Merge remote-tracking branch 'upstream/master'

This commit is contained in:
Tan Jiang 2016-08-03 10:40:29 +08:00
commit c76d6afec2
39 changed files with 1052 additions and 89 deletions

View File

@ -30,6 +30,6 @@ notifications:
- name: harbor
disabled: false
url: http://ui/service/notifications
timeout: 500ms
timeout: 3000ms
threshold: 5
backoff: 1s

View File

@ -5,22 +5,25 @@
![alg tag](https://cloud.githubusercontent.com/assets/2390463/13484557/088a1000-e13a-11e5-87d4-a64366365bef.png)
Project Harbor is an enterprise-class registry server, which extends the open source Docker Registry server by adding the functionality usually required by an enterprise, such as security, replication and management. Harbor is primarily designed to be a private registry - providing the needed security and control that enterprises require. It also helps minimize bandwidth usage, which is helpful to both improve productivity (local network access) as well as performance (for those with poor internet connectivity).
Project Harbor is an enterprise-class registry server that stores and distributes Docker images. Harbor extends the open source Docker Distribution by adding the functionalities usually required by an enterprise, such as security, identity and management. As an enterprise private registry, Harbor offers better performance and security. Having a registry closer to the build and run environment improves the image transfer efficiency. Harbor supports the setup of multiple registries and has images replicated between them. With Harbor, the images are stored within the private registry, keeping the bits and intellectual properties behind the company firewall. In addition, Harbor offers advanced security features, such as user management, access control and activity auditing.
### Features
* **Role based access control**: Users and Docker repositories are organized via "projects", a user can have different permission for images under a project.
* **Image replication**: Images can be replicated(synchronized) between multiple registry instances. Great for load balancing and distributed data centers.
* **Graphical user portal**: User can easily browse, search Docker repositories, manage projects/namespaces.
* **Role based access control**: Users and repositories are organized via 'projects' and a user can have different permission for images under a project.
* **Image replication**: Images can be replicated (synchronized) between multiple registry instances. Great for load balancing, high availability, hybrid and multi-cloud scenarios.
* **Graphical user portal**: User can easily browse, search repositories and manage projects.
* **AD/LDAP support**: Harbor integrates with existing enterprise AD/LDAP for user authentication and management.
* **Auditing**: All the operations to the repositories are tracked.
* **Internationalization**: Already localized for English, Chinese, German, Japanese and Russian. More languages can be added.
* **RESTful API**: RESTful APIs for most administrative operations, easing intergration with external management platforms.
* **RESTful API**: RESTful APIs for most administrative operations, easy to integrate with external systems.
* **Easy deployment**: docker compose and offline installer.
### Getting Started
Harbor is self-contained and can be easily deployed via docker-compose (Quick-Start steps below). Refer to the [Installation and Configuration Guide](docs/installation_guide.md) for detailed information.
### Install
**System requirements:**
Harbor only works with docker 1.10+ and docker-compose 1.6.0+, and an internet-connected host.
Harbor only works with docker 1.10.0+ and docker-compose 1.6.0+.
#### Install via docker compose
On an Internet connected host, Harbor can be easily installed via docker-compose:
1. Get the source code:
@ -43,22 +46,24 @@ Harbor only works with docker 1.10+ and docker-compose 1.6.0+, and an internet-c
$ docker-compose up -d
```
_If everything worked properly, you should be able to open a browser to visit the admin portal at http://reg.yourdomain.com . Note that the default administrator username/password are admin/Harbor12345 ._
#### Install via offline installer
For those who do not want to clone the source, or need to install Harbor on a server not connected to the Internet, there is a pre-built installation package available. For details on how to download and use the installation package, please refer to [Installation and Configuration Guide](docs/installation_guide.md).
Log in to the admin portal and create a new project, e.g. `myproject`. You can then use docker commands to login and push images (By default, the registry server listens on port 80):
#### After installation
_If everything worked properly, you should be able to open a browser to visit the admin portal at http://reg.yourdomain.com. Note that the default administrator username/password are admin/Harbor12345._
Log in to the admin portal and create a new project, e.g. `myproject`. You can then use docker commands to login and push images (by default, the registry server listens on port 80):
```sh
$ docker login reg.yourdomain.com
$ docker push reg.yourdomain.com/myproject/myrepo
```
**Data migration:**
### Upgrade
If you are upgrading Harbor from an older version with existing data, you may need to migrate the data to fit the new database schema. For more details please refer to [Data Migration Guide](docs/migration_guide.md) .
If you are upgrading Harbor from an older version with existing data, you need to migrate the data to fit the new database schema. For more details, please refer to [Data Migration Guide](docs/migration_guide.md).
