示例#1
0
    def testGarbageCollection(self):
        """
        Test case:
            Garbage Collection
        Test step and expected result:
            1. Create a new user(UA);
            2. Create a new project(PA) by user(UA);
            3. Push a new image(IA) in project(PA) by admin;
            4. Delete repository(RA) by user(UA);
            5. Get repository by user(UA), it should get nothing;
            6. Tigger garbage collection operation;
            7. Check garbage collection job was finished;
            8. Get garbage collection log, check there is number of files was deleted.
        Tear down:
            1. Delete project(PA);
            2. Delete user(UA).
        """
        url = ADMIN_CLIENT["endpoint"]
        admin_name = ADMIN_CLIENT["username"]
        admin_password = ADMIN_CLIENT["password"]
        user_gc_password = "******"

        #1. Create a new user(UA);
        TestProjects.user_gc_id, user_gc_name = self.user.create_user(
            user_password=user_gc_password, **ADMIN_CLIENT)

        TestProjects.USER_GC_CLIENT = dict(endpoint=url,
                                           username=user_gc_name,
                                           password=user_gc_password)

        #2. Create a new project(PA) by user(UA);
        TestProjects.project_gc_id, TestProjects.project_gc_name = self.project.create_project(
            metadata={"public": "false"}, **TestProjects.USER_GC_CLIENT)

        #3. Push a new image(IA) in project(PA) by admin;
        repo_name, _ = push_image_to_project(TestProjects.project_gc_name,
                                             harbor_server, admin_name,
                                             admin_password, "tomcat",
                                             "latest")

        #4. Delete repository(RA) by user(UA);
        self.repo.delete_repoitory(TestProjects.project_gc_name,
                                   repo_name.split('/')[1],
                                   **TestProjects.USER_GC_CLIENT)

        #5. Get repository by user(UA), it should get nothing;
        repo_data = self.repo.list_repositories(TestProjects.project_gc_name,
                                                **TestProjects.USER_GC_CLIENT)
        _assert_status_code(len(repo_data), 0)

        #6. Tigger garbage collection operation;
        gc_id = self.system.gc_now(**ADMIN_CLIENT)

        #7. Check garbage collection job was finished;
        self.system.validate_gc_job_status(gc_id, "finished", **ADMIN_CLIENT)

        #8. Get garbage collection log, check there is number of files was deleted.
        self.system.validate_deletion_success(gc_id, **ADMIN_CLIENT)
示例#2
0
    def testDelRepo(self):
        """
        Test case:
            Delete a repository
        Test step and expected result:
            1. Create a new user(UA);
            2. Create a new project(PA) by user(UA);
            3. Create a new repository(RA) in project(PA) by user(UA);
            4. Get repository in project(PA), there should be one repository which was created by user(UA);
            5. Delete repository(RA) by user(UA);
            6. Get repository by user(UA), it should get nothing;
        Tear down:
            1. Delete project(PA);
            2. Delete user(UA).
        """
        url = ADMIN_CLIENT["endpoint"]
        user_del_repo_password = "******"

        #1. Create a new user(UA);
        TestProjects.user_del_repo_id, user_del_repo_name = self.user.create_user(
            user_password=user_del_repo_password, **ADMIN_CLIENT)

        TestProjects.USER_del_repo_CLIENT = dict(
            endpoint=url,
            username=user_del_repo_name,
            password=user_del_repo_password)

        #2. Create a new project(PA) by user(UA);
        TestProjects.project_del_repo_id, TestProjects.project_del_repo_name = self.project.create_project(
            metadata={"public": "false"}, **TestProjects.USER_del_repo_CLIENT)

        #3. Create a new repository(RA) in project(PA) by user(UA);
        repo_name, _ = push_self_build_image_to_project(
            TestProjects.project_del_repo_name,
            harbor_server,
            'admin',
            'Harbor12345',
            "test_del_repo",
            "latest",
            size=512)

        #4. Get repository in project(PA), there should be one repository which was created by user(UA);
        repo_data = self.repo.list_repositories(
            TestProjects.project_del_repo_name,
            **TestProjects.USER_del_repo_CLIENT)
        _assert_status_code(repo_name, repo_data[0].name)

        #5. Delete repository(RA) by user(UA);
        self.repo.delete_repository(TestProjects.project_del_repo_name,
                                    repo_name.split('/')[1],
                                    **TestProjects.USER_del_repo_CLIENT)

