2018-10-18 18:01:31 +02:00
|
|
|
// Copyright 2018 Project Harbor Authors
|
2017-04-13 12:54:58 +02:00
|
|
|
//
|
|
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
// you may not use this file except in compliance with the License.
|
|
|
|
// You may obtain a copy of the License at
|
|
|
|
//
|
|
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
//
|
|
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
// See the License for the specific language governing permissions and
|
|
|
|
// limitations under the License.
|
2016-04-11 10:43:13 +02:00
|
|
|
|
|
|
|
package main
|
|
|
|
|
|
|
|
import (
|
2018-08-16 16:31:47 +02:00
|
|
|
"encoding/gob"
|
2016-04-11 10:43:13 +02:00
|
|
|
"fmt"
|
2019-08-22 10:11:37 +02:00
|
|
|
"os"
|
|
|
|
"os/signal"
|
|
|
|
"strconv"
|
|
|
|
"syscall"
|
|
|
|
"time"
|
|
|
|
|
2016-09-13 11:41:32 +02:00
|
|
|
"github.com/astaxie/beego"
|
|
|
|
_ "github.com/astaxie/beego/session/redis"
|
2018-08-23 09:02:20 +02:00
|
|
|
"github.com/goharbor/harbor/src/common/dao"
|
2019-08-07 14:30:26 +02:00
|
|
|
"github.com/goharbor/harbor/src/common/job"
|
2018-08-23 09:02:20 +02:00
|
|
|
"github.com/goharbor/harbor/src/common/models"
|
2019-08-12 10:46:01 +02:00
|
|
|
common_quota "github.com/goharbor/harbor/src/common/quota"
|
2018-09-12 08:38:29 +02:00
|
|
|
"github.com/goharbor/harbor/src/common/utils"
|
|
|
|
"github.com/goharbor/harbor/src/common/utils/log"
|
|
|
|
"github.com/goharbor/harbor/src/core/api"
|
2019-10-22 12:47:18 +02:00
|
|
|
quota "github.com/goharbor/harbor/src/core/api/quota"
|
|
|
|
_ "github.com/goharbor/harbor/src/core/api/quota/chart"
|
|
|
|
_ "github.com/goharbor/harbor/src/core/api/quota/registry"
|
2019-01-11 11:16:50 +01:00
|
|
|
_ "github.com/goharbor/harbor/src/core/auth/authproxy"
|
2018-09-12 08:38:29 +02:00
|
|
|
_ "github.com/goharbor/harbor/src/core/auth/db"
|
|
|
|
_ "github.com/goharbor/harbor/src/core/auth/ldap"
|
2019-09-17 03:52:34 +02:00
|
|
|
_ "github.com/goharbor/harbor/src/core/auth/oidc"
|
2018-09-12 08:38:29 +02:00
|
|
|
_ "github.com/goharbor/harbor/src/core/auth/uaa"
|
|
|
|
"github.com/goharbor/harbor/src/core/config"
|
|
|
|
"github.com/goharbor/harbor/src/core/filter"
|
2019-06-20 13:33:23 +02:00
|
|
|
"github.com/goharbor/harbor/src/core/middlewares"
|
2019-08-07 14:30:26 +02:00
|
|
|
_ "github.com/goharbor/harbor/src/core/notifier/topic"
|
2018-09-12 08:38:29 +02:00
|
|
|
"github.com/goharbor/harbor/src/core/service/token"
|
2019-08-07 14:30:26 +02:00
|
|
|
"github.com/goharbor/harbor/src/pkg/notification"
|
2019-10-17 06:00:51 +02:00
|
|
|
"github.com/goharbor/harbor/src/pkg/scan"
|
|
|
|
"github.com/goharbor/harbor/src/pkg/scan/dao/scanner"
|
2019-10-22 12:47:18 +02:00
|
|
|
"github.com/goharbor/harbor/src/pkg/scan/event"
|
2019-07-19 13:44:11 +02:00
|
|
|
"github.com/goharbor/harbor/src/pkg/scheduler"
|
2019-08-12 10:46:01 +02:00
|
|
|
"github.com/goharbor/harbor/src/pkg/types"
|
2019-04-12 16:38:56 +02:00
|
|
|
"github.com/goharbor/harbor/src/replication"
|
2016-04-11 10:43:13 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
const (
|
|
|
|
adminUserID = 1
|
|
|
|
)
|
|
|
|
|
|
|
|
func updateInitPassword(userID int, password string) error {
|
|
|
|
queryUser := models.User{UserID: userID}
|
|
|
|
user, err := dao.GetUser(queryUser)
|
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("Failed to get user, userID: %d %v", userID, err)
|
|
|
|
}
|
|
|
|
if user == nil {
|
2016-11-14 07:46:20 +01:00
|
|
|
return fmt.Errorf("user id: %d does not exist", userID)
|
2016-04-11 10:43:13 +02:00
|
|
|
}
|
|
|
|
if user.Salt == "" {
|
2016-09-13 11:41:32 +02:00
