コード例 #1
0
ファイル: core.py プロジェクト: sbhnet/arm64_harbor_193
def prepare_core(config_dict, with_notary, with_clair, with_chartmuseum):
    prepare_dir(psc_dir, uid=DEFAULT_UID, gid=DEFAULT_GID)
    prepare_dir(ca_download_dir, uid=DEFAULT_UID, gid=DEFAULT_GID)
    prepare_dir(core_config_dir)
    # Render Core
    # set cache for chart repo server
    # default set 'memory' mode, if redis is configured then set to 'redis'
    if len(config_dict['redis_host']) > 0:
        chart_cache_driver = "redis"
    else:
        chart_cache_driver = "memory"

    render_jinja(
        core_env_template_path,
        core_conf_env,
        chart_cache_driver=chart_cache_driver,
        with_notary=with_notary,
        with_clair=with_clair,
        with_chartmuseum=with_chartmuseum,
        **config_dict)

    render_jinja(
        core_conf_template_path,
        core_conf,
        uid=DEFAULT_UID,
        gid=DEFAULT_GID,
        xsrf_key=generate_random_string(40))
コード例 #2
0
def generate_name(name):
    if name.endswith('.jpeg'):
        ext = name[len(name) - 5::]
    else:
        ext = name[len(name) - 4::]
    name = name.strip(ext)
    name += "_" + misc.generate_random_string(32)
    name += ext
    return name
コード例 #3
0
ファイル: core.py プロジェクト: ypyaaa/harbor
def render_config_env(config_dict, with_notary, with_clair, with_chartmuseum):
    # Use reload_key to avoid reload config after restart harbor
    reload_key = generate_random_string(
        6) if config_dict['reload_config'] == "true" else ""

    render_jinja(core_config_env_template,
                 core_config_env,
                 with_notary=with_notary,
                 with_clair=with_clair,
                 with_chartmuseum=with_chartmuseum,
                 reload_key=reload_key,
                 **config_dict)
コード例 #4
0
ファイル: config-rpm.py プロジェクト: mjaperta/harbor-rpm
def main():
    if not path.exists("/etc/harbor/secret/registry/root.crt"):
        core_secret = generate_random_string(16)
        jobservice_secret = generate_random_string(16)
        chartserver_secret = generate_random_string(16)
        os.system("sed -i 's/^CORE_SECRET=.*$/CORE_SECRET={}/g' /etc/harbor/core/env".format(core_secret))
        os.system("sed -i 's/^JOBSERVICE_SECRET=.*$/JOBSERVICE_SECRET={}/g' /etc/harbor/core/env".format(jobservice_secret))
        os.system("sed -i 's/^CORE_SECRET=.*$/CORE_SECRET={}/g' /etc/harbor/jobservice/env".format(core_secret))
        os.system("sed -i 's/^JOBSERVICE_SECRET=.*$/JOBSERVICE_SECRET={}/g' /etc/harbor/jobservice/env".format(jobservice_secret))
        os.system("sed -i 's/^CORE_SECRET=.*$/CORE_SECRET={}/g' /etc/harbor/registryctl/env".format(core_secret))
        os.system("sed -i 's/^JOBSERVICE_SECRET=.*$/JOBSERVICE_SECRET={}/g' /etc/harbor/registryctl/env".format(jobservice_secret))
        os.system("sed -i 's/^BASIC_AUTH_PASS=.*$/BASIC_AUTH_PASS={}/g' /etc/harbor/registryctl/env".format(chartserver_secret))

    get_secret_key("/etc/harbor/secret/keys/")