**NOTE:**
For those who don't want to clone the source, or need to install Harbor on a server not connected to the Internet - there is a pre-built installation package available. For details on how to download and use this installation package, please refer to [Installation and Configuration Guide](docs/installation_guide.md) .
For information on how to use Harbor, please see [User Guide](docs/user_guide.md) .
### Run
For information on how to use Harbor, please take a look at [User Guide](docs/user_guide.md).
### Contribution
We welcome contributions from the community. If you wish to contribute code and you have not signed our contributor license agreement (CLA), our bot will update the issue when you open a pull request. For any questions about the CLA process, please refer to our [FAQ](https://cla.vmware.com/faq).
@ -77,4 +82,4 @@ Harbor is available under the [Apache 2 license](LICENSE).
<img alt="beego" src="docs/img/beegoLogo.png"> Harbor is powered by <a href="http://beego.me/">Beego</a>.
### About
Project Harbor is initiated by VMware China R&D as a Cloud Application Accelerator (CAA) project. CAA provides a set of tools to improve the productivity of cloud developers in China and other countries. CAA includes tools like registry server, mirror server, decentralized image distributor, etc.
Project Harbor is initiated by the Advanced Technology Center (ATC), VMware China R&D as a Cloud Application Accelerator (CAA) project.

View File

@ -134,6 +134,10 @@ func (ra *RepJobAPI) Delete() {
ra.CustomAbort(http.StatusInternalServerError, http.StatusText(http.StatusInternalServerError))
}
if job == nil {
ra.CustomAbort(http.StatusNotFound, fmt.Sprintf("job %d not found", ra.jobID))
}
if job.Status == models.JobPending || job.Status == models.JobRunning {
ra.CustomAbort(http.StatusBadRequest, fmt.Sprintf("job is %s, can not be deleted", job.Status))
}

View File

@ -17,6 +17,7 @@ package api
import (
"encoding/json"
"fmt"
"net/http"
"os"
"sort"
@ -210,6 +211,10 @@ func (ra *RepositoryAPI) GetTags() {
ra.CustomAbort(http.StatusInternalServerError, "")
}
if project == nil {
ra.CustomAbort(http.StatusNotFound, fmt.Sprintf("project %s not found", projectName))
}
if project.Public == 0 {
userID := ra.ValidateUser()
if !checkProjectPermission(userID, project.ProjectID) {

View File

@ -1,68 +0,0 @@
version: '2'
services:
log:
image: daocloud.io/harbor/deploy_log:latest
volumes:
- /var/log/harbor/:/var/log/docker/
ports:
- 1514:514
registry:
image: daocloud.io/library/registry:2.3.0
volumes:
- /data/registry:/storage
- ./config/registry/:/etc/registry/
ports:
- 5001:5001
command:
/etc/registry/config.yml
depends_on:
- log
logging:
driver: "syslog"
options:
syslog-address: "tcp://127.0.0.1:1514"
syslog-tag: "registry"
mysql:
image: daocloud.io/harbor/deploy_mysql:latest
volumes:
- /data/database:/var/lib/mysql
env_file:
- ./config/db/env
depends_on:
- log
logging:
driver: "syslog"
options:
syslog-address: "tcp://127.0.0.1:1514"
syslog-tag: "mysql"
ui:
image: daocloud.io/harbor/deploy_ui:latest
env_file:
- ./config/ui/env
volumes:
- ./config/ui/app.conf:/etc/ui/app.conf
- ./config/ui/private_key.pem:/etc/ui/private_key.pem
depends_on:
- log
logging:
driver: "syslog"
options:
syslog-address: "tcp://127.0.0.1:1514"
syslog-tag: "ui"
proxy:
image: daocloud.io/library/nginx:1.9
volumes:
- ./config/nginx:/etc/nginx
ports:
- 80:80
- 443:443
depends_on:
- mysql
- registry
- ui
- log
logging:
driver: "syslog"
options:
syslog-address: "tcp://127.0.0.1:1514"
syslog-tag: "proxy"

View File

@ -0,0 +1 @@
docker-compose.sh is used to configure docker-compose.yml to pull images from platform like docker hub, daocloud.io and others. If you don't want to waste time on building images, you can execute this script to pull images from platform you prefer. Currently, we only support daocloud.io and docker hub, the default is docker hub.

