quay/endpoints/api/test/test_repository.py

import pytest

from mock import patch, ANY, MagicMock

from data import model, database
from data.appr_model import release, channel, blob
from endpoints.appr.models_cnr import model as appr_model
from endpoints.api.test.shared import conduct_api_call
from endpoints.api.repository import RepositoryTrust, Repository, RepositoryList
from endpoints.test.shared import client_with_identity
from features import FeatureNameValue

from test.fixtures import *

INVALID_RESPONSE = {
  u'detail': u"u'invalid_req' is not of type 'boolean'",
  u'error_message': u"u'invalid_req' is not of type 'boolean'",
  u'error_type': u'invalid_request',
  u'status': 400,
  u'title': u'invalid_request',
  u'type': u'http://localhost/api/v1/error/invalid_request'
}

NOT_FOUND_RESPONSE = {
  u'detail':
    u'Not Found',
  u'error_message':
    u'Not Found',
  u'error_type':
    u'not_found',
  u'message':
    u'You have requested this URI [/api/v1/repository/devtable/repo/changetrust] but did you mean /api/v1/repository/<apirepopath:repository>/changetrust or /api/v1/repository/<apirepopath:repository>/changevisibility or /api/v1/repository/<apirepopath:repository>/tag/<tag>/images ?',
  u'status':
    404,
  u'title':
    u'not_found',
  u'type':
    u'http://localhost/api/v1/error/not_found'
}


@pytest.mark.parametrize('trust_enabled,repo_found,expected_body,expected_status', [
  (True, True, {
    'success': True
  }, 200),
  (False, True, {
    'success': True
  }, 200),
  (False, False, NOT_FOUND_RESPONSE, 404),
  ('invalid_req', False, INVALID_RESPONSE, 400),
])
def test_post_changetrust(trust_enabled, repo_found, expected_body, expected_status, client):
  with patch('endpoints.api.repository.tuf_metadata_api') as mock_tuf:
    with patch(
        'endpoints.api.repository_models_pre_oci.model.repository.get_repository') as mock_model:
      mock_model.return_value = MagicMock() if repo_found else None
      mock_tuf.get_default_tags_with_expiration.return_value = ['tags', 'expiration']
      with client_with_identity('devtable', client) as cl:
        params = {'repository': 'devtable/repo'}
        request_body = {'trust_enabled': trust_enabled}
        assert expected_body == conduct_api_call(cl, RepositoryTrust, 'POST', params, request_body,
                                                 expected_status).json


def test_signing_disabled(client):
  with patch('features.SIGNING', FeatureNameValue('SIGNING', False)):
    with client_with_identity('devtable', client) as cl:
      params = {'repository': 'devtable/simple'}
      response = conduct_api_call(cl, Repository, 'GET', params).json
      assert not response['trust_enabled']


def test_list_starred_repos(client):
  with client_with_identity('devtable', client) as cl:
    params = {
      'starred': 'true',
    }

    response = conduct_api_call(cl, RepositoryList, 'GET', params).json
    repos = {r['namespace'] + '/' + r['name'] for r in response['repositories']}
    assert 'devtable/simple' in repos
    assert 'public/publicrepo' not in repos

    # Add a star on publicrepo.
    publicrepo = model.repository.get_repository('public', 'publicrepo')
    model.repository.star_repository(model.user.get_user('devtable'), publicrepo)

    # Ensure publicrepo shows up.
    response = conduct_api_call(cl, RepositoryList, 'GET', params).json
    repos = {r['namespace'] + '/' + r['name'] for r in response['repositories']}
    assert 'devtable/simple' in repos
    assert 'public/publicrepo' in repos

    # Make publicrepo private and ensure it disappears.
    model.repository.set_repository_visibility(publicrepo, 'private')

    response = conduct_api_call(cl, RepositoryList, 'GET', params).json
    repos = {r['namespace'] + '/' + r['name'] for r in response['repositories']}
    assert 'devtable/simple' in repos
    assert 'public/publicrepo' not in repos


