class TestScanImageInPublicProject(unittest.TestCase): @suppress_urllib3_warning def setUp(self): self.artifact = Artifact() self.repo = Repository() self.scan = Scan() @unittest.skipIf(TEARDOWN == False, "Test data won't be erased.") def tearDown(self): print("Case completed") def testScanImageInPublicProject(self): """ Test case: Scan An Image Artifact In Public Project Test step and expected result: 1. Create a new user(UA); 2. Create a new public project(PA) by user(UA); 3. Add user(UA) as a member of project(PA) with project-admin role; 4. Create a new repository(RA) and tag(TA) in project(PA) by user(UA); 5. Send scan image command without credential (anonymous), the API response should be 401; 6. Create a new user(UB) which is non member of the project(PA); 7. Send scan image command with credential of the new created user(UB), the API response should be 403; 8. Delete user(UB); 9. Send scan image command with credential of the user(UA) and get tag(TA) information to check scan result, it should be finished; 10. Delete repository(RA) by user(UA); 11. Delete project(PA); 12. Delete user(UA); """ password = '******' # nosec with created_user(password) as (user_id, username): with created_project(metadata={"public": "true"}, user_id=user_id) as (_, project_name): image, src_tag = "docker", "1.13" full_name, tag = push_self_build_image_to_project(project_name, harbor_server, username, password, image, src_tag) repo_name = full_name.split('/')[1] # scan image with anonymous user self.scan.scan_artifact(project_name, repo_name, tag, expect_status_code=401, username=None, password=None) with created_user(password) as (_, username1): # scan image with non project memeber self.scan.scan_artifact(project_name, repo_name, tag, expect_status_code=403, username=username1, password=password) self.scan.scan_artifact(project_name, repo_name, tag, username=username, password=password) self.artifact.check_image_scan_result(project_name, image, tag, username=username, password=password, with_scan_overview=True) self.repo.delete_repoitory(project_name, repo_name)
class TestProjects(unittest.TestCase): @classmethod def setUp(self): self.system = System() self.project = Project() self.user = User() self.artifact = Artifact() self.repo = Repository() self.scanner = Scanner() @classmethod def tearDown(self): print "Case completed" @unittest.skipIf(TEARDOWN == False, "Test data won't be erased.") def test_ClearData(self): #1. Delete Alice's repository and Luca's repository; self.repo.delete_repoitory(TestProjects.project_Alice_name, TestProjects.repo_Alice_name.split('/')[1], **ADMIN_CLIENT) self.repo.delete_repoitory(TestProjects.project_Luca_name, TestProjects.repo_Luca_name.split('/')[1], **ADMIN_CLIENT) #2. Delete Alice's project and Luca's project; self.project.delete_project(TestProjects.project_Alice_id, **ADMIN_CLIENT) self.project.delete_project(TestProjects.project_Luca_id, **ADMIN_CLIENT) #3. Delete user Alice and Luca. self.user.delete_user(TestProjects.user_Alice_id, **ADMIN_CLIENT) self.user.delete_user(TestProjects.user_Luca_id, **ADMIN_CLIENT) def testSystemLevelScanALL(self): """ Test case: System level Scan All Test step and expected result: 1. Create user Alice and Luca; 2. Create 2 new private projects project_Alice and project_Luca; 3. Push a image to project_Alice and push another image to project_Luca; 4. Trigger scan all event; 5. Check if image in project_Alice and another image in project_Luca were both scanned. Tear down: 1. Delete Alice's repository and Luca's repository; 2. Delete Alice's project and Luca's project; 3. Delete user Alice and Luca. """ url = ADMIN_CLIENT["endpoint"] user_common_password = "******" #1. Create user Alice and Luca; TestProjects.user_Alice_id, user_Alice_name = self.user.create_user( user_password=user_common_password, **ADMIN_CLIENT) TestProjects.user_Luca_id, user_Luca_name = self.user.create_user( user_password=user_common_password, **ADMIN_CLIENT) USER_ALICE_CLIENT = dict(endpoint=url, username=user_Alice_name, password=user_common_password, with_scan_overview=True) USER_LUCA_CLIENT = dict(endpoint=url, username=user_Luca_name, password=user_common_password, with_scan_overview=True) #2. Create 2 new private projects project_Alice and project_Luca; TestProjects.project_Alice_id, TestProjects.project_Alice_name = self.project.create_project( metadata={"public": "false"}, **USER_ALICE_CLIENT) TestProjects.project_Luca_id, TestProjects.project_Luca_name = self.project.create_project( metadata={"public": "false"}, **USER_LUCA_CLIENT) #3. Push a image to project_Alice and push another image to project_Luca; #Note: Please make sure that this Image has never been pulled before by any other cases, # so it is a not-scanned image rigth after repository