def testScanSignedImage(self):
"""
Test case:
Scan A Signed Image
Test step and expected result:
1. Create a new user(UA);
2. Create a new private project(PA) by user(UA);
3. Add user(UA) as a member of project(PA) with project-admin role;
4. Get private project of user(UA), user(UA) can see only one private project which is project(PA);
5. Create a new repository(RA) and tag(TA) in project(PA) by user(UA);
6. Send scan image command and get tag(TA) information to check scan result, it should be finished;
7. Send scan another image command and get tag(TA) information to check scan result, it should be finished.
Tear down:
1. Delete repository(RA) by user(UA);
2. Delete project(PA);
3. Delete user(UA);
"""
#Note: Please make sure that this Image has never been pulled before by any other cases,
# so it is a not-scanned image right after repository creation.
#Note:busybox is pulled in setup phase, and setup is an essential phase before scripts execution.
image = BASE_IMAGE['name']
tag = BASE_IMAGE['tag']
#5. Create a new repository(RA) and tag(TA) in project(PA) by user(UA);
# Push base image in function sign_image.
sign_image(harbor_server, self.project_name, image, tag)
#6. Send scan image command and get tag(TA) information to check scan result, it should be finished;
self.scan.scan_artifact(self.project_name, image, tag,
**self.USER_CLIENT)
self.artifact.check_image_scan_result(self.project_name, image, tag,
**self.USER_CLIENT)
def testScanSignedImage(self):
"""
Test case:
Scan A Signed Image
Test step and expected result:
1. Create a new user(UA);
2. Create a new private project(PA) by user(UA);
3. Add user(UA) as a member of project(PA) with project-admin role;
4. Get private project of user(UA), user(UA) can see only one private project which is project(PA);
5. Create a new repository(RA) and tag(TA) in project(PA) by user(UA);
6. Send scan image command and get tag(TA) information to check scan result, it should be finished;
7. Swith Scanner;
8. Send scan another image command and get tag(TA) information to check scan result, it should be finished.
Tear down:
1. Delete repository(RA) by user(UA);
2. Delete project(PA);
3. Delete user(UA);
"""
#Note: Please make sure that this Image has never been pulled before by any other cases,
# so it is a not-scanned image right after repository creation.
#Note:busybox is pulled in setup phase, and setup is a essential phase.
image = "busybox"
tag = "latest"
#5. Create a new repository(RA) and tag(TA) in project(PA) by user(UA);
#TestScan.repo_name_1, tag = push_self_build_image_to_project(self.project_name, harbor_server, self.user_name, self.user_password, image, tag)
sign_image(harbor_server, self.project_name, image, tag)
#6. Send scan image command and get tag(TA) information to check scan result, it should be finished;
self.scan.scan_artifact(self.project_name, image, tag,
**self.USER_CLIENT)
self.artifact.check_image_scan_result(self.project_name, image, tag,
**self.USER_CLIENT)
def testSignImage(self):
"""
Test case:
Sign A Image
Test step and expected result:
1. Create a new user(UA);
2. Create a new private project(PA) by user(UA);
3. Add user(UA) as a member of project(PA) with project-admin role;
4. Get private project of user(UA), user(UA) can see only one private project which is project(PA);
5. Create a new repository(RA) and tag(TA) in project(PA) by user(UA);
6. Sign image with tag(TA) which was tagged by step #5;
7. Get signature of image with tag(TA), it should be exist.
Tear down:
NA
"""
url = ADMIN_CLIENT["endpoint"]
user_001_password = "******"
#1. Create user-001
TestProjects.user_sign_image_id, user_sign_image_name = self.user.create_user(
user_password=user_001_password, **ADMIN_CLIENT)
TestProjects.USER_sign_image_CLIENT = dict(
with_signature=True,
endpoint=url,
username=user_sign_image_name,
password=user_001_password)
#2. Create a new private project(PA) by user(UA);
TestProjects.project_sign_image_id, TestProjects.project_sign_image_name = self.project.create_project(
metadata={"public": "false"}, **ADMIN_CLIENT)
#3. Add user(UA) as a member of project(PA) with project-admin role;
self.project.add_project_members(TestProjects.project_sign_image_id,
TestProjects.user_sign_image_id,
**ADMIN_CLIENT)
#4. Get private project of user(UA), user(UA) can see only one private project which is project(PA);
self.project.projects_should_exist(
dict(public=False),
expected_count=1,
expected_project_id=TestProjects.project_sign_image_id,
**TestProjects.USER_sign_image_CLIENT)
image = "hello-world"
src_tag = "latest"
#5. Create a new repository(RA) and tag(TA) in project(PA) by user(UA);
TestProjects.repo_name, tag = push_image_to_project(
TestProjects.project_sign_image_name, harbor_server,
user_sign_image_name, user_001_password, image, src_tag)
#6. Sign image with tag(TA) which was tagged by step #5;
sign_image(harbor_server, TestProjects.project_sign_image_name, image,
tag)
#7. Get signature of image with tag(TA), it should be exist.
artifact = self.artifact.get_reference_info(
TestProjects.project_sign_image_name, image, tag,
**TestProjects.USER_sign_image_CLIENT)
self.assertEqual(artifact[0].tags[0].signed, True)