From d27ed548fb39a2b24418e76d2f225d00f1165395 Mon Sep 17 00:00:00 2001 From: shreddedbacon Date: Fri, 7 Jun 2024 18:45:48 +1000 Subject: [PATCH] chore: remove harbor 2.1.x and under support --- controllers/v1beta1/build_helpers.go | 17 +- controllers/v1beta2/build_helpers.go | 17 +- go.mod | 1 - go.sum | 33 --- internal/harbor/harbor.go | 7 - internal/harbor/harbor21x.go | 274 ------------------- internal/harbor/harbor_credentialrotation.go | 16 +- 7 files changed, 3 insertions(+), 362 deletions(-) delete mode 100644 internal/harbor/harbor21x.go diff --git a/controllers/v1beta1/build_helpers.go b/controllers/v1beta1/build_helpers.go index 8ffabc4b..59a751eb 100644 --- a/controllers/v1beta1/build_helpers.go +++ b/controllers/v1beta1/build_helpers.go @@ -9,7 +9,6 @@ import ( "sort" "strconv" "strings" - "time" corev1 "k8s.io/api/core/v1" rbacv1 "k8s.io/api/rbac/v1" @@ -227,21 +226,7 @@ func (r *LagoonBuildReconciler) getOrCreateNamespace(ctx context.Context, namesp return fmt.Errorf("error creating harbor robot account: %v", err) } } else { - hProject, err := lagoonHarbor.CreateProject(ctx, lagoonBuild.Spec.Project.Name) - if err != nil { - return fmt.Errorf("error creating harbor project: %v", err) - } - // create or refresh the robot credentials - robotCreds, err = lagoonHarbor.CreateOrRefreshRobot(ctx, - r.Client, - hProject, - lagoonBuild.Spec.Project.Environment, - ns, - time.Now().Add(lagoonHarbor.RobotAccountExpiry).Unix(), - false) - if err != nil { - return fmt.Errorf("error creating harbor robot account: %v", err) - } + return fmt.Errorf("harbor versions below v2.2.0 are not supported: %v", err) } // if we have robotcredentials to create, do that here _, err = lagoonHarbor.UpsertHarborSecret(ctx, diff --git a/controllers/v1beta2/build_helpers.go b/controllers/v1beta2/build_helpers.go index 1d07dc85..f00bc367 100644 --- a/controllers/v1beta2/build_helpers.go +++ b/controllers/v1beta2/build_helpers.go @@ -9,7 +9,6 @@ import ( "sort" "strconv" "strings" - "time" corev1 "k8s.io/api/core/v1" rbacv1 "k8s.io/api/rbac/v1" @@ -229,21 +228,7 @@ func (r *LagoonBuildReconciler) getOrCreateNamespace(ctx context.Context, namesp return fmt.Errorf("error creating harbor robot account: %v", err) } } else { - hProject, err := lagoonHarbor.CreateProject(ctx, lagoonBuild.Spec.Project.Name) - if err != nil { - return fmt.Errorf("error creating harbor project: %v", err) - } - // create or refresh the robot credentials - robotCreds, err = lagoonHarbor.CreateOrRefreshRobot(ctx, - r.Client, - hProject, - lagoonBuild.Spec.Project.Environment, - ns, - time.Now().Add(lagoonHarbor.RobotAccountExpiry).Unix(), - false) - if err != nil { - return fmt.Errorf("error creating harbor robot account: %v", err) - } + return fmt.Errorf("harbor versions below v2.2.0 are not supported: %v", err) } // if we have robotcredentials to create, do that here _, err = lagoonHarbor.UpsertHarborSecret(ctx, diff --git a/go.mod b/go.mod index 055b8ee3..929e245f 100644 --- a/go.mod +++ b/go.mod @@ -10,7 +10,6 @@ require ( github.com/hashicorp/go-version v1.6.0 github.com/hashicorp/golang-lru/v2 v2.0.6 github.com/k8up-io/k8up/v2 v2.7.1 - github.com/mittwald/goharbor-client/v3 v3.3.0 github.com/mittwald/goharbor-client/v5 v5.3.1 github.com/onsi/ginkgo v1.16.5 github.com/onsi/gomega v1.29.0 diff --git a/go.sum b/go.sum index 9711aa9a..f3106268 100644 --- a/go.sum +++ b/go.sum @@ -130,8 +130,6 @@ github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmV github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= github.com/asaskevich/govalidator v0.0.0-20180720115003-f9ffefc3facf/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= -github.com/asaskevich/govalidator v0.0.0-20200108200545-475eaeb16496/go.mod h1:oGkLhpf+kjZl6xBf758TQhh5XrAeiJv/7FRz/2spLIg= -github.com/asaskevich/govalidator v0.0.0-20200428143746-21a406dcc535/go.mod h1:oGkLhpf+kjZl6xBf758TQhh5XrAeiJv/7FRz/2spLIg= github.com/asaskevich/govalidator v0.0.0-20200907205600-7a23bdc65eef/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3dyBCFEj5IhUbnKptjxatkF07cF2ak3yi77so= github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= @@ -458,18 +456,13 @@ github.com/go-openapi/analysis v0.0.0-20180825180245-b006789cd277/go.mod h1:k70t github.com/go-openapi/analysis v0.17.0/go.mod h1:IowGgpVeD0vNm45So8nr+IcQ3pxVtpRoBWb8PVZO0ik= github.com/go-openapi/analysis v0.18.0/go.mod h1:IowGgpVeD0vNm45So8nr+IcQ3pxVtpRoBWb8PVZO0ik= github.com/go-openapi/analysis v0.19.2/go.mod h1:3P1osvZa9jKjb8ed2TPng3f0i/UY9snX6gxi44djMjk= -github.com/go-openapi/analysis v0.19.4/go.mod h1:3P1osvZa9jKjb8ed2TPng3f0i/UY9snX6gxi44djMjk= github.com/go-openapi/analysis v0.19.5/go.mod h1:hkEAkxagaIvIP7VTn8ygJNkd4kAYON2rCu0v0ObL0AU= -github.com/go-openapi/analysis v0.19.10/go.mod h1:qmhS3VNFxBlquFJ0RGoDtylO9y4pgTAUNE9AEEMdlJQ= github.com/go-openapi/analysis v0.21.2/go.mod h1:HZwRk4RRisyG8vx2Oe6aqeSQcoxRp47Xkp3+K6q+LdY= github.com/go-openapi/analysis v0.21.4 h1:ZDFLvSNxpDaomuCueM0BlSXxpANBlFYiBvr+GXrvIHc= github.com/go-openapi/analysis v0.21.4/go.mod h1:4zQ35W4neeZTqh3ol0rv/O8JBbka9QyAgQRPp9y3pfo= github.com/go-openapi/errors v0.17.0/go.mod h1:LcZQpmvG4wyF5j4IhA73wkLFQg+QJXOQHVjmcZxhka0= github.com/go-openapi/errors v0.18.0/go.mod h1:LcZQpmvG4wyF5j4IhA73wkLFQg+QJXOQHVjmcZxhka0= github.com/go-openapi/errors v0.19.2/go.mod h1:qX0BLWsyaKfvhluLejVpVNwNRdXZhEbTA4kxxpKBC94= -github.com/go-openapi/errors v0.19.3/go.mod h1:qX0BLWsyaKfvhluLejVpVNwNRdXZhEbTA4kxxpKBC94= -github.com/go-openapi/errors v0.19.6/go.mod h1:cM//ZKUKyO06HSwqAelJ5NsEMMcpa6VpXe8DOa1Mi1M= -github.com/go-openapi/errors v0.19.7/go.mod h1:cM//ZKUKyO06HSwqAelJ5NsEMMcpa6VpXe8DOa1Mi1M= github.com/go-openapi/errors v0.19.8/go.mod h1:cM//ZKUKyO06HSwqAelJ5NsEMMcpa6VpXe8DOa1Mi1M= github.com/go-openapi/errors v0.19.9/go.mod h1:cM//ZKUKyO06HSwqAelJ5NsEMMcpa6VpXe8DOa1Mi1M= github.com/go-openapi/errors v0.20.2/go.mod h1:cM//ZKUKyO06HSwqAelJ5NsEMMcpa6VpXe8DOa1Mi1M= @@ -497,18 +490,13 @@ github.com/go-openapi/loads v0.17.0/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf github.com/go-openapi/loads v0.18.0/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf7AC+0+OOU= github.com/go-openapi/loads v0.19.0/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf7AC+0+OOU= github.com/go-openapi/loads v0.19.2/go.mod h1:QAskZPMX5V0C2gvfkGZzJlINuP7Hx/4+ix5jWFxsNPs= -github.com/go-openapi/loads v0.19.3/go.mod h1:YVfqhUCdahYwR3f3iiwQLhicVRvLlU/WO5WPaZvcvSI= github.com/go-openapi/loads v0.19.4/go.mod h1:zZVHonKd8DXyxyw4yfnVjPzBjIQcLt0CCsn0N0ZrQsk= -github.com/go-openapi/loads v0.19.5/go.mod h1:dswLCAdonkRufe/gSUC3gN8nTSaB9uaS2es0x5/IbjY= github.com/go-openapi/loads v0.21.1/go.mod h1:/DtAMXXneXFjbQMGEtbamCZb+4x7eGwkvZCvBmwUG+g= github.com/go-openapi/loads v0.21.2 h1:r2a/xFIYeZ4Qd2TnGpWDIQNcP80dIaZgf704za8enro= github.com/go-openapi/loads v0.21.2/go.mod h1:Jq58Os6SSGz0rzh62ptiu8Z31I+OTHqmULx5e/gJbNw= github.com/go-openapi/runtime v0.0.0-20180920151709-4f900dc2ade9/go.mod h1:6v9a6LTXWQCdL8k1AO3cvqx5OtZY/Y9wKTgaoP6YRfA= github.com/go-openapi/runtime