@pytest.mark.parametrize('repo_name, expected_status', [
  pytest.param('x' * 255, 201, id='Maximum allowed length'),
  pytest.param('x' * 256, 400, id='Over allowed length'),
  pytest.param('a|b', 400, id='Invalid name'),
])
def test_create_repository(repo_name, expected_status, client):
  with client_with_identity('devtable', client) as cl:
    body = {
      'namespace': 'devtable',
      'repository': repo_name,
      'visibility': 'public',
      'description': 'foo',
    }

    result = conduct_api_call(client, RepositoryList, 'post', None, body,
                              expected_code=expected_status).json
    if expected_status == 201:
      assert result['name'] == repo_name
      assert model.repository.get_repository('devtable', repo_name).name == repo_name


@pytest.mark.parametrize('has_tag_manifest', [
  True,
  False,
])
def test_get_repo(has_tag_manifest, client, initialized_db):
  with client_with_identity('devtable', client) as cl:
    if not has_tag_manifest:
      database.TagManifestLabelMap.delete().execute()
      database.TagManifestToManifest.delete().execute()
      database.TagManifestLabel.delete().execute()
      database.TagManifest.delete().execute()

    params = {'repository': 'devtable/simple'}
    response = conduct_api_call(cl, Repository, 'GET', params).json
    assert response['kind'] == 'image'


def test_get_app_repo(client, initialized_db):
  with client_with_identity('devtable', client) as cl:
    devtable = model.user.get_user('devtable')
    repo = model.repository.create_repository('devtable', 'someappr', devtable,
                                              repo_kind='application')

    models_ref = appr_model.models_ref
    blob.get_or_create_blob('sha256:somedigest', 0, 'application/vnd.cnr.blob.v0.tar+gzip',
                            ['local_us'], models_ref)

    release.create_app_release(repo, 'test',
                               dict(mediaType='application/vnd.cnr.package-manifest.helm.v0.json'),
                               'sha256:somedigest', models_ref, False)

    channel.create_or_update_channel(repo, 'somechannel', 'test', models_ref)

    params = {'repository': 'devtable/someappr'}
    response = conduct_api_call(cl, Repository, 'GET', params).json
    assert response['kind'] == 'application'
    assert response['channels']
    assert response['releases']
Add flag to enable trust per repo (#2541) * Add flag to enable trust per repo * Add api for enabling/disabling trust * Add new LogEntryKind for changing repo trust settings Also add tests for repo trust api * Add `set_trust` method to repository * Expose new logkind to UI * Fix registry tests * Rebase migrations and regen test.db * Raise downstreamissue if trust metadata can't be removed * Refactor change_repo_trust * Add show_if to change_repo_trust endpoint 2017-04-15 12:26:33 +00:00			`import pytest`

Switch fixture imports to wildcard in prep for full db test fixes 2017-04-24 17:49:29 +00:00			`from mock import patch, ANY, MagicMock`

Phase 1 of migrating APPR-specific tables to tables with the `Appr` prefix Fixes https://jira.coreos.com/browse/QUAY-950 2018-05-24 21:54:51 +00:00			`from data import model, database`
			`from data.appr_model import release, channel, blob`
			`from endpoints.appr.models_cnr import model as appr_model`
Move conduct_call into a common test lib for all endpoints 2017-06-28 08:38:36 +00:00			`from endpoints.api.test.shared import conduct_api_call`
Show starred public repositories in the starred repos list We forgot to check if the repository was public in the filter Fixes https://jira.coreos.com/browse/QUAY-857 2018-05-31 21:34:17 +00:00			`from endpoints.api.repository import RepositoryTrust, Repository, RepositoryList`
Move conduct_call into a common test lib for all endpoints 2017-06-28 08:38:36 +00:00			`from endpoints.test.shared import client_with_identity`
Make sure we don't internal error when signing is disabled 2017-04-19 16:27:01 +00:00			`from features import FeatureNameValue`
Switch fixture imports to wildcard in prep for full db test fixes 2017-04-24 17:49:29 +00:00
			`from test.fixtures import *`
Add flag to enable trust per repo (#2541) * Add flag to enable trust per repo * Add api for enabling/disabling trust * Add new LogEntryKind for changing repo trust settings Also add tests for repo trust api * Add `set_trust` method to repository * Expose new logkind to UI * Fix registry tests * Rebase migrations and regen test.db * Raise downstreamissue if trust metadata can't be removed * Refactor change_repo_trust * Add show_if to change_repo_trust endpoint 2017-04-15 12:26:33 +00:00
			`INVALID_RESPONSE = {`
			`u'detail': u"u'invalid_req' is not of type 'boolean'",`
			`u'error_message': u"u'invalid_req' is not of type 'boolean'",`
			`u'error_type': u'invalid_request',`
			`u'status': 400,`
			`u'title': u'invalid_request',`
			`u'type': u'http://localhost/api/v1/error/invalid_request'`
			`}`

