Skip to content

chore(hooks): impl generate secrets for dvcr hook in go #1001

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 5 commits into
base: main
Choose a base branch
from
Open

chore(hooks): impl generate secrets for dvcr hook in go #1001

wants to merge 5 commits into from

Conversation

yaroslavborbat
Copy link
Member

@yaroslavborbat yaroslavborbat commented Apr 29, 2025
edited
Loading

Description

impl generate secrets for dvcr hook in go

Why do we need it, and what problem does it solve?

What is the expected result?

Checklist

  • The code is covered by unit tests.
  • e2e tests passed.
  • Documentation updated according to the changes.
  • Changes were tested in the Kubernetes cluster manually.

Changelog entries

section: module
type: feature
summary: impl generate secrets for dvcr hook in go

@yaroslavborbat yaroslavborbat added this to the v0.18.0 milestone Apr 29, 2025
danilrwx
danilrwx requested changes Apr 29, 2025
View reviewed changes
Copy link
Contributor

@danilrwx danilrwx left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

build failed

fl64
fl64 approved these changes Apr 30, 2025
View reviewed changes
Copy link
Member

@fl64 fl64 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is necessary that the old ones, which are created in the python hook, are also valid here

images/hooks/cmd/006-generate-secret-for-dvcr/main.go Outdated
switch {
case dataFromValues.Htpasswd == "" && dataFromSecret.Htpasswd == "":
input.Logger.Info("Regenerate Htpasswd")
htpasswd, err := generateHtpasswd(password)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

where is salt?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we not generate htpasswd with salt. Salt it is internal param REGISTRY_HTTP_SECRET for dvcr

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

https://distribution.github.io/distribution/about/configuration/

A random piece of data used to sign state that may be stored with the client to protect against tampering. For production environments you should generate a random piece of data using a cryptographically secure random generator. If you omit the secret, the registry will automatically generate a secret when it starts. If you are building a cluster of registries behind a load balancer, you MUST ensure the secret is the same for all registries.

fl64

This comment was marked as duplicate.

Sign in to view

fl64

This comment was marked as duplicate.

Sign in to view

@yaroslavborbat yaroslavborbat force-pushed the feat/impl-generate-sercrets-for-dvcr-in-go branch 5 times, most recently from 615c9ba to 2e53f24 Compare April 30, 2025 11:55
@yaroslavborbat yaroslavborbat changed the title feat(hooks): impl generate secrets for dvcr hook in go chore(hooks): impl generate secrets for dvcr hook in go Apr 30, 2025
@yaroslavborbat yaroslavborbat force-pushed the feat/impl-generate-sercrets-for-dvcr-in-go branch from 2e53f24 to 52c4e91 Compare April 30, 2025 14:35
@yaroslavborbat yaroslavborbat requested review from fl64 and danilrwx April 30, 2025 14:36
@yaroslavborbat
impl
02d41e1 
Signed-off-by: Yaroslav Borbat <yaroslav.borbat@flant.com>
@yaroslavborbat
fix
8d70207 
Signed-off-by: Yaroslav Borbat <yaroslav.borbat@flant.com>
@yaroslavborbat
fix
7f4a589 
Signed-off-by: Yaroslav Borbat <yaroslav.borbat@flant.com>
@yaroslavborbat
fix
051dc33 
Signed-off-by: Yaroslav Borbat <yaroslav.borbat@flant.com>
@yaroslavborbat yaroslavborbat force-pushed the feat/impl-generate-sercrets-for-dvcr-in-go branch from 9bc1e02 to 051dc33 Compare April 30, 2025 16:57
@yaroslavborbat
fix
de8bea1 
Signed-off-by: Yaroslav Borbat <yaroslav.borbat@flant.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@universal-itengineer universal-itengineer universal-itengineer left review comments

@nevermarine nevermarine Awaiting requested review from nevermarine nevermarine is a code owner

@Isteb4k Isteb4k Awaiting requested review from Isteb4k Isteb4k is a code owner

@fl64 fl64 Awaiting requested review from fl64 fl64 is a code owner

@danilrwx danilrwx Awaiting requested review from danilrwx

Requested changes must be addressed to merge this pull request.

Assignees

@yaroslavborbat yaroslavborbat

Labels
None yet
Projects
None yet
Milestone
v0.18.0
Development

Successfully merging this pull request may close these issues.
4 participants
@yaroslavborbat @fl64 @danilrwx @universal-itengineer