def setUp(self):
     self.system = System()
     self.project = Project()
     self.user = User()
     self.artifact = Artifact()
     self.repo = Repository()
     self.repo_name = "hello-world"
Exemple #2
0
 def setUpClass(self):
     self.user = User()
     self.system = System()
     self.repo = Repository()
     self.project = Project()
     self.retention = Retention()
     self.artifact = Artifact()
     self.repo_name_1 = "test1"
Exemple #3
0
    def setUp(self):
        system = System()
        self.system = system

        project = Project()
        self.project = project

        user = User()
        self.user = user

        repo = Repository()
        self.repo = repo
Exemple #4
0
    def setUp(self):
        self.user = User()
        self.system = System()
        self.system_cve_allowlist = SystemCVEAllowlist()

        user_ra_password = "******"
        print("Setup: Creating user for test")
        user_ra_id, user_ra_name = self.user.create_user(
            user_password=user_ra_password, **ADMIN_CLIENT)
        print("Created user: %s, id: %s" % (user_ra_name, user_ra_id))
        self.USER_RA_CLIENT = dict(endpoint=ADMIN_CLIENT["endpoint"],
                                   username=user_ra_name,
                                   password=user_ra_password)
        self.user_ra_id = int(user_ra_id)
class TestProjects(unittest.TestCase):
    @classmethod
    def setUp(self):
        self.system = System()
        self.project = Project()
        self.user = User()
        self.artifact = Artifact()
        self.repo = Repository()
        self.scanner = Scanner()

    @classmethod
    def tearDown(self):
        print "Case completed"

    @unittest.skipIf(TEARDOWN == False, "Test data won't be erased.")
    def test_ClearData(self):
        #1. Delete Alice's repository and Luca's repository;
        self.repo.delete_repoitory(TestProjects.project_Alice_name,
                                   TestProjects.repo_Alice_name.split('/')[1],
                                   **ADMIN_CLIENT)
        self.repo.delete_repoitory(TestProjects.project_Luca_name,
                                   TestProjects.repo_Luca_name.split('/')[1],
                                   **ADMIN_CLIENT)

        #2. Delete Alice's project and Luca's project;
        self.project.delete_project(TestProjects.project_Alice_id,
                                    **ADMIN_CLIENT)
        self.project.delete_project(TestProjects.project_Luca_id,
                                    **ADMIN_CLIENT)

        #3. Delete user Alice and Luca.
        self.user.delete_user(TestProjects.user_Alice_id, **ADMIN_CLIENT)
        self.user.delete_user(TestProjects.user_Luca_id, **ADMIN_CLIENT)

    def testSystemLevelScanALL(self):
        """
        Test case:
            System level Scan All
        Test step and expected result:
            1. Create user Alice and Luca;
            2. Create 2 new private projects project_Alice and project_Luca;
            3. Push a image to project_Alice and push another image to project_Luca;
            4. Trigger scan all event;
            5. Check if image in project_Alice and another image in project_Luca were both scanned.
        Tear down:
            1. Delete Alice's repository and Luca's repository;
            2. Delete Alice's project and Luca's project;
            3. Delete user Alice and Luca.
        """
        url = ADMIN_CLIENT["endpoint"]
        user_common_password = "******"

        #1. Create user Alice and Luca;
        TestProjects.user_Alice_id, user_Alice_name = self.user.create_user(
            user_password=user_common_password, **ADMIN_CLIENT)
        TestProjects.user_Luca_id, user_Luca_name = self.user.create_user(
            user_password=user_common_password, **ADMIN_CLIENT)

        USER_ALICE_CLIENT = dict(endpoint=url,
                                 username=user_Alice_name,
                                 password=user_common_password,
                                 with_scan_overview=True)
        USER_LUCA_CLIENT = dict(endpoint=url,
                                username=user_Luca_name,
                                password=user_common_password,
                                with_scan_overview=True)

        #2. Create 2 new private projects project_Alice and project_Luca;
        TestProjects.project_Alice_id, TestProjects.project_Alice_name = self.project.create_project(
            metadata={"public": "false"}, **USER_ALICE_CLIENT)
        TestProjects.project_Luca_id, TestProjects.project_Luca_name = self.project.create_project(
            metadata={"public": "false"}, **USER_LUCA_CLIENT)

        #3. Push a image to project_Alice and push another image to project_Luca;

