mirror of
https://github.com/portainer/portainer.git
synced 2025-07-24 15:59:41 +02:00
feat(gitops): allow to skip tls verification [EE-5023] (#8668)
This commit is contained in:
Chaim Lev-Ari
GitHub
parent
17839aa473
commit
feab2a757e
44 changed files with 266 additions and 188 deletions
|
|
@ -53,14 +53,14 @@ func RedeployWhenChanged(stackID portainer.StackID, deployer StackDeployer, data
|
|||
Str("author", author).
|
||||
Str("stack", stack.Name).
|
||||
Int("endpoint_id", int(stack.EndpointID)).
|
||||
Msg("cannot autoupdate a stack, stack author user is missing")
|
||||
Msg("cannot auto update a stack, stack author user is missing")
|
||||
|
||||
return &StackAuthorMissingErr{int(stack.ID), author}
|
||||
}
|
||||
|
||||
var gitCommitChangedOrForceUpdate bool
|
||||
if !stack.FromAppTemplate {
|
||||
updated, newHash, err := update.UpdateGitObject(gitService, datastore, fmt.Sprintf("stack:%d", stackID), stack.GitConfig, stack.AutoUpdate, stack.ProjectPath)
|
||||
updated, newHash, err := update.UpdateGitObject(gitService, fmt.Sprintf("stack:%d", stackID), stack.GitConfig, false, stack.ProjectPath)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
@ -99,7 +99,7 @@ func RedeployWhenChanged(stackID portainer.StackID, deployer StackDeployer, data
|
|||
|
||||
err := deployer.DeployKubernetesStack(stack, endpoint, user)
|
||||
if err != nil {
|
||||
return errors.WithMessagef(err, "failed to deploy a kubternetes app stack %v", stackID)
|
||||
return errors.WithMessagef(err, "failed to deploy a kubernetes app stack %v", stackID)
|
||||
}
|
||||
default:
|
||||
return errors.Errorf("cannot update stack, type %v is unsupported", stack.Type)
|
||||
|
|
|
|||
|
|
@ -6,33 +6,13 @@ import (
|
|||
"testing"
|
||||
|
||||
"github.com/portainer/portainer/api/datastore"
|
||||
"github.com/portainer/portainer/api/internal/testhelpers"
|
||||
|
||||
portainer "github.com/portainer/portainer/api"
|
||||
gittypes "github.com/portainer/portainer/api/git/types"
|
||||
"github.com/stretchr/testify/assert"
|
||||
)
|
||||
|
||||
type gitService struct {
|
||||
cloneErr error
|
||||
id string
|
||||
}
|
||||
|
||||
func (g *gitService) CloneRepository(destination, repositoryURL, referenceName, username, password string) error {
|
||||
return g.cloneErr
|
||||
}
|
||||
|
||||
func (g *gitService) LatestCommitID(repositoryURL, referenceName, username, password string) (string, error) {
|
||||
return g.id, nil
|
||||
}
|
||||
|
||||
func (g *gitService) ListRefs(repositoryURL, username, password string, hardRefresh bool) ([]string, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func (g *gitService) ListFiles(repositoryURL, referenceName, username, password string, hardRefresh bool, includedExts []string) ([]string, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
type noopDeployer struct{}
|
||||
|
||||
func (s *noopDeployer) DeploySwarmStack(stack *portainer.Stack, endpoint *portainer.Endpoint, registries []portainer.Registry, prune bool, pullImage bool) error {
|
||||
|
|
@ -67,7 +47,7 @@ func Test_redeployWhenChanged_DoesNothingWhenNotAGitBasedStack(t *testing.T) {
|
|||
err = store.Stack().Create(&portainer.Stack{ID: 1, CreatedBy: "admin"})
|
||||
assert.NoError(t, err, "failed to create a test stack")
|
||||
|
||||
err = RedeployWhenChanged(1, nil, store, &gitService{nil, ""})
|
||||
err = RedeployWhenChanged(1, nil, store, testhelpers.NewGitService(nil, ""))
|
||||
assert.NoError(t, err)
|
||||
}
|
||||
|
||||
|
|
@ -97,7 +77,7 @@ func Test_redeployWhenChanged_DoesNothingWhenNoGitChanges(t *testing.T) {
|
|||
}})
|
||||
assert.NoError(t, err, "failed to create a test stack")
|
||||
|
||||
err = RedeployWhenChanged(1, nil, store, &gitService{nil, "oldHash"})
|
||||
err = RedeployWhenChanged(1, nil, store, testhelpers.NewGitService(nil, "oldHash"))