|
|
|
salt := utils.GenerateRandomString()
|
2016-04-11 10:43:13 +02:00
|
|
|
|
|
|
|
user.Salt = salt
|
|
|
|
user.Password = password
|
|
|
|
err = dao.ChangeUserPassword(*user)
|
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("Failed to update user encrypted password, userID: %d, err: %v", userID, err)
|
|
|
|
}
|
|
|
|
|
2019-08-06 15:56:18 +02:00
|
|
|
log.Infof("User id: %d updated its encrypted password successfully.", userID)
|
2016-04-11 10:43:13 +02:00
|
|
|
} else {
|
|
|
|
log.Infof("User id: %d already has its encrypted password.", userID)
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2019-08-09 11:02:21 +02:00
|
|
|
// Quota migration
|
|
|
|
func quotaSync() error {
|
fix quota migration still execute on launch even data sync success
This commit is to fix the issue for the following scenario:
1, user success migrate harbor to v1.9.0 from a previous version
2, add a project, push images into the project.
3, delete images and then to delete the project.
4, re-launch harbor.
After that, it still execute the quota migration as the condition doesn't consider the deleted projects usage.
And in this case, the harbor core crashes with a duplicate sql err, and unable to launch.
[Workaroud]
Clean table of project_blob with: TRUNCATE TABLE project_blob, and re-launch harbor, wait for quota sync success.
Signed-off-by: wang yan <wangyan@vmware.com>
2019-10-10 19:25:17 +02:00
|
|
|
projects, err := dao.GetProjects(nil)
|
2019-08-09 11:02:21 +02:00
|
|
|
if err != nil {
|
fix quota migration still execute on launch even data sync success
This commit is to fix the issue for the following scenario:
1, user success migrate harbor to v1.9.0 from a previous version
2, add a project, push images into the project.
3, delete images and then to delete the project.
4, re-launch harbor.
After that, it still execute the quota migration as the condition doesn't consider the deleted projects usage.
And in this case, the harbor core crashes with a duplicate sql err, and unable to launch.
[Workaroud]
Clean table of project_blob with: TRUNCATE TABLE project_blob, and re-launch harbor, wait for quota sync success.
Signed-off-by: wang yan <wangyan@vmware.com>
2019-10-10 19:25:17 +02:00
|
|
|
log.Errorf("list project error, %v", err)
|
2019-08-09 11:02:21 +02:00
|
|
|
return err
|
|
|
|
}
|
fix quota migration still execute on launch even data sync success
This commit is to fix the issue for the following scenario:
1, user success migrate harbor to v1.9.0 from a previous version
2, add a project, push images into the project.
3, delete images and then to delete the project.
4, re-launch harbor.
After that, it still execute the quota migration as the condition doesn't consider the deleted projects usage.
And in this case, the harbor core crashes with a duplicate sql err, and unable to launch.
[Workaroud]
Clean table of project_blob with: TRUNCATE TABLE project_blob, and re-launch harbor, wait for quota sync success.
Signed-off-by: wang yan <wangyan@vmware.com>
2019-10-10 19:25:17 +02:00
|
|
|
|
|
|
|
var pids []string
|
|
|
|
for _, project := range projects {
|
|
|
|
pids = append(pids, strconv.FormatInt(project.ProjectID, 10))
|
|
|
|
}
|
|
|
|
usages, err := dao.ListQuotaUsages(&models.QuotaUsageQuery{Reference: "project", ReferenceIDs: pids})
|
2019-08-09 11:02:21 +02:00
|
|
|
if err != nil {
|
fix quota migration still execute on launch even data sync success
This commit is to fix the issue for the following scenario:
1, user success migrate harbor to v1.9.0 from a previous version
2, add a project, push images into the project.
