bug fixes in robot account in ground control and fixing unauthorized …

…error while pulling the images (#69)
container-registry · Dec 17, 2024 · dc2d7f0 · dc2d7f0
1 parent ece5bfb
commit dc2d7f0
Show file tree

Hide file tree

Showing 7 changed files with 77 additions and 11 deletions.
diff --git a/cmd/root.go b/cmd/root.go
@@ -2,6 +2,7 @@ package cmd
 
 import (
 	"context"
+	"fmt"
 
 	runtime "container-registry.com/harbor-satellite/cmd/container_runtime"
 	"container-registry.com/harbor-satellite/internal/config"
@@ -10,6 +11,7 @@ import (
 	"container-registry.com/harbor-satellite/internal/server"
 	"container-registry.com/harbor-satellite/internal/utils"
 	"container-registry.com/harbor-satellite/logger"
+	"container-registry.com/harbor-satellite/registry"
 	"github.com/rs/zerolog"
 	"github.com/spf13/cobra"
 	"golang.org/x/sync/errgroup"
@@ -95,6 +97,13 @@ func handleRegistrySetup(g *errgroup.Group, log *zerolog.Logger, cancel context.
 		}
 	} else {
 		log.Info().Msg("Launching default registry")
+		var defaultZotConfig registry.DefaultZotConfig
+		err := registry.ReadConfig(config.GetZotConfigPath(), &defaultZotConfig)
+		if err != nil {
+			return fmt.Errorf("error reading config: %w", err)
+		}
+		defaultZotURL := defaultZotConfig.GetLocalRegistryURL()
+		config.SetRemoteRegistryURL(defaultZotURL)
 		g.Go(func() error {
 			if err := utils.LaunchDefaultZotRegistry(); err != nil {
 				log.Error().Err(err).Msg("Error launching default registry")

diff --git a/config.json b/config.json
@@ -10,7 +10,7 @@
     ]
   },
   "environment_variables": {
-    "ground_control_url": "",
+    "ground_control_url": "http://127.0.0.1:8080",
     "log_level": "info",
     "use_unsecure": true,
     "zot_config_path": "./registry/config.json",

diff --git a/ground-control/internal/database/groups.sql.go b/ground-control/internal/database/groups.sql.go
diff --git a/ground-control/internal/server/handlers.go b/ground-control/internal/server/handlers.go
@@ -162,9 +162,9 @@ func (s *Server) registerSatelliteHandler(w http.ResponseWriter, r *http.Request
 	}
 
 	if len(req.Name) < 1 {
-		log.Println("name should be atleast one character long.")
+		log.Println("name should be at least one character long.")
 		err := &AppError{
-			Message: fmt.Sprintf("Error: name should be atleast one character long."),
+			Message: "Error: name should be at least one character long.",
 			Code:    http.StatusBadRequest,
 		}
 		HandleAppError(w, err)
@@ -184,7 +184,7 @@ func (s *Server) registerSatelliteHandler(w http.ResponseWriter, r *http.Request
 
 	if roboPresent {
 		err := &AppError{
-			Message: fmt.Sprintf("Error: Robot Account name already present. Try with different name"),
+			Message: "Error: Robot Account name already present. Try with different name",
 			Code:    http.StatusBadRequest,
 		}
 		HandleAppError(w, err)
@@ -324,6 +324,37 @@ func (s *Server) registerSatelliteHandler(w http.ResponseWriter, r *http.Request
 		return
 	}
 
+	// Give permission to the robot account for the projects present in the group list
+	// fetch all the projects
+	for i := range *req.Groups {
+		projects, err := q.GetProjectsOfGroup(r.Context(), (*req.Groups)[i])
+		if err != nil {
+			log.Println(err)
+			err := &AppError{
+				Message: fmt.Sprintf("Error: fetching projects of group %v", err.Error()),
+				Code:    http.StatusInternalServerError,
+			}
+			HandleAppError(w, err)
+			tx.Rollback()
+			return
+		}
+		project := projects[0]
+
+		// give permission to the robot account for all the projects present in this group
+		_, err = utils.UpdateRobotProjects(r.Context(), project, strconv.FormatInt(rbt.ID, 10))
+		if err != nil {
+			log.Println(err)
+			err := &AppError{
+				Message: fmt.Sprintf("Error: updating robot account %v", err.Error()),
+				Code:    http.StatusInternalServerError,
+			}
+			HandleAppError(w, err)
+			tx.Rollback()
+			return
+		}
+
+	}
+
 	// Add token to DB
 	token, err := GenerateRandomToken(32)
 	if err != nil {

diff --git a/ground-control/sql/queries/groups.sql b/ground-control/sql/queries/groups.sql
@@ -22,3 +22,7 @@ WHERE group_name = $1;
 -- name: DeleteGroup :exec
 DELETE FROM groups
 WHERE id = $1;
+
+-- name: GetProjectsOfGroup :many
+SELECT projects FROM groups
+WHERE group_name = $1;
diff --git a/internal/state/state_process.go b/internal/state/state_process.go
@@ -329,6 +329,7 @@ func (f *FetchAndReplicateStateProcess) UpdateFetchProcessConfigFromZtr(username
 	f.authConfig.SourceRegistryUserName = username
 	f.authConfig.SourceRegistryPassword = password
 	f.authConfig.SourceRegistry = utils.FormatRegistryURL(sourceRegistryURL)
+	f.Replicator = NewBasicReplicator(f.authConfig.SourceRegistryUserName, f.authConfig.SourceRegistryPassword, f.authConfig.SourceRegistry, f.authConfig.RemoteRegistryURL, f.authConfig.RemoteRegistryUserName, f.authConfig.RemoteRegistryPassword, f.authConfig.UseUnsecure)
 
 	// The states contain all the states that this satellite needs to track thus we would have to add the new states to the state map
 	// also we would have to remove the states that are not in the new states

diff --git a/internal/utils/utils.go b/internal/utils/utils.go
@@ -50,13 +50,6 @@ func HandleOwnRegistry() error {
 
 // LaunchDefaultZotRegistry launches the default Zot registry using the Zot config path
 func LaunchDefaultZotRegistry() error {
-	var defaultZotConfig registry.DefaultZotConfig
-	err := registry.ReadConfig(config.GetZotConfigPath(), &defaultZotConfig)
-	if err != nil {
-		return fmt.Errorf("error reading config: %w", err)
-	}
-	defaultZotURL := defaultZotConfig.GetLocalRegistryURL()
-	config.SetRemoteRegistryURL(defaultZotURL)
 	launch, err := registry.LaunchRegistry(config.GetZotConfigPath())
 	if !launch {
 		return fmt.Errorf("error launching registry: %w", err)