Merge pull request #16832 from YangJiao0817/update-cosign-testcase

Update cosign test case
2024-09-20 19:17:40 +00:00 · 2022-05-10 16:18:16 +08:00 · 2022-05-10 16:18:16 +08:00 · 4d116893be
commit 4d116893be
parent 2563cf1bfb 49ddaee603
4 changed files with 12 additions and 5 deletions
--- a/tests/resources/Cosign_Util.robot
+++ b/tests/resources/Cosign_Util.robot
@ -24,4 +24,9 @@ Cosign Generate Key Pair

 Cosign Sign
    [Arguments]  ${artifact}
-    Wait Unitl Command Success  cosign sign --allow-insecure-registry --key cosign.key ${artifact}
+    Wait Unitl Command Success  cosign sign --allow-insecure-registry --key cosign.key ${artifact}
+
+Cosign Verify
+    [Arguments]  ${artifact}  ${signed}
+    Run Keyword If  ${signed}==${true}  Wait Unitl Command Success  cosign verify --key cosign.pub ${artifact}
+    ...  ELSE  Command Should be Failed  cosign verify --key cosign.pub ${artifact}
--- a/tests/robot-cases/Group1-Nightly/Common.robot
+++ b/tests/robot-cases/Group1-Nightly/Common.robot
@ -915,9 +915,11 @@ Test Case - Cosign And Cosign Deployment Security Policy
    Go Into Project  project${d}
    Retry Double Keywords When Error  Go Into Repo  project${d}/${image}  Should Not Be Signed By Cosign  ${tag}
    Cannot Pull Image  ${ip}  ${user}  ${pwd}  project${d}  ${image}:${tag}  err_msg=The image is not signed in Cosign.
-    
    Cosign Generate Key Pair
+    Cosign Verify  ${ip}/project${d}/${image}:${tag}  ${false}
+
    Cosign Sign  ${ip}/project${d}/${image}:${tag}
+    Cosign Verify  ${ip}/project${d}/${image}:${tag}  ${true}
    Retry Double Keywords When Error  Retry Element Click  ${artifact_list_refresh_btn}  Should Be Signed By Cosign  ${tag}
    Pull image  ${ip}  ${user}  ${pwd}  project${d}  ${image}:${tag}

--- a/tests/test-engine-image/Dockerfile.common
+++ b/tests/test-engine-image/Dockerfile.common
@ -69,7 +69,7 @@ RUN pwd && mkdir /tool/binary && \
    IMGPKG_VERSION=0.22.0 && wget https://github.com/vmware-tanzu/carvel-imgpkg/releases/download/v$IMGPKG_VERSION/imgpkg-linux-amd64 && \
    mv imgpkg-linux-amd64 /tool/binary/imgpkg && chmod +x /tool/binary/imgpkg && \
    # Install cosign
-    COSIGN_VERSION=1.4.1 && wget https://github.com/sigstore/cosign/releases/download/v$COSIGN_VERSION/cosign-linux-amd64 && \
+    COSIGN_VERSION=1.8.0 && wget https://github.com/sigstore/cosign/releases/download/v$COSIGN_VERSION/cosign-linux-amd64 && \
    mv cosign-linux-amd64 /tool/binary/cosign && chmod +x /tool/binary/cosign && \
    pwd

--- a/tests/test-engine-image/Dockerfile.ui_test
+++ b/tests/test-engine-image/Dockerfile.ui_test
@ -36,8 +36,8 @@ RUN pip3 install --upgrade pip pyasn1 google-apitools==0.5.31 gsutil \
    requests dbbot robotframework-seleniumlibrary==4.3.0 robotframework-pabot \
    robotframework-JSONLibrary hurry.filesize --upgrade && \
    apt-get clean all
-# Upgrade chromedriver version to 97.0.4692.71
-RUN wget -N http://chromedriver.storage.googleapis.com/97.0.4692.71/chromedriver_linux64.zip && \
+# Upgrade chromedriver version to 101.0.4951.41
+RUN wget -N https://chromedriver.storage.googleapis.com/101.0.4951.41/chromedriver_linux64.zip && \
    unzip chromedriver_linux64.zip && \
    chmod +x chromedriver && \
    mv -f chromedriver /usr/local/share/chromedriver && \