mirror of
https://github.com/goharbor/harbor.git
synced 2024-11-23 02:35:17 +01:00
Provide digital signature info of the related chart version
This commit is contained in:
parent
c3106fc447
commit
4b1f0470ca
@ -25,6 +25,19 @@ type ChartVersionDetails struct {
|
||||
Dependencies []*chartutil.Dependency `json:"dependencies"`
|
||||
Values map[string]interface{} `json:"values"`
|
||||
Files map[string]string `json:"files"`
|
||||
Security *SecurityReport `json:"security"`
|
||||
}
|
||||
|
||||
//SecurityReport keeps the info related with security
|
||||
//e.g.: digital signature, vulnerability scanning etc.
|
||||
type SecurityReport struct {
|
||||
Signature *DigitalSignature `json:"signature"`
|
||||
}
|
||||
|
||||
//DigitalSignature used to indicate if the chart has been signed
|
||||
type DigitalSignature struct {
|
||||
Signed bool `json:"signed"`
|
||||
Provenance string `json:"prov_file"`
|
||||
}
|
||||
|
||||
//ChartInfo keeps the information of the chart
|
||||
|
@ -115,6 +115,26 @@ func (mh *ManipulationHandler) GetChartVersion(w http.ResponseWriter, req *http.
|
||||
}
|
||||
chartDetails.Metadata = chartV
|
||||
|
||||
//Generate the security report
|
||||
//prov file share same endpoint with the chart version
|
||||
//Just add .prov suffix to the chart version to form the path of prov file
|
||||
//Anyway, there will be a report about the digital signature status
|
||||
chartDetails.Security = &SecurityReport{
|
||||
Signature: &DigitalSignature{
|
||||
Signed: false,
|
||||
},
|
||||
}
|
||||
//Try to get the prov file to confirm if it is exitsing
|
||||
provFilePath := fmt.Sprintf("%s.prov", chartV.URLs[0])
|
||||
provBytes, err := mh.getChartVersionContent(namespace, provFilePath)
|
||||
if err == nil && len(provBytes) > 0 {
|
||||
chartDetails.Security.Signature.Signed = true
|
||||
chartDetails.Security.Signature.Provenance = provFilePath
|
||||
} else {
|
||||
//Just log it
|
||||
hlog.Errorf("Failed to get prov file for chart %s with error: %s, got %d bytes", chartV.Name, err.Error(), len(provBytes))
|
||||
}
|
||||
|
||||
//Put it into the cache for next access
|
||||
mh.chartCache.PutChart(chartDetails)
|
||||
} else {
|
||||
|
BIN
src/ui/harbor_ui
BIN
src/ui/harbor_ui
Binary file not shown.
Loading…
Reference in New Issue
Block a user