        #Note: Please make sure that this Image has never been pulled before by any other cases,
        #          so it is a not-scanned image rigth after repository creation.
        #image = "tomcat"
        image_a = "mariadb"
        src_tag = "latest"
        #3.1 Push a image to project_Alice;
        TestProjects.repo_Alice_name, tag_Alice = push_image_to_project(
            TestProjects.project_Alice_name, harbor_server, user_Alice_name,
            user_common_password, image_a, src_tag)

        #Note: Please make sure that this Image has never been pulled before by any other cases,
        #          so it is a not-scanned image rigth after repository creation.
        image_b = "httpd"
        src_tag = "latest"
        #3.2 push another image to project_Luca;
        TestProjects.repo_Luca_name, tag_Luca = push_image_to_project(
            TestProjects.project_Luca_name, harbor_server, user_Luca_name,
            user_common_password, image_b, src_tag)

        #4. Trigger scan all event;
        self.system.scan_now(**ADMIN_CLIENT)

        #5. Check if image in project_Alice and another image in project_Luca were both scanned.
        self.artifact.check_image_scan_result(TestProjects.project_Alice_name,
                                              image_a, tag_Alice,
                                              **USER_ALICE_CLIENT)
        self.artifact.check_image_scan_result(TestProjects.project_Luca_name,
                                              image_b, tag_Luca,
                                              **USER_LUCA_CLIENT)

        #6. Swith Scanner;
        uuid = self.scanner.scanners_get_uuid(**ADMIN_CLIENT)
        self.scanner.scanners_registration_id_patch(uuid, **ADMIN_CLIENT)

        #7. Trigger scan all event;
        self.system.scan_now(**ADMIN_CLIENT)

        #8. Check if image in project_Alice and another image in project_Luca were both scanned.
        self.artifact.check_image_scan_result(TestProjects.project_Alice_name,
                                              image_a, tag_Alice,
                                              **USER_ALICE_CLIENT)
        self.artifact.check_image_scan_result(TestProjects.project_Luca_name,
                                              image_b, tag_Luca,
                                              **USER_LUCA_CLIENT)
Exemple #6
0
 def setUpClass(self):
     self.user = User()
     self.system = System()
     self.repo = Repository()
     self.project = Project()
     self.retention = Retention()
class TestSysCVEAllowlist(unittest.TestCase):
    """
    Test case:
        System Level CVE Allowlist
    Setup:
        Create user(RA)
    Test Steps:
        1. User(RA) reads the system level CVE allowlist and it's empty.
        2. User(RA) updates the system level CVE allowlist, verify it's failed.
        3. Update user(RA) to system admin
        4. User(RA) updates the system level CVE allowlist, verify it's successful.
        5. User(RA) reads the system level CVE allowlist, verify the CVE list is updated.
        6. User(RA) updates the expiration date of system level CVE allowlist.
        7. User(RA) reads the system level CVE allowlist, verify the expiration date is updated.
    Tear Down:
        1. Clear the system level CVE allowlist.
        2. Delete User(RA)
    """
    @suppress_urllib3_warning
    def setUp(self):
        self.user = User()
        self.system = System()
        user_ra_password = "******"
        print("Setup: Creating user for test")
        user_ra_id, user_ra_name = self.user.create_user(
            user_password=user_ra_password, **ADMIN_CLIENT)
        print("Created user: %s, id: %s" % (user_ra_name, user_ra_id))
        self.USER_RA_CLIENT = dict(endpoint=ADMIN_CLIENT["endpoint"],
                                   username=user_ra_name,
                                   password=user_ra_password)
        self.user_ra_id = int(user_ra_id)

    @unittest.skipIf(TEARDOWN == False, "Test data won't be erased.")
    def tearDown(self):
        print("TearDown: Clearing the Allowlist")
        self.system.set_cve_allowlist(**ADMIN_CLIENT)
        print("TearDown: Deleting user: %d" % self.user_ra_id)
        self.user.delete_user(self.user_ra_id, **ADMIN_CLIENT)

