Upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor.git synced 2024-11-27 04:35:16 +01:00
Code Issues Projects Releases Wiki Activity

Merge branch 'master' into inline-css

Browse Source
This commit is contained in:
Fangyuan Cheng 2018-12-19 10:07:21 +08:00 committed by GitHub
commit bb15f67316
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
79 changed files with 18310 additions and 31593 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
CONTRIBUTING.md
View File

@ -26,8 +26,8 @@ go get github.com/goharbor/harbor
cd $GOPATH/src/github.com/goharbor/harbor
#Track repository under your personal account
git config push.default nothing # Anything to avoid pushing to vmware/harbor by default
git remote rename origin vmware
git config push.default nothing # Anything to avoid pushing to goharbor/harbor by default
git remote rename origin goharbor
git remote add $USER git@github.com:$USER/harbor.git
git fetch $USER
@ -42,14 +42,14 @@ Here is the basic structure of the harbor code base. Some of the key folders / f
```
.
...
├── Makefile #Make file for compile and build code
├── contrib #Contain documents, scripts, and other helpful things which are contributed by the community
├── docs #Keep documents here
├── make #Resource for building and setting up Harbor environment
├── Makefile # Make file for compile and build code
├── contrib # Contain documents, scripts, and other helpful things which are contributed by the community
├── docs # Keep documents here
├── make # Resource for building and setting up Harbor environment
...
├── src #Source code folder
├── tests #Test cases for API / e2e testings
└── tools #Keep supporting tools
├── src # Source code folder
├── tests # Test cases for API / e2e testings
└── tools # Keep supporting tools
...
```
@ -114,6 +114,9 @@ Harbor backend is written in [Go](http://golang.org/). If you don't have a Harbo
| 1.2 | 1.7.3 |
| 1.3 | 1.9.2 |
| 1.4 | 1.9.2 |
| 1.5 | 1.9.2 |
| 1.6 | 1.9.2 |
| 1.6 | tbd |
Ensure your GOPATH and PATH have been configured in accordance with the Go environment instructions.
@ -128,9 +131,11 @@ Harbor web UI is built based on [Clarity](https://vmware.github.io/clarity/) and
| 1.1 | 2.4.1 | 0.8.7 |
| 1.2 | 4.1.3 | 0.9.8 |
| 1.3 | 4.3.0 | 0.10.17 |
| 1.4 | | |
| 1.4 | 4.3.0 | 0.10.17 |
| 1.5 | 4.3.0 | 0.10.27 |
| 1.6 | 4.3.0 | 0.10.27 |
**Npm Package Dependency:** Run the following commands to restore the package dependencies.
**npm Package Dependency:** Run the following commands to restore the package dependencies.
```
#For the web UI
cd $REPO_DIR/src/portal
@ -173,12 +178,12 @@ Both `$working_dir` and `$user` are mentioned in the figure above.
Changes should be made on your own fork in a new branch. The branch should be named `XXX-description` where XXX is the number of the issue. PR should be rebased on top of master without multiple branches mixed into the PR. If your PR do not merge cleanly, use commands listed below to get it up to date.
```
#vmware is the origin upstream
#goharbor is the origin upstream
cd $working_dir/kubernetes
git fetch vmware
git fetch goharbor
git checkout master
git rebase vmware/master
git rebase goharbor/master
```
Branch from the updated `master` branch:
@ -225,11 +230,12 @@ To build code, please refer to [build](docs/compile_guide.md) guideline.
### Keep sync with upstream
Once your branch gets out of sync with the vmware/master branch, use the following commands to update:
```
Once your branch gets out of sync with the goharbor/master branch, use the following commands to update:
```
git checkout my_feature
git fetch -a
git rebase vmware/master
git rebase goharbor/master
```
@ -237,10 +243,16 @@ Please don't use `git pull` instead of the above `fetch / rebase`. `git pull` do
### Commit
As Harbor has integrated the [DCO (Developer Certificate of Origin)](https://probot.github.io/apps/dco/) check tool, contributors are required to sign-off that they adhere to those requirements by adding a `Signed-off-by` line to the commit messages. Git has even provided a `-s` command line option to append that automatically to your commit messages, please use it when you commit your changes.
```bash
$ git commit -s -m 'This is my commit message'
```
Commit your changes if they're ready:
```
#git add -A
git commit #-a
git commit -s #-a
git push --force-with-lease $user my_feature
```
@ -280,7 +292,7 @@ Commit changes made in response to review comments to the same branch on your fo
It is a great way to contribute to Harbor by reporting an issue. Well-written and complete bug reports are always welcome! Please open an issue on Github and follow the template to fill in required information.
Before opening any issue, please look up the existing [issues](https://github.com/vmware/harbor/issues) to avoid submitting a duplication.
Before opening any issue, please look up the existing [issues](https://github.com/goharbor/harbor/issues) to avoid submitting a duplication.
If you find a match, you can "subscribe" to it to get notified on updates. If you have additional helpful information about the issue, please leave a comment.
When reporting issues, always include:

2
docs/compile_guide.md
View File

@ -9,7 +9,7 @@ Harbor is deployed as several Docker containers and most of the code is written
Software | Required Version
----------------------|--------------------------
docker | 1.12.0 +
docker | 17.05 +
docker-compose | 1.11.0 +
python | 2.7 +
git | 1.9.1 +

4
docs/swagger.yaml
View File

@ -3015,7 +3015,7 @@ paths:
$ref: '#/definitions/InternalChartAPIError'
'507':
$ref: '#/definitions/InsufficientStorageChartAPIError'
/chartrepo/:repo/charts/:name/:version/labels:
/chartrepo/{repo}/charts/{name}/{version}/labels:
get:
summary: Return the attahced labels of chart.
description: Return the attahced labels of the specified chart version.
@ -3094,7 +3094,7 @@ paths:
$ref: '#/definitions/ConflictFormatedError'
'500':
$ref: '#/definitions/InternalChartAPIError'
/chartrepo/:repo/charts/:name/:version/labels/:id:
/chartrepo/{repo}/charts/{name}/{version}/labels/{id}:
delete:
summary: Remove label from chart.
description: Remove label from the specified chart version.

5
make/photon/portal/Dockerfile
View File

@ -5,6 +5,7 @@ RUN mkdir -p /build_dir
COPY make/photon/portal/entrypoint.sh /
COPY src/portal /portal_src
COPY ./docs/swagger.yaml /portal_src
WORKDIR /portal_src
@ -24,7 +25,11 @@ RUN tdnf install -y nginx >> /dev/null \
EXPOSE 80
VOLUME /var/cache/nginx /var/log/nginx /run
COPY --from=nodeportal /build_dir/dist /usr/share/nginx/html
COPY --from=nodeportal /build_dir/swagger.yaml /usr/share/nginx/html
COPY --from=nodeportal /build_dir/swagger.json /usr/share/nginx/html
COPY make/photon/portal/nginx.conf /etc/nginx/nginx.conf
STOPSIGNAL SIGQUIT

5
make/photon/portal/entrypoint.sh
View File

@ -5,6 +5,11 @@ cd /build_dir
cp -r /portal_src/* .
ls -la
# Update
apt-get update
apt-get install -y ruby
ruby -ryaml -rjson -e 'puts JSON.pretty_generate(YAML.load(ARGF))' swagger.yaml>swagger.json
cat ./package.json
npm install

28373
open_source_license
View File

File diff suppressed because it is too large Load Diff

6
src/common/api/base.go
View File

@ -21,7 +21,7 @@ import (
"strconv"
"github.com/astaxie/beego/validation"
http_error "github.com/goharbor/harbor/src/common/utils/error"
commonhttp "github.com/goharbor/harbor/src/common/http"
"github.com/goharbor/harbor/src/common/utils/log"
"github.com/astaxie/beego"
@ -103,8 +103,8 @@ func (b *BaseAPI) ParseAndHandleError(text string, err error) {
return
}
log.Errorf("%s: %v", text, err)
if e, ok := err.(*http_error.HTTPError); ok {
b.RenderError(e.StatusCode, e.Detail)
if e, ok := err.(*commonhttp.Error); ok {
b.RenderError(e.Code, e.Message)
return
}
b.RenderError(http.StatusInternalServerError, "")

83
src/common/config/encrypt/encrypt.go Normal file
View File

@ -0,0 +1,83 @@
// Copyright Project Harbor Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package encrypt
import (
"os"
"sync"
"github.com/goharbor/harbor/src/common/utils"
"github.com/goharbor/harbor/src/common/utils/log"
)
var (
defaultKeyPath = "/etc/core/key"
)
// Encryptor encrypts or decrypts a strings
type Encryptor interface {
// Encrypt encrypts plaintext
Encrypt(string) (string, error)
// Decrypt decrypts ciphertext
Decrypt(string) (string, error)
}
// AESEncryptor uses AES to encrypt or decrypt string
type AESEncryptor struct {
keyProvider KeyProvider
keyParams map[string]interface{}
}
// NewAESEncryptor returns an instance of an AESEncryptor
func NewAESEncryptor(keyProvider KeyProvider) Encryptor {
return &AESEncryptor{
keyProvider: keyProvider,
}
}
var encryptInstance Encryptor
var encryptOnce sync.Once
// Instance ... Get instance of encryptor
func Instance() Encryptor {
encryptOnce.Do(func() {
kp := os.Getenv("KEY_PATH")
if len(kp) == 0 {
kp = defaultKeyPath
}
log.Infof("the path of key used by key provider: %s", kp)
encryptInstance = NewAESEncryptor(NewFileKeyProvider(kp))
})
return encryptInstance
}
// Encrypt ...
func (a *AESEncryptor) Encrypt(plaintext string) (string, error) {
key, err := a.keyProvider.Get(a.keyParams)
if err != nil {
return "", err
}
return utils.ReversibleEncrypt(plaintext, key)
}
// Decrypt ...
func (a *AESEncryptor) Decrypt(ciphertext string) (string, error) {
key, err := a.keyProvider.Get(a.keyParams)
if err != nil {
return "", err
}
return utils.ReversibleDecrypt(ciphertext, key)
}

39
src/common/config/encrypt/encrypt_test.go Normal file
View File

@ -0,0 +1,39 @@
package encrypt
import (
"fmt"
"github.com/stretchr/testify/assert"
"io/ioutil"
"os"
"testing"
)
func TestMain(m *testing.M) {
secret := []byte("9TXCcHgNAAp1aSHh")
filename, err := ioutil.TempFile(os.TempDir(), "keyfile")
err = ioutil.WriteFile(filename.Name(), secret, 0644)
if err != nil {
fmt.Printf("failed to create temp key file\n")
}
defer os.Remove(filename.Name())
os.Setenv("KEY_PATH", filename.Name())
ret := m.Run()
os.Exit(ret)
}
func TestEncryptDecrypt(t *testing.T) {
password := "zhu888jie"
encrypted, err := Instance().Encrypt(password)
if err != nil {
t.Errorf("Failed to decrypt password, error %v", err)
}
decrypted, err := Instance().Decrypt(encrypted)
if err != nil {
t.Errorf("Failed to decrypt password, error %v", err)
}
assert.NotEqual(t, password, encrypted)
assert.Equal(t, password, decrypted)
}

48
src/common/config/encrypt/keyprovider.go Normal file
View File

@ -0,0 +1,48 @@
// Copyright Project Harbor Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package encrypt
import (
"io/ioutil"
)
// KeyProvider provides the key used to encrypt and decrypt attrs
type KeyProvider interface {
// Get returns the key
// params can be used to pass parameters in different implements
Get(params map[string]interface{}) (string, error)
}
// FileKeyProvider reads key from file
type FileKeyProvider struct {
path string
}
// NewFileKeyProvider returns an instance of FileKeyProvider
// path: where the key should be read from
func NewFileKeyProvider(path string) KeyProvider {
return &FileKeyProvider{
path: path,
}
}
// Get returns the key read from file
func (f *FileKeyProvider) Get(params map[string]interface{}) (string, error) {
b, err := ioutil.ReadFile(f.path)
if err != nil {
return "", err
}
return string(b), nil
}

30
src/common/utils/error/error_test.go → src/common/config/encrypt/keyprovider_test.go
View File

@ -11,20 +11,34 @@
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package error
package encrypt
import (
"io/ioutil"
"os"
"testing"
)
func TestError(t *testing.T) {
err := &HTTPError{
StatusCode: 404,
Detail: "not found",
func TestGetOfFileKeyProvider(t *testing.T) {
path := "/tmp/key"
key := "key_content"
if err := ioutil.WriteFile(path, []byte(key), 0777); err != nil {
t.Errorf("failed to write to file %s: %v", path, err)
return
}
defer os.Remove(path)
provider := NewFileKeyProvider(path)
k, err := provider.Get(nil)
if err != nil {
t.Errorf("failed to get key from the file provider: %v", err)
return
}
if err.Error() != "404 not found" {
t.Fatalf("unexpected content: %s != %s",
err.Error(), "404 not found")
if k != key {
t.Errorf("unexpected key: %s != %s", k, key)
return
}
}

70
src/common/config/metadata/metadata.go Normal file
View File

@ -0,0 +1,70 @@
// Copyright Project Harbor Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package metadata
import (
"sync"
)
var metaDataOnce sync.Once
var metaDataInstance *CfgMetaData
// Instance - Get Instance, make it singleton because there is only one copy of metadata in an env
func Instance() *CfgMetaData {
metaDataOnce.Do(func() {
metaDataInstance = newCfgMetaData()
metaDataInstance.init()
})
return metaDataInstance
}
func newCfgMetaData() *CfgMetaData {
return &CfgMetaData{metaMap: make(map[string]Item)}
}
// CfgMetaData ...
type CfgMetaData struct {
metaMap map[string]Item
}
// init ...
func (c *CfgMetaData) init() {
c.initFromArray(ConfigList)
}
// initFromArray - Initial metadata from an array
func (c *CfgMetaData) initFromArray(items []Item) {
c.metaMap = make(map[string]Item)
for _, item := range items {
c.metaMap[item.Name] = item
}
}
// GetByName - Get current metadata of current name, if not defined, return false in second params
func (c *CfgMetaData) GetByName(name string) (*Item, bool) {
if item, ok := c.metaMap[name]; ok {
return &item, true
}
return nil, false
}
// GetAll - Get all metadata in current env
func (c *CfgMetaData) GetAll() []Item {
metaDataList := make([]Item, 0)
for _, value := range c.metaMap {
metaDataList = append(metaDataList, value)
}
return metaDataList
}

51
src/common/config/metadata/metadata_test.go Normal file
View File

@ -0,0 +1,51 @@
// Copyright Project Harbor Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package metadata
import (
"testing"
)
func TestCfgMetaData_InitFromArray(t *testing.T) {
testArray := []Item{
{Scope: SystemScope, Group: BasicGroup, EnvKey: "HARBOR_ADMIN_PASSWORD", DefaultValue: "", Name: "admin_initial_password", ItemType: &PasswordType{}, Editable: true},
{Scope: SystemScope, Group: BasicGroup, EnvKey: "ADMIRAL_URL", DefaultValue: "NA", Name: "admiral_url", ItemType: &StringType{}, Editable: false},
{Scope: UserScope, Group: BasicGroup, EnvKey: "AUTH_MODE", DefaultValue: "db_auth", Name: "auth_mode", ItemType: &StringType{}, Editable: false},
{Scope: SystemScope, Group: BasicGroup, EnvKey: "CFG_EXPIRATION", DefaultValue: "5", Name: "cfg_expiration", ItemType: &StringType{}, Editable: false},
{Scope: SystemScope, Group: BasicGroup, EnvKey: "CHART_REPOSITORY_URL", DefaultValue: "http://chartmuseum:9999", Name: "chart_repository_url", ItemType: &StringType{}, Editable: false},
}
curInst := Instance()
curInst.initFromArray(testArray)
if len(metaDataInstance.metaMap) != 5 {
t.Errorf("Can not initial metadata, size %v", len(metaDataInstance.metaMap))
}
item, ok := curInst.GetByName("admin_initial_password")
if ok == false {
t.Errorf("Can not get admin_initial_password metadata")
}
if item.Name != "admin_initial_password" {
t.Errorf("Can not get admin_initial_password metadata")
}
}
func TestCfgMetaData_Init(t *testing.T) {
curInst := Instance()
curInst.init()
if len(metaDataInstance.metaMap) < 60 {
t.Errorf("Can not initial metadata, size %v", len(metaDataInstance.metaMap))
}
}

134
src/common/config/metadata/metadatalist.go Normal file
View File

@ -0,0 +1,134 @@
// Copyright Project Harbor Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package metadata
import "github.com/goharbor/harbor/src/common"
// Item - Configure item include default value, type, env name
type Item struct {
// The Scope of this configuration item: eg: SystemScope, UserScope
Scope string `json:"scope,omitempty"`
// email, ldapbasic, ldapgroup, uaa settings, used to retieve configure items by group
Group string `json:"group,omitempty"`
// environment key to retrieves this value when initialize, for example: POSTGRESQL_HOST, only used for system settings, for user settings no EnvKey
EnvKey string `json:"environment_key,omitempty"`
// The default string value for this key
DefaultValue string `json:"default_value,omitempty"`
// The key for current configure settings in database or rest api
Name string `json:"name,omitempty"`
// It can be &IntType{}, &StringType{}, &BoolType{}, &PasswordType{}, &MapType{} etc, any type interface implementation
ItemType Type
// Is this settign can be modified after configure
Editable bool `json:"editable,omitempty"`
}
// Constant for configure item
const (
// Scope
UserScope = "user"
SystemScope = "system"
// Group
LdapBasicGroup = "ldapbasic"
LdapGroupGroup = "ldapgroup"
EmailGroup = "email"
UAAGroup = "uaa"
DatabaseGroup = "database"
// Put all config items do not belong a existing group into basic
BasicGroup = "basic"
ClairGroup = "clair"
)
var (
// ConfigList - All configure items used in harbor
// Steps to onboard a new setting
// 1. Add configure item in metadatalist.go
// 2. Get/Set config settings by CfgManager
// 3. CfgManager.Load()/CfgManager.Save() to load/save from configure storage.
ConfigList = []Item{
{Name: "admin_initial_password", Scope: SystemScope, Group: BasicGroup, EnvKey: "HARBOR_ADMIN_PASSWORD", DefaultValue: "", ItemType: &PasswordType{}, Editable: true},
{Name: "admiral_url", Scope: SystemScope, Group: BasicGroup, EnvKey: "ADMIRAL_URL", DefaultValue: "NA", ItemType: &StringType{}, Editable: false},
{Name: "auth_mode", Scope: UserScope, Group: BasicGroup, EnvKey: "AUTH_MODE", DefaultValue: "db_auth", ItemType: &StringType{}, Editable: false},
{Name: "cfg_expiration", Scope: SystemScope, Group: BasicGroup, EnvKey: "CFG_EXPIRATION", DefaultValue: "5", ItemType: &IntType{}, Editable: false},
{Name: "chart_repository_url", Scope: SystemScope, Group: BasicGroup, EnvKey: "CHART_REPOSITORY_URL", DefaultValue: "http://chartmuseum:9999", ItemType: &StringType{}, Editable: false},
{Name: "clair_db", Scope: SystemScope, Group: ClairGroup, EnvKey: "CLAIR_DB", DefaultValue: "postgres", ItemType: &StringType{}, Editable: false},
{Name: "clair_db_host", Scope: SystemScope, Group: ClairGroup, EnvKey: "CLAIR_DB_HOST", DefaultValue: "postgresql", ItemType: &StringType{}, Editable: false},
{Name: "clair_db_password", Scope: SystemScope, Group: ClairGroup, EnvKey: "CLAIR_DB_PASSWORD", DefaultValue: "root123", ItemType: &PasswordType{}, Editable: false},
{Name: "clair_db_port", Scope: SystemScope, Group: ClairGroup, EnvKey: "CLAIR_DB_PORT", DefaultValue: "5432", ItemType: &IntType{}, Editable: false},
{Name: "clair_db_sslmode", Scope: SystemScope, Group: ClairGroup, EnvKey: "CLAIR_DB_SSLMODE", DefaultValue: "disable", ItemType: &StringType{}, Editable: false},
{Name: "clair_db_username", Scope: SystemScope, Group: ClairGroup, EnvKey: "CLAIR_DB_USERNAME", DefaultValue: "postgres", ItemType: &StringType{}, Editable: false},
{Name: "clair_url", Scope: SystemScope, Group: ClairGroup, EnvKey: "CLAIR_URL", DefaultValue: "http://clair:6060", ItemType: &StringType{}, Editable: false},
{Name: "core_url", Scope: SystemScope, Group: BasicGroup, EnvKey: "CORE_URL", DefaultValue: "http://core:8080", ItemType: &StringType{}, Editable: false},
{Name: "database_type", Scope: SystemScope, Group: BasicGroup, EnvKey: "DATABASE_TYPE", DefaultValue: "postgresql", ItemType: &StringType{}, Editable: false},
{Name: "email_from", Scope: UserScope, Group: EmailGroup, EnvKey: "EMAIL_FROM", DefaultValue: "admin <sample_admin@mydomain.com>", ItemType: &StringType{}, Editable: false},
{Name: "email_host", Scope: UserScope, Group: EmailGroup, EnvKey: "EMAIL_HOST", DefaultValue: "smtp.mydomain.com", ItemType: &StringType{}, Editable: false},
{Name: "email_identity", Scope: UserScope, Group: EmailGroup, EnvKey: "EMAIL_IDENTITY", DefaultValue: "", ItemType: &StringType{}, Editable: false},
{Name: "email_insecure", Scope: UserScope, Group: EmailGroup, EnvKey: "EMAIL_INSECURE", DefaultValue: "false", ItemType: &BoolType{}, Editable: false},
{Name: "email_password", Scope: UserScope, Group: EmailGroup, EnvKey: "EMAIL_PWD", DefaultValue: "", ItemType: &PasswordType{}, Editable: false},
{Name: "email_port", Scope: UserScope, Group: EmailGroup, EnvKey: "EMAIL_PORT", DefaultValue: "25", ItemType: &IntType{}, Editable: false},
{Name: "email_ssl", Scope: UserScope, Group: EmailGroup, EnvKey: "EMAIL_SSL", DefaultValue: "false", ItemType: &BoolType{}, Editable: false},
{Name: "email_username", Scope: UserScope, Group: EmailGroup, EnvKey: "EMAIL_USR", DefaultValue: "sample_admin@mydomain.com", ItemType: &StringType{}, Editable: false},
{Name: "ext_endpoint", Scope: SystemScope, Group: BasicGroup, EnvKey: "EXT_ENDPOINT", DefaultValue: "https://host01.com", ItemType: &StringType{}, Editable: false},
{Name: "jobservice_url", Scope: SystemScope, Group: BasicGroup, EnvKey: "JOBSERVICE_URL", DefaultValue: "http://jobservice:8080", ItemType: &StringType{}, Editable: false},
{Name: "ldap_base_dn", Scope: UserScope, Group: LdapBasicGroup, EnvKey: "LDAP_BASE_DN", DefaultValue: "", ItemType: &StringType{}, Editable: false},
{Name: "ldap_filter", Scope: UserScope, Group: LdapBasicGroup, EnvKey: "LDAP_FILTER", DefaultValue: "", ItemType: &StringType{}, Editable: false},
{Name: "ldap_group_base_dn", Scope: UserScope, Group: LdapGroupGroup, EnvKey: "LDAP_GROUP_BASE_DN", DefaultValue: "", ItemType: &StringType{}, Editable: false},
{Name: "ldap_group_admin_dn", Scope: UserScope, Group: LdapGroupGroup, EnvKey: "LDAP_GROUP_ADMIN_DN", DefaultValue: "", ItemType: &StringType{}, Editable: false},
{Name: "ldap_group_attribute_name", Scope: UserScope, Group: LdapGroupGroup, EnvKey: "LDAP_GROUP_GID", DefaultValue: "", ItemType: &StringType{}, Editable: false},
{Name: "ldap_group_search_filter", Scope: UserScope, Group: LdapGroupGroup, EnvKey: "LDAP_GROUP_FILTER", DefaultValue: "", ItemType: &StringType{}, Editable: false},
{Name: "ldap_group_search_scope", Scope: UserScope, Group: LdapGroupGroup, EnvKey: "LDAP_GROUP_SCOPE", DefaultValue: "2", ItemType: &IntType{}, Editable: false},
{Name: "ldap_scope", Scope: UserScope, Group: LdapBasicGroup, EnvKey: "LDAP_SCOPE", DefaultValue: "2", ItemType: &IntType{}, Editable: true},
{Name: "ldap_search_dn", Scope: UserScope, Group: LdapBasicGroup, EnvKey: "LDAP_SEARCH_DN", DefaultValue: "", ItemType: &StringType{}, Editable: false},
{Name: "ldap_search_password", Scope: UserScope, Group: LdapBasicGroup, EnvKey: "LDAP_SEARCH_PWD", DefaultValue: "", ItemType: &PasswordType{}, Editable: false},
{Name: "ldap_timeout", Scope: UserScope, Group: LdapBasicGroup, EnvKey: "LDAP_TIMEOUT", DefaultValue: "5", ItemType: &IntType{}, Editable: false},
{Name: "ldap_uid", Scope: UserScope, Group: LdapBasicGroup, EnvKey: "LDAP_UID", DefaultValue: "cn", ItemType: &StringType{}, Editable: true},
{Name: "ldap_url", Scope: UserScope, Group: LdapBasicGroup, EnvKey: "LDAP_URL", DefaultValue: "", ItemType: &StringType{}, Editable: true},
{Name: "ldap_verify_cert", Scope: UserScope, Group: LdapBasicGroup, EnvKey: "LDAP_VERIFY_CERT", DefaultValue: "true", ItemType: &BoolType{}, Editable: false},
{Name: "max_job_workers", Scope: SystemScope, Group: BasicGroup, EnvKey: "MAX_JOB_WORKERS", DefaultValue: "10", ItemType: &IntType{}, Editable: false},
{Name: "notary_url", Scope: SystemScope, Group: BasicGroup, EnvKey: "NOTARY_URL", DefaultValue: "http://notary-server:4443", ItemType: &StringType{}, Editable: false},
{Name: "postgresql_database", Scope: SystemScope, Group: DatabaseGroup, EnvKey: "POSTGRESQL_DATABASE", DefaultValue: "registry", ItemType: &StringType{}, Editable: false},
{Name: "postgresql_host", Scope: SystemScope, Group: DatabaseGroup, EnvKey: "POSTGRESQL_HOST", DefaultValue: "postgresql", ItemType: &StringType{}, Editable: false},
{Name: "postgresql_password", Scope: SystemScope, Group: DatabaseGroup, EnvKey: "POSTGRESQL_PASSWORD", DefaultValue: "root123", ItemType: &PasswordType{}, Editable: false},
{Name: "postgresql_port", Scope: SystemScope, Group: DatabaseGroup, EnvKey: "POSTGRESQL_PORT", DefaultValue: "5432", ItemType: &IntType{}, Editable: false},
{Name: "postgresql_sslmode", Scope: SystemScope, Group: DatabaseGroup, EnvKey: "POSTGRESQL_SSLMODE", DefaultValue: "disable", ItemType: &StringType{}, Editable: false},
{Name: "postgresql_username", Scope: SystemScope, Group: DatabaseGroup, EnvKey: "POSTGRESQL_USERNAME", DefaultValue: "postgres", ItemType: &StringType{}, Editable: false},
{Name: "project_creation_restriction", Scope: UserScope, Group: BasicGroup, EnvKey: "PROJECT_CREATION_RESTRICTION", DefaultValue: common.ProCrtRestrEveryone, ItemType: &StringType{}, Editable: false},
{Name: "read_only", Scope: UserScope, Group: BasicGroup, EnvKey: "READ_ONLY", DefaultValue: "false", ItemType: &BoolType{}, Editable: false},
{Name: "registry_storage_provider_name", Scope: SystemScope, Group: BasicGroup, EnvKey: "REGISTRY_STORAGE_PROVIDER_NAME", DefaultValue: "filesystem", ItemType: &StringType{}, Editable: false},
{Name: "registry_url", Scope: SystemScope, Group: BasicGroup, EnvKey: "REGISTRY_URL", DefaultValue: "http://registry:5000", ItemType: &StringType{}, Editable: false},
{Name: "registry_controller_url", Scope: SystemScope, Group: BasicGroup, EnvKey: "REGISTRY_CONTROLLER_URL", DefaultValue: "http://registryctl:8080", ItemType: &StringType{}, Editable: false},
{Name: "self_registration", Scope: UserScope, Group: BasicGroup, EnvKey: "SELF_REGISTRATION", DefaultValue: "true", ItemType: &BoolType{}, Editable: false},
{Name: "token_expiration", Scope: UserScope, Group: BasicGroup, EnvKey: "TOKEN_EXPIRATION", DefaultValue: "30", ItemType: &IntType{}, Editable: false},
{Name: "token_service_url", Scope: SystemScope, Group: BasicGroup, EnvKey: "TOKEN_SERVICE_URL", DefaultValue: "", ItemType: &StringType{}, Editable: false},
{Name: "uaa_client_id", Scope: UserScope, Group: UAAGroup, EnvKey: "UAA_CLIENTID", DefaultValue: "", ItemType: &StringType{}, Editable: false},
{Name: "uaa_client_secret", Scope: UserScope, Group: UAAGroup, EnvKey: "UAA_CLIENTSECRET", DefaultValue: "", ItemType: &StringType{}, Editable: false},
{Name: "uaa_endpoint", Scope: UserScope, Group: UAAGroup, EnvKey: "UAA_ENDPOINT", DefaultValue: "", ItemType: &StringType{}, Editable: false},
{Name: "uaa_verify_cert", Scope: UserScope, Group: UAAGroup, EnvKey: "UAA_VERIFY_CERT", DefaultValue: "false", ItemType: &BoolType{}, Editable: false},
{Name: "with_chartmuseum", Scope: SystemScope, Group: BasicGroup, EnvKey: "WITH_CHARTMUSEUM", DefaultValue: "false", ItemType: &BoolType{}, Editable: true},
{Name: "with_clair", Scope: SystemScope, Group: BasicGroup, EnvKey: "WITH_CLAIR", DefaultValue: "true", ItemType: &BoolType{}, Editable: true},
{Name: "with_notary", Scope: SystemScope, Group: BasicGroup, EnvKey: "WITH_NOTARY", DefaultValue: "false", ItemType: &BoolType{}, Editable: true},
}
)

122
src/common/config/metadata/type.go Normal file
View File

@ -0,0 +1,122 @@
// Copyright Project Harbor Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package metadata
import (
"encoding/json"
"strconv"
)
// Type - Use this interface to define and encapsulate the behavior of validation and transformation
type Type interface {
// validate the configure value
validate(str string) error
// get the real type of current value, if it is int, return int, if it is string return string etc.
get(str string) (interface{}, error)
}
// StringType ...
type StringType struct {
}
func (t *StringType) validate(str string) error {
return nil
}
func (t *StringType) get(str string) (interface{}, error) {
return str, nil
}
// IntType ..
type IntType struct {
}
func (t *IntType) validate(str string) error {
_, err := strconv.Atoi(str)
return err
}
// GetInt ...
func (t *IntType) get(str string) (interface{}, error) {
return strconv.Atoi(str)
}
// LdapScopeType - The LDAP scope is a int type, but its is limit to 0, 1, 2
type LdapScopeType struct {
IntType
}
// Validate - Verify the range is limited
func (t *LdapScopeType) validate(str string) error {
if str == "0" || str == "1" || str == "2" {
return nil
}
return ErrInvalidData
}
// Int64Type ...
type Int64Type struct {
}
func (t *Int64Type) validate(str string) error {
_, err := strconv.ParseInt(str, 10, 64)
return err
}
// GetInt64 ...
func (t *Int64Type) get(str string) (interface{}, error) {
return strconv.ParseInt(str, 10, 64)
}
// BoolType ...
type BoolType struct {
}
func (t *BoolType) validate(str string) error {
_, err := strconv.ParseBool(str)
return err
}
func (t *BoolType) get(str string) (interface{}, error) {
return strconv.ParseBool(str)
}
// PasswordType ...
type PasswordType struct {
}
func (t *PasswordType) validate(str string) error {
return nil
}
func (t *PasswordType) get(str string) (interface{}, error) {
return str, nil
}
// MapType ...
type MapType struct {
}
func (t *MapType) validate(str string) error {
result := map[string]interface{}{}
err := json.Unmarshal([]byte(str), &result)
return err
}
func (t *MapType) get(str string) (interface{}, error) {
result := map[string]string{}
err := json.Unmarshal([]byte(str), &result)
return result, err
}

98
src/common/config/metadata/type_test.go Normal file
View File

@ -0,0 +1,98 @@
// Copyright Project Harbor Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package metadata
import (
"github.com/stretchr/testify/assert"
"testing"
)
func TestIntType_validate(t *testing.T) {
test := &IntType{}
assert.NotNil(t, test.validate("sample"))
assert.Nil(t, test.validate("1000"))
}
func TestIntType_get(t *testing.T) {
test := &IntType{}
result, _ := test.get("1000")
assert.IsType(t, result, 1000)
}
func TestStringType_get(t *testing.T) {
test := &StringType{}
result, _ := test.get("1000")
assert.IsType(t, result, "sample")
}
func TestStringType_validate(t *testing.T) {
test := &StringType{}
assert.Nil(t, test.validate("sample"))
}
func TestLdapScopeType_validate(t *testing.T) {
test := &LdapScopeType{}
assert.NotNil(t, test.validate("3"))
assert.Nil(t, test.validate("2"))
}
func TestInt64Type_validate(t *testing.T) {
test := &Int64Type{}
assert.NotNil(t, test.validate("sample"))
assert.Nil(t, test.validate("1000"))
}
func TestInt64Type_get(t *testing.T) {
test := &Int64Type{}
result, _ := test.get("32")
assert.Equal(t, result, int64(32))
}
func TestBoolType_validate(t *testing.T) {
test := &BoolType{}
assert.NotNil(t, test.validate("sample"))
assert.Nil(t, test.validate("True"))
}
func TestBoolType_get(t *testing.T) {
test := &BoolType{}
result, _ := test.get("true")
assert.Equal(t, result, true)
result, _ = test.get("false")
assert.Equal(t, result, false)
}
func TestPasswordType_validate(t *testing.T) {
test := &PasswordType{}
assert.Nil(t, test.validate("zhu88jie"))
}
func TestPasswordType_get(t *testing.T) {
test := &PasswordType{}
assert.Nil(t, test.validate("zhu88jie"))
}
func TestMapType_validate(t *testing.T) {
test := &MapType{}
assert.Nil(t, test.validate(`{"sample":"abc", "another":"welcome"}`))
assert.NotNil(t, test.validate(`{"sample":"abc", "another":"welcome"`))
}
func TestMapType_get(t *testing.T) {
test := &MapType{}
result, _ := test.get(`{"sample":"abc", "another":"welcome"}`)
assert.Equal(t, result, map[string]string{"sample": "abc", "another": "welcome"})
}

159
src/common/config/metadata/value.go Normal file
View File

@ -0,0 +1,159 @@
// Copyright Project Harbor Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package metadata
import (
"errors"
"github.com/goharbor/harbor/src/common/utils/log"
)
var (
// ErrNotDefined ...
ErrNotDefined = errors.New("configure item is not defined in metadata")
// ErrTypeNotMatch ...
ErrTypeNotMatch = errors.New("the required value doesn't matched with metadata defined")
// ErrInvalidData ...
ErrInvalidData = errors.New("the data provided is invalid")
// ErrValueNotSet ...
ErrValueNotSet = errors.New("the configure value is not set")
)
// ConfigureValue - struct to hold a actual value, also include the name of config metadata.
type ConfigureValue struct {
Name string `json:"name,omitempty"`
Value string `json:"value,omitempty"`
}
// NewConfigureValue ...
func NewConfigureValue(name, value string) *ConfigureValue {
result := &ConfigureValue{}
err := result.Set(name, value)
if err != nil {
log.Errorf("Failed to set name:%v, value:%v, error %v", name, value, err)
result.Name = name // Keep name to trace error
}
return result
}
// GetString - Get the string value of current configure
func (c *ConfigureValue) GetString() string {
// Any type has the string value
if _, ok := Instance().GetByName(c.Name); ok {
return c.Value
}
return ""
}
// GetName ...
func (c *ConfigureValue) GetName() string {
return c.Name
}
// GetInt - return the int value of current value
func (c *ConfigureValue) GetInt() int {
if item, ok := Instance().GetByName(c.Name); ok {
val, err := item.ItemType.get(c.Value)
if err != nil {
log.Errorf("GetInt failed, error: %+v", err)
return 0
}
if intValue, suc := val.(int); suc {
return intValue
}
}
log.Errorf("The current value's metadata is not defined, %+v", c)
return 0
}
// GetInt64 - return the int64 value of current value
func (c *ConfigureValue) GetInt64() int64 {
if item, ok := Instance().GetByName(c.Name); ok {
val, err := item.ItemType.get(c.Value)
if err != nil {
log.Errorf("GetInt64 failed, error: %+v", err)
return 0
}
if int64Value, suc := val.(int64); suc {
return int64Value
}
}
log.Errorf("The current value's metadata is not defined, %+v", c)
return 0
}
// GetBool - return the bool value of current setting
func (c *ConfigureValue) GetBool() bool {
if item, ok := Instance().GetByName(c.Name); ok {
val, err := item.ItemType.get(c.Value)
if err != nil {
log.Errorf("GetBool failed, error: %+v", err)
return false
}
if boolValue, suc := val.(bool); suc {
return boolValue
}
}
log.Errorf("The current value's metadata is not defined, %+v", c)
return false
}
// GetStringToStringMap - return the string to string map of current value
func (c *ConfigureValue) GetStringToStringMap() map[string]string {
result := map[string]string{}
if item, ok := Instance().GetByName(c.Name); ok {
val, err := item.ItemType.get(c.Value)
if err != nil {
log.Errorf("The GetBool failed, error: %+v", err)
return result
}
if mapValue, suc := val.(map[string]string); suc {
return mapValue
}
}
log.Errorf("GetStringToStringMap failed, current value's metadata is not defined, %+v", c)
return result
}
// Validate - to validate configure items, if passed, return nil, else return error
func (c *ConfigureValue) Validate() error {
if item, ok := Instance().GetByName(c.Name); ok {
return item.ItemType.validate(c.Value)
}
return ErrNotDefined
}
// GetPassword ...
func (c *ConfigureValue) GetPassword() string {
if _, ok := Instance().GetByName(c.Name); ok {
return c.Value
}
log.Errorf("GetPassword failed, metadata not defined: %v", c.Name)
return ""
}
// Set - set this configure item to configure store
func (c *ConfigureValue) Set(name, value string) error {
if item, ok := Instance().GetByName(name); ok {
err := item.ItemType.validate(value)
if err == nil {
c.Name = name
c.Value = value
return nil
}
return err
}
return ErrNotDefined
}

51
src/common/config/metadata/value_test.go Normal file
View File

@ -0,0 +1,51 @@
// Copyright Project Harbor Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package metadata
import (
"github.com/stretchr/testify/assert"
"testing"
)
var testingMetaDataArray = []Item{
{Name: "ldap_search_scope", ItemType: &LdapScopeType{}, Scope: "system", Group: "ldapbasic"},
{Name: "ldap_search_dn", ItemType: &StringType{}, Scope: "user", Group: "ldapbasic"},
{Name: "ulimit", ItemType: &Int64Type{}, Scope: "user", Group: "ldapbasic"},
{Name: "ldap_verify_cert", ItemType: &BoolType{}, Scope: "user", Group: "ldapbasic"},
{Name: "sample_map_setting", ItemType: &MapType{}, Scope: "user", Group: "ldapbasic"},
}
func TestConfigureValue_GetBool(t *testing.T) {
assert.Equal(t, NewConfigureValue("ldap_verify_cert", "true").GetBool(), true)
assert.Equal(t, NewConfigureValue("unknown", "false").GetBool(), false)
}
func TestConfigureValue_GetString(t *testing.T) {
assert.Equal(t, NewConfigureValue("ldap_url", "ldaps://ldap.vmware.com").GetString(), "ldaps://ldap.vmware.com")
}
func TestConfigureValue_GetStringToStringMap(t *testing.T) {
Instance().initFromArray(testingMetaDataArray)
assert.Equal(t, NewConfigureValue("sample_map_setting", `{"sample":"abc"}`).GetStringToStringMap(), map[string]string{"sample": "abc"})
Instance().init()
}
func TestConfigureValue_GetInt(t *testing.T) {
assert.Equal(t, NewConfigureValue("ldap_timeout", "5").GetInt(), 5)
}
func TestConfigureValue_GetInt64(t *testing.T) {
Instance().initFromArray(testingMetaDataArray)
assert.Equal(t, NewConfigureValue("ulimit", "99999").GetInt64(), int64(99999))
}

6
src/common/http/client.go
View File

@ -39,7 +39,11 @@ func NewClient(c *http.Client, modifiers ...modifier.Modifier) *Client {
client: c,
}
if client.client == nil {
client.client = &http.Client{}
client.client = &http.Client{
Transport: &http.Transport{
Proxy: http.ProxyFromEnvironment,
},
}
}
if len(modifiers) > 0 {
client.modifiers = modifiers

8
src/common/security/admiral/authcontext/authcontext.go
View File

@ -24,9 +24,9 @@ import (
"strings"
"github.com/goharbor/harbor/src/common"
commonhttp "github.com/goharbor/harbor/src/common/http"
"github.com/goharbor/harbor/src/common/models"
"github.com/goharbor/harbor/src/common/utils"
http_error "github.com/goharbor/harbor/src/common/utils/error"
"github.com/goharbor/harbor/src/common/utils/log"
)
@ -187,9 +187,9 @@ func send(client *http.Client, req *http.Request) (*AuthContext, error) {
}
if resp.StatusCode != http.StatusOK {
return nil, &http_error.HTTPError{
StatusCode: resp.StatusCode,
Detail: string(data),
return nil, &commonhttp.Error{
Code: resp.StatusCode,
Message: string(data),
}
}

12
src/common/utils/error/error.go
View File

@ -16,19 +16,7 @@ package error
import (
"errors"
"fmt"
)
// ErrDupProject is the error returned when creating a duplicate project
var ErrDupProject = errors.New("duplicate project")
// HTTPError : if response is returned but the status code is not 200, an Error instance will be returned
type HTTPError struct {
StatusCode int
Detail string
}
// Error returns the details as string
func (e *HTTPError) Error() string {
return fmt.Sprintf("%d %s", e.StatusCode, e.Detail)
}

8
src/common/utils/registry/auth/util.go
View File

@ -21,8 +21,8 @@ import (
"net/url"
"github.com/docker/distribution/registry/auth/token"
commonhttp "github.com/goharbor/harbor/src/common/http"
"github.com/goharbor/harbor/src/common/models"
registry_error "github.com/goharbor/harbor/src/common/utils/error"
"github.com/goharbor/harbor/src/common/utils/registry"
)
@ -73,9 +73,9 @@ func getToken(client *http.Client, credential Credential, realm, service string,
return nil, err
}
if resp.StatusCode != http.StatusOK {
return nil, &registry_error.HTTPError{
StatusCode: resp.StatusCode,
Detail: string(data),
return nil, &commonhttp.Error{
Code: resp.StatusCode,
Message: string(data),
}
}

17
src/common/utils/registry/registry.go
View File

@ -21,10 +21,11 @@ import (
"net/http"
"net/url"
"strings"
// "time"
commonhttp "github.com/goharbor/harbor/src/common/http"
"github.com/goharbor/harbor/src/common/utils"
registry_error "github.com/goharbor/harbor/src/common/utils/error"
)
// Registry holds information of a registry entity
@ -39,11 +40,13 @@ func init() {
defaultHTTPTransport = &http.Transport{}
secureHTTPTransport = &http.Transport{
Proxy: http.ProxyFromEnvironment,
TLSClientConfig: &tls.Config{
InsecureSkipVerify: false,
},
}
insecureHTTPTransport = &http.Transport{
Proxy: http.ProxyFromEnvironment,
TLSClientConfig: &tls.Config{
InsecureSkipVerify: true,
},
@ -118,9 +121,9 @@ func (r *Registry) Catalog() ([]string, error) {
suffix = ""
}
} else {
return repos, &registry_error.HTTPError{
StatusCode: resp.StatusCode,
Detail: string(b),
return repos, &commonhttp.Error{
Code: resp.StatusCode,
Message: string(b),
}
}
}
@ -149,8 +152,8 @@ func (r *Registry) Ping() error {
return err
}
return &registry_error.HTTPError{
StatusCode: resp.StatusCode,
Detail: string(b),
return &commonhttp.Error{
Code: resp.StatusCode,
Message: string(b),
}
}

68
src/common/utils/registry/repository.go
View File

@ -30,8 +30,8 @@ import (
"github.com/docker/distribution/manifest/schema1"
"github.com/docker/distribution/manifest/schema2"
commonhttp "github.com/goharbor/harbor/src/common/http"
"github.com/goharbor/harbor/src/common/utils"
registry_error "github.com/goharbor/harbor/src/common/utils/error"
)
// Repository holds information of a repository entity
@ -61,7 +61,7 @@ func NewRepository(name, endpoint string, client *http.Client) (*Repository, err
func parseError(err error) error {
if urlErr, ok := err.(*url.Error); ok {
if regErr, ok := urlErr.Err.(*registry_error.HTTPError); ok {
if regErr, ok := urlErr.Err.(*commonhttp.Error); ok {
return regErr
}
}
@ -109,9 +109,9 @@ func (r *Repository) ListTag() ([]string, error) {
return tags, nil
}
return tags, &registry_error.HTTPError{
StatusCode: resp.StatusCode,
Detail: string(b),
return tags, &commonhttp.Error{
Code: resp.StatusCode,
Message: string(b),
}
}
@ -149,9 +149,9 @@ func (r *Repository) ManifestExist(reference string) (digest string, exist bool,
return
}
err = &registry_error.HTTPError{
StatusCode: resp.StatusCode,
Detail: string(b),
err = &commonhttp.Error{
Code: resp.StatusCode,
Message: string(b),
}
return
}
@ -186,9 +186,9 @@ func (r *Repository) PullManifest(reference string, acceptMediaTypes []string) (
return
}
err = &registry_error.HTTPError{
StatusCode: resp.StatusCode,
Detail: string(b),
err = &commonhttp.Error{
Code: resp.StatusCode,
Message: string(b),
}
return
@ -221,9 +221,9 @@ func (r *Repository) PushManifest(reference, mediaType string, payload []byte) (
return
}
err = &registry_error.HTTPError{
StatusCode: resp.StatusCode,
Detail: string(b),
err = &commonhttp.Error{
Code: resp.StatusCode,
Message: string(b),
}
return
@ -252,9 +252,9 @@ func (r *Repository) DeleteManifest(digest string) error {
return err
}
return &registry_error.HTTPError{
StatusCode: resp.StatusCode,
Detail: string(b),
return &commonhttp.Error{
Code: resp.StatusCode,
Message: string(b),
}
}
@ -288,8 +288,8 @@ func (r *Repository) DeleteTag(tag string) error {
}
if !exist {
return &registry_error.HTTPError{
StatusCode: http.StatusNotFound,
return &commonhttp.Error{
Code: http.StatusNotFound,
}
}
@ -323,9 +323,9 @@ func (r *Repository) BlobExist(digest string) (bool, error) {
return false, err
}
return false, &registry_error.HTTPError{
StatusCode: resp.StatusCode,
Detail: string(b),
return false, &commonhttp.Error{
Code: resp.StatusCode,
Message: string(b),
}
}
@ -359,9 +359,9 @@ func (r *Repository) PullBlob(digest string) (size int64, data io.ReadCloser, er
return
}
err = &registry_error.HTTPError{
StatusCode: resp.StatusCode,
Detail: string(b),
err = &commonhttp.Error{
Code: resp.StatusCode,
Message: string(b),
}
return
@ -390,9 +390,9 @@ func (r *Repository) initiateBlobUpload(name string) (location, uploadUUID strin
return
}
err = &registry_error.HTTPError{
StatusCode: resp.StatusCode,
Detail: string(b),
err = &commonhttp.Error{
Code: resp.StatusCode,
Message: string(b),
}
return
@ -424,9 +424,9 @@ func (r *Repository) monolithicBlobUpload(location, digest string, size int64, d
return err
}
return &registry_error.HTTPError{
StatusCode: resp.StatusCode,
Detail: string(b),
return &commonhttp.Error{
Code: resp.StatusCode,
Message: string(b),
}
}
@ -462,9 +462,9 @@ func (r *Repository) DeleteBlob(digest string) error {
return err
}
return &registry_error.HTTPError{
StatusCode: resp.StatusCode,
Detail: string(b),
return &commonhttp.Error{
Code: resp.StatusCode,
Message: string(b),
}
}

6
src/common/utils/registry/repository_test.go
View File

@ -29,7 +29,7 @@ import (
"github.com/stretchr/testify/require"
"github.com/docker/distribution/manifest/schema2"
registry_error "github.com/goharbor/harbor/src/common/utils/error"
commonhttp "github.com/goharbor/harbor/src/common/http"
"github.com/goharbor/harbor/src/common/utils/test"
)
@ -392,10 +392,10 @@ func TestListTag(t *testing.T) {
func TestParseError(t *testing.T) {
err := &url.Error{
Err: &registry_error.HTTPError{},
Err: &commonhttp.Error{},
}
e := parseError(err)
if _, ok := e.(*registry_error.HTTPError); !ok {
if _, ok := e.(*commonhttp.Error); !ok {
t.Errorf("error type does not match registry error")
}
}

2
src/common/utils/uaa/client.go
View File

@ -41,7 +41,7 @@ const (
UsersURLSuffix = "/Users"
)
var uaaTransport = &http.Transport{}
var uaaTransport = &http.Transport{Proxy: http.ProxyFromEnvironment}
// Client provides funcs to interact with UAA.
type Client interface {

15
src/core/api/repository.go
View File

@ -32,7 +32,6 @@ import (
"github.com/goharbor/harbor/src/common/models"
"github.com/goharbor/harbor/src/common/utils"
"github.com/goharbor/harbor/src/common/utils/clair"
registry_error "github.com/goharbor/harbor/src/common/utils/error"
"github.com/goharbor/harbor/src/common/utils/log"
"github.com/goharbor/harbor/src/common/utils/notary"
"github.com/goharbor/harbor/src/common/utils/registry"
@ -265,8 +264,8 @@ func (ra *RepositoryAPI) Delete() {
if err != nil {
log.Errorf("error occurred while listing tags of %s: %v", repoName, err)
if regErr, ok := err.(*registry_error.HTTPError); ok {
ra.CustomAbort(regErr.StatusCode, regErr.Detail)
if regErr, ok := err.(*commonhttp.Error); ok {
ra.CustomAbort(regErr.Code, regErr.Message)
}
ra.CustomAbort(http.StatusInternalServerError, "internal error")
@ -312,12 +311,12 @@ func (ra *RepositoryAPI) Delete() {
return
}
if err = rc.DeleteTag(t); err != nil {
if regErr, ok := err.(*registry_error.HTTPError); ok {
if regErr.StatusCode == http.StatusNotFound {
if regErr, ok := err.(*commonhttp.Error); ok {
if regErr.Code == http.StatusNotFound {
continue
}
log.Errorf("failed to delete tag %s: %v", t, err)
ra.CustomAbort(regErr.StatusCode, regErr.Detail)
ra.CustomAbort(regErr.Code, regErr.Message)
}
log.Errorf("error occurred while deleting tag %s:%s: %v", repoName, t, err)
ra.CustomAbort(http.StatusInternalServerError, "internal error")
@ -751,8 +750,8 @@ func (ra *RepositoryAPI) GetManifests() {
if err != nil {
log.Errorf("error occurred while getting manifest of %s:%s: %v", repoName, tag, err)
if regErr, ok := err.(*registry_error.HTTPError); ok {
ra.CustomAbort(regErr.StatusCode, regErr.Detail)
if regErr, ok := err.(*commonhttp.Error); ok {
ra.CustomAbort(regErr.Code, regErr.Message)
}
ra.CustomAbort(http.StatusInternalServerError, "internal error")

4
src/core/api/utils.go
View File

@ -21,10 +21,10 @@ import (
"strings"
"github.com/goharbor/harbor/src/common/dao"
commonhttp "github.com/goharbor/harbor/src/common/http"
"github.com/goharbor/harbor/src/common/models"
"github.com/goharbor/harbor/src/common/utils"
"github.com/goharbor/harbor/src/common/utils/clair"
registry_error "github.com/goharbor/harbor/src/common/utils/error"
"github.com/goharbor/harbor/src/common/utils/log"
"github.com/goharbor/harbor/src/common/utils/registry"
"github.com/goharbor/harbor/src/common/utils/registry/auth"
@ -273,7 +273,7 @@ func buildReplicationActionURL() string {
func repositoryExist(name string, client *registry.Repository) (bool, error) {
tags, err := client.ListTag()
if err != nil {
if regErr, ok := err.(*registry_error.HTTPError); ok && regErr.StatusCode == http.StatusNotFound {
if regErr, ok := err.(*commonhttp.Error); ok && regErr.Code == http.StatusNotFound {
return false, nil
}
return false, err

1
src/core/config/config.go
View File

@ -135,6 +135,7 @@ func initProjectManager() error {
}
AdmiralClient = &http.Client{
Transport: &http.Transport{
Proxy: http.ProxyFromEnvironment,
TLSClientConfig: &tls.Config{
RootCAs: pool,
},

15
src/core/promgr/pmsdriver/admiral/admiral.go
View File

@ -26,6 +26,7 @@ import (
"strconv"
"strings"
commonhttp "github.com/goharbor/harbor/src/common/http"
"github.com/goharbor/harbor/src/common/models"
"github.com/goharbor/harbor/src/common/utils"
er "github.com/goharbor/harbor/src/common/utils/error"
@ -286,20 +287,20 @@ func (d *driver) Create(pro *models.Project) (int64, error) {
// Maybe a 409 error will be returned if Admiral team finds the way to
// return a specific code in Xenon.
// The following codes convert both those two errors to DupProjectErr
httpErr, ok := err.(*er.HTTPError)
httpErr, ok := err.(*commonhttp.Error)
if !ok {
return 0, err
}
if httpErr.StatusCode == http.StatusConflict {
if httpErr.Code == http.StatusConflict {
return 0, er.ErrDupProject
}
if httpErr.StatusCode != http.StatusInternalServerError {
if httpErr.Code != http.StatusInternalServerError {
return 0, err
}
match, e := regexp.MatchString(dupProjectPattern, httpErr.Detail)
match, e := regexp.MatchString(dupProjectPattern, httpErr.Message)
if e != nil {
log.Errorf("failed to match duplicate project mattern: %v", e)
}
@ -397,9 +398,9 @@ func (d *driver) send(method, path string, body io.Reader) ([]byte, error) {
}
if resp.StatusCode != http.StatusOK {
return nil, &er.HTTPError{
StatusCode: resp.StatusCode,
Detail: string(b),
return nil, &commonhttp.Error{
Code: resp.StatusCode,
Message: string(b),
}
}

1
src/jobservice/job/impl/context.go
View File

@ -230,6 +230,7 @@ func getDBFromConfig(cfg map[string]interface{}) *models.Database {
postgresql.Username = cfg[common.PostGreSQLUsername].(string)
postgresql.Password = cfg[common.PostGreSQLPassword].(string)
postgresql.Database = cfg[common.PostGreSQLDatabase].(string)
postgresql.SSLMode = cfg[common.PostGreSQLSSLMode].(string)
database.PostGreSQL = postgresql
return database

6
src/portal/angular.json
View File

@ -24,6 +24,7 @@
"styles": [
"node_modules/@clr/icons/clr-icons.min.css",
"node_modules/@clr/ui/clr-ui.min.css",
"node_modules/swagger-ui/dist/swagger-ui.css",
"node_modules/prismjs/themes/prism-solarizedlight.css",
"src/styles.css"
],
@ -35,7 +36,10 @@
"node_modules/web-animations-js/web-animations.min.js",
"node_modules/marked/lib/marked.js",
"node_modules/prismjs/prism.js",
"node_modules/prismjs/components/prism-yaml.min.js"
"node_modules/prismjs/components/prism-yaml.min.js",
"node_modules/jquery/dist/jquery.slim.js",
"node_modules/popper.js/dist/umd/popper.js",
"node_modules/bootstrap/dist/js/bootstrap.js"
]
},
"configurations": {

3
src/portal/lib/src/log/recent-log.component.html
View File

@ -1,8 +1,7 @@
<div>
<h2 class="h2-log-override" *ngIf="withTitle">{{'SIDE_NAV.LOGS' | translate}}</h2>
<div class="row flex-items-xs-between flex-items-xs-bottom">
<div></div>
<div class="action-head-pos rightPos">
<div class="action-head-pos">
<div class="select filterTag" [hidden]="!isOpenFilterTag">
<select id="selectKey" (change)="selectFilterKey($event)">
<option value="username">{{"AUDIT_LOG.USERNAME" | translate | lowercase}}</option>

2
src/portal/lib/src/shared/shared.const.ts
View File

@ -92,7 +92,7 @@ export const LabelColor = [
export const RoleMapping = { 'projectAdmin': 'MEMBER.PROJECT_ADMIN', 'developer': 'MEMBER.DEVELOPER', 'guest': 'MEMBER.GUEST' };
export const DefaultHelmIcon = '/images/helm-gray.png';
export const DefaultHelmIcon = '/images/helm-gray.svg';
export enum Roles {
PROJECT_ADMIN = 1,

2
src/portal/lib/src/tag/tag.component.html
View File

@ -75,7 +75,7 @@
</div>
</clr-dropdown-menu>
</clr-dropdown>
<button type="button" class="btn btn-sm btn-secondary" [disabled]="!(selectedRow.length===1 && developerRoleOrAbove)" (click)="retag(selectedRow)"><clr-icon shape="copy" size="16"></clr-icon>&nbsp;{{'REPOSITORY.RETAG' | translate}}</button>
<button type="button" class="btn btn-sm btn-secondary" [disabled]="!(selectedRow.length===1 && guestRoleOrAbove)" (click)="retag(selectedRow)"><clr-icon shape="copy" size="16"></clr-icon>&nbsp;{{'REPOSITORY.RETAG' | translate}}</button>
<button type="button" class="btn btn-sm btn-secondary" *ngIf="hasProjectAdminRole" (click)="deleteTags(selectedRow)" [disabled]="!selectedRow.length"><clr-icon shape="times" size="16"></clr-icon>&nbsp;{{'REPOSITORY.DELETE' | translate}}</button>
</clr-dg-action-bar>
<clr-dg-column class="width-130" [clrDgField]="'name'">{{'REPOSITORY.TAG' | translate}}</clr-dg-column>

6
src/portal/lib/src/tag/tag.component.ts
View File

@ -761,6 +761,10 @@ export class TagComponent implements OnInit, AfterViewInit {
}
public get developerRoleOrAbove(): boolean {
return this.memberRoleID === Roles.DEVELOPER || this.hasProjectAdminRole;
return this.memberRoleID === Roles.DEVELOPER || this.hasProjectAdminRole;
}
public get guestRoleOrAbove(): boolean {
return this.memberRoleID === Roles.GUEST || this.memberRoleID === Roles.DEVELOPER || this.hasProjectAdminRole;
}
}

705
src/portal/package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

8
src/portal/package.json
View File

@ -32,18 +32,26 @@
"@clr/angular": "^0.12.10",
"@clr/icons": "^0.12.0",
"@clr/ui": "^0.12.0",
"@fortawesome/fontawesome-free": "^5.1.0-4",
"@ng-bootstrap/ng-bootstrap": "^2.0.0",
"@ngx-translate/core": "^10.0.2",
"@ngx-translate/http-loader": "^3.0.1",
"@types/jquery": "^2.0.41",
"@webcomponents/custom-elements": "^1.1.3",
"bootstrap": "^4.1.1",
"buffer": "^5.2.1",
"core-js": "^2.5.4",
"intl": "^1.2.5",
"jquery": "^3.3.1",
"mutationobserver-shim": "^0.3.2",
"ng-packagr": "^4.1.1",
"ngx-clipboard": "^11.1.1",
"ngx-cookie": "^1.0.0",
"ngx-markdown": "^6.2.0",
"popper.js": "^1.14.3",
"rxjs": "^6.3.1",
"stream": "^0.0.2",
"swagger-ui": "^3.20.2",
"ts-helpers": "^1.1.1",
"tslib": "^1.9.0",
"types": "^0.1.1",

2
src/portal/src/app/app-config.ts
View File

@ -42,7 +42,7 @@ export class AppConfig {
this.project_creation_restriction = "everyone";
this.self_registration = true;
this.has_ca_root = false;
this.harbor_version = "1.2.0";
this.harbor_version = "unknown";
this.clair_vulnerability_status = {
overall_last_update: 0,
details: []

7
src/portal/src/app/app.module.ts
View File

@ -20,6 +20,7 @@ import { HarborRoutingModule } from './harbor-routing.module';
import { SharedModule } from './shared/shared.module';
import { AccountModule } from './account/account.module';
import { ConfigurationModule } from './config/config.module';
import { DeveloperCenterModule } from './dev-center/dev-center.module';
import { registerLocaleData } from '@angular/common';
import { TranslateService } from "@ngx-translate/core";
@ -30,6 +31,7 @@ import { ProjectConfigComponent } from './project/project-config/project-config.
import zh from '@angular/common/locales/zh-Hans';
import es from '@angular/common/locales/es';
import localeFr from '@angular/common/locales/fr';
import { DevCenterComponent } from './dev-center/dev-center.component';
registerLocaleData(zh, 'zh-cn');
registerLocaleData(es, 'es-es');
registerLocaleData(localeFr, 'fr-fr');
@ -49,7 +51,7 @@ export function getCurrentLanguage(translateService: TranslateService) {
@NgModule({
declarations: [
AppComponent,
ProjectConfigComponent,
ProjectConfigComponent
],
imports: [
BrowserModule,
@ -57,7 +59,8 @@ export function getCurrentLanguage(translateService: TranslateService) {
BaseModule,
AccountModule,
HarborRoutingModule,
ConfigurationModule
ConfigurationModule,
DeveloperCenterModule
],
exports: [
],

2
src/portal/src/app/base/base.module.ts
View File

@ -26,7 +26,6 @@ import { GlobalSearchComponent } from './global-search/global-search.component';
import { FooterComponent } from './footer/footer.component';
import { HarborShellComponent } from './harbor-shell/harbor-shell.component';
import { SearchResultComponent } from './global-search/search-result.component';
import { StartPageComponent } from './start-page/start.component';
import { SearchTriggerService } from './global-search/search-trigger.service';
@ -46,7 +45,6 @@ import { SearchTriggerService } from './global-search/search-trigger.service';
FooterComponent,
HarborShellComponent,
SearchResultComponent,
StartPageComponent
],
exports: [ HarborShellComponent ],
providers: [SearchTriggerService]

50
src/portal/src/app/base/harbor-shell/harbor-shell.component.html
View File

@ -2,7 +2,8 @@
<global-message [isAppLevel]="true"></global-message>
<navigator (showAccountSettingsModal)="openModal($event)" (showPwdChangeModal)="openModal($event)"></navigator>
<div class="content-container">
<div class="content-area" [class.container-override]="showSearch" [class.content-area-override]="!shouldOverrideContent" [class.start-content-padding]="shouldOverrideContent">
<div class="content-area" [class.container-override]="showSearch" [class.content-area-override]="!shouldOverrideContent"
[class.start-content-padding]="shouldOverrideContent">
<global-message [isAppLevel]="false"></global-message>
<!-- Only appear when searching -->
<search-result></search-result>
@ -17,46 +18,39 @@
<clr-icon shape="list" clrVerticalNavIcon></clr-icon>
{{'SIDE_NAV.LOGS' | translate}}
</a>
<clr-vertical-nav-group *ngIf="isSystemAdmin" routerLinkActive="active">
<a clrVerticalNavLink target="_blank" routerLink="/devcenter" routerLinkActive="active">
<clr-icon shape="terminal" clrVerticalNavIcon></clr-icon>
{{'SIDE_NAV.SYSTEM_MGMT.DEVCENTER' | translate}}
</a>
<clr-vertical-nav-group *ngIf="isSystemAdmin" routerLinkActive="active">
<clr-icon shape="administrator" clrVerticalNavIcon></clr-icon>
{{'SIDE_NAV.SYSTEM_MGMT.NAME' | translate}}
<a routerLink="#" hidden aria-hidden="true"></a>
<clr-vertical-nav-group-children *clrIfExpanded="true">
<a clrVerticalNavLink
routerLink="/harbor/users"
routerLinkActive="active">
<clr-icon shape="users" clrVerticalNavIcon></clr-icon>
{{'SIDE_NAV.SYSTEM_MGMT.USER' | translate}}
<a clrVerticalNavLink routerLink="/harbor/users" routerLinkActive="active">
<clr-icon shape="users" clrVerticalNavIcon></clr-icon>
{{'SIDE_NAV.SYSTEM_MGMT.USER' | translate}}
</a>
<a *ngIf='isLdapMode'
clrVerticalNavLink
routerLink="/harbor/groups"
routerLinkActive="active">
<clr-icon shape="users" clrVerticalNavIcon></clr-icon>
<a *ngIf='isLdapMode' clrVerticalNavLink routerLink="/harbor/groups" routerLinkActive="active">
<clr-icon shape="users" clrVerticalNavIcon></clr-icon>
{{'SIDE_NAV.SYSTEM_MGMT.GROUP' | translate}}
</a>
<a clrVerticalNavLink
routerLink="/harbor/registries"
routerLinkActive="active">
<clr-icon shape="block" clrVerticalNavIcon></clr-icon>
{{'SIDE_NAV.SYSTEM_MGMT.REGISTRY' | translate}}
<a clrVerticalNavLink routerLink="/harbor/registries" routerLinkActive="active">
<clr-icon shape="block" clrVerticalNavIcon></clr-icon>
{{'SIDE_NAV.SYSTEM_MGMT.REGISTRY' | translate}}
</a>
<a clrVerticalNavLink
routerLink="/harbor/replications"
routerLinkActive="active">
<clr-icon shape="cloud-traffic" clrVerticalNavIcon></clr-icon>
{{'SIDE_NAV.SYSTEM_MGMT.REPLICATION' | translate}}
<a clrVerticalNavLink routerLink="/harbor/replications" routerLinkActive="active">
<clr-icon shape="cloud-traffic" clrVerticalNavIcon></clr-icon>
{{'SIDE_NAV.SYSTEM_MGMT.REPLICATION' | translate}}
</a>
<a clrVerticalNavLink
routerLink="/harbor/configs"
routerLinkActive="active">
<clr-icon shape="cog" clrVerticalNavIcon></clr-icon>
{{'SIDE_NAV.SYSTEM_MGMT.CONFIG' | translate}}
<a clrVerticalNavLink routerLink="/harbor/configs" routerLinkActive="active">
<clr-icon shape="cog" clrVerticalNavIcon></clr-icon>
{{'SIDE_NAV.SYSTEM_MGMT.CONFIG' | translate}}
</a>
</clr-vertical-nav-group-children>
</clr-vertical-nav-group>
</clr-vertical-nav>
<hbr-operation-model *ngIf="isUserExisting"></hbr-operation-model>
<hbr-operation-model *ngIf="isUserExisting"></hbr-operation-model>
</div>
</clr-main-container>
<account-settings-modal></account-settings-modal>

2
src/portal/src/app/base/navigator/navigator.component.html
View File

@ -2,7 +2,7 @@
<div class="branding">
<a href="javascript:void(0)" class="nav-link" (click)="homeAction()">
<!-- <clr-icon shape="vm-bug" *ngIf="!customStyle?.headerLogo"></clr-icon> -->
<img src="../../../images/harbor-white-logo.svg" class="harbor-logo" />
<img [src]="'images/harbor-logo.svg'" class="harbor-logo" />
<img [attr.src]="'static/images/'+customStyle?.headerLogo" *ngIf="customStyle?.headerLogo" class="headerLogo">
<span class="title">{{customProjectName?.projectName? customProjectName?.projectName:(appTitle | translate)}}</span>
</a>

29
src/portal/src/app/base/start-page/start.component.html
View File

@ -1,29 +0,0 @@
<!-- Authenticated-->
<div class="row row-fill-height row-margin" *ngIf="isSessionValid">
<div class="col-xs-12 col-sm-12 col-md-12 col-lg-12 col-xl-12">
<statistics-panel></statistics-panel>
<top-repo></top-repo>
</div>
</div>
<!-- Guest -->
<div class="row row-fill-height" *ngIf="!isSessionValid">
<div class="col-xs-12 col-sm-12 col-md-5 col-lg-5 col-xl-5 column-fill-height">
<div class="start-card">
<div class="card-img my-card-img">
</div>
<div class="card-block">
<h3 class="card-title">Getting Start</h3>
<p class="card-text">
{{'START_PAGE.GETTING_START' | translate}}
</p>
</div>
<div class="card-footer my-card-footer">
<a href="https://goharbor.io" target="_blank" class="btn btn-sm btn-link">Learn More</a>
</div>
</div>
</div>
<div class="col-xs-12 col-sm-12 col-md-7 col-lg-7 col-xl-7">
<top-repo></top-repo>
</div>
</div>

30
src/portal/src/app/base/start-page/start.component.scss
View File

@ -1,30 +0,0 @@
.start-card {
border-right: 1px solid #cccccc;
padding: 24px;
background-color: white;
height: 100%;
}
.row-fill-height {
height: 100%;
}
.row-margin {
margin-left: 24px;
}
.column-fill-height {
height: 100%;
}
.my-card-img {
background-image: url('../../../images/harbor-logo.png');
background-repeat: no-repeat;
background-size: contain;
height: 160px;
}
.my-card-footer {
float: right;
margin-top: 100px;
}

33
src/portal/src/app/base/start-page/start.component.ts
View File

@ -1,33 +0,0 @@
// Copyright Project Harbor Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
import { Component, OnInit } from '@angular/core';
import { SessionService } from '../../shared/session.service';
@Component({
selector: 'start-page',
templateUrl: "start.component.html",
styleUrls: ['start.component.scss']
})
export class StartPageComponent implements OnInit {
isSessionValid: boolean = false;
constructor(
private session: SessionService
) { }
ngOnInit(): void {
this.isSessionValid = this.session.getCurrentUser() != null;
}
}

2
src/portal/src/app/dev-center/dev-center.component.html Normal file
View File

@ -0,0 +1,2 @@
<div class="swagger-container" style="overflow:scroll;"></div>

8
src/portal/src/app/dev-center/dev-center.component.scss Normal file
View File

@ -0,0 +1,8 @@
.swagger-container {
overflow: auto;
position: absolute;
top: 0;
bottom: 0;
left: 0;
right: 0;
}

26
src/portal/src/app/dev-center/dev-center.component.spec.ts Normal file
View File

@ -0,0 +1,26 @@
import { async, ComponentFixture, TestBed } from '@angular/core/testing';
import { DevCenterComponent } from './dev-center.component';
describe('DevCenterComponent', () => {
let component: DevCenterComponent;
let fixture: ComponentFixture<DevCenterComponent>;
beforeEach(async(() => {
TestBed.configureTestingModule({
declarations: [ DevCenterComponent ]
})
.compileComponents();
}));
beforeEach(() => {
fixture = TestBed.createComponent(DevCenterComponent);
component = fixture.componentInstance;
fixture.detectChanges();
});
it('should create', () => {
expect(component).toBeTruthy();
});
});

37
src/portal/src/app/dev-center/dev-center.component.ts Normal file
View File

@ -0,0 +1,37 @@
import { AfterViewInit, Component, ElementRef, OnInit } from '@angular/core';
import { Http } from '@angular/http';
import { throwError as observableThrowError, Observable } from 'rxjs';
import { catchError, map } from 'rxjs/operators';
const SwaggerUI = require('swagger-ui');
@Component({
selector: 'dev-center',
templateUrl: 'dev-center.component.html',
styleUrls: ['dev-center.component.scss']
})
export class DevCenterComponent implements AfterViewInit {
private ui: any;
private host: any;
private json: any;
constructor(private el: ElementRef, private http: Http) {
}
ngAfterViewInit() {
this.http.get("/swagger.json")
.pipe(catchError(error => observableThrowError(error)))
.pipe(map(response => response.json())).subscribe(json => {
json.host = window.location.host;
const protocal = window.location.protocol;
json.schemes = [protocal.replace(":", "")];
let ui = SwaggerUI({
spec: json,
domNode: this.el.nativeElement.querySelector('.swagger-container'),
deepLinking: true,
presets: [
SwaggerUI.presets.apis
],
});
});
}
}

23
src/portal/src/app/dev-center/dev-center.module.ts Normal file
View File

@ -0,0 +1,23 @@
import { NgModule } from "@angular/core";
import { RouterModule } from "@angular/router";
import { CommonModule } from "@angular/common";
import { ClarityModule } from '@clr/angular';
import { SharedModule } from '../shared/shared.module';
import { DevCenterComponent } from "./dev-center.component";
@NgModule({
imports: [
CommonModule,
SharedModule,
RouterModule.forChild([{
path: "**",
component: DevCenterComponent,
}]),
ClarityModule.forRoot(),
],
declarations: [
DevCenterComponent,
],
})
export class DeveloperCenterModule {}

7
src/portal/src/app/harbor-routing.module.ts
View File

@ -22,6 +22,7 @@ import { MemberGuard } from './shared/route/member-guard-activate.service';
import { PageNotFoundComponent } from './shared/not-found/not-found.component';
import { HarborShellComponent } from './base/harbor-shell/harbor-shell.component';
import { ConfigurationComponent } from './config/config.component';
import { DevCenterComponent } from './dev-center/dev-center.component';
import { UserComponent } from './user/user.component';
import { SignInComponent } from './account/sign-in/sign-in.component';
@ -43,7 +44,7 @@ import { LeavingRepositoryRouteDeactivate } from './shared/route/leaving-reposit
import { ProjectComponent } from './project/project.component';
import { ProjectDetailComponent } from './project/project-detail/project-detail.component';
import { MemberComponent } from './project/member/member.component';
import {ProjectLabelComponent} from "./project/project-label/project-label.component";
import { ProjectLabelComponent } from "./project/project-label/project-label.component";
import { ProjectConfigComponent } from './project/project-config/project-config.component';
import { ProjectRoutingResolver } from './project/project-routing-resolver.service';
import { ListChartsComponent } from './project/list-charts/list-charts.component';
@ -53,6 +54,10 @@ import { ChartDetailComponent } from './project/chart-detail/chart-detail.compon
const harborRoutes: Routes = [
{ path: '', redirectTo: 'harbor', pathMatch: 'full' },
{ path: 'reset_password', component: ResetPasswordComponent },
{
path: 'devcenter',
component: DevCenterComponent
},
{
path: 'harbor',
component: HarborShellComponent,

2
src/portal/src/app/shared/about-dialog/about-dialog.component.html
View File

@ -1,7 +1,7 @@
<clr-modal [(clrModalOpen)]="opened" [clrModalClosable]="false" [clrModalStaticBackdrop]="false">
<div class="modal-body dialog-body">
<div class="harbor-logo-black">
<img [src]="'images/harbor-black-logo.png'">
<img [src]="'images/harbor-logo.svg'" class="harbor-icon">
</div>
<div class="content">
<div>{{customName?.projectName? customName?.projectName : ('APP_TITLE.HARBOR' | translate)}}</div>

6
src/portal/src/app/shared/about-dialog/about-dialog.component.scss
View File

@ -16,3 +16,9 @@
.content {
margin:0 10px 10px 10px;
}
.harbor-icon {
transform: translateX(-100%);
width: 56px;
filter: drop-shadow(rgb(0, 0, 0) 58px 2px);
}

2
src/portal/src/app/shared/about-dialog/about-dialog.component.ts
View File

@ -47,7 +47,7 @@ export class AboutDialogComponent implements OnInit {
public get version(): string {
let appConfig = this.appConfigService.getConfig();
return appConfig ? appConfig.harbor_version : "n/a";
return appConfig.harbor_version;
}
public open(): void {

5
src/portal/src/i18n/lang/en-us-lang.json
View File

@ -121,7 +121,8 @@
"GROUP": "Groups",
"REGISTRY": "Registries",
"REPLICATION": "Replications",
"CONFIG": "Configuration"
"CONFIG": "Configuration",
"DEVCENTER": "Developer Center"
},
"LOGS": "Logs"
},
@ -444,7 +445,7 @@
"DELETION_TITLE_TAG": "Confirm Tag Deletion",
"DELETION_SUMMARY_TAG": "Do you want to delete tag {{param}}?",
"DELETION_TITLE_TAG_DENIED": "Signed tag cannot be deleted",
"DELETION_SUMMARY_TAG_DENIED": "The tag must be removed from the Notary before it can be deleted.\nDelete from Notary via this command:\n{{param}}",
"DELETION_SUMMARY_TAG_DENIED": "The tag must be removed from the Notary before it can be deleted.\nDelete from Notary via this command:\n",
"TAGS_NO_DELETE": "Delete is prohibited in read only mode.",
"FILTER_FOR_REPOSITORIES": "Filter Repositories",
"TAG": "Tag",

5
src/portal/src/i18n/lang/es-es-lang.json
View File

@ -121,7 +121,8 @@
"REGISTRY": "Registries",
"GROUP": "Groups",
"REPLICATION": "Replicacións",
"CONFIG": "Configuración"
"CONFIG": "Configuración",
"DEVCENTER": "Developer Center"
},
"LOGS": "Logs"
},
@ -442,7 +443,7 @@
"DELETION_TITLE_TAG": "Confirmación de Eliminación de Etiqueta",
"DELETION_SUMMARY_TAG": "¿Quiere eliminar la etiqueta {{param}}?",
"DELETION_TITLE_TAG_DENIED": "La etiqueta firmada no puede ser eliminada",
"DELETION_SUMMARY_TAG_DENIED": "La etiqueta debe ser eliminada de la Notaría antes de eliminarla.\nEliminarla de la Notaría con este comando:\n{{param}}",
"DELETION_SUMMARY_TAG_DENIED": "La etiqueta debe ser eliminada de la Notaría antes de eliminarla.\nEliminarla de la Notaría con este comando:\n",
"TAGS_NO_DELETE": "Delete is prohibited in read only mode.",
"FILTER_FOR_REPOSITORIES": "Filtrar Repositorios",
"TAG": "Etiqueta",

5
src/portal/src/i18n/lang/fr-fr-lang.json
View File

@ -107,7 +107,8 @@
"USER": "Utilisateurs",
"GROUP": "Groups",
"REPLICATION": "Réplication",
"CONFIG": "Configuration"
"CONFIG": "Configuration",
"DEVCENTER": "Developer Center"
},
"LOGS": "Logs"
},
@ -422,7 +423,7 @@
"DELETION_TITLE_TAG": "Confirmer la suppression du Tag",
"DELETION_SUMMARY_TAG": "Voulez-vous supprimer le tag {{param}}?",
"DELETION_TITLE_TAG_DENIED": "Un tag signé ne peut être supprimé",
"DELETION_SUMMARY_TAG_DENIED": "La balise doit être supprimée du Résumé avant qu'elle ne puisse être supprimée. \nSupprimer du Résumé via cette commande: \n{{param}}",
"DELETION_SUMMARY_TAG_DENIED": "La balise doit être supprimée du Résumé avant qu'elle ne puisse être supprimée. \nSupprimer du Résumé via cette commande: \n",
"TAGS_NO_DELETE": "Upload/Delete is prohibited in read only mode.",
"FILTER_FOR_REPOSITORIES": "Filtrer les Dépôts",
"TAG": "Tag",

5
src/portal/src/i18n/lang/pt-br-lang.json
View File

@ -119,7 +119,8 @@
"GROUP": "Grupos",
"REGISTRY": "Registros",
"REPLICATION": "Replicações",
"CONFIG": "Configuração"
"CONFIG": "Configuração",
"DEVCENTER": "Developer Center"
},
"LOGS": "Logs"
},
@ -442,7 +443,7 @@
"DELETION_TITLE_TAG": "Confirmar remoção de Tag",
"DELETION_SUMMARY_TAG": "Você quer remover a Tag {{param}}?",
"DELETION_TITLE_TAG_DENIED": "Tags assinadas não podem ser removidas",
"DELETION_SUMMARY_TAG_DENIED": "A tag deve ser removida do Notary antes de ser apagada.\nRemova do Notary com o seguinte comando:\n{{param}}",
"DELETION_SUMMARY_TAG_DENIED": "A tag deve ser removida do Notary antes de ser apagada.\nRemova do Notary com o seguinte comando:\n",
"TAGS_NO_DELETE": "Remover é proibido em modo somente leitura.",
"FILTER_FOR_REPOSITORIES": "Filtrar repositórios",
"TAG": "Tag",

5
src/portal/src/i18n/lang/zh-cn-lang.json
View File

@ -120,7 +120,8 @@
"GROUP": "组管理",
"REGISTRY": "仓库管理",
"REPLICATION": "复制管理",
"CONFIG": "配置管理"
"CONFIG": "配置管理",
"DEVCENTER": "开发者中心"
},
"LOGS": "日志"
},
@ -442,7 +443,7 @@
"DELETION_TITLE_TAG": "删除镜像标签确认",
"DELETION_SUMMARY_TAG": "确认删除镜像标签 {{param}}?",
"DELETION_TITLE_TAG_DENIED": "已签名的镜像不能被删除",
"DELETION_SUMMARY_TAG_DENIED": "要删除此镜像标签必须首先从Notary中删除。\n请执行如下Notary命令删除:\n{{param}}",
"DELETION_SUMMARY_TAG_DENIED": "要删除此镜像标签必须首先从Notary中删除。\n请执行如下Notary命令删除:\n",
"TAGS_NO_DELETE": "在只读模式下删除是被禁止的",
"FILTER_FOR_REPOSITORIES": "过滤镜像仓库",
"TAG": "标签",

BIN
src/portal/src/images/harbor-black-logo.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 7.0 KiB

BIN
src/portal/src/images/harbor-logo.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 42 KiB

0
src/portal/src/images/harbor-white-logo.svg → src/portal/src/images/harbor-logo.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.8 KiB

After

Width:  |  Height:  |  Size: 1.8 KiB

BIN
src/portal/src/images/helm-gray.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 6.3 KiB

1
src/portal/src/images/helm-gray.svg Normal file
View File

@ -0,0 +1 @@
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 121.02 126.41"><defs><style>.ed7893be-f72e-4d49-983e-3ddcacf196ab{fill:#a2a2a2;}</style></defs><path class="ed7893be-f72e-4d49-983e-3ddcacf196ab" d="M453.41,121.78c-.91-.64-2-2.73-2.61-5.06a37.72,37.72,0,0,1-.38-10.23,12,12,0,0,0,.17-1.89,16.89,16.89,0,0,0-1.89-.29,46.62,46.62,0,0,1-16.5-5.26,13.83,13.83,0,0,0-2-1,5,5,0,0,0-1.12,1.65c-2.2,4.23-6,8.42-8.94,9.79a4.18,4.18,0,0,1-3.14.27c-1-.53-1.28-2.63-.69-5a29.48,29.48,0,0,1,3.35-6.89,38.1,38.1,0,0,1,2.55-3.26l1.5-1.68-.78-.74c-2.06-2-5.92-6.51-5.92-7a61.13,61.13,0,0,1,5.65-3.92c.2-.06.67.41,1.31,1.29a45.53,45.53,0,0,0,7.25,7.17,37.93,37.93,0,0,0,52.57-7,6.94,6.94,0,0,1,1.45-1.56A55.26,55.26,0,0,1,490.88,85c.16.26-2.11,3.22-4.06,5.26a16.35,16.35,0,0,0-1.68,1.94,15.29,15.29,0,0,0,1.62,1.88c2.81,3,5.57,7.59,6.34,10.61.59,2.32.3,4.42-.69,5a3.58,3.58,0,0,1-1.26.2c-3,0-8-4.87-11-10.68a9.12,9.12,0,0,0-1.23-2,6.61,6.61,0,0,0-1.3.72A46.94,46.94,0,0,1,461.11,104a13.84,13.84,0,0,0-2.38.52c-.15.12-.13.68.07,1.94a37.74,37.74,0,0,1-.26,9.73,11,11,0,0,1-2.19,5c-1.07,1.17-1.91,1.34-3,.6ZM393.88,76.39c0-.14-.07-7.52,0-16.4l.06-16.16h8.46l.06,6c0,4.45.11,6,.3,6.1a39,39,0,0,0,4.71.17c3.47,0,4.51-.06,4.68-.27s.24-2.21.28-6.11V43.88h8.47V76.59h-8.47V70.35c0-4.2-.13-6.33-.28-6.51s-1.21-.27-4.71-.27-4.53.06-4.71.27-.24,2.31-.28,6.51v6.24l-4.19.06C394.92,76.64,394,76.59,393.88,76.39Zm34.26,0c0-.14-.07-7.52,0-16.41V43.83h21l.06,3.58V51H436.8l-.06,2.41c0,1.79,0,2.45.2,2.57a47.92,47.92,0,0,0,5.36.17h5.09l-.06,3.58v3.59l-5.24.1-5.24.1v5.65l6.45.1,6.45.1v7.07l-10.74,0c-8.48,0-10.76,0-10.84-.2Zm28.22,0c0-.14-.07-7.52,0-16.41V43.83h8.46l.11,12.72.1,12.72,6.14.1,6.15.1v7.07l-10.43,0c-8.25,0-10.46,0-10.54-.2Zm26.81,0c0-.14-.07-7.52,0-16.4l.06-16.16h4.43a38.16,38.16,0,0,1,4.66.11c.3.2,4.77,12.39,5.76,15.69s.95,3.23,1.18,3a21.38,21.38,0,0,0,1.06-3c1-3.41,5.17-15.23,5.44-15.59.15-.19,1.24-.24,4.65-.2h4.46V76.55l-3.77.06-3.78,0-.13-.53c-.28-1.11.09-12.8.51-16.13.67-5.26.56-5.34-1-.81-1.69,4.89-5,13.89-5.36,14.38S500.9,74,499,74c-1.43,0-2.15-.08-2.29-.26s-4.36-11.51-5.48-14.93c-.8-2.42-1.23-3.29-1.22-2.44,0,.2.19,1.86.42,3.7.41,3.43.78,14.93.51,16l-.13.53H487c-2.8,0-3.76-.06-3.83-.25Zm2.66-37.29a39.91,39.91,0,0,0-4.48-5.64,37.5,37.5,0,0,0-20-11.07c-2.31-.5-2.92-.54-7.16-.55-5,0-6.09.11-10,1.12A37.22,37.22,0,0,0,430,30.22a46.3,46.3,0,0,0-6.64,7c-.86,1.19-1.28,1.64-1.51,1.55a43.94,43.94,0,0,1-5.65-3.8c0-.48,3.32-4.63,5.57-7l2.33-2.43-1.54-1.67c-2.81-3.05-5.51-7.59-6.26-10.54-.59-2.33-.3-4.42.69-5a3.37,3.37,0,0,1,1.26-.21c3,0,8.05,4.87,11,10.68a10.93,10.93,0,0,0,1.2,2,13.21,13.21,0,0,0,1.75-.91,47,47,0,0,1,16.65-5.27,8.92,8.92,0,0,0,1.78-.28c.18-.11.16-.65-.1-2.21a35.31,35.31,0,0,1,.28-10.81c1-3.7,2.55-5.77,4.14-5.47s2.93,2.71,3.68,6.2a40.46,40.46,0,0,1,0,10.77,4.56,4.56,0,0,0-.2,1.56,13,13,0,0,0,2.15.45,45,45,0,0,1,17.27,6.36c.4.24.79.36.85.26s.61-1.19,1.22-2.41c2.36-4.73,6.17-9,9.28-10.48a4.18,4.18,0,0,1,3.14-.27c1,.53,1.28,2.62.69,5a29.92,29.92,0,0,1-3.57,7.21,33.88,33.88,0,0,1-3.13,3.74l-1.87,1.89,1.84,2A59.77,59.77,0,0,1,492,35.46c.27.53.28.67,0,.88a52.14,52.14,0,0,1-5.68,3.34c-.13,0-.4-.27-.6-.6Z" transform="translate(-393.85 4.18)"/></svg>
Side by Side

