upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor synced 2024-09-20 21:34:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'upstream/master' into 171219_merge

Browse Source
This commit is contained in:
Wenkai Yin 2017-12-15 08:48:57 +08:00
commit a54b7dd4c0
118 changed files with 3012 additions and 1380 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
.travis.yml
View File

@ -70,7 +70,7 @@ install:
before_script:
# create tables and load data
# - mysql < ./make/db/registry.sql -uroot --verbose
- sudo sqlite3 /tmp/registry.db < make/common/db/registry_sqlite.sql
- sudo sqlite3 /tmp/registry.db < make/photon/db/registry_sqlite.sql
- sudo chmod 777 /tmp/registry.db
script:
@ -82,6 +82,12 @@ script:
- sudo make run_clarity_ut CLARITYIMAGE=vmware/harbor-clarity-ui-builder:1.2.7
- cat ./src/ui_ng/lib/npm-ut-test-results
- sudo ./tests/testprepare.sh
- sudo make -f make/photon/Makefile -e MARIADBVERSION=10.2.10 -e VERSIONTAG=dev
- sudo make -f make/photon/Makefile _build_registry -e REGISTRYVERSION=v2.6.2 -e VERSIONTAG=dev
- sudo sed -i 's/__reg_version__/v2.6.2-dev/g' ./make/docker-compose.test.yml
- sudo sed -i 's/__version__/dev/g' ./make/docker-compose.test.yml
- sudo mkdir -p ./make/common/config/registry/
- sudo mv ./tests/reg_config.yml ./make/common/config/registry/config.yml
- sudo docker-compose -f ./make/docker-compose.test.yml up -d
- go list ./... | grep -v -E 'vendor|tests' | xargs -L1 fgt golint
- go list ./... | grep -v -E 'vendor|tests' | xargs -L1 go vet

166
Makefile
View File

@ -12,12 +12,8 @@
# golang:1.7.3
# compile_adminserver, compile_ui, compile_jobservice: compile specific binary
#
# build: build Harbor docker images (default: build_photon)
# for example: make build -e BASEIMAGE=photon
# build_photon: build Harbor docker images from photon baseimage
# build: build Harbor docker images from photon baseimage
#
# build_postgresql: build postgresql images basaed on photon os
# make build -e BASEIMAGE=postgresql
# install: include compile binarys, build images, prepare specific \
# version composefile and startup Harbor instance
#
@ -75,26 +71,40 @@ UIPATH=$(BUILDPATH)/src/ui
UINGPATH=$(BUILDPATH)/src/ui_ng
GOBASEPATH=/go/src/github.com/vmware
CHECKENVCMD=checkenv.sh
BASEIMAGE=photon
COMPILETAG=compile_normal
# parameters
REGISTRYSERVER=
REGISTRYPROJECTNAME=vmware
DEVFLAG=true
NOTARYFLAG=false
REGISTRYVERSION=2.6.2-photon
NGINXVERSION=1.11.13
PHOTONVERSION=1.0
NOTARYVERSION=server-0.5.1
NOTARYSIGNERVERSION=signer-0.5.1
MARIADBVERSION=10.2.10
CLAIRFLAG=false
HTTPPROXY=
REBUILDCLARITYFLAG=false
NEWCLARITYVERSION=
BUILDBIN=false
MIGRATORFLAG=false
#clair parameters
CLAIRVERSION=v2.0.1-photon
CLAIRFLAG=false
CLAIRDBVERSION=9.6.5-photon
# version prepare
VERSIONFILEPATH=$(CURDIR)
VERSIONFILENAME=VERSION
GITCMD=$(shell which git)
GITTAG=$(GITCMD) describe --tags
GITTAGVERSION=$(shell git describe --tags || echo UNKNOWN)
ifeq ($(DEVFLAG), true)
VERSIONTAG=dev
else
VERSIONTAG=$(GITTAGVERSION)
endif
#versions
REGISTRYVERSION=v2.6.2
NGINXVERSION=$(VERSIONTAG)
PHOTONVERSION=1.0
NOTARYVERSION=v0.5.1
MARIADBVERSION=$(VERSIONTAG)
CLAIRVERSION=v2.0.1
CLAIRDBVERSION=$(VERSIONTAG)
MIGRATORVERSION=1.3
#clarity parameters
CLARITYIMAGE=vmware/harbor-clarity-ui-builder[:tag]
@ -134,13 +144,10 @@ GOBUILDMAKEPATH_JOBSERVICE=$(GOBUILDMAKEPATH)/dev/jobservice
GOLANGDOCKERFILENAME=Dockerfile.golang
# binary
ADMINSERVERSOURCECODE=$(SRCPATH)/adminserver
ADMINSERVERBINARYPATH=$(MAKEDEVPATH)/adminserver
ADMINSERVERBINARYNAME=harbor_adminserver
UISOURCECODE=$(SRCPATH)/ui
UIBINARYPATH=$(MAKEDEVPATH)/ui
UIBINARYNAME=harbor_ui
JOBSERVICESOURCECODE=$(SRCPATH)/jobservice
JOBSERVICEBINARYPATH=$(MAKEDEVPATH)/jobservice
JOBSERVICEBINARYNAME=harbor_jobservice
@ -164,14 +171,8 @@ MAKEFILEPATH_PHOTON=$(MAKEPATH)/photon
# common dockerfile
DOCKERFILEPATH_COMMON=$(MAKEPATH)/common
DOCKERFILEPATH_DB=$(DOCKERFILEPATH_COMMON)/db
DOCKERFILENAME_DB=Dockerfile
DOCKERFILE_CLARITY=$(MAKEPATH)/dev/nodeclarity/Dockerfile
DOCKERFILEPATH_POSTGRESQL=$(DOCKERFILEPATH_COMMON)/postgresql
DOCKERFILENAME_POSTGRESQL=Dockerfile
# docker image name
DOCKERIMAGENAME_ADMINSERVER=vmware/harbor-adminserver
DOCKERIMAGENAME_UI=vmware/harbor-ui
@ -179,26 +180,16 @@ DOCKERIMAGENAME_JOBSERVICE=vmware/harbor-jobservice
DOCKERIMAGENAME_LOG=vmware/harbor-log
DOCKERIMAGENAME_DB=vmware/harbor-db
DOCKERIMAGENAME_CLARITY=vmware/harbor-clarity-ui-builder
DOCKERIMAGENAME_POSTGRESQL=vmware/postgresql
# docker-compose files
DOCKERCOMPOSEFILEPATH=$(MAKEPATH)
DOCKERCOMPOSETPLFILENAME=docker-compose.tpl
DOCKERCOMPOSEFILENAME=docker-compose.yml
DOCKERCOMPOSENOTARYTPLFILENAME=docker-compose.notary.tpl
DOCKERCOMPOSENOTARYFILENAME=docker-compose.notary.yml
DOCKERCOMPOSECLAIRTPLFILENAME=docker-compose.clair.tpl
DOCKERCOMPOSECLAIRFILENAME=docker-compose.clair.yml
# version prepare
VERSIONFILEPATH=$(CURDIR)
VERSIONFILENAME=VERSION
GITCMD=$(shell which git)
GITTAG=$(GITCMD) describe --tags
GITTAGVERSION=$(shell git describe --tags || echo UNKNOWN)
ifeq ($(DEVFLAG), true)
VERSIONTAG=dev
else
VERSIONTAG=$(GITTAGVERSION)
endif
SEDCMD=$(shell which sed)
# package
@ -213,42 +204,36 @@ PUSHSCRIPTNAME=pushimage.sh
REGISTRYUSER=user
REGISTRYPASSWORD=default
# migrator
MIGRATORVERSION=1.3
MIGRATORFLAG=false
# cmds
DOCKERSAVE_PARA=$(DOCKERIMAGENAME_ADMINSERVER):$(VERSIONTAG) \
$(DOCKERIMAGENAME_UI):$(VERSIONTAG) \
$(DOCKERIMAGENAME_LOG):$(VERSIONTAG) \
$(DOCKERIMAGENAME_DB):$(VERSIONTAG) \
$(DOCKERIMAGENAME_JOBSERVICE):$(VERSIONTAG) \
vmware/nginx-photon:$(NGINXVERSION) vmware/registry:$(REGISTRYVERSION) \
vmware/nginx-photon:$(NGINXVERSION)-$(VERSIONTAG) vmware/registry-photon:$(REGISTRYVERSION)-$(VERSIONTAG) \
vmware/photon:$(PHOTONVERSION)
PACKAGE_OFFLINE_PARA=-zcvf harbor-offline-installer-$(GITTAGVERSION).tgz \
$(HARBORPKG)/common/templates $(HARBORPKG)/$(DOCKERIMGFILE).$(VERSIONTAG).tar.gz \
$(HARBORPKG)/prepare $(HARBORPKG)/NOTICE \
$(HARBORPKG)/upgrade $(HARBORPKG)/harbor_1_1_0_template \
$(HARBORPKG)/LICENSE $(HARBORPKG)/install.sh \
$(HARBORPKG)/harbor.cfg $(HARBORPKG)/$(DOCKERCOMPOSEFILENAME) \
$(HARBORPKG)/ha
PACKAGE_ONLINE_PARA=-zcvf harbor-online-installer-$(GITTAGVERSION).tgz \
$(HARBORPKG)/common/templates $(HARBORPKG)/prepare \
$(HARBORPKG)/LICENSE $(HARBORPKG)/NOTICE \
$(HARBORPKG)/upgrade $(HARBORPKG)/harbor_1_1_0_template \
$(HARBORPKG)/install.sh $(HARBORPKG)/$(DOCKERCOMPOSEFILENAME) \
$(HARBORPKG)/harbor.cfg $(HARBORPKG)/ha
DOCKERCOMPOSE_LIST=-f $(DOCKERCOMPOSEFILEPATH)/$(DOCKERCOMPOSEFILENAME)
ifeq ($(NOTARYFLAG), true)
DOCKERSAVE_PARA+= vmware/notary-photon:$(NOTARYVERSION) vmware/notary-photon:$(NOTARYSIGNERVERSION) \
vmware/mariadb-photon:$(MARIADBVERSION)
DOCKERSAVE_PARA+= vmware/notary-server-photon:$(NOTARYVERSION)-$(VERSIONTAG) vmware/notary-signer-photon:$(NOTARYVERSION)-$(VERSIONTAG) \
vmware/mariadb-photon:$(MARIADBVERSION)-$(VERSIONTAG)
PACKAGE_OFFLINE_PARA+= $(HARBORPKG)/$(DOCKERCOMPOSENOTARYFILENAME)
PACKAGE_ONLINE_PARA+= $(HARBORPKG)/$(DOCKERCOMPOSENOTARYFILENAME)
DOCKERCOMPOSE_LIST+= -f $(DOCKERCOMPOSEFILEPATH)/$(DOCKERCOMPOSENOTARYFILENAME)
endif
ifeq ($(CLAIRFLAG), true)
DOCKERSAVE_PARA+= vmware/clair:$(CLAIRVERSION) vmware/postgresql:$(CLAIRDBVERSION)
DOCKERSAVE_PARA+= vmware/clair-photon:$(CLAIRVERSION)-$(VERSIONTAG) vmware/postgresql-photon:$(CLAIRDBVERSION)-$(VERSIONTAG)
PACKAGE_OFFLINE_PARA+= $(HARBORPKG)/$(DOCKERCOMPOSECLAIRFILENAME)
PACKAGE_ONLINE_PARA+= $(HARBORPKG)/$(DOCKERCOMPOSECLAIRFILENAME)
DOCKERCOMPOSE_LIST+= -f $(DOCKERCOMPOSEFILEPATH)/$(DOCKERCOMPOSECLAIRFILENAME)
@ -263,21 +248,6 @@ version:
check_environment:
@$(MAKEPATH)/$(CHECKENVCMD)
compile_adminserver:
@echo "compiling binary for adminserver..."
@$(GOBUILD) -o $(ADMINSERVERBINARYPATH)/$(ADMINSERVERBINARYNAME) $(ADMINSERVERSOURCECODE)
@echo "Done."
compile_ui:
@echo "compiling binary for ui..."
@$(GOBUILD) -o $(UIBINARYPATH)/$(UIBINARYNAME) $(UISOURCECODE)
@echo "Done."
compile_jobservice:
@echo "compiling binary for jobservice..."
@$(GOBUILD) -o $(JOBSERVICEBINARYPATH)/$(JOBSERVICEBINARYNAME) $(JOBSERVICESOURCECODE)
@echo "Done."
compile_clarity:
@echo "compiling binary for clarity ui..."
@if [ "$(HTTPPROXY)" != "" ] ; then \
@ -287,8 +257,6 @@ compile_clarity:
fi
@echo "Done."
compile_normal: compile_clarity compile_adminserver compile_ui compile_jobservice
compile_golangimage: compile_clarity
@echo "compiling binary for adminserver (golang image)..."
@echo $(GOBASEPATH)
@ -306,31 +274,38 @@ compile_golangimage: compile_clarity
@$(DOCKERCMD) run --rm -v $(BUILDPATH):$(GOBUILDPATH) -w $(GOBUILDPATH_JOBSERVICE) $(GOBUILDIMAGE) $(GOIMAGEBUILD) -v -o $(GOBUILDMAKEPATH_JOBSERVICE)/$(JOBSERVICEBINARYNAME)
@echo "Done."
compile:check_environment $(COMPILETAG)
compile:check_environment compile_golangimage
prepare:
@echo "preparing..."
@$(MAKEPATH)/$(PREPARECMD) $(PREPARECMD_PARA)
build_common: version
@echo "buildging db container for photon..."
@cd $(DOCKERFILEPATH_DB) && $(DOCKERBUILD) --pull -f $(DOCKERFILENAME_DB) -t $(DOCKERIMAGENAME_DB):$(VERSIONTAG) .
@echo "Done."
build:
make -f $(MAKEFILEPATH_PHOTON)/Makefile build -e DEVFLAG=$(DEVFLAG) -e MARIADBVERSION=$(MARIADBVERSION) \
-e REGISTRYVERSION=$(REGISTRYVERSION) -e NGINXVERSION=$(NGINXVERSION) -e NOTARYVERSION=$(NOTARYVERSION) \
-e CLAIRVERSION=$(CLAIRVERSION) -e CLAIRDBVERSION=$(CLAIRDBVERSION) -e VERSIONTAG=$(VERSIONTAG) \
-e BUILDBIN=$(BUILDBIN)
build_photon: build_common
make -f $(MAKEFILEPATH_PHOTON)/Makefile build -e DEVFLAG=$(DEVFLAG)
build_postgresql:
@echo "buildging postgresql container for photon..."
@cd $(DOCKERFILEPATH_POSTGRESQL) && $(DOCKERBUILD) -f $(DOCKERFILENAME_POSTGRESQL) -t $(DOCKERIMAGENAME_POSTGRESQL):$(CLAIRDBVERSION) .
@echo "Done."
build: build_$(BASEIMAGE)
modify_composefile:
modify_composefile: modify_composefile_notary modify_composefile_clair
@echo "preparing docker-compose file..."
@cp $(DOCKERCOMPOSEFILEPATH)/$(DOCKERCOMPOSETPLFILENAME) $(DOCKERCOMPOSEFILEPATH)/$(DOCKERCOMPOSEFILENAME)
@cp $(DOCKERCOMPOSEFILEPATH)/ha/$(DOCKERCOMPOSETPLFILENAME) $(DOCKERCOMPOSEFILEPATH)/ha/$(DOCKERCOMPOSEFILENAME)
@$(SEDCMD) -i 's/__version__/$(VERSIONTAG)/g' $(DOCKERCOMPOSEFILEPATH)/$(DOCKERCOMPOSEFILENAME)
@$(SEDCMD) -i 's/__version__/$(VERSIONTAG)/g' $(DOCKERCOMPOSEFILEPATH)/ha/$(DOCKERCOMPOSEFILENAME)
@$(SEDCMD) -i 's/__reg_version__/$(REGISTRYVERSION)-$(VERSIONTAG)/g' $(DOCKERCOMPOSEFILEPATH)/$(DOCKERCOMPOSEFILENAME)
@$(SEDCMD) -i 's/__version__/$(VERSIONTAG)/g' $(DOCKERCOMPOSEFILEPATH)/$(DOCKERCOMPOSEFILENAME)
@$(SEDCMD) -i 's/__nginx_version__/$(NGINXVERSION)/g' $(DOCKERCOMPOSEFILEPATH)/$(DOCKERCOMPOSEFILENAME)
modify_composefile_notary:
@echo "preparing docker-compose notary file..."
@cp $(DOCKERCOMPOSEFILEPATH)/$(DOCKERCOMPOSENOTARYTPLFILENAME) $(DOCKERCOMPOSEFILEPATH)/$(DOCKERCOMPOSENOTARYFILENAME)
@$(SEDCMD) -i 's/__notary_version__/$(NOTARYVERSION)-$(VERSIONTAG)/g' $(DOCKERCOMPOSEFILEPATH)/$(DOCKERCOMPOSENOTARYFILENAME)
@$(SEDCMD) -i 's/__mariadb_version__/$(MARIADBVERSION)/g' $(DOCKERCOMPOSEFILEPATH)/$(DOCKERCOMPOSENOTARYFILENAME)
modify_composefile_clair:
@echo "preparing docker-compose clair file..."
@cp $(DOCKERCOMPOSEFILEPATH)/$(DOCKERCOMPOSECLAIRTPLFILENAME) $(DOCKERCOMPOSEFILEPATH)/$(DOCKERCOMPOSECLAIRFILENAME)
@$(SEDCMD) -i 's/__postgresql_version__/$(CLAIRDBVERSION)/g' $(DOCKERCOMPOSEFILEPATH)/$(DOCKERCOMPOSECLAIRFILENAME)
@$(SEDCMD) -i 's/__clair_version__/$(CLAIRVERSION)-$(VERSIONTAG)/g' $(DOCKERCOMPOSEFILEPATH)/$(DOCKERCOMPOSECLAIRFILENAME)
modify_sourcefiles:
@echo "change mode of source files."
@ -340,7 +315,7 @@ modify_sourcefiles:
@chmod 600 $(MAKEPATH)/common/templates/ui/private_key.pem
@chmod 600 $(MAKEPATH)/common/templates/registry/root.crt
install: compile build modify_sourcefiles prepare modify_composefile start
install: compile version build modify_sourcefiles prepare modify_composefile start
package_online: modify_composefile
@echo "packing online package ..."
@ -353,41 +328,22 @@ package_online: modify_composefile
fi
@cp LICENSE $(HARBORPKG)/LICENSE
@cp NOTICE $(HARBORPKG)/NOTICE
@cp tools/migration/migration_cfg/upgrade $(HARBORPKG)/upgrade
@cp tools/migration/migration_cfg/harbor_1_1_0_template $(HARBORPKG)/harbor_1_1_0_template
@$(TARCMD) $(PACKAGE_ONLINE_PARA)
@rm -rf $(HARBORPKG)
@echo "Done."
package_offline: compile build modify_sourcefiles modify_composefile
package_offline: compile version build modify_sourcefiles modify_composefile
@echo "packing offline package ..."
@cp -r make $(HARBORPKG)
@cp LICENSE $(HARBORPKG)/LICENSE
@cp NOTICE $(HARBORPKG)/NOTICE
@cp tools/migration/migration_cfg/upgrade $(HARBORPKG)/upgrade
@cp tools/migration/migration_cfg/harbor_1_1_0_template $(HARBORPKG)/harbor_1_1_0_template
@cp $(HARBORPKG)/common/db/registry.sql $(HARBORPKG)/ha/
@echo "pulling nginx and registry..."
@$(DOCKERPULL) vmware/registry:$(REGISTRYVERSION)
@$(DOCKERPULL) vmware/nginx-photon:$(NGINXVERSION)
@if [ "$(NOTARYFLAG)" = "true" ] ; then \
echo "pulling notary and harbor-notary-db..."; \
$(DOCKERPULL) vmware/notary-photon:$(NOTARYVERSION); \
$(DOCKERPULL) vmware/notary-photon:$(NOTARYSIGNERVERSION); \
$(DOCKERPULL) vmware/mariadb-photon:$(MARIADBVERSION); \
fi
@if [ "$(CLAIRFLAG)" = "true" ] ; then \
echo "pulling claiy and postgres..."; \
$(DOCKERPULL) vmware/clair:$(CLAIRVERSION); \
$(DOCKERPULL) vmware/postgresql:$(CLAIRDBVERSION); \
fi
@if [ "$(MIGRATORFLAG)" = "true" ] ; then \
echo "pulling DB migrator..."; \
$(DOCKERPULL) vmware/harbor-db-migrator:$(MIGRATORVERSION); \
fi
fi
@echo "saving harbor docker image"
@$(DOCKERSAVE) $(DOCKERSAVE_PARA) > $(HARBORPKG)/$(DOCKERIMGFILE).$(VERSIONTAG).tar
@ -474,8 +430,6 @@ cleanimage:
- $(DOCKERRMIMAGE) -f $(DOCKERIMAGENAME_DB):$(VERSIONTAG)
- $(DOCKERRMIMAGE) -f $(DOCKERIMAGENAME_JOBSERVICE):$(VERSIONTAG)
- $(DOCKERRMIMAGE) -f $(DOCKERIMAGENAME_LOG):$(VERSIONTAG)
# - $(DOCKERRMIMAGE) -f registry:$(REGISTRYVERSION)
# - $(DOCKERRMIMAGE) -f nginx:1.11.5
cleandockercomposefile:
@echo "cleaning $(DOCKERCOMPOSEFILEPATH)/docker-compose.yml"

4
make/docker-compose.clair.yml → make/docker-compose.clair.tpl
View File

@ -17,7 +17,7 @@ services:
aliases:
- postgres
container_name: clair-db
image: vmware/postgresql:9.6.5-photon
image: vmware/postgresql-photon:__postgresql_version__
restart: always
depends_on:
- log
@ -35,7 +35,7 @@ services:
networks:
- harbor-clair
container_name: clair
image: vmware/clair:v2.0.1-photon
image: vmware/clair-photon:__clair_version__
restart: always
cpu_quota: 150000
depends_on:

6
make/docker-compose.notary.yml → make/docker-compose.notary.tpl
View File

@ -7,7 +7,7 @@ services:
networks:
- harbor-notary
notary-server:
image: vmware/notary-photon:server-0.5.1
image: vmware/notary-server-photon:__notary_version__
container_name: notary-server
restart: always
networks:
@ -25,7 +25,7 @@ services:
syslog-address: "tcp://127.0.0.1:1514"
tag: "notary-server"
notary-signer:
image: vmware/notary-photon:signer-0.5.1
image: vmware/notary-signer-photon:__notary_version__
container_name: notary-signer
restart: always
networks:
@ -45,7 +45,7 @@ services:
syslog-address: "tcp://127.0.0.1:1514"
tag: "notary-signer"
notary-db:
image: vmware/mariadb-photon:10.2.10
image: vmware/mariadb-photon:__mariadb_version__
container_name: notary-db
restart: always
networks:

4
make/docker-compose.tpl
View File

@ -12,7 +12,7 @@ services:
networks:
- harbor
registry:
image: vmware/registry:2.6.2-photon
image: vmware/registry-photon:__reg_version__
container_name: registry
restart: always
volumes:
@ -112,7 +112,7 @@ services:
syslog-address: "tcp://127.0.0.1:1514"
tag: "jobservice"
proxy:
image: vmware/nginx-photon:1.11.13
image: vmware/nginx-photon:__nginx_version__
container_name: nginx
restart: always
volumes:

131
make/photon/Makefile
View File

@ -11,9 +11,8 @@ BUILDPATH=$(CURDIR)
MAKEPATH=$(BUILDPATH)/make
MAKEDEVPATH=$(MAKEPATH)/dev
SRCPATH=./src
TOOLSPATH=$(BUILDPATH)/tools
CHECKENVCMD=checkenv.sh
DEVFLAG=true
SEDCMD=$(shell which sed)
WGET=$(shell which wget)
# docker parameters
DOCKERCMD=$(shell which docker)
@ -34,50 +33,146 @@ JOBSERVICEBINARYNAME=harbor_jobservice
# photon dockerfile
DOCKERFILEPATH=$(MAKEPATH)/photon
DOCKERFILEPATH_ADMINSERVER=$(DOCKERFILEPATH)/adminserver
DOCKERFILENAME_ADMINSERVER=Dockerfile
DOCKERIMAGENAME_ADMINSERVER=vmware/harbor-adminserver
DOCKERFILEPATH_UI=$(DOCKERFILEPATH)/ui
DOCKERFILENAME_UI=Dockerfile
DOCKERIMAGENAME_UI=vmware/harbor-ui
DOCKERFILEPATH_JOBSERVICE=$(DOCKERFILEPATH)/jobservice
DOCKERFILENAME_JOBSERVICE=Dockerfile
DOCKERIMAGENAME_JOBSERVICE=vmware/harbor-jobservice
DOCKERFILEPATH_LOG=$(DOCKERFILEPATH)/log
DOCKERFILENAME_LOG=Dockerfile
DOCKERIMAGENAME_LOG=vmware/harbor-log
# version prepare
VERSIONFILEPATH=$(SRCPATH)/views/sections
VERSIONFILENAME=header-content.htm
GITCMD=$(shell which git)
GITTAG=$(GITCMD) describe --tags
ifeq ($(DEVFLAG), true)
VERSIONTAG=dev
else
VERSIONTAG=$(shell $(GITTAG))
endif
DOCKERFILEPATH_DB=$(DOCKERFILEPATH)/db
DOCKERFILENAME_DB=Dockerfile
DOCKERIMAGENAME_DB=vmware/harbor-db
check_environment:
@$(MAKEPATH)/$(CHECKENVCMD)
DOCKERFILEPATH_POSTGRESQL=$(DOCKERFILEPATH)/postgresql
DOCKERFILENAME_POSTGRESQL=Dockerfile
DOCKERIMAGENAME_POSTGRESQL=vmware/postgresql-photon
build:
DOCKERFILEPATH_CLAIR=$(DOCKERFILEPATH)/clair
DOCKERFILENAME_CLAIR=Dockerfile
DOCKERIMAGENAME_CLAIR=vmware/clair-photon
DOCKERFILEPATH_NGINX=$(DOCKERFILEPATH)/nginx
DOCKERFILENAME_NGINX=Dockerfile
DOCKERIMAGENAME_NGINX=vmware/nginx-photon
DOCKERFILEPATH_REG=$(DOCKERFILEPATH)/registry
DOCKERFILENAME_REG=Dockerfile
DOCKERIMAGENAME_REG=vmware/registry-photon
DOCKERFILEPATH_MARIADB=$(DOCKERFILEPATH)/mariadb
DOCKERFILENAME_MARIADB=Dockerfile
DOCKERIMAGENAME_MARIADB=vmware/mariadb-photon
DOCKERFILEPATH_NOTARY=$(DOCKERFILEPATH)/notary
DOCKERFILENAME_NOTARYSIGNER=signer.Dockerfile
DOCKERIMAGENAME_NOTARYSIGNER=vmware/notary-signer-photon
DOCKERFILENAME_NOTARYSERVER=server.Dockerfile
DOCKERIMAGENAME_NOTARYSERVER=vmware/notary-server-photon
_build_db: _build_mariadb
@echo "modify the db dockerfile..."
@$(SEDCMD) -i 's/__version__/$(MARIADBVERSION)/g' $(DOCKERFILEPATH_DB)/$(DOCKERFILENAME_DB)
@echo "building db container for photon..."
@cd $(DOCKERFILEPATH_DB) && $(DOCKERBUILD) -f $(DOCKERFILEPATH_DB)/$(DOCKERFILENAME_DB) -t $(DOCKERIMAGENAME_DB):$(VERSIONTAG) .
@echo "Done."
@$(SEDCMD) -i 's/$(MARIADBVERSION)/__version__/g' $(DOCKERFILEPATH_DB)/$(DOCKERFILENAME_DB)
_build_adminiserver:
@echo "building adminserver container for photon..."
$(DOCKERBUILD) -f $(DOCKERFILEPATH_ADMINSERVER)/$(DOCKERFILENAME_ADMINSERVER) -t $(DOCKERIMAGENAME_ADMINSERVER):$(VERSIONTAG) .
@echo "Done."
_build_ui:
@echo "building ui container for photon..."
$(DOCKERBUILD) -f $(DOCKERFILEPATH_UI)/$(DOCKERFILENAME_UI) -t $(DOCKERIMAGENAME_UI):$(VERSIONTAG) .
@echo "Done."
_build_jobservice:
@echo "building jobservice container for photon..."
$(DOCKERBUILD) -f $(DOCKERFILEPATH_JOBSERVICE)/$(DOCKERFILENAME_JOBSERVICE) -t $(DOCKERIMAGENAME_JOBSERVICE):$(VERSIONTAG) .
@echo "Done."
_build_log:
@echo "building log container for photon..."
$(DOCKERBUILD) -f $(DOCKERFILEPATH_LOG)/$(DOCKERFILENAME_LOG) -t $(DOCKERIMAGENAME_LOG):$(VERSIONTAG) $(DOCKERFILEPATH_LOG)
@echo "Done."
_build_postgresql:
@echo "building postgresql container for photon..."
@cd $(DOCKERFILEPATH_POSTGRESQL) && $(DOCKERBUILD) -f $(DOCKERFILEPATH_POSTGRESQL)/$(DOCKERFILENAME_POSTGRESQL) -t $(DOCKERIMAGENAME_POSTGRESQL):$(CLAIRDBVERSION) .
@echo "Done."
_build_clair:
@if [ "$(CLAIRFLAG)" = "true" ] ; then \
if [ "$(BUILDBIN)" != "true" ] ; then \
rm -rf $(DOCKERFILEPATH_CLAIR)/binary && mkdir -p $(DOCKERFILEPATH_CLAIR)/binary && \
$(call _get_binary, https://storage.googleapis.com/harbor-builds/bin/clair, $(DOCKERFILEPATH_CLAIR)/binary/clair); \
else \
cd $(DOCKERFILEPATH_CLAIR) && $(DOCKERFILEPATH_CLAIR)/builder $(CLAIRVERSION); \
fi ; \
echo "building clair container for photon..." ; \
cd $(DOCKERFILEPATH_CLAIR) && $(DOCKERBUILD) -f $(DOCKERFILEPATH_CLAIR)/$(DOCKERFILENAME_CLAIR) -t $(DOCKERIMAGENAME_CLAIR):$(CLAIRVERSION)-$(VERSIONTAG) . ; \
rm -rf $(DOCKERFILEPATH_CLAIR)/binary; \
echo "Done." ; \
fi
_build_nginx:
@echo "building nginx container for photon..."
@$(DOCKERBUILD) -f $(DOCKERFILEPATH_NGINX)/$(DOCKERFILENAME_NGINX) -t $(DOCKERIMAGENAME_NGINX):$(NGINXVERSION) .
@echo "Done."
_build_notary:
@if [ "$(NOTARYFLAG)" = "true" ] ; then \
if [ "$(BUILDBIN)" != "true" ] ; then \
rm -rf $(DOCKERFILEPATH_NOTARY)/binary && mkdir -p $(DOCKERFILEPATH_NOTARY)/binary && \
$(call _get_binary, https://storage.googleapis.com/harbor-builds/bin/notary/notary-signer, $(DOCKERFILEPATH_NOTARY)/binary/notary-signer) && \
$(call _get_binary, https://storage.googleapis.com/harbor-builds/bin/notary/notary-server, $(DOCKERFILEPATH_NOTARY)/binary/notary-server) && \
$(call _get_binary, https://storage.googleapis.com/harbor-builds/bin/notary/notary-migrate.tgz, $(DOCKERFILEPATH_NOTARY)/binary/notary-migrate.tgz); \
cd $(DOCKERFILEPATH_NOTARY)/binary && tar -zvxf notary-migrate.tgz; \
else \
cd $(DOCKERFILEPATH_NOTARY) && $(DOCKERFILEPATH_NOTARY)/builder_public $(NOTARYVERSION); \
fi ; \
echo "building notary container for photon..."; \
cd $(DOCKERFILEPATH_NOTARY) && chmod 655 $(DOCKERFILEPATH_NOTARY)/binary/notary-signer && $(DOCKERBUILD) -f $(DOCKERFILEPATH_NOTARY)/$(DOCKERFILENAME_NOTARYSIGNER) -t $(DOCKERIMAGENAME_NOTARYSIGNER):$(NOTARYVERSION)-$(VERSIONTAG) . ; \
cd $(DOCKERFILEPATH_NOTARY) && chmod 655 $(DOCKERFILEPATH_NOTARY)/binary/notary-server && $(DOCKERBUILD) -f $(DOCKERFILEPATH_NOTARY)/$(DOCKERFILENAME_NOTARYSERVER) -t $(DOCKERIMAGENAME_NOTARYSERVER):$(NOTARYVERSION)-$(VERSIONTAG) . ; \
rm -rf $(DOCKERFILEPATH_NOTARY)/binary; \
echo "Done."; \
fi
_build_registry:
@if [ "$(BUILDBIN)" != "true" ] ; then \
rm -rf $(DOCKERFILEPATH_REG)/binary && mkdir -p $(DOCKERFILEPATH_REG)/binary && \
$(call _get_binary, https://storage.googleapis.com/harbor-builds/bin/registry, $(DOCKERFILEPATH_REG)/binary/registry); \
else \
cd $(DOCKERFILEPATH_REG) && $(DOCKERFILEPATH_REG)/builder $(REGISTRYVERSION); \
fi
@echo "building registry container for photon..."
@cd $(DOCKERFILEPATH_REG) && chmod 655 $(DOCKERFILEPATH_REG)/binary/registry && $(DOCKERBUILD) -f $(DOCKERFILEPATH_REG)/$(DOCKERFILENAME_REG) -t $(DOCKERIMAGENAME_REG):$(REGISTRYVERSION)-$(VERSIONTAG) .
@rm -rf $(DOCKERFILEPATH_REG)/binary
@echo "Done."
_build_mariadb:
@echo "building mariadb container for photon..."
@cd $(DOCKERFILEPATH_MARIADB) && $(DOCKERBUILD) -f $(DOCKERFILEPATH_MARIADB)/$(DOCKERFILENAME_MARIADB) -t $(DOCKERIMAGENAME_MARIADB):$(MARIADBVERSION) .
@echo "Done."
define _get_binary
$(WGET) --timeout 30 --no-check-certificate $1 -O $2
endef
build: _build_postgresql _build_db _build_adminiserver _build_ui _build_jobservice _build_log _build_nginx _build_registry _build_notary _build_clair
cleanimage:
@echo "cleaning image for photon..."
- $(DOCKERRMIMAGE) -f $(DOCKERIMAGENAME_ADMINSERVER):$(VERSIONTAG)

2
make/photon/adminserver/Dockerfile
View File

@ -1,7 +1,7 @@
FROM vmware/photon:1.0
RUN tdnf erase vim -y \
&& tdnf distro-sync -y \
&& tdnf distro-sync -y || echo \
&& tdnf install -y sudo \
&& tdnf clean all \
&& groupadd -r -g 10000 harbor && useradd --no-log-init -r -g 10000 -u 10000 harbor \

4
make/photon/clair/Dockerfile
View File

@ -1,14 +1,14 @@
FROM vmware/photon:1.0
RUN tdnf distro-sync -y \
RUN tdnf distro-sync -y || echo \
&& tdnf erase vim -y \
&& tdnf install -y git shadow sudo bzr rpm xz python-xml \
&& tdnf clean all \
&& mkdir /clair2.0.1/ \
&& groupadd -r -g 10000 clair \
&& useradd --no-log-init -m -r -g 10000 -u 10000 clair
COPY clair /clair2.0.1/
COPY ./binary/clair /clair2.0.1/
COPY docker-entrypoint.sh /docker-entrypoint.sh
COPY dumb-init /dumb-init

6
make/photon/clair/Dockerfile.binary Normal file
View File

@ -0,0 +1,6 @@
FROM golang:1.7.3
ADD . /go/src/github.com/coreos/clair/
WORKDIR /go/src/github.com/coreos/clair/
RUN go install -v github.com/coreos/clair/cmd/clair

38
make/photon/clair/builder Executable file
View File

@ -0,0 +1,38 @@
#!/bin/bash
set +e
if [ -z $1 ]; then
error "Please set the 'version' variable"
exit 1
fi
VERSION="$1"
set -e
# the temp folder to store binary file...
mkdir -p binary
rm -rf binary/clair || true
cd `dirname $0`
cur=$PWD
# the temp folder to store distribution source code...
TEMP=`mktemp -d /$TMPDIR/clair.XXXXXX`
git clone -b $VERSION https://github.com/coreos/clair.git $TEMP
echo 'build the clair binary bases on the golang:1.7.3...'
cp Dockerfile.binary $TEMP
docker build -f $TEMP/Dockerfile.binary -t clair-golang $TEMP
echo 'copy the clair binary to local...'
ID=$(docker create clair-golang)
docker cp $ID:/go/bin/clair binary
docker rm -f $ID
docker rmi -f clair-golang
echo "Build clair binary success, then to build photon image..."
cd $cur
rm -rf $TEMP

2
make/common/db/Dockerfile → make/photon/db/Dockerfile
View File

@ -1,4 +1,4 @@
FROM vmware/mariadb-photon:10.2.10
FROM vmware/mariadb-photon:__version__
HEALTHCHECK CMD mysqladmin -uroot -p$MYSQL_ROOT_PASSWORD ping

0
make/common/db/registry-flag.sh → make/photon/db/registry-flag.sh
View File

0
make/common/db/registry.sql → make/photon/db/registry.sql
View File

0
make/common/db/registry_sqlite.sql → make/photon/db/registry_sqlite.sql
View File

0
make/common/db/upgrade.sh → make/photon/db/upgrade.sh
View File

2
make/photon/jobservice/Dockerfile
View File

@ -1,7 +1,7 @@
FROM vmware/photon:1.0
RUN mkdir /harbor/ \
&& tdnf distro-sync -y \
&& tdnf distro-sync -y || echo \
&& tdnf install sudo -y \
&& tdnf clean all \
&& groupadd -r -g 10000 harbor && useradd --no-log-init -r -g 10000 -u 10000 harbor

2
make/photon/log/Dockerfile
View File

@ -1,6 +1,6 @@
FROM vmware/photon:1.0
RUN tdnf distro-sync -y \
RUN tdnf distro-sync -y || echo \
&& tdnf install -y cronie rsyslog logrotate shadow tar gzip sudo net-tools\
&& mkdir /etc/rsyslog.d/ \
&& mkdir /var/spool/rsyslog \

4
make/common/mariadb/Dockerfile → make/photon/mariadb/Dockerfile
View File

@ -2,7 +2,7 @@ FROM vmware/photon:1.0
#The Docker Daemon has to be running with storage backend btrfs when building the image
RUN tdnf distro-sync -y \
RUN tdnf distro-sync -y || echo \
&& tdnf install -y sed shadow procps-ng gawk gzip sudo net-tools \
&& groupadd -r -g 10000 mysql && useradd --no-log-init -r -g 10000 -u 10000 mysql \
&& tdnf install -y mariadb-server mariadb \
@ -22,4 +22,4 @@ VOLUME /var/lib/mysql /docker-entrypoint-initdb.d /docker-entrypoint-updatedb.d
EXPOSE 3306
ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]
CMD ["mysqld"]
CMD ["mysqld"]

0
make/common/mariadb/docker-entrypoint.sh → make/photon/mariadb/docker-entrypoint.sh
View File

0
make/common/mariadb/my.cnf → make/photon/mariadb/my.cnf
View File

2
make/common/nginx/Dockerfile → make/photon/nginx/Dockerfile
View File

@ -1,6 +1,6 @@
FROM vmware/photon:1.0
RUN tdnf distro-sync -y \
RUN tdnf distro-sync -y || echo \
&& tdnf install -y nginx \
&& ln -sf /dev/stdout /var/log/nginx/access.log \
&& ln -sf /dev/stderr /var/log/nginx/error.log \

11
make/photon/notary/binary.Dockerfile
View File

@ -1,13 +1,12 @@
FROM golang:1.7.3
ENV NOTARY_DIR /go/src/github.com/docker/notary
ENV NOTARYPKG github.com/docker/notary
ENV NOTARYPKG github.com/theupdateframework/notary
COPY . /go/src/${NOTARYPKG}
WORKDIR /go/src/${NOTARYPKG}
RUN go build -tags pkcs11 \
-ldflags "-w -X ${NOTARYPKG}/version.GitCommit=`git rev-parse --short HEAD` -X ${NOTARYPKG}/version.NotaryVersion=`cat NOTARY_VERSION`" $NOTARYPKG/cmd/notary-server
RUN go install -tags pkcs11 \
-ldflags "-w -X ${NOTARYPKG}/version.GitCommit=`git rev-parse --short HEAD` -X ${NOTARYPKG}/version.NotaryVersion=`cat NOTARY_VERSION`" ${NOTARYPKG}/cmd/notary-server
RUN go build -tags pkcs11 \
-ldflags "-w -X ${NOTARYPKG}/version.GitCommit=`git rev-parse --short HEAD` -X ${NOTARYPKG}/version.NotaryVersion=`cat NOTARY_VERSION`" $NOTARYPKG/cmd/notary-signer
RUN go install -tags pkcs11 \
-ldflags "-w -X ${NOTARYPKG}/version.GitCommit=`git rev-parse --short HEAD` -X ${NOTARYPKG}/version.NotaryVersion=`cat NOTARY_VERSION`" ${NOTARYPKG}/cmd/notary-signer

25
make/photon/notary/builder_public
View File

@ -2,26 +2,12 @@
set +e
echo "Usage: #./builder [notary version] [registry username] [registry password]"
if [ -z $1 ]; then
error "Please set the 'version' variable"
exit 1
fi
if [ -z $2 ]; then
error "Please set the 'photonversion' variable"
exit 1
fi
if [ -z $3 ]; then
error "Please set the 'username' variable"
exit 1
fi
VERSION="$1"
USERNAME="$2"
PASSWORD="$3"
SIGNER_PHOTONIMAGE=vmware/notary-photon:signer-$VERSION
SERVER_PHOTONIMAGE=vmware/notary-photon:server-$VERSION
set -e
@ -41,19 +27,18 @@ echo 'build the notary binary bases on the golang:1.7.3...'
cp binary.Dockerfile $TEMP
cd $TEMP
docker build -f binary.Dockerfile -t notary-golang $TEMP
cp -r $TEMP/migrations binary
echo 'copy the notary binary to local...'
ID=$(docker create notary-golang)
echo $ID
cd $cur
docker cp $ID:/go/src/github.com/docker/notary/notary-server binary
docker cp $ID:/go/src/github.com/docker/notary/notary-signer binary
docker cp $ID:/go/src/github.com/theupdateframework/notary/notary-server binary
docker cp $ID:/go/src/github.com/theupdateframework/notary/notary-signer binary
docker rm -f $ID
docker rmi -f notary-golang
docker build -f server.Dockerfile -t $SERVER_PHOTONIMAGE .
docker build -f signer.Dockerfile -t $SIGNER_PHOTONIMAGE .
rm -rf $TEMP
echo 'Push image to docker hub.'
../../pushimage.sh $PHOTONIMAGE $USERNAME $PASSWORD

8
make/photon/notary/server.Dockerfile
View File

@ -1,6 +1,6 @@
FROM vmware/photon:1.0
RUN tdnf distro-sync -y \
RUN tdnf distro-sync -y || echo \
&& tdnf erase vim -y \
&& tdnf install -y shadow sudo \
&& tdnf clean all \
@ -8,9 +8,9 @@ RUN tdnf distro-sync -y \
&& useradd --no-log-init -r -g 10000 -u 10000 notary
COPY ./binary/notary-server /bin/notary-server
COPY ./migrate /bin/migrate
COPY ./migrations/ /migrations/
COPY ./binary/migrate /bin/migrate
COPY ./binary/migrations/ /migrations/
COPY ./server-start.sh /bin/server-start.sh
RUN chmod u+x /bin/notary-server /migrations/migrate.sh /bin/migrate /bin/server-start.sh
ENV SERVICE_NAME=notary_server
ENTRYPOINT [ "/bin/server-start.sh" ]
ENTRYPOINT [ "/bin/server-start.sh" ]

8
make/photon/notary/signer.Dockerfile
View File

@ -1,16 +1,16 @@
FROM vmware/photon:1.0
RUN tdnf distro-sync -y \
RUN tdnf distro-sync -y || echo \
&& tdnf erase vim -y \
&& tdnf install -y shadow sudo \
&& tdnf clean all \
&& groupadd -r -g 10000 notary \
&& useradd --no-log-init -r -g 10000 -u 10000 notary
COPY ./binary/notary-signer /bin/notary-signer
COPY ./migrate /bin/migrate
COPY ./migrations/ /migrations/
COPY ./binary/migrate /bin/migrate
COPY ./binary/migrations/ /migrations/
COPY ./signer-start.sh /bin/signer-start.sh
RUN chmod u+x /bin/notary-signer /migrations/migrate.sh /bin/migrate /bin/signer-start.sh
ENV SERVICE_NAME=notary_signer
ENTRYPOINT [ "/bin/signer-start.sh" ]
ENTRYPOINT [ "/bin/signer-start.sh" ]

2
make/common/postgresql/Dockerfile → make/photon/postgresql/Dockerfile
View File

@ -3,7 +3,7 @@ FROM vmware/photon:1.0
ENV PGDATA /var/lib/postgresql/data
RUN touch /etc/localtime.bak \
&& tdnf distro-sync -y \
&& tdnf distro-sync -y || echo \
&& tdnf install -y sed shadow gzip postgresql\
&& groupadd -r postgres --gid=999 \
&& useradd -r -g postgres --uid=999 postgres \

0
make/common/postgresql/docker-entrypoint.sh → make/photon/postgresql/docker-entrypoint.sh
View File

3
make/photon/registry/Dockerfile
View File

@ -3,7 +3,7 @@ FROM vmware/photon:1.0
MAINTAINER wangyan@vmware.com
# The original script in the docker offical registry image.
RUN tdnf distro-sync -y \
RUN tdnf distro-sync -y || echo \
&& tdnf erase vim -y \
&& tdnf install sudo -y \
&& tdnf clean all \
@ -13,7 +13,6 @@ COPY entrypoint.sh /
RUN chmod u+x /entrypoint.sh
RUN mkdir -p /etc/registry
COPY config.yml /etc/registry/config.yml
COPY binary/registry /usr/bin
RUN chmod u+x /usr/bin/registry

25
make/photon/registry/builder
View File

@ -2,29 +2,12 @@
set +e
echo "Usage: #./builder [registry version] [photon tag] [registry username] [registry password]"
if [ -z $1 ]; then
error "Please set the 'version' variable"
exit 1
fi
if [ -z $2 ]; then
error "Please set the 'photonversion' variable"
exit 1
fi
if [ -z $3 ]; then
error "Please set the 'username' variable"
exit 1
fi
if [ -z $4 ]; then
error "Please set the 'password' variable"
exit 1
fi
VERSION="$1"
PHOTONVERSION="$2"
USERNAME="$3"
PASSWORD="$4"
PHOTONIMAGE=vmware/registry:$PHOTONVERSION
set -e
@ -52,13 +35,5 @@ docker rmi -f registry-golang
echo "Build registry binary success, then to build photon image..."
cd $cur
echo $PHOTONIMAGE
cp $TEMP/cmd/registry/config-example.yml config.yml
docker build -f Dockerfile -t $PHOTONIMAGE .
rm -rf $TEMP
rm -rf binary
rm -rf config.yml
echo 'Push image to docker hub.'
../../pushimage.sh $PHOTONIMAGE $USERNAME $PASSWORD

2
make/photon/ui/Dockerfile
View File

@ -1,6 +1,6 @@
FROM vmware/photon:1.0
RUN tdnf distro-sync -y \
RUN tdnf distro-sync -y || echo \
&& tdnf erase vim -y \
&& tdnf install sudo -y \
&& tdnf clean all \

8
src/common/dao/clair.go
View File

@ -16,8 +16,8 @@ package dao
import (
"github.com/vmware/harbor/src/common/models"
"github.com/vmware/harbor/src/common/utils/log"
"fmt"
"time"
)
@ -35,12 +35,10 @@ func SetClairVulnTimestamp(namespace string, timestamp time.Time) error {
if !created {
rec.LastUpdate = timestamp
n, err := o.Update(rec)
if err != nil {
return err
}
if n == 0 {
return fmt.Errorf("No record is updated, record: %v", *rec)
log.Warningf("no records are updated for %v", *rec)
}
return err
}
return nil
}

64
src/common/dao/dao_test.go
View File

@ -20,8 +20,8 @@ import (
"time"
"github.com/astaxie/beego/orm"
"github.com/vmware/harbor/src/common"
"github.com/stretchr/testify/assert"
"github.com/vmware/harbor/src/common"
"github.com/vmware/harbor/src/common/models"
"github.com/vmware/harbor/src/common/utils"
"github.com/vmware/harbor/src/common/utils/log"
@ -305,6 +305,7 @@ var currentUser *models.User
func TestGetUser(t *testing.T) {
queryUser := models.User{
Username: username,
Email: "tester01@vmware.com",
}
var err error
currentUser, err = GetUser(queryUser)
@ -1531,8 +1532,6 @@ func TestUpdateScanJobStatus(t *testing.T) {
j, err := GetScanJob(id)
assert.Nil(err)
assert.Equal("newstatus", j.Status)
err = UpdateScanJobStatus(id+9, "newstatus")
assert.NotNil(err)
err = ClearTable(models.ScanJobTable)
assert.Nil(err)
}
@ -1632,36 +1631,35 @@ func TestGetScanJobsByStatus(t *testing.T) {
assert.Equal(sj1.Repository, r2[0].Repository)
}
func TestSaveConfigEntries(t *testing.T) {
configEntries :=[]models.ConfigEntry{
func TestSaveConfigEntries(t *testing.T) {
configEntries := []models.ConfigEntry{
{
Key:"teststringkey",
Value:"192.168.111.211",
Key: "teststringkey",
Value: "192.168.111.211",
},
{
Key:"testboolkey",
Value:"true",
Key: "testboolkey",
Value: "true",
},
{
Key:"testnumberkey",
Value:"5",
Key: "testnumberkey",
Value: "5",
},
{
Key:common.CfgDriverDB,
Value:"db",
Key: common.CfgDriverDB,
Value: "db",
},
}
err := SaveConfigEntries(configEntries)
if err != nil {
t.Fatalf("failed to save configuration to database %v", err)
}
readEntries, err:=GetConfigEntries()
if err !=nil {
readEntries, err := GetConfigEntries()
if err != nil {
t.Fatalf("Failed to get configuration from database %v", err)
}
findItem:=0
for _,entry:= range readEntries{
findItem := 0
for _, entry := range readEntries {
switch entry.Key {
case "teststringkey":
if "192.168.111.211" == entry.Value {
@ -1678,38 +1676,38 @@ func TestSaveConfigEntries(t *testing.T) {
default:
}
}
if findItem !=3 {
if findItem != 3 {
t.Fatalf("Should update 3 configuration but only update %d", findItem)
}
configEntries =[]models.ConfigEntry{
configEntries = []models.ConfigEntry{
{
Key:"teststringkey",
Value:"192.168.111.215",
Key: "teststringkey",
Value: "192.168.111.215",
},
{
Key:"testboolkey",
Value:"false",
Key: "testboolkey",
Value: "false",
},
{
Key:"testnumberkey",
Value:"7",
Key: "testnumberkey",
Value: "7",
},
{
Key:common.CfgDriverDB,
Value:"db",
Key: common.CfgDriverDB,
Value: "db",
},
}
err = SaveConfigEntries(configEntries)
if err != nil {
t.Fatalf("failed to save configuration to database %v", err)
}
readEntries, err=GetConfigEntries()
if err !=nil {
readEntries, err = GetConfigEntries()
if err != nil {
t.Fatalf("Failed to get configuration from database %v", err)
}
findItem=0
for _,entry:= range readEntries{
findItem = 0
for _, entry := range readEntries {
switch entry.Key {
case "teststringkey":
if "192.168.111.215" == entry.Value {
@ -1726,7 +1724,7 @@ func TestSaveConfigEntries(t *testing.T) {
default:
}
}
if findItem !=3 {
if findItem != 3 {
t.Fatalf("Should update 3 configuration but only update %d", findItem)
}

7
src/common/dao/replication_job.go
View File

@ -22,6 +22,7 @@ import (
"github.com/astaxie/beego/orm"
"github.com/vmware/harbor/src/common/models"
"github.com/vmware/harbor/src/common/utils/log"
)
// AddRepTarget ...
@ -396,9 +397,9 @@ func UpdateRepJobStatus(id int64, status string) error {
Status: status,
UpdateTime: time.Now(),
}
num, err := o.Update(&j, "Status", "UpdateTime")
if num == 0 {
err = fmt.Errorf("Failed to update replication job with id: %d %s", id, err.Error())
n, err := o.Update(&j, "Status", "UpdateTime")
if n == 0 {
log.Warningf("no records are updated when updating replication job %d", id)
}
return err
}

6
src/common/dao/scan_job.go
View File

@ -17,6 +17,7 @@ package dao
import (
"github.com/astaxie/beego/orm"
"github.com/vmware/harbor/src/common/models"
"github.com/vmware/harbor/src/common/utils/log"
"encoding/json"
"fmt"
@ -78,7 +79,7 @@ func UpdateScanJobStatus(id int64, status string) error {
}
n, err := o.Update(&sj, "Status", "UpdateTime")
if n == 0 {
return fmt.Errorf("Failed to update scan job with id: %d, error: %v", id, err)
log.Warningf("no records are updated when updating scan job %d", id)
}
return err
}
@ -109,8 +110,9 @@ func SetScanJobForImg(digest string, jobID int64) error {
rec.UpdateTime = time.Now()
n, err := o.Update(rec, "JobID", "UpdateTime")
if n == 0 {
return fmt.Errorf("Failed to set scan job for image with digest: %s, error: %v", digest, err)
log.Warningf("no records are updated when setting scan job for image with digest %s", digest)
}
return err
}
return nil
}

5
src/common/dao/user.go
View File

@ -52,6 +52,11 @@ func GetUser(query models.User) (*models.User, error) {
queryParam = append(queryParam, query.ResetUUID)
}
if query.Email != "" {
sql += ` and email = ? `
queryParam = append(queryParam, query.Email)
}
var u []models.User
n, err := o.Raw(sql, queryParam).QueryRows(&u)

