mirror of
https://github.com/goharbor/harbor.git
synced 2025-01-25 17:11:24 +01:00
Rebase to fix conflicts
This commit is contained in:
commit
3a204dbf7d
13
.gitignore
vendored
13
.gitignore
vendored
@ -4,26 +4,17 @@ harbor
|
|||||||
make/docker-compose.yml
|
make/docker-compose.yml
|
||||||
make/common/config/*
|
make/common/config/*
|
||||||
make/dev/adminserver/harbor_adminserver
|
make/dev/adminserver/harbor_adminserver
|
||||||
make/dev/ui/harbor_ui
|
make/dev/core/harbor_core
|
||||||
make/dev/jobservice/harbor_jobservice
|
make/dev/jobservice/harbor_jobservice
|
||||||
make/photon/*/binary/
|
make/photon/*/binary/
|
||||||
|
|
||||||
src/adminserver/adminserver
|
src/adminserver/adminserver
|
||||||
src/ui/ui
|
src/core/core
|
||||||
src/jobservice/jobservice
|
src/jobservice/jobservice
|
||||||
src/common/dao/dao.test
|
src/common/dao/dao.test
|
||||||
*.pyc
|
*.pyc
|
||||||
jobservice/test
|
jobservice/test
|
||||||
|
|
||||||
src/ui/static/*.html
|
|
||||||
src/ui/static/*.bundle.js
|
|
||||||
src/ui/static/*.bundle.js.map
|
|
||||||
src/ui/static/harbor-logo.*.png
|
|
||||||
src/ui/static/*.min.*
|
|
||||||
src/ui/static/styles.css
|
|
||||||
src/ui/static/i18n
|
|
||||||
src/ui/static/shapes
|
|
||||||
|
|
||||||
src/portal/coverage/
|
src/portal/coverage/
|
||||||
src/portal/dist/
|
src/portal/dist/
|
||||||
src/portal/html-report/
|
src/portal/html-report/
|
||||||
|
@ -22,7 +22,7 @@ env:
|
|||||||
DOCKER_COMPOSE_VERSION: 1.7.1
|
DOCKER_COMPOSE_VERSION: 1.7.1
|
||||||
HARBOR_ADMIN: admin
|
HARBOR_ADMIN: admin
|
||||||
HARBOR_ADMIN_PASSWD: Harbor12345
|
HARBOR_ADMIN_PASSWD: Harbor12345
|
||||||
UI_SECRET: tempString
|
CORE_SECRET: tempString
|
||||||
KEY_PATH: /data/secretkey
|
KEY_PATH: /data/secretkey
|
||||||
REDIS_HOST: localhost
|
REDIS_HOST: localhost
|
||||||
REG_VERSION: v2.6.2
|
REG_VERSION: v2.6.2
|
||||||
@ -44,7 +44,7 @@ before_install:
|
|||||||
- sudo ./tests/generateCerts.sh
|
- sudo ./tests/generateCerts.sh
|
||||||
- sudo ./make/prepare
|
- sudo ./make/prepare
|
||||||
- sudo mkdir -p "/data/redis"
|
- sudo mkdir -p "/data/redis"
|
||||||
- sudo mkdir -p /etc/ui/ca/ && sudo mv ./tests/ca.crt /etc/ui/ca/
|
- sudo mkdir -p /etc/core/ca/ && sudo mv ./tests/ca.crt /etc/core/ca/
|
||||||
- sudo mkdir -p /harbor && sudo mv ./VERSION /harbor/UIVERSION
|
- sudo mkdir -p /harbor && sudo mv ./VERSION /harbor/UIVERSION
|
||||||
- sudo ./tests/testprepare.sh
|
- sudo ./tests/testprepare.sh
|
||||||
|
|
||||||
@ -90,6 +90,6 @@ script:
|
|||||||
- sudo docker-compose -f ./make/docker-compose.test.yml up -d
|
- sudo docker-compose -f ./make/docker-compose.test.yml up -d
|
||||||
- make go_check
|
- make go_check
|
||||||
- ./tests/pushimage.sh
|
- ./tests/pushimage.sh
|
||||||
- go test -race -i ./src/ui ./src/adminserver ./src/jobservice
|
- go test -race -i ./src/core ./src/adminserver ./src/jobservice
|
||||||
- sudo -E env "PATH=$PATH" "POSTGRES_MIGRATION_SCRIPTS_PATH=/home/travis/gopath/src/github.com/goharbor/harbor/make/migrations/postgresql/" ./tests/coverage4gotest.sh
|
- sudo -E env "PATH=$PATH" "POSTGRES_MIGRATION_SCRIPTS_PATH=/home/travis/gopath/src/github.com/goharbor/harbor/make/migrations/postgresql/" ./tests/coverage4gotest.sh
|
||||||
- goveralls -coverprofile=profile.cov -service=travis-ci
|
- goveralls -coverprofile=profile.cov -service=travis-ci
|
||||||
|
@ -4,16 +4,15 @@
|
|||||||
|
|
||||||
Welcome to Harbor! This guide provides information on filing issues and guidelines for open source contributors. **Please leave comments / suggestions if you find something is missing or incorrect.**
|
Welcome to Harbor! This guide provides information on filing issues and guidelines for open source contributors. **Please leave comments / suggestions if you find something is missing or incorrect.**
|
||||||
|
|
||||||
Contributors are encouraged to collaborate using the following resources in addition to the GitHub [issue tacker](https://github.com/vmware/harbor/issues):
|
Contributors are encouraged to collaborate using the following resources in addition to the GitHub [issue tacker](https://github.com/goharbor/harbor/issues):
|
||||||
* [Slack](https://vmwarecode.slack.com/messages/harbor): If you don't have an @vmware.com or @emc.com email, please sign up at [VMware {code}](https://code.vmware.com/join/) to get a Slack invite.
|
|
||||||
* Mail group: Use harbor-dev@googlegroups.com for discussion on Harbor development and contribution. To subscribe, send an email to harbor-dev+subscribe@googlegroups.com .
|
**Twitter:** [@project_harbor](https://twitter.com/project_harbor)
|
||||||
|
**User Group:** Join Harbor user email group: [harbor-users@googlegroups.com](https://groups.google.com/forum/#!forum/harbor-users) to get update of Harbor's news, features, releases, or to provide suggestion and feedback. To subscribe, send an email to [harbor-users+subscribe@googlegroups.com](mailto:harbor-users+subscribe@googlegroups.com) .
|
||||||
|
**Developer Group:** Join Harbor developer group: [harbor-dev@googlegroups.com](https://groups.google.com/forum/#!forum/harbor-dev) for discussion on Harbor development and contribution. To subscribe, send an email to [harbor-dev+subscribe@googlegroups.com](mailto:harbor-dev+subscribe@googlegroups.com).
|
||||||
|
**Slack:** Join Harbor's community for discussion and ask questions: [Cloud Native Computing Foundation](https://slack.cncf.io/), channel: #harbor and #harbor-dev
|
||||||
|
|
||||||
## Getting Started
|
## Getting Started
|
||||||
|
|
||||||
### Sign the CLA
|
|
||||||
|
|
||||||
Before doing contributions, you must sign the CLA. If it is the first time you're making a Pull Requests(PR), please make sure to sign the contributor license agreement (CLA) online. A bot will automatically update the PR for the CLA process.
|
|
||||||
|
|
||||||
### Fork Repository
|
### Fork Repository
|
||||||
|
|
||||||
Fork the Harbor repository on GitHub to your personal account.
|
Fork the Harbor repository on GitHub to your personal account.
|
||||||
|
40
Makefile
40
Makefile
@ -10,7 +10,7 @@
|
|||||||
# compile from golang image
|
# compile from golang image
|
||||||
# for example: make compile_golangimage -e GOBUILDIMAGE= \
|
# for example: make compile_golangimage -e GOBUILDIMAGE= \
|
||||||
# golang:1.7.3
|
# golang:1.7.3
|
||||||
# compile_adminserver, compile_ui, compile_jobservice: compile specific binary
|
# compile_adminserver, compile_core, compile_jobservice: compile specific binary
|
||||||
#
|
#
|
||||||
# build: build Harbor docker images from photon baseimage
|
# build: build Harbor docker images from photon baseimage
|
||||||
#
|
#
|
||||||
@ -67,8 +67,8 @@ MAKEPATH=$(BUILDPATH)/make
|
|||||||
MAKEDEVPATH=$(MAKEPATH)/dev
|
MAKEDEVPATH=$(MAKEPATH)/dev
|
||||||
SRCPATH=./src
|
SRCPATH=./src
|
||||||
TOOLSPATH=$(BUILDPATH)/tools
|
TOOLSPATH=$(BUILDPATH)/tools
|
||||||
UIPATH=$(BUILDPATH)/src/ui
|
CORE_PATH=$(BUILDPATH)/src/core
|
||||||
UINGPATH=$(BUILDPATH)/src/portal
|
PORTAL_PATH=$(BUILDPATH)/src/portal
|
||||||
GOBASEPATH=/go/src/github.com/goharbor
|
GOBASEPATH=/go/src/github.com/goharbor
|
||||||
CHECKENVCMD=checkenv.sh
|
CHECKENVCMD=checkenv.sh
|
||||||
|
|
||||||
@ -129,20 +129,20 @@ GOBUILDPATH=$(GOBASEPATH)/harbor
|
|||||||
GOIMAGEBUILDCMD=/usr/local/go/bin/go
|
GOIMAGEBUILDCMD=/usr/local/go/bin/go
|
||||||
GOIMAGEBUILD=$(GOIMAGEBUILDCMD) build
|
GOIMAGEBUILD=$(GOIMAGEBUILDCMD) build
|
||||||
GOBUILDPATH_ADMINSERVER=$(GOBUILDPATH)/src/adminserver
|
GOBUILDPATH_ADMINSERVER=$(GOBUILDPATH)/src/adminserver
|
||||||
GOBUILDPATH_UI=$(GOBUILDPATH)/src/ui
|
GOBUILDPATH_CORE=$(GOBUILDPATH)/src/core
|
||||||
GOBUILDPATH_JOBSERVICE=$(GOBUILDPATH)/src/jobservice
|
GOBUILDPATH_JOBSERVICE=$(GOBUILDPATH)/src/jobservice
|
||||||
GOBUILDPATH_REGISTRYCTL=$(GOBUILDPATH)/src/registryctl
|
GOBUILDPATH_REGISTRYCTL=$(GOBUILDPATH)/src/registryctl
|
||||||
GOBUILDMAKEPATH=$(GOBUILDPATH)/make
|
GOBUILDMAKEPATH=$(GOBUILDPATH)/make
|
||||||
GOBUILDMAKEPATH_ADMINSERVER=$(GOBUILDMAKEPATH)/photon/adminserver
|
GOBUILDMAKEPATH_ADMINSERVER=$(GOBUILDMAKEPATH)/photon/adminserver
|
||||||
GOBUILDMAKEPATH_UI=$(GOBUILDMAKEPATH)/photon/ui
|
GOBUILDMAKEPATH_CORE=$(GOBUILDMAKEPATH)/photon/core
|
||||||
GOBUILDMAKEPATH_JOBSERVICE=$(GOBUILDMAKEPATH)/photon/jobservice
|
GOBUILDMAKEPATH_JOBSERVICE=$(GOBUILDMAKEPATH)/photon/jobservice
|
||||||
GOBUILDMAKEPATH_REGISTRYCTL=$(GOBUILDMAKEPATH)/photon/registryctl
|
GOBUILDMAKEPATH_REGISTRYCTL=$(GOBUILDMAKEPATH)/photon/registryctl
|
||||||
|
|
||||||
# binary
|
# binary
|
||||||
ADMINSERVERBINARYPATH=$(MAKEDEVPATH)/adminserver
|
ADMINSERVERBINARYPATH=$(MAKEDEVPATH)/adminserver
|
||||||
ADMINSERVERBINARYNAME=harbor_adminserver
|
ADMINSERVERBINARYNAME=harbor_adminserver
|
||||||
UIBINARYPATH=$(MAKEDEVPATH)/ui
|
CORE_BINARYPATH=$(MAKEDEVPATH)/core
|
||||||
UIBINARYNAME=harbor_ui
|
CORE_BINARYNAME=harbor_core
|
||||||
JOBSERVICEBINARYPATH=$(MAKEDEVPATH)/jobservice
|
JOBSERVICEBINARYPATH=$(MAKEDEVPATH)/jobservice
|
||||||
JOBSERVICEBINARYNAME=harbor_jobservice
|
JOBSERVICEBINARYNAME=harbor_jobservice
|
||||||
REGISTRYCTLBINARYPATH=$(MAKEDEVPATH)/registryctl
|
REGISTRYCTLBINARYPATH=$(MAKEDEVPATH)/registryctl
|
||||||
@ -176,7 +176,7 @@ DOCKERFILEPATH_COMMON=$(MAKEPATH)/common
|
|||||||
# docker image name
|
# docker image name
|
||||||
DOCKERIMAGENAME_ADMINSERVER=goharbor/harbor-adminserver
|
DOCKERIMAGENAME_ADMINSERVER=goharbor/harbor-adminserver
|
||||||
DOCKERIMAGENAME_PORTAL=goharbor/harbor-portal
|
DOCKERIMAGENAME_PORTAL=goharbor/harbor-portal
|
||||||
DOCKERIMAGENAME_UI=goharbor/harbor-ui
|
DOCKERIMAGENAME_CORE=goharbor/harbor-core
|
||||||
DOCKERIMAGENAME_JOBSERVICE=goharbor/harbor-jobservice
|
DOCKERIMAGENAME_JOBSERVICE=goharbor/harbor-jobservice
|
||||||
DOCKERIMAGENAME_LOG=goharbor/harbor-log
|
DOCKERIMAGENAME_LOG=goharbor/harbor-log
|
||||||
DOCKERIMAGENAME_DB=goharbor/harbor-db
|
DOCKERIMAGENAME_DB=goharbor/harbor-db
|
||||||
@ -211,7 +211,7 @@ REGISTRYPASSWORD=default
|
|||||||
# cmds
|
# cmds
|
||||||
DOCKERSAVE_PARA=$(DOCKERIMAGENAME_ADMINSERVER):$(VERSIONTAG) \
|
DOCKERSAVE_PARA=$(DOCKERIMAGENAME_ADMINSERVER):$(VERSIONTAG) \
|
||||||
$(DOCKERIMAGENAME_PORTAL):$(VERSIONTAG) \
|
$(DOCKERIMAGENAME_PORTAL):$(VERSIONTAG) \
|
||||||
$(DOCKERIMAGENAME_UI):$(VERSIONTAG) \
|
$(DOCKERIMAGENAME_CORE):$(VERSIONTAG) \
|
||||||
$(DOCKERIMAGENAME_LOG):$(VERSIONTAG) \
|
$(DOCKERIMAGENAME_LOG):$(VERSIONTAG) \
|
||||||
$(DOCKERIMAGENAME_DB):$(VERSIONTAG) \
|
$(DOCKERIMAGENAME_DB):$(VERSIONTAG) \
|
||||||
$(DOCKERIMAGENAME_JOBSERVICE):$(VERSIONTAG) \
|
$(DOCKERIMAGENAME_JOBSERVICE):$(VERSIONTAG) \
|
||||||
@ -271,11 +271,11 @@ compile_adminserver:
|
|||||||
$(DOCKERCMD) run --rm -v $(BUILDPATH):$(GOBUILDPATH) -w $(GOBUILDPATH_ADMINSERVER) $(GOBUILDIMAGE) $(GOIMAGEBUILD) -o $(GOBUILDMAKEPATH_ADMINSERVER)/$(ADMINSERVERBINARYNAME)
|
$(DOCKERCMD) run --rm -v $(BUILDPATH):$(GOBUILDPATH) -w $(GOBUILDPATH_ADMINSERVER) $(GOBUILDIMAGE) $(GOIMAGEBUILD) -o $(GOBUILDMAKEPATH_ADMINSERVER)/$(ADMINSERVERBINARYNAME)
|
||||||
@echo "Done."
|
@echo "Done."
|
||||||
|
|
||||||
compile_ui:
|
compile_core:
|
||||||
@echo "compiling binary for ui (golang image)..."
|
@echo "compiling binary for core (golang image)..."
|
||||||
@echo $(GOBASEPATH)
|
@echo $(GOBASEPATH)
|
||||||
@echo $(GOBUILDPATH)
|
@echo $(GOBUILDPATH)
|
||||||
@$(DOCKERCMD) run --rm -v $(BUILDPATH):$(GOBUILDPATH) -w $(GOBUILDPATH_UI) $(GOBUILDIMAGE) $(GOIMAGEBUILD) -o $(GOBUILDMAKEPATH_UI)/$(UIBINARYNAME)
|
@$(DOCKERCMD) run --rm -v $(BUILDPATH):$(GOBUILDPATH) -w $(GOBUILDPATH_CORE) $(GOBUILDIMAGE) $(GOIMAGEBUILD) -o $(GOBUILDMAKEPATH_CORE)/$(CORE_BINARYNAME)
|
||||||
@echo "Done."
|
@echo "Done."
|
||||||
|
|
||||||
compile_jobservice:
|
compile_jobservice:
|
||||||
@ -288,7 +288,7 @@ compile_registryctl:
|
|||||||
@$(DOCKERCMD) run --rm -v $(BUILDPATH):$(GOBUILDPATH) -w $(GOBUILDPATH_REGISTRYCTL) $(GOBUILDIMAGE) $(GOIMAGEBUILD) -o $(GOBUILDMAKEPATH_REGISTRYCTL)/$(REGISTRYCTLBINARYNAME)
|
@$(DOCKERCMD) run --rm -v $(BUILDPATH):$(GOBUILDPATH) -w $(GOBUILDPATH_REGISTRYCTL) $(GOBUILDIMAGE) $(GOIMAGEBUILD) -o $(GOBUILDMAKEPATH_REGISTRYCTL)/$(REGISTRYCTLBINARYNAME)
|
||||||
@echo "Done."
|
@echo "Done."
