Update tests
This commit is contained in:
		
							parent
							
								
									9515f18fb6
								
							
						
					
					
						commit
						1a78722521
					
				
					 6 changed files with 54 additions and 42 deletions
				
			
		|  | @ -14,6 +14,9 @@ logger = logging.getLogger(__name__) | ||||||
| def _default_signed_tags_for_repository(namespace, repository): | def _default_signed_tags_for_repository(namespace, repository): | ||||||
|   """ Fetches the tags in the targets/releases delegation, which is the one the docker client will trust. """ |   """ Fetches the tags in the targets/releases delegation, which is the one the docker client will trust. """ | ||||||
|   tag_data, _ = tuf_metadata_api.get_default_tags(namespace, repository) |   tag_data, _ = tuf_metadata_api.get_default_tags(namespace, repository) | ||||||
|  |   if not tag_data: | ||||||
|  |     return {'tags': None} | ||||||
|  | 
 | ||||||
|   return { |   return { | ||||||
|     'tags': tag_data.keys() |     'tags': tag_data.keys() | ||||||
|   } |   } | ||||||
|  |  | ||||||
|  | @ -5,6 +5,7 @@ from endpoints.api.team import OrganizationTeamSyncing | ||||||
| from endpoints.api.test.shared import client_with_identity, conduct_api_call | from endpoints.api.test.shared import client_with_identity, conduct_api_call | ||||||
| from endpoints.api.superuser import SuperUserRepositoryBuildLogs, SuperUserRepositoryBuildResource | from endpoints.api.superuser import SuperUserRepositoryBuildLogs, SuperUserRepositoryBuildResource | ||||||
| from endpoints.api.superuser import SuperUserRepositoryBuildStatus | from endpoints.api.superuser import SuperUserRepositoryBuildStatus | ||||||
|  | from endpoints.api.signing import RepositorySignatures | ||||||
| from test.fixtures import app, appconfig, database_uri, init_db_path, sqlitedb_file | from test.fixtures import app, appconfig, database_uri, init_db_path, sqlitedb_file | ||||||
| 
 | 
 | ||||||
| TEAM_PARAMS = {'orgname': 'buynlarge', 'teamname': 'owners'} | TEAM_PARAMS = {'orgname': 'buynlarge', 'teamname': 'owners'} | ||||||
|  | @ -35,6 +36,11 @@ BUILD_PARAMS = {'build_uuid': 'test-1234'} | ||||||
|   (SuperUserRepositoryBuildResource, 'GET', BUILD_PARAMS, None, 'freshuser', 403), |   (SuperUserRepositoryBuildResource, 'GET', BUILD_PARAMS, None, 'freshuser', 403), | ||||||
|   (SuperUserRepositoryBuildResource, 'GET', BUILD_PARAMS, None, 'reader', 403), |   (SuperUserRepositoryBuildResource, 'GET', BUILD_PARAMS, None, 'reader', 403), | ||||||
|   (SuperUserRepositoryBuildResource, 'GET', BUILD_PARAMS, None,  'devtable', 404), |   (SuperUserRepositoryBuildResource, 'GET', BUILD_PARAMS, None,  'devtable', 404), | ||||||
|  |    | ||||||
|  |   (RepositorySignatures, 'GET', 401, None, None), | ||||||
|  |   (RepositorySignatures, 'GET', 403, 'freshuser', None), | ||||||
|  |   (RepositorySignatures, 'GET', 403, 'reader', None), | ||||||
|  |   (RepositorySignatures, 'GET', 404, 'devtable', None), | ||||||
| ]) | ]) | ||||||
| def test_api_security(resource, method, params, body, identity, expected, client): | def test_api_security(resource, method, params, body, identity, expected, client): | ||||||
|   with client_with_identity(identity, client) as cl: |   with client_with_identity(identity, client) as cl: | ||||||
|  |  | ||||||
							
								
								
