Upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor.git synced 2024-09-29 22:07:32 +02:00
Code Issues Projects Releases Wiki Activity

add scan report v1.1 to default X-Accept-Vulnerabilities (#16119)

Browse Source 
Closes #16085

Signed-off-by: He Weiwei <hweiwei@vmware.com>
This commit is contained in:
He Weiwei 2021-12-15 16:08:23 +08:00 committed by GitHub
parent d406cb47f7
commit 0ff5dddd0b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 61 additions and 59 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

118
api/v2.0/swagger.yaml
View File

@ -2742,7 +2742,7 @@ paths:
type: integer
Link:
description: Link to previous page and next page
type: string
type: string
'401':
$ref: '#/responses/401'
'403':
@ -5389,7 +5389,7 @@ parameters:
name: X-Accept-Vulnerabilities
in: header
type: string
default: 'application/vnd.scanner.adapter.vuln.report.harbor+json; version=1.0'
default: 'application/vnd.security.vulnerability.report; version=1.1, application/vnd.scanner.adapter.vuln.report.harbor+json; version=1.0'
description: |-
A comma-separated lists of MIME types for the scan report or scan summary. The first mime type will be used when the report found for it.
Currently the mime type supports 'application/vnd.scanner.adapter.vuln.report.harbor+json; version=1.0' and 'application/vnd.security.vulnerability.report; version=1.1'
@ -7794,7 +7794,7 @@ definitions:
description: The name of the user group
group_type:
type: integer
description: 'The group type, 1 for LDAP group, 2 for HTTP group.'
description: 'The group type, 1 for LDAP group, 2 for HTTP group.'
SupportedWebhookEventTypes:
type: object
description: Supportted webhook event types and notify types.
@ -8105,280 +8105,280 @@ definitions:
description: 'The parameters of the policy, the values are dependent on the type of the policy.'
Configurations:
type: object
properties:
properties:
auth_mode:
type: string
description: The auth mode of current system, such as "db_auth", "ldap_auth", "oidc_auth"
description: The auth mode of current system, such as "db_auth", "ldap_auth", "oidc_auth"
x-omitempty: true
x-isnullable: true
email_from:
type: string
description: The sender name for Email notification.
description: The sender name for Email notification.
x-omitempty: true
x-isnullable: true
email_host:
type: string
description: The hostname of SMTP server that sends Email notification.
description: The hostname of SMTP server that sends Email notification.
x-omitempty: true
x-isnullable: true
email_identity:
type: string
description: By default it's empty so the email_username is picked
description: By default it's empty so the email_username is picked
x-omitempty: true
x-isnullable: true
email_insecure:
type: boolean
description: Whether or not the certificate will be verified when Harbor tries to access the email server.
description: Whether or not the certificate will be verified when Harbor tries to access the email server.
x-omitempty: true
x-isnullable: true
email_password:
type: string
description: Email password
description: Email password
x-omitempty: true
x-isnullable: true
email_port:
type: integer
description: The port of SMTP server
description: The port of SMTP server
x-omitempty: true
x-isnullable: true
email_ssl:
type: boolean
description: When it''s set to true the system will access Email server via TLS by default. If it''s set to false, it still will handle "STARTTLS" from server side.
description: When it''s set to true the system will access Email server via TLS by default. If it''s set to false, it still will handle "STARTTLS" from server side.
x-omitempty: true
x-isnullable: true
email_username:
type: string
description: The username for authenticate against SMTP server
description: The username for authenticate against SMTP server
x-omitempty: true
x-isnullable: true
ldap_base_dn:
type: string
description: The Base DN for LDAP binding.
description: The Base DN for LDAP binding.
x-omitempty: true
x-isnullable: true
ldap_filter:
type: string
description: The filter for LDAP search
description: The filter for LDAP search
x-omitempty: true
x-isnullable: true
ldap_group_base_dn:
type: string
description: The base DN to search LDAP group.
description: The base DN to search LDAP group.
x-omitempty: true
x-isnullable: true
ldap_group_admin_dn:
type: string
description: Specify the ldap group which have the same privilege with Harbor admin
