def testGarbageCollection(self):
"""
Test case:
Garbage Collection
Test step and expected result:
1. Create a new user(UA);
2. Create a new project(PA) by user(UA);
3. Push a new image(IA) in project(PA) by admin;
4. Delete repository(RA) by user(UA);
5. Get repository by user(UA), it should get nothing;
6. Tigger garbage collection operation;
7. Check garbage collection job was finished;
8. Get garbage collection log, check there is number of files was deleted.
Tear down:
1. Delete project(PA);
2. Delete user(UA).
"""
url = ADMIN_CLIENT["endpoint"]
admin_name = ADMIN_CLIENT["username"]
admin_password = ADMIN_CLIENT["password"]
user_gc_password = "******"
#1. Create a new user(UA);
TestProjects.user_gc_id, user_gc_name = self.user.create_user(
user_password=user_gc_password, **ADMIN_CLIENT)
TestProjects.USER_GC_CLIENT = dict(endpoint=url,
username=user_gc_name,
password=user_gc_password)
#2. Create a new project(PA) by user(UA);
TestProjects.project_gc_id, TestProjects.project_gc_name = self.project.create_project(
metadata={"public": "false"}, **TestProjects.USER_GC_CLIENT)
#3. Push a new image(IA) in project(PA) by admin;
repo_name, _ = push_image_to_project(TestProjects.project_gc_name,
harbor_server, admin_name,
admin_password, "tomcat",
"latest")
#4. Delete repository(RA) by user(UA);
self.repo.delete_repoitory(TestProjects.project_gc_name,
repo_name.split('/')[1],
**TestProjects.USER_GC_CLIENT)
#5. Get repository by user(UA), it should get nothing;
repo_data = self.repo.list_repositories(TestProjects.project_gc_name,
**TestProjects.USER_GC_CLIENT)
_assert_status_code(len(repo_data), 0)
#6. Tigger garbage collection operation;
gc_id = self.system.gc_now(**ADMIN_CLIENT)
#7. Check garbage collection job was finished;
self.system.validate_gc_job_status(gc_id, "finished", **ADMIN_CLIENT)
#8. Get garbage collection log, check there is number of files was deleted.
self.system.validate_deletion_success(gc_id, **ADMIN_CLIENT)
def testDelRepo(self):
"""
Test case:
Delete a repository
Test step and expected result:
1. Create a new user(UA);
2. Create a new project(PA) by user(UA);
3. Create a new repository(RA) in project(PA) by user(UA);
4. Get repository in project(PA), there should be one repository which was created by user(UA);
5. Delete repository(RA) by user(UA);
6. Get repository by user(UA), it should get nothing;
Tear down:
1. Delete project(PA);
2. Delete user(UA).
"""
url = ADMIN_CLIENT["endpoint"]
user_del_repo_password = "******"
#1. Create a new user(UA);
TestProjects.user_del_repo_id, user_del_repo_name = self.user.create_user(
user_password=user_del_repo_password, **ADMIN_CLIENT)
TestProjects.USER_del_repo_CLIENT = dict(
endpoint=url,
username=user_del_repo_name,
password=user_del_repo_password)
#2. Create a new project(PA) by user(UA);
TestProjects.project_del_repo_id, TestProjects.project_del_repo_name = self.project.create_project(
metadata={"public": "false"}, **TestProjects.USER_del_repo_CLIENT)
#3. Create a new repository(RA) in project(PA) by user(UA);
repo_name, _ = push_self_build_image_to_project(
TestProjects.project_del_repo_name,
harbor_server,
'admin',
'Harbor12345',
"test_del_repo",
"latest",
size=512)
#4. Get repository in project(PA), there should be one repository which was created by user(UA);
repo_data = self.repo.list_repositories(
TestProjects.project_del_repo_name,
**TestProjects.USER_del_repo_CLIENT)
_assert_status_code(repo_name, repo_data[0].name)
#5. Delete repository(RA) by user(UA);
self.repo.delete_repository(TestProjects.project_del_repo_name,
repo_name.split('/')[1],
**TestProjects.USER_del_repo_CLIENT)
#6. Get repository by user(UA), it should get nothing;
repo_data = self.repo.list_repositories(
TestProjects.project_del_repo_name,
**TestProjects.USER_del_repo_CLIENT)
_assert_status_code(len(repo_data), 0)
def testDelRepo(self):
"""
Test case:
Delete a repository
Test step & Expectation:
1. Create a new user(UA);
2. Create a new project(PA) by user(UA);
3. Create a new repository(RA) in project(PA) by user(UA);
4. Get repository in project(PA), there should be one repository which was created by user(UA);
5. Delete repository(RA) by user(UA);
6. Get repository by user(UA), it should get nothing;
Tear down:
