fix: [AH-306c]: fix anonymous flow (#2573)

* lint fixes
* fix: [AH-306]: fix anonymous flow - address review comments
* fix: [AH-306c]: fix anonymous flow - address review comments
* fix: [AH-306c]: fix anonymous flow
* fix: [AH-306c]: fix anonymous flow
* fix: [AH-306c]: fix anonymous flow

registry/app/api/controller/metadata/base.go

@@ -315,9 +315,13 @@ func CreateUpstreamProxyResponseJSONResponse(upstreamproxy *types.UpstreamProxy)
 	if api.AuthType(upstreamproxy.RepoAuthType) == api.AuthTypeUserPassword {
 		auth := api.UserPassword{}
 		auth.UserName = upstreamproxy.UserName
-		// FIXME: Mask this password.
+		auth.SecretIdentifier = &upstreamproxy.SecretIdentifier.String
-		auth.SecretIdentifier = &upstreamproxy.SecretIdentifier
+		auth.SecretSpaceId = nil
-		auth.SecretSpaceId = &upstreamproxy.SecretSpaceID
+		if upstreamproxy.SecretSpaceID.Valid {
+			// Convert int32 to int and assign to the expected field
+			secretSpaceID := int(upstreamproxy.SecretSpaceID.Int32)
+			auth.SecretSpaceId = &secretSpaceID
+		}
 		_ = configAuth.FromUserPassword(auth)
 	}
 

registry/app/api/controller/metadata/utils.go

@@ -156,11 +156,12 @@ func ValidateIdentifier(identifier string) error {
 }
 
 func ValidateUpstream(config *api.RegistryConfig) error {
-	if !commons.IsEmpty(config.Type) && config.Type == api.RegistryTypeUPSTREAM {
 	upstreamConfig, err := config.AsUpstreamConfig()
 	if err != nil {
 		return err
 	}
+	if !commons.IsEmpty(config.Type) && config.Type == api.RegistryTypeUPSTREAM &&
+		*upstreamConfig.Source != api.UpstreamConfigSourceDockerhub {
 		if commons.IsEmpty(upstreamConfig.Url) {
 			return errors.New("URL is required for upstream repository")
 		}

registry/app/remote/adapter/native/adapter.go

@@ -71,7 +71,16 @@ func getPwd(
 ) string {
 	password := ""
 	if api.AuthType(reg.RepoAuthType) == api.AuthTypeUserPassword {
-		secret, err := secretStore.FindByIdentifier(ctx, int64(reg.SecretSpaceID), reg.SecretIdentifier)
+		secretSpaceID := int64(0)
+		if reg.SecretSpaceID.Valid {
+			secretSpaceID = int64(reg.SecretSpaceID.Int32)
+		}
+
+		secretIdentifier := ""
+		if reg.SecretIdentifier.Valid {
+			secretIdentifier = reg.SecretIdentifier.String
+		}
+		secret, err := secretStore.FindByIdentifier(ctx, secretSpaceID, secretIdentifier)
 		if err != nil {
 			log.Error().Msgf("failed to find secret: %v", err)
 		}

registry/app/store/database/artifact.go

@@ -286,7 +286,7 @@ func (a ArtifactDao) mapToInternalArtifact(ctx context.Context, in *types.Artifa
 		ID:         in.ID,
 		Name:       in.Name,
 		RegistryID: in.RegistryID,
-		Labels:     getEmptySQLString(util.ArrToString(in.Labels)),
+		Labels:     util.GetEmptySQLString(util.ArrToString(in.Labels)),
 		Enabled:    in.Enabled,
 		CreatedAt:  in.CreatedAt.UnixMilli(),
 		UpdatedAt:  in.UpdatedAt.UnixMilli(),

