mirror of https://github.com/harness/drone.git
[AH-310]: Updated secret flows so removing foreign key constraints (#2618)
* [AH-310]: Updated secret flows * [AH-310]: Updated secret flows so removing foreign key constraintsCODE-2402
Arvind Choudhary
Harness
parent
77b01718bd
commit
ea3c2eda13
|
|
@ -0,0 +1,4 @@
|
|||
alter table upstream_proxy_configs
|
||||
add constraint fk_layers_secret_identifier_and_secret_space_id
|
||||
foreign key (upstream_proxy_config_secret_identifier, upstream_proxy_config_secret_space_id)
|
||||
references secrets(secret_uid, secret_space_id)
|
||||
|
|
@ -0,0 +1,2 @@
|
|||
alter table upstream_proxy_configs
|
||||
drop constraint fk_layers_secret_identifier_and_secret_space_id;
|
||||
|
|
@ -0,0 +1,54 @@
|
|||
create table upstream_proxy_configs_dg_tmp
|
||||
(
|
||||
upstream_proxy_config_id INTEGER
|
||||
primary key autoincrement,
|
||||
upstream_proxy_config_registry_id INTEGER not null
|
||||
constraint fk_upstream_proxy_config_registry_id
|
||||
references registries
|
||||
on delete cascade,
|
||||
upstream_proxy_config_source text,
|
||||
upstream_proxy_config_url text,
|
||||
upstream_proxy_config_auth_type text not null,
|
||||
upstream_proxy_config_user_name text,
|
||||
upstream_proxy_config_secret_identifier text,
|
||||
upstream_proxy_config_secret_space_id int,
|
||||
upstream_proxy_config_token text,
|
||||
upstream_proxy_config_created_at INTEGER,
|
||||
upstream_proxy_config_updated_at INTEGER,
|
||||
upstream_proxy_config_created_by INTEGER,
|
||||
upstream_proxy_config_updated_by INTEGER,
|
||||
constraint fk_layers_secret_identifier_and_secret_space_id
|
||||
foreign key (upstream_proxy_config_secret_identifier,
|
||||
upstream_proxy_config_secret_space_id) references secrets (secret_uid, secret_space_id)
|
||||
);
|
||||
|
||||
insert into upstream_proxy_configs_dg_tmp(upstream_proxy_config_id, upstream_proxy_config_registry_id,
|
||||
upstream_proxy_config_source, upstream_proxy_config_url,
|
||||
upstream_proxy_config_auth_type, upstream_proxy_config_user_name,
|
||||
upstream_proxy_config_secret_identifier,
|
||||
upstream_proxy_config_secret_space_id, upstream_proxy_config_token,
|
||||
upstream_proxy_config_created_at, upstream_proxy_config_updated_at,
|
||||
upstream_proxy_config_created_by, upstream_proxy_config_updated_by)
|
||||
select upstream_proxy_config_id,
|
||||
upstream_proxy_config_registry_id,
|
||||
upstream_proxy_config_source,
|
||||
upstream_proxy_config_url,
|
||||
upstream_proxy_config_auth_type,
|
||||
upstream_proxy_config_user_name,
|
||||
upstream_proxy_config_secret_identifier,
|
||||
upstream_proxy_config_secret_space_id,
|
||||
upstream_proxy_config_token,
|
||||
upstream_proxy_config_created_at,
|
||||
upstream_proxy_config_updated_at,
|
||||
upstream_proxy_config_created_by,
|
||||
upstream_proxy_config_updated_by
|
||||
from upstream_proxy_configs;
|
||||
|
||||
drop table upstream_proxy_configs;
|
||||
|
||||
alter table upstream_proxy_configs_dg_tmp
|
||||
rename to upstream_proxy_configs;
|
||||
|
||||
create index index_upstream_proxy_config_on_registry_id
|
||||
on upstream_proxy_configs (upstream_proxy_config_registry_id);
|
||||
