Add: mTLS configuration on CI

Add internal_tls on ci generate certs for ci Signed-off-by: DQ <dengq@vmware.com>
2020-03-01 19:08:48 +08:00 · 2020-03-01 19:08:48 +08:00 · 02dea3ad2c
parent dcc6950af7
commit 02dea3ad2c
5 changed files with 5 additions and 3 deletions
--- a/.github/workflows/CI.yml
+++ b/.github/workflows/CI.yml
@ -5,7 +5,6 @@ env:
   POSTGRESQL_USR: postgres
   POSTGRESQL_PWD: root123
   POSTGRESQL_DATABASE: registry
-   ADMINSERVER_URL: http://127.0.0.1:8888
   DOCKER_COMPOSE_VERSION: 1.23.0
   HARBOR_ADMIN: admin
   HARBOR_ADMIN_PASSWD: Harbor12345
--- a/src/replication/adapter/native/adapter.go
+++ b/src/replication/adapter/native/adapter.go
@ -17,7 +17,6 @@ package native
 import (
 	"errors"
 	"fmt"
-	"sync"

 	"github.com/goharbor/harbor/src/common/utils"
 	"github.com/goharbor/harbor/src/common/utils/log"
--- a/tests/ci/api_common_install.sh
+++ b/tests/ci/api_common_install.sh
@ -30,5 +30,5 @@ if [ $GITHUB_TOKEN ];
 then
    sed "s/# github_token: xxx/github_token: $GITHUB_TOKEN/" -i make/harbor.yml
 fi
-sudo make install GOBUILDIMAGE=golang:1.13.4 COMPILETAG=compile_golangimage CLARITYIMAGE=goharbor/harbor-clarity-ui-builder:1.6.0 NOTARYFLAG=true CLAIRFLAG=true TRIVYFLAG=true CHARTFLAG=true
+sudo make install GOBUILDIMAGE=golang:1.13.4 COMPILETAG=compile_golangimage CLARITYIMAGE=goharbor/harbor-clarity-ui-builder:1.6.0 NOTARYFLAG=true CLAIRFLAG=true TRIVYFLAG=true CHARTFLAG=true GEN_TLS=true
 sleep 10
--- a/tests/ci/ut_install.sh
+++ b/tests/ci/ut_install.sh
@ -22,6 +22,7 @@ sudo -E env "PATH=$PATH" make go_check
 sudo ./tests/hostcfg.sh
 sudo ./tests/generateCerts.sh
 sudo make -f make/photon/Makefile _build_db _build_registry _build_prepare -e VERSIONTAG=dev -e REGISTRYVERSION=${REG_VERSION} -e BASEIMAGETAG=dev
+docker run --rm -v /:/hostfs:z goharbor/prepare:dev gencert /etc/harbor/tls/internal
 sudo MAKEPATH=$(pwd)/make ./make/prepare
 sudo mkdir -p "/data/redis"
 sudo mkdir -p /etc/core/ca/ && sudo mv ./tests/ca.crt /etc/core/ca/
--- a/tests/hostcfg.sh
+++ b/tests/hostcfg.sh
@ -4,6 +4,9 @@ IP=`ip addr s eth0 |grep "inet "|awk '{print $2}' |awk -F "/" '{print $1}'`
 #echo $IP
 sudo sed "s/reg.mydomain.com/$IP/" make/harbor.yml.tmpl |sudo tee make/harbor.yml

+# enable internal tls
+echo "internal_tls: /etc/harbor/tls/internal" >> make/harbor.yml
+
 # TODO: remove it when scanner adapter support internal access of harbor
 echo "storage_service:" >> make/harbor.yml
 echo "  ca_bundle: /data/cert/server.crt" >> make/harbor.yml