Merge pull request #2536 from wy65701436/pms-interceptor

notary interceptor
This commit is contained in:
Daniel Jiang 2017-06-19 10:58:40 +08:00 committed by GitHub
commit 6ee631d1eb
2 changed files with 60 additions and 1 deletions

View File

@ -2,10 +2,13 @@ package proxy
import (
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"github.com/vmware/harbor/src/common"
"github.com/vmware/harbor/src/common/models"
notarytest "github.com/vmware/harbor/src/common/utils/notary/test"
utilstest "github.com/vmware/harbor/src/common/utils/test"
"github.com/vmware/harbor/src/ui/config"
"github.com/vmware/harbor/src/ui/projectmanager/pms"
"net/http"
"net/http/httptest"
@ -17,6 +20,9 @@ var endpoint = "10.117.4.142"
var notaryServer *httptest.Server
var adminServer *httptest.Server
var admiralEndpoint = "http://127.0.0.1:8282"
var token = ""
func TestMain(m *testing.M) {
notaryServer = notarytest.NewNotaryServer(endpoint)
defer notaryServer.Close()
@ -95,6 +101,31 @@ func TestEnvPolicyChecker(t *testing.T) {
assert.False(vulFlag)
}
func TestPMSPolicyChecker(t *testing.T) {
pm := pms.NewProjectManager(admiralEndpoint, token)
name := "project_for_test_get_true"
id, err := pm.Create(&models.Project{
Name: name,
EnableContentTrust: true,
})
require.Nil(t, err)
defer func(id int64) {
if err := pm.Delete(id); err != nil {
require.Nil(t, err)
}
}(id)
project, err := pm.Get(id)
assert.Nil(t, err)
assert.Equal(t, id, project.ProjectID)
server, err2 := utilstest.NewAdminserver(nil)
if err2 != nil {
t.Fatalf("failed to create a mock admin server: %v", err2)
}
defer server.Close()
contentTrustFlag := getPolicyChecker().contentTrustEnabled("project_for_test_get_true")
assert.True(t, contentTrustFlag)
}
func TestMatchNotaryDigest(t *testing.T) {
assert := assert.New(t)
//The data from common/utils/notary/helper_test.go

View File

@ -5,6 +5,8 @@ import (
"github.com/vmware/harbor/src/common/utils/log"
"github.com/vmware/harbor/src/common/utils/notary"
"github.com/vmware/harbor/src/ui/config"
"github.com/vmware/harbor/src/ui/projectmanager"
"github.com/vmware/harbor/src/ui/projectmanager/pms"
"context"
"fmt"
@ -64,8 +66,34 @@ func (ec envPolicyChecker) vulnerableEnabled(name string) bool {
return os.Getenv("PROJECT_VULNERABBLE") == "1"
}
//TODO: integrate with PMS to get project policies
type pmsPolicyChecker struct {
pm projectmanager.ProjectManager
}
func (pc pmsPolicyChecker) contentTrustEnabled(name string) bool {
project, err := pc.pm.Get(name)
if err != nil {
log.Errorf("Unexpected error when getting the project, error: %v", err)
return true
}
return project.EnableContentTrust
}
func (pc pmsPolicyChecker) vulnerableEnabled(name string) bool {
return true
}
// newPMSPolicyChecker returns an instance of an pmsPolicyChecker
func newPMSPolicyChecker(pm projectmanager.ProjectManager) policyChecker {
return &pmsPolicyChecker{
pm: pm,
}
}
// TODO: Get project manager with PM factory.
func getPolicyChecker() policyChecker {
if config.WithAdmiral() {
return newPMSPolicyChecker(pms.NewProjectManager(config.AdmiralEndpoint(), ""))
}
return EnvChecker
}