def teardown():
_logger.info("Removing alpine:edge image from anchore")
remove_image_resp = http_del(
["images", "by_id",
get_image_id(add_image_resp)],
query={"force": True})
if remove_image_resp.code != 200:
raise RequestFailedError(remove_image_resp.url,
remove_image_resp.code,
remove_image_resp.body)
_logger.info("Removing Archive Rule: rule_id={}".format(
archive_rule_resp.body["rule_id"]))
remove_rule_resp = http_del(
["archives", "rules", archive_rule_resp.body["rule_id"]])
if remove_rule_resp.code != 200:
raise RequestFailedError(remove_rule_resp.url,
remove_rule_resp.code,
remove_rule_resp.body)
delete_archive_image_resp = http_del(
["archives", "images",
get_image_digest(add_image_resp)],
config=request.param,
)
if delete_archive_image_resp.code != 200:
raise RequestFailedError(
delete_archive_image_resp.url,
delete_archive_image_resp.code,
delete_archive_image_resp.body,
)
def test_delete_admin_user(self, api_conf):
create_ft_account_user('deletion_test', 'lebronForPresident', api_conf)
delete_resp = http_del(
['accounts', FT_ACCOUNT, 'users', 'deletion_test'],
config=api_conf)
assert delete_resp == APIResponse(204)
def test_disable_and_delete_feed_group(self, api_conf):
ensure_second_feed_enabled(api_conf)
feed_list_resp = http_get(["system", "feeds"], config=api_conf)
assert feed_list_resp == APIResponse(200)
# Pick 2nd feed
feeds = feed_list_resp.body
feed = feeds[1]
feed_name = feed.get("name")
# Arbitrarily pick 1st group
groups = feed.get("groups", [])
group_to_delete = groups[0].get("name")
resp = http_put(
["system", "feeds", feed_name, group_to_delete],
None,
{"enabled": False},
config=api_conf,
)
assert resp == APIResponse(200)
resp = http_del(["system", "feeds", feed_name, group_to_delete],
config=api_conf)
assert resp == APIResponse(200)
def delete_ft_account_user(username, api_conf: callable):
delete_resp = http_del(['accounts', FT_ACCOUNT, 'users', username],
config=api_conf)
if delete_resp.code != 204:
raise RequestFailedError(
delete_resp.url, delete_resp.code,
'' if not hasattr(delete_resp, 'body') else delete_resp.body)
def remove_registry():
_logger.info("Removing Registry. APIConf={}".format(str(request.param.__name__)))
remove_resp = http_del(['registries', quote(registry_info['service_name'])], config=request.param)
if remove_resp.code != 200:
raise RequestFailedError(remove_resp.url,
remove_resp.code,
'' if not hasattr(remove_resp, 'body') else remove_resp.body)
def test_delete_admin_user(self, api_conf):
create_ft_account_user("deletion_test", "lebronForPresident", api_conf)
delete_resp = http_del(
["accounts", FT_ACCOUNT, "users", "deletion_test"],
config=api_conf)
assert delete_resp == APIResponse(204)
def delete_ft_account_user(username, api_conf: callable):
delete_resp = http_del(["accounts", FT_ACCOUNT, "users", username], config=api_conf)
if delete_resp.code != 204:
raise RequestFailedError(
delete_resp.url,
delete_resp.code,
"" if not hasattr(delete_resp, "body") else delete_resp.body,
)
def teardown():
_logger.info('Removing alpine:edge image from anchore')
remove_image_resp = http_del(['images', 'by_id', get_image_id(add_image_resp)], query={'force': True})
if remove_image_resp.code != 200:
raise RequestFailedError(remove_image_resp.url, remove_image_resp.code, remove_image_resp.body)
_logger.info('Removing Archive Rule: rule_id={}'.format(archive_rule_resp.body['rule_id']))
remove_rule_resp = http_del(['archives', 'rules', archive_rule_resp.body['rule_id']])
if remove_rule_resp.code != 200:
raise RequestFailedError(remove_rule_resp.url, remove_rule_resp.code, remove_rule_resp.body)
delete_archive_image_resp = http_del(['archives', 'images', get_image_digest(add_image_resp)],
config=request.param)
if delete_archive_image_resp.code != 200:
raise RequestFailedError(delete_archive_image_resp.url,
delete_archive_image_resp.code,
delete_archive_image_resp.body)
def test_delete_imports(
self,
syft_json_name: str,
dockerfile_name: str,
begin_import: APIResponse,
):
import_response = http_post(["imports", "images"], payload={})
delete_response = http_del(
["imports", "images", import_response.body["uuid"]])
assert delete_response.code == 200
def disable_and_delete_functional_test_account():
"""
This method wil dynamically, and in a blocking fashion, handle account deletion, which requires that the
functional_test account be disabled before deletion. If the functional_test account is currently enabled, it
will disable and then delete the account, waiting for the deletion to complete. If the functional_test account
is already disabled, it will delete the account, and wait for the deletion to complete. If the functional_test
account is currently awaiting deletion, it will wait for the deletion to complete. If the functional_test
account is not found, it will exit.
"""
def await_account_deletion():
"""
This method is helpful for awaiting account deletion of the functional_test account, with a timeout governed
by DELETE_ACCOUNT_TIMEOUT_SEC. It awaits in 5 second intervals.
"""
start_time_sec = time.time()
result = 200
while result != 404:
time.sleep(5)
ft_get_account_resp = http_get(['accounts', FT_ACCOUNT])
_logger.info("Waiting for functional_test account to fully delete. Time Elapsed={}sec"
.format(int(time.time() - start_time_sec)))
if not (ft_get_account_resp.code == 200 or ft_get_account_resp.code == 404):
_logger.error(ft_get_account_resp)
raise RequestFailedError(ft_get_account_resp.url,
ft_get_account_resp.code,
ft_get_account_resp.body)
if time.time() - start_time_sec >= DELETE_ACCOUNT_TIMEOUT_SEC:
raise TimeoutError('Timed out waiting for functional_test account to delete')
result = ft_get_account_resp.code
ft_account_resp = http_get(['accounts', FT_ACCOUNT])
if ft_account_resp.code == 404:
_logger.info('functional_test account not found')
return
state = ft_account_resp.body.get('state')
if state == 'enabled':
_logger.info('functional_test account found, and enabled. Disabling')
disable_account_resp = http_put(['accounts', FT_ACCOUNT, 'state'], {'state': 'disabled'})
if disable_account_resp.code != 200:
raise RequestFailedError(disable_account_resp.url, disable_account_resp.code, disable_account_resp.body)
elif state == 'deleting':
_logger.info('functional_test account found, but is currently being deleted')
await_account_deletion()
return
_logger.info('Deleting functional_test account')
delete_resp = http_del(['accounts', FT_ACCOUNT])
if not (delete_resp.code == 200 or delete_resp.code == 404):
raise RequestFailedError(delete_resp.url, delete_resp.code, delete_resp.body)
await_account_deletion()
def remove_image_by_id():
remove_resp = http_del(['images', 'by_id', image_id], query={'force': True}, config=request.param)
if remove_resp.code != 200:
if not does_ft_account_exist():
# Because this is a session fixture, can't guarantee the order it runs against the account cleanup
# Therefore, I've observed this finalizer running after the account is deleted. It's not the end of
# the world, shouldn't be a failed test. If I make this fixture autouse=True, it has been generating an
# extra matrix of tests which is worse than just letting the finalizer skip
_logger.info("{} account does not exist, ignoring for teardown".format(FT_ACCOUNT))
return
raise RequestFailedError(remove_resp.url, remove_resp.code, remove_resp.body)
def begin_import() -> APIResponse:
logger.info("Creating import operation.")
import_response = http_post(["imports", "images"], payload={})
yield import_response
logger.info("Deleting import operation.")
delete_response = http_del(
["imports", "images", import_response.body["uuid"]])
if delete_response.code == 200:
logger.info("Deletion successful.")
else:
logger.info(f"Deletion failed! Response: {delete_response.body}")
def delete_image(image_id: str) -> http_utils.APIResponse:
if not image_id:
raise ValueError("Cannot ingress image to policy engine without image id")
delete_image_resp = http_utils.http_del(
["users", policy_engine_api_conf().get("ANCHORE_API_USER"), "images", image_id],
config=policy_engine_api_conf,
)
if delete_image_resp.code > 299:
raise http_utils.RequestFailedError(
delete_image_resp.url, delete_image_resp.code, delete_image_resp.body
)
return delete_image_resp
def delete_document(bucket: str, archiveid: str) -> http_utils.APIResponse:
if not bucket:
raise ValueError(
"Cannot delete document to object store without bucket")
if not archiveid:
raise ValueError(
"Cannot delete document to object store without archiveid")
del_document_resp = http_utils.http_del(["objects", bucket, archiveid],
config=catalog_api_conf)
if del_document_resp.code != 200:
raise http_utils.RequestFailedError(del_document_resp.url,
del_document_resp.code,
del_document_resp.body)
return del_document_resp
def test_disable_and_delete_system_feeds(self, api_conf):
"""
Since this does kinda change some of the state around feeds be sure to not re-order without considering the
other feed-related tests below
"""
feed_list_resp = http_get(['system', 'feeds'], config=api_conf)
assert feed_list_resp == APIResponse(200)
# Pick arbitrary first feed to disable & then delete
feeds = feed_list_resp.body
feed_to_delete = feeds[0].get('name')
resp = http_put(['system', 'feeds', feed_to_delete],
None, {'enabled': False},
config=api_conf)
assert resp == APIResponse(200)
resp = http_del(['system', 'feeds', feed_to_delete], config=api_conf)
assert resp == APIResponse(200)
def test_disable_and_delete_feed_group(self, api_conf):
ensure_second_feed_enabled(api_conf)
feed_list_resp = http_get(['system', 'feeds'], config=api_conf)
assert feed_list_resp == APIResponse(200)
# Pick 2nd feed
feeds = feed_list_resp.body
feed = feeds[1]
feed_name = feed.get('name')
# Arbitrarily pick 1st group
groups = feed.get('groups', [])
group_to_delete = groups[0].get('name')
resp = http_put(['system', 'feeds', feed_name, group_to_delete],
None, {'enabled': False},
config=api_conf)
assert resp == APIResponse(200)
resp = http_del(['system', 'feeds', feed_name, group_to_delete],
config=api_conf)
assert resp == APIResponse(200)
def remove_subscription():
resp = http_del(
["subscriptions", subscription.get("subscription_id")], config=request.param
)
if resp.code != 200:
raise RequestFailedError(resp.url, resp.code, resp.body)
def delete_policies():
del_resp = http_del(["policies", policy_id], config=request.param)
if del_resp.code != 200:
raise RequestFailedError(del_resp.url, del_resp.code,
del_resp.body)
