mirror of
https://github.com/goharbor/harbor.git
synced 2024-11-22 10:15:35 +01:00
Refactor ping method into util pkg
Signed-off-by: yunkunrao <yunkunrao@gmail.com>
This commit is contained in:
yunkunrao
parent
14c0a61d3d
commit
246d863c59
@ -17,6 +17,8 @@ const (
|
||||
PreconditionCode = "PRECONDITION"
|
||||
// GeneralCode ...
|
||||
GeneralCode = "UNKNOWN"
|
||||
// ChallengesUnsupportedCode ...
|
||||
ChallengesUnsupportedCode = "ChallengesUnsupportedCode"
|
||||
// DENIED it's used by middleware(readonly, vul and content trust) and returned to docker client to index the request is denied.
|
||||
DENIED = "DENIED"
|
||||
// PROJECTPOLICYVIOLATION ...
|
||||
@ -85,3 +87,7 @@ func IsNotFoundErr(err error) bool {
|
||||
func IsConflictErr(err error) bool {
|
||||
return IsErr(err, ConflictCode)
|
||||
}
|
||||
|
||||
func IsChallengesUnsupportedErr(err error) bool {
|
||||
return IsErr(err, ChallengesUnsupportedCode)
|
||||
}
|
||||
|
||||
@ -5,15 +5,12 @@ import (
|
||||
"errors"
|
||||
"fmt"
|
||||
|
||||
"net/http"
|
||||
"path/filepath"
|
||||
"regexp"
|
||||
"strings"
|
||||
|
||||
"github.com/aliyun/alibaba-cloud-sdk-go/sdk/requests"
|
||||
"github.com/aliyun/alibaba-cloud-sdk-go/services/cr"
|
||||
"github.com/docker/distribution/registry/client/auth/challenge"
|
||||
commonhttp "github.com/goharbor/harbor/src/common/http"
|
||||
"github.com/goharbor/harbor/src/common/utils"
|
||||
"github.com/goharbor/harbor/src/lib/log"
|
||||
adp "github.com/goharbor/harbor/src/pkg/reg/adapter"
|
||||
@ -56,7 +53,7 @@ func newAdapter(registry *model.Registry) (*adapter, error) {
|
||||
}
|
||||
// fix url (allow user input cr service url)
|
||||
registry.URL = fmt.Sprintf(registryEndpointTpl, region)
|
||||
realm, service, err := ping(registry)
|
||||
realm, service, err := util.Ping(registry)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -70,28 +67,6 @@ func newAdapter(registry *model.Registry) (*adapter, error) {
|
||||
}, nil
|
||||
}
|
||||
|
||||
func ping(registry *model.Registry) (string, string, error) {
|
||||
client := &http.Client{}
|
||||
if registry.Insecure {
|
||||
client.Transport = commonhttp.GetHTTPTransport(commonhttp.InsecureTransport)
|
||||
} else {
|
||||
client.Transport = commonhttp.GetHTTPTransport(commonhttp.SecureTransport)
|
||||
}
|
||||
|
||||
resp, err := client.Get(registry.URL + "/v2/")
|
||||
if err != nil {
|
||||
return "", "", err
|
||||
}
|
||||
defer resp.Body.Close()
|
||||
challenges := challenge.ResponseChallenges(resp)
|
||||
for _, challenge := range challenges {
|
||||
if challenge.Scheme == "bearer" {
|
||||
return challenge.Parameters["realm"], challenge.Parameters["service"], nil
|
||||
}
|
||||
}
|
||||
return "", "", fmt.Errorf("bearer auth scheme isn't supported: %v", challenges)
|
||||
}
|
||||
|
||||
type factory struct {
|
||||
}
|
||||
|
||||
|
||||
@ -4,8 +4,7 @@ import (
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"fmt"
|
||||
"github.com/docker/distribution/registry/client/auth/challenge"
|
||||
"github.com/goharbor/harbor/src/lib/log"
|
||||
liberrors "github.com/goharbor/harbor/src/lib/errors"
|
||||
"github.com/goharbor/harbor/src/pkg/reg/model"
|
||||
"github.com/goharbor/harbor/src/pkg/reg/util"
|
||||
"io"
|
||||
@ -32,10 +31,8 @@ type Client struct {
|
||||
// NewClient creates a new GitLab client.