    def testSysCVEAllowlist(self):
        # 1. User(RA) reads the system level CVE allowlist and it's empty.
        wl = self.system.get_cve_allowlist(**self.USER_RA_CLIENT)
        self.assertEqual(
            0, len(wl.items),
            "The initial system level CVE allowlist is not empty: %s" %
            wl.items)
        # 2. User(RA) updates the system level CVE allowlist, verify it's failed.
        cves = ['CVE-2019-12310']
        self.system.set_cve_allowlist(None, 403, *cves, **self.USER_RA_CLIENT)
        # 3. Update user(RA) to system admin
        self.user.update_user_role_as_sysadmin(self.user_ra_id, True,
                                               **ADMIN_CLIENT)
        # 4. User(RA) updates the system level CVE allowlist, verify it's successful.
        self.system.set_cve_allowlist(None, 200, *cves, **self.USER_RA_CLIENT)
        # 5. User(RA) reads the system level CVE allowlist, verify the CVE list is updated.
        expect_wl = [swagger_client.CVEAllowlistItem(cve_id='CVE-2019-12310')]
        wl = self.system.get_cve_allowlist(**self.USER_RA_CLIENT)
        self.assertIsNone(wl.expires_at)
        self.assertEqual(expect_wl, wl.items)
        # 6. User(RA) updates the expiration date of system level CVE allowlist.
        exp = int(time.time()) + 3600
        self.system.set_cve_allowlist(exp, 200, *cves, **self.USER_RA_CLIENT)
        # 7. User(RA) reads the system level CVE allowlist, verify the expiration date is updated.
        wl = self.system.get_cve_allowlist(**self.USER_RA_CLIENT)
        self.assertEqual(exp, wl.expires_at)
 def setUp(cls):
     cls.repo = Repository()
     cls.system = System()
Exemple #9
0
 def setUp(cls):
     cls.repo = Repository(api_type='repository')
     cls.system = System()
class TestProjects(unittest.TestCase):
    @classmethod
    def setUp(self):
        self.system = System()
        self.project = Project()
        self.user = User()
        self.repo = Repository()
        self.artifact = Artifact()
        self.repo_name = "test_repo"
        self.repo_name_untag = "test_untag"
        self.tag = "v1.0"

    @classmethod
    def tearDown(self):
        print("Case completed")

    @unittest.skipIf(TEARDOWN == True, "Test data won't be erased.")
    def test_ClearData(self):
        #2. Delete project(PA);
        self.project.delete_project(TestProjects.project_gc_id, **TestProjects.USER_GC_CLIENT)

        #3. Delete user(UA);
        self.user.delete_user(TestProjects.user_gc_id, **ADMIN_CLIENT)

    def testGarbageCollection(self):
        """
        Test case:
            Garbage Collection
        Test step and expected result:
            1. Create a new user(UA);
            2. Create project(PA) and project(PB) by user(UA);
            3. Push a image in project(PA) and then delete repository by admin;
            4. Get repository by user(UA), it should get nothing;
            5. Tigger garbage collection operation;
            6. Check garbage collection job was finished;
            7. Get garbage collection log, check there is a number of files was deleted;
            8. Push a image in project(PB) by admin and delete the only tag;
            9. Tigger garbage collection operation;
            10. Check garbage collection job was finished;
            11. Repository with untag image should be still there;
            12. But no any artifact in repository anymore.
        Tear down:
            1. Delete project(PA);
            2. Delete user(UA).
        """
        url = ADMIN_CLIENT["endpoint"]
        admin_name = ADMIN_CLIENT["username"]
        admin_password = ADMIN_CLIENT["password"]
        user_gc_password = "******"

        #1. Create a new user(UA);
        TestProjects.user_gc_id, user_gc_name = self.user.create_user(user_password = user_gc_password, **ADMIN_CLIENT)

        TestProjects.USER_GC_CLIENT=dict(endpoint = url, username = user_gc_name, password = user_gc_password)

        #2. Create project(PA) and project(PB) by user(UA);
        TestProjects.project_gc_id, TestProjects.project_gc_name = self.project.create_project(metadata = {"public": "false"}, **TestProjects.USER_GC_CLIENT)
        TestProjects.project_gc_untag_id, TestProjects.project_gc_untag_name = self.project.create_project(metadata = {"public": "false"}, **TestProjects.USER_GC_CLIENT)

        #3. Push a image in project(PA) and then delete repository by admin;
        push_special_image_to_project(TestProjects.project_gc_name, harbor_server, admin_name, admin_password, self.repo_name, ["latest", "v1.2.3"])
        self.repo.delete_repoitory(TestProjects.project_gc_name, self.repo_name, **TestProjects.USER_GC_CLIENT)