        #6. Get repository by user(UA), it should get nothing;
        repo_data = self.repo.list_repositories(
            TestProjects.project_del_repo_name,
            **TestProjects.USER_del_repo_CLIENT)
        _assert_status_code(len(repo_data), 0)
示例#3
0
    def testDelRepo(self):
        """
        Test case:
            Delete a repository
        Test step & Expectation:
            1. Create a new user(UA);
            2. Create a new project(PA) by user(UA);
            3. Create a new repository(RA) in project(PA) by user(UA);
            4. Get repository in project(PA), there should be one repository which was created by user(UA);
            5. Delete repository(RA) by user(UA);
            6. Get repository by user(UA), it should get nothing;
        Tear down:
            1. Delete project(PA);
            2. Delete user(UA).
        """
        admin_user = "******"
        admin_pwd = "Harbor12345"
        url = CLIENT["endpoint"]
        user_del_repo_password = "******"
        TestProjects.ADMIN_CLIENT = dict(endpoint=url,
                                         username=admin_user,
                                         password=admin_pwd)

        #1. Create a new user(UA);
        TestProjects.user_del_repo_id, user_del_repo_name = self.user.create_user_success(
            user_password=user_del_repo_password, **TestProjects.ADMIN_CLIENT)

        TestProjects.USER_del_repo_CLIENT = dict(
            endpoint=url,
            username=user_del_repo_name,
            password=user_del_repo_password)

        #2. Create a new project(PA) by user(UA);
        project_del_repo_name, TestProjects.project_del_repo_id = self.project.create_project(
            metadata={"public": "false"}, **TestProjects.USER_del_repo_CLIENT)

        #3. Create a new repository(RA) in project(PA) by user(UA);
        repo_name, _ = create_repository(project_del_repo_name, harbor_server,
                                         'admin', 'Harbor12345', "hello-world",
                                         "latest")

        #4. Get repository in project(PA), there should be one repository which was created by user(UA);
        repo_data = self.repo.get_repository(
            TestProjects.project_del_repo_id,
            **TestProjects.USER_del_repo_CLIENT)
        _assert_status_code(repo_name, repo_data[0].name)

        #5. Delete repository(RA) by user(UA);
        self.repo.delete_repoitory(repo_name,
                                   **TestProjects.USER_del_repo_CLIENT)

        #6. Get repository by user(UA), it should get nothing;
        repo_data = self.repo.get_repository(
            TestProjects.project_del_repo_id,
            **TestProjects.USER_del_repo_CLIENT)
        _assert_status_code(len(repo_data), 0)
示例#4
0
文件: project.py 项目: zjcy/harbor
 def query_user_logs(self, project_name, status_code=200, **kwargs):
     try:
         logs = self.get_project_log(project_name, expect_status_code=status_code, **kwargs)
         count = 0
         for log in list(logs):
             count = count + 1
         return count
     except ApiException as e:
         _assert_status_code(status_code, e.status)
         return 0
 def queryUserLogs(self, username, password, status_code=200):
     client = dict(endpoint=ADMIN_CLIENT["endpoint"],
                   username=username,
                   password=password)
     try:
         logs = self.projectv2.get_project_log(self._project_name,
                                               status_code, **client)
         count = 0
         for log in list(logs):
             count = count + 1
         return count
     except ApiException as e:
         _assert_status_code(status_code, e.status)
         return 0
示例#6
0
    def testRetag(self):
        """
        Test case:
            Retag Image
        Test step and expected result:
            1. Create a new user(UA);
            2. Create a new project(PA) by user(UA);
            3. Create a new project(PB) by user(UA);
            4. Update role of user-retag as guest member of project(PB);
            5. Create a new repository(RA) in project(PA) by user(UA);
            6. Get repository in project(PA), there should be one repository which was created by user(UA);
            7. Get repository(RA)'s image tag detail information;
            8. Retag image in project(PA) to project(PB), it should be forbidden;
            9. Update role of user-retag as admin member of project(PB);
            10. Retag image in project(PA) to project(PB), it should be successful;
            11. Get repository(RB)'s image tag detail information;
            12. Read digest of retaged image, it must be the same with the image in repository(RA);
            13. Pull image from project(PB) by user_retag, it must be successful;
        Tear down:
            1. Delete repository(RA);
            2. Delete repository by retag;
            3. Delete project(PA);
            4. Delete user(UA).
        """
        url = ADMIN_CLIENT["endpoint"]
        user_retag_password = "******"
        pull_tag_name = "latest"
        dst_repo_sub_name = "repo"

        #1. Create a new user(UA);
        TestProjects.user_retag_id, user_retag_name = self.user.create_user(
            user_password=user_retag_password, **ADMIN_CLIENT)

        TestProjects.USER_RETAG_CLIENT = dict(endpoint=url,
                                              username=user_retag_name,
                                              password=user_retag_password)

