diff --git a/registry/app/api/controller/metadata/base.go b/registry/app/api/controller/metadata/base.go index 423bc61a1e..6a59a371be 100644 --- a/registry/app/api/controller/metadata/base.go +++ b/registry/app/api/controller/metadata/base.go @@ -315,9 +315,13 @@ func CreateUpstreamProxyResponseJSONResponse(upstreamproxy *types.UpstreamProxy) if api.AuthType(upstreamproxy.RepoAuthType) == api.AuthTypeUserPassword { auth := api.UserPassword{} auth.UserName = upstreamproxy.UserName - // FIXME: Mask this password. - auth.SecretIdentifier = &upstreamproxy.SecretIdentifier - auth.SecretSpaceId = &upstreamproxy.SecretSpaceID + auth.SecretIdentifier = &upstreamproxy.SecretIdentifier.String + auth.SecretSpaceId = nil + if upstreamproxy.SecretSpaceID.Valid { + // Convert int32 to int and assign to the expected field + secretSpaceID := int(upstreamproxy.SecretSpaceID.Int32) + auth.SecretSpaceId = &secretSpaceID + } _ = configAuth.FromUserPassword(auth) } diff --git a/registry/app/api/controller/metadata/utils.go b/registry/app/api/controller/metadata/utils.go index 2f8d998b0f..a8bf0958fd 100644 --- a/registry/app/api/controller/metadata/utils.go +++ b/registry/app/api/controller/metadata/utils.go @@ -156,11 +156,12 @@ func ValidateIdentifier(identifier string) error { } func ValidateUpstream(config *api.RegistryConfig) error { - if !commons.IsEmpty(config.Type) && config.Type == api.RegistryTypeUPSTREAM { - upstreamConfig, err := config.AsUpstreamConfig() - if err != nil { - return err - } + upstreamConfig, err := config.AsUpstreamConfig() + if err != nil { + return err + } + if !commons.IsEmpty(config.Type) && config.Type == api.RegistryTypeUPSTREAM && + *upstreamConfig.Source != api.UpstreamConfigSourceDockerhub { if commons.IsEmpty(upstreamConfig.Url) { return errors.New("URL is required for upstream repository") } diff --git a/registry/app/remote/adapter/native/adapter.go b/registry/app/remote/adapter/native/adapter.go index cc5f2da1a6..f7499816c9 100644 --- a/registry/app/remote/adapter/native/adapter.go +++ b/registry/app/remote/adapter/native/adapter.go @@ -71,7 +71,16 @@ func getPwd( ) string { password := "" if api.AuthType(reg.RepoAuthType) == api.AuthTypeUserPassword { - secret, err := secretStore.FindByIdentifier(ctx, int64(reg.SecretSpaceID), reg.SecretIdentifier) + secretSpaceID := int64(0) + if reg.SecretSpaceID.Valid { + secretSpaceID = int64(reg.SecretSpaceID.Int32) + } + + secretIdentifier := "" + if reg.SecretIdentifier.Valid { + secretIdentifier = reg.SecretIdentifier.String + } + secret, err := secretStore.FindByIdentifier(ctx, secretSpaceID, secretIdentifier) if err != nil { log.Error().Msgf("failed to find secret: %v", err) } diff --git a/registry/app/store/database/artifact.go b/registry/app/store/database/artifact.go index 7a9bea5f4b..993ab91538 100644 --- a/registry/app/store/database/artifact.go +++ b/registry/app/store/database/artifact.go @@ -286,7 +286,7 @@ func (a ArtifactDao) mapToInternalArtifact(ctx context.Context, in *types.Artifa ID: in.ID, Name: in.Name, RegistryID: in.RegistryID, - Labels: getEmptySQLString(util.ArrToString(in.Labels)), + Labels: util.GetEmptySQLString(util.ArrToString(in.Labels)), Enabled: in.Enabled, CreatedAt: in.CreatedAt.UnixMilli(), UpdatedAt: in.UpdatedAt.UnixMilli(), diff --git a/registry/app/store/database/registry.go b/registry/app/store/database/registry.go index ab477a7df3..d12d9977bc 100644 --- a/registry/app/store/database/registry.go +++ b/registry/app/store/database/registry.go @@ -376,13 +376,13 @@ func mapToInternalRegistry(ctx context.Context, in *types.Registry) *registryDB Name: in.Name, ParentID: in.ParentID, RootParentID: in.RootParentID, - Description: getEmptySQLString(in.Description), + Description: util.GetEmptySQLString(in.Description), Type: in.Type, PackageType: in.PackageType, - UpstreamProxies: getEmptySQLString(util.Int64ArrToString(in.UpstreamProxies)), - AllowedPattern: getEmptySQLString(util.ArrToString(in.AllowedPattern)), - BlockedPattern: getEmptySQLString(util.ArrToString(in.BlockedPattern)), - Labels: getEmptySQLString(util.ArrToString(in.Labels)), + UpstreamProxies: util.GetEmptySQLString(util.Int64ArrToString(in.UpstreamProxies)), + AllowedPattern: util.GetEmptySQLString(util.ArrToString(in.AllowedPattern)), + BlockedPattern: util.GetEmptySQLString(util.ArrToString(in.BlockedPattern)), + Labels: util.GetEmptySQLString(util.ArrToString(in.Labels)), CreatedAt: in.CreatedAt.UnixMilli(), UpdatedAt: in.UpdatedAt.UnixMilli(), CreatedBy: in.CreatedBy, @@ -390,13 +390,6 @@ func mapToInternalRegistry(ctx context.Context, in *types.Registry) *registryDB } } -func getEmptySQLString(str string) sql.NullString { - if commons.IsEmpty(str) { - return sql.NullString{String: str, Valid: false} - } - return sql.NullString{String: str, Valid: true} -} - func (r registryDao) Delete(ctx context.Context, parentID int64, name string) (err error) { stmt := databaseg.Builder.Delete("registries"). Where("registry_parent_id = ? AND registry_name = ?", parentID, name) diff --git a/registry/app/store/database/tag.go b/registry/app/store/database/tag.go index 928a107089..56f4e74c3d 100644 --- a/registry/app/store/database/tag.go +++ b/registry/app/store/database/tag.go @@ -374,7 +374,7 @@ func (t tagDao) GetAllArtifactsByParentID( if len(labels) > 0 { sort.Strings(labels) - labelsVal := getEmptySQLString(util.ArrToString(labels)) + labelsVal := util.GetEmptySQLString(util.ArrToString(labels)) labelsVal.String = labelSeparatorStart + labelsVal.String + labelSeparatorEnd q = q.Where("'^_' || ar.artifact_labels || '^_' LIKE ?", labelsVal) @@ -430,7 +430,7 @@ func (t tagDao) CountAllArtifactsByParentID( if len(labels) > 0 { sort.Strings(labels) - labelsVal := getEmptySQLString(util.ArrToString(labels)) + labelsVal := util.GetEmptySQLString(util.ArrToString(labels)) labelsVal.String = labelSeparatorStart + labelsVal.String + labelSeparatorEnd q = q.Where("'^_' || ar.artifact_labels || '^_' LIKE ?", labelsVal) } @@ -645,7 +645,7 @@ func (t tagDao) GetAllArtifactsByRepo( if len(labels) > 0 { sort.Strings(labels) - labelsVal := getEmptySQLString(util.ArrToString(labels)) + labelsVal := util.GetEmptySQLString(util.ArrToString(labels)) labelsVal.String = labelSeparatorStart + labelsVal.String + labelSeparatorEnd q = q.Where("'^_' || ar.artifact_labels || '^_' LIKE ?", labelsVal) } @@ -691,7 +691,7 @@ func (t tagDao) CountAllArtifactsByRepo( if len(labels) > 0 { sort.Strings(labels) - labelsVal := getEmptySQLString(util.ArrToString(labels)) + labelsVal := util.GetEmptySQLString(util.ArrToString(labels)) labelsVal.String = labelSeparatorStart + labelsVal.String + labelSeparatorEnd q = q.Where("'^_' || ar.artifact_labels || '^_' LIKE ?", labelsVal) } diff --git a/registry/app/store/database/upstream_proxy.go b/registry/app/store/database/upstream_proxy.go index 1480446fa9..baa961d3b7 100644 --- a/registry/app/store/database/upstream_proxy.go +++ b/registry/app/store/database/upstream_proxy.go @@ -48,19 +48,19 @@ func NewUpstreamproxyDao(db *sqlx.DB, registryDao store.RegistryRepository) stor // upstreamProxyConfigDB holds the record of an upstream_proxy_config in DB. type upstreamProxyConfigDB struct { - ID int64 `db:"upstream_proxy_config_id"` - RegistryID int64 `db:"upstream_proxy_config_registry_id"` - Source string `db:"upstream_proxy_config_source"` - URL string `db:"upstream_proxy_config_url"` - AuthType string `db:"upstream_proxy_config_auth_type"` - UserName string `db:"upstream_proxy_config_user_name"` - SecretIdentifier string `db:"upstream_proxy_config_secret_identifier"` - SecretSpaceID int `db:"upstream_proxy_config_secret_space_id"` - Token string `db:"upstream_proxy_config_token"` - CreatedAt int64 `db:"upstream_proxy_config_created_at"` - UpdatedAt int64 `db:"upstream_proxy_config_updated_at"` - CreatedBy int64 `db:"upstream_proxy_config_created_by"` - UpdatedBy int64 `db:"upstream_proxy_config_updated_by"` + ID int64 `db:"upstream_proxy_config_id"` + RegistryID int64 `db:"upstream_proxy_config_registry_id"` + Source string `db:"upstream_proxy_config_source"` + URL string `db:"upstream_proxy_config_url"` + AuthType string `db:"upstream_proxy_config_auth_type"` + UserName string `db:"upstream_proxy_config_user_name"` + SecretIdentifier sql.NullString `db:"upstream_proxy_config_secret_identifier"` + SecretSpaceID sql.NullInt32 `db:"upstream_proxy_config_secret_space_id"` + Token string `db:"upstream_proxy_config_token"` + CreatedAt int64 `db:"upstream_proxy_config_created_at"` + UpdatedAt int64 `db:"upstream_proxy_config_updated_at"` + CreatedBy int64 `db:"upstream_proxy_config_created_by"` + UpdatedBy int64 `db:"upstream_proxy_config_updated_by"` } type upstreamProxyDB struct { @@ -75,8 +75,8 @@ type upstreamProxyDB struct { RepoURL string `db:"repo_url"` RepoAuthType string `db:"repo_auth_type"` UserName string `db:"user_name"` - SecretIdentifier string `db:"secret_identifier"` - SecretSpaceID int `db:"secret_space_id"` + SecretIdentifier sql.NullString `db:"secret_identifier"` + SecretSpaceID sql.NullInt32 `db:"secret_space_id"` Token string `db:"token"` CreatedAt int64 `db:"created_at"` UpdatedAt int64 `db:"updated_at"` @@ -360,8 +360,8 @@ func (r UpstreamproxyDao) mapToInternalUpstreamProxy( URL: in.URL, AuthType: in.AuthType, UserName: in.UserName, - SecretIdentifier: in.SecretIdentifier, - SecretSpaceID: in.SecretSpaceID, + SecretIdentifier: util.GetEmptySQLString(in.SecretIdentifier), + SecretSpaceID: util.GetEmptySQLInt32(in.SecretSpaceID), Token: in.Token, CreatedAt: in.CreatedAt.UnixMilli(), UpdatedAt: in.UpdatedAt.UnixMilli(), diff --git a/registry/app/store/database/util/utils.go b/registry/app/store/database/util/utils.go new file mode 100644 index 0000000000..541cff8f3a --- /dev/null +++ b/registry/app/store/database/util/utils.go @@ -0,0 +1,35 @@ +// Copyright 2023 Harness, Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package util + +import ( + "database/sql" + + "github.com/harness/gitness/registry/app/pkg/commons" +) + +func GetEmptySQLString(str string) sql.NullString { + if commons.IsEmpty(str) { + return sql.NullString{String: str, Valid: false} + } + return sql.NullString{String: str, Valid: true} +} + +func GetEmptySQLInt32(i int) sql.NullInt32 { + if i == 0 { + return sql.NullInt32{Int32: int32(i), Valid: false} + } + return sql.NullInt32{Int32: int32(i), Valid: true} +} diff --git a/registry/types/upstream_proxy_config.go b/registry/types/upstream_proxy_config.go index 613cbaaea6..4661335542 100644 --- a/registry/types/upstream_proxy_config.go +++ b/registry/types/upstream_proxy_config.go @@ -15,6 +15,7 @@ package types import ( + "database/sql" "time" "github.com/harness/gitness/registry/app/api/openapi/contracts/artifact" @@ -50,8 +51,8 @@ type UpstreamProxy struct { RepoURL string RepoAuthType string UserName string - SecretIdentifier string - SecretSpaceID int + SecretIdentifier sql.NullString + SecretSpaceID sql.NullInt32 Token string CreatedAt time.Time UpdatedAt time.Time