|
||||
|
|
@ -0,0 +1,51 @@
|
|||
create table upstream_proxy_configs_dg_tmp
|
||||
(
|
||||
upstream_proxy_config_id INTEGER
|
||||
primary key autoincrement,
|
||||
upstream_proxy_config_registry_id INTEGER not null
|
||||
constraint fk_upstream_proxy_config_registry_id
|
||||
references registries
|
||||
on delete cascade,
|
||||
upstream_proxy_config_source text,
|
||||
upstream_proxy_config_url text,
|
||||
upstream_proxy_config_auth_type text not null,
|
||||
upstream_proxy_config_user_name text,
|
||||
upstream_proxy_config_secret_identifier text,
|
||||
upstream_proxy_config_secret_space_id int,
|
||||
upstream_proxy_config_token text,
|
||||
upstream_proxy_config_created_at INTEGER,
|
||||
upstream_proxy_config_updated_at INTEGER,
|
||||
upstream_proxy_config_created_by INTEGER,
|
||||
upstream_proxy_config_updated_by INTEGER
|
||||
);
|
||||
|
||||
insert into upstream_proxy_configs_dg_tmp(upstream_proxy_config_id, upstream_proxy_config_registry_id,
|
||||
upstream_proxy_config_source, upstream_proxy_config_url,
|
||||
upstream_proxy_config_auth_type, upstream_proxy_config_user_name,
|
||||
upstream_proxy_config_secret_identifier,
|
||||
upstream_proxy_config_secret_space_id, upstream_proxy_config_token,
|
||||
upstream_proxy_config_created_at, upstream_proxy_config_updated_at,
|
||||
upstream_proxy_config_created_by, upstream_proxy_config_updated_by)
|
||||
select upstream_proxy_config_id,
|
||||
upstream_proxy_config_registry_id,
|
||||
upstream_proxy_config_source,
|
||||
upstream_proxy_config_url,
|
||||
upstream_proxy_config_auth_type,
|
||||
upstream_proxy_config_user_name,
|
||||
upstream_proxy_config_secret_identifier,
|
||||
upstream_proxy_config_secret_space_id,
|
||||
upstream_proxy_config_token,
|
||||
upstream_proxy_config_created_at,
|
||||
upstream_proxy_config_updated_at,
|
||||
upstream_proxy_config_created_by,
|
||||
upstream_proxy_config_updated_by
|
||||
from upstream_proxy_configs;
|
||||
|
||||
drop table upstream_proxy_configs;
|
||||
|
||||
alter table upstream_proxy_configs_dg_tmp
|
||||
rename to upstream_proxy_configs;
|
||||
|
||||
create index index_upstream_proxy_config_on_registry_id
|
||||
on upstream_proxy_configs (upstream_proxy_config_registry_id);
|
||||
|
||||
|
|
@ -435,7 +435,7 @@ func initSystem(ctx context.Context, config *types.Config) (*server.System, erro
|
|||
manifestService := docker.ManifestServiceProvider(registryRepository, manifestRepository, blobRepository, mediaTypesRepository, manifestReferenceRepository, tagRepository, artifactRepository, artifactStatRepository, layerRepository, gcService, transactor)
|
||||
registryBlobRepository := database2.ProvideRegistryBlobDao(db)
|
||||
localRegistry := docker.LocalRegistryProvider(app, manifestService, blobRepository, registryRepository, manifestRepository, registryBlobRepository, mediaTypesRepository, tagRepository, artifactRepository, artifactStatRepository, gcService, transactor)
|
||||
upstreamProxyConfigRepository := database2.ProvideUpstreamDao(db, registryRepository)
|
||||
upstreamProxyConfigRepository := database2.ProvideUpstreamDao(db, registryRepository, spacePathStore)
|
||||