			`NOT_FOUND_RESPONSE = {`
style(data, endpoints, test): ran yapf against changed files ### Description of Changes Issue: https://coreosdev.atlassian.net/browse/QUAY-633 ## Reviewer Checklist - [ ] It works! - [ ] Comments provide sufficient explanations for the next contributor - [ ] Tests cover changes and corner cases - [ ] Follows Quay syntax patterns and format 2017-07-24 15:05:15 +00:00			`u'detail':`
			`u'Not Found',`
			`u'error_message':`
			`u'Not Found',`
			`u'error_type':`
			`u'not_found',`
			`u'message':`
			`u'You have requested this URI [/api/v1/repository/devtable/repo/changetrust] but did you mean /api/v1/repository/<apirepopath:repository>/changetrust or /api/v1/repository/<apirepopath:repository>/changevisibility or /api/v1/repository/<apirepopath:repository>/tag/<tag>/images ?',`
			`u'status':`
			`404,`
			`u'title':`
			`u'not_found',`
			`u'type':`
			`u'http://localhost/api/v1/error/not_found'`
Add flag to enable trust per repo (#2541) * Add flag to enable trust per repo * Add api for enabling/disabling trust * Add new LogEntryKind for changing repo trust settings Also add tests for repo trust api * Add `set_trust` method to repository * Expose new logkind to UI * Fix registry tests * Rebase migrations and regen test.db * Raise downstreamissue if trust metadata can't be removed * Refactor change_repo_trust * Add show_if to change_repo_trust endpoint 2017-04-15 12:26:33 +00:00			`}`