v0.19.0/go.mod h1:OwNfisksmmaZse4+gpV3Ne9AyMOlP1lt4sK4FXt0O64= github.com/go-openapi/runtime v0.19.4/go.mod h1:X277bwSUBxVlCYR3r7xgZZGKVvBd/29gLDlFGtJ8NL4= -github.com/go-openapi/runtime v0.19.15/go.mod h1:dhGWCTKRXlAfGnQG0ONViOZpjfg0m2gUt9nTQPQZuoo= -github.com/go-openapi/runtime v0.19.16/go.mod h1:5P9104EJgYcizotuXhEuUrzVc+j1RiSjahULvYmlv98= -github.com/go-openapi/runtime v0.19.22/go.mod h1:Lm9YGCeecBnUUkFTxPC4s1+lwrkJ0pthx8YvyjCfkgk= github.com/go-openapi/runtime v0.25.0 h1:7yQTCdRbWhX8vnIjdzU8S00tBYf7Sg71EBeorlPHvhc= github.com/go-openapi/runtime v0.25.0/go.mod h1:Ux6fikcHXyyob6LNWxtE96hWwjBPYF0DXgVFuMTneOs= github.com/go-openapi/spec v0.0.0-20160808142527-6aced65f8501/go.mod h1:J8+jY1nAiCcj+friV/PDoE1/3eeccG9LYBs0tYvLOWc= @@ -517,8 +505,6 @@ github.com/go-openapi/spec v0.18.0/go.mod h1:XkF/MOi14NmjsfZ8VtAKf8pIlbZzyoTvZsd github.com/go-openapi/spec v0.19.2/go.mod h1:sCxk3jxKgioEJikev4fgkNmwS+3kuYdJtcsZsD5zxMY= github.com/go-openapi/spec v0.19.3/go.mod h1:FpwSN1ksY1eteniUU7X0N/BgJ7a4WvBFVA8Lj9mJglo= github.com/go-openapi/spec v0.19.5/go.mod h1:Hm2Jr4jv8G1ciIAo+frC/Ft+rR2kQDh8JHKHb3gWUSk= -github.com/go-openapi/spec v0.19.6/go.mod h1:Hm2Jr4jv8G1ciIAo+frC/Ft+rR2kQDh8JHKHb3gWUSk= -github.com/go-openapi/spec v0.19.8/go.mod h1:Hm2Jr4jv8G1ciIAo+frC/Ft+rR2kQDh8JHKHb3gWUSk= github.com/go-openapi/spec v0.20.4/go.mod h1:faYFR1CvsJZ0mNsmsphTMSoRrNV3TEDoAM7FOEWeq8I= github.com/go-openapi/spec v0.20.6/go.mod h1:2OpW+JddWPrpXSCIX8eOx7lZ5iyuWj3RYR6VaaBKcWA= github.com/go-openapi/spec v0.20.8 h1:ubHmXNY3FCIOinT8RNrrPfGc9t7I1qhPtdOGoG2AxRU= @@ -526,9 +512,7 @@ github.com/go-openapi/spec v0.20.8/go.mod h1:2OpW+JddWPrpXSCIX8eOx7lZ5iyuWj3RYR6 github.com/go-openapi/strfmt v0.17.0/go.mod h1:P82hnJI0CXkErkXi8IKjPbNBM6lV6+5pLP5l494TcyU= github.com/go-openapi/strfmt v0.18.0/go.mod h1:P82hnJI0CXkErkXi8IKjPbNBM6lV6+5pLP5l494TcyU= github.com/go-openapi/strfmt v0.19.0/go.mod h1:+uW+93UVvGGq2qGaZxdDeJqSAqBqBdl+ZPMF/cC8nDY= -github.com/go-openapi/strfmt v0.19.2/go.mod h1:0yX7dbo8mKIvc3XSKp7MNfxw4JytCfCD6+bY1AVL9LU= github.com/go-openapi/strfmt v0.19.3/go.mod h1:0yX7dbo8mKIvc3XSKp7MNfxw4JytCfCD6+bY1AVL9LU= -github.com/go-openapi/strfmt v0.19.4/go.mod h1:eftuHTlB/dI8Uq8JJOyRlieZf+WkkxUuk0dgdHXr2Qk= github.com/go-openapi/strfmt v0.19.5/go.mod h1:eftuHTlB/dI8Uq8JJOyRlieZf+WkkxUuk0dgdHXr2Qk= github.com/go-openapi/strfmt v0.21.0/go.mod h1:ZRQ409bWMj+SOgXofQAGTIo2Ebu72Gs+WaRADcS5iNg= github.com/go-openapi/strfmt v0.21.1/go.mod h1:I/XVKeLc5+MM5oPNN7P6urMOpuLXEcNrCX/rPGuWb0k= @@ -539,8 +523,6 @@ github.com/go-openapi/swag v0.17.0/go.mod h1:AByQ+nYG6gQg71GINrmuDXCPWdL640yX49/ github.com/go-openapi/swag v0.18.0/go.mod h1:AByQ+nYG6gQg71GINrmuDXCPWdL640yX49/kXLo40Tg= github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= -github.com/go-openapi/swag v0.19.7/go.mod h1:ao+8BpOPyKdpQz3AOJfbeEVpLmWAvlT1IfTe5McPyhY= -github.com/go-openapi/swag v0.19.9/go.mod h1:ao+8BpOPyKdpQz3AOJfbeEVpLmWAvlT1IfTe5McPyhY= github.com/go-openapi/swag v0.19.14/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= github.com/go-openapi/swag v0.19.15/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= github.com/go-openapi/swag v0.21.1/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= @@ -548,10 +530,7 @@ github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/ github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= github.com/go-openapi/validate v0.18.0/go.mod h1:Uh4HdOzKt19xGIGm1qHf/ofbX1YQ4Y+MYsct2VUrAJ4= github.com/go-openapi/validate v0.19.2/go.mod