def main(conf, with_notary, with_clair, with_chartmuseum):
delfile(config_dir)
config_dict = parse_yaml_config(conf, with_notary=with_notary, with_clair=with_clair, with_chartmuseum=with_chartmuseum)
validate(config_dict, notary_mode=with_notary)
prepare_log_configs(config_dict)
prepare_nginx(config_dict)
prepare_core(config_dict, with_notary=with_notary, with_clair=with_clair, with_chartmuseum=with_chartmuseum)
prepare_registry(config_dict)
prepare_registry_ctl(config_dict)
prepare_db(config_dict)
prepare_job_service(config_dict)
prepare_redis(config_dict)
get_secret_key(secret_key_dir)
# If Customized cert enabled
prepare_ca(
private_key_pem_path=private_key_pem_path,
root_crt_path=root_crt_path,
old_private_key_pem_path=old_private_key_pem_path,
old_crt_path=old_crt_path)
if with_notary:
prepare_notary(config_dict, nginx_confd_dir, SSL_CERT_PATH, SSL_CERT_KEY_PATH)
if with_clair:
prepare_clair(config_dict)
if with_chartmuseum:
prepare_chartmuseum(config_dict)
prepare_docker_compose(config_dict, with_clair, with_notary, with_chartmuseum)
def main(conf, with_notary, with_clair, with_chartmuseum):
delfile(config_dir)
config_dict = parse_yaml_config(conf)
validate(config_dict, notary_mode=with_notary)
prepare_log_configs(config_dict)
prepare_nginx(config_dict)
prepare_core(config_dict, with_notary=with_notary, with_clair=with_clair, with_chartmuseum=with_chartmuseum)
prepare_registry(config_dict)
prepare_registry_ctl(config_dict)
prepare_db(config_dict)
prepare_job_service(config_dict)
get_secret_key(secret_key_dir)
# If Customized cert enabled
prepare_ca(
private_key_pem_path=private_key_pem_path,
root_crt_path=root_crt_path,
old_private_key_pem_path=old_private_key_pem_path,
old_crt_path=old_crt_path)
if with_notary:
prepare_notary(config_dict, nginx_confd_dir, SSL_CERT_PATH, SSL_CERT_KEY_PATH)
if with_clair:
prepare_clair(config_dict)
if with_chartmuseum:
prepare_chartmuseum(config_dict)
prepare_docker_compose(config_dict, with_clair, with_notary, with_chartmuseum)
def prepare(conf, with_notary, with_clair, with_trivy, with_chartmuseum):
delfile(config_dir)
config_dict = parse_yaml_config(conf,
with_notary=with_notary,
with_clair=with_clair,
with_trivy=with_trivy,
with_chartmuseum=with_chartmuseum)
try:
validate(config_dict, notary_mode=with_notary)
except Exception as e:
click.echo('Error happened in config validation...')
logging.error(e)
sys.exit(-1)
prepare_portal(config_dict)
prepare_log_configs(config_dict)
prepare_nginx(config_dict)
prepare_core(config_dict,
with_notary=with_notary,
with_clair=with_clair,
with_trivy=with_trivy,
with_chartmuseum=with_chartmuseum)
prepare_registry(config_dict)
prepare_registry_ctl(config_dict)
prepare_db(config_dict)
prepare_job_service(config_dict)
prepare_redis(config_dict)
prepare_tls(config_dict)
prepare_trust_ca(config_dict)
get_secret_key(secret_key_dir)
# If Customized cert enabled
prepare_registry_ca(private_key_pem_path=private_key_pem_path,
root_crt_path=root_crt_path,
old_private_key_pem_path=old_private_key_pem_path,
old_crt_path=old_crt_path)
if with_notary:
prepare_notary(config_dict, nginx_confd_dir, SSL_CERT_PATH,
SSL_CERT_KEY_PATH)
if with_clair:
prepare_clair(config_dict)
prepare_clair_adapter(config_dict)
if with_trivy:
prepare_trivy_adapter(config_dict)
if with_chartmuseum:
prepare_chartmuseum(config_dict)
prepare_docker_compose(config_dict, with_clair, with_trivy, with_notary,
with_chartmuseum)
def main(conf, with_notary, with_clair, with_chartmuseum):
delfile(config_dir)
config_dict = parse_yaml_config(conf)
validate(config_dict, notary_mode=with_notary)
prepare_log_configs(config_dict)
prepare_nginx(config_dict)
prepare_core(config_dict,
with_notary=with_notary,
with_clair=with_clair,
with_chartmuseum=with_chartmuseum)
prepare_registry(config_dict)
prepare_registry_ctl(config_dict)
prepare_db(config_dict)
prepare_job_service(config_dict)
copy_secret_keys()
get_secret_key(secret_key_dir)
if config_dict['protocol'] == 'https':
copy_ssl_cert()
# If Customized cert enabled
prepare_ca(private_key_pem_path=private_key_pem_path,
root_crt_path=root_crt_path,
old_private_key_pem_path=old_private_key_pem_path,
old_crt_path=old_crt_path,
registry_custom_ca_bundle_config=
registry_custom_ca_bundle_storage_input_path,
registry_custom_ca_bundle_storage_path=
registry_custom_ca_bundle_storage_path)
if with_notary:
prepare_notary(config_dict, nginx_confd_dir, SSL_CERT_PATH,
SSL_CERT_KEY_PATH)
if with_clair:
prepare_clair(config_dict)
if with_chartmuseum:
prepare_chartmuseum(config_dict)
prepare_docker_compose(config_dict, with_clair, with_notary,
with_chartmuseum)
def main():
if not path.exists("/etc/harbor/secret/registry/root.crt"):
core_secret = generate_random_string(16)
jobservice_secret = generate_random_string(16)
chartserver_secret = generate_random_string(16)
os.system("sed -i 's/^CORE_SECRET=.*$/CORE_SECRET={}/g' /etc/harbor/core/env".format(core_secret))
os.system("sed -i 's/^JOBSERVICE_SECRET=.*$/JOBSERVICE_SECRET={}/g' /etc/harbor/core/env".format(jobservice_secret))
os.system("sed -i 's/^CORE_SECRET=.*$/CORE_SECRET={}/g' /etc/harbor/jobservice/env".format(core_secret))
os.system("sed -i 's/^JOBSERVICE_SECRET=.*$/JOBSERVICE_SECRET={}/g' /etc/harbor/jobservice/env".format(jobservice_secret))
os.system("sed -i 's/^CORE_SECRET=.*$/CORE_SECRET={}/g' /etc/harbor/registryctl/env".format(core_secret))
os.system("sed -i 's/^JOBSERVICE_SECRET=.*$/JOBSERVICE_SECRET={}/g' /etc/harbor/registryctl/env".format(jobservice_secret))
os.system("sed -i 's/^BASIC_AUTH_PASS=.*$/BASIC_AUTH_PASS={}/g' /etc/harbor/registryctl/env".format(chartserver_secret))
get_secret_key("/etc/harbor/secret/keys/")
private_key_pem_path=Path("/etc/harbor/secret/core/private_key.pem")
root_crt_path=Path("/etc/harbor/secret/registry/root.crt")
# If Customized cert enabled
prepare_ca(
private_key_pem_path=private_key_pem_path,
root_crt_path=root_crt_path,
old_private_key_pem_path=old_private_key_pem_path,
old_crt_path=old_crt_path)
os.system("chown harbor:harbor -R /etc/harbor/secret/")