After

Width:  |  Height:  |  Size: 3.1 KiB

3
src/portal/src/polyfills.ts
View File

@ -37,3 +37,6 @@ import 'intl/locale-data/jsonp/zh';
import 'zone.js/dist/zone';
(window as any).global = window;
// @ts-ignore
window.Buffer = window.Buffer || require('buffer').Buffer;

4
src/portal/src/tsconfig.app.json
View File

@ -8,6 +8,10 @@
"es6",
"dom"
],
"types": [
"node",
"jasmine"
],
"mapRoot": "./",
"module": "commonjs",
"moduleResolution": "node",

2
src/portal/tsconfig.json
View File

@ -7,7 +7,7 @@
"emitDecoratorMetadata": true,
"experimentalDecorators": true,
"lib": [
"es2015",
"es2017",
"dom"
],
"noImplicitAny": false,

2
src/registryctl/auth/secret.go
View File

@ -34,7 +34,7 @@ type secretHandler struct {
secrets map[string]string
}
// NewSecretHandler creaters a new authentiation handler which adds
// NewSecretHandler creates a new authentication handler which adds
// basic authentication credentials to a request.
func NewSecretHandler(secrets map[string]string) AuthenticationHandler {
return &secretHandler{

43
src/registryctl/auth/secret_test.go
View File

@ -15,6 +15,7 @@
package auth
import (
"fmt"
"net/http"
"testing"
@ -49,3 +50,45 @@ func TestAuthorizeRequestValid(t *testing.T) {
assert.Nil(t, err)
}
func TestNilRequest(t *testing.T) {
secret := "Correct"
req, err := http.NewRequest("", "", nil)
req = nil
if err != nil {
t.Fatalf("failed to create request: %v", err)
}
_ = commonsecret.AddToRequest(req, secret)
authenticator := NewSecretHandler(map[string]string{"secret1": "correct"})
err = authenticator.AuthorizeRequest(req)
assert.Equal(t, err, ErrNoSecret)
}
func TestNoSecret(t *testing.T) {
secret := ""
req, err := http.NewRequest("", "", nil)
if err != nil {
t.Fatalf("failed to create request: %v", err)
}
_ = commonsecret.AddToRequest(req, secret)
authenticator := NewSecretHandler(map[string]string{})
err = authenticator.AuthorizeRequest(req)
assert.Equal(t, err, ErrNoSecret)
}
func TestIncorrectHarborSecret(t *testing.T) {
secret := "correct"
req, err := http.NewRequest("", "", nil)
if err != nil {
t.Fatalf("failed to create request: %v", err)
}
_ = commonsecret.AddToRequest(req, secret)
// Set req header to an incorrect value to trigger error return
req.Header.Set("Authorization", fmt.Sprintf("%s%s", "WrongPrefix", secret))
authenticator := NewSecretHandler(map[string]string{"secret1": "correct"})
err = authenticator.AuthorizeRequest(req)
assert.Equal(t, err, ErrInvalidCredential)
}

8
tests/apitests/python/library/repository.py
View File

@ -11,12 +11,6 @@ def pull_harbor_image(registry, username, password, image, tag, expected_error_m
time.sleep(2)
_docker_api.docker_image_pull(r'{}/{}'.format(registry, image), tag = tag, expected_error_message = expected_error_message)
def pull_harbor_image_successfully(registry, username, password, image, tag):
pull_harbor_image(registry, username, password, image, tag)
def pull_harbor_image_unsuccessfully(registry, username, password, image, tag, expected_error_message):
pull_harbor_image(registry, username, password, image, tag, expected_error_message = expected_error_message)
def push_image_to_project(project_name, registry, username, password, image, tag):
_docker_api = DockerAPI()
_docker_api.docker_login(registry, username, password)
@ -95,7 +89,7 @@ class Repository(base.Base):
raise Exception("Image should be <Not Scanned> state!")
def check_image_scan_result(self, repo_name, tag, expected_scan_status = "finished", **kwargs):
timeout_count = 20
timeout_count = 30
while True:
time.sleep(5)
timeout_count = timeout_count - 1

7
tests/apitests/python/test_project_level_policy_content_trust.py
View File

@ -10,8 +10,7 @@ from library.project import Project
from library.user import User
from library.repository import Repository
from library.repository import push_image_to_project
from library.repository import pull_harbor_image_successfully
from library.repository import pull_harbor_image_unsuccessfully
from library.repository import pull_harbor_image
class TestProjects(unittest.TestCase):
@classmethod
@ -77,13 +76,13 @@ class TestProjects(unittest.TestCase):
self.repo.image_should_exist(TestProjects.repo_name, tag, **TestProjects.USER_CONTENT_TRUST_CLIENT)
#5. Pull image(IA) successfully;
pull_harbor_image_successfully(harbor_server, admin_name, admin_password, TestProjects.repo_name, tag)
pull_harbor_image(harbor_server, admin_name, admin_password, TestProjects.repo_name, tag)
#6. Enable content trust in project(PA) configuration;
self.project.update_project(TestProjects.project_content_trust_id, metadata = {"enable_content_trust": "true"}, **TestProjects.USER_CONTENT_TRUST_CLIENT)
#7. Pull image(IA) failed and the reason is "The image is not signed in Notary".
pull_harbor_image_unsuccessfully(harbor_server, admin_name, admin_password, TestProjects.repo_name, tag, "The image is not signed in Notary")
pull_harbor_image(harbor_server, admin_name, admin_password, TestProjects.repo_name, tag, expected_error_message = "The image is not signed in Notary")
if __name__ == '__main__':
unittest.main()

4
tests/apitests/python/test_scan_image.py
View File

@ -73,8 +73,8 @@ class TestProjects(unittest.TestCase):
#Note: Please make sure that this Image has never been pulled before by any other cases,
# so it is a not-scanned image rigth after rpository creation.
#image = "tomcat"
image = "pypy"
src_tag = "latest"
image = "docker"
src_tag = "1.13"
#5. Create a new repository(RA) and tag(TA) in project(PA) by user(UA);
TestProjects.repo_name, tag = push_image_to_project(project_scan_image_name, harbor_server, user_scan_image_name, user_001_password, image, src_tag)

8
tools/migration/db/schema/notaryserver_alter_tables.pgsql Normal file
View File

@ -0,0 +1,8 @@
\c notaryserver;
ALTER TABLE tuf_files OWNER TO server;
ALTER SEQUENCE tuf_files_id_seq OWNER TO server;
ALTER TABLE change_category OWNER TO server;
ALTER TABLE changefeed OWNER TO server;
ALTER SEQUENCE changefeed_id_seq OWNER TO server;
ALTER TABLE schema_migrations OWNER TO server;

2
tools/migration/db/schema/notaryserver_create_tables.pgsql
View File

@ -1,7 +1,7 @@
\c notaryserver;
CREATE TABLE "tuf_files" (
"id" int PRIMARY KEY,
"id" serial PRIMARY KEY,
"created_at" timestamp NULL DEFAULT NULL,
"updated_at" timestamp NULL DEFAULT NULL,
"deleted_at" timestamp NULL DEFAULT NULL,

5
tools/migration/db/schema/notarysigner_alter_tables.pgsql Normal file
View File

@ -0,0 +1,5 @@
\c notarysigner;
ALTER TABLE private_keys OWNER TO signer;
ALTER SEQUENCE private_keys_id_seq OWNER TO signer;
ALTER TABLE schema_migrations OWNER TO signer;

2
tools/migration/db/schema/notarysigner_create_tables.pgsql
View File

@ -1,7 +1,7 @@
\c notarysigner;
CREATE TABLE "private_keys" (
"id" int PRIMARY KEY,
"id" serial PRIMARY KEY,
"created_at" timestamp NULL DEFAULT NULL,
"updated_at" timestamp NULL DEFAULT NULL,
"deleted_at" timestamp NULL DEFAULT NULL,

3
tools/migration/db/util/mysql_pgsql_1_5_0.sh
View File

@ -73,8 +73,11 @@ EOF
# launch_pgsql $PGSQL_USR
psql -U $1 -f /harbor-migration/db/schema/notaryserver_create_tables.pgsql
psql -U $1 -f /harbor-migration/db/schema/notaryserver_insert_data.pgsql
psql -U $1 -f /harbor-migration/db/schema/notaryserver_alter_tables.pgsql
psql -U $1 -f /harbor-migration/db/schema/notarysigner_create_tables.pgsql
psql -U $1 -f /harbor-migration/db/schema/notarysigner_insert_data.pgsql
psql -U $1 -f /harbor-migration/db/schema/notarysigner_alter_tables.pgsql
stop_mysql root
stop_pgsql $1

3
tools/migration/db/util/mysql_pgsql_data_converter.py
View File

@ -95,6 +95,7 @@ def convert_notary_server_db(mysql_dump_file, pgsql_dump_file):
write_database(pgsql_dump, "notaryserver")
write_insert(pgsql_dump, insert_lines)
write_sequence(pgsql_dump, "tuf_files", "id")
write_sequence(pgsql_dump, "changefeed", "id")
def convert_notary_signer_db(mysql_dump_file, pgsql_dump_file):
mysql_dump = open(mysql_dump_file)
@ -144,7 +145,7 @@ def write_alter_table_bool(pgsql_dump, table_name, table_columnn, default_value=
def write_sequence(pgsql_dump, table_name, table_columnn):
pgsql_dump.write('\n')
pgsql_dump.write("CREATE SEQUENCE %s_%s_seq;\n" % (table_name, table_columnn))
pgsql_dump.write("CREATE SEQUENCE IF NOT EXISTS %s_%s_seq;\n" % (table_name, table_columnn))
pgsql_dump.write("SELECT setval('%s_%s_seq', max(%s)) FROM %s;\n" % (table_name, table_columnn, table_columnn, table_name))
pgsql_dump.write("ALTER TABLE \"%s\" ALTER COLUMN \"%s\" SET DEFAULT nextval('%s_%s_seq');\n" % (table_name, table_columnn, table_name, table_columnn))