Merge branch 'master' of https://github.com/goharbor/harbor into project-quota-dev

This commit is contained in:
wang yan 2019-07-16 14:51:37 +08:00
commit 105518fe12
25 changed files with 1310 additions and 384 deletions

View File

@ -45,10 +45,10 @@ secret_dir=${data_path}/secret
config_dir=$harbor_prepare_path/common/config
# Run prepare script
docker run --rm -v $input_dir:/input \
-v $harbor_prepare_path:/compose_location \
-v $config_dir:/config \
-v $secret_dir:/secret \
docker run --rm -v $input_dir:/input:z \
-v $harbor_prepare_path:/compose_location:z \
-v $config_dir:/config:z \
-v $secret_dir:/secret:z \
goharbor/prepare:dev $@
echo "Clean up the input dir"

View File

@ -96,7 +96,7 @@ describe('RegistryConfigComponent (inline template)', () => {
it('should render configurations to the view', async(() => {
expect(spy.calls.count()).toEqual(1);
expect(spySystemInfo.calls.count()).toEqual(1);
expect(spySystemInfo.calls.count()).toEqual(2);
fixture.detectChanges();
fixture.whenStable().then(() => {

View File

@ -4,22 +4,26 @@
<div class="form-group">
<label for="proCreation">{{'CONFIG.PRO_CREATION_RESTRICTION' | translate}}</label>
<div class="select">
<select id="proCreation" name="proCreation" [(ngModel)]="systemSettings.project_creation_restriction.value"
<select id="proCreation" name="proCreation"
[(ngModel)]="systemSettings.project_creation_restriction.value"
[disabled]="disabled(systemSettings.project_creation_restriction)">
<option value="everyone">{{'CONFIG.PRO_CREATION_EVERYONE' | translate }}</option>
<option value="adminonly">{{'CONFIG.PRO_CREATION_ADMIN' | translate }}</option>
</select>
</div>
<a href="javascript:void(0)" role="tooltip" aria-haspopup="true" class="tooltip tooltip-lg tooltip-top-right">
<a href="javascript:void(0)" role="tooltip" aria-haspopup="true"
class="tooltip tooltip-lg tooltip-top-right">
<clr-icon shape="info-circle" class="info-tips-icon" size="24"></clr-icon>
<span class="tooltip-content">{{'CONFIG.TOOLTIP.PRO_CREATION_RESTRICTION' | translate}}</span>
</a>
</div>
<div class="form-group">
<label for="tokenExpiration" class="required">{{'CONFIG.TOKEN_EXPIRATION' | translate}}</label>
<label for="tokenExpiration" aria-haspopup="true" role="tooltip" class="tooltip tooltip-validation tooltip-md tooltip-top-right"
<label for="tokenExpiration" aria-haspopup="true" role="tooltip"
class="tooltip tooltip-validation tooltip-md tooltip-top-right"
[class.invalid]="tokenExpirationInput.invalid && (tokenExpirationInput.dirty || tokenExpirationInput.touched)">
<input name="tokenExpiration" type="text" #tokenExpirationInput="ngModel" [(ngModel)]="systemSettings.token_expiration.value"
<input name="tokenExpiration" type="text" #tokenExpirationInput="ngModel"
[(ngModel)]="systemSettings.token_expiration.value"
required pattern="^[1-9]{1}[0-9]*$" id="tokenExpiration" size="20" [disabled]="!editable">
<span class="tooltip-content">
{{'TOOLTIP.NUMBER_REQUIRED' | translate}}
@ -32,10 +36,13 @@
</div>
<div class="form-group">
<label for="robotTokenExpiration" class="required">{{'ROBOT_ACCOUNT.TOKEN_EXPIRATION' | translate}}</label>
<label for="robotTokenExpiration" aria-haspopup="true" role="tooltip" class="tooltip tooltip-validation tooltip-md tooltip-top-right"
<label for="robotTokenExpiration" aria-haspopup="true" role="tooltip"
class="tooltip tooltip-validation tooltip-md tooltip-top-right"
[class.invalid]="robotTokenExpirationInput.invalid && (robotTokenExpirationInput.dirty || robotTokenExpirationInput.touched)">
<input name="robotTokenExpiration" type="text" #robotTokenExpirationInput="ngModel" (ngModelChange)="changeToken($event)" [(ngModel)]="robotTokenExpiration"
required pattern="^[1-9]{1}[0-9]*$" id="robotTokenExpiration" size="20" [disabled]="!robotExpirationEditable">
<input name="robotTokenExpiration" type="text" #robotTokenExpirationInput="ngModel"
(ngModelChange)="changeToken($event)" [(ngModel)]="robotTokenExpiration"
required pattern="^[1-9]{1}[0-9]*$" id="robotTokenExpiration" size="20"