|
||||
func NewClient(registry *model.Registry) (*Client, error) {
|
||||
|
||||
realm, _, err := ping(&http.Client{
|
||||
Transport: util.GetHTTPTransport(registry.Insecure),
|
||||
}, registry.URL)
|
||||
if err != nil {
|
||||
realm, _, err := util.Ping(registry)
|
||||
if err != nil && !liberrors.IsChallengesUnsupportedErr(err) {
|
||||
return nil, err
|
||||
}
|
||||
if realm == "" {
|
||||
@ -57,26 +54,6 @@ func NewClient(registry *model.Registry) (*Client, error) {
|
||||
return client, nil
|
||||
}
|
||||
|
||||
// ping returns the realm, service and error
|
||||
func ping(client *http.Client, endpoint string) (string, string, error) {
|
||||
resp, err := client.Get(buildPingURL(endpoint))
|
||||
if err != nil {
|
||||
return "", "", err
|
||||
}
|
||||
defer resp.Body.Close()
|
||||
|
||||
challenges := challenge.ResponseChallenges(resp)
|
||||
for _, challenge := range challenges {
|
||||
if scheme == challenge.Scheme {
|
||||
realm := challenge.Parameters["realm"]
|
||||
service := challenge.Parameters["service"]
|
||||
return realm, service, nil
|
||||
}
|
||||
}
|
||||
|
||||
log.Warningf("Schemas %v are unsupported", challenges)
|
||||
return "", "", nil
|
||||
}
|
||||
func buildPingURL(endpoint string) string {
|
||||
return fmt.Sprintf("%s/v2/", endpoint)
|
||||
}
|
||||
|
||||
@ -10,7 +10,6 @@ import (
|
||||
"strconv"
|
||||
"strings"
|
||||
|
||||
"github.com/docker/distribution/registry/client/auth/challenge"
|
||||
commonhttp "github.com/goharbor/harbor/src/common/http"
|
||||
"github.com/goharbor/harbor/src/lib/log"
|
||||
adp "github.com/goharbor/harbor/src/pkg/reg/adapter"
|
||||
@ -97,7 +96,7 @@ func newAdapter(registry *model.Registry) (a *adapter, err error) {
|
||||
}
|
||||
}
|
||||
|
||||
realm, service, err := ping(registry)
|
||||
realm, service, err := util.Ping(registry)
|
||||
log.Debugf("[tencent-tcr.newAdapter] realm=%s, service=%s error=%v", realm, service, err)
|
||||
if err != nil {
|
||||
log.Errorf("[tencent-tcr.newAdapter] ping failed. error=%v", err)
|
||||
@ -166,26 +165,6 @@ func newAdapter(registry *model.Registry) (a *adapter, err error) {
|
||||
}, nil
|
||||
}
|
||||
|
||||
func ping(registry *model.Registry) (string, string, error) {
|
||||
client := &http.Client{
|
||||
Transport: util.GetHTTPTransport(registry.Insecure),
|
||||
}
|
||||
|
||||
resp, err := client.Get(registry.URL + "/v2/")
|
||||
log.Debugf("[tencent-tcr.ping] error=%v", err)
|
||||
if err != nil {
|
||||
return "", "", err
|
||||
}
|
||||
defer resp.Body.Close()
|
||||
challenges := challenge.ResponseChallenges(resp)
|
||||
for _, challenge := range challenges {
|
||||
if challenge.Scheme == "bearer" {
|
||||
return challenge.Parameters["realm"], challenge.Parameters["service"], nil
|
||||
}
|
||||
}
|
||||
return "", "", fmt.Errorf("[tencent-tcr.ping] bearer auth scheme isn't supported: %v", challenges)
|
||||
}
|
||||
|
||||
func (a *adapter) Info() (info *model.RegistryInfo, err error) {
|
||||
info = &model.RegistryInfo{
|
||||
Type: model.RegistryTypeTencentTcr,
|
||||
|
||||
@ -15,6 +15,9 @@
|
||||
package util
|
||||
|
||||
import (
|
||||
"github.com/docker/distribution/registry/client/auth/challenge"
|
||||
"github.com/goharbor/harbor/src/lib/errors"
|
||||
"github.com/goharbor/harbor/src/pkg/reg/model"
|
||||
"net/http"
|
||||
"strings"
|
||||
|
||||
@ -29,6 +32,25 @@ func GetHTTPTransport(insecure bool) *http.Transport {
|
||||
return commonhttp.GetHTTPTransport(commonhttp.SecureTransport)
|
||||
}
|
||||
|
||||
func Ping(registry *model.Registry) (string, string, error) {
|
||||
client := &http.Client{
|
||||
Transport: GetHTTPTransport(registry.Insecure),
|
||||
}
|
||||
|
||||
resp, err := client.Get(registry.URL + "/v2/")
|
||||
if err != nil {
|
||||
return "", "", err
|
||||
}
|
||||
defer resp.Body.Close()
|
||||
challenges := challenge.ResponseChallenges(resp)
|
||||
for _, challenge := range challenges {
|
||||
if challenge.Scheme == "bearer" {
|
||||
return challenge.Parameters["realm"], challenge.Parameters["service"], nil
|
||||
}
|
||||
}
|
||||
return "", "", errors.New(nil).WithCode(errors.ChallengesUnsupportedCode).WithMessage("bearer auth scheme isn't supported: %v", challenges)
|
||||
}
|
||||
|
||||
// ParseRepository parses the "repository" provided into two parts: namespace and the rest
|
||||
// the string before the last "/" is the namespace part
|
||||
// c -> [,c]
|
||||
|
||||
Loading…
Reference in New Issue
Block a user