    private_key_pem_path=Path("/etc/harbor/secret/core/private_key.pem")
    root_crt_path=Path("/etc/harbor/secret/registry/root.crt")
    #  If Customized cert enabled
    prepare_ca(
        private_key_pem_path=private_key_pem_path,
        root_crt_path=root_crt_path,
        old_private_key_pem_path=old_private_key_pem_path,
        old_crt_path=old_crt_path)
    os.system("chown harbor:harbor -R /etc/harbor/secret/")
コード例 #5
0
 def __init__(self, user_id, user_email=None):
     self.user_id = user_id
     self.lock = redis_lock.Lock(db.r, user_id)
     if db.get_user_dict(user_id):
         self.__dict__.update(db.get_user_dict(user_id))
     else:
         self.email = user_email
         self.ivle_token = ''
         self.modules = []
         self.enabled = False
         self.uploadable_folder = False
         self.target = None
         self.last_target = None
         self.target_settings = {}
         self.synced_files = []
         self.key = misc.generate_random_string(16)
         self.update()
コード例 #6
0
def parse_yaml_config(config_file_path, with_notary, with_trivy,
                      with_chartmuseum):
    '''
    :param configs: config_parser object
    :returns: dict of configs
    '''

    with open(config_file_path) as f:
        configs = yaml.safe_load(f)

    config_dict = {
        'portal_url': 'http://portal:8080',
        'registry_url': 'http://registry:5000',
        'registry_controller_url': 'http://registryctl:8080',
        'core_url': 'http://core:8080',
        'core_local_url': 'http://127.0.0.1:8080',
        'token_service_url': 'http://core:8080/service/token',
        'jobservice_url': 'http://jobservice:8080',
        'trivy_adapter_url': 'http://trivy-adapter:8080',
        'notary_url': 'http://notary-server:4443',
        'chart_repository_url': 'http://chartmuseum:9999'
    }

    config_dict['hostname'] = configs["hostname"]

    config_dict['protocol'] = 'http'
    http_config = configs.get('http') or {}
    config_dict['http_port'] = http_config.get('port', 80)

    https_config = configs.get('https')
    if https_config:
        config_dict['protocol'] = 'https'
        config_dict['https_port'] = https_config.get('port', 443)
        config_dict['cert_path'] = https_config["certificate"]
        config_dict['cert_key_path'] = https_config["private_key"]

    if configs.get('external_url'):
        config_dict['public_url'] = configs.get('external_url')
    else:
        if config_dict['protocol'] == 'https':
            if config_dict['https_port'] == 443:
                config_dict['public_url'] = '{protocol}://{hostname}'.format(
                    **config_dict)
            else:
                config_dict[
                    'public_url'] = '{protocol}://{hostname}:{https_port}'.format(
                        **config_dict)
        else:
            if config_dict['http_port'] == 80:
                config_dict['public_url'] = '{protocol}://{hostname}'.format(
                    **config_dict)
            else:
                config_dict[
                    'public_url'] = '{protocol}://{hostname}:{http_port}'.format(
                        **config_dict)

    # DB configs
    db_configs = configs.get('database')
    if db_configs:
        # harbor db
        config_dict['harbor_db_host'] = 'postgresql'
        config_dict['harbor_db_port'] = 5432
        config_dict['harbor_db_name'] = 'registry'
        config_dict['harbor_db_username'] = '******'
        config_dict['harbor_db_password'] = db_configs.get("password") or ''
        config_dict['harbor_db_sslmode'] = 'disable'
        config_dict['harbor_db_max_idle_conns'] = db_configs.get(
            "max_idle_conns") or default_db_max_idle_conns
        config_dict['harbor_db_max_open_conns'] = db_configs.get(
            "max_open_conns") or default_db_max_open_conns

        if with_notary:
            # notary signer
            config_dict['notary_signer_db_host'] = 'postgresql'
            config_dict['notary_signer_db_port'] = 5432
            config_dict['notary_signer_db_name'] = 'notarysigner'
            config_dict['notary_signer_db_username'] = '******'
            config_dict['notary_signer_db_password'] = '******'
            config_dict['notary_signer_db_sslmode'] = 'disable'
            # notary server
            config_dict['notary_server_db_host'] = 'postgresql'
            config_dict['notary_server_db_port'] = 5432
            config_dict['notary_server_db_name'] = 'notaryserver'
            config_dict['notary_server_db_username'] = '******'
            config_dict['notary_server_db_password'] = '******'
            config_dict['notary_server_db_sslmode'] = 'disable'

