From 02dea3ad2c802b961c38f39bd76d54574f08fdfd Mon Sep 17 00:00:00 2001 From: DQ Date: Sun, 1 Mar 2020 19:08:48 +0800 Subject: [PATCH] Add: mTLS configuration on CI Add internal_tls on ci generate certs for ci Signed-off-by: DQ --- .github/workflows/CI.yml | 1 - src/replication/adapter/native/adapter.go | 1 - tests/ci/api_common_install.sh | 2 +- tests/ci/ut_install.sh | 1 + tests/hostcfg.sh | 3 +++ 5 files changed, 5 insertions(+), 3 deletions(-) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index 7e10ddec6..0401a9004 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -5,7 +5,6 @@ env: POSTGRESQL_USR: postgres POSTGRESQL_PWD: root123 POSTGRESQL_DATABASE: registry - ADMINSERVER_URL: http://127.0.0.1:8888 DOCKER_COMPOSE_VERSION: 1.23.0 HARBOR_ADMIN: admin HARBOR_ADMIN_PASSWD: Harbor12345 diff --git a/src/replication/adapter/native/adapter.go b/src/replication/adapter/native/adapter.go index c3639f6fc..e8dce8e3b 100644 --- a/src/replication/adapter/native/adapter.go +++ b/src/replication/adapter/native/adapter.go @@ -17,7 +17,6 @@ package native import ( "errors" "fmt" - "sync" "github.com/goharbor/harbor/src/common/utils" "github.com/goharbor/harbor/src/common/utils/log" diff --git a/tests/ci/api_common_install.sh b/tests/ci/api_common_install.sh index 42d66f4f9..c4a3b2b04 100755 --- a/tests/ci/api_common_install.sh +++ b/tests/ci/api_common_install.sh @@ -30,5 +30,5 @@ if [ $GITHUB_TOKEN ]; then sed "s/# github_token: xxx/github_token: $GITHUB_TOKEN/" -i make/harbor.yml fi -sudo make install GOBUILDIMAGE=golang:1.13.4 COMPILETAG=compile_golangimage CLARITYIMAGE=goharbor/harbor-clarity-ui-builder:1.6.0 NOTARYFLAG=true CLAIRFLAG=true TRIVYFLAG=true CHARTFLAG=true +sudo make install GOBUILDIMAGE=golang:1.13.4 COMPILETAG=compile_golangimage CLARITYIMAGE=goharbor/harbor-clarity-ui-builder:1.6.0 NOTARYFLAG=true CLAIRFLAG=true TRIVYFLAG=true CHARTFLAG=true GEN_TLS=true sleep 10 diff --git a/tests/ci/ut_install.sh b/tests/ci/ut_install.sh index 84d5939c2..749972a18 100755 --- a/tests/ci/ut_install.sh +++ b/tests/ci/ut_install.sh @@ -22,6 +22,7 @@ sudo -E env "PATH=$PATH" make go_check sudo ./tests/hostcfg.sh sudo ./tests/generateCerts.sh sudo make -f make/photon/Makefile _build_db _build_registry _build_prepare -e VERSIONTAG=dev -e REGISTRYVERSION=${REG_VERSION} -e BASEIMAGETAG=dev +docker run --rm -v /:/hostfs:z goharbor/prepare:dev gencert /etc/harbor/tls/internal sudo MAKEPATH=$(pwd)/make ./make/prepare sudo mkdir -p "/data/redis" sudo mkdir -p /etc/core/ca/ && sudo mv ./tests/ca.crt /etc/core/ca/ diff --git a/tests/hostcfg.sh b/tests/hostcfg.sh index 235e57a29..3bee2e364 100755 --- a/tests/hostcfg.sh +++ b/tests/hostcfg.sh @@ -4,6 +4,9 @@ IP=`ip addr s eth0 |grep "inet "|awk '{print $2}' |awk -F "/" '{print $1}'` #echo $IP sudo sed "s/reg.mydomain.com/$IP/" make/harbor.yml.tmpl |sudo tee make/harbor.yml +# enable internal tls +echo "internal_tls: /etc/harbor/tls/internal" >> make/harbor.yml + # TODO: remove it when scanner adapter support internal access of harbor echo "storage_service:" >> make/harbor.yml echo " ca_bundle: /data/cert/server.crt" >> make/harbor.yml