diff --git a/src/ui/service/notification.go b/src/ui/service/notification.go index 7dc161f32..7432a1bde 100644 --- a/src/ui/service/notification.go +++ b/src/ui/service/notification.go @@ -16,6 +16,7 @@ package service import ( "encoding/json" + "os" "regexp" "strings" "time" @@ -25,6 +26,8 @@ import ( "github.com/vmware/harbor/src/common/utils" "github.com/vmware/harbor/src/common/utils/log" "github.com/vmware/harbor/src/ui/api" + "github.com/vmware/harbor/src/ui/config" + "github.com/vmware/harbor/src/ui/projectmanager/pms" ) // NotificationHandler handles request on /service/notifications/, which listens to registry's events. @@ -96,7 +99,13 @@ func (n *NotificationHandler) Post() { log.Errorf("Error happens when adding repository: %v", err) } }() + go api.TriggerReplicationByRepository(pro.ProjectID, repository, []string{tag}, models.RepOpTransfer) + if autoScanEnabled(project) { + if err := api.TriggerImageScan(repository, tag); err != nil { + log.Warningf("Failed to scan image, repository: %s, tag: %s, error: %v", repository, tag, err) + } + } } if action == "pull" { go func() { @@ -145,6 +154,27 @@ func filterEvents(notification *models.Notification) ([]*models.Event, error) { return events, nil } +func autoScanEnabled(projectName string) bool { + if !config.WithClair() { + log.Debugf("Auto Scan disabled because Harbor is not deployed with Clair") + return false + } + if config.WithAdmiral() { + //TODO get a project manager based on service account. + var pm *pms.ProjectManager = pms.NewProjectManager("", "") + p, err := pm.Get(projectName) + if err != nil { + log.Warningf("failed to get project, error: %v", err) + return false + } else if p == nil { + log.Warningf("project with name: %s not found.", projectName) + return false + } + return p.AutomaticallyScanImagesOnPush + } + return os.Getenv("ENABLE_HARBOR_SCAN_ON_PUSH") == "1" +} + // Render returns nil as it won't render any template. func (n *NotificationHandler) Render() error { return nil