creation. #image = "tomcat" image_a = "mariadb" src_tag = "latest" #3.1 Push a image to project_Alice; TestProjects.repo_Alice_name, tag_Alice = push_image_to_project( TestProjects.project_Alice_name, harbor_server, user_Alice_name, user_common_password, image_a, src_tag) #Note: Please make sure that this Image has never been pulled before by any other cases, # so it is a not-scanned image rigth after repository creation. image_b = "httpd" src_tag = "latest" #3.2 push another image to project_Luca; TestProjects.repo_Luca_name, tag_Luca = push_image_to_project( TestProjects.project_Luca_name, harbor_server, user_Luca_name, user_common_password, image_b, src_tag) #4. Trigger scan all event; self.system.scan_now(**ADMIN_CLIENT) #5. Check if image in project_Alice and another image in project_Luca were both scanned. self.artifact.check_image_scan_result(TestProjects.project_Alice_name, image_a, tag_Alice, **USER_ALICE_CLIENT) self.artifact.check_image_scan_result(TestProjects.project_Luca_name, image_b, tag_Luca, **USER_LUCA_CLIENT) #6. Swith Scanner; uuid = self.scanner.scanners_get_uuid(**ADMIN_CLIENT) self.scanner.scanners_registration_id_patch(uuid, **ADMIN_CLIENT) #7. Trigger scan all event; self.system.scan_now(**ADMIN_CLIENT) #8. Check if image in project_Alice and another image in project_Luca were both scanned. self.artifact.check_image_scan_result(TestProjects.project_Alice_name, image_a, tag_Alice, **USER_ALICE_CLIENT) self.artifact.check_image_scan_result(TestProjects.project_Luca_name, image_b, tag_Luca, **USER_LUCA_CLIENT)
class TestScan(unittest.TestCase): @suppress_urllib3_warning def setUp(self): self.project = Project() self.user = User() self.artifact = Artifact() self.repo = Repository() self.scan = Scan() self.url = ADMIN_CLIENT["endpoint"] self.user_password = "******" self.project_id, self.project_name, self.user_id, self.user_name, self.repo_name1, self.repo_name2 = [ None ] * 6 self.user_id, self.user_name = self.user.create_user( user_password=self.user_password, **ADMIN_CLIENT) self.USER_CLIENT = dict(with_signature=True, with_immutable_status=True, endpoint=self.url, username=self.user_name, password=self.user_password, with_scan_overview=True) #2. Create a new private project(PA) by user(UA); self.project_id, self.project_name = self.project.create_project( metadata={"public": "false"}, **ADMIN_CLIENT) #3. Add user(UA) as a member of project(PA) with project-admin role; self.project.add_project_members(self.project_id, user_id=self.user_id, **ADMIN_CLIENT) @unittest.skipIf(TEARDOWN == True, "Test data won't be erased.") def do_tearDown(self): #1. Delete repository(RA) by user(UA); self.repo.delete_repoitory(self.project_name, self.repo_name1.split('/')[1], **self.USER_CLIENT) self.repo.delete_repoitory(self.project_name, self.repo_name2.split('/')[1], **self.USER_CLIENT) #2. Delete project(PA); self.project.delete_project(self.project_id, **self.USER_CLIENT) #3. Delete user(UA); self.user.delete_user(self.user_id, **ADMIN_CLIENT) def testScanImageArtifact(self): """ Test case: Scan An Image Artifact Test step and expected result: 1. Create a new user(UA); 2. Create a new private project(PA) by user(UA); 3. Add user(UA) as a member of project(PA) with project-admin role; 4. Get private project of user(UA), user(UA) can see only one private project which is project(PA); 5. Create a new repository(RA) and tag(TA) in project(PA) by user(UA); 6. Send scan image command and get tag(TA) information to check scan result, it should be finished; 7. Swith Scanner; 8. Send scan another image command and get tag(TA) information to check scan result, it should be finished. Tear down: 1. Delete repository(RA) by user(UA); 2. Delete project(PA); 3. Delete user(UA); """ #4. Get private project of user(UA), user(UA) can see only one private project which is project(PA); self.project.projects_should_exist(dict(public=False), expected_count=1, expected_project_id=self.project_id, **self.USER_CLIENT) #Note: Please make sure that this Image has never been pulled before by any other cases, # so it is a not-scanned image right after repository creation. image = "docker" src_tag = "1.13" #5. Create a new repository(RA) and tag(TA) in project(PA) by user(UA); self.repo_name1, tag = push_self_build_image_to_project( self.project_name, harbor_server, self.user_name, self.user_password, image, src_tag) #6. Send scan image command and get tag(TA) information to check scan result, it should be finished; self.scan.scan_artifact(self.project_name, self.repo_name1.split('/')[1], tag, **self.USER_CLIENT) self.artifact.check_image_scan_result(self.project_name, image, tag, **self.USER_CLIENT) self.do_tearDown() def testScanSignedImage(self): """ Test case: Scan A Signed Image Test step and