ISSUE-2139: Fixing few issues and code workflow

deepfence · Feb 26, 2024 · ad8bace · ad8bace
1 parent 716767f
commit ad8bace
Show file tree

Hide file tree

Showing 7 changed files with 56 additions and 30 deletions.
diff --git a/deepfence_server/pkg/registry/acr/client.go b/deepfence_server/pkg/registry/acr/client.go
@@ -13,11 +13,9 @@ import (
 
 var client = &http.Client{Timeout: 10 * time.Second}
 
-func listImagesRegistryV2(url, namespace, userName, password string) ([]model.IngestedContainerImage, error) {
-
-	var (
-		images []model.IngestedContainerImage
-	)
+func listImagesRegistryV2(url, namespace, userName,
+	password string) ([]model.IngestedContainerImage, error) {
+	var images []model.IngestedContainerImage
 
 	repos, err := listCatalogRegistryV2(url, namespace, userName, password)
 	if err != nil {
@@ -38,11 +36,10 @@ func listImagesRegistryV2(url, namespace, userName, password string) ([]model.In
 	return images, nil
 }
 
-func listCatalogRegistryV2(url, namespace, userName, password string) ([]string, error) {
-	var (
-		repositories []string
-		err          error
-	)
+func listCatalogRegistryV2(url, namespace, userName,
+	password string) ([]string, error) {
+
+	var repositories []string
 
 	listReposURL := "%s/v2/_catalog"
 	queryURL := fmt.Sprintf(listReposURL, url)
@@ -57,34 +54,37 @@ func listCatalogRegistryV2(url, namespace, userName, password string) ([]string,
 	resp, err := client.Do(req)
 	if err != nil {
 		log.Error().Msg(err.Error())
+		return nil, err
 	}
 	defer resp.Body.Close()
 
 	body, err := io.ReadAll(resp.Body)
 	if err != nil {
 		log.Error().Msg(err.Error())
+		return nil, err
 	}
 
 	if resp.StatusCode != http.StatusOK {
 		err = fmt.Errorf("error bad status code %d", resp.StatusCode)
 		log.Error().Msg(err.Error())
+		return nil, err
 	}
 
 	var repos ReposResp
 	if err := json.Unmarshal(body, &repos); err != nil {
 		log.Error().Msg(err.Error())
+		return nil, err
 	}
 
 	repositories = append(repositories, repos.Repositories...)
 
 	return repositories, err
 }
 
-func listRepoTagsV2(url, namespace, userName, password, repoName string) (RepoTagsResp, error) {
-	var (
-		err      error
-		repoTags RepoTagsResp
-	)
+func listRepoTagsV2(url, namespace, userName, password,
+	repoName string) (RepoTagsResp, error) {
+
+	var repoTags RepoTagsResp
 
 	listRepoTagsURL := "%s/v2/%s/tags/list"
 	queryURL := fmt.Sprintf(listRepoTagsURL, url, repoName)

diff --git a/deepfence_server/pkg/registry/acr/types.go b/deepfence_server/pkg/registry/acr/types.go
@@ -11,11 +11,11 @@ type RegistryACR struct {
 
 type NonSecret struct {
 	AzureRegistryURL      string `json:"azure_registry_url" validate:"required,url"`
-	AzureRegistryUsername string `json:"azure_registry_username" validate:"omitempty,min=1"`
+	AzureRegistryUsername string `json:"azure_registry_username" validate:"required,min=1"`
 }
 
 type Secret struct {
-	AzureRegistryPassword string `json:"azure_registry_password" validate:"omitempty,min=1"`
+	AzureRegistryPassword string `json:"azure_registry_password" validate:"required,min=1"`
 }
 
 type ReposResp struct {

diff --git a/deepfence_server/pkg/registry/dockerhub/docker.go b/deepfence_server/pkg/registry/dockerhub/docker.go
@@ -23,7 +23,20 @@ func New(requestByte []byte) (*RegistryDockerHub, error) {
 }
 
 func (d *RegistryDockerHub) ValidateFields(v *validator.Validate) error {
-	return v.Struct(d)
+	err := v.Struct(d)
+	if (err != nil) || d.NonSecret.IsPublic == "true" {
+		return err
+	}
+
+	type AuthInfo struct {
+		DockerHubUsername string `json:"docker_hub_username" validate:"required,min=2"`
+		DockerHubPassword string `json:"docker_hub_password" validate:"required,min=2"`
+	}
+
+	auth := AuthInfo{}
+	auth.DockerHubUsername = d.NonSecret.DockerHubUsername
+	auth.DockerHubPassword = d.Secret.DockerHubPassword
+	return v.Struct(auth)
 }
 