        #2. Create a new project(PA) by user(UA);
        TestProjects.project_src_repo_id, TestProjects.project_src_repo_name = self.project.create_project(
            metadata={"public": "false"}, **TestProjects.USER_RETAG_CLIENT)

        #3. Create a new project(PB) by user(UA);
        TestProjects.project_dst_repo_id, TestProjects.project_dst_repo_name = self.project.create_project(
            metadata={"public": "false"}, **TestProjects.USER_RETAG_CLIENT)

        retag_member_id = self.project.get_project_member_id(
            TestProjects.project_dst_repo_id, user_retag_name,
            **TestProjects.USER_RETAG_CLIENT)

        #4. Update role of user-retag as guest member of project(PB);
        self.project.update_project_member_role(
            TestProjects.project_dst_repo_id, retag_member_id, 3,
            **ADMIN_CLIENT)

        #5. Create a new repository(RA) in project(PA) by user(UA);
        TestProjects.src_repo_name, tag_name = push_image_to_project(
            TestProjects.project_src_repo_name, harbor_server, 'admin',
            'Harbor12345', "hello-world", pull_tag_name)

        #6. Get repository in project(PA), there should be one repository which was created by user(UA);
        src_repo_data = self.repo.get_repository(
            TestProjects.project_src_repo_name,
            **TestProjects.USER_RETAG_CLIENT)
        _assert_status_code(TestProjects.src_repo_name, src_repo_data[0].name)

        #7. Get repository(RA)'s image tag detail information;
        src_tag_data = self.artifact.get_reference_info(
            TestProjects.project_src_repo_name,
            TestProjects.src_repo_name.split('/')[1], tag_name,
            **TestProjects.USER_RETAG_CLIENT)
        TestProjects.dst_repo_name = TestProjects.project_dst_repo_name + "/" + dst_repo_sub_name
        #8. Retag image in project(PA) to project(PB), it should be forbidden;
        self.artifact.copy_artifact(TestProjects.project_dst_repo_name,
                                    dst_repo_sub_name,
                                    TestProjects.src_repo_name + "@" +
                                    src_tag_data[0].digest,
                                    expect_status_code=403,
                                    **TestProjects.USER_RETAG_CLIENT)

        #9. Update role of user-retag as admin member of project(PB);
        self.project.update_project_member_role(
            TestProjects.project_dst_repo_id, retag_member_id, 1,
            **ADMIN_CLIENT)

        #10. Retag image in project(PA) to project(PB), it should be successful;
        self.artifact.copy_artifact(
            TestProjects.project_dst_repo_name, dst_repo_sub_name,
            TestProjects.src_repo_name + "@" + src_tag_data[0].digest,
            **TestProjects.USER_RETAG_CLIENT)

        #11. Get repository(RB)'s image tag detail information;
        dst_tag_data = self.artifact.get_reference_info(
            TestProjects.project_dst_repo_name, dst_repo_sub_name, tag_name,
            **TestProjects.USER_RETAG_CLIENT)

        #12. Read digest of retaged image, it must be the same with the image in repository(RA);
        self.assertEqual(src_tag_data[0].digest, dst_tag_data[0].digest)

        #13. Pull image from project(PB) by user_retag, it must be successful;"
        pull_harbor_image(harbor_server, user_retag_name, user_retag_password,
                          TestProjects.dst_repo_name, tag_name)
示例#7
0
    def testRobotAccount(self):
        """
        Test case:
            Robot Account
        Test step and expected result:
			1. Create user(UA);
			2. Create private project(PA), private project(PB) and public project(PC) by user(UA);
			3. Push image(ImagePA) to project(PA), image(ImagePB) to project(PB) and image(ImagePC) to project(PC) by user(UA);
			4. Create a new robot account(RA) with pull and push privilige in project(PA) by user(UA);
			5. Check robot account info, it should has both pull and push priviliges;
			6. Pull image(ImagePA) from project(PA) by robot account(RA), it must be successful;
			7. Push image(ImageRA) to project(PA) by robot account(RA), it must be successful;
			8. Push image(ImageRA) to project(PB) by robot account(RA), it must be not successful;
			9. Pull image(ImagePB) from project(PB) by robot account(RA), it must be not successful;
			10. Pull image from project(PC), it must be successful;
			11. Push image(ImageRA) to project(PC) by robot account(RA), it must be not successful;
			12. Update action property of robot account(RA);
			13. Pull image(ImagePA) from project(PA) by robot account(RA), it must be not successful;
			14. Push image(ImageRA) to project(PA) by robot account(RA), it must be not successful;
			15. Delete robot account(RA), it must be not successful.
        Tear down:
            1. Delete repository(RA) by user(UA);
            2. Delete project(PA);
            3. Delete user(UA).
        """
        url = ADMIN_CLIENT["endpoint"]
        admin_name = ADMIN_CLIENT["username"]
        admin_password = ADMIN_CLIENT["password"]
        user_ra_password = "******"
        image_project_a = "haproxy"
        image_project_b = "hello-world"
        image_project_c = "httpd"
        image_robot_account = "alpine"
        tag = "latest"

