Upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor.git synced 2025-03-11 22:20:00 +01:00
Code Issues Projects Releases Wiki Activity

Merge remote-tracking branch 'upstream/dev' into dev-volume-info

Browse Source
This commit is contained in:
kunw 2016-11-09 14:53:26 +08:00
commit 55b98f9abd
53 changed files with 647 additions and 270 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -7,7 +7,7 @@ make/common/config/jobservice/env
make/common/config/nginx/nginx.conf
make/common/config/nginx/cert/*
make/dev/ui/harbor_ui
make/dev//jobservice/harbor_jobservice
make/dev/jobservice/harbor_jobservice
src/ui/ui
src/jobservice/jobservice
*.pyc

13
AUTHORS
View File

@ -2,27 +2,36 @@
Alexander Zeitler <alexander.zeitler at pdmlab.com>
Alexey Erkak <eryigin at mail.ru>
Allen Heavey <xheavey at gmail.com>
Allen Heavey <xheavey at gmail.com>
Amanda Zhang <amzhang at vmware.com>
Andre Cruz <andre at brpx.com>
Benniu Ji <benniuji at gmail.com>
Bin Liu <liubin0329 at gmail.com>
Bobby Zhang <junzhang at vmware.com>
Chaofeng Wu <chaofengw at vmware.com>
Daniel Jiang <jiangd at vmware.com>
Deshi Xiao <xiaods at gmail.com>
Deshi Xiao <xiaods at gmail.com>
Guangping Fu <krystism at gmail.com>
Haining Henry Zhang <henryzhang at vmware.com>
Hao Xia <haox at vmware.com>
Haoyuan <harryge00 at gmail.com>
Jack Liu <ljack at vmware.com>
Jessy Zhang <jessyz at vmware.com>
Jianye Li <li.jianye at gmail.com>
Kun Wang <kunw at vmware.com>
Mahesh Paolini-Subramanya <mahesh at dieswaytoofast.com>
Maxwell <710028463 at qq.com>
Meng Wei <weim at vmware.com>
Nagarjun G <nagarjung.g at gmail.com>
Peng Zhao <zhaopeng1988 at gmail.com>
Penghao Cen <scorpiocph at gmail.com>
Robin Naundorf <r.naundorf at fh-muenster.de>
Shan Zhu <zhus at vmware.com>
Robin Yue <jmyue at hotmail.com>
Tobe Chen <tobeg3oogle at gmail.com>
Victoria Zheng <vzheng at vmware.com>
Wenkai Yin <yinw at vmware.com>
Xiaoxiao Zhou <xiaoxiaoz at vmware.com>
Yahao He <bhe at vmware.com>
Yan Wang <wangyan at vmware.com>
Yong Hua <yhua at vmware.com>

9
CHANGELOG.md
View File

@ -1,5 +1,14 @@
# Changelog
## v0.4.5 (2016-10-31)
- Virtual appliance of Harbor for vSphere.
- Refactory for new build process.
- Easier configuration for HTTPS in prepare step.
- Updated documents.
- Various bug fixes.
## v0.4.0 (2016-09-23)
- Database schema changed, data migration/upgrade is needed for previous version.

66
Makefile
View File

@ -5,10 +5,14 @@
# all: prepare env, compile binarys, build images and install images
# prepare: prepare env
# compile: compile ui and jobservice code
# compile_buildgolangimage:
# compile local building golang image
# forexample : make compile_buildgolangimage -e \
# GOBUILDIMAGE=harborgo:1.6.2
# compile_golangimage:
# compile from golang image
# for example: make compile_golangimage -e GOBUILDIMAGE= \
# reg-bj.eng.vmware.com/harborrelease/harborgo:1.6.2
# harborgo:1.6.2
# compile_ui, compile_jobservice: compile specific binary
#
# build: build Harbor docker images (defuault: build_photon)
@ -52,8 +56,6 @@
# cleanversiontag:
# cleanpackageremove specific version tag
# cleanpackage: remove online/offline install package
#
# all: install
#
# other example:
# clean specific version binarys and images:
@ -106,6 +108,7 @@ GOBUILDPATH_JOBSERVICE=$(GOBUILDPATH)/src/jobservice
GOBUILDMAKEPATH=$(GOBUILDPATH)/make
GOBUILDMAKEPATH_UI=$(GOBUILDMAKEPATH)/dev/ui
GOBUILDMAKEPATH_JOBSERVICE=$(GOBUILDMAKEPATH)/dev/jobservice
GOLANGDOCKERFILENAME=Dockerfile.golang
# binary
UISOURCECODE=$(SRCPATH)/ui
@ -170,7 +173,7 @@ REGISTRYUSER=user
REGISTRYPASSWORD=default
version:
if [ "$(DEVFLAG)" = "false" ] ; then \
@if [ "$(DEVFLAG)" = "false" ] ; then \
$(SEDCMD) -i 's/version=\"{{.Version}}\"/version=\"$(VERSIONTAG)\"/' -i $(VERSIONFILEPATH)/$(VERSIONFILENAME) ; \
fi
@ -179,40 +182,41 @@ check_environment:
compile_ui:
@echo "compiling binary for ui..."
$(GOBUILD) -o $(UIBINARYPATH)/$(UIBINARYNAME) $(UISOURCECODE)
@$(GOBUILD) -o $(UIBINARYPATH)/$(UIBINARYNAME) $(UISOURCECODE)
@echo "Done."
compile_jobservice:
@echo "compiling binary for jobservice..."
$(GOBUILD) -o $(JOBSERVICEBINARYPATH)/$(JOBSERVICEBINARYNAME) $(JOBSERVICESOURCECODE)
@$(GOBUILD) -o $(JOBSERVICEBINARYPATH)/$(JOBSERVICEBINARYNAME) $(JOBSERVICESOURCECODE)
@echo "Done."
compile_normal: compile_ui compile_jobservice
compile_golangimage:
@echo "pulling golang build base image"
$(DOCKERPULL) $(GOBUILDIMAGE)
compile_buildgolangimage:
@echo "compiling golang image for harbor ..."
@$(DOCKERBUILD) -t $(GOBUILDIMAGE) -f $(TOOLSPATH)/$(GOLANGDOCKERFILENAME) .
@echo "Done."
compile_golangimage:
@echo "compiling binary for ui (golang image)..."
@echo $(GOBASEPATH)
@echo $(GOBUILDPATH)
$(DOCKERCMD) run --rm -v $(BUILDPATH):$(GOBUILDPATH) -w $(GOBUILDPATH_UI) $(GOBUILDIMAGE) $(GOIMAGEBUILD) -v -o $(GOBUILDMAKEPATH_UI)/$(UIBINARYNAME)
@$(DOCKERCMD) run --rm -v $(BUILDPATH):$(GOBUILDPATH) -w $(GOBUILDPATH_UI) $(GOBUILDIMAGE) $(GOIMAGEBUILD) -v -o $(GOBUILDMAKEPATH_UI)/$(UIBINARYNAME)
@echo "Done."
@echo "compiling binary for jobservice (golang image)..."
$(DOCKERCMD) run --rm -v $(BUILDPATH):$(GOBUILDPATH) -w $(GOBUILDPATH_JOBSERVICE) $(GOBUILDIMAGE) $(GOIMAGEBUILD) -v -o $(GOBUILDMAKEPATH_JOBSERVICE)/$(JOBSERVICEBINARYNAME)
@$(DOCKERCMD) run --rm -v $(BUILDPATH):$(GOBUILDPATH) -w $(GOBUILDPATH_JOBSERVICE) $(GOBUILDIMAGE) $(GOIMAGEBUILD) -v -o $(GOBUILDMAKEPATH_JOBSERVICE)/$(JOBSERVICEBINARYNAME)
@echo "Done."
compile:check_environment $(COMPILETAG)
prepare:
@echo "preparing..."
$(MAKEPATH)/$(PREPARECMD) -conf $(CONFIGPATH)/$(CONFIGFILE)
@$(MAKEPATH)/$(PREPARECMD) -conf $(CONFIGPATH)/$(CONFIGFILE)
build_common: version
@echo "buildging db container for photon..."
cd $(DOCKERFILEPATH_DB) && $(DOCKERBUILD) -f $(DOCKERFILENAME_DB) -t $(DOCKERIMAGENAME_DB):$(VERSIONTAG) .
@cd $(DOCKERFILEPATH_DB) && $(DOCKERBUILD) -f $(DOCKERFILENAME_DB) -t $(DOCKERIMAGENAME_DB):$(VERSIONTAG) .
@echo "Done."
build_photon: build_common
@ -224,13 +228,13 @@ build_ubuntu: build_common
build: build_$(BASEIMAGE)
modify_composefile:
@echo "preparing tag:$(VERSIONTAG) docker-compose file..."
@echo "preparing docker-compose file..."
@cp $(DOCKERCOMPOSEFILEPATH)/$(DOCKERCOMPOSETPLFILENAME) $(DOCKERCOMPOSEFILEPATH)/$(DOCKERCOMPOSEFILENAME)
@$(SEDCMD) -i 's/image\: vmware.*/&:$(VERSIONTAG)/g' $(DOCKERCOMPOSEFILEPATH)/$(DOCKERCOMPOSEFILENAME)
install: compile build prepare modify_composefile
@echo "loading harbor images..."
$(DOCKERCOMPOSECMD) -f $(DOCKERCOMPOSEFILEPATH)/$(DOCKERCOMPOSEFILENAME) up -d
@$(DOCKERCOMPOSECMD) -f $(DOCKERCOMPOSEFILEPATH)/$(DOCKERCOMPOSEFILENAME) up -d
@echo "Install complete. You can visit harbor now."
package_online: modify_composefile
@ -238,12 +242,13 @@ package_online: modify_composefile
@cp -r make $(HARBORPKG)
@if [ -n "$(REGISTRYSERVER)" ] ; then \
$(SEDCMD) -i 's/image\: vmware/image\: $(REGISTRYSERVER)\/$(REGISTRYPROJECTNAME)/' \
$(HARBORPKG)/docker-compose.$(VERSIONTAG).yml ; \
$(HARBORPKG)/docker-compose.yml ; \
fi
@cp LICENSE $(HARBORPKG)/LICENSE
@cp NOTICE $(HARBORPKG)/NOTICE
@$(TARCMD) -zcvf harbor-online-installer-$(VERSIONTAG).tgz \
--exclude=$(HARBORPKG)/common/db --exclude=$(HARBORPKG)/ubuntu \
--exclude=$(HARBORPKG)/common/db \
--exclude=$(HARBORPKG)/common/log --exclude=$(HARBORPKG)/ubuntu \
--exclude=$(HARBORPKG)/photon --exclude=$(HARBORPKG)/kubernetes \
--exclude=$(HARBORPKG)/dev --exclude=$(DOCKERCOMPOSETPLFILENAME) \
--exclude=$(HARBORPKG)/checkenv.sh \
@ -262,19 +267,20 @@ package_offline: compile build modify_composefile
@cp NOTICE $(HARBORPKG)/NOTICE
@echo "pulling nginx and registry..."
$(DOCKERPULL) registry:2.5.0
$(DOCKERPULL) nginx:1.9
@$(DOCKERPULL) registry:2.5.0
@$(DOCKERPULL) nginx:1.11.5
@echo "saving harbor docker image"
$(DOCKERSAVE) -o $(HARBORPKG)/$(DOCKERIMGFILE).$(VERSIONTAG).tgz \
@$(DOCKERSAVE) -o $(HARBORPKG)/$(DOCKERIMGFILE).$(VERSIONTAG).tgz \
$(DOCKERIMAGENAME_UI):$(VERSIONTAG) \
$(DOCKERIMAGENAME_LOG):$(VERSIONTAG) \
$(DOCKERIMAGENAME_DB):$(VERSIONTAG) \
$(DOCKERIMAGENAME_JOBSERVICE):$(VERSIONTAG) \
nginx:1.9 registry:2.5.0
nginx:1.11.5 registry:2.5.0
@$(TARCMD) -zcvf harbor-offline-installer-$(VERSIONTAG).tgz \
--exclude=$(HARBORPKG)/common/db --exclude=$(HARBORPKG)/ubuntu \
--exclude=$(HARBORPKG)/common/db \
--exclude=$(HARBORPKG)/common/log --exclude=$(HARBORPKG)/ubuntu \
--exclude=$(HARBORPKG)/photon --exclude=$(HARBORPKG)/kubernetes \
--exclude=$(HARBORPKG)/dev --exclude=$(DOCKERCOMPOSETPLFILENAME) \
--exclude=$(HARBORPKG)/checkenv.sh \
@ -287,10 +293,10 @@ package_offline: compile build modify_composefile
pushimage:
@echo "pushing harbor images ..."
$(DOCKERTAG) $(DOCKERIMAGENAME_UI):$(VERSIONTAG) $(REGISTRYSERVER)$(DOCKERIMAGENAME_UI):$(VERSIONTAG)
$(PUSHSCRIPTPATH)/$(PUSHSCRIPTNAME) $(REGISTRYSERVER)$(DOCKERIMAGENAME_UI):$(VERSIONTAG) \
@$(DOCKERTAG) $(DOCKERIMAGENAME_UI):$(VERSIONTAG) $(REGISTRYSERVER)$(DOCKERIMAGENAME_UI):$(VERSIONTAG)
@$(PUSHSCRIPTPATH)/$(PUSHSCRIPTNAME) $(REGISTRYSERVER)$(DOCKERIMAGENAME_UI):$(VERSIONTAG) \
$(REGISTRYUSER) $(REGISTRYPASSWORD) $(REGISTRYSERVER)
$(DOCKERRMIMAGE) $(REGISTRYSERVER)$(DOCKERIMAGENAME_UI):$(VERSIONTAG)
@$(DOCKERRMIMAGE) $(REGISTRYSERVER)$(DOCKERIMAGENAME_UI):$(VERSIONTAG)
@$(DOCKERTAG) $(DOCKERIMAGENAME_JOBSERVICE):$(VERSIONTAG) $(REGISTRYSERVER)$(DOCKERIMAGENAME_JOBSERVICE):$(VERSIONTAG)
@$(PUSHSCRIPTPATH)/$(PUSHSCRIPTNAME) $(REGISTRYSERVER)$(DOCKERIMAGENAME_JOBSERVICE):$(VERSIONTAG) \
@ -309,7 +315,7 @@ pushimage:
start:
@echo "loading harbor images..."
@$(DOCKERCOMPOSECMD) -f $(DOCKERCOMPOSEFILEPATH)/docker-compose.$(VERSIONTAG).yml up -d
@$(DOCKERCOMPOSECMD) -f $(DOCKERCOMPOSEFILEPATH)/docker-compose.yml up -d
@echo "Start complete. You can visit harbor now."
down:
@ -328,12 +334,12 @@ cleanimage:
- $(DOCKERRMIMAGE) -f $(DOCKERIMAGENAME_DB):$(VERSIONTAG)
- $(DOCKERRMIMAGE) -f $(DOCKERIMAGENAME_JOBSERVICE):$(VERSIONTAG)
- $(DOCKERRMIMAGE) -f $(DOCKERIMAGENAME_LOG):$(VERSIONTAG)
#- $(DOCKERRMIMAGE) -f registry:2.5.0
#- $(DOCKERRMIMAGE) -f nginx:1.9
# - $(DOCKERRMIMAGE) -f registry:2.5.0
# - $(DOCKERRMIMAGE) -f nginx:1.11.5
cleandockercomposefile:
@echo "cleaning $(DOCKERCOMPOSEFILEPATH)/docker-compose.$(VERSIONTAG).yml"
@if [ -f $(DOCKERCOMPOSEFILEPATH)/docker-compose.$(VERSIONTAG).yml ] ; then rm $(DOCKERCOMPOSEFILEPATH)/docker-compose.$(VERSIONTAG).yml ; fi
@echo "cleaning $(DOCKERCOMPOSEFILEPATH)/docker-compose.yml"
@if [ -f $(DOCKERCOMPOSEFILEPATH)/docker-compose.yml ] ; then rm $(DOCKERCOMPOSEFILEPATH)/docker-compose.yml ; fi
cleanversiontag:
@echo "cleaning version TAG"

