#11271)

To fix such problems, this commit re-introduce the token auth flow to the CLIs.

For a HEAD request to "/v2/xxx" with no "Authoirzation" header, the v2_auth middleware populates the
"Www-Authenticate" header to redirect it to token endpoint with proper
requested scope.

It also adds security context to based on the content of the JWT which has the claims of the registry.
So a request from CLI carrying a token signed by the "/service/token" will have proper permissions.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-04-04 00:05:58 +08:00
danfengliu
77e9fc38c7 Modify api test for test step of add addition
Signed-off-by: danfengliu <danfengl@vmware.com>
2020-03-18 17:32:10 +08:00
danfengliu
c283a02e5f Update existing API tests for API V2.0
Signed-off-by: danfengliu <danfengl@vmware.com>
2020-02-26 21:38:39 +08:00
danfengliu
4933bb634f Upgrade repository API tests to V2.0
Enable _xsrf in cookies in swagger.yaml, so that scripts don't have to handle it.

Signed-off-by: danfengliu <danfengl@vmware.com>
2020-02-24 18:15:25 +08:00
danfengliu
66eff99c7f Fix description issue of test in robot account API test and issue of Helm3 test
1. Fix issue that test step descriton was mismatch with test step;
2. Wrong helm command was used in Helm3 test, replace helm with helm3;
3. In API test, images were pulled from docker-hub registry, images size changed sometime, so we like to use internal registry.

Signed-off-by: danfengliu <danfengl@vmware.com>
2020-02-04 17:26:52 +08:00
Daniel Jiang
2064a1cd6d Switch to basic authentication for registry
1. Add basic authorizer for registry which modify the request
to add basic authorization header to request based on configuration.
2. Set basic auth header for proxy when accessing registry
3. Switche the registry to use basic auth by default and use the basic
authorizer to access Harbor.
4. Make necessary change to test cases, particularly
"test_robot_account.py" and "docker_api.py", because the error is
changed after siwtched to basic auth from token auth.  #10604 is opened
to track the follow up work.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-01-31 21:46:47 +09:00
Ziming Zhang
45113ea8e1 feat(cicd) use a smaller docker image for test
Change-Id: Ie8f365e7271bfda24ae965aaca0e55d1099c1d68
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2020-01-17 13:09:31 +08:00
wang yan
a0f3709b3c add expiration data time when to create a robot account
Update API of creating robot accout, user can specify expiration time per account.

Signed-off-by: wang yan <wangyan@vmware.com>
2020-01-03 13:47:06 +08:00
danfengliu
e08c2e757e This API test script was blocked by a swagger error, now this error was fixed, so robot account script can be finished now. In swagger.yaml, robot account can be updated in "disbled" status, it's added into script. (#7636)
Signed-off-by: danfengliu <danfengl@vmware.com>
2019-05-06 11:34:11 +08:00
danfengliu
eaedd89c25 add api test case for robot user, and modify swagger.yaml for wrong type of return value. (#6900)
Signed-off-by: danfengliu <danfengl@vmware.com>
2019-02-18 13:47:16 +08:00