From 371929499ab5b1332bdd44738377b6fc8a0c7afe Mon Sep 17 00:00:00 2001 From: wy65701436 Date: Wed, 8 Mar 2017 00:12:13 -0800 Subject: [PATCH 1/4] to support nortary --- Makefile | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/Makefile b/Makefile index 19de0b46e..72043a3eb 100644 --- a/Makefile +++ b/Makefile @@ -232,7 +232,7 @@ compile:check_environment $(COMPILETAG) prepare: @echo "preparing..." - @if [ "$(NOTARYFLAG)" = "true" ] ; then \ + @if [ "$(NORTARYFLAG)" = "true" ] ; then \ $(MAKEPATH)/$(PREPARECMD) --conf $(CONFIGPATH)/$(CONFIGFILE) --with-notary; \ else \ $(MAKEPATH)/$(PREPARECMD) --conf $(CONFIGPATH)/$(CONFIGFILE) ; \ @@ -286,7 +286,7 @@ package_offline: compile build modify_composefile @echo "pulling nginx and registry..." @$(DOCKERPULL) registry:2.5.1 @$(DOCKERPULL) nginx:1.11.5 - @if [ "$(NOTARYFLAG)" = "true" ] ; then \ + @if [ "$(NORTARYFLAG)" = "true" ] ; then \ echo "pulling notary and mariadb..."; \ $(DOCKERPULL) jiangd/notary:server-0.5.0-fix; \ $(DOCKERPULL) notary:signer-0.5.0; \ @@ -294,7 +294,7 @@ package_offline: compile build modify_composefile fi @echo "saving harbor docker image" - @if [ "$(NOTARYFLAG)" = "true" ] ; then \ + @if [ "$(NORTARYFLAG)" = "true" ] ; then \ $(DOCKERSAVE) -o $(HARBORPKG)/$(DOCKERIMGFILE).$(VERSIONTAG).tgz \ $(DOCKERIMAGENAME_ADMINSERVER):$(VERSIONTAG) \ $(DOCKERIMAGENAME_UI):$(VERSIONTAG) \ @@ -345,7 +345,7 @@ pushimage: start: @echo "loading harbor images..." - @if [ "$(NOTARYFLAG)" = "true" ] ; then \ + @if [ "$(NORTARYFLAG)" = "true" ] ; then \ $(DOCKERCOMPOSECMD) -f $(DOCKERCOMPOSEFILEPATH)/$(DOCKERCOMPOSEFILENAME) -f $(DOCKERCOMPOSEFILEPATH)/$(DOCKERCOMPOSENOTARYFILENAME) up -d ; \ else \ $(DOCKERCOMPOSECMD) -f $(DOCKERCOMPOSEFILEPATH)/$(DOCKERCOMPOSEFILENAME) up -d ; \ @@ -354,7 +354,7 @@ start: down: @echo "stoping harbor instance..." - @if [ "$(NOTARYFLAG)" = "true" ] ; then \ + @if [ "$(NORTARYFLAG)" = "true" ] ; then \ $(DOCKERCOMPOSECMD) -f $(DOCKERCOMPOSEFILEPATH)/$(DOCKERCOMPOSEFILENAME) -f $(DOCKERCOMPOSEFILEPATH)/$(DOCKERCOMPOSENOTARYFILENAME) down ; \ else \ $(DOCKERCOMPOSECMD) -f $(DOCKERCOMPOSEFILEPATH)/$(DOCKERCOMPOSEFILENAME) down ; \ From f50b5bbbaab07667a8064fd40936083b48a26fc9 Mon Sep 17 00:00:00 2001 From: wy65701436 Date: Wed, 8 Mar 2017 00:30:59 -0800 Subject: [PATCH 2/4] modify nortary => notary --- Makefile | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/Makefile b/Makefile index 72043a3eb..9d1bf881b 100644 --- a/Makefile +++ b/Makefile @@ -78,7 +78,7 @@ COMPILETAG=compile_normal REGISTRYSERVER= REGISTRYPROJECTNAME=vmware DEVFLAG=true -NORTARYFLAG=false +NOTARYFLAG=false #clarity parameters CLARITYIMAGE=danieljt/harbor-clarity-base[:tag] @@ -232,7 +232,7 @@ compile:check_environment $(COMPILETAG) prepare: @echo "preparing..." - @if [ "$(NORTARYFLAG)" = "true" ] ; then \ + @if [ "$(NOTARYFLAG)" = "true" ] ; then \ $(MAKEPATH)/$(PREPARECMD) --conf $(CONFIGPATH)/$(CONFIGFILE) --with-notary; \ else \ $(MAKEPATH)/$(PREPARECMD) --conf $(CONFIGPATH)/$(CONFIGFILE) ; \ @@ -286,7 +286,7 @@ package_offline: compile build modify_composefile @echo "pulling nginx and registry..." @$(DOCKERPULL) registry:2.5.1 @$(DOCKERPULL) nginx:1.11.5 - @if [ "$(NORTARYFLAG)" = "true" ] ; then \ + @if [ "$(NOTARYFLAG)" = "true" ] ; then \ echo "pulling notary and mariadb..."; \ $(DOCKERPULL) jiangd/notary:server-0.5.0-fix; \ $(DOCKERPULL) notary:signer-0.5.0; \ @@ -294,7 +294,7 @@ package_offline: compile build modify_composefile fi @echo "saving harbor docker image" - @if [ "$(NORTARYFLAG)" = "true" ] ; then \ + @if [ "$(NOTARYFLAG)" = "true" ] ; then \ $(DOCKERSAVE) -o $(HARBORPKG)/$(DOCKERIMGFILE).$(VERSIONTAG).tgz \ $(DOCKERIMAGENAME_ADMINSERVER):$(VERSIONTAG) \ $(DOCKERIMAGENAME_UI):$(VERSIONTAG) \ @@ -345,7 +345,7 @@ pushimage: start: @echo "loading harbor images..." - @if [ "$(NORTARYFLAG)" = "true" ] ; then \ + @if [ "$(NOTARYFLAG)" = "true" ] ; then \ $(DOCKERCOMPOSECMD) -f $(DOCKERCOMPOSEFILEPATH)/$(DOCKERCOMPOSEFILENAME) -f $(DOCKERCOMPOSEFILEPATH)/$(DOCKERCOMPOSENOTARYFILENAME) up -d ; \ else \ $(DOCKERCOMPOSECMD) -f $(DOCKERCOMPOSEFILEPATH)/$(DOCKERCOMPOSEFILENAME) up -d ; \ @@ -354,7 +354,7 @@ start: down: @echo "stoping harbor instance..." - @if [ "$(NORTARYFLAG)" = "true" ] ; then \ + @if [ "$(NOTARYFLAG)" = "true" ] ; then \ $(DOCKERCOMPOSECMD) -f $(DOCKERCOMPOSEFILEPATH)/$(DOCKERCOMPOSEFILENAME) -f $(DOCKERCOMPOSEFILEPATH)/$(DOCKERCOMPOSENOTARYFILENAME) down ; \ else \ $(DOCKERCOMPOSECMD) -f $(DOCKERCOMPOSEFILEPATH)/$(DOCKERCOMPOSEFILENAME) down ; \ From 481ba06003f31bf44c6263003079f326690aae93 Mon Sep 17 00:00:00 2001 From: wy65701436 Date: Thu, 9 Mar 2017 03:02:44 -0800 Subject: [PATCH 3/4] support notary --- Makefile | 17 +++++++++++++++- make/install.sh | 53 ++++++++++++++++++++++++++++++++++++++++++------- 2 files changed, 62 insertions(+), 8 deletions(-) diff --git a/Makefile b/Makefile index 9d1bf881b..a17da89a6 100644 --- a/Makefile +++ b/Makefile @@ -209,7 +209,7 @@ compile_clarity: @$(DOCKERCMD) run --rm -v $(UIPATH)/static/new-ui:$(CLARITYSEEDPATH)/dist -v $(UINGPATH)/src:$(CLARITYSEEDPATH)/src -v $(UINGPATH)/src/app:$(CLARITYSEEDPATH)/src/app $(CLARITYIMAGE) $(SHELL) $(CLARITYBUILDSCRIPT) @echo "Done." -compile_normal: compile_clarity, compile_adminserver compile_ui compile_jobservice +compile_normal: compile_clarity compile_adminserver compile_ui compile_jobservice