View File

@ -0,0 +1,32 @@
#/bin/bash
read -p "Please input the platform name you want to pull images, for docker hub, enter 1; for daocloud.io, enter 2, otherwise enter the name of the platform, the default is 1:" choice
cd ../../Deploy
template_file="docker-compose.yml.template"
yml_file='docker-compose.yml'
if test -e $template_file
then
cp $template_file $yml_file
else
cp $yml_file $template_file
fi
platform=''
choice=${choice:-1}
if [ $choice == '1' ]
then
platform='prjharbor/'
elif [ $choice == '2' ]
then
platform='daocloud.io/harbor/'
else
platform=$choice
fi
version='0.3.0'
log='deploy_log:'
db='deploy_mysql:'
job_service='deploy_jobservice:'
ui='deploy_ui:'
sed -i -- '/build: .\/log\//c\ image: '$platform$log$version'' $yml_file
sed -i -- '/build: .\/db\//c\ image: '$platform$db$version'' $yml_file
sed -i -- '/ui:/{n;N;N;d}' $yml_file && sed -i -- '/ui:/a\\ image: '$platform$ui$version'' $yml_file
sed -i -- '/jobservice:/{n;N;N;d}' $yml_file && sed -i -- '/jobservice:/a\\ image: '$platform$job_service$version'' $yml_file
echo "succeed! "

94
contrib/sdk/harbor-py/.gitignore vendored Normal file
View File

@ -0,0 +1,94 @@
# Temporary files
files.txt
*.swp
*~
# Byte-compiled / optimized / DLL files
__pycache__/
*.py[cod]
*$py.class
# C extensions
*.so
# Distribution / packaging
.Python
env/
build/
develop-eggs/
dist/
downloads/
eggs/
.eggs/
lib/
lib64/
parts/
sdist/
var/
*.egg-info/
.installed.cfg
*.egg
# PyInstaller
# Usually these files are written by a python script from a template
# before PyInstaller builds the exe, so as to inject date/other infos into it.
*.manifest
*.spec
# Installer logs
pip-log.txt
pip-delete-this-directory.txt
# Unit test / coverage reports
htmlcov/
.tox/
.coverage
.coverage.*
.cache
nosetests.xml
coverage.xml
*,cover
.hypothesis/
# Translations
*.mo
*.pot
# Django stuff:
*.log
local_settings.py
# Flask stuff:
instance/
.webassets-cache
# Scrapy stuff:
.scrapy
# Sphinx documentation
docs/_build/
# PyBuilder
target/
# IPython Notebook
.ipynb_checkpoints
# pyenv
.python-version
# celery beat schedule file
celerybeat-schedule
# dotenv
.env
# virtualenv
venv/
ENV/
# Spyder project settings
.spyderproject
# Rope project settings
.ropeproject

View File

@ -0,0 +1,69 @@
## Introduction
[harbor](https://github.com/vmware/harbor) is the enterprise-class registry server for docker distribution.
[harbor-py](https://github.com/tobegit3hub/harbor-py) is the native and compatible python SDK for harbor. The supported APIs are list below.
- [x] Projects APIs
- [x] [Get projects](./examples/get_projects.py)
- [x] [Create project](./examples/create_project.py)
- [x] [Check project exist](./examples/check_project_exist.py)
- [x] [Set project publicity](./examples/set_project_publicity.py)
- [x] [Get project id from name](./examples/get_project_id_from_name.py)
- [ ] Get project access logs
- [ ] Get project member
- [ ] Get project and user member
- [x] Users APIs
- [x] [Get users](./examples/get_users.py)
- [x] [Create user](./examples/create_user.py)
- [x] [Update user profile](./examples/update_user_profile.py)
- [x] [Delete user](./examples/delete_user.py)
- [x] [Change password](./examples/change_password.py)
- [x] [Promote as admin](./examples/promote_as_admin.py)
- [x] Repositories APIs
- [x] [Get repositories](./examples/get_repositories.py)
- [x] [Delete repository](./examples/delete_repository.py)
- [x] [Get repository tags](./examples/get_repository_tags.py)
- [x] [Get repository manifests](./examples/get_repository_manifests.py)
- [x] Others APIs
- [x] [Search](./examples/search.py)
- [x] [Get statistics](./examples/get_statistics.py)
- [x] [Get top accessed repositories](./examples/get_top_accessed_repositories.py)
- [x] [Get logs](./examples/get_logs.py)
## Installation
```
pip install harbor-py
```
## Usage
```
from harborclient import harborclient
host = "127.0.0.1"
user = "admin"
password = "Harbor12345"
client = harborclient.HarborClient(host, user, password)
client.get_projects()
client.get_users()
client.get_statistics()
client.get_top_accessed_repositories()
client.search("library")
```
For more usage, please refer to the [examples](./examples/).
## Contribution
If you have any suggestion, feel free to submit [issues](https://github.com/tobegit3hub/harbor-py/issues) or send [pull-requests](https://github.com/tobegit3hub/harbor-py/pulls) for `harbor-py`.
Publish `harbor-py` package to [pypi](https://pypi.python.org/pypi/harbor-py/) server with the following commands.
