mirror of
https://github.com/goharbor/harbor.git
synced 2025-01-12 10:50:44 +01:00
fix fd leak issue in registry client
This commit is contained in:
parent
e08555d99f
commit
bf5bb463d9
@ -16,12 +16,13 @@
|
||||
package auth
|
||||
|
||||
import (
|
||||
"crypto/tls"
|
||||
"fmt"
|
||||
"net/http"
|
||||
"time"
|
||||
|
||||
au "github.com/docker/distribution/registry/client/auth"
|
||||
"github.com/vmware/harbor/utils"
|
||||
"github.com/vmware/harbor/utils/registry"
|
||||
)
|
||||
|
||||
// Authorizer authorizes requests according to the schema
|
||||
@ -44,11 +45,8 @@ func NewAuthorizerStore(endpoint string, insecure bool, authorizers ...Authorize
|
||||
endpoint = utils.FormatEndpoint(endpoint)
|
||||
|
||||
client := &http.Client{
|
||||
Transport: &http.Transport{
|
||||
TLSClientConfig: &tls.Config{
|
||||
InsecureSkipVerify: insecure,
|
||||
},
|
||||
},
|
||||
Transport: registry.GetHTTPTransport(insecure),
|
||||
Timeout: 30 * time.Second,
|
||||
}
|
||||
|
||||
resp, err := client.Get(buildPingURL(endpoint))
|
||||
|
@ -16,7 +16,6 @@
|
||||
package auth
|
||||
|
||||
import (
|
||||
"crypto/tls"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
@ -29,6 +28,7 @@ import (
|
||||
|
||||
token_util "github.com/vmware/harbor/service/token"
|
||||
"github.com/vmware/harbor/utils/log"
|
||||
"github.com/vmware/harbor/utils/registry"
|
||||
registry_error "github.com/vmware/harbor/utils/registry/error"
|
||||
)
|
||||
|
||||
@ -140,15 +140,10 @@ type standardTokenAuthorizer struct {
|
||||
// NewStandardTokenAuthorizer returns a standard token authorizer. The authorizer will request a token
|
||||
// from token server and add it to the origin request
|
||||
func NewStandardTokenAuthorizer(credential Credential, insecure bool, scopeType, scopeName string, scopeActions ...string) Authorizer {
|
||||
t := &http.Transport{
|
||||
TLSClientConfig: &tls.Config{
|
||||
InsecureSkipVerify: insecure,
|
||||
},
|
||||
}
|
||||
|
||||
authorizer := &standardTokenAuthorizer{
|
||||
client: &http.Client{
|
||||
Transport: t,
|
||||
Transport: registry.GetHTTPTransport(insecure),
|
||||
Timeout: 30 * time.Second,
|
||||
},
|
||||
credential: credential,
|
||||
}
|
||||
|
@ -20,6 +20,7 @@ import (
|
||||
"net/http"
|
||||
"net/url"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/vmware/harbor/utils"
|
||||
registry_error "github.com/vmware/harbor/utils/registry/error"
|
||||
@ -31,6 +32,29 @@ type Registry struct {
|
||||
client *http.Client
|
||||
}
|
||||
|
||||
var secureHTTPTransport, insecureHTTPTransport *http.Transport
|
||||
|
||||
func init() {
|
||||
secureHTTPTransport = &http.Transport{
|
||||
TLSClientConfig: &tls.Config{
|
||||
InsecureSkipVerify: false,
|
||||
},
|
||||
}
|
||||
insecureHTTPTransport = &http.Transport{
|
||||
TLSClientConfig: &tls.Config{
|
||||
InsecureSkipVerify: true,
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
// GetHTTPTransport returns HttpTransport based on insecure configuration
|
||||
func GetHTTPTransport(insecure bool) *http.Transport {
|
||||
if insecure {
|
||||
return insecureHTTPTransport
|
||||
}
|
||||
return secureHTTPTransport
|
||||
}
|
||||
|
||||
// NewRegistry returns an instance of registry
|
||||
func NewRegistry(endpoint string, client *http.Client) (*Registry, error) {
|
||||
u, err := utils.ParseEndpoint(endpoint)
|
||||
@ -48,16 +72,12 @@ func NewRegistry(endpoint string, client *http.Client) (*Registry, error) {
|
||||
|
||||
// NewRegistryWithModifiers returns an instance of Registry according to the modifiers
|
||||
func NewRegistryWithModifiers(endpoint string, insecure bool, modifiers ...Modifier) (*Registry, error) {
|
||||
t := &http.Transport{
|
||||
TLSClientConfig: &tls.Config{
|
||||
InsecureSkipVerify: insecure,
|
||||
},
|
||||
}
|
||||
|
||||
transport := NewTransport(t, modifiers...)
|
||||
transport := NewTransport(GetHTTPTransport(insecure), modifiers...)
|
||||
|
||||
return NewRegistry(endpoint, &http.Client{
|
||||
Transport: transport,
|
||||
Timeout: 30 * time.Second,
|
||||
})
|
||||
}
|
||||
|
||||
|
@ -17,7 +17,6 @@ package registry
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"crypto/tls"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"io"
|
||||
@ -26,6 +25,7 @@ import (
|
||||
"net/url"
|
||||
"strconv"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/docker/distribution/manifest/schema1"
|
||||
"github.com/docker/distribution/manifest/schema2"
|
||||
@ -61,16 +61,11 @@ func NewRepository(name, endpoint string, client *http.Client) (*Repository, err
|
||||
|
||||
// NewRepositoryWithModifiers returns an instance of Repository according to the modifiers
|
||||
func NewRepositoryWithModifiers(name, endpoint string, insecure bool, modifiers ...Modifier) (*Repository, error) {
|
||||
t := &http.Transport{
|
||||
TLSClientConfig: &tls.Config{
|
||||
InsecureSkipVerify: insecure,
|
||||
},
|
||||
}
|
||||
|
||||
transport := NewTransport(t, modifiers...)
|
||||
|
||||
transport := NewTransport(GetHTTPTransport(insecure), modifiers...)
|
||||
return NewRepository(name, endpoint, &http.Client{
|
||||
Transport: transport,
|
||||
Timeout: 30 * time.Second,
|
||||
})
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user