Upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor.git synced 2024-12-19 23:28:20 +01:00
Code Issues Projects Releases Wiki Activity

Merge pull request #11660 from ninjadq/add_tls_12_min_version_for_registry

Browse Source 
Add tls 12 min version for registry
This commit is contained in:
Daniel Jiang 2020-04-20 22:43:52 +08:00 committed by GitHub
commit b747fdb68d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 4 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
make/photon/prepare/templates/registry/config.yml.jinja
View File

@ -24,6 +24,8 @@ http:
{% if internal_tls.enabled %} {% if internal_tls.enabled %}
addr: :5443 addr: :5443
tls: tls:
certificate: /etc/harbor/tls/registry.crt
key: /etc/harbor/tls/registry.key
minimumtls: tls1.2 minimumtls: tls1.2
{% else %} {% else %}
addr: :5000 addr: :5000
@ -31,12 +33,6 @@ http:
secret: placeholder secret: placeholder
debug: debug:
addr: localhost:5001 addr: localhost:5001
{% if internal_tls.enabled %}
tls:
certificate: /etc/harbor/tls/registry.crt
key: /etc/harbor/tls/registry.key
{% endif %}
auth: auth:
htpasswd: htpasswd:
realm: harbor-registry-basic-realm realm: harbor-registry-basic-realm

2
src/common/http/client.go
View File

@ -57,6 +57,8 @@ func init() {
} }
} }
// Use this instead of Default Transport in library because it sets ForceAttemptHTTP2 to true
// And that options introduced in go 1.13 will cause the https requests hang forever in replication environment
func newDefaultTransport() *http.Transport { func newDefaultTransport() *http.Transport {
return &http.Transport{ return &http.Transport{
Proxy: http.ProxyFromEnvironment, Proxy: http.ProxyFromEnvironment,