Python Artifact.check_image_scan_result примеры использования

Пример #1

Файл: test_scan_image_artifact_in_public_project.py Проект: zjcy/harbor

class TestScanImageInPublicProject(unittest.TestCase):
    @suppress_urllib3_warning
    def setUp(self):
        self.artifact = Artifact()
        self.repo = Repository()
        self.scan = Scan()

    @unittest.skipIf(TEARDOWN == False, "Test data won't be erased.")
    def tearDown(self):
        print("Case completed")

    def testScanImageInPublicProject(self):
        """
        Test case:
            Scan An Image Artifact In Public Project
        Test step and expected result:
            1. Create a new user(UA);
            2. Create a new public project(PA) by user(UA);
            3. Add user(UA) as a member of project(PA) with project-admin role;
            4. Create a new repository(RA) and tag(TA) in project(PA) by user(UA);
            5. Send scan image command without credential (anonymous), the API response should be 401;
            6. Create a new user(UB) which is non member of the project(PA);
            7. Send scan image command with credential of the new created user(UB), the API response should be 403;
            8. Delete user(UB);
            9. Send scan image command with credential of the user(UA) and get tag(TA) information to check scan result, it should be finished;
            10. Delete repository(RA) by user(UA);
            11. Delete project(PA);
            12. Delete user(UA);
        """
        password = '******' # nosec
        with created_user(password) as (user_id, username):
            with created_project(metadata={"public": "true"}, user_id=user_id) as (_, project_name):
                image, src_tag = "docker", "1.13"
                full_name, tag = push_self_build_image_to_project(project_name, harbor_server, username, password, image, src_tag)

                repo_name = full_name.split('/')[1]

                # scan image with anonymous user
                self.scan.scan_artifact(project_name, repo_name, tag, expect_status_code=401, username=None, password=None)

                with created_user(password) as (_, username1):
                    # scan image with non project memeber
                    self.scan.scan_artifact(project_name, repo_name, tag, expect_status_code=403, username=username1, password=password)

                self.scan.scan_artifact(project_name, repo_name, tag, username=username, password=password)
                self.artifact.check_image_scan_result(project_name, image, tag, username=username, password=password, with_scan_overview=True)

                self.repo.delete_repoitory(project_name, repo_name)

Пример #2

Файл: test_system_level_scan_all.py Проект: doitroot/harbor-02

class TestProjects(unittest.TestCase):
    @classmethod
    def setUp(self):
        self.system = System()
        self.project = Project()
        self.user = User()
        self.artifact = Artifact()
        self.repo = Repository()
        self.scanner = Scanner()

    @classmethod
    def tearDown(self):
        print "Case completed"

    @unittest.skipIf(TEARDOWN == False, "Test data won't be erased.")
    def test_ClearData(self):
        #1. Delete Alice's repository and Luca's repository;
        self.repo.delete_repoitory(TestProjects.project_Alice_name,
                                   TestProjects.repo_Alice_name.split('/')[1],
                                   **ADMIN_CLIENT)
        self.repo.delete_repoitory(TestProjects.project_Luca_name,
                                   TestProjects.repo_Luca_name.split('/')[1],
                                   **ADMIN_CLIENT)

        #2. Delete Alice's project and Luca's project;
        self.project.delete_project(TestProjects.project_Alice_id,
                                    **ADMIN_CLIENT)
        self.project.delete_project(TestProjects.project_Luca_id,
                                    **ADMIN_CLIENT)

        #3. Delete user Alice and Luca.
        self.user.delete_user(TestProjects.user_Alice_id, **ADMIN_CLIENT)
        self.user.delete_user(TestProjects.user_Luca_id, **ADMIN_CLIENT)

    def testSystemLevelScanALL(self):
        """
        Test case:
            System level Scan All
        Test step and expected result:
            1. Create user Alice and Luca;
            2. Create 2 new private projects project_Alice and project_Luca;
            3. Push a image to project_Alice and push another image to project_Luca;
            4. Trigger scan all event;
            5. Check if image in project_Alice and another image in project_Luca were both scanned.
        Tear down:
            1. Delete Alice's repository and Luca's repository;
            2. Delete Alice's project and Luca's project;
            3. Delete user Alice and Luca.
        """
        url = ADMIN_CLIENT["endpoint"]
        user_common_password = "******"

