diff --git a/src/replication/ng/adapter/harbor/adapter.go b/src/replication/ng/adapter/harbor/adapter.go index 58f93831b..dced51c68 100644 --- a/src/replication/ng/adapter/harbor/adapter.go +++ b/src/replication/ng/adapter/harbor/adapter.go @@ -18,16 +18,14 @@ import ( "fmt" "net/http" - // "strconv" - common_http "github.com/goharbor/harbor/src/common/http" "github.com/goharbor/harbor/src/common/http/modifier" common_http_auth "github.com/goharbor/harbor/src/common/http/modifier/auth" "github.com/goharbor/harbor/src/common/utils/log" - registry_pkg "github.com/goharbor/harbor/src/common/utils/registry" "github.com/goharbor/harbor/src/common/utils/registry/auth" adp "github.com/goharbor/harbor/src/replication/ng/adapter" "github.com/goharbor/harbor/src/replication/ng/model" + "github.com/goharbor/harbor/src/replication/ng/util" ) // TODO add UT @@ -50,8 +48,7 @@ type adapter struct { } func newAdapter(registry *model.Registry) *adapter { - // TODO use the global transport - transport := registry_pkg.GetHTTPTransport(registry.Insecure) + transport := util.GetHTTPTransport(registry.Insecure) modifiers := []modifier.Modifier{ &auth.UserAgentModifier{ UserAgent: adp.UserAgentReplicator, diff --git a/src/replication/ng/adapter/image_registry.go b/src/replication/ng/adapter/image_registry.go index 2b61123e8..264a72228 100644 --- a/src/replication/ng/adapter/image_registry.go +++ b/src/replication/ng/adapter/image_registry.go @@ -22,6 +22,8 @@ import ( "strings" "sync" + "github.com/goharbor/harbor/src/replication/ng/util" + "github.com/docker/distribution" "github.com/docker/distribution/manifest/schema1" "github.com/goharbor/harbor/src/common/http/modifier" @@ -59,8 +61,7 @@ type DefaultImageRegistry struct { // NewDefaultImageRegistry returns an instance of DefaultImageRegistry func NewDefaultImageRegistry(registry *model.Registry) *DefaultImageRegistry { - // use the same HTTP connection pool for all clients - transport := registry_pkg.GetHTTPTransport(registry.Insecure) + transport := util.GetHTTPTransport(registry.Insecure) modifiers := []modifier.Modifier{ &auth.UserAgentModifier{ UserAgent: UserAgentReplicator, diff --git a/src/replication/ng/operation/scheduler/scheduler.go b/src/replication/ng/operation/scheduler/scheduler.go index 9cbfac285..b3e324eee 100644 --- a/src/replication/ng/operation/scheduler/scheduler.go +++ b/src/replication/ng/operation/scheduler/scheduler.go @@ -31,9 +31,6 @@ type defaultScheduler struct { client job.Client } -// TODO use the service account? -// TODO use the common transport - // NewScheduler returns an instance of Scheduler func NewScheduler(js job.Client) Scheduler { return &defaultScheduler{ diff --git a/src/replication/ng/registry/manager.go b/src/replication/ng/registry/manager.go index a80e5eb17..f0e5f52ba 100644 --- a/src/replication/ng/registry/manager.go +++ b/src/replication/ng/registry/manager.go @@ -18,12 +18,13 @@ import ( "fmt" "net/http" + "github.com/goharbor/harbor/src/replication/ng/util" + "github.com/goharbor/harbor/src/common/utils" "github.com/goharbor/harbor/src/common/utils/log" "github.com/goharbor/harbor/src/common/utils/registry" "github.com/goharbor/harbor/src/common/utils/registry/auth" - // TODO use the replication config rather than the core - "github.com/goharbor/harbor/src/core/config" + "github.com/goharbor/harbor/src/replication/ng/config" "github.com/goharbor/harbor/src/replication/ng/dao" "github.com/goharbor/harbor/src/replication/ng/dao/models" "github.com/goharbor/harbor/src/replication/ng/model" @@ -212,7 +213,7 @@ func healthStatus(r *model.Registry) (HealthStatus, error) { return Unknown, fmt.Errorf("unknown registry type '%s'", model.RegistryTypeHarbor) } - transport := registry.GetHTTPTransport(r.Insecure) + transport := util.GetHTTPTransport(r.Insecure) credential := auth.NewBasicAuthCredential(r.Credential.AccessKey, r.Credential.AccessSecret) authorizer := auth.NewStandardTokenAuthorizer(&http.Client{ Transport: transport, @@ -238,11 +239,7 @@ func decrypt(secret string) (string, error) { return "", nil } - key, err := config.SecretKey() - if err != nil { - return "", err - } - decrypted, err := utils.ReversibleDecrypt(secret, key) + decrypted, err := utils.ReversibleDecrypt(secret, config.Config.SecretKey) if err != nil { return "", err } @@ -256,11 +253,7 @@ func encrypt(secret string) (string, error) { return secret, nil } - key, err := config.SecretKey() - if err != nil { - return "", err - } - encrypted, err := utils.ReversibleEncrypt(secret, key) + encrypted, err := utils.ReversibleEncrypt(secret, config.Config.SecretKey) if err != nil { return "", err } diff --git a/src/replication/ng/util/util.go b/src/replication/ng/util/util.go index b8e7413cd..375e16d60 100644 --- a/src/replication/ng/util/util.go +++ b/src/replication/ng/util/util.go @@ -15,10 +15,18 @@ package util import ( + "net/http" "path/filepath" + + "github.com/goharbor/harbor/src/common/utils/registry" ) // Match returns whether the str matches the pattern func Match(pattern, str string) (bool, error) { return filepath.Match(pattern, str) } + +// GetHTTPTransport can be used to share the common HTTP transport +func GetHTTPTransport(insecure bool) *http.Transport { + return registry.GetHTTPTransport(insecure) +} diff --git a/src/replication/ng/util/util_test.go b/src/replication/ng/util/util_test.go index 9828b3981..c68af51e6 100644 --- a/src/replication/ng/util/util_test.go +++ b/src/replication/ng/util/util_test.go @@ -75,3 +75,10 @@ func TestMatch(t *testing.T) { assert.Equal(t, c.match, match) } } + +func TestGetHTTPTransport(t *testing.T) { + transport := GetHTTPTransport(true) + assert.True(t, transport.TLSClientConfig.InsecureSkipVerify) + transport = GetHTTPTransport(false) + assert.False(t, transport.TLSClientConfig.InsecureSkipVerify) +}