Skip to content

Commit

Permalink
tls support for pushing sbom
Browse files Browse the repository at this point in the history 
Make it supports the tls configuration for the client for pushing sbom object

Signed-off-by: wang yan <wangyan@vmware.com>
  • Loading branch information
@wy65701436
wy65701436 committed May 29, 2024
1 parent 1f0c828 commit b6d9480
Showing 1 changed file with 11 additions and 11 deletions.
22 changes: 11 additions & 11 deletions src/pkg/scan/util.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,6 @@
package scan

import (
"crypto/tls"
"fmt"
"net/http"

Expand All @@ -30,24 +29,25 @@ import (
"github.com/opencontainers/go-digest"
ocispec "github.com/opencontainers/image-spec/specs-go/v1"

commonhttp "github.com/goharbor/harbor/src/common/http"
"github.com/goharbor/harbor/src/lib/log"
"github.com/goharbor/harbor/src/pkg/robot/model"
v1sq "github.com/goharbor/harbor/src/pkg/scan/rest/v1"
)

// Insecure ...
type Insecure bool

// RemoteOptions ...
func (i Insecure) RemoteOptions() []remote.Option {
func RemoteOptions() []remote.Option {
tr := http.DefaultTransport.(*http.Transport).Clone()
tr.TLSClientConfig = &tls.Config{InsecureSkipVerify: bool(i)}
if commonhttp.InternalEnableVerifyClientCert() {
tlsConfig, err := commonhttp.GetInternalTLSConfig()
if err != nil {
log.Errorf("SBOM client load cert file with err: %v", err)
}
tr.TLSClientConfig = tlsConfig

Check warning on line 46 in src/pkg/scan/util.go

View check run for this annotation

Codecov / codecov/patch

src/pkg/scan/util.go#L42-L46 

Added lines #L42 - L46 were not covered by tests
}
return []remote.Option{remote.WithTransport(tr)}
}

type referrer struct {
Insecure
}

// GenAccessoryArt composes the accessory oci object and push it back to harbor core as an accessory of the scanned artifact.
func GenAccessoryArt(sq v1sq.ScanRequest, accData []byte, accAnnotations map[string]string, mediaType string, robot *model.Robot) (string, error) {
accArt, err := mutate.Append(empty.Image, mutate.Addendum{
Expand Down Expand Up @@ -92,7 +92,7 @@ func GenAccessoryArt(sq v1sq.ScanRequest, accData []byte, accAnnotations map[str
if err != nil {
return "", err
}
opts := append(referrer{Insecure: true}.RemoteOptions(), remote.WithAuth(&authn.Basic{Username: robot.Name, Password: robot.Secret}))
opts := append(RemoteOptions(), remote.WithAuth(&authn.Basic{Username: robot.Name, Password: robot.Secret}))
if err := remote.Write(accRef, accArt, opts...); err != nil {
return "", err
}
Expand Down

0 comments on commit b6d9480

Please # to comment.