compile_golangimage: compile_clarity @echo "compiling binary for adminserver (golang image)..." @@ -313,6 +313,16 @@ package_offline: compile build modify_composefile nginx:1.11.5 registry:2.5.1 photon:1.0 ; \ fi + @$(TARCMD) -zcvf harbor-offline-installer-$(VERSIONTAG).tgz \ + --exclude=$(HARBORPKG)/common/db --exclude=$(HARBORPKG)/common/config\ + --exclude=$(HARBORPKG)/common/log --exclude=$(HARBORPKG)/ubuntu \ + --exclude=$(HARBORPKG)/photon --exclude=$(HARBORPKG)/kubernetes \ + --exclude=$(HARBORPKG)/dev --exclude=$(DOCKERCOMPOSETPLFILENAME) \ + --exclude=$(HARBORPKG)/checkenv.sh \ + --exclude=$(HARBORPKG)/jsminify.sh \ + --exclude=$(HARBORPKG)/pushimage.sh \ + $(HARBORPKG) + @rm -rf $(HARBORPKG) @echo "Done." @@ -353,6 +363,11 @@ start: @echo "Start complete. You can visit harbor now." down: + @echo "Please make sure to set -e NOTARYFLAG=true if you are using Notary in Harbor, otherwise the Notary containers cannot be stop automaticlly." + @while [ -z "$$CONTINUE" ]; do \ + read -r -p "Type anything but Y or y to exit. [Y/N]: " CONTINUE; \ + done ; \ + [ $$CONTINUE = "y" ] || [ $$CONTINUE = "Y" ] || (echo "Exiting."; exit 1;) @echo "stoping harbor instance..." @if [ "$(NOTARYFLAG)" = "true" ] ; then \ $(DOCKERCOMPOSECMD) -f $(DOCKERCOMPOSEFILEPATH)/$(DOCKERCOMPOSEFILENAME) -f $(DOCKERCOMPOSEFILEPATH)/$(DOCKERCOMPOSENOTARYFILENAME) down ; \ diff --git a/make/install.sh b/make/install.sh index f4f7592a3..e10b36a02 100755 --- a/make/install.sh +++ b/make/install.sh @@ -49,14 +49,20 @@ note() { printf "\n${underline}${bold}${blue}Note:${reset} ${blue}%s${reset}\n" set -e set +o noglob -usage=$'Please set hostname and other necessary attributes in harbor.cfg first. DO NOT use localhost or 127.0.0.1 for hostname, because Harbor needs to be accessed by external clients.' +usage=$'Please set hostname and other necessary attributes in harbor.cfg first. DO NOT use localhost or 127.0.0.1 for hostname, because Harbor needs to be accessed by external clients. +Please set --with-notary if needs enable Notary in Harbor, and set ui_url_protocol in harbor.cfg to https bacause notary must run under https.' item=0 +# notary is not enabled by default +with_notary=$false + while [ $# -gt 0 ]; do case $1 in --help) note "$usage" exit 0;; + --with-notary) + with_notary=true;; *) note "$usage" exit 1;; @@ -74,6 +80,20 @@ then exit 1 fi +# The ui_url_protocol in harbor.cfg has not been modified to https in notary mode +if [ $with_notary ] +then + if [[ $(cat ./harbor.cfg) =~ ui_url_protocol[[:blank:]]*=[[:blank:]]*(https?) ]] + then + protocol=${BASH_REMATCH[1]} + if [ "$protocol" != "https" ] + then + warn "$usage" + exit 1 + fi + fi +fi + function check_docker { if ! docker --version &> /dev/null then @@ -146,19 +166,38 @@ if [ -n "$host" ] then sed "s/^hostname = .