secretService := secret3.ProvideSecretService(secretStore, encrypter, spacePathStore)
|
||||
remoteRegistry := docker.RemoteRegistryProvider(localRegistry, app, upstreamProxyConfigRepository, spacePathStore, secretService)
|
||||
coreController := pkg.CoreControllerProvider(registryRepository)
|
||||
|
|
@ -443,7 +443,7 @@ func initSystem(ctx context.Context, config *types.Config) (*server.System, erro
|
|||
handler := api2.NewHandlerProvider(dockerController, spaceStore, tokenStore, controller, authenticator, provider, authorizer)
|
||||
registryOCIHandler := router.OCIHandlerProvider(handler)
|
||||
cleanupPolicyRepository := database2.ProvideCleanupPolicyDao(db, transactor)
|
||||
apiHandler := router.APIHandlerProvider(registryRepository, upstreamProxyConfigRepository, tagRepository, manifestRepository, cleanupPolicyRepository, artifactRepository, storageDriver, spaceStore, transactor, authenticator, provider, authorizer, auditService)
|
||||
apiHandler := router.APIHandlerProvider(registryRepository, upstreamProxyConfigRepository, tagRepository, manifestRepository, cleanupPolicyRepository, artifactRepository, storageDriver, spaceStore, transactor, authenticator, provider, authorizer, auditService, spacePathStore)
|
||||
appRouter := router.AppRouterProvider(registryOCIHandler, apiHandler)
|
||||
routerRouter := router2.ProvideRouter(ctx, config, authenticator, repoController, reposettingsController, executionController, logsController, spaceController, pipelineController, secretController, triggerController, connectorController, templateController, pluginController, pullreqController, webhookController, githookController, gitInterface, serviceaccountController, controller, principalController, usergroupController, checkController, systemController, uploadController, keywordsearchController, infraproviderController, gitspaceController, migrateController, aiagentController, capabilitiesController, provider, openapiService, appRouter)
|
||||
serverServer := server2.ProvideServer(config, routerRouter)
|
||||
|
|
|
|||
|
|
@ -316,13 +316,10 @@ func CreateUpstreamProxyResponseJSONResponse(upstreamproxy *types.UpstreamProxy)
|
|||
if api.AuthType(upstreamproxy.RepoAuthType) == api.AuthTypeUserPassword {
|
||||
auth := api.UserPassword{}
|
||||
auth.UserName = upstreamproxy.UserName
|
||||
auth.SecretIdentifier = &upstreamproxy.SecretIdentifier.String
|
||||
auth.SecretSpaceId = nil
|
||||
if upstreamproxy.SecretSpaceID.Valid {
|
||||
// Convert int32 to int and assign to the expected field
|
||||
secretSpaceID := int(upstreamproxy.SecretSpaceID.Int32)
|
||||
auth.SecretSpaceId = &secretSpaceID
|
||||
}
|
||||
auth.SecretIdentifier = &upstreamproxy.SecretIdentifier
|
||||
secretSpaceIDInt := int(upstreamproxy.SecretSpaceID)
|
||||
auth.SecretSpaceId = &secretSpaceIDInt
|
||||
auth.SecretSpacePath = &upstreamproxy.SecretSpacePath
|
||||
_ = configAuth.FromUserPassword(auth)
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -38,6 +38,7 @@ type APIController struct {
|
|||
URLProvider urlprovider.Provider
|
||||
Authorizer authz.Authorizer
|
||||
AuditService audit.Service
|
||||
spacePathStore corestore.SpacePathStore
|
||||
}
|
||||
|
||||
func NewAPIController(