[disabled]="!robotExpirationEditable">
<span class="tooltip-content">
{{'ROBOT_ACCOUNT.NUMBER_REQUIRED' | translate}}
</span>
@ -56,22 +63,94 @@
<div *ngIf="!withAdmiral" class="form-group">
<label for="repoReadOnly">{{'CONFIG.REPO_READ_ONLY' | translate}}</label>
<clr-checkbox-wrapper>
<input type="checkbox" clrCheckbox name="repoReadOnly" id="repoReadOnly" [ngModel]="systemSettings.read_only.value"
(ngModelChange)="setRepoReadOnlyValue($event)" />
<input type="checkbox" clrCheckbox name="repoReadOnly" id="repoReadOnly"
[ngModel]="systemSettings.read_only.value"
(ngModelChange)="setRepoReadOnlyValue($event)"/>
<label>
<a href="javascript:void(0)" role="tooltip" aria-haspopup="true" class="tooltip tooltip-top-right read-tooltip">
<a href="javascript:void(0)" role="tooltip" aria-haspopup="true"
class="tooltip tooltip-top-right read-tooltip">
<clr-icon shape="info-circle" class="info-tips-icon" size="24"></clr-icon>
<span class="tooltip-content">{{'CONFIG.TOOLTIP.REPO_TOOLTIP' | translate}}</span>
</a>
</label>
</clr-checkbox-wrapper>
</div>
<div class="form-group" *ngIf="withClair">
<label for="systemWhitelist">{{'CVE_WHITELIST.DEPLOYMENT_SECURITY'|translate}}</label>
<div class="form-content w-100">
<div>
<div>
<span class="title">{{'CVE_WHITELIST.CVE_WHITELIST'|translate}}</span>
</div>
<div>
<span>{{'CVE_WHITELIST.SYS_WHITELIST_EXPLAIN'|translate}}</span>
</div>
<div>
<span>{{'CVE_WHITELIST.ADD_SYS'|translate}}</span>
</div>
<div *ngIf="hasExpired">
<span class="label label-warning">{{'CVE_WHITELIST.WARNING_SYS'|translate}}</span>
</div>
</div>
<div class="clr-row width-70per">
<div class="clr-col position-relative">
<div>
<button (click)="showAddModal=!showAddModal"
class="btn btn-link">{{'CVE_WHITELIST.ADD'|translate}}</button>
</div>
<div class="add-modal" *ngIf="showAddModal">
<div>
<clr-textarea-container>
<label>{{'CVE_WHITELIST.ENTER'|translate}}</label>
<textarea class="w-100 font-italic" clrTextarea [(ngModel)]="cveIds"
name="cveIds"></textarea>
<clr-control-helper>{{'CVE_WHITELIST.HELP'|translate}}</clr-control-helper>
</clr-textarea-container>
</div>
<div>
<button [disabled]="isDisabled()" (click)="addToSystemWhitelist()"
class="btn btn-link">{{'CVE_WHITELIST.ADD'|translate}}</button>
</div>
</div>
<ul class="whitelist-window">
<li *ngIf="systemWhitelist?.items?.length<1"
class="none">{{'CVE_WHITELIST.NONE'|translate}}</li>
<li *ngFor="let item of systemWhitelist?.items;let i = index;">{{item.cve_id}}
<clr-icon (click)="deleteItem(i)" class="float-lg-right margin-top-4"
shape="times-circle"></clr-icon>
</li>
</ul>
</div>
<div class="clr-col padding-top-8">
<div class="form-group padding-left-80">
<label for="expires">{{'CVE_WHITELIST.EXPIRES_AT'|translate}}</label>
<div class="underline">
<input #dateInput placeholder="{{'CVE_WHITELIST.NEVER_EXPIRES'|translate}}" readonly
type="date" [(clrDate)]="expiresDate" newFormLayout="true">
</div>
</div>
<div class="form-group padding-left-80">
<clr-checkbox-wrapper>
<input [checked]="neverExpires" [(ngModel)]="neverExpires" type="checkbox" clrCheckbox
name="neverExpires" id="neverExpires"/>
<label>
{{'CVE_WHITELIST.NEVER_EXPIRES'|translate}}
</label>
</clr-checkbox-wrapper>
</div>
</div>
</div>
</div>
</div>
</section>
</form>
<div>
<button type="button" id="config_system_save" class="btn btn-primary" (click)="save()" [disabled]="!isValid() || !hasChanges()">{{'BUTTON.SAVE'
<button type="button" id="config_system_save" class="btn btn-primary" (click)="save()"
[disabled]="(!isValid() || !hasChanges()) && (!hasWhitelistChanged) || inProgress">{{'BUTTON.SAVE'
| translate}}</button>
<button type="button" class="btn btn-outline" (click)="cancel()" [disabled]="!isValid() || !hasChanges()">{{'BUTTON.CANCEL'
<button type="button" class="btn btn-outline" (click)="cancel()"
[disabled]="(!isValid() || !hasChanges()) && (!hasWhitelistChanged) || inProgress">{{'BUTTON.CANCEL'
| translate}}</button>
</div>
<confirmation-dialog #cfgConfirmationDialog (confirmAction)="confirmCancel($event)"></confirmation-dialog>