									
										43
									
								
								endpoints/api/test/test_signing.py
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										43
									
								
								endpoints/api/test/test_signing.py
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,43 @@ | ||||||
|  | from collections import Counter | ||||||
|  | 
 | ||||||
|  | import pytest | ||||||
|  | 
 | ||||||
|  | from endpoints.api.test.shared import client_with_identity, conduct_api_call | ||||||
|  | from endpoints.api.signing import RepositorySignatures | ||||||
|  | from test.fixtures import app, appconfig, database_uri, init_db_path, sqlitedb_file | ||||||
|  | from mock import patch | ||||||
|  | 
 | ||||||
|  | VALID_TARGETS = { | ||||||
|  |   'latest': { | ||||||
|  |     'hashes': { | ||||||
|  |       'sha256': 'mLmxwTyUrqIRDaz8uaBapfrp3GPERfsDg2kiMujlteo=' | ||||||
|  |     }, | ||||||
|  |     'length': 1500 | ||||||
|  |   }, | ||||||
|  |   'test_tag': { | ||||||
|  |     'hashes': { | ||||||
|  |       'sha256': '1234123' | ||||||
|  |     }, | ||||||
|  |     'length': 50 | ||||||
|  |   } | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | def tags_equal(expected, actual): | ||||||
|  |   expected_tags = expected.get('tags') | ||||||
|  |   actual_tags = actual.get('tags') | ||||||
|  |   if expected_tags and actual_tags: | ||||||
|  |     return Counter(expected_tags) == Counter(actual_tags) | ||||||
|  |   return expected == actual | ||||||
|  | 
 | ||||||
|  | @pytest.mark.parametrize('targets,expected', [ | ||||||
|  |   (VALID_TARGETS, {'tags':['latest', 'test_tag']}), | ||||||
|  |   ({'bad': 'tags'}, ({'tags': ['bad']})), | ||||||
|  |   ({}, ({'tags': None})), | ||||||
|  |   (None, ({'tags': None})),   # API returns None on exceptions | ||||||
|  | ]) | ||||||
|  | def test_get_signatures(targets, expected, client): | ||||||
|  |   with patch('endpoints.api.signing.tuf_metadata_api') as mock_tuf: | ||||||
|  |     mock_tuf.get_default_tags.return_value = (targets, False) | ||||||
|  |     with client_with_identity('devtable', client) as cl: | ||||||
|  |       params = {'repository': 'devtable/repo'} | ||||||
|  |       assert tags_equal(expected, conduct_api_call(cl, RepositorySignatures, 'GET', params, None, 200).json) | ||||||
|  | @ -57,7 +57,6 @@ from endpoints.api.superuser import (SuperUserLogs, SuperUserList, SuperUserMana | ||||||
|                                      SuperUserRepositoryBuildResource, SuperUserRepositoryBuildStatus) |                                      SuperUserRepositoryBuildResource, SuperUserRepositoryBuildStatus) | ||||||
| from endpoints.api.globalmessages import GlobalUserMessage, GlobalUserMessages | from endpoints.api.globalmessages import GlobalUserMessage, GlobalUserMessages | ||||||
| from endpoints.api.secscan import RepositoryImageSecurity, RepositoryManifestSecurity | from endpoints.api.secscan import RepositoryImageSecurity, RepositoryManifestSecurity | ||||||
| from endpoints.api.signing import RepositorySignatures |  | ||||||
| from endpoints.api.manifest import RepositoryManifestLabels, ManageRepositoryManifestLabel | from endpoints.api.manifest import RepositoryManifestLabels, ManageRepositoryManifestLabel | ||||||
| 
 | 
 | ||||||
| 
 | 
 | ||||||
|  | @ -4486,23 +4485,6 @@ class TestRepositoryManifestSecurity(ApiTestCase): | ||||||
|   def test_get_devtable(self): |   def test_get_devtable(self): | ||||||
|     self._run_test('GET', 404, 'devtable', None) |     self._run_test('GET', 404, 'devtable', None) | ||||||
| 
 | 
 | ||||||
| class TestRepositorySignatures(ApiTestCase): |  | ||||||
|   def setUp(self): |  | ||||||
|     ApiTestCase.setUp(self) |  | ||||||
|     self._set_url(RepositorySignatures, repository='devtable/simple') |  | ||||||
| 
 |  | ||||||
|   def test_get_anonymous(self): |  | ||||||
|     self._run_test('GET', 401, None, None) |  | ||||||