1. Delete project(PA);
2. Delete user(UA).
"""
admin_user = "******"
admin_pwd = "Harbor12345"
url = CLIENT["endpoint"]
user_del_repo_password = "******"
TestProjects.ADMIN_CLIENT = dict(endpoint=url,
username=admin_user,
password=admin_pwd)
#1. Create a new user(UA);
TestProjects.user_del_repo_id, user_del_repo_name = self.user.create_user_success(
user_password=user_del_repo_password, **TestProjects.ADMIN_CLIENT)
TestProjects.USER_del_repo_CLIENT = dict(
endpoint=url,
username=user_del_repo_name,
password=user_del_repo_password)
#2. Create a new project(PA) by user(UA);
project_del_repo_name, TestProjects.project_del_repo_id = self.project.create_project(
metadata={"public": "false"}, **TestProjects.USER_del_repo_CLIENT)
#3. Create a new repository(RA) in project(PA) by user(UA);
repo_name, _ = create_repository(project_del_repo_name, harbor_server,
'admin', 'Harbor12345', "hello-world",
"latest")
#4. Get repository in project(PA), there should be one repository which was created by user(UA);
repo_data = self.repo.get_repository(
TestProjects.project_del_repo_id,
**TestProjects.USER_del_repo_CLIENT)
_assert_status_code(repo_name, repo_data[0].name)
#5. Delete repository(RA) by user(UA);
self.repo.delete_repoitory(repo_name,
**TestProjects.USER_del_repo_CLIENT)
#6. Get repository by user(UA), it should get nothing;
repo_data = self.repo.get_repository(
TestProjects.project_del_repo_id,
**TestProjects.USER_del_repo_CLIENT)
_assert_status_code(len(repo_data), 0)
def query_user_logs(self, project_name, status_code=200, **kwargs):
try:
logs = self.get_project_log(project_name, expect_status_code=status_code, **kwargs)
count = 0
for log in list(logs):
count = count + 1
return count
except ApiException as e:
_assert_status_code(status_code, e.status)
return 0
def queryUserLogs(self, username, password, status_code=200):
client = dict(endpoint=ADMIN_CLIENT["endpoint"],
username=username,
password=password)
try:
logs = self.projectv2.get_project_log(self._project_name,
status_code, **client)
count = 0
for log in list(logs):
count = count + 1
return count
except ApiException as e:
_assert_status_code(status_code, e.status)
return 0
def testRetag(self):
"""
Test case:
Retag Image
Test step and expected result:
1. Create a new user(UA);
2. Create a new project(PA) by user(UA);
3. Create a new project(PB) by user(UA);
4. Update role of user-retag as guest member of project(PB);
5. Create a new repository(RA) in project(PA) by user(UA);
6. Get repository in project(PA), there should be one repository which was created by user(UA);
7. Get repository(RA)'s image tag detail information;
8. Retag image in project(PA) to project(PB), it should be forbidden;
9. Update role of user-retag as admin member of project(PB);
10. Retag image in project(PA) to project(PB), it should be successful;
11. Get repository(RB)'s image tag detail information;
12. Read digest of retaged image, it must be the same with the image in repository(RA);
13. Pull image from project(PB) by user_retag, it must be successful;
Tear down:
1. Delete repository(RA);
2. Delete repository by retag;
3. Delete project(PA);
4. Delete user(UA).
"""
url = ADMIN_CLIENT["endpoint"]
user_retag_password = "******"
pull_tag_name = "latest"
dst_repo_sub_name = "repo"
#1. Create a new user(UA);
TestProjects.user_retag_id, user_retag_name = self.user.create_user(
user_password=user_retag_password, **ADMIN_CLIENT)
TestProjects.USER_RETAG_CLIENT = dict(endpoint=url,
username=user_retag_name,
password=user_retag_password)
#2. Create a new project(PA) by user(UA);
TestProjects.project_src_repo_id, TestProjects.project_src_repo_name = self.project.create_project(
metadata={"public": "false"}, **TestProjects.USER_RETAG_CLIENT)
#3. Create a new project(PB) by user(UA);
TestProjects.project_dst_repo_id, TestProjects.project_dst_repo_name = self.project.create_project(
metadata={"public": "false"}, **TestProjects.USER_RETAG_CLIENT)
retag_member_id = self.project.get_project_member_id(
TestProjects.project_dst_repo_id, user_retag_name,
**TestProjects.USER_RETAG_CLIENT)
#4. Update role of user-retag as guest member of project(PB);
self.project.update_project_member_role(
TestProjects.project_dst_repo_id, retag_member_id, 3,
**ADMIN_CLIENT)
#5. Create a new repository(RA) in project(PA) by user(UA);
TestProjects.src_repo_name, tag_name = push_image_to_project(
TestProjects.project_src_repo_name, harbor_server, 'admin',
'Harbor12345', "hello-world", pull_tag_name)
#6. Get repository in project(PA), there should be one repository which was created by user(UA);
src_repo_data = self.repo.get_repository(
TestProjects.project_src_repo_name,
**TestProjects.USER_RETAG_CLIENT)
_assert_status_code(TestProjects.src_repo_name, src_repo_data[0].name)
#7. Get repository(RA)'s image tag detail information;
src_tag_data = self.artifact.get_reference_info(
TestProjects.project_src_repo_name,
TestProjects.src_repo_name.split('/')[1], tag_name,
**TestProjects.USER_RETAG_CLIENT)
TestProjects.dst_repo_name = TestProjects.project_dst_repo_name + "/" + dst_repo_sub_name
#8. Retag image in project(PA) to project(PB), it should be forbidden;
self.artifact.copy_artifact(TestProjects.project_dst_repo_name,
dst_repo_sub_name,
TestProjects.src_repo_name + "@" +
src_tag_data[0].digest,
expect_status_code=403,
**TestProjects.USER_RETAG_CLIENT)
#9. Update role of user-retag as admin member of project(PB);
self.project.update_project_member_role(
TestProjects.project_dst_repo_id, retag_member_id, 1,
**ADMIN_CLIENT)
#10. Retag image in project(PA) to project(PB), it should be successful;
self.artifact.copy_artifact(
TestProjects.project_dst_repo_name, dst_repo_sub_name,
TestProjects.src_repo_name + "@" + src_tag_data[0].digest,
**TestProjects.USER_RETAG_CLIENT)
#11. Get repository(RB)'s image tag detail information;
dst_tag_data = self.artifact.get_reference_info(
TestProjects.project_dst_repo_name, dst_repo_sub_name, tag_name,
**TestProjects.USER_RETAG_CLIENT)
#12. Read digest of retaged image, it must be the same with the image in repository(RA);
self.assertEqual(src_tag_data[0].digest, dst_tag_data[0].digest)
#13. Pull image from project(PB) by user_retag, it must be successful;"
pull_harbor_image(harbor_server, user_retag_name, user_retag_password,
TestProjects.dst_repo_name, tag_name)
def testRobotAccount(self):
"""
Test case:
Robot Account
Test step and expected result:
1. Create user(UA);
2. Create private project(PA), private project(PB) and public project(PC) by user(UA);
3. Push image(ImagePA) to project(PA), image(ImagePB) to project(PB) and image(ImagePC) to project(PC) by user(UA);
4. Create a new robot account(RA) with pull and push privilige in project(PA) by user(UA);
5. Check robot account info, it should has both pull and push priviliges;
6. Pull image(ImagePA) from project(PA) by robot account(RA), it must be successful;
7. Push image(ImageRA) to project(PA) by robot account(RA), it must be successful;
8. Push image(ImageRA) to project(PB) by robot account(RA), it must be not successful;
9. Pull image(ImagePB) from project(PB) by robot account(RA), it must be not successful;
10. Pull image from project(PC), it must be successful;
11. Push image(ImageRA) to project(PC) by robot account(RA), it must be not successful;
12. Update action property of robot account(RA);
13. Pull image(ImagePA) from project(PA) by robot account(RA), it must be not successful;
14. Push image(ImageRA) to project(PA) by robot account(RA), it must be not successful;
15. Delete robot account(RA), it must be not successful.
Tear down:
1. Delete repository(RA) by user(UA);
2. Delete project(PA);
3. Delete user(UA).
"""
url = ADMIN_CLIENT["endpoint"]
admin_name = ADMIN_CLIENT["username"]
admin_password = ADMIN_CLIENT["password"]
user_ra_password = "******"
image_project_a = "haproxy"
image_project_b = "hello-world"
image_project_c = "httpd"
image_robot_account = "alpine"
tag = "latest"
#1. Create user(UA);"
TestProjects.user_ra_id, user_ra_name = self.user.create_user(user_password = user_ra_password, **ADMIN_CLIENT)
TestProjects.USER_RA_CLIENT=dict(endpoint = url, username = user_ra_name, password = user_ra_password)
#2. Create private project(PA), private project(PB) and public project(PC) by user(UA);
TestProjects.project_ra_id_a, TestProjects.project_ra_name_a = self.project.create_project(metadata = {"public": "false"}, **TestProjects.USER_RA_CLIENT)
TestProjects.project_ra_id_b, TestProjects.project_ra_name_b = self.project.create_project(metadata = {"public": "false"}, **TestProjects.USER_RA_CLIENT)
TestProjects.project_ra_id_c, TestProjects.project_ra_name_c = self.project.create_project(metadata = {"public": "true"}, **TestProjects.USER_RA_CLIENT)
#3. Push image(ImagePA) to project(PA), image(ImagePB) to project(PB) and image(ImagePC) to project(PC) by user(UA);
TestProjects.repo_name_in_project_a, tag_a = push_self_build_image_to_project(TestProjects.project_ra_name_a, harbor_server, user_ra_name, user_ra_password, image_project_a, tag)
TestProjects.repo_name_in_project_b, tag_b = push_self_build_image_to_project(TestProjects.project_ra_name_b, harbor_server, user_ra_name, user_ra_password, image_project_b, tag)
TestProjects.repo_name_in_project_c, tag_c = push_self_build_image_to_project(TestProjects.project_ra_name_c, harbor_server, user_ra_name, user_ra_password, image_project_c, tag)
#4. Create a new robot account(RA) with pull and push privilege in project(PA) by user(UA);
robot_id, robot_account = self.robot.create_project_robot(TestProjects.project_ra_name_a,
30 ,**TestProjects.USER_RA_CLIENT)
#5. Check robot account info, it should has both pull and push privilege;
data = self.robot.get_robot_account_by_id(robot_id, **TestProjects.USER_RA_CLIENT)
_assert_status_code(robot_account.name, data.name)
#6. Pull image(ImagePA) from project(PA) by robot account(RA), it must be successful;
pull_harbor_image(harbor_server, robot_account.name, robot_account.secret, TestProjects.repo_name_in_project_a, tag_a)
#7. Push image(ImageRA) to project(PA) by robot account(RA), it must be successful;
TestProjects.repo_name_pa, _ = push_self_build_image_to_project(TestProjects.project_ra_name_a, harbor_server, robot_account.name, robot_account.secret, image_robot_account, tag)
#8. Push image(ImageRA) to project(PB) by robot account(RA), it must be not successful;
push_self_build_image_to_project(TestProjects.project_ra_name_b, harbor_server, robot_account.name, robot_account.secret, image_robot_account, tag, expected_error_message = "unauthorized to access repository")
#9. Pull image(ImagePB) from project(PB) by robot account(RA), it must be not successful;
pull_harbor_image(harbor_server, robot_account.name, robot_account.secret, TestProjects.repo_name_in_project_b, tag_b, expected_error_message = "unauthorized to access repository")
#10. Pull image from project(PC), it must be successful;
pull_harbor_image(harbor_server, robot_account.name, robot_account.secret, TestProjects.repo_name_in_project_c, tag_c)
#11. Push image(ImageRA) to project(PC) by robot account(RA), it must be not successful;
push_self_build_image_to_project(TestProjects.project_ra_name_c, harbor_server, robot_account.name, robot_account.secret, image_robot_account, tag, expected_error_message = "unauthorized to access repository")
#12. Update action property of robot account(RA);"
self.robot.disable_robot_account(robot_id, True, **TestProjects.USER_RA_CLIENT)
#13. Pull image(ImagePA) from project(PA) by robot account(RA), it must be not successful;
pull_harbor_image(harbor_server, robot_account.name, robot_account.secret, TestProjects.repo_name_in_project_a, tag_a, expected_login_error_message = "unauthorized: authentication required")
#14. Push image(ImageRA) to project(PA) by robot account(RA), it must be not successful;
push_self_build_image_to_project(TestProjects.project_ra_name_a, harbor_server, robot_account.name, robot_account.secret, image_robot_account, tag, expected_login_error_message = "unauthorized: authentication required")
#15. Delete robot account(RA), it must be not successful.
