fix tests

No-Issue

galaxy_ng/tests/integration/api/test_collection_signing.py

@@ -417,7 +417,6 @@ def test_upload_signature(require_auth, flags, galaxy_client, settings):
     5. Upload the signature to staging
     6. assert collection signature task has spawned
     """
-    # TODO: take into consideration require auth param
     if not settings.get("GALAXY_REQUIRE_CONTENT_APPROVAL"):
         pytest.skip("GALAXY_REQUIRE_CONTENT_APPROVAL is not set")
 
@@ -475,7 +474,7 @@ def test_upload_signature(require_auth, flags, galaxy_client, settings):
         repo_href = get_repository_href(gc, "staging")
         signature_file = open(signature_filename, "rb")
         response = requests.post(
-            gc.galaxy_root + "content/ansible/collection_signatures/",
+            gc.galaxy_root + "pulp/api/v3/content/ansible/collection_signatures/",
             files={"file": signature_file},
             data={
                 "repository": repo_href,

galaxy_ng/tests/integration/api/test_container_signing.py

@@ -3,12 +3,13 @@
 See: https://issues.redhat.com/browse/AAH-1358
 """
 import subprocess
+import time
 from urllib.parse import urlparse
 
 import pytest
 
-from galaxy_ng.tests.integration.utils.iqe_utils import pull_and_tag_test_image, \
-    remove_from_cache
+from galaxy_ng.tests.integration.utils import get_client
+from galaxy_ng.tests.integration.utils.iqe_utils import pull_and_tag_test_image
 from galaxykit.container_images import get_container
 from galaxykit.utils import wait_for_task
 
@@ -19,15 +20,8 @@ def flags(galaxy_client):
     return gc.get("_ui/v1/feature-flags/")
 
 
-@pytest.mark.parametrize(
-    "require_auth",
-    [
-        True,
-        False,
-    ],
-)
 @pytest.mark.deployment_standalone
-def test_push_and_sign_a_container(ansible_config, flags, require_auth, galaxy_client):
+def test_gw_push_and_sign_a_container(ansible_config, flags, galaxy_client):
     can_sign = flags.get("container_signing")
     if not can_sign:
         pytest.skip("GALAXY_CONTAINER_SIGNING_SERVICE is not configured")
@@ -57,13 +51,6 @@ def test_push_and_sign_a_container(ansible_config, flags, require_auth, galaxy_c
 
     # Get an API client running with admin user credentials
     gc = galaxy_client("admin")
-    if not require_auth:
-        try:
-            del gc.headers["Authorization"]
-        except KeyError:
-            gc.gw_client.logout()
-        remove_from_cache("admin")
-
     # Get the pulp_href for the pushed image
     image = gc.get("pulp/api/v3/repositories/container/container-push/?name=alpine", relogin=False)
     container_href = image["results"][0]["pulp_href"]
@@ -88,3 +75,80 @@ def test_push_and_sign_a_container(ansible_config, flags, require_auth, galaxy_c
     ee = get_container(gc, "alpine")
     # Check the sign state is set on the UI API
     assert ee["pulp"]["repository"]["sign_state"] == "signed"
+
+
+@pytest.mark.parametrize(
+    "require_auth",
+    [
+        True,
+        False,
+    ],
+)
+@pytest.mark.deployment_standalone
+@pytest.mark.skip_in_gw
+def test_push_and_sign_a_container(ansible_config, flags, require_auth, galaxy_client):
+    can_sign = flags.get("container_signing")
+    if not can_sign:
+        pytest.skip("GALAXY_CONTAINER_SIGNING_SERVICE is not configured")
+
+    config = ansible_config("admin")
+    url = config['url']
+    parsed_url = urlparse(url)
+    cont_reg = parsed_url.netloc
+
+    container_engine = config["container_engine"]
+
+    # Pull alpine image
+    pull_and_tag_test_image(container_engine, cont_reg)
+
+    # Login to local registry with tls verify disabled
+    cmd = [container_engine, "login", "-u", f"{config['username']}", "-p",
+           f"{config['password']}", f"{config['url'].split(parsed_url.path)[0]}"]
+    if container_engine == 'podman':
+        cmd.append("--tls-verify=false")
+    subprocess.check_call(cmd)
+
+    # Push image to local registry
+    cmd = [container_engine, "push", f"{cont_reg}/alpine:latest"]
+    if container_engine == 'podman':
+        cmd.append("--tls-verify=false")
+    subprocess.check_call(cmd)
+
+    # Get an API client running with admin user credentials
+    client = get_client(
+        config=ansible_config("admin"),
+        request_token=True,
+        require_auth=require_auth
+    )
+    api_prefix = client.config.get("api_prefix").rstrip("/")
+
+    # Get the pulp_href for the pushed image
+    image = client(
+        f"{api_prefix}/pulp/api/v3/repositories/container/container-push/?name=alpine"
+    )
+    container_href = image["results"][0]["pulp_href"]
+
+    # Get the pulp_href for signing service
+    signing_service = client(
+        f"{api_prefix}/pulp/api/v3/signing-services/?name=container-default"
+    )
+    ss_href = signing_service["results"][0]["pulp_href"]
+
+    # Sign the image
+    client(f"{container_href}/sign/", method="POST",
+           args={"manifest_signing_service": ss_href})
+
+    # sleep 2 second2
+    time.sleep(2)
+
+    repo = client(container_href)
+    latest_version_href = repo["latest_version_href"]
+
+    # Check the image is signed on the latest version
+    latest_version = client(latest_version_href)
+    assert latest_version["content_summary"]["added"]["container.signature"]["count"] > 0
+
+    gc = galaxy_client("admin")
+    ee = get_container(gc, "alpine")
+    # Check the sign state is set on the UI API
+    assert ee["pulp"]["repository"]["sign_state"] == "signed"

galaxy_ng/tests/integration/api/test_pulp_api.py

@@ -6,13 +6,19 @@
 from jsonschema import validate as validate_json
 
 from galaxykit.utils import wait_for_task, GalaxyClientError
+from .rbac_actions.utils import ReusableLocalContainer
 from ..schemas import schema_pulp_objectlist, schema_pulp_roledetail, schema_task_detail
 from ..utils import get_client
 from ..utils.rbac_utils import create_emtpy_local_image_container
 
 REGEX_40X = r"HTTP Code: 40\d"
 
 
+@pytest.fixture
+def local_container():
+    return ReusableLocalContainer('int_tests')
+
+
 @pytest.mark.deployment_standalone
 @pytest.mark.pulp_api
 @pytest.mark.min_hub_version("4.6dev")