h1:1tRCw7m3jtI8eNWEEliiAqUIcBztB2KDnRCRMUi7GTA= -github.com/go-openapi/validate v0.19.3/go.mod h1:90Vh6jjkTn+OT1Eefm0ZixWNFjhtOH7vS9k0lo6zwJo= github.com/go-openapi/validate v0.19.8/go.mod h1:8DJv2CVJQ6kGNpFW6eV9N3JviE1C85nY1c2z52x1Gk4= -github.com/go-openapi/validate v0.19.10/go.mod h1:RKEZTUWDkxKQxN2jDT7ZnZi2bhZlbNMAuKvKB+IaGx8= -github.com/go-openapi/validate v0.19.11/go.mod h1:Rzou8hA/CBw8donlS6WNEUQupNvUZ0waH08tGe6kAQ4= github.com/go-openapi/validate v0.22.1 h1:G+c2ub6q47kfX1sOBLwIQwzBVt8qmOAARyo/9Fqs9NU= github.com/go-openapi/validate v0.22.1/go.mod h1:rjnrwK57VJ7A8xqfpAOEKRH8yQSGUriMu5/zuPSQ1hg= github.com/go-playground/locales v0.13.0/go.mod h1:taPMhCMXrRLJO55olJkUXHZBHCxTMfnGwq/HNwmWNS8= @@ -845,7 +824,6 @@ github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/klauspost/compress v1.4.0/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A= github.com/klauspost/compress v1.4.1/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A= -github.com/klauspost/compress v1.9.5/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A= github.com/klauspost/compress v1.11.3/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= github.com/klauspost/compress v1.11.13/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= github.com/klauspost/compress v1.13.6/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= @@ -882,7 +860,6 @@ github.com/mailru/easyjson v0.0.0-20190312143242-1de009706dbe/go.mod h1:C1wdFJiN github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.7.0/go.mod h1:KAzv3t3aY1NaHWoQz1+4F1ccyAH66Jk7yos7ldAVICs= -github.com/mailru/easyjson v0.7.1/go.mod h1:KAzv3t3aY1NaHWoQz1+4F1ccyAH66Jk7yos7ldAVICs= github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= @@ -931,7 +908,6 @@ github.com/mitchellh/gox v0.4.0/go.mod h1:Sd9lOJ0+aimLBi73mGofS1ycjY8lL3uZM3JPS4 github.com/mitchellh/iochan v1.0.0/go.mod h1:JwYml1nuB7xOzsp52dPpHFffvOCDupsG0QubkSMEySY= github.com/mitchellh/mapstructure v0.0.0-20160808181253-ca63d7c062ee/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= -github.com/mitchellh/mapstructure v1.3.2/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/mapstructure v1.3.3/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/mapstructure v1.4.1/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= @@ -1069,7 +1045,6 @@ github.com/pborman/uuid v1.2.0/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtP github.com/pborman/uuid v1.2.1 h1:+ZZIw58t/ozdjRaXh/3awHfmWRbzYxJoAdNJxe/3pvw= github.com/pborman/uuid v1.2.1/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtPdI/k= github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= -github.com/pelletier/go-toml v1.4.0/go.mod h1:PN7xzY2wHTK0K9p34ErDQMlFxa51Fk0OUruD3k1mMwo= github.com/pelletier/go-toml v1.7.0/go.mod h1:vwGMzjaWMwyfHwgIBhI2YUM4fB6nL6lVAvS1LBMMhTE= github.com/pelletier/go-toml v1.8.1/go.mod h1:T2/BmBdy8dvIRq1a/8aqjN41wvWlN4lrapLU/GW4pbc= github.com/pelletier/go-toml v1.9.3/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= @@ -1163,8 +1138,6 @@ github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAm github.com/sergi/go-diff v1.1.