3
src/common/models/models_test.go
View File

@ -17,6 +17,5 @@ import (
"testing"
)
func TestMain(t *testing.T) {
func TestMain(m *testing.M) {
}

510
src/common/utils/ldap/ldap.go
View File

@ -15,15 +15,13 @@
package ldap
import (
"crypto/tls"
"fmt"
"net/url"
"strconv"
"strings"
"time"
"crypto/tls"
"github.com/vmware/harbor/src/common/dao"
"github.com/vmware/harbor/src/common/models"
"github.com/vmware/harbor/src/common/utils/log"
"github.com/vmware/harbor/src/ui/config"
@ -31,77 +29,68 @@ import (
goldap "gopkg.in/ldap.v2"
)
// GetSystemLdapConf ...
func GetSystemLdapConf() (models.LdapConf, error) {
var err error
var ldapConfs models.LdapConf
var authMode string
//Session - define a LDAP session
type Session struct {
ldapConfig models.LdapConf
ldapConn *goldap.Conn
}
authMode, err = config.AuthMode()
//LoadSystemLdapConfig - load LDAP configure from adminserver
func LoadSystemLdapConfig() (*Session, error) {
var session Session
authMode, err := config.AuthMode()
if err != nil {
log.Errorf("can't load auth mode from system, error: %v", err)
return ldapConfs, err
return nil, err
}
if authMode != "ldap_auth" {
return ldapConfs, fmt.Errorf("system auth_mode isn't ldap_auth, please check configuration")
return nil, fmt.Errorf("system auth_mode isn't ldap_auth, please check configuration")
}
ldap, err := config.LDAP()
if err != nil {
return ldapConfs, err
return nil, err
}
if ldap.URL == "" {
return nil, fmt.Errorf("can not get any available LDAP_URL")
}
ldapConfs.LdapURL = ldap.URL
ldapConfs.LdapSearchDn = ldap.SearchDN
ldapConfs.LdapSearchPassword = ldap.SearchPassword
ldapConfs.LdapBaseDn = ldap.BaseDN
ldapConfs.LdapFilter = ldap.Filter
ldapConfs.LdapUID = ldap.UID
ldapConfs.LdapScope = ldap.Scope
ldapConfs.LdapConnectionTimeout = ldap.Timeout
ldapConfs.LdapVerifyCert = ldap.VerifyCert
ldapURL, err := formatURL(ldap.URL)
if err != nil {
return nil, err
}
// ldapConfs = config.LDAP().URL
// ldapConfs.LdapSearchDn = config.LDAP().SearchDn
// ldapConfs.LdapSearchPassword = config.LDAP().SearchPwd
// ldapConfs.LdapBaseDn = config.LDAP().BaseDn
// ldapConfs.LdapFilter = config.LDAP().Filter
// ldapConfs.LdapUID = config.LDAP().UID
// ldapConfs.LdapScope, err = strconv.Atoi(config.LDAP().Scope)
// if err != nil {
// log.Errorf("invalid LdapScope format from system, error: %v", err)
// return ldapConfs, err
// }
session.ldapConfig.LdapURL = ldapURL
session.ldapConfig.LdapSearchDn = ldap.SearchDN
session.ldapConfig.LdapSearchPassword = ldap.SearchPassword
session.ldapConfig.LdapBaseDn = ldap.BaseDN
session.ldapConfig.LdapFilter = ldap.Filter
session.ldapConfig.LdapUID = ldap.UID
session.ldapConfig.LdapConnectionTimeout = ldap.Timeout
session.ldapConfig.LdapVerifyCert = ldap.VerifyCert
log.Debugf("Load system configuration: %v", ldap)
// ldapConfs.LdapConnectionTimeout, err = strconv.Atoi(config.LDAP().ConnectTimeout)
// if err != nil {
// log.Errorf("invalid LdapConnectionTimeout format from system, error: %v", err)
// return ldapConfs, err
// }
return ldapConfs, nil
switch ldap.Scope {
case 1:
session.ldapConfig.LdapScope = goldap.ScopeBaseObject
case 2:
session.ldapConfig.LdapScope = goldap.ScopeSingleLevel
case 3:
session.ldapConfig.LdapScope = goldap.ScopeWholeSubtree
default:
log.Errorf("invalid ldap search scope %v", ldap.Scope)
return nil, fmt.Errorf("invalid ldap search scope")
}
return &session, nil
}
// ValidateLdapConf ...
func ValidateLdapConf(ldapConfs models.LdapConf) (models.LdapConf, error) {
var err error
// CreateWithUIConfig - create a Session with config from UI
func CreateWithUIConfig(ldapConfs models.LdapConf) (*Session, error) {
if ldapConfs.LdapURL == "" {
return ldapConfs, fmt.Errorf("can not get any available LDAP_URL")
}
ldapConfs.LdapURL, err = formatLdapURL(ldapConfs.LdapURL)
if err != nil {
log.Errorf("invalid LdapURL format, error: %v", err)
return ldapConfs, err
}
// Compatible with legacy codes
// in previous harbor.cfg:
// the scope to search for users, 1-LDAP_SCOPE_BASE, 2-LDAP_SCOPE_ONELEVEL, 3-LDAP_SCOPE_SUBTREE
switch ldapConfs.LdapScope {
case 1:
ldapConfs.LdapScope = goldap.ScopeBaseObject
@ -110,131 +99,44 @@ func ValidateLdapConf(ldapConfs models.LdapConf) (models.LdapConf, error) {
case 3:
ldapConfs.LdapScope = goldap.ScopeWholeSubtree
default:
return ldapConfs, fmt.Errorf("invalid ldap search scope")
return nil, fmt.Errorf("invalid ldap search scope")
}
// value := reflect.ValueOf(ldapConfs)
// lType := reflect.TypeOf(ldapConfs)
// for i := 0; i < value.NumField(); i++ {
// fmt.Printf("Field %d: %v %v\n", i, value.Field(i), lType.Field(i).Name)
// }
return ldapConfs, nil
return createWithInternalConfig(ldapConfs)
}
// MakeFilter ...
func MakeFilter(username string, ldapFilter string, ldapUID string) string {
// createWithInternalConfig - create a Session with internal config
func createWithInternalConfig(ldapConfs models.LdapConf) (*Session, error) {
var filterTag string
var session Session
if username == "" {
filterTag = "*"
} else {
filterTag = username
if ldapConfs.LdapURL == "" {
return nil, fmt.Errorf("can not get any available LDAP_URL")
}
if ldapFilter == "" {
ldapFilter = "(" + ldapUID + "=" + filterTag + ")"
} else {
if !strings.Contains(ldapFilter, ldapUID+"=") {
ldapFilter = "(&" + ldapFilter + "(" + ldapUID + "=" + filterTag + "))"
} else {
ldapFilter = strings.Replace(ldapFilter, ldapUID+"=*", ldapUID+"="+filterTag, -1)
}
}
log.Debug("one or more ldapFilter: ", ldapFilter)
return ldapFilter
}
// ConnectTest ...
func ConnectTest(ldapConfs models.LdapConf) error {
var ldapConn *goldap.Conn
var err error
ldapConn, err = dialLDAP(ldapConfs)
if err != nil {
return err
}
defer ldapConn.Close()
if ldapConfs.LdapSearchDn != "" {
err = bindLDAPSearchDN(ldapConfs, ldapConn)
if err != nil {
return err
}
}
return nil
}
// SearchUser ...
func SearchUser(ldapConfs models.LdapConf) ([]models.LdapUser, error) {
var ldapUsers []models.LdapUser
var ldapConn *goldap.Conn
var err error
ldapConn, err = dialLDAP(ldapConfs)
if err != nil {
return nil, err
}
defer ldapConn.Close()
if ldapConfs.LdapSearchDn != "" {
err = bindLDAPSearchDN(ldapConfs, ldapConn)
if err != nil {
return nil, err
}
}
if ldapConfs.LdapBaseDn == "" {
return nil, fmt.Errorf("can not get any available LDAP_BASE_DN")
}
result, err := searchLDAP(ldapConfs, ldapConn)
ldapURL, err := formatURL(ldapConfs.LdapURL)
if err != nil {
return nil, err
}
for _, ldapEntry := range result.Entries {
var u models.LdapUser
for _, attr := range ldapEntry.Attributes {
//OpenLDAP sometimes contains leading space in username
val := strings.TrimSpace(attr.Values[0])
log.Debugf("Current ldap entry attr name: %s\n", attr.Name)
switch strings.ToLower(attr.Name) {
case strings.ToLower(ldapConfs.LdapUID):
u.Username = val
case "uid":
u.Realname = val
case "cn":
u.Realname = val
case "mail":
u.Email = val
case "email":
u.Email = val
}
}
u.DN = ldapEntry.DN
ldapUsers = append(ldapUsers, u)
}
session.ldapConfig.LdapURL = ldapURL
session.ldapConfig.LdapSearchDn = ldapConfs.LdapSearchDn
session.ldapConfig.LdapSearchPassword = ldapConfs.LdapSearchPassword
session.ldapConfig.LdapBaseDn = ldapConfs.LdapBaseDn
session.ldapConfig.LdapFilter = ldapConfs.LdapFilter
session.ldapConfig.LdapUID = ldapConfs.LdapUID
session.ldapConfig.LdapConnectionTimeout = ldapConfs.LdapConnectionTimeout
session.ldapConfig.LdapVerifyCert = ldapConfs.LdapVerifyCert
session.ldapConfig.LdapScope = ldapConfs.LdapScope
return &session, nil
return ldapUsers, nil
}
func formatLdapURL(ldapURL string) (string, error) {
func formatURL(ldapURL string) (string, error) {
var protocol, hostport string
var err error
_, err = url.Parse(ldapURL)
_, err := url.Parse(ldapURL)
if err != nil {
return "", fmt.Errorf("parse Ldap Host ERR: %s", err)
}
@ -243,7 +145,7 @@ func formatLdapURL(ldapURL string) (string, error) {
splitLdapURL := strings.Split(ldapURL, "://")
protocol, hostport = splitLdapURL[0], splitLdapURL[1]
if !((protocol == "ldap") || (protocol == "ldaps")) {
return "", fmt.Errorf("unknown ldap protocl")
return "", fmt.Errorf("unknown ldap protocol")
}
} else {
hostport = ldapURL
@ -275,128 +177,165 @@ func formatLdapURL(ldapURL string) (string, error) {
}
// ImportUser ...
func ImportUser(user models.LdapUser) (int64, error) {
var u models.User
u.Username = user.Username
u.Email = user.Email
u.Realname = user.Realname
log.Debug("username:", u.Username, ",email:", u.Email)
exist, err := dao.UserExists(u, "username")
//ConnectionTest - test ldap session connection with system default setting
func (session *Session) ConnectionTest() error {
session, err := LoadSystemLdapConfig()
if err != nil {
log.Errorf("system checking user %s failed, error: %v", user.Username, err)
return 0, fmt.Errorf("internal_error")
return fmt.Errorf("Failed to load system ldap config")
}
if exist {
return 0, fmt.Errorf("duplicate_username")
}
exist, err = dao.UserExists(u, "email")
if err != nil {
log.Errorf("system checking %s mailbox failed, error: %v", user.Username, err)
return 0, fmt.Errorf("internal_error")
}
if exist {
return 0, fmt.Errorf("duplicate_mailbox")
}
u.Password = "12345678AbC"
u.Comment = "from LDAP."
if u.Email == "" {
u.Email = u.Username + "@placeholder.com"
}
UserID, err := dao.Register(u)
if err != nil {
log.Errorf("system register user %s failed, error: %v", user.Username, err)
return 0, fmt.Errorf("registe_user_error")
}
return UserID, nil
return ConnectionTestWithConfig(session.ldapConfig)
}
// Bind establish a connection to ldap based on ldapConfs and bind the user with given parameters.
func Bind(ldapConfs models.LdapConf, dn string, password string) error {
conn, err := dialLDAP(ldapConfs)
//ConnectionTestWithConfig - test ldap session connection, out of the scope of normal session create/close
func ConnectionTestWithConfig(ldapConfig models.LdapConf) error {
authMode, err := config.AuthMode()
if err != nil {
log.Errorf("Connection test failed %v", err)
return err
}
//If no password present, use the system default password
if ldapConfig.LdapSearchPassword == "" && authMode == "ldap_auth" {
session, err := LoadSystemLdapConfig()
if err != nil {
return fmt.Errorf("Failed to load system ldap config")
}
ldapConfig.LdapSearchPassword = session.ldapConfig.LdapSearchPassword
}
testSession, err := createWithInternalConfig(ldapConfig)
if err != nil {
return err
}
defer conn.Close()
if ldapConfs.LdapSearchDn != "" {
if err := bindLDAPSearchDN(ldapConfs, conn); err != nil {
err = testSession.Open()
if err != nil {
return err
}
defer testSession.Close()
if testSession.ldapConfig.LdapSearchDn != "" {
err = testSession.Bind(testSession.ldapConfig.LdapSearchDn, testSession.ldapConfig.LdapSearchPassword)
if err != nil {
return err
}
}
return conn.Bind(dn, password)
}
func dialLDAP(ldapConfs models.LdapConf) (*goldap.Conn, error) {
var err error
var ldap *goldap.Conn
splitLdapURL := strings.Split(ldapConfs.LdapURL, "://")
protocol, hostport := splitLdapURL[0], splitLdapURL[1]
host := strings.Split(hostport, ":")[0]
// Sets a Dial Timeout for LDAP
connectionTimeout := ldapConfs.LdapConnectionTimeout
goldap.DefaultTimeout = time.Duration(connectionTimeout) * time.Second
switch protocol {
case "ldap":
ldap, err = goldap.Dial("tcp", hostport)
case "ldaps":
log.Debug("Start to dial ldaps")
ldap, err = goldap.DialTLS("tcp", hostport, &tls.Config{ServerName: host, InsecureSkipVerify: !ldapConfs.LdapVerifyCert})
}
return ldap, err
}
func bindLDAPSearchDN(ldapConfs models.LdapConf, ldap *goldap.Conn) error {
var err error
ldapSearchDn := ldapConfs.LdapSearchDn
ldapSearchPassword := ldapConfs.LdapSearchPassword
err = ldap.Bind(ldapSearchDn, ldapSearchPassword)
if err != nil {
log.Debug("Bind search dn error", err)
return err
}
return nil
}
func searchLDAP(ldapConfs models.LdapConf, ldap *goldap.Conn) (*goldap.SearchResult, error) {
//SearchUser - search LDAP user by name
func (session *Session) SearchUser(username string) ([]models.LdapUser, error) {
var ldapUsers []models.LdapUser
ldapFilter := session.createUserFilter(username)
result, err := session.SearchLdap(ldapFilter)
var err error
ldapBaseDn := ldapConfs.LdapBaseDn
ldapScope := ldapConfs.LdapScope
ldapFilter := ldapConfs.LdapFilter
if err != nil {
return nil, err
}
for _, ldapEntry := range result.Entries {
var u models.LdapUser
for _, attr := range ldapEntry.Attributes {
//OpenLdap sometimes contain leading space in useranme
val := strings.TrimSpace(attr.Values[0])
log.Debugf("Current ldap entry attr name: %s\n", attr.Name)
switch strings.ToLower(attr.Name) {
case strings.ToLower(session.ldapConfig.LdapUID):
u.Username = val
case "uid":
u.Realname = val
case "cn":
u.Realname = val
case "mail":
u.Email = val
case "email":
u.Email = val
}
}
u.DN = ldapEntry.DN
ldapUsers = append(ldapUsers, u)
}
return ldapUsers, nil
}
// Bind with specified DN and password, used in authentication
func (session *Session) Bind(dn string, password string) error {
return session.ldapConn.Bind(dn, password)
}
//Open - open Session
func (session *Session) Open() error {
splitLdapURL := strings.Split(session.ldapConfig.LdapURL, "://")
protocol, hostport := splitLdapURL[0], splitLdapURL[1]
host := strings.Split(hostport, ":")[0]
connectionTimeout := session.ldapConfig.LdapConnectionTimeout
goldap.DefaultTimeout = time.Duration(connectionTimeout) * time.Second
switch protocol {
case "ldap":
ldap, err := goldap.Dial("tcp", hostport)
if err != nil {
return err
}
session.ldapConn = ldap
case "ldaps":
log.Debug("Start to dial ldaps")
ldap, err := goldap.DialTLS("tcp", hostport, &tls.Config{ServerName: host, InsecureSkipVerify: !session.ldapConfig.LdapVerifyCert})
if err != nil {
return err
}
session.ldapConn = ldap
}
return nil
}
// SearchLdap to search ldap with the provide filter
func (session *Session) SearchLdap(filter string) (*goldap.SearchResult, error) {
if err := session.Bind(session.ldapConfig.LdapSearchDn, session.ldapConfig.LdapSearchPassword); err != nil {
return nil, fmt.Errorf("Can not bind search dn, error: %v", err)
}
attributes := []string{"uid", "cn", "mail", "email"}
lowerUID := strings.ToLower(ldapConfs.LdapUID)
lowerUID := strings.ToLower(session.ldapConfig.LdapUID)
if lowerUID != "uid" && lowerUID != "cn" && lowerUID != "mail" && lowerUID != "email" {
attributes = append(attributes, ldapConfs.LdapUID)
attributes = append(attributes, session.ldapConfig.LdapUID)
}
log.Debugf("Search ldap with filter:%v", filter)
searchRequest := goldap.NewSearchRequest(
ldapBaseDn,
ldapScope,
session.ldapConfig.LdapBaseDn,
session.ldapConfig.LdapScope,
goldap.NeverDerefAliases,
0, // Unlimited results.
0, // Search Timeout.
false, // Types Only
ldapFilter,
0, //Unlimited results
0, //Search Timeout
false, //Types only
filter,
attributes,
nil,
)
result, err := ldap.Search(searchRequest)
result, err := session.ldapConn.Search(searchRequest)
if result != nil {
log.Debugf("Found entries:%v\n", len(result.Entries))
} else {
log.Debugf("No entries")
}
if err != nil {
log.Debug("LDAP search error", err)
@ -404,39 +343,36 @@ func searchLDAP(ldapConfs models.LdapConf, ldap *goldap.Conn) (*goldap.SearchRes
}
return result, nil
}
// SearchAndImportUser - Search user in LDAP, if this user exist, import it to database
func SearchAndImportUser(username string) (int64, error) {
var err error
var userID int64
//CreateUserFilter - create filter to search user with specified username
func (session *Session) createUserFilter(username string) string {
var filterTag string
ldapConfs, err := GetSystemLdapConf()
if err != nil {
log.Errorf("Can not get ldap configuration, error %v", err)
return 0, err
}
ldapConfs, err = ValidateLdapConf(ldapConfs)
if err != nil {
log.Errorf("Invalid ldap request, error: %v", err)
return 0, err
if username == "" {
filterTag = "*"
} else {
filterTag = username
}
ldapConfs.LdapFilter = MakeFilter(username, ldapConfs.LdapFilter, ldapConfs.LdapUID)
log.Debugf("Search with LDAP with filter %s", ldapConfs.LdapFilter)
ldapFilter := session.ldapConfig.LdapFilter
ldapUID := session.ldapConfig.LdapUID
ldapUsers, err := SearchUser(ldapConfs)
if err != nil {
log.Errorf("Can not search ldap, error %v, filter: %s", err, ldapConfs.LdapFilter)
return 0, err
if ldapFilter == "" {
ldapFilter = "(" + ldapUID + "=" + filterTag + ")"
} else {
ldapFilter = "(&" + ldapFilter + "(" + ldapUID + "=" + filterTag + "))"
}
if len(ldapUsers) > 0 {
log.Debugf("Importing user %s to local database", ldapUsers[0].Username)
if userID, err = ImportUser(ldapUsers[0]); err != nil {
log.Errorf("Can not import ldap user to local db, error %v", err)
return 0, err
}
}
return userID, err
log.Debug("ldap filter :", ldapFilter)
return ldapFilter
}
//Close - close current session
func (session *Session) Close() {
if session.ldapConn != nil {
session.ldapConn.Close()
}
}

300
src/common/utils/ldap/ldap_test.go
View File

@ -11,19 +11,16 @@
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package ldap
import (
//"fmt"
//"strings"
"os"
"testing"
"github.com/vmware/harbor/src/common/models"
"github.com/vmware/harbor/src/common"
"github.com/vmware/harbor/src/common/dao"
"github.com/vmware/harbor/src/common/models"
"github.com/vmware/harbor/src/common/utils/log"
"github.com/vmware/harbor/src/common/utils/test"
uiConfig "github.com/vmware/harbor/src/ui/config"
@ -40,29 +37,15 @@ var adminServerLdapTestConfig = map[string]interface{}{
common.MySQLDatabase: "registry",
common.SQLiteFile: "/tmp/registry.db",
//config.SelfRegistration: true,
common.LDAPURL: "ldap://127.0.0.1",
common.LDAPSearchDN: "cn=admin,dc=example,dc=com",
common.LDAPSearchPwd: "admin",
common.LDAPBaseDN: "dc=example,dc=com",
common.LDAPUID: "uid",
common.LDAPFilter: "",
common.LDAPScope: 3,
common.LDAPTimeout: 30,
// config.TokenServiceURL: "",
// config.RegistryURL: "",
// config.EmailHost: "",
// config.EmailPort: 25,
// config.EmailUsername: "",
// config.EmailPassword: "password",
// config.EmailFrom: "from",
// config.EmailSSL: true,
// config.EmailIdentity: "",
// config.ProjectCreationRestriction: config.ProCrtRestrAdmOnly,
// config.VerifyRemoteCert: false,
// config.MaxJobWorkers: 3,
// config.TokenExpiration: 30,
common.CfgExpiration: 5,
// config.JobLogDir: "/var/log/jobs",
common.LDAPURL: "ldap://127.0.0.1",
common.LDAPSearchDN: "cn=admin,dc=example,dc=com",
common.LDAPSearchPwd: "admin",
common.LDAPBaseDN: "dc=example,dc=com",
common.LDAPUID: "uid",
common.LDAPFilter: "",
common.LDAPScope: 3,
common.LDAPTimeout: 30,
common.CfgExpiration: 5,
common.AdminInitialPassword: "password",
}
@ -105,42 +88,33 @@ var adminServerDefaultConfigWithVerifyCert = map[string]interface{}{
common.WithClair: false,
}
func TestMain(t *testing.T) {
func TestMain(m *testing.M) {
server, err := test.NewAdminserver(adminServerLdapTestConfig)
if err != nil {
t.Fatalf("failed to create a mock admin server: %v", err)
log.Fatalf("failed to create a mock admin server: %v", err)
}
defer server.Close()
if err := os.Setenv("ADMINSERVER_URL", server.URL); err != nil {
t.Fatalf("failed to set env %s: %v", "ADMINSERVER_URL", err)
log.Fatalf("failed to set env %s: %v", "ADMINSERVER_URL", err)
}
secretKeyPath := "/tmp/secretkey"
_, err = test.GenerateKey(secretKeyPath)
if err != nil {
t.Errorf("failed to generate secret key: %v", err)
log.Errorf("failed to generate secret key: %v", err)
return
}
defer os.Remove(secretKeyPath)
if err := os.Setenv("KEY_PATH", secretKeyPath); err != nil {
t.Fatalf("failed to set env %s: %v", "KEY_PATH", err)
log.Fatalf("failed to set env %s: %v", "KEY_PATH", err)
}
if err := uiConfig.Init(); err != nil {
t.Fatalf("failed to initialize configurations: %v", err)
log.Fatalf("failed to initialize configurations: %v", err)
}
// if err := uiConfig.Load(); err != nil {
// t.Fatalf("failed to load configurations: %v", err)
// }
// mode, err := uiConfig.AuthMode()
// if err != nil {
// t.Fatalf("failed to get auth mode: %v", err)
// }
database, err := uiConfig.Database()
if err != nil {
log.Fatalf("failed to get database configuration: %v", err)
@ -149,173 +123,141 @@ func TestMain(t *testing.T) {
if err := dao.InitDatabase(database); err != nil {
log.Fatalf("failed to initialize database: %v", err)
}
os.Exit(m.Run())
}
func TestGetSystemLdapConf(t *testing.T) {
testLdapConfig, err := GetSystemLdapConf()
func TestLoadSystemLdapConfig(t *testing.T) {
session, err := LoadSystemLdapConfig()
if err != nil {
t.Fatalf("failed to get system ldap config %v", err)
}
if testLdapConfig.LdapURL != "ldap://127.0.0.1" {
t.Errorf("unexpected LdapURL: %s != %s", testLdapConfig.LdapURL, "ldap://test.ldap.com")
}
}
func TestValidateLdapConf(t *testing.T) {
testLdapConfig, err := GetSystemLdapConf()
if err != nil {
t.Fatalf("failed to get system ldap config %v", err)
if session.ldapConfig.LdapURL != "ldap://127.0.0.1:389" {
t.Errorf("unexpected LdapURL: %s != %s", session.ldapConfig.LdapURL, "ldap://127.0.0.1:389")
}
testLdapConfig, err = ValidateLdapConf(testLdapConfig)
if testLdapConfig.LdapScope != 2 {
t.Errorf("unexpected LdapScope: %d != %d", testLdapConfig.LdapScope, 2)
}
}
func TestMakeFilter(t *testing.T) {
testLdapConfig, err := GetSystemLdapConf()
if err != nil {
t.Fatalf("failed to get system ldap config %v", err)
}
testLdapConfig.LdapFilter = "(ou=people)"
tempUsername := ""
tempFilter := MakeFilter(tempUsername, testLdapConfig.LdapFilter, testLdapConfig.LdapUID)
if tempFilter != "(&(ou=people)(uid=*))" {
t.Errorf("unexpected tempFilter: %s != %s", tempFilter, "(&(ou=people)(uid=*))")
}
tempUsername = "user0001"
tempFilter = MakeFilter(tempUsername, testLdapConfig.LdapFilter, testLdapConfig.LdapUID)
if tempFilter != "(&(ou=people)(uid=user0001))" {
t.Errorf("unexpected tempFilter: %s != %s", tempFilter, "(&(ou=people)(uid=user0001)")
}
}
func TestFormatLdapURL(t *testing.T) {
testLdapConfig, err := GetSystemLdapConf()
if err != nil {
t.Fatalf("failed to get system ldap config %v", err)
}
testLdapConfig.LdapURL = "test.ldap.com"
tempLdapURL, err := formatLdapURL(testLdapConfig.LdapURL)
if err != nil {
t.Errorf("failed to format Ldap URL %v", err)
}
if tempLdapURL != "ldap://test.ldap.com:389" {
t.Errorf("unexpected tempLdapURL: %s != %s", tempLdapURL, "ldap://test.ldap.com:389")
}
testLdapConfig.LdapURL = "ldaps://test.ldap.com"
tempLdapURL, err = formatLdapURL(testLdapConfig.LdapURL)
if err != nil {
t.Errorf("failed to format Ldap URL %v", err)
}
if tempLdapURL != "ldaps://test.ldap.com:636" {
t.Errorf("unexpected tempLdapURL: %s != %s", tempLdapURL, "ldap://test.ldap.com:636")
}
}
func TestImportUser(t *testing.T) {
var u models.LdapUser
var user models.User
u.Username = "ldapUser0001"
u.Realname = "ldapUser"
_, err := ImportUser(u)
if err != nil {
t.Fatalf("failed to add Ldap user: %v", err)
}
user.Username = "ldapUser0001"
user.Email = "ldapUser0001@placeholder.com"
exist, err := dao.UserExists(user, "username")
if !exist {
t.Errorf("failed to add Ldap username: %v", err)
}
exist, err = dao.UserExists(user, "email")
if !exist {
t.Errorf("failed to add Ldap user email: %v", err)
}
_, err = ImportUser(u)
if err.Error() != "duplicate_username" {
t.Fatalf("failed to checking duplicate user: %v", err)
if session.ldapConfig.LdapScope != 2 {
t.Errorf("unexpected LdapScope: %d != %d", session.ldapConfig.LdapScope, 2)
}
}
func TestConnectTest(t *testing.T) {
testLdapConfig, err := GetSystemLdapConf()
session, err := LoadSystemLdapConfig()
if err != nil {
t.Fatalf("failed to get system ldap config %v", err)
t.Errorf("failed to load system ldap config")
}
err = session.ConnectionTest()
if err != nil {
t.Errorf("Unexpected ldap connect fail: %v", err)
}
testLdapConfig.LdapURL = "ldap://localhost:389"
}
err = ConnectTest(testLdapConfig)
if err != nil {
t.Errorf("unexpected ldap connect fail: %v", err)
func TestCreateUIConfig(t *testing.T) {
var testConfigs = []struct {
config models.LdapConf
internalValue int
}{
{
models.LdapConf{
LdapScope: 3,
LdapURL: "ldaps://127.0.0.1",
}, 2},
{
models.LdapConf{
LdapScope: 2,
LdapURL: "ldaps://127.0.0.1",
}, 1},
{
models.LdapConf{
LdapScope: 1,
LdapURL: "ldaps://127.0.0.1",
}, 0},
{
models.LdapConf{
LdapScope: 1,
LdapURL: "ldaps://127.0.0.1:abc",
}, -1},
}
for _, val := range testConfigs {
session, err := CreateWithUIConfig(val.config)
if val.internalValue < 0 {
if err == nil {
t.Fatalf("Should have error with url :%v", val.config)
}
continue
}
if err != nil {
t.Fatalf("Can not create with ui config, err:%v", err)
}
if session.ldapConfig.LdapScope != val.internalValue {
t.Fatalf("Test failed expected %v, actual %v", val.internalValue, session.ldapConfig.LdapScope)
}
}
}
func TestSearchUser(t *testing.T) {
testLdapConfig, err := GetSystemLdapConf()
session, err := LoadSystemLdapConfig()
if err != nil {
t.Fatalf("failed to get system ldap config %v", err)
t.Fatalf("Can not load system ldap config")
}
testLdapConfig.LdapURL = "ldap://localhost:389"
testLdapConfig.LdapFilter = MakeFilter("", testLdapConfig.LdapFilter, testLdapConfig.LdapUID)
ldapUsers, err := SearchUser(testLdapConfig)
err = session.Open()
if err != nil {
t.Errorf("unexpected ldap search fail: %v", err)
t.Fatalf("failed to create ldap session %v", err)
}
if ldapUsers[0].Username != "test" {
t.Errorf("unexpected ldap user search result: %s = %s", "ldapUsers[0].Username", ldapUsers[0].Username)
err = session.Bind(session.ldapConfig.LdapSearchDn, session.ldapConfig.LdapSearchPassword)
if err != nil {
t.Fatalf("failed to bind search dn")
}
defer session.Close()
result, err := session.SearchUser("test")
if err != nil || len(result) == 0 {
t.Fatalf("failed to search user test!")
}
}
func TestSearchAndImportUser(t *testing.T) {
func TestFormatURL(t *testing.T) {
userID, err := SearchAndImportUser("test")
if err != nil {
t.Fatalf("Failed on error : %v ", err)
}
if userID <= 0 {
t.Fatalf("userID= %v", userID)
}
}
func TestSearchAndImportUserNotExist(t *testing.T) {
userID, _ := SearchAndImportUser("notexist")
if userID > 0 {
t.Fatal("Can not import a non exist ldap user!")
var invalidURL = "http://localhost:389"
_, err := formatURL(invalidURL)
if err == nil {
t.Fatalf("Should failed on invalid URL %v", invalidURL)
t.Fail()
}
var urls = []struct {
rawURL string
goodURL string
}{
{"ldaps://127.0.0.1", "ldaps://127.0.0.1:636"},
{"ldap://9.123.102.33", "ldap://9.123.102.33:389"},
{"ldaps://127.0.0.1:389", "ldaps://127.0.0.1:389"},
{"ldap://127.0.0.1:636", "ldaps://127.0.0.1:636"},
{"112.122.122.122", "ldap://112.122.122.122:389"},
{"ldap:\\wrong url", ""},
}
for _, u := range urls {
goodURL, err := formatURL(u.rawURL)
if u.goodURL == "" {
if err == nil {
t.Fatalf("Should failed on wrong url, %v", u.rawURL)
}
continue
}
if err != nil || goodURL != u.goodURL {
t.Fatalf("Faild on URL: raw=%v, expected:%v, actual:%v", u.rawURL, u.goodURL, goodURL)
}
}
}