self.robot.delete_robot_account(robot_id, **TestProjects.USER_RA_CLIENT)
def testRobotAccount(self):
"""
Test case:
Robot Account
Test step and expected result:
1. Create user(UA);
2. Create private project(PA), private project(PB) and public project(PC) by user(UA);
3. Push image(ImagePA) to project(PA), image(ImagePB) to project(PB) and image(ImagePC) to project(PC) by user(UA);
4. Create a new robot account(RA) with pull and push privilige in project(PA) by user(UA);
5. Check robot account info, it should has both pull and push priviliges;
6. Pull image(ImagePA) from project(PA) by robot account(RA), it must be successful;
7. Push image(ImageRA) to project(PA) by robot account(RA), it must be successful;
8. Push image(ImageRA) to project(PB) by robot account(RA), it must be not successful;
9. Pull image(ImagePB) from project(PB) by robot account(RA), it must be not successful;
10. Pull image from project(PC), it must be successful;
11. Push image(ImageRA) to project(PC) by robot account(RA), it must be not successful;
12. Update action property of robot account(RA);
13. Pull image(ImagePA) from project(PA) by robot account(RA), it must be not successful;
14. Push image(ImageRA) to project(PA) by robot account(RA), it must be not successful;
15. Push image(ImageRA) to project(PA) by robot account(RA), it must be not successful;
Tear down:
1. Delete project(PA) (PB) (PC);
2. Delete user(UA).
"""
url = ADMIN_CLIENT["endpoint"]
admin_name = ADMIN_CLIENT["username"]
admin_password = ADMIN_CLIENT["password"]
user_ra_password = "******"
image_project_a = "tomcat"
image_project_b = "hello-world"
image_project_c = "mysql"
image_robot_account = "mariadb"
tag = "latest"
print "#1. Create user(UA);"
TestProjects.user_ra_id, user_ra_name = self.user.create_user(
user_password=user_ra_password, **ADMIN_CLIENT)
TestProjects.USER_RA_CLIENT = dict(endpoint=url,
username=user_ra_name,
password=user_ra_password)
print "#2. Create private project(PA), private project(PB) and public project(PC) by user(UA);"
TestProjects.project_ra_id_a, project_ra_name_a = self.project.create_project(
metadata={"public": "false"}, **TestProjects.USER_RA_CLIENT)
TestProjects.project_ra_id_b, project_ra_name_b = self.project.create_project(
metadata={"public": "false"}, **TestProjects.USER_RA_CLIENT)
TestProjects.project_ra_id_c, project_ra_name_c = self.project.create_project(
metadata={"public": "true"}, **TestProjects.USER_RA_CLIENT)
print "#3. Push image(ImagePA) to project(PA), image(ImagePB) to project(PB) and image(ImagePC) to project(PC) by user(UA);"
TestProjects.repo_name_in_project_a, tag_a = push_image_to_project(
project_ra_name_a, harbor_server, user_ra_name, user_ra_password,
image_project_a, tag)
TestProjects.repo_name_in_project_b, tag_b = push_image_to_project(
project_ra_name_b, harbor_server, user_ra_name, user_ra_password,
image_project_b, tag)
TestProjects.repo_name_in_project_c, tag_c = push_image_to_project(
project_ra_name_c, harbor_server, user_ra_name, user_ra_password,
image_project_c, tag)
print "#4. Create a new robot account(RA) with pull and push privilige in project(PA) by user(UA);"
robot_id, robot_account = self.project.add_project_robot_account(
TestProjects.project_ra_id_a, project_ra_name_a, 2441000531,
**TestProjects.USER_RA_CLIENT)
print robot_account.name
print robot_account.token
print "#5. Check robot account info, it should has both pull and push priviliges;"
data = self.project.get_project_robot_account_by_id(
TestProjects.project_ra_id_a, robot_id,
**TestProjects.USER_RA_CLIENT)
_assert_status_code(robot_account.name, data.name)
print "#6. Pull image(ImagePA) from project(PA) by robot account(RA), it must be successful;"
pull_harbor_image(harbor_server, robot_account.name,