73
README.md
View File

@ -9,75 +9,33 @@ Project Harbor is an enterprise-class registry server that stores and distribute
### Features
* **Role based access control**: Users and repositories are organized via 'projects' and a user can have different permission for images under a project.
* **Image replication**: Images can be replicated (synchronized) between multiple registry instances. Great for load balancing, high availability, hybrid and multi-cloud scenarios.
* **Policy based image replication**: Images can be replicated (synchronized) between multiple registry instances. Great for load balancing, high availability, multi-datacenter, hybrid and multi-cloud scenarios.
* **LDAP/AD support**: Harbor integrates with existing enterprise LDAP/AD for user authentication and management.
* **Image deletion & garbage collection**: Images can be deleted and their space can be recycled.
* **Graphical user portal**: User can easily browse, search repositories and manage projects.
* **AD/LDAP support**: Harbor integrates with existing enterprise AD/LDAP for user authentication and management.
* **Auditing**: All the operations to the repositories are tracked.
* **RESTful API**: RESTful APIs for most administrative operations, easy to integrate with external systems.
* **Easy deployment**: docker compose and offline installer.
* **Easy deployment**: Provide both an online and offline installer. Besides, a virtual appliance for vSphere platform (OVA) is available.
### Install
### Install & Run
**System requirements:**
Harbor only works with docker 1.10.0+ and docker-compose 1.6.0+.
#### Install via docker compose
On an Internet connected host, Harbor can be easily installed via docker-compose:
**On a Linux host:** docker 1.10.0+ and docker-compose 1.6.0+ .
1. Get the source code:
```sh
$ git clone https://github.com/vmware/harbor
```
2. Edit the file **make/harbor.cfg**, make necessary configuration changes such as hostname, admin password and mail server. Refer to [Installation and Configuration Guide](docs/installation_guide.md) for more info.
**On vSphere:** vCenter 5.x+ for deployment of Harbor's virtual appliance.
Download binaries of **[Harbor release ](https://github.com/vmware/harbor/releases)** and follow **[Installation & Confiugration Guide](docs/installation_guide.md)** to install Harbor.
3. Install Harbor with the following methods. Note that the build container images process can take a while.
I: Automation Install
```sh
$ make install
```
II: Manual Install
```sh
$ cd make
$ ./prepare
Generated configuration file: ./config/ui/env
Generated configuration file: ./config/ui/app.conf
Generated configuration file: ./config/registry/config.yml
Generated configuration file: ./config/db/env
$ cd dev
$ docker-compose up -d
```
#### Install via offline installer
For those who do not want to clone the source, or need to install Harbor on a server not connected to the Internet, there is a pre-built installation package available. For details on how to download and use the installation package, please refer to [Installation and Configuration Guide](docs/installation_guide.md).
#### After installation
_If everything worked properly, you should be able to open a browser to visit the admin portal at http://reg.yourdomain.com. Note that the default administrator username/password are admin/Harbor12345._
Log in to the admin portal and create a new project, e.g. `myproject`. You can then use docker commands to login and push images (by default, the registry server listens on port 80):
```sh
$ docker login reg.yourdomain.com
$ docker push reg.yourdomain.com/myproject/myrepo:mytag
```
### Upgrade
If you are upgrading Harbor from an older version with existing data, you need to migrate the data to fit the new database schema. For more details, please refer to [Data Migration Guide](docs/migration_guide.md).
### Run
For information on how to use Harbor, please take a look at [User Guide](docs/user_guide.md).
Refer to **[User Guide](docs/user_guide.md)** for more details on how to use Harbor.
### Community
Get connected with Project Harbor's community and sign up with VMware {code} [https://code.vmware.com/join/](https://code.vmware.com/join/) to get invited to VMware {code} Slack group, Channel: #harbor. **Email:** harbor @ vmware.com .
**Slack:** Join Harbor's community here: [VMware {code}](https://code.vmware.com/join/), Channel: #harbor.
**Email:** harbor@ vmware.com .
**WeChat Group:** Add WeChat id *connect1688* to join WeChat discussion group.
### Contribution
We welcome contributions from the community. If you wish to contribute code and you have not signed our contributor license agreement (CLA), our bot will update the issue when you open a pull request. For any questions about the CLA process, please refer to our [FAQ](https://cla.vmware.com/faq).
We welcome contributions from the community. If you wish to contribute code and you have not signed our contributor license agreement (CLA), our bot will update the issue when you open a pull request. For any questions about the CLA process, please refer to our [FAQ](https://cla.vmware.com/faq). Contact us for any qustions: harbor@ vmware.com .
### License
Harbor is available under the [Apache 2 license](LICENSE).
@ -87,7 +45,7 @@ This project uses open source components which have additional licensing terms.
* Photon OS 1.0: [docker image](https://hub.docker.com/_/photon/), [license](https://github.com/vmware/photon/blob/master/COPYING)
* Docker Registry 2.5: [docker image](https://hub.docker.com/_/registry/), [license](https://github.com/docker/distribution/blob/master/LICENSE)
* MySQL 5.6: [docker image](https://hub.docker.com/_/mysql/), [license](https://github.com/docker-library/mysql/blob/master/LICENSE)
* NGINX 1.9: [docker image](https://hub.docker.com/_/nginx/), [license](https://github.com/nginxinc/docker-nginx/blob/master/LICENSE)
* NGINX 1.11.5: [docker image](https://hub.docker.com/_/nginx/), [license](https://github.com/nginxinc/docker-nginx/blob/master/LICENSE)
### Partners
<a href="https://www.shurenyun.com/" border="0" target="_blank"><img alt="DataMan" src="docs/img/dataman.png"></a> &nbsp; &nbsp; <a href="http://www.slamtec.com" target="_blank" border="0"><img alt="SlamTec" src="docs/img/slamteclogo.png"></a>
@ -98,6 +56,3 @@ This project uses open source components which have additional licensing terms.
### Supporting Technologies
<img alt="beego" src="docs/img/beegoLogo.png"> Harbor is powered by <a href="http://beego.me/">Beego</a>.
### About
Project Harbor is initiated by the Advanced Technology Center (ATC), VMware China R&D.