| 
 |  | ||||||
|   def test_get_freshuser(self): |  | ||||||
|     self._run_test('GET', 403, 'freshuser', None) |  | ||||||
| 
 |  | ||||||
|   def test_get_reader(self): |  | ||||||
|     self._run_test('GET', 403, 'reader', None) |  | ||||||
| 
 |  | ||||||
|   def test_get_devtable(self): |  | ||||||
|     self._run_test('GET', 404, 'devtable', None) |  | ||||||
| 
 |  | ||||||
| 
 | 
 | ||||||
| class TestRepositoryManifestLabels(ApiTestCase): | class TestRepositoryManifestLabels(ApiTestCase): | ||||||
|   def setUp(self): |   def setUp(self): | ||||||
|  |  | ||||||
|  | @ -74,7 +74,6 @@ from endpoints.api.superuser import (SuperUserLogs, SuperUserList, SuperUserMana | ||||||
|                                      SuperUserCustomCertificates, SuperUserCustomCertificate) |                                      SuperUserCustomCertificates, SuperUserCustomCertificate) | ||||||
| from endpoints.api.globalmessages import (GlobalUserMessage, GlobalUserMessages,) | from endpoints.api.globalmessages import (GlobalUserMessage, GlobalUserMessages,) | ||||||
| from endpoints.api.secscan import RepositoryImageSecurity, RepositoryManifestSecurity | from endpoints.api.secscan import RepositoryImageSecurity, RepositoryManifestSecurity | ||||||
| from endpoints.api.signing import RepositorySignatures |  | ||||||
| from endpoints.api.suconfig import (SuperUserRegistryStatus, SuperUserConfig, SuperUserConfigFile, | from endpoints.api.suconfig import (SuperUserRegistryStatus, SuperUserConfig, SuperUserConfigFile, | ||||||
|                                     SuperUserCreateInitialSuperUser) |                                     SuperUserCreateInitialSuperUser) | ||||||
| from endpoints.api.manifest import RepositoryManifestLabels, ManageRepositoryManifestLabel | from endpoints.api.manifest import RepositoryManifestLabels, ManageRepositoryManifestLabel | ||||||
|  | @ -4507,29 +4506,6 @@ class TestRepositoryImageSecurity(ApiTestCase): | ||||||
|                          expected_code=200) |                          expected_code=200) | ||||||
| 
 | 
 | ||||||
| 
 | 
 | ||||||
| class TestRepositorySignatures(ApiTestCase): |  | ||||||
|   def test_get_signatures(self): |  | ||||||
|     self.login(ADMIN_ACCESS_USER) |  | ||||||
|      |  | ||||||
|     targets = { |  | ||||||
|       'latest': { |  | ||||||
|         'hashes': { |  | ||||||
|           'sha256': 'mLmxwTyUrqIRDaz8uaBapfrp3GPERfsDg2kiMujlteo=' |  | ||||||
|         }, |  | ||||||
|         'length': 1500 |  | ||||||
|       }, |  | ||||||
|       'test_tag': { |  | ||||||
|         'hashes': { |  | ||||||
|           'sha256': '1234123' |  | ||||||
|         }, |  | ||||||
|         'length': 50 |  | ||||||
|       } |  | ||||||
|     } |  | ||||||
|      |  | ||||||
|     with patch('app.tuf_metadata_api') as mock_tuf:  |  | ||||||
|       mock_tuf.get_default_tags.return_value = targets |  | ||||||
|       signed_tags_response = self.getJsonResponse(RepositorySignatures, params=dict(namespace='ns', repository='repo')) |  | ||||||
|       self.assertEquals(signed_tags_response, {'tags': ['latest', 'test_tag']}) |  | ||||||
|        |        | ||||||
| 
 | 
 | ||||||
| class TestSuperUserCustomCertificates(ApiTestCase): | class TestSuperUserCustomCertificates(ApiTestCase): | ||||||
|  |  | ||||||
|  | @ -65,6 +65,8 @@ class TestConfig(DefaultConfig): | ||||||
|   SECURITY_SCANNER_ENGINE_VERSION_TARGET = 1 |   SECURITY_SCANNER_ENGINE_VERSION_TARGET = 1 | ||||||
|   SECURITY_SCANNER_API_TIMEOUT_SECONDS = 1 |   SECURITY_SCANNER_API_TIMEOUT_SECONDS = 1 | ||||||
|    |    | ||||||
|  |   FEATURE_SIGNING = True | ||||||
|  | 
 | ||||||
|   SIGNING_ENGINE = 'gpg2' |   SIGNING_ENGINE = 'gpg2' | ||||||
| 
 | 
 | ||||||
|   GPG2_PRIVATE_KEY_NAME = 'EEB32221' |   GPG2_PRIVATE_KEY_NAME = 'EEB32221' | ||||||
|  |  | ||||||
		Reference in a new issue