        #1. Create user(UA);"
        TestProjects.user_ra_id, user_ra_name = self.user.create_user(user_password = user_ra_password, **ADMIN_CLIENT)
        TestProjects.USER_RA_CLIENT=dict(endpoint = url, username = user_ra_name, password = user_ra_password)

        #2. Create private project(PA), private project(PB) and public project(PC) by user(UA);
        TestProjects.project_ra_id_a, TestProjects.project_ra_name_a = self.project.create_project(metadata = {"public": "false"}, **TestProjects.USER_RA_CLIENT)
        TestProjects.project_ra_id_b, TestProjects.project_ra_name_b = self.project.create_project(metadata = {"public": "false"}, **TestProjects.USER_RA_CLIENT)
        TestProjects.project_ra_id_c, TestProjects.project_ra_name_c = self.project.create_project(metadata = {"public": "true"}, **TestProjects.USER_RA_CLIENT)

        #3. Push image(ImagePA) to project(PA), image(ImagePB) to project(PB) and image(ImagePC) to project(PC) by user(UA);
        TestProjects.repo_name_in_project_a, tag_a = push_self_build_image_to_project(TestProjects.project_ra_name_a, harbor_server, user_ra_name, user_ra_password, image_project_a, tag)
        TestProjects.repo_name_in_project_b, tag_b = push_self_build_image_to_project(TestProjects.project_ra_name_b, harbor_server, user_ra_name, user_ra_password, image_project_b, tag)
        TestProjects.repo_name_in_project_c, tag_c = push_self_build_image_to_project(TestProjects.project_ra_name_c, harbor_server, user_ra_name, user_ra_password, image_project_c, tag)

        #4. Create a new robot account(RA) with pull and push privilege in project(PA) by user(UA);
        robot_id, robot_account = self.robot.create_project_robot(TestProjects.project_ra_name_a,
                                                                         30 ,**TestProjects.USER_RA_CLIENT)

        #5. Check robot account info, it should has both pull and push privilege;
        data = self.robot.get_robot_account_by_id(robot_id, **TestProjects.USER_RA_CLIENT)
        _assert_status_code(robot_account.name, data.name)

        #6. Pull image(ImagePA) from project(PA) by robot account(RA), it must be successful;
        pull_harbor_image(harbor_server, robot_account.name, robot_account.secret, TestProjects.repo_name_in_project_a, tag_a)

        #7. Push image(ImageRA) to project(PA) by robot account(RA), it must be successful;
        TestProjects.repo_name_pa, _ = push_self_build_image_to_project(TestProjects.project_ra_name_a, harbor_server, robot_account.name, robot_account.secret, image_robot_account, tag)

        #8. Push image(ImageRA) to project(PB) by robot account(RA), it must be not successful;
        push_self_build_image_to_project(TestProjects.project_ra_name_b, harbor_server, robot_account.name, robot_account.secret, image_robot_account, tag, expected_error_message = "unauthorized to access repository")

        #9. Pull image(ImagePB) from project(PB) by robot account(RA), it must be not successful;
        pull_harbor_image(harbor_server, robot_account.name, robot_account.secret, TestProjects.repo_name_in_project_b, tag_b, expected_error_message = "unauthorized to access repository")

        #10. Pull image from project(PC), it must be successful;
        pull_harbor_image(harbor_server, robot_account.name, robot_account.secret, TestProjects.repo_name_in_project_c, tag_c)

        #11. Push image(ImageRA) to project(PC) by robot account(RA), it must be not successful;
        push_self_build_image_to_project(TestProjects.project_ra_name_c, harbor_server, robot_account.name, robot_account.secret, image_robot_account, tag, expected_error_message = "unauthorized to access repository")

        #12. Update action property of robot account(RA);"
        self.robot.disable_robot_account(robot_id, True, **TestProjects.USER_RA_CLIENT)

        #13. Pull image(ImagePA) from project(PA) by robot account(RA), it must be not successful;
        pull_harbor_image(harbor_server, robot_account.name, robot_account.secret, TestProjects.repo_name_in_project_a, tag_a, expected_login_error_message = "unauthorized: authentication required")

        #14. Push image(ImageRA) to project(PA) by robot account(RA), it must be not successful;
        push_self_build_image_to_project(TestProjects.project_ra_name_a, harbor_server, robot_account.name, robot_account.secret, image_robot_account, tag, expected_login_error_message = "unauthorized: authentication required")