|
||||
|
|
@ -53,6 +54,7 @@ func NewAPIController(
|
|||
urlProvider urlprovider.Provider,
|
||||
authorizer authz.Authorizer,
|
||||
auditService audit.Service,
|
||||
spacePathStore corestore.SpacePathStore,
|
||||
) *APIController {
|
||||
return &APIController{
|
||||
RegistryRepository: repositoryStore,
|
||||
|
|
@ -67,5 +69,6 @@ func NewAPIController(
|
|||
URLProvider: urlProvider,
|
||||
Authorizer: authorizer,
|
||||
AuditService: auditService,
|
||||
spacePathStore: spacePathStore,
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -75,7 +75,8 @@ func (c *APIController) CreateRegistry(
|
|||
if registryRequest.Config.Type == artifact.RegistryTypeVIRTUAL {
|
||||
return c.createVirtualRegistry(ctx, registryRequest, regInfo, session, parentRef)
|
||||
}
|
||||
registry, upstreamproxy, err := CreateUpstreamProxyEntity(
|
||||
registry, upstreamproxy, err := c.CreateUpstreamProxyEntity(
|
||||
ctx,
|
||||
registryRequest,
|
||||
regInfo.parentID, regInfo.rootIdentifierID,
|
||||
)
|
||||
|
|
@ -254,10 +255,8 @@ func CreateRegistryEntity(
|
|||
return entity, nil
|
||||
}
|
||||
|
||||
func CreateUpstreamProxyEntity(
|
||||
dto artifact.RegistryRequest,
|
||||
parentID int64,
|
||||
rootParentID int64,
|
||||
func (c *APIController) CreateUpstreamProxyEntity(
|
||||
ctx context.Context, dto artifact.RegistryRequest, parentID int64, rootParentID int64,
|
||||
) (*registrytypes.Registry, *registrytypes.UpstreamProxyConfig, error) {
|
||||
allowedPattern := []string{}
|
||||
if dto.AllowedPattern != nil {
|
||||
|
|
@ -311,11 +310,32 @@ func CreateUpstreamProxyEntity(
|
|||
return nil, nil, err
|
||||
}
|
||||
upstreamProxyConfigEntity.UserName = res.UserName
|
||||
if res.SecretIdentifier == nil || res.SecretSpaceId == nil {
|
||||
return nil, nil, fmt.Errorf("failed to create upstream proxy: secret_identifier or secret_space_id missing")
|
||||
if res.SecretIdentifier == nil {
|
||||
return nil, nil, fmt.Errorf("failed to create upstream proxy: secret_identifier missing")
|
||||
}
|
||||
upstreamProxyConfigEntity.SecretIdentifier = *res.SecretIdentifier
|
||||
|
||||
upstreamProxyConfigEntity.SecretSpaceID, err = c.getSecretID(ctx, res.SecretSpaceId, res.SecretSpacePath)
|
||||
if err != nil {
|
||||
return nil, nil, err
|
||||
}
|
||||
|
||||
upstreamProxyConfigEntity.SecretSpaceID = *res.SecretSpaceId
|
||||
}
|
||||
return repoEntity, upstreamProxyConfigEntity, nil
|
||||
}
|
||||
|
||||
func (c *APIController) getSecretID(ctx context.Context, secretSpaceID *int, secretSpacePath *string) (int, error) {
|
||||
if secretSpaceID == nil && secretSpacePath == nil {
|
||||
return -1, fmt.Errorf("failed to create upstream proxy: secret space missing")
|
||||
}
|
||||
|
||||
if secretSpaceID != nil {
|
||||
return *secretSpaceID, nil
|
||||
}
|
||||
|
||||
path, err := c.spacePathStore.FindByPath(ctx, *secretSpacePath)
|
||||
if err != nil {
|
||||
return -1, fmt.Errorf("failed to get Space Path: %w", err)
|
||||
}
|
||||
return int(path.SpaceID), nil
|
||||
}
|
||||
|
|
|
|||
|
|
@ -89,7 +89,8 @@ func (c *APIController) ModifyRegistry(
|
|||
if err != nil {
|
||||
return throwModifyRegistry500Error(err), err