			`@pytest.mark.parametrize('trust_enabled,repo_found,expected_body,expected_status', [`
style(data, endpoints, test): ran yapf against changed files ### Description of Changes Issue: https://coreosdev.atlassian.net/browse/QUAY-633 ## Reviewer Checklist - [ ] It works! - [ ] Comments provide sufficient explanations for the next contributor - [ ] Tests cover changes and corner cases - [ ] Follows Quay syntax patterns and format 2017-07-24 15:05:15 +00:00			`(True, True, {`
			`'success': True`
			`}, 200),`
			`(False, True, {`
			`'success': True`
			`}, 200),`
Add flag to enable trust per repo (#2541) * Add flag to enable trust per repo * Add api for enabling/disabling trust * Add new LogEntryKind for changing repo trust settings Also add tests for repo trust api * Add `set_trust` method to repository * Expose new logkind to UI * Fix registry tests * Rebase migrations and regen test.db * Raise downstreamissue if trust metadata can't be removed * Refactor change_repo_trust * Add show_if to change_repo_trust endpoint 2017-04-15 12:26:33 +00:00			`(False, False, NOT_FOUND_RESPONSE, 404),`
style(data, endpoints, test): ran yapf against changed files ### Description of Changes Issue: https://coreosdev.atlassian.net/browse/QUAY-633 ## Reviewer Checklist - [ ] It works! - [ ] Comments provide sufficient explanations for the next contributor - [ ] Tests cover changes and corner cases - [ ] Follows Quay syntax patterns and format 2017-07-24 15:05:15 +00:00			`('invalid_req', False, INVALID_RESPONSE, 400),`
Add flag to enable trust per repo (#2541) * Add flag to enable trust per repo * Add api for enabling/disabling trust * Add new LogEntryKind for changing repo trust settings Also add tests for repo trust api * Add `set_trust` method to repository * Expose new logkind to UI * Fix registry tests * Rebase migrations and regen test.db * Raise downstreamissue if trust metadata can't be removed * Refactor change_repo_trust * Add show_if to change_repo_trust endpoint 2017-04-15 12:26:33 +00:00			`])`
			`def test_post_changetrust(trust_enabled, repo_found, expected_body, expected_status, client):`
Support SNI in python requests, and only delete tuf metadata if it exists 2017-05-01 19:51:54 +00:00			`with patch('endpoints.api.repository.tuf_metadata_api') as mock_tuf:`
style(data, endpoints, test): ran yapf against changed files ### Description of Changes Issue: https://coreosdev.atlassian.net/browse/QUAY-633 ## Reviewer Checklist - [ ] It works! - [ ] Comments provide sufficient explanations for the next contributor - [ ] Tests cover changes and corner cases - [ ] Follows Quay syntax patterns and format 2017-07-24 15:05:15 +00:00			`with patch(`
			`'endpoints.api.repository_models_pre_oci.model.repository.get_repository') as mock_model:`
refactor(endpoints/api/repository*): added in pre_oci_model abstraction this is a part of getting ready for oci stuff [TESTING->using new PR stack] Issue: https://coreosdev.atlassian.net/browse/QUAY-633 - [ ] It works! - [ ] Comments provide sufficient explanations for the next contributor - [ ] Tests cover changes and corner cases - [ ] Follows Quay syntax patterns and format 2017-07-21 18:04:59 +00:00			`mock_model.return_value = MagicMock() if repo_found else None`
Support SNI in python requests, and only delete tuf metadata if it exists 2017-05-01 19:51:54 +00:00			`mock_tuf.get_default_tags_with_expiration.return_value = ['tags', 'expiration']`
Add flag to enable trust per repo (#2541) * Add flag to enable trust per repo * Add api for enabling/disabling trust * Add new LogEntryKind for changing repo trust settings Also add tests for repo trust api * Add `set_trust` method to repository * Expose new logkind to UI * Fix registry tests * Rebase migrations and regen test.db * Raise downstreamissue if trust metadata can't be removed * Refactor change_repo_trust * Add show_if to change_repo_trust endpoint 2017-04-15 12:26:33 +00:00			`with client_with_identity('devtable', client) as cl:`
			`params = {'repository': 'devtable/repo'}`
			`request_body = {'trust_enabled': trust_enabled}`
style(data, endpoints, test): ran yapf against changed files ### Description of Changes Issue: https://coreosdev.atlassian.net/browse/QUAY-633 ## Reviewer Checklist - [ ] It works! - [ ] Comments provide sufficient explanations for the next contributor - [ ] Tests cover changes and corner cases - [ ] Follows Quay syntax patterns and format 2017-07-24 15:05:15 +00:00			`assert expected_body == conduct_api_call(cl, RepositoryTrust, 'POST', params, request_body,`
			`expected_status).json`
Make sure we don't internal error when signing is disabled 2017-04-19 16:27:01 +00:00

			`def test_signing_disabled(client):`
			`with patch('features.SIGNING', FeatureNameValue('SIGNING', False)):`
			`with client_with_identity('devtable', client) as cl:`
			`params = {'repository': 'devtable/simple'}`
			`response = conduct_api_call(cl, Repository, 'GET', params).json`
			`assert not response['trust_enabled']`
Move conduct_call into a common test lib for all endpoints 2017-06-28 08:38:36 +00:00

Show starred public repositories in the starred repos list We forgot to check if the repository was public in the filter Fixes https://jira.coreos.com/browse/QUAY-857 2018-05-31 21:34:17 +00:00			`def test_list_starred_repos(client):`
			`with client_with_identity('devtable', client) as cl:`
			`params = {`
			`'starred': 'true',`
			`}`

			`response = conduct_api_call(cl, RepositoryList, 'GET', params).json`
			`repos = {r['namespace'] + '/' + r['name'] for r in response['repositories']}`
			`assert 'devtable/simple' in repos`
			`assert 'public/publicrepo' not in repos`

			`# Add a star on publicrepo.`
			`publicrepo = model.repository.get_repository('public', 'publicrepo')`
			`model.repository.star_repository(model.user.get_user('devtable'), publicrepo)`

			`# Ensure publicrepo shows up.`
			`response = conduct_api_call(cl, RepositoryList, 'GET', params).json`
			`repos = {r['namespace'] + '/' + r['name'] for r in response['repositories']}`
			`assert 'devtable/simple' in repos`
			`assert 'public/publicrepo' in repos`

