narrow down the list of permissions for harbor robot account

cmd/kubeapps-apis/plugins/fluxv2/packages/v1alpha1/chart_integration_test.go

@@ -774,160 +774,3 @@ func TestKindClusterAvailablePackageEndpointsForOCI(t *testing.T) {
 		})
 	}
 }
-
-func TestKindClusterAvailablePackageEndpointsForOCI2(t *testing.T) {
-	fluxPluginClient, fluxPluginReposClient, err := checkEnv(t)
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	if err := setupHarborStefanProdanClone(t); err != nil {
-		t.Fatal(err)
-	}
-	harborRobotName, harborRobotSecret, err := setupHarborRobotAccount(t)
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	testCases := []struct {
-		testName    string
-		registryUrl string
-		secret      *apiv1.Secret
-	}{
-		{
-			testName:    "Testing [" + harbor_stefanprodan_podinfo_oci_registry_url + "] with basic auth secret (robot)",
-			registryUrl: harbor_stefanprodan_podinfo_oci_registry_url,
-			secret: newBasicAuthSecret(types.NamespacedName{
-				Name:      "oci-repo-secret-" + randSeq(4),
-				Namespace: "default"},
-				harborRobotName,
-				harborRobotSecret,
-			),
-		},
-	}
-
-	adminName := types.NamespacedName{
-		Name:      "test-admin-" + randSeq(4),
-		Namespace: "default",
-	}
-	grpcContext, err := newGrpcAdminContext(t, adminName)
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	for _, tc := range testCases {
-		t.Run(tc.testName, func(t *testing.T) {
-			repoName := types.NamespacedName{
-				Name:      "my-podinfo-" + randSeq(4),
-				Namespace: "default",
-			}
-
-			secretName := ""
-			if tc.secret != nil {
-				secretName = tc.secret.Name
-
-				if err := kubeCreateSecretAndCleanup(t, tc.secret); err != nil {
-					t.Fatal(err)
-				}
-			}
-
-			setUserManagedSecretsAndCleanup(t, fluxPluginReposClient, true)
-
-			if err := kubeAddHelmRepositoryAndCleanup(
-				t, repoName, "oci", tc.registryUrl, secretName, 0); err != nil {
-				t.Fatal(err)
-			}
-			// wait until this repo reaches 'Ready'
-			if err = kubeWaitUntilHelmRepositoryIsReady(t, repoName); err != nil {
-				t.Fatal(err)
-			}
-
-			grpcContext, cancel := context.WithTimeout(grpcContext, defaultContextTimeout)
-			defer cancel()
-
-			resp, err := fluxPluginClient.GetAvailablePackageSummaries(
-				grpcContext,
-				&corev1.GetAvailablePackageSummariesRequest{})
-			if err != nil {
-				t.Fatalf("%v", err)
-			}
-
-			opt1 := cmpopts.IgnoreUnexported(
-				corev1.GetAvailablePackageSummariesResponse{},
-				corev1.AvailablePackageSummary{},
-				corev1.AvailablePackageReference{},
-				corev1.Context{},
-				plugins.Plugin{},
-				corev1.PackageAppVersion{})
-			opt2 := cmpopts.SortSlices(lessAvailablePackageFunc)
-			if got, want := resp, expected_oci_stefanprodan_podinfo_available_summaries(repoName.Name); !cmp.Equal(got, want, opt1, opt2) {
-				t.Errorf("mismatch (-want +got):\n%s", cmp.Diff(want, got, opt1, opt2))
-			}
-
-			grpcContext, cancel = context.WithTimeout(grpcContext, defaultContextTimeout)
-			defer cancel()
-			resp2, err := fluxPluginClient.GetAvailablePackageVersions(
-				grpcContext, &corev1.GetAvailablePackageVersionsRequest{
-					AvailablePackageRef: &corev1.AvailablePackageReference{
-						Context: &corev1.Context{
-							Namespace: "default",
-						},
-						Identifier: repoName.Name + "/podinfo",
-					},
-				})
-			if err != nil {
-				t.Fatal(err)
-			}
-			opts := cmpopts.IgnoreUnexported(
-				corev1.GetAvailablePackageVersionsResponse{},
-				corev1.PackageAppVersion{})
-			if got, want := resp2, expected_versions_stefanprodan_podinfo; !cmp.Equal(want, got, opts) {
-				t.Errorf("mismatch (-want +got):\n%s", cmp.Diff(want, got, opts))
-			}
-
-			grpcContext, cancel = context.WithTimeout(grpcContext, defaultContextTimeout)
-			defer cancel()
-			resp3, err := fluxPluginClient.GetAvailablePackageDetail(
-				grpcContext,
-				&corev1.GetAvailablePackageDetailRequest{
-					AvailablePackageRef: &corev1.AvailablePackageReference{
-						Context: &corev1.Context{
-							Namespace: "default",
-						},
-						Identifier: repoName.Name + "/podinfo",
-					},
-				})
-			if err != nil {
-				t.Fatal(err)
-			}
-
-			compareActualVsExpectedAvailablePackageDetail(
-				t,
-				resp3.AvailablePackageDetail,
-				expected_detail_oci_stefanprodan_podinfo(repoName.Name, tc.registryUrl).AvailablePackageDetail)
-
-			// try a few older versions
-			grpcContext, cancel = context.WithTimeout(grpcContext, defaultContextTimeout)
-			defer cancel()
-			resp4, err := fluxPluginClient.GetAvailablePackageDetail(
-				grpcContext,
-				&corev1.GetAvailablePackageDetailRequest{
-					AvailablePackageRef: &corev1.AvailablePackageReference{
-						Context: &corev1.Context{
-							Namespace: "default",
-						},
-						Identifier: repoName.Name + "/podinfo",
-					},
-					PkgVersion: "6.1.6",
-				})
-			if err != nil {
-				t.Fatal(err)
-			}
-
-			compareActualVsExpectedAvailablePackageDetail(
-				t,
-				resp4.AvailablePackageDetail,
-				expected_detail_oci_stefanprodan_podinfo_2(repoName.Name, tc.registryUrl).AvailablePackageDetail)
-		})
-	}
-}

cmd/kubeapps-apis/plugins/fluxv2/packages/v1alpha1/testdata/harbor-create-robot-account.json

@@ -0,0 +1,19 @@
+{
+    "name": "$NAME",
+    "duration": 30,
+    "description": null,
+    "disable": false,
+    "level": "system",
+    "permissions": [
+      {
+        "kind": "project",
+        "namespace": "$PROJECT_NAME",
+        "access": [
+          {
+            "resource": "repository",
+            "action": "list"
+          }
+        ]
+      }
+    ]
+  }

cmd/kubeapps-apis/plugins/fluxv2/packages/v1alpha1/testdata/harbor-util.sh

@@ -179,7 +179,7 @@ function createHarborRobotAccount()
   local PROJECT_NAME=$2
 
   echo -e "Creating robot account [${L_YELLOW}$ACCOUNT_NAME${NC}] in harbor..."
-  local payload=$(sed "s/\$NAME/${ACCOUNT_NAME}/g" $SCRIPTPATH/harbor-create-account.json)
+  local payload=$(sed "s/\$NAME/${ACCOUNT_NAME}/g" $SCRIPTPATH/harbor-create-robot-account.json)
   payload=$(echo $payload | sed "s/\$PROJECT_NAME/${PROJECT_NAME}/g")
   local RESP=$(curl -L --silent --show-error \
                 -X POST \