|
||||
assert.NoError(t, err)
|
||||
}
|
||||
|
||||
|
|
@ -125,7 +105,7 @@ func Test_redeployWhenChanged_FailsWhenCannotClone(t *testing.T) {
|
|||
}})
|
||||
assert.NoError(t, err, "failed to create a test stack")
|
||||
|
||||
err = RedeployWhenChanged(1, nil, store, &gitService{cloneErr, "newHash"})
|
||||
err = RedeployWhenChanged(1, nil, store, testhelpers.NewGitService(cloneErr, "newHash"))
|
||||
assert.Error(t, err)
|
||||
assert.ErrorIs(t, err, cloneErr, "should failed to clone but didn't, check test setup")
|
||||
}
|
||||
|
|
@ -162,7 +142,7 @@ func Test_redeployWhenChanged(t *testing.T) {
|
|||
stack.Type = portainer.DockerComposeStack
|
||||
store.Stack().UpdateStack(stack.ID, &stack)
|
||||
|
||||
err = RedeployWhenChanged(1, &noopDeployer{}, store, &gitService{nil, "newHash"})
|
||||
err = RedeployWhenChanged(1, &noopDeployer{}, store, testhelpers.NewGitService(nil, "newHash"))
|
||||
assert.NoError(t, err)
|
||||
})
|
||||
|
||||
|
|
@ -170,7 +150,7 @@ func Test_redeployWhenChanged(t *testing.T) {
|
|||
stack.Type = portainer.DockerSwarmStack
|
||||
store.Stack().UpdateStack(stack.ID, &stack)
|
||||
|
||||
err = RedeployWhenChanged(1, &noopDeployer{}, store, &gitService{nil, "newHash"})
|
||||
err = RedeployWhenChanged(1, &noopDeployer{}, store, testhelpers.NewGitService(nil, "newHash"))
|
||||
assert.NoError(t, err)
|
||||
})
|
||||
|
||||
|
|
@ -178,7 +158,7 @@ func Test_redeployWhenChanged(t *testing.T) {
|
|||
stack.Type = portainer.KubernetesStack
|
||||
store.Stack().UpdateStack(stack.ID, &stack)
|
||||
|
||||
err = RedeployWhenChanged(1, &noopDeployer{}, store, &gitService{nil, "newHash"})
|
||||
err = RedeployWhenChanged(1, &noopDeployer{}, store, testhelpers.NewGitService(nil, "newHash"))
|
||||
assert.NoError(t, err)
|
||||
})
|
||||
}
|
||||
|
|
|
|||
|
|
@ -67,6 +67,8 @@ func (b *GitMethodStackBuilder) SetGitRepository(payload *StackPayload) GitMetho
|
|||
|
||||
repoConfig.URL = payload.URL
|
||||
repoConfig.ReferenceName = payload.ReferenceName
|
||||
repoConfig.TLSSkipVerify = payload.TLSSkipVerify
|
||||
|
||||
repoConfig.ConfigFilePath = payload.ComposeFile
|
||||
if payload.ComposeFile == "" {
|
||||
repoConfig.ConfigFilePath = filesystem.ComposeFileDefaultName
|
||||
|
|
|
|||
|
|
@ -52,4 +52,6 @@ type RepositoryConfigPayload struct {
|
|||
// Password used in basic authentication. Required when RepositoryAuthentication is true
|
||||
// and RepositoryGitCredentialID is 0
|
||||
Password string `example:"myGitPassword"`
|
||||
// TLSSkipVerify skips SSL verification when cloning the Git repository
|
||||
TLSSkipVerify bool `example:"false"`
|
||||
}
|
||||
|
|
|
|||
|
|
@ -27,7 +27,7 @@ func DownloadGitRepository(stackID portainer.StackID, config gittypes.RepoConfig
|
|||
stackFolder := fmt.Sprintf("%d", stackID)
|
||||
projectPath := fileService.GetStackProjectPath(stackFolder)
|
||||
|
||||
err := gitService.CloneRepository(projectPath, config.URL, config.ReferenceName, username, password)
|
||||
err := gitService.CloneRepository(projectPath, config.URL, config.ReferenceName, username, password, config.TLSSkipVerify)
|
||||
if err != nil {
|
||||
if err == gittypes.ErrAuthenticationFailure {
|
||||
newErr := ErrInvalidGitCredential
|
||||
|
|
@ -38,7 +38,7 @@ func DownloadGitRepository(stackID portainer.StackID, config gittypes.RepoConfig
|
|||
return "", newErr
|
||||
}
|
||||
|
||||
commitID, err := gitService.LatestCommitID(config.URL, config.ReferenceName, username, password)
|
||||
commitID, err := gitService.LatestCommitID(config.URL, config.ReferenceName, username, password, config.TLSSkipVerify)
|
||||
if err != nil {
|
||||
newErr := fmt.Errorf("unable to fetch git repository id: %w", err)
|
||||
return "", newErr
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue