mirror of
https://github.com/goharbor/harbor.git
synced 2024-11-29 13:45:20 +01:00
Allow POST method to request service/token in readonly mode (#19556)
fixes #18243 Signed-off-by: stonezdj <daojunz@vmware.com>
This commit is contained in:
parent
f6d5bf2e0f
commit
3a9d68a32a
@ -41,6 +41,7 @@ import (
|
||||
var (
|
||||
match = regexp.MustCompile
|
||||
numericRegexp = match(`[0-9]+`)
|
||||
serviceTokenRegexp = match(`^/service/token`)
|
||||
|
||||
// The ping endpoint will be blocked when DB conns reach the max open conns of the sql.DB
|
||||
// which will make ping request timeout, so skip the middlewares which will require DB conn.
|
||||
@ -72,6 +73,10 @@ var (
|
||||
middleware.MethodAndPathSkipper(http.MethodPost, match("^/service/notifications/jobs/replication/task/"+numericRegexp.String())),
|
||||
middleware.MethodAndPathSkipper(http.MethodPost, match("^/service/notifications/jobs/retention/task/"+numericRegexp.String())),
|
||||
middleware.MethodAndPathSkipper(http.MethodPost, match("^/service/notifications/jobs/schedules/"+numericRegexp.String())),
|
||||
// Harbor doesn't handle the POST request to /service/token. beego framework return 405 for the POST request
|
||||
// some client, such as containerd, may send the POST request to /service/token and depends on 405/404/401/400 return code to determine continue or not
|
||||
// the read only middleware returns 403 before the beego framework, so skip this request to make the client continue
|
||||
middleware.MethodAndPathSkipper(http.MethodPost, serviceTokenRegexp),
|
||||
pingSkipper,
|
||||
}
|
||||
)
|
||||
|
Loading…
Reference in New Issue
Block a user