        #1. Create user Alice and Luca;
        TestProjects.user_Alice_id, user_Alice_name = self.user.create_user(
            user_password=user_common_password, **ADMIN_CLIENT)
        TestProjects.user_Luca_id, user_Luca_name = self.user.create_user(
            user_password=user_common_password, **ADMIN_CLIENT)

        USER_ALICE_CLIENT = dict(endpoint=url,
                                 username=user_Alice_name,
                                 password=user_common_password,
                                 with_scan_overview=True)
        USER_LUCA_CLIENT = dict(endpoint=url,
                                username=user_Luca_name,
                                password=user_common_password,
                                with_scan_overview=True)

        #2. Create 2 new private projects project_Alice and project_Luca;
        TestProjects.project_Alice_id, TestProjects.project_Alice_name = self.project.create_project(
            metadata={"public": "false"}, **USER_ALICE_CLIENT)
        TestProjects.project_Luca_id, TestProjects.project_Luca_name = self.project.create_project(
            metadata={"public": "false"}, **USER_LUCA_CLIENT)

        #3. Push a image to project_Alice and push another image to project_Luca;

        #Note: Please make sure that this Image has never been pulled before by any other cases,
        #          so it is a not-scanned image rigth after repository creation.
        #image = "tomcat"
        image_a = "mariadb"
        src_tag = "latest"
        #3.1 Push a image to project_Alice;
        TestProjects.repo_Alice_name, tag_Alice = push_image_to_project(
            TestProjects.project_Alice_name, harbor_server, user_Alice_name,
            user_common_password, image_a, src_tag)

        #Note: Please make sure that this Image has never been pulled before by any other cases,
        #          so it is a not-scanned image rigth after repository creation.
        image_b = "httpd"
        src_tag = "latest"
        #3.2 push another image to project_Luca;
        TestProjects.repo_Luca_name, tag_Luca = push_image_to_project(
            TestProjects.project_Luca_name, harbor_server, user_Luca_name,
            user_common_password, image_b, src_tag)

        #4. Trigger scan all event;
        self.system.scan_now(**ADMIN_CLIENT)

        #5. Check if image in project_Alice and another image in project_Luca were both scanned.
        self.artifact.check_image_scan_result(TestProjects.project_Alice_name,
                                              image_a, tag_Alice,
                                              **USER_ALICE_CLIENT)
        self.artifact.check_image_scan_result(TestProjects.project_Luca_name,
                                              image_b, tag_Luca,
                                              **USER_LUCA_CLIENT)

        #6. Swith Scanner;
        uuid = self.scanner.scanners_get_uuid(**ADMIN_CLIENT)
        self.scanner.scanners_registration_id_patch(uuid, **ADMIN_CLIENT)

        #7. Trigger scan all event;
        self.system.scan_now(**ADMIN_CLIENT)

        #8. Check if image in project_Alice and another image in project_Luca were both scanned.
        self.artifact.check_image_scan_result(TestProjects.project_Alice_name,
                                              image_a, tag_Alice,
                                              **USER_ALICE_CLIENT)
        self.artifact.check_image_scan_result(TestProjects.project_Luca_name,
                                              image_b, tag_Luca,
                                              **USER_LUCA_CLIENT)

Пример #3

class TestScan(unittest.TestCase):
    @suppress_urllib3_warning
    def setUp(self):
        self.project = Project()
        self.user = User()
        self.artifact = Artifact()
        self.repo = Repository()
        self.scan = Scan()

        self.url = ADMIN_CLIENT["endpoint"]
        self.user_password = "******"
        self.project_id, self.project_name, self.user_id, self.user_name, self.repo_name1, self.repo_name2 = [
            None
        ] * 6
        self.user_id, self.user_name = self.user.create_user(
            user_password=self.user_password, **ADMIN_CLIENT)
        self.USER_CLIENT = dict(with_signature=True,
                                with_immutable_status=True,
                                endpoint=self.url,
                                username=self.user_name,
                                password=self.user_password,
                                with_scan_overview=True)