registry/app/store/database/registry.go

@@ -376,13 +376,13 @@ func mapToInternalRegistry(ctx context.Context, in *types.Registry) *registryDB
 		Name:            in.Name,
 		ParentID:        in.ParentID,
 		RootParentID:    in.RootParentID,
-		Description:     getEmptySQLString(in.Description),
+		Description:     util.GetEmptySQLString(in.Description),
 		Type:            in.Type,
 		PackageType:     in.PackageType,
-		UpstreamProxies: getEmptySQLString(util.Int64ArrToString(in.UpstreamProxies)),
+		UpstreamProxies: util.GetEmptySQLString(util.Int64ArrToString(in.UpstreamProxies)),
-		AllowedPattern:  getEmptySQLString(util.ArrToString(in.AllowedPattern)),
+		AllowedPattern:  util.GetEmptySQLString(util.ArrToString(in.AllowedPattern)),
-		BlockedPattern:  getEmptySQLString(util.ArrToString(in.BlockedPattern)),
+		BlockedPattern:  util.GetEmptySQLString(util.ArrToString(in.BlockedPattern)),
-		Labels:          getEmptySQLString(util.ArrToString(in.Labels)),
+		Labels:          util.GetEmptySQLString(util.ArrToString(in.Labels)),
 		CreatedAt:       in.CreatedAt.UnixMilli(),
 		UpdatedAt:       in.UpdatedAt.UnixMilli(),
 		CreatedBy:       in.CreatedBy,
@@ -390,13 +390,6 @@ func mapToInternalRegistry(ctx context.Context, in *types.Registry) *registryDB
 	}
 }
 
-func getEmptySQLString(str string) sql.NullString {
-	if commons.IsEmpty(str) {
-		return sql.NullString{String: str, Valid: false}
-	}
-	return sql.NullString{String: str, Valid: true}
-}
-
 func (r registryDao) Delete(ctx context.Context, parentID int64, name string) (err error) {
 	stmt := databaseg.Builder.Delete("registries").
 		Where("registry_parent_id = ? AND registry_name = ?", parentID, name)

registry/app/store/database/tag.go

@@ -374,7 +374,7 @@ func (t tagDao) GetAllArtifactsByParentID(
 
 	if len(labels) > 0 {
 		sort.Strings(labels)
-		labelsVal := getEmptySQLString(util.ArrToString(labels))
+		labelsVal := util.GetEmptySQLString(util.ArrToString(labels))
 
 		labelsVal.String = labelSeparatorStart + labelsVal.String + labelSeparatorEnd
 		q = q.Where("'^_' || ar.artifact_labels || '^_' LIKE ?", labelsVal)
@@ -430,7 +430,7 @@ func (t tagDao) CountAllArtifactsByParentID(
 
 	if len(labels) > 0 {
 		sort.Strings(labels)
-		labelsVal := getEmptySQLString(util.ArrToString(labels))
+		labelsVal := util.GetEmptySQLString(util.ArrToString(labels))
 		labelsVal.String = labelSeparatorStart + labelsVal.String + labelSeparatorEnd
 		q = q.Where("'^_' || ar.artifact_labels || '^_' LIKE ?", labelsVal)
 	}
@@ -645,7 +645,7 @@ func (t tagDao) GetAllArtifactsByRepo(
 
 	if len(labels) > 0 {
 		sort.Strings(labels)
-		labelsVal := getEmptySQLString(util.ArrToString(labels))
+		labelsVal := util.GetEmptySQLString(util.ArrToString(labels))
 		labelsVal.String = labelSeparatorStart + labelsVal.String + labelSeparatorEnd
 		q = q.Where("'^_' || ar.artifact_labels || '^_' LIKE ?", labelsVal)
 	}
@@ -691,7 +691,7 @@ func (t tagDao) CountAllArtifactsByRepo(
 
 	if len(labels) > 0 {
 		sort.Strings(labels)
-		labelsVal := getEmptySQLString(util.ArrToString(labels))
+		labelsVal := util.GetEmptySQLString(util.ArrToString(labels))
 		labelsVal.String = labelSeparatorStart + labelsVal.String + labelSeparatorEnd
 		q = q.Where("'^_' || ar.artifact_labels || '^_' LIKE ?", labelsVal)
 	}