View File

@ -10,3 +10,66 @@
.read-tooltip {
top: -7px;
}
.title {
font-weight: bold;
}
.margin-top-4 {
margin-top: 4px;
}
.whitelist-window {
border: 1px solid #ccc;
border-radius: 3px;
padding: 12px;
height: 224px;
width: 222px;
color: #0079bb;
overflow-y: auto;
white-space: nowrap;
li {
height: 24px;
list-style-type: none;
}
}
.width-70per {
width: 70%;
}
.none {
color: #ccc;
}
.underline {
border-bottom: 1px solid;
}
.color-0079bb {
color: #0079bb;
}
.padding-top-8 {
padding-top: 8px;
}
.padding-left-80 {
padding-left: 80px;
}
.add-modal {
position: absolute;
padding: 0 8px;
background-color: rgb(238, 238, 238);
input {
width: 100%;
border: 1px solid;
}
button {
float: right;
}
}

View File

@ -1,20 +1,34 @@
import { Component, Input, OnInit, Output, EventEmitter, ViewChild, Inject, OnChanges, SimpleChanges } from '@angular/core';
import { NgForm } from '@angular/forms';
import { Configuration, StringValueItem } from '../config';
import { SERVICE_CONFIG, IServiceConfig } from '../../service.config';
import { clone, isEmpty, getChanges } from '../../utils';
import { ErrorHandler } from '../../error-handler/index';
import { ConfirmationMessage } from '../../confirmation-dialog/confirmation-message';
import { ConfirmationDialogComponent } from '../../confirmation-dialog/confirmation-dialog.component';
import { ConfirmationState, ConfirmationTargets } from '../../shared/shared.const';
import { ConfirmationAcknowledgement } from '../../confirmation-dialog/confirmation-state-message';
import {
ConfigurationService
Component,
Input,
OnInit,
Output,
EventEmitter,
ViewChild,
Inject,
OnChanges,
SimpleChanges,
ElementRef
} from '@angular/core';
import {NgForm} from '@angular/forms';
import {Configuration, StringValueItem} from '../config';
import {SERVICE_CONFIG, IServiceConfig} from '../../service.config';
import {clone, isEmpty, getChanges, compareValue} from '../../utils';
import {ErrorHandler} from '../../error-handler/index';
import {ConfirmationMessage} from '../../confirmation-dialog/confirmation-message';
import {ConfirmationDialogComponent} from '../../confirmation-dialog/confirmation-dialog.component';
import {ConfirmationState, ConfirmationTargets} from '../../shared/shared.const';
import {ConfirmationAcknowledgement} from '../../confirmation-dialog/confirmation-state-message';
import {
ConfigurationService, SystemCVEWhitelist, SystemInfo, SystemInfoService, VulnerabilityItem
} from '../../service/index';
import { from } from 'rxjs';
import {forkJoin} from "rxjs";
const fakePass = 'aWpLOSYkIzJTTU4wMDkx';
const ONE_HOUR_MINUTES: number = 60;
const ONE_DAY_MINUTES: number = 24 * ONE_HOUR_MINUTES;
const ONE_THOUSAND: number = 1000;
@Component({
selector: 'system-settings',
templateUrl: './system-settings.component.html',
@ -26,6 +40,11 @@ export class SystemSettingsComponent implements OnChanges, OnInit {
private originalConfig: Configuration;
downloadLink: string;
robotTokenExpiration: string;
systemWhitelist: SystemCVEWhitelist;
systemWhitelistOrigin: SystemCVEWhitelist;
cveIds: string;
showAddModal: boolean = false;
systemInfo: SystemInfo;
