mirror of
https://github.com/goharbor/harbor.git
synced 2024-11-25 03:35:21 +01:00
Fix permission issue on VIC appliance
The job logs directory's permission is not changed by prepare script because the everything is moved from /data to /storage/data on VIC appliance. This commit will make sure both cases the directory is readable by user 10000:10000. This PR also makes sure the config json of notary signer has 0644 permission.
This commit is contained in:
parent
86dddf444a
commit
5ff07cf619
19
make/prepare
19
make/prepare
@ -20,7 +20,6 @@ if sys.version_info[:3][0] == 3:
|
||||
import io as StringIO
|
||||
|
||||
DATA_VOL = "/data"
|
||||
JOB_LOG_DIR = os.path.join(DATA_VOL, "job_logs")
|
||||
|
||||
def validate(conf, args):
|
||||
if args.ha_mode:
|
||||
@ -182,10 +181,6 @@ def delfile(src):
|
||||
itemsrc=os.path.join(src,item)
|
||||
delfile(itemsrc)
|
||||
|
||||
if not os.path.exists(JOB_LOG_DIR):
|
||||
os.makedirs(JOB_LOG_DIR)
|
||||
mark_file(JOB_LOG_DIR, mode=0o755)
|
||||
|
||||
parser = argparse.ArgumentParser()
|
||||
parser.add_argument('--conf', dest='cfgfile', default=base_dir+'/harbor.cfg',type=str,help="the path of Harbor configuration file")
|
||||
parser.add_argument('--with-notary', dest='notary_mode', default=False, action='store_true', help="the Harbor instance is to be deployed with notary")
|
||||
@ -319,6 +314,14 @@ jobservice_url = "http://jobservice:8080"
|
||||
clair_url = "http://clair:6060"
|
||||
notary_url = "http://notary-server:4443"
|
||||
|
||||
if len(admiral_url) != 0 and admiral_url != "NA":
|
||||
#VIC overwrites the data volume path, which by default should be same as the value of secretkey_path
|
||||
DATA_VOL = secretkey_path
|
||||
JOB_LOG_DIR = os.path.join(DATA_VOL, "job_logs")
|
||||
if not os.path.exists(JOB_LOG_DIR):
|
||||
os.makedirs(JOB_LOG_DIR)
|
||||
mark_file(JOB_LOG_DIR, mode=0o755)
|
||||
|
||||
if protocol == "https":
|
||||
target_cert_path = os.path.join(cert_dir, os.path.basename(cert_path))
|
||||
if not os.path.exists(cert_dir):
|
||||
@ -553,7 +556,9 @@ if args.notary_mode:
|
||||
mark_file(os.path.join(notary_config_dir, "notary-signer-ca.crt"))
|
||||
mark_file(os.path.join(notary_config_dir, "root.crt"))
|
||||
print("Copying notary signer configuration file")
|
||||
shutil.copy2(os.path.join(notary_temp_dir, "signer-config.postgres.json"), notary_config_dir)
|
||||
#Call render instead of copy so the umask will take effect to mark the file as 0644
|
||||
render(os.path.join(notary_temp_dir, "signer-config.postgres.json"),
|
||||
os.path.join(notary_config_dir, "signer-config.postgres.json"))
|
||||
render(os.path.join(notary_temp_dir, "server-config.postgres.json"),
|
||||
os.path.join(notary_config_dir, "server-config.postgres.json"),
|
||||
token_endpoint=public_url)
|
||||
@ -600,4 +605,4 @@ if args.ha_mode:
|
||||
prepare_ha(rcp, args)
|
||||
|
||||
FNULL.close()
|
||||
print("The configuration files are ready, please use docker-compose to start the service.")
|
||||
print("The configuration files are ready, please use docker-compose to start the service.")
|
||||
|
Loading…
Reference in New Issue
Block a user