|
||||||
|
|
||||||
compile:check_environment compile_adminserver compile_ui compile_jobservice compile_registryctl
|
compile:check_environment compile_adminserver compile_core compile_jobservice compile_registryctl
|
||||||
|
|
||||||
prepare:
|
prepare:
|
||||||
@echo "preparing..."
|
@echo "preparing..."
|
||||||
@ -331,7 +331,7 @@ modify_sourcefiles:
|
|||||||
@chmod 600 $(MAKEPATH)/common/templates/notary/notary-signer.key
|
@chmod 600 $(MAKEPATH)/common/templates/notary/notary-signer.key
|
||||||
@chmod 600 $(MAKEPATH)/common/templates/notary/notary-signer.crt
|
@chmod 600 $(MAKEPATH)/common/templates/notary/notary-signer.crt
|
||||||
@chmod 600 $(MAKEPATH)/common/templates/notary/notary-signer-ca.crt
|
@chmod 600 $(MAKEPATH)/common/templates/notary/notary-signer-ca.crt
|
||||||
@chmod 600 $(MAKEPATH)/common/templates/ui/private_key.pem
|
@chmod 600 $(MAKEPATH)/common/templates/core/private_key.pem
|
||||||
@chmod 600 $(MAKEPATH)/common/templates/registry/root.crt
|
@chmod 600 $(MAKEPATH)/common/templates/registry/root.crt
|
||||||
|
|
||||||
install: compile version build modify_sourcefiles prepare modify_composefile start
|
install: compile version build modify_sourcefiles prepare modify_composefile start
|
||||||
@ -411,10 +411,10 @@ pushimage:
|
|||||||
$(REGISTRYUSER) $(REGISTRYPASSWORD) $(REGISTRYSERVER)
|
$(REGISTRYUSER) $(REGISTRYPASSWORD) $(REGISTRYSERVER)
|
||||||
@$(DOCKERRMIMAGE) $(REGISTRYSERVER)$(DOCKERIMAGENAME_PORTAL):$(VERSIONTAG)
|
@$(DOCKERRMIMAGE) $(REGISTRYSERVER)$(DOCKERIMAGENAME_PORTAL):$(VERSIONTAG)
|
||||||
|
|
||||||
@$(DOCKERTAG) $(DOCKERIMAGENAME_UI):$(VERSIONTAG) $(REGISTRYSERVER)$(DOCKERIMAGENAME_UI):$(VERSIONTAG)
|
@$(DOCKERTAG) $(DOCKERIMAGENAME_CORE):$(VERSIONTAG) $(REGISTRYSERVER)$(DOCKERIMAGENAME_CORE):$(VERSIONTAG)
|
||||||
@$(PUSHSCRIPTPATH)/$(PUSHSCRIPTNAME) $(REGISTRYSERVER)$(DOCKERIMAGENAME_UI):$(VERSIONTAG) \
|
@$(PUSHSCRIPTPATH)/$(PUSHSCRIPTNAME) $(REGISTRYSERVER)$(DOCKERIMAGENAME_CORE):$(VERSIONTAG) \
|
||||||
$(REGISTRYUSER) $(REGISTRYPASSWORD) $(REGISTRYSERVER)
|
$(REGISTRYUSER) $(REGISTRYPASSWORD) $(REGISTRYSERVER)
|
||||||
@$(DOCKERRMIMAGE) $(REGISTRYSERVER)$(DOCKERIMAGENAME_UI):$(VERSIONTAG)
|
@$(DOCKERRMIMAGE) $(REGISTRYSERVER)$(DOCKERIMAGENAME_CORE):$(VERSIONTAG)
|
||||||
|
|
||||||
@$(DOCKERTAG) $(DOCKERIMAGENAME_JOBSERVICE):$(VERSIONTAG) $(REGISTRYSERVER)$(DOCKERIMAGENAME_JOBSERVICE):$(VERSIONTAG)
|
@$(DOCKERTAG) $(DOCKERIMAGENAME_JOBSERVICE):$(VERSIONTAG) $(REGISTRYSERVER)$(DOCKERIMAGENAME_JOBSERVICE):$(VERSIONTAG)
|
||||||
@$(PUSHSCRIPTPATH)/$(PUSHSCRIPTNAME) $(REGISTRYSERVER)$(DOCKERIMAGENAME_JOBSERVICE):$(VERSIONTAG) \
|
@$(PUSHSCRIPTPATH)/$(PUSHSCRIPTNAME) $(REGISTRYSERVER)$(DOCKERIMAGENAME_JOBSERVICE):$(VERSIONTAG) \
|
||||||
@ -459,13 +459,13 @@ swagger_client:
|
|||||||
cleanbinary:
|
cleanbinary:
|
||||||
@echo "cleaning binary..."
|
@echo "cleaning binary..."
|
||||||
@if [ -f $(ADMINSERVERBINARYPATH)/$(ADMINSERVERBINARYNAME) ] ; then rm $(ADMINSERVERBINARYPATH)/$(ADMINSERVERBINARYNAME) ; fi
|
@if [ -f $(ADMINSERVERBINARYPATH)/$(ADMINSERVERBINARYNAME) ] ; then rm $(ADMINSERVERBINARYPATH)/$(ADMINSERVERBINARYNAME) ; fi
|
||||||
@if [ -f $(UIBINARYPATH)/$(UIBINARYNAME) ] ; then rm $(UIBINARYPATH)/$(UIBINARYNAME) ; fi
|
@if [ -f $(CORE_BINARYPATH)/$(CORE_BINARYNAME) ] ; then rm $(CORE_BINARYPATH)/$(CORE_BINARYNAME) ; fi
|
||||||
@if [ -f $(JOBSERVICEBINARYPATH)/$(JOBSERVICEBINARYNAME) ] ; then rm $(JOBSERVICEBINARYPATH)/$(JOBSERVICEBINARYNAME) ; fi
|
@if [ -f $(JOBSERVICEBINARYPATH)/$(JOBSERVICEBINARYNAME) ] ; then rm $(JOBSERVICEBINARYPATH)/$(JOBSERVICEBINARYNAME) ; fi
|
||||||
|
|
||||||
cleanimage:
|
cleanimage:
|
||||||
@echo "cleaning image for photon..."
|
@echo "cleaning image for photon..."
|
||||||
- $(DOCKERRMIMAGE) -f $(DOCKERIMAGENAME_ADMINSERVER):$(VERSIONTAG)
|
- $(DOCKERRMIMAGE) -f $(DOCKERIMAGENAME_ADMINSERVER):$(VERSIONTAG)
|
||||||
- $(DOCKERRMIMAGE) -f $(DOCKERIMAGENAME_UI):$(VERSIONTAG)
|
- $(DOCKERRMIMAGE) -f $(DOCKERIMAGENAME_CORE):$(VERSIONTAG)
|
||||||
- $(DOCKERRMIMAGE) -f $(DOCKERIMAGENAME_DB):$(VERSIONTAG)
|
- $(DOCKERRMIMAGE) -f $(DOCKERIMAGENAME_DB):$(VERSIONTAG)
|
||||||
- $(DOCKERRMIMAGE) -f $(DOCKERIMAGENAME_JOBSERVICE):$(VERSIONTAG)
|
- $(DOCKERRMIMAGE) -f $(DOCKERIMAGENAME_JOBSERVICE):$(VERSIONTAG)
|
||||||
- $(DOCKERRMIMAGE) -f $(DOCKERIMAGENAME_LOG):$(VERSIONTAG)
|
- $(DOCKERRMIMAGE) -f $(DOCKERIMAGENAME_LOG):$(VERSIONTAG)
|
||||||
@ -492,7 +492,7 @@ cleanall: cleanbinary cleanimage cleandockercomposefile cleanversiontag cleanpac
|
|||||||
clean:
|
clean:
|
||||||
@echo " make cleanall: remove binary, Harbor images, specific version docker-compose"
|
@echo " make cleanall: remove binary, Harbor images, specific version docker-compose"
|
||||||
@echo " file, specific version tag, online and offline install package"
|
@echo " file, specific version tag, online and offline install package"
|
||||||
@echo " make cleanbinary: remove ui and jobservice binary"
|
@echo " make cleanbinary: remove core and jobservice binary"
|
||||||
@echo " make cleanimage: remove Harbor images"
|
@echo " make cleanimage: remove Harbor images"
|
||||||
@echo " make cleandockercomposefile: remove specific version docker-compose"
|
@echo " make cleandockercomposefile: remove specific version docker-compose"
|
||||||
@echo " make cleanversiontag: cleanpackageremove specific version tag"
|
@echo " make cleanversiontag: cleanpackageremove specific version tag"
|
||||||
|
19
README.md
19
README.md
@ -16,12 +16,13 @@ Project Harbor is an an open source trusted cloud native registry project that s
|
|||||||
Harbor is hosted by the [Cloud Native Computing Foundation](https://cncf.io) (CNCF). If you are an organization that wants to help shape the evolution of cloud native technologies, consider joining the CNCF. For details about who's involved and how Harbor plays a role, read the CNCF
|
Harbor is hosted by the [Cloud Native Computing Foundation](https://cncf.io) (CNCF). If you are an organization that wants to help shape the evolution of cloud native technologies, consider joining the CNCF. For details about who's involved and how Harbor plays a role, read the CNCF
|
||||||
[announcement](https://www.cncf.io/blog/2018/07/31/cncf-to-host-harbor-in-the-sandbox/).
|
[announcement](https://www.cncf.io/blog/2018/07/31/cncf-to-host-harbor-in-the-sandbox/).
|
||||||
|
|
||||||
### Features
|
## Features
|
||||||
|
|
||||||
|
* **Cloud native registry**: With support for both container images and [Helm](https://helm.sh) charts, Harbor serves as registry for cloud native environments like container runtimes and orchestration platforms.
|
||||||
* **Role based access control**: Users and repositories are organized via 'projects' and a user can have different permission for images under a project.
|
* **Role based access control**: Users and repositories are organized via 'projects' and a user can have different permission for images under a project.
|
||||||
* **Policy based image replication**: Images can be replicated (synchronized) between multiple registry instances, with auto-retry on errors. Great for load balancing, high availability, multi-datacenter, hybrid and multi-cloud scenarios.
|
* **Policy based image replication**: Images can be replicated (synchronized) between multiple registry instances based on policies with multiple filters (repository, tag and label). Harbor will auto-retry to replicate if it encounters any errors. Great for load balancing, high availability, multi-datacenter, hybrid and multi-cloud scenarios.
|
||||||
* **Vulnerability Scanning**: Harbor scans images regularly and warns users of vulnerabilities.
|
* **Vulnerability Scanning**: Harbor scans images regularly and warns users of vulnerabilities.
|
||||||
* **LDAP/AD support**: Harbor integrates with existing enterprise LDAP/AD for user authentication and management.
|
* **LDAP/AD support**: Harbor integrates with existing enterprise LDAP/AD for user authentication and management, and supports importing LDAP groups into Harbor and assigning proper project roles to them.
|
||||||
* **Image deletion & garbage collection**: Images can be deleted and their space can be recycled.
|
* **Image deletion & garbage collection**: Images can be deleted and their space can be recycled.
|
||||||
* **Notary**: Image authenticity can be ensured.
|
* **Notary**: Image authenticity can be ensured.
|
||||||
* **Graphical user portal**: User can easily browse, search repositories and manage projects.
|
* **Graphical user portal**: User can easily browse, search repositories and manage projects.
|
||||||
@ -29,7 +30,7 @@ Harbor is hosted by the [Cloud Native Computing Foundation](https://cncf.io) (CN
|
|||||||
* **RESTful API**: RESTful APIs for most administrative operations, easy to integrate with external systems.
|
* **RESTful API**: RESTful APIs for most administrative operations, easy to integrate with external systems.
|
||||||
* **Easy deployment**: Provide both an online and offline installer.
|
* **Easy deployment**: Provide both an online and offline installer.
|
||||||
|
|
||||||
### Install & Run
|
## Install & Run
|
||||||
|
|
||||||
**System requirements:**
|
**System requirements:**
|
||||||
|
|
||||||
@ -41,14 +42,14 @@ If you want to deploy Harbor on Kubernetes, please use the **[Harbor chart](http
|
|||||||
|
|
||||||
Refer to **[User Guide](docs/user_guide.md)** for more details on how to use Harbor.
|
Refer to **[User Guide](docs/user_guide.md)** for more details on how to use Harbor.
|
||||||
|
|
||||||
### Community
|
## Community
|
||||||
|
|
||||||
**Twitter:** [@project_harbor](https://twitter.com/project_harbor)
|
**Twitter:** [@project_harbor](https://twitter.com/project_harbor)
|
||||||
**User Group:** Join Harbor user email group: [harbor-users@googlegroups.com](https://groups.google.com/forum/#!forum/harbor-users) to get update of Harbor's news, features, releases, or to provide suggestion and feedback. To subscribe, send an email to [harbor-users+subscribe@googlegroups.com](mailto:harbor-users+subscribe@googlegroups.com) .
|
**User Group:** Join Harbor user email group: [harbor-users@googlegroups.com](https://groups.google.com/forum/#!forum/harbor-users) to get update of Harbor's news, features, releases, or to provide suggestion and feedback. To subscribe, send an email to [harbor-users+subscribe@googlegroups.com](mailto:harbor-users+subscribe@googlegroups.com) .
|
||||||
**Developer Group:** Join Harbor developer group: [harbor-dev@googlegroups.com](https://groups.google.com/forum/#!forum/harbor-dev) for discussion on Harbor development and contribution. To subscribe, send an email to [harbor-dev+subscribe@googlegroups.com](mailto:harbor-dev+subscribe@googlegroups.com).
|
**Developer Group:** Join Harbor developer group: [harbor-dev@googlegroups.com](https://groups.google.com/forum/#!forum/harbor-dev) for discussion on Harbor development and contribution. To subscribe, send an email to [harbor-dev+subscribe@googlegroups.com](mailto:harbor-dev+subscribe@googlegroups.com).
|
||||||
**Slack:** Join Harbor's community for discussion and ask questions: [Cloud Native Computing Foundation](https://slack.cncf.io/), channel: #harbor and #harbor-dev
|
**Slack:** Join Harbor's community for discussion and ask questions: [Cloud Native Computing Foundation](https://slack.cncf.io/), channel: #harbor and #harbor-dev
|
||||||
|
|
||||||
### Additional Tools
|
## Additional Tools
|
||||||
|
|
||||||
Tools layered on top of Harbor and contributed by community.
|
Tools layered on top of Harbor and contributed by community.
|
||||||
|
|
||||||
@ -56,16 +57,16 @@ Tools layered on top of Harbor and contributed by community.
|
|||||||
- Automates the process of cleaning up old tags from your Harbor container registries.
|
- Automates the process of cleaning up old tags from your Harbor container registries.
|
||||||
- Lead by [@nlowe](https://github.com/nlowe) from HylandSoftware.
|
- Lead by [@nlowe](https://github.com/nlowe) from HylandSoftware.
|
||||||
|
|
||||||
### Demos
|
## Demos
|
||||||
|
|
||||||
* **[Live Demo](https://demo.goharbor.io)** - A demo environment with the latest Harbor stable build installed. If you want to deeply dive, please refer to **[Demo Server](docs/demo_server.md)** for more details.
|
* **[Live Demo](https://demo.goharbor.io)** - A demo environment with the latest Harbor stable build installed. If you want to deeply dive, please refer to **[Demo Server](docs/demo_server.md)** for more details.
|
||||||
* **[Video Demos](https://github.com/goharbor/harbor/wiki/Video-demos-for-Harbor)** - Demos for Harbor features and continuously updated.
|
* **[Video Demos](https://github.com/goharbor/harbor/wiki/Video-demos-for-Harbor)** - Demos for Harbor features and continuously updated.
|
||||||
|
|
||||||
### Partners and Users
|
## Partners and Users
|
||||||
|
|
||||||
If you want to learn Harbor partners and users, please refer to [list of Harbor partners and users](partners.md).
|
If you want to learn Harbor partners and users, please refer to [list of Harbor partners and users](partners.md).
|
||||||
|
|
||||||
### License
|
## License
|
||||||
|
|
||||||
Harbor is available under the [Apache 2 license](LICENSE).
|
Harbor is available under the [Apache 2 license](LICENSE).
|
||||||
|
|
||||||
|
@ -46,10 +46,10 @@ From time to time, you may need to mannually test Harbor REST API. You can deplo
|
|||||||
ui:
|
ui:
|
||||||
...
|
...