@Output() configChange: EventEmitter<Configuration> = new EventEmitter<Configuration>();
@Output() readOnlyChange: EventEmitter<boolean> = new EventEmitter<boolean>();
@Output() reloadSystemConfig: EventEmitter<any> = new EventEmitter<any>();
@ -34,6 +53,7 @@ export class SystemSettingsComponent implements OnChanges, OnInit {
get systemSettings(): Configuration {
return this.config;
}
set systemSettings(cfg: Configuration) {
this.config = cfg;
this.configChange.emit(this.config);
@ -46,6 +66,7 @@ export class SystemSettingsComponent implements OnChanges, OnInit {
@ViewChild("systemConfigFrom") systemSettingsForm: NgForm;
@ViewChild("cfgConfirmationDialog") confirmationDlg: ConfirmationDialogComponent;
@ViewChild('dateInput') dateInput: ElementRef;
get editable(): boolean {
return this.systemSettings &&
@ -112,11 +133,18 @@ export class SystemSettingsComponent implements OnChanges, OnInit {
*/
public save(): void {
let changes = this.getChanges();
if (!isEmpty(changes)) {
if (!isEmpty(changes) || !compareValue(this.systemWhitelistOrigin, this.systemWhitelist)) {
this.onGoing = true;
this.configService.saveConfigurations(changes)
.subscribe(response => {
let observables = [];
if (!isEmpty(changes)) {
observables.push(this.configService.saveConfigurations(changes));
}
if (!compareValue(this.systemWhitelistOrigin, this.systemWhitelist)) {
observables.push(this.systemInfoService.updateSystemWhitelist(this.systemWhitelist));
}
forkJoin(observables).subscribe(result => {
this.onGoing = false;
if (!isEmpty(changes)) {
// API should return the updated configurations here
// Unfortunately API does not do that
// To refresh the view, we can clone the original data copy
@ -128,9 +156,12 @@ export class SystemSettingsComponent implements OnChanges, OnInit {
}
this.reloadSystemConfig.emit();
this.errorHandler.info('CONFIG.SAVE_SUCCESS');
}
, error => {
if (!compareValue(this.systemWhitelistOrigin, this.systemWhitelist)) {
this.systemWhitelistOrigin = clone(this.systemWhitelist);
}
this.errorHandler.info('CONFIG.SAVE_SUCCESS');
}, error => {
this.onGoing = false;
this.errorHandler.error(error);
});
@ -175,6 +206,9 @@ export class SystemSettingsComponent implements OnChanges, OnInit {
let changes = this.getChanges();
this.reset(changes);
this.initRobotToken();
if (!compareValue(this.systemWhitelistOrigin, this.systemWhitelist)) {
this.systemWhitelist = clone(this.systemWhitelistOrigin);
}
}
}
@ -191,7 +225,7 @@ export class SystemSettingsComponent implements OnChanges, OnInit {
*/
public cancel(): void {
let changes = this.getChanges();
if (!isEmpty(changes)) {
if (!isEmpty(changes) || !compareValue(this.systemWhitelistOrigin, this.systemWhitelist)) {
let msg = new ConfirmationMessage(
'CONFIG.CONFIRM_TITLE',
'CONFIG.CONFIRM_SUMMARY',
@ -208,22 +242,58 @@ export class SystemSettingsComponent implements OnChanges, OnInit {
constructor(@Inject(SERVICE_CONFIG) private configInfo: IServiceConfig,
private configService: ConfigurationService,
private errorHandler: ErrorHandler) {
private errorHandler: ErrorHandler,
private systemInfoService: SystemInfoService) {
if (this.configInfo && this.configInfo.systemInfoEndpoint) {
