def main(conf, with_notary, with_clair, with_chartmuseum): delfile(config_dir) config_dict = parse_yaml_config(conf, with_notary=with_notary, with_clair=with_clair, with_chartmuseum=with_chartmuseum) validate(config_dict, notary_mode=with_notary) prepare_log_configs(config_dict) prepare_nginx(config_dict) prepare_core(config_dict, with_notary=with_notary, with_clair=with_clair, with_chartmuseum=with_chartmuseum) prepare_registry(config_dict) prepare_registry_ctl(config_dict) prepare_db(config_dict) prepare_job_service(config_dict) prepare_redis(config_dict) get_secret_key(secret_key_dir) # If Customized cert enabled prepare_ca( private_key_pem_path=private_key_pem_path, root_crt_path=root_crt_path, old_private_key_pem_path=old_private_key_pem_path, old_crt_path=old_crt_path) if with_notary: prepare_notary(config_dict, nginx_confd_dir, SSL_CERT_PATH, SSL_CERT_KEY_PATH) if with_clair: prepare_clair(config_dict) if with_chartmuseum: prepare_chartmuseum(config_dict) prepare_docker_compose(config_dict, with_clair, with_notary, with_chartmuseum)
def main(conf, with_notary, with_clair, with_chartmuseum): delfile(config_dir) config_dict = parse_yaml_config(conf) validate(config_dict, notary_mode=with_notary) prepare_log_configs(config_dict) prepare_nginx(config_dict) prepare_core(config_dict, with_notary=with_notary, with_clair=with_clair, with_chartmuseum=with_chartmuseum) prepare_registry(config_dict) prepare_registry_ctl(config_dict) prepare_db(config_dict) prepare_job_service(config_dict) get_secret_key(secret_key_dir) # If Customized cert enabled prepare_ca( private_key_pem_path=private_key_pem_path, root_crt_path=root_crt_path, old_private_key_pem_path=old_private_key_pem_path, old_crt_path=old_crt_path) if with_notary: prepare_notary(config_dict, nginx_confd_dir, SSL_CERT_PATH, SSL_CERT_KEY_PATH) if with_clair: prepare_clair(config_dict) if with_chartmuseum: prepare_chartmuseum(config_dict) prepare_docker_compose(config_dict, with_clair, with_notary, with_chartmuseum)
def main(conf, with_notary, with_clair, with_chartmuseum): delfile(config_dir) config_dict = parse_yaml_config(conf) validate(config_dict, notary_mode=with_notary) prepare_log_configs(config_dict) prepare_nginx(config_dict) prepare_core(config_dict, with_notary=with_notary, with_clair=with_clair, with_chartmuseum=with_chartmuseum) prepare_registry(config_dict) prepare_registry_ctl(config_dict) prepare_db(config_dict) prepare_job_service(config_dict) copy_secret_keys() get_secret_key(secret_key_dir) if config_dict['protocol'] == 'https': copy_ssl_cert() # If Customized cert enabled prepare_ca(private_key_pem_path=private_key_pem_path, root_crt_path=root_crt_path, old_private_key_pem_path=old_private_key_pem_path, old_crt_path=old_crt_path, registry_custom_ca_bundle_config= registry_custom_ca_bundle_storage_input_path, registry_custom_ca_bundle_storage_path= registry_custom_ca_bundle_storage_path) if with_notary: prepare_notary(config_dict, nginx_confd_dir, SSL_CERT_PATH, SSL_CERT_KEY_PATH) if with_clair: prepare_clair(config_dict) if with_chartmuseum: prepare_chartmuseum(config_dict) prepare_docker_compose(config_dict, with_clair, with_notary, with_chartmuseum)
def main(conf, with_notary, with_clair, with_trivy, with_chartmuseum): delfile(config_dir) config_dict = parse_yaml_config(conf, with_notary=with_notary, with_clair=with_clair, with_trivy=with_trivy, with_chartmuseum=with_chartmuseum) try: validate(config_dict, notary_mode=with_notary) except Exception as e: logging.info('Error happened in config validation...') logging.error(e) sys.exit(-1) prepare_log_configs(config_dict) prepare_nginx(config_dict) prepare_core(config_dict, with_notary=with_notary, with_clair=with_clair, with_trivy=with_trivy, with_chartmuseum=with_chartmuseum) prepare_registry(config_dict) prepare_registry_ctl(config_dict) prepare_db(config_dict) prepare_job_service(config_dict) prepare_redis(config_dict) get_secret_key(secret_key_dir) # If Customized cert enabled prepare_ca( private_key_pem_path=private_key_pem_path, root_crt_path=root_crt_path, old_private_key_pem_path=old_private_key_pem_path, old_crt_path=old_crt_path) if with_notary: prepare_notary(config_dict, nginx_confd_dir, SSL_CERT_PATH, SSL_CERT_KEY_PATH) if with_clair: prepare_clair(config_dict) prepare_clair_adapter(config_dict) if with_trivy: prepare_trivy_adapter(config_dict) if with_chartmuseum: prepare_chartmuseum(config_dict) prepare_docker_compose(config_dict, with_clair, with_trivy, with_notary, with_chartmuseum)
def main(): if not path.exists("/etc/harbor/secret/registry/root.crt"): core_secret = generate_random_string(16) jobservice_secret = generate_random_string(16) chartserver_secret = generate_random_string(16) os.system("sed -i 's/^CORE_SECRET=.*$/CORE_SECRET={}/g' /etc/harbor/core/env".format(core_secret)) os.system("sed -i 's/^JOBSERVICE_SECRET=.*$/JOBSERVICE_SECRET={}/g' /etc/harbor/core/env".format(jobservice_secret)) os.system("sed -i 's/^CORE_SECRET=.*$/CORE_SECRET={}/g' /etc/harbor/jobservice/env".format(core_secret)) os.system("sed -i 's/^JOBSERVICE_SECRET=.*$/JOBSERVICE_SECRET={}/g' /etc/harbor/jobservice/env".format(jobservice_secret)) os.system("sed -i 's/^CORE_SECRET=.*$/CORE_SECRET={}/g' /etc/harbor/registryctl/env".format(core_secret)) os.system("sed -i 's/^JOBSERVICE_SECRET=.*$/JOBSERVICE_SECRET={}/g' /etc/harbor/registryctl/env".format(jobservice_secret)) os.system("sed -i 's/^BASIC_AUTH_PASS=.*$/BASIC_AUTH_PASS={}/g' /etc/harbor/registryctl/env".format(chartserver_secret)) get_secret_key("/etc/harbor/secret/keys/") private_key_pem_path=Path("/etc/harbor/secret/core/private_key.pem") root_crt_path=Path("/etc/harbor/secret/registry/root.crt") # If Customized cert enabled prepare_ca( private_key_pem_path=private_key_pem_path, root_crt_path=root_crt_path, old_private_key_pem_path=old_private_key_pem_path, old_crt_path=old_crt_path) os.system("chown harbor:harbor -R /etc/harbor/secret/")