3
src/jobservice/api/job_test.go
View File

@ -17,6 +17,5 @@ import (
"testing"
)
func TestMain(t *testing.T) {
func TestMain(m *testing.M) {
}

3
src/jobservice/job/statemachine.go
View File

@ -16,6 +16,7 @@ package job
import (
"fmt"
"runtime/debug"
"sync"
"github.com/vmware/harbor/src/common/models"
@ -80,7 +81,7 @@ func (sm *SM) Start(s string) {
defer func() {
if r := recover(); r != nil {
sm.Logger.Errorf("Panic: %v, entering error state", r)
log.Warningf("Panic when handling job: %v, panic: %v, entering error state", sm.CurrentJob, r)
log.Warningf("Panic when handling job: %v, panic: %v \n %s \n, entering error state", sm.CurrentJob, r, debug.Stack())
sm.EnterState(models.JobError)
}
}()

3
src/jobservice/jobservice_test.go
View File

@ -17,6 +17,5 @@ import (
"testing"
)
func TestMain(t *testing.T) {
func TestMain(m *testing.M) {
}

3
src/jobservice/replication/replication_test.go
View File

@ -17,6 +17,5 @@ import (
"testing"
)
func TestMain(t *testing.T) {
func TestMain(m *testing.M) {
}

98
src/ui/api/ldap.go
View File

@ -15,7 +15,6 @@
package api
import (
"encoding/json"
"fmt"
"net/http"
"strings"
@ -23,6 +22,7 @@ import (
"github.com/vmware/harbor/src/common/models"
ldapUtils "github.com/vmware/harbor/src/common/utils/ldap"
"github.com/vmware/harbor/src/common/utils/log"
"github.com/vmware/harbor/src/ui/auth"
)
// LdapAPI handles requesst to /api/ldap/ping /api/ldap/user/search /api/ldap/user/import
@ -47,47 +47,27 @@ func (l *LdapAPI) Prepare() {
// Ping ...
func (l *LdapAPI) Ping() {
var err error
var ldapConfs models.LdapConf
var err error
var ldapSession *ldapUtils.Session
l.Ctx.Input.CopyBody(1 << 32)
if string(l.Ctx.Input.RequestBody) == "" {
ldapConfs, err = ldapUtils.GetSystemLdapConf()
ldapSession, err = ldapUtils.LoadSystemLdapConfig()
if err != nil {
log.Errorf("Can't load system configuration, error: %v", err)
l.RenderError(http.StatusInternalServerError, fmt.Sprintf("can't load system configuration: %v", err))
return
}
err = ldapSession.ConnectionTest()
} else {
l.DecodeJSONReqAndValidate(&ldapConfs)
v := map[string]interface{}{}
if err := json.Unmarshal(l.Ctx.Input.RequestBody,
&v); err != nil {
log.Errorf("failed to unmarshal LDAP server settings: %v", err)
l.RenderError(http.StatusInternalServerError, "")
return
}
if _, ok := v["ldap_search_password"]; !ok {
settings, err := ldapUtils.GetSystemLdapConf()
if err != nil {
log.Errorf("Can't load system configuration, error: %v", err)
l.RenderError(http.StatusInternalServerError, fmt.Sprintf("can't load system configuration: %v", err))
return
}
ldapConfs.LdapSearchPassword = settings.LdapSearchPassword
}
err = ldapUtils.ConnectionTestWithConfig(ldapConfs)
}
ldapConfs, err = ldapUtils.ValidateLdapConf(ldapConfs)
if err != nil {
log.Errorf("Invalid ldap request, error: %v", err)
l.RenderError(http.StatusBadRequest, fmt.Sprintf("invalid ldap request: %v", err))
return
}
err = ldapUtils.ConnectTest(ldapConfs)
if err != nil {
log.Errorf("Ldap connect fail, error: %v", err)
log.Errorf("ldap connect fail, error: %v", err)
l.RenderError(http.StatusBadRequest, fmt.Sprintf("ldap connect fail: %v", err))
return
}
@ -98,26 +78,26 @@ func (l *LdapAPI) Search() {
var err error
var ldapUsers []models.LdapUser
var ldapConfs models.LdapConf
var ldapSession *ldapUtils.Session
l.Ctx.Input.CopyBody(1 << 32)
if string(l.Ctx.Input.RequestBody) == "" {
ldapConfs, err = ldapUtils.GetSystemLdapConf()
ldapSession, err = ldapUtils.LoadSystemLdapConfig()
if err != nil {
log.Errorf("Can't load system configuration, error: %v", err)
log.Errorf("can't load system configuration, error: %v", err)
l.RenderError(http.StatusInternalServerError, fmt.Sprintf("can't load system configuration: %v", err))
return
}
} else {
l.DecodeJSONReqAndValidate(&ldapConfs)
ldapSession, err = ldapUtils.CreateWithUIConfig(ldapConfs)
}
ldapConfs, err = ldapUtils.ValidateLdapConf(ldapConfs)
if err != nil {
log.Errorf("Invalid ldap request, error: %v", err)
l.RenderError(http.StatusBadRequest, fmt.Sprintf("invalid ldap request: %v", err))
if err = ldapSession.Open(); err != nil {
log.Errorf("can't Open ldap session, error: %v", err)
l.RenderError(http.StatusInternalServerError, fmt.Sprintf("can't open ldap session: %v", err))
return
}
defer ldapSession.Close()
searchName := l.GetString("username")
@ -131,9 +111,7 @@ func (l *LdapAPI) Search() {
}
}
ldapConfs.LdapFilter = ldapUtils.MakeFilter(searchName, ldapConfs.LdapFilter, ldapConfs.LdapUID)
ldapUsers, err = ldapUtils.SearchUser(ldapConfs)
ldapUsers, err = ldapSession.SearchUser(searchName)
if err != nil {
log.Errorf("Ldap search fail, error: %v", err)
@ -152,23 +130,9 @@ func (l *LdapAPI) ImportUser() {
var ldapFailedImportUsers []models.LdapFailedImportUser
var ldapConfs models.LdapConf
ldapConfs, err := ldapUtils.GetSystemLdapConf()
if err != nil {
log.Errorf("Can't load system configuration, error: %v", err)
l.RenderError(http.StatusInternalServerError, fmt.Sprintf("can't load system configuration: %v", err))
return
}
l.DecodeJSONReqAndValidate(&ldapImportUsers)
ldapConfs, err = ldapUtils.ValidateLdapConf(ldapConfs)
if err != nil {
log.Errorf("Invalid ldap request, error: %v", err)
l.RenderError(http.StatusBadRequest, fmt.Sprintf("invalid ldap request: %v", err))
return
}
ldapFailedImportUsers, err = importUsers(ldapConfs, ldapImportUsers.LdapUIDList)
ldapFailedImportUsers, err := importUsers(ldapConfs, ldapImportUsers.LdapUIDList)
if err != nil {
log.Errorf("Ldap import user fail, error: %v", err)
@ -190,7 +154,16 @@ func importUsers(ldapConfs models.LdapConf, ldapImportUsers []string) ([]models.
var failedImportUser []models.LdapFailedImportUser
var u models.LdapFailedImportUser
tempFilter := ldapConfs.LdapFilter
ldapSession, err := ldapUtils.LoadSystemLdapConfig()
if err != nil {
log.Errorf("can't load system configuration, error: %v", err)
return nil, err
}
if err = ldapSession.Open(); err != nil {
log.Errorf("Can't connect to ldap, error: %v", err)
}
defer ldapSession.Close()
for _, tempUID := range ldapImportUsers {
u.UID = tempUID
@ -214,9 +187,7 @@ func importUsers(ldapConfs models.LdapConf, ldapImportUsers []string) ([]models.
continue
}
ldapConfs.LdapFilter = ldapUtils.MakeFilter(u.UID, tempFilter, ldapConfs.LdapUID)
ldapUsers, err := ldapUtils.SearchUser(ldapConfs)
ldapUsers, err := ldapSession.SearchUser(u.UID)
if err != nil {
u.UID = tempUID
u.Error = "failed_search_user"
@ -225,16 +196,21 @@ func importUsers(ldapConfs models.LdapConf, ldapImportUsers []string) ([]models.
continue
}
if ldapUsers == nil {
if ldapUsers == nil || len(ldapUsers) <= 0 {
u.UID = tempUID
u.Error = "unknown_user"
failedImportUser = append(failedImportUser, u)
continue
}
_, err = ldapUtils.ImportUser(ldapUsers[0])
var user models.User
if err != nil {
user.Username = ldapUsers[0].Username
user.Realname = ldapUsers[0].Realname
user.Email = ldapUsers[0].Email
err = auth.OnBoardUser(&user)
if err != nil || user.UserID <= 0 {
u.UID = tempUID
u.Error = err.Error()
failedImportUser = append(failedImportUser, u)

35
src/ui/api/member.go
View File

@ -21,9 +21,8 @@ import (
"github.com/vmware/harbor/src/common/dao"
"github.com/vmware/harbor/src/common/models"
ldapUtils "github.com/vmware/harbor/src/common/utils/ldap"
"github.com/vmware/harbor/src/common/utils/log"
"github.com/vmware/harbor/src/ui/config"
"github.com/vmware/harbor/src/ui/auth"
)
// ProjectMemberAPI handles request to /api/projects/{}/members/{}
@ -164,35 +163,35 @@ func (pma *ProjectMemberAPI) Post() {
username := strings.TrimSpace(req.Username)
userID := checkUserExists(username)
if userID <= 0 {
//check current authorization mode
authMode, err := config.AuthMode()
user, err := auth.SearchUser(username)
if err != nil {
log.Errorf("Failed the retrieve auth_mode, error: %s", err)
pma.RenderError(http.StatusInternalServerError, "Failed to retrieve auth_mode")
log.Errorf("Failed the search user, error: %v", err)
pma.RenderError(http.StatusInternalServerError, "Failed to search user")
return
}
if authMode != "ldap_auth" {
log.Errorf("User does not exist, user name: %s", username)
pma.RenderError(http.StatusNotFound, "User does not exist")
if user == nil {
log.Errorf("Current user doesn't exist: %v", username)
pma.RenderError(http.StatusNotFound, "Failed to search user: "+username)
return
}
//search and import user
newUserID, err := ldapUtils.SearchAndImportUser(username)
err = auth.OnBoardUser(user)
if err != nil {
log.Errorf("Search and import user failed, error: %v ", err)
pma.RenderError(http.StatusInternalServerError, "Failed to search and import user")
log.Errorf("Failed the onboard user, error: %s", err)
pma.RenderError(http.StatusInternalServerError, "Failed to onboard user")
return
}
if newUserID <= 0 {
log.Error("Failed to create user")
pma.RenderError(http.StatusNotFound, "Failed to create user")
if user.UserID <= 0 {
log.Error("Failed the onboard user, UserId <=0")
pma.RenderError(http.StatusInternalServerError, "Failed to onboard user")
return
}
userID = user.UserID
userID = int(newUserID)
}
rolelist, err := dao.GetUserProjectRoles(userID, projectID)
if err != nil {

60
src/ui/api/user.go
View File

@ -21,6 +21,7 @@ import (
"strconv"
"strings"
"github.com/vmware/harbor/src/common"
"github.com/vmware/harbor/src/common/dao"
"github.com/vmware/harbor/src/common/models"
"github.com/vmware/harbor/src/common/utils/log"
@ -160,16 +161,9 @@ func (ua *UserAPI) List() {
// Put ...
func (ua *UserAPI) Put() {
ldapAdminUser := (ua.AuthMode == "ldap_auth" && ua.userID == 1 && ua.userID == ua.currentUserID)
if !(ua.AuthMode == "db_auth" || ldapAdminUser) {
ua.CustomAbort(http.StatusForbidden, "")
}
if !ua.IsAdmin {
if ua.userID != ua.currentUserID {
log.Warning("Guests can only change their own account.")
ua.CustomAbort(http.StatusForbidden, "Guests can only change their own account.")
}
if !ua.modifiable() {
ua.RenderError(http.StatusForbidden, fmt.Sprintf("User with ID %d cannot be modified", ua.userID))
return
}
user := models.User{UserID: ua.userID}
ua.DecodeJSONReq(&user)
@ -210,7 +204,7 @@ func (ua *UserAPI) Put() {
// Post ...
func (ua *UserAPI) Post() {
if !(ua.AuthMode == "db_auth") {
if !(ua.AuthMode == common.DBAuth) {
ua.CustomAbort(http.StatusForbidden, "")
}
@ -258,22 +252,8 @@ func (ua *UserAPI) Post() {
// Delete ...
func (ua *UserAPI) Delete() {
if !ua.IsAdmin {
log.Warningf("current user, id: %d does not have admin role, can not remove user", ua.currentUserID)
ua.RenderError(http.StatusForbidden, "User does not have admin role")
return
}
if ua.AuthMode == "ldap_auth" {
ua.CustomAbort(http.StatusForbidden, "user can not be deleted in LDAP authentication mode")
}
if ua.currentUserID == ua.userID {
ua.CustomAbort(http.StatusForbidden, "can not delete yourself")
}
if ua.userID == 1 {
ua.HandleForbidden(ua.SecurityCtx.GetUsername())
if !ua.IsAdmin || ua.AuthMode != common.DBAuth || ua.userID == 1 || ua.currentUserID == ua.userID {
ua.RenderError(http.StatusForbidden, fmt.Sprintf("User with ID: %d cannot be removed, auth mode: %s, current user ID: %d", ua.userID, ua.AuthMode, ua.currentUserID))
return
}
@ -288,17 +268,9 @@ func (ua *UserAPI) Delete() {
// ChangePassword handles PUT to /api/users/{}/password
func (ua *UserAPI) ChangePassword() {
ldapAdminUser := (ua.AuthMode == "ldap_auth" && ua.userID == 1 && ua.userID == ua.currentUserID)
if !(ua.AuthMode == "db_auth" || ldapAdminUser) {
ua.CustomAbort(http.StatusForbidden, "")
}
if !ua.IsAdmin {
if ua.userID != ua.currentUserID {
log.Error("Guests can only change their own account.")
ua.CustomAbort(http.StatusForbidden, "Guests can only change their own account.")
}
if !ua.modifiable() {
ua.RenderError(http.StatusForbidden, fmt.Sprintf("User with ID: %d is not modifiable", ua.userID))
return
}
var req passwordReq
@ -345,6 +317,18 @@ func (ua *UserAPI) ToggleUserAdminRole() {
}
}
// modifiable returns whether the modify is allowed based on current auth mode and context
func (ua *UserAPI) modifiable() bool {
if ua.AuthMode == common.DBAuth {
//When the auth mode is local DB, admin can modify anyone, non-admin can modify himself.
return ua.IsAdmin || ua.userID == ua.currentUserID
}
//When the auth mode is external IDM backend, only the super user can modify himself,
//because he's the only one whose information is stored in local DB.
return ua.userID == 1 && ua.userID == ua.currentUserID
}
// validate only validate when user register
func validate(user models.User) error {

51
src/ui/api/user_test.go
View File

@ -16,8 +16,11 @@ package api
import (
"fmt"
"github.com/stretchr/testify/assert"
"github.com/vmware/harbor/src/common/api"
"github.com/vmware/harbor/tests/apitests/apilib"
"testing"
"github.com/astaxie/beego"
)
var testUser0002ID, testUser0003ID int
@ -430,3 +433,51 @@ func TestUsersDelete(t *testing.T) {
assert.Equal(200, code, "Delete test user status should be 200")
}
}
func TestModifiable(t *testing.T) {
assert := assert.New(t)
base := BaseController{
api.BaseAPI{
beego.Controller{},
},
nil,
nil,
}
ua1 := &UserAPI{
base,
3,
4,
false,
false,
"db_auth",
}
assert.False(ua1.modifiable())
ua2 := &UserAPI{
base,
3,
4,
false,
true,
"db_auth",
}
assert.True(ua2.modifiable())
ua3 := &UserAPI{
base,
3,
4,
false,
true,
"ldap_auth",
}
assert.False(ua3.modifiable())
ua4 := &UserAPI{
base,
1,
1,
false,
true,
"ldap_auth",
}
assert.True(ua4.modifiable())
}

24
src/ui/auth/auth_test.go
View File

@ -16,10 +16,34 @@ package auth
import (
"testing"
"time"
"github.com/vmware/harbor/src/common"
)
var l = NewUserLock(2 * time.Second)
var adminServerLdapTestConfig = map[string]interface{}{
common.ExtEndpoint: "host01.com",
common.AUTHMode: "ldap_auth",
common.DatabaseType: "mysql",
common.MySQLHost: "127.0.0.1",
common.MySQLPort: 3306,
common.MySQLUsername: "root",
common.MySQLPassword: "root123",
common.MySQLDatabase: "registry",
common.SQLiteFile: "/tmp/registry.db",
common.LDAPURL: "ldap://127.0.0.1",
common.LDAPSearchDN: "cn=admin,dc=example,dc=com",
common.LDAPSearchPwd: "admin",
common.LDAPBaseDN: "dc=example,dc=com",
common.LDAPUID: "uid",
common.LDAPFilter: "",
common.LDAPScope: 3,
common.LDAPTimeout: 30,
common.CfgExpiration: 5,
common.AdminInitialPassword: "password",
}
func TestLock(t *testing.T) {
t.Log("Locking john")
l.Lock("john")

56
src/ui/auth/authenticator.go
View File

@ -26,33 +26,30 @@ import (
// 1.5 seconds
const frozenTime time.Duration = 1500 * time.Millisecond
const (
// DBAuth is the database auth mode.
DBAuth = "db_auth"
// LDAPAuth is the ldap auth mode.
LDAPAuth = "ldap_auth"
// UAAAuth is the uaa auth mode.
UAAAuth = "uaa_auth"
)
var lock = NewUserLock(frozenTime)
// Authenticator provides interface to authenticate user credentials.
type Authenticator interface {
// AuthenticateHelper provides interface for user management in different auth modes.
type AuthenticateHelper interface {
// Authenticate ...
Authenticate(m models.AuthModel) (*models.User, error)
// OnBoardUser will check if a user exists in user table, if not insert the user and
// put the id in the pointer of user model, if it does exist, fill in the user model based
// on the data record of the user
OnBoardUser(u *models.User) error
// Get user information from account repository
SearchUser(username string) (*models.User, error)
}
var registry = make(map[string]Authenticator)
var registry = make(map[string]AuthenticateHelper)
// Register add different authenticators to registry map.
func Register(name string, authenticator Authenticator) {
func Register(name string, h AuthenticateHelper) {
if _, dup := registry[name]; dup {
log.Infof("authenticator: %s has been registered", name)
return
}
registry[name] = authenticator
registry[name] = h
}
// Login authenticates user credentials based on setting.
@ -83,3 +80,34 @@ func Login(m models.AuthModel) (*models.User, error) {
}
return user, err
}
func getHelper() (AuthenticateHelper, error) {
authMode, err := config.AuthMode()
if err != nil {
return nil, err
}
AuthenticateHelper, ok := registry[authMode]
if !ok {
return nil, fmt.Errorf("Can not get authenticator, authmode: %s", authMode)
}
return AuthenticateHelper, nil
}
// OnBoardUser will check if a user exists in user table, if not insert the user and
// put the id in the pointer of user model, if it does exist, return the user's profile.
func OnBoardUser(user *models.User) error {
helper, err := getHelper()
if err != nil {
return err
}
return helper.OnBoardUser(user)
}
// SearchUser --
func SearchUser(username string) (*models.User, error) {
helper, err := getHelper()
if err != nil {
return nil, err
}
return helper.SearchUser(username)
}

17
src/ui/auth/db/db.go
View File

@ -15,9 +15,9 @@
package db
import (
"github.com/vmware/harbor/src/ui/auth"
"github.com/vmware/harbor/src/common/dao"
"github.com/vmware/harbor/src/common/models"
"github.com/vmware/harbor/src/ui/auth"
)
// Auth implements Authenticator interface to authenticate user against DB.
@ -32,6 +32,21 @@ func (d *Auth) Authenticate(m models.AuthModel) (*models.User, error) {
return u, nil
}
// OnBoardUser - Dummy implementation when auth_mod is db_auth
func (d *Auth) OnBoardUser(user *models.User) error {
//No need to create user in local database
return nil
}
// SearchUser - Check if user exist in local db
func (d *Auth) SearchUser(username string) (*models.User, error) {
var queryCondition = models.User{
Username: username,
}
return dao.GetUser(queryCondition)
}
func init() {
auth.Register("db_auth", &Auth{})
}

152
src/ui/auth/db/db_test.go
View File

@ -14,9 +14,159 @@
package db
import (
"log"
"os"
"testing"
"github.com/vmware/harbor/src/common"
"github.com/vmware/harbor/src/common/dao"
"github.com/vmware/harbor/src/common/utils/test"
"github.com/vmware/harbor/src/common/models"
"github.com/vmware/harbor/src/common/utils/ldap"
"github.com/vmware/harbor/src/ui/auth"
uiConfig "github.com/vmware/harbor/src/ui/config"
)
func TestMain(t *testing.T) {
var adminServerTestConfig = map[string]interface{}{
common.ExtEndpoint: "host01.com",
common.AUTHMode: "db_auth",
common.DatabaseType: "mysql",
common.MySQLHost: "127.0.0.1",
common.MySQLPort: 3306,
common.MySQLUsername: "root",
common.MySQLPassword: "root123",
common.MySQLDatabase: "registry",
common.SQLiteFile: "/tmp/registry.db",
//config.SelfRegistration: true,
common.LDAPURL: "ldap://127.0.0.1",
common.LDAPSearchDN: "cn=admin,dc=example,dc=com",
common.LDAPSearchPwd: "admin",
common.LDAPBaseDN: "dc=example,dc=com",
common.LDAPUID: "uid",
common.LDAPFilter: "",
common.LDAPScope: 3,
common.LDAPTimeout: 30,
// config.TokenServiceURL: "",
// config.RegistryURL: "",
// config.EmailHost: "",
// config.EmailPort: 25,
// config.EmailUsername: "",
// config.EmailPassword: "password",
// config.EmailFrom: "from",
// config.EmailSSL: true,
// config.EmailIdentity: "",
// config.ProjectCreationRestriction: config.ProCrtRestrAdmOnly,
// config.VerifyRemoteCert: false,
// config.MaxJobWorkers: 3,
// config.TokenExpiration: 30,
common.CfgExpiration: 5,
// config.JobLogDir: "/var/log/jobs",
common.AdminInitialPassword: "password",
}
func TestMain(m *testing.M) {
server, err := test.NewAdminserver(adminServerTestConfig)
if err != nil {
log.Fatalf("failed to create a mock admin server: %v", err)
}
defer server.Close()
if err := os.Setenv("ADMINSERVER_URL", server.URL); err != nil {
log.Fatalf("failed to set env %s: %v", "ADMINSERVER_URL", err)
}
secretKeyPath := "/tmp/secretkey"
_, err = test.GenerateKey(secretKeyPath)
if err != nil {
log.Fatalf("failed to generate secret key: %v", err)
return
}
defer os.Remove(secretKeyPath)
if err := os.Setenv("KEY_PATH", secretKeyPath); err != nil {
log.Fatalf("failed to set env %s: %v", "KEY_PATH", err)
}
if err := uiConfig.Init(); err != nil {
log.Fatalf("failed to initialize configurations: %v", err)
}
database, err := uiConfig.Database()
if err != nil {
log.Fatalf("failed to get database configuration: %v", err)
}
if err := dao.InitDatabase(database); err != nil {
log.Fatalf("failed to initialize database: %v", err)
}
}
func TestSearchUser(t *testing.T) {
//insert user first
user := &models.User{
Username: "existuser",
Email: "existuser@placeholder.com",
Realname: "Existing user",
}
err := dao.OnBoardUser(user)
if err != nil {
t.Fatalf("Failed to OnBoardUser %v", user)
}
var auth *Auth
newUser, err := auth.SearchUser("existuser")
if err != nil {
t.Fatalf("Failed to search user, error %v", err)
}
if newUser == nil {
t.Fatalf("Failed to search user %v", newUser)
}
}
func TestAuthenticateHelperOnboardUser(t *testing.T) {
user := models.User{
Username: "test01",
Realname: "test01",
Email: "test01@example.com",
}
err := auth.OnBoardUser(&user)
if err != nil {
t.Errorf("Failed to onboard user error: %v", err)
}
}
func TestAuthenticateHelperSearchUser(t *testing.T) {
user, err := auth.SearchUser("admin")
if err != nil {
t.Error("Failed to search user, admin")
}
if user == nil {
t.Error("Failed to search user admin")
}
}
func TestLdapConnectionTest(t *testing.T) {
var ldapConfig = models.LdapConf{
LdapURL: "ldap://127.0.0.1",
LdapSearchDn: "cn=admin,dc=example,dc=com",
LdapSearchPassword: "admin",
LdapBaseDn: "dc=example,dc=com",
LdapFilter: "",
LdapUID: "cn",
LdapScope: 3,
LdapConnectionTimeout: 10,
LdapVerifyCert: false,
}
//Test ldap connection under auth_mod is db_auth
err := ldap.ConnectionTestWithConfig(ldapConfig)
if err != nil {
t.Fatalf("Failed to test ldap server! error %v", err)
}
}

BIN
src/ui/auth/db/debug.test Executable file
View File

Binary file not shown.