        #15. Delete robot account(RA), it must be not successful.
        self.robot.delete_robot_account(robot_id, **TestProjects.USER_RA_CLIENT)
示例#8
0
    def testRobotAccount(self):
        """
        Test case:
            Robot Account
        Test step and expected result:
			1. Create user(UA);
			2. Create private project(PA), private project(PB) and public project(PC) by user(UA);
			3. Push image(ImagePA) to project(PA), image(ImagePB) to project(PB) and image(ImagePC) to project(PC) by user(UA);
			4. Create a new robot account(RA) with pull and push privilige in project(PA) by user(UA);
			5. Check robot account info, it should has both pull and push priviliges;
			6. Pull image(ImagePA) from project(PA) by robot account(RA), it must be successful;
			7. Push image(ImageRA) to project(PA) by robot account(RA), it must be successful;
			8. Push image(ImageRA) to project(PB) by robot account(RA), it must be not successful;
			9. Pull image(ImagePB) from project(PB) by robot account(RA), it must be not successful;
			10. Pull image from project(PC), it must be successful;
			11. Push image(ImageRA) to project(PC) by robot account(RA), it must be not successful;
			12. Update action property of robot account(RA);
			13. Pull image(ImagePA) from project(PA) by robot account(RA), it must be not successful;
			14. Push image(ImageRA) to project(PA) by robot account(RA), it must be not successful;
			15. Push image(ImageRA) to project(PA) by robot account(RA), it must be not successful;
        Tear down:
            1. Delete project(PA) (PB) (PC);
            2. Delete user(UA).
        """
        url = ADMIN_CLIENT["endpoint"]
        admin_name = ADMIN_CLIENT["username"]
        admin_password = ADMIN_CLIENT["password"]
        user_ra_password = "******"
        image_project_a = "tomcat"
        image_project_b = "hello-world"
        image_project_c = "mysql"
        image_robot_account = "mariadb"
        tag = "latest"

        print "#1. Create user(UA);"
        TestProjects.user_ra_id, user_ra_name = self.user.create_user(
            user_password=user_ra_password, **ADMIN_CLIENT)
        TestProjects.USER_RA_CLIENT = dict(endpoint=url,
                                           username=user_ra_name,
                                           password=user_ra_password)

        print "#2. Create private project(PA), private project(PB) and public project(PC) by user(UA);"
        TestProjects.project_ra_id_a, project_ra_name_a = self.project.create_project(
            metadata={"public": "false"}, **TestProjects.USER_RA_CLIENT)
        TestProjects.project_ra_id_b, project_ra_name_b = self.project.create_project(
            metadata={"public": "false"}, **TestProjects.USER_RA_CLIENT)
        TestProjects.project_ra_id_c, project_ra_name_c = self.project.create_project(
            metadata={"public": "true"}, **TestProjects.USER_RA_CLIENT)

        print "#3. Push image(ImagePA) to project(PA), image(ImagePB) to project(PB) and image(ImagePC) to project(PC) by user(UA);"
        TestProjects.repo_name_in_project_a, tag_a = push_image_to_project(
            project_ra_name_a, harbor_server, user_ra_name, user_ra_password,
            image_project_a, tag)
        TestProjects.repo_name_in_project_b, tag_b = push_image_to_project(
            project_ra_name_b, harbor_server, user_ra_name, user_ra_password,
            image_project_b, tag)
        TestProjects.repo_name_in_project_c, tag_c = push_image_to_project(
            project_ra_name_c, harbor_server, user_ra_name, user_ra_password,
            image_project_c, tag)

        print "#4. Create a new robot account(RA) with pull and push privilige in project(PA) by user(UA);"
        robot_id, robot_account = self.project.add_project_robot_account(
            TestProjects.project_ra_id_a, project_ra_name_a, 2441000531,
            **TestProjects.USER_RA_CLIENT)
        print robot_account.name
        print robot_account.token

        print "#5. Check robot account info, it should has both pull and push priviliges;"
        data = self.project.get_project_robot_account_by_id(
            TestProjects.project_ra_id_a, robot_id,
            **TestProjects.USER_RA_CLIENT)
        _assert_status_code(robot_account.name, data.name)

        print "#6. Pull image(ImagePA) from project(PA) by robot account(RA), it must be successful;"
        pull_harbor_image(harbor_server, robot_account.name,
                          robot_account.token,
                          TestProjects.repo_name_in_project_a, tag_a)

        print "#7. Push image(ImageRA) to project(PA) by robot account(RA), it must be successful;"
        TestProjects.repo_name_pa, _ = push_image_to_project(
            project_ra_name_a, harbor_server, robot_account.name,
            robot_account.token, image_robot_account, tag)