        #2. Create a new private project(PA) by user(UA);
        self.project_id, self.project_name = self.project.create_project(
            metadata={"public": "false"}, **ADMIN_CLIENT)

        #3. Add user(UA) as a member of project(PA) with project-admin role;
        self.project.add_project_members(self.project_id,
                                         user_id=self.user_id,
                                         **ADMIN_CLIENT)

    @unittest.skipIf(TEARDOWN == True, "Test data won't be erased.")
    def do_tearDown(self):
        #1. Delete repository(RA) by user(UA);
        self.repo.delete_repoitory(self.project_name,
                                   self.repo_name1.split('/')[1],
                                   **self.USER_CLIENT)
        self.repo.delete_repoitory(self.project_name,
                                   self.repo_name2.split('/')[1],
                                   **self.USER_CLIENT)

        #2. Delete project(PA);
        self.project.delete_project(self.project_id, **self.USER_CLIENT)

        #3. Delete user(UA);
        self.user.delete_user(self.user_id, **ADMIN_CLIENT)

    def testScanImageArtifact(self):
        """
        Test case:
            Scan An Image Artifact
        Test step and expected result:
            1. Create a new user(UA);
            2. Create a new private project(PA) by user(UA);
            3. Add user(UA) as a member of project(PA) with project-admin role;
            4. Get private project of user(UA), user(UA) can see only one private project which is project(PA);
            5. Create a new repository(RA) and tag(TA) in project(PA) by user(UA);
            6. Send scan image command and get tag(TA) information to check scan result, it should be finished;
            7. Swith Scanner;
            8. Send scan another image command and get tag(TA) information to check scan result, it should be finished.
        Tear down:
            1. Delete repository(RA) by user(UA);
            2. Delete project(PA);
            3. Delete user(UA);
        """

        #4. Get private project of user(UA), user(UA) can see only one private project which is project(PA);
        self.project.projects_should_exist(dict(public=False),
                                           expected_count=1,
                                           expected_project_id=self.project_id,
                                           **self.USER_CLIENT)

        #Note: Please make sure that this Image has never been pulled before by any other cases,
        #      so it is a not-scanned image right after repository creation.
        image = "docker"
        src_tag = "1.13"
        #5. Create a new repository(RA) and tag(TA) in project(PA) by user(UA);
        self.repo_name1, tag = push_self_build_image_to_project(
            self.project_name, harbor_server, self.user_name,
            self.user_password, image, src_tag)

        #6. Send scan image command and get tag(TA) information to check scan result, it should be finished;
        self.scan.scan_artifact(self.project_name,
                                self.repo_name1.split('/')[1], tag,
                                **self.USER_CLIENT)
        self.artifact.check_image_scan_result(self.project_name, image, tag,
                                              **self.USER_CLIENT)

        self.do_tearDown()

    def testScanSignedImage(self):
        """
        Test case:
            Scan A Signed Image
        Test step and expected result:
            1. Create a new user(UA);
            2. Create a new private project(PA) by user(UA);
            3. Add user(UA) as a member of project(PA) with project-admin role;
            4. Get private project of user(UA), user(UA) can see only one private project which is project(PA);
            5. Create a new repository(RA) and tag(TA) in project(PA) by user(UA);
            6. Send scan image command and get tag(TA) information to check scan result, it should be finished;
            7. Swith Scanner;
            8. Send scan another image command and get tag(TA) information to check scan result, it should be finished.
        Tear down:
            1. Delete repository(RA) by user(UA);
            2. Delete project(PA);
            3. Delete user(UA);
        """

        #Note: Please make sure that this Image has never been pulled before by any other cases,
        #      so it is a not-scanned image right after repository creation.
        #Note:busybox is pulled in setup phase, and setup is a essential phase.
        image = "busybox"
        tag = "latest"
        #5. Create a new repository(RA) and tag(TA) in project(PA) by user(UA);
        #TestScan.repo_name_1, tag = push_self_build_image_to_project(self.project_name, harbor_server, self.user_name, self.user_password, image, tag)

        sign_image(harbor_server, self.project_name, image, tag)

