mirror of
https://github.com/goharbor/harbor.git
synced 2024-11-25 03:35:21 +01:00
09d1f8e9fc
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
285 lines
17 KiB
Plaintext
285 lines
17 KiB
Plaintext
# Copyright Project Harbor Authors
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License
|
|
|
|
*** Settings ***
|
|
Documentation This resource provides any keywords related to the Harbor private registry appliance
|
|
Resource ../../resources/Util.robot
|
|
|
|
*** Variables ***
|
|
|
|
*** Keywords ***
|
|
Switch To Security Hub
|
|
Retry Element Click xpath=//clr-main-container//clr-vertical-nav//a[contains(.,'Interrogation')]
|
|
Retry Element Click xpath=//app-interrogation-services//a[contains(.,'Security Hub')]
|
|
Retry Wait Element ${security_hub_search_btn}
|
|
|
|
Get Vulnerability System Summary From API
|
|
${cmd}= Set Variable curl -u ${HARBOR_ADMIN}:${HARBOR_PASSWORD} -s --insecure -H "Content-Type: application/json" -X GET "https://${ip}/api/v2.0/security/summary?with_dangerous_cve=true&with_dangerous_artifact=true"
|
|
${rc} ${output}= Run And Return Rc And Output ${cmd}
|
|
${output_json} Evaluate json.loads('''${output}''') json
|
|
[Return] ${output_json}
|
|
|
|
Check The Total Vulnerabilities
|
|
[Arguments] ${summary}
|
|
Retry Wait Element (//div[@class='card'][1]//div[contains(@class, 'clr-col-9')])[1][text()=' ${summary["critical_cnt"]} ']
|
|
Retry Wait Element (//div[@class='card'][1]//div[contains(@class, 'clr-col-9')])[2][text()=' ${summary["high_cnt"]} ']
|
|
Retry Wait Element (//div[@class='card'][1]//div[contains(@class, 'clr-col-9')])[3][text()=' ${summary["medium_cnt"]} ']
|
|
Retry Wait Element (//div[@class='card'][1]//div[contains(@class, 'clr-col-9')])[4][text()=' ${summary["low_cnt"]} ']
|
|
Retry Wait Element (//div[@class='card'][1]//div[contains(@class, 'clr-col-9')])[5][text()=' 0 ']
|
|
Retry Wait Element (//div[@class='card'][1]//div[contains(@class, 'clr-col-9')])[6][text()=' 0 ']
|
|
|
|
Check The Top 5 Most Dangerous Artifacts
|
|
[Arguments] ${dangerous_artifacts}
|
|
Retry Wait Element Count ${top5_most_dangerous_artifacts_xpath} 5
|
|
FOR ${index} ${dangerous_artifact} IN ENUMERATE @{dangerous_artifacts} start=1
|
|
${repository_name}= Set Variable ${dangerous_artifact["repository_name"]}
|
|
${short_digest}= Set Variable ${dangerous_artifact["digest"]}[0:15]
|
|
${row_num}= Set Variable [${index}]
|
|
${text}= Set Variable [..//a[@title='${repository_name}'] and ..//span[text()='${short_digest}']]
|
|
Wait Until Element Is Visible And Enabled ${top5_most_dangerous_artifacts_xpath}${row_num}${text}
|
|
END
|
|
|
|
Check The Top 5 Most Dangerous CVEs
|
|
[Arguments] ${dangerous_cves}
|
|
Retry Wait Element Count ${top5_most_dangerous_cves_xpath} 5
|
|
FOR ${index} ${dangerous_cve} IN ENUMERATE @{dangerous_cves} start=1
|
|
${dangerous_cve_id}= Set Variable ${dangerous_cve["cve_id"]}
|
|
${cvss_score_v3}= Set Variable ${dangerous_cve["cvss_score_v3"]}
|
|
${dangerous_cve_package}= Set Variable ${dangerous_cve["package"]}\@${dangerous_cve["version"]}
|
|
${severity}= Set Variable ${dangerous_cve["severity"]}
|
|
${row_num}= Set Variable [${index}]
|
|
${text}= Set Variable [..//a[@title='${dangerous_cve_id}'] and ..//span[text()='${severity}'] and ..//div[text()=' ${cvss_score_v3} '] and ..//span[text()=' ${dangerous_cve_package} ']]
|
|
Wait Until Element Is Visible And Enabled ${top5_most_dangerous_cves_xpath}${row_num}${text}
|
|
IF ${index} < 5
|
|
${next_cvss_score_v3}= Get From Dictionary ${dangerous_cves}[${index}] cvss_score_v3
|
|
${comparison_result}= Evaluate ${cvss_score_v3} >= ${next_cvss_score_v3}
|
|
Should Be True ${comparison_result}
|
|
END
|
|
END
|
|
|
|
Check The Search By One Condition
|
|
[Arguments] ${project_name} ${repository_name} ${digest} ${cve_id} ${package} ${tag} ${cvss_score_v3_from} ${cvss_score_v3_to} ${summary}
|
|
# Check the search by project name
|
|
Select From List By Value ${vulnerabilities_filter_select} project_id
|
|
Retry Text Input ${vulnerabilities_filter_input} ${project_name}
|
|
Retry Button Click ${security_hub_search_btn}
|
|
Retry Wait Element Count //div[@class='datagrid']//clr-dg-cell[2][starts-with(@title, '${project_name}')] 10
|
|
# Check the search by repository name
|
|
Select From List By Value ${vulnerabilities_filter_select} repository_name
|
|
Retry Text Input ${vulnerabilities_filter_input} ${repository_name}
|
|
Retry Button Click ${security_hub_search_btn}
|
|
Retry Wait Element Count //div[@class='datagrid']//clr-dg-cell[2][@title='${repository_name}'] 10
|
|
# Check the search by artifact digest
|
|
Select From List By Value ${vulnerabilities_filter_select} digest
|
|
Retry Text Input ${vulnerabilities_filter_input} ${digest}
|
|
Retry Button Click ${security_hub_search_btn}
|
|
Retry Wait Element Count //div[@class='datagrid']//clr-dg-cell[3][@title='${digest}'] 10
|
|
${short_digest}= Set Variable ${digest}[0:15]
|
|
Retry Wait Element Count //div[@class='datagrid']//clr-dg-cell[3]//a[text()='${short_digest}'] 10
|
|
# Check the search by CVE ID
|
|
Select From List By Value ${vulnerabilities_filter_select} cve_id
|
|
Retry Text Input ${vulnerabilities_filter_input} ${cve_id}
|
|
Retry Button Click ${security_hub_search_btn}
|
|
Retry Wait Element Count //div[@class='datagrid']//clr-dg-cell[1]//a[text()='${cve_id}'] 10
|
|
# Check the search by package
|
|
Select From List By Value ${vulnerabilities_filter_select} package
|
|
Retry Text Input ${vulnerabilities_filter_input} ${package}
|
|
Retry Button Click ${security_hub_search_btn}
|
|
Retry Wait Element Count //div[@class='datagrid']//clr-dg-cell[7][@title='${package}'] 10
|
|
# Check the search by tag
|
|
Select From List By Value ${vulnerabilities_filter_select} tag
|
|
Retry Text Input ${vulnerabilities_filter_input} ${tag}
|
|
Retry Button Click ${security_hub_search_btn}
|
|
Retry Wait Element Count //div[@class='datagrid']//clr-dg-cell[4][text()='${tag}'] 10
|
|
# Check the search by CVSS3
|
|
Select From List By Value ${vulnerabilities_filter_select} cvss_score_v3
|
|
${cvss3_from_input}= Format String {}{} ${vulnerabilities_filter_input} [1]
|
|
${cvss3_to_input}= Format String {}{} ${vulnerabilities_filter_input} [2]
|
|
Retry Text Input ${cvss3_from_input} ${cvss_score_v3_from}
|
|
Retry Text Input ${cvss3_to_input} ${cvss_score_v3_to}
|
|
Retry Button Click ${security_hub_search_btn}
|
|
Retry Wait Element Count //div[@class='datagrid']//clr-dg-cell[5][text()>=${cvss_score_v3_from} and text()<=${cvss_score_v3_to}] 10
|
|
# Check the search by severity
|
|
# Critical
|
|
Select From List By Value ${vulnerabilities_filter_select} severity
|
|
Select From List By Value //form//div[2]//select Critical
|
|
Retry Button Click ${security_hub_search_btn}
|
|
Retry Wait Element Count //div[@class='datagrid']//clr-dg-cell[6]//span[text()='Critical'] 10
|
|
Retry Wait Element //clr-dg-footer//span[text()='${summary["critical_cnt"]} CVEs']
|
|
# High
|
|
Select From List By Value //form//div[2]//select High
|
|
Retry Button Click ${security_hub_search_btn}
|
|
Retry Wait Element Count //div[@class='datagrid']//clr-dg-cell[6]//span[text()='High'] 10
|
|
Retry Wait Element //clr-dg-footer//span[text()='${summary["high_cnt"]} CVEs']
|
|
# Medium
|
|
Select From List By Value //form//div[2]//select Medium
|
|
Retry Button Click ${security_hub_search_btn}
|
|
Retry Wait Element Count //div[@class='datagrid']//clr-dg-cell[6]//span[text()='Medium'] 10
|
|
Retry Wait Element //clr-dg-footer//span[text()='${summary["medium_cnt"]} CVEs']
|
|
# Low
|
|
Select From List By Value //form//div[2]//select Low
|
|
Retry Button Click ${security_hub_search_btn}
|
|
Retry Wait Element Count //div[@class='datagrid']//clr-dg-cell[6]//span[text()='Low'] 10
|
|
Retry Wait Element //clr-dg-footer//span[text()='${summary["low_cnt"]} CVEs']
|
|
# n/a
|
|
Select From List By Value //form//div[2]//select Unknown
|
|
Retry Button Click ${security_hub_search_btn}
|
|
Retry Wait Element Count ${vulnerabilities_datagrid_row} 0
|
|
Retry Wait Element //clr-dg-footer//span[text()='0 CVEs']
|
|
# None
|
|
Select From List By Value //form//div[2]//select None
|
|
Retry Button Click ${security_hub_search_btn}
|
|
Retry Wait Element Count ${vulnerabilities_datagrid_row} 0
|
|
Retry Wait Element //clr-dg-footer//span[text()='0 CVEs']
|
|
|
|
Check The Search By All Condition
|
|
[Arguments] ${project_name} ${repository_name} ${digest} ${cve_id} ${package} ${tag} ${cvss_score_v3_from} ${cvss_score_v3_to} ${severity}
|
|
# project name
|
|
Select From List By Value ${vulnerabilities_filter_select} project_id
|
|
Retry Text Input ${vulnerabilities_filter_input} ${project_name}
|
|
Retry Wait Element ${remove_search_criteria_icon_disabled}
|
|
# repository name
|
|
Retry Element Click ${add_search_criteria_icon}
|
|
${repository_name_select}= Format String {}{} ${vulnerabilities_filter_select} [2]
|
|
${repository_name_input}= Format String {}{} ${vulnerabilities_filter_input} [2]
|
|
Select From List By Value ${repository_name_select} repository_name
|
|
Retry Text Input ${repository_name_input} ${repository_name}
|
|
# artifact digest
|
|
Retry Element Click ${add_search_criteria_icon}
|
|
${digest_name_select}= Format String {}{} ${vulnerabilities_filter_select} [3]
|
|
${digest_name_input}= Format String {}{} ${vulnerabilities_filter_input} [3]
|
|
Select From List By Value ${digest_name_select} digest
|
|
Retry Text Input ${digest_name_input} ${digest}
|
|
# CVE ID
|
|
Retry Element Click ${add_search_criteria_icon}
|
|
${cve_id_select}= Format String {}{} ${vulnerabilities_filter_select} [4]
|
|
${cve_id_input}= Format String {}{} ${vulnerabilities_filter_input} [4]
|
|
Select From List By Value ${cve_id_select} cve_id
|
|
Retry Text Input ${cve_id_input} ${cve_id}
|
|
# package
|
|
Retry Element Click ${add_search_criteria_icon}
|
|
${package_select}= Format String {}{} ${vulnerabilities_filter_select} [5]
|
|
${package_input}= Format String {}{} ${vulnerabilities_filter_input} [5]
|
|
Select From List By Value ${package_select} package
|
|
Retry Text Input ${package_input} ${package}
|
|
# tag
|
|
Retry Element Click ${add_search_criteria_icon}
|
|
${tag_select}= Format String {}{} ${vulnerabilities_filter_select} [6]
|
|
${tag_input}= Format String {}{} ${vulnerabilities_filter_input} [6]
|
|
Select From List By Value ${tag_select} tag
|
|
Retry Text Input ${tag_input} ${tag}
|
|
# CVSS3
|
|
Retry Element Click ${add_search_criteria_icon}
|
|
${cvss3_select}= Format String {}{} ${vulnerabilities_filter_select} [7]
|
|
${cvss3_from_input}= Format String {}{} ${vulnerabilities_filter_input} [7]
|
|
${cvss3_to_input}= Format String {}{} ${vulnerabilities_filter_input} [8]
|
|
Select From List By Value ${cvss3_select} cvss_score_v3
|
|
Retry Text Input ${cvss3_from_input} ${cvss_score_v3_from}
|
|
Retry Text Input ${cvss3_to_input} ${cvss_score_v3_to}
|
|
# severity
|
|
Retry Element Click ${add_search_criteria_icon}
|
|
Retry Wait Element ${add_search_criteria_icon_disabled}
|
|
Retry Wait Element ${remove_search_criteria_icon}
|
|
${severity_select}= Format String {}{} ${vulnerabilities_filter_select} [8]
|
|
${severity_input}= Format String {}{} (//form[contains(@class,'clr-form')]//select) [9]
|
|
Select From List By Value ${severity_select} severity
|
|
Select From List By Value ${severity_input} ${severity}
|
|
# search
|
|
Retry Button Click ${security_hub_search_btn}
|
|
Retry Wait Element Count ${vulnerabilities_datagrid_row} 1
|
|
${target_row_xpath}= Set Variable //div[@class='datagrid'][..//clr-dg-cell[2][@title='${repository_name}'] and ..//clr-dg-cell[3][@title='${digest}'] and ..//clr-dg-cell[1]//a[text()='${cve_id}'] and ..//clr-dg-cell[7][@title='${package}'] and ..//clr-dg-cell[4][text()='${tag}'] and ..//clr-dg-cell[5][text()>=${cvss_score_v3_from} and text()<=${cvss_score_v3_to}] and ..//clr-dg-cell[6]//span[text()='${severity}']]
|
|
Log ${target_row_xpath}
|
|
Retry Wait Element ${target_row_xpath}
|
|
FOR ${index} IN RANGE 7
|
|
Retry Element Click ${remove_search_criteria_icon}
|
|
END
|
|
Retry Wait Element ${remove_search_criteria_icon_disabled}
|
|
Retry Wait Element ${add_search_criteria_icon}
|
|
|
|
Check The Vulnerabilities Jump
|
|
[Arguments] ${project_name} ${repository_name} ${cve_id} ${cve_description}
|
|
Retry Wait Until Page Does Not Contains ${cve_description}
|
|
Retry Double Keywords When Error Retry Button Click //clr-dg-row//button Retry Wait Until Page Contains ${cve_description}
|
|
Retry Double Keywords When Error Retry Button Click //clr-dg-row//button Retry Wait Until Page Does Not Contains ${cve_description}
|
|
# Vulnerabilities datagrid CVE jump
|
|
Retry Double Keywords When Error Click Link New Tab And Switch (//clr-dg-row//clr-dg-cell[1])[1]//a Retry Wait Element //h1[contains(.,'${cve_id}')]
|
|
Switch Window locator=MAIN
|
|
# Vulnerabilities datagrid repository jump
|
|
Retry Link Click (//clr-dg-row//clr-dg-cell[2])[1]//a
|
|
Retry Wait Element //h2[text()=' ${repository_name} ']
|
|
Retry Wait Element //a[text()='${project_name}']
|
|
Switch To Security Hub
|
|
# Vulnerabilities datagrid digest jump
|
|
Retry Wait Element (//clr-dg-row//clr-dg-cell[3])[1]//a
|
|
${short_digest}= Get Text (//clr-dg-row//clr-dg-cell[3])[1]//a
|
|
Retry Link Click (//clr-dg-row//clr-dg-cell[3])[1]//a
|
|
Retry Wait Element //h2//span[text()='${short_digest}']
|
|
Switch To Security Hub
|
|
# Top 5 Most Dangerous Artifacts jump
|
|
${short_digest}= Set Variable sha256:415bfdcf
|
|
Retry Element Click //div[@class='card'][2]//span[text()='${short_digest}']
|
|
Retry Wait Element //h2//span[text()='${short_digest}']
|
|
Switch To Security Hub
|
|
# Top 5 Most Dangerous Artifacts jump
|
|
${short_digest}= Set Variable sha256:7bf979f2
|
|
Retry Element Click //div[@class='card'][2]//span[text()='${short_digest}']
|
|
Retry Wait Element //h2//span[text()='${short_digest}']
|
|
|
|
Check The Quick Search
|
|
# Search for the most dangerous artifact
|
|
${repository_name_xpath}= Set Variable (//div[@class='card'][2]//span)[1]
|
|
${digest_xpath}= Set Variable (//div[@class='card'][2]//span)[2]
|
|
Retry Wait Element ${repository_name_xpath}
|
|
Retry Wait Element ${digest_xpath}
|
|
${repository_name}= Get Text ${repository_name_xpath}
|
|
${digest}= Get Text ${digest_xpath}
|
|
Retry Element Click ${repository_name_xpath}
|
|
Retry Wait Element Count ${vulnerabilities_filter_select} 2
|
|
${repository_name_select}= Format String {}{} ${vulnerabilities_filter_select} [1]
|
|
${repository_name_input}= Format String {}{} ${vulnerabilities_filter_input} [1]
|
|
${digest_select}= Format String {}{} ${vulnerabilities_filter_select} [2]
|
|
${digest_input}= Format String {}{} ${vulnerabilities_filter_input} [2]
|
|
${repository_name_selected}= Get Selected List Value ${repository_name_select}
|
|
${digest_selected}= Get Selected List Value ${digest_select}
|
|
Should Be Equal As Strings ${repository_name_selected} repository_name
|
|
Should Be Equal As Strings ${digest_selected} digest
|
|
${repository_name_input_value}= Get Value ${repository_name_input}
|
|
${digest_input_value}= Get Value ${digest_input}
|
|
Should Be Equal As Strings ${repository_name_input_value} ${repository_name}
|
|
Should Start With ${digest_input_value} ${digest}
|
|
${row_count}= Get Element Count ${vulnerabilities_datagrid_row}
|
|
Retry Wait Element Count //clr-datagrid//clr-dg-row[..//clr-dg-cell[2][@title='${repository_name}'] and ..//clr-dg-cell[3][starts-with(@title,'${digest}')]] ${row_count}
|
|
# Search for the most dangerous CVEs
|
|
${cve_xpath}= Set Variable (//div[@class='card'][3]//span)[1]
|
|
${cve}= Get Text ${cve_xpath}
|
|
Retry Element Click ${cve_xpath}
|
|
Retry Wait Element Count ${vulnerabilities_filter_select} 1
|
|
${cve_select}= Format String {}{} ${vulnerabilities_filter_select} [1]
|
|
${cve_input}= Format String {}{} ${vulnerabilities_filter_input} [1]
|
|
${cve_selected}= Get Selected List Value ${cve_select}
|
|
Should Be Equal As Strings ${cve_selected} cve_id
|
|
${cve_input_value}= Get Value ${cve_input}
|
|
Should Be Equal As Strings ${cve_input_value} ${cve}
|
|
${row_count}= Get Element Count ${vulnerabilities_datagrid_row}
|
|
Retry Wait Element Count //div[@class='datagrid']//clr-dg-cell[1]//a[text()='${cve}'] ${row_count}
|
|
|
|
Select Filter Label For CVE Export
|
|
[Arguments] @{labels}
|
|
Retry Element Click ${vulnerabilities_filter_label_xpath}
|
|
FOR ${label} IN @{labels}
|
|
Log ${label}
|
|
Retry Element Click //hbr-label-piece//span[contains(text(), '${label}')]
|
|
END
|
|
Retry Element Click ${vulnerabilities_filter_label_xpath}
|