mirror of
https://github.com/goharbor/harbor.git
synced 2024-12-23 00:57:44 +01:00
propagate more env vars
This commit is contained in:
parent
a80e0190c6
commit
26124d366f
@ -38,6 +38,10 @@ self_registration = on
|
||||
#Number of job workers in job service, default is 3
|
||||
max_job_workers = 3
|
||||
|
||||
#Toggle on and off to tell job service wheter or not verify the ssl cert
|
||||
#when it tries to access a remote registry
|
||||
verify_remote_cert = on
|
||||
|
||||
#Turn on or off the customize your certificate for registry's token.
|
||||
#If the value is on, the prepare script will generate new root cert and private key
|
||||
#for generating token to access the image in registry.
|
||||
|
@ -47,6 +47,7 @@ crt_organizationalunit = rcp.get("configuration", "crt_organizationalunit")
|
||||
crt_commonname = rcp.get("configuration", "crt_commonname")
|
||||
crt_email = rcp.get("configuration", "crt_email")
|
||||
max_job_workers = rcp.get("configuration", "max_job_workers")
|
||||
verify_remote_cert = rcp.get("configuration", "verify_remote_cert")
|
||||
########
|
||||
|
||||
ui_secret = ''.join(random.choice(string.ascii_letters+string.digits) for i in range(16))
|
||||
@ -122,7 +123,8 @@ render(os.path.join(templates_dir, "jobservice", "env"),
|
||||
db_password=db_password,
|
||||
ui_secret=ui_secret,
|
||||
max_job_workers=max_job_workers,
|
||||
ui_url=ui_url)
|
||||
ui_url=ui_url,
|
||||
verify_remote_cert=verify_remote_cert)
|
||||
|
||||
def validate_crt_subj(dirty_subj):
|
||||
subj_list = [item for item in dirty_subj.strip().split("/") \
|
||||
|
@ -3,7 +3,10 @@ MYSQL_PORT=3306
|
||||
MYSQL_USR=root
|
||||
MYSQL_PWD=$db_password
|
||||
UI_SECRET=$ui_secret
|
||||
HARBOR_URL=$ui_url
|
||||
REGISTRY_URL=http://registry:5000
|
||||
VERIFY_REMOTE_CERT=$verify_remote_cert
|
||||
MAX_JOB_WORKERS=$max_job_workers
|
||||
LOG_LEVEL=debug
|
||||
GODEBUG=netdns=cgo
|
||||
EXT_ENDPOINT=$ui_url
|
||||
TOKEN_URL=http://ui
|
||||
|
@ -3,10 +3,11 @@ MYSQL_PORT=3306
|
||||
MYSQL_USR=root
|
||||
MYSQL_PWD=$db_password
|
||||
REGISTRY_URL=http://registry:5000
|
||||
UI_URL=http://ui
|
||||
CONFIG_PATH=/etc/ui/app.conf
|
||||
HARBOR_REG_URL=$hostname
|
||||
HARBOR_ADMIN_PASSWORD=$harbor_admin_password
|
||||
HARBOR_URL=$hostname
|
||||
HARBOR_URL=$ui_url
|
||||
AUTH_MODE=$auth_mode
|
||||
LDAP_URL=$ldap_url
|
||||
LDAP_BASE_DN=$ldap_basedn
|
||||
@ -14,3 +15,5 @@ UI_SECRET=$ui_secret
|
||||
SELF_REGISTRATION=$self_registration
|
||||
LOG_LEVEL=debug
|
||||
GODEBUG=netdns=cgo
|
||||
EXT_ENDPOINT=$ui_url
|
||||
TOKEN_URL=http://ui
|
||||
|
@ -1,16 +1,16 @@
|
||||
/*
|
||||
Copyright (c) 2016 VMware, Inc. All Rights Reserved.
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
Copyright (c) 2016 VMware, Inc. All Rights Reserved.
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/
|
||||
|
||||
package api
|
||||
@ -165,7 +165,7 @@ func getRepoList(projectID int64) ([]string, error) {
|
||||
uiPwd = "Harbor12345"
|
||||
}
|
||||
*/
|
||||
uiURL := config.LocalHarborURL()
|
||||
uiURL := config.LocalUIURL()
|
||||
client := &http.Client{}
|
||||
req, err := http.NewRequest("GET", uiURL+"/api/repositories?project_id="+strconv.Itoa(int(projectID)), nil)
|
||||
if err != nil {
|
||||
|
@ -1,16 +1,16 @@
|
||||
/*
|
||||
Copyright (c) 2016 VMware, Inc. All Rights Reserved.
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
Copyright (c) 2016 VMware, Inc. All Rights Reserved.