17
ROADMAP.md
View File

@ -17,28 +17,31 @@ Please open an issue to track any initiative on the roadmap of Harbor. We will w
### 1. Notary
The notary feature allows publishers to sign their images offline and to push the signed content to a notary server. This ensures the authenticity of images.
### 2. Image replication between Harbor instances (Completed)
### 2. Vulnerability Scanning
The capability to scan images for vulnerability.
### 3. Image replication between Harbor instances (Completed)
Enable images to be replicated between two or more Harbor instances. This is useful to have multiple registry servers servicing a large cluster of nodes, or have distributed registry instances with identical images.
### 3. Image deletion and garbage collection (Completed)
### 4. Image deletion and garbage collection (Completed)
a) Images can be deleted from UI. The files of deleted images are not removed immediately.
b) The files of deleted images are recycled by an administrator during system maintenance(Garbage collection). The registry service must be shut down during the process of garbage collection.
### 4. Authentication (OAuth2)
### 5. Authentication (OAuth2)
In addition to LDAP/AD and local users, OAuth 2.0 can be used to authenticate a user.
### 5. High Availability
### 6. High Availability (in progress)
Support multi-node deployment of Harbor for high availability, scalability and load-balancing purposes.
### 6. Statistics and description for repositories
### 7. Statistics and description for repositories
User can add a description to a repository. The access count of a repo can be aggregated and displayed.
### 7. Audit all operations in the system
### 8. Audit all operations in the system
Currently only image related operations are logged. Other operations in Harbor, such as user creation/deletion, role changes, password reset, should be tracked as well.
### 8. Migration tool to move from an existing registry to Harbor
### 9. Migration tool to move from an existing registry to Harbor
A tool to migrate images from a vanilla registry server to Harbor, without the need to export/import a large amount of data.

24
docs/README.md
View File

@ -2,10 +2,14 @@
### User documents
[Installation and Configuration Guide](installation_guide.md)
Read this first!
**[Installation and Configuration Guide](installation_guide.md)
Read this first!**
Guide for Harbor online installer and offline installer.
[Harbor User Guide](user_guide.md)
**[Installation and Configuration Guide for Virtual Appliance](installation_guide_ova.md)**
Guide for installing Harbor on vSphere, either standalone or as part of vSphere Integrated Containers (VIC).
**[Harbor User Guide](user_guide.md)**
How to use Harbor to manage images, projects, replications and users.
[Configuring HTTPS for Harbor](configure_https.md)
@ -14,7 +18,7 @@ Configure security connection between Harbor and Docker client.
[Upgrade and Data Migration Guide](migration_guide.md)
Data migration may be needed when upgrading Harbor to a newer version.
[make Harbor on Kubernetes](kubernetes_deployment.md)
[Deploy Harbor on Kubernetes](kubernetes_deployment.md)
Guide to deploy Harbor on Kubenetes. (maintained by community)
### Developer documents
@ -28,10 +32,11 @@ Use Swagger to find out the specs of Harbor API.
[Internationalization Guide](developer_guide_i18n.md)
How to add your local language to Harbor.
[Python SDK](../contrib/sdk/harbor-py) (by community)
[makeing Harbor using Docker Machine](../contrib/deploying_using_docker_machine.md) ( by community)
[Harbor CLI](https://github.com/int32bit/harborclient) (by community)
[Deploy Harbor using Docker Machine](../contrib/deploying_using_docker_machine.md) ( by community)
[Configuring Harbor as a local registry mirror](../contrib/Configure_mirror.md) (by community)
@ -43,11 +48,16 @@ How to add your local language to Harbor.
[Harbor Registry Blueprint for vRA](http://www.vmtocloud.com/harbor-registry-blueprint-is-here/)
[Architecture of Harbor: An Open Source Enterprise-class Registry Server](http://www.think-foundry.com/architecture-of-harbor-an-open-source-enterprise-class-registry-server/)
[Private Harbor Registry Achieves High Availability based on Virtual SAN](http://www.think-foundry.com/private-docker-registry-harbor-achieves-ha-based-on-virtual-san/)
[Working with Harbor Registry REST API via Swagger](http://www.think-foundry.com/working-with-harbor-registry-rest-api-via-swagger/)
[Project Harbor in action](http://cormachogan.com/2016/08/05/project-harbor-action/)
[Using vSphere docker volume driver to run Project Harbor on VSAN](http://cormachogan.com/2016/07/29/using-vsphere-docker-volume-driver-run-project-harbor-vsan/)
[Architecture of Harbor: An Open Source Enterprise-class Registry Server](http://www.think-foundry.com/architecture-of-harbor-an-open-source-enterprise-class-registry-server/)
[Overall Architecture of Harbor Registry](http://www.compare-review-information.com/overall-architecture-of-harbor-registry/)

213
docs/compile_guide.md Normal file
View File

@ -0,0 +1,213 @@
## Introduction
This guide shows how to compile binary, build images and install Harbor instance from source code via make commands.
## Step 1: Prepare Your System for Building Harbor
Harbor is deployed as several Docker containers and most of the code compiled by go language. The target host requires Python, Docker, Docker Compose and golang develop environment to be installed.
Requirement:
Software | Required Version
----------------------|--------------------------
docker | 1.10.0 +
docker-compose | 1.7.1 +
python | 2.7 +
git | 1.9.1 +
make | 3.81 +
golang* | 1.6.0 +
*optional
## Step 2: Getting the Source Code
```sh
$ git clone https://github.com/vmware/harbor
```
## Step 3: Resolving Dependencies
Compile Harbor source code by local golang environment needs LDAP develop package and you'll have to do it manually. If you want to compile source code by golang image, can skip this section.
For PhotonOS:
```sh
$ tdnf install -y sed apr-util-ldap
```
For Ubuntu:
```sh
$ apt-get update && apt-get install -y libldap2-dev
```
Other platforms please consult the relevant documentation for LDAP package installation.
## Step 4: Build and Install
### Configuration
Edit the file **make/harbor.cfg**, make necessary configuration changes such as hostname, admin password and mail server. Refer to [Installation and Configuration Guide](installation_guide.md#configuring-harbor) for more info.
```sh
$ cd harbor
$ vi make/harbor.cfg
```
### Compile, Build and Install
Support 3 code compile method: golang image compile, local golang compile and developer manual compile.
#### I. Compile Code with Golang Image, then Automation Build and Install
* Build Compile Golang Image
```sh
$ make compile_buildgolangimage -e GOBUILDIMAGE=harborgo:1.6.2
```
* Automation Build and Install
```sh
$ make install -e GOBUILDIMAGE=harborgo:1.6.2 COMPILETAG=compile_golangimage
```
#### II. Compile Code with Local Golang, then Automation Build and Install
* Move Code to $GOPATH
```sh
$ mkdir $GOPATH/src/github.com/vmware/
$ cd ..
$ mv harbor $GOPATH/src/github.com/vmware/.
```
* Automation Build and Install
```sh
$ cd $GOPATH/src/github.com/vmware/harbor
$ make install
```
#### III. Manual Build and Install (Compatible with Prior Versions)
```sh
$ cd make
$ ./prepare
Generated configuration file: ./config/ui/env
Generated configuration file: ./config/ui/app.conf
Generated configuration file: ./config/registry/config.yml
Generated configuration file: ./config/db/env
...
$ cd dev
$ docker-compose up -d
```
### Install Success
You can get this message from shell after successful complete Harbor installs.
```sh
...
✔ ----Harbor has been installed and started successfully.----
Now you should be able to visit the admin portal at http://$YOURIP.
For more details, please visit https://github.com/vmware/harbor .
```
Refer to [Installation and Configuration Guide](installation_guide.md#managing-harbors-lifecycle) for more info.
## Attachments
* Using the Makefile
Makefile is a special format file that together with the make utility will help developer to automagically build and manage Harbor projects.
At the top of the makefile, there are several user-configurable parameters designed to enable the Makefile to be easily portable.
Variable | Description
-------------------|-------------
BASEIMAGE | Container base image, default: photon
DEVFLAG | Build model flag, default: dev
COMPILETAG | Compile model flag, default: compile_normal (local golang build)
REGISTRYSERVER | Remote registry server address
REGISTRYUSER | Remote registry server user name
REGISTRYPASSWORD | Remote registry server user password
REGISTRYPROJECTNAME| Project name on remote registry server
There are also a variety of rules that help with project management and debugging...
Rule | Description
--------------------|-------------
all | prepare env, compile binarys, build images and install images
prepare | prepare env
compile | compile ui and jobservice code
compile_golangimage | compile local golang image
compile_ui | compile ui binary
compile_jobservice | compile jobservice binary
build | build Harbor docker images (defuault | build_photon)
build_photon | build Harbor docker images from photon bsaeimage
build_ubuntu | build Harbor docker images from ubuntu baseimage
install | compile binarys, build images, prepare specific version composefile and startup Harbor instance
start | startup Harbor instance
down | shutdown Harbor instance
package_online | prepare online install package
package_offline | prepare offline install package
pushimage | push Harbor images to specific registry server
clean all | remove binary, Harbor images, specific version docker-compose file, specific version tag and online/offline install package
cleanbinary | remove ui and jobservice binary
cleanimage | remove Harbor images
cleandockercomposefile | remove specific version docker-compose
cleanversiontag | remove specific version tag
cleanpackage | remove online/offline install package
#### EXAMPLE:
#### compile from golang image:
```sh
$ make compile_golangimage -e GOBUILDIMAGE= [$YOURIMAGE]
```
#### build Harbor docker images form ubuntu
```sh
$ make build -e BASEIMAGE=ubuntu
```
#### push Harbor images to specific registry server
```sh
$ make pushimage -e DEVFLAG=false REGISTRYSERVER=[$SERVERADDRESS] REGISTRYUSER=[$USERNAME] REGISTRYPASSWORD=[$PASSWORD] REGISTRYPROJECTNAME=[$PROJECTNAME]
```
note**: need add "/" on end of REGISTRYSERVER. If not setting REGISTRYSERVER will push images directly to dockerhub.
```sh
$ make pushimage -e DEVFLAG=false REGISTRYUSER=[$USERNAME] REGISTRYPASSWORD=[$PASSWORD] REGISTRYPROJECTNAME=[$PROJECTNAME]
```
#### clean specific version binarys and images
```sh
$ make clean -e VERSIONTAG=[TAG]
```
note**: If commit new code to github, the git commit TAG will change. Better use this command clean previous images and files for specific TAG.
#### By default DEVFLAG=true, if you want to release new version of Harbor, should setting the flag to false.
```sh
$ make XXXX -e DEVFLAG=false
```
## Links
## Comments

2
docs/configure_swagger.md
View File

@ -36,7 +36,7 @@ From time to time, you may need to mannually test Harbor REST API. You can deplo
```
* Change the directory to _make_
```sh
cd ../make
cd ../make/dev
```
* Edit the _docker-compose.yml_ file.
```sh

28
docs/installation_guide.md
View File

@ -1,13 +1,21 @@
# Installation and Configuration Guide
Harbor can be installed by one of two installers:
Harbor can be installed by one of three approaches:
- **Online installer:** The installer downloads Harbor's images from Docker hub. For this reason, the installer is very small in size.
- **Offline installer:** Use this installer when the host does not have Internet connection. The installer contains pre-built images so its size is larger.
Both installers can be downloaded from the [release page](https://github.com/vmware/harbor/releases). The installation process of both installers are the same, this guide describes the steps to install and configure Harbor.
- **Virtual Appliance:** If you are installing Harbor as the registry component of vSphere Integrated Containers (VIC), or using Harbor as a standalone registry on vSphere platform, download the OVA version of Harbor.
In addition, the deployment instructions on Kubernetes has been created by the community. Refer to [make Harbor on Kubernetes](kubernetes_deployment.md) for details.
All installers can be downloaded from the **[official release](https://github.com/vmware/harbor/releases)** page.
To install Harbor's virtual appliance, refer to the **[Harbor Installation Guide for Virtual Appliance](installation_guide_ova.md)**.
This guide describes the steps to install and configure Harbor by using the online or offline installer. The installation processes are almost the same.
If you run a previous version of Harbor, you may need to migrate the data to fit the new database schema. For more details, please refer to **[Data Migration Guide](migration_guide.md)**.
In addition, the deployment instructions on Kubernetes has been created by the community. Refer to set up [Harbor on Kubernetes](kubernetes_deployment.md) for details.
## Prerequisites for the target host
Harbor is deployed as several Docker containers, and, therefore, can be deployed on any Linux distribution that supports Docker. The target host requires Python, Docker, and Docker Compose to be installed.
@ -42,7 +50,7 @@ Configuration parameters are located in the file **harbor.cfg**.
The parameters are described below - note that at the very least, you will need to change the **hostname** attribute.
* **hostname**: The target host's hostname, which is used to access the UI and the registry service. It should be the IP address or the fully qualified domain name (FQDN) of your target machine, e.g., `192.168.1.10` or `reg.yourdomain.com`. _Do NOT use `localhost` or `127.0.0.1` for the hostname - the registry service needs to be accessible by external clients!_
* **ui_url_protocol**: (**http** or **https**. Default is **http**) The protocol used to access the UI and the token/notification service. By default, this is _http_. To set up the https protocol, refer to [Configuring Harbor with HTTPS Access](configure_https.md).
* **ui_url_protocol**: (**http** or **https**. Default is **http**) The protocol used to access the UI and the token/notification service. By default, this is _http_. To set up the https protocol, refer to **[Configuring Harbor with HTTPS Access](configure_https.md)**.
* **Email settings**: These parameters are needed for Harbor to be able to send a user a "password reset" email, and are only necessary if that functionality is needed. Also, do note that by default SSL connectivity is _not_ enabled - if your SMTP server requires SSL, but does _not_ support STARTTLS, then you should enable SSL by setting **email_ssl = true**.
* email_server = smtp.mydomain.com
* email_server_port = 25
@ -94,8 +102,8 @@ storage:
_NOTE: For detailed information on storage backend of a registry, refer to [Registry Configuration Reference](https://docs.docker.com/registry/configuration/) ._
#### Installing and starting Harbor
Once **harbord.cfg** and storage backend (optional) are configured, install and start Harbor using the ```install.sh script```. Note that it may take some time for the online installer to download Harbor images from Docker hub.
#### Finishing installation and starting Harbor
Once **harbord.cfg** and storage backend (optional) are configured, install and start Harbor using the ```install.sh``` script. Note that it may take some time for the online installer to download Harbor images from Docker hub.
```sh
$ sudo ./install.sh
@ -110,10 +118,10 @@ $ docker push reg.yourdomain.com/myproject/myrepo:mytag
```
**IMPORTANT:** The default installation of Harbor uses _HTTP_ - as such, you will need to add the option `--insecure-registry` to your client's Docker daemon and restart the Docker service.
For information on how to use Harbor, please refer to [User Guide of Harbor](user_guide.md) .
For information on how to use Harbor, please refer to **[User Guide of Harbor](user_guide.md)** .
#### Configuring Harbor with HTTPS access
Harbor does not ship with any certificates, and, by default, uses HTTP to serve requests. While this makes it relatively simple to set up and run - especially for a development or testing environment - it is **not** recommended for a production environment. To enable HTTPS, please refer to [Configuring Harbor with HTTPS Access](configure_https.md).
Harbor does not ship with any certificates, and, by default, uses HTTP to serve requests. While this makes it relatively simple to set up and run - especially for a development or testing environment - it is **not** recommended for a production environment. To enable HTTPS, please refer to **[Configuring Harbor with HTTPS Access](configure_https.md)**.
### Managing Harbor's lifecycle
@ -185,7 +193,7 @@ Replace the first "80" to a customized port, e.g. 8888:80.
```
proxy:
image: library/nginx:1.9
image: library/nginx:1.11.5
restart: always
volumes:
- ./config/nginx:/etc/nginx
@ -228,7 +236,7 @@ Replace the first "443" to a customized port, e.g. 4443:443.
```
proxy:
image: library/nginx:1.9
image: library/nginx:1.11.5
restart: always
volumes:
- ./config/nginx:/etc/nginx