3, delete images and then to delete the project.
4, re-launch harbor.
After that, it still execute the quota migration as the condition doesn't consider the deleted projects usage.
And in this case, the harbor core crashes with a duplicate sql err, and unable to launch.
[Workaroud]
Clean table of project_blob with: TRUNCATE TABLE project_blob, and re-launch harbor, wait for quota sync success.
Signed-off-by: wang yan <wangyan@vmware.com>
2019-10-10 19:25:17 +02:00
|
|
|
log.Errorf("list quota usage error, %v", err)
|
2019-08-09 11:02:21 +02:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2019-08-12 10:46:01 +02:00
|
|
|
// The condition handles these two cases:
|
|
|
|
// 1, len(project) > 1 && len(usages) == 1. existing projects without usage, as we do always has 'library' usage in DB.
|
|
|
|
// 2, migration fails at the phase of inserting usage into DB, and parts of them are inserted successfully.
|
|
|
|
if len(projects) != len(usages) {
|
2019-08-09 11:02:21 +02:00
|
|
|
log.Info("Start to sync quota data .....")
|
|
|
|
if err := quota.Sync(config.GlobalProjectMgr, true); err != nil {
|
2019-08-12 10:46:01 +02:00
|
|
|
log.Errorf("Fail to sync quota data, %v", err)
|
2019-08-09 11:02:21 +02:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
log.Info("Success to sync quota data .....")
|
2019-08-12 10:46:01 +02:00
|
|
|
return nil
|
2019-08-09 11:02:21 +02:00
|
|
|
}
|
|
|
|
|
2019-08-12 10:46:01 +02:00
|
|
|
// Only has one project without usage
|
|
|
|
zero := common_quota.ResourceList{
|
|
|
|
common_quota.ResourceCount: 0,
|
|
|
|
common_quota.ResourceStorage: 0,
|
|
|
|
}
|
|
|
|
if len(projects) == 1 && len(usages) == 1 {
|
|
|
|
totalRepo, err := dao.GetTotalOfRepositories()
|
|
|
|
if totalRepo == 0 {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
refID, err := strconv.ParseInt(usages[0].ReferenceID, 10, 64)
|
|
|
|
if err != nil {
|
|
|
|
log.Error(err)
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
usedRes, err := types.NewResourceList(usages[0].Used)
|
|
|
|
if err != nil {
|
|
|
|
log.Error(err)
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
if types.Equals(usedRes, zero) && refID == projects[0].ProjectID {
|
|
|
|
log.Info("Start to sync quota data .....")
|
|
|
|
if err := quota.Sync(config.GlobalProjectMgr, true); err != nil {
|
|
|
|
log.Errorf("Fail to sync quota data, %v", err)
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
log.Info("Success to sync quota data .....")
|
|
|
|
}
|
|
|
|
}
|
2019-08-09 11:02:21 +02:00
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2019-08-22 10:11:37 +02:00
|
|
|
func gracefulShutdown(closing, done chan struct{}) {
|
2019-01-28 09:39:07 +01:00
|
|
|
signals := make(chan os.Signal, 1)
|
|
|
|
signal.Notify(signals, syscall.SIGINT, syscall.SIGTERM, syscall.SIGQUIT)
|
|
|
|
log.Infof("capture system signal %s, to close \"closing\" channel", <-signals)
|
|
|
|
close(closing)
|
2019-08-22 10:11:37 +02:00
|
|
|
select {
|
|
|
|
case <-done:
|
|
|
|
log.Infof("Goroutines exited normally")
|
|
|
|
case <-time.After(time.Second * 3):
|
|
|
|
log.Infof("Timeout waiting goroutines to exit")
|
|
|
|
}
|
|
|
|
os.Exit(0)
|
2019-01-28 09:39:07 +01:00
|
|
|
}
|
|
|
|
|
2016-04-11 10:43:13 +02:00
|
|
|
func main() {
|
|
|
|
beego.BConfig.WebConfig.Session.SessionOn = true
|
2018-11-29 08:18:15 +01:00
|
|
|
beego.BConfig.WebConfig.Session.SessionName = "sid"
|
2019-08-22 10:11:37 +02:00
|
|
|
|
2016-07-27 14:12:53 +02:00
|
|
|
redisURL := os.Getenv("_REDIS_URL")
|
|
|
|
if len(redisURL) > 0 {
|
2018-08-16 16:31:47 +02:00
|
|
|
gob.Register(models.User{})
|
2016-07-27 14:12:53 +02:00
|
|
|
beego.BConfig.WebConfig.Session.SessionProvider = "redis"
|
|
|
|
beego.BConfig.WebConfig.Session.SessionProviderConfig = redisURL
|
|
|
|
}
|
2016-04-25 08:31:05 +02:00
|
|
|
beego.AddTemplateExt("htm")
|
2016-09-13 11:41:32 +02:00
|
|
|
|
2016-12-30 11:04:01 +01:00
|
|
|
log.Info("initializing configurations...")