        #4. Get repository by user(UA), it should get nothing;
        repo_data = self.repo.list_repositories(TestProjects.project_gc_name, **TestProjects.USER_GC_CLIENT)
        _assert_status_code(len(repo_data), 0)

        #8. Push a image in project(PB) by admin and delete the only tag;
        push_special_image_to_project(TestProjects.project_gc_untag_name, harbor_server, admin_name, admin_password, self.repo_name_untag, [self.tag])
        self.artifact.delete_tag(TestProjects.project_gc_untag_name, self.repo_name_untag, self.tag, self.tag, **ADMIN_CLIENT)

        #5. Tigger garbage collection operation;
        gc_id = self.system.gc_now(**ADMIN_CLIENT)

        #6. Check garbage collection job was finished;
        self.system.validate_gc_job_status(gc_id, "finished", **ADMIN_CLIENT)

        #7. Get garbage collection log, check there is a number of files was deleted;
        self.system.validate_deletion_success(gc_id, **ADMIN_CLIENT)

        artifacts = self.artifact.list_artifacts(TestProjects.project_gc_untag_name, self.repo_name_untag, **TestProjects.USER_GC_CLIENT)
        _assert_status_code(len(artifacts), 1)

        time.sleep(5)

        #9. Tigger garbage collection operation;
        gc_id = self.system.gc_now(is_delete_untagged=True, **ADMIN_CLIENT)

        #10. Check garbage collection job was finished;
        self.system.validate_gc_job_status(gc_id, "finished", **ADMIN_CLIENT)

        #7. Get garbage collection log, check there is a number of files was deleted;
        self.system.validate_deletion_success(gc_id, **ADMIN_CLIENT)

        #11. Repository with untag image should be still there;
        repo_data_untag = self.repo.list_repositories(TestProjects.project_gc_untag_name, **TestProjects.USER_GC_CLIENT)
        _assert_status_code(len(repo_data_untag), 1)
        self.assertEqual(TestProjects.project_gc_untag_name + "/" + self.repo_name_untag , repo_data_untag[0].name)

        #12. But no any artifact in repository anymore.
        artifacts = self.artifact.list_artifacts(TestProjects.project_gc_untag_name, self.repo_name_untag, **TestProjects.USER_GC_CLIENT)
        self.assertEqual(artifacts,[])
Exemple #11
0
 def setUp(self):
     self.system = System()
     self.project = Project()
     self.user = User()
     self.artifact = Artifact(api_type='artifact')
     self.repo = Repository(api_type='repository')
Exemple #12
0
class TestProjects(unittest.TestCase):
    @classmethod
    def setUp(self):
        project = Project()
        self.project= project

        user = User()
        self.user= user

        repo = Repository()
        self.repo= repo

        self.system = System()

    @classmethod
    def tearDown(self):
        print "Case completed"

    @unittest.skipIf(TEARDOWN == False, "Test data won't be erased.")
    def test_ClearData(self):
        #1. Delete project(PA);
        self.project.delete_project(TestProjects.project_test_quota_id, **ADMIN_CLIENT)

        #2. Delete user(UA);
        self.user.delete_user(TestProjects.user_test_quota_id, **ADMIN_CLIENT)

    def testProjectQuota(self):
        """
        Test case:
            Project Quota
        Test step and expected result:
            1. Create a new user(UA);
            2. Create a new private project(PA) by user(UA);
            3. Add user(UA) as a member of project(PA) with project-admin role;
            4. Push an image to project(PA) by user(UA), then check the project quota usage;
            5. Check quota change
            6. Delete image, the quota should be changed to 0.
        Tear down:
            1. Delete repository(RA) by user(UA);
            2. Delete project(PA);
            3. Delete user(UA);
        """
        url = ADMIN_CLIENT["endpoint"]
        user_001_password = "******"

        #1. Create user-001
        TestProjects.user_test_quota_id, user_test_quota_name = self.user.create_user(user_password = user_001_password, **ADMIN_CLIENT)
        TestProjects.USER_TEST_QUOTA_CLIENT=dict(endpoint = url, username = user_test_quota_name, password = user_001_password)

        #2. Create a new private project(PA) by user(UA);
        TestProjects.project_test_quota_id, project_test_quota_name = self.project.create_project(metadata = {"public": "false"}, **ADMIN_CLIENT)