```
python setup.py register -r pypi
python setup.py sdist upload -r pypi
```

View File

@ -0,0 +1,18 @@
#!/usr/bin/env python
import sys
sys.path.append("../")
from harborclient import harborclient
host = "127.0.0.1"
user = "admin"
password = "Harbor12345"
client = harborclient.HarborClient(host, user, password)
# Change password
user_id = 2
old_password = "test-password"
new_password = "new-password"
client.change_password(user_id, old_password, new_password)

View File

@ -0,0 +1,16 @@
#!/usr/bin/env python
import sys
sys.path.append("../")
from harborclient import harborclient
host = "127.0.0.1"
user = "admin"
password = "Harbor12345"
client = harborclient.HarborClient(host, user, password)
# Check if project exists
project_name = "test-project"
print(client.check_project_exist(project_name))

View File

@ -0,0 +1,17 @@
#!/usr/bin/env python
import sys
sys.path.append("../")
from harborclient import harborclient
host = "127.0.0.1"
user = "admin"
password = "Harbor12345"
client = harborclient.HarborClient(host, user, password)
# Create project
project_name = "test-project"
is_public = True
client.create_project(project_name, is_public)

View File

@ -0,0 +1,20 @@
#!/usr/bin/env python
import sys
sys.path.append("../")
from harborclient import harborclient
host = "127.0.0.1"
user = "admin"
password = "Harbor12345"
client = harborclient.HarborClient(host, user, password)
# Create user
username = "test-username"
email = "test-email@gmail.com"
password = "test-password"
realname = "test-realname"
comment = "test-comment"
client.create_user(username, email, password, realname, comment)

View File

@ -0,0 +1,16 @@
#!/usr/bin/env python
import sys
sys.path.append("../")
from harborclient import harborclient
host = "127.0.0.1"
user = "admin"
password = "Harbor12345"
client = harborclient.HarborClient(host, user, password)
# Delete repository
repo_name = "library/cirros"
client.delete_repository(repo_name)

View File

@ -0,0 +1,16 @@
#!/usr/bin/env python
import sys
sys.path.append("../")
from harborclient import harborclient
host = "127.0.0.1"
user = "admin"
password = "Harbor12345"
client = harborclient.HarborClient(host, user, password)
# Delete user
user_id = 2
print(client.delete_user(user_id))

View File

@ -0,0 +1,15 @@
#!/usr/bin/env python
import sys
sys.path.append("../")
from harborclient import harborclient
host = "127.0.0.1"
user = "admin"
password = "Harbor12345"
client = harborclient.HarborClient(host, user, password)
# Get logs
print(client.get_logs())

View File

@ -0,0 +1,16 @@
#!/usr/bin/env python
import sys
sys.path.append("../")
from harborclient import harborclient
host = "127.0.0.1"
user = "admin"
password = "Harbor12345"
client = harborclient.HarborClient(host, user, password)
# Get project id from name
project_name = "library"
print(client.get_project_id_from_name(project_name))

View File

@ -0,0 +1,15 @@
#!/usr/bin/env python
import sys
sys.path.append("../")
from harborclient import harborclient
host = "127.0.0.1"
user = "admin"
password = "Harbor12345"
client = harborclient.HarborClient(host, user, password)
# Get all projects
print(client.get_projects())

View File

@ -0,0 +1,16 @@
#!/usr/bin/env python
import sys
sys.path.append("../")
from harborclient import harborclient
host = "127.0.0.1"
user = "admin"
password = "Harbor12345"
client = harborclient.HarborClient(host, user, password)
# Get all repositories
project_id = 1
print(client.get_repositories(project_id))

View File

@ -0,0 +1,17 @@
#!/usr/bin/env python
import sys
sys.path.append("../")
from harborclient import harborclient
host = "127.0.0.1"
user = "admin"
password = "Harbor12345"
client = harborclient.HarborClient(host, user, password)
# Get repository manifests
repo_name = "library/cirros"
tag = "latest"
client.get_repository_manifests(repo_name, tag)

View File

@ -0,0 +1,16 @@
#!/usr/bin/env python
import sys
sys.path.append("../")
from harborclient import harborclient
host = "127.0.0.1"
user = "admin"
password = "Harbor12345"
client = harborclient.HarborClient(host, user, password)
# Get repository tags
repo_name = "library/cirros"
client.get_repository_tags(repo_name)

View File

@ -0,0 +1,13 @@
#!/usr/bin/env python
import sys
sys.path.append("../")
from harborclient import harborclient
host = "127.0.0.1"
user = "admin"
password = "Harbor12345"
client = harborclient.HarborClient(host, user, password)
print(client.get_statistics())

View File

@ -0,0 +1,19 @@
#!/usr/bin/env python
import sys
sys.path.append("../")