|
||||||
volumes:
|
volumes:
|
||||||
- ./common/config/ui/app.conf:/etc/ui/app.conf:z
|
- ./common/config/ui/app.conf:/etc/core/app.conf:z
|
||||||
- ./common/config/ui/private_key.pem:/etc/ui/private_key.pem:z
|
- ./common/config/ui/private_key.pem:/etc/core/private_key.pem:z
|
||||||
- /data/secretkey:/etc/ui/key:z
|
- /data/secretkey:/etc/core/key:z
|
||||||
- /data/ca_download/:/etc/ui/ca/:z
|
- /data/ca_download/:/etc/core/ca/:z
|
||||||
## add two lines as below ##
|
## add two lines as below ##
|
||||||
- ../src/ui/static/vendors/swagger-ui-2.1.4/dist:/harbor/static/vendors/swagger
|
- ../src/ui/static/vendors/swagger-ui-2.1.4/dist:/harbor/static/vendors/swagger
|
||||||
- ../src/ui/static/resources/yaml/swagger.yaml:/harbor/static/resources/yaml/swagger.yaml
|
- ../src/ui/static/resources/yaml/swagger.yaml:/harbor/static/resources/yaml/swagger.yaml
|
||||||
|
@ -198,7 +198,7 @@ Stopping Harbor:
|
|||||||
$ sudo docker-compose stop
|
$ sudo docker-compose stop
|
||||||
Stopping nginx ... done
|
Stopping nginx ... done
|
||||||
Stopping harbor-jobservice ... done
|
Stopping harbor-jobservice ... done
|
||||||
Stopping harbor-ui ... done
|
Stopping harbor-core ... done
|
||||||
Stopping harbor-db ... done
|
Stopping harbor-db ... done
|
||||||
Stopping registry ... done
|
Stopping registry ... done
|
||||||
Stopping harbor-log ... done
|
Stopping harbor-log ... done
|
||||||
@ -375,11 +375,11 @@ By default, Harbor limits the CPU usage of Clair container to 150000 and avoids
|
|||||||
harbor-db docker-entrypoint.sh mysqld Up 3306/tcp
|
harbor-db docker-entrypoint.sh mysqld Up 3306/tcp
|
||||||
harbor-jobservice /harbor/harbor_jobservice Up
|
harbor-jobservice /harbor/harbor_jobservice Up
|
||||||
harbor-log /bin/sh -c crond && rsyslo ... Up 127.0.0.1:1514->514/tcp
|
harbor-log /bin/sh -c crond && rsyslo ... Up 127.0.0.1:1514->514/tcp
|
||||||
harbor-ui /harbor/harbor_ui Up
|
harbor-core /harbor/harbor_core Up
|
||||||
nginx nginx -g daemon off; Up 0.0.0.0:443->443/tcp, 0.0.0.0:80->80/tcp
|
nginx nginx -g daemon off; Up 0.0.0.0:443->443/tcp, 0.0.0.0:80->80/tcp
|
||||||
registry /entrypoint.sh serve /etc/ ... Up 5000/tcp
|
registry /entrypoint.sh serve /etc/ ... Up 5000/tcp
|
||||||
```
|
```
|
||||||
If a container is not in **UP** state, check the log file of that container in directory ```/var/log/harbor```. For example, if the container ```harbor-ui``` is not running, you should look at the log file ```ui.log```.
|
If a container is not in **UP** state, check the log file of that container in directory ```/var/log/harbor```. For example, if the container ```harbor-core``` is not running, you should look at the log file ```ui.log```.
|
||||||
|
|
||||||
|
|
||||||
2.When setting up Harbor behind an nginx proxy or elastic load balancing, look for the line below, in `common/templates/nginx/nginx.http.conf` and remove it from the sections if the proxy already has similar settings: `location /`, `location /v2/` and `location /service/`.
|
2.When setting up Harbor behind an nginx proxy or elastic load balancing, look for the line below, in `common/templates/nginx/nginx.http.conf` and remove it from the sections if the proxy already has similar settings: `location /`, `location /v2/` and `location /service/`.
|
||||||
|
@ -36,7 +36,7 @@ EMAIL_INSECURE=$email_insecure
|
|||||||
HARBOR_ADMIN_PASSWORD=$harbor_admin_password
|
HARBOR_ADMIN_PASSWORD=$harbor_admin_password
|
||||||
PROJECT_CREATION_RESTRICTION=$project_creation_restriction
|
PROJECT_CREATION_RESTRICTION=$project_creation_restriction
|
||||||
MAX_JOB_WORKERS=$max_job_workers
|
MAX_JOB_WORKERS=$max_job_workers
|
||||||
UI_SECRET=$ui_secret
|
CORE_SECRET=$core_secret
|
||||||
JOBSERVICE_SECRET=$jobservice_secret
|
JOBSERVICE_SECRET=$jobservice_secret
|
||||||
TOKEN_EXPIRATION=$token_expiration
|
TOKEN_EXPIRATION=$token_expiration
|
||||||
CFG_EXPIRATION=5
|
CFG_EXPIRATION=5
|
||||||
@ -55,7 +55,7 @@ UAA_ENDPOINT=$uaa_endpoint
|
|||||||
UAA_CLIENTID=$uaa_clientid
|
UAA_CLIENTID=$uaa_clientid
|
||||||
UAA_CLIENTSECRET=$uaa_clientsecret
|
UAA_CLIENTSECRET=$uaa_clientsecret
|
||||||
UAA_VERIFY_CERT=$uaa_verify_cert
|
UAA_VERIFY_CERT=$uaa_verify_cert
|
||||||
UI_URL=$ui_url
|
CORE_URL=$core_url
|
||||||
JOBSERVICE_URL=$jobservice_url
|
JOBSERVICE_URL=$jobservice_url
|
||||||
CLAIR_URL=$clair_url
|
CLAIR_URL=$clair_url
|
||||||
NOTARY_URL=$notary_url
|
NOTARY_URL=$notary_url
|
||||||
|
@ -9,7 +9,7 @@ CACHE_REDIS_DB=$cache_redis_db_index
|
|||||||
|
|
||||||
# Credential for internal communication
|
# Credential for internal communication
|
||||||
BASIC_AUTH_USER=chart_controller
|
BASIC_AUTH_USER=chart_controller
|
||||||
BASIC_AUTH_PASS=$ui_secret
|
BASIC_AUTH_PASS=$core_secret
|
||||||
|
|
||||||
# Multiple tenants
|
# Multiple tenants
|
||||||
# Must be set with 1 to support project namespace
|
# Must be set with 1 to support project namespace
|
||||||
|
@ -22,4 +22,4 @@ clair:
|
|||||||
attempts: 3
|
attempts: 3
|
||||||
renotifyinterval: 2h
|
renotifyinterval: 2h
|
||||||
http:
|
http:
|
||||||
endpoint: http://ui:8080/service/notifications/clair
|
endpoint: http://core:8080/service/notifications/clair
|
||||||
|
@ -1,10 +1,10 @@
|
|||||||
LOG_LEVEL=info
|
LOG_LEVEL=info
|
||||||
CONFIG_PATH=/etc/ui/app.conf
|
CONFIG_PATH=/etc/core/app.conf
|
||||||
UI_SECRET=$ui_secret
|
CORE_SECRET=$core_secret
|
||||||
JOBSERVICE_SECRET=$jobservice_secret
|
JOBSERVICE_SECRET=$jobservice_secret
|
||||||
GODEBUG=netdns=cgo
|
GODEBUG=netdns=cgo
|
||||||
ADMINSERVER_URL=$adminserver_url
|
ADMINSERVER_URL=$adminserver_url
|
||||||
UAA_CA_ROOT=/etc/ui/certificates/uaa_ca.pem
|
UAA_CA_ROOT=/etc/core/certificates/uaa_ca.pem
|
||||||
_REDIS_URL=$redis_host:$redis_port,100,$redis_password
|
_REDIS_URL=$redis_host:$redis_port,100,$redis_password
|
||||||
SYNC_REGISTRY=false
|
SYNC_REGISTRY=false
|
||||||
CHART_CACHE_DRIVER=$chart_cache_driver
|
CHART_CACHE_DRIVER=$chart_cache_driver
|
@ -1,4 +1,4 @@
|
|||||||
UI_SECRET=$ui_secret
|
CORE_SECRET=$core_secret
|
||||||
JOBSERVICE_SECRET=$jobservice_secret
|
JOBSERVICE_SECRET=$jobservice_secret
|
||||||
ADMINSERVER_URL=$adminserver_url
|
ADMINSERVER_URL=$adminserver_url
|
||||||
GODEBUG=netdns=cgo
|
GODEBUG=netdns=cgo
|
||||||
|
@ -12,8 +12,8 @@ http {
|
|||||||
# this is necessary for us to be able to disable request buffering in all cases
|
# this is necessary for us to be able to disable request buffering in all cases
|
||||||
proxy_http_version 1.1;
|
proxy_http_version 1.1;
|
||||||
|
|
||||||
upstream ui {
|
upstream core {
|
||||||
server ui:8080;
|
server core:8080;
|
||||||
}
|
}
|
||||||
|
|
||||||
upstream portal {
|
upstream portal {
|
||||||
@ -47,7 +47,7 @@ http {
|
|||||||
}
|
}
|
||||||
|
|
||||||
location /api/ {
|
location /api/ {
|
||||||
proxy_pass http://ui/api/;
|
proxy_pass http://core/api/;
|
||||||
proxy_set_header Host $$host;
|
proxy_set_header Host $$host;
|
||||||
proxy_set_header X-Real-IP $$remote_addr;
|
proxy_set_header X-Real-IP $$remote_addr;
|
||||||
proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for;
|
proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for;
|
||||||
@ -60,7 +60,7 @@ http {
|
|||||||
}
|
}
|
||||||
|
|
||||||
location ~ ^/(login|log_out|sendEmail|language|reset|userExists|reset_password|chartrepo) {
|
location ~ ^/(login|log_out|sendEmail|language|reset|userExists|reset_password|chartrepo) {
|
||||||
proxy_pass http://ui/;
|
proxy_pass http://core/;
|
||||||
proxy_set_header Host $$host;
|
proxy_set_header Host $$host;
|
||||||
proxy_set_header X-Real-IP $$remote_addr;
|
proxy_set_header X-Real-IP $$remote_addr;
|
||||||
proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for;
|
proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for;
|
||||||
@ -77,7 +77,7 @@ http {
|
|||||||
}
|
}
|
||||||
|
|
||||||
location /v2/ {
|
location /v2/ {
|
||||||
proxy_pass http://ui/v2/;
|
proxy_pass http://core/v2/;
|
||||||
proxy_set_header Host $$http_host;
|
proxy_set_header Host $$http_host;
|
||||||
proxy_set_header X-Real-IP $$remote_addr;
|
proxy_set_header X-Real-IP $$remote_addr;
|
||||||
proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for;
|
proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for;
|
||||||
@ -89,7 +89,7 @@ http {
|
|||||||
}
|
}
|
||||||
|
|
||||||
location /service/ {
|
location /service/ {
|
||||||
proxy_pass http://ui/service/;
|
proxy_pass http://core/service/;
|
||||||
proxy_set_header Host $$host;
|
proxy_set_header Host $$host;
|
||||||
proxy_set_header X-Real-IP $$remote_addr;
|
proxy_set_header X-Real-IP $$remote_addr;
|
||||||
proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for;
|
proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for;
|
||||||
|
@ -13,8 +13,8 @@ http {
|
|||||||
# this is necessary for us to be able to disable request buffering in all cases
|
# this is necessary for us to be able to disable request buffering in all cases
|
||||||
proxy_http_version 1.1;
|
proxy_http_version 1.1;
|
||||||
|
|
||||||
upstream ui {
|
upstream core {
|
||||||
server ui:8080;
|
server core:8080;
|
||||||
}
|
}
|
||||||
|
|
||||||
upstream portal {
|
upstream portal {
|
||||||
@ -67,7 +67,7 @@ http {
|
|||||||
}
|
}
|
||||||
|
|
||||||
location /api/ {
|
location /api/ {
|
||||||
proxy_pass http://ui/api/;
|
proxy_pass http://core/api/;
|
||||||
proxy_set_header Host $$host;
|
proxy_set_header Host $$host;
|
||||||
proxy_set_header X-Real-IP $$remote_addr;
|
proxy_set_header X-Real-IP $$remote_addr;
|
||||||
proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for;
|
proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for;
|
||||||
@ -80,7 +80,7 @@ http {
|
|||||||
}
|
}
|
||||||
|
|
||||||
location ~ ^/(login|log_out|sendEmail|language|reset|userExists|reset_password|chartrepo) {
|
location ~ ^/(login|log_out|sendEmail|language|reset|userExists|reset_password|chartrepo) {
|
||||||
proxy_pass http://ui;
|
proxy_pass http://core;
|
||||||
proxy_set_header Host $$host;
|
proxy_set_header Host $$host;
|
||||||
proxy_set_header X-Real-IP $$remote_addr;
|
proxy_set_header X-Real-IP $$remote_addr;
|
||||||
proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for;
|
proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for;
|
||||||
@ -97,7 +97,7 @@ http {
|
|||||||
}
|
}
|
||||||
|
|
||||||
location /v2/ {
|
location /v2/ {
|
||||||
proxy_pass http://ui/v2/;
|
proxy_pass http://core/v2/;
|
||||||
proxy_set_header Host $$http_host;
|
proxy_set_header Host $$http_host;
|
||||||
proxy_set_header X-Real-IP $$remote_addr;
|
proxy_set_header X-Real-IP $$remote_addr;
|
||||||
proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for;
|
proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for;
|
||||||
@ -109,7 +109,7 @@ http {
|
|||||||
}
|
}
|
||||||
|
|
||||||
location /service/ {
|
location /service/ {
|
||||||
proxy_pass http://ui/service/;
|
proxy_pass http://core/service/;
|
||||||
proxy_set_header Host $$http_host;
|
proxy_set_header Host $$http_host;
|
||||||
proxy_set_header X-Real-IP $$remote_addr;
|
proxy_set_header X-Real-IP $$remote_addr;
|
||||||
proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for;
|
proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for;
|
||||||
|
@ -31,7 +31,7 @@ notifications:
|
|||||||
endpoints:
|
endpoints:
|
||||||
- name: harbor
|
- name: harbor
|
||||||
disabled: false
|
disabled: false
|
||||||
url: $ui_url/service/notifications
|
url: $core_url/service/notifications
|
||||||
timeout: 3000ms
|
timeout: 3000ms
|
||||||
threshold: 5
|
threshold: 5
|
||||||
backoff: 1s
|
backoff: 1s
|
||||||
|
@ -1,3 +1,3 @@
|
|||||||
UI_SECRET=$ui_secret
|
CORE_SECRET=$core_secret
|
||||||
JOBSERVICE_SECRET=$jobservice_secret
|
JOBSERVICE_SECRET=$jobservice_secret
|
||||||
|
|
||||||
|
@ -1,10 +1,10 @@
|
|||||||
version: '2'
|
version: '2'
|
||||||
services:
|
services:
|
||||||
ui:
|
core:
|
||||||
networks:
|
networks:
|
||||||
harbor-chartmuseum:
|
harbor-chartmuseum:
|
||||||
aliases:
|
aliases:
|
||||||
- harbor-ui
|
- harbor-core
|
||||||
redis:
|
redis:
|
||||||
networks:
|
networks:
|
||||||
harbor-chartmuseum:
|
harbor-chartmuseum:
|
||||||
|
@ -1,10 +1,10 @@
|
|||||||
version: '2'
|
version: '2'
|
||||||
services:
|
services:
|
||||||
ui:
|
core:
|
||||||
networks:
|
networks:
|
||||||
harbor-clair:
|
harbor-clair:
|
||||||
aliases:
|
aliases:
|
||||||
- harbor-ui
|
- harbor-core
|
||||||
jobservice:
|
jobservice:
|
||||||
networks:
|
networks:
|
||||||
- harbor-clair
|
- harbor-clair
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
version: '2'
|
version: '2'
|
||||||
services:
|
services:
|
||||||
ui:
|
core:
|
||||||
networks:
|
networks:
|
||||||
- harbor-notary
|
- harbor-notary
|
||||||
proxy:
|
proxy:
|
||||||
|
@ -86,19 +86,19 @@ services:
|
|||||||
options:
|
options:
|
||||||
syslog-address: "tcp://127.0.0.1:1514"
|
syslog-address: "tcp://127.0.0.1:1514"
|
||||||
tag: "adminserver"
|
tag: "adminserver"
|
||||||
ui:
|
core:
|
||||||
image: goharbor/harbor-ui:__version__
|
image: goharbor/harbor-core:__version__
|
||||||
container_name: harbor-ui
|
container_name: harbor-core
|
||||||
env_file:
|
env_file:
|
||||||
- ./common/config/ui/env
|
- ./common/config/core/env
|
||||||
restart: always
|
restart: always
|
||||||
volumes:
|
volumes:
|
||||||
- ./common/config/ui/app.conf:/etc/ui/app.conf:z
|
- ./common/config/core/app.conf:/etc/core/app.conf:z
|
||||||
- ./common/config/ui/private_key.pem:/etc/ui/private_key.pem:z
|