    # Data path volume
    config_dict['data_volume'] = configs['data_volume']

    # Initial Admin Password
    config_dict['harbor_admin_password'] = configs["harbor_admin_password"]

    # Registry storage configs
    storage_config = configs.get('storage_service') or {}

    config_dict['registry_custom_ca_bundle_path'] = storage_config.get(
        'ca_bundle') or ''

    if storage_config.get('filesystem'):
        config_dict['storage_provider_name'] = 'filesystem'
        config_dict['storage_provider_config'] = storage_config['filesystem']
    elif storage_config.get('azure'):
        config_dict['storage_provider_name'] = 'azure'
        config_dict['storage_provider_config'] = storage_config['azure']
    elif storage_config.get('gcs'):
        config_dict['storage_provider_name'] = 'gcs'
        config_dict['storage_provider_config'] = storage_config['gcs']
    elif storage_config.get('s3'):
        config_dict['storage_provider_name'] = 's3'
        config_dict['storage_provider_config'] = storage_config['s3']
    elif storage_config.get('swift'):
        config_dict['storage_provider_name'] = 'swift'
        config_dict['storage_provider_config'] = storage_config['swift']
    elif storage_config.get('oss'):
        config_dict['storage_provider_name'] = 'oss'
        config_dict['storage_provider_config'] = storage_config['oss']
    else:
        config_dict['storage_provider_name'] = 'filesystem'
        config_dict['storage_provider_config'] = {}

    if storage_config.get('redirect'):
        config_dict['storage_redirect_disabled'] = storage_config['redirect'][
            'disabled']

    # Global proxy configs
    proxy_config = configs.get('proxy') or {}
    proxy_components = proxy_config.get('components') or []
    no_proxy_config = proxy_config.get('no_proxy')
    all_no_proxy = INTERNAL_NO_PROXY_DN
    if no_proxy_config:
        all_no_proxy |= set(no_proxy_config.split(','))

    for proxy_component in proxy_components:
        config_dict[proxy_component +
                    '_http_proxy'] = proxy_config.get('http_proxy') or ''
        config_dict[proxy_component +
                    '_https_proxy'] = proxy_config.get('https_proxy') or ''
        config_dict[proxy_component + '_no_proxy'] = ','.join(all_no_proxy)

    # Trivy configs, optional
    trivy_configs = configs.get("trivy") or {}
    config_dict['trivy_github_token'] = trivy_configs.get("github_token") or ''
    config_dict['trivy_skip_update'] = trivy_configs.get(
        "skip_update") or False
    config_dict['trivy_offline_scan'] = trivy_configs.get(
        "offline_scan") or False
    config_dict['trivy_ignore_unfixed'] = trivy_configs.get(
        "ignore_unfixed") or False
    config_dict['trivy_insecure'] = trivy_configs.get("insecure") or False
    config_dict['trivy_timeout'] = trivy_configs.get("timeout") or '5m0s'

    # Chart configs
    chart_configs = configs.get("chart") or {}
    if chart_configs.get('absolute_url') == 'enabled':
        config_dict['chart_absolute_url'] = True
    else:
        config_dict['chart_absolute_url'] = False

    # jobservice config
    js_config = configs.get('jobservice') or {}
    config_dict['max_job_workers'] = js_config["max_job_workers"]
    config_dict['jobservice_secret'] = generate_random_string(16)

    # notification config
    notification_config = configs.get('notification') or {}
    config_dict['notification_webhook_job_max_retry'] = notification_config[
        "webhook_job_max_retry"]

    # Log configs
    allowed_levels = ['debug', 'info', 'warning', 'error', 'fatal']
    log_configs = configs.get('log') or {}

    log_level = log_configs['level']
    if log_level not in allowed_levels:
        raise Exception(
            'log level must be one of debug, info, warning, error, fatal')
    config_dict['log_level'] = log_level.lower()

    # parse local log related configs
    local_logs = log_configs.get('local') or {}
    if local_logs:
        config_dict['log_location'] = local_logs.get(
            'location') or '/var/log/harbor'
        config_dict['log_rotate_count'] = local_logs.get('rotate_count') or 50
        config_dict['log_rotate_size'] = local_logs.get(
            'rotate_size') or '200M'