this.downloadLink = this.configInfo.systemInfoEndpoint + "/getcert";
}
}
ngOnInit() {
this.initRobotToken();
this.getSystemWhitelist();
this.getSystemInfo();
}
private initRobotToken (): void {
getSystemInfo() {
this.systemInfoService.getSystemInfo()
.subscribe(systemInfo => this.systemInfo = systemInfo
, error => this.errorHandler.error(error));
}
get withClair(): boolean {
return this.systemInfo ? this.systemInfo.with_clair : false;
}
getSystemWhitelist() {
this.onGoing = true;
this.systemInfoService.getSystemWhitelist()
.subscribe((systemWhitelist) => {
this.onGoing = false;
if (!systemWhitelist.items) {
systemWhitelist.items = [];
}
if (!systemWhitelist.expires_at) {
systemWhitelist.expires_at = null;
}
this.systemWhitelist = systemWhitelist;
this.systemWhitelistOrigin = clone(systemWhitelist);
}, error => {
this.onGoing = false;
console.error('An error occurred during getting systemWhitelist');
// this.errorHandler.error(error);
}
);
}
private initRobotToken(): void {
if (this.config &&
this.config.robot_token_duration ) {
this.config.robot_token_duration) {
let robotExpiration = this.config.robot_token_duration.value;
this.robotTokenExpiration = Math.floor(robotExpiration / ONE_DAY_MINUTES) + '';
}
}
changeToken(v: string) {
if (!v || v === "") {
return;
@ -235,5 +305,79 @@ export class SystemSettingsComponent implements OnChanges, OnInit {
this.config.robot_token_duration.value = +v * ONE_DAY_MINUTES;
}
deleteItem(index: number) {
this.systemWhitelist.items.splice(index, 1);
}
addToSystemWhitelist() {
// remove duplication and add to systemWhitelist
let map = {};
this.systemWhitelist.items.forEach(item => {
map[item.cve_id] = true;
});
this.cveIds.split(/[\n,]+/).forEach(id => {
let cveObj: any = {};
cveObj.cve_id = id.trim();
if (!map[cveObj.cve_id]) {
map[cveObj.cve_id] = true;
this.systemWhitelist.items.push(cveObj);
}
});
// clear modal and close modal
this.cveIds = null;
this.showAddModal = false;
}
get hasWhitelistChanged(): boolean {
return !compareValue(this.systemWhitelistOrigin, this.systemWhitelist);
}
isDisabled(): boolean {
if (this.cveIds) {
let arr = this.cveIds.split(/[\n,]+/);
let flag = false;
for (let i = 0; i < arr.length; i++) {
let id = arr[i].trim();
if (!/^CVE-[\d]+-[\d]+$/.test(id)) {
flag = true;
break;
}
}
return flag;
}
return true;
}
get expiresDate() {
if (this.systemWhitelist && this.systemWhitelist.expires_at) {
return new Date(this.systemWhitelist.expires_at * ONE_THOUSAND);
}
return null;
}
set expiresDate(date) {
if (this.systemWhitelist && date) {
this.systemWhitelist.expires_at = Math.floor(date.getTime() / ONE_THOUSAND);
}
}
get neverExpires(): boolean {
return !(this.systemWhitelist && this.systemWhitelist.expires_at);
}
set neverExpires(flag) {
if (flag) {
this.systemWhitelist.expires_at = null;
this.systemInfoService.resetDateInput(this.dateInput);
} else {
this.systemWhitelist.expires_at = Math.floor(new Date().getTime() / ONE_THOUSAND);
}
}
get hasExpired(): boolean {
if (this.systemWhitelistOrigin && this.systemWhitelistOrigin.expires_at) {
return new Date().getTime() > this.systemWhitelistOrigin.expires_at * ONE_THOUSAND;
}
return false;
}
}