- ./common/config/core/private_key.pem:/etc/core/private_key.pem:z
|
||||||
- ./common/config/ui/certificates/:/etc/ui/certificates/:z
|
- ./common/config/core/certificates/:/etc/core/certificates/:z
|
||||||
- /data/secretkey:/etc/ui/key:z
|
- /data/secretkey:/etc/core/key:z
|
||||||
- /data/ca_download/:/etc/ui/ca/:z
|
- /data/ca_download/:/etc/core/ca/:z
|
||||||
- /data/psc/:/etc/ui/token/:z
|
- /data/psc/:/etc/core/token/:z
|
||||||
networks:
|
networks:
|
||||||
- harbor
|
- harbor
|
||||||
depends_on:
|
depends_on:
|
||||||
@ -109,7 +109,7 @@ services:
|
|||||||
driver: "syslog"
|
driver: "syslog"
|
||||||
options:
|
options:
|
||||||
syslog-address: "tcp://127.0.0.1:1514"
|
syslog-address: "tcp://127.0.0.1:1514"
|
||||||
tag: "ui"
|
tag: "core"
|
||||||
portal:
|
portal:
|
||||||
image: goharbor/harbor-portal:__version__
|
image: goharbor/harbor-portal:__version__
|
||||||
container_name: harbor-portal
|
container_name: harbor-portal
|
||||||
@ -118,7 +118,7 @@ services:
|
|||||||
- harbor
|
- harbor
|
||||||
depends_on:
|
depends_on:
|
||||||
- log
|
- log
|
||||||
- ui
|
- core
|
||||||
logging:
|
logging:
|
||||||
driver: "syslog"
|
driver: "syslog"
|
||||||
options:
|
options:
|
||||||
@ -138,11 +138,11 @@ services:
|
|||||||
- harbor
|
- harbor
|
||||||
depends_on:
|
depends_on:
|
||||||
- redis
|
- redis
|
||||||
- ui
|
- core
|
||||||
- adminserver
|
- adminserver
|
||||||
logging:
|
logging:
|
||||||
driver: "syslog"
|
driver: "syslog"
|
||||||
options:
|
options:
|
||||||
syslog-address: "tcp://127.0.0.1:1514"
|
syslog-address: "tcp://127.0.0.1:1514"
|
||||||
tag: "jobservice"
|
tag: "jobservice"
|
||||||
redis:
|
redis:
|
||||||
@ -157,7 +157,7 @@ services:
|
|||||||
- log
|
- log
|
||||||
logging:
|
logging:
|
||||||
driver: "syslog"
|
driver: "syslog"
|
||||||
options:
|
options:
|
||||||
syslog-address: "tcp://127.0.0.1:1514"
|
syslog-address: "tcp://127.0.0.1:1514"
|
||||||
tag: "redis"
|
tag: "redis"
|
||||||
proxy:
|
proxy:
|
||||||
@ -175,7 +175,7 @@ services:
|
|||||||
depends_on:
|
depends_on:
|
||||||
- postgresql
|
- postgresql
|
||||||
- registry
|
- registry
|
||||||
- ui
|
- core
|
||||||
- portal
|
- portal
|
||||||
- log
|
- log
|
||||||
logging:
|
logging:
|
||||||
|
@ -176,11 +176,11 @@ spec:
|
|||||||
configMapKeyRef:
|
configMapKeyRef:
|
||||||
name: harbor-adminserver-config
|
name: harbor-adminserver-config
|
||||||
key: MAX_JOB_WORKERS
|
key: MAX_JOB_WORKERS
|
||||||
- name: UI_SECRET
|
- name: CORE_SECRET
|
||||||
valueFrom:
|
valueFrom:
|
||||||
configMapKeyRef:
|
configMapKeyRef:
|
||||||
name: harbor-adminserver-config
|
name: harbor-adminserver-config
|
||||||
key: UI_SECRET
|
key: CORE_SECRET
|
||||||
- name: JOBSERVICE_SECRET
|
- name: JOBSERVICE_SECRET
|
||||||
valueFrom:
|
valueFrom:
|
||||||
configMapKeyRef:
|
configMapKeyRef:
|
||||||
|
@ -1,55 +1,55 @@
|
|||||||
apiVersion: extensions/v1beta1
|
apiVersion: extensions/v1beta1
|
||||||
kind: Deployment
|
kind: Deployment
|
||||||
metadata:
|
metadata:
|
||||||
name: ui
|
name: core
|
||||||
labels:
|
labels:
|
||||||
name: ui
|
name: core
|
||||||
spec:
|
spec:
|
||||||
replicas: 1
|
replicas: 1
|
||||||
template:
|
template:
|
||||||
metadata:
|
metadata:
|
||||||
labels:
|
labels:
|
||||||
name: ui-apps
|
name: core-apps
|
||||||
spec:
|
spec:
|
||||||
containers:
|
containers:
|
||||||
- name: ui-app
|
- name: core-app
|
||||||
image: vmware/harbor-ui:v1.2.0
|
image: vmware/harbor-core:v1.2.0
|
||||||
imagePullPolicy: IfNotPresent
|
imagePullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
- name: CONFIG_PATH
|
- name: CONFIG_PATH
|
||||||
valueFrom:
|
valueFrom:
|
||||||
configMapKeyRef:
|
configMapKeyRef:
|
||||||
name: harbor-ui-config
|
name: harbor-core-config
|
||||||
key: CONFIG_PATH
|
key: CONFIG_PATH
|
||||||
- name: LOG_LEVEL
|
- name: LOG_LEVEL
|
||||||
valueFrom:
|
valueFrom:
|
||||||
configMapKeyRef:
|
configMapKeyRef:
|
||||||
name: harbor-ui-config
|
name: harbor-core-config
|
||||||
key: LOG_LEVEL
|
key: LOG_LEVEL
|
||||||
- name: UI_SECRET
|
- name: CORE_SECRET
|
||||||
valueFrom:
|
valueFrom:
|
||||||
configMapKeyRef:
|
configMapKeyRef:
|
||||||
name: harbor-ui-config
|
name: harbor-core-config
|
||||||
key: UI_SECRET
|
key: CORE_SECRET
|
||||||
- name: JOBSERVICE_SECRET
|
- name: JOBSERVICE_SECRET
|
||||||
valueFrom:
|
valueFrom:
|
||||||
configMapKeyRef:
|
configMapKeyRef:
|
||||||
name: harbor-ui-config
|
name: harbor-core-config
|
||||||
key: JOBSERVICE_SECRET
|
key: JOBSERVICE_SECRET
|
||||||
- name: GODEBUG
|
- name: GODEBUG
|
||||||
valueFrom:
|
valueFrom:
|
||||||
configMapKeyRef:
|
configMapKeyRef:
|
||||||
name: harbor-ui-config
|
name: harbor-core-config
|
||||||
key: GODEBUG
|
key: GODEBUG
|
||||||
ports:
|
ports:
|
||||||
- containerPort: 80
|
- containerPort: 80
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: config
|
- name: config
|
||||||
mountPath: /etc/ui
|
mountPath: /etc/core
|
||||||
volumes:
|
volumes:
|
||||||
- name: config
|
- name: config
|
||||||
configMap:
|
configMap:
|
||||||
name: harbor-ui-config
|
name: harbor-core-config
|
||||||
items:
|
items:
|
||||||
- key: config
|
- key: config
|
||||||
path: app.conf
|
path: app.conf
|
@ -1,9 +1,9 @@
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Service
|
kind: Service
|
||||||
metadata:
|
metadata:
|
||||||
name: ui
|
name: core
|
||||||
spec:
|
spec:
|
||||||
ports:
|
ports:
|
||||||
- port: 80
|
- port: 80
|
||||||
selector:
|
selector:
|
||||||
name: ui-apps
|
name: core-apps
|
@ -16,11 +16,11 @@ spec:
|
|||||||
image: vmware/harbor-jobservice:v1.2.0
|
image: vmware/harbor-jobservice:v1.2.0
|
||||||
imagePullPolicy: IfNotPresent
|
imagePullPolicy: IfNotPresent
|
||||||
env:
|
env:
|
||||||
- name: UI_SECRET
|
- name: CORE_SECRET
|
||||||
valueFrom:
|
valueFrom:
|
||||||
configMapKeyRef:
|
configMapKeyRef:
|
||||||
name: harbor-jobservice-config
|
name: harbor-jobservice-config
|
||||||
key: UI_SECRET
|
key: CORE_SECRET
|
||||||
- name: JOBSERVICE_SECRET
|
- name: JOBSERVICE_SECRET
|
||||||
valueFrom:
|
valueFrom:
|
||||||
configMapKeyRef:
|
configMapKeyRef:
|
||||||
|
@ -140,7 +140,7 @@ else:
|
|||||||
if cert_path != '':
|
if cert_path != '':
|
||||||
if os.path.isfile(cert_path):
|
if os.path.isfile(cert_path):
|
||||||
with open(cert_path, 'r') as cert:
|
with open(cert_path, 'r') as cert:
|
||||||
set_config('https_cert', cert.read())
|
set_config('https_cert', cert.read())i
|
||||||
else:
|
else:
|
||||||
raise Exception('Error: https cert is not existing')
|
raise Exception('Error: https cert is not existing')
|
||||||
else:
|
else:
|
||||||
@ -148,9 +148,9 @@ else:
|
|||||||
|
|
||||||
|
|
||||||
# add configs
|
# add configs
|
||||||
set_config('ui_url', get_config('ui_url_protocol') +
|
set_config('core_url', get_config('ui_url_protocol') +
|
||||||
'://' + get_config('hostname'))
|
'://' + get_config('hostname'))
|
||||||
set_config('ui_secret', ''.join(random.choice(
|
set_config('core_secret', ''.join(random.choice(
|
||||||
string.ascii_letters + string.digits) for i in range(16)))
|
string.ascii_letters + string.digits) for i in range(16)))
|
||||||
|
|
||||||
# generate auth pkey & cert
|
# generate auth pkey & cert
|
||||||
|
@ -21,7 +21,7 @@ data:
|
|||||||
MYSQL_PWD: "{{db_password}}"
|
MYSQL_PWD: "{{db_password}}"
|
||||||
MYSQL_DATABASE: registry
|
MYSQL_DATABASE: registry
|
||||||
REGISTRY_URL: http://registry:5000
|
REGISTRY_URL: http://registry:5000
|
||||||
TOKEN_SERVICE_URL: http://ui/service/token
|
TOKEN_SERVICE_URL: http://core/service/token
|
||||||
EMAIL_HOST: smtp.mydomain.com
|
EMAIL_HOST: smtp.mydomain.com
|
||||||
EMAIL_PORT: "25"
|
EMAIL_PORT: "25"
|
||||||
EMAIL_USR: sample_admin@mydomain.com
|
EMAIL_USR: sample_admin@mydomain.com
|
||||||
@ -33,7 +33,7 @@ data:
|
|||||||
PROJECT_CREATION_RESTRICTION: everyone
|
PROJECT_CREATION_RESTRICTION: everyone
|
||||||
VERIFY_REMOTE_CERT: "on"
|
VERIFY_REMOTE_CERT: "on"
|
||||||
MAX_JOB_WORKERS: "{{max_job_workers}}"
|
MAX_JOB_WORKERS: "{{max_job_workers}}"
|
||||||
UI_SECRET: "{{ui_secret}}"
|
CORE_SECRET: "{{core_secret}}"
|
||||||
JOBSERVICE_SECRET: "{{jobservice_secret}}"
|
JOBSERVICE_SECRET: "{{jobservice_secret}}"
|
||||||
TOKEN_EXPIRATION: "30"
|
TOKEN_EXPIRATION: "30"
|
||||||
CFG_EXPIRATION: "5"
|
CFG_EXPIRATION: "5"
|
||||||
@ -41,7 +41,7 @@ data:
|
|||||||
ADMIRAL_URL: NA
|
ADMIRAL_URL: NA
|
||||||
WITH_NOTARY: "False"
|
WITH_NOTARY: "False"
|
||||||
RESET: "false"
|
RESET: "false"
|
||||||
EXT_ENDPOINT: "{{ui_url}}"
|
EXT_ENDPOINT: "{{core_url}}"
|
||||||
TOKEN_URL: http://ui
|
TOKEN_URL: http://core
|
||||||
JSON_CFG_STORE_PATH: "/etc/config/config.json"
|
JSON_CFG_STORE_PATH: "/etc/config/config.json"
|
||||||
SECRET_KEY: "{{secret_key}}"
|
SECRET_KEY: "{{secret_key}}"
|
||||||
|
@ -9,7 +9,7 @@ spec:
|
|||||||
paths:
|
paths:
|
||||||
- path: /
|
- path: /
|
||||||
backend:
|
backend:
|
||||||
serviceName: ui
|
serviceName: core
|
||||||
servicePort: 80
|
servicePort: 80
|
||||||
- path: /v2
|
- path: /v2
|
||||||
backend:
|
backend:
|
||||||
@ -17,6 +17,6 @@ spec:
|
|||||||
servicePort: repo
|
servicePort: repo
|
||||||
- path: /service
|
- path: /service
|
||||||
backend:
|
backend:
|
||||||
serviceName: ui
|
serviceName: core
|
||||||
servicePort: 80
|
servicePort: 80
|
||||||
|
|
||||||
|
@ -3,7 +3,7 @@ kind: ConfigMap
|
|||||||
metadata:
|
metadata:
|
||||||
name: harbor-jobservice-config
|
name: harbor-jobservice-config
|
||||||
data:
|
data:
|
||||||
UI_SECRET: "{{ui_secret}}"
|
CORE_SECRET: "{{core_secret}}"
|
||||||
JOBSERVICE_SECRET: "{{jobservice_secret}}"
|
JOBSERVICE_SECRET: "{{jobservice_secret}}"
|
||||||
SECRET_KEY: "{{secret_key}}"
|
SECRET_KEY: "{{secret_key}}"
|
||||||
MAX_JOB_WORKERS: "{{max_job_workers}}"
|
MAX_JOB_WORKERS: "{{max_job_workers}}"
|
||||||
|
@ -27,14 +27,14 @@ data:
|
|||||||
auth:
|
auth:
|
||||||
token:
|
token:
|
||||||
issuer: harbor-token-issuer
|
issuer: harbor-token-issuer
|
||||||
realm: {{ui_url}}/service/token
|
realm: {{core_url}}/service/token
|
||||||
rootcertbundle: /etc/registry/root.crt
|
rootcertbundle: /etc/registry/root.crt
|
||||||
service: harbor-registry
|
service: harbor-registry
|
||||||
notifications:
|
notifications:
|
||||||
endpoints:
|
endpoints:
|
||||||
- name: harbor
|
- name: harbor
|
||||||
disabled: false
|
disabled: false
|
||||||
url: http://ui/service/notifications
|
url: http://core/service/notifications
|
||||||
timeout: 3000ms
|
timeout: 3000ms
|
||||||
threshold: 5
|
threshold: 5
|
||||||
backoff: 1s
|
backoff: 1s
|
||||||
|
@ -1,11 +1,11 @@
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: ConfigMap
|
kind: ConfigMap
|
||||||
metadata:
|
metadata:
|
||||||
name: harbor-ui-config
|
name: harbor-core-config
|
||||||
data:
|
data:
|
||||||
CONFIG_PATH: /etc/ui/app.conf
|
CONFIG_PATH: /etc/core/app.conf
|
||||||
LOG_LEVEL: debug
|
LOG_LEVEL: debug
|
||||||
UI_SECRET: "{{ui_secret}}"
|
CORE_SECRET: "{{core_secret}}"
|
||||||
JOBSERVICE_SECRET: "{{jobservice_secret}}"
|
JOBSERVICE_SECRET: "{{jobservice_secret}}"
|
||||||
GODEBUG: netdns=cgo
|
GODEBUG: netdns=cgo
|
||||||
SECRET_KEY: "{{secret_key}}"
|
SECRET_KEY: "{{secret_key}}"
|
||||||
|
@ -25,9 +25,9 @@ DOCKERIMASES=$(DOCKERCMD) images
|
|||||||
ADMINSERVERSOURCECODE=$(SRCPATH)/adminserver
|
ADMINSERVERSOURCECODE=$(SRCPATH)/adminserver
|
||||||
ADMINSERVERBINARYPATH=$(MAKEDEVPATH)/adminserver
|
ADMINSERVERBINARYPATH=$(MAKEDEVPATH)/adminserver
|
||||||
ADMINSERVERBINARYNAME=harbor_adminserver
|
ADMINSERVERBINARYNAME=harbor_adminserver
|
||||||
UISOURCECODE=$(SRCPATH)/ui
|
CORE_SOURCECODE=$(SRCPATH)/core
|
||||||
UIBINARYPATH=$(MAKEDEVPATH)/ui
|
CORE_BINARYPATH=$(MAKEDEVPATH)/core
|
||||||
UIBINARYNAME=harbor_ui
|
CORE_BINARYNAME=harbor_core
|
||||||
JOBSERVICESOURCECODE=$(SRCPATH)/jobservice
|
JOBSERVICESOURCECODE=$(SRCPATH)/jobservice
|
||||||
JOBSERVICEBINARYPATH=$(MAKEDEVPATH)/jobservice
|
JOBSERVICEBINARYPATH=$(MAKEDEVPATH)/jobservice
|
||||||
JOBSERVICEBINARYNAME=harbor_jobservice
|
JOBSERVICEBINARYNAME=harbor_jobservice
|
||||||
@ -43,9 +43,9 @@ DOCKERFILEPATH_PORTAL=$(DOCKERFILEPATH)/portal
|
|||||||
DOCKERFILENAME_PORTAL=Dockerfile
|
DOCKERFILENAME_PORTAL=Dockerfile
|
||||||
DOCKERIMAGENAME_PORTAL=goharbor/harbor-portal
|
DOCKERIMAGENAME_PORTAL=goharbor/harbor-portal
|
||||||
|
|
||||||
DOCKERFILEPATH_UI=$(DOCKERFILEPATH)/ui
|
DOCKERFILEPATH_CORE=$(DOCKERFILEPATH)/core
|
||||||
DOCKERFILENAME_UI=Dockerfile
|
DOCKERFILENAME_CORE=Dockerfile
|
||||||
DOCKERIMAGENAME_UI=goharbor/harbor-ui
|
DOCKERIMAGENAME_CORE=goharbor/harbor-core
|
||||||
|
|
||||||
DOCKERFILEPATH_JOBSERVICE=$(DOCKERFILEPATH)/jobservice
|
DOCKERFILEPATH_JOBSERVICE=$(DOCKERFILEPATH)/jobservice
|
||||||
DOCKERFILENAME_JOBSERVICE=Dockerfile
|
DOCKERFILENAME_JOBSERVICE=Dockerfile
|
||||||
@ -115,9 +115,9 @@ _build_portal:
|
|||||||
$(DOCKERBUILD) -f $(DOCKERFILEPATH_PORTAL)/$(DOCKERFILENAME_PORTAL) -t $(DOCKERIMAGENAME_PORTAL):$(VERSIONTAG) .
|
$(DOCKERBUILD) -f $(DOCKERFILEPATH_PORTAL)/$(DOCKERFILENAME_PORTAL) -t $(DOCKERIMAGENAME_PORTAL):$(VERSIONTAG) .
|
||||||
@echo "Done."
|
@echo "Done."
|
||||||
|
|
||||||
_build_ui:
|
_build_core:
|
||||||
@echo "building ui container for photon..."
|
@echo "building core container for photon..."
|
||||||
@$(DOCKERBUILD) -f $(DOCKERFILEPATH_UI)/$(DOCKERFILENAME_UI) -t $(DOCKERIMAGENAME_UI):$(VERSIONTAG) .
|
@$(DOCKERBUILD) -f $(DOCKERFILEPATH_CORE)/$(DOCKERFILENAME_CORE) -t $(DOCKERIMAGENAME_CORE):$(VERSIONTAG) .
|
||||||
@echo "Done."
|
@echo "Done."
|
||||||
|
|
||||||
_build_jobservice:
|
_build_jobservice:
|
||||||
@ -212,13 +212,13 @@ define _get_binary
|
|||||||
$(WGET) --timeout 30 --no-check-certificate $1 -O $2
|
$(WGET) --timeout 30 --no-check-certificate $1 -O $2
|
||||||
endef
|
endef
|
||||||
|
|
||||||
build: _build_db _build_adminserver _build_portal _build_ui _build_jobservice _build_log _build_nginx _build_registry _build_registryctl _build_notary _build_clair _build_redis _build_migrator _build_chart_server
|
build: _build_db _build_adminserver _build_portal _build_core _build_jobservice _build_log _build_nginx _build_registry _build_registryctl _build_notary _build_clair _build_redis _build_migrator _build_chart_server
|
||||||
|
|
||||||
cleanimage:
|
cleanimage:
|
||||||
@echo "cleaning image for photon..."
|
@echo "cleaning image for photon..."
|
||||||
- $(DOCKERRMIMAGE) -f $(DOCKERIMAGENAME_ADMINSERVER):$(VERSIONTAG)
|
- $(DOCKERRMIMAGE) -f $(DOCKERIMAGENAME_ADMINSERVER):$(VERSIONTAG)
|
||||||
- $(DOCKERRMIMAGE) -f $(DOCKERIMAGENAME_PORTAL):$(VERSIONTAG)
|
- $(DOCKERRMIMAGE) -f $(DOCKERIMAGENAME_PORTAL):$(VERSIONTAG)
|
||||||
- $(DOCKERRMIMAGE) -f $(DOCKERIMAGENAME_UI):$(VERSIONTAG)
|
- $(DOCKERRMIMAGE) -f $(DOCKERIMAGENAME_CORE):$(VERSIONTAG)
|
||||||
- $(DOCKERRMIMAGE) -f $(DOCKERIMAGENAME_JOBSERVICE):$(VERSIONTAG)
|
- $(DOCKERRMIMAGE) -f $(DOCKERIMAGENAME_JOBSERVICE):$(VERSIONTAG)
|
||||||
- $(DOCKERRMIMAGE) -f $(DOCKERIMAGENAME_LOG):$(VERSIONTAG)
|
- $(DOCKERRMIMAGE) -f $(DOCKERIMAGENAME_LOG):$(VERSIONTAG)
|
||||||
|
|
||||||
|
@ -8,11 +8,10 @@ RUN tdnf distro-sync -y \
|
|||||||
&& mkdir /harbor/
|
&& mkdir /harbor/
|
||||||
|
|
||||||
HEALTHCHECK CMD curl --fail -s http://127.0.0.1:8080/api/ping || exit 1
|
HEALTHCHECK CMD curl --fail -s http://127.0.0.1:8080/api/ping || exit 1
|
||||||
COPY ./make/photon/ui/harbor_ui ./src/favicon.ico ./make/photon/ui/start.sh ./UIVERSION /harbor/
|
COPY ./make/photon/core/harbor_core ./make/photon/core/start.sh ./UIVERSION /harbor/
|
||||||
COPY ./src/ui/views /harbor/views
|
COPY ./src/core/views /harbor/views
|
||||||
COPY ./src/ui/static /harbor/static
|
|
||||||
|
|
||||||
RUN chmod u+x /harbor/start.sh /harbor/harbor_ui
|
RUN chmod u+x /harbor/start.sh /harbor/harbor_core
|
||||||
WORKDIR /harbor/
|
WORKDIR /harbor/
|
||||||
|
|
||||||
ENTRYPOINT ["/harbor/start.sh"]
|
ENTRYPOINT ["/harbor/start.sh"]
|
3
make/photon/core/start.sh
Normal file
3
make/photon/core/start.sh
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
sudo -E -u \#10000 "/harbor/harbor_core"
|
||||||
|
|
@ -8,10 +8,8 @@ ls -la
|
|||||||
cat ./package.json
|
cat ./package.json
|
||||||
npm install
|
npm install
|
||||||
|
|
||||||
## Build harbor-ui and link it
|
## Build harbor-portal and link it
|
||||||
rm -rf /build_dir/lib/dist
|
|
||||||
npm run build_lib
|
npm run build_lib
|
||||||
chmod -R +xr /build_dir/lib/dist
|
|
||||||
npm run link_lib
|
npm run link_lib
|
||||||
|
|
||||||
## Build production
|
## Build production
|
||||||
|
@ -1,3 +0,0 @@
|
|||||||
#!/bin/sh
|
|
||||||
sudo -E -u \#10000 "/harbor/harbor_ui"
|
|
||||||
|
|
63
make/prepare
63
make/prepare
@ -21,6 +21,10 @@ if sys.version_info[:3][0] == 3:
|
|||||||
|
|
||||||
DATA_VOL = "/data"
|
DATA_VOL = "/data"
|
||||||
|
|
||||||
|
base_dir = os.path.dirname(__file__)
|
||||||
|
config_dir = os.path.join(base_dir, "common/config")
|
||||||
|
templates_dir = os.path.join(base_dir, "common/templates")
|
||||||
|
|
||||||
def validate(conf, args):
|
def validate(conf, args):
|
||||||
|
|
||||||
protocol = rcp.get("configuration", "ui_url_protocol")
|
protocol = rcp.get("configuration", "ui_url_protocol")
|
||||||
@ -109,9 +113,6 @@ def render(src, dest, **kw):
|
|||||||
f.write(t.substitute(**kw))
|
f.write(t.substitute(**kw))
|
||||||
print("Generated configuration file: %s" % dest)
|
print("Generated configuration file: %s" % dest)
|
||||||
|
|
||||||
base_dir = os.path.dirname(__file__)
|
|
||||||
config_dir = os.path.join(base_dir, "common/config")
|
|
||||||
templates_dir = os.path.join(base_dir, "common/templates")
|
|
||||||
def delfile(src):
|
def delfile(src):
|
||||||
if os.path.isfile(src):
|
if os.path.isfile(src):
|
||||||
try:
|
try:
|
||||||
@ -241,15 +242,15 @@ storage_provider_config = rcp.get("configuration", "registry_storage_provider_co
|
|||||||
# yaml requires 1 or more spaces between the key and value
|
# yaml requires 1 or more spaces between the key and value
|
||||||
storage_provider_config = storage_provider_config.replace(":", ": ", 1)
|
storage_provider_config = storage_provider_config.replace(":", ": ", 1)
|
||||||
registry_custom_ca_bundle_path = rcp.get("configuration", "registry_custom_ca_bundle").strip()
|
registry_custom_ca_bundle_path = rcp.get("configuration", "registry_custom_ca_bundle").strip()
|
||||||
ui_secret = ''.join(random.choice(string.ascii_letters+string.digits) for i in range(16))
|
core_secret = ''.join(random.choice(string.ascii_letters+string.digits) for i in range(16))
|
||||||
jobservice_secret = ''.join(random.choice(string.ascii_letters+string.digits) for i in range(16))
|
jobservice_secret = ''.join(random.choice(string.ascii_letters+string.digits) for i in range(16))
|
||||||
|
|
||||||
adminserver_config_dir = os.path.join(config_dir,"adminserver")
|
adminserver_config_dir = os.path.join(config_dir,"adminserver")
|
||||||
if not os.path.exists(adminserver_config_dir):
|
if not os.path.exists(adminserver_config_dir):
|
||||||
os.makedirs(os.path.join(config_dir, "adminserver"))
|
os.makedirs(os.path.join(config_dir, "adminserver"))
|
||||||
|
|
||||||
ui_config_dir = prep_conf_dir(config_dir,"ui")
|
core_config_dir = prep_conf_dir(config_dir,"core")
|
||||||
ui_certificates_dir = prep_conf_dir(ui_config_dir,"certificates")
|
core_certificates_dir = prep_conf_dir(core_config_dir,"certificates")
|
||||||
db_config_dir = prep_conf_dir(config_dir, "db")
|
db_config_dir = prep_conf_dir(config_dir, "db")
|
||||||
job_config_dir = prep_conf_dir(config_dir, "jobservice")
|
job_config_dir = prep_conf_dir(config_dir, "jobservice")
|
||||||
registry_config_dir = prep_conf_dir(config_dir, "registry")
|
registry_config_dir = prep_conf_dir(config_dir, "registry")
|
||||||
@ -259,9 +260,9 @@ nginx_conf_d = prep_conf_dir(nginx_config_dir, "conf.d")
|
|||||||
log_config_dir = prep_conf_dir (config_dir, "log")
|
log_config_dir = prep_conf_dir (config_dir, "log")
|
||||||
|
|
||||||
adminserver_conf_env = os.path.join(config_dir, "adminserver", "env")
|
adminserver_conf_env = os.path.join(config_dir, "adminserver", "env")
|
||||||
ui_conf_env = os.path.join(config_dir, "ui", "env")
|
core_conf_env = os.path.join(config_dir, "core", "env")
|
||||||
ui_conf = os.path.join(config_dir, "ui", "app.conf")
|
core_conf = os.path.join(config_dir, "core", "app.conf")
|
||||||
ui_cert_dir = os.path.join(config_dir, "ui", "certificates")
|
core_cert_dir = os.path.join(config_dir, "core", "certificates")
|
||||||
jobservice_conf = os.path.join(config_dir, "jobservice", "config.yml")
|
jobservice_conf = os.path.join(config_dir, "jobservice", "config.yml")
|
||||||
registry_conf = os.path.join(config_dir, "registry", "config.yml")
|
registry_conf = os.path.join(config_dir, "registry", "config.yml")
|
||||||
registryctl_conf_env = os.path.join(config_dir, "registryctl", "env")
|
registryctl_conf_env = os.path.join(config_dir, "registryctl", "env")
|
||||||
@ -274,8 +275,8 @@ log_rotate_config = os.path.join(config_dir, "log", "logrotate.conf")
|
|||||||
adminserver_url = "http://adminserver:8080"
|
adminserver_url = "http://adminserver:8080"
|
||||||
registry_url = "http://registry:5000"
|
registry_url = "http://registry:5000"
|
||||||
registry_controller_url = "http://registryctl:8080"
|
registry_controller_url = "http://registryctl:8080"
|
||||||
ui_url = "http://ui:8080"
|
core_url = "http://core:8080"
|
||||||
token_service_url = "http://ui:8080/service/token"
|
token_service_url = "http://core:8080/service/token"
|
||||||
|
|
||||||
jobservice_url = "http://jobservice:8080"
|
jobservice_url = "http://jobservice:8080"
|
||||||
clair_url = "http://clair:6060"
|
clair_url = "http://clair:6060"
|
||||||
@ -313,7 +314,7 @@ render(os.path.join(templates_dir, "adminserver", "env"),
|
|||||||
adminserver_conf_env,
|
adminserver_conf_env,
|
||||||
reload_config=reload_config,
|
reload_config=reload_config,
|
||||||
public_url=public_url,
|
public_url=public_url,
|
||||||
ui_url=ui_url,
|
core_url=core_url,
|
||||||
auth_mode=auth_mode,
|
auth_mode=auth_mode,
|
||||||
self_registration=self_registration,
|
self_registration=self_registration,
|
||||||
ldap_url=ldap_url,
|
ldap_url=ldap_url,
|
||||||
@ -345,7 +346,7 @@ render(os.path.join(templates_dir, "adminserver", "env"),
|
|||||||
harbor_admin_password=harbor_admin_password,
|
harbor_admin_password=harbor_admin_password,
|
||||||
project_creation_restriction=proj_cre_restriction,
|
project_creation_restriction=proj_cre_restriction,
|
||||||
max_job_workers=max_job_workers,
|
max_job_workers=max_job_workers,
|
||||||
ui_secret=ui_secret,
|
core_secret=core_secret,
|
||||||
jobservice_secret=jobservice_secret,
|
jobservice_secret=jobservice_secret,
|
||||||
token_expiration=token_expiration,
|
token_expiration=token_expiration,
|
||||||
admiral_url=admiral_url,
|
admiral_url=admiral_url,
|
||||||
@ -379,9 +380,9 @@ chart_cache_driver = "memory"
|
|||||||
if len(redis_host) > 0:
|
if len(redis_host) > 0:
|
||||||
chart_cache_driver = "redis"
|
chart_cache_driver = "redis"
|
||||||
|
|
||||||
render(os.path.join(templates_dir, "ui", "env"),
|
render(os.path.join(templates_dir, "core", "env"),
|
||||||
ui_conf_env,
|
core_conf_env,
|
||||||
ui_secret=ui_secret,
|
core_secret=core_secret,
|
||||||
jobservice_secret=jobservice_secret,
|
jobservice_secret=jobservice_secret,
|
||||||
redis_host=redis_host,
|
redis_host=redis_host,
|
||||||
redis_port=redis_port,
|
redis_port=redis_port,
|
||||||
@ -413,7 +414,7 @@ render(os.path.join(templates_dir, "registry", registry_config_file),
|
|||||||
registry_conf,
|
registry_conf,
|
||||||
storage_provider_info=storage_provider_info,
|
storage_provider_info=storage_provider_info,
|
||||||
public_url=public_url,
|
public_url=public_url,
|
||||||
ui_url=ui_url,
|
core_url=core_url,
|
||||||
redis_host=redis_host,
|
redis_host=redis_host,
|
||||||
redis_port=redis_port,
|
redis_port=redis_port,
|
||||||
redis_password=redis_password,
|
redis_password=redis_password,
|
||||||
@ -425,7 +426,7 @@ render(os.path.join(templates_dir, "db", "env"),
|
|||||||
|
|
||||||
render(os.path.join(templates_dir, "jobservice", "env"),
|
render(os.path.join(templates_dir, "jobservice", "env"),
|
||||||
job_conf_env,
|
job_conf_env,
|
||||||
ui_secret=ui_secret,
|
core_secret=core_secret,
|
||||||
jobservice_secret=jobservice_secret,
|
jobservice_secret=jobservice_secret,
|
||||||
adminserver_url=adminserver_url)
|
adminserver_url=adminserver_url)
|
||||||
|
|
||||||
@ -442,19 +443,19 @@ render(os.path.join(templates_dir, "log", "logrotate.conf"),
|
|||||||
render(os.path.join(templates_dir, "registryctl", "env"),
|
render(os.path.join(templates_dir, "registryctl", "env"),
|
||||||
registryctl_conf_env,
|
registryctl_conf_env,
|
||||||
jobservice_secret=jobservice_secret,
|
jobservice_secret=jobservice_secret,
|
||||||
ui_secret=ui_secret)
|
core_secret=core_secret)
|
||||||
|
|
||||||
shutil.copyfile(os.path.join(templates_dir, "ui", "app.conf"), ui_conf)
|
shutil.copyfile(os.path.join(templates_dir, "core", "app.conf"), core_conf)
|
||||||
shutil.copyfile(os.path.join(templates_dir, "registryctl", "config.yml"), registryctl_conf_yml)
|
shutil.copyfile(os.path.join(templates_dir, "registryctl", "config.yml"), registryctl_conf_yml)
|
||||||
print("Generated configuration file: %s" % ui_conf)
|
print("Generated configuration file: %s" % core_conf)
|
||||||
|
|
||||||
if auth_mode == "uaa_auth":
|
if auth_mode == "uaa_auth":
|
||||||
if os.path.isfile(uaa_ca_cert):
|
if os.path.isfile(uaa_ca_cert):
|
||||||
if not os.path.isdir(ui_cert_dir):
|
if not os.path.isdir(core_cert_dir):
|
||||||
os.makedirs(ui_cert_dir)
|
os.makedirs(core_cert_dir)
|
||||||
ui_uaa_ca = os.path.join(ui_cert_dir, "uaa_ca.pem")
|
core_uaa_ca = os.path.join(core_cert_dir, "uaa_ca.pem")
|
||||||
print("Copying UAA CA cert to %s" % ui_uaa_ca)
|
print("Copying UAA CA cert to %s" % core_uaa_ca)
|
||||||
shutil.copyfile(uaa_ca_cert, ui_uaa_ca)
|
shutil.copyfile(uaa_ca_cert, core_uaa_ca)
|
||||||
else:
|
else:
|
||||||
print("Can not find UAA CA cert: %s, skip" % uaa_ca_cert)
|
print("Can not find UAA CA cert: %s, skip" % uaa_ca_cert)
|
||||||
|
|
||||||
@ -508,14 +509,14 @@ def openssl_installed():
|
|||||||
if customize_crt == 'on' and openssl_installed():
|
if customize_crt == 'on' and openssl_installed():
|
||||||
shell_stat = subprocess.check_call(["which", "openssl"], stdout=FNULL, stderr=subprocess.STDOUT)
|
shell_stat = subprocess.check_call(["which", "openssl"], stdout=FNULL, stderr=subprocess.STDOUT)
|
||||||
empty_subj = "/"
|
empty_subj = "/"
|
||||||
private_key_pem = os.path.join(config_dir, "ui", "private_key.pem")
|
private_key_pem = os.path.join(config_dir, "core", "private_key.pem")
|
||||||
root_crt = os.path.join(config_dir, "registry", "root.crt")
|
root_crt = os.path.join(config_dir, "registry", "root.crt")
|
||||||
create_root_cert(empty_subj, key_path=private_key_pem, cert_path=root_crt)
|
create_root_cert(empty_subj, key_path=private_key_pem, cert_path=root_crt)
|
||||||
mark_file(private_key_pem)
|
mark_file(private_key_pem)
|
||||||
mark_file(root_crt)
|
mark_file(root_crt)
|
||||||
else:
|
else:
|
||||||
print("Copied configuration file: %s" % ui_config_dir + "private_key.pem")
|
print("Copied configuration file: %s" % core_config_dir + "private_key.pem")
|
||||||
shutil.copyfile(os.path.join(templates_dir, "ui", "private_key.pem"), os.path.join(ui_config_dir, "private_key.pem"))
|
shutil.copyfile(os.path.join(templates_dir, "core", "private_key.pem"), os.path.join(core_config_dir, "private_key.pem"))
|
||||||
print("Copied configuration file: %s" % registry_config_dir + "root.crt")
|
print("Copied configuration file: %s" % registry_config_dir + "root.crt")
|
||||||
shutil.copyfile(os.path.join(templates_dir, "registry", "root.crt"), os.path.join(registry_config_dir, "root.crt"))
|
shutil.copyfile(os.path.join(templates_dir, "registry", "root.crt"), os.path.join(registry_config_dir, "root.crt"))
|
||||||
|
|
||||||
@ -710,10 +711,10 @@ if args.chart_mode:
|
|||||||
cache_redis_addr=cache_redis_addr,
|
cache_redis_addr=cache_redis_addr,
|
||||||
cache_redis_password=cache_redis_password,
|
cache_redis_password=cache_redis_password,
|
||||||
cache_redis_db_index=cache_redis_db_index,
|
cache_redis_db_index=cache_redis_db_index,
|
||||||
ui_secret=ui_secret,
|
core_secret=core_secret,
|
||||||
storage_driver=storage_driver,
|
storage_driver=storage_driver,
|
||||||
all_storage_driver_configs=all_storage_provider_configs)
|
all_storage_driver_configs=all_storage_provider_configs)
|
||||||
|
|
||||||
|
|
||||||
FNULL.close()
|
FNULL.close()
|
||||||
print("The configuration files are ready, please use docker-compose to start the service.")