robot_account.token,
TestProjects.repo_name_in_project_a, tag_a)
print "#7. Push image(ImageRA) to project(PA) by robot account(RA), it must be successful;"
TestProjects.repo_name_pa, _ = push_image_to_project(
project_ra_name_a, harbor_server, robot_account.name,
robot_account.token, image_robot_account, tag)
print "#8. Push image(ImageRA) to project(PB) by robot account(RA), it must be not successful;"
push_image_to_project(
project_ra_name_b,
harbor_server,
robot_account.name,
robot_account.token,
image_robot_account,
tag,
expected_error_message=
"denied: requested access to the resource is denied")
print "#9. Pull image(ImagePB) from project(PB) by robot account(RA), it must be not successful;"
pull_harbor_image(harbor_server,
robot_account.name,
robot_account.token,
TestProjects.repo_name_in_project_b,
tag_b,
expected_error_message=r"pull access denied for " +
harbor_server + "/" +
TestProjects.repo_name_in_project_b)
print "#10. Pull image from project(PC), it must be successful;"
pull_harbor_image(harbor_server, robot_account.name,
robot_account.token,
TestProjects.repo_name_in_project_c, tag_c)
print "#11. Push image(ImageRA) to project(PC) by robot account(RA), it must be not successful;"
push_image_to_project(
project_ra_name_c,
harbor_server,
robot_account.name,
robot_account.token,
image_robot_account,
tag,
expected_error_message=
"denied: requested access to the resource is denied")
print "#12. Update action property of robot account(RA);"
self.project.disable_project_robot_account(
TestProjects.project_ra_id_a, robot_id, True,
**TestProjects.USER_RA_CLIENT)
print "#13. Pull image(ImagePA) from project(PA) by robot account(RA), it must be not successful;"
pull_harbor_image(
harbor_server,
robot_account.name,
robot_account.token,
TestProjects.repo_name_in_project_a,
tag_a,
expected_login_error_message="401 Client Error: Unauthorized")
print "#14. Push image(ImageRA) to project(PA) by robot account(RA), it must be not successful;"
push_image_to_project(
project_ra_name_a,
harbor_server,
robot_account.name,
robot_account.token,
image_robot_account,
tag,
expected_login_error_message="401 Client Error: Unauthorized")
print "#15. Delete robot account(RA), it must be not successful;"
self.project.delete_project_robot_account(
TestProjects.project_ra_id_a, robot_id,
**TestProjects.USER_RA_CLIENT)
def testGarbageCollection(self):
"""
Test case:
Garbage Collection
Test step and expected result:
1. Create a new user(UA);
2. Create project(PA) and project(PB) by user(UA);
3. Push a image in project(PA) and then delete repository by admin;
4. Get repository by user(UA), it should get nothing;
5. Tigger garbage collection operation;
6. Check garbage collection job was finished;
7. Get garbage collection log, check there is a number of files was deleted;
8. Push a image in project(PB) by admin and delete the only tag;
9. Tigger garbage collection operation;
10. Check garbage collection job was finished;
11. Repository with untag image should be still there;
12. But no any artifact in repository anymore.
Tear down:
1. Delete project(PA);
2. Delete user(UA).
"""
url = ADMIN_CLIENT["endpoint"]
admin_name = ADMIN_CLIENT["username"]
admin_password = ADMIN_CLIENT["password"]
user_gc_password = "******"
#1. Create a new user(UA);
TestProjects.user_gc_id, user_gc_name = self.user.create_user(user_password = user_gc_password, **ADMIN_CLIENT)
TestProjects.USER_GC_CLIENT=dict(endpoint = url, username = user_gc_name, password = user_gc_password)
#2. Create project(PA) and project(PB) by user(UA);
TestProjects.project_gc_id, TestProjects.project_gc_name = self.project.create_project(metadata = {"public": "false"}, **TestProjects.USER_GC_CLIENT)