        print "#8. Push image(ImageRA) to project(PB) by robot account(RA), it must be not successful;"
        push_image_to_project(
            project_ra_name_b,
            harbor_server,
            robot_account.name,
            robot_account.token,
            image_robot_account,
            tag,
            expected_error_message=
            "denied: requested access to the resource is denied")

        print "#9. Pull image(ImagePB) from project(PB) by robot account(RA), it must be not successful;"
        pull_harbor_image(harbor_server,
                          robot_account.name,
                          robot_account.token,
                          TestProjects.repo_name_in_project_b,
                          tag_b,
                          expected_error_message=r"pull access denied for " +
                          harbor_server + "/" +
                          TestProjects.repo_name_in_project_b)

        print "#10. Pull image from project(PC), it must be successful;"
        pull_harbor_image(harbor_server, robot_account.name,
                          robot_account.token,
                          TestProjects.repo_name_in_project_c, tag_c)

        print "#11. Push image(ImageRA) to project(PC) by robot account(RA), it must be not successful;"
        push_image_to_project(
            project_ra_name_c,
            harbor_server,
            robot_account.name,
            robot_account.token,
            image_robot_account,
            tag,
            expected_error_message=
            "denied: requested access to the resource is denied")

        print "#12. Update action property of robot account(RA);"
        self.project.disable_project_robot_account(
            TestProjects.project_ra_id_a, robot_id, True,
            **TestProjects.USER_RA_CLIENT)

        print "#13. Pull image(ImagePA) from project(PA) by robot account(RA), it must be not successful;"
        pull_harbor_image(
            harbor_server,
            robot_account.name,
            robot_account.token,
            TestProjects.repo_name_in_project_a,
            tag_a,
            expected_login_error_message="401 Client Error: Unauthorized")

        print "#14. Push image(ImageRA) to project(PA) by robot account(RA), it must be not successful;"
        push_image_to_project(
            project_ra_name_a,
            harbor_server,
            robot_account.name,
            robot_account.token,
            image_robot_account,
            tag,
            expected_login_error_message="401 Client Error: Unauthorized")

        print "#15. Delete robot account(RA), it must be not successful;"
        self.project.delete_project_robot_account(
            TestProjects.project_ra_id_a, robot_id,
            **TestProjects.USER_RA_CLIENT)
    def testGarbageCollection(self):
        """
        Test case:
            Garbage Collection
        Test step and expected result:
            1. Create a new user(UA);
            2. Create project(PA) and project(PB) by user(UA);
            3. Push a image in project(PA) and then delete repository by admin;
            4. Get repository by user(UA), it should get nothing;
            5. Tigger garbage collection operation;
            6. Check garbage collection job was finished;
            7. Get garbage collection log, check there is a number of files was deleted;
            8. Push a image in project(PB) by admin and delete the only tag;
            9. Tigger garbage collection operation;
            10. Check garbage collection job was finished;
            11. Repository with untag image should be still there;
            12. But no any artifact in repository anymore.
        Tear down:
            1. Delete project(PA);
            2. Delete user(UA).
        """
        url = ADMIN_CLIENT["endpoint"]
        admin_name = ADMIN_CLIENT["username"]
        admin_password = ADMIN_CLIENT["password"]
        user_gc_password = "******"

        #1. Create a new user(UA);
        TestProjects.user_gc_id, user_gc_name = self.user.create_user(user_password = user_gc_password, **ADMIN_CLIENT)

        TestProjects.USER_GC_CLIENT=dict(endpoint = url, username = user_gc_name, password = user_gc_password)

        #2. Create project(PA) and project(PB) by user(UA);
        TestProjects.project_gc_id, TestProjects.project_gc_name = self.project.create_project(metadata = {"public": "false"}, **TestProjects.USER_GC_CLIENT)
        TestProjects.project_gc_untag_id, TestProjects.project_gc_untag_name = self.project.create_project(metadata = {"public": "false"}, **TestProjects.USER_GC_CLIENT)

        #3. Push a image in project(PA) and then delete repository by admin;
        push_special_image_to_project(TestProjects.project_gc_name, harbor_server, admin_name, admin_password, self.repo_name, ["latest", "v1.2.3"])
        self.repo.delete_repoitory(TestProjects.project_gc_name, self.repo_name, **TestProjects.USER_GC_CLIENT)

        #4. Get repository by user(UA), it should get nothing;
        repo_data = self.repo.list_repositories(TestProjects.project_gc_name, **TestProjects.USER_GC_CLIENT)
        _assert_status_code(len(repo_data), 0)

