def test_get_event_by_id(self, api_conf): resp = http_get(['events'], {'page': 1, 'limit': 1}, config=api_conf) assert resp == APIResponse(200) event_id = get_event_id_from_list_resp(resp.body) resp = http_get(['events', event_id], config=api_conf) assert resp == APIResponse(200)
def test_get_system_services_endpoints(self, api_conf): """ Test system services. NOTE! This only works for the super root user, so if the api_conf isn't that user, skip. Why do we even keep the api_conf in the function argument you ask? Because it's required in order to allow for pytest mark parametrization at the class level """ api_conf_name = str(api_conf.__name__) if api_conf_name != 'get_api_conf': pytest.skip( 'System Services Endpoint only works for root user of admin account: currentUserAPIConf={}' .format(api_conf_name)) resp = http_get(['system', 'services'], config=api_conf) assert resp == APIResponse(200) services = resp.body for service in services: service_name = service.get('servicename') resp = http_get(['system', 'services', service_name], config=api_conf) assert resp == APIResponse(200) service_details = resp.body resp = http_get([ 'system', 'services', service_name, service_details[0].get('hostid') ], config=api_conf) assert resp == APIResponse(200)
def test_get_all_image_vulns_by_type(self, add_alpine_latest_image): add_resp, api_conf = add_alpine_latest_image image_id = get_image_id(add_resp) resp = http_get(['images', 'by_id', image_id, 'vuln'], config=api_conf) assert resp == APIResponse(200) wait_for_image_to_analyze(image_id, api_conf) vuln_types = resp.body for v_type in vuln_types: resp = http_get(['images', 'by_id', image_id, 'vuln', v_type], config=api_conf) assert resp == APIResponse(200)
def test_delete_admin_user(self, api_conf): create_ft_account_user('deletion_test', 'lebronForPresident', api_conf) delete_resp = http_del( ['accounts', FT_ACCOUNT, 'users', 'deletion_test'], config=api_conf) assert delete_resp == APIResponse(204)
def test_get_registry_by_name(self, add_and_teardown_registry): add_resp, api_conf = add_and_teardown_registry resp = http_get( ['registries', quote(get_registry_info()['service_name'], '')], config=api_conf) assert resp == APIResponse(200)
def test_get_image_vuln_types(self, add_alpine_latest_image): add_resp, api_conf = add_alpine_latest_image image_id = get_image_id(add_resp) resp = http_get(['images', 'by_id', image_id, 'vuln'], config=api_conf) assert resp == APIResponse(200)
def test_system_feeds_sync(self, api_conf): """ Should run fairly close to last to ensure test performance """ resp = http_post(['system', 'feeds'], None, {'sync': True}, config=api_conf) assert resp == APIResponse(200)
def test_list_events_with_source_servicename(self, api_conf): resp = http_get(['events'], { 'source_hostid': 'anchore-quickstart', 'page': 1, 'limit': 1 }, config=api_conf) assert resp == APIResponse(200)
def test_list_image(self, add_alpine_latest_image, query): """ Atomically test list image functionality with add and teardown (by_id) implicit coverage """ add_resp, api_conf = add_alpine_latest_image resp = http_get(['images'], query=query, config=api_conf) assert resp == APIResponse(200)
def test_disable_and_delete_system_feeds(self, api_conf): """ Since this does kinda change some of the state around feeds be sure to not re-order without considering the other feed-related tests below """ feed_list_resp = http_get(['system', 'feeds'], config=api_conf) assert feed_list_resp == APIResponse(200) # Pick arbitrary first feed to disable & then delete feeds = feed_list_resp.body feed_to_delete = feeds[0].get('name') resp = http_put(['system', 'feeds', feed_to_delete], None, {'enabled': False}, config=api_conf) assert resp == APIResponse(200) resp = http_del(['system', 'feeds', feed_to_delete], config=api_conf) assert resp == APIResponse(200)