expected result: 1. Create a new user(UA); 2. Create a new private project(PA) by user(UA); 3. Add user(UA) as a member of project(PA) with project-admin role; 4. Get private project of user(UA), user(UA) can see only one private project which is project(PA); 5. Create a new repository(RA) and tag(TA) in project(PA) by user(UA); 6. Send scan image command and get tag(TA) information to check scan result, it should be finished; 7. Swith Scanner; 8. Send scan another image command and get tag(TA) information to check scan result, it should be finished. Tear down: 1. Delete repository(RA) by user(UA); 2. Delete project(PA); 3. Delete user(UA); """ #Note: Please make sure that this Image has never been pulled before by any other cases, # so it is a not-scanned image right after repository creation. #Note:busybox is pulled in setup phase, and setup is a essential phase. image = "busybox" tag = "latest" #5. Create a new repository(RA) and tag(TA) in project(PA) by user(UA); #TestScan.repo_name_1, tag = push_self_build_image_to_project(self.project_name, harbor_server, self.user_name, self.user_password, image, tag) sign_image(harbor_server, self.project_name, image, tag) #6. Send scan image command and get tag(TA) information to check scan result, it should be finished; self.scan.scan_artifact(self.project_name, image, tag, **self.USER_CLIENT) self.artifact.check_image_scan_result(self.project_name, image, tag, **self.USER_CLIENT)
class TestProjects(unittest.TestCase): @classmethod def setUp(self): self.project = Project() self.user = User() self.artifact = Artifact(api_type='artifact') self.repo = Repository(api_type='repository') self.scan = Scan(api_type='scan') @classmethod def tearDown(self): print "Case completed" @unittest.skipIf(TEARDOWN == False, "Test data won't be erased.") def test_ClearData(self): #1. Delete repository(RA) by user(UA); self.repo.delete_repoitory(TestProjects.project_scan_image_name, TestProjects.repo_name.split('/')[1], **TestProjects.USER_SCAN_IMAGE_CLIENT) #2. Delete project(PA); self.project.delete_project(TestProjects.project_scan_image_id, **TestProjects.USER_SCAN_IMAGE_CLIENT) #3. Delete user(UA); self.user.delete_user(TestProjects.user_scan_image_id, **ADMIN_CLIENT) def testScanImageArtifact(self): """ Test case: Scan An Image Artifact Test step and expected result: 1. Create a new user(UA); 2. Create a new private project(PA) by user(UA); 3. Add user(UA) as a member of project(PA) with project-admin role; 4. Get private project of user(UA), user(UA) can see only one private project which is project(PA); 5. Create a new repository(RA) and tag(TA) in project(PA) by user(UA); 6. Send scan image command and get tag(TA) information to check scan result, it should be finished; Tear down: 1. Delete repository(RA) by user(UA); 2. Delete project(PA); 3. Delete user(UA); """ url = ADMIN_CLIENT["endpoint"] user_001_password = "******" #1. Create user-001 TestProjects.user_scan_image_id, user_scan_image_name = self.user.create_user( user_password=user_001_password, **ADMIN_CLIENT) TestProjects.USER_SCAN_IMAGE_CLIENT = dict( endpoint=url, username=user_scan_image_name, password=user_001_password, with_scan_overview=True) #2. Create a new private project(PA) by user(UA); TestProjects.project_scan_image_id, TestProjects.project_scan_image_name = self.project.create_project( metadata={"public": "false"}, **ADMIN_CLIENT) #3. Add user(UA) as a member of project(PA) with project-admin role; self.project.add_project_members(TestProjects.project_scan_image_id, TestProjects.user_scan_image_id, **ADMIN_CLIENT) #4. Get private project of user(UA), user(UA) can see only one private project which is project(PA); self.project.projects_should_exist( dict(public=False), expected_count=1, expected_project_id=TestProjects.project_scan_image_id, **TestProjects.USER_SCAN_IMAGE_CLIENT) #Note: Please make sure that this Image has never been pulled before by any other cases, # so it is a not-scanned image right after repository creation. #image = "tomcat" image = "docker" src_tag = "1.13" #5. Create a new repository(RA) and tag(TA) in project(PA) by user(UA); TestProjects.repo_name, tag = push_image_to_project( TestProjects.project_scan_image_name, harbor_server, user_scan_image_name, user_001_password, image, src_tag) #6. Send scan image command and get tag(TA) information to check scan result, it should be finished; self.scan.scan_artifact(TestProjects.project_scan_image_name, TestProjects.repo_name.split('/')[1], tag, **TestProjects.USER_SCAN_IMAGE_CLIENT) #6. Send scan image command and get tag(TA) information to check scan result, it should be finished; self.artifact.check_image_scan_result( TestProjects.project_scan_image_name, image, tag, **TestProjects.USER_SCAN_IMAGE_CLIENT)