87
docs/installation_guide_ova.md
View File

@ -1,41 +1,47 @@
# Install and Configure Harbor on vSphere using OVA
This guide takes you through the steps about installing and configuring Harbor on vSphere using OVA.
# Installing and Configuring Harbor on vSphere as Virtual Appliance
This guide walks you through the steps about installing and configuring Harbor on vSphere as an virtual appliance (OVA). If you are installing Harbor on a Linux host, refer to this **[Installation Guide](installation_guide.md)**.
## Prerequisites
* vCenter 5.x+ and at least an ESX host.
* 2 vCPUs, 4GB memory and 100GB free disk space in datastore.
* A network with DHCP capability, or a static IP address for the virtual appliance.
## Installation
1.Get URL or download the OVA file to your local disk from [release page](https://github.com/vmware/harbor/releases).
1. Download the OVA file to your local disk from the **[official release page](https://github.com/vmware/harbor/releases)**.
2.Login vSphere web client. Right click on the datacenter, cluster or host which Harbor will be deployed on. Select "Deploy OVF Template" and open the import wizard.
2. Log in vSphere web client. Right click on the datacenter, cluster or host which Harbor will be deployed on. Select "Deploy OVF Template" and open the import wizard.
![ova](img/ova/ova01.png)
![ova](img/ova/ova01.png)
3.Paste the URL of OVA file or select it from local disk and click "Next".
3. Select the OVA file from your local disk and click "Next".
![ova](img/ova/ova02.png)
![ova](img/ova/ova02.png)
4.Review the OVF template details and click "Next".
4. Review the OVF template details and click "Next".
![ova](img/ova/ova03.png)
![ova](img/ova/ova03.png)
5.Spefify a name and location for the deployed template.
5. Specify a name and a location for the virtual appliance.
![ova](img/ova/ova04.png)
![ova](img/ova/ova04.png)
6.Select the storage and virtual disk format, click "Next".
6. Select the datastore and virtual disk format, click "Next".
![ova](img/ova/ova05.png)
![ova](img/ova/ova05.png)
7.Configure the networks the deployed template should use.
7. Configure the network(s) the virtual appliance should be connected to.
![ova](img/ova/ova06.png)
![ova](img/ova/ova06.png)
8.Customize the properties of Harbor. The properties are described below. Note that at the very least, you just need to set the **Root Password**, **Harbor Admin Password** and **Database Password** properties.
8. Customize the properties of Harbor. The properties are described below. Note that at the very least, you just need to set the **Root Password**, **Harbor Admin Password** and **Database Password** properties.
![ova](img/ova/ova07.png)
![ova](img/ova/ova07.png)
* Application
* **Root Password**: The password of the root user. (8-128 characters)
* **Harbor Admin Password**: The initial password of Harbor admin. It only works for the first time when Harbor starts. It has no effect after the first launch of Harbor. Change the admin password from UI after launching Harbor. (8-20 characters)
* **Database Password**: The password of the root user of MySQL database. (8-128 characters)
* Harbor
* **Root Password**: The password of the root user.
* **Harbor Admin Password**: The initial password of Harbor admin. It only works for the first time when Harbor starts. It has no effect after the first launch of Harbor. Change the admin password from UI after launching Harbor.
* **Database Password**: The password of the root user of MySQL database.
* **Authentication Mode**: The default authentication mode is db_auth, i.e. the credentials are stored in a local database. Set it to ldap_auth if you want to verify the user's credential against an LDAP/AD server.
* **LDAP URL**: The URL of an LDAP/AD server.
* **LDAP Search DN**: A user's DN who has the permission to search the LDAP/AD server. If your LDAP/AD server does not support anonymous search, you should configure this DN and LDAP Seach Password.
@ -50,11 +56,11 @@ This guide takes you through the steps about installing and configuring Harbor o
* **Email SSL**: Whether to enabled secure mail transmission.
* **SSL Cert**: Paste in the content of a certificate file. If SSL Cert and SSL Cert Key are both set, HTTPS will be used.
* **SSL Cert Key**: Paste in the content of certificate key file. If SSL Cert and SSL Cert Key are both set, HTTPS will be used.
* **Self Registration**: Determine whether the self-registration is allowed or not when the authentication mode is database. Set this to off to disable a user's self-registration in Harbor.
* **Verify Remote Cert**: Determine whether the image replication should verify the SSL certificate when it connects to a remote registry. Set this flag to off when the remote registry uses a self-signed or untrusted certificate.
* **Garbage Collection**: When setting this to true, Harbor performs garbage collection everytime it boots up.
* **Self Registration**: Determine whether the self-registration is allowed or not. Set this to off to disable a user's self-registration in Harbor. This flag has no effect when users are stored in LDAP or AD.
* **Verify Remote Cert**: Determine whether the image replication should verify the certificate when it connects to a remote registry via TLS. Set this flag to off when the remote registry uses a self-signed or untrusted certificate.
* **Garbage Collection**: When setting this to true, Harbor performs garbage collection everytime it boots up. The first time setting this flag to true needs to power off the VM and power it on again.
* Networking properties
* Networking properties
* **Default Gateway**: The default gateway address for this VM. Leave blank if DHCP is desired.
* **Domain Name**: The domain name of this VM. Leave blank if DHCP is desired.
* **Domain Search Path**: The domain search path(comma or space separated domain names) for this VM. Leave blank if DHCP is desired.
@ -62,25 +68,32 @@ This guide takes you through the steps about installing and configuring Harbor o
* **Network 1 IP Adress**: The IP address of this interface. Leave blank if DHCP is desired.
* **Network 1 Netmask**: The netmask or prefix for this interface. Leave blank if DHCP is desired.
**Notes:** If you want to enable HTTPS with a self-signed certificate and have no idea how to generate it, refer to the "Getting a certificate" part of this [guide](https://github.com/vmware/harbor/blob/master/docs/configure_https.md#getting-a-certificate).
**Notes:** If you want to enable HTTPS with a self-signed certificate, refer to the "Getting a certificate" part of this [guide](https://github.com/vmware/harbor/blob/master/docs/configure_https.md#getting-a-certificate) for generating a certificate.
After you complete the properties, click "Next".
After you complete the properties, click "Next".
9.Review your settings and click "Finish" to complete the installation.
9. Review your settings and click "Finish" to complete the deployment.
![ova](img/ova/ova08.png)
![ova](img/ova/ova08.png)
10. Power on the virtual appliance. It may take a few minutes for the first bootup. The virtual appliance needs to initialize itself for configuration like netowrk address and password.
11. When the appliance is ready, check from vSphere Web Client for its IP address. Open a browser and type in the URL `http(s)://harbor_ip_address` or `http(s)://harbor_host_name`. Log in as the admin user and verify Harbor has been successfully installed.
12. For information on how to use Harbor, please refer to [User Guide of Harbor](user_guide.md).
## Reconfiguration
If you want to reconfigure the properties of Harbor, follow the steps:
1.Power off the VM which Harbor is deployed on.
2.Right click on the VM and select "Edit Settings".
If you want to change the properties of Harbor, follow the below steps:
![ova](img/ova/edit_settings.png)
1. **Power off** Harbor's virtual appliance.
2. Right click on the VM and select "Edit Settings".
3.Click the "vApp Options" tab, reconfigure the properties and click "OK".
![ova](img/ova/edit_settings.png)
![ova](img/ova/vapp_options.png)
3. Click the "vApp Options" tab, update the properties and click "OK".
4.Power on the VM.
![ova](img/ova/vapp_options.png)
**Notes:** "Harbor Admin Password" and all networking properties can not be modified using this method after Harbor launched. Change the admin password from UI and change the networking properties in the OS level manually.
4. **Power on** the VM.
**Note:** The initial admin password, root password of the virtual appliance, MySql root password, and all networking properties can not be modified using this method after Harbor's first launch. The password of the admin user should be changed in the admin portal. The root password of virtual appliance, as well as the networking settings, can be changed by logging in the virtural appliance and doing it in the Linux operating system.

37
docs/migration_guide.md
View File

@ -27,35 +27,30 @@ When upgrading your existing Habor instance to a newer version, you may need to
git clone https://github.com/vmware/harbor
```
4. Before upgrading Harbor, perform database migration first.
The directory **tools/migration/** contains the tool for migration. The first step is to update values of `db_username`, `db_password`, `db_port`, `db_name` in **migration.cfg** so that they match your system's configuration.
5. The migration tool is delivered as a container, so you should build the image from its Dockerfile:
```
cd tools/migration/
docker build -t migrate-tool .
```
6. Back up database to a directory such as `/path/to/backup`. You need to create the directory if it does not exist.
4. Before upgrading Harbor, perform database migration first. The migration tool is delivered as a docker image, so you should pull the image from docker hub:
```
docker run -ti --rm -v /data/database:/var/lib/mysql -v /path/to/backup:/harbor-migration/backup migrate-tool backup
docker pull vmware/harbor-db-migrator
```
7. Upgrade database schema and migrate data:
5. Back up database to a directory such as `/path/to/backup`. You need to create the directory if it does not exist. Also, note that the username and password to access the db are provided via environment variable "DB_USR" and "DB_PWD"
```
docker run -ti --rm -v /data/database:/var/lib/mysql migrate-tool up head
docker run -ti --rm -e DB_USR=root -e DB_PWD=xxxx -v /data/database:/var/lib/mysql -v /path/to/backup:/harbor-migration/backup vmware/harbor-db-migrator backup
```
8. Change to `make/` directory, configure Harbor by modifying the file `harbor.cfg`, you may need to refer to the configuration files you've backed up during step 2. Refer to [Installation & Configuration Guide ](../docs/installation_guide.md) for more info.
6. Upgrade database schema and migrate data:
9. If HTTPS has been enabled for Harbor before, restore the `nginx.conf` and key/certificate files from the backup files in Step 2. Refer to [Configuring Harbor with HTTPS Access](../docs/configure_https.md) for more info.
```
docker run -ti --rm -e DB_USR=root -e DB_PWD=xxxx -v /data/database:/var/lib/mysql vmware/harbor-db-migrator up head
```
10. Under the directory `make/`, run the `./prepare` script to generate necessary config files.
7. Change to `make/` directory, configure Harbor by modifying the file `harbor.cfg`, you may need to refer to the configuration files you've backed up during step 2. Refer to [Installation & Configuration Guide ](../docs/installation_guide.md) for more info.
8. Under the directory `make/`, run the `./prepare` script to generate necessary config files.
11. Rebuild Harbor and restart the registry service
9. Rebuild Harbor and restart the registry service
```
docker-compose up --build -d
@ -73,7 +68,7 @@ For any reason, if you want to roll back to the previous version of Harbor, foll
2. Restore database from backup file in `/path/to/backup` .
```
docker run -ti --rm -v /data/database:/var/lib/mysql -v /path/to/backup:/harbor-migration/backup migrate-tool restore
docker run -ti --rm -e DB_USR=root -e DB_PWD=xxxx -v /data/database:/var/lib/mysql -v /path/to/backup:/harbor-migration/backup vmware/harbor-db-migrator restore
```
3. Remove current source code of Harbor.
@ -95,9 +90,9 @@ For any reason, if you want to roll back to the previous version of Harbor, foll
### Migration tool reference
- Use `help` command to show instructions of the migration tool:
```docker run --rm migrate-tool help```
```docker run --rm -e DB_USR=root -e DB_PWD=xxxx vmware/harbor-db-migrator help```
- Use `test` command to test mysql connection:
```docker run --rm -v /data/database:/var/lib/mysql migrate-tool test```
```docker run --rm -e DB_USR=root -e DB_PWD=xxxx -v /data/database:/var/lib/mysql vmware/harbor-db-migrator test```