def test_list_events_with_level(self, api_conf, level): resp = http_get(['events'], { 'level': level, 'page': 1, 'limit': 1 }, config=api_conf) assert resp == APIResponse(200)
def test_update_registry_by_name(self, add_and_teardown_registry): add_resp, api_conf = add_and_teardown_registry get_resp = http_get( ['registries', quote(get_registry_info()['service_name'], '')], config=api_conf) assert get_resp == APIResponse(200) # copy payload from existing (password isn't provided, so re-add it) update_payload = copy.copy(get_resp.body[0]) update_payload[ 'registry_name'] = 'updated_registry_name_functional_test' update_payload['registry_pass'] = get_registry_info()['pass'] update_resp = http_put(['registries', 'docker-registry:5000'], payload=update_payload, config=api_conf) assert update_resp == APIResponse(200)
def test_list_events_with_before(self, api_conf): resp = http_get(['events'], { 'before': str(datetime.now()), 'page': 1, 'limit': 1 }, config=api_conf) assert resp == APIResponse(200)
def test_list_events_with_resource_id(self, api_conf): resp = http_get(['events'], { 'resource_id': 'docker.io/alpine:latest', 'page': 1, 'limit': 1 }, config=api_conf) assert resp == APIResponse(200)
def test_list_events_with_resource_type(self, api_conf, r_type): resp = http_get(['events'], { 'resource_type': r_type, 'page': 1, 'limit': 1 }, config=api_conf) assert resp == APIResponse(200)
def test_add_user(self, api_conf): create_resp = http_post(['accounts', FT_ACCOUNT, 'users'], { 'username': '******', 'password': '******' }, config=api_conf) assert create_resp == APIResponse(200) delete_ft_account_user('creation_test', api_conf)
def test_list_events_with_source_servicename(self, api_conf, source): resp = http_get(['events'], { 'source_servicename': source, 'page': 1, 'limit': 1 }, config=api_conf) assert resp == APIResponse(200)
def test_get_image_metadata_all_types_by_digest(self, add_alpine_latest_image): add_resp, api_conf = add_alpine_latest_image image_id = get_image_id(add_resp) wait_for_image_to_analyze(image_id, api_conf) image_digest = get_image_digest(add_resp) resp = http_get(['images', image_digest, 'metadata'], config=api_conf) assert resp == APIResponse(200) m_types = resp.body for m_type in m_types: resp = http_get(['images', image_digest, 'metadata', m_type], config=api_conf) assert resp == APIResponse(200)
def test_list_events_with_since(self, api_conf): five_min_ago = str(datetime.now() - timedelta(minutes=5)) resp = http_get(['events'], { 'since': five_min_ago, 'page': 1, 'limit': 1 }, config=api_conf) assert resp == APIResponse(200)
def test_get_image_content_ctype(self, add_alpine_latest_image): add_resp, api_conf = add_alpine_latest_image image_id = get_image_id(add_resp) wait_for_image_to_analyze(image_id, api_conf) resp = http_get(['images', 'by_id', image_id, 'content', 'os'], config=api_conf) assert resp == APIResponse(200)
def test_get_archived_images_by_digest(self, create_and_teardown_archive_rule): """ Implicitly tests adding an image to the archive and deleting it """ image_resp, rule_resp, archive_resp, api_conf = create_and_teardown_archive_rule image_digest = get_image_digest(image_resp) resp = http_get(['archives', 'images', image_digest], config=api_conf) assert resp == APIResponse(200)
def test_get_image_vulns_all_types_by_digest(self, add_alpine_latest_image, query): add_resp, api_conf = add_alpine_latest_image image_id = get_image_id(add_resp) wait_for_image_to_analyze(image_id, api_conf) image_digest = get_image_digest(add_resp) resp = http_get(['images', image_digest, 'vuln'], config=api_conf) assert resp == APIResponse(200) v_types = resp.body for v_type in v_types: resp = http_get(['images', image_digest, 'vuln', v_type], query=query, config=api_conf) assert resp == APIResponse(200)