        #3. Add user(UA) as a member of project(PA) with project-admin role;
        self.project.add_project_members(TestProjects.project_test_quota_id, TestProjects.user_test_quota_id, **ADMIN_CLIENT)

        #4.Push an image to project(PA) by user(UA), then check the project quota usage; -- {"count": 1, "storage": 2791709}
        image = "alpine"
        src_tag = "3.10"
        TestProjects.repo_name, _ = push_image_to_project(project_test_quota_name, harbor_server, user_test_quota_name, user_001_password, image, src_tag)

        #5. Get project quota
        quota = self.system.get_project_quota("project", TestProjects.project_test_quota_id, **ADMIN_CLIENT)
        self.assertEqual(quota[0].used["count"], 1)
        self.assertEqual(quota[0].used["storage"], 2789174)

        #6. Delete repository(RA) by user(UA);
        self.repo.delete_repoitory(TestProjects.repo_name, **ADMIN_CLIENT)

        #6. Quota should be 0
        quota = self.system.get_project_quota("project", TestProjects.project_test_quota_id, **ADMIN_CLIENT)
        self.assertEqual(quota[0].used["count"], 0)
        self.assertEqual(quota[0].used["storage"], 0)
Exemple #13
0
class TestProjects(unittest.TestCase):
    @classmethod
    def setUp(self):
        self.system = System()
        self.project = Project()
        self.user = User()
        self.repo = Repository(api_type='repository')

    @classmethod
    def tearDown(self):
        print "Case completed"

    @unittest.skipIf(TEARDOWN == False, "Test data won't be erased.")
    def test_ClearData(self):
        #2. Delete project(PA);
        self.project.delete_project(TestProjects.project_gc_id,
                                    **TestProjects.USER_GC_CLIENT)

        #3. Delete user(UA);
        self.user.delete_user(TestProjects.user_gc_id, **ADMIN_CLIENT)

    def testGarbageCollection(self):
        """
        Test case:
            Garbage Collection
        Test step and expected result:
            1. Create a new user(UA);
            2. Create a new project(PA) by user(UA);
            3. Push a new image(IA) in project(PA) by admin;
            4. Delete repository(RA) by user(UA);
            5. Get repository by user(UA), it should get nothing;
            6. Tigger garbage collection operation;
            7. Check garbage collection job was finished;
            8. Get garbage collection log, check there is number of files was deleted.
        Tear down:
            1. Delete project(PA);
            2. Delete user(UA).
        """
        url = ADMIN_CLIENT["endpoint"]
        admin_name = ADMIN_CLIENT["username"]
        admin_password = ADMIN_CLIENT["password"]
        user_gc_password = "******"

        #1. Create a new user(UA);
        TestProjects.user_gc_id, user_gc_name = self.user.create_user(
            user_password=user_gc_password, **ADMIN_CLIENT)

        TestProjects.USER_GC_CLIENT = dict(endpoint=url,
                                           username=user_gc_name,
                                           password=user_gc_password)

        #2. Create a new project(PA) by user(UA);
        TestProjects.project_gc_id, TestProjects.project_gc_name = self.project.create_project(
            metadata={"public": "false"}, **TestProjects.USER_GC_CLIENT)

        #3. Push a new image(IA) in project(PA) by admin;
        repo_name, _ = push_image_to_project(TestProjects.project_gc_name,
                                             harbor_server, admin_name,
                                             admin_password, "tomcat",
                                             "latest")

        #4. Delete repository(RA) by user(UA);
        self.repo.delete_repoitory(TestProjects.project_gc_name,
                                   repo_name.split('/')[1],
                                   **TestProjects.USER_GC_CLIENT)

        #5. Get repository by user(UA), it should get nothing;
        repo_data = self.repo.list_repositories(TestProjects.project_gc_name,
                                                **TestProjects.USER_GC_CLIENT)
        _assert_status_code(len(repo_data), 0)

        #6. Tigger garbage collection operation;
        gc_id = self.system.gc_now(**ADMIN_CLIENT)

        #7. Check garbage collection job was finished;
        self.system.validate_gc_job_status(gc_id, "finished", **ADMIN_CLIENT)

        #8. Get garbage collection log, check there is number of files was deleted.
        self.system.validate_deletion_success(gc_id, **ADMIN_CLIENT)