3
make/common/templates/nginx/nginx.https.conf
View File

@ -51,6 +51,9 @@ http {
# When setting up Harbor behind other proxy, such as an Nginx instance, remove the below line if the proxy already has similar settings.
proxy_set_header X-Forwarded-Proto $$scheme;
# Add Secure flag when serving HTTPS
proxy_cookie_path / "/; secure";
proxy_buffering off;
proxy_request_buffering off;
}

1
make/common/templates/ui/app.conf
View File

@ -9,6 +9,7 @@ names = en-US|zh-CN
httpport = 80
[mail]
identity = $email_identity
host = $email_server
port = $email_server_port
username = $email_username

2
make/dev/docker-compose.yml
View File

@ -75,7 +75,7 @@ services:
syslog-address: "tcp://127.0.0.1:1514"
tag: "jobservice"
proxy:
image: library/nginx:1.9
image: library/nginx:1.11.5
restart: always
volumes:
- ../common/config/nginx:/etc/nginx

2
make/docker-compose.tpl
View File

@ -75,7 +75,7 @@ services:
syslog-address: "tcp://127.0.0.1:1514"
tag: "jobservice"
proxy:
image: nginx:1.9
image: nginx:1.11.5
container_name: nginx
restart: always
volumes:

1
make/harbor.cfg
View File

@ -9,6 +9,7 @@ hostname = reg.mydomain.com
ui_url_protocol = http
#Email account settings for sending out password resetting emails.
email_identity = Mail Config
email_server = smtp.mydomain.com
email_server_port = 25
email_username = sample_admin@mydomain.com

2
make/kubernetes/dockerfiles/proxy-dockerfile
View File

@ -1,3 +1,3 @@
FROM library/nginx:1.9
FROM library/nginx:1.11.5
ADD ./config/nginx /etc/nginx

2
make/prepare
View File

@ -73,6 +73,7 @@ validate(rcp)
hostname = rcp.get("configuration", "hostname")
protocol = rcp.get("configuration", "ui_url_protocol")
ui_url = protocol + "://" + hostname
email_identity = rcp.get("configuration", "email_identity")
email_server = rcp.get("configuration", "email_server")
email_server_port = rcp.get("configuration", "email_server_port")
email_username = rcp.get("configuration", "email_username")
@ -191,6 +192,7 @@ render(os.path.join(templates_dir, "ui", "env"),
render(os.path.join(templates_dir, "ui", "app.conf"),
ui_conf,
email_identity=email_identity,
email_server=email_server,
email_server_port=email_server_port,
email_username=email_username,

2
src/common/utils/mail.go
View File

@ -134,7 +134,7 @@ func loadConfig() {
useTLS = true
}
mc = MailConfig{
Identity: "Mail Config",
Identity: config["identity"],
Host: config["host"],
Port: config["port"],
Username: config["username"],

41
src/ui/controllers/base.go
View File

@ -42,19 +42,19 @@ var mappingLangNames map[string]string
func (b *BaseController) Prepare() {
var lang string
var langHasChanged bool
langCookie, err := b.Ctx.Request.Cookie("language")
if err != nil {
log.Errorf("Error occurred in Request.Cookie: %v", err)
}
if langCookie != nil {
lang = langCookie.Value
}
if len(lang) == 0 {
sessionLang := b.GetSession("lang")
if sessionLang != nil {
b.SetSession("Lang", lang)
lang = sessionLang.(string)
langRequest := b.GetString("lang")
if langRequest != "" {
lang = langRequest
langHasChanged = true
} else {
langCookie, err := b.Ctx.Request.Cookie("language")
if err != nil {
log.Errorf("Error occurred in Request.Cookie: %v", err)
}
if langCookie != nil {
lang = langCookie.Value
} else {
al := b.Ctx.Request.Header.Get("Accept-Language")
if len(al) > 4 {
@ -63,16 +63,23 @@ func (b *BaseController) Prepare() {
lang = al
}
}
langHasChanged = true
}
}
if _, exist := supportLanguages[lang]; !exist { //Check if support the request language.
lang = defaultLang //Set default language if not supported.
if langHasChanged {
if _, exist := supportLanguages[lang]; !exist { //Check if support the request language.
lang = defaultLang //Set default language if not supported.
}
cookies := &http.Cookie{
Name: "language",
Value: lang,
HttpOnly: true,
Domain: "/",
}
http.SetCookie(b.Ctx.ResponseWriter, cookies)
}
b.Ctx.SetCookie("language", lang, 0, "/")
b.SetSession("Lang", lang)
curLang := langType{
Lang: lang,
}

2
src/ui/static/resources/js/components/element-height/element-height.inspector.js
View File

@ -48,8 +48,6 @@
element.find('.section').css({'height': (h - scope.subsHeight - scope.subsSection) + 'px'});
element.find('.sub-pane').css({'height': (h - scope.subsHeight - scope.subsSubPane) + 'px'});
element.find('.tab-pane').css({'height': (h - scope.subsHeight - scope.subsSubPane - scope.subsSection -100) + 'px'});
// var subPaneHeight = element.find('.sub-pane').height();
// element.find('.table-body-container').css({'height': (subPaneHeight - scope.subsTblBody) + 'px'});
}
}, true);

10
src/ui/static/resources/js/components/log/list-log.directive.js
View File

@ -143,7 +143,9 @@
}
function listLog() {
listLog.$inject = ['$timeout'];
function listLog($timeout) {
var directive = {
'restrict': 'E',
'templateUrl': '/static/resources/js/components/log/list-log.directive.html',
@ -162,6 +164,12 @@
element.find('#txtSearchInput').on('keydown', function(e) {
if($(this).is(':focus') && e.keyCode === 13) {
ctrl.search({'op': ctrl.op, 'username': ctrl.username});
} else {
$timeout(function() {
if(ctrl.username.length === 0) {
ctrl.search({'op': ctrl.op, 'username': ctrl.username});
}
});
}
});
}

17
src/ui/static/resources/js/components/optional-menu/optional-menu.directive.js
View File

@ -25,21 +25,19 @@
function OptionalMenuController($scope, $window, I18nService, LogOutService, currentUser, $timeoutm, trFilter, $filter, GetVolumeInfoService) {
var vm = this;
vm.currentLanguage = I18nService().getCurrentLanguage();
vm.languageName = I18nService().getLanguageName(vm.currentLanguage);
I18nService().setCurrentLanguage(vm.currentLanguage);
var i18n = I18nService();
i18n.setCurrentLanguage(vm.language);
vm.languageName = i18n.getLanguageName(vm.language);
console.log('current language:' + vm.languageName);
vm.supportLanguages = I18nService().getSupportLanguages();
vm.supportLanguages = i18n.getSupportLanguages();
vm.user = currentUser.get();
vm.setLanguage = setLanguage;
vm.logOut = logOut;
vm.about = about;
function setLanguage(language) {
I18nService().setCurrentLanguage(language);
vm.languageName = i18n.getLanguageName(vm.language);
var hash = $window.location.hash;
$window.location.href = '/language?lang=' + language + '&hash=' + encodeURIComponent(hash);
}
@ -92,7 +90,8 @@
'restrict': 'E',
'templateUrl': '/optional_menu?timestamp=' + new Date().getTime(),
'scope': {
'version': '@'
'version': '@',
'language': '@'
},
'controller': OptionalMenuController,
'controllerAs': 'vm',

1
src/ui/static/resources/js/components/paginator/paginator.directive.html
View File

@ -12,3 +12,4 @@
</li>
</ul>
</nav>
<p class="pull-right" style="margin-right: 15%; margin-top: 5px;">// 'total' | tr // // vm.totalCount // // 'items' | tr //</p>

3
src/ui/static/resources/js/components/paginator/paginator.directive.js
View File

@ -106,11 +106,10 @@
if(this.time > this.minimum) {
if(this.time === 0) {
ctrl.page = ctrl.displayCount;
}else if((ctrl.page % ctrl.displayCount) != 0) {
}else{
ctrl.page = this.time * ctrl.displayCount;
}
--this.time;
--ctrl.page;
}
scope.$apply();
};

11
src/ui/static/resources/js/components/project-member/add-project-member.directive.js
View File

@ -88,8 +88,10 @@
}
}
addProjectMember.$inject = ['$timeout'];
function addProjectMember() {
function addProjectMember($timeout) {
var directive = {
'restrict': 'E',
'templateUrl': '/static/resources/js/components/project-member/add-project-member.directive.html',
@ -109,6 +111,13 @@
function link(scope, element, attrs, ctrl) {
scope.form.$setPristine();
scope.form.$setUntouched();
scope.$watch('vm.isOpen', function(current) {
if(current) {
$timeout(function() {
element.find('[name=uUsername]:input').focus();
});
}
});
}
}

10
src/ui/static/resources/js/components/project-member/list-project-member.directive.js
View File

@ -96,7 +96,9 @@
}
function listProjectMember() {
listProjectMember.$inject = ['$timeout'];
function listProjectMember($timeout) {
var directive = {
'restrict': 'E',
'templateUrl': '/static/resources/js/components/project-member/list-project-member.directive.html',
@ -116,6 +118,12 @@
element.find('#txtSearchInput').on('keydown', function(e) {
if($(this).is(':focus') && e.keyCode === 13) {
ctrl.retrieve();
} else {
$timeout(function() {
if(ctrl.username.length === 0) {
ctrl.retrieve();
}
});
}
});
}

2
src/ui/static/resources/js/components/project/add-project.directive.html
View File

@ -12,7 +12,7 @@
See the License for the specific language governing permissions and
limitations under the License.
-->
<div class="well well-custom" style="position: absolute; margin-left: 10px; margin-top: 5px; width: 96%;">
<div class="well well-custom" style="position: absolute; margin-left: 10px; margin-top: 5px; width: 94%;">
<form name="form" class="css-form form-custom" novalidate>
<div class="row">
<div class="col-xs-10 col-md-10">