registry/app/store/database/upstream_proxy.go

@@ -54,8 +54,8 @@ type upstreamProxyConfigDB struct {
 	URL              string         `db:"upstream_proxy_config_url"`
 	AuthType         string         `db:"upstream_proxy_config_auth_type"`
 	UserName         string         `db:"upstream_proxy_config_user_name"`
-	SecretIdentifier string `db:"upstream_proxy_config_secret_identifier"`
+	SecretIdentifier sql.NullString `db:"upstream_proxy_config_secret_identifier"`
-	SecretSpaceID    int    `db:"upstream_proxy_config_secret_space_id"`
+	SecretSpaceID    sql.NullInt32  `db:"upstream_proxy_config_secret_space_id"`
 	Token            string         `db:"upstream_proxy_config_token"`
 	CreatedAt        int64          `db:"upstream_proxy_config_created_at"`
 	UpdatedAt        int64          `db:"upstream_proxy_config_updated_at"`
@@ -75,8 +75,8 @@ type upstreamProxyDB struct {
 	RepoURL          string               `db:"repo_url"`
 	RepoAuthType     string               `db:"repo_auth_type"`
 	UserName         string               `db:"user_name"`
-	SecretIdentifier string               `db:"secret_identifier"`
+	SecretIdentifier sql.NullString       `db:"secret_identifier"`
-	SecretSpaceID    int                  `db:"secret_space_id"`
+	SecretSpaceID    sql.NullInt32        `db:"secret_space_id"`
 	Token            string               `db:"token"`
 	CreatedAt        int64                `db:"created_at"`
 	UpdatedAt        int64                `db:"updated_at"`
@@ -360,8 +360,8 @@ func (r UpstreamproxyDao) mapToInternalUpstreamProxy(
 		URL:              in.URL,
 		AuthType:         in.AuthType,
 		UserName:         in.UserName,
-		SecretIdentifier: in.SecretIdentifier,
+		SecretIdentifier: util.GetEmptySQLString(in.SecretIdentifier),
-		SecretSpaceID:    in.SecretSpaceID,
+		SecretSpaceID:    util.GetEmptySQLInt32(in.SecretSpaceID),
 		Token:            in.Token,
 		CreatedAt:        in.CreatedAt.UnixMilli(),
 		UpdatedAt:        in.UpdatedAt.UnixMilli(),

registry/app/store/database/util/utils.go

@@ -0,0 +1,35 @@
+//  Copyright 2023 Harness, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package util
+
+import (
+	"database/sql"
+
+	"github.com/harness/gitness/registry/app/pkg/commons"
+)
+
+func GetEmptySQLString(str string) sql.NullString {
+	if commons.IsEmpty(str) {
+		return sql.NullString{String: str, Valid: false}
+	}
+	return sql.NullString{String: str, Valid: true}
+}
+
+func GetEmptySQLInt32(i int) sql.NullInt32 {
+	if i == 0 {
+		return sql.NullInt32{Int32: int32(i), Valid: false}
+	}
+	return sql.NullInt32{Int32: int32(i), Valid: true}
+}

registry/types/upstream_proxy_config.go

@@ -15,6 +15,7 @@
 package types
 
 import (
+	"database/sql"
 	"time"
 
 	"github.com/harness/gitness/registry/app/api/openapi/contracts/artifact"
@@ -50,8 +51,8 @@ type UpstreamProxy struct {
 	RepoURL          string
 	RepoAuthType     string
 	UserName         string
-	SecretIdentifier string
+	SecretIdentifier sql.NullString
-	SecretSpaceID    int
+	SecretSpaceID    sql.NullInt32
 	Token            string
 	CreatedAt        time.Time
 	UpdatedAt        time.Time