From ad8bace532e18bc0ef37dbeb61869c481a2e7bb7 Mon Sep 17 00:00:00 2001 From: Varun Sharma Date: Mon, 26 Feb 2024 16:32:31 +0000 Subject: [PATCH] ISSUE-2139: Fixing few issues and code workflow --- deepfence_server/pkg/registry/acr/client.go | 30 +++++++++---------- deepfence_server/pkg/registry/acr/types.go | 4 +-- .../pkg/registry/dockerhub/docker.go | 15 +++++++++- .../registry/dockerprivate/dockerprivate.go | 16 +++++++++- .../pkg/registry/dockerprivate/types.go | 1 + .../pkg/registry/harbor/client.go | 13 ++++---- deepfence_server/pkg/registry/quay/client.go | 7 +++-- 7 files changed, 56 insertions(+), 30 deletions(-) diff --git a/deepfence_server/pkg/registry/acr/client.go b/deepfence_server/pkg/registry/acr/client.go index 7c49e14b0c..58ab318ab6 100644 --- a/deepfence_server/pkg/registry/acr/client.go +++ b/deepfence_server/pkg/registry/acr/client.go @@ -13,11 +13,9 @@ import ( var client = &http.Client{Timeout: 10 * time.Second} -func listImagesRegistryV2(url, namespace, userName, password string) ([]model.IngestedContainerImage, error) { - - var ( - images []model.IngestedContainerImage - ) +func listImagesRegistryV2(url, namespace, userName, + password string) ([]model.IngestedContainerImage, error) { + var images []model.IngestedContainerImage repos, err := listCatalogRegistryV2(url, namespace, userName, password) if err != nil { @@ -38,11 +36,10 @@ func listImagesRegistryV2(url, namespace, userName, password string) ([]model.In return images, nil } -func listCatalogRegistryV2(url, namespace, userName, password string) ([]string, error) { - var ( - repositories []string - err error - ) +func listCatalogRegistryV2(url, namespace, userName, + password string) ([]string, error) { + + var repositories []string listReposURL := "%s/v2/_catalog" queryURL := fmt.Sprintf(listReposURL, url) @@ -57,22 +54,26 @@ func listCatalogRegistryV2(url, namespace, userName, password string) ([]string, resp, err := client.Do(req) if err != nil { log.Error().Msg(err.Error()) + return nil, err } defer resp.Body.Close() body, err := io.ReadAll(resp.Body) if err != nil { log.Error().Msg(err.Error()) + return nil, err } if resp.StatusCode != http.StatusOK { err = fmt.Errorf("error bad status code %d", resp.StatusCode) log.Error().Msg(err.Error()) + return nil, err } var repos ReposResp if err := json.Unmarshal(body, &repos); err != nil { log.Error().Msg(err.Error()) + return nil, err } repositories = append(repositories, repos.Repositories...) @@ -80,11 +81,10 @@ func listCatalogRegistryV2(url, namespace, userName, password string) ([]string, return repositories, err } -func listRepoTagsV2(url, namespace, userName, password, repoName string) (RepoTagsResp, error) { - var ( - err error - repoTags RepoTagsResp - ) +func listRepoTagsV2(url, namespace, userName, password, + repoName string) (RepoTagsResp, error) { + + var repoTags RepoTagsResp listRepoTagsURL := "%s/v2/%s/tags/list" queryURL := fmt.Sprintf(listRepoTagsURL, url, repoName) diff --git a/deepfence_server/pkg/registry/acr/types.go b/deepfence_server/pkg/registry/acr/types.go index e108b0e038..8e41213cc3 100644 --- a/deepfence_server/pkg/registry/acr/types.go +++ b/deepfence_server/pkg/registry/acr/types.go @@ -11,11 +11,11 @@ type RegistryACR struct { type NonSecret struct { AzureRegistryURL string `json:"azure_registry_url" validate:"required,url"` - AzureRegistryUsername string `json:"azure_registry_username" validate:"omitempty,min=1"` + AzureRegistryUsername string `json:"azure_registry_username" validate:"required,min=1"` } type Secret struct { - AzureRegistryPassword string `json:"azure_registry_password" validate:"omitempty,min=1"` + AzureRegistryPassword string `json:"azure_registry_password" validate:"required,min=1"` } type ReposResp struct { diff --git a/deepfence_server/pkg/registry/dockerhub/docker.go b/deepfence_server/pkg/registry/dockerhub/docker.go index 5d1edc502c..d32ec90eb3 100644 --- a/deepfence_server/pkg/registry/dockerhub/docker.go +++ b/deepfence_server/pkg/registry/dockerhub/docker.go @@ -23,7 +23,20 @@ func New(requestByte []byte) (*RegistryDockerHub, error) { } func (d *RegistryDockerHub) ValidateFields(v *validator.Validate) error { - return v.Struct(d) + err := v.Struct(d) + if (err != nil) || d.NonSecret.IsPublic == "true" { + return err + } + + type AuthInfo struct { + DockerHubUsername string `json:"docker_hub_username" validate:"required,min=2"` + DockerHubPassword string `json:"docker_hub_password" validate:"required,min=2"` + } + + auth := AuthInfo{} + auth.DockerHubUsername = d.NonSecret.DockerHubUsername + auth.DockerHubPassword = d.Secret.DockerHubPassword + return v.Struct(auth) } func (d *RegistryDockerHub) IsValidCredential() bool { diff --git a/deepfence_server/pkg/registry/dockerprivate/dockerprivate.go b/deepfence_server/pkg/registry/dockerprivate/dockerprivate.go index d6815a6aaf..d5abb3037a 100644 --- a/deepfence_server/pkg/registry/dockerprivate/dockerprivate.go +++ b/deepfence_server/pkg/registry/dockerprivate/dockerprivate.go @@ -21,7 +21,21 @@ func New(requestByte []byte) (*RegistryDockerPrivate, error) { } func (d *RegistryDockerPrivate) ValidateFields(v *validator.Validate) error { - return v.Struct(d) + err := v.Struct(d) + if (err != nil) || d.NonSecret.IsPublic == "true" { + return err + } + + type AuthInfo struct { + DockerUsername string `json:"docker_username" validate:"required,min=2"` + DockerPassword string `json:"docker_password" validate:"required,min=2"` + } + + auth := AuthInfo{} + auth.DockerUsername = d.NonSecret.DockerUsername + auth.DockerPassword = d.Secret.DockerPassword + return v.Struct(auth) + } func (d *RegistryDockerPrivate) IsValidCredential() bool { diff --git a/deepfence_server/pkg/registry/dockerprivate/types.go b/deepfence_server/pkg/registry/dockerprivate/types.go index cb14f53733..c3455dfe76 100644 --- a/deepfence_server/pkg/registry/dockerprivate/types.go +++ b/deepfence_server/pkg/registry/dockerprivate/types.go @@ -12,6 +12,7 @@ type RegistryDockerPrivate struct { } type NonSecret struct { + IsPublic string `json:"is_public" validate:"required"` DockerRegistryURL string `json:"docker_registry_url" validate:"required,url"` DockerUsername string `json:"docker_username" validate:"omitempty,min=2"` } diff --git a/deepfence_server/pkg/registry/harbor/client.go b/deepfence_server/pkg/registry/harbor/client.go index ab92976143..ad7d1cf216 100644 --- a/deepfence_server/pkg/registry/harbor/client.go +++ b/deepfence_server/pkg/registry/harbor/client.go @@ -22,9 +22,7 @@ var client = &http.Client{ func listImages(url, project, username, password string) ([]model.IngestedContainerImage, error) { - var ( - images []model.IngestedContainerImage - ) + var images []model.IngestedContainerImage repos, err := listRepos(url, project, username, password) if err != nil { @@ -89,13 +87,12 @@ func listRepos(url, project, username, password string) ([]Repository, error) { } func listArtifacts(url, username, password, project, repo string) ([]Artifact, error) { - var ( - err error - artifacts []Artifact - ) + var artifacts []Artifact listRepoTagsURL := "%s/api/v2.0/projects/%s/repositories/%s/artifacts" - queryURL := fmt.Sprintf(listRepoTagsURL, url, project, strings.TrimPrefix(repo, project)) + repoName := strings.TrimPrefix(repo, project) + repoName = strings.TrimPrefix(repoName, "/") + queryURL := fmt.Sprintf(listRepoTagsURL, url, project, repoName) //strings.TrimPrefix(repo, project)) req, err := http.NewRequest(http.MethodGet, queryURL, nil) if err != nil { log.Error().Msg(err.Error()) diff --git a/deepfence_server/pkg/registry/quay/client.go b/deepfence_server/pkg/registry/quay/client.go index 97ef7ce0b0..3f0b98a5c2 100644 --- a/deepfence_server/pkg/registry/quay/client.go +++ b/deepfence_server/pkg/registry/quay/client.go @@ -59,14 +59,14 @@ func listRepos(url, namespace, token string) ([]Repositories, error) { resp, err := client.Do(req) if err != nil { log.Error().Msg(err.Error()) - break + return nil, err } defer resp.Body.Close() body, err := io.ReadAll(resp.Body) if err != nil { log.Error().Msg(err.Error()) - break + return nil, err } if resp.StatusCode != http.StatusOK { @@ -76,7 +76,8 @@ func listRepos(url, namespace, token string) ([]Repositories, error) { } var repos ReposResp - if err := json.Unmarshal(body, &repos); err != nil { + err = json.Unmarshal(body, &repos) + if err != nil { log.Error().Msg(err.Error()) break }