from harborclient import harborclient
host = "127.0.0.1"
user = "admin"
password = "Harbor12345"
client = harborclient.HarborClient(host, user, password)
# Get top accessed respositories
print(client.get_top_accessed_repositories())
# Get top accessed respositories with count
count = 1
print(client.get_top_accessed_repositories(count))

View File

@ -0,0 +1,15 @@
#!/usr/bin/env python
import sys
sys.path.append("../")
from harborclient import harborclient
host = "127.0.0.1"
user = "admin"
password = "Harbor12345"
client = harborclient.HarborClient(host, user, password)
# Get all users
print(client.get_users())

View File

@ -0,0 +1,16 @@
#!/usr/bin/env python
import sys
sys.path.append("../")
from harborclient import harborclient
host = "127.0.0.1"
user = "admin"
password = "Harbor12345"
client = harborclient.HarborClient(host, user, password)
# Promote as admin
user_id = 2
client.promote_as_admin(user_id)

View File

@ -0,0 +1,16 @@
#!/usr/bin/env python
import sys
sys.path.append("../")
from harborclient import harborclient
host = "127.0.0.1"
user = "admin"
password = "Harbor12345"
client = harborclient.HarborClient(host, user, password)
# Search with query string
query_string = "library"
print(client.search(query_string))

View File

@ -0,0 +1,17 @@
#!/usr/bin/env python
import sys
sys.path.append("../")
from harborclient import harborclient
host = "127.0.0.1"
user = "admin"
password = "Harbor12345"
client = harborclient.HarborClient(host, user, password)
# Set project publicity
project_id = 1
is_public = True
client.set_project_publicity(project_id, is_public)

View File

@ -0,0 +1,12 @@
#!/usr/bin/env python
import sys
sys.path.append("../")
from harborclient import harborclient
host = "127.0.0.1"
user = "admin"
password = "Harbor12345"
client = harborclient.HarborClient(host, user, password)

View File

@ -0,0 +1,19 @@
#!/usr/bin/env python
import sys
sys.path.append("../")
from harborclient import harborclient
host = "127.0.0.1"
user = "admin"
password = "Harbor12345"
client = harborclient.HarborClient(host, user, password)
# Update user profile
user_id = 2
email = "new@gmail.com"
realname = "new_realname"
comment = "new_comment"
client.update_user_profile(user_id, email, realname, comment)

View File

@ -0,0 +1,5 @@
#!/bin/bash
set -x
find ./ -name "*.py" |xargs sudo yapf -i

View File

@ -0,0 +1,372 @@
#!/usr/bin/env python
import json
import logging
import requests
logging.basicConfig(level=logging.INFO)
class HarborClient(object):
def __init__(self, host, user, password, protocol="http"):
self.host = host
self.user = user
self.password = password
self.protocol = protocol
self.session_id = self.login()
def __del__(self):
self.logout()
def login(self):
login_data = requests.post('%s://%s/login' %
(self.protocol, self.host),
data={'principal': self.user,
'password': self.password})
if login_data.status_code == 200:
session_id = login_data.cookies.get('beegosessionID')
logging.debug("Successfully login, session id: {}".format(
session_id))
return session_id
else:
logging.error("Fail to login, please try again")
return None
def logout(self):
requests.get('%s://%s/logout' % (self.protocol, self.host),
cookies={'beegosessionID': self.session_id})
logging.debug("Successfully logout")
# Get project id
def get_project_id_from_name(self, project_name):
registry_data = requests.get(
'%s://%s/api/projects?project_name=%s' %
(self.protocol, self.host, project_name),
cookies={'beegosessionID': self.session_id})
if registry_data.status_code == 200 and registry_data.json():
project_id = registry_data.json()[0]['project_id']
logging.debug(
"Successfully get project id: {}, project name: {}".format(
project_id, project_name))
return project_id
else:
logging.error("Fail to get project id from project name",
project_name)
return None
# GET /search
def search(self, query_string):
result = None
path = '%s://%s/api/search?q=%s' % (self.protocol, self.host,
query_string)
response = requests.get(path,
cookies={'beegosessionID': self.session_id})
if response.status_code == 200:
result = response.json()
logging.debug("Successfully get search result: {}".format(result))
else:
logging.error("Fail to get search result")
return result
# GET /projects
def get_projects(self, project_name=None, is_public=None):
# TODO: support parameter
result = None
path = '%s://%s/api/projects' % (self.protocol, self.host)
response = requests.get(path,
cookies={'beegosessionID': self.session_id})
if response.status_code == 200:
result = response.json()