*/hostname = $host/g" -i ./harbor.cfg fi -./prepare +if [ $with_notary ] +then + ./prepare --with-notary +else + ./prepare +fi echo "" h2 "[Step $item]: checking existing instance of Harbor ..."; let item+=1 -if [ -n "$(docker-compose -f docker-compose*.yml ps -q)" ] -then - note "stopping existing Harbor instance ..." - docker-compose -f docker-compose*.yml down +if [ $with_notary ] +then + if [ -n "$(docker-compose -f docker-compose.yml -f docker-compose.notary.yml ps -q)" ] + then + note "stopping existing Harbor instance ..." + docker-compose -f docker-compose.yml -f docker-compose.notary.yml down + fi +else + if [ -n "$(docker-compose -f docker-compose.yml ps -q)" ] + then + note "stopping existing Harbor instance ..." + docker-compose -f docker-compose.yml down + fi fi echo "" h2 "[Step $item]: starting Harbor ..." -docker-compose -f docker-compose*.yml up -d +if [ $with_notary ] +then + docker-compose -f docker-compose.yml -f docker-compose.notary.yml up -d +else + docker-compose -f docker-compose.yml up -d +fi protocol=http hostname=reg.mydomain.com From fd5a2824b6fb62c21daedff4bc92561d5bbb207a Mon Sep 17 00:00:00 2001 From: wy65701436 Date: Fri, 10 Mar 2017 02:57:10 -0800 Subject: [PATCH 4/4] update per review. --- Makefile | 51 ++++++++++++++++++++++++++++++------------------- make/install.sh | 16 +--------------- 2 files changed, 32 insertions(+), 35 deletions(-) diff --git a/Makefile b/Makefile index a17da89a6..40d08b568 100644 --- a/Makefile +++ b/Makefile @@ -264,18 +264,24 @@ package_online: modify_composefile fi @cp LICENSE $(HARBORPKG)/LICENSE @cp NOTICE $(HARBORPKG)/NOTICE - @$(TARCMD) -zcvf harbor-online-installer-$(VERSIONTAG).tgz \ - --exclude=$(HARBORPKG)/common/db --exclude=$(HARBORPKG)/common/config\ - --exclude=$(HARBORPKG)/photon --exclude=$(HARBORPKG)/kubernetes \ - --exclude=$(HARBORPKG)/dev --exclude=$(DOCKERCOMPOSETPLFILENAME) \ - --exclude=$(HARBORPKG)/checkenv.sh \ - --exclude=$(HARBORPKG)/jsminify.sh \ - --exclude=$(HARBORPKG)/pushimage.sh \ - $(HARBORPKG) - + + @if [ "$(NOTARYFLAG)" = "true" ] ; then \ + $(TARCMD) -zcvf harbor-online-installer-$(VERSIONTAG).tgz \ + $(HARBORPKG)/common/templates $(HARBORPKG)/prepare \ + $(HARBORPKG)/LICENSE $(HARBORPKG)/NOTICE \ + $(HARBORPKG)/install.sh $(HARBORPKG)/$(DOCKERCOMPOSEFILENAME) \ + $(HARBORPKG)/harbor.cfg $(HARBORPKG)/$(DOCKERCOMPOSENOTARYFILENAME); \ + else \ + $(TARCMD) -zcvf harbor-online-installer-$(VERSIONTAG).tgz \ + $(HARBORPKG)/common/templates $(HARBORPKG)/prepare \ + $(HARBORPKG)/LICENSE $(HARBORPKG)/NOTICE \ + $(HARBORPKG)/install.sh $(HARBORPKG)/$(DOCKERCOMPOSEFILENAME) \ + $(HARBORPKG)/harbor.cfg ; \ + fi + @rm -rf $(HARBORPKG) @echo "Done." - + package_offline: compile build modify_composefile @echo "packing offline package ..." @cp -r make $(HARBORPKG) @@ -313,16 +319,21 @@ package_offline: compile build modify_composefile nginx:1.11.5 registry:2.5.1 photon:1.0 ; \ fi - @$(TARCMD) -zcvf harbor-offline-installer-$(VERSIONTAG).tgz \ - --exclude=$(HARBORPKG)/common/db --exclude=$(HARBORPKG)/common/config\ - --exclude=$(HARBORPKG)/common/log --exclude=$(HARBORPKG)/ubuntu \ - --exclude=$(HARBORPKG)/photon --exclude=$(HARBORPKG)/kubernetes \ - --exclude=$(HARBORPKG)/dev --exclude=$(DOCKERCOMPOSETPLFILENAME) \ - --exclude=$(HARBORPKG)/checkenv.sh \ - --exclude=$(HARBORPKG)/jsminify.sh \ - --exclude=$(HARBORPKG)/pushimage.sh \ - $(HARBORPKG) - + @if [ "$(NOTARYFLAG)" = "true" ] ; then \ + $(TARCMD) -zcvf harbor-offline-installer-$(VERSIONTAG).tgz \ + $(HARBORPKG)/common/templates $(HARBORPKG)/$(DOCKERIMGFILE).$(VERSIONTAG).tgz \ + $(HARBORPKG)/prepare $(HARBORPKG)/NOTICE \ + $(HARBORPKG)/LICENSE $(HARBORPKG)/install.sh \ + $(HARBORPKG)/harbor.cfg $(HARBORPKG)/$(DOCKERCOMPOSEFILENAME) ; \ + else \ + $(TARCMD) -zcvf harbor-offline-installer-$(VERSIONTAG).tgz \ + $(HARBORPKG)/common/templates $(HARBORPKG)/$(DOCKERIMGFILE).$(VERSIONTAG).tgz \ + $(HARBORPKG)/prepare $(HARBORPKG)/NOTICE \ + $(HARBORPKG)/LICENSE $(HARBORPKG)/install.sh \ + $(HARBORPKG)/harbor.cfg $(HARBORPKG)/$(DOCKERCOMPOSEFILENAME) \ + $(HARBORPKG)/$(DOCKERCOMPOSENOTARYFILENAME) ; \ + fi + @rm -rf $(HARBORPKG) @echo "Done." diff --git a/make/install.sh b/make/install.sh index e10b36a02..54c2b10be 100755 --- a/make/install.sh +++ b/make/install.sh @@ -50,7 +50,7 @@ set -e set +o noglob usage=$'Please set hostname and other necessary attributes in harbor.cfg first. DO NOT use localhost or 127.0.0.1 for hostname, because Harbor needs to be accessed by external clients. -Please set --with-notary if needs enable Notary in Harbor, and set ui_url_protocol in harbor.cfg to https bacause notary must run under https.' +Please set --with-notary if needs enable Notary in Harbor, and set ui_url_protocol/ssl_cert/ssl_cert_key in harbor.cfg bacause notary must run under https.' item=0 # notary is not enabled by default @@ -80,20 +80,6 @@ then exit 1 fi -# The ui_url_protocol in harbor.cfg has not been modified to https in notary mode -if [ $with_notary ] -then - if [[ $(cat ./harbor.cfg) =~ ui_url_protocol[[:blank:]]*=[[:blank:]]*(https?) ]] - then - protocol=${BASH_REMATCH[1]} - if [ "$protocol" != "https" ] - then - warn "$usage" - exit 1 - fi - fi -fi - function check_docker { if ! docker --version &> /dev/null then