76
src/ui/auth/ldap/ldap.go
View File

@ -25,7 +25,7 @@ import (
"github.com/vmware/harbor/src/ui/auth"
)
// Auth implements Authenticator interface to authenticate against LDAP
// Auth implements AuthenticateHelper interface to authenticate against LDAP
type Auth struct{}
const metaChars = "&|!=~*<>()"
@ -46,21 +46,19 @@ func (l *Auth) Authenticate(m models.AuthModel) (*models.User, error) {
}
}
ldapConfs, err := ldapUtils.GetSystemLdapConf()
ldapSession, err := ldapUtils.LoadSystemLdapConfig()
if err != nil {
return nil, fmt.Errorf("can't load system configuration: %v", err)
return nil, fmt.Errorf("can not load system ldap config: %v", err)
}
ldapConfs, err = ldapUtils.ValidateLdapConf(ldapConfs)
if err != nil {
return nil, fmt.Errorf("invalid ldap request: %v", err)
if err = ldapSession.Open(); err != nil {
log.Warningf("ldap connection fail: %v", err)
return nil, nil
}
defer ldapSession.Close()
ldapConfs.LdapFilter = ldapUtils.MakeFilter(p, ldapConfs.LdapFilter, ldapConfs.LdapUID)
ldapUsers, err := ldapUtils.SearchUser(ldapConfs)
ldapUsers, err := ldapSession.SearchUser(p)
if err != nil {
log.Warningf("ldap search fail: %v", err)
@ -83,7 +81,7 @@ func (l *Auth) Authenticate(m models.AuthModel) (*models.User, error) {
dn := ldapUsers[0].DN
log.Debugf("username: %s, dn: %s", u.Username, dn)
if err := ldapUtils.Bind(ldapConfs, dn, m.Password); err != nil {
if err = ldapSession.Bind(dn, m.Password); err != nil {
log.Warningf("Failed to bind user, username: %s, dn: %s, error: %v", u.Username, dn, err)
return nil, nil
}
@ -100,18 +98,68 @@ func (l *Auth) Authenticate(m models.AuthModel) (*models.User, error) {
u.UserID = currentUser.UserID
u.HasAdminRole = currentUser.HasAdminRole
} else {
userID, err := ldapUtils.ImportUser(ldapUsers[0])
if err != nil {
var user models.User
user.Username = ldapUsers[0].Username
user.Email = ldapUsers[0].Email
user.Realname = ldapUsers[0].Realname
err = auth.OnBoardUser(&user)
if err != nil || user.UserID <= 0 {
log.Errorf("Can't import user %s, error: %v", ldapUsers[0].Username, err)
return nil, fmt.Errorf("can't import user %s, error: %v", ldapUsers[0].Username, err)
}
u.UserID = int(userID)
u.UserID = user.UserID
}
return &u, nil
}
// OnBoardUser will check if a user exists in user table, if not insert the user and
// put the id in the pointer of user model, if it does exist, return the user's profile.
func (l *Auth) OnBoardUser(u *models.User) error {
if u.Email == "" {
if strings.Contains(u.Username, "@") {
u.Email = u.Username
} else {
u.Email = u.Username + "@placeholder.com"
}
}
u.Password = "12345678AbC" //Password is not kept in local db
u.Comment = "from LDAP." //Source is from LDAP
return dao.OnBoardUser(u)
}
//SearchUser -- Search user in ldap
func (l *Auth) SearchUser(username string) (*models.User, error) {
var user models.User
ldapSession, err := ldapUtils.LoadSystemLdapConfig()
if err = ldapSession.Open(); err != nil {
return nil, fmt.Errorf("Failed to load system ldap config, %v", err)
}
ldapUsers, err := ldapSession.SearchUser(username)
if err != nil {
return nil, fmt.Errorf("Failed to search user in ldap")
}
if len(ldapUsers) > 1 {
log.Warningf("There are more than one user found, return the first user")
}
if len(ldapUsers) > 0 {
user.Username = strings.TrimSpace(ldapUsers[0].Username)
user.Realname = strings.TrimSpace(ldapUsers[0].Realname)
log.Debugf("Found ldap user %v", user)
} else {
return nil, fmt.Errorf("No user found, %v", username)
}
return &user, nil
}
func init() {
auth.Register("ldap_auth", &Auth{})
}

93
src/ui/auth/ldap/ldap_test.go
View File

@ -24,6 +24,7 @@ import (
"github.com/vmware/harbor/src/common/models"
"github.com/vmware/harbor/src/common/utils/log"
"github.com/vmware/harbor/src/common/utils/test"
"github.com/vmware/harbor/src/ui/auth"
uiConfig "github.com/vmware/harbor/src/ui/config"
)
@ -64,42 +65,33 @@ var adminServerLdapTestConfig = map[string]interface{}{
common.AdminInitialPassword: "password",
}
func TestMain(t *testing.T) {
func TestMain(m *testing.M) {
server, err := test.NewAdminserver(adminServerLdapTestConfig)
if err != nil {
t.Fatalf("failed to create a mock admin server: %v", err)
log.Fatalf("failed to create a mock admin server: %v", err)
}
defer server.Close()
if err := os.Setenv("ADMINSERVER_URL", server.URL); err != nil {
t.Fatalf("failed to set env %s: %v", "ADMINSERVER_URL", err)
log.Fatalf("failed to set env %s: %v", "ADMINSERVER_URL", err)
}
secretKeyPath := "/tmp/secretkey"
_, err = test.GenerateKey(secretKeyPath)
if err != nil {
t.Errorf("failed to generate secret key: %v", err)
log.Errorf("failed to generate secret key: %v", err)
return
}
defer os.Remove(secretKeyPath)
if err := os.Setenv("KEY_PATH", secretKeyPath); err != nil {
t.Fatalf("failed to set env %s: %v", "KEY_PATH", err)
log.Fatalf("failed to set env %s: %v", "KEY_PATH", err)
}
if err := uiConfig.Init(); err != nil {
t.Fatalf("failed to initialize configurations: %v", err)
log.Fatalf("failed to initialize configurations: %v", err)
}
// if err := uiConfig.Load(); err != nil {
// t.Fatalf("failed to load configurations: %v", err)
// }
// mode, err := uiConfig.AuthMode()
// if err != nil {
// t.Fatalf("failed to get auth mode: %v", err)
// }
database, err := uiConfig.Database()
if err != nil {
log.Fatalf("failed to get database configuration: %v", err)
@ -108,6 +100,9 @@ func TestMain(t *testing.T) {
if err := dao.InitDatabase(database); err != nil {
log.Fatalf("failed to initialize database: %v", err)
}
retCode := m.Run()
os.Exit(retCode)
}
func TestAuthenticate(t *testing.T) {
@ -141,3 +136,71 @@ func TestAuthenticate(t *testing.T) {
t.Errorf("Nil user for empty credentials")
}
}
func TestSearchUser(t *testing.T) {
var username = "test"
var auth *Auth
user, err := auth.SearchUser(username)
if err != nil {
t.Errorf("Search user failed %v", err)
}
if user == nil {
t.Errorf("Search user failed %v", user)
}
}
func TestSearchUser_02(t *testing.T) {
var username = "nonexist"
var auth *Auth
user, _ := auth.SearchUser(username)
if user != nil {
t.Errorf("Should failed to search nonexist user")
}
}
func TestOnboardUser(t *testing.T) {
user := &models.User{
Username: "sample",
Email: "sample@example.com",
Realname: "Sample",
}
var auth *Auth
err := auth.OnBoardUser(user)
if err != nil {
t.Errorf("Failed to onboard user")
}
if user.UserID <= 0 {
t.Errorf("Failed to onboard user")
}
}
func TestAuthenticateHelperOnboardUser(t *testing.T) {
user := models.User{
Username: "test01",
Realname: "test01",
Email: "test01@example.com",
}
err := auth.OnBoardUser(&user)
if err != nil {
t.Errorf("Failed to onboard user error: %v", err)
}
if user.UserID <= 0 {
t.Errorf("Failed to onboard user, userid: %v", user.UserID)
}
}
func TestAuthenticateHelperSearchUser(t *testing.T) {
user, err := auth.SearchUser("test")
if err != nil {
t.Error("Failed to search user, test")
}
if user == nil {
t.Error("Failed to search user test")
}
}

20
src/ui/auth/uaa/uaa.go
View File

@ -20,7 +20,6 @@ import (
"github.com/vmware/harbor/src/common/dao"
"github.com/vmware/harbor/src/common/models"
"github.com/vmware/harbor/src/common/utils/uaa"
"github.com/vmware/harbor/src/ui/auth"
"github.com/vmware/harbor/src/ui/config"
)
@ -66,7 +65,7 @@ func doAuth(username, password string, client uaa.Client) (*models.User, error)
return nil, err
}
// Auth is the implementation of Authenticator to access uaa for authentication.
// Auth is the implementation of AuthenticateHelper to access uaa for authentication.
type Auth struct{}
//Authenticate ...
@ -78,6 +77,17 @@ func (u *Auth) Authenticate(m models.AuthModel) (*models.User, error) {
return doAuth(m.Principal, m.Password, client)
}
func init() {
auth.Register(auth.UAAAuth, &Auth{})
}
// OnBoardUser will check if a user exists in user table, if not insert the user and
// put the id in the pointer of user model, if it does exist, return the user's profile.
// func (u *Auth) OnBoardUser(user *models.User) error {
// panic("not implemented")
// }
// // SearchUser - search user on uaa server
// func (u *Auth) SearchUser(username string) (*models.User, error) {
// panic("not implemented")
// }
// func init() {
// auth.Register(auth.UAAAuth, &Auth{})
// }

7
src/ui/config/config.go
View File

@ -61,12 +61,17 @@ var (
func Init() error {
//init key provider
initKeyProvider()
adminServerURL := os.Getenv("ADMINSERVER_URL")
if len(adminServerURL) == 0 {
adminServerURL = "http://adminserver"
}
return InitByURL(adminServerURL)
}
// InitByURL Init configurations with given url
func InitByURL(adminServerURL string) error {
log.Infof("initializing client for adminserver %s ...", adminServerURL)
authorizer := auth.NewSecretAuthorizer(secretCookieName, UISecret())
AdminserverClient = client.NewClient(adminServerURL, authorizer)

37
src/ui/controllers/base.go
View File

@ -25,6 +25,7 @@ import (
"github.com/astaxie/beego"
"github.com/beego/i18n"
"github.com/vmware/harbor/src/common"
"github.com/vmware/harbor/src/common/dao"
"github.com/vmware/harbor/src/common/models"
"github.com/vmware/harbor/src/common/utils"
@ -101,8 +102,8 @@ func (cc *CommonController) UserExists() {
cc.ServeJSON()
}
// SendEmail verifies the Email address and contact SMTP server to send reset password Email.
func (cc *CommonController) SendEmail() {
// SendResetEmail verifies the Email address and contact SMTP server to send reset password Email.
func (cc *CommonController) SendResetEmail() {
email := cc.GetString("email")
@ -117,16 +118,21 @@ func (cc *CommonController) SendEmail() {
}
queryUser := models.User{Email: email}
exist, err := dao.UserExists(queryUser, "email")
u, err := dao.GetUser(queryUser)
if err != nil {
log.Errorf("Error occurred in UserExists: %v", err)
log.Errorf("Error occurred in GetUser: %v", err)
cc.CustomAbort(http.StatusInternalServerError, "Internal error.")
}
if !exist {
if u == nil {
log.Debugf("email %s not found", email)
cc.CustomAbort(http.StatusNotFound, "email_does_not_exist")
}
if !isUserResetable(u) {
log.Errorf("Resetting password for user with ID: %d is not allowed", u.UserID)
cc.CustomAbort(http.StatusForbidden, http.StatusText(http.StatusForbidden))
}
uuid := utils.GenerateRandomString()
user := models.User{ResetUUID: uuid, Email: email}
if err = dao.UpdateUserResetUUID(user); err != nil {
@ -192,6 +198,7 @@ func (cc *CommonController) ResetPassword() {
queryUser := models.User{ResetUUID: resetUUID}
user, err := dao.GetUser(queryUser)
if err != nil {
log.Errorf("Error occurred in GetUser: %v", err)
cc.CustomAbort(http.StatusInternalServerError, "Internal error.")
@ -201,6 +208,11 @@ func (cc *CommonController) ResetPassword() {
cc.CustomAbort(http.StatusBadRequest, "User does not exist")
}
if !isUserResetable(user) {
log.Errorf("Resetting password for user with ID: %d is not allowed", user.UserID)
cc.CustomAbort(http.StatusForbidden, http.StatusText(http.StatusForbidden))
}
password := cc.GetString("password")
if password != "" {
@ -215,6 +227,21 @@ func (cc *CommonController) ResetPassword() {
}
}
func isUserResetable(u *models.User) bool {
if u == nil {
return false
}
mode, err := config.AuthMode()
if err != nil {
log.Errorf("Failed to get the auth mode, error: %v", err)
return false
}
if mode == common.DBAuth {
return true
}
return u.UserID == 1
}
func init() {
//conf/app.conf -> os.Getenv("config_path")
configPath := os.Getenv("CONFIG_PATH")

76
src/ui/controllers/controllers_test.go
View File

@ -22,11 +22,14 @@ import (
"testing"
"fmt"
"os"
"strings"
"github.com/astaxie/beego"
"github.com/stretchr/testify/assert"
"github.com/vmware/harbor/src/common/utils/log"
"github.com/vmware/harbor/src/common"
"github.com/vmware/harbor/src/common/models"
"github.com/vmware/harbor/src/common/utils/test"
"github.com/vmware/harbor/src/ui/config"
"github.com/vmware/harbor/src/ui/proxy"
)
@ -44,14 +47,6 @@ import (
//var admin *usrInfo
func init() {
if err := config.Init(); err != nil {
log.Fatalf("failed to initialize configurations: %v", err)
}
if err := proxy.Init(); err != nil {
log.Fatalf("Failed to initialize the proxy: %v", err)
}
_, file, _, _ := runtime.Caller(1)
apppath, _ := filepath.Abs(filepath.Dir(filepath.Join(file, ".."+string(filepath.Separator))))
beego.BConfig.WebConfig.Session.SessionOn = true
@ -64,15 +59,74 @@ func init() {
beego.Router("/log_out", &CommonController{}, "get:LogOut")
beego.Router("/reset", &CommonController{}, "post:ResetPassword")
beego.Router("/userExists", &CommonController{}, "post:UserExists")
beego.Router("/sendEmail", &CommonController{}, "get:SendEmail")
beego.Router("/sendEmail", &CommonController{}, "get:SendResetEmail")
beego.Router("/registryproxy/*", &RegistryProxy{}, "*:Handle")
}
func TestMain(m *testing.M) {
rc := m.Run()
if rc != 0 {
os.Exit(rc)
}
//Init user Info
//admin = &usrInfo{adminName, adminPwd}
}
// TestUserResettable
func TestUserResettable(t *testing.T) {
assert := assert.New(t)
DBAuthConfig := map[string]interface{}{
common.AUTHMode: common.DBAuth,
common.CfgExpiration: 5,
common.TokenExpiration: 30,
}
LDAPAuthConfig := map[string]interface{}{
common.AUTHMode: common.LDAPAuth,
common.CfgExpiration: 5,
common.TokenExpiration: 30,
}
DBAuthAdminsvr, err := test.NewAdminserver(DBAuthConfig)
if err != nil {
panic(err)
}
LDAPAuthAdminsvr, err := test.NewAdminserver(LDAPAuthConfig)
if err != nil {
panic(err)
}
defer DBAuthAdminsvr.Close()
defer LDAPAuthAdminsvr.Close()
if err := config.InitByURL(LDAPAuthAdminsvr.URL); err != nil {
panic(err)
}
u1 := &models.User{
UserID: 3,
Username: "daniel",
Email: "daniel@test.com",
}
u2 := &models.User{
UserID: 1,
Username: "jack",
Email: "jack@test.com",
}
assert.False(isUserResetable(u1))
assert.True(isUserResetable(u2))
if err := config.InitByURL(DBAuthAdminsvr.URL); err != nil {
panic(err)
}
assert.True(isUserResetable(u1))
}
// TestMain is a sample to run an endpoint test
func TestMain(t *testing.T) {
func TestAll(t *testing.T) {
if err := config.Init(); err != nil {
panic(err)
}
if err := proxy.Init(); err != nil {
panic(err)
}
assert := assert.New(t)
// v := url.Values{}

2
src/ui/router.go
View File

@ -65,7 +65,7 @@ func initRouters() {
beego.Router("/log_out", &controllers.CommonController{}, "get:LogOut")
beego.Router("/reset", &controllers.CommonController{}, "post:ResetPassword")
beego.Router("/userExists", &controllers.CommonController{}, "post:UserExists")
beego.Router("/sendEmail", &controllers.CommonController{}, "get:SendEmail")
beego.Router("/sendEmail", &controllers.CommonController{}, "get:SendResetEmail")
//API:
beego.Router("/api/projects/:pid([0-9]+)/members/?:mid", &api.ProjectMemberAPI{})

3
src/ui/service/service_test.go
View File

@ -17,6 +17,5 @@ import (
"testing"
)
func TestMain(t *testing.T) {
func TestMain(m *testing.M) {
}

10
src/ui/ui_test.go
View File

@ -12,13 +12,3 @@
// See the License for the specific language governing permissions and
// limitations under the License.
package main
/*
import (
"testing"
)
func TestMain(t *testing.T) {
}
*/

3
src/ui/utils/utils_test.go
View File

@ -17,6 +17,5 @@ import (
"testing"
)
func TestMain(t *testing.T) {
func TestMain(m *testing.M) {
}

2
src/ui_ng/lib/package.json
View File

@ -1,6 +1,6 @@
{
"name": "harbor-ui",
"version": "0.5.0",
"version": "0.6.0",
"description": "Harbor shared UI components based on Clarity and Angular4",
"scripts": {
"start": "ng serve --host 0.0.0.0 --port 4500 --proxy-config proxy.config.json",

2
src/ui_ng/lib/pkg/package.json
View File

@ -1,6 +1,6 @@
{
"name": "harbor-ui",
"version": "0.5.13",
"version": "0.6.0",
"description": "Harbor shared UI components based on Clarity and Angular4",
"author": "VMware",
"module": "index.js",

6
src/ui_ng/lib/src/harbor-library.module.ts
View File

@ -6,7 +6,7 @@ import { ENDPOINT_DIRECTIVES } from './endpoint/index';
import { REPOSITORY_DIRECTIVES } from './repository/index';
import { REPOSITORY_STACKVIEW_DIRECTIVES } from './repository-stackview/index';
import { LIST_REPOSITORY_DIRECTIVES } from './list-repository/index';
import { REPOSITORY_LISTVIEW_DIRECTIVES } from './repository-listview/index';
import { TAG_DIRECTIVES } from './tag/index';
import { REPLICATION_DIRECTIVES } from './replication/index';
@ -157,7 +157,7 @@ export function initConfig(translateInitializer: TranslateServiceInitializer, co
ENDPOINT_DIRECTIVES,
REPOSITORY_DIRECTIVES,
REPOSITORY_STACKVIEW_DIRECTIVES,
LIST_REPOSITORY_DIRECTIVES,
REPOSITORY_LISTVIEW_DIRECTIVES,
TAG_DIRECTIVES,
CREATE_EDIT_ENDPOINT_DIRECTIVES,
CONFIRMATION_DIALOG_DIRECTIVES,
@ -178,7 +178,7 @@ export function initConfig(translateInitializer: TranslateServiceInitializer, co
ENDPOINT_DIRECTIVES,
REPOSITORY_DIRECTIVES,
REPOSITORY_STACKVIEW_DIRECTIVES,
LIST_REPOSITORY_DIRECTIVES,
REPOSITORY_LISTVIEW_DIRECTIVES,
TAG_DIRECTIVES,
CREATE_EDIT_ENDPOINT_DIRECTIVES,
CONFIRMATION_DIALOG_DIRECTIVES,

7
src/ui_ng/lib/src/list-repository/index.ts
View File

@ -1,7 +0,0 @@
import { Type } from '@angular/core';
import { ListRepositoryComponent } from './list-repository.component';
export const LIST_REPOSITORY_DIRECTIVES: Type<any>[] = [
ListRepositoryComponent
];

1
src/ui_ng/lib/src/list-repository/list-repository.component.css.ts
View File

@ -1 +0,0 @@
export const LIST_REPOSITORY_STYLE = ``;

20
src/ui_ng/lib/src/list-repository/list-repository.component.html.ts
View File

@ -1,20 +0,0 @@
export const LIST_REPOSITORY_TEMPLATE = `
<clr-datagrid (clrDgRefresh)="refresh($event)">
<clr-dg-column [clrDgField]="'name'">{{'REPOSITORY.NAME' | translate}}</clr-dg-column>
<clr-dg-column [clrDgSortBy]="tagsCountComparator">{{'REPOSITORY.TAGS_COUNT' | translate}}</clr-dg-column>
<clr-dg-column [clrDgSortBy]="pullCountComparator">{{'REPOSITORY.PULL_COUNT' | translate}}</clr-dg-column>
<clr-dg-placeholder>{{'REPOSITORY.PLACEHOLDER' | translate }}</clr-dg-placeholder>
<clr-dg-row *clrDgItems="let r of repositories" [clrDgItem]='r'>
<clr-dg-action-overflow [hidden]="!hasProjectAdminRole">
<button class="action-item" (click)="deleteRepo(r.name)">{{'REPOSITORY.DELETE' | translate}}</button>
</clr-dg-action-overflow>
<clr-dg-cell><a href="javascript:void(0)" (click)="gotoLink(projectId || r.project_id, r.name || r.repository_name)">{{r.name}}</a></clr-dg-cell>
<clr-dg-cell>{{r.tags_count}}</clr-dg-cell>
<clr-dg-cell>{{r.pull_count}}</clr-dg-cell>
</clr-dg-row>
<clr-dg-footer>
<span *ngIf="pagination.totalItems">{{pagination.firstItem + 1}} - {{pagination.lastItem + 1}} {{'REPOSITORY.OF' | translate}}</span>
{{pagination.totalItems}}{{'REPOSITORY.ITEMS' | translate}}
<clr-dg-pagination #pagination [clrDgPageSize]="15"></clr-dg-pagination>
</clr-dg-footer>
</clr-datagrid>`;

78
src/ui_ng/lib/src/list-repository/list-repository.component.spec.ts
View File

@ -1,78 +0,0 @@
import { ComponentFixture, TestBed, async } from '@angular/core/testing';
import { By } from '@angular/platform-browser';
import { DebugElement } from '@angular/core';
import { Router } from '@angular/router';
import { SharedModule } from '../shared/shared.module';
import { ConfirmationDialogComponent } from '../confirmation-dialog/confirmation-dialog.component';
import { ListRepositoryComponent } from './list-repository.component';
import { Repository, RepositoryItem } from '../service/interface';
import { SERVICE_CONFIG, IServiceConfig } from '../service.config';
class RouterStub {
navigateByUrl(url: string) { return url; }
}
describe('ListRepositoryComponent (inline template)', () => {
let comp: ListRepositoryComponent;
let fixture: ComponentFixture<ListRepositoryComponent>;
let mockData: RepositoryItem[] = [
{
"id": 11,
"name": "library/busybox",
"project_id": 1,
"description": "",
"pull_count": 0,
"star_count": 0,
"tags_count": 1
},
{
"id": 12,
"name": "library/nginx",
"project_id": 1,
"description": "",
"pull_count": 0,
"star_count": 0,
"tags_count": 1
}
];
beforeEach(async(() => {
TestBed.configureTestingModule({
imports: [
SharedModule
],
declarations: [
ListRepositoryComponent,
ConfirmationDialogComponent
],
providers: [
{ provide: Router, useClass: RouterStub },
{ provide: SERVICE_CONFIG, useValue: {} }
]
});
}));
beforeEach(() => {
fixture = TestBed.createComponent(ListRepositoryComponent);
comp = fixture.componentInstance;
});
it('should load and render data', async(() => {
fixture.detectChanges();
comp.repositories = mockData;
fixture.whenStable().then(() => {
fixture.detectChanges();
expect(comp.repositories).toBeTruthy();
let de: DebugElement = fixture.debugElement.query(By.css('datagrid-cell'));
fixture.detectChanges();
expect(de).toBeTruthy();
let el: HTMLElement = de.nativeElement;
expect(el).toBeTruthy();
expect(el.textContent).toEqual('library/busybox');
});
}));
});