        #8. Push a image in project(PB) by admin and delete the only tag;
        push_special_image_to_project(TestProjects.project_gc_untag_name, harbor_server, admin_name, admin_password, self.repo_name_untag, [self.tag])
        self.artifact.delete_tag(TestProjects.project_gc_untag_name, self.repo_name_untag, self.tag, self.tag, **ADMIN_CLIENT)

        #5. Tigger garbage collection operation;
        gc_id = self.system.gc_now(**ADMIN_CLIENT)

        #6. Check garbage collection job was finished;
        self.system.validate_gc_job_status(gc_id, "finished", **ADMIN_CLIENT)

        #7. Get garbage collection log, check there is a number of files was deleted;
        self.system.validate_deletion_success(gc_id, **ADMIN_CLIENT)

        artifacts = self.artifact.list_artifacts(TestProjects.project_gc_untag_name, self.repo_name_untag, **TestProjects.USER_GC_CLIENT)
        _assert_status_code(len(artifacts), 1)

        time.sleep(5)

        #9. Tigger garbage collection operation;
        gc_id = self.system.gc_now(is_delete_untagged=True, **ADMIN_CLIENT)

        #10. Check garbage collection job was finished;
        self.system.validate_gc_job_status(gc_id, "finished", **ADMIN_CLIENT)

        #7. Get garbage collection log, check there is a number of files was deleted;
        self.system.validate_deletion_success(gc_id, **ADMIN_CLIENT)

        #11. Repository with untag image should be still there;
        repo_data_untag = self.repo.list_repositories(TestProjects.project_gc_untag_name, **TestProjects.USER_GC_CLIENT)
        _assert_status_code(len(repo_data_untag), 1)
        self.assertEqual(TestProjects.project_gc_untag_name + "/" + self.repo_name_untag , repo_data_untag[0].name)

        #12. But no any artifact in repository anymore.
        artifacts = self.artifact.list_artifacts(TestProjects.project_gc_untag_name, self.repo_name_untag, **TestProjects.USER_GC_CLIENT)
        self.assertEqual(artifacts,[])
示例#10
0
    def test_01_ProjectlevelRobotAccount(self):
        """
        Test case:
            Robot Account
        Test step and expected result:
			1. Create user(UA);
			2. Create private project(PA), private project(PB) and public project(PC) by user(UA);
			3. Push image(ImagePA) to project(PA), image(ImagePB) to project(PB) and image(ImagePC) to project(PC) by user(UA);
			4. Create a new robot account(RA) with pull and push privilige in project(PA) by user(UA);
			5. Check robot account info, it should has both pull and push priviliges;
			6. Pull image(ImagePA) from project(PA) by robot account(RA), it must be successful;
			7. Push image(ImageRA) to project(PA) by robot account(RA), it must be successful;
			8. Push image(ImageRA) to project(PB) by robot account(RA), it must be not successful;
			9. Pull image(ImagePB) from project(PB) by robot account(RA), it must be not successful;
			10. Pull image from project(PC), it must be successful;
			11. Push image(ImageRA) to project(PC) by robot account(RA), it must be not successful;
			12. Update action property of robot account(RA);
			13. Pull image(ImagePA) from project(PA) by robot account(RA), it must be not successful;
			14. Push image(ImageRA) to project(PA) by robot account(RA), it must be not successful;
			15. Delete robot account(RA).
            16. Create user(UB), Create public project(PD) by user(UB), user(UA) can't create robot account for project(PD).
        Tear down:
            1. Delete repository(RA) by user(UA);
            2. Delete project(PA);
            3. Delete user(UA).
        """
        image_project_a = "haproxy"
        image_project_b = "image_project_b"
        image_project_c = "httpd"
        image_robot_account = "alpine"
        tag = "latest"

        #1. Create user(UA);"
        self.user_ra_id, user_ra_name = self.user.create_user(
            user_password=TestRobotAccount.user_ra_password, **ADMIN_CLIENT)
        self.USER_RA_CLIENT = dict(endpoint=TestRobotAccount.url,
                                   username=user_ra_name,
                                   password=TestRobotAccount.user_ra_password)

        #2. Create private project(PA), private project(PB) and public project(PC) by user(UA);
        self.project_ra_id_a, self.project_ra_name_a = self.project.create_project(
            metadata={"public": "false"}, **self.USER_RA_CLIENT)
        self.project_ra_id_b, self.project_ra_name_b = self.project.create_project(
            metadata={"public": "false"}, **self.USER_RA_CLIENT)
        self.project_ra_id_c, self.project_ra_name_c = self.project.create_project(
            metadata={"public": "true"}, **self.USER_RA_CLIENT)

