vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Update tests

Browse source
This commit is contained in:
Evan Cordell 2017-04-05 13:27:31 -04:00
parent 9515f18fb6
commit 1a78722521
6 changed files with 54 additions and 42 deletions
Download patch file Download diff file Expand all files Collapse all files

3
endpoints/api/signing.py
View file

@ -14,6 +14,9 @@ logger = logging.getLogger(__name__)
def _default_signed_tags_for_repository(namespace, repository): def _default_signed_tags_for_repository(namespace, repository):
""" Fetches the tags in the targets/releases delegation, which is the one the docker client will trust. """ """ Fetches the tags in the targets/releases delegation, which is the one the docker client will trust. """
tag_data, _ = tuf_metadata_api.get_default_tags(namespace, repository) tag_data, _ = tuf_metadata_api.get_default_tags(namespace, repository)
if not tag_data:
return {'tags': None}
return { return {
'tags': tag_data.keys() 'tags': tag_data.keys()
} }

6
endpoints/api/test/test_security.py
View file

@ -5,6 +5,7 @@ from endpoints.api.team import OrganizationTeamSyncing
from endpoints.api.test.shared import client_with_identity, conduct_api_call from endpoints.api.test.shared import client_with_identity, conduct_api_call
from endpoints.api.superuser import SuperUserRepositoryBuildLogs, SuperUserRepositoryBuildResource from endpoints.api.superuser import SuperUserRepositoryBuildLogs, SuperUserRepositoryBuildResource
from endpoints.api.superuser import SuperUserRepositoryBuildStatus from endpoints.api.superuser import SuperUserRepositoryBuildStatus
from endpoints.api.signing import RepositorySignatures
from test.fixtures import app, appconfig, database_uri, init_db_path, sqlitedb_file from test.fixtures import app, appconfig, database_uri, init_db_path, sqlitedb_file
TEAM_PARAMS = {'orgname': 'buynlarge', 'teamname': 'owners'} TEAM_PARAMS = {'orgname': 'buynlarge', 'teamname': 'owners'}
@ -35,6 +36,11 @@ BUILD_PARAMS = {'build_uuid': 'test-1234'}
(SuperUserRepositoryBuildResource, 'GET', BUILD_PARAMS, None, 'freshuser', 403), (SuperUserRepositoryBuildResource, 'GET', BUILD_PARAMS, None, 'freshuser', 403),
(SuperUserRepositoryBuildResource, 'GET', BUILD_PARAMS, None, 'reader', 403), (SuperUserRepositoryBuildResource, 'GET', BUILD_PARAMS, None, 'reader', 403),
(SuperUserRepositoryBuildResource, 'GET', BUILD_PARAMS, None, 'devtable', 404), (SuperUserRepositoryBuildResource, 'GET', BUILD_PARAMS, None, 'devtable', 404),
(RepositorySignatures, 'GET', 401, None, None),
(RepositorySignatures, 'GET', 403, 'freshuser', None),
(RepositorySignatures, 'GET', 403, 'reader', None),
(RepositorySignatures, 'GET', 404, 'devtable', None),
]) ])
def test_api_security(resource, method, params, body, identity, expected, client): def test_api_security(resource, method, params, body, identity, expected, client):
with client_with_identity(identity, client) as cl: with client_with_identity(identity, client) as cl:

43
endpoints/api/test/test_signing.py Normal file
View file

@ -0,0 +1,43 @@
from collections import Counter
import pytest
from endpoints.api.test.shared import client_with_identity, conduct_api_call
from endpoints.api.signing import RepositorySignatures
from test.fixtures import app, appconfig, database_uri, init_db_path, sqlitedb_file
from mock import patch
VALID_TARGETS = {
'latest': {
'hashes': {
'sha256': 'mLmxwTyUrqIRDaz8uaBapfrp3GPERfsDg2kiMujlteo='
},
'length': 1500
},
'test_tag': {
'hashes': {
'sha256': '1234123'
},
'length': 50
}
}
def tags_equal(expected, actual):
expected_tags = expected.get('tags')
actual_tags = actual.get('tags')
if expected_tags and actual_tags:
return Counter(expected_tags) == Counter(actual_tags)
return expected == actual
@pytest.mark.parametrize('targets,expected', [
(VALID_TARGETS, {'tags':['latest', 'test_tag']}),
({'bad': 'tags'}, ({'tags': ['bad']})),
({}, ({'tags': None})),
(None, ({'tags': None})), # API returns None on exceptions
])
def test_get_signatures(targets, expected, client):
with patch('endpoints.api.signing.tuf_metadata_api') as mock_tuf:
mock_tuf.get_default_tags.return_value = (targets, False)
with client_with_identity('devtable', client) as cl:
params = {'repository': 'devtable/repo'}
assert tags_equal(expected, conduct_api_call(cl, RepositorySignatures, 'GET', params, None, 200).json)