56
src/ui_ng/lib/src/list-repository/list-repository.component.ts
View File

@ -1,56 +0,0 @@
import { Component, Input, Output, EventEmitter, ChangeDetectorRef, ChangeDetectionStrategy } from '@angular/core';
import { Router } from '@angular/router';
import { State, Comparator } from 'clarity-angular';
import { RepositoryItem } from '../service/interface';
import { LIST_REPOSITORY_TEMPLATE } from './list-repository.component.html';
import { CustomComparator } from '../utils';
@Component({
selector: 'hbr-list-repository',
template: LIST_REPOSITORY_TEMPLATE,
changeDetection: ChangeDetectionStrategy.OnPush
})
export class ListRepositoryComponent {
@Input() urlPrefix: string;
@Input() projectId: number;
@Input() repositories: RepositoryItem[];
@Output() delete = new EventEmitter<string>();
@Output() paginate = new EventEmitter<State>();
@Input() hasProjectAdminRole: boolean;
pageOffset: number = 1;
pullCountComparator: Comparator<RepositoryItem> = new CustomComparator<RepositoryItem>('pull_count', 'number');
tagsCountComparator: Comparator<RepositoryItem> = new CustomComparator<RepositoryItem>('tags_count', 'number');
constructor(
private router: Router,
private ref: ChangeDetectorRef) {
let hnd = setInterval(()=>ref.markForCheck(), 100);
setTimeout(()=>clearInterval(hnd), 1000);
}
ngOnInit() { }
deleteRepo(repoName: string) {
this.delete.emit(repoName);
}
refresh(state: State) {
if (this.repositories) {
this.paginate.emit(state);
}
}
public gotoLink(projectId: number, repoName: string): void {
let linkUrl = [this.urlPrefix, 'tags', projectId, repoName];
this.router.navigate(linkUrl);
}
}

6
src/ui_ng/lib/src/repository-listview/index.ts Normal file
View File

@ -0,0 +1,6 @@
import { Type } from '@angular/core';
import { RepositoryListviewComponent } from './repository-listview.component';
export const REPOSITORY_LISTVIEW_DIRECTIVES: Type<any>[] = [
RepositoryListviewComponent
];

2
src/ui_ng/lib/src/repository-listview/repository-listview.component.css.ts Normal file
View File

@ -0,0 +1,2 @@
export const REPOSITORY_LISTVIEW_STYLE = `
`;

41
src/ui_ng/lib/src/repository-listview/repository-listview.component.html.ts Normal file
View File

@ -0,0 +1,41 @@
export const REPOSITORY_LISTVIEW_TEMPLATE = `
<div>
<div class="row">
<div class="col-lg-12 col-md-12 col-sm-12 col-xs-12">
<div class="row flex-items-xs-right option-right">
<div class="flex-xs-middle">
<hbr-push-image-button style="display: inline-block;" [registryUrl]="registryUrl" [projectName]="projectName"></hbr-push-image-button>
<hbr-filter [withDivider]="true" filterPlaceholder="{{'REPOSITORY.FILTER_FOR_REPOSITORIES' | translate}}" (filter)="doSearchRepoNames($event)" [currentValue]="lastFilteredRepoName"></hbr-filter>
<span class="refresh-btn" (click)="refresh()"><clr-icon shape="refresh"></clr-icon></span>
</div>
</div>
</div>
<div class="col-lg-12 col-md-12 col-sm-12 col-xs-12">
<clr-datagrid (clrDgRefresh)="clrLoad($event)" [clrDgLoading]="loading">
<clr-dg-column [clrDgField]="'name'">{{'REPOSITORY.NAME' | translate}}</clr-dg-column>
<clr-dg-column [clrDgSortBy]="tagsCountComparator">{{'REPOSITORY.TAGS_COUNT' | translate}}</clr-dg-column>
<clr-dg-column [clrDgSortBy]="pullCountComparator">{{'REPOSITORY.PULL_COUNT' | translate}}</clr-dg-column>
<clr-dg-placeholder>{{'REPOSITORY.PLACEHOLDER' | translate }}</clr-dg-placeholder>
<clr-dg-row *ngFor="let r of repositories">
<clr-dg-action-overflow [hidden]="!hasProjectAdminRole">
<button class="action-item" (click)="deleteRepo(r.name)">{{'REPOSITORY.DELETE' | translate}}</button>
</clr-dg-action-overflow>
<clr-dg-cell><a href="javascript:void(0)" (click)="gotoLink(projectId || r.project_id, r.name || r.repository_name)">{{r.name}}</a></clr-dg-cell>
<clr-dg-cell>{{r.tags_count}}</clr-dg-cell>
<clr-dg-cell>{{r.pull_count}}</clr-dg-cell>
</clr-dg-row>
<clr-dg-footer>
<span *ngIf="showDBStatusWarning" class="db-status-warning">
<clr-icon shape="warning" class="is-warning" size="24"></clr-icon>
{{'CONFIG.SCANNING.DB_NOT_READY' | translate }}
</span>
<span *ngIf="pagination.totalItems">{{pagination.firstItem + 1}} - {{pagination.lastItem + 1}} {{'REPOSITORY.OF' | translate}}</span>
{{pagination.totalItems}} {{'REPOSITORY.ITEMS' | translate}}
<clr-dg-pagination #pagination [(clrDgPage)]="currentPage" [clrDgPageSize]="pageSize" [clrDgTotalItems]="totalCount"></clr-dg-pagination>
</clr-dg-footer>
</clr-datagrid>
</div>
</div>
<confirmation-dialog #confirmationDialog (confirmAction)="confirmDeletion($event)"></confirmation-dialog>
</div>
`;

170
src/ui_ng/lib/src/repository-listview/repository-listview.component.spec.ts Normal file
View File

@ -0,0 +1,170 @@
import { ComponentFixture, TestBed, async } from '@angular/core/testing';
import { By } from '@angular/platform-browser';
import { DebugElement } from '@angular/core';
import { RouterTestingModule } from '@angular/router/testing';
import { SharedModule } from '../shared/shared.module';
import { ConfirmationDialogComponent } from '../confirmation-dialog/confirmation-dialog.component';
import { RepositoryListviewComponent } from './repository-listview.component';
import { TagComponent } from '../tag/tag.component';
import { FilterComponent } from '../filter/filter.component';
import { ErrorHandler } from '../error-handler/error-handler';
import { Repository, RepositoryItem, Tag, SystemInfo } from '../service/interface';
import { SERVICE_CONFIG, IServiceConfig } from '../service.config';
import { RepositoryService, RepositoryDefaultService } from '../service/repository.service';
import { TagService, TagDefaultService } from '../service/tag.service';
import { SystemInfoService, SystemInfoDefaultService } from '../service/system-info.service';
import { VULNERABILITY_DIRECTIVES } from '../vulnerability-scanning/index';
import { PUSH_IMAGE_BUTTON_DIRECTIVES } from '../push-image/index';
import { INLINE_ALERT_DIRECTIVES } from '../inline-alert/index';
import { JobLogViewerComponent } from '../job-log-viewer/index';
import { click } from '../utils';
describe('RepositoryComponentListview (inline template)', () => {
let compRepo: RepositoryListviewComponent;
let fixtureRepo: ComponentFixture<RepositoryListviewComponent>;
let repositoryService: RepositoryService;
let tagService: TagService;
let systemInfoService: SystemInfoService;
let spyRepos: jasmine.Spy;
let spySystemInfo: jasmine.Spy;
let mockSystemInfo: SystemInfo = {
"with_notary": true,
"with_admiral": false,
"admiral_endpoint": "NA",
"auth_mode": "db_auth",
"registry_url": "10.112.122.56",
"project_creation_restriction": "everyone",
"self_registration": true,
"has_ca_root": false,
"harbor_version": "v1.1.1-rc1-160-g565110d"
};
let mockRepoData: RepositoryItem[] = [
{
"id": 1,
"name": "library/busybox",
"project_id": 1,
"description": "asdfsadf",
"pull_count": 0,
"star_count": 0,
"tags_count": 1
},
{
"id": 2,
"name": "library/nginx",
"project_id": 1,
"description": "asdf",
"pull_count": 0,
"star_count": 0,
"tags_count": 1
}
];
let mockRepo: Repository = {
metadata: {xTotalCount: 2},
data: mockRepoData
};
let mockTagData: Tag[] = [
{
"digest": "sha256:e5c82328a509aeb7c18c1d7fb36633dc638fcf433f651bdcda59c1cc04d3ee55",
"name": "1.11.5",
"size": "2049",
"architecture": "amd64",
"os": "linux",
"docker_version": "1.12.3",
"author": "NGINX Docker Maintainers \"docker-maint@nginx.com\"",
"created": new Date("2016-11-08T22:41:15.912313785Z"),
"signature": null
}
];
let config: IServiceConfig = {
repositoryBaseEndpoint: '/api/repository/testing',
systemInfoEndpoint: '/api/systeminfo/testing',
targetBaseEndpoint: '/api/tag/testing'
};
beforeEach(async(() => {
TestBed.configureTestingModule({
imports: [
SharedModule,
RouterTestingModule
],
declarations: [
RepositoryListviewComponent,
TagComponent,
ConfirmationDialogComponent,
FilterComponent,
VULNERABILITY_DIRECTIVES,
PUSH_IMAGE_BUTTON_DIRECTIVES,
INLINE_ALERT_DIRECTIVES,
JobLogViewerComponent
],
providers: [
ErrorHandler,
{ provide: SERVICE_CONFIG, useValue: config },
{ provide: RepositoryService, useClass: RepositoryDefaultService },
{ provide: TagService, useClass: TagDefaultService },
{ provide: SystemInfoService, useClass: SystemInfoDefaultService }
]
});
}));
beforeEach(() => {
fixtureRepo = TestBed.createComponent(RepositoryListviewComponent);
compRepo = fixtureRepo.componentInstance;
compRepo.projectId = 1;
compRepo.hasProjectAdminRole = true;
repositoryService = fixtureRepo.debugElement.injector.get(RepositoryService);
systemInfoService = fixtureRepo.debugElement.injector.get(SystemInfoService);
spyRepos = spyOn(repositoryService, 'getRepositories').and.returnValues(Promise.resolve(mockRepo));
spySystemInfo = spyOn(systemInfoService, 'getSystemInfo').and.returnValues(Promise.resolve(mockSystemInfo));
fixtureRepo.detectChanges();
});
it('should create', () => {
expect(compRepo).toBeTruthy();
});
it('should load and render data', async(() => {
fixtureRepo.detectChanges();
fixtureRepo.whenStable().then(() => {
fixtureRepo.detectChanges();
let deRepo: DebugElement = fixtureRepo.debugElement.query(By.css('datagrid-cell'));
expect(deRepo).toBeTruthy();
let elRepo: HTMLElement = deRepo.nativeElement;
expect(elRepo).toBeTruthy();
expect(elRepo.textContent).toEqual('library/busybox');
});
}));
it('should filter data by keyword', async(() => {
fixtureRepo.detectChanges();
fixtureRepo.whenStable().then(() => {
fixtureRepo.detectChanges();
compRepo.doSearchRepoNames('nginx');
fixtureRepo.detectChanges();
let de: DebugElement[] = fixtureRepo.debugElement.queryAll(By.css('datagrid-cell'));
expect(de).toBeTruthy();
expect(de.length).toEqual(1);
let el: HTMLElement = de[0].nativeElement;
expect(el).toBeTruthy();
expect(el.textContent).toEqual('library/nginx');
});
}));
});

303
src/ui_ng/lib/src/repository-listview/repository-listview.component.ts Normal file
View File

@ -0,0 +1,303 @@
import {
Component,
Input,
Output,
OnInit,
ViewChild,
ChangeDetectionStrategy,
ChangeDetectorRef,
EventEmitter, OnChanges, SimpleChanges
} from '@angular/core';
import { Router } from '@angular/router';
import { TranslateService } from '@ngx-translate/core';
import { Comparator } from 'clarity-angular';
import { REPOSITORY_LISTVIEW_TEMPLATE } from './repository-listview.component.html';
import { REPOSITORY_LISTVIEW_STYLE } from './repository-listview.component.css';
import {
Repository,
SystemInfo,
SystemInfoService,
RepositoryService,
RequestQueryParams,
RepositoryItem,
TagService
} from '../service/index';
import { ErrorHandler } from '../error-handler/error-handler';
import { toPromise, CustomComparator } from '../utils';
import { ConfirmationState, ConfirmationTargets, ConfirmationButtons } from '../shared/shared.const';
import { ConfirmationDialogComponent } from '../confirmation-dialog/confirmation-dialog.component';
import { ConfirmationMessage } from '../confirmation-dialog/confirmation-message';
import { ConfirmationAcknowledgement } from '../confirmation-dialog/confirmation-state-message';
import { Subscription } from 'rxjs/Subscription';
import { Tag, TagClickEvent } from '../service/interface';
import { State } from "clarity-angular";
import {
DEFAULT_PAGE_SIZE,
calculatePage,
doFiltering,
doSorting
} from '../utils';
@Component({
selector: 'hbr-repository-listview',
template: REPOSITORY_LISTVIEW_TEMPLATE,
styles: [REPOSITORY_LISTVIEW_STYLE],
changeDetection: ChangeDetectionStrategy.OnPush
})
export class RepositoryListviewComponent implements OnChanges, OnInit {
signedCon: {[key: string]: any | string[]} = {};
@Input() projectId: number;
@Input() projectName = 'unknown';
@Input() urlPrefix: string;
@Input() hasSignedIn: boolean;
@Input() hasProjectAdminRole: boolean;
@Output() tagClickEvent = new EventEmitter<TagClickEvent>();
lastFilteredRepoName: string;
repositories: RepositoryItem[];
systemInfo: SystemInfo;
loading = true;
@ViewChild('confirmationDialog')
confirmationDialog: ConfirmationDialogComponent;
pullCountComparator: Comparator<RepositoryItem> = new CustomComparator<RepositoryItem>('pull_count', 'number');
tagsCountComparator: Comparator<RepositoryItem> = new CustomComparator<RepositoryItem>('tags_count', 'number');
pageSize: number = DEFAULT_PAGE_SIZE;
currentPage = 1;
totalCount = 0;
currentState: State;
constructor(
private errorHandler: ErrorHandler,
private translateService: TranslateService,
private repositoryService: RepositoryService,
private systemInfoService: SystemInfoService,
private translate: TranslateService,
private tagService: TagService,
private ref: ChangeDetectorRef,
private router: Router) { }
public get registryUrl(): string {
return this.systemInfo ? this.systemInfo.registry_url : '';
}
public get withNotary(): boolean {
return this.systemInfo ? this.systemInfo.with_notary : false;
}
public get withClair(): boolean {
return this.systemInfo ? this.systemInfo.with_clair : false;
}
public get isClairDBReady(): boolean {
return this.systemInfo &&
this.systemInfo.clair_vulnerability_status &&
this.systemInfo.clair_vulnerability_status.overall_last_update > 0;
}
public get showDBStatusWarning(): boolean {
return this.withClair && !this.isClairDBReady;
}
confirmDeletion(message: ConfirmationAcknowledgement) {
if (message &&
message.source === ConfirmationTargets.REPOSITORY &&
message.state === ConfirmationState.CONFIRMED) {
let repoName = message.data;
toPromise<number>(this.repositoryService
.deleteRepository(repoName))
.then(
response => {
this.refresh();
let st: State = this.getStateAfterDeletion();
if (!st) {
this.refresh();
} else {
this.clrLoad(st);
}
this.translateService.get('REPOSITORY.DELETED_REPO_SUCCESS')
.subscribe(res => this.errorHandler.info(res));
}).catch(error => {
if (error.status === '412') {
this.translateService.get('REPOSITORY.TAGS_SIGNED')
.subscribe(res => this.errorHandler.info(res));
return;
}
this.errorHandler.error(error);
});
}
}
ngOnChanges(changes: SimpleChanges): void {
if (changes['projectId'] && changes['projectId'].currentValue) {
this.refresh();
}
}
ngOnInit(): void {
// Get system info for tag views
toPromise<SystemInfo>(this.systemInfoService.getSystemInfo())
.then(systemInfo => this.systemInfo = systemInfo)
.catch(error => this.errorHandler.error(error));
this.lastFilteredRepoName = '';
}
doSearchRepoNames(repoName: string) {
this.lastFilteredRepoName = repoName;
this.currentPage = 1;
let st: State = this.currentState;
if (!st) {
st = { page: {} };
}
st.page.size = this.pageSize;
st.page.from = 0;
st.page.to = this.pageSize - 1;
this.clrLoad(st);
}
saveSignatures(event: {[key: string]: string[]}): void {
Object.assign(this.signedCon, event);
}
deleteRepo(repoName: string) {
if (this.signedCon[repoName]) {
this.signedDataSet(repoName);
} else {
this.getTagInfo(repoName).then(() => {
this.signedDataSet(repoName);
});
}
}
getTagInfo(repoName: string): Promise<void> {
// this.signedNameArr = [];
this.signedCon[repoName] = [];
return toPromise<Tag[]>(this.tagService
.getTags(repoName))
.then(items => {
items.forEach((t: Tag) => {
if (t.signature !== null) {
this.signedCon[repoName].push(t.name);
}
});
})
.catch(error => this.errorHandler.error(error));
}
signedDataSet(repoName: string): void {
let signature = '';
if (this.signedCon[repoName].length === 0) {
this.confirmationDialogSet('REPOSITORY.DELETION_TITLE_REPO', signature, repoName, 'REPOSITORY.DELETION_SUMMARY_REPO', ConfirmationButtons.DELETE_CANCEL);
return;
}
signature = this.signedCon[repoName].join(',');
this.confirmationDialogSet('REPOSITORY.DELETION_TITLE_REPO_SIGNED', signature, repoName, 'REPOSITORY.DELETION_SUMMARY_REPO_SIGNED', ConfirmationButtons.CLOSE);
}
confirmationDialogSet(summaryTitle: string, signature: string, repoName: string, summaryKey: string, button: ConfirmationButtons): void {
this.translate.get(summaryKey,
{
repoName: repoName,
signedImages: signature,
})
.subscribe((res: string) => {
summaryKey = res;
let message = new ConfirmationMessage(
summaryTitle,
summaryKey,
repoName,
repoName,
ConfirmationTargets.REPOSITORY,
button);
this.confirmationDialog.open(message);
let hnd = setInterval(() => this.ref.markForCheck(), 100);
setTimeout(() => clearInterval(hnd), 5000);
});
}
refresh() {
this.doSearchRepoNames('');
}
watchTagClickEvt(tagClickEvt: TagClickEvent): void {
this.tagClickEvent.emit(tagClickEvt);
}
clrLoad(state: State): void {
//Keep it for future filtering and sorting
this.currentState = state;
let pageNumber: number = calculatePage(state);
if (pageNumber <= 0) { pageNumber = 1; }
//Pagination
let params: RequestQueryParams = new RequestQueryParams();
params.set("page", '' + pageNumber);
params.set("page_size", '' + this.pageSize);
this.loading = true;
toPromise<Repository>(this.repositoryService.getRepositories(
this.projectId,
this.lastFilteredRepoName,
params))
.then((repo: Repository) => {
this.totalCount = repo.metadata.xTotalCount;
this.repositories = repo.data;
this.signedCon = {};
//Do filtering and sorting
this.repositories = doFiltering<RepositoryItem>(this.repositories, state);
this.repositories = doSorting<RepositoryItem>(this.repositories, state);
this.loading = false;
})
.catch(error => {
this.loading = false;
this.errorHandler.error(error);
});
//Force refresh view
let hnd = setInterval(() => this.ref.markForCheck(), 100);
setTimeout(() => clearInterval(hnd), 5000);
}
getStateAfterDeletion(): State {
let total: number = this.totalCount - 1;
if (total <= 0) { return null; }
let totalPages: number = Math.ceil(total / this.pageSize);
let targetPageNumber: number = this.currentPage;
if (this.currentPage > totalPages) {
targetPageNumber = totalPages;//Should == currentPage -1
}
let st: State = this.currentState;
if (!st) {
st = { page: {} };
}
st.page.size = this.pageSize;
st.page.from = (targetPageNumber - 1) * this.pageSize;
st.page.to = targetPageNumber * this.pageSize - 1;
return st;
}
public gotoLink(projectId: number, repoName: string): void {
let linkUrl = [this.router.url, repoName];
this.router.navigate(linkUrl);
}
}

1
src/ui_ng/lib/src/repository/index.ts
View File

@ -1,7 +1,6 @@
import { Type } from '@angular/core';
import { RepositoryComponent } from './repository.component';
export const REPOSITORY_DIRECTIVES: Type<any>[] = [
RepositoryComponent
];

44
src/ui_ng/lib/src/repository/repository.component.css.ts
View File

@ -1,4 +1,46 @@
export const REPOSITORY_STYLE = `.option-right {
padding-right: 16px;
margin-bottom: 12px;
}`;
}
.arrow-back {
cursor: pointer;
}
.arrow-block {
border-right: 2px solid #cccccc;
margin-right: 6px;
display: inline-flex;
padding: 6px 6px 6px 12px;
}
.title-block {
display: inline-block;
}
.title-wrapper {
padding-top: 12px;
}
.tag-name {
font-weight: 300;
font-size: 32px;
}
pre {
white-space: pre-wrap;
}
#info-edit-button {
margin-top: 0px;
margin-bottom: 12px;
}
#images-container {
margin-top: 12px;
}
harbor-tag {
position: relative;
top: 24px;
}
`;

55
src/ui_ng/lib/src/repository/repository.component.html.ts
View File

@ -1,15 +1,48 @@
export const REPOSITORY_TEMPLATE = `
<confirmation-dialog #confirmationDialog (confirmAction)="confirmDeletion($event)"></confirmation-dialog>
<div class="row">
<div class="col-lg-12 col-md-12 col-sm-12 col-xs-12">
<div class="row flex-items-xs-right option-right">
<div class="flex-xs-middle">
<hbr-filter filterPlaceholder="{{'REPOSITORY.FILTER_FOR_REPOSITORIES' | translate}}" (filter)="doSearchRepoNames($event)"></hbr-filter>
<a href="javascript:void(0)" (click)="refresh()"><clr-icon shape="refresh"></clr-icon></a>
</div>
<section class="overview-section">
<div class="title-wrapper">
<div class="title-block arrow-block">
<clr-icon class="rotate-90 arrow-back" shape="arrow" size="36" (click)="goBack()"></clr-icon>
</div>
<div class="title-block">
<h2 sub-header-title>{{repoName}}</h2>
</div>
</div>
<div class="col-lg-12 col-md-12 col-sm-12 col-xs-12">
<hbr-list-repository [urlPrefix]="urlPrefix" [projectId]="projectId" [repositories]="changedRepositories" (delete)="deleteRepo($event)" [hasProjectAdminRole]="hasProjectAdminRole" (paginate)="retrieve($event)"></hbr-list-repository>
</section>
<section class="detail-section">
<div class="col-lg-12 col-md-12 col-sm-12 col-xs-12">
<span class="spinner spinner-inline" [hidden]="inProgress === false"></span>
<ul id="configTabs" class="nav" role="tablist">
<li role="presentation" class="nav-item">
<button id="repo-info" class="btn btn-link nav-link" aria-controls="info" [class.active]='isCurrentTabLink("repo-info")' type="button" (click)='tabLinkClick("repo-info")'>{{'REPOSITORY.INFO' | translate}}</button>
</li>
<li role="presentation" class="nav-item">
<button id="repo-image" class="btn btn-link nav-link active" aria-controls="image" [class.active]='isCurrentTabLink("repo-image")' type="button" (click)='tabLinkClick("repo-image")'>{{'REPOSITORY.IMAGE' | translate}}</button>
</li>
</ul>
<section id="info" role="tabpanel" aria-labelledby="repo-info" [hidden]='!isCurrentTabContent("info")'>
<form #repoInfoForm="ngForm">
<div id="info-edit-button">
<button class="btn btn-sm" [disabled]="editing" (click)="editInfo()" >{{'BUTTON.EDIT' | translate}}</button>
</div>
<div>
<h3 *ngIf="!editing && !hasInfo()" >{{'REPOSITORY.NO_INFO' | translate }}</h3>
<pre *ngIf="!editing && hasInfo()" ><code>{{ imageInfo }}</code></pre>
<textarea *ngIf="editing" name="info-edit-textarea" [(ngModel)]="imageInfo"></textarea>
</div>
<div class="btn-sm" *ngIf="editing">
<button class="btn btn-primary" [disabled]="!hasChanges()" (click)="saveInfo()" >{{'BUTTON.SAVE' | translate}}</button>
<button class="btn" (click)="cancelInfo()" >{{'BUTTON.CANCEL' | translate}}</button>
</div>
<confirmation-dialog #confirmationDialog (confirmAction)="confirmCancel($event)"></confirmation-dialog>
</form>
</section>
<section id="image" role="tabpanel" aria-labelledby="repo-image" [hidden]='!isCurrentTabContent("image")'>
<div id=images-container>
<hbr-tag ngProjectAs="clr-dg-row-detail" (tagClickEvent)="watchTagClickEvt($event)" (signatureOutput)="saveSignatures($event)" class="sub-grid-custom" [repoName]="repoName" [registryUrl]="registryUrl" [withNotary]="withNotary" [withClair]="withClair" [hasSignedIn]="hasSignedIn" [hasProjectAdminRole]="hasProjectAdminRole" [projectId]="projectId"></hbr-tag>
</div>
</section>
</div>
</div>`;
</section>
`;