description: Specify the ldap group which have the same privilege with Harbor admin
x-omitempty: true
x-isnullable: true
ldap_group_attribute_name:
type: string
description: The attribute which is used as identity of the LDAP group, default is cn.'
description: The attribute which is used as identity of the LDAP group, default is cn.'
x-omitempty: true
x-isnullable: true
ldap_group_search_filter:
type: string
description: The filter to search the ldap group
description: The filter to search the ldap group
x-omitempty: true
x-isnullable: true
ldap_group_search_scope:
type: integer
description: The scope to search ldap group. ''0-LDAP_SCOPE_BASE, 1-LDAP_SCOPE_ONELEVEL, 2-LDAP_SCOPE_SUBTREE''
description: The scope to search ldap group. ''0-LDAP_SCOPE_BASE, 1-LDAP_SCOPE_ONELEVEL, 2-LDAP_SCOPE_SUBTREE''
x-omitempty: true
x-isnullable: true
ldap_scope:
type: integer
description: The scope to search ldap users,'0-LDAP_SCOPE_BASE, 1-LDAP_SCOPE_ONELEVEL, 2-LDAP_SCOPE_SUBTREE'
description: The scope to search ldap users,'0-LDAP_SCOPE_BASE, 1-LDAP_SCOPE_ONELEVEL, 2-LDAP_SCOPE_SUBTREE'
x-omitempty: true
x-isnullable: true
ldap_search_dn:
type: string
description: The DN of the user to do the search.
description: The DN of the user to do the search.
x-omitempty: true
x-isnullable: true
ldap_search_password:
type: string
description: The password of the ldap search dn
description: The password of the ldap search dn
x-omitempty: true
x-isnullable: true
ldap_timeout:
type: integer
description: Timeout in seconds for connection to LDAP server
description: Timeout in seconds for connection to LDAP server
x-omitempty: true
x-isnullable: true
ldap_uid:
type: string
description: The attribute which is used as identity for the LDAP binding, such as "CN" or "SAMAccountname"
description: The attribute which is used as identity for the LDAP binding, such as "CN" or "SAMAccountname"
x-omitempty: true
x-isnullable: true
ldap_url:
type: string
description: The URL of LDAP server
description: The URL of LDAP server
x-omitempty: true
x-isnullable: true
ldap_verify_cert:
type: boolean
description: Whether verify your OIDC server certificate, disable it if your OIDC server is hosted via self-hosted certificate.
description: Whether verify your OIDC server certificate, disable it if your OIDC server is hosted via self-hosted certificate.
x-omitempty: true
x-isnullable: true
ldap_group_membership_attribute:
type: string
description: The user attribute to identify the group membership
description: The user attribute to identify the group membership
x-omitempty: true
x-isnullable: true
project_creation_restriction:
type: string
description: Indicate who can create projects, it could be ''adminonly'' or ''everyone''.
description: Indicate who can create projects, it could be ''adminonly'' or ''everyone''.
x-omitempty: true
x-isnullable: true
read_only:
type: boolean
description: The flag to indicate whether Harbor is in readonly mode.
description: The flag to indicate whether Harbor is in readonly mode.
x-omitempty: true
x-isnullable: true
self_registration:
type: boolean
description: Whether the Harbor instance supports self-registration. If it''s set to false, admin need to add user to the instance.
description: Whether the Harbor instance supports self-registration. If it''s set to false, admin need to add user to the instance.
x-omitempty: true
x-isnullable: true
token_expiration:
type: integer
description: The expiration time of the token for internal Registry, in minutes.
description: The expiration time of the token for internal Registry, in minutes.
x-omitempty: true
x-isnullable: true
uaa_client_id:
type: string
description: The client id of UAA
description: The client id of UAA
x-omitempty: true
x-isnullable: true
uaa_client_secret:
type: string
description: The client secret of the UAA
description: The client secret of the UAA
x-omitempty: true
x-isnullable: true
uaa_endpoint:
type: string
description: The endpoint of the UAA
description: The endpoint of the UAA
x-omitempty: true
x-isnullable: true
uaa_verify_cert:
type: boolean
description: Verify the certificate in UAA server
description: Verify the certificate in UAA server
x-omitempty: true
x-isnullable: true
http_authproxy_endpoint:
type: string
description: The endpoint of the HTTP auth
description: The endpoint of the HTTP auth
x-omitempty: true
x-isnullable: true