logging.debug("Successfully get projects result: {}".format(
result))
else:
logging.error("Fail to get projects result")
return result
# HEAD /projects
def check_project_exist(self, project_name):
result = False
path = '%s://%s/api/projects?project_name=%s' % (
self.protocol, self.host, project_name)
response = requests.head(path,
cookies={'beegosessionID': self.session_id})
if response.status_code == 200:
result = True
logging.debug(
"Successfully check project exist, result: {}".format(result))
elif response.status_code == 404:
result = False
logging.debug(
"Successfully check project exist, result: {}".format(result))
else:
logging.error("Fail to check project exist")
return result
# POST /projects
def create_project(self, project_name, is_public=False):
result = False
path = '%s://%s/api/projects' % (self.protocol, self.host)
request_body = json.dumps({'project_name': project_name,
'public': is_public})
response = requests.post(path,
cookies={'beegosessionID': self.session_id},
data=request_body)
if response.status_code == 201 or response.status_code == 500:
# TODO: the response return 500 sometimes
result = True
logging.debug(
"Successfully create project with project name: {}".format(
project_name))
else:
logging.error(
"Fail to create project with project name: {}, response code: {}".format(
project_name, response.status_code))
return result
# PUT /projects/{project_id}/publicity
def set_project_publicity(self, project_id, is_public):
result = False
path = '%s://%s/api/projects/%s/publicity?project_id=%s' % (
self.protocol, self.host, project_id, project_id)
request_body = json.dumps({'public': is_public})
response = requests.put(path,
cookies={'beegosessionID': self.session_id},
data=request_body)
if response.status_code == 200:
result = True
logging.debug(
"Success to set project id: {} with publicity: {}".format(
project_id, is_public))
else:
logging.error(
"Fail to set publicity to project id: {} with status code: {}".format(
project_id, response.status_code))
return result
# GET /statistics
def get_statistics(self):
result = None
path = '%s://%s/api/statistics' % (self.protocol, self.host)
response = requests.get(path,
cookies={'beegosessionID': self.session_id})
if response.status_code == 200:
result = response.json()
logging.debug("Successfully get statistics: {}".format(result))
else:
logging.error("Fail to get statistics result")
return result
# GET /users
def get_users(self, user_name=None):
# TODO: support parameter
result = None
path = '%s://%s/api/users' % (self.protocol, self.host)
response = requests.get(path,
cookies={'beegosessionID': self.session_id})
if response.status_code == 200:
result = response.json()
logging.debug("Successfully get users result: {}".format(result))
else:
logging.error("Fail to get users result")
return result
# POST /users
def create_user(self, username, email, password, realname, comment):
result = False
path = '%s://%s/api/users' % (self.protocol, self.host)
request_body = json.dumps({'username': username,
'email': email,
'password': password,
'realname': realname,
'comment': comment})
response = requests.post(path,
cookies={'beegosessionID': self.session_id},
data=request_body)
if response.status_code == 201:
result = True
logging.debug("Successfully create user with username: {}".format(
username))
else:
logging.error(
"Fail to create user with username: {}, response code: {}".format(
username, response.status_code))
return result
# PUT /users/{user_id}
def update_user_profile(self, user_id, email, realname, comment):
# TODO: support not passing comment
result = False
path = '%s://%s/api/users/%s?user_id=%s' % (self.protocol, self.host,
user_id, user_id)
request_body = json.dumps({'email': email,
'realname': realname,
'comment': comment})
response = requests.put(path,
cookies={'beegosessionID': self.session_id},
data=request_body)
if response.status_code == 200:
result = True
logging.debug(
"Successfully update user profile with user id: {}".format(
user_id))
else:
logging.error(
"Fail to update user profile with user id: {}, response code: {}".format(
user_id, response.status_code))
return result
# DELETE /users/{user_id}
def delete_user(self, user_id):
result = False
path = '%s://%s/api/users/%s?user_id=%s' % (self.protocol, self.host,
user_id, user_id)
response = requests.delete(path,
cookies={'beegosessionID': self.session_id})
if response.status_code == 200:
result = True
logging.debug("Successfully delete user with id: {}".format(
user_id))
else:
logging.error("Fail to delete user with id: {}".format(user_id))