			`# Make publicrepo private and ensure it disappears.`
			`model.repository.set_repository_visibility(publicrepo, 'private')`

			`response = conduct_api_call(cl, RepositoryList, 'GET', params).json`
			`repos = {r['namespace'] + '/' + r['name'] for r in response['repositories']}`
			`assert 'devtable/simple' in repos`
			`assert 'public/publicrepo' not in repos`
Ensure that we limit the length of repository names Until now, they'd simply be truncated by the database. Now, we properly check their lengths. Fixes https://jira.coreos.com/browse/QUAY-963 2018-07-08 12:20:02 +00:00

			`@pytest.mark.parametrize('repo_name, expected_status', [`
			`pytest.param('x' * 255, 201, id='Maximum allowed length'),`
			`pytest.param('x' * 256, 400, id='Over allowed length'),`
			`pytest.param('a\|b', 400, id='Invalid name'),`
			`])`
			`def test_create_repository(repo_name, expected_status, client):`
			`with client_with_identity('devtable', client) as cl:`
			`body = {`
			`'namespace': 'devtable',`
			`'repository': repo_name,`
			`'visibility': 'public',`
			`'description': 'foo',`
			`}`

			`result = conduct_api_call(client, RepositoryList, 'post', None, body,`
			`expected_code=expected_status).json`
			`if expected_status == 201:`
			`assert result['name'] == repo_name`
			`assert model.repository.get_repository('devtable', repo_name).name == repo_name`
Phase 1 of migrating APPR-specific tables to tables with the `Appr` prefix Fixes https://jira.coreos.com/browse/QUAY-950 2018-05-24 21:54:51 +00:00

Fix issue accessing a null tagmanifest under a tag in a repository 2018-07-25 19:26:48 +00:00			`@pytest.mark.parametrize('has_tag_manifest', [`
			`True,`
			`False,`
			`])`
			`def test_get_repo(has_tag_manifest, client, initialized_db):`
			`with client_with_identity('devtable', client) as cl:`
			`if not has_tag_manifest:`
Fix the V22 phase 1 migrations to use new tables for mapping rather than editing existing tables The ALTER TABLE operations previously used were causing the DB to die when run on the production TagManifest table which has 7 million rows. We instead now use new mapping tables, which is less nice, but these are temporary anyway, so hopefully we only have to deal with their ugliness for a short duration. 2018-08-06 20:58:27 +00:00			`database.TagManifestLabelMap.delete().execute()`
			`database.TagManifestToManifest.delete().execute()`
Fix issue accessing a null tagmanifest under a tag in a repository 2018-07-25 19:26:48 +00:00			`database.TagManifestLabel.delete().execute()`
			`database.TagManifest.delete().execute()`

			`params = {'repository': 'devtable/simple'}`
			`response = conduct_api_call(cl, Repository, 'GET', params).json`
			`assert response['kind'] == 'image'`


Phase 1 of migrating APPR-specific tables to tables with the `Appr` prefix Fixes https://jira.coreos.com/browse/QUAY-950 2018-05-24 21:54:51 +00:00			`def test_get_app_repo(client, initialized_db):`
			`with client_with_identity('devtable', client) as cl:`
			`devtable = model.user.get_user('devtable')`
			`repo = model.repository.create_repository('devtable', 'someappr', devtable,`
			`repo_kind='application')`

			`models_ref = appr_model.models_ref`
			`blob.get_or_create_blob('sha256:somedigest', 0, 'application/vnd.cnr.blob.v0.tar+gzip',`
			`['local_us'], models_ref)`

			`release.create_app_release(repo, 'test',`
			`dict(mediaType='application/vnd.cnr.package-manifest.helm.v0.json'),`
			`'sha256:somedigest', models_ref, False)`

			`channel.create_or_update_channel(repo, 'somechannel', 'test', models_ref)`

			`params = {'repository': 'devtable/someappr'}`
			`response = conduct_api_call(cl, Repository, 'GET', params).json`
			`assert response['kind'] == 'application'`
			`assert response['channels']`
			`assert response['releases']`