http_authproxy_tokenreview_endpoint:
type: string
description: The token review endpoint
description: The token review endpoint
x-omitempty: true
x-isnullable: true
http_authproxy_admin_groups:
type: string
description: The group which has the harbor admin privileges
description: The group which has the harbor admin privileges
x-omitempty: true
x-isnullable: true
http_authproxy_admin_usernames:
type: string
description: The username which has the harbor admin privileges
description: The username which has the harbor admin privileges
x-omitempty: true
x-isnullable: true
http_authproxy_verify_cert:
type: boolean
description: Verify the HTTP auth provider's certificate
description: Verify the HTTP auth provider's certificate
x-omitempty: true
x-isnullable: true
http_authproxy_skip_search:
type: boolean
description: Search user before onboard
description: Search user before onboard
x-omitempty: true
x-isnullable: true
http_authproxy_server_certificate:
type: string
description: The certificate of the HTTP auth provider
description: The certificate of the HTTP auth provider
x-omitempty: true
x-isnullable: true
oidc_name:
type: string
description: The OIDC provider name
description: The OIDC provider name
x-omitempty: true
x-isnullable: true
oidc_endpoint:
type: string
description: The endpoint of the OIDC provider
description: The endpoint of the OIDC provider
x-omitempty: true
x-isnullable: true
oidc_client_id:
type: string
description: The client ID of the OIDC provider
description: The client ID of the OIDC provider
x-omitempty: true
x-isnullable: true
oidc_client_secret:
type: string
description: The OIDC provider secret
description: The OIDC provider secret
x-omitempty: true
x-isnullable: true
oidc_groups_claim:
type: string
description: The attribute claims the group name
description: The attribute claims the group name
x-omitempty: true
x-isnullable: true
oidc_admin_group:
type: string
description: The OIDC group which has the harbor admin privileges
description: The OIDC group which has the harbor admin privileges
x-omitempty: true
x-isnullable: true
oidc_scope:
type: string
description: The scope of the OIDC provider
description: The scope of the OIDC provider
x-omitempty: true
x-isnullable: true
oidc_user_claim:
type: string
description: The attribute claims the username
description: The attribute claims the username
x-omitempty: true
x-isnullable: true
oidc_verify_cert:
type: boolean
description: Verify the OIDC provider's certificate'
description: Verify the OIDC provider's certificate'
x-omitempty: true
x-isnullable: true
oidc_auto_onboard:
type: boolean
description: Auto onboard the OIDC user
description: Auto onboard the OIDC user
x-omitempty: true
x-isnullable: true
oidc_extra_redirect_parms:
type: string
description: Extra parameters to add when redirect request to OIDC provider
description: Extra parameters to add when redirect request to OIDC provider
x-omitempty: true
x-isnullable: true
robot_token_duration:
type: integer
description: The robot account token duration in days
description: The robot account token duration in days
x-omitempty: true
x-isnullable: true
robot_name_prefix:
type: string
description: The rebot account name prefix
description: The rebot account name prefix
x-omitempty: true
x-isnullable: true
notification_enable:
type: boolean
description: Enable notification
description: Enable notification
x-omitempty: true
x-isnullable: true
quota_per_project_enable:
type: boolean
description: Enable quota per project
description: Enable quota per project
x-omitempty: true
x-isnullable: true
storage_per_project:
type: integer
description: The storage quota per project
description: The storage quota per project
x-omitempty: true
x-isnullable: true
StringConfigItem:

2
src/server/v2.0/handler/artifact_test.go
View File

@ -113,6 +113,7 @@ func (suite *ArtifactTestSuite) TestGetVulnerabilitiesAddition() {
{
// report not found for the default X-Accept-Vulnerabilities
suite.onGetReport(v1.MimeTypeGenericVulnerabilityReport)
suite.onGetReport(v1.MimeTypeNativeReport)
var body map[string]interface{}
@ -124,6 +125,7 @@ func (suite *ArtifactTestSuite) TestGetVulnerabilitiesAddition() {
{
// report found for the default X-Accept-Vulnerabilities
suite.onGetReport(v1.MimeTypeGenericVulnerabilityReport)
suite.onGetReport(v1.MimeTypeNativeReport, suite.report1)
var body map[string]interface{}