        #6. Send scan image command and get tag(TA) information to check scan result, it should be finished;
        self.scan.scan_artifact(self.project_name, image, tag,
                                **self.USER_CLIENT)
        self.artifact.check_image_scan_result(self.project_name, image, tag,
                                              **self.USER_CLIENT)

Пример #4

class TestProjects(unittest.TestCase):
    @classmethod
    def setUp(self):
        self.project = Project()
        self.user = User()
        self.artifact = Artifact(api_type='artifact')
        self.repo = Repository(api_type='repository')
        self.scan = Scan(api_type='scan')

    @classmethod
    def tearDown(self):
        print "Case completed"

    @unittest.skipIf(TEARDOWN == False, "Test data won't be erased.")
    def test_ClearData(self):
        #1. Delete repository(RA) by user(UA);
        self.repo.delete_repoitory(TestProjects.project_scan_image_name,
                                   TestProjects.repo_name.split('/')[1],
                                   **TestProjects.USER_SCAN_IMAGE_CLIENT)

        #2. Delete project(PA);
        self.project.delete_project(TestProjects.project_scan_image_id,
                                    **TestProjects.USER_SCAN_IMAGE_CLIENT)

        #3. Delete user(UA);
        self.user.delete_user(TestProjects.user_scan_image_id, **ADMIN_CLIENT)

    def testScanImageArtifact(self):
        """
        Test case:
            Scan An Image Artifact
        Test step and expected result:
            1. Create a new user(UA);
            2. Create a new private project(PA) by user(UA);
            3. Add user(UA) as a member of project(PA) with project-admin role;
            4. Get private project of user(UA), user(UA) can see only one private project which is project(PA);
            5. Create a new repository(RA) and tag(TA) in project(PA) by user(UA);
            6. Send scan image command and get tag(TA) information to check scan result, it should be finished;
        Tear down:
            1. Delete repository(RA) by user(UA);
            2. Delete project(PA);
            3. Delete user(UA);
        """
        url = ADMIN_CLIENT["endpoint"]
        user_001_password = "******"

        #1. Create user-001
        TestProjects.user_scan_image_id, user_scan_image_name = self.user.create_user(
            user_password=user_001_password, **ADMIN_CLIENT)

        TestProjects.USER_SCAN_IMAGE_CLIENT = dict(
            endpoint=url,
            username=user_scan_image_name,
            password=user_001_password,
            with_scan_overview=True)

        #2. Create a new private project(PA) by user(UA);
        TestProjects.project_scan_image_id, TestProjects.project_scan_image_name = self.project.create_project(
            metadata={"public": "false"}, **ADMIN_CLIENT)

        #3. Add user(UA) as a member of project(PA) with project-admin role;
        self.project.add_project_members(TestProjects.project_scan_image_id,
                                         TestProjects.user_scan_image_id,
                                         **ADMIN_CLIENT)

        #4. Get private project of user(UA), user(UA) can see only one private project which is project(PA);
        self.project.projects_should_exist(
            dict(public=False),
            expected_count=1,
            expected_project_id=TestProjects.project_scan_image_id,
            **TestProjects.USER_SCAN_IMAGE_CLIENT)

        #Note: Please make sure that this Image has never been pulled before by any other cases,
        #          so it is a not-scanned image right after repository creation.
        #image = "tomcat"
        image = "docker"
        src_tag = "1.13"
        #5. Create a new repository(RA) and tag(TA) in project(PA) by user(UA);
        TestProjects.repo_name, tag = push_image_to_project(
            TestProjects.project_scan_image_name, harbor_server,
            user_scan_image_name, user_001_password, image, src_tag)

        #6. Send scan image command and get tag(TA) information to check scan result, it should be finished;
        self.scan.scan_artifact(TestProjects.project_scan_image_name,
                                TestProjects.repo_name.split('/')[1], tag,
                                **TestProjects.USER_SCAN_IMAGE_CLIENT)

        #6. Send scan image command and get tag(TA) information to check scan result, it should be finished;
        self.artifact.check_image_scan_result(
            TestProjects.project_scan_image_name, image, tag,
            **TestProjects.USER_SCAN_IMAGE_CLIENT)