 func (d *RegistryDockerHub) IsValidCredential() bool {

diff --git a/deepfence_server/pkg/registry/dockerprivate/dockerprivate.go b/deepfence_server/pkg/registry/dockerprivate/dockerprivate.go
@@ -21,7 +21,21 @@ func New(requestByte []byte) (*RegistryDockerPrivate, error) {
 }
 
 func (d *RegistryDockerPrivate) ValidateFields(v *validator.Validate) error {
-	return v.Struct(d)
+	err := v.Struct(d)
+	if (err != nil) || d.NonSecret.IsPublic == "true" {
+		return err
+	}
+
+	type AuthInfo struct {
+		DockerUsername string `json:"docker_username" validate:"required,min=2"`
+		DockerPassword string `json:"docker_password" validate:"required,min=2"`
+	}
+
+	auth := AuthInfo{}
+	auth.DockerUsername = d.NonSecret.DockerUsername
+	auth.DockerPassword = d.Secret.DockerPassword
+	return v.Struct(auth)
+
 }
 
 func (d *RegistryDockerPrivate) IsValidCredential() bool {

diff --git a/deepfence_server/pkg/registry/dockerprivate/types.go b/deepfence_server/pkg/registry/dockerprivate/types.go
@@ -12,6 +12,7 @@ type RegistryDockerPrivate struct {
 }
 
 type NonSecret struct {
+	IsPublic          string `json:"is_public" validate:"required"`
 	DockerRegistryURL string `json:"docker_registry_url" validate:"required,url"`
 	DockerUsername    string `json:"docker_username" validate:"omitempty,min=2"`
 }

diff --git a/deepfence_server/pkg/registry/harbor/client.go b/deepfence_server/pkg/registry/harbor/client.go
@@ -22,9 +22,7 @@ var client = &http.Client{
 
 func listImages(url, project, username, password string) ([]model.IngestedContainerImage, error) {
 
-	var (
-		images []model.IngestedContainerImage
-	)
+	var images []model.IngestedContainerImage
 
 	repos, err := listRepos(url, project, username, password)
 	if err != nil {
@@ -89,13 +87,12 @@ func listRepos(url, project, username, password string) ([]Repository, error) {
 }
 
 func listArtifacts(url, username, password, project, repo string) ([]Artifact, error) {
-	var (
-		err       error
-		artifacts []Artifact
-	)
+	var artifacts []Artifact
 
 	listRepoTagsURL := "%s/api/v2.0/projects/%s/repositories/%s/artifacts"
-	queryURL := fmt.Sprintf(listRepoTagsURL, url, project, strings.TrimPrefix(repo, project))
+	repoName := strings.TrimPrefix(repo, project)
+	repoName = strings.TrimPrefix(repoName, "/")
+	queryURL := fmt.Sprintf(listRepoTagsURL, url, project, repoName) //strings.TrimPrefix(repo, project))
 	req, err := http.NewRequest(http.MethodGet, queryURL, nil)
 	if err != nil {
 		log.Error().Msg(err.Error())

diff --git a/deepfence_server/pkg/registry/quay/client.go b/deepfence_server/pkg/registry/quay/client.go
@@ -59,14 +59,14 @@ func listRepos(url, namespace, token string) ([]Repositories, error) {
 		resp, err := client.Do(req)
 		if err != nil {
 			log.Error().Msg(err.Error())
-			break
+			return nil, err
 		}
 		defer resp.Body.Close()
 
 		body, err := io.ReadAll(resp.Body)
 		if err != nil {
 			log.Error().Msg(err.Error())
-			break
+			return nil, err
 		}
 
 		if resp.StatusCode != http.StatusOK {
@@ -76,7 +76,8 @@ func listRepos(url, namespace, token string) ([]Repositories, error) {
 		}
 
 		var repos ReposResp
-		if err := json.Unmarshal(body, &repos); err != nil {
+		err = json.Unmarshal(body, &repos)
+		if err != nil {
 			log.Error().Msg(err.Error())
 			break
 		}