Merge remote-tracking branch 'harbor/master'

jinghunao · May 17, 2016 · 9170581 · 9170581
2 parents 9ea0d51 + 2597041
commit 9170581
Show file tree

Hide file tree

Showing 14 changed files with 369 additions and 174 deletions.
diff --git a/Deploy/db/registry.sql b/Deploy/db/registry.sql
@@ -39,7 +39,7 @@ insert into role (role_code, name) values
 create table user (
  user_id int NOT NULL AUTO_INCREMENT,
  username varchar(15),
- email varchar(30),
+ email varchar(128),
  password varchar(40) NOT NULL,
  realname varchar (20) NOT NULL,
  comment varchar (30),

diff --git a/Deploy/templates/ui/app.conf b/Deploy/templates/ui/app.conf
@@ -2,8 +2,8 @@ appname = registry
 runmode = dev
 
 [lang]
-types = en-US|zh-CN|de-DE
-names = en-US|zh-CN|de-DE
+types = en-US|zh-CN|de-DE|ru-RU
+names = en-US|zh-CN|de-DE|ru-RU
 
 [dev]
 httpport = 80

diff --git a/README.md b/README.md
@@ -6,22 +6,21 @@
 
 > Project Harbor is initiated by VMware China R&D as a Cloud Application Accelerator (CAA) project. CAA provides a set of tools to improve the productivity of cloud developers in China and other countries. CAA includes tools like registry server, mirror server, decentralized image distributor, etc.
 
-Project Harbor is an enterprise-class registry server. It extends the open source Docker Registry server by adding more functionalities usually required by an enterprise. Harbor is designed to be deployed in a private environment of an organization. A private registry is important for organizations who care much about security. In addition, a private registry improves productivity by eliminating the need to download images from the public network. This is very helpful to container users who do not have a good network to the Internet. 
+Project Harbor is an enterprise-class registry server, which extends the open source Docker Registry server by adding the functionality usually required by an enterprise, such as security, control, and management. Harbor is primarily designed to be a private registry - providing the needed security and control that enterprises require.  It also helps minimize bandwidth usage, which is helpful to both improve productivity (local network access) as well as performance (for those with poor internet connectivity).
 
 ### Features
 * **Role Based Access Control**: Users and docker repositories are organized via "projects", a user can have different permission for images under a namespace.
 * **Graphical user portal**: User can easily browse, search docker repositories, manage projects/namespaces.
-* **AD/LDAP support**: Harbor integrates with existing AD/LDAP of the enterprise for user authentication and management.
-* **Auditing**: All the operations to the repositories are tracked and can be used for auditing purpose.
-* **Internationalization**: Localized for English, Chinese and German languages. More languages can be added.
-* **RESTful API**: RESTful APIs are provided for most administrative operations of Harbor. The integration with other management softwares becomes easy.
+* **AD/LDAP support**: Harbor integrates with existing enterprise AD/LDAP for user authentication and management.
+* **Auditing**: All the operations to the repositories are tracked.
+* **Internationalization**: Already Localized for English, Chinese and German. More languages can be added.
+* **RESTful API**: RESTful APIs for most administrative operations, easing intergration with external management platforms.
 
 ### Getting Started
-Harbor is self-contained and can be easily deployed via docker-compose. The below are quick-start steps. Refer to the [Installation and Configuration Guide](docs/installation_guide.md) for detail information.  
+Harbor is self-contained and can be easily deployed via docker-compose (Quick-Start steps below). Refer to the [Installation and Configuration Guide](docs/installation_guide.md) for detailed information.  
 
 **System requirements:**  
-Harbor only works with docker 1.10+ and docker-compose 1.6.0+ .
-The host must be connected to the Internet.
+Harbor only works with docker 1.10+ and docker-compose 1.6.0+, and an internet-connected host
 
 1. Get the source code:
 
@@ -31,7 +30,7 @@ The host must be connected to the Internet.
 2. Edit the file **Deploy/harbor.cfg**, make necessary configuration changes such as hostname, admin password and mail server. Refer to [Installation and Configuration Guide](docs/installation_guide.md) for more info.  
 
