From 9eb79d302c452bf7071fd6ddf03c433874454320 Mon Sep 17 00:00:00 2001 From: Gerrod Ubben Date: Wed, 5 Feb 2025 16:53:28 -0500 Subject: [PATCH] Remove pulp-smash in test_sign_manifests and test_token_authentication --- .../functional/api/test_sign_manifests.py | 3 +- .../api/test_token_authentication.py | 116 +++++------------- 2 files changed, 32 insertions(+), 87 deletions(-) diff --git a/pulp_container/tests/functional/api/test_sign_manifests.py b/pulp_container/tests/functional/api/test_sign_manifests.py index 225597c80..cec2be0a7 100644 --- a/pulp_container/tests/functional/api/test_sign_manifests.py +++ b/pulp_container/tests/functional/api/test_sign_manifests.py @@ -1,7 +1,5 @@ import pytest -from pulp_smash.pulp3.bindings import monitor_task - from pulpcore.client.pulp_container import RepositorySign from pulp_container.constants import SIGNATURE_TYPE @@ -31,6 +29,7 @@ def test_sign_manifest( container_signature_api, container_tag_api, container_manifest_api, + monitor_task, ): """Test whether a user can sign a manifest by leveraging a signing service.""" _, _, keyid = signing_gpg_metadata diff --git a/pulp_container/tests/functional/api/test_token_authentication.py b/pulp_container/tests/functional/api/test_token_authentication.py index d142b5241..a21e60d11 100644 --- a/pulp_container/tests/functional/api/test_token_authentication.py +++ b/pulp_container/tests/functional/api/test_token_authentication.py @@ -1,39 +1,19 @@ """Tests for token authentication.""" +import pytest import aiohttp import asyncio -import unittest -from urllib.parse import urljoin, urlparse +from urllib.parse import urljoin import requests -from pulp_smash import api, config, cli -from pulp_smash.pulp3.bindings import delete_orphans, monitor_task -from pulp_smash.pulp3.utils import gen_repo, gen_distribution - from pulp_container.tests.functional.utils import ( - gen_container_remote, - gen_container_client, get_auth_for_url, ) -from pulp_container.tests.functional.constants import ( - CONTAINER_TAG_PATH, - PULP_FIXTURE_1, -) from pulp_container.constants import MEDIA_TYPE -from pulpcore.client.pulp_container import ( - ContainerContainerDistribution, - ContainerContainerRepository, - ContainerContainerRemote, - ContainerRepositorySyncURL, - DistributionsContainerApi, - RepositoriesContainerApi, - RemotesContainerApi, -) - -class TokenAuthenticationTestCase(unittest.TestCase): +class TokenAuthenticationTestCase: """ A test case for authenticating users via Bearer token. @@ -42,42 +22,24 @@ class TokenAuthenticationTestCase(unittest.TestCase): * `Pulp #4938 `_ """ - @classmethod - def setUpClass(cls): - """Create class wide-variables.""" - cls.cfg = config.get_config() - cls.client = api.Client(cls.cfg, api.page_handler) - - api_client = gen_container_client() - cls.repositories_api = RepositoriesContainerApi(api_client) - cls.remotes_api = RemotesContainerApi(api_client) - cls.distributions_api = DistributionsContainerApi(api_client) - - cls.repository = cls.repositories_api.create(ContainerContainerRepository(**gen_repo())) - - remote_data = gen_container_remote(upstream_name=PULP_FIXTURE_1) - cls.remote = cls.remotes_api.create(ContainerContainerRemote(**remote_data)) - - sync_data = ContainerRepositorySyncURL(remote=cls.remote.pulp_href) - sync_response = cls.repositories_api.sync(cls.repository.pulp_href, sync_data) - monitor_task(sync_response.task) - - distribution_data = gen_distribution(repository=cls.repository.pulp_href) - distribution_response = cls.distributions_api.create( - ContainerContainerDistribution(**distribution_data) - ) - created_resources = monitor_task(distribution_response.task).created_resources - cls.distribution = cls.distributions_api.read(created_resources[0]) - - @classmethod - def tearDownClass(cls): - """Clean generated