From a2b88f4bc3dcf0f865c32e912dd566fd6e693c57 Mon Sep 17 00:00:00 2001 From: Jan Richter Date: Tue, 27 Feb 2024 12:28:22 +0100 Subject: [PATCH] [e2e-tests] Add security scan check to quay plugin suite --- .../playwright/e2e/plugins/quay/quay.spec.ts | 41 ++++++++++++++++--- e2e-tests/playwright/utils/quay/quay.ts | 35 +++++++++++++++- 2 files changed, 70 insertions(+), 6 deletions(-) diff --git a/e2e-tests/playwright/e2e/plugins/quay/quay.spec.ts b/e2e-tests/playwright/e2e/plugins/quay/quay.spec.ts index 11083e7223..a1375b8975 100644 --- a/e2e-tests/playwright/e2e/plugins/quay/quay.spec.ts +++ b/e2e-tests/playwright/e2e/plugins/quay/quay.spec.ts @@ -1,18 +1,25 @@ -import { test } from '@playwright/test'; +import { Page, test, chromium, firefox, expect } from '@playwright/test'; import { UIhelper } from '../../../utils/UIhelper'; import { Common } from '../../../utils/Common'; import { ImageRegistry } from '../../../utils/quay/quay'; +import { UIhelperPO } from '../../../support/pageObjects/global-obj'; -test.describe('Test Quay.io plugin', () => { +test.describe.serial('Test Quay.io plugin', () => { + let page: Page; + let uiHelper: UIhelper; const QUAY_REPOSITORY = 'janus-idp/backstage-showcase'; - test.beforeEach(async ({ page }) => { + test.beforeAll(async ({ browserName }) => { + const browserType = browserName === 'firefox' ? firefox : chromium; + const browser = await browserType.launch(); + page = await browser.newPage(); + + uiHelper = new UIhelper(page); const common = new Common(page); await common.loginAsGuest(); }); - test('Check if Image Registry is present', async ({ page }) => { - const uiHelper = new UIhelper(page); + test('Check if Image Registry is present', async () => { await uiHelper.openSidebar('Catalog'); await uiHelper.selectMuiBox('Kind', 'Component'); await uiHelper.clickLink('backstage-janus'); @@ -25,4 +32,28 @@ test.describe('Test Quay.io plugin', () => { const allCellsIdentifier = ImageRegistry.getAllCellsIdentifier(); await uiHelper.verifyCellsInTable(allCellsIdentifier); }); + + test('Check Security Scan details', async () => { + const cell = page + .locator(UIhelperPO.MuiTableCell) + .filter({ hasText: ImageRegistry.securityScanRegex() }) + .first(); + const resultText = await cell.textContent(); + + if (resultText.includes('unsupported')) { + await expect(cell.getByRole('link')).toHaveCount(0); + } else { + await cell.getByRole('link').click(); + await uiHelper.verifyHeading('Vulnerabilities for sha256:'); + await uiHelper.verifyColumnHeading(ImageRegistry.getAllScanColumnsText()); + + if (resultText.includes('Passed')) { + await expect(page.getByText('No records to display')).toBeVisible(); + } else { + await uiHelper.verifyCellsInTable( + ImageRegistry.getScanCellsIdentifier(), + ); + } + } + }); }); diff --git a/e2e-tests/playwright/utils/quay/quay.ts b/e2e-tests/playwright/utils/quay/quay.ts index 59106c4deb..5ad9391b86 100644 --- a/e2e-tests/playwright/utils/quay/quay.ts +++ b/e2e-tests/playwright/utils/quay/quay.ts @@ -11,7 +11,15 @@ export class ImageRegistry { '^(Mon|Tue|Wed|Thu|Fri|Sat|Sun), \\d{1,2} (Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec) \\d{4} \\d{1,2}:\\d{2}:\\d{2} [\\+\\-]\\d{4}$'; const expiresRegex = new RegExp(expires); const manifest = /sha256/; - return [tagText, lastModifiedDate, size, expiresRegex, manifest]; + + return [ + tagText, + lastModifiedDate, + this.securityScanRegex(), + size, + expiresRegex, + manifest, + ]; } static getAllGridColumnsText() { @@ -24,4 +32,29 @@ export class ImageRegistry { 'Manifest', ]; } + + static securityScanRegex() { + const securityScan = ['Critical', 'High', 'Medium', 'Low', 'Unknown'].map( + i => `(${i}:\\s\\d+[^\\w]*)?`, + ); + return new RegExp(`^(Passed|unsupported|${securityScan.join('')})$`); + } + + static getAllScanColumnsText() { + return [ + 'Advisory', + 'Severity', + 'Package Name', + 'Current Version', + 'Fixed By', + ]; + } + + static getScanCellsIdentifier() { + const advisory = /^(CVE|RHSA)-.+/; + const severity = /Critical|High|Medium|Low|Unknown/; + const version = /^(\d+:)?\d+\.\d+/; + + return [advisory, severity, version]; + } }