    # parse external log endpoint related configs
    if log_configs.get('external_endpoint'):
        config_dict['log_external'] = True
        config_dict['log_ep_protocol'] = log_configs['external_endpoint'][
            'protocol']
        config_dict['log_ep_host'] = log_configs['external_endpoint']['host']
        config_dict['log_ep_port'] = log_configs['external_endpoint']['port']
    else:
        config_dict['log_external'] = False

    # external DB, optional, if external_db enabled, it will cover the database config
    external_db_configs = configs.get('external_database') or {}
    if external_db_configs:
        config_dict['external_database'] = True
        # harbor db
        config_dict['harbor_db_host'] = external_db_configs['harbor']['host']
        config_dict['harbor_db_port'] = external_db_configs['harbor']['port']
        config_dict['harbor_db_name'] = external_db_configs['harbor'][
            'db_name']
        config_dict['harbor_db_username'] = external_db_configs['harbor'][
            'username']
        config_dict['harbor_db_password'] = external_db_configs['harbor'][
            'password']
        config_dict['harbor_db_sslmode'] = external_db_configs['harbor'][
            'ssl_mode']
        config_dict['harbor_db_max_idle_conns'] = external_db_configs[
            'harbor'].get("max_idle_conns") or default_db_max_idle_conns
        config_dict['harbor_db_max_open_conns'] = external_db_configs[
            'harbor'].get("max_open_conns") or default_db_max_open_conns

        if with_notary:
            # notary signer
            config_dict['notary_signer_db_host'] = external_db_configs[
                'notary_signer']['host']
            config_dict['notary_signer_db_port'] = external_db_configs[
                'notary_signer']['port']
            config_dict['notary_signer_db_name'] = external_db_configs[
                'notary_signer']['db_name']
            config_dict['notary_signer_db_username'] = external_db_configs[
                'notary_signer']['username']
            config_dict['notary_signer_db_password'] = external_db_configs[
                'notary_signer']['password']
            config_dict['notary_signer_db_sslmode'] = external_db_configs[
                'notary_signer']['ssl_mode']
            # notary server
            config_dict['notary_server_db_host'] = external_db_configs[
                'notary_server']['host']
            config_dict['notary_server_db_port'] = external_db_configs[
                'notary_server']['port']
            config_dict['notary_server_db_name'] = external_db_configs[
                'notary_server']['db_name']
            config_dict['notary_server_db_username'] = external_db_configs[
                'notary_server']['username']
            config_dict['notary_server_db_password'] = external_db_configs[
                'notary_server']['password']
            config_dict['notary_server_db_sslmode'] = external_db_configs[
                'notary_server']['ssl_mode']
    else:
        config_dict['external_database'] = False

    # update redis configs
    config_dict.update(
        get_redis_configs(configs.get("external_redis", None), with_trivy))

    # auto generated secret string for core
    config_dict['core_secret'] = generate_random_string(16)

    # UAA configs
    config_dict['uaa'] = configs.get('uaa') or {}

    config_dict['registry_username'] = REGISTRY_USER_NAME
    config_dict['registry_password'] = generate_random_string(32)

    internal_tls_config = configs.get('internal_tls')
    # TLS related configs
    if internal_tls_config and internal_tls_config.get('enabled'):
        config_dict['internal_tls'] = InternalTLS(
            internal_tls_config['enabled'],
            False,
            internal_tls_config['dir'],
            configs['data_volume'],
            with_notary=with_notary,
            with_trivy=with_trivy,
            with_chartmuseum=with_chartmuseum,
            external_database=config_dict['external_database'])
    else:
        config_dict['internal_tls'] = InternalTLS()

    # metric configs
    metric_config = configs.get('metric')
    if metric_config:
        config_dict['metric'] = Metric(metric_config['enabled'],
                                       metric_config['port'],
                                       metric_config['path'])
    else:
        config_dict['metric'] = Metric()