View File

@ -4,8 +4,9 @@
<label for="projectPolicyForm">{{ 'PROJECT_CONFIG.REGISTRY' | translate }}</label>
<div class="form-content" id="clr-wrapper-public">
<clr-checkbox-wrapper>
<input type="checkbox" id="clr-checkbox-wrapper-public" clrCheckbox [(ngModel)]="projectPolicy.Public" name="public"
[disabled]="!hasChangeConfigRole" />
<input type="checkbox" id="clr-checkbox-wrapper-public" clrCheckbox
[(ngModel)]="projectPolicy.Public" name="public"
[disabled]="!hasChangeConfigRole"/>
<label for="clr-checkbox-wrapper-public">{{ 'PROJECT_CONFIG.PUBLIC_TOGGLE' | translate }}</label>
</clr-checkbox-wrapper>
@ -19,16 +20,19 @@
<div class="form-content">
<div *ngIf="withNotary">
<clr-checkbox-wrapper>
<input type="checkbox" clrCheckbox [(ngModel)]="projectPolicy.ContentTrust" name="content-trust" [disabled]="!hasChangeConfigRole" />
<input type="checkbox" clrCheckbox [(ngModel)]="projectPolicy.ContentTrust" name="content-trust"
[disabled]="!hasChangeConfigRole"/>
<label>{{ 'PROJECT_CONFIG.CONTENT_TRUST_TOGGLE' | translate }}</label>
</clr-checkbox-wrapper>
<div class="chk-explain"><label> {{ 'PROJECT_CONFIG.CONTENT_TRUST_POLCIY' | translate }} </label></div>
<div class="chk-explain"><label> {{ 'PROJECT_CONFIG.CONTENT_TRUST_POLCIY' | translate }} </label>
</div>
</div>
<div *ngIf="withClair" id="prevent-vulenrability-image">
<clr-checkbox-wrapper>
<input type="checkbox" clrCheckbox [(ngModel)]="projectPolicy.PreventVulImg" name="prevent-vulenrability-image-input"
[disabled]="!hasChangeConfigRole" />
<input type="checkbox" clrCheckbox [(ngModel)]="projectPolicy.PreventVulImg"
name="prevent-vulenrability-image-input"
[disabled]="!hasChangeConfigRole"/>
<label>{{ 'PROJECT_CONFIG.PREVENT_VULNERABLE_TOGGLE' | translate }}</label>
</clr-checkbox-wrapper>
@ -37,8 +41,11 @@
<div id="severity-blk">
<div>{{ 'PROJECT_CONFIG.PREVENT_VULNERABLE_1' | translate }}</div>
<div class="select">
<select id="severity" name="severity" [(ngModel)]="projectPolicy.PreventVulImgSeverity" [disabled]="!projectPolicy.PreventVulImg">
<option *ngFor='let s of severityOptions' [ngValue]="s.severity">{{ s.severityLevel | translate }}</option>
<select id="severity" name="severity"
[(ngModel)]="projectPolicy.PreventVulImgSeverity"
[disabled]="!projectPolicy.PreventVulImg">
<option *ngFor='let s of severityOptions'
[ngValue]="s.severity">{{ s.severityLevel | translate }}</option>
</select>
</div>
<div> {{ 'PROJECT_CONFIG.PREVENT_VULNERABLE_2' | translate }} </div>
@ -52,16 +59,115 @@
<label for="projectPolicyForm">{{ 'PROJECT_CONFIG.SCAN' | translate }}</label>
<div class="form-content">
<clr-checkbox-wrapper id="scan-image-on-push-wrapper">
<input type="checkbox" clrCheckbox [(ngModel)]="projectPolicy.ScanImgOnPush" [disabled]="!hasChangeConfigRole"
name="scan-image-on-push" />
<input type="checkbox" clrCheckbox [(ngModel)]="projectPolicy.ScanImgOnPush"
[disabled]="!hasChangeConfigRole"
name="scan-image-on-push"/>
<label>{{ 'PROJECT_CONFIG.AUTOSCAN_TOGGLE' | translate }}</label>
</clr-checkbox-wrapper>
<div class="chk-explain"><label> {{ 'PROJECT_CONFIG.AUTOSCAN_POLICY' | translate }}</label></div>
</div>
</div>
<button type="button" class="btn btn-primary" (click)="save()" [disabled]="!isValid() || !hasChanges() || !hasChangeConfigRole">{{'BUTTON.SAVE'
<div class="form-group" *ngIf="withClair">
<label for="systemWhitelist">{{'CVE_WHITELIST.CVE_WHITELIST'|translate}}</label>
<div class="form-content w-100">
<div>
<div>
<span>{{'CVE_WHITELIST.PRO_WHITELIST_EXPLAIN'|translate}}</span>
</div>
<div>
<span>{{'CVE_WHITELIST.PRO_OR_SYS'|translate}}</span>
</div>
<div>
<span>{{'CVE_WHITELIST.MERGE_INTO'|translate}}</span>
</div>
<div *ngIf="hasExpired">
<span *ngIf="isUseSystemWhitelist()"
class="label label-warning">{{'CVE_WHITELIST.WARNING_SYS'|translate}}</span>