18
test/test_api_security.py
View file

@ -57,7 +57,6 @@ from endpoints.api.superuser import (SuperUserLogs, SuperUserList, SuperUserMana
SuperUserRepositoryBuildResource, SuperUserRepositoryBuildStatus) SuperUserRepositoryBuildResource, SuperUserRepositoryBuildStatus)
from endpoints.api.globalmessages import GlobalUserMessage, GlobalUserMessages from endpoints.api.globalmessages import GlobalUserMessage, GlobalUserMessages
from endpoints.api.secscan import RepositoryImageSecurity, RepositoryManifestSecurity from endpoints.api.secscan import RepositoryImageSecurity, RepositoryManifestSecurity
from endpoints.api.signing import RepositorySignatures
from endpoints.api.manifest import RepositoryManifestLabels, ManageRepositoryManifestLabel from endpoints.api.manifest import RepositoryManifestLabels, ManageRepositoryManifestLabel
@ -4486,23 +4485,6 @@ class TestRepositoryManifestSecurity(ApiTestCase):
def test_get_devtable(self): def test_get_devtable(self):
self._run_test('GET', 404, 'devtable', None) self._run_test('GET', 404, 'devtable', None)
class TestRepositorySignatures(ApiTestCase):
def setUp(self):
ApiTestCase.setUp(self)
self._set_url(RepositorySignatures, repository='devtable/simple')
def test_get_anonymous(self):
self._run_test('GET', 401, None, None)
def test_get_freshuser(self):
self._run_test('GET', 403, 'freshuser', None)
def test_get_reader(self):
self._run_test('GET', 403, 'reader', None)
def test_get_devtable(self):
self._run_test('GET', 404, 'devtable', None)
class TestRepositoryManifestLabels(ApiTestCase): class TestRepositoryManifestLabels(ApiTestCase):
def setUp(self): def setUp(self):

24
test/test_api_usage.py
View file

@ -74,7 +74,6 @@ from endpoints.api.superuser import (SuperUserLogs, SuperUserList, SuperUserMana
SuperUserCustomCertificates, SuperUserCustomCertificate) SuperUserCustomCertificates, SuperUserCustomCertificate)
from endpoints.api.globalmessages import (GlobalUserMessage, GlobalUserMessages,) from endpoints.api.globalmessages import (GlobalUserMessage, GlobalUserMessages,)
from endpoints.api.secscan import RepositoryImageSecurity, RepositoryManifestSecurity from endpoints.api.secscan import RepositoryImageSecurity, RepositoryManifestSecurity
from endpoints.api.signing import RepositorySignatures
from endpoints.api.suconfig import (SuperUserRegistryStatus, SuperUserConfig, SuperUserConfigFile, from endpoints.api.suconfig import (SuperUserRegistryStatus, SuperUserConfig, SuperUserConfigFile,
SuperUserCreateInitialSuperUser) SuperUserCreateInitialSuperUser)
from endpoints.api.manifest import RepositoryManifestLabels, ManageRepositoryManifestLabel from endpoints.api.manifest import RepositoryManifestLabels, ManageRepositoryManifestLabel
@ -4507,29 +4506,6 @@ class TestRepositoryImageSecurity(ApiTestCase):
expected_code=200) expected_code=200)
class TestRepositorySignatures(ApiTestCase):
def test_get_signatures(self):
self.login(ADMIN_ACCESS_USER)
targets = {
'latest': {
'hashes': {
'sha256': 'mLmxwTyUrqIRDaz8uaBapfrp3GPERfsDg2kiMujlteo='
},
'length': 1500
},
'test_tag': {
'hashes': {
'sha256': '1234123'
},
'length': 50
}
}
with patch('app.tuf_metadata_api') as mock_tuf:
mock_tuf.get_default_tags.return_value = targets
signed_tags_response = self.getJsonResponse(RepositorySignatures, params=dict(namespace='ns', repository='repo'))
self.assertEquals(signed_tags_response, {'tags': ['latest', 'test_tag']})
class TestSuperUserCustomCertificates(ApiTestCase): class TestSuperUserCustomCertificates(ApiTestCase):

2
test/testconfig.py
View file

@ -65,6 +65,8 @@ class TestConfig(DefaultConfig):
SECURITY_SCANNER_ENGINE_VERSION_TARGET = 1 SECURITY_SCANNER_ENGINE_VERSION_TARGET = 1
SECURITY_SCANNER_API_TIMEOUT_SECONDS = 1 SECURITY_SCANNER_API_TIMEOUT_SECONDS = 1
FEATURE_SIGNING = True
SIGNING_ENGINE = 'gpg2' SIGNING_ENGINE = 'gpg2'
GPG2_PRIVATE_KEY_NAME = 'EEB32221' GPG2_PRIVATE_KEY_NAME = 'EEB32221'