resources.""" - cls.repositories_api.delete(cls.repository.pulp_href) - cls.remotes_api.delete(cls.remote.pulp_href) - cls.distributions_api.delete(cls.distribution.pulp_href) - delete_orphans() - - def test_pull_image_with_raw_http_requests(self): + @pytest.fixture(scope="class") + def setup( + self, + container_repo, + container_remote, + container_sync, + container_distribution_factory, + container_bindings, + ): + container_sync(container_repo, container_remote) + distro = container_distribution_factory(repository=container_repo.pulp_href) + tag_response = container_bindings.ContentTagsApi.list(name="manifest_a") + tagged_manifest_href = tag_response.results[0].tagged_manifest + manifest = container_bindings.ContentManifestsApi.read(tagged_manifest_href) + config_blob = container_bindings.ContentBlobsApi.read(manifest.config_blob) + return distro, config_blob + + def test_pull_image_with_raw_http_requests(self, setup, bindings_cfg): """ Test if a content was pulled from a registry by using raw HTTP requests. @@ -85,35 +47,30 @@ def test_pull_image_with_raw_http_requests(self): Bearer token. The generated Bearer token is afterwards used to pull the image. All requests are sent via aiohttp modules. """ - image_path = "/v2/{}/manifests/{}".format(self.distribution.base_path, "manifest_a") - latest_image_url = urljoin(self.cfg.get_base_url(), image_path) + distro, config_blob = setup + image_path = f"/v2/{distro.base_path}/manifests/manifest_a" + latest_image_url = urljoin(bindings_cfg.host, image_path) auth = get_auth_for_url(latest_image_url) content_response = requests.get( latest_image_url, auth=auth, headers={"Accept": MEDIA_TYPE.MANIFEST_V2} ) content_response.raise_for_status() - self.compare_config_blob_digests(content_response.json()["config"]["digest"]) + assert content_response.json()["config"]["digest"] == config_blob.digest - def test_pull_image_with_real_container_client(self): + def test_pull_image_with_real_container_client(self, setup, local_registry): """ Test if a CLI client is able to pull an image from an authenticated registry. This test checks if ordinary clients, like docker, or podman, are able to pull the image from a secured registry. """ - registry = cli.RegistryClient(self.cfg) - registry.raise_if_unsupported(unittest.SkipTest, "Test requires podman/docker") - - image_url = urljoin(self.cfg.get_base_url(), self.distribution.base_path) - image_with_tag = f"{image_url}:manifest_a" + distro, config_blob = setup + image_with_tag = f"{distro.base_path}:manifest_a" - registry_name = urlparse(self.cfg.get_base_url()).netloc - admin_user, admin_password = self.cfg.pulp_auth - registry.login("-u", admin_user, "-p", admin_password, registry_name) - registry.pull(image_with_tag) + local_registry.pull(image_with_tag) - image = registry.inspect(image_with_tag) + image = local_registry.inspect(image_with_tag) # The docker client returns a different Id compared to an Id returned by the podman client. # 'Id': 'sha256:d21d863f69b5de1a973a41344488f2ec89a625f2624195f51b4e2d54a97fc53b' (docker) @@ -126,18 +83,7 @@ def test_pull_image_with_real_container_client(self): else: image_digest = "sha256:" + image_id - self.compare_config_blob_digests(image_digest) - - def compare_config_blob_digests(self, pulled_manifest_digest): - """Check if a valid config was pulled from a registry.""" - tags_by_name_url = f"{CONTAINER_TAG_PATH}?name=manifest_a" - tag_response = self.client.get(tags_by_name_url) - - tagged_manifest_href = tag_response[0]["tagged_manifest"] - manifest_response = self.client.get(tagged_manifest_href) - - config_blob_response = self.client.get(manifest_response["config_blob"]) - self.assertEqual(pulled_manifest_digest, config_blob_response["digest"]) + assert image_digest == config_blob.digest def test_invalid_user(pulp_settings, local_registry):