|
||||
}
|
||||
registry, upstreamproxy, err := UpdateUpstreamProxyEntity(
|
||||
registry, upstreamproxy, err := c.UpdateUpstreamProxyEntity(
|
||||
ctx,
|
||||
artifact.RegistryRequest(*r.Body),
|
||||
regInfo.parentID, regInfo.rootIdentifierID, upstreamproxyEntity,
|
||||
)
|
||||
|
|
@ -327,11 +328,8 @@ func UpdateRepoEntity(
|
|||
return entity, nil
|
||||
}
|
||||
|
||||
func UpdateUpstreamProxyEntity(
|
||||
dto artifact.RegistryRequest,
|
||||
parentID int64,
|
||||
rootParentID int64,
|
||||
u *types.UpstreamProxy,
|
||||
func (c *APIController) UpdateUpstreamProxyEntity(
|
||||
ctx context.Context, dto artifact.RegistryRequest, parentID int64, rootParentID int64, u *types.UpstreamProxy,
|
||||
) (*types.Registry, *types.UpstreamProxyConfig, error) {
|
||||
allowedPattern := []string{}
|
||||
if dto.AllowedPattern != nil {
|
||||
|
|
@ -387,7 +385,14 @@ func UpdateUpstreamProxyEntity(
|
|||
return nil, nil, err
|
||||
}
|
||||
upstreamProxyConfigEntity.UserName = res.UserName
|
||||
upstreamProxyConfigEntity.SecretIdentifier = *res.SecretIdentifier
|
||||
if res.SecretIdentifier == nil {
|
||||
return nil, nil, fmt.Errorf("failed to create upstream proxy: secret_identifier missing")
|
||||
}
|
||||
|
||||
upstreamProxyConfigEntity.SecretSpaceID, err = c.getSecretID(ctx, res.SecretSpaceId, res.SecretSpacePath)
|
||||
if err != nil {
|
||||
return nil, nil, err
|
||||
}
|
||||
upstreamProxyConfigEntity.SecretSpaceID = *res.SecretSpaceId
|
||||
} else {
|
||||
upstreamProxyConfigEntity.UserName = ""
|
||||
|
|
|
|||
|
|
@ -1465,6 +1465,8 @@ components:
|
|||
type: string
|
||||
secretSpaceId:
|
||||
type: integer
|
||||
secretSpacePath:
|
||||
type: string
|
||||
required:
|
||||
- userName
|
||||
- password
|
||||
|
|
|
|||
|
|
@ -3725,26 +3725,26 @@ var swaggerSpec = []string{
|
|||
"ip1hMnGdRvryKd6QZ4TVhS3RCXgP9WRSlAHVNIdY4vqgO5x8NK2Km5vHbEJRAUy9aLayuP2IqUdlpfKs",
|
||||
"EEKmGdP3o+/Ozy+nU+Sjt2dX13eTS+Sjy8nk48TIvjFjtDfAxe8FkWU1xmIX1cUtyX6Y3opwIYOR24S3",
|
||||
"UqrTN9/VhTzLr0tfcHLBYlVGJK6fKUgA+uVbcmNmUdwjH50XlGWJUXNOUa+SqAVSH/14tQKpVw84LjhB",
|
||||
"BRduHl0b7cJ4CAiwnto3STTNcQBXobnmqKBALNtfjfFUlNwFS7G45lfTlAEoUomby+t10QDaiwqZ+E9R",
|
||||
"OstUQX25Xl5eDGPPVV55ITxAzOWi5aQ1RgvGcjoejR4fH08WsulJlAkxIhZ3d3h2e6VtRYzR65PTk1OR",
|
||||
"IOaQ4jxCY/S7+ElO62K0I6K9weWZadvhvLxhpWJ0gkSX0gYcCSWJ/oan3e1ncdOaZGS40YgnnPXlOE82",
|
||||
"P1y5P6d9dUzj/pffTl/bOyrpRq3zN0sfvTk97W+oXeQgmjjwMhzReHP6u2s7dbLCR/9ykc90xlOcylDV",
|
||||
"DcrSup0ZnnMTIs2ZvvJGFW5Gz/r1Y0sJnxiYYbK8EL9rQPIiuduKg4An0MKd+f/z6AFS7zs8tYAmu1gb",
|
||||
"aMar1yTUVmDioE11GOknQMeb0zf9jaqDcJuDU8veNjz5aA7MdFUhK0hKa7iUpQ3DYfMO2CFg5mcMLfsC",
|
||||
"j834dgzlhQFDd+IYIX1R0BGv1k/bANDG57cjCDcKwjZ61pgSR2rtaVS/GBvj3XVEWXNnu51rtfbL6YYQ",
|
||||
"6fe20+5ydaQWq0MOtNo9pOuFVvuVEUd4W+FtApwG8LqyxxHfVB2rNML7HbDGycoT00S9ckbzbUY2HHf7",
|
||||
"sbh6a7NDA/1y1PXQa7538YhcK3LbWHoJbp/VX0stRHekE/1BWtLtKUy371lfK9sw3xb7EngfA/OgvGOT",
|
||||
"oVmD+Oaj9D6RfYznx3jeBfb66I4D3CVxN+DrMz57DeZrQ7JxMe8RlI6grOy+CViWi/Sj5/KP5UheEzrS",
|
||||
"zrtY8Wo+1klNqDWdEz3wcN26mt+hjf5hl/Xco/Oe36OPdKzxcnTeg2c9a6zcpUGwUa+pT1E6O011VLHH",
|
||||
"Z+ojjUeXMblM4/Lio6sMd5UKYrtwFf10mLOzaGfNetxFP5V2dJiuOaZ1JfHRdYa7jga3XToPXct7qLv7",
