mirror of
https://github.com/goharbor/harbor.git
synced 2024-11-26 12:15:20 +01:00
refactor: using ctx from http request for credMaker of preheat enforcer (#15568)
Signed-off-by: He Weiwei <hweiwei@vmware.com>
This commit is contained in:
parent
0839028096
commit
d9a0687461
@ -17,7 +17,6 @@ package preheat
|
|||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
"fmt"
|
"fmt"
|
||||||
proModels "github.com/goharbor/harbor/src/pkg/project/models"
|
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
tk "github.com/docker/distribution/registry/auth/token"
|
tk "github.com/docker/distribution/registry/auth/token"
|
||||||
@ -30,7 +29,6 @@ import (
|
|||||||
"github.com/goharbor/harbor/src/lib/config"
|
"github.com/goharbor/harbor/src/lib/config"
|
||||||
"github.com/goharbor/harbor/src/lib/errors"
|
"github.com/goharbor/harbor/src/lib/errors"
|
||||||
"github.com/goharbor/harbor/src/lib/log"
|
"github.com/goharbor/harbor/src/lib/log"
|
||||||
"github.com/goharbor/harbor/src/lib/orm"
|
|
||||||
"github.com/goharbor/harbor/src/lib/q"
|
"github.com/goharbor/harbor/src/lib/q"
|
||||||
"github.com/goharbor/harbor/src/lib/selector"
|
"github.com/goharbor/harbor/src/lib/selector"
|
||||||
"github.com/goharbor/harbor/src/pkg/label/model"
|
"github.com/goharbor/harbor/src/pkg/label/model"
|
||||||
@ -40,6 +38,7 @@ import (
|
|||||||
"github.com/goharbor/harbor/src/pkg/p2p/preheat/models/provider"
|
"github.com/goharbor/harbor/src/pkg/p2p/preheat/models/provider"
|
||||||
"github.com/goharbor/harbor/src/pkg/p2p/preheat/policy"
|
"github.com/goharbor/harbor/src/pkg/p2p/preheat/policy"
|
||||||
pr "github.com/goharbor/harbor/src/pkg/p2p/preheat/provider"
|
pr "github.com/goharbor/harbor/src/pkg/p2p/preheat/provider"
|
||||||
|
proModels "github.com/goharbor/harbor/src/pkg/project/models"
|
||||||
"github.com/goharbor/harbor/src/pkg/scan/vuln"
|
"github.com/goharbor/harbor/src/pkg/scan/vuln"
|
||||||
"github.com/goharbor/harbor/src/pkg/task"
|
"github.com/goharbor/harbor/src/pkg/task"
|
||||||
)
|
)
|
||||||
@ -106,7 +105,7 @@ type extURLGetter func(c *selector.Candidate) (string, error)
|
|||||||
|
|
||||||
// accessCredMaker is a func template to generate the required credential header value
|
// accessCredMaker is a func template to generate the required credential header value
|
||||||
// The purpose of defining such a func template is decoupling code
|
// The purpose of defining such a func template is decoupling code
|
||||||
type accessCredMaker func(c *selector.Candidate) (string, error)
|
type accessCredMaker func(ctx context.Context, c *selector.Candidate) (string, error)
|
||||||
|
|
||||||
// matchedPolicy is a temporary intermediary struct for passing parameters
|
// matchedPolicy is a temporary intermediary struct for passing parameters
|
||||||
type matchedPolicy struct {
|
type matchedPolicy struct {
|
||||||
@ -159,7 +158,7 @@ func NewEnforcer() Enforcer {
|
|||||||
r := fmt.Sprintf("%s/%s", c.Namespace, c.Repository)
|
r := fmt.Sprintf("%s/%s", c.Namespace, c.Repository)
|
||||||
return fmt.Sprintf(manifestAPIPattern, edp, r, c.Tags[0]), nil
|
return fmt.Sprintf(manifestAPIPattern, edp, r, c.Tags[0]), nil
|
||||||
},
|
},
|
||||||
credMaker: func(c *selector.Candidate) (s string, e error) {
|
credMaker: func(ctx context.Context, c *selector.Candidate) (s string, e error) {
|
||||||
r := fmt.Sprintf("%s/%s", c.Namespace, c.Repository)
|
r := fmt.Sprintf("%s/%s", c.Namespace, c.Repository)
|
||||||
|
|
||||||
ac := []*tk.ResourceActions{
|
ac := []*tk.ResourceActions{
|
||||||
@ -170,7 +169,7 @@ func NewEnforcer() Enforcer {
|
|||||||
Actions: []string{resourcePullAction},
|
Actions: []string{resourcePullAction},
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
t, err := token.MakeToken(orm.Context(), "distributor", token.Registry, ac)
|
t, err := token.MakeToken(ctx, "distributor", token.Registry, ac)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", err
|
return "", err
|
||||||
}
|
}
|
||||||
@ -434,7 +433,7 @@ func (de *defaultEnforcer) startTask(ctx context.Context, executionID int64, can
|
|||||||
return -1, err
|
return -1, err
|
||||||
}
|
}
|
||||||
|
|
||||||
cred, err := de.credMaker(candidate)
|
cred, err := de.credMaker(ctx, candidate)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return -1, err
|
return -1, err
|
||||||
}
|
}
|
||||||
|
@ -17,7 +17,6 @@ package preheat
|
|||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
"fmt"
|
"fmt"
|
||||||
proModels "github.com/goharbor/harbor/src/pkg/project/models"
|
|
||||||
"net/http"
|
"net/http"
|
||||||
"net/http/httptest"
|
"net/http/httptest"
|
||||||
"testing"
|
"testing"
|
||||||
@ -34,6 +33,7 @@ import (
|
|||||||
pr "github.com/goharbor/harbor/src/pkg/p2p/preheat/models/provider"
|
pr "github.com/goharbor/harbor/src/pkg/p2p/preheat/models/provider"
|
||||||
"github.com/goharbor/harbor/src/pkg/p2p/preheat/provider"
|
"github.com/goharbor/harbor/src/pkg/p2p/preheat/provider"
|
||||||
"github.com/goharbor/harbor/src/pkg/p2p/preheat/provider/auth"
|
"github.com/goharbor/harbor/src/pkg/p2p/preheat/provider/auth"
|
||||||
|
proModels "github.com/goharbor/harbor/src/pkg/project/models"
|
||||||
"github.com/goharbor/harbor/src/pkg/scan/vuln"
|
"github.com/goharbor/harbor/src/pkg/scan/vuln"
|
||||||
ta "github.com/goharbor/harbor/src/pkg/tag/model/tag"
|
ta "github.com/goharbor/harbor/src/pkg/tag/model/tag"
|
||||||
"github.com/goharbor/harbor/src/testing/controller/artifact"
|
"github.com/goharbor/harbor/src/testing/controller/artifact"
|
||||||
@ -155,7 +155,7 @@ func (suite *EnforcerTestSuite) SetupSuite() {
|
|||||||
r := fmt.Sprintf("%s/%s", c.Namespace, c.Repository)
|
r := fmt.Sprintf("%s/%s", c.Namespace, c.Repository)
|
||||||
return fmt.Sprintf(manifestAPIPattern, "https://testing.harbor.com", r, c.Tags[0]), nil
|
return fmt.Sprintf(manifestAPIPattern, "https://testing.harbor.com", r, c.Tags[0]), nil
|
||||||
},
|
},
|
||||||
credMaker: func(c *selector.Candidate) (s string, e error) {
|
credMaker: func(ctx context.Context, c *selector.Candidate) (s string, e error) {
|
||||||
return "fake-token", nil
|
return "fake-token", nil
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user