155
src/ui_ng/lib/src/repository/repository.component.spec.ts
View File

@ -1,19 +1,27 @@
import { ComponentFixture, TestBed, async } from '@angular/core/testing';
import { ComponentFixture, TestBed, async, } from '@angular/core/testing';
import { By } from '@angular/platform-browser';
import { DebugElement } from '@angular/core';
import { Router } from '@angular/router';
import { RouterTestingModule } from '@angular/router/testing';
import { SharedModule } from '../shared/shared.module';
import { ConfirmationDialogComponent } from '../confirmation-dialog/confirmation-dialog.component';
import { RepositoryComponent } from './repository.component';
import { ListRepositoryComponent } from '../list-repository/list-repository.component';
import { RepositoryListviewComponent } from '../repository-listview/repository-listview.component';
import { FilterComponent } from '../filter/filter.component';
import { TagComponent } from '../tag/tag.component';
import { VULNERABILITY_DIRECTIVES } from '../vulnerability-scanning/index';
import { PUSH_IMAGE_BUTTON_DIRECTIVES } from '../push-image/index';
import { INLINE_ALERT_DIRECTIVES } from '../inline-alert/index';
import { JobLogViewerComponent } from '../job-log-viewer/index';
import { ErrorHandler } from '../error-handler/error-handler';
import { Repository, RepositoryItem } from '../service/interface';
import { Repository, RepositoryItem, Tag, SystemInfo } from '../service/interface';
import { SERVICE_CONFIG, IServiceConfig } from '../service.config';
import { RepositoryService, RepositoryDefaultService } from '../service/repository.service';
import { SystemInfoService, SystemInfoDefaultService } from '../service/system-info.service';
import { TagService, TagDefaultService } from '../service/tag.service';
import { ChannelService } from '../channel/index';
class RouterStub {
navigateByUrl(url: string) { return url; }
@ -21,72 +29,123 @@ class RouterStub {
describe('RepositoryComponent (inline template)', () => {
let comp: RepositoryComponent;
let compRepo: RepositoryComponent;
let fixture: ComponentFixture<RepositoryComponent>;
let repositoryService: RepositoryService;
let spy: jasmine.Spy;
let systemInfoService: SystemInfoService;
let tagService: TagService;
let mockData: RepositoryItem[] = [
{
"id": 11,
"name": "library/busybox",
"project_id": 1,
"description": "",
"pull_count": 0,
"star_count": 0,
"tags_count": 1
},
{
"id": 12,
"name": "library/nginx",
"project_id": 1,
"description": "",
"pull_count": 0,
"star_count": 0,
"tags_count": 1
}
];
let mockRepo: Repository = {
metadata: { xTotalCount: 2 },
data: mockData
let spyRepos: jasmine.Spy;
let spyTags: jasmine.Spy;
let spySystemInfo: jasmine.Spy;
let mockSystemInfo: SystemInfo = {
'with_notary': true,
'with_admiral': false,
'admiral_endpoint': 'NA',
'auth_mode': 'db_auth',
'registry_url': '10.112.122.56',
'project_creation_restriction': 'everyone',
'self_registration': true,
'has_ca_root': false,
'harbor_version': 'v1.1.1-rc1-160-g565110d'
};
let mockRepoData: RepositoryItem[] = [
{
'id': 1,
'name': 'library/busybox',
'project_id': 1,
'description': 'asdfsadf',
'pull_count': 0,
'star_count': 0,
'tags_count': 1
},
{
'id': 2,
'name': 'library/nginx',
'project_id': 1,
'description': 'asdf',
'pull_count': 0,
'star_count': 0,
'tags_count': 1
}
];
let mockRepo: Repository = {
metadata: {xTotalCount: 2},
data: mockRepoData
};
let mockTagData: Tag[] = [
{
'digest': 'sha256:e5c82328a509aeb7c18c1d7fb36633dc638fcf433f651bdcda59c1cc04d3ee55',
'name': '1.11.5',
'size': '2049',
'architecture': 'amd64',
'os': 'linux',
'docker_version': '1.12.3',
'author': 'NGINX Docker Maintainers \"docker-maint@nginx.com\"',
'created': new Date('2016-11-08T22:41:15.912313785Z'),
'signature': null
}
];
let config: IServiceConfig = {
repositoryBaseEndpoint: '/api/repository/testing'
repositoryBaseEndpoint: '/api/repository/testing',
systemInfoEndpoint: '/api/systeminfo/testing',
targetBaseEndpoint: '/api/tag/testing'
};
beforeEach(async(() => {
TestBed.configureTestingModule({
imports: [
SharedModule
SharedModule,
RouterTestingModule
],
declarations: [
RepositoryComponent,
ListRepositoryComponent,
RepositoryListviewComponent,
ConfirmationDialogComponent,
FilterComponent
FilterComponent,
TagComponent,
VULNERABILITY_DIRECTIVES,
PUSH_IMAGE_BUTTON_DIRECTIVES,
INLINE_ALERT_DIRECTIVES,
JobLogViewerComponent,
],
providers: [
ErrorHandler,
{ provide: SERVICE_CONFIG, useValue: config },
{ provide: RepositoryService, useClass: RepositoryDefaultService },
{ provide: SystemInfoService, useClass: SystemInfoDefaultService },
{ provide: Router, useClass: RouterStub }
{ provide: TagService, useClass: TagDefaultService },
{ provide: ChannelService},
]
});
}));
beforeEach(() => {
fixture = TestBed.createComponent(RepositoryComponent);
comp = fixture.componentInstance;
comp.projectId = 1;
comp.hasProjectAdminRole = true;
compRepo = fixture.componentInstance;
compRepo.projectId = 1;
compRepo.hasProjectAdminRole = true;
compRepo.repoName = 'library/nginx';
repositoryService = fixture.debugElement.injector.get(RepositoryService);
systemInfoService = fixture.debugElement.injector.get(SystemInfoService);
tagService = fixture.debugElement.injector.get(TagService);
spy = spyOn(repositoryService, 'getRepositories').and.returnValues(Promise.resolve(mockRepo));
spyRepos = spyOn(repositoryService, 'getRepositories').and.returnValues(Promise.resolve(mockRepo));
spySystemInfo = spyOn(systemInfoService, 'getSystemInfo').and.returnValues(Promise.resolve(mockSystemInfo));
spyTags = spyOn(tagService, 'getTags').and.returnValues(Promise.resolve(mockTagData));
fixture.detectChanges();
});
it('should create', () => {
expect(compRepo).toBeTruthy();
});
it('should load and render data', async(() => {
fixture.detectChanges();
fixture.whenStable().then(() => {
@ -99,22 +158,4 @@ describe('RepositoryComponent (inline template)', () => {
expect(el.textContent).toEqual('library/busybox');
});
}));
it('should filter data by keyword', async(() => {
fixture.detectChanges();
fixture.whenStable().then(() => {
fixture.detectChanges();
comp.doSearchRepoNames('nginx');
fixture.detectChanges();
let de: DebugElement[] = fixture.debugElement.queryAll(By.css('datagrid-cell'));
fixture.detectChanges();
expect(de).toBeTruthy();
expect(de.length).toEqual(1);
let el: HTMLElement = de[0].nativeElement;
fixture.detectChanges();
expect(el).toBeTruthy();
expect(el.textContent).toEqual('library/nginx');
});
}));
});
});

188
src/ui_ng/lib/src/repository/repository.component.ts
View File

@ -11,20 +11,21 @@
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
import { Component, OnInit, ViewChild, Input } from '@angular/core';
import { Component, OnInit, ViewChild, Input, Output, EventEmitter } from '@angular/core';
import { RepositoryService } from '../service/repository.service';
import { Repository, RepositoryItem } from '../service/interface';
import { Repository, RepositoryItem, Tag, TagClickEvent,
SystemInfo, SystemInfoService, TagService } from '../service/index';
import { TranslateService } from '@ngx-translate/core';
import { ErrorHandler } from '../error-handler/error-handler';
import { ConfirmationState, ConfirmationTargets, ConfirmationButtons } from '../shared/shared.const';
import { ConfirmationState, ConfirmationTargets } from '../shared/shared.const';
import { ConfirmationDialogComponent } from '../confirmation-dialog/confirmation-dialog.component';
import { ConfirmationMessage } from '../confirmation-dialog/confirmation-message';
import { ConfirmationAcknowledgement } from '../confirmation-dialog/confirmation-state-message';
import { Subscription } from 'rxjs/Subscription';
import { State } from 'clarity-angular';
@ -33,81 +34,172 @@ import { toPromise } from '../utils';
import { REPOSITORY_TEMPLATE } from './repository.component.html';
import { REPOSITORY_STYLE } from './repository.component.css';
const TabLinkContentMap: {[index: string]: string} = {
'repo-info': 'info',
'repo-image': 'image'
};
@Component({
selector: 'hbr-repository',
template: REPOSITORY_TEMPLATE,
styles: [REPOSITORY_STYLE]
})
export class RepositoryComponent implements OnInit {
changedRepositories: RepositoryItem[];
signedCon: {[key: string]: any | string[]} = {};
@Input() projectId: number;
@Input() urlPrefix: string;
@Input() projectName: string;
@Input() repoName: string;
@Input() hasSignedIn: boolean;
@Input() hasProjectAdminRole: boolean;
lastFilteredRepoName: string;
@Output() tagClickEvent = new EventEmitter<TagClickEvent>();
@Output() backEvt: EventEmitter<any> = new EventEmitter<any>();
onGoing = false;
withNotary = false;
withClair = true;
editing = false;
inProgress = true;
currentTabID = 'repo-image';
changedRepositories: RepositoryItem[];
systemInfo: SystemInfo;
imageInfo: string;
orgImageInfo: string;
timerHandler: any;
@ViewChild('confirmationDialog')
confirmationDialog: ConfirmationDialogComponent;
confirmationDlg: ConfirmationDialogComponent;
constructor(
private errorHandler: ErrorHandler,
private repositoryService: RepositoryService,
private translateService: TranslateService
) {}
private systemInfoService: SystemInfoService,
private tagService: TagService,
private translate: TranslateService,
) { }
confirmDeletion(message: ConfirmationAcknowledgement) {
if (message &&
message.source === ConfirmationTargets.REPOSITORY &&
message.state === ConfirmationState.CONFIRMED) {
let repoName = message.data;
toPromise<number>(this.repositoryService
.deleteRepository(repoName))
.then(
response => {
this.refresh();
this.translateService.get('REPOSITORY.DELETED_REPO_SUCCESS')
.subscribe(res=>this.errorHandler.info(res));
}).catch(error => this.errorHandler.error(error));
}
public get registryUrl(): string {
return this.systemInfo ? this.systemInfo.registry_url : '';
}
ngOnInit(): void {
if(!this.projectId) {
if (!this.projectId) {
this.errorHandler.error('Project ID cannot be unset.');
return;
}
this.lastFilteredRepoName = '';
this.retrieve();
this.inProgress = false;
}
retrieve(state?: State) {
toPromise<Repository>(this.repositoryService
.getRepositories(this.projectId, this.lastFilteredRepoName))
toPromise<Repository>(this.repositoryService.getRepositories(this.projectId, this.repoName))
.then(
response => {
this.changedRepositories = response.data;
},
error => this.errorHandler.error(error));
if (response.metadata.xTotalCount > 0) {
this.orgImageInfo = response.data[0].description;
this.imageInfo = response.data[0].description;
}
})
.catch(error => this.errorHandler.error(error));
}
doSearchRepoNames(repoName: string) {
this.lastFilteredRepoName = repoName;
this.retrieve();
}
deleteRepo(repoName: string) {
let message = new ConfirmationMessage(
'REPOSITORY.DELETION_TITLE_REPO',
'REPOSITORY.DELETION_SUMMARY_REPO',
repoName,
repoName,
ConfirmationTargets.REPOSITORY,
ConfirmationButtons.DELETE_CANCEL);
this.confirmationDialog.open(message);
saveSignatures(event: {[key: string]: string[]}): void {
Object.assign(this.signedCon, event);
}
refresh() {
this.retrieve();
}
}
watchTagClickEvt(tagClickEvt: TagClickEvent): void {
this.tagClickEvent.emit(tagClickEvt);
}
isCurrentTabLink(tabID: string): boolean {
return this.currentTabID === tabID;
}
isCurrentTabContent(ContentID: string): boolean {
return TabLinkContentMap[this.currentTabID] === ContentID;
}
tabLinkClick(tabID: string) {
this.currentTabID = tabID;
}
getTagInfo(repoName: string): Promise<void> {
// this.signedNameArr = [];
this.signedCon[repoName] = [];
return toPromise<Tag[]>(this.tagService
.getTags(repoName))
.then(items => {
items.forEach((t: Tag) => {
if (t.signature !== null) {
this.signedCon[repoName].push(t.name);
}
});
})
.catch(error => this.errorHandler.error(error));
}
goBack() {
this.backEvt.emit(this.projectId);
}
hasChanges() {
return this.imageInfo !== this.orgImageInfo;
}
reset(): void {
this.imageInfo = this.orgImageInfo;
}
hasInfo() {
return this.imageInfo && this.imageInfo.length > 0;
}
editInfo() {
this.editing = true;
}
saveInfo() {
if (!this.hasChanges()) {
return;
}
this.onGoing = true;
toPromise<any>(this.repositoryService.updateRepositoryDescription(this.repoName, this.imageInfo))
.then(() => {
this.onGoing = false;
this.translate.get('CONFIG.SAVE_SUCCESS').subscribe((res: string) => {
this.errorHandler.info(res);
});
this.editing = false;
this.refresh();
})
.catch(error => {
this.onGoing = false;
this.errorHandler.error(error);
});
}
cancelInfo() {
let msg = new ConfirmationMessage(
'CONFIG.CONFIRM_TITLE',
'CONFIG.CONFIRM_SUMMARY',
'',
{},
ConfirmationTargets.CONFIG
);
this.confirmationDlg.open(msg);
}
confirmCancel(ack: ConfirmationAcknowledgement): void {
this.editing = false;
if (ack && ack.source === ConfirmationTargets.CONFIG &&
ack.state === ConfirmationState.CONFIRMED) {
this.reset();
}
}
}

58
src/ui_ng/lib/src/service/repository.service.ts
View File

@ -1,7 +1,7 @@
import { Observable } from 'rxjs/Observable';
import { RequestQueryParams } from './RequestQueryParams';
import { Repository, RepositoryItem } from './interface';
import { Injectable, Inject } from "@angular/core";
import { Injectable, Inject } from '@angular/core';
import 'rxjs/add/observable/of';
import { Http } from '@angular/http';
import { SERVICE_CONFIG, IServiceConfig } from '../service.config';
@ -10,7 +10,7 @@ import { buildHttpRequestOptions, HTTP_JSON_OPTIONS } from '../utils';
/**
* Define service methods for handling the repository related things.
* Loose couple with project module.
*
*
* @export
* @abstract
* @class RepositoryService
@ -22,24 +22,37 @@ export abstract class RepositoryService {
* If pagination needed, set the following parameters in queryParams:
* 'page': current page,
* 'page_size': page size.
*
*
* @abstract
* @param {(number | string)} projectId
* @param {string} repositoryName
* @param {RequestQueryParams} [queryParams]
* @returns {(Observable<Repository> | Promise<Repository> | Repository)}
*
*
* @memberOf RepositoryService
*/
abstract getRepositories(projectId: number | string, repositoryName?: string, queryParams?: RequestQueryParams): Observable<Repository> | Promise<Repository> | Repository;
abstract getRepositories(projectId: number | string, repositoryName?: string, queryParams?: RequestQueryParams):
Observable<Repository> | Promise<Repository> | Repository;
/**
* Update description of specified repository.
*
* @abstract
* @param {number | string} projectId
* @param {string} repoName
* @returns {(Observable<Repository> | Promise<Repository> | Repository)}
*
* @memberOf RepositoryService
*/
abstract updateRepositoryDescription(repoName: string, description: string): Observable<any> | Promise<any> | any;
/**
* DELETE the specified repository.
*
*
* @abstract
* @param {string} repositoryName
* @returns {(Observable<any> | Promise<any> | any)}
*
*
* @memberOf RepositoryService
*/
abstract deleteRepository(repositoryName: string): Observable<any> | Promise<any> | any;
@ -47,7 +60,7 @@ export abstract class RepositoryService {
/**
* Implement default service for repository.
*
*
* @export
* @class RepositoryDefaultService
* @extends {RepositoryService}
@ -61,21 +74,22 @@ export class RepositoryDefaultService extends RepositoryService {
super();
}
public getRepositories(projectId: number | string, repositoryName?: string, queryParams?: RequestQueryParams): Observable<Repository> | Promise<Repository> | Repository {
public getRepositories(projectId: number | string, repositoryName?: string, queryParams?: RequestQueryParams):
Observable<Repository> | Promise<Repository> | Repository {
if (!projectId) {
return Promise.reject("Bad argument");
return Promise.reject('Bad argument');
}
if (!queryParams) {
queryParams = new RequestQueryParams();
}
queryParams.set('project_id', "" + projectId);
queryParams.set('project_id', '' + projectId);
if (repositoryName && repositoryName.trim() !== '') {
queryParams.set('q', repositoryName);
}
let url: string = this.config.repositoryBaseEndpoint ? this.config.repositoryBaseEndpoint : "/api/repositories";
let url: string = this.config.repositoryBaseEndpoint ? this.config.repositoryBaseEndpoint : '/api/repositories';
return this.http.get(url, buildHttpRequestOptions(queryParams)).toPromise()
.then(response => {
let result: Repository = {
@ -84,7 +98,7 @@ export class RepositoryDefaultService extends RepositoryService {
};
if (response && response.headers) {
let xHeader: string = response.headers.get("X-Total-Count");
let xHeader: string = response.headers.get('X-Total-Count');
if (xHeader) {
result.metadata.xTotalCount = parseInt(xHeader, 0);
}
@ -103,6 +117,20 @@ export class RepositoryDefaultService extends RepositoryService {
.catch(error => Promise.reject(error));
}
public updateRepositoryDescription(repositoryName: string, description: string,
queryParams?: RequestQueryParams): Observable<any> | Promise<any> | any {
if (!queryParams) {
queryParams = new RequestQueryParams();
}
let baseUrl: string = this.config.repositoryBaseEndpoint ? this.config.repositoryBaseEndpoint : '/api/repositories';
let url = `${baseUrl}/${repositoryName}`;
return this.http.put(url, {'description': description }, HTTP_JSON_OPTIONS).toPromise()
.then(response => response)
.catch(error => Promise.reject(error));
}
public deleteRepository(repositoryName: string): Observable<any> | Promise<any> | any {
if (!repositoryName) {
return Promise.reject('Bad argument');
@ -112,6 +140,6 @@ export class RepositoryDefaultService extends RepositoryService {
return this.http.delete(url, HTTP_JSON_OPTIONS).toPromise()
.then(response => response)
.catch(error => { Promise.reject(error) });
.catch(error => { Promise.reject(error); });
}
}
}

5
src/ui_ng/lib/src/shared/shared.const.ts
View File

@ -62,7 +62,8 @@ export const CommonRoutes = {
export const enum ConfirmationState {
NA, CONFIRMED, CANCEL
}
};
export const enum ConfirmationButtons {
CONFIRM_CANCEL, YES_NO, DELETE_CANCEL, CLOSE
}
};

2
src/ui_ng/lib/src/tag/tag-detail.component.html.ts
View File

@ -7,7 +7,7 @@ export const TAG_DETAIL_HTML: string = `
</div>
<div class="title-block">
<div class="tag-name">
{{tagDetails.name}}
<h1>{{tagDetails.name}}</h1>
</div>
<div class="tag-timestamp">
{{'TAG.CREATION_TIME_PREFIX' | translate }} {{tagDetails.created | date }} {{'TAG.CREATOR_PREFIX' | translate }} {{author | translate}}

25
src/ui_ng/lib/src/tag/tag.component.css.ts
View File

@ -1,4 +1,17 @@
export const TAG_STYLE = `
.option-right {
padding-right: 18px;
padding-bottom: 6px;
}
.refresh-btn {
cursor: pointer;
}
.refresh-btn:hover {
color: #007CBB;
}
.sub-header-title {
margin: 12px 0;
}
@ -20,18 +33,6 @@ export const TAG_STYLE = `
display: none;
}
:host >>> .datagrid .datagrid-body {
background-color: #eee;
}
:host >>> .datagrid .datagrid-head .datagrid-row {
background-color: #eee;
}
:host >>> .datagrid .datagrid-body .datagrid-row-master {
background-color: #eee;
}
.truncated {
display: inline-block;
overflow: hidden;

104
src/ui_ng/lib/src/tag/tag.component.html.ts
View File

@ -12,50 +12,60 @@ export const TAG_TEMPLATE = `
<button type="button" class="btn btn-primary" [ngxClipboard]="digestTarget" (cbOnSuccess)="onSuccess($event)" (cbOnError)="onError($event)">{{'BUTTON.COPY' | translate}}</button>
</div>
</clr-modal>
<h2 *ngIf="!isEmbedded" class="sub-header-title">{{repoName}}</h2>
<clr-datagrid [clrDgLoading]="loading" [class.embeded-datagrid]="isEmbedded">
<clr-dg-column style="min-width: 160px;" [clrDgField]="'name'">{{'REPOSITORY.TAG' | translate}}</clr-dg-column>
<clr-dg-column style="width: 90px;" [clrDgField]="'size'">{{'REPOSITORY.SIZE' | translate}}</clr-dg-column>
<clr-dg-column style="min-width: 120px; max-width:220px;">{{'REPOSITORY.PULL_COMMAND' | translate}}</clr-dg-column>
<clr-dg-column style="width: 140px;" *ngIf="withClair">{{'REPOSITORY.VULNERABILITY' | translate}}</clr-dg-column>
<clr-dg-column style="width: 80px;" *ngIf="withNotary">{{'REPOSITORY.SIGNED' | translate}}</clr-dg-column>
<clr-dg-column style="width: 130px;">{{'REPOSITORY.AUTHOR' | translate}}</clr-dg-column>
<clr-dg-column style="width: 160px;"[clrDgSortBy]="createdComparator">{{'REPOSITORY.CREATED' | translate}}</clr-dg-column>
<clr-dg-column style="width: 80px;" [clrDgField]="'docker_version'" *ngIf="!withClair">{{'REPOSITORY.DOCKER_VERSION' | translate}}</clr-dg-column>
<clr-dg-placeholder>{{'TGA.PLACEHOLDER' | translate }}</clr-dg-placeholder>
<clr-dg-row *clrDgItems="let t of tags" [clrDgItem]='t'>
<clr-dg-action-overflow>
<button class="action-item" *ngIf="canScanNow(t)" (click)="scanNow(t.name)">{{'VULNERABILITY.SCAN_NOW' | translate}}</button>
<button class="action-item" *ngIf="hasProjectAdminRole" (click)="deleteTag(t)">{{'REPOSITORY.DELETE' | translate}}</button>
<button class="action-item" (click)="showDigestId(t)">{{'REPOSITORY.COPY_DIGEST_ID' | translate}}</button>
</clr-dg-action-overflow>
<clr-dg-cell class="truncated" style="min-width: 160px;" [ngSwitch]="withClair">
<a *ngSwitchCase="true" href="javascript:void(0)" (click)="onTagClick(t)" title="{{t.name}}">{{t.name}}</a>
<span *ngSwitchDefault>{{t.name}}</span>
</clr-dg-cell>
<clr-dg-cell style="width: 90px;">{{t.size}}</clr-dg-cell>
<clr-dg-cell style="min-width: 120px; max-width:220px;" class="truncated" title="docker pull {{registryUrl}}/{{repoName}}:{{t.name}}">
<hbr-copy-input #copyInput (onCopyError)="onCpError($event)" iconMode="true" defaultValue="docker pull {{registryUrl}}/{{repoName}}:{{t.name}}"></hbr-copy-input>
</clr-dg-cell>
<clr-dg-cell style="width: 140px;" *ngIf="withClair">
<hbr-vulnerability-bar [repoName]="repoName" [tagId]="t.name" [summary]="t.scan_overview"></hbr-vulnerability-bar>
</clr-dg-cell>
<clr-dg-cell style="width: 80px;" *ngIf="withNotary" [ngSwitch]="t.signature !== null">
<clr-icon shape="check-circle" *ngSwitchCase="true" size="20" style="color: #1D5100;"></clr-icon>
<clr-icon shape="times-circle" *ngSwitchCase="false" size="16" style="color: #C92100;"></clr-icon>
<a href="javascript:void(0)" *ngSwitchDefault role="tooltip" aria-haspopup="true" class="tooltip tooltip-top-right">
<clr-icon shape="help" style="color: #565656;" size="16"></clr-icon>
<span class="tooltip-content">{{'REPOSITORY.NOTARY_IS_UNDETERMINED' | translate}}</span>
</a>
</clr-dg-cell>
<clr-dg-cell class="truncated" style="width: 130px;" title="{{t.author}}">{{t.author}}</clr-dg-cell>
<clr-dg-cell style="width: 160px;">{{t.created | date: 'short'}}</clr-dg-cell>
<clr-dg-cell style="width: 80px;" *ngIf="!withClair">{{t.docker_version}}</clr-dg-cell>
</clr-dg-row>
<clr-dg-footer>
<span *ngIf="pagination.totalItems">{{pagination.firstItem + 1}} - {{pagination.lastItem + 1}} {{'REPOSITORY.OF' | translate}}</span>
{{pagination.totalItems}} {{'REPOSITORY.ITEMS' | translate}}&nbsp;&nbsp;&nbsp;&nbsp;
<clr-dg-pagination #pagination [clrDgPageSize]="10"></clr-dg-pagination>
</clr-dg-footer>
</clr-datagrid>`;
<div class="row">
<div class="col-lg-12 col-md-12 col-sm-12 col-xs-12">
<div class="row flex-items-xs-right option-right">
<div class="flex-xs-middle">
<hbr-filter [withDivider]="true" filterPlaceholder="{{'TAG.FILTER_FOR_TAGS' | translate}}" (filter)="doSearchTagNames($event)" [currentValue]="lastFilteredTagName"></hbr-filter>
<span class="refresh-btn" (click)="refresh()"><clr-icon shape="refresh"></clr-icon></span>
</div>
</div>
</div>
<div class="col-lg-12 col-md-12 col-sm-12 col-xs-12">
<clr-datagrid [clrDgLoading]="loading" [class.embeded-datagrid]="isEmbedded">
<clr-dg-column style="min-width: 160px;" [clrDgField]="'name'">{{'REPOSITORY.TAG' | translate}}</clr-dg-column>
<clr-dg-column style="width: 90px;" [clrDgField]="'size'">{{'REPOSITORY.SIZE' | translate}}</clr-dg-column>
<clr-dg-column style="min-width: 120px; max-width:220px;">{{'REPOSITORY.PULL_COMMAND' | translate}}</clr-dg-column>
<clr-dg-column style="width: 140px;" *ngIf="withClair">{{'REPOSITORY.VULNERABILITY' | translate}}</clr-dg-column>
<clr-dg-column style="width: 80px;" *ngIf="withNotary">{{'REPOSITORY.SIGNED' | translate}}</clr-dg-column>
<clr-dg-column style="width: 130px;">{{'REPOSITORY.AUTHOR' | translate}}</clr-dg-column>
<clr-dg-column style="width: 160px;"[clrDgSortBy]="createdComparator">{{'REPOSITORY.CREATED' | translate}}</clr-dg-column>
<clr-dg-column style="width: 80px;" [clrDgField]="'docker_version'" *ngIf="!withClair">{{'REPOSITORY.DOCKER_VERSION' | translate}}</clr-dg-column>
<clr-dg-placeholder>{{'TGA.PLACEHOLDER' | translate }}</clr-dg-placeholder>
<clr-dg-row *clrDgItems="let t of tags" [clrDgItem]='t'>
<clr-dg-action-overflow>
<button class="action-item" *ngIf="canScanNow(t)" (click)="scanNow(t.name)">{{'VULNERABILITY.SCAN_NOW' | translate}}</button>
<button class="action-item" *ngIf="hasProjectAdminRole" (click)="deleteTag(t)">{{'REPOSITORY.DELETE' | translate}}</button>
<button class="action-item" (click)="showDigestId(t)">{{'REPOSITORY.COPY_DIGEST_ID' | translate}}</button>
</clr-dg-action-overflow>
<clr-dg-cell class="truncated" style="min-width: 160px;" [ngSwitch]="withClair">
<a *ngSwitchCase="true" href="javascript:void(0)" (click)="onTagClick(t)" title="{{t.name}}">{{t.name}}</a>
<span *ngSwitchDefault>{{t.name}}</span>
</clr-dg-cell>
<clr-dg-cell style="width: 90px;">{{t.size}}</clr-dg-cell>
<clr-dg-cell style="min-width: 120px; max-width:220px;" class="truncated" title="docker pull {{registryUrl}}/{{repoName}}:{{t.name}}">
<hbr-copy-input #copyInput (onCopyError)="onCpError($event)" iconMode="true" defaultValue="docker pull {{registryUrl}}/{{repoName}}:{{t.name}}"></hbr-copy-input>
</clr-dg-cell>
<clr-dg-cell style="width: 140px;" *ngIf="withClair">
<hbr-vulnerability-bar [repoName]="repoName" [tagId]="t.name" [summary]="t.scan_overview"></hbr-vulnerability-bar>
</clr-dg-cell>
<clr-dg-cell style="width: 80px;" *ngIf="withNotary" [ngSwitch]="t.signature !== null">
<clr-icon shape="check-circle" *ngSwitchCase="true" size="20" style="color: #1D5100;"></clr-icon>
<clr-icon shape="times-circle" *ngSwitchCase="false" size="16" style="color: #C92100;"></clr-icon>
<a href="javascript:void(0)" *ngSwitchDefault role="tooltip" aria-haspopup="true" class="tooltip tooltip-top-right">
<clr-icon shape="help" style="color: #565656;" size="16"></clr-icon>
<span class="tooltip-content">{{'REPOSITORY.NOTARY_IS_UNDETERMINED' | translate}}</span>
</a>
</clr-dg-cell>
<clr-dg-cell class="truncated" style="width: 130px;" title="{{t.author}}">{{t.author}}</clr-dg-cell>
<clr-dg-cell style="width: 160px;">{{t.created | date: 'short'}}</clr-dg-cell>
<clr-dg-cell style="width: 80px;" *ngIf="!withClair">{{t.docker_version}}</clr-dg-cell>
</clr-dg-row>
<clr-dg-footer>
<span *ngIf="pagination.totalItems">{{pagination.firstItem + 1}} - {{pagination.lastItem + 1}} {{'REPOSITORY.OF' | translate}}</span>
{{pagination.totalItems}} {{'REPOSITORY.ITEMS' | translate}}&nbsp;&nbsp;&nbsp;&nbsp;
<clr-dg-pagination #pagination [clrDgPageSize]="10"></clr-dg-pagination>
</clr-dg-footer>
</clr-datagrid>
</div>
</div>`;