    # trace configs
    trace_config = configs.get('trace')
    config_dict['trace'] = Trace(trace_config or {})

    if config_dict['internal_tls'].enabled:
        config_dict['portal_url'] = 'https://portal:8443'
        config_dict['registry_url'] = 'https://registry:5443'
        config_dict['registry_controller_url'] = 'https://registryctl:8443'
        config_dict['core_url'] = 'https://core:8443'
        config_dict['core_local_url'] = 'https://core:8443'
        config_dict['token_service_url'] = 'https://core:8443/service/token'
        config_dict['jobservice_url'] = 'https://jobservice:8443'
        config_dict['trivy_adapter_url'] = 'https://trivy-adapter:8443'
        # config_dict['notary_url'] = 'http://notary-server:4443'
        config_dict['chart_repository_url'] = 'https://chartmuseum:9443'

    # purge upload configs
    purge_upload_config = configs.get('upload_purging')
    config_dict['purge_upload'] = PurgeUpload(purge_upload_config or {})

    return config_dict
コード例 #7
0
def parse_yaml_config(config_file_path, with_notary, with_clair, with_chartmuseum):
    '''
    :param configs: config_parser object
    :returns: dict of configs
    '''

    with open(config_file_path) as f:
        configs = yaml.load(f)

    config_dict = {
        'adminserver_url': "http://adminserver:8080",
        'registry_url': "http://registry:5000",
        'registry_controller_url': "http://registryctl:8080",
        'core_url': "http://core:8080",
        'core_local_url': "http://127.0.0.1:8080",
        'token_service_url': "http://core:8080/service/token",
        'jobservice_url': 'http://jobservice:8080',
        'clair_url': 'http://clair:6060',
        'clair_adapter_url': 'http://clair-adapter:8080',
        'notary_url': 'http://notary-server:4443',
        'chart_repository_url': 'http://chartmuseum:9999'
    }

    config_dict['hostname'] = configs["hostname"]

    config_dict['protocol'] = 'http'
    http_config = configs.get('http') or {}
    config_dict['http_port'] = http_config.get('port', 80)

    https_config = configs.get('https')
    if https_config:
        config_dict['protocol'] = 'https'
        config_dict['https_port'] = https_config.get('port', 443)
        config_dict['cert_path'] = https_config["certificate"]
        config_dict['cert_key_path'] = https_config["private_key"]

    if configs.get('external_url'):
        config_dict['public_url'] = configs.get('external_url')
    else:
        if config_dict['protocol'] == 'https':
            if config_dict['https_port'] == 443:
                config_dict['public_url'] = '{protocol}://{hostname}'.format(**config_dict)
            else:
                config_dict['public_url'] = '{protocol}://{hostname}:{https_port}'.format(**config_dict)
        else:
            if config_dict['http_port'] == 80:
                config_dict['public_url'] = '{protocol}://{hostname}'.format(**config_dict)
            else:
                config_dict['public_url'] = '{protocol}://{hostname}:{http_port}'.format(**config_dict)

    # DB configs
    db_configs = configs.get('database')
    if db_configs:
        # harbor db
        config_dict['harbor_db_host'] = 'postgresql'
        config_dict['harbor_db_port'] = 5432
        config_dict['harbor_db_name'] = 'registry'
        config_dict['harbor_db_username'] = '******'
        config_dict['harbor_db_password'] = db_configs.get("password") or ''
        config_dict['harbor_db_sslmode'] = 'disable'
        config_dict['harbor_db_max_idle_conns'] = db_configs.get("max_idle_conns") or default_db_max_idle_conns
        config_dict['harbor_db_max_open_conns'] = db_configs.get("max_open_conns") or default_db_max_open_conns

        if with_clair:
            # clair db
            config_dict['clair_db_host'] = 'postgresql'
            config_dict['clair_db_port'] = 5432
            config_dict['clair_db_name'] = 'postgres'
            config_dict['clair_db_username'] = '******'
            config_dict['clair_db_password'] = db_configs.get("password") or ''
            config_dict['clair_db_sslmode'] = 'disable'

        if with_notary:
            # notary signer
            config_dict['notary_signer_db_host'] = 'postgresql'
            config_dict['notary_signer_db_port'] = 5432
            config_dict['notary_signer_db_name'] = 'notarysigner'
            config_dict['notary_signer_db_username'] = '******'
            config_dict['notary_signer_db_password'] = '******'
            config_dict['notary_signer_db_sslmode'] = 'disable'
            # notary server
            config_dict['notary_server_db_host'] = 'postgresql'
            config_dict['notary_server_db_port'] = 5432
            config_dict['notary_server_db_name'] = 'notaryserver'
            config_dict['notary_server_db_username'] = '******'
            config_dict['notary_server_db_password'] = '******'
            config_dict['notary_server_db_sslmode'] = 'disable'