        #3. Push image(ImagePA) to project(PA), image(ImagePB) to project(PB) and image(ImagePC) to project(PC) by user(UA);
        self.repo_name_in_project_a, tag_a = push_self_build_image_to_project(
            self.project_ra_name_a, harbor_server, user_ra_name,
            TestRobotAccount.user_ra_password, image_project_a, tag)
        self.repo_name_in_project_b, tag_b = push_self_build_image_to_project(
            self.project_ra_name_b, harbor_server, user_ra_name,
            TestRobotAccount.user_ra_password, image_project_b, tag)
        self.repo_name_in_project_c, tag_c = push_self_build_image_to_project(
            self.project_ra_name_c, harbor_server, user_ra_name,
            TestRobotAccount.user_ra_password, image_project_c, tag)

        #4. Create a new robot account(RA) with pull and push privilege in project(PA) by user(UA);
        robot_id_a, robot_account_a = self.robot.create_project_robot(
            self.project_ra_name_a, 30, **self.USER_RA_CLIENT)
        robot_id_b, robot_account_b = self.robot.create_project_robot(
            self.project_ra_name_b, 30, **self.USER_RA_CLIENT)

        #5. Check robot account info, it should has both pull and push privilege;
        data = self.robot.get_robot_account_by_id(robot_id_a,
                                                  **self.USER_RA_CLIENT)
        _assert_status_code(robot_account_a.name, data.name)

        #6. Pull image(ImagePA) from project(PA) by robot account(RA), it must be successful;
        pull_harbor_image(harbor_server, robot_account_a.name,
                          robot_account_a.secret, self.repo_name_in_project_a,
                          tag_a)

        #7. Push image(ImageRA) to project(PA) by robot account(RA), it must be successful;
        self.repo_name_pa, _ = push_self_build_image_to_project(
            self.project_ra_name_a, harbor_server, robot_account_a.name,
            robot_account_a.secret, image_robot_account, tag)

        #8. Push image(ImageRA) to project(PB) by robot account(RA), it must be not successful;
        push_self_build_image_to_project(
            self.project_ra_name_b,
            harbor_server,
            robot_account_a.name,
            robot_account_a.secret,
            image_robot_account,
            tag,
            expected_error_message="unauthorized to access repository")

        #9. Pull image(ImagePB) from project(PB) by robot account(RA), it must be not successful;
        pull_harbor_image(
            harbor_server,
            robot_account_a.name,
            robot_account_a.secret,
            self.repo_name_in_project_b,
            tag_b,
            expected_error_message="unauthorized to access repository")

        #10. Pull image from project(PC), it must be successful;
        pull_harbor_image(harbor_server, robot_account_a.name,
                          robot_account_a.secret, self.repo_name_in_project_c,
                          tag_c)

        #11. Push image(ImageRA) to project(PC) by robot account(RA), it must be not successful;
        push_self_build_image_to_project(
            self.project_ra_name_c,
            harbor_server,
            robot_account_a.name,
            robot_account_a.secret,
            image_robot_account,
            tag,
            expected_error_message="unauthorized to access repository")

        #12. Update action property of robot account(RA);"
        self.robot.disable_robot_account(robot_id_a, True,
                                         **self.USER_RA_CLIENT)

        #13. Pull image(ImagePA) from project(PA) by robot account(RA), it must be not successful;
        pull_harbor_image(
            harbor_server,
            robot_account_a.name,
            robot_account_a.secret,
            self.repo_name_in_project_a,
            tag_a,
            expected_login_error_message="unauthorized: authentication required"
        )

        #14. Push image(ImageRA) to project(PA) by robot account(RA), it must be not successful;
        push_self_build_image_to_project(
            self.project_ra_name_a,
            harbor_server,
            robot_account_a.name,
            robot_account_a.secret,
            image_robot_account,
            tag,
            expected_login_error_message="unauthorized: authentication required"
        )

        #15. Delete robot account(RA).
        self.robot.delete_robot_account(robot_id_a, **self.USER_RA_CLIENT)

        #16. Create user(UB), Create public project(PD) by user(UB), user(UA) can't create robot account for project(PD).
        self.user_ra_id_b, user_ra_name_b = self.user.create_user(
            user_password=TestRobotAccount.user_ra_password, **ADMIN_CLIENT)
        self.USER_RA_CLIENT_B = dict(
            endpoint=TestRobotAccount.url,
            username=user_ra_name_b,
            password=TestRobotAccount.user_ra_password)
        self.project_ra_id_d, self.project_ra_name_d = self.project.create_project(
            metadata={"public": "true"}, **self.USER_RA_CLIENT_B)
        self.robot.create_project_robot(self.project_ra_name_d,
                                        30,
                                        expect_status_code=403,
                                        **self.USER_RA_CLIENT)

        self.do_01_tearDown()