17
src/ui/static/resources/js/components/project/add-project.directive.js
View File

@ -97,18 +97,31 @@
}
}
function addProject() {
addProject.$inject = ['$timeout'];
function addProject($timeout) {
var directive = {
'restrict': 'E',
'templateUrl': '/static/resources/js/components/project/add-project.directive.html',
'controller': AddProjectController,
'link': link,
'scope' : {
'isOpen': '='
},
'controllerAs': 'vm',
'bindToController': true
};
return directive;
return directive;
function link(scope, element, attrs, ctrl) {
scope.$watch('vm.isOpen', function(current) {
if(current) {
$timeout(function() {
element.find(':input[name=uProjectName]').focus();
});
}
});
}
}
})();

14
src/ui/static/resources/js/components/replication/list-replication.directive.js
View File

@ -290,6 +290,8 @@
}
listReplication.inject = ['$timeout', 'I18nService'];
function listReplication($timeout, I18nService) {
var directive = {
'restrict': 'E',
@ -398,12 +400,24 @@
element.find('#txtSearchPolicyInput').on('keydown', function(e) {
if($(this).is(':focus') && e.keyCode === 13) {
ctrl.searchReplicationPolicy();
} else {
$timeout(function() {
if(ctrl.replicationPolicyName.length === 0) {
ctrl.searchReplicationPolicy();
}
});
}
});
element.find('#txtSearchJobInput').on('keydown', function(e) {
if($(this).is(':focus') && e.keyCode === 13) {
ctrl.searchReplicationJob();
} else {
$timeout(function() {
if(ctrl.replicationJobName.length === 0) {
ctrl.searchReplicationJob();
}
});
}
});

10
src/ui/static/resources/js/components/repository/list-repository.directive.js
View File

@ -192,7 +192,9 @@
}
function listRepository() {
listRepository.$inject = ['$timeout'];
function listRepository($timeout) {
var directive = {
'restrict': 'E',
'templateUrl': '/static/resources/js/components/repository/list-repository.directive.html',
@ -212,6 +214,12 @@
element.find('#txtSearchInput').on('keydown', function(e) {
if($(this).is(':focus') && e.keyCode === 13) {
ctrl.retrieve();
} else {
$timeout(function() {
if(ctrl.filterInput.length === 0) {
ctrl.retrieve();
}
});
}
});
}

10
src/ui/static/resources/js/components/system-management/destination.directive.js
View File

@ -103,7 +103,9 @@
}
}
function destination() {
destination.$inject = ['$timeout'];
function destination($timeout) {
var directive = {
'restrict': 'E',
'templateUrl': '/static/resources/js/components/system-management/destination.directive.html',
@ -119,6 +121,12 @@
element.find('#txtSearchInput').on('keydown', function(e) {
if($(this).is(':focus') && e.keyCode === 13) {
ctrl.retrieve();
} else {
$timeout(function() {
if(ctrl.destinationName.length === 0) {
ctrl.retrieve();
}
});
}
});
}

10
src/ui/static/resources/js/components/system-management/replication.directive.js
View File

@ -106,7 +106,9 @@
}
}
function replication() {
replication.$inject = ['$timeout'];
function replication($timeout) {
var directive = {
'restrict': 'E',
'templateUrl': '/static/resources/js/components/system-management/replication.directive.html',
@ -122,6 +124,12 @@
element.find('#txtSearchInput').on('keydown', function(e) {
if($(this).is(':focus') && e.keyCode === 13) {
ctrl.retrieve();
} else {
$timeout(function() {
if(ctrl.replicationName.length === 0) {
ctrl.retrieve();
}
});
}
});
}

2
src/ui/static/resources/js/components/user/list-user.directive.html
View File

@ -55,7 +55,7 @@
</div>
</div>
<div class="col-xs-4 col-md-12 well well-sm well-custom">
<div class="col-md-offset-10">//vm.users ? vm.users.length : 0// items</div>
<div class="col-md-offset-10">//vm.users ? vm.users.length : 0// // 'items' | tr //</div>
</div>
</div>
</div>

10
src/ui/static/resources/js/components/user/list-user.directive.js
View File

@ -93,7 +93,9 @@
}
}
function listUser() {
listUser.$inject = ['$timeout'];
function listUser($timeout) {
var directive = {
'restrict': 'E',
'templateUrl': '/static/resources/js/components/user/list-user.directive.html',
@ -111,6 +113,12 @@
element.find('#txtSearchInput').on('keydown', function(e) {
if($(this).is(':focus') && e.keyCode === 13) {
ctrl.retrieve();
} else {
$timeout(function() {
if(ctrl.username.length === 0) {
ctrl.retrieve();
}
});
}
});
}

12
src/ui/static/resources/js/layout/project/project.controller.js
View File

@ -119,8 +119,8 @@
$scope.$on('addedSuccess', function(e, val) {
vm.retrieve();
});
});
function showAddProject() {
vm.isOpen = vm.isOpen ? false : true;
}
@ -144,6 +144,12 @@
var keyCode = $event.which || $event.keyCode;
if(keyCode === 13) {
vm.retrieve();
} else {
$timeout(function() {
if(vm.projectName.length === 0) {
vm.retrieve();
}
});
}
}
@ -176,7 +182,7 @@
function deleteProjectFailed(data, status) {
$scope.$emit('modalTitle', $filter('tr')('error'));
if(status === 412) {
$scope.$emit('modalMessage', $filter('tr')('failed_to_delete_project_contains_repo'));
$scope.$emit('modalMessage', $filter('tr')('failed_to_delete_project'));
}
if(status === 403) {
$scope.$emit('modalMessage', $filter('tr')('failed_to_delete_project_insuffient_permissions'));

9
src/ui/static/resources/js/services/i18n/locale_messages_en-US.js
View File

@ -52,9 +52,9 @@ var locale_messages = {
'full_name_is_too_long': 'Full name is too long. (maximum 20 characters)',
'full_name_contains_illegal_chars': 'Full name contains illegal character(s).',
'password': 'Password',
'password_desc': 'At least 8 characters with 1 lowercase letter, 1 capital letter and 1 numeric character.',
'password_desc': 'At least 8 characters, less than 20 characters with 1 lowercase letter, 1 capital letter and 1 numeric character.',
'password_is_required': 'Password is required.',
'password_is_invalid': 'Password is invalid. At least 8 characters with 1 lowercase letter, 1 capital letter and 1 numeric character.',
'password_is_invalid': 'Password is invalid. At least 8 characters, less than 20 characters with 1 lowercase letter, 1 capital letter and 1 numeric character.',
'confirm_password': 'Confirm Password',
'password_does_not_match': 'Passwords do not match.',
'comments': 'Comments',
@ -96,6 +96,7 @@ var locale_messages = {
'save': 'Save',
'cancel': 'Cancel',
'confirm': 'Confirm',
'total': 'Total',
'items': 'item(s)',
'add_member': 'Add Member',
'operation': 'Operation',
@ -119,7 +120,7 @@ var locale_messages = {
'old_password_is_required': 'Old password is required.',
'old_password_is_incorrect': 'Old password is incorrect.',
'new_password_is_required': 'New password is required.',
'new_password_is_invalid': 'New password is invalid. At least 8 characters with 1 lowercase letter, 1 capital letter and 1 numeric character.',
'new_password_is_invalid': 'New password is invalid. At least 8 characters, less than 20 characters with 1 lowercase letter, 1 capital letter and 1 numeric character.',
'new_password': 'New Password',
'username_already_exist': 'Username already exist.',
'username_does_not_exist': 'Username does not exist.',
@ -149,7 +150,7 @@ var locale_messages = {
'failed_to_add_member': 'Project member can not be added, insuffient permissions.',
'failed_to_change_member': 'Project member can not be changed, insuffient permissions.',
'failed_to_delete_member': 'Project member can not be deleted, insuffient permissions.',
'failed_to_delete_project_contains_repo': 'Project contains repositories, can not be deleted.',
'failed_to_delete_project': 'Project contains repositories or replication policies can not be deleted.',
'failed_to_delete_project_insuffient_permissions': 'Project can not be deleted, insuffient permissions.',
'confirm_delete_project_title': 'Project Deletion',
'confirm_delete_project': 'Are you sure to delete the project "$0" ?',

9
src/ui/static/resources/js/services/i18n/locale_messages_zh-CN.js
View File

@ -52,9 +52,9 @@ var locale_messages = {
'full_name_is_too_long' : '全名长度超出限制。最长为20个字符',
'full_name_contains_illegal_chars' : '全名包含不合法的字符。',
'password': '密码',
'password_desc': '至少输入 8个字符且包含 1个小写字母 1个大写字母和 1个数字。',
'password_desc': '至少输入 8个字符最长为20个字符且包含 1个小写字母 1个大写字母和 1个数字。',
'password_is_required' : '密码为必填项。',
'password_is_invalid' : '密码无效。至少输入 8个字符且包含 1个小写字母1个大写字母和 1个数字。',
'password_is_invalid' : '密码无效。至少输入 8个字符最长为20个字符且包含 1个小写字母1个大写字母和 1个数字。',
'confirm_password': '确认密码',
'password_does_not_match' : '两次密码输入不一致。',
'comments': '备注',
@ -96,6 +96,7 @@ var locale_messages = {
'save': '保存',
'cancel': '取消',
'confirm': '确认',
'total': '总计',
'items': '条记录',
'add_member': '新增成员',
'operation': '操作',
@ -119,7 +120,7 @@ var locale_messages = {
'old_password_is_required': '原密码为必填项。',
'old_password_is_incorrect': '原密码不正确。',
'new_password_is_required': '新密码为必填项。',
'new_password_is_invalid': '新密码无效。至少输入 8个字符且包含 1个小写字母1个大写字母和 1个数字。',
'new_password_is_invalid': '新密码无效。至少输入 8个字符最长20个字符且包含 1个小写字母1个大写字母和 1个数字。',
'new_password': '新密码',
'username_already_exist': '用户名已存在。',
'username_does_not_exist': '用户名不存在。',
@ -148,7 +149,7 @@ var locale_messages = {
'failed_to_add_member': '无法添加项目成员,权限不足。',
'failed_to_change_member': '无法修改项目成员,权限不足。',
'failed_to_delete_member': '无法删除项目成员,权限不足。',
'failed_to_delete_project_contains_repo': '项目包含镜像仓库,无法删除。',
'failed_to_delete_project': '项目包含镜像仓库或复制策略,无法删除。',
'failed_to_delete_project_insuffient_permissions': '无法删除项目,权限不足。',
'confirm_delete_project_title': '删除项目',
'confirm_delete_project': '确认删除项目 "$0" ?',