 
-3. Install Harbor by the following commands. It may take a while for the docker-compose process to finish.
+3. Install Harbor with the following commands. Note that the docker-compose process can take a while!
     ```sh
     $ cd Deploy
     
@@ -44,21 +43,21 @@ The host must be connected to the Internet.
     $ docker-compose up
     ```
 
-If everything works fine, you can open a browser to visit the admin portal at http://reg.yourdomain.com . The default administrator username and password are admin/Harbor12345 .
+_If everything worked properly, you should be able to open a browser to visit the admin portal at http://reg.yourdomain.com . Note that the default administrator username/password are admin/Harbor12345 ._
 
-Log in to the admin portal and create a new project, e.g. myproject. You can then use docker commands to login and push images. The default port of Harbor registry server is 80:
+Log in to the admin portal and create a new project, e.g. `myproject`. You can then use docker commands to login and push images (By default, the registry server listens on port 80):
 ```sh
 $ docker login reg.yourdomain.com
 $ docker push reg.yourdomain.com/myproject/myrepo
 ```
 
 **NOTE:**  
-To simplify the installation process, a pre-built installation package of Harbor is provided so that you don't need to clone the source code. By using this package, you can even install Harbor onto a host that is not connected to the Internet. For details on how to download and use this installation package, please refer to [Installation and Configuration Guide](docs/installation_guide.md) .
+For those who don't want to clone the source, or need to install Harbor on a server not connected to the Internet - there is a pre-built installation package available. For details on how to download and use this installation package, please refer to [Installation and Configuration Guide](docs/installation_guide.md) .
 
 For information on how to use Harbor, please see [User Guide](docs/user_guide.md) .
 
 ### Deploy Harbor on Kubernetes
-Detailed instruction about deploying Harbor on Kubernetes is described [here](docs/kubernetes_deployment.md).
+Detailed instruction about deploying Harbor on Kubernetes is available [here](docs/kubernetes_deployment.md).
 
 ### Contribution
 We welcome contributions from the community. If you wish to contribute code and you have not signed our contributor license agreement (CLA), our bot will update the issue when you open a pull request. For any questions about the CLA process, please refer to our [FAQ](https://cla.vmware.com/faq).

diff --git a/api/repository.go b/api/repository.go
@@ -29,7 +29,6 @@ import (
 	svc_utils "github.com/vmware/harbor/service/utils"
 	"github.com/vmware/harbor/utils/log"
 	"github.com/vmware/harbor/utils/registry"
-	"github.com/vmware/harbor/utils/registry/auth"
 	"github.com/vmware/harbor/utils/registry/errors"
 )
 
@@ -39,22 +38,12 @@ import (
 // the security of registry
 type RepositoryAPI struct {
 	BaseAPI
-	userID   int
-	username string
+	userID int
 }
 
 // Prepare will set a non existent user ID in case the request tries to view repositories under a project he doesn't has permission.
 func (ra *RepositoryAPI) Prepare() {
-	userID, ok := ra.GetSession("userId").(int)
-	if !ok {
-		userID = dao.NonExistUserID
-	}
-	ra.userID = userID
-
-	username, ok := ra.GetSession("username").(string)
-	if ok {
-		ra.username = username
-	}
+	ra.userID = ra.ValidateUser()
 }
 
 // Get ...
@@ -250,29 +239,15 @@ func (ra *RepositoryAPI) GetManifests() {
 }
 
 func (ra *RepositoryAPI) initializeRepositoryClient(repoName string) (r *registry.Repository, err error) {
-	endpoint := os.Getenv("REGISTRY_URL")
-
-	//no session, use basic auth
-	if ra.userID == dao.NonExistUserID {
-		username, password, _ := ra.Ctx.Request.BasicAuth()
-		credential := auth.NewBasicAuthCredential(username, password)
-
-		return registry.NewRepositoryWithCredential(repoName, endpoint, credential)
-
+	u := models.User{
+		UserID: ra.userID,
 	}
-
-	//session exists, use username
-	if len(ra.username) == 0 {
-		u := models.User{
-			UserID: ra.userID,
-		}
-		user, err := dao.GetUser(u)
-		if err != nil {
-			return nil, err
-		}
-
-		ra.username = user.Username
+	user, err := dao.GetUser(u)
+	if err != nil {
+		return nil, err
 	}
 
-	return registry.NewRepositoryWithUsername(repoName, endpoint, ra.username)
+	endpoint := os.Getenv("REGISTRY_URL")
+
+	return registry.NewRepositoryWithUsername(repoName, endpoint, user.Username)
 }
diff --git a/controllers/login.go b/controllers/login.go
@@ -69,7 +69,7 @@ func (c *CommonController) Login() {
 // SwitchLanguage handles UI request to switch between different languages and re-render template based on language.
 func (c *CommonController) SwitchLanguage() {
 	lang := c.GetString("lang")
-	if lang == "en-US" || lang == "zh-CN" || lang == "de-DE" {
+	if lang == "en-US" || lang == "zh-CN" || lang == "de-DE" || lang == "ru-RU" {
 		c.SetSession("lang", lang)
 		c.Data["Lang"] = lang
 	}