|
||||
"/HQTzgscon3F+9ET1veErc8jC4gTp9cU02l2owu0j8b/GvDvuMb/6AH9HmC5LUGBf+XxBqHvlEBZj+p3",
|
||||
"gv9nTZ5ejP5jLvRi/BsyoS14wKDl1Mb9kp3Lqo27K38FB+j5YtrRBdwWZtu3mG5wgba7WId6OI5F8VhT",
|
||||
"GsumWRyfNW8aOGikb7Hgp/ogryOx/ELwrkuJmh8TOTqlYzGRhu+h7ig/xfdKfIrvVd+LhioTPb++8kx3",
|
||||
"xXr3mELoZak68K4u3Ww5p+E22t375tAZaP3Zp+Pbj0eQ91Yl2+DWVR4qTrnQ0XP1ze1tV86Jk1prH8Y5",
|
||||
"1lj8yjUWHWAdmhP15kJ0NxiVRVQDcp/qYLBzm0nrPv9jquWaah1deGCOpbuvCPUdvrt6m5GD89azl817",
|
||||
"V4/Xbt99X+KPgxr9sp54PBk00BNXXKDtiuLIPO9AOkXzxaU61iBPfo9wHo0eXgv7lX217h27vRJ3Tahv",
|
||||
"5clv5PkrXzWUwpSHzzUBOYjMvc2B+auf1NR6qINNZwfVHczZrPnBa62z1n6Uc58rX67VemwscS6/Lv8X",
|
||||
"AAD//4u67HhmjgAA",
|
||||
"BRduHl0b7cJ4CAiwnto3STTNcQBXobnmSCOxrsgXFIhli6wx5oqSu2kpOrfOaiozAGkquXN5BS8aYHxR",
|
||||
"sRP/KUpnmSq6L9fUy8tj7PnMKy+EB4i5XLSc2MZowVhOx6PR4+PjyUI2PYkyIUbE4u4Oz26vtO2KMXp9",
|
||||
"cnpyKpLIHFKcR2iMfhc/yalfjHZEtLe8PDNtTZyXt7BUjE6Q6FLagKOlJNHfArX7/yyuXJOMDLce8aS0",
|
||||
"vkDnyearK3fstK+XadwR89vpa3tHJd2odUZn6aM3p6f9DbXLHkQTB16GYxxvTn93badOX/joXy7ymc6B",
|
||||
"ipMbqgJCWVq3M8NzbkKkOdNX3qjCzehZv6JsKeETAzNMqBfidw1IXiR3ZHEQ8CRbuDP/fx49QOp9h6cW",
|
||||
"0GQXawPNeD2bhNoKTBy0qQ4s/QToeHP6pr9RdVhuc3Bq2duGJx/NgZmuM2QFSWkNl7L8YThs3gE7BMz8",
|
||||
"jKFlX+CxGd+OobwwYOhOHDWkLwo64vX7aRsA2vj8dgThRkHYRs8aU+JIrU+N6pdnY7y7jihr7n63c63W",
|
||||
"njrdECL93nbafa+O1GIFyYFWu6t0vdBqv1biCG8rvE2A0wBeV/844puqo5dGeL8D1jh9eWKaqFfOcb7N",
|
||||
"yIbjbj8WV292dmigX6C6HnrNdzMekWtFbhtLL8Hts/prqYXojnSiP0hLuj2F6fZd7GtlG+YbZV8C72Ng",
|
||||
"HpR3bDI0axDffJTeJ7KP8fwYz7vAXh/vcYC7JO4GfH0OaK/BfG1INi7vPYLSEZSV3TcBy3KRfvRc/rEc",
|
||||
"yatER9qZGCtezUc/qQm1prOkBx6uW9f3O7TRP/6ynnt03gV89JGONV6OznvwrOeRlbs0CDbqNfVJS2en",
|
||||
"qY4z9vhMfezx6DIml2lccHx0leGuUkFsF66inyBzdhbtPFqPu+gn144O0zXHtK4tPrrOcNfR4LZL56Fr",
|
||||
"eQ91d5+fbsJ5gUO0r4E/esL6nrD1eWQBceL0mmI68W50gfbx+V8D/h1X/R89oN8DLDcqKPCvPN4g9J0S",
|
||||
"KOtx/k7w/6zJ04vRf8yFXox/Qya0BQ8YtJzauIOyc1m1cb/lr+AAPV9VO7qA28Js+6bTDS7QdhfrUA/H",
|
||||
"sSgea0pj2TSL47PmbQQHjfQtFvxUH+11JJZfEd51KVHzgyNHp3QsJtLwPdQd5ef6XonP9b3qe9FQZaLn",
|
||||
"11ee6T5Z7x5TCL0sVYfi1cWcLec03Fi7e98cOgOtP/t0fB/yCPLeqmQb3LrKQ8UpFzp6rr7Lve3KOXFU",
|
||||
"a+3DOMcai1+5xqIDrENzot5ciO4Go7KIakDuUx0edm4zad35f0y1XFOtowsPzLF09xWhvsN3V288cnDe",
|
||||
"evayee/q8drtu+9L/HFQo1/WE48ngwZ64ooLtF1RnJnnHUinaL64VMca5MnvEc6j0cNrYb+yr9bdZLdX",
|
||||
"4j4K9T09+R09f+XLh1KY8vC5JiAHkbm3OTB/9bObWg91sOnsoLqnOZs1P4qtddbaj3Luc+XrtlqPjSXO",
|
||||
"5dfl/wIAAP//tvNQvIqOAAA=",
|
||||
}
|
||||
|
||||
// GetSwagger returns the content of the embedded swagger specification file
|
||||
|
|
|
|||
|
|
@ -414,6 +414,7 @@ type UpstreamConfigSource string
|
|||
type UserPassword struct {
|
||||
SecretIdentifier *string `json:"secretIdentifier,omitempty"`
|
||||
SecretSpaceId *int `json:"secretSpaceId,omitempty"`
|
||||
SecretSpacePath *string `json:"secretSpacePath,omitempty"`
|
||||
UserName string `json:"userName"`
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -65,6 +65,7 @@ func NewAPIHandler(
|
|||
urlProvider urlprovider.Provider,
|
||||
authorizer authz.Authorizer,
|
||||
auditService audit.Service,
|
||||
spacePathStore corestore.SpacePathStore,
|
||||
) APIHandler {
|
||||
r := chi.NewRouter()
|
||||