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= github.com/shirou/gopsutil v0.0.0-20190901111213-e4ec7b275ada/go.mod h1:WWnYX4lzhCH5h/3YBfyVA3VbLYjlMZZAQcW9ojMexNc= github.com/shirou/w32 v0.0.0-20160930032740-bb4de0191aa4/go.mod h1:qsXQc7+bwAM3Q1u/4XEfrquwF8Lw7D7y5cD8CuHnfIc= -github.com/shreddedbacon/goharbor-client/v3 v3.0.0-20210618042159-ceb1f437ad75 h1:Qk4BJhm8cnP2WCIW6gpqBDyYwN/bqzqhjyHoGttFkgc= -github.com/shreddedbacon/goharbor-client/v3 v3.0.0-20210618042159-ceb1f437ad75/go.mod h1:B6DcW8mCOdRr3gYxZ5OIaM5S3P89VBNadTtrgunAj5Q= github.com/shurcooL/go v0.0.0-20180423040247-9e1955d9fb6e/go.mod h1:TDJrrUr11Vxrven61rcy3hJMUqaf/CLWYhHNPmT14Lk= github.com/shurcooL/go-goon v0.0.0-20170922171312-37c2f522c041/go.mod h1:N5mDOmsrJOB+vfqUK+7DmDyjhSLIIBnXo9lvZJj3MWQ= github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= @@ -1279,8 +1252,6 @@ github.com/xdg-go/scram v1.0.2/go.mod h1:1WAq6h33pAW+iRreB34OORO2Nf7qel3VV3fjBj+ github.com/xdg-go/scram v1.1.1/go.mod h1:RaEWvsqvNKKvBPvcKeFjrG2cJqOkHTiyTpzz23ni57g= github.com/xdg-go/stringprep v1.0.2/go.mod h1:8F9zXuvzgwmyT5DUm4GUfZGDdT3W+LCvS6+da4O5kxM= github.com/xdg-go/stringprep v1.0.3/go.mod h1:W3f5j4i+9rC0kuIEJL0ky1VpHXQU3ocBgklLGvcBnW8= -github.com/xdg/scram v0.0.0-20180814205039-7eeb5667e42c/go.mod h1:lB8K/P019DLNhemzwFU4jHLhdvlE6uDZjXFejJXr49I= -github.com/xdg/stringprep v0.0.0-20180714160509-73f8eece6fdc/go.mod h1:Jhud4/sHMO4oL310DaZAKk9ZaJ08SJfe+sJh0HrGL1Y= github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= github.com/xeipuuv/gojsonschema v0.0.0-20180618132009-1d523034197f/go.mod h1:5yf86TLmAcydyeJq5YvxkGPE2fm/u4myDekKRoLuqhs= @@ -1316,8 +1287,6 @@ go.etcd.io/etcd/server/v3 v3.5.0/go.mod h1:3Ah5ruV+M+7RZr0+Y/5mNLwC+eQlni+mQmOVd go.mongodb.org/mongo-driver v1.0.3/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM= go.mongodb.org/mongo-driver v1.1.1/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM= go.mongodb.org/mongo-driver v1.1.2/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM= -go.mongodb.org/mongo-driver v1.3.0/go.mod h1:MSWZXKOynuguX+JSvwP8i+58jYCXxbia8HS3gZBapIE= -go.mongodb.org/mongo-driver v1.3.4/go.mod h1:MSWZXKOynuguX+JSvwP8i+58jYCXxbia8HS3gZBapIE= go.mongodb.org/mongo-driver v1.7.3/go.mod h1:NqaYOwnXWr5Pm7AOpO5QFxKJ503nbMse/R79oO62zWg= go.mongodb.org/mongo-driver v1.7.5/go.mod h1:VXEWRZ6URJIkUq2SCAyapmhH0ZLRBP+FT4xhp5Zvxng= go.mongodb.org/mongo-driver v1.10.0/go.mod h1:wsihk0Kdgv8Kqu1Anit4sfK+22vSFbUrAVEYRhCXrA8= @@ -1403,7 +1372,6 @@ golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACk golang.org/x/crypto v0.0.0-20190320223903-b7391e95e576/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190422162423-af44ce270edf/go.mod h1:WFFai1msRO1wXaEeE5yQxYXgSfI8pQAWXbQop6sCtWE= golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190530122614-20be4c3c3ed5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190617133340-57b3e21c3d56/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= @@ -1506,7 +1474,6 @@ golang.org/x/net v0.0.0-20200506145744-7e3656a0809f/go.mod h1:qpuaurCH72eLCgpAm/ golang.org/x/net v0.0.0-20200513185701-a91f0712d120/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20200520182314-0ba52f642ac2/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200602114024-627f9648deb9/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= diff --git a/internal/harbor/harbor.go b/internal/harbor/harbor.go index f26bc62c..c7006d0b 100644 --- a/internal/harbor/harbor.go +++ b/internal/harbor/harbor.go @@ -6,7 +6,6 @@ import ( "time" "github.com/go-logr/logr" - harborclientv3 "github.com/mittwald/goharbor-client/v3/apiv2" harborclientv5 "github.com/mittwald/goharbor-client/v5/apiv2" "github.com/mittwald/goharbor-client/v5/apiv2/pkg/config" @@ -22,7 +21,6 @@ type Harbor struct { Username string Password string Log logr.Logger - ClientV3 *harborclientv3.RESTClient ClientV5 *harborclientv5.RESTClient DeleteDisabled bool WebhookAddition bool @@ -46,11 +44,6 @@ func New(harbor