|
|
|
|
if err := config.Init(); err != nil {
|
|
|
|
log.Fatalf("failed to initialize configurations: %v", err)
|
|
|
|
}
|
|
|
|
log.Info("configurations initialization completed")
|
2017-02-26 12:53:13 +01:00
|
|
|
token.InitCreators()
|
2016-12-30 11:04:01 +01:00
|
|
|
database, err := config.Database()
|
|
|
|
if err != nil {
|
|
|
|
log.Fatalf("failed to get database configuration: %v", err)
|
|
|
|
}
|
2019-02-18 08:20:45 +01:00
|
|
|
if err := dao.InitAndUpgradeDatabase(database); err != nil {
|
2016-12-30 11:04:01 +01:00
|
|
|
log.Fatalf("failed to initialize database: %v", err)
|
|
|
|
}
|
2019-01-09 10:40:27 +01:00
|
|
|
if err := config.Load(); err != nil {
|
|
|
|
log.Fatalf("failed to load config: %v", err)
|
|
|
|
}
|
2016-12-30 11:04:01 +01:00
|
|
|
|
2019-07-19 13:44:11 +02:00
|
|
|
// init the jobservice client
|
|
|
|
job.Init()
|
2019-07-29 09:32:35 +02:00
|
|
|
// init the scheduler
|
|
|
|
scheduler.Init()
|
2019-07-19 13:44:11 +02:00
|
|
|
|
2016-12-30 11:04:01 +01:00
|
|
|
password, err := config.InitialAdminPassword()
|
|
|
|
if err != nil {
|
2019-08-06 15:56:18 +02:00
|
|
|
log.Fatalf("failed to get admin's initial password: %v", err)
|
2016-12-30 11:04:01 +01:00
|
|
|
}
|
|
|
|
if err := updateInitPassword(adminUserID, password); err != nil {
|
2016-04-11 10:43:13 +02:00
|
|
|
log.Error(err)
|
|
|
|
}
|
2017-04-26 09:28:13 +02:00
|
|
|
|
2018-09-05 10:16:31 +02:00
|
|
|
// Init API handler
|
2018-07-19 17:50:25 +02:00
|
|
|
if err := api.Init(); err != nil {
|
|
|
|
log.Fatalf("Failed to initialize API handlers with error: %s", err.Error())
|
|
|
|
}
|
|
|
|
|
2018-07-25 12:34:55 +02:00
|
|
|
if config.WithClair() {
|
|
|
|
clairDB, err := config.ClairDB()
|
|
|
|
if err != nil {
|
|
|
|
log.Fatalf("failed to load clair database information: %v", err)
|
2017-07-06 18:38:38 +02:00
|
|
|
}
|
2018-07-25 12:34:55 +02:00
|
|
|
if err := dao.InitClairDB(clairDB); err != nil {
|
|
|
|
log.Fatalf("failed to initialize clair database: %v", err)
|
|
|
|
}
|
2019-10-17 06:00:51 +02:00
|
|
|
|
|
|
|
// TODO: change to be internal adapter
|
|
|
|
reg := &scanner.Registration{
|
2019-10-26 19:25:36 +02:00
|
|
|
Name: "Clair",
|
|
|
|
Description: "The clair scanner adapter",
|
|
|
|
URL: config.ClairAdapterEndpoint(),
|
|
|
|
IsDefault: true,
|
|
|
|
UseInternalAddr: true,
|
|
|
|
Immutable: true,
|
2019-10-17 06:00:51 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
if err := scan.EnsureScanner(reg); err != nil {
|
|
|
|
log.Fatalf("failed to initialize clair scanner: %v", err)
|
|
|
|
}
|
2017-07-06 18:38:38 +02:00
|
|
|
}
|
|
|
|
|
2019-04-04 16:17:29 +02:00
|
|
|
closing := make(chan struct{})
|
2019-08-22 10:11:37 +02:00
|
|
|
done := make(chan struct{})
|
|
|
|
go gracefulShutdown(closing, done)
|
|
|
|
if err := replication.Init(closing, done); err != nil {
|
2019-04-04 16:17:29 +02:00
|
|
|
log.Fatalf("failed to init for replication: %v", err)
|
2019-04-04 15:58:31 +02:00
|
|
|
}
|
2019-01-28 09:39:07 +01:00
|
|
|
|
2019-08-07 14:30:26 +02:00
|
|
|
log.Info("initializing notification...")
|
|
|
|
notification.Init()
|
2019-10-21 14:07:00 +02:00
|
|
|
// Initialize the event handlers for handling artifact cascade deletion
|
|
|
|
event.Init()
|
2019-08-07 14:30:26 +02:00
|
|
|
|
2017-06-18 07:51:42 +02:00
|
|
|
filter.Init()
|
2017-04-26 09:28:13 +02:00
|
|
|
beego.InsertFilter("/*", beego.BeforeRouter, filter.SecurityFilter)
|
2018-03-23 11:16:08 +01:00
|
|
|
beego.InsertFilter("/*", beego.BeforeRouter, filter.ReadonlyFilter)
|
2018-07-14 09:49:38 +02:00
|
|
|
beego.InsertFilter("/api/*", beego.BeforeRouter, filter.MediaTypeFilter("application/json", "multipart/form-data", "application/octet-stream"))
|
2017-04-26 09:28:13 +02:00
|
|
|
|
2016-04-11 10:43:13 +02:00
|
|
|
initRouters()
|
2018-07-13 05:15:41 +02:00
|
|
|
|
|
|
|
syncRegistry := os.Getenv("SYNC_REGISTRY")
|
|
|
|
sync, err := strconv.ParseBool(syncRegistry)
|
2018-07-13 11:32:17 +02:00
|
|
|
if err != nil {
|
2018-07-13 05:15:41 +02:00
|
|
|
log.Errorf("Failed to parse SYNC_REGISTRY: %v", err)
|
2018-09-05 10:16:31 +02:00
|
|
|
// if err set it default to false
|
2018-07-13 11:32:17 +02:00
|
|
|
sync = false
|
2016-08-29 15:21:49 +02:00
|
|
|
}
|
2018-07-13 11:32:17 +02:00
|
|
|
if sync {
|
2018-07-13 05:15:41 +02:00
|
|
|
if err := api.SyncRegistry(config.GlobalProjectMgr); err != nil {
|
|
|
|
log.Error(err)
|
|
|
|
}
|
2018-07-13 11:32:17 +02:00
|
|
|
} else {
|
2018-07-13 05:15:41 +02:00
|
|
|
log.Infof("Because SYNC_REGISTRY set false , no need to sync registry \n")
|
|
|
|
}
|
|
|
|
|
2017-05-02 13:14:47 +02:00
|
|
|
log.Info("Init proxy")
|
2019-06-20 13:33:23 +02:00
|
|
|
if err := middlewares.Init(); err != nil {
|
2019-07-26 07:39:03 +02:00
|
|
|
log.Fatalf("init proxy error, %v", err)
|
2019-06-20 13:33:23 +02:00
|
|
|
}
|
2019-07-19 09:59:21 +02:00
|
|
|
|
2019-08-09 11:02:21 +02:00
|
|
|
if err := quotaSync(); err != nil {
|
|
|
|
log.Fatalf("quota migration error, %v", err)
|
|
|
|
}
|
|
|
|
|
2016-04-11 10:43:13 +02:00
|
|
|
beego.Run()
|
|
|
|
}
|