mirror of
https://github.com/goharbor/harbor.git
synced 2024-11-23 02:35:17 +01:00
Merge pull request #5 from reasonerjt/master
sync code from personal repo
This commit is contained in:
commit
fa0b73e820
28
.travis.yml
Normal file
28
.travis.yml
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
language: go
|
||||||
|
|
||||||
|
go:
|
||||||
|
- 1.5.3
|
||||||
|
|
||||||
|
go_import_path: github.com/vmware/harbor
|
||||||
|
|
||||||
|
service:
|
||||||
|
- mysql
|
||||||
|
|
||||||
|
env: GO15VENDOREXPERIMENT=1 DB_HOST=127.0.0.1 DB_PORT=3306 DB_USR=root DB_PWD=
|
||||||
|
|
||||||
|
install:
|
||||||
|
- sudo apt-get update && sudo apt-get install -y libldap2-dev
|
||||||
|
- go get -d github.com/docker/distribution
|
||||||
|
- go get -d github.com/docker/libtrust
|
||||||
|
- go get -d github.com/go-sql-driver/mysql
|
||||||
|
- go get github.com/golang/lint/golint
|
||||||
|
- go get github.com/GeertJohan/fgt
|
||||||
|
|
||||||
|
before_script:
|
||||||
|
# create tables and load data
|
||||||
|
- mysql < ./Deploy/db/registry.sql -uroot --verbose
|
||||||
|
|
||||||
|
script:
|
||||||
|
- go list ./... | grep -v /vendor/ | xargs -L1 fgt golint
|
||||||
|
- go list ./... | grep -v 'vendor' | xargs -L1 go vet
|
||||||
|
- go list ./... | grep -v 'vendor' | xargs -L1 go test -v
|
@ -5,7 +5,7 @@ log:
|
|||||||
ports:
|
ports:
|
||||||
- 1514:514
|
- 1514:514
|
||||||
registry:
|
registry:
|
||||||
image: library/registry:2.1.1
|
image: library/registry:2.3.0
|
||||||
volumes:
|
volumes:
|
||||||
- /data/registry:/storage
|
- /data/registry:/storage
|
||||||
- ./config/registry/:/etc/registry/
|
- ./config/registry/:/etc/registry/
|
||||||
|
11
Notice.txt
11
Notice.txt
@ -1,11 +0,0 @@
|
|||||||
Harbor 0.1.0 Beta
|
|
||||||
|
|
||||||
Copyright (c) 2016 VMware, Inc. All Rights Reserved.
|
|
||||||
|
|
||||||
This product is licensed to you under the Apache License, Version 2.0 (the "License").
|
|
||||||
You may not use this product except in compliance with the License.
|
|
||||||
|
|
||||||
This product may include a number of subcomponents with
|
|
||||||
separate copyright notices and license terms. Your use of the source
|
|
||||||
code for the these subcomponents is subject to the terms and
|
|
||||||
conditions of the subcomponent's license, as noted in the LICENSE file.
|
|
12
README.md
12
README.md
@ -1,12 +1,14 @@
|
|||||||
# Harbor
|
# Harbor
|
||||||
|
|
||||||
Harbor is a project to provide enterprise capabilities for Docker Registry V2. It wraps the registry server to provide authorization and user interface.
|
Project Harbor is an enterprise-class registry server. It extends the open source Docker Registry server by adding more functionalities usually required by an enterprise. Harbor is designed to be deployed in a private environment of an organization. A private registry is important for organizations who care much about security. In addition, a private registry improves productivity by eliminating the need to download images from public network. This is very helpful to container users who do not have a good network to the Internet. In particular, Harbor accelerates the progress of Chinese developers, because they no longer need to pull images from the Internet.
|
||||||
|
|
||||||
### Features
|
### Features
|
||||||
* **Role Based Access Control**: Users and docker repositories are organized via "projects", a user can have differernt permission for images under a namespace.
|
* **Role Based Access Control**: Users and docker repositories are organized via "projects", a user can have differernt permission for images under a namespace.
|
||||||
* **Convenient user interface**: User can easily browse, search docker repositories, manage projects/namepaces.
|
* **Graphical user portal**: User can easily browse, search docker repositories, manage projects/namepaces.
|
||||||
* **LDAP support**: harbor can easily integrate to the existing ldap of entreprise.
|
* **AD/LDAP support**: Harbor integrates with existing AD/LDAP of enterprise for user authentication and management.
|
||||||
* **Audting**: All the access to the repositories hosted on Harbor are immediately recorded and can be used for auditing purpose.
|
* **Audting**: All the operations to the repositories are tracked and can be used for auditing purpose.
|
||||||
|
* **Internationalization**: Localized for English and Chinese languages. More languages can be added.
|
||||||
|
* **RESTful API**: RESTful APIs are provided for most administrative operations of Harbor. The integration with other management software becomes easy.
|
||||||
|
|
||||||
### Try it
|
### Try it
|
||||||
Harbor is self contained and can be easily deployed via docker-compose.
|
Harbor is self contained and can be easily deployed via docker-compose.
|
||||||
@ -22,5 +24,5 @@ $ docker-compose up
|
|||||||
```
|
```
|
||||||
|
|
||||||
### License
|
### License
|
||||||
Harbor is available under the [Apache 2 license](License.txt).
|
Harbor is available under the [Apache 2 license](LICENSE).
|
||||||
|
|
||||||
|
@ -57,7 +57,6 @@ func (l *Auth) Authenticate(m models.AuthModel) (*models.User, error) {
|
|||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
defer ldap.Close()
|
|
||||||
|
|
||||||
ldap.SetOption(openldap.LDAP_OPT_PROTOCOL_VERSION, openldap.LDAP_VERSION3)
|
ldap.SetOption(openldap.LDAP_OPT_PROTOCOL_VERSION, openldap.LDAP_VERSION3)
|
||||||
|
|
||||||
@ -73,6 +72,7 @@ func (l *Auth) Authenticate(m models.AuthModel) (*models.User, error) {
|
|||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
defer ldap.Close()
|
||||||
|
|
||||||
scope := openldap.LDAP_SCOPE_SUBTREE // LDAP_SCOPE_BASE, LDAP_SCOPE_ONELEVEL, LDAP_SCOPE_SUBTREE
|
scope := openldap.LDAP_SCOPE_SUBTREE // LDAP_SCOPE_BASE, LDAP_SCOPE_ONELEVEL, LDAP_SCOPE_SUBTREE
|
||||||
filter := "objectClass=*"
|
filter := "objectClass=*"
|
||||||
|
@ -17,6 +17,7 @@ package service
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
|
"regexp"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/vmware/harbor/dao"
|
"github.com/vmware/harbor/dao"
|
||||||
@ -31,7 +32,7 @@ type NotificationHandler struct {
|
|||||||
beego.Controller
|
beego.Controller
|
||||||
}
|
}
|
||||||
|
|
||||||
const mediaTypeManifest = "application/vnd.docker.distribution.manifest.v1+json"
|
const manifestPattern = `^application/vnd.docker.distribution.manifest.v\d\+json`
|
||||||
|
|
||||||
// Post handles POST request, and records audit log or refreshes cache based on event.
|
// Post handles POST request, and records audit log or refreshes cache based on event.
|
||||||
func (n *NotificationHandler) Post() {
|
func (n *NotificationHandler) Post() {
|
||||||
@ -45,8 +46,14 @@ func (n *NotificationHandler) Post() {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
var username, action, repo, project string
|
var username, action, repo, project string
|
||||||
|
var matched bool
|
||||||
for _, e := range notification.Events {
|
for _, e := range notification.Events {
|
||||||
if e.Target.MediaType == mediaTypeManifest && strings.HasPrefix(e.Request.UserAgent, "docker") {
|
matched, err = regexp.MatchString(manifestPattern, e.Target.MediaType)
|
||||||
|
if err != nil {
|
||||||
|
beego.Error("Failed to match the media type against pattern, error: ", err)
|
||||||
|
matched = false
|
||||||
|
}
|
||||||
|
if matched && strings.HasPrefix(e.Request.UserAgent, "docker") {
|
||||||
username = e.Actor.Name
|
username = e.Actor.Name
|
||||||
action = e.Action
|
action = e.Action
|
||||||
repo = e.Target.Repository
|
repo = e.Target.Repository
|
||||||
|
@ -16,6 +16,6 @@
|
|||||||
<html>
|
<html>
|
||||||
<body>
|
<body>
|
||||||
<p>{{.Hint}}:</p>
|
<p>{{.Hint}}:</p>
|
||||||
<a href="{{.Url}}/resetPassword?reset_uuid={{.Uuid}}">{{.Url}}/resetPassword?reset_uuid={{.Uuid}}</a>
|
<a href="{{.URL}}/resetPassword?reset_uuid={{.UUID}}">{{.URL}}/resetPassword?reset_uuid={{.UUID}}</a>
|
||||||
</body>
|
</body>
|
||||||
</html>
|
</html>
|
Loading…
Reference in New Issue
Block a user