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/
|
||||
|
||||
package config
|
||||
@ -26,9 +26,11 @@ import (
|
||||
const defaultMaxWorkers int = 10
|
||||
|
||||
var maxJobWorkers int
|
||||
var localURL string
|
||||
var localUIURL string
|
||||
var localRegURL string
|
||||
var logDir string
|
||||
var uiSecret string
|
||||
var verifyRemoteCert string
|
||||
|
||||
func init() {
|
||||
maxWorkersEnv := os.Getenv("MAX_JOB_WORKERS")
|
||||
@ -39,9 +41,14 @@ func init() {
|
||||
maxJobWorkers = defaultMaxWorkers
|
||||
}
|
||||
|
||||
localURL = os.Getenv("HARBOR_URL")
|
||||
if len(localURL) == 0 {
|
||||
localURL = "http://registry:5000/"
|
||||
localRegURL = os.Getenv("REGISTRY_URL")
|
||||
if len(localRegURL) == 0 {
|
||||
localRegURL = "http://registry:5000"
|
||||
}
|
||||
|
||||
localUIURL = os.Getenv("UI_URL")
|
||||
if len(localUIURL) == 0 {
|
||||
localUIURL = "http://ui"
|
||||
}
|
||||
|
||||
logDir = os.Getenv("LOG_DIR")
|
||||
@ -67,8 +74,15 @@ func init() {
|
||||
panic("UI Secret is not set")
|
||||
}
|
||||
|
||||
verifyRemoteCert = os.Getenv("VERIFY_REMOTE_CERT")
|
||||
if len(verifyRemoteCert) == 0 {
|
||||
verifyRemoteCert = "on"
|
||||
}
|
||||
|
||||
log.Debugf("config: maxJobWorkers: %d", maxJobWorkers)
|
||||
log.Debugf("config: localHarborURL: %s", localURL)
|
||||
log.Debugf("config: localUIURL: %s", localUIURL)
|
||||
log.Debugf("config: localRegURL: %s", localRegURL)
|
||||
log.Debugf("config: verifyRemoteCert: %s", verifyRemoteCert)
|
||||
log.Debugf("config: logDir: %s", logDir)
|
||||
log.Debugf("config: uiSecret: ******")
|
||||
}
|
||||
@ -78,9 +92,14 @@ func MaxJobWorkers() int {
|
||||
return maxJobWorkers
|
||||
}
|
||||
|
||||
// LocalHarborURL returns the local registry url, job service will use this URL to pull manifest and repository.
|
||||
func LocalHarborURL() string {
|
||||
return localURL
|
||||
// LocaUIURL returns the local ui url, job service will use this URL to call API hosted on ui process
|
||||
func LocalUIURL() string {
|
||||
return localUIURL
|
||||
}
|
||||
|
||||
// LocalRegURL returns the local registry url, job service will use this URL to pull image from the registry
|
||||
func LocalRegURL() string {
|
||||
return localRegURL
|
||||
}
|
||||
|
||||
// LogDir returns the absolute path to which the log file will be written
|
||||
@ -92,3 +111,8 @@ func LogDir() string {
|
||||
func UISecret() string {
|
||||
return uiSecret
|
||||
}
|
||||
|
||||
// VerifyRemoteCert return the flag to tell jobservice whether or not verify the cert of remote registry
|
||||
func VerifyRemoteCert() bool {
|
||||
return verifyRemoteCert != "off"
|
||||
}
|
||||
|
@ -1,16 +1,16 @@
|
||||
/*
|
||||
Copyright (c) 2016 VMware, Inc. All Rights Reserved.
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
Copyright (c) 2016 VMware, Inc. All Rights Reserved.
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/
|
||||
|
||||
package job
|
||||
@ -38,6 +38,7 @@ type RepJobParm struct {
|
||||
Tags []string
|
||||
Enabled int
|
||||
Operation string
|
||||
Insecure bool
|
||||
}
|
||||
|
||||
// SM is the state machine to handle job, it handles one job at a time.
|
||||
@ -205,11 +206,12 @@ func (sm *SM) Reset(jid int64) error {
|
||||
return fmt.Errorf("The policy doesn't exist in DB, policy id:%d", job.PolicyID)
|
||||
}
|
||||
sm.Parms = &RepJobParm{
|
||||
LocalRegURL: config.LocalHarborURL(),
|
||||
LocalRegURL: config.LocalRegURL(),
|
||||
Repository: job.Repository,
|
||||
Tags: job.TagList,
|
||||
Enabled: policy.Enabled,
|
||||
Operation: job.Operation,
|
||||
Insecure: !config.VerifyRemoteCert(),
|
||||
}
|
||||
if policy.Enabled == 0 {
|
||||
//worker will cancel this job
|
||||
|
Loading…
Reference in New Issue
Block a user