def test_disable_and_delete_feed_group(self, api_conf): ensure_second_feed_enabled(api_conf) feed_list_resp = http_get(['system', 'feeds'], config=api_conf) assert feed_list_resp == APIResponse(200) # Pick 2nd feed feeds = feed_list_resp.body feed = feeds[1] feed_name = feed.get('name') # Arbitrarily pick 1st group groups = feed.get('groups', []) group_to_delete = groups[0].get('name') resp = http_put(['system', 'feeds', feed_name, group_to_delete], None, {'enabled': False}, config=api_conf) assert resp == APIResponse(200) resp = http_del(['system', 'feeds', feed_name, group_to_delete], config=api_conf) assert resp == APIResponse(200)
def test_add_credential(self, api_conf): """ Do an add-in-place (i.e. do not change the password as it is depended on throughout the other tests) """ resp = http_post(['user', 'credentials'], { 'type': 'password', 'value': api_conf()['ANCHORE_API_PASS'] }, config=api_conf) assert resp == APIResponse(200)
def test_query_image_by_content(self, add_alpine_latest_image): add_resp, api_conf = add_alpine_latest_image # Arbitrarily get the first package from the os content response first_package = get_alpine_latest_image_os_content(get_image_id(add_resp), get_image_digest(add_resp), api_conf).body.get('content', [])[0].get('package', None) assert first_package is not None resp = http_get(['query', 'images', 'by_package'], {'name': first_package}, config=api_conf) assert resp == APIResponse(200)
def test_add_oauth_token(self): api_conf = get_api_conf() payload = { 'grant_type': 'password', 'username': api_conf['ANCHORE_API_USER'], 'password': api_conf['ANCHORE_API_PASS'], 'client_id': 'anonymous' } resp = http_post_url_encoded(['oauth', 'token'], payload) assert resp == APIResponse(200)
def test_get_image_content_types_by_digest(self, add_alpine_latest_image): add_resp, api_conf = add_alpine_latest_image image_id = get_image_id(add_resp) wait_for_image_to_analyze(image_id, api_conf) image_digest = get_image_digest(add_resp) resp = http_get(['images', image_digest, 'content'], config=api_conf) assert resp == APIResponse(200)
def test_update_policy_by_id(self, create_policy_from_artifact_and_teardown): """ Just gonna do a simple update (name change) here """ policy_bundle, policy_id, api_conf = create_policy_from_artifact_and_teardown resp = http_get(['policies', policy_id], config=api_conf) policy_json = resp.body[0] policy_json['name'] = 'UpdatedName' resp = http_put(['policies', policy_id], policy_json, config=api_conf) assert resp == APIResponse(200)
def test_query_vuln(self, add_alpine_latest_image): add_resp, api_conf = add_alpine_latest_image # Arbitrarily get the first vuln from the os vuln response for alpine image try: first_vuln = get_alpine_latest_image_os_vuln(get_image_id(add_resp), get_image_digest(add_resp), api_conf).body.get('vulnerabilities', [])[0].get('vuln', None) except IndexError: self._logger.warning('No vulnerabilities found, cannot test query vulnerabilities') return assert first_vuln is not None resp = http_get(['query', 'vulnerabilities'], {'id': first_vuln}, config=api_conf) assert resp == APIResponse(200)
def test_get_image_policy_evaluation(self, add_alpine_latest_image, query): add_resp, api_conf = add_alpine_latest_image image_id = get_image_id(add_resp) wait_for_image_to_analyze(image_id, api_conf) image_tag = get_image_tag(add_resp) query['tag'] = image_tag if query.get('policyId'): query['policyId'] = get_first_policy_id(api_conf) resp = http_get(['images', 'by_id', image_id, 'check'], {'tag': image_tag}, config=api_conf) assert resp == APIResponse(200)