<span *ngIf="!isUseSystemWhitelist()"
class="label label-warning">{{'CVE_WHITELIST.WARNING_PRO'|translate}}</span>
</div>
</div>
<clr-radio-container clrInline>
<clr-radio-wrapper>
<input type="radio" clrRadio name="systemWhitelistOrProjectWhitelist" required value="true"
[(ngModel)]="systemWhitelistOrProjectWhitelist"/>
<label>{{'CVE_WHITELIST.SYS_WHITELIST'|translate}}</label>
</clr-radio-wrapper>
<clr-radio-wrapper>
<input type="radio" clrRadio name="systemWhitelistOrProjectWhitelist" required value="false"
[(ngModel)]="systemWhitelistOrProjectWhitelist"/>
<label>{{'CVE_WHITELIST.PRO_WHITELIST'|translate}}</label>
</clr-radio-wrapper>
</clr-radio-container>
<div class="clr-row width-70per">
<div class="clr-col position-relative">
<div>
<button [disabled]="isUseSystemWhitelist()"
(click)="showAddModal=!showAddModal"
class="btn btn-link">{{'CVE_WHITELIST.ADD'|translate}}</button>
<button [disabled]="isUseSystemWhitelist()" (click)="addSystem()"
class="btn btn-link ml-1">{{'CVE_WHITELIST.ADD_SYSTEM'|translate}}</button>
</div>
<div class="add-modal" *ngIf="showAddModal && !isUseSystemWhitelist()">
<div>
<clr-textarea-container>
<label>{{'CVE_WHITELIST.ENTER'|translate}}</label>
<textarea class="w-100" clrTextarea [(ngModel)]="cveIds" name="cveIds"></textarea>
<clr-control-helper>{{'CVE_WHITELIST.HELP'|translate}}</clr-control-helper>
</clr-textarea-container>
</div>
<div>
<button [disabled]="isDisabled()" (click)="addToProjectWhitelist()"
class="btn btn-link">{{'CVE_WHITELIST.ADD'|translate}}</button>
</div>
</div>
<ul class="whitelist-window" *ngIf="isUseSystemWhitelist()">
<li *ngIf="systemWhitelist?.items?.length<1"
class="none">{{'CVE_WHITELIST.NONE'|translate}}</li>
<li *ngFor="let item of systemWhitelist?.items">{{item.cve_id}}</li>
</ul>
<ul class="whitelist-window" *ngIf="!isUseSystemWhitelist()">
<li class="none"
*ngIf="projectWhitelist?.items?.length<1">{{'CVE_WHITELIST.NONE'|translate}}</li>
<li *ngFor="let item of projectWhitelist?.items;let i = index;">{{item.cve_id}}
<clr-icon (click)="deleteItem(i)" class="float-lg-right margin-top-4"
shape="times-circle"></clr-icon>
</li>
</ul>
</div>
<div class="clr-col padding-top-8">
<div class="form-group padding-left-80">
<label for="expires">{{'CVE_WHITELIST.EXPIRES_AT'|translate}}</label>
<div class="underline">
<input #dateSystemInput readonly type="date" [(clrDate)]="systemExpiresDate">
<input *ngIf="!isUseSystemWhitelist()" #dateInput
placeholder="{{'CVE_WHITELIST.NEVER_EXPIRES'|translate}}" readonly type="date"
[(clrDate)]="expiresDate" newFormLayout="true">
<input *ngIf="isUseSystemWhitelist()"
placeholder="{{'CVE_WHITELIST.NEVER_EXPIRES'|translate}}" readonly type="text"
value="{{systemExpiresDateString}}">
</div>
</div>
<div class="form-group padding-left-80">
<clr-checkbox-wrapper>
<input [disabled]="isUseSystemWhitelist()" [checked]="neverExpires"
[(ngModel)]="neverExpires" type="checkbox" clrCheckbox name="neverExpires"
id="neverExpires"/>
<label>
{{'CVE_WHITELIST.NEVER_EXPIRES'|translate}}
</label>
</clr-checkbox-wrapper>
</div>
</div>
</div>
</div>
</div>
<button type="button" class="btn btn-primary" (click)="save()"
[disabled]="(!isValid() || !hasChanges() || !hasChangeConfigRole) && !hasWhitelistChanged">{{'BUTTON.SAVE'
| translate}}</button>
<button type="button" class="btn btn-outline" (click)="cancel()" [disabled]="!isValid() || !hasChanges() || !hasChangeConfigRole">{{'BUTTON.CANCEL'
<button type="button" class="btn btn-outline" (click)="cancel()"
[disabled]="(!isValid() || !hasChanges() || !hasChangeConfigRole) && !hasWhitelistChanged">{{'BUTTON.CANCEL'
| translate}}</button>
<confirmation-dialog #cfgConfirmationDialog (confirmAction)="confirmCancel($event)"></confirmation-dialog>
</section>