Harbor) (*Harbor, error) { if harbor.TLSSkipVerify { http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{InsecureSkipVerify: true} } - c, err := harborclientv3.NewRESTClientForHost(harbor.API, harbor.Username, harbor.Password) - if err != nil { - return nil, err - } - harbor.ClientV3 = c harbor.Config = &config.Options{ Page: 1, PageSize: 100, diff --git a/internal/harbor/harbor21x.go b/internal/harbor/harbor21x.go deleted file mode 100644 index a1025655..00000000 --- a/internal/harbor/harbor21x.go +++ /dev/null @@ -1,274 +0,0 @@ -package harbor - -import ( - "context" - "encoding/json" - "fmt" - "time" - - harborclientv3model "github.com/mittwald/goharbor-client/v3/apiv2/model" - harborclientv3legacy "github.com/mittwald/goharbor-client/v3/apiv2/model/legacy" - "github.com/uselagoon/remote-controller/internal/helpers" - corev1 "k8s.io/api/core/v1" - "k8s.io/apimachinery/pkg/types" - "sigs.k8s.io/controller-runtime/pkg/client" -) - -// CreateProject will create a project if one doesn't exist, but will update as required. -func (h *Harbor) CreateProject(ctx context.Context, projectName string) (*harborclientv3model.Project, error) { - project, err := h.ClientV3.GetProjectByName(ctx, projectName) - if err != nil { - if err.Error() == "project not found on server side" || err.Error() == "resource unknown" { - project, err = h.ClientV3.NewProject(ctx, projectName, helpers.Int64Ptr(-1)) - if err != nil { - h.Log.Info(fmt.Sprintf("Error creating project %s", projectName)) - return nil, err - } - time.Sleep(1 * time.Second) // wait 1 seconds - tStr := "true" - err = h.ClientV3.UpdateProject(ctx, &harborclientv3model.Project{ - Name: projectName, - ProjectID: project.ProjectID, - Metadata: &harborclientv3model.ProjectMetadata{ - AutoScan: &tStr, - ReuseSysCveAllowlist: &tStr, - Public: "false", - }, - }, helpers.Int64Ptr(-1)) - if err != nil { - h.Log.Info(fmt.Sprintf("Error updating project %s", projectName)) - return nil, err - } - time.Sleep(1 * time.Second) // wait 1 seconds - project, err = h.ClientV3.GetProjectByName(ctx, projectName) - if err != nil { - h.Log.Info(fmt.Sprintf("Error getting project after updating %s", projectName)) - return nil, err - } - h.Log.Info(fmt.Sprintf("Created harbor project %s", projectName)) - } else { - h.Log.Info(fmt.Sprintf("Error finding project %s", projectName)) - return nil, err - } - } - - // TODO: Repository support not required yet - // this is a place holder - // w, err := h.ClientV3.ListRepositories(ctx, project) - // if err != nil { - // return nil, err - // } - // for _, x := range w { - // fmt.Println(x) - // } - - if h.WebhookAddition { - wps, err := h.ClientV3.ListProjectWebhookPolicies(ctx, project) - if err != nil { - h.Log.Info(fmt.Sprintf("Error listing project %s webhooks", project.Name)) - return nil, err - } - exists := false - for _, wp := range wps { - // if the webhook policy already exists with the name we want - // then update it with any changes that may be required - if wp.Name == "Lagoon Default Webhook" { - exists = true - newPolicy := &harborclientv3legacy.WebhookPolicy{ - Name: wp.Name, - ProjectID: int64(project.ProjectID), - Enabled: true, - Targets: []*harborclientv3legacy.WebhookTargetObject{ - { - Type: "http", - SkipCertVerify: true, - Address: h.WebhookURL, - }, - }, - EventTypes: h.WebhookEventTypes, - } - err = h.ClientV3.UpdateProjectWebhookPolicy(ctx, project, int(wp.ID), newPolicy) - if err != nil { - h.Log.Info(fmt.Sprintf("Error updating project %s