return result
# PUT /users/{user_id}/password
def change_password(self, user_id, old_password, new_password):
result = False
path = '%s://%s/api/users/%s/password?user_id=%s' % (
self.protocol, self.host, user_id, user_id)
request_body = json.dumps({'old_password': old_password,
'new_password': new_password})
response = requests.put(path,
cookies={'beegosessionID': self.session_id},
data=request_body)
if response.status_code == 200:
result = True
logging.debug(
"Successfully change password for user id: {}".format(user_id))
else:
logging.error("Fail to change password for user id: {}".format(
user_id))
return result
# PUT /users/{user_id}/sysadmin
def promote_as_admin(self, user_id):
# TODO: always return 404, need more test
result = False
path = '%s://%s/api/users/%s/sysadmin?user_id=%s' % (
self.protocol, self.host, user_id, user_id)
response = requests.put(path,
cookies={'beegosessionID': self.session_id})
if response.status_code == 200:
result = True
logging.debug(
"Successfully promote user as admin with user id: {}".format(
user_id))
else:
logging.error(
"Fail to promote user as admin with user id: {}, response code: {}".format(
user_id, response.status_code))
return result
# GET /repositories
def get_repositories(self, project_id, query_string=None):
# TODO: support parameter
result = None
path = '%s://%s/api/repositories?project_id=%s' % (
self.protocol, self.host, project_id)
response = requests.get(path,
cookies={'beegosessionID': self.session_id})
if response.status_code == 200:
result = response.json()
logging.debug(
"Successfully get repositories with id: {}, result: {}".format(
project_id, result))
else:
logging.error("Fail to get repositories result with id: {}".format(
project_id))
return result
# DELETE /repositories
def delete_repository(self, repo_name, tag=None):
# TODO: support to check tag
# TODO: return 200 but the repo is not deleted, need more test
result = False
path = '%s://%s/api/repositories?repo_name=%s' % (self.protocol,
self.host, repo_name)
response = requests.delete(path,
cookies={'beegosessionID': self.session_id})
if response.status_code == 200:
result = True
logging.debug("Successfully delete repository: {}".format(
repo_name))
else:
logging.error("Fail to delete repository: {}".format(repo_name))
return result
# Get /repositories/tags
def get_repository_tags(self, repo_name):
result = None
path = '%s://%s/api/repositories/tags?repo_name=%s' % (
self.protocol, self.host, repo_name)
response = requests.get(path,
cookies={'beegosessionID': self.session_id})
if response.status_code == 200:
result = response.json()
logging.debug(
"Successfully get tag with repo name: {}, result: {}".format(
repo_name, result))
else:
logging.error("Fail to get tags with repo name: {}".format(
repo_name))
return result
# GET /repositories/manifests
def get_repository_manifests(self, repo_name, tag):
result = None
path = '%s://%s/api/repositories/manifests?repo_name=%s&tag=%s' % (
self.protocol, self.host, repo_name, tag)
response = requests.get(path,
cookies={'beegosessionID': self.session_id})
if response.status_code == 200:
result = response.json()
logging.debug(
"Successfully get manifests with repo name: {}, tag: {}, result: {}".format(
repo_name, tag, result))
else:
logging.error(
"Fail to get manifests with repo name: {}, tag: {}".format(
repo_name, tag))
return result
# GET /repositories/top
def get_top_accessed_repositories(self, count=None):
result = None
path = '%s://%s/api/repositories/top' % (self.protocol, self.host)
if count:
path += "?count=%s" % (count)
response = requests.get(path,
cookies={'beegosessionID': self.session_id})
if response.status_code == 200:
result = response.json()
logging.debug(
"Successfully get top accessed repositories, result: {}".format(
result))
else:
logging.error("Fail to get top accessed repositories")
return result
# GET /logs
def get_logs(self, lines=None, start_time=None, end_time=None):
result = None
path = '%s://%s/api/logs' % (self.protocol, self.host)
response = requests.get(path,
cookies={'beegosessionID': self.session_id})
if response.status_code == 200:
result = response.json()
logging.debug("Successfully get logs")
else:
logging.error("Fail to get logs and response code: {}".format(
response.status_code))
return result

View File

@ -0,0 +1,3 @@
#!/usr/bin/env python
import harborclient

View File

@ -0,0 +1 @@
requests>2.2.0

View File

@ -0,0 +1,103 @@
""" The missing harbor python SDK
See: https://github.com/tobegit3hub/harbor-py
"""
