mirror of
https://github.com/goharbor/harbor.git
synced 2024-12-22 08:38:03 +01:00
Support configuring sslmode for the connection of database (#5861)
The sslmode of the connection with postgresql is hardcoded as "disable" currently, this commit expose it as an environment variable so that users can configure it Signed-off-by: Wenkai Yin <yinw@vmware.com>
This commit is contained in:
parent
c25ad4a3ed
commit
89893779fb
@ -18,6 +18,7 @@ POSTGRESQL_PORT=$db_port
|
||||
POSTGRESQL_USERNAME=$db_user
|
||||
POSTGRESQL_PASSWORD=$db_password
|
||||
POSTGRESQL_DATABASE=registry
|
||||
POSTGRESQL_SSLMODE=disable
|
||||
LDAP_GROUP_BASEDN=$ldap_group_basedn
|
||||
LDAP_GROUP_FILTER=$ldap_group_filter
|
||||
LDAP_GROUP_GID=$ldap_group_gid
|
||||
@ -48,6 +49,7 @@ CLAIR_DB_HOST=$clair_db_host
|
||||
CLAIR_DB_PORT=$clair_db_port
|
||||
CLAIR_DB_USERNAME=$clair_db_username
|
||||
CLAIR_DB=$clair_db
|
||||
CLAIR_DB_SSLMODE=disable
|
||||
RESET=$reload_config
|
||||
UAA_ENDPOINT=$uaa_endpoint
|
||||
UAA_CLIENTID=$uaa_clientid
|
||||
|
@ -147,6 +147,7 @@ var (
|
||||
env: "CLAIR_DB_PORT",
|
||||
parse: parseStringToInt,
|
||||
},
|
||||
common.ClairDBSSLMode: "CLAIR_DB_SSLMODE",
|
||||
common.UAAEndpoint: "UAA_ENDPOINT",
|
||||
common.UAAClientID: "UAA_CLIENTID",
|
||||
common.UAAClientSecret: "UAA_CLIENTSECRET",
|
||||
@ -210,6 +211,7 @@ var (
|
||||
env: "CLAIR_DB_PORT",
|
||||
parse: parseStringToInt,
|
||||
},
|
||||
common.ClairDBSSLMode: "CLAIR_DB_SSLMODE",
|
||||
common.UAAEndpoint: "UAA_ENDPOINT",
|
||||
common.UAAClientID: "UAA_CLIENTID",
|
||||
common.UAAClientSecret: "UAA_CLIENTSECRET",
|
||||
@ -430,6 +432,7 @@ func GetDatabaseFromCfg(cfg map[string]interface{}) *models.Database {
|
||||
postgresql.Username = utils.SafeCastString(cfg[common.PostGreSQLUsername])
|
||||
postgresql.Password = utils.SafeCastString(cfg[common.PostGreSQLPassword])
|
||||
postgresql.Database = utils.SafeCastString(cfg[common.PostGreSQLDatabase])
|
||||
postgresql.SSLMode = utils.SafeCastString(cfg[common.PostGreSQLSSLMode])
|
||||
database.PostGreSQL = postgresql
|
||||
return database
|
||||
}
|
||||
|
@ -88,6 +88,7 @@ const (
|
||||
ClairDBPort = "clair_db_port"
|
||||
ClairDB = "clair_db"
|
||||
ClairDBUsername = "clair_db_username"
|
||||
ClairDBSSLMode = "clair_db_sslmode"
|
||||
UAAEndpoint = "uaa_endpoint"
|
||||
UAAClientID = "uaa_client_id"
|
||||
UAAClientSecret = "uaa_client_secret"
|
||||
|
@ -52,7 +52,7 @@ func InitClairDB(clairDB *models.PostGreSQL) error {
|
||||
usr: clairDB.Username,
|
||||
pwd: clairDB.Password,
|
||||
database: clairDB.Database,
|
||||
sslmode: false,
|
||||
sslmode: clairDB.SSLMode,
|
||||
}
|
||||
if err := p.Register(ClairDBAlias); err != nil {
|
||||
return err
|
||||
@ -108,7 +108,7 @@ func getDatabase(database *models.Database) (db Database, err error) {
|
||||
database.PostGreSQL.Username,
|
||||
database.PostGreSQL.Password,
|
||||
database.PostGreSQL.Database,
|
||||
false)
|
||||
database.PostGreSQL.SSLMode)
|
||||
default:
|
||||
err = fmt.Errorf("invalid database: %s", database.Type)
|
||||
}
|
||||
|
@ -36,16 +36,7 @@ type pgsql struct {
|
||||
usr string
|
||||
pwd string
|
||||
database string
|
||||
sslmode bool
|
||||
}
|
||||
|
||||
type pgsqlSSLMode bool
|
||||
|
||||
func (pm pgsqlSSLMode) String() string {
|
||||
if bool(pm) {
|
||||
return "enable"
|
||||
}
|
||||
return "disable"
|
||||
sslmode string
|
||||
}
|
||||
|
||||
// Name returns the name of PostgreSQL
|
||||
@ -56,11 +47,14 @@ func (p *pgsql) Name() string {
|
||||
// String ...
|
||||
func (p *pgsql) String() string {
|
||||
return fmt.Sprintf("type-%s host-%s port-%s databse-%s sslmode-%q",
|
||||
p.Name(), p.host, p.port, p.database, pgsqlSSLMode(p.sslmode))
|
||||
p.Name(), p.host, p.port, p.database, p.sslmode)
|
||||
}
|
||||
|
||||
// NewPGSQL returns an instance of postgres
|
||||
func NewPGSQL(host string, port string, usr string, pwd string, database string, sslmode bool) Database {
|
||||
func NewPGSQL(host string, port string, usr string, pwd string, database string, sslmode string) Database {
|
||||
if len(sslmode) == 0 {
|
||||
sslmode = "disable"
|
||||
}
|
||||
return &pgsql{
|
||||
host: host,
|
||||
port: port,
|
||||
@ -86,14 +80,14 @@ func (p *pgsql) Register(alias ...string) error {
|
||||
an = alias[0]
|
||||
}
|
||||
info := fmt.Sprintf("host=%s port=%s user=%s password=%s dbname=%s sslmode=%s",
|
||||
p.host, p.port, p.usr, p.pwd, p.database, pgsqlSSLMode(p.sslmode))
|
||||
p.host, p.port, p.usr, p.pwd, p.database, p.sslmode)
|
||||
|
||||
return orm.RegisterDataBase(an, "postgres", info)
|
||||
}
|
||||
|
||||
// UpgradeSchema calls migrate tool to upgrade schema to the latest based on the SQL scripts.
|
||||
func (p *pgsql) UpgradeSchema() error {
|
||||
dbURL := fmt.Sprintf("postgres://%s:%s@%s:%s/%s?sslmode=%s", p.usr, p.pwd, p.host, p.port, p.database, pgsqlSSLMode(p.sslmode))
|
||||
dbURL := fmt.Sprintf("postgres://%s:%s@%s:%s/%s?sslmode=%s", p.usr, p.pwd, p.host, p.port, p.database, p.sslmode)
|
||||
// For UT
|
||||
path := os.Getenv("POSTGRES_MIGRATION_SCRIPTS_PATH")
|
||||
if len(path) == 0 {
|
||||
|
@ -50,6 +50,7 @@ type PostGreSQL struct {
|
||||
Username string `json:"username"`
|
||||
Password string `json:"password,omitempty"`
|
||||
Database string `json:"database"`
|
||||
SSLMode string `json:"sslmode"`
|
||||
}
|
||||
|
||||
// Email ...
|
||||
|
@ -410,6 +410,7 @@ func Database() (*models.Database, error) {
|
||||
postgresql.Username = utils.SafeCastString(cfg[common.PostGreSQLUsername])
|
||||
postgresql.Password = utils.SafeCastString(cfg[common.PostGreSQLPassword])
|
||||
postgresql.Database = utils.SafeCastString(cfg[common.PostGreSQLDatabase])
|
||||
postgresql.SSLMode = utils.SafeCastString(cfg[common.PostGreSQLSSLMode])
|
||||
database.PostGreSQL = postgresql
|
||||
|
||||
return database, nil
|
||||
@ -471,6 +472,7 @@ func ClairDB() (*models.PostGreSQL, error) {
|
||||
clairDB.Username = utils.SafeCastString(cfg[common.ClairDBUsername])
|
||||
clairDB.Password = utils.SafeCastString(cfg[common.ClairDBPassword])
|
||||
clairDB.Database = utils.SafeCastString(cfg[common.ClairDB])
|
||||
clairDB.SSLMode = utils.SafeCastString(cfg[common.ClairDBSSLMode])
|
||||
return clairDB, nil
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user