From c06dd6446f246b37d9c880c37e673dd125593970 Mon Sep 17 00:00:00 2001 From: wang yan Date: Tue, 13 Aug 2024 17:45:29 +0800 Subject: [PATCH 1/3] add creator for robot add the creator for robot creation Signed-off-by: wang yan --- api/v2.0/swagger.yaml | 3 +++ make/migrations/postgresql/0150_2.12.0_schema.up.sql | 5 +++++ src/controller/robot/controller.go | 1 + src/controller/robot/controller_test.go | 1 + src/pkg/robot/dao/dao_test.go | 2 ++ src/pkg/robot/model/model.go | 1 + src/server/v2.0/handler/model/robot.go | 1 + src/server/v2.0/handler/robot.go | 6 ++++++ 8 files changed, 20 insertions(+) create mode 100644 make/migrations/postgresql/0150_2.12.0_schema.up.sql diff --git a/api/v2.0/swagger.yaml b/api/v2.0/swagger.yaml index 71805a43002..da1e9b25f4b 100644 --- a/api/v2.0/swagger.yaml +++ b/api/v2.0/swagger.yaml @@ -7846,6 +7846,9 @@ definitions: type: array items: $ref: '#/definitions/RobotPermission' + Creator: + type: string + description: The creator of the robot creation_time: type: string format: date-time diff --git a/make/migrations/postgresql/0150_2.12.0_schema.up.sql b/make/migrations/postgresql/0150_2.12.0_schema.up.sql new file mode 100644 index 00000000000..82c36bc9cbc --- /dev/null +++ b/make/migrations/postgresql/0150_2.12.0_schema.up.sql @@ -0,0 +1,5 @@ +/* +Add new column robot for artifact table to add a new column to record the creator of the robot +*/ +ALTER TABLE robot ADD COLUMN IF NOT EXISTS creator varchar(255); +UPDATE robot SET creator = 'unknown' WHERE creator IS NULL; diff --git a/src/controller/robot/controller.go b/src/controller/robot/controller.go index 28eef53e409..b2dc81dbbfa 100644 --- a/src/controller/robot/controller.go +++ b/src/controller/robot/controller.go @@ -130,6 +130,7 @@ func (d *controller) Create(ctx context.Context, r *Robot) (int64, string, error Duration: r.Duration, Salt: salt, Visible: r.Visible, + Creator: r.Creator, }) if err != nil { return 0, "", err diff --git a/src/controller/robot/controller_test.go b/src/controller/robot/controller_test.go index 2a97d059288..529c4b4bb46 100644 --- a/src/controller/robot/controller_test.go +++ b/src/controller/robot/controller_test.go @@ -113,6 +113,7 @@ func (suite *ControllerTestSuite) TestCreate() { Name: "testcreate", Description: "testcreate", Duration: 0, + Creator: "tester", }, ProjectName: "library", Level: LEVELPROJECT, diff --git a/src/pkg/robot/dao/dao_test.go b/src/pkg/robot/dao/dao_test.go index 4723b640190..972c75514d5 100644 --- a/src/pkg/robot/dao/dao_test.go +++ b/src/pkg/robot/dao/dao_test.go @@ -52,6 +52,7 @@ func (suite *DaoTestSuite) robots() { Description: "test3 description", ProjectID: 1, Secret: suite.RandString(10), + Creator: "tester", }) suite.Nil(err) @@ -120,6 +121,7 @@ func (suite *DaoTestSuite) TestGet() { r, err := suite.dao.Get(orm.Context(), suite.robotID3) suite.Nil(err) suite.Equal("test3", r.Name) + suite.Equal("tester", r.Creator) } func (suite *DaoTestSuite) TestCount() { diff --git a/src/pkg/robot/model/model.go b/src/pkg/robot/model/model.go index f35e309c624..a31cb0eeda0 100644 --- a/src/pkg/robot/model/model.go +++ b/src/pkg/robot/model/model.go @@ -39,6 +39,7 @@ type Robot struct { ExpiresAt int64 `orm:"column(expiresat)" json:"expires_at"` Disabled bool `orm:"column(disabled)" json:"disabled"` Visible bool `orm:"column(visible)" json:"-"` + Creator string `orm:"column(creator)" json:"creator"` CreationTime time.Time `orm:"column(creation_time);auto_now_add" json:"creation_time"` UpdateTime time.Time `orm:"column(update_time);auto_now" json:"update_time"` } diff --git a/src/server/v2.0/handler/model/robot.go b/src/server/v2.0/handler/model/robot.go index e1a97d2730d..d107bfc0bc7 100644 --- a/src/server/v2.0/handler/model/robot.go +++ b/src/server/v2.0/handler/model/robot.go @@ -48,6 +48,7 @@ func (r *Robot) ToSwagger() *models.Robot { Level: r.Level, Disable: r.Disabled, Editable: r.Editable, + Creator: r.Creator, CreationTime: strfmt.DateTime(r.CreationTime), UpdateTime: strfmt.DateTime(r.UpdateTime), Permissions: perms, diff --git a/src/server/v2.0/handler/robot.go b/src/server/v2.0/handler/robot.go index fff5f2aac14..6e910cdc1dd 100644 --- a/src/server/v2.0/handler/robot.go +++ b/src/server/v2.0/handler/robot.go @@ -62,12 +62,18 @@ func (rAPI *robotAPI) CreateRobot(ctx context.Context, params operation.CreateRo return rAPI.SendError(ctx, err) } + secCtx, err := rAPI.GetSecurityContext(ctx) + if err != nil { + return rAPI.SendError(ctx, err) + } + r := &robot.Robot{ Robot: pkg.Robot{ Name: params.Robot.Name, Description: params.Robot.Description, Duration: params.Robot.Duration, Visible: true, + Creator: secCtx.GetUsername(), }, Level: params.Robot.Level, } From e637818a12029c7bfbd149ad5d1a68a50e089a69 Mon Sep 17 00:00:00 2001 From: wang yan Date: Wed, 14 Aug 2024 15:45:10 +0800 Subject: [PATCH 2/3] resolve comments Signed-off-by: wang yan --- api/v2.0/swagger.yaml | 2 +- make/migrations/postgresql/0150_2.12.0_schema.up.sql | 2 +- src/controller/robot/controller.go | 1 + src/controller/robot/controller_test.go | 7 +++++-- src/controller/scan/base_controller.go | 1 + src/server/v2.0/handler/robot.go | 4 ++-- 6 files changed, 11 insertions(+), 6 deletions(-) diff --git a/api/v2.0/swagger.yaml b/api/v2.0/swagger.yaml index da1e9b25f4b..c995f705e8d 100644 --- a/api/v2.0/swagger.yaml +++ b/api/v2.0/swagger.yaml @@ -7846,7 +7846,7 @@ definitions: type: array items: $ref: '#/definitions/RobotPermission' - Creator: + creator: type: string description: The creator of the robot creation_time: diff --git a/make/migrations/postgresql/0150_2.12.0_schema.up.sql b/make/migrations/postgresql/0150_2.12.0_schema.up.sql index 82c36bc9cbc..82f1061722d 100644 --- a/make/migrations/postgresql/0150_2.12.0_schema.up.sql +++ b/make/migrations/postgresql/0150_2.12.0_schema.up.sql @@ -1,5 +1,5 @@ /* -Add new column robot for artifact table to add a new column to record the creator of the robot +Add new column creator for robot table to add a new column to record the creator of the robot */ ALTER TABLE robot ADD COLUMN IF NOT EXISTS creator varchar(255); UPDATE robot SET creator = 'unknown' WHERE creator IS NULL; diff --git a/src/controller/robot/controller.go b/src/controller/robot/controller.go index b2dc81dbbfa..cd6469c31e5 100644 --- a/src/controller/robot/controller.go +++ b/src/controller/robot/controller.go @@ -121,6 +121,7 @@ func (d *controller) Create(ctx context.Context, r *Robot) (int64, string, error if r.Level == LEVELPROJECT { name = fmt.Sprintf("%s+%s", r.ProjectName, r.Name) } + robotID, err := d.robotMgr.Create(ctx, &model.Robot{ Name: name, Description: r.Description, diff --git a/src/controller/robot/controller_test.go b/src/controller/robot/controller_test.go index 529c4b4bb46..50a02daa839 100644 --- a/src/controller/robot/controller_test.go +++ b/src/controller/robot/controller_test.go @@ -9,6 +9,7 @@ import ( "github.com/stretchr/testify/suite" "github.com/goharbor/harbor/src/common" + "github.com/goharbor/harbor/src/common/security" "github.com/goharbor/harbor/src/common/utils/test" "github.com/goharbor/harbor/src/lib/config" "github.com/goharbor/harbor/src/lib/q" @@ -18,6 +19,7 @@ import ( rbac_model "github.com/goharbor/harbor/src/pkg/rbac/model" "github.com/goharbor/harbor/src/pkg/robot/model" htesting "github.com/goharbor/harbor/src/testing" + testsec "github.com/goharbor/harbor/src/testing/common/security" "github.com/goharbor/harbor/src/testing/mock" "github.com/goharbor/harbor/src/testing/pkg/project" "github.com/goharbor/harbor/src/testing/pkg/rbac" @@ -102,7 +104,9 @@ func (suite *ControllerTestSuite) TestCreate() { robotMgr := &robot.Manager{} c := controller{robotMgr: robotMgr, rbacMgr: rbacMgr, proMgr: projectMgr} - ctx := context.TODO() + secCtx := &testsec.Context{} + secCtx.On("GetUsername").Return("security-context-user") + ctx := security.NewContext(context.Background(), secCtx) projectMgr.On("Get", mock.Anything, mock.Anything).Return(&proModels.Project{ProjectID: 1, Name: "library"}, nil) robotMgr.On("Create", mock.Anything, mock.Anything).Return(int64(1), nil) rbacMgr.On("CreateRbacPolicy", mock.Anything, mock.Anything, mock.Anything).Return(int64(1), nil) @@ -113,7 +117,6 @@ func (suite *ControllerTestSuite) TestCreate() { Name: "testcreate", Description: "testcreate", Duration: 0, - Creator: "tester", }, ProjectName: "library", Level: LEVELPROJECT, diff --git a/src/controller/scan/base_controller.go b/src/controller/scan/base_controller.go index f6a0427b4d6..fe4a15faf8f 100644 --- a/src/controller/scan/base_controller.go +++ b/src/controller/scan/base_controller.go @@ -864,6 +864,7 @@ func (bc *basicController) makeRobotAccount(ctx context.Context, projectID int64 Description: "for scan", ProjectID: projectID, Duration: -1, + Creator: "harbor-core-for-scan-all", }, Level: robot.LEVELPROJECT, Permissions: []*robot.Permission{ diff --git a/src/server/v2.0/handler/robot.go b/src/server/v2.0/handler/robot.go index 6e910cdc1dd..316db7cd5f0 100644 --- a/src/server/v2.0/handler/robot.go +++ b/src/server/v2.0/handler/robot.go @@ -62,7 +62,7 @@ func (rAPI *robotAPI) CreateRobot(ctx context.Context, params operation.CreateRo return rAPI.SendError(ctx, err) } - secCtx, err := rAPI.GetSecurityContext(ctx) + sc, err := rAPI.GetSecurityContext(ctx) if err != nil { return rAPI.SendError(ctx, err) } @@ -73,7 +73,7 @@ func (rAPI *robotAPI) CreateRobot(ctx context.Context, params operation.CreateRo Description: params.Robot.Description, Duration: params.Robot.Duration, Visible: true, - Creator: secCtx.GetUsername(), + Creator: sc.GetUsername(), }, Level: params.Robot.Level, } From 2021600163f9033e9fa1a8ca78a8f9c6c20ce77b Mon Sep 17 00:00:00 2001 From: wang yan Date: Wed, 14 Aug 2024 19:20:38 +0800 Subject: [PATCH 3/3] fix ut Signed-off-by: wang yan --- src/controller/scan/base_controller_test.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/controller/scan/base_controller_test.go b/src/controller/scan/base_controller_test.go index ca12196d7d3..028c860d7ac 100644 --- a/src/controller/scan/base_controller_test.go +++ b/src/controller/scan/base_controller_test.go @@ -235,6 +235,7 @@ func (suite *ControllerTestSuite) SetupSuite() { Description: "for scan", ProjectID: suite.artifact.ProjectID, Duration: -1, + Creator: "harbor-core-for-scan-all", }, Level: robot.LEVELPROJECT, Permissions: []*robot.Permission{ @@ -266,6 +267,7 @@ func (suite *ControllerTestSuite) SetupSuite() { Description: "for scan", ProjectID: suite.artifact.ProjectID, Duration: -1, + Creator: "harbor-core-for-scan-all", }, Level: "project", }, nil)