From fe830ac4d2afc55eb2667518a1e64efa190aff15 Mon Sep 17 00:00:00 2001 From: stonezdj Date: Mon, 24 May 2021 19:13:55 +0800 Subject: [PATCH] Change configurations in swagger.yaml make it more readable Update the genyaml to generate the configurations type Add toCfgMap in config handler Signed-off-by: stonezdj --- api/v2.0/swagger.yaml | 278 +++++++++++++++++++++++- src/lib/config/metadata/yaml/genyaml.go | 26 ++- src/server/v2.0/handler/config.go | 19 +- 3 files changed, 308 insertions(+), 15 deletions(-) diff --git a/api/v2.0/swagger.yaml b/api/v2.0/swagger.yaml index 9d9b9dff5..d9dcd3fb5 100644 --- a/api/v2.0/swagger.yaml +++ b/api/v2.0/swagger.yaml @@ -7989,8 +7989,282 @@ definitions: description: 'The parameters of the policy, the values are dependant on the type of the policy.' Configurations: type: object - additionalProperties: - type: object + properties: + auth_mode: + type: string + description: The auth mode of current system, such as "db_auth", "ldap_auth", "oidc_auth" + x-omitempty: true + x-isnullable: true + email_from: + type: string + description: The sender name for Email notification. + x-omitempty: true + x-isnullable: true + email_host: + type: string + description: The hostname of SMTP server that sends Email notification. + x-omitempty: true + x-isnullable: true + email_identity: + type: string + description: By default it's empty so the email_username is picked + x-omitempty: true + x-isnullable: true + email_insecure: + type: boolean + description: Whether or not the certificate will be verified when Harbor tries to access the email server. + x-omitempty: true + x-isnullable: true + email_password: + type: string + description: Email password + x-omitempty: true + x-isnullable: true + email_port: + type: integer + description: The port of SMTP server + x-omitempty: true + x-isnullable: true + email_ssl: + type: boolean + description: When it''s set to true the system will access Email server via TLS by default. If it''s set to false, it still will handle "STARTTLS" from server side. + x-omitempty: true + x-isnullable: true + email_username: + type: string + description: The username for authenticate against SMTP server + x-omitempty: true + x-isnullable: true + ldap_base_dn: + type: string + description: The Base DN for LDAP binding. + x-omitempty: true + x-isnullable: true + ldap_filter: + type: string + description: The filter for LDAP search + x-omitempty: true + x-isnullable: true + ldap_group_base_dn: + type: string + description: The base DN to search LDAP group. + x-omitempty: true + x-isnullable: true + ldap_group_admin_dn: + type: string + description: Specify the ldap group which have the same privilege with Harbor admin + x-omitempty: true + x-isnullable: true + ldap_group_attribute_name: + type: string + description: The attribute which is used as identity of the LDAP group, default is cn.' + x-omitempty: true + x-isnullable: true + ldap_group_search_filter: + type: string + description: The filter to search the ldap group + x-omitempty: true + x-isnullable: true + ldap_group_search_scope: + type: integer + description: The scope to search ldap group. ''0-LDAP_SCOPE_BASE, 1-LDAP_SCOPE_ONELEVEL, 2-LDAP_SCOPE_SUBTREE'' + x-omitempty: true + x-isnullable: true + ldap_scope: + type: integer + description: The scope to search ldap users,'0-LDAP_SCOPE_BASE, 1-LDAP_SCOPE_ONELEVEL, 2-LDAP_SCOPE_SUBTREE' + x-omitempty: true + x-isnullable: true + ldap_search_dn: + type: string + description: The DN of the user to do the search. + x-omitempty: true + x-isnullable: true + ldap_search_password: + type: string + description: The password of the ldap search dn + x-omitempty: true + x-isnullable: true + ldap_timeout: + type: integer + description: Timeout in seconds for connection to LDAP server + x-omitempty: true + x-isnullable: true + ldap_uid: + type: string + description: The attribute which is used as identity for the LDAP binding, such as "CN" or "SAMAccountname" + x-omitempty: true + x-isnullable: true + ldap_url: + type: string + description: The URL of LDAP server + x-omitempty: true + x-isnullable: true + ldap_verify_cert: + type: boolean + description: Whether verify your OIDC server certificate, disable it if your OIDC server is hosted via self-hosted certificate. + x-omitempty: true + x-isnullable: true + ldap_group_membership_attribute: + type: string + description: The user attribute to identify the group membership + x-omitempty: true + x-isnullable: true + project_creation_restriction: + type: string + description: Indicate who can create projects, it could be ''adminonly'' or ''everyone''. + x-omitempty: true + x-isnullable: true + read_only: + type: boolean + description: The flag to indicate whether Harbor is in readonly mode. + x-omitempty: true + x-isnullable: true + self_registration: + type: boolean + description: Whether the Harbor instance supports self-registration. If it''s set to false, admin need to add user to the instance. + x-omitempty: true + x-isnullable: true + token_expiration: + type: integer + description: The expiration time of the token for internal Registry, in minutes. + x-omitempty: true + x-isnullable: true + uaa_client_id: + type: string + description: The client id of UAA + x-omitempty: true + x-isnullable: true + uaa_client_secret: + type: string + description: The client secret of the UAA + x-omitempty: true + x-isnullable: true + uaa_endpoint: + type: string + description: The endpoint of the UAA + x-omitempty: true + x-isnullable: true + uaa_verify_cert: + type: boolean + description: Verify the certificate in UAA server + x-omitempty: true + x-isnullable: true + http_authproxy_endpoint: + type: string + description: The endpoint of the HTTP auth + x-omitempty: true + x-isnullable: true + http_authproxy_tokenreview_endpoint: + type: string + description: The token review endpoint + x-omitempty: true + x-isnullable: true + http_authproxy_admin_groups: + type: string + description: The group which has the harbor admin privileges + x-omitempty: true + x-isnullable: true + http_authproxy_admin_usernames: + type: string + description: The username which has the harbor admin privileges + x-omitempty: true + x-isnullable: true + http_authproxy_verify_cert: + type: boolean + description: Verify the HTTP auth provider's certificate + x-omitempty: true + x-isnullable: true + http_authproxy_skip_search: + type: boolean + description: Search user before onboard + x-omitempty: true + x-isnullable: true + http_authproxy_server_certificate: + type: string + description: The certificate of the HTTP auth provider + x-omitempty: true + x-isnullable: true + oidc_name: + type: string + description: The OIDC provider name + x-omitempty: true + x-isnullable: true + oidc_endpoint: + type: string + description: The endpoint of the OIDC provider + x-omitempty: true + x-isnullable: true + oidc_client_id: + type: string + description: The client ID of the OIDC provider + x-omitempty: true + x-isnullable: true + oidc_client_secret: + type: string + description: The OIDC provider secret + x-omitempty: true + x-isnullable: true + oidc_groups_claim: + type: string + description: The attribute claims the group name + x-omitempty: true + x-isnullable: true + oidc_admin_group: + type: string + description: The OIDC group which has the harbor admin privileges + x-omitempty: true + x-isnullable: true + oidc_scope: + type: string + description: The scope of the OIDC provider + x-omitempty: true + x-isnullable: true + oidc_user_claim: + type: string + description: The attribute claims the username + x-omitempty: true + x-isnullable: true + oidc_verify_cert: + type: boolean + description: Verify the OIDC provider's certificate' + x-omitempty: true + x-isnullable: true + oidc_auto_onboard: + type: boolean + description: Auto onboard the OIDC user + x-omitempty: true + x-isnullable: true + oidc_extra_redirect_parms: + type: string + description: Extra parameters to add when redirect request to OIDC provider + x-omitempty: true + x-isnullable: true + robot_token_duration: + type: integer + description: The robot account token duration in days + x-omitempty: true + x-isnullable: true + robot_name_prefix: + type: string + description: The rebot account name prefix + x-omitempty: true + x-isnullable: true + notification_enable: + type: boolean + description: Enable notification + x-omitempty: true + x-isnullable: true + quota_per_project_enable: + type: boolean + description: Enable quota per project + x-omitempty: true + x-isnullable: true + storage_per_project: + type: integer + description: The storage quota per project + x-omitempty: true + x-isnullable: true StringConfigItem: type: object properties: diff --git a/src/lib/config/metadata/yaml/genyaml.go b/src/lib/config/metadata/yaml/genyaml.go index eb603b576..ed7a1400c 100644 --- a/src/lib/config/metadata/yaml/genyaml.go +++ b/src/lib/config/metadata/yaml/genyaml.go @@ -20,20 +20,22 @@ import ( "text/template" ) -const cfgTemplate = ` Configuration: - type: object - properties: {{ range .Items }} - {{ .Name }}: - type: {{ .Type }} - description: {{ .Description }} {{ end }} +const cfgTemplate = ` Configurations: + type: object + properties: {{ range .Items }} + {{ .Name }}: + type: {{ .Type }} + description: {{ .Description }} + x-omitempty: true + x-isnullable: true{{ end }} ` -const responseTemplate = ` ConfigurationResponse: - type: object - properties: {{ range .Items }} - {{ .Name }}: - $ref: '#/definitions/{{ .Type }}' - description: {{ .Description }} {{ end }} +const responseTemplate = ` ConfigurationResponse: + type: object + properties: {{ range .Items }} + {{ .Name }}: + $ref: '#/definitions/{{ .Type }}' + description: {{ .Description }} {{ end }} ` type document struct { diff --git a/src/server/v2.0/handler/config.go b/src/server/v2.0/handler/config.go index fbe0b9cdf..cda25fc3b 100644 --- a/src/server/v2.0/handler/config.go +++ b/src/server/v2.0/handler/config.go @@ -78,13 +78,30 @@ func (c *configAPI) UpdateConfigurations(ctx context.Context, params configure.U return c.SendError(ctx, errors.BadRequestError(nil).WithMessage("Missing configure item")) } conf := params.Configurations - err := c.controller.UpdateUserConfigs(ctx, conf) + cfgMap, err := toCfgMap(conf) + if err != nil { + return c.SendError(ctx, err) + } + err = c.controller.UpdateUserConfigs(ctx, cfgMap) if err != nil { return c.SendError(ctx, err) } return configure.NewUpdateConfigurationsOK() } +func toCfgMap(conf *models.Configurations) (map[string]interface{}, error) { + var cfgMap map[string]interface{} + buf, err := json.Marshal(conf) + if err != nil { + return cfgMap, err + } + err = json.Unmarshal(buf, &cfgMap) + if err != nil { + return cfgMap, err + } + return cfgMap, nil +} + func (c *configAPI) GetInternalconfig(ctx context.Context, params configure.GetInternalconfigParams) middleware.Responder { if err := c.RequireSolutionUserAccess(ctx); err != nil { return c.SendError(ctx, err)