mirror of
https://github.com/goharbor/harbor.git
synced 2024-10-27 21:59:38 +01:00
Provide a util function to return a common HTTP transport
1. Provide a util function to return a shared HTTP transport 2. Read secretkey from the configuration of replication Signed-off-by: Wenkai Yin <yinw@vmware.com>
This commit is contained in:
parent
df2ae63308
commit
b42ae1c994
@ -18,16 +18,14 @@ import (
|
|||||||
"fmt"
|
"fmt"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
|
||||||
// "strconv"
|
|
||||||
|
|
||||||
common_http "github.com/goharbor/harbor/src/common/http"
|
common_http "github.com/goharbor/harbor/src/common/http"
|
||||||
"github.com/goharbor/harbor/src/common/http/modifier"
|
"github.com/goharbor/harbor/src/common/http/modifier"
|
||||||
common_http_auth "github.com/goharbor/harbor/src/common/http/modifier/auth"
|
common_http_auth "github.com/goharbor/harbor/src/common/http/modifier/auth"
|
||||||
"github.com/goharbor/harbor/src/common/utils/log"
|
"github.com/goharbor/harbor/src/common/utils/log"
|
||||||
registry_pkg "github.com/goharbor/harbor/src/common/utils/registry"
|
|
||||||
"github.com/goharbor/harbor/src/common/utils/registry/auth"
|
"github.com/goharbor/harbor/src/common/utils/registry/auth"
|
||||||
adp "github.com/goharbor/harbor/src/replication/ng/adapter"
|
adp "github.com/goharbor/harbor/src/replication/ng/adapter"
|
||||||
"github.com/goharbor/harbor/src/replication/ng/model"
|
"github.com/goharbor/harbor/src/replication/ng/model"
|
||||||
|
"github.com/goharbor/harbor/src/replication/ng/util"
|
||||||
)
|
)
|
||||||
|
|
||||||
// TODO add UT
|
// TODO add UT
|
||||||
@ -50,8 +48,7 @@ type adapter struct {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func newAdapter(registry *model.Registry) *adapter {
|
func newAdapter(registry *model.Registry) *adapter {
|
||||||
// TODO use the global transport
|
transport := util.GetHTTPTransport(registry.Insecure)
|
||||||
transport := registry_pkg.GetHTTPTransport(registry.Insecure)
|
|
||||||
modifiers := []modifier.Modifier{
|
modifiers := []modifier.Modifier{
|
||||||
&auth.UserAgentModifier{
|
&auth.UserAgentModifier{
|
||||||
UserAgent: adp.UserAgentReplicator,
|
UserAgent: adp.UserAgentReplicator,
|
||||||
|
@ -22,6 +22,8 @@ import (
|
|||||||
"strings"
|
"strings"
|
||||||
"sync"
|
"sync"
|
||||||
|
|
||||||
|
"github.com/goharbor/harbor/src/replication/ng/util"
|
||||||
|
|
||||||
"github.com/docker/distribution"
|
"github.com/docker/distribution"
|
||||||
"github.com/docker/distribution/manifest/schema1"
|
"github.com/docker/distribution/manifest/schema1"
|
||||||
"github.com/goharbor/harbor/src/common/http/modifier"
|
"github.com/goharbor/harbor/src/common/http/modifier"
|
||||||
@ -59,8 +61,7 @@ type DefaultImageRegistry struct {
|
|||||||
|
|
||||||
// NewDefaultImageRegistry returns an instance of DefaultImageRegistry
|
// NewDefaultImageRegistry returns an instance of DefaultImageRegistry
|
||||||
func NewDefaultImageRegistry(registry *model.Registry) *DefaultImageRegistry {
|
func NewDefaultImageRegistry(registry *model.Registry) *DefaultImageRegistry {
|
||||||
// use the same HTTP connection pool for all clients
|
transport := util.GetHTTPTransport(registry.Insecure)
|
||||||
transport := registry_pkg.GetHTTPTransport(registry.Insecure)
|
|
||||||
modifiers := []modifier.Modifier{
|
modifiers := []modifier.Modifier{
|
||||||
&auth.UserAgentModifier{
|
&auth.UserAgentModifier{
|
||||||
UserAgent: UserAgentReplicator,
|
UserAgent: UserAgentReplicator,
|
||||||
|
@ -31,9 +31,6 @@ type defaultScheduler struct {
|
|||||||
client job.Client
|
client job.Client
|
||||||
}
|
}
|
||||||
|
|
||||||
// TODO use the service account?
|
|
||||||
// TODO use the common transport
|
|
||||||
|
|
||||||
// NewScheduler returns an instance of Scheduler
|
// NewScheduler returns an instance of Scheduler
|
||||||
func NewScheduler(js job.Client) Scheduler {
|
func NewScheduler(js job.Client) Scheduler {
|
||||||
return &defaultScheduler{
|
return &defaultScheduler{
|
||||||
|
@ -18,12 +18,13 @@ import (
|
|||||||
"fmt"
|
"fmt"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
|
||||||
|
"github.com/goharbor/harbor/src/replication/ng/util"
|
||||||
|
|
||||||
"github.com/goharbor/harbor/src/common/utils"
|
"github.com/goharbor/harbor/src/common/utils"
|
||||||
"github.com/goharbor/harbor/src/common/utils/log"
|
"github.com/goharbor/harbor/src/common/utils/log"
|
||||||
"github.com/goharbor/harbor/src/common/utils/registry"
|
"github.com/goharbor/harbor/src/common/utils/registry"
|
||||||
"github.com/goharbor/harbor/src/common/utils/registry/auth"
|
"github.com/goharbor/harbor/src/common/utils/registry/auth"
|
||||||
// TODO use the replication config rather than the core
|
"github.com/goharbor/harbor/src/replication/ng/config"
|
||||||
"github.com/goharbor/harbor/src/core/config"
|
|
||||||
"github.com/goharbor/harbor/src/replication/ng/dao"
|
"github.com/goharbor/harbor/src/replication/ng/dao"
|
||||||
"github.com/goharbor/harbor/src/replication/ng/dao/models"
|
"github.com/goharbor/harbor/src/replication/ng/dao/models"
|
||||||
"github.com/goharbor/harbor/src/replication/ng/model"
|
"github.com/goharbor/harbor/src/replication/ng/model"
|
||||||
@ -212,7 +213,7 @@ func healthStatus(r *model.Registry) (HealthStatus, error) {
|
|||||||
return Unknown, fmt.Errorf("unknown registry type '%s'", model.RegistryTypeHarbor)
|
return Unknown, fmt.Errorf("unknown registry type '%s'", model.RegistryTypeHarbor)
|
||||||
}
|
}
|
||||||
|
|
||||||
transport := registry.GetHTTPTransport(r.Insecure)
|
transport := util.GetHTTPTransport(r.Insecure)
|
||||||
credential := auth.NewBasicAuthCredential(r.Credential.AccessKey, r.Credential.AccessSecret)
|
credential := auth.NewBasicAuthCredential(r.Credential.AccessKey, r.Credential.AccessSecret)
|
||||||
authorizer := auth.NewStandardTokenAuthorizer(&http.Client{
|
authorizer := auth.NewStandardTokenAuthorizer(&http.Client{
|
||||||
Transport: transport,
|
Transport: transport,
|
||||||
@ -238,11 +239,7 @@ func decrypt(secret string) (string, error) {
|
|||||||
return "", nil
|
return "", nil
|
||||||
}
|
}
|
||||||
|
|
||||||
key, err := config.SecretKey()
|
decrypted, err := utils.ReversibleDecrypt(secret, config.Config.SecretKey)
|
||||||
if err != nil {
|
|
||||||
return "", err
|
|
||||||
}
|
|
||||||
decrypted, err := utils.ReversibleDecrypt(secret, key)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", err
|
return "", err
|
||||||
}
|
}
|
||||||
@ -256,11 +253,7 @@ func encrypt(secret string) (string, error) {
|
|||||||
return secret, nil
|
return secret, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
key, err := config.SecretKey()
|
encrypted, err := utils.ReversibleEncrypt(secret, config.Config.SecretKey)
|
||||||
if err != nil {
|
|
||||||
return "", err
|
|
||||||
}
|
|
||||||
encrypted, err := utils.ReversibleEncrypt(secret, key)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", err
|
return "", err
|
||||||
}
|
}
|
||||||
|
@ -15,10 +15,18 @@
|
|||||||
package util
|
package util
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"net/http"
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
|
|
||||||
|
"github.com/goharbor/harbor/src/common/utils/registry"
|
||||||
)
|
)
|
||||||
|
|
||||||
// Match returns whether the str matches the pattern
|
// Match returns whether the str matches the pattern
|
||||||
func Match(pattern, str string) (bool, error) {
|
func Match(pattern, str string) (bool, error) {
|
||||||
return filepath.Match(pattern, str)
|
return filepath.Match(pattern, str)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// GetHTTPTransport can be used to share the common HTTP transport
|
||||||
|
func GetHTTPTransport(insecure bool) *http.Transport {
|
||||||
|
return registry.GetHTTPTransport(insecure)
|
||||||
|
}
|
||||||
|
@ -75,3 +75,10 @@ func TestMatch(t *testing.T) {
|
|||||||
assert.Equal(t, c.match, match)
|
assert.Equal(t, c.match, match)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestGetHTTPTransport(t *testing.T) {
|
||||||
|
transport := GetHTTPTransport(true)
|
||||||
|
assert.True(t, transport.TLSClientConfig.InsecureSkipVerify)
|
||||||
|
transport = GetHTTPTransport(false)
|
||||||
|
assert.False(t, transport.TLSClientConfig.InsecureSkipVerify)
|
||||||
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user