|
print("The configuration files are ready, please use docker-compose to start the service.")
|
||||||
|
@ -28,7 +28,7 @@ import (
|
|||||||
func NewHandler() http.Handler {
|
func NewHandler() http.Handler {
|
||||||
h := newRouter()
|
h := newRouter()
|
||||||
secrets := map[string]string{
|
secrets := map[string]string{
|
||||||
"uiSecret": os.Getenv("UI_SECRET"),
|
"uiSecret": os.Getenv("CORE_SECRET"),
|
||||||
"jobserviceSecret": os.Getenv("JOBSERVICE_SECRET"),
|
"jobserviceSecret": os.Getenv("JOBSERVICE_SECRET"),
|
||||||
}
|
}
|
||||||
insecureAPIs := map[string]bool{
|
insecureAPIs := map[string]bool{
|
||||||
|
@ -155,7 +155,7 @@ var (
|
|||||||
env: "UAA_VERIFY_CERT",
|
env: "UAA_VERIFY_CERT",
|
||||||
parse: parseStringToBool,
|
parse: parseStringToBool,
|
||||||
},
|
},
|
||||||
common.UIURL: "UI_URL",
|
common.CoreURL: "CORE_URL",
|
||||||
common.JobServiceURL: "JOBSERVICE_URL",
|
common.JobServiceURL: "JOBSERVICE_URL",
|
||||||
common.TokenServiceURL: "TOKEN_SERVICE_URL",
|
common.TokenServiceURL: "TOKEN_SERVICE_URL",
|
||||||
common.ClairURL: "CLAIR_URL",
|
common.ClairURL: "CLAIR_URL",
|
||||||
@ -220,7 +220,7 @@ var (
|
|||||||
parse: parseStringToBool,
|
parse: parseStringToBool,
|
||||||
},
|
},
|
||||||
common.RegistryStorageProviderName: "REGISTRY_STORAGE_PROVIDER_NAME",
|
common.RegistryStorageProviderName: "REGISTRY_STORAGE_PROVIDER_NAME",
|
||||||
common.UIURL: "UI_URL",
|
common.CoreURL: "CORE_URL",
|
||||||
common.JobServiceURL: "JOBSERVICE_URL",
|
common.JobServiceURL: "JOBSERVICE_URL",
|
||||||
common.RegistryURL: "REGISTRY_URL",
|
common.RegistryURL: "REGISTRY_URL",
|
||||||
common.TokenServiceURL: "TOKEN_SERVICE_URL",
|
common.TokenServiceURL: "TOKEN_SERVICE_URL",
|
||||||
|
@ -11,7 +11,7 @@ import (
|
|||||||
|
|
||||||
const (
|
const (
|
||||||
userName = "chart_controller"
|
userName = "chart_controller"
|
||||||
passwordKey = "UI_SECRET"
|
passwordKey = "CORE_SECRET"
|
||||||
)
|
)
|
||||||
|
|
||||||
// Credential keeps the username and password for the basic auth
|
// Credential keeps the username and password for the basic auth
|
||||||
|
@ -49,7 +49,7 @@ const (
|
|||||||
PostGreSQLDatabase = "postgresql_database"
|
PostGreSQLDatabase = "postgresql_database"
|
||||||
PostGreSQLSSLMode = "postgresql_sslmode"
|
PostGreSQLSSLMode = "postgresql_sslmode"
|
||||||
SelfRegistration = "self_registration"
|
SelfRegistration = "self_registration"
|
||||||
UIURL = "ui_url"
|
CoreURL = "core_url"
|
||||||
JobServiceURL = "jobservice_url"
|
JobServiceURL = "jobservice_url"
|
||||||
LDAPURL = "ldap_url"
|
LDAPURL = "ldap_url"
|
||||||
LDAPSearchDN = "ldap_search_dn"
|
LDAPSearchDN = "ldap_search_dn"
|
||||||
@ -106,7 +106,7 @@ const (
|
|||||||
NotaryURL = "notary_url"
|
NotaryURL = "notary_url"
|
||||||
DefaultAdminserverEndpoint = "http://adminserver:8080"
|
DefaultAdminserverEndpoint = "http://adminserver:8080"
|
||||||
DefaultJobserviceEndpoint = "http://jobservice:8080"
|
DefaultJobserviceEndpoint = "http://jobservice:8080"
|
||||||
DefaultUIEndpoint = "http://ui:8080"
|
DefaultCoreEndpoint = "http://core:8080"
|
||||||
DefaultNotaryEndpoint = "http://notary-server:4443"
|
DefaultNotaryEndpoint = "http://notary-server:4443"
|
||||||
LdapGroupType = 1
|
LdapGroupType = 1
|
||||||
ReloadKey = "reload_key"
|
ReloadKey = "reload_key"
|
||||||
|
@ -90,7 +90,7 @@ func SetAdminJobUUID(id int64, uuid string) error {
|
|||||||
// GetTop10AdminJobs ...
|
// GetTop10AdminJobs ...
|
||||||
func GetTop10AdminJobs() ([]*models.AdminJob, error) {
|
func GetTop10AdminJobs() ([]*models.AdminJob, error) {
|
||||||
sql := `select * from admin_job
|
sql := `select * from admin_job
|
||||||
where deleted = false order by update_time limit 10`
|
where deleted = false order by update_time desc limit 10`
|
||||||
jobs := []*models.AdminJob{}
|
jobs := []*models.AdminJob{}
|
||||||
_, err := GetOrmer().Raw(sql).QueryRows(&jobs)
|
_, err := GetOrmer().Raw(sql).QueryRows(&jobs)
|
||||||
return jobs, err
|
return jobs, err
|
||||||
|
@ -23,9 +23,9 @@ import (
|
|||||||
"github.com/goharbor/harbor/src/common/dao"
|
"github.com/goharbor/harbor/src/common/dao"
|
||||||
"github.com/goharbor/harbor/src/common/models"
|
"github.com/goharbor/harbor/src/common/models"
|
||||||
"github.com/goharbor/harbor/src/common/utils/log"
|
"github.com/goharbor/harbor/src/common/utils/log"
|
||||||
_ "github.com/goharbor/harbor/src/ui/auth/db"
|
_ "github.com/goharbor/harbor/src/core/auth/db"
|
||||||
_ "github.com/goharbor/harbor/src/ui/auth/ldap"
|
_ "github.com/goharbor/harbor/src/core/auth/ldap"
|
||||||
cfg "github.com/goharbor/harbor/src/ui/config"
|
cfg "github.com/goharbor/harbor/src/core/config"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestMain(m *testing.M) {
|
func TestMain(m *testing.M) {
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
package task
|
package task
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"github.com/goharbor/harbor/src/ui/utils"
|
"github.com/goharbor/harbor/src/core/utils"
|
||||||
)
|
)
|
||||||
|
|
||||||
// ScanAllTask is task of scanning all tags.
|
// ScanAllTask is task of scanning all tags.
|
||||||
|
@ -19,8 +19,8 @@ const (
|
|||||||
AdminserverUser = "harbor-adminserver"
|
AdminserverUser = "harbor-adminserver"
|
||||||
// JobserviceUser is the name of jobservice user
|
// JobserviceUser is the name of jobservice user
|
||||||
JobserviceUser = "harbor-jobservice"
|
JobserviceUser = "harbor-jobservice"
|
||||||
// UIUser is the name of ui user
|
// CoreUser is the name of ui user
|
||||||
UIUser = "harbor-ui"
|
CoreUser = "harbor-core"
|
||||||
)
|
)
|
||||||
|
|
||||||
// Store the secrets and provides methods to validate secrets
|
// Store the secrets and provides methods to validate secrets
|
||||||
|
@ -19,7 +19,7 @@ import (
|
|||||||
"github.com/goharbor/harbor/src/common/models"
|
"github.com/goharbor/harbor/src/common/models"
|
||||||
"github.com/goharbor/harbor/src/common/security/admiral/authcontext"
|
"github.com/goharbor/harbor/src/common/security/admiral/authcontext"
|
||||||
"github.com/goharbor/harbor/src/common/utils/log"
|
"github.com/goharbor/harbor/src/common/utils/log"
|
||||||
"github.com/goharbor/harbor/src/ui/promgr"
|
"github.com/goharbor/harbor/src/core/promgr"
|
||||||
)
|
)
|
||||||
|
|
||||||
// SecurityContext implements security.Context interface based on
|
// SecurityContext implements security.Context interface based on
|
||||||
|
@ -20,7 +20,7 @@ import (
|
|||||||
"github.com/goharbor/harbor/src/common/dao/group"
|
"github.com/goharbor/harbor/src/common/dao/group"
|
||||||
"github.com/goharbor/harbor/src/common/models"
|
"github.com/goharbor/harbor/src/common/models"
|
||||||
"github.com/goharbor/harbor/src/common/utils/log"
|
"github.com/goharbor/harbor/src/common/utils/log"
|
||||||
"github.com/goharbor/harbor/src/ui/promgr"
|
"github.com/goharbor/harbor/src/core/promgr"
|
||||||
)
|
)
|
||||||
|
|
||||||
// SecurityContext implements security.Context interface based on database
|
// SecurityContext implements security.Context interface based on database
|
||||||
|
@ -24,8 +24,8 @@ import (
|
|||||||
"github.com/goharbor/harbor/src/common/dao/project"
|
"github.com/goharbor/harbor/src/common/dao/project"
|
||||||
"github.com/goharbor/harbor/src/common/models"
|
"github.com/goharbor/harbor/src/common/models"
|
||||||
"github.com/goharbor/harbor/src/common/utils/log"
|
"github.com/goharbor/harbor/src/common/utils/log"
|
||||||
"github.com/goharbor/harbor/src/ui/promgr"
|
"github.com/goharbor/harbor/src/core/promgr"
|
||||||
"github.com/goharbor/harbor/src/ui/promgr/pmsdriver/local"
|
"github.com/goharbor/harbor/src/core/promgr/pmsdriver/local"
|
||||||
"github.com/stretchr/testify/assert"
|
"github.com/stretchr/testify/assert"
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
)
|
)
|
||||||
|
@ -76,7 +76,7 @@ func (s *SecurityContext) HasReadPerm(projectIDOrName interface{}) bool {
|
|||||||
if s.store == nil {
|
if s.store == nil {
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
return s.store.GetUsername(s.secret) == secret.JobserviceUser || s.store.GetUsername(s.secret) == secret.UIUser
|
return s.store.GetUsername(s.secret) == secret.JobserviceUser || s.store.GetUsername(s.secret) == secret.CoreUser
|
||||||
}
|
}
|
||||||
|
|
||||||
// HasWritePerm always returns false
|
// HasWritePerm always returns false
|
||||||
|
@ -25,7 +25,7 @@ import (
|
|||||||
|
|
||||||
"github.com/goharbor/harbor/src/common/models"
|
"github.com/goharbor/harbor/src/common/models"
|
||||||
"github.com/goharbor/harbor/src/common/utils/log"
|
"github.com/goharbor/harbor/src/common/utils/log"
|
||||||
"github.com/goharbor/harbor/src/ui/config"
|
"github.com/goharbor/harbor/src/core/config"
|
||||||
|
|
||||||
goldap "gopkg.in/ldap.v2"
|
goldap "gopkg.in/ldap.v2"
|
||||||
)
|
)
|
||||||
|
@ -10,7 +10,7 @@ import (
|
|||||||
"github.com/goharbor/harbor/src/common/models"
|
"github.com/goharbor/harbor/src/common/models"
|
||||||
"github.com/goharbor/harbor/src/common/utils/log"
|
"github.com/goharbor/harbor/src/common/utils/log"
|
||||||
"github.com/goharbor/harbor/src/common/utils/test"
|
"github.com/goharbor/harbor/src/common/utils/test"
|
||||||
uiConfig "github.com/goharbor/harbor/src/ui/config"
|
uiConfig "github.com/goharbor/harbor/src/core/config"
|
||||||
goldap "gopkg.in/ldap.v2"
|
goldap "gopkg.in/ldap.v2"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -29,8 +29,8 @@ import (
|
|||||||
"github.com/docker/notary/tuf/data"
|
"github.com/docker/notary/tuf/data"
|
||||||
"github.com/goharbor/harbor/src/common/utils/log"
|
"github.com/goharbor/harbor/src/common/utils/log"
|
||||||
"github.com/goharbor/harbor/src/common/utils/registry"
|
"github.com/goharbor/harbor/src/common/utils/registry"
|
||||||
"github.com/goharbor/harbor/src/ui/config"
|
"github.com/goharbor/harbor/src/core/config"
|
||||||
tokenutil "github.com/goharbor/harbor/src/ui/service/token"
|
tokenutil "github.com/goharbor/harbor/src/core/service/token"
|
||||||
|
|
||||||
"github.com/opencontainers/go-digest"
|
"github.com/opencontainers/go-digest"
|
||||||
)
|
)
|
||||||
|
@ -20,7 +20,7 @@ import (
|
|||||||
"github.com/goharbor/harbor/src/common"
|
"github.com/goharbor/harbor/src/common"
|
||||||
notarytest "github.com/goharbor/harbor/src/common/utils/notary/test"
|
notarytest "github.com/goharbor/harbor/src/common/utils/notary/test"
|
||||||
utilstest "github.com/goharbor/harbor/src/common/utils/test"
|
utilstest "github.com/goharbor/harbor/src/common/utils/test"
|
||||||
"github.com/goharbor/harbor/src/ui/config"
|
"github.com/goharbor/harbor/src/core/config"
|
||||||
"github.com/stretchr/testify/assert"
|
"github.com/stretchr/testify/assert"
|
||||||
|
|
||||||
"net/http/httptest"
|
"net/http/httptest"
|
||||||
|
@ -26,7 +26,7 @@ import (
|
|||||||
"github.com/goharbor/harbor/src/common/http/modifier"
|
"github.com/goharbor/harbor/src/common/http/modifier"
|
||||||
"github.com/goharbor/harbor/src/common/models"
|
"github.com/goharbor/harbor/src/common/models"
|
||||||
"github.com/goharbor/harbor/src/common/utils/log"
|
"github.com/goharbor/harbor/src/common/utils/log"
|
||||||
token_util "github.com/goharbor/harbor/src/ui/service/token"
|
token_util "github.com/goharbor/harbor/src/core/service/token"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
|
@ -72,7 +72,7 @@ var adminServerDefaultConfig = map[string]interface{}{
|
|||||||
common.UAAClientSecret: "testsecret",
|
common.UAAClientSecret: "testsecret",
|
||||||
common.UAAEndpoint: "10.192.168.5",
|
common.UAAEndpoint: "10.192.168.5",
|
||||||
common.UAAVerifyCert: false,
|
common.UAAVerifyCert: false,
|
||||||
common.UIURL: "http://myui:8888/",
|
common.CoreURL: "http://myui:8888/",
|
||||||
common.JobServiceURL: "http://myjob:8888/",
|
common.JobServiceURL: "http://myjob:8888/",
|
||||||
common.ReadOnly: false,
|
common.ReadOnly: false,
|
||||||
common.NotaryURL: "http://notary-server:4443",
|
common.NotaryURL: "http://notary-server:4443",
|
||||||
|
@ -21,10 +21,10 @@ import (
|
|||||||
"github.com/goharbor/harbor/src/common/api"
|
"github.com/goharbor/harbor/src/common/api"
|
||||||
"github.com/goharbor/harbor/src/common/security"
|
"github.com/goharbor/harbor/src/common/security"
|
||||||
"github.com/goharbor/harbor/src/common/utils/log"
|
"github.com/goharbor/harbor/src/common/utils/log"
|
||||||
"github.com/goharbor/harbor/src/ui/config"
|
"github.com/goharbor/harbor/src/core/config"
|
||||||
"github.com/goharbor/harbor/src/ui/filter"
|
"github.com/goharbor/harbor/src/core/filter"
|
||||||
"github.com/goharbor/harbor/src/ui/promgr"
|
"github.com/goharbor/harbor/src/core/promgr"
|
||||||
"github.com/goharbor/harbor/src/ui/utils"
|
"github.com/goharbor/harbor/src/core/utils"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
@ -16,7 +16,7 @@ import (
|
|||||||
|
|
||||||
"github.com/goharbor/harbor/src/chartserver"
|
"github.com/goharbor/harbor/src/chartserver"
|
||||||
hlog "github.com/goharbor/harbor/src/common/utils/log"
|
hlog "github.com/goharbor/harbor/src/common/utils/log"
|
||||||
"github.com/goharbor/harbor/src/ui/config"
|
"github.com/goharbor/harbor/src/core/config"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
@ -6,7 +6,7 @@ import (
|
|||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
"github.com/goharbor/harbor/src/common/models"
|
"github.com/goharbor/harbor/src/common/models"
|
||||||
"github.com/goharbor/harbor/src/ui/promgr/metamgr"
|
"github.com/goharbor/harbor/src/core/promgr/metamgr"
|
||||||
)
|
)
|
||||||
|
|
||||||
// Test access checking
|
// Test access checking
|
@ -23,7 +23,7 @@ import (
|
|||||||
"github.com/goharbor/harbor/src/common/dao"
|
"github.com/goharbor/harbor/src/common/dao"
|
||||||
"github.com/goharbor/harbor/src/common/models"
|
"github.com/goharbor/harbor/src/common/models"
|
||||||
"github.com/goharbor/harbor/src/common/utils/log"
|
"github.com/goharbor/harbor/src/common/utils/log"
|
||||||
"github.com/goharbor/harbor/src/ui/config"
|
"github.com/goharbor/harbor/src/core/config"
|
||||||
)
|
)
|
||||||
|
|
||||||
// ConfigAPI ...
