Upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor.git synced 2025-01-18 13:41:21 +01:00
Code Issues Projects Releases Wiki Activity

prepare should remove the temp files generated for creating certificate

Browse Source
This commit is contained in:
Tan Jiang 2017-03-29 16:39:57 +08:00
parent ef21b25115
commit 864e0f415e
1 changed files with 22 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
make/prepare
View File

@ -319,27 +319,33 @@ if args.notary_mode:
shutil.rmtree(os.path.join(notary_config_dir, "mysql-initdb.d")) shutil.rmtree(os.path.join(notary_config_dir, "mysql-initdb.d"))
shutil.copytree(os.path.join(notary_temp_dir, "mysql-initdb.d"), os.path.join(notary_config_dir, "mysql-initdb.d")) shutil.copytree(os.path.join(notary_temp_dir, "mysql-initdb.d"), os.path.join(notary_config_dir, "mysql-initdb.d"))
if customize_crt == 'on' and openssl_installed(): if customize_crt == 'on' and openssl_installed():
temp_cert_dir = os.path.join(base_dir, "cert_tmp") try:
if not os.path.exists(temp_cert_dir): temp_cert_dir = os.path.join(base_dir, "cert_tmp")
os.makedirs(temp_cert_dir) if not os.path.exists(temp_cert_dir):
ca_subj = "/C=US/ST=California/L=Palo Alto/O=VMware, Inc./OU=Harbor/CN=Self-signed by VMware, Inc." os.makedirs(temp_cert_dir)
cert_subj = "/C=US/ST=California/L=Palo Alto/O=VMware, Inc./OU=Harbor/CN=notarysigner" ca_subj = "/C=US/ST=California/L=Palo Alto/O=VMware, Inc./OU=Harbor/CN=Self-signed by VMware, Inc."
signer_ca_cert = os.path.join(temp_cert_dir, "notary-signer-ca.crt") cert_subj = "/C=US/ST=California/L=Palo Alto/O=VMware, Inc./OU=Harbor/CN=notarysigner"
signer_ca_key = os.path.join(temp_cert_dir, "notary-signer-ca.key") signer_ca_cert = os.path.join(temp_cert_dir, "notary-signer-ca.crt")
signer_cert_path = os.path.join(temp_cert_dir, "notary-signer.crt") signer_ca_key = os.path.join(temp_cert_dir, "notary-signer-ca.key")
signer_key_path = os.path.join(temp_cert_dir, "notary-signer.key") signer_cert_path = os.path.join(temp_cert_dir, "notary-signer.crt")
create_root_cert(ca_subj, key_path=signer_ca_key, cert_path=signer_ca_cert) signer_key_path = os.path.join(temp_cert_dir, "notary-signer.key")
create_cert(cert_subj, signer_ca_key, signer_ca_cert, key_path=signer_key_path, cert_path=signer_cert_path) create_root_cert(ca_subj, key_path=signer_ca_key, cert_path=signer_ca_cert)
print("Copying certs for notary signer") create_cert(cert_subj, signer_ca_key, signer_ca_cert, key_path=signer_key_path, cert_path=signer_cert_path)
shutil.copy2(signer_cert_path, notary_config_dir) print("Copying certs for notary signer")
shutil.copy2(signer_key_path, notary_config_dir) shutil.copy2(signer_cert_path, notary_config_dir)
shutil.copy2(signer_ca_cert, notary_config_dir) shutil.copy2(signer_key_path, notary_config_dir)
shutil.copy2(signer_ca_cert, notary_config_dir)
finally:
srl_tmp = os.path.join(os.getcwd(), ".srl")
if os.path.isfile(srl_tmp):
os.remove(srl_tmp)
if os.path.isdir(temp_cert_dir):
shutil.rmtree(temp_cert_dir, True)
else: else:
print("Copying certs for notary signer") print("Copying certs for notary signer")
shutil.copy2(os.path.join(notary_temp_dir, "notary-signer.crt"), notary_config_dir) shutil.copy2(os.path.join(notary_temp_dir, "notary-signer.crt"), notary_config_dir)
shutil.copy2(os.path.join(notary_temp_dir, "notary-signer.key"), notary_config_dir) shutil.copy2(os.path.join(notary_temp_dir, "notary-signer.key"), notary_config_dir)
shutil.copy2(os.path.join(notary_temp_dir, "notary-signer-ca.crt"), notary_config_dir) shutil.copy2(os.path.join(notary_temp_dir, "notary-signer-ca.crt"), notary_config_dir)
shutil.copy2(os.path.join(registry_config_dir, "root.crt"), notary_config_dir) shutil.copy2(os.path.join(registry_config_dir, "root.crt"), notary_config_dir)
print("Copying notary signer configuration file") print("Copying notary signer configuration file")
shutil.copy2(os.path.join(notary_temp_dir, "signer-config.json"), notary_config_dir) shutil.copy2(os.path.join(notary_temp_dir, "signer-config.json"), notary_config_dir)