91
src/ui_ng/lib/src/tag/tag.component.ts
View File

@ -23,7 +23,7 @@ import {
ElementRef
} from '@angular/core';
import { TagService, VulnerabilitySeverity } from '../service/index';
import { TagService, VulnerabilitySeverity, RequestQueryParams } from '../service/index';
import { ErrorHandler } from '../error-handler/error-handler';
import { ChannelService } from '../channel/index';
import {
@ -44,13 +44,17 @@ import { TAG_STYLE } from './tag.component.css';
import {
toPromise,
CustomComparator,
VULNERABILITY_SCAN_STATUS
calculatePage,
doFiltering,
doSorting,
VULNERABILITY_SCAN_STATUS,
DEFAULT_PAGE_SIZE
} from '../utils';
import { TranslateService } from '@ngx-translate/core';
import { State, Comparator } from 'clarity-angular';
import {CopyInputComponent} from "../push-image/copy-input.component";
import {CopyInputComponent} from '../push-image/copy-input.component';
@Component({
selector: 'hbr-tag',
@ -60,6 +64,7 @@ import {CopyInputComponent} from "../push-image/copy-input.component";
})
export class TagComponent implements OnInit {
signedCon: {[key: string]: any | string[]} = {};
@Input() projectId: number;
@Input() repoName: string;
@Input() isEmbedded: boolean;
@ -82,6 +87,7 @@ export class TagComponent implements OnInit {
digestId: string;
staticBackdrop: boolean = true;
closable: boolean = false;
lastFilteredTagName: string;
createdComparator: Comparator<Tag> = new CustomComparator<Tag>('created', 'date');
@ -94,6 +100,10 @@ export class TagComponent implements OnInit {
@ViewChild('digestTarget') textInput: ElementRef;
@ViewChild('copyInput') copyInput: CopyInputComponent;
pageSize: number = DEFAULT_PAGE_SIZE;
currentPage = 1;
totalCount = 0;
currentState: State;
constructor(
private errorHandler: ErrorHandler,
@ -136,6 +146,61 @@ export class TagComponent implements OnInit {
}
this.retrieve();
this.lastFilteredTagName = '';
}
doSearchTagNames(tagName: string) {
this.lastFilteredTagName = tagName;
this.currentPage = 1;
let st: State = this.currentState;
if (!st) {
st = { page: {} };
}
st.page.size = this.pageSize;
st.page.from = 0;
st.page.to = this.pageSize - 1;
st.filters = [{property: 'name', value: this.lastFilteredTagName}];
this.clrLoad(st);
}
clrLoad(state: State): void {
// Keep it for future filtering and sorting
this.currentState = state;
let pageNumber: number = calculatePage(state);
if (pageNumber <= 0) { pageNumber = 1; }
// Pagination
let params: RequestQueryParams = new RequestQueryParams();
params.set('page', '' + pageNumber);
params.set('page_size', '' + this.pageSize);
this.loading = true;
toPromise<Tag[]>(this.tagService.getTags(
this.repoName,
params))
.then((tags: Tag[]) => {
this.signedCon = {};
// Do filtering and sorting
this.tags = doFiltering<Tag>(tags, state);
this.tags = doSorting<Tag>(this.tags, state);
this.loading = false;
})
.catch(error => {
this.loading = false;
this.errorHandler.error(error);
});
// Force refresh view
let hnd = setInterval(() => this.ref.markForCheck(), 100);
setTimeout(() => clearInterval(hnd), 5000);
}
refresh() {
this.doSearchTagNames('');
}
retrieve() {
@ -146,7 +211,7 @@ export class TagComponent implements OnInit {
toPromise<Tag[]>(this.tagService
.getTags(this.repoName))
.then(items => {
//To keep easy use for vulnerability bar
// To keep easy use for vulnerability bar
items.forEach((t: Tag) => {
if (!t.scan_overview) {
t.scan_overview = {
@ -163,7 +228,7 @@ export class TagComponent implements OnInit {
signatures.push(t.name);
}
//size
// size
t.size = this.sizeTransform(t.size);
});
this.tags = items;
@ -243,20 +308,20 @@ export class TagComponent implements OnInit {
onSuccess($event: any): void {
this.copyFailed = false;
//Directly close dialog
// Directly close dialog
this.showTagManifestOpened = false;
}
onError($event: any): void {
//Show error
// Show error
this.copyFailed = true;
//Select all text
// Select all text
if (this.textInput) {
this.textInput.nativeElement.select();
}
}
//Get vulnerability scanning status
// Get vulnerability scanning status
scanStatus(t: Tag): string {
if (t && t.scan_overview && t.scan_overview.scan_status) {
return t.scan_overview.scan_status;
@ -272,7 +337,7 @@ export class TagComponent implements OnInit {
t.scan_overview.components.total > 0 ? true : false;
}
//Whether show the 'scan now' menu
// Whether show the 'scan now' menu
canScanNow(t: Tag): boolean {
if (!this.withClair) { return false; }
if (!this.hasProjectAdminRole) { return false; }
@ -282,14 +347,14 @@ export class TagComponent implements OnInit {
st !== VULNERABILITY_SCAN_STATUS.running;
}
//Trigger scan
// Trigger scan
scanNow(tagId: string): void {
if (tagId) {
this.channel.publishScanEvent(this.repoName + "/" + tagId);
this.channel.publishScanEvent(this.repoName + '/' + tagId);
}
}
//pull command
// pull command
onCpError($event: any): void {
this.copyInput.setPullCommendShow();
}

2
src/ui_ng/package.json
View File

@ -31,7 +31,7 @@
"clarity-icons": "^0.9.8",
"clarity-ui": "^0.9.8",
"core-js": "^2.4.1",
"harbor-ui": "0.5.27",
"harbor-ui": "0.6.0",
"intl": "^1.2.5",
"mutationobserver-shim": "^0.3.2",
"ngx-cookie": "^1.0.0",

12
src/ui_ng/src/app/harbor-routing.module.ts
View File

@ -106,6 +106,14 @@ const harborRoutes: Routes = [
projectResolver: ProjectRoutingResolver
}
},
{
path: 'projects/:id/repositories/:repo',
component: TagRepositoryComponent,
canActivate: [MemberGuard],
resolve: {
projectResolver: ProjectRoutingResolver
}
},
{
path: 'projects/:id',
component: ProjectDetailComponent,
@ -118,6 +126,10 @@ const harborRoutes: Routes = [
path: 'repositories',
component: RepositoryPageComponent
},
{
path: 'repositories/:repo/tags',
component: TagRepositoryComponent,
},
{
path: 'repositories/:repo/tags/:tag',
component: TagDetailPageComponent

2
src/ui_ng/src/app/repository/repository-page.component.html
View File

@ -1,3 +1,3 @@
<div style="margin-top: 24px;">
<hbr-repository-stackview [projectId]="projectId" [projectName]="projectName" [hasSignedIn]="hasSignedIn" [hasProjectAdminRole]="hasProjectAdminRole" (tagClickEvent)="watchTagClickEvent($event)"></hbr-repository-stackview>
<hbr-repository-listview [projectId]="projectId" [projectName]="projectName" [hasSignedIn]="hasSignedIn" [hasProjectAdminRole]="hasProjectAdminRole" (tagClickEvent)="watchTagClickEvent($event)"></hbr-repository-listview>
</div>

4
src/ui_ng/src/app/repository/repository-page.component.ts
View File

@ -48,7 +48,7 @@ export class RepositoryPageComponent implements OnInit {
}
watchTagClickEvent(tagEvt: TagClickEvent): void {
let linkUrl = ['harbor', 'projects', tagEvt.project_id, 'repositories', tagEvt.repository_name, 'tags', tagEvt.tag_name];
let linkUrl = ['harbor', 'projects', tagEvt.project_id, 'repositories', tagEvt.repository_name];
this.router.navigate(linkUrl);
}
}
};

4
src/ui_ng/src/app/repository/tag-repository/tag-repository.component.html
View File

@ -1,5 +1,3 @@
<div>
<a *ngIf="hasSignedIn" [routerLink]="['/harbor', 'projects', projectId, 'repositories']">&lt; {{'REPOSITORY.REPOSITORIES' | translate}}</a>
<a *ngIf="!hasSignedIn" [routerLink]="['/harbor', 'sign-in']">&lt; {{'SEARCH.BACK' | translate}}</a>
<hbr-tag (tagClickEvent)="watchTagClickEvt($event)" [repoName]="repoName" [registryUrl]="registryUrl" [withNotary]="withNotary" [hasSignedIn]="hasSignedIn" [hasProjectAdminRole]="hasProjectAdminRole" [projectId]="projectId" [isEmbedded]="false" [withClair]="withClair"></hbr-tag>
<hbr-repository (tagClickEvent)="watchTagClickEvt($event)" (backEvt)="goBack($event)" [repoName]="repoName" [hasSignedIn]="hasSignedIn" [hasProjectAdminRole]="hasProjectAdminRole" [projectId]="projectId"></hbr-repository>
</div>

11
src/ui_ng/src/app/repository/tag-repository/tag-repository.component.ts
View File

@ -38,11 +38,16 @@ export class TagRepositoryComponent implements OnInit {
}
ngOnInit() {
this.projectId = this.route.snapshot.params['id'];
if (!this.projectId) {
this.projectId = this.route.snapshot.parent.params['id'];
};
// let resolverData = this.route.snapshot.parent.data;
let resolverData = this.route.snapshot.data;
if (resolverData) {
this.hasProjectAdminRole = (<Project>resolverData['projectResolver']).has_project_admin_role;
}
this.projectId = this.route.snapshot.params['id'];
this.repoName = this.route.snapshot.params['repo'];
this.registryUrl = this.appConfigService.getConfig().registry_url;
@ -64,4 +69,8 @@ export class TagRepositoryComponent implements OnInit {
let linkUrl = ['harbor', 'projects', tagEvt.project_id, 'repositories', tagEvt.repository_name, 'tags', tagEvt.tag_name];
this.router.navigate(linkUrl);
}
goBack(tag: string): void {
this.router.navigate(["harbor", "projects", this.projectId, "repositories"]);
}
}

11
src/ui_ng/src/i18n/lang/en-us-lang.json
View File

@ -32,7 +32,8 @@
"YES": "YES",
"NO": "NO",
"NEGATIVE": "NEGATIVE",
"COPY": "COPY"
"COPY": "COPY",
"EDIT": "EDIT"
},
"TOOLTIP": {
"EMAIL": "Email should be a valid email address like name@example.com.",
@ -364,7 +365,10 @@
"DELETED_TAG_SUCCESS": "Deleted tag successfully.",
"COPY": "Copy",
"NOTARY_IS_UNDETERMINED": "Cannot determine the signature of this tag.",
"PLACEHOLDER": "We couldn't find any repositories!"
"PLACEHOLDER": "We couldn't find any repositories!",
"INFO": "Info",
"NO_INFO": "No description info for this repository",
"IMAGE": "Images"
},
"ALERT": {
"FORM_CHANGE_CONFIRMATION": "Some changes are not saved yet. Do you want to cancel?"
@ -554,7 +558,8 @@
"SCAN_COMPLETION_TIME": "Scan Completed",
"IMAGE_VULNERABILITIES": "Image Vulnerabilities",
"PLACEHOLDER": "We couldn't find any tags!",
"COPY_ERROR": "Copy failed, please try to manually copy."
"COPY_ERROR": "Copy failed, please try to manually copy.",
"FILTER_FOR_TAGS": "Filter Tags"
},
"UNKNOWN_ERROR": "Unknown errors have occurred. Please try again later.",
"UNAUTHORIZED_ERROR": "Your session is invalid or has expired. You need to sign in to continue your action.",

11
src/ui_ng/src/i18n/lang/es-es-lang.json
View File

@ -32,7 +32,8 @@
"YES": "SI",
"NO": "NO",
"NEGATIVE": "NEGATIVO",
"COPY": "COPY"
"COPY": "COPY",
"EDIT": "EDITAR"
},
"TOOLTIP": {
"EMAIL": "El email debe ser una dirección válida como nombre@ejemplo.com.",
@ -365,7 +366,10 @@
"DELETED_TAG_SUCCESS": "Etiqueta eliminada satisfactoriamente.",
"COPY": "Copiar",
"NOTARY_IS_UNDETERMINED": "Cannot determine the signature of this tag.",
"PLACEHOLDER": "We couldn't find any repositories!"
"PLACEHOLDER": "We couldn't find any repositories!",
"INFO": "Información",
"NO_INFO": "Sin información de descripción para este repositorio",
"IMAGE": "Imágenes"
},
"ALERT": {
"FORM_CHANGE_CONFIRMATION": "Algunos cambios no se han guardado aún. ¿Quiere cancelar?"
@ -553,7 +557,8 @@
"SCAN_COMPLETION_TIME": "Scan Completed",
"IMAGE_VULNERABILITIES": "Image Vulnerabilities",
"PLACEHOLDER": "We couldn't find any tags!",
"COPY_ERROR": "Copy failed, please try to manually copy."
"COPY_ERROR": "Copy failed, please try to manually copy.",
"FILTER_FOR_TAGS": "Etiquetas de filtro"
},
"UNKNOWN_ERROR": "Ha ocurrido un error desconocido. Por favor, inténtelo de nuevo más tarde.",
"UNAUTHORIZED_ERROR": "La sesión no es válida o ha caducado. Necesita identificarse de nuevo para llevar a cabo esa acción.",

15
src/ui_ng/src/i18n/lang/zh-cn-lang.json
View File

@ -32,7 +32,8 @@
"YES": "是",
"NO": "否",
"NEGATIVE": "否",
"COPY": "拷贝"
"COPY": "拷贝",
"EDIT": "编辑"
},
"TOOLTIP": {
"EMAIL": "请使用正确的邮箱地址比如name@example.com。",
@ -364,7 +365,10 @@
"DELETED_TAG_SUCCESS": "成功删除镜像标签。",
"COPY": "复制",
"NOTARY_IS_UNDETERMINED": "无法确定镜像标签签名。",
"PLACEHOLDER": "未发现任何镜像库!"
"PLACEHOLDER": "未发现任何镜像库!",
"INFO": "描述信息",
"NO_INFO": "此镜像仓库没有描述信息",
"IMAGE": "镜像"
},
"ALERT": {
"FORM_CHANGE_CONFIRMATION": "表单内容改变,确认是否取消?"
@ -425,7 +429,7 @@
"TOKEN_EXPIRATION": "由令牌服务创建的令牌的过期时间分钟默认为30分钟。",
"PRO_CREATION_RESTRICTION": "用来确定哪些用户有权限创建项目,默认为’所有人‘,设置为’仅管理员‘则只有管理员可以创建项目。",
"ROOT_CERT_DOWNLOAD": "下载镜像库根证书.",
"SCANNING_POLICY": "基于不同需求设置镜像扫描策略。‘无’:不设置任何策略;‘每日定时’:每天在设置的时间定时执行扫描。".
"SCANNING_POLICY": "基于不同需求设置镜像扫描策略。‘无’:不设置任何策略;‘每日定时’:每天在设置的时间定时执行扫描。",
"VERIFY_CERT": "检查来自LDAP服务端的证书"
},
"LDAP": {
@ -521,7 +525,7 @@
"SEVERITY": {
"HIGH": "严重",
"MEDIUM": "中等",
"LOW": "一般",
"LOW": "较低",
"NEGLIGIBLE": "可忽略",
"UNKNOWN": "未知",
"NONE": "无"
@ -554,7 +558,8 @@
"SCAN_COMPLETION_TIME": "扫描完成时间",
"IMAGE_VULNERABILITIES": "镜像缺陷",
"PLACEHOLDER": "未发现任何标签!",
"COPY_ERROR": "拷贝失败,请尝试手动拷贝。"
"COPY_ERROR": "拷贝失败,请尝试手动拷贝。",
"FILTER_FOR_TAGS": "过滤项目"
},
"UNKNOWN_ERROR": "发生未知错误,请稍后再试。",
"UNAUTHORIZED_ERROR": "会话无效或者已经过期, 请重新登录以继续。",

9
tests/apitests/api-testing/client/harbor_api_client.go
View File

@ -6,6 +6,7 @@ import (
"errors"
"io/ioutil"
"net/http"
"net/url"
"strings"
)
@ -22,6 +23,7 @@ type APIClientConfig struct {
CaFile string
CertFile string
KeyFile string
Proxy string
}
//APIClient provided the http client for trigger http requests
@ -60,6 +62,13 @@ func NewAPIClient(config APIClientConfig) (*APIClient, error) {
TLSClientConfig: tlsConfig,
}
//If proxy should be set
if len(strings.TrimSpace(config.Proxy)) > 0 {
if proxyURL, err := url.Parse(config.Proxy); err == nil {
transport.Proxy = http.ProxyURL(proxyURL)
}
}
client := &http.Client{
Transport: transport,
}

17
tests/apitests/api-testing/envs/concourse_ci_ldap.go Normal file
View File

@ -0,0 +1,17 @@
package envs
//ConcourseCILdapEnv : Ldap env for concourse pipeline
var ConcourseCILdapEnv = Environment{
Protocol: "https",
TestingProject: "concoursecitesting01",
ImageName: "busybox",
ImageTag: "latest",
CAFile: "../../../ca.crt",
KeyFile: "../../../key.crt",
CertFile: "../../../cert.crt",
Account: "mike",
Password: "zhu88jie",
Admin: "admin",
AdminPass: "pksxgxmifc0cnwa5px9h",
Hostname: "30.0.0.3",
}

14
tests/apitests/api-testing/envs/environment.go
View File

@ -22,6 +22,7 @@ type Environment struct {
CAFile string //env var: CA_FILE_PATH
CertFile string //env var: CERT_FILE_PATH
KeyFile string //env var: KEY_FILE_PATH
ProxyURL string //env var: http_proxy, https_proxy, HTTP_PROXY, HTTPS_PROXY
//API client
HTTPClient *client.APIClient
@ -95,6 +96,18 @@ func (env *Environment) Load() error {
env.CertFile = certFile
}
proxyEnvVar := "https_proxy"
if env.Protocol == "http" {
proxyEnvVar = "http_proxy"
}
proxyURL := os.Getenv(proxyEnvVar)
if !isNotEmpty(proxyURL) {
proxyURL = os.Getenv(strings.ToUpper(proxyEnvVar))
}
if isNotEmpty(proxyURL) {
env.ProxyURL = proxyURL
}
if !env.loaded {
cfg := client.APIClientConfig{
Username: env.Admin,
@ -102,6 +115,7 @@ func (env *Environment) Load() error {
CaFile: env.CAFile,
CertFile: env.CertFile,
KeyFile: env.KeyFile,
Proxy: env.ProxyURL,
}
httpClient, err := client.NewAPIClient(cfg)

74
tests/apitests/api-testing/tests/suites/base/suite.go Normal file
View File

@ -0,0 +1,74 @@
package base
import (
"fmt"
"github.com/vmware/harbor/tests/apitests/api-testing/envs"
"github.com/vmware/harbor/tests/apitests/api-testing/lib"
)
//ConcourseCiSuite : Provides some base cases
type ConcourseCiSuite struct{}
//Run cases
//Not implemented
func (ccs *ConcourseCiSuite) Run(onEnvironment *envs.Environment) *lib.Report {
return &lib.Report{}
}
//PushImage : Push image to the registry
func (ccs *ConcourseCiSuite) PushImage(onEnvironment *envs.Environment) error {
docker := onEnvironment.DockerClient
if err := docker.Status(); err != nil {
return err
}
imagePulling := fmt.Sprintf("%s:%s", onEnvironment.ImageName, onEnvironment.ImageTag)
if err := docker.Pull(imagePulling); err != nil {
return err
}
if err := docker.Login(onEnvironment.Account, onEnvironment.Password, onEnvironment.Hostname); err != nil {
return err
}
imagePushing := fmt.Sprintf("%s/%s/%s:%s",
onEnvironment.Hostname,
onEnvironment.TestingProject,
onEnvironment.ImageName,
onEnvironment.ImageTag)
if err := docker.Tag(imagePulling, imagePushing); err != nil {
return err
}
if err := docker.Push(imagePushing); err != nil {
return err
}
return nil
}
//PullImage : Pull image from registry
func (ccs *ConcourseCiSuite) PullImage(onEnvironment *envs.Environment) error {
docker := onEnvironment.DockerClient
if err := docker.Status(); err != nil {
return err
}
if err := docker.Login(onEnvironment.Account, onEnvironment.Password, onEnvironment.Hostname); err != nil {
return err
}
imagePulling := fmt.Sprintf("%s/%s/%s:%s",
onEnvironment.Hostname,
onEnvironment.TestingProject,
onEnvironment.ImageName,
onEnvironment.ImageTag)
if err := docker.Pull(imagePulling); err != nil {
return err
}
return nil
}

66
tests/apitests/api-testing/tests/suites/suite01/suite.go
View File

@ -5,6 +5,7 @@ import (
"github.com/vmware/harbor/tests/apitests/api-testing/envs"
"github.com/vmware/harbor/tests/apitests/api-testing/lib"
"github.com/vmware/harbor/tests/apitests/api-testing/tests/suites/base"
)
//Steps of suite01:
@ -22,7 +23,9 @@ import (
// s11: delete user
//ConcourseCiSuite01 : For harbor journey in concourse pipeline
type ConcourseCiSuite01 struct{}
type ConcourseCiSuite01 struct {
base.ConcourseCiSuite
}
//Run : Run a group of cases
func (ccs *ConcourseCiSuite01) Run(onEnvironment *envs.Environment) *lib.Report {
@ -60,7 +63,7 @@ func (ccs *ConcourseCiSuite01) Run(onEnvironment *envs.Environment) *lib.Report
}
//s4
if err := ccs.pushImage(onEnvironment); err != nil {
if err := ccs.PushImage(onEnvironment); err != nil {
report.Failed("pushImage", err)
} else {
report.Passed("pushImage")
@ -76,7 +79,7 @@ func (ccs *ConcourseCiSuite01) Run(onEnvironment *envs.Environment) *lib.Report
}
//s6
if err := ccs.pullImage(onEnvironment); err != nil {
if err := ccs.PullImage(onEnvironment); err != nil {
report.Failed("pullImage[1]", err)
} else {
report.Passed("pullImage[1]")
@ -91,7 +94,7 @@ func (ccs *ConcourseCiSuite01) Run(onEnvironment *envs.Environment) *lib.Report
}
//s8
if err := ccs.pullImage(onEnvironment); err == nil {
if err := ccs.PullImage(onEnvironment); err == nil {
report.Failed("pullImage[2]", err)
} else {
report.Passed("pullImage[2]")
@ -120,58 +123,3 @@ func (ccs *ConcourseCiSuite01) Run(onEnvironment *envs.Environment) *lib.Report
return report
}
func (ccs *ConcourseCiSuite01) pushImage(onEnvironment *envs.Environment) error {
docker := onEnvironment.DockerClient
if err := docker.Status(); err != nil {
return err
}
imagePulling := fmt.Sprintf("%s:%s", onEnvironment.ImageName, onEnvironment.ImageTag)
if err := docker.Pull(imagePulling); err != nil {
return err
}
if err := docker.Login(onEnvironment.Account, onEnvironment.Password, onEnvironment.Hostname); err != nil {
return err
}
imagePushing := fmt.Sprintf("%s/%s/%s:%s",
onEnvironment.Hostname,
onEnvironment.TestingProject,
onEnvironment.ImageName,
onEnvironment.ImageTag)
if err := docker.Tag(imagePulling, imagePushing); err != nil {
return err
}
if err := docker.Push(imagePushing); err != nil {
return err
}
return nil
}
func (ccs *ConcourseCiSuite01) pullImage(onEnvironment *envs.Environment) error {
docker := onEnvironment.DockerClient
if err := docker.Status(); err != nil {
return err
}
if err := docker.Login(onEnvironment.Account, onEnvironment.Password, onEnvironment.Hostname); err != nil {
return err
}
imagePulling := fmt.Sprintf("%s/%s/%s:%s",
onEnvironment.Hostname,
onEnvironment.TestingProject,
onEnvironment.ImageName,
onEnvironment.ImageTag)
if err := docker.Pull(imagePulling); err != nil {
return err
}
return nil
}

22
tests/apitests/api-testing/tests/suites/suite02/run_test.go Normal file
View File

@ -0,0 +1,22 @@
package suite02
import (
"testing"
"github.com/vmware/harbor/tests/apitests/api-testing/envs"
)
//TestRun : Start to run the case
func TestRun(t *testing.T) {
//Initialize env
if err := envs.ConcourseCILdapEnv.Load(); err != nil {
t.Fatal(err.Error())
}
suite := ConcourseCiSuite02{}
report := suite.Run(&envs.ConcourseCILdapEnv)
report.Print()
if report.IsFail() {
t.Fail()
}
}

Some files were not shown because too many files have changed in this diff Show More