|
// ConfigAPI ...
|
@ -19,7 +19,7 @@ import (
|
|||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
"github.com/goharbor/harbor/src/common"
|
"github.com/goharbor/harbor/src/common"
|
||||||
"github.com/goharbor/harbor/src/ui/config"
|
"github.com/goharbor/harbor/src/core/config"
|
||||||
"github.com/stretchr/testify/assert"
|
"github.com/stretchr/testify/assert"
|
||||||
)
|
)
|
||||||
|
|
@ -21,7 +21,7 @@ import (
|
|||||||
|
|
||||||
"github.com/goharbor/harbor/src/common/utils/email"
|
"github.com/goharbor/harbor/src/common/utils/email"
|
||||||
"github.com/goharbor/harbor/src/common/utils/log"
|
"github.com/goharbor/harbor/src/common/utils/log"
|
||||||
"github.com/goharbor/harbor/src/ui/config"
|
"github.com/goharbor/harbor/src/core/config"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
@ -32,8 +32,8 @@ import (
|
|||||||
"github.com/goharbor/harbor/src/common/models"
|
"github.com/goharbor/harbor/src/common/models"
|
||||||
"github.com/goharbor/harbor/src/common/utils"
|
"github.com/goharbor/harbor/src/common/utils"
|
||||||
ldapUtils "github.com/goharbor/harbor/src/common/utils/ldap"
|
ldapUtils "github.com/goharbor/harbor/src/common/utils/ldap"
|
||||||
"github.com/goharbor/harbor/src/ui/config"
|
"github.com/goharbor/harbor/src/core/config"
|
||||||
"github.com/goharbor/harbor/src/ui/filter"
|
"github.com/goharbor/harbor/src/core/filter"
|
||||||
"github.com/goharbor/harbor/tests/apitests/apilib"
|
"github.com/goharbor/harbor/tests/apitests/apilib"
|
||||||
// "strconv"
|
// "strconv"
|
||||||
// "strings"
|
// "strings"
|
||||||
@ -42,10 +42,10 @@ import (
|
|||||||
"github.com/dghubble/sling"
|
"github.com/dghubble/sling"
|
||||||
|
|
||||||
// for test env prepare
|
// for test env prepare
|
||||||
|
_ "github.com/goharbor/harbor/src/core/auth/db"
|
||||||
|
_ "github.com/goharbor/harbor/src/core/auth/ldap"
|
||||||
"github.com/goharbor/harbor/src/replication/core"
|
"github.com/goharbor/harbor/src/replication/core"
|
||||||
_ "github.com/goharbor/harbor/src/replication/event"
|
_ "github.com/goharbor/harbor/src/replication/event"
|
||||||
_ "github.com/goharbor/harbor/src/ui/auth/db"
|
|
||||||
_ "github.com/goharbor/harbor/src/ui/auth/ldap"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
@ -5,7 +5,7 @@ import (
|
|||||||
"strconv"
|
"strconv"
|
||||||
|
|
||||||
"github.com/goharbor/harbor/src/common/models"
|
"github.com/goharbor/harbor/src/common/models"
|
||||||
"github.com/goharbor/harbor/src/ui/label"
|
"github.com/goharbor/harbor/src/core/label"
|
||||||
)
|
)
|
||||||
|
|
||||||
// LabelResourceAPI provides the related basic functions to handle marking labels to resources
|
// LabelResourceAPI provides the related basic functions to handle marking labels to resources
|
@ -20,7 +20,7 @@ import (
|
|||||||
"github.com/goharbor/harbor/src/common/models"
|
"github.com/goharbor/harbor/src/common/models"
|
||||||
ldapUtils "github.com/goharbor/harbor/src/common/utils/ldap"
|
ldapUtils "github.com/goharbor/harbor/src/common/utils/ldap"
|
||||||
"github.com/goharbor/harbor/src/common/utils/log"
|
"github.com/goharbor/harbor/src/common/utils/log"
|
||||||
"github.com/goharbor/harbor/src/ui/auth"
|
"github.com/goharbor/harbor/src/core/auth"
|
||||||
|
|
||||||
goldap "gopkg.in/ldap.v2"
|
goldap "gopkg.in/ldap.v2"
|
||||||
)
|
)
|
@ -23,7 +23,7 @@ import (
|
|||||||
|
|
||||||
"github.com/goharbor/harbor/src/common/models"
|
"github.com/goharbor/harbor/src/common/models"
|
||||||
"github.com/goharbor/harbor/src/common/utils/log"
|
"github.com/goharbor/harbor/src/common/utils/log"
|
||||||
"github.com/goharbor/harbor/src/ui/promgr/metamgr"
|
"github.com/goharbor/harbor/src/core/promgr/metamgr"
|
||||||
)
|
)
|
||||||
|
|
||||||
// MetadataAPI ...
|
// MetadataAPI ...
|
@ -17,13 +17,14 @@ package models
|
|||||||
import (
|
import (
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"time"
|
||||||
|
|
||||||
"github.com/astaxie/beego/validation"
|
"github.com/astaxie/beego/validation"
|
||||||
"github.com/goharbor/harbor/src/common/job"
|
"github.com/goharbor/harbor/src/common/job"
|
||||||
"github.com/goharbor/harbor/src/common/job/models"
|
"github.com/goharbor/harbor/src/common/job/models"
|
||||||
"github.com/goharbor/harbor/src/common/utils"
|
"github.com/goharbor/harbor/src/common/utils"
|
||||||
"github.com/goharbor/harbor/src/common/utils/log"
|
"github.com/goharbor/harbor/src/common/utils/log"
|
||||||
"github.com/goharbor/harbor/src/ui/config"
|
"github.com/goharbor/harbor/src/core/config"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
@ -50,9 +51,22 @@ type ScheduleParam struct {
|
|||||||
// Daily, Weekly, Manual, None
|
// Daily, Weekly, Manual, None
|
||||||
Type string `json:"type"`
|
Type string `json:"type"`
|
||||||
// Optional, only used when type is 'weekly'
|
// Optional, only used when type is 'weekly'
|
||||||
Weekday int8 `json:"Weekday"`
|
Weekday int8 `json:"weekday"`
|
||||||
// The time offset with the UTC 00:00 in seconds
|
// The time offset with the UTC 00:00 in seconds
|
||||||
Offtime int64 `json:"Offtime"`
|
Offtime int64 `json:"offtime"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// GCRep holds the response of query gc
|
||||||
|
type GCRep struct {
|
||||||
|
ID int64 `json:"id"`
|
||||||
|
Name string `json:"job_name"`
|
||||||
|
Kind string `json:"job_kind"`
|
||||||
|
Schedule *ScheduleParam `json:"schedule"`
|
||||||
|
Status string `json:"job_status"`
|
||||||
|
UUID string `json:"-"`
|
||||||
|
Deleted bool `json:"deleted"`
|
||||||
|
CreationTime time.Time `json:"creation_time"`
|
||||||
|
UpdateTime time.Time `json:"update_time"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// Valid validates the gc request
|
// Valid validates the gc request
|
||||||
@ -93,7 +107,7 @@ func (gr *GCReq) ToJob() (*models.JobData, error) {
|
|||||||
Parameters: gr.Parameters,
|
Parameters: gr.Parameters,
|
||||||
Metadata: metadata,
|
Metadata: metadata,
|
||||||
StatusHook: fmt.Sprintf("%s/service/notifications/jobs/adminjob/%d",
|
StatusHook: fmt.Sprintf("%s/service/notifications/jobs/adminjob/%d",
|
||||||
config.InternalUIURL(), gr.ID),
|
config.InternalCoreURL(), gr.ID),
|
||||||
}
|
}
|
||||||
return jobData, nil
|
return jobData, nil
|
||||||
}
|
}
|
@ -25,7 +25,7 @@ import (
|
|||||||
)
|
)
|
||||||
|
|
||||||
var adminServerTestConfig = map[string]interface{}{
|
var adminServerTestConfig = map[string]interface{}{
|
||||||
common.DefaultUIEndpoint: "test",
|
common.DefaultCoreEndpoint: "test",
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestMain(m *testing.M) {
|
func TestMain(m *testing.M) {
|
@ -25,7 +25,7 @@ import (
|
|||||||
"github.com/goharbor/harbor/src/common/utils"
|
"github.com/goharbor/harbor/src/common/utils"
|
||||||
errutil "github.com/goharbor/harbor/src/common/utils/error"
|
errutil "github.com/goharbor/harbor/src/common/utils/error"
|
||||||
"github.com/goharbor/harbor/src/common/utils/log"
|
"github.com/goharbor/harbor/src/common/utils/log"
|
||||||
"github.com/goharbor/harbor/src/ui/config"
|
"github.com/goharbor/harbor/src/core/config"
|
||||||
|
|
||||||
"strconv"
|
"strconv"
|
||||||
"time"
|
"time"
|
@ -25,7 +25,7 @@ import (
|
|||||||
"github.com/goharbor/harbor/src/common/dao/project"
|
"github.com/goharbor/harbor/src/common/dao/project"
|
||||||
"github.com/goharbor/harbor/src/common/models"
|
"github.com/goharbor/harbor/src/common/models"
|
||||||
"github.com/goharbor/harbor/src/common/utils/log"
|
"github.com/goharbor/harbor/src/common/utils/log"
|
||||||
"github.com/goharbor/harbor/src/ui/auth"
|
"github.com/goharbor/harbor/src/core/auth"
|
||||||
)
|
)
|
||||||
|
|
||||||
// ProjectMemberAPI handles request to /api/projects/{}/members/{}
|
// ProjectMemberAPI handles request to /api/projects/{}/members/{}
|
@ -20,13 +20,14 @@ import (
|
|||||||
"os"
|
"os"
|
||||||
"strconv"
|
"strconv"
|
||||||
|
|
||||||
|
"encoding/json"
|
||||||
"github.com/goharbor/harbor/src/common/dao"
|
"github.com/goharbor/harbor/src/common/dao"
|
||||||
common_http "github.com/goharbor/harbor/src/common/http"
|
common_http "github.com/goharbor/harbor/src/common/http"
|
||||||
common_job "github.com/goharbor/harbor/src/common/job"
|
common_job "github.com/goharbor/harbor/src/common/job"
|
||||||
common_models "github.com/goharbor/harbor/src/common/models"
|
common_models "github.com/goharbor/harbor/src/common/models"
|
||||||
"github.com/goharbor/harbor/src/common/utils/log"
|
"github.com/goharbor/harbor/src/common/utils/log"
|
||||||
"github.com/goharbor/harbor/src/ui/api/models"
|
"github.com/goharbor/harbor/src/core/api/models"
|
||||||
utils_ui "github.com/goharbor/harbor/src/ui/utils"
|
utils_core "github.com/goharbor/harbor/src/core/utils"
|
||||||
)
|
)
|
||||||
|
|
||||||
// GCAPI handles request of harbor admin...
|
// GCAPI handles request of harbor admin...
|
||||||
@ -80,7 +81,7 @@ func (gc *GCAPI) Put() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// stop the scheduled job and remove it.
|
// stop the scheduled job and remove it.
|
||||||
if err = utils_ui.GetJobServiceClient().PostAction(jobs[0].UUID, common_job.JobActionStop); err != nil {
|
if err = utils_core.GetJobServiceClient().PostAction(jobs[0].UUID, common_job.JobActionStop); err != nil {
|
||||||
if e, ok := err.(*common_http.Error); !ok || e.Code != http.StatusNotFound {
|
if e, ok := err.(*common_http.Error); !ok || e.Code != http.StatusNotFound {
|
||||||
gc.HandleInternalServerError(fmt.Sprintf("%v", err))
|
gc.HandleInternalServerError(fmt.Sprintf("%v", err))
|
||||||
return
|
return
|
||||||
@ -109,11 +110,22 @@ func (gc *GCAPI) GetGC() {
|
|||||||
jobs, err := dao.GetAdminJobs(&common_models.AdminJobQuery{
|
jobs, err := dao.GetAdminJobs(&common_models.AdminJobQuery{
|
||||||
ID: id,
|
ID: id,
|
||||||
})
|
})
|
||||||
|
|
||||||
|
gcreps := []*models.GCRep{}
|
||||||
|
for _, job := range jobs {
|
||||||
|
gcrep, err := convertToGCRep(job)
|
||||||
|
if err != nil {
|
||||||
|
gc.HandleInternalServerError(fmt.Sprintf("failed to convert gc response: %v", err))
|
||||||
|
return
|
||||||
|
}
|
||||||
|
gcreps = append(gcreps, &gcrep)
|
||||||
|
}
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
gc.HandleInternalServerError(fmt.Sprintf("failed to get admin jobs: %v", err))
|
gc.HandleInternalServerError(fmt.Sprintf("failed to get admin jobs: %v", err))
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
gc.Data["json"] = jobs
|
gc.Data["json"] = gcreps
|
||||||
gc.ServeJSON()
|
gc.ServeJSON()
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -124,7 +136,16 @@ func (gc *GCAPI) List() {
|
|||||||
gc.HandleInternalServerError(fmt.Sprintf("failed to get admin jobs: %v", err))
|
gc.HandleInternalServerError(fmt.Sprintf("failed to get admin jobs: %v", err))
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
gc.Data["json"] = jobs
|
gcreps := []*models.GCRep{}
|
||||||
|
for _, job := range jobs {
|
||||||
|
gcrep, err := convertToGCRep(job)
|
||||||
|
if err != nil {
|
||||||
|
gc.HandleInternalServerError(fmt.Sprintf("failed to convert gc response: %v", err))
|
||||||
|
return
|
||||||
|
}
|
||||||
|
gcreps = append(gcreps, &gcrep)
|
||||||
|
}
|
||||||
|
gc.Data["json"] = gcreps
|
||||||
gc.ServeJSON()
|
gc.ServeJSON()
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -142,7 +163,16 @@ func (gc *GCAPI) Get() {
|
|||||||
gc.HandleInternalServerError("Get more than one GC scheduled job, make sure there has only one.")
|
gc.HandleInternalServerError("Get more than one GC scheduled job, make sure there has only one.")