View File

@ -1,8 +1,63 @@
#severity-blk div
{
#severity-blk div {
display: inline-block;
}
.select {
width: 120px;
}
.whitelist-window {
border: 1px solid #ccc;
border-radius: 3px;
padding: 12px;
height: 224px;
width: 222px;
color: #0079bb;
overflow-y: auto;
white-space: nowrap;
li {
height: 24px;
list-style-type: none;
}
}
.width-70per {
width: 70%;
}
.none {
color: #ccc;
}
.underline {
border-bottom: 1px solid;
}
.color-0079bb {
color: #0079bb;
}
.padding-top-8 {
padding-top: 8px;
}
.padding-left-80 {
padding-left: 80px;
}
.add-modal {
position: absolute;
padding: 0 8px;
background-color: rgb(238, 238, 238);
input {
width: 100%;
border: 1px solid;
}
button {
float: right;
}
}

View File

@ -1,20 +1,24 @@
import { Component, Input, OnInit, ViewChild } from '@angular/core';
import {Component, ElementRef, Input, OnInit, ViewChild} from '@angular/core';
import { compareValue, clone } from '../utils';
import { ProjectService } from '../service/project.service';
import { ErrorHandler } from '../error-handler/error-handler';
import { State } from '../service/interface';
import {compareValue, clone} from '../utils';
import {ProjectService} from '../service/project.service';
import {ErrorHandler} from '../error-handler/error-handler';
import {State, SystemCVEWhitelist} from '../service/interface';
import { ConfirmationState, ConfirmationTargets } from '../shared/shared.const';
import { ConfirmationMessage } from '../confirmation-dialog/confirmation-message';
import { