def setUp(self):
self.system = System()
self.project = Project()
self.user = User()
self.artifact = Artifact()
self.repo = Repository()
self.repo_name = "hello-world"
def setUp(self):
self.project = Project()
self.user = User()
self.artifact = Artifact()
self.repo = Repository()
self.repo_name = "busybox"
self.tag = "1.28"
def setUp(self):
self.project = Project()
self.user = User()
self.artifact = Artifact()
self.repo = Repository()
self.scan = Scan()
self.url = ADMIN_CLIENT["endpoint"]
self.user_password = "******"
self.project_id, self.project_name, self.user_id, self.user_name, self.repo_name1, self.repo_name2 = [
None
] * 6
self.user_id, self.user_name = self.user.create_user(
user_password=self.user_password, **ADMIN_CLIENT)
self.USER_CLIENT = dict(with_signature=True,
with_immutable_status=True,
endpoint=self.url,
username=self.user_name,
password=self.user_password,
with_scan_overview=True)
#2. Create a new private project(PA) by user(UA);
self.project_id, self.project_name = self.project.create_project(
metadata={"public": "false"}, **ADMIN_CLIENT)
#3. Add user(UA) as a member of project(PA) with project-admin role;
self.project.add_project_members(self.project_id,
user_id=self.user_id,
**ADMIN_CLIENT)
def setUp(self):
self.project = Project()
self.user = User()
self.artifact = Artifact()
self.repo = Repository()
self.repo_name = "hello-artifact"
self.tag = "test_v2"
def setUp(self):
self.system = System()
self.project = Project()
self.user = User()
self.artifact = Artifact()
self.repo = Repository()
self.scanner = Scanner()
def setUp(self):
self.project = Project()
self.user = User()
self.artifact = Artifact()
self.repo = Repository()
self.image = "alpine"
self.tag = "latest"
self.expect_accessory_type = "signature.cosign"
def setUpClass(self):
self.user = User()
self.system = System()
self.repo = Repository()
self.project = Project()
self.retention = Retention()
self.artifact = Artifact()
self.repo_name_1 = "test1"
def setUp(self):
self.project= Project()
self.user= User()
self.artifact = Artifact()
self.repo= Repository()
self.url = ADMIN_CLIENT["endpoint"]
self.user_password = "******"
self.repo_name = "hello-world"
def setUpClass(self):
self.url = ADMIN_CLIENT["endpoint"]
self.user_password = "******"
self.project = Project()
self.user = User()
self.repo = Repository()
self.registry = Registry()
self.artifact = Artifact()
def setUpClass(self):
self.project = Project()
self.user = User()
self.artifact = Artifact(api_type='artifact')
self.repo = Repository(api_type='repository')
self.url = ADMIN_CLIENT["endpoint"]
self.user_push_chart_password = "******"
self.cnab_repo_name = "test_cnab"
def setUp(self):
self.project= Project()
self.user= User()
self.artifact = Artifact()
self.repo= Repository()
self.url = ADMIN_CLIENT["endpoint"]
self.user_push_cnab_password = "******"
self.cnab_repo_name = "test_cnab"
self.cnab_tag = "test_cnab_tag"
def setUp(self):
self.project = Project()
self.user = User()
self.replication = Replication()
self.registry = Registry()
self.artifact = Artifact()
self.repo = Repository()
self.image = "alpine"
self.tag = "latest"
def setUp(self):
self.system = System()
self.project = Project()
self.user = User()
self.repo = Repository()
self.artifact = Artifact()
self.repo_name = "test_repo"
self.repo_name_untag = "test_untag"
self.tag = "v1.0"
def setUpClass(self):
self.project= Project()
self.user= User()
self.artifact = Artifact()
self.repo= Repository()
self.url = ADMIN_CLIENT["endpoint"]
self.user_push_chart_password = "******"
self.chart_file = "https://storage.googleapis.com/harbor-builds/helm-chart-test-files/harbor-0.2.0.tgz"
self.archive = "harbor/"
self.verion = "0.2.0"
self.repo_name = "harbor_api_test"
def setUpClass(self):
self.project = Project()
self.user = User()
self.artifact = Artifact()
self.repo = Repository()
self.url = ADMIN_CLIENT["endpoint"]
self.user_push_index_password = "******"
self.index_name = "ci_test_index"
self.index_tag = "test_tag"
self.image_a = "alpine"
self.image_b = "busybox"
def setUp(self):
self.project = Project()
self.user = User()
self.artifact = Artifact()
self.repo = Repository()
self.url = ADMIN_CLIENT["endpoint"]
self.user_push_chart_password = "******"
self.chart_file_name = "harbor-helm-1.7.3"
self.chart_file_package_name = "harbor-1.7.3.tgz"
self.chart_file_path = files_directory + "harbor-helm-1.7.3.tar.gz"
self.version = "1.7.3"
self.repo_name = "harbor"
def setUp(self):
self.project = Project()
self.user = User()
self.repo = Repository()
self.artifact = Artifact()
self.robot = Robot()
self.scan = Scan()
self.label = Label()
self.chart = Chart()
TestRobotAccount.url = ADMIN_CLIENT["endpoint"]
TestRobotAccount.user_ra_password = "******"
print("setup")
def setUp(self):
self.url = ADMIN_CLIENT["endpoint"]
self.user_password = "******"
self.project= Project()
self.user= User()
self.repo= Repository()
self.registry = Registry()
self.artifact = Artifact()
self.tag_immutability = Tag_Immutability()
self.project_id, self.project_name, self.user_id, self.user_name = [None] * 4
self.user_id, self.user_name = self.user.create_user(user_password = self.user_password, **ADMIN_CLIENT)
self.USER_CLIENT = dict(with_signature = True, with_immutable_status = True, endpoint = self.url, username = self.user_name, password = self.user_password)
self.exsiting_rule = dict(selector_repository="rel*", selector_tag="v2.*")
self.project_id, self.project_name = self.project.create_project(metadata = {"public": "false"}, **self.USER_CLIENT)
class TestScanImageInPublicProject(unittest.TestCase):
@suppress_urllib3_warning
def setUp(self):
self.artifact = Artifact()
self.repo = Repository()
self.scan = Scan()
@unittest.skipIf(TEARDOWN == False, "Test data won't be erased.")
def tearDown(self):
print("Case completed")
def testScanImageInPublicProject(self):
"""
Test case:
Scan An Image Artifact In Public Project
Test step and expected result:
1. Create a new user(UA);
2. Create a new public project(PA) by user(UA);
3. Add user(UA) as a member of project(PA) with project-admin role;
4. Create a new repository(RA) and tag(TA) in project(PA) by user(UA);
5. Send scan image command without credential (anonymous), the API response should be 401;
6. Create a new user(UB) which is non member of the project(PA);
7. Send scan image command with credential of the new created user(UB), the API response should be 403;
8. Delete user(UB);
9. Send scan image command with credential of the user(UA) and get tag(TA) information to check scan result, it should be finished;
10. Delete repository(RA) by user(UA);
11. Delete project(PA);
12. Delete user(UA);
"""
password = '******' # nosec
with created_user(password) as (user_id, username):
with created_project(metadata={"public": "true"}, user_id=user_id) as (_, project_name):
image, src_tag = "docker", "1.13"
full_name, tag = push_self_build_image_to_project(project_name, harbor_server, username, password, image, src_tag)
repo_name = full_name.split('/')[1]
# scan image with anonymous user
self.scan.scan_artifact(project_name, repo_name, tag, expect_status_code=401, username=None, password=None)
with created_user(password) as (_, username1):
# scan image with non project memeber
self.scan.scan_artifact(project_name, repo_name, tag, expect_status_code=403, username=username1, password=password)
self.scan.scan_artifact(project_name, repo_name, tag, username=username, password=password)
self.artifact.check_image_scan_result(project_name, image, tag, username=username, password=password, with_scan_overview=True)
self.repo.delete_repoitory(project_name, repo_name)
def setUp(self):
self.project = Project()
self.user = User()
self.artifact = Artifact()
self.repo = Repository()
self.scan_all = ScanAll()
self.stop_scan_all = StopScanAll()
class TestProjects(unittest.TestCase):
@suppress_urllib3_warning
def setUp(self):
self.project = Project()
self.user = User()
self.artifact = Artifact()
self.repo = Repository()
self.repo_name = "hello-artifact"
self.tag = "test_v2"
@unittest.skipIf(TEARDOWN == False, "Test data won't be erased.")
def tearDown(self):
#1. Delete user(UA);
self.user.delete_user(TestProjects.user_sign_image_id, **ADMIN_CLIENT)
def testOrasCli(self):
"""
Test case:
Push Artifact With ORAS CLI
Test step and expected result:
1. Create user-001
2. Create a new private project(PA) by user(UA);
3. ORAS CLI push artifacts;
4. Get repository from Harbor successfully, and verfiy repository name is repo pushed by ORAS CLI;
5. Get and verify artifacts by tag;
6. ORAS CLI pull artifacts index by tag;
7. Verfiy MD5 between artifacts pushed by ORAS and artifacts pulled by ORAS;
Tear down:
NA
"""
url = ADMIN_CLIENT["endpoint"]
user_001_password = "******"
#1. Create user-001
TestProjects.user_sign_image_id, user_name = self.user.create_user(user_password = user_001_password, **ADMIN_CLIENT)
TestProjects.USER_CLIENT=dict(with_signature = True, endpoint = url, username = user_name, password = user_001_password)
#2. Create a new private project(PA) by user(UA);
TestProjects.project_id, TestProjects.project_name = self.project.create_project(metadata = {"public": "false"}, **TestProjects.USER_CLIENT)
#3. ORAS CLI push artifacts;
md5_list_push = library.oras.oras_push(harbor_server, user_name, user_001_password, TestProjects.project_name, self.repo_name, self.tag)
#4. Get repository from Harbor successfully, and verfiy repository name is repo pushed by ORAS CLI;
repo_data = self.repo.get_repository(TestProjects.project_name, self.repo_name, **TestProjects.USER_CLIENT)
self.assertEqual(repo_data.name, TestProjects.project_name + "/" + self.repo_name)
#5. Get and verify artifacts by tag;
artifact = self.artifact.get_reference_info(TestProjects.project_name, self.repo_name, self.tag, **TestProjects.USER_CLIENT)
self.assertEqual(artifact.tags[0].name, self.tag)
#6. ORAS CLI pull artifacts index by tag;
md5_list_pull = library.oras.oras_pull(harbor_server, user_name, user_001_password, TestProjects.project_name, self.repo_name, self.tag)
#7. Verfiy MD5 between artifacts pushed by ORAS and artifacts pulled by ORAS;
if set(md5_list_push) != set(md5_list_pull):
raise Exception(r"MD5 check failed with {} and {}.".format(str(md5_list_push), str(md5_list_pull)))
def setUpClass(self):
project = Project()
self.project = project
user = User()
self.user = user
artifact = Artifact(api_type='artifact')
self.artifact = artifact
repo = Repository(api_type='repository')
self.repo = repo
def do_populate(name_index, repo_count):
project= Project()
artifact = Artifact()
repo = Repository()
url = ADMIN_CLIENT["endpoint"]
ADMIN_CLIENT["password"] = "******"
#2. Create a new project(PA) by user(UA);
project_name = "project"+str(name_index)
if project.check_project_name_exist(name=project_name, **ADMIN_CLIENT) is not True:
project.create_project(name=project_name, metadata = {"public": "false"}, **ADMIN_CLIENT)
print("Create Project:", project_name)
tag = 'latest'
for repo_index in range(int(repo_count)):
repo_name = "image"+ str(repo_index)
if artifact.check_reference_exist(project_name, repo_name, tag, ignore_not_found=True, **ADMIN_CLIENT) is not True:
push_special_image_to_project(project_name, harbor_server, ADMIN_CLIENT["username"], ADMIN_CLIENT["password"], repo_name, [tag], size=repo_index*30)
print("Push Image:", repo_name)
for tag_index in numpy.arange(1, 2, 0.1):
artifact.create_tag(project_name, repo_name, tag, str(tag_index), ignore_conflict = True, **ADMIN_CLIENT)
print("Add Tag:", str(tag_index))
def setUp(self):
self.project = Project()
self.user = User()
self.artifact = Artifact()
self.repo = Repository()
class TestProjects(unittest.TestCase):
@suppress_urllib3_warning
def setUp(self):
self.project = Project()
self.user = User()
self.artifact = Artifact()
self.repo = Repository()
@unittest.skipIf(TEARDOWN == True, "Test data won't be erased.")
def tearDown(self):
#1. Delete repository(RA) by user(UA);
self.repo.delete_repository(TestProjects.project_content_trust_name,
TestProjects.repo_name.split('/')[1],
**TestProjects.USER_CONTENT_TRUST_CLIENT)
#2. Delete project(PA);
self.project.delete_project(TestProjects.project_content_trust_id,
**TestProjects.USER_CONTENT_TRUST_CLIENT)
#3. Delete user(UA);
self.user.delete_user(TestProjects.user_content_trust_id,
**ADMIN_CLIENT)
def testProjectLevelPolicyContentTrust(self):
"""
Test case:
Project Level Policy Content Trust
Test step and expected result:
1. Create a new user(UA);
2. Create a new project(PA) by user(UA);
3. Push a new image(IA) in project(PA) by admin;
4. Image(IA) should exist;
5. Pull image(IA) successfully;
6. Enable content trust in project(PA) configuration;
7. Pull image(IA) failed and the reason is "The image is not signed in Notary".
Tear down:
1. Delete repository(RA) by user(UA);
2. Delete project(PA);
3. Delete user(UA);
"""
url = ADMIN_CLIENT["endpoint"]
image = "test_content_trust"
user_content_trust_password = "******"
#1. Create a new user(UA);
TestProjects.user_content_trust_id, user_content_trust_name = self.user.create_user(
user_password=user_content_trust_password, **ADMIN_CLIENT)
TestProjects.USER_CONTENT_TRUST_CLIENT = dict(
endpoint=url,
username=user_content_trust_name,
password=user_content_trust_password)
#2. Create a new project(PA) by user(UA);
TestProjects.project_content_trust_id, TestProjects.project_content_trust_name = self.project.create_project(
metadata={"public": "false"},
**TestProjects.USER_CONTENT_TRUST_CLIENT)
#3. Push a new image(IA) in project(PA) by admin;
TestProjects.repo_name, tag = push_self_build_image_to_project(
TestProjects.project_content_trust_name, harbor_server,
ADMIN_CLIENT["username"], ADMIN_CLIENT["password"], image,
"latest")
#4. Image(IA) should exist;
artifact = self.artifact.get_reference_info(
TestProjects.project_content_trust_name, image, tag,
**TestProjects.USER_CONTENT_TRUST_CLIENT)
self.assertEqual(artifact.tags[0].name, tag)
docker_image_clean_all()
#5. Pull image(IA) successfully;
pull_harbor_image(harbor_server, ADMIN_CLIENT["username"],
ADMIN_CLIENT["password"], TestProjects.repo_name,
tag)
self.project.get_project(TestProjects.project_content_trust_id)
#6. Enable content trust in project(PA) configuration;
self.project.update_project(TestProjects.project_content_trust_id,
metadata={"enable_content_trust": "true"},
**TestProjects.USER_CONTENT_TRUST_CLIENT)
self.project.get_project(TestProjects.project_content_trust_id)
#7. Pull image(IA) failed and the reason is "The image is not signed in Notary".
docker_image_clean_all()
pull_harbor_image(
harbor_server,
ADMIN_CLIENT["username"],
ADMIN_CLIENT["password"],
TestProjects.repo_name,
tag,
expected_error_message="The image is not signed in Notary")
class TestProjects(unittest.TestCase):
@classmethod
def setUp(self):
self.system = System()
self.project = Project()
self.user = User()
self.artifact = Artifact()
self.repo = Repository()
self.scanner = Scanner()
@classmethod
def tearDown(self):
print "Case completed"
@unittest.skipIf(TEARDOWN == False, "Test data won't be erased.")
def test_ClearData(self):
#1. Delete Alice's repository and Luca's repository;
self.repo.delete_repoitory(TestProjects.project_Alice_name,
TestProjects.repo_Alice_name.split('/')[1],
**ADMIN_CLIENT)
self.repo.delete_repoitory(TestProjects.project_Luca_name,
TestProjects.repo_Luca_name.split('/')[1],
**ADMIN_CLIENT)
#2. Delete Alice's project and Luca's project;
self.project.delete_project(TestProjects.project_Alice_id,
**ADMIN_CLIENT)
self.project.delete_project(TestProjects.project_Luca_id,
**ADMIN_CLIENT)
#3. Delete user Alice and Luca.
self.user.delete_user(TestProjects.user_Alice_id, **ADMIN_CLIENT)
self.user.delete_user(TestProjects.user_Luca_id, **ADMIN_CLIENT)
def testSystemLevelScanALL(self):
"""
Test case:
System level Scan All
Test step and expected result:
1. Create user Alice and Luca;
2. Create 2 new private projects project_Alice and project_Luca;
3. Push a image to project_Alice and push another image to project_Luca;
4. Trigger scan all event;
5. Check if image in project_Alice and another image in project_Luca were both scanned.
Tear down:
1. Delete Alice's repository and Luca's repository;
2. Delete Alice's project and Luca's project;
3. Delete user Alice and Luca.
"""
url = ADMIN_CLIENT["endpoint"]
user_common_password = "******"
#1. Create user Alice and Luca;
TestProjects.user_Alice_id, user_Alice_name = self.user.create_user(
user_password=user_common_password, **ADMIN_CLIENT)
TestProjects.user_Luca_id, user_Luca_name = self.user.create_user(
user_password=user_common_password, **ADMIN_CLIENT)
USER_ALICE_CLIENT = dict(endpoint=url,
username=user_Alice_name,
password=user_common_password,
with_scan_overview=True)
USER_LUCA_CLIENT = dict(endpoint=url,
username=user_Luca_name,
password=user_common_password,
with_scan_overview=True)
#2. Create 2 new private projects project_Alice and project_Luca;
TestProjects.project_Alice_id, TestProjects.project_Alice_name = self.project.create_project(
metadata={"public": "false"}, **USER_ALICE_CLIENT)
TestProjects.project_Luca_id, TestProjects.project_Luca_name = self.project.create_project(
metadata={"public": "false"}, **USER_LUCA_CLIENT)
#3. Push a image to project_Alice and push another image to project_Luca;
#Note: Please make sure that this Image has never been pulled before by any other cases,
# so it is a not-scanned image rigth after repository creation.
#image = "tomcat"
image_a = "mariadb"
src_tag = "latest"
#3.1 Push a image to project_Alice;
TestProjects.repo_Alice_name, tag_Alice = push_image_to_project(
TestProjects.project_Alice_name, harbor_server, user_Alice_name,
user_common_password, image_a, src_tag)
#Note: Please make sure that this Image has never been pulled before by any other cases,
# so it is a not-scanned image rigth after repository creation.
image_b = "httpd"
src_tag = "latest"
#3.2 push another image to project_Luca;
TestProjects.repo_Luca_name, tag_Luca = push_image_to_project(
TestProjects.project_Luca_name, harbor_server, user_Luca_name,
user_common_password, image_b, src_tag)
#4. Trigger scan all event;
self.system.scan_now(**ADMIN_CLIENT)
#5. Check if image in project_Alice and another image in project_Luca were both scanned.
self.artifact.check_image_scan_result(TestProjects.project_Alice_name,
image_a, tag_Alice,
**USER_ALICE_CLIENT)
self.artifact.check_image_scan_result(TestProjects.project_Luca_name,
image_b, tag_Luca,
**USER_LUCA_CLIENT)
#6. Swith Scanner;
uuid = self.scanner.scanners_get_uuid(**ADMIN_CLIENT)
self.scanner.scanners_registration_id_patch(uuid, **ADMIN_CLIENT)
#7. Trigger scan all event;
self.system.scan_now(**ADMIN_CLIENT)
#8. Check if image in project_Alice and another image in project_Luca were both scanned.
self.artifact.check_image_scan_result(TestProjects.project_Alice_name,
image_a, tag_Alice,
**USER_ALICE_CLIENT)
self.artifact.check_image_scan_result(TestProjects.project_Luca_name,
image_b, tag_Luca,
**USER_LUCA_CLIENT)
class TestProjects(unittest.TestCase):
@classmethod
def setUp(self):
self.project = Project()
self.user = User()
self.artifact = Artifact()
self.repo = Repository()
@classmethod
def tearDown(self):
print("Case completed")
@unittest.skipIf(TEARDOWN == False, "Test data won't be erased.")
def test_ClearData(self):
# remove the deletion as the signed image cannot be deleted.
#1. Delete repository(RA) by user(UA);
#self.repo.delete_repoitory(TestProjects.project_sign_image_name, TestProjects.repo_name.split('/')[1], **TestProjects.USER_sign_image_CLIENT)
#2. Delete project(PA);
#self.project.delete_project(TestProjects.project_sign_image_id, **TestProjects.USER_sign_image_CLIENT)
#3. Delete user(UA);
self.user.delete_user(TestProjects.user_sign_image_id, **ADMIN_CLIENT)
def testPushImageWithSpecialName(self):
"""
Test case:
Push Image With Special Name
Test step and expected result:
1. Create a new user(UA);
2. Create a new private project(PA) by user(UA);
3. Add user(UA) as a member of project(PA) with project-admin role;
4. Get private project of user(UA), user(UA) can see only one private project which is project(PA);
5. Create a new repository(RA) and tag(TA) in project(PA) by user(UA);
6. Sign image with tag(TA) which was tagged by step #5;
7. Get signature of image with tag(TA), it should be exist.
Tear down:
NA
"""
url = ADMIN_CLIENT["endpoint"]
user_001_password = "******"
#1. Create user-001
TestProjects.user_sign_image_id, user_sign_image_name = self.user.create_user(
user_password=user_001_password, **ADMIN_CLIENT)
TestProjects.USER_sign_image_CLIENT = dict(
with_signature=True,
endpoint=url,
username=user_sign_image_name,
password=user_001_password)
#2. Create a new private project(PA) by user(UA);
TestProjects.project_sign_image_id, TestProjects.project_sign_image_name = self.project.create_project(
metadata={"public": "false"}, **ADMIN_CLIENT)
#3. Add user(UA) as a member of project(PA) with project-admin role;
self.project.add_project_members(
TestProjects.project_sign_image_id,
user_id=TestProjects.user_sign_image_id,
**ADMIN_CLIENT)
#4. Get private project of user(UA), user(UA) can see only one private project which is project(PA);
self.project.projects_should_exist(
dict(public=False),
expected_count=1,
expected_project_id=TestProjects.project_sign_image_id,
**TestProjects.USER_sign_image_CLIENT)
image = "hello-world"
src_tag = "latest"
profix = "aaa/bbb"
#5. Create a new repository(RA) and tag(TA) in project(PA) by user(UA);
TestProjects.repo_name, tag = push_image_to_project(
TestProjects.project_sign_image_name,
harbor_server,
user_sign_image_name,
user_001_password,
image,
src_tag,
profix_for_image=profix)
#7. Get signature of image with tag(TA), it should be exist.
full_name = urllib.parse.quote(profix + "/" + image, 'utf-8')
artifact = self.artifact.get_reference_info(
TestProjects.project_sign_image_name, full_name, tag,
**TestProjects.USER_sign_image_CLIENT)
self.assertEqual(artifact[0].type, 'IMAGE')
class TestProjects(unittest.TestCase):
@suppress_urllib3_warning
def setUp(self):
self.project = Project()
self.user = User()
self.artifact = Artifact()
self.repo = Repository()
self.label = Label()
@unittest.skipIf(TEARDOWN == False, "Test data won't be erased.")
def tearDown(self):
#1. Delete repository(RA) by user(UA);
self.repo.delete_repository(TestProjects.project_add_g_lbl_name,
TestProjects.repo_name.split('/')[1],
**TestProjects.USER_add_g_lbl_CLIENT)
#2. Delete project(PA);
self.project.delete_project(TestProjects.project_add_g_lbl_id,
**TestProjects.USER_add_g_lbl_CLIENT)
#3. Delete user(UA);
self.user.delete_user(TestProjects.user_add_g_lbl_id, **ADMIN_CLIENT)
#4. Delete label(LA).
self.label.delete_label(TestProjects.label_id, **ADMIN_CLIENT)
def testAddSysLabelToRepo(self):
"""
Test case:
Add Global Label To Tag
Test step and expected result:
1. Create a new user(UA);
2. Create a new private project(PA) by user(UA);
3. Add user(UA) as a member of project(PA) with project-admin role;
4. Get private project of user(UA), user(UA) can see only one private project which is project(PA);
5. Create a new repository(RA) and tag(TA) in project(PA) by user(UA);
6. Create a new label(LA) in project(PA) by admin;;
7. Add this system global label to repository(RA)/tag(TA);
Tear down:
1. Delete repository(RA) by user(UA);
2. Delete project(PA);
3. Delete user(UA);
4. Delete label(LA).
"""
url = ADMIN_CLIENT["endpoint"]
user_001_password = "******"
#1. Create user-001
TestProjects.user_add_g_lbl_id, user_add_g_lbl_name = self.user.create_user(
user_password=user_001_password, **ADMIN_CLIENT)
TestProjects.USER_add_g_lbl_CLIENT = dict(endpoint=url,
username=user_add_g_lbl_name,
password=user_001_password)
#2. Create private project-001
TestProjects.project_add_g_lbl_id, TestProjects.project_add_g_lbl_name = self.project.create_project(
metadata={"public": "false"}, **ADMIN_CLIENT)
#3. Add user-001 as a member of project-001 with project-admin role
self.project.add_project_members(
TestProjects.project_add_g_lbl_id,
user_id=TestProjects.user_add_g_lbl_id,
**ADMIN_CLIENT)
#4. Get private project of user(UA), user(UA) can see only one private project which is project(PA);
self.project.projects_should_exist(
dict(public=False),
expected_count=1,
expected_project_id=TestProjects.project_add_g_lbl_id,
**TestProjects.USER_add_g_lbl_CLIENT)
#5. Create a new repository(RA) and tag(TA) in project(PA) by user(UA);
TestProjects.repo_name, tag = push_self_build_image_to_project(
TestProjects.project_add_g_lbl_name, harbor_server,
user_add_g_lbl_name, user_001_password, "test_sys_label", "latest")
#6. Create a new label(LA) in project(PA) by admin;
TestProjects.label_id, _ = self.label.create_label(**ADMIN_CLIENT)
#7. Add this system global label to repository(RA)/tag(TA).
self.artifact.add_label_to_reference(
TestProjects.project_add_g_lbl_name,
TestProjects.repo_name.split('/')[1], tag,
int(TestProjects.label_id), **TestProjects.USER_add_g_lbl_CLIENT)
class TestProjects(unittest.TestCase):
@classmethod
def setUpClass(self):
self.project = Project()
self.user = User()
self.artifact = Artifact(api_type='artifact')
self.repo = Repository(api_type='repository')
@classmethod
def tearDownClass(self):
print "Case completed"
@unittest.skipIf(TEARDOWN == False, "Test data won't be erased.")
def test_ClearData(self):
#1. Delete repository(RA);
self.repo.delete_repoitory(TestProjects.project_src_repo_name,
(TestProjects.src_repo_name).split('/')[1],
**TestProjects.USER_RETAG_CLIENT)
#2. Delete repository by retag;
self.repo.delete_repoitory(TestProjects.project_dst_repo_name,
(TestProjects.dst_repo_name).split('/')[1],
**TestProjects.USER_RETAG_CLIENT)
#3. Delete project(PA);
self.project.delete_project(TestProjects.project_src_repo_id,
**TestProjects.USER_RETAG_CLIENT)
self.project.delete_project(TestProjects.project_dst_repo_id,
**TestProjects.USER_RETAG_CLIENT)
#4. Delete user(UA).
self.user.delete_user(TestProjects.user_retag_id, **ADMIN_CLIENT)
def testRetag(self):
"""
Test case:
Retag Image
Test step and expected result:
1. Create a new user(UA);
2. Create a new project(PA) by user(UA);
3. Create a new project(PB) by user(UA);
4. Update role of user-retag as guest member of project(PB);
5. Create a new repository(RA) in project(PA) by user(UA);
6. Get repository in project(PA), there should be one repository which was created by user(UA);
7. Get repository(RA)'s image tag detail information;
8. Retag image in project(PA) to project(PB), it should be forbidden;
9. Update role of user-retag as admin member of project(PB);
10. Retag image in project(PA) to project(PB), it should be successful;
11. Get repository(RB)'s image tag detail information;
12. Read digest of retaged image, it must be the same with the image in repository(RA);
13. Pull image from project(PB) by user_retag, it must be successful;
Tear down:
1. Delete repository(RA);
2. Delete repository by retag;
3. Delete project(PA);
4. Delete user(UA).
"""
url = ADMIN_CLIENT["endpoint"]
user_retag_password = "******"
pull_tag_name = "latest"
dst_repo_sub_name = "repo"
#1. Create a new user(UA);
TestProjects.user_retag_id, user_retag_name = self.user.create_user(
user_password=user_retag_password, **ADMIN_CLIENT)
TestProjects.USER_RETAG_CLIENT = dict(endpoint=url,
username=user_retag_name,
password=user_retag_password)
#2. Create a new project(PA) by user(UA);
TestProjects.project_src_repo_id, TestProjects.project_src_repo_name = self.project.create_project(
metadata={"public": "false"}, **TestProjects.USER_RETAG_CLIENT)
#3. Create a new project(PB) by user(UA);
TestProjects.project_dst_repo_id, TestProjects.project_dst_repo_name = self.project.create_project(
metadata={"public": "false"}, **TestProjects.USER_RETAG_CLIENT)
retag_member_id = self.project.get_project_member_id(
TestProjects.project_dst_repo_id, user_retag_name,
**TestProjects.USER_RETAG_CLIENT)
#4. Update role of user-retag as guest member of project(PB);
self.project.update_project_member_role(
TestProjects.project_dst_repo_id, retag_member_id, 3,
**ADMIN_CLIENT)
#5. Create a new repository(RA) in project(PA) by user(UA);
TestProjects.src_repo_name, tag_name = push_image_to_project(
TestProjects.project_src_repo_name, harbor_server, 'admin',
'Harbor12345', "hello-world", pull_tag_name)
#6. Get repository in project(PA), there should be one repository which was created by user(UA);
src_repo_data = self.repo.get_repository(
TestProjects.project_src_repo_name,
**TestProjects.USER_RETAG_CLIENT)
_assert_status_code(TestProjects.src_repo_name, src_repo_data[0].name)
#7. Get repository(RA)'s image tag detail information;
src_tag_data = self.artifact.get_reference_info(
TestProjects.project_src_repo_name,
TestProjects.src_repo_name.split('/')[1], tag_name,
**TestProjects.USER_RETAG_CLIENT)
TestProjects.dst_repo_name = TestProjects.project_dst_repo_name + "/" + dst_repo_sub_name
#8. Retag image in project(PA) to project(PB), it should be forbidden;
self.artifact.copy_artifact(TestProjects.project_dst_repo_name,
dst_repo_sub_name,
TestProjects.src_repo_name + "@" +
src_tag_data[0].digest,
expect_status_code=403,
**TestProjects.USER_RETAG_CLIENT)
#9. Update role of user-retag as admin member of project(PB);
self.project.update_project_member_role(
TestProjects.project_dst_repo_id, retag_member_id, 1,
**ADMIN_CLIENT)
#10. Retag image in project(PA) to project(PB), it should be successful;
self.artifact.copy_artifact(
TestProjects.project_dst_repo_name, dst_repo_sub_name,
TestProjects.src_repo_name + "@" + src_tag_data[0].digest,
**TestProjects.USER_RETAG_CLIENT)
#11. Get repository(RB)'s image tag detail information;
dst_tag_data = self.artifact.get_reference_info(
TestProjects.project_dst_repo_name, dst_repo_sub_name, tag_name,
**TestProjects.USER_RETAG_CLIENT)
#12. Read digest of retaged image, it must be the same with the image in repository(RA);
self.assertEqual(src_tag_data[0].digest, dst_tag_data[0].digest)
#13. Pull image from project(PB) by user_retag, it must be successful;"
pull_harbor_image(harbor_server, user_retag_name, user_retag_password,
TestProjects.dst_repo_name, tag_name)
class TestProjects(unittest.TestCase):
@suppress_urllib3_warning
def setUp(self):
self.system = System()
self.project= Project()
self.user= User()
self.artifact = Artifact()
self.repo = Repository()
@unittest.skipIf(TEARDOWN == False, "Test data won't be erased.")
def tearDown(self):
#1. Delete Alice's repository and Luca's repository;
self.repo.delete_repository(TestProjects.project_Alice_name, TestProjects.repo_a.split('/')[1], **ADMIN_CLIENT)
self.repo.delete_repository(TestProjects.project_Alice_name, TestProjects.repo_b.split('/')[1], **ADMIN_CLIENT)
self.repo.delete_repository(TestProjects.project_Alice_name, TestProjects.repo_c.split('/')[1], **ADMIN_CLIENT)
#2. Delete Alice's project and Luca's project;
self.project.delete_project(TestProjects.project_Alice_id, **ADMIN_CLIENT)
#3. Delete user Alice and Luca.
self.user.delete_user(TestProjects.user_Alice_id, **ADMIN_CLIENT)
def testRegistryAPI(self):
"""
Test case:
Catalog API to list all repositories by system admin
Test step and expected result:G
1. Create user Alice;
2. Create 1 new private projects project_Alice;
3. Push 3 images to project_Alice and Add 3 tags to the 3rd image
4. Call the image_list_tag API
5. Call the catalog API using admin account without pagination, can get all 3 images
5.1 Call the catalog API using admin account with pagination n=1, page=2, twice to get all 3 images.
5.2 Call the catalog API using Alice account, no repos should be found.
Tear down:
1. Delete Alice's repository;
2. Delete Alice's project;
3. Delete user Alice.
"""
url = ADMIN_CLIENT["endpoint"]
user_common_password = "******"
#1. Create user Alice and Luca;
TestProjects.user_Alice_id, user_Alice_name = self.user.create_user(user_password = user_common_password, **ADMIN_CLIENT)
USER_ALICE_CLIENT=dict(endpoint = url, username = user_Alice_name, password = user_common_password)
#2. Create 2 new private projects project_Alice and project_Luca;
TestProjects.project_Alice_id, TestProjects.project_Alice_name = self.project.create_project(metadata = {"public": "false"}, **USER_ALICE_CLIENT)
#3. Push 3 images to project_Alice and Add 3 tags to the 3rd image.
src_tag = "latest"
image_a = "image_a"
TestProjects.repo_a, tag_a = push_self_build_image_to_project(TestProjects.project_Alice_name, harbor_server, user_Alice_name, user_common_password, image_a, src_tag)
image_b = "image_b"
TestProjects.repo_b, tag_b = push_self_build_image_to_project(TestProjects.project_Alice_name, harbor_server, user_Alice_name, user_common_password, image_b, src_tag)
image_c = "image_c"
TestProjects.repo_c, tag_c = push_self_build_image_to_project(TestProjects.project_Alice_name, harbor_server, user_Alice_name, user_common_password, image_c, src_tag)
create_tags = ["1.0","2.0","3.0"]
for tag in create_tags:
self.artifact.create_tag(TestProjects.project_Alice_name, image_c, tag_c, tag, **USER_ALICE_CLIENT)
#4. Call the image_list_tags API
tags = list_image_tags(harbor_server,TestProjects.repo_c,user_Alice_name,user_common_password)
for tag in create_tags:
self.assertTrue(tags.count(tag)>0, "Expect tag: %s is not listed"%tag)
page_tags = list_image_tags(harbor_server,TestProjects.repo_c,user_Alice_name,user_common_password,len(tags)/2+1)
page_tags += list_image_tags(harbor_server,TestProjects.repo_c,user_Alice_name,user_common_password,len(tags)/2+1,tags[int(len(tags)/2)])
for tag in create_tags:
self.assertTrue(page_tags.count(tag)>0, "Expect tag: %s is not listed by the pagination query"%tag)
#5. Call the catalog API;
repos = list_repositories(harbor_server,admin_user,admin_pwd)
self.assertTrue(repos.count(TestProjects.repo_a)>0 and repos.count(TestProjects.repo_b)>0 and repos.count(TestProjects.repo_c)>0, "Expected repo not found")
for repo in [TestProjects.repo_a,TestProjects.repo_b,TestProjects.repo_c]:
self.assertTrue(repos.count(repo)>0,"Expected repo: %s is not listed"%repo)
page_repos = list_repositories(harbor_server,admin_user,admin_pwd,len(repos)/2+1)
page_repos += list_repositories(harbor_server,admin_user,admin_pwd,len(repos)/2+1,repos[int(len(repos)/2)])
for repo in [TestProjects.repo_a,TestProjects.repo_b,TestProjects.repo_c]:
self.assertTrue(page_repos.count(repo)>0,"Expected repo: %s is not listed by the pagination query"%repo)
null_repos = list_repositories(harbor_server,user_Alice_name,user_common_password)
self.assertEqual(null_repos, "")