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
gc.Data["json"] = jobs
|
gcreps := []*models.GCRep{}
|
||||||
|
for _, job := range jobs {
|
||||||
|
gcrep, err := convertToGCRep(job)
|
||||||
|
if err != nil {
|
||||||
|
gc.HandleInternalServerError(fmt.Sprintf("failed to convert gc response: %v", err))
|
||||||
|
return
|
||||||
|
}
|
||||||
|
gcreps = append(gcreps, &gcrep)
|
||||||
|
}
|
||||||
|
gc.Data["json"] = gcreps
|
||||||
gc.ServeJSON()
|
gc.ServeJSON()
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -163,7 +193,7 @@ func (gc *GCAPI) GetLog() {
|
|||||||
gc.CustomAbort(http.StatusNotFound, "Failed to get Job")
|
gc.CustomAbort(http.StatusNotFound, "Failed to get Job")
|
||||||
}
|
}
|
||||||
|
|
||||||
logBytes, err := utils_ui.GetJobServiceClient().GetJobLog(job.UUID)
|
logBytes, err := utils_core.GetJobServiceClient().GetJobLog(job.UUID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if httpErr, ok := err.(*common_http.Error); ok {
|
if httpErr, ok := err.(*common_http.Error); ok {
|
||||||
gc.RenderError(httpErr.Code, "")
|
gc.RenderError(httpErr.Code, "")
|
||||||
@ -221,7 +251,7 @@ func (gc *GCAPI) submitJob(gr *models.GCReq) {
|
|||||||
|
|
||||||
// submit job to jobservice
|
// submit job to jobservice
|
||||||
log.Debugf("submiting GC admin job to jobservice")
|
log.Debugf("submiting GC admin job to jobservice")
|
||||||
_, err = utils_ui.GetJobServiceClient().SubmitJob(job)
|
_, err = utils_core.GetJobServiceClient().SubmitJob(job)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if err := dao.DeleteAdminJob(id); err != nil {
|
if err := dao.DeleteAdminJob(id); err != nil {
|
||||||
log.Debugf("Failed to delete admin job, err: %v", err)
|
log.Debugf("Failed to delete admin job, err: %v", err)
|
||||||
@ -230,3 +260,27 @@ func (gc *GCAPI) submitJob(gr *models.GCReq) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func convertToGCRep(job *common_models.AdminJob) (models.GCRep, error) {
|
||||||
|
if job == nil {
|
||||||
|
return models.GCRep{}, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
gcrep := models.GCRep{
|
||||||
|
ID: job.ID,
|
||||||
|
Name: job.Name,
|
||||||
|
Kind: job.Kind,
|
||||||
|
Status: job.Status,
|
||||||
|
Deleted: job.Deleted,
|
||||||
|
CreationTime: job.CreationTime,
|
||||||
|
UpdateTime: job.UpdateTime,
|
||||||
|
}
|
||||||
|
if len(job.Cron) > 0 {
|
||||||
|
schedule := &models.ScheduleParam{}
|
||||||
|
if err := json.Unmarshal([]byte(job.Cron), &schedule); err != nil {
|
||||||
|
return models.GCRep{}, err
|
||||||
|
}
|
||||||
|
gcrep.Schedule = schedule
|
||||||
|
}
|
||||||
|
return gcrep, nil
|
||||||
|
}
|
80
src/core/api/reg_gc_test.go
Normal file
80
src/core/api/reg_gc_test.go
Normal file
@ -0,0 +1,80 @@
|
|||||||
|
package api
|
||||||
|
|
||||||
|
import (
|
||||||
|
"testing"
|
||||||
|
|
||||||
|
common_models "github.com/goharbor/harbor/src/common/models"
|
||||||
|
api_modes "github.com/goharbor/harbor/src/core/api/models"
|
||||||
|
"github.com/goharbor/harbor/tests/apitests/apilib"
|
||||||
|
"github.com/stretchr/testify/assert"
|
||||||
|
)
|
||||||
|
|
||||||
|
var adminJob001 apilib.GCReq
|
||||||
|
var adminJob001schdeule apilib.ScheduleParam
|
||||||
|
|
||||||
|
func TestAdminJobPost(t *testing.T) {
|
||||||
|
|
||||||
|
assert := assert.New(t)
|
||||||
|
apiTest := newHarborAPI()
|
||||||
|
|
||||||
|
// case 1: add a new admin job
|
||||||
|
code, err := apiTest.AddGC(*admin, adminJob001)
|
||||||
|
if err != nil {
|
||||||
|
t.Error("Error occurred while add a admin job", err.Error())
|
||||||
|
t.Log(err)
|
||||||
|
} else {
|
||||||
|
assert.Equal(200, code, "Add adminjob status should be 200")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestAdminJobGet(t *testing.T) {
|
||||||
|
assert := assert.New(t)
|
||||||
|
apiTest := newHarborAPI()
|
||||||
|
|
||||||
|
code, _, err := apiTest.GCScheduleGet(*admin)
|
||||||
|
if err != nil {
|
||||||
|
t.Error("Error occurred while get a admin job", err.Error())
|
||||||
|
t.Log(err)
|
||||||
|
} else {
|
||||||
|
assert.Equal(200, code, "Get adminjob status should be 200")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestConvertToGCRep(t *testing.T) {
|
||||||
|
cases := []struct {
|
||||||
|
input *common_models.AdminJob
|
||||||
|
expected api_modes.GCRep
|
||||||
|
}{
|
||||||
|
{
|
||||||
|
input: nil,
|
||||||
|
expected: api_modes.GCRep{},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
input: &common_models.AdminJob{
|
||||||
|
ID: 1,
|
||||||
|
Name: "IMAGE_GC",
|
||||||
|
Kind: "Generic",
|
||||||
|
Cron: "{\"Type\":\"Manual\",\"Weekday\":0,\"Offtime\":0}",
|
||||||
|
Status: "pending",
|
||||||
|
Deleted: false,
|
||||||
|
},
|
||||||
|
expected: api_modes.GCRep{
|
||||||
|
ID: 1,
|
||||||
|
Name: "IMAGE_GC",
|
||||||
|
Kind: "Generic",
|
||||||
|
Schedule: &api_modes.ScheduleParam{
|
||||||
|
Type: "Manual",
|
||||||
|
Weekday: 0,
|
||||||
|
Offtime: 0,
|
||||||
|
},
|
||||||
|
Status: "pending",
|
||||||
|
Deleted: false,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
for _, c := range cases {
|
||||||
|
actual, _ := convertToGCRep(c.input)
|
||||||
|
assert.EqualValues(t, c.expected, actual)
|
||||||
|
}
|
||||||
|
}
|
@ -22,10 +22,10 @@ import (
|
|||||||
"github.com/goharbor/harbor/src/common/models"
|
"github.com/goharbor/harbor/src/common/models"
|
||||||
"github.com/goharbor/harbor/src/common/notifier"
|
"github.com/goharbor/harbor/src/common/notifier"
|
||||||
"github.com/goharbor/harbor/src/common/utils/log"
|
"github.com/goharbor/harbor/src/common/utils/log"
|
||||||
|
api_models "github.com/goharbor/harbor/src/core/api/models"
|
||||||
"github.com/goharbor/harbor/src/replication/core"
|
"github.com/goharbor/harbor/src/replication/core"
|
||||||
"github.com/goharbor/harbor/src/replication/event/notification"
|
"github.com/goharbor/harbor/src/replication/event/notification"
|
||||||
"github.com/goharbor/harbor/src/replication/event/topic"
|
"github.com/goharbor/harbor/src/replication/event/topic"
|
||||||
api_models "github.com/goharbor/harbor/src/ui/api/models"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
// ReplicationAPI handles API calls for replication
|
// ReplicationAPI handles API calls for replication
|
@ -25,9 +25,9 @@ import (
|
|||||||
common_job "github.com/goharbor/harbor/src/common/job"
|
common_job "github.com/goharbor/harbor/src/common/job"
|
||||||
"github.com/goharbor/harbor/src/common/models"
|
"github.com/goharbor/harbor/src/common/models"
|
||||||
"github.com/goharbor/harbor/src/common/utils/log"
|
"github.com/goharbor/harbor/src/common/utils/log"
|
||||||
|
api_models "github.com/goharbor/harbor/src/core/api/models"
|
||||||
|
"github.com/goharbor/harbor/src/core/utils"
|
||||||
"github.com/goharbor/harbor/src/replication/core"
|
"github.com/goharbor/harbor/src/replication/core"
|
||||||
api_models "github.com/goharbor/harbor/src/ui/api/models"
|
|
||||||
"github.com/goharbor/harbor/src/ui/utils"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
// RepJobAPI handles request to /api/replicationJobs /api/replicationJobs/:id/log
|
// RepJobAPI handles request to /api/replicationJobs /api/replicationJobs/:id/log
|
@ -23,11 +23,11 @@ import (
|
|||||||
"github.com/goharbor/harbor/src/common/dao"
|
"github.com/goharbor/harbor/src/common/dao"
|
||||||
"github.com/goharbor/harbor/src/common/models"
|
"github.com/goharbor/harbor/src/common/models"
|
||||||
"github.com/goharbor/harbor/src/common/utils/log"
|
"github.com/goharbor/harbor/src/common/utils/log"
|
||||||
|
api_models "github.com/goharbor/harbor/src/core/api/models"
|
||||||
|
"github.com/goharbor/harbor/src/core/promgr"
|
||||||
"github.com/goharbor/harbor/src/replication"
|
"github.com/goharbor/harbor/src/replication"
|
||||||
"github.com/goharbor/harbor/src/replication/core"
|
"github.com/goharbor/harbor/src/replication/core"
|
||||||
rep_models "github.com/goharbor/harbor/src/replication/models"
|
rep_models "github.com/goharbor/harbor/src/replication/models"
|
||||||
api_models "github.com/goharbor/harbor/src/ui/api/models"
|
|
||||||
"github.com/goharbor/harbor/src/ui/promgr"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
// RepPolicyAPI handles /api/replicationPolicies /api/replicationPolicies/:id/enablement
|
// RepPolicyAPI handles /api/replicationPolicies /api/replicationPolicies/:id/enablement
|
@ -24,9 +24,9 @@ import (
|
|||||||
"github.com/goharbor/harbor/src/common"
|
"github.com/goharbor/harbor/src/common"
|
||||||
"github.com/goharbor/harbor/src/common/dao"
|
"github.com/goharbor/harbor/src/common/dao"
|
||||||
"github.com/goharbor/harbor/src/common/models"
|
"github.com/goharbor/harbor/src/common/models"
|
||||||
|
api_models "github.com/goharbor/harbor/src/core/api/models"
|
||||||
"github.com/goharbor/harbor/src/replication"
|
"github.com/goharbor/harbor/src/replication"
|
||||||
rep_models "github.com/goharbor/harbor/src/replication/models"
|
rep_models "github.com/goharbor/harbor/src/replication/models"
|
||||||
api_models "github.com/goharbor/harbor/src/ui/api/models"
|
|
||||||
"github.com/stretchr/testify/assert"
|
"github.com/stretchr/testify/assert"
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
)
|
)
|
@ -20,8 +20,8 @@ import (
|
|||||||
|
|
||||||
"github.com/goharbor/harbor/src/common/dao"
|
"github.com/goharbor/harbor/src/common/dao"
|
||||||
"github.com/goharbor/harbor/src/common/models"
|
"github.com/goharbor/harbor/src/common/models"
|
||||||
|
api_models "github.com/goharbor/harbor/src/core/api/models"
|
||||||
"github.com/goharbor/harbor/src/replication"
|
"github.com/goharbor/harbor/src/replication"
|
||||||
api_models "github.com/goharbor/harbor/src/ui/api/models"
|
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
)
|
)
|
||||||
|
|
@ -36,10 +36,10 @@ import (
|
|||||||
"github.com/goharbor/harbor/src/common/utils/log"
|
"github.com/goharbor/harbor/src/common/utils/log"
|
||||||
"github.com/goharbor/harbor/src/common/utils/notary"
|
"github.com/goharbor/harbor/src/common/utils/notary"
|
||||||
"github.com/goharbor/harbor/src/common/utils/registry"
|
"github.com/goharbor/harbor/src/common/utils/registry"
|
||||||
|
"github.com/goharbor/harbor/src/core/config"
|
||||||
|
coreutils "github.com/goharbor/harbor/src/core/utils"
|
||||||
"github.com/goharbor/harbor/src/replication/event/notification"
|
"github.com/goharbor/harbor/src/replication/event/notification"
|
||||||
"github.com/goharbor/harbor/src/replication/event/topic"
|
"github.com/goharbor/harbor/src/replication/event/topic"
|
||||||
"github.com/goharbor/harbor/src/ui/config"
|
|
||||||
uiutils "github.com/goharbor/harbor/src/ui/utils"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
// RepositoryAPI handles request to /api/repositories /api/repositories/tags /api/repositories/manifests, the parm has to be put
|
// RepositoryAPI handles request to /api/repositories /api/repositories/tags /api/repositories/manifests, the parm has to be put
|
||||||
@ -251,7 +251,7 @@ func (ra *RepositoryAPI) Delete() {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
rc, err := uiutils.NewRepositoryClientForUI(ra.SecurityCtx.GetUsername(), repoName)
|
rc, err := coreutils.NewRepositoryClientForUI(ra.SecurityCtx.GetUsername(), repoName)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Errorf("error occurred while initializing repository client for %s: %v", repoName, err)
|
log.Errorf("error occurred while initializing repository client for %s: %v", repoName, err)
|
||||||
ra.CustomAbort(http.StatusInternalServerError, "internal error")
|
ra.CustomAbort(http.StatusInternalServerError, "internal error")
|
||||||
@ -401,7 +401,7 @@ func (ra *RepositoryAPI) GetTag() {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
client, err := uiutils.NewRepositoryClientForUI(ra.SecurityCtx.GetUsername(), repository)
|
client, err := coreutils.NewRepositoryClientForUI(ra.SecurityCtx.GetUsername(), repository)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
ra.HandleInternalServerError(fmt.Sprintf("failed to initialize the client for %s: %v",
|
ra.HandleInternalServerError(fmt.Sprintf("failed to initialize the client for %s: %v",
|
||||||
repository, err))
|
repository, err))
|
||||||
@ -455,7 +455,7 @@ func (ra *RepositoryAPI) GetTags() {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
client, err := uiutils.NewRepositoryClientForUI(ra.SecurityCtx.GetUsername(), repoName)
|
client, err := coreutils.NewRepositoryClientForUI(ra.SecurityCtx.GetUsername(), repoName)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Errorf("error occurred while initializing repository client for %s: %v", repoName, err)
|
log.Errorf("error occurred while initializing repository client for %s: %v", repoName, err)
|
||||||
ra.CustomAbort(http.StatusInternalServerError, "internal error")
|
ra.CustomAbort(http.StatusInternalServerError, "internal error")
|
||||||
@ -664,7 +664,7 @@ func (ra *RepositoryAPI) GetManifests() {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
rc, err := uiutils.NewRepositoryClientForUI(ra.SecurityCtx.GetUsername(), repoName)
|
rc, err := coreutils.NewRepositoryClientForUI(ra.SecurityCtx.GetUsername(), repoName)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Errorf("error occurred while initializing repository client for %s: %v", repoName, err)
|
log.Errorf("error occurred while initializing repository client for %s: %v", repoName, err)
|
||||||
ra.CustomAbort(http.StatusInternalServerError, "internal error")
|
ra.CustomAbort(http.StatusInternalServerError, "internal error")
|
||||||
@ -866,7 +866,7 @@ func (ra *RepositoryAPI) ScanImage() {
|
|||||||
ra.HandleForbidden(ra.SecurityCtx.GetUsername())
|
ra.HandleForbidden(ra.SecurityCtx.GetUsername())
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
err = uiutils.TriggerImageScan(repoName, tag)
|
err = coreutils.TriggerImageScan(repoName, tag)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Errorf("Error while calling job service to trigger image scan: %v", err)
|
log.Errorf("Error while calling job service to trigger image scan: %v", err)
|
||||||
ra.HandleInternalServerError("Failed to scan image, please check log for details")
|
ra.HandleInternalServerError("Failed to scan image, please check log for details")
|
||||||
@ -943,7 +943,7 @@ func (ra *RepositoryAPI) ScanAll() {
|
|||||||
ra.HandleForbidden(ra.SecurityCtx.GetUsername())
|
ra.HandleForbidden(ra.SecurityCtx.GetUsername())
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
if err := uiutils.ScanImagesByProjectID(pid); err != nil {
|
if err := coreutils.ScanImagesByProjectID(pid); err != nil {
|
||||||
log.Errorf("Failed triggering scan images in project: %d, error: %v", pid, err)
|
log.Errorf("Failed triggering scan images in project: %d, error: %v", pid, err)
|
||||||
ra.HandleInternalServerError(fmt.Sprintf("Error: %v", err))
|
ra.HandleInternalServerError(fmt.Sprintf("Error: %v", err))
|
||||||
return
|
return
|
||||||
@ -959,7 +959,7 @@ func (ra *RepositoryAPI) ScanAll() {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
if err := uiutils.ScanAllImages(); err != nil {
|
if err := coreutils.ScanAllImages(); err != nil {
|
||||||
log.Errorf("Failed triggering scan all images, error: %v", err)
|
log.Errorf("Failed triggering scan all images, error: %v", err)
|
||||||
ra.HandleInternalServerError(fmt.Sprintf("Error: %v", err))
|
ra.HandleInternalServerError(fmt.Sprintf("Error: %v", err))
|
||||||
return
|
return
|
||||||
@ -998,7 +998,7 @@ func (ra *RepositoryAPI) checkExistence(repository, tag string) (bool, string, e
|
|||||||
log.Errorf("project %s not found", project)
|
log.Errorf("project %s not found", project)
|
||||||
return false, "", nil
|
return false, "", nil
|
||||||
}
|
}
|
||||||
client, err := uiutils.NewRepositoryClientForUI(ra.SecurityCtx.GetUsername(), repository)
|
client, err := coreutils.NewRepositoryClientForUI(ra.SecurityCtx.GetUsername(), repository)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return false, "", fmt.Errorf("failed to initialize the client for %s: %v", repository, err)
|
return false, "", fmt.Errorf("failed to initialize the client for %s: %v", repository, err)
|
||||||
}
|
}
|
@ -23,7 +23,7 @@ import (
|
|||||||
"github.com/goharbor/harbor/src/common/dao"
|
"github.com/goharbor/harbor/src/common/dao"
|
||||||
"github.com/goharbor/harbor/src/common/models"
|
"github.com/goharbor/harbor/src/common/models"
|
||||||
"github.com/goharbor/harbor/src/common/utils"
|
"github.com/goharbor/harbor/src/common/utils"
|
||||||
uiutils "github.com/goharbor/harbor/src/ui/utils"
|
coreutils "github.com/goharbor/harbor/src/core/utils"
|
||||||
)
|
)
|
||||||
|
|
||||||
// RepositoryLabelAPI handles requests for adding/removing label to/from repositories and images
|
// RepositoryLabelAPI handles requests for adding/removing label to/from repositories and images
|
||||||
@ -154,7 +154,7 @@ func (r *RepositoryLabelAPI) RemoveFromRepository() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func imageExist(username, repository, tag string) (bool, error) {
|
func imageExist(username, repository, tag string) (bool, error) {
|
||||||
client, err := uiutils.NewRepositoryClientForUI(username, repository)
|
client, err := coreutils.NewRepositoryClientForUI(username, repository)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return false, err
|
return false, err
|
||||||
}
|
}
|
@ -18,7 +18,7 @@ import (
|
|||||||
"github.com/goharbor/harbor/src/common/dao"
|
"github.com/goharbor/harbor/src/common/dao"
|
||||||
common_http "github.com/goharbor/harbor/src/common/http"
|
common_http "github.com/goharbor/harbor/src/common/http"
|
||||||
"github.com/goharbor/harbor/src/common/utils/log"
|
"github.com/goharbor/harbor/src/common/utils/log"
|
||||||
"github.com/goharbor/harbor/src/ui/utils"
|
"github.com/goharbor/harbor/src/core/utils"
|
||||||
|
|
||||||
"fmt"
|
"fmt"
|
||||||
"net/http"
|
"net/http"
|
@ -24,7 +24,7 @@ import (
|
|||||||
"github.com/goharbor/harbor/src/common/models"
|
"github.com/goharbor/harbor/src/common/models"
|
||||||
"github.com/goharbor/harbor/src/common/utils"
|
"github.com/goharbor/harbor/src/common/utils"
|
||||||
"github.com/goharbor/harbor/src/common/utils/log"
|
"github.com/goharbor/harbor/src/common/utils/log"
|
||||||
uiutils "github.com/goharbor/harbor/src/ui/utils"
|
coreutils "github.com/goharbor/harbor/src/core/utils"
|
||||||
"k8s.io/helm/cmd/helm/search"
|
"k8s.io/helm/cmd/helm/search"
|
||||||
)
|
)
|
||||||
|
|
||||||
@ -190,7 +190,7 @@ func filterRepositories(projects []*models.Project, keyword string) (
|
|||||||
}
|
}
|
||||||
|
|
||||||
func getTags(repository string) ([]string, error) {
|
func getTags(repository string) ([]string, error) {
|
||||||
client, err := uiutils.NewRepositoryClientForUI("harbor-ui", repository)
|
client, err := coreutils.NewRepositoryClientForUI("harbor-core", repository)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user