TestProjects.project_gc_untag_id, TestProjects.project_gc_untag_name = self.project.create_project(metadata = {"public": "false"}, **TestProjects.USER_GC_CLIENT)
#3. Push a image in project(PA) and then delete repository by admin;
push_special_image_to_project(TestProjects.project_gc_name, harbor_server, admin_name, admin_password, self.repo_name, ["latest", "v1.2.3"])
self.repo.delete_repoitory(TestProjects.project_gc_name, self.repo_name, **TestProjects.USER_GC_CLIENT)
#4. Get repository by user(UA), it should get nothing;
repo_data = self.repo.list_repositories(TestProjects.project_gc_name, **TestProjects.USER_GC_CLIENT)
_assert_status_code(len(repo_data), 0)
#8. Push a image in project(PB) by admin and delete the only tag;
push_special_image_to_project(TestProjects.project_gc_untag_name, harbor_server, admin_name, admin_password, self.repo_name_untag, [self.tag])
self.artifact.delete_tag(TestProjects.project_gc_untag_name, self.repo_name_untag, self.tag, self.tag, **ADMIN_CLIENT)
#5. Tigger garbage collection operation;
gc_id = self.system.gc_now(**ADMIN_CLIENT)
#6. Check garbage collection job was finished;
self.system.validate_gc_job_status(gc_id, "finished", **ADMIN_CLIENT)
#7. Get garbage collection log, check there is a number of files was deleted;
self.system.validate_deletion_success(gc_id, **ADMIN_CLIENT)
artifacts = self.artifact.list_artifacts(TestProjects.project_gc_untag_name, self.repo_name_untag, **TestProjects.USER_GC_CLIENT)
_assert_status_code(len(artifacts), 1)
time.sleep(5)
#9. Tigger garbage collection operation;
gc_id = self.system.gc_now(is_delete_untagged=True, **ADMIN_CLIENT)
#10. Check garbage collection job was finished;
self.system.validate_gc_job_status(gc_id, "finished", **ADMIN_CLIENT)
#7. Get garbage collection log, check there is a number of files was deleted;
self.system.validate_deletion_success(gc_id, **ADMIN_CLIENT)
#11. Repository with untag image should be still there;
repo_data_untag = self.repo.list_repositories(TestProjects.project_gc_untag_name, **TestProjects.USER_GC_CLIENT)
_assert_status_code(len(repo_data_untag), 1)
self.assertEqual(TestProjects.project_gc_untag_name + "/" + self.repo_name_untag , repo_data_untag[0].name)
#12. But no any artifact in repository anymore.
artifacts = self.artifact.list_artifacts(TestProjects.project_gc_untag_name, self.repo_name_untag, **TestProjects.USER_GC_CLIENT)
self.assertEqual(artifacts,[])
def test_01_ProjectlevelRobotAccount(self):
"""
Test case:
Robot Account
Test step and expected result:
1. Create user(UA);
2. Create private project(PA), private project(PB) and public project(PC) by user(UA);
3. Push image(ImagePA) to project(PA), image(ImagePB) to project(PB) and image(ImagePC) to project(PC) by user(UA);
4. Create a new robot account(RA) with pull and push privilige in project(PA) by user(UA);
5. Check robot account info, it should has both pull and push priviliges;
6. Pull image(ImagePA) from project(PA) by robot account(RA), it must be successful;
7. Push image(ImageRA) to project(PA) by robot account(RA), it must be successful;
8. Push image(ImageRA) to project(PB) by robot account(RA), it must be not successful;
9. Pull image(ImagePB) from project(PB) by robot account(RA), it must be not successful;
10. Pull image from project(PC), it must be successful;
11. Push image(ImageRA) to project(PC) by robot account(RA), it must be not successful;
12. Update action property of robot account(RA);
13. Pull image(ImagePA) from project(PA) by robot account(RA), it must be not successful;
14. Push image(ImageRA) to project(PA) by robot account(RA), it must be not successful;
15. Delete robot account(RA).
16. Create user(UB), Create public project(PD) by user(UB), user(UA) can't create robot account for project(PD).
Tear down:
1. Delete repository(RA) by user(UA);
2. Delete project(PA);
3. Delete user(UA).
"""
image_project_a = "haproxy"
image_project_b = "image_project_b"
image_project_c = "httpd"
image_robot_account = "alpine"
tag = "latest"
#1. Create user(UA);"
self.user_ra_id, user_ra_name = self.user.create_user(
user_password=TestRobotAccount.user_ra_password, **ADMIN_CLIENT)
self.USER_RA_CLIENT = dict(endpoint=TestRobotAccount.url,
username=user_ra_name,
password=TestRobotAccount.user_ra_password)
#2. Create private project(PA), private project(PB) and public project(PC) by user(UA);
self.project_ra_id_a, self.project_ra_name_a = self.project.create_project(
metadata={"public": "false"}, **self.USER_RA_CLIENT)
self.project_ra_id_b, self.project_ra_name_b = self.project.create_project(
metadata={"public": "false"}, **self.USER_RA_CLIENT)
self.project_ra_id_c, self.project_ra_name_c = self.project.create_project(
metadata={"public": "true"}, **self.USER_RA_CLIENT)
#3. Push image(ImagePA) to project(PA), image(ImagePB) to project(PB) and image(ImagePC) to project(PC) by user(UA);
self.repo_name_in_project_a, tag_a = push_self_build_image_to_project(
self.project_ra_name_a, harbor_server, user_ra_name,
TestRobotAccount.user_ra_password, image_project_a, tag)
self.repo_name_in_project_b, tag_b = push_self_build_image_to_project(
self.project_ra_name_b, harbor_server, user_ra_name,
TestRobotAccount.user_ra_password, image_project_b, tag)
self.repo_name_in_project_c, tag_c = push_self_build_image_to_project(
self.project_ra_name_c, harbor_server, user_ra_name,
TestRobotAccount.user_ra_password, image_project_c, tag)
#4. Create a new robot account(RA) with pull and push privilege in project(PA) by user(UA);
robot_id_a, robot_account_a = self.robot.create_project_robot(
self.project_ra_name_a, 30, **self.USER_RA_CLIENT)
robot_id_b, robot_account_b = self.robot.create_project_robot(
self.project_ra_name_b, 30, **self.USER_RA_CLIENT)
#5. Check robot account info, it should has both pull and push privilege;
data = self.robot.get_robot_account_by_id(robot_id_a,
**self.USER_RA_CLIENT)
_assert_status_code(robot_account_a.name, data.name)
#6. Pull image(ImagePA) from project(PA) by robot account(RA), it must be successful;
pull_harbor_image(harbor_server, robot_account_a.name,
robot_account_a.secret, self.repo_name_in_project_a,
tag_a)
#7. Push image(ImageRA) to project(PA) by robot account(RA), it must be successful;
self.repo_name_pa, _ = push_self_build_image_to_project(
self.project_ra_name_a, harbor_server, robot_account_a.name,
robot_account_a.secret, image_robot_account, tag)
#8. Push image(ImageRA) to project(PB) by robot account(RA), it must be not successful;
push_self_build_image_to_project(
self.project_ra_name_b,
harbor_server,
robot_account_a.name,
robot_account_a.secret,
image_robot_account,
tag,
expected_error_message="unauthorized to access repository")
#9. Pull image(ImagePB) from project(PB) by robot account(RA), it must be not successful;
pull_harbor_image(
harbor_server,
robot_account_a.name,
robot_account_a.secret,
self.repo_name_in_project_b,
tag_b,
expected_error_message="unauthorized to access repository")
#10. Pull image from project(PC), it must be successful;
pull_harbor_image(harbor_server, robot_account_a.name,
robot_account_a.secret, self.repo_name_in_project_c,
tag_c)
#11. Push image(ImageRA) to project(PC) by robot account(RA), it must be not successful;
push_self_build_image_to_project(
self.project_ra_name_c,
harbor_server,
robot_account_a.name,
robot_account_a.secret,
image_robot_account,
tag,
expected_error_message="unauthorized to access repository")
#12. Update action property of robot account(RA);"
self.robot.disable_robot_account(robot_id_a, True,
**self.USER_RA_CLIENT)
#13. Pull image(ImagePA) from project(PA) by robot account(RA), it must be not successful;
pull_harbor_image(
harbor_server,
robot_account_a.name,
robot_account_a.secret,
self.repo_name_in_project_a,
tag_a,
expected_login_error_message="unauthorized: authentication required"
)
#14. Push image(ImageRA) to project(PA) by robot account(RA), it must be not successful;
push_self_build_image_to_project(
self.project_ra_name_a,
harbor_server,
robot_account_a.name,
robot_account_a.secret,
image_robot_account,
tag,
expected_login_error_message="unauthorized: authentication required"
)
#15. Delete robot account(RA).
self.robot.delete_robot_account(robot_id_a, **self.USER_RA_CLIENT)
#16. Create user(UB), Create public project(PD) by user(UB), user(UA) can't create robot account for project(PD).
self.user_ra_id_b, user_ra_name_b = self.user.create_user(
user_password=TestRobotAccount.user_ra_password, **ADMIN_CLIENT)
self.USER_RA_CLIENT_B = dict(
endpoint=TestRobotAccount.url,
username=user_ra_name_b,
password=TestRobotAccount.user_ra_password)
self.project_ra_id_d, self.project_ra_name_d = self.project.create_project(
metadata={"public": "true"}, **self.USER_RA_CLIENT_B)
self.robot.create_project_robot(self.project_ra_name_d,
30,
expect_status_code=403,
**self.USER_RA_CLIENT)
self.do_01_tearDown()