Provide a util function to return a common HTTP transport

1. Provide a util function to return a shared HTTP transport
2. Read secretkey from the configuration of replication

Signed-off-by: Wenkai Yin <yinw@vmware.com>

src/replication/ng/adapter/harbor/adapter.go

@@ -18,16 +18,14 @@ import (
 	"fmt"
 	"net/http"
 
-	// "strconv"
-
 	common_http "github.com/goharbor/harbor/src/common/http"
 	"github.com/goharbor/harbor/src/common/http/modifier"
 	common_http_auth "github.com/goharbor/harbor/src/common/http/modifier/auth"
 	"github.com/goharbor/harbor/src/common/utils/log"
-	registry_pkg "github.com/goharbor/harbor/src/common/utils/registry"
 	"github.com/goharbor/harbor/src/common/utils/registry/auth"
 	adp "github.com/goharbor/harbor/src/replication/ng/adapter"
 	"github.com/goharbor/harbor/src/replication/ng/model"
+	"github.com/goharbor/harbor/src/replication/ng/util"
 )
 
 // TODO add UT
@@ -50,8 +48,7 @@ type adapter struct {
 }
 
 func newAdapter(registry *model.Registry) *adapter {
-	// TODO use the global transport
+	transport := util.GetHTTPTransport(registry.Insecure)
-	transport := registry_pkg.GetHTTPTransport(registry.Insecure)
 	modifiers := []modifier.Modifier{
 		&auth.UserAgentModifier{
 			UserAgent: adp.UserAgentReplicator,

src/replication/ng/adapter/image_registry.go

@@ -22,6 +22,8 @@ import (
 	"strings"
 	"sync"
 
+	"github.com/goharbor/harbor/src/replication/ng/util"
+
 	"github.com/docker/distribution"
 	"github.com/docker/distribution/manifest/schema1"
 	"github.com/goharbor/harbor/src/common/http/modifier"
@@ -59,8 +61,7 @@ type DefaultImageRegistry struct {
 
 // NewDefaultImageRegistry returns an instance of DefaultImageRegistry
 func NewDefaultImageRegistry(registry *model.Registry) *DefaultImageRegistry {
-	// use the same HTTP connection pool for all clients
+	transport := util.GetHTTPTransport(registry.Insecure)
-	transport := registry_pkg.GetHTTPTransport(registry.Insecure)
 	modifiers := []modifier.Modifier{
 		&auth.UserAgentModifier{
 			UserAgent: UserAgentReplicator,

src/replication/ng/operation/scheduler/scheduler.go

@@ -31,9 +31,6 @@ type defaultScheduler struct {
 	client job.Client
 }
 
-// TODO use the service account?
-// TODO use the common transport
-
 // NewScheduler returns an instance of Scheduler
 func NewScheduler(js job.Client) Scheduler {
 	return &defaultScheduler{

src/replication/ng/registry/manager.go

@@ -18,12 +18,13 @@ import (
 	"fmt"
 	"net/http"
 
+	"github.com/goharbor/harbor/src/replication/ng/util"
+
 	"github.com/goharbor/harbor/src/common/utils"
 	"github.com/goharbor/harbor/src/common/utils/log"
 	"github.com/goharbor/harbor/src/common/utils/registry"
 	"github.com/goharbor/harbor/src/common/utils/registry/auth"
-	// TODO use the replication config rather than the core
+	"github.com/goharbor/harbor/src/replication/ng/config"
-	"github.com/goharbor/harbor/src/core/config"
 	"github.com/goharbor/harbor/src/replication/ng/dao"
 	"github.com/goharbor/harbor/src/replication/ng/dao/models"
 	"github.com/goharbor/harbor/src/replication/ng/model"
@@ -212,7 +213,7 @@ func healthStatus(r *model.Registry) (HealthStatus, error) {
 		return Unknown, fmt.Errorf("unknown registry type '%s'", model.RegistryTypeHarbor)
 	}
 
-	transport := registry.GetHTTPTransport(r.Insecure)
+	transport := util.GetHTTPTransport(r.Insecure)
 	credential := auth.NewBasicAuthCredential(r.Credential.AccessKey, r.Credential.AccessSecret)
 	authorizer := auth.NewStandardTokenAuthorizer(&http.Client{
 		Transport: transport,
@@ -238,11 +239,7 @@ func decrypt(secret string) (string, error) {
 		return "", nil
 	}
 
-	key, err := config.SecretKey()
+	decrypted, err := utils.ReversibleDecrypt(secret, config.Config.SecretKey)
-	if err != nil {
-		return "", err
-	}
-	decrypted, err := utils.ReversibleDecrypt(secret, key)
 	if err != nil {
 		return "", err
 	}
@@ -256,11 +253,7 @@ func encrypt(secret string) (string, error) {
 		return secret, nil
 	}
 
-	key, err := config.SecretKey()
+	encrypted, err := utils.ReversibleEncrypt(secret, config.Config.SecretKey)
-	if err != nil {
-		return "", err
-	}
-	encrypted, err := utils.ReversibleEncrypt(secret, key)
 	if err != nil {
 		return "", err
 	}

src/replication/ng/util/util.go

@@ -15,10 +15,18 @@
 package util
 
 import (
+	"net/http"
 	"path/filepath"
+
+	"github.com/goharbor/harbor/src/common/utils/registry"
 )
 
 // Match returns whether the str matches the pattern
 func Match(pattern, str string) (bool, error) {
 	return filepath.Match(pattern, str)
 }
+
+// GetHTTPTransport can be used to share the common HTTP transport
+func GetHTTPTransport(insecure bool) *http.Transport {
+	return registry.GetHTTPTransport(insecure)
+}

src/replication/ng/util/util_test.go

@@ -75,3 +75,10 @@ func TestMatch(t *testing.T) {
 		assert.Equal(t, c.match, match)
 	}
 }
+
+func TestGetHTTPTransport(t *testing.T) {
+	transport := GetHTTPTransport(true)
+	assert.True(t, transport.TLSClientConfig.InsecureSkipVerify)
+	transport = GetHTTPTransport(false)
+	assert.False(t, transport.TLSClientConfig.InsecureSkipVerify)
+}