from setuptools import setup, find_packages
from codecs import open
from os import path
setup(
name='harbor-py',
# Versions should comply with PEP440. For a discussion on single-sourcing
# the version across setup.py and the project code, see
# https://packaging.python.org/en/latest/single_source_version.html
version='1.2.0',
description='The missing harbor python SDK',
# The project's main homepage.
url='https://github.com/tobegit3hub/harbor-py',
# Author details
author='tobe',
author_email='tobeg3oogle@gmail.com',
# Choose your license
license='Apache Software',
# See https://pypi.python.org/pypi?%3Aaction=list_classifiers
classifiers=[
# How mature is this project? Common values are
# 3 - Alpha
# 4 - Beta
# 5 - Production/Stable
'Development Status :: 3 - Alpha',
# Indicate who your project is intended for
'Intended Audience :: Developers',
'Topic :: Software Development :: Build Tools',
# Pick your license as you wish (should match "license" above)
'License :: OSI Approved :: Apache Software License',
# Specify the Python versions you support here. In particular, ensure
# that you indicate whether you support Python 2, Python 3 or both.
'Programming Language :: Python :: 2',
'Programming Language :: Python :: 2.6',
'Programming Language :: Python :: 2.7',
'Programming Language :: Python :: 3',
'Programming Language :: Python :: 3.3',
'Programming Language :: Python :: 3.4',
'Programming Language :: Python :: 3.5',
],
# What does your project relate to?
keywords='docker registry distribution harbor python sdk',
# You can just specify the packages manually here if your project is
# simple. Or you can use find_packages().
#packages=find_packages(exclude=['contrib', 'docs', 'tests']),
packages=['harborclient'],
# Alternatively, if you want to distribute just a my_module.py, uncomment
# this:
# py_modules=["my_module"],
# List run-time dependencies here. These will be installed by pip when
# your project is installed. For an analysis of "install_requires" vs pip's
# requirements files see:
# https://packaging.python.org/en/latest/requirements.html
#install_requires=['peppercorn'],
# List additional groups of dependencies here (e.g. development
# dependencies). You can install these using the following syntax,
# for example:
# $ pip install -e .[dev,test]
#extras_require={
# 'dev': ['check-manifest'],
# 'test': ['coverage'],
#},
# If there are data files included in your packages that need to be
# installed, specify them here. If using Python 2.6 or less, then these
# have to be included in MANIFEST.in as well.
#package_data={
# 'sample': ['package_data.dat'],
#},
# Although 'package_data' is the preferred approach, in some case you may
# need to place data files outside of your packages. See:
# http://docs.python.org/3.4/distutils/setupscript.html#installing-additional-files # noqa
# In this case, 'data_file' will be installed into '<sys.prefix>/my_data'
#data_files=[('my_data', ['data/data_file'])],
# To provide executable scripts, use entry points in preference to the
# "scripts" keyword. Entry points provide cross-platform support and allow
# pip to create the appropriate form of executable for the target platform.
#entry_points={
# 'console_scripts': [
# 'harbor=harborclient:main',
# ],
#},
)

View File

@ -0,0 +1,7 @@
#!/bin/sh
set -x
set -e
python setup.py install --record files.txt
cat files.txt | xargs rm -rf

View File

@ -94,6 +94,9 @@ func filterEvents(notification *models.Notification) ([]*models.Event, error) {
events := []*models.Event{}
for _, event := range notification.Events {
log.Debugf("receive an event: ID-%s, target-%s:%s, digest-%s, action-%s", event.ID, event.Target.Repository, event.Target.Tag,
event.Target.Digest, event.Action)
isManifest, err := regexp.MatchString(manifestPattern, event.Target.MediaType)
if err != nil {
log.Errorf("failed to match the media type against pattern: %v", err)
@ -107,12 +110,14 @@ func filterEvents(notification *models.Notification) ([]*models.Event, error) {
//pull and push manifest by docker-client
if strings.HasPrefix(event.Request.UserAgent, "docker") && (event.Action == "pull" || event.Action == "push") {
events = append(events, &event)
log.Debugf("add event to collect: %s", event.ID)
continue
}
//push manifest by docker-client or job-service
if strings.ToLower(strings.TrimSpace(event.Request.UserAgent)) == "harbor-registry-client" && event.Action == "push" {
events = append(events, &event)
log.Debugf("add event to collect: %s", event.ID)
continue
}
}

View File

@ -44,7 +44,7 @@
<td width="20%">//u.email//</td>
<td width="35%">//u.creation_time | dateL : 'YYYY-MM-DD HH:mm:ss'//</td>
<td width="15%">
<toggle-admin has-admin-role="u.has_admin_role == 1" user-id="//u.user_id//"></toggle-admin>
<toggle-admin has-admin-role="u.has_admin_role" user-id="//u.user_id//"></toggle-admin>
</td>
<td width="20%">
&nbsp;&nbsp;<a href="javascript:void(0)" ng-click="vm.confirmToDelete(u.user_id, u.username)"><span class="glyphicon glyphicon-trash"></span></a>

View File

@ -25,7 +25,7 @@
function ToggleAdminController($scope, ToggleAdminService, $filter, trFilter) {
var vm = this;
vm.isAdmin = (vm.hasAdminRole === 1) ? true : false;
vm.isAdmin = (vm.hasAdminRole === 1);
vm.enabled = vm.isAdmin ? 0 : 1;
vm.toggle = toggle;