r.Use(audit.Middleware())
|
||||
|
|
@ -83,6 +84,7 @@ func NewAPIHandler(
|
|||
urlProvider,
|
||||
authorizer,
|
||||
auditService,
|
||||
spacePathStore,
|
||||
)
|
||||
handler := artifact.NewStrictHandler(apiController, []artifact.StrictMiddlewareFunc{})
|
||||
muxHandler := artifact.HandlerFromMuxWithBaseURL(handler, r, baseURL)
|
||||
|
|
|
|||
|
|
@ -52,6 +52,7 @@ func APIHandlerProvider(
|
|||
urlProvider urlprovider.Provider,
|
||||
authorizer authz.Authorizer,
|
||||
auditService audit.Service,
|
||||
spacePathStore corestore.SpacePathStore,
|
||||
) harness.APIHandler {
|
||||
return harness.NewAPIHandler(
|
||||
repoDao,
|
||||
|
|
@ -68,6 +69,7 @@ func APIHandlerProvider(
|
|||
urlProvider,
|
||||
authorizer,
|
||||
auditService,
|
||||
spacePathStore,
|
||||
)
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -63,15 +63,8 @@ func getPwd(
|
|||
ctx context.Context, spacePathStore store.SpacePathStore, secretService secret.Service, reg types.UpstreamProxy,
|
||||
) string {
|
||||
if api.AuthType(reg.RepoAuthType) == api.AuthTypeUserPassword {
|
||||
secretSpaceID := int64(0)
|
||||
if reg.SecretSpaceID.Valid {
|
||||
secretSpaceID = int64(reg.SecretSpaceID.Int32)
|
||||
}
|
||||
|
||||
secretIdentifier := ""
|
||||
if reg.SecretIdentifier.Valid {
|
||||
secretIdentifier = reg.SecretIdentifier.String
|
||||
}
|
||||
secretSpaceID := reg.SecretSpaceID
|
||||
secretIdentifier := reg.SecretIdentifier
|
||||
|
||||
spacePath, err := spacePathStore.FindPrimaryBySpaceID(ctx, secretSpaceID)
|
||||
if err != nil {
|
||||
|
|
|
|||
|
|
@ -21,6 +21,7 @@ import (
|
|||
"time"
|
||||
|
||||
"github.com/harness/gitness/app/api/request"
|
||||
corestore "github.com/harness/gitness/app/store"
|
||||
"github.com/harness/gitness/registry/app/api/openapi/contracts/artifact"
|
||||
"github.com/harness/gitness/registry/app/store"
|
||||
"github.com/harness/gitness/registry/app/store/database/util"
|
||||
|
|
@ -35,14 +36,18 @@ import (
|
|||
)
|
||||
|
||||
type UpstreamproxyDao struct {
|
||||
registryDao store.RegistryRepository
|
||||
db *sqlx.DB
|
||||
registryDao store.RegistryRepository
|
||||
db *sqlx.DB
|
||||
spacePathStore corestore.SpacePathStore
|
||||
}
|
||||
|
||||
func NewUpstreamproxyDao(db *sqlx.DB, registryDao store.RegistryRepository) store.UpstreamProxyConfigRepository {
|
||||
func NewUpstreamproxyDao(
|
||||
db *sqlx.DB, registryDao store.RegistryRepository, spacePathStore corestore.SpacePathStore,
|
||||
) store.UpstreamProxyConfigRepository {
|
||||
return &UpstreamproxyDao{
|
||||
registryDao: registryDao,
|
||||
db: db,
|
||||
registryDao: registryDao,
|
||||
db: db,
|
||||
spacePathStore: spacePathStore,
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -150,7 +155,8 @@ func (r UpstreamproxyDao) GetByRegistryIdentifier(
|
|||
}
|
||||
|
||||
func (r UpstreamproxyDao) GetByParentID(ctx context.Context, parentID string) (
|
||||
upstreamProxies *[]types.UpstreamProxy, err error) {
|
||||
upstreamProxies *[]types.UpstreamProxy, err error,
|
||||
) {
|
||||
q := getUpstreamProxyQuery()
|
||||
q = q.Where("r.registry_parent_id = ? AND r.registry_type = 'UPSTREAM'",
|
||||
parentID)
|
||||
|
|