webhook", project.Name)) - return nil, err - } - } - } - if !exists { - // otherwise create the webhook if it doesn't exist - newPolicy := &harborclientv3legacy.WebhookPolicy{ - Name: "Lagoon Default Webhook", - ProjectID: int64(project.ProjectID), - Enabled: true, - Targets: []*harborclientv3legacy.WebhookTargetObject{ - { - Type: "http", - SkipCertVerify: true, - Address: h.WebhookURL, - }, - }, - EventTypes: h.WebhookEventTypes, - } - err = h.ClientV3.AddProjectWebhookPolicy(ctx, project, newPolicy) - if err != nil { - h.Log.Info(fmt.Sprintf("Error adding project %s webhook", project.Name)) - return nil, err - } - } - } - return project, nil -} - -// CreateOrRefreshRobot will create or refresh a robot account and return the credentials if needed. -func (h *Harbor) CreateOrRefreshRobot(ctx context.Context, - k8s client.Client, - project *harborclientv3model.Project, - environmentName, namespace string, - expiry int64, - force bool, -) (*helpers.RegistryCredentials, error) { - - // create a cluster specific robot account name - robotName := fmt.Sprintf("%s-%s", environmentName, helpers.HashString(h.LagoonTargetName)[0:8]) - - robots, err := h.ClientV3.ListProjectRobots( - ctx, - project, - ) - if err != nil { - h.Log.Info(fmt.Sprintf("Error listing project %s robot accounts", project.Name)) - return nil, err - } - exists := false - deleted := false - forceRecreate := false - secret := &corev1.Secret{} - err = k8s.Get(ctx, types.NamespacedName{ - Namespace: namespace, - Name: "lagoon-internal-registry-secret", - }, secret) - if err != nil { - // the lagoon registry secret doesn't exist, force re-create the robot account - forceRecreate = true - } - // check if the secret contains the .dockerconfigjson data - if secretData, ok := secret.Data[".dockerconfigjson"]; ok { - auths := helpers.Auths{} - // unmarshal it - if err := json.Unmarshal(secretData, &auths); err != nil { - return nil, fmt.Errorf("could not unmarshal Harbor RobotAccount credential") - } - // set the force recreate robot account flag here - forceRecreate = true - // if the defined regional harbor key exists using the hostname then set the flag to false - // if the account is set to expire, the loop below will catch it for us - // just the hostname, as this is what all new robot accounts are created with - if _, ok := auths.Registries[h.Hostname]; ok { - forceRecreate = false - } - } - for _, robot := range robots { - if h.matchRobotAccount(robot.Name, environmentName) { - exists = true - if forceRecreate || force { - // if the secret doesn't exist in kubernetes, then force re-creation of the robot - // account is required, as there isn't a way to get the credentials after - // robot accounts are created - h.Log.Info(fmt.Sprintf("Kubernetes secret doesn't exist, robot account %s needs to be re-created", robot.Name)) - err := h.ClientV3.DeleteProjectRobot( - ctx, - project, - int(robot.ID), - ) - if err != nil { - h.Log.Info(fmt.Sprintf("Error deleting project %s robot account %s", project.Name, robot.Name)) - return nil, err - } - deleted = true - continue - } - if robot.Disabled && h.DeleteDisabled { - // if accounts are disabled, and deletion of disabled accounts is enabled - // then this will delete the account to get re-created - h.Log.Info(fmt.Sprintf("Harbor robot account %s disabled, deleting it", robot.Name)) - err := h.ClientV3.DeleteProjectRobot( - ctx, - project, - int(robot.ID), - ) - if err != nil { - h.Log.Info(fmt.Sprintf("Error deleting project %s robot account %s", project.Name, robot.Name)) - return nil, err - } - deleted = true - continue - } - if h.shouldRotate(robot.CreationTime, h.RotateInterval) { - // this forces a rotation after a certain period, whether its expiring or already expired. - h.Log.Info(fmt.Sprintf("Harbor robot account %s should rotate, deleting it", robot.Name)) - err := h.ClientV3.DeleteProjectRobot( - ctx, - project, - int(robot.ID), - ) - if err != nil { - h.Log.Info(fmt.Sprintf("Error deleting project %s robot account %s", project.Name, robot.Name)) - return nil, err - } - deleted = true - continue - } - if h.expiresSoon(robot.ExpiresAt, h.ExpiryInterval) { - // if the account is about to expire, then refresh the credentials - h.Log.Info(fmt.Sprintf("Harbor robot account %s expires soon, deleting it", robot.Name)) - err := h.ClientV3.DeleteProjectRobot( - ctx, - project, - int(robot.ID), - ) - if err != nil { - h.Log.Info(fmt.Sprintf("Error deleting project %s robot account %s", project.Name, robot.Name)) - return nil, err - } - deleted = true - continue - } - } - } - if !exists || deleted { - // if it doesn't exist, or was deleted - // create a new robot account - h.Log.Info(fmt.Sprintf("Created robot account %s", h.generateRobotWithPrefix(robotName))) - return h.CreateRobotAccount(ctx, robotName, project, expiry) - } - return nil, err -} - -func (h *Harbor) CreateRobotAccount(ctx context.Context, robotName string, project *harborclientv3model.Project, expiryDays int64) (*helpers.RegistryCredentials, error) { - token, err := h.ClientV3.AddProjectRobot( - ctx, - project, - &harborclientv3legacy.RobotAccountCreate{ - Name: robotName, - Description: fmt.Sprintf("Robot account created in %s", h.LagoonTargetName), - ExpiresAt: expiryDays, - Access: []*harborclientv3legacy.RobotAccountAccess{ - {Action: "push", Resource: fmt.Sprintf("/project/%d/repository", project.ProjectID)}, - {Action: "pull", Resource: fmt.Sprintf("/project/%d/repository", project.ProjectID)}, - }, - }, - ) - if err != nil { - h.Log.Info(fmt.Sprintf("Error adding project %s robot account %s", project.Name, robotName)) - return nil, err - } - // then craft and return the harbor credential secret - harborRegistryCredentials := makeHarborSecret( - robotAccountCredential{ - Token: token, - Name: h.generateRobotWithPrefix(robotName), - }, - ) - h.Log.Info(fmt.Sprintf("Created robot account %s", h.generateRobotWithPrefix(robotName))) - return &harborRegistryCredentials, nil -} diff --git a/internal/harbor/harbor_credentialrotation.go b/internal/harbor/harbor_credentialrotation.go index 01d1f82f..8408e338 100644 --- a/internal/harbor/harbor_credentialrotation.go +++ b/internal/harbor/harbor_credentialrotation.go @@ -87,21 +87,7 @@ func (h *Harbor) RotateRobotCredential(ctx context.Context, cl client.Client, ns return false, fmt.Errorf("error getting or creating robot account: %v", err) } } else { - hProject, err := h.CreateProject(ctx, ns.Labels["lagoon.sh/project"]) - if err != nil { - return false, fmt.Errorf("error getting or creating project: %v", err) - } - time.Sleep(1 * time.Second) // wait 1 seconds - robotCreds, err = h.CreateOrRefreshRobot(ctx, - cl, - hProject, - ns.Labels["lagoon.sh/environment"], - ns.ObjectMeta.Name, - time.Now().Add(h.RobotAccountExpiry).Unix(), - force) - if err != nil { - return false, fmt.Errorf("error getting or creating robot account: %v", err) - } + return false, fmt.Errorf("Harbor versions below v2.2.0 are not supported: %v", err) } time.Sleep(1 * time.Second) // wait 1 seconds