Provide a util function to return a common HTTP transport

1. Provide a util function to return a shared HTTP transport 2. Read secretkey from the configuration of replication Signed-off-by: Wenkai Yin <yinw@vmware.com>
2024-08-21 03:22:50 +02:00 · 2019-04-01 19:52:37 +08:00 · 2019-04-01 19:52:37 +08:00 · b42ae1c994
commit b42ae1c994
parent df2ae63308
6 changed files with 26 additions and 23 deletions
--- a/src/replication/ng/adapter/harbor/adapter.go
+++ b/src/replication/ng/adapter/harbor/adapter.go
@ -18,16 +18,14 @@ import (
 	"fmt"
 	"net/http"

-	// "strconv"
-
 	common_http "github.com/goharbor/harbor/src/common/http"
 	"github.com/goharbor/harbor/src/common/http/modifier"
 	common_http_auth "github.com/goharbor/harbor/src/common/http/modifier/auth"
 	"github.com/goharbor/harbor/src/common/utils/log"
-	registry_pkg "github.com/goharbor/harbor/src/common/utils/registry"
 	"github.com/goharbor/harbor/src/common/utils/registry/auth"
 	adp "github.com/goharbor/harbor/src/replication/ng/adapter"
 	"github.com/goharbor/harbor/src/replication/ng/model"
+	"github.com/goharbor/harbor/src/replication/ng/util"
 )

 // TODO add UT
@ -50,8 +48,7 @@ type adapter struct {
 }

 func newAdapter(registry *model.Registry) *adapter {
-	// TODO use the global transport
-	transport := registry_pkg.GetHTTPTransport(registry.Insecure)
+	transport := util.GetHTTPTransport(registry.Insecure)
 	modifiers := []modifier.Modifier{
 		&auth.UserAgentModifier{
 			UserAgent: adp.UserAgentReplicator,
--- a/src/replication/ng/adapter/image_registry.go
+++ b/src/replication/ng/adapter/image_registry.go
@ -22,6 +22,8 @@ import (
 	"strings"
 	"sync"

+	"github.com/goharbor/harbor/src/replication/ng/util"
+
 	"github.com/docker/distribution"
 	"github.com/docker/distribution/manifest/schema1"
 	"github.com/goharbor/harbor/src/common/http/modifier"
@ -59,8 +61,7 @@ type DefaultImageRegistry struct {

 // NewDefaultImageRegistry returns an instance of DefaultImageRegistry
 func NewDefaultImageRegistry(registry *model.Registry) *DefaultImageRegistry {
-	// use the same HTTP connection pool for all clients
-	transport := registry_pkg.GetHTTPTransport(registry.Insecure)
+	transport := util.GetHTTPTransport(registry.Insecure)
 	modifiers := []modifier.Modifier{
 		&auth.UserAgentModifier{
 			UserAgent: UserAgentReplicator,
--- a/src/replication/ng/operation/scheduler/scheduler.go
+++ b/src/replication/ng/operation/scheduler/scheduler.go
@ -31,9 +31,6 @@ type defaultScheduler struct {
 	client job.Client
 }

-// TODO use the service account?
-// TODO use the common transport
-
 // NewScheduler returns an instance of Scheduler
 func NewScheduler(js job.Client) Scheduler {
 	return &defaultScheduler{
--- a/src/replication/ng/registry/manager.go
+++ b/src/replication/ng/registry/manager.go
@ -18,12 +18,13 @@ import (
 	"fmt"
 	"net/http"

+	"github.com/goharbor/harbor/src/replication/ng/util"
+
 	"github.com/goharbor/harbor/src/common/utils"
 	"github.com/goharbor/harbor/src/common/utils/log"
 	"github.com/goharbor/harbor/src/common/utils/registry"
 	"github.com/goharbor/harbor/src/common/utils/registry/auth"
-	// TODO use the replication config rather than the core
-	"github.com/goharbor/harbor/src/core/config"
+	"github.com/goharbor/harbor/src/replication/ng/config"
 	"github.com/goharbor/harbor/src/replication/ng/dao"
 	"github.com/goharbor/harbor/src/replication/ng/dao/models"
 	"github.com/goharbor/harbor/src/replication/ng/model"
@ -212,7 +213,7 @@ func healthStatus(r *model.Registry) (HealthStatus, error) {
 		return Unknown, fmt.Errorf("unknown registry type '%s'", model.RegistryTypeHarbor)
 	}

-	transport := registry.GetHTTPTransport(r.Insecure)
+	transport := util.GetHTTPTransport(r.Insecure)
 	credential := auth.NewBasicAuthCredential(r.Credential.AccessKey, r.Credential.AccessSecret)
 	authorizer := auth.NewStandardTokenAuthorizer(&http.Client{
 		Transport: transport,
@ -238,11 +239,7 @@ func decrypt(secret string) (string, error) {
 		return "", nil
 	}

-	key, err := config.SecretKey()
-	if err != nil {
-		return "", err
-	}
-	decrypted, err := utils.ReversibleDecrypt(secret, key)
+	decrypted, err := utils.ReversibleDecrypt(secret, config.Config.SecretKey)
 	if err != nil {
 		return "", err
 	}
@ -256,11 +253,7 @@ func encrypt(secret string) (string, error) {
 		return secret, nil
 	}

-	key, err := config.SecretKey()
-	if err != nil {
-		return "", err
-	}
-	encrypted, err := utils.ReversibleEncrypt(secret, key)
+	encrypted, err := utils.ReversibleEncrypt(secret, config.Config.SecretKey)
 	if err != nil {
 		return "", err
 	}
--- a/src/replication/ng/util/util.go
+++ b/src/replication/ng/util/util.go
@ -15,10 +15,18 @@
 package util

 import (
+	"net/http"
 	"path/filepath"
+
+	"github.com/goharbor/harbor/src/common/utils/registry"
 )

 // Match returns whether the str matches the pattern
 func Match(pattern, str string) (bool, error) {
 	return filepath.Match(pattern, str)
 }
+
+// GetHTTPTransport can be used to share the common HTTP transport
+func GetHTTPTransport(insecure bool) *http.Transport {
+	return registry.GetHTTPTransport(insecure)
+}
--- a/src/replication/ng/util/util_test.go
+++ b/src/replication/ng/util/util_test.go
@ -75,3 +75,10 @@ func TestMatch(t *testing.T) {
 		assert.Equal(t, c.match, match)
 	}
 }
+
+func TestGetHTTPTransport(t *testing.T) {
+	transport := GetHTTPTransport(true)
+	assert.True(t, transport.TLSClientConfig.InsecureSkipVerify)
+	transport = GetHTTPTransport(false)
+	assert.False(t, transport.TLSClientConfig.InsecureSkipVerify)
+}