@ -371,17 +377,35 @@ func (r UpstreamproxyDao) mapToInternalUpstreamProxy(
|
|||
}
|
||||
|
||||
func (r UpstreamproxyDao) mapToUpstreamProxy(
|
||||
_ context.Context,
|
||||
ctx context.Context,
|
||||
dst *upstreamProxyDB,
|
||||
) (*types.UpstreamProxy, error) {
|
||||
createdBy := int64(-1)
|
||||
updatedBy := int64(-1)
|
||||
secretIdentifier := ""
|
||||
secretSpaceID := int64(-1)
|
||||
if dst.CreatedBy.Valid {
|
||||
createdBy = dst.CreatedBy.Int64
|
||||
}
|
||||
if dst.UpdatedBy.Valid {
|
||||
updatedBy = dst.UpdatedBy.Int64
|
||||
}
|
||||
if dst.SecretIdentifier.Valid {
|
||||
secretIdentifier = dst.SecretIdentifier.String
|
||||
}
|
||||
if dst.SecretSpaceID.Valid {
|
||||
secretSpaceID = int64(dst.SecretSpaceID.Int32)
|
||||
}
|
||||
|
||||
secretSpacePath := ""
|
||||
if dst.SecretSpaceID.Valid {
|
||||
primary, err := r.spacePathStore.FindPrimaryBySpaceID(ctx, int64(dst.SecretSpaceID.Int32))
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to get secret space path: %w", err)
|
||||
}
|
||||
secretSpacePath = primary.Value
|
||||
}
|
||||
|
||||
return &types.UpstreamProxy{
|
||||
ID: dst.ID,
|
||||
RegistryID: dst.RegistryID,
|
||||
|
|
@ -394,8 +418,9 @@ func (r UpstreamproxyDao) mapToUpstreamProxy(
|
|||
RepoURL: dst.RepoURL,
|
||||
RepoAuthType: dst.RepoAuthType,
|
||||
UserName: dst.UserName,
|
||||
SecretIdentifier: dst.SecretIdentifier,
|
||||
SecretSpaceID: dst.SecretSpaceID,
|
||||
SecretIdentifier: secretIdentifier,
|
||||
SecretSpaceID: secretSpaceID,
|
||||
SecretSpacePath: secretSpacePath,
|
||||
Token: dst.Token,
|
||||
CreatedAt: time.UnixMilli(dst.CreatedAt),
|
||||
UpdatedAt: time.UnixMilli(dst.UpdatedAt),
|
||||
|
|
|
|||
|
|
@ -15,6 +15,7 @@
|
|||
package database
|
||||
|
||||
import (
|
||||
corestore "github.com/harness/gitness/app/store"
|
||||
"github.com/harness/gitness/registry/app/store"
|
||||
"github.com/harness/gitness/store/database/dbtx"
|
||||
|
||||
|
|
@ -22,9 +23,12 @@ import (
|
|||
"github.com/jmoiron/sqlx"
|
||||
)
|
||||
|
||||
func ProvideUpstreamDao(db *sqlx.DB,
|
||||
registryDao store.RegistryRepository) store.UpstreamProxyConfigRepository {
|
||||
return NewUpstreamproxyDao(db, registryDao)
|
||||
func ProvideUpstreamDao(
|
||||
db *sqlx.DB,
|
||||
registryDao store.RegistryRepository,
|
||||
spacePathStore corestore.SpacePathStore,
|
||||
) store.UpstreamProxyConfigRepository {
|
||||
return NewUpstreamproxyDao(db, registryDao, spacePathStore)
|
||||
}
|
||||
|
||||
func ProvideRepoDao(db *sqlx.DB, mtRepository store.MediaTypesRepository) store.RegistryRepository {
|
||||
|
|
|
|||
|
|
@ -15,7 +15,6 @@
|
|||
package types
|
||||
|
||||
import (
|
||||
"database/sql"
|
||||
"time"
|
||||
|
||||
"github.com/harness/gitness/registry/app/api/openapi/contracts/artifact"
|
||||
|
|
@ -51,8 +50,9 @@ type UpstreamProxy struct {
|
|||
RepoURL string
|
||||
RepoAuthType string
|
||||
UserName string
|
||||
SecretIdentifier sql.NullString
|
||||
SecretSpaceID sql.NullInt32
|
||||
SecretIdentifier string
|
||||
SecretSpaceID int64
|
||||
SecretSpacePath string
|
||||
Token string
|
||||
CreatedAt time.Time
|
||||
UpdatedAt time.Time
|
||||
|
|
|
|||
Loading…
Reference in New Issue