19
src/ui/static/resources/js/services/i18n/services.i18n.js
View File

@ -20,14 +20,15 @@
.module('harbor.services.i18n')
.factory('I18nService', I18nService);
I18nService.$inject = ['$cookies', '$window'];
I18nService.$inject = ['$window'];
function I18nService($cookies, $window) {
function I18nService($window) {
var cookieOptions = {'path': '/'};
var messages = $.extend(true, {}, eval('locale_messages'));
var defaultLanguage = 'en-US';
var currentLanguage = defaultLanguage;
var supportLanguages = {
'en-US': 'English',
'zh-CN': '中文'
@ -47,30 +48,20 @@
return {
'setCurrentLanguage': function(language) {
if(!angular.isDefined(language) || !isSupportLanguage(language)) {
language = defaultLanguage;
}
$cookies.put('language', language, cookieOptions);
},
'setDefaultLanguage': function() {
$cookies.put('language', defaultLanguage, cookieOptions);
currentLanguage = language;
},
'getCurrentLanguage': function() {
return $cookies.get('language') || defaultLanguage;
return currentLanguage;
},
'getLanguageName': function(language) {
if(!angular.isDefined(language) || !isSupportLanguage(language)) {
language = defaultLanguage;
}
$cookies.put('language', language, cookieOptions);
return supportLanguages[language];
},
'getSupportLanguages': function() {
return supportLanguages;
},
'unset': function(){
$cookies.put('language', defaultLanguage, cookieOptions);
},
'getValue': function(key) {
return messages[key];
}

19
src/ui/views/project.htm
View File

@ -12,12 +12,25 @@
See the License for the specific language governing permissions and
limitations under the License.
-->
<style>
.custom-section {
padding: 15px;
margin-top: 20px;
background-color: #FFFFFF;
min-height: 672px;
width: 100%;
height: 950px;
}
.custom-sub-pane {
height: 800px;
}
}
</style>
<div class="container-fluid container-fluid-custom" element-height ng-controller="ProjectController as vm">
<modal-dialog modal-title="// vm.modalTitle //" modal-message="// vm.modalMessage //" confirm-only="vm.confirmOnly" action="vm.action()"></modal-dialog>
<div class="container container-custom">
<div class="row extend-height">
<div class="col-xs-12 col-md-12 extend-height">
<div class="section">
<div class="custom-section">
<h4 class="page-header">
<span ng-if="vm.isPublic === 0">// 'my_projects' | tr //</span>
<a ng-if="vm.isPublic === 1" href="javascript:void(0);" ng-click="vm.togglePublicity({isPublic: 0})">// 'my_projects' | tr //</a>
@ -39,7 +52,7 @@
</div>
<add-project ng-show="vm.isOpen" is-open="vm.isOpen"></add-project>
<div class="each-tab-pane">
<div class="sub-pane">
<div class="custom-sub-pane">
<div class="table-head-container">
<table class="table table-pane table-header">
<thead>

2
src/ui/views/sections/header-content.htm
View File

@ -25,7 +25,7 @@
</div>
<!-- Collect the nav links, forms, and other content for toggling -->
<div class="collapse navbar-collapse" id="bs-harbor-navbar-collapse-1">
<optional-menu version="{{.Version}}" login-status="//vm.loginStatus//"></optional-menu>
<optional-menu version="{{.Version}}" language="{{.Lang}}" login-status="//vm.loginStatus//"></optional-menu>
<ul class="nav navbar-nav navbar-right">
<li>
<navigation-header></navigation-header>

4
tests/testcases/Group1-user-management/1-10-admin-update-account-settings.md
View File

@ -15,7 +15,7 @@ User guide
# Test Steps:
1. Thw admin user logs in to UI.
1. The admin user logs in to UI.
2. The user changes his/her account settings, including email, full name and comments.
3. The user logs out.
4. The admin user logs in again using **new email**, and verify the account settings had been changed.
@ -25,4 +25,4 @@ User guide
* User can log in using new email in Step 4 and the settings are the same as input in Step 2.
# Possible Problems:
None
None

5
tools/Dockerfile.golang Normal file
View File

@ -0,0 +1,5 @@
FROM golang:1.6.2
RUN apt-get update \
&& apt-get install -y libldap2-dev \
&& rm -r /var/lib/apt/lists/*

2
tools/migration/Dockerfile
View File

@ -16,6 +16,4 @@ WORKDIR /harbor-migration
COPY ./ ./
RUN ./prepare.sh
ENTRYPOINT ["./run.sh"]

2
tools/migration/alembic.tpl
View File

@ -30,7 +30,7 @@ script_location = migration_harbor
# are written from script.py.mako
# output_encoding = utf-8
sqlalchemy.url = mysql://$db_username:$db_password@localhost:$db_port/$db_name
sqlalchemy.url = mysql://$DB_USR:$DB_PWD@localhost:3306/registry
# Logging configuration
[loggers]

4
tools/migration/migration.cfg
View File

@ -1,4 +0,0 @@
db_username="root"
db_password="root123"
db_port="3306"
db_name="registry"

3
tools/migration/prepare.sh
View File

@ -1,3 +0,0 @@
#!/bin/bash
source ./migration.cfg
source ./alembic.tpl > ./alembic.ini

14
tools/migration/run.sh
View File

@ -1,15 +1,19 @@
#!/bin/bash
export PYTHONPATH=$PYTHONPATH:/harbor-migration
if [ -z "$DB_USR" -o -z "$DB_PWD" ]; then
echo "DB_USR or DB_PWD not set, exiting..."
exit 1
fi
source ./migration.cfg
source ./alembic.tpl > ./alembic.ini
WAITTIME=60
DBCNF="-hlocalhost -u${db_username}"
DBCNF="-hlocalhost -u${DB_USR}"
#prevent shell to print insecure message
export MYSQL_PWD="${db_password}"
export MYSQL_PWD="${DB_PWD}"
if [[ $1 = "help" || $1 = "h" || $# = 0 ]]; then
echo "Usage:"
@ -21,7 +25,7 @@ if [[ $1 = "help" || $1 = "h" || $# = 0 ]]; then
exit 0
fi
if [[ $1 = "up" || $1 = "upgrade" ]]; then
if [[ ( $1 = "up" || $1 = "upgrade" ) && ${SKIP_CONFIRM} != "y" ]]; then
echo "Please backup before upgrade."
read -p "Enter y to continue updating or n to abort:" ans
case $ans in
@ -39,7 +43,7 @@ fi
echo 'Trying to start mysql server...'
DBRUN=0
nohup mysqld 2>&1 > ./mysqld.log&
mysqld &
for i in $(seq 1 $WAITTIME); do
echo "$(/usr/sbin/service mysql status)"
if [[ "$(/usr/sbin/service mysql status)" =~ "not running" ]]; then

21
tools/ova/script/collect.sh Executable file
View File

@ -0,0 +1,21 @@
#!/bin/bash
dir=harbor_logs
mkdir -p $dir
echo "Version" >> $dir/docker
docker version >> $dir/docker
printf "\n\nInfo\n" >> $dir/docker
docker info >> $dir/docker
printf "\n\nImages\n" >> $dir/docker
docker images >> $dir/docker
printf "\n\nRunning containers\n" >> $dir/docker
docker ps >> $dir/docker
docker-compose version >> $dir/docker-compose
base_dir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
cp -r $base_dir/../harbor/common $dir/
cp $base_dir/../harbor/harbor.cfg $dir/
cp -r /var/log/harbor $dir/
tar --remove-files -zcf $dir.tar.gz $dir

26
tools/ova/script/common.sh
View File

@ -37,8 +37,8 @@ function gc {
#Add rules to iptables
function addIptableRules {
iptables -A INPUT -p tcp --dport 5480 -j ACCEPT
iptables -A INPUT -p tcp --dport 5488 -j ACCEPT
iptables -A INPUT -p tcp --dport 5489 -j ACCEPT
#iptables -A INPUT -p tcp --dport 5488 -j ACCEPT
#iptables -A INPUT -p tcp --dport 5489 -j ACCEPT
}
#Install docker-compose
@ -51,4 +51,26 @@ function installDockerCompose {
function load {
basedir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
docker load -i $basedir/../harbor/harbor*.tgz
}
#Configure SSH
function configSSH {
value=$(ovfenv -k permit_root_login)
if [ "$value" = "true" ]
then
v=yes
else
v=no
fi
echo "ssh: permit root login - $v"
sed -i -r s%"^PermitRootLogin .*"%"PermitRootLogin $v"% /etc/ssh/sshd_config
if [ ! -f /etc/ssh/ssh_host_rsa_key ] \
|| [ ! -f /etc/ssh/ssh_host_ecdsa_key ] \
|| [ ! -f /etc/ssh/ssh_host_ed25519_key ]
then
ssh-keygen -A
fi
systemctl restart sshd
}

5
tools/ova/script/firstboot.sh
View File

@ -16,8 +16,11 @@ then
printf "$value\n$value\n" | passwd root
fi
#configure SSH
configSSH
#echo "Adding rules to iptables..."
#addIptableRules
addIptableRules
echo "Installing docker compose..."
installDockerCompose

5
tools/ova/script/subsequentboot.sh
View File

@ -7,8 +7,11 @@ export PATH=$PATH:/usr/local/bin
base_dir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
source $base_dir/common.sh
#configure SSH
configSSH
#echo "Adding rules to iptables..."
#addIptableRules
addIptableRules
#Stop Harbor
echo "Shutting down Harbor..."