Upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor.git synced 2024-06-19 19:42:42 +02:00
Code Issues Projects Releases Wiki Activity

Change configurations in swagger.yaml make it more readable

Browse Source 
Update the genyaml to generate the configurations type
Add toCfgMap in config handler

Signed-off-by: stonezdj <stonezdj@gmail.com>
This commit is contained in:
stonezdj 2021-05-24 19:13:55 +08:00
parent 306e519dbe
commit fe830ac4d2
3 changed files with 308 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

278
api/v2.0/swagger.yaml
View File

@ -7989,8 +7989,282 @@ definitions:
description: 'The parameters of the policy, the values are dependant on the type of the policy.'
Configurations:
type: object
additionalProperties:
type: object
properties:
auth_mode:
type: string
description: The auth mode of current system, such as "db_auth", "ldap_auth", "oidc_auth"
x-omitempty: true
x-isnullable: true
email_from:
type: string
description: The sender name for Email notification.
x-omitempty: true
x-isnullable: true
email_host:
type: string
description: The hostname of SMTP server that sends Email notification.
x-omitempty: true
x-isnullable: true
email_identity:
type: string
description: By default it's empty so the email_username is picked
x-omitempty: true
x-isnullable: true
email_insecure:
type: boolean
description: Whether or not the certificate will be verified when Harbor tries to access the email server.
x-omitempty: true
x-isnullable: true
email_password:
type: string
description: Email password
x-omitempty: true
x-isnullable: true
email_port:
type: integer
description: The port of SMTP server
x-omitempty: true
x-isnullable: true
email_ssl:
type: boolean
description: When it''s set to true the system will access Email server via TLS by default. If it''s set to false, it still will handle "STARTTLS" from server side.
x-omitempty: true
x-isnullable: true
email_username:
type: string
description: The username for authenticate against SMTP server
x-omitempty: true
x-isnullable: true
ldap_base_dn:
type: string
description: The Base DN for LDAP binding.
x-omitempty: true
x-isnullable: true
ldap_filter:
type: string
description: The filter for LDAP search
x-omitempty: true
x-isnullable: true
ldap_group_base_dn:
type: string
description: The base DN to search LDAP group.
x-omitempty: true
x-isnullable: true
ldap_group_admin_dn:
type: string
description: Specify the ldap group which have the same privilege with Harbor admin
x-omitempty: true
x-isnullable: true
ldap_group_attribute_name:
type: string
description: The attribute which is used as identity of the LDAP group, default is cn.'
x-omitempty: true
x-isnullable: true
ldap_group_search_filter:
type: string
description: The filter to search the ldap group
x-omitempty: true
x-isnullable: true
ldap_group_search_scope:
type: integer
description: The scope to search ldap group. ''0-LDAP_SCOPE_BASE, 1-LDAP_SCOPE_ONELEVEL, 2-LDAP_SCOPE_SUBTREE''
x-omitempty: true
x-isnullable: true
ldap_scope:
type: integer
description: The scope to search ldap users,'0-LDAP_SCOPE_BASE, 1-LDAP_SCOPE_ONELEVEL, 2-LDAP_SCOPE_SUBTREE'
x-omitempty: true
x-isnullable: true
ldap_search_dn:
type: string
description: The DN of the user to do the search.
x-omitempty: true
x-isnullable: true
ldap_search_password:
type: string
description: The password of the ldap search dn
x-omitempty: true
x-isnullable: true
ldap_timeout:
type: integer
description: Timeout in seconds for connection to LDAP server
x-omitempty: true
x-isnullable: true
ldap_uid:
type: string
description: The attribute which is used as identity for the LDAP binding, such as "CN" or "SAMAccountname"
x-omitempty: true
x-isnullable: true
ldap_url:
type: string
description: The URL of LDAP server
x-omitempty: true
x-isnullable: true
ldap_verify_cert:
type: boolean
description: Whether verify your OIDC server certificate, disable it if your OIDC server is hosted via self-hosted certificate.
x-omitempty: true
x-isnullable: true
ldap_group_membership_attribute:
type: string
description: The user attribute to identify the group membership
x-omitempty: true
x-isnullable: true
project_creation_restriction:
type: string
description: Indicate who can create projects, it could be ''adminonly'' or ''everyone''.
x-omitempty: true
x-isnullable: true
read_only:
type: boolean
description: The flag to indicate whether Harbor is in readonly mode.
x-omitempty: true
x-isnullable: true
self_registration:
type: boolean
description: Whether the Harbor instance supports self-registration. If it''s set to false, admin need to add user to the instance.
x-omitempty: true
x-isnullable: true
token_expiration:
type: integer
description: The expiration time of the token for internal Registry, in minutes.
x-omitempty: true
x-isnullable: true
uaa_client_id:
type: string
description: The client id of UAA
x-omitempty: true
x-isnullable: true
uaa_client_secret:
type: string
description: The client secret of the UAA
x-omitempty: true
x-isnullable: true
uaa_endpoint:
type: string
description: The endpoint of the UAA
x-omitempty: true
x-isnullable: true
uaa_verify_cert:
type: boolean
description: Verify the certificate in UAA server
x-omitempty: true
x-isnullable: true
http_authproxy_endpoint:
type: string
description: The endpoint of the HTTP auth
x-omitempty: true
x-isnullable: true
http_authproxy_tokenreview_endpoint:
type: string
description: The token review endpoint
x-omitempty: true
x-isnullable: true
http_authproxy_admin_groups:
type: string
description: The group which has the harbor admin privileges
x-omitempty: true
x-isnullable: true
http_authproxy_admin_usernames:
type: string
description: The username which has the harbor admin privileges
x-omitempty: true
x-isnullable: true
http_authproxy_verify_cert:
type: boolean
description: Verify the HTTP auth provider's certificate
x-omitempty: true
x-isnullable: true
http_authproxy_skip_search:
type: boolean
description: Search user before onboard
x-omitempty: true
x-isnullable: true
http_authproxy_server_certificate:
type: string
description: The certificate of the HTTP auth provider
x-omitempty: true
x-isnullable: true
oidc_name:
type: string
description: The OIDC provider name
x-omitempty: true
x-isnullable: true
oidc_endpoint:
type: string
description: The endpoint of the OIDC provider
x-omitempty: true
x-isnullable: true
oidc_client_id:
type: string
description: The client ID of the OIDC provider
x-omitempty: true
x-isnullable: true
oidc_client_secret:
type: string
description: The OIDC provider secret
x-omitempty: true
x-isnullable: true
oidc_groups_claim:
type: string
description: The attribute claims the group name
x-omitempty: true
x-isnullable: true
oidc_admin_group:
type: string
description: The OIDC group which has the harbor admin privileges
x-omitempty: true
x-isnullable: true
oidc_scope:
type: string
description: The scope of the OIDC provider
x-omitempty: true
x-isnullable: true
oidc_user_claim:
type: string
description: The attribute claims the username
x-omitempty: true
x-isnullable: true
oidc_verify_cert:
type: boolean
description: Verify the OIDC provider's certificate'
x-omitempty: true
x-isnullable: true
oidc_auto_onboard:
type: boolean
description: Auto onboard the OIDC user
x-omitempty: true
x-isnullable: true
oidc_extra_redirect_parms:
type: string
description: Extra parameters to add when redirect request to OIDC provider
x-omitempty: true
x-isnullable: true
robot_token_duration:
type: integer
description: The robot account token duration in days
x-omitempty: true
x-isnullable: true
robot_name_prefix:
type: string
description: The rebot account name prefix
x-omitempty: true
x-isnullable: true
notification_enable:
type: boolean
description: Enable notification
x-omitempty: true
x-isnullable: true
quota_per_project_enable:
type: boolean
description: Enable quota per project
x-omitempty: true
x-isnullable: true
storage_per_project:
type: integer
description: The storage quota per project
x-omitempty: true
x-isnullable: true
StringConfigItem:
type: object
properties:

26
src/lib/config/metadata/yaml/genyaml.go
View File

@ -20,20 +20,22 @@ import (
"text/template"
)
const cfgTemplate = ` Configuration:
type: object
properties: {{ range .Items }}
{{ .Name }}:
type: {{ .Type }}
description: {{ .Description }} {{ end }}
const cfgTemplate = ` Configurations:
type: object
properties: {{ range .Items }}
{{ .Name }}:
type: {{ .Type }}
description: {{ .Description }}
x-omitempty: true
x-isnullable: true{{ end }}
`
const responseTemplate = ` ConfigurationResponse:
type: object
properties: {{ range .Items }}
{{ .Name }}:
$ref: '#/definitions/{{ .Type }}'
description: {{ .Description }} {{ end }}
const responseTemplate = ` ConfigurationResponse:
type: object
properties: {{ range .Items }}
{{ .Name }}:
$ref: '#/definitions/{{ .Type }}'
description: {{ .Description }} {{ end }}
`
type document struct {

19
src/server/v2.0/handler/config.go
View File

@ -78,13 +78,30 @@ func (c *configAPI) UpdateConfigurations(ctx context.Context, params configure.U
return c.SendError(ctx, errors.BadRequestError(nil).WithMessage("Missing configure item"))
}
conf := params.Configurations
err := c.controller.UpdateUserConfigs(ctx, conf)
cfgMap, err := toCfgMap(conf)
if err != nil {
return c.SendError(ctx, err)
}
err = c.controller.UpdateUserConfigs(ctx, cfgMap)
if err != nil {
return c.SendError(ctx, err)
}
return configure.NewUpdateConfigurationsOK()
}
func toCfgMap(conf *models.Configurations) (map[string]interface{}, error) {
var cfgMap map[string]interface{}
buf, err := json.Marshal(conf)
if err != nil {
return cfgMap, err
}
err = json.Unmarshal(buf, &cfgMap)
if err != nil {
return cfgMap, err
}
return cfgMap, nil
}
func (c *configAPI) GetInternalconfig(ctx context.Context, params configure.GetInternalconfigParams) middleware.Responder {
if err := c.RequireSolutionUserAccess(ctx); err != nil {
return c.SendError(ctx, err)