    # Data path volume
    config_dict['data_volume'] = configs['data_volume']

    # Initial Admin Password
    config_dict['harbor_admin_password'] = configs["harbor_admin_password"]

    # Registry storage configs
    storage_config = configs.get('storage_service') or {}

    config_dict['registry_custom_ca_bundle_path'] = storage_config.get('ca_bundle') or ''

    if storage_config.get('filesystem'):
        config_dict['storage_provider_name'] = 'filesystem'
        config_dict['storage_provider_config'] = storage_config['filesystem']
    elif storage_config.get('azure'):
        config_dict['storage_provider_name'] = 'azure'
        config_dict['storage_provider_config'] = storage_config['azure']
    elif storage_config.get('gcs'):
        config_dict['storage_provider_name'] = 'gcs'
        config_dict['storage_provider_config'] = storage_config['gcs']
    elif storage_config.get('s3'):
        config_dict['storage_provider_name'] = 's3'
        config_dict['storage_provider_config'] = storage_config['s3']
    elif storage_config.get('swift'):
        config_dict['storage_provider_name'] = 'swift'
        config_dict['storage_provider_config'] = storage_config['swift']
    elif storage_config.get('oss'):
        config_dict['storage_provider_name'] = 'oss'
        config_dict['storage_provider_config'] = storage_config['oss']
    else:
        config_dict['storage_provider_name'] = 'filesystem'
        config_dict['storage_provider_config'] = {}

    if storage_config.get('redirect'):
        config_dict['storage_redirect_disabled'] = storage_config['redirect']['disabled']

    # Global proxy configs
    proxy_config = configs.get('proxy') or {}
    proxy_components = proxy_config.get('components') or []
    no_proxy_config = proxy_config.get('no_proxy')
    all_no_proxy = INTERNAL_NO_PROXY_DN
    if no_proxy_config:
        all_no_proxy |= set(no_proxy_config.split(','))

    for proxy_component in proxy_components:
      config_dict[proxy_component + '_http_proxy'] = proxy_config.get('http_proxy') or ''
      config_dict[proxy_component + '_https_proxy'] = proxy_config.get('https_proxy') or ''
      config_dict[proxy_component + '_no_proxy'] = ','.join(all_no_proxy)

    # Clair configs, optional
    clair_configs = configs.get("clair") or {}
    config_dict['clair_db'] = 'postgres'
    updaters_interval = clair_configs.get("updaters_interval", None)
    config_dict['clair_updaters_interval'] = 12 if updaters_interval is None else updaters_interval

    # Chart configs
    chart_configs = configs.get("chart") or {}
    config_dict['chart_absolute_url'] = chart_configs.get('absolute_url') or ''

    # jobservice config
    js_config = configs.get('jobservice') or {}
    config_dict['max_job_workers'] = js_config["max_job_workers"]
    config_dict['jobservice_secret'] = generate_random_string(16)

    # notification config
    notification_config = configs.get('notification') or {}
    config_dict['notification_webhook_job_max_retry'] = notification_config["webhook_job_max_retry"]

    # Log configs
    allowed_levels = ['debug', 'info', 'warning', 'error', 'fatal']
    log_configs = configs.get('log') or {}

    log_level = log_configs['level']
    if log_level not in allowed_levels:
        raise Exception('log level must be one of debug, info, warning, error, fatal')
    config_dict['log_level'] = log_level.lower()

    # parse local log related configs
    local_logs = log_configs.get('local') or {}
    if local_logs:
        config_dict['log_location'] = local_logs.get('location') or '/var/log/harbor'
        config_dict['log_rotate_count'] = local_logs.get('rotate_count') or 50
        config_dict['log_rotate_size'] = local_logs.get('rotate_size') or '200M'

    # parse external log endpoint related configs
    if log_configs.get('external_endpoint'):
        config_dict['log_external'] = True
        config_dict['log_ep_protocol'] = log_configs['external_endpoint']['protocol']
        config_dict['log_ep_host'] = log_configs['external_endpoint']['host']
        config_dict['log_ep_port'] = log_configs['external_endpoint']['port']
    else:
        config_dict['log_external'] = False

    # external DB, optional, if external_db enabled, it will cover the database config
    external_db_configs = configs.get('external_database') or {}
    if external_db_configs:
        config_dict['external_database'] = True
        # harbor db
        config_dict['harbor_db_host'] = external_db_configs['harbor']['host']
        config_dict['harbor_db_port'] = external_db_configs['harbor']['port']
        config_dict['harbor_db_name'] = external_db_configs['harbor']['db_name']
        config_dict['harbor_db_username'] = external_db_configs['harbor']['username']
        config_dict['harbor_db_password'] = external_db_configs['harbor']['password']
        config_dict['harbor_db_sslmode'] = external_db_configs['harbor']['ssl_mode']
        config_dict['harbor_db_max_idle_conns'] = external_db_configs['harbor'].get("max_idle_conns") or default_db_max_idle_conns
        config_dict['harbor_db_max_open_conns'] = external_db_configs['harbor'].get("max_open_conns") or default_db_max_open_conns

        if with_clair:
            # clair db
            config_dict['clair_db_host'] = external_db_configs['clair']['host']
            config_dict['clair_db_port'] = external_db_configs['clair']['port']
            config_dict['clair_db_name'] = external_db_configs['clair']['db_name']
            config_dict['clair_db_username'] = external_db_configs['clair']['username']
            config_dict['clair_db_password'] = external_db_configs['clair']['password']
            config_dict['clair_db_sslmode'] = external_db_configs['clair']['ssl_mode']
        if with_notary:
            # notary signer
            config_dict['notary_signer_db_host'] = external_db_configs['notary_signer']['host']
            config_dict['notary_signer_db_port'] = external_db_configs['notary_signer']['port']
            config_dict['notary_signer_db_name'] = external_db_configs['notary_signer']['db_name']
            config_dict['notary_signer_db_username'] = external_db_configs['notary_signer']['username']
            config_dict['notary_signer_db_password'] = external_db_configs['notary_signer']['password']
            config_dict['notary_signer_db_sslmode'] = external_db_configs['notary_signer']['ssl_mode']
            # notary server
            config_dict['notary_server_db_host'] = external_db_configs['notary_server']['host']
            config_dict['notary_server_db_port'] = external_db_configs['notary_server']['port']
            config_dict['notary_server_db_name'] = external_db_configs['notary_server']['db_name']
            config_dict['notary_server_db_username'] = external_db_configs['notary_server']['username']
            config_dict['notary_server_db_password'] = external_db_configs['notary_server']['password']
            config_dict['notary_server_db_sslmode'] = external_db_configs['notary_server']['ssl_mode']
    else:
        config_dict['external_database'] = False

    # update redis configs
    config_dict.update(get_redis_configs(configs.get("external_redis", None), with_clair))

    # auto generated secret string for core
    config_dict['core_secret'] = generate_random_string(16)

    # UAA configs
    config_dict['uaa'] = configs.get('uaa') or {}

    return config_dict
コード例 #8
0
def generate_csrf_token():
    if '_csrf_token' not in session:
        session['_csrf_token'] = misc.generate_random_string(64)
    return session['_csrf_token']
コード例 #9
0
ファイル: app.py プロジェクト: sdamashek/ctf-platform
def generate_csrf_token():
    if '_csrf_token' not in session:
        session['_csrf_token'] = misc.generate_random_string(64)
    return session['_csrf_token']
コード例 #10
0
def generate_user_emergency(user_id):
    authcode = generate_random_string(32)
    key = PREFIX_EMERGENCY_LOGIN + user_id
    r.set(key, authcode)
    r.expire(key, 1800)
    return authcode