def test_get_event_by_id(self, api_conf): resp = http_get(['events'], {'page': 1, 'limit': 1}, config=api_conf) assert resp == APIResponse(200) event_id = get_event_id_from_list_resp(resp.body) resp = http_get(['events', event_id], config=api_conf) assert resp == APIResponse(200)
def test_disable_and_delete_feed_group(self, api_conf): ensure_second_feed_enabled(api_conf) feed_list_resp = http_get(["system", "feeds"], config=api_conf) assert feed_list_resp == APIResponse(200) # Pick 2nd feed feeds = feed_list_resp.body feed = feeds[1] feed_name = feed.get("name") # Arbitrarily pick 1st group groups = feed.get("groups", []) group_to_delete = groups[0].get("name") resp = http_put( ["system", "feeds", feed_name, group_to_delete], None, {"enabled": False}, config=api_conf, ) assert resp == APIResponse(200) resp = http_del(["system", "feeds", feed_name, group_to_delete], config=api_conf) assert resp == APIResponse(200)
def test_get_event_by_id(self, api_conf): resp = http_get(["events"], {"page": 1, "limit": 1}, config=api_conf) assert resp == APIResponse(200) event_id = get_event_id_from_list_resp(resp.body) resp = http_get(["events", event_id], config=api_conf) assert resp == APIResponse(200)
def test_get_system_services_endpoints(self, api_conf): """ Test system services. NOTE! This only works for the super root user, so if the api_conf isn't that user, skip. Why do we even keep the api_conf in the function argument you ask? Because it's required in order to allow for pytest mark parametrization at the class level """ api_conf_name = str(api_conf.__name__) if api_conf_name != 'get_api_conf': pytest.skip( 'System Services Endpoint only works for root user of admin account: currentUserAPIConf={}' .format(api_conf_name)) resp = http_get(['system', 'services'], config=api_conf) assert resp == APIResponse(200) services = resp.body for service in services: service_name = service.get('servicename') resp = http_get(['system', 'services', service_name], config=api_conf) assert resp == APIResponse(200) service_details = resp.body resp = http_get([ 'system', 'services', service_name, service_details[0].get('hostid') ], config=api_conf) assert resp == APIResponse(200)
def test_get_all_image_vulns_by_type(self, add_alpine_latest_image): add_resp, api_conf = add_alpine_latest_image image_id = get_image_id(add_resp) resp = http_get(['images', 'by_id', image_id, 'vuln'], config=api_conf) assert resp == APIResponse(200) wait_for_image_to_analyze(image_id, api_conf) vuln_types = resp.body for v_type in vuln_types: resp = http_get(['images', 'by_id', image_id, 'vuln', v_type], config=api_conf) assert resp == APIResponse(200)
def test_list_events_with_before(self, api_conf): resp = http_get( ["events"], {"before": str(datetime.now()), "page": 1, "limit": 1}, config=api_conf, ) assert resp == APIResponse(200)
def test_list_events_with_resource_id(self, api_conf): resp = http_get( ["events"], {"resource_id": "docker.io/alpine:latest", "page": 1, "limit": 1}, config=api_conf, ) assert resp == APIResponse(200)
def test_list_events_with_resource_type(self, api_conf, r_type): resp = http_get( ["events"], {"resource_type": r_type, "page": 1, "limit": 1}, config=api_conf, ) assert resp == APIResponse(200)
def test_list_events_with_source_servicename(self, api_conf): resp = http_get( ["events"], {"source_hostid": "anchore-quickstart", "page": 1, "limit": 1}, config=api_conf, ) assert resp == APIResponse(200)
def test_list_subscriptions_with_key(self, add_alpine_subscription): subscription, api_conf = add_alpine_subscription resp = http_get( ['subscriptions'], query={'subscription_key': subscription.get('subscription_key')}, config=api_conf) assert resp == APIResponse(200)
def test_delete_admin_user(self, api_conf): create_ft_account_user("deletion_test", "lebronForPresident", api_conf) delete_resp = http_del( ["accounts", FT_ACCOUNT, "users", "deletion_test"], config=api_conf) assert delete_resp == APIResponse(204)
def test_get_image_vulns_all_types_by_digest(self, add_alpine_latest_image, query): add_resp, api_conf = add_alpine_latest_image image_id = get_image_id(add_resp) wait_for_image_to_analyze(image_id, api_conf) image_digest = get_image_digest(add_resp) resp = http_get(['images', image_digest, 'vuln'], config=api_conf) assert resp == APIResponse(200) v_types = resp.body for v_type in v_types: resp = http_get(['images', image_digest, 'vuln', v_type], query=query, config=api_conf) assert resp == APIResponse(200)
def test_get_registry_by_name(self, add_and_teardown_registry): add_resp, api_conf = add_and_teardown_registry resp = http_get( ['registries', quote(get_registry_info()['service_name'], '')], config=api_conf) assert resp == APIResponse(200)
def test_get_image_vuln_types(self, add_alpine_latest_image): add_resp, api_conf = add_alpine_latest_image image_id = get_image_id(add_resp) resp = http_get(['images', 'by_id', image_id, 'vuln'], config=api_conf) assert resp == APIResponse(200)
def test_delete_admin_user(self, api_conf): create_ft_account_user('deletion_test', 'lebronForPresident', api_conf) delete_resp = http_del( ['accounts', FT_ACCOUNT, 'users', 'deletion_test'], config=api_conf) assert delete_resp == APIResponse(204)
def test_list_events_with_source_servicename(self, api_conf, source): resp = http_get( ["events"], {"source_servicename": source, "page": 1, "limit": 1}, config=api_conf, ) assert resp == APIResponse(200)
def test_get_image_metadata_all_types_by_digest(self, add_alpine_latest_image): add_resp, api_conf = add_alpine_latest_image image_id = get_image_id(add_resp) wait_for_image_to_analyze(image_id, api_conf) image_digest = get_image_digest(add_resp) resp = http_get(['images', image_digest, 'metadata'], config=api_conf) assert resp == APIResponse(200) m_types = resp.body for m_type in m_types: resp = http_get(['images', image_digest, 'metadata', m_type], config=api_conf) assert resp == APIResponse(200)
def test_list_subscriptions_with_type(self, add_alpine_subscription, s_type): subscription, api_conf = add_alpine_subscription resp = http_get(['subscriptions'], query={'subscription_type': s_type}, config=api_conf) assert resp == APIResponse(200)
def test_query_image_by_vuln(self, add_alpine_latest_image): """ These tests seem to always return early because the system needs to be up and running for a while to gather feed data and analyze images. Good candidates for moving to an external test suite where an environment has been running for a while. """ add_resp, api_conf = add_alpine_latest_image # Arbitrarily get the first vuln from the os vuln response try: first_vuln = (get_alpine_latest_image_os_vuln( get_image_id(add_resp), get_image_digest(add_resp), api_conf).body.get("vulnerabilities", [])[0].get("vuln", None)) except IndexError: self._logger.warning( "No vulnerabilities found, cannot test query images by vulnerabilities" ) return assert first_vuln is not None resp = http_get( ["query", "images", "by_vulnerability"], {"vulnerability_id": first_vuln}, config=api_conf, ) assert resp == APIResponse(200)
def test_get_image_vuln_types(self, add_alpine_latest_image): add_resp, api_conf = add_alpine_latest_image image_id = get_image_id(add_resp) resp = http_get(["images", "by_id", image_id, "vuln"], config=api_conf) assert resp == APIResponse(200)
def test_list_events_with_source_servicename(self, api_conf): resp = http_get(['events'], { 'source_hostid': 'anchore-quickstart', 'page': 1, 'limit': 1 }, config=api_conf) assert resp == APIResponse(200)
def test_get_registry_by_name(self, add_and_teardown_registry): add_resp, api_conf = add_and_teardown_registry resp = http_get( ["registries", quote(get_registry_info()["service_name"], "")], config=api_conf, ) assert resp == APIResponse(200)
def test_list_events_with_level(self, api_conf, level): resp = http_get(['events'], { 'level': level, 'page': 1, 'limit': 1 }, config=api_conf) assert resp == APIResponse(200)
def test_list_image(self, add_alpine_latest_image, query): """ Atomically test list image functionality with add and teardown (by_id) implicit coverage """ add_resp, api_conf = add_alpine_latest_image resp = http_get(['images'], query=query, config=api_conf) assert resp == APIResponse(200)
def test_list_events_with_resource_type(self, api_conf, r_type): resp = http_get(['events'], { 'resource_type': r_type, 'page': 1, 'limit': 1 }, config=api_conf) assert resp == APIResponse(200)
def test_list_events_with_before(self, api_conf): resp = http_get(['events'], { 'before': str(datetime.now()), 'page': 1, 'limit': 1 }, config=api_conf) assert resp == APIResponse(200)
def test_add_repository(self, api_conf): resp = http_post( ["repositories"], None, query={"repository": "docker.io/alpine"}, config=api_conf, ) assert resp == APIResponse(200)
def test_list_events_with_resource_id(self, api_conf): resp = http_get(['events'], { 'resource_id': 'docker.io/alpine:latest', 'page': 1, 'limit': 1 }, config=api_conf) assert resp == APIResponse(200)
def test_get_subscription_by_id(self, add_alpine_subscription): subscription, api_conf = add_alpine_subscription # arbitrarily pick 1st subscription resp = http_get(['subscriptions', subscription.get('subscription_id')], config=api_conf) assert resp == APIResponse(200)
def test_list_subscriptions_with_key(self, add_alpine_subscription): subscription, api_conf = add_alpine_subscription resp = http_get( ["subscriptions"], query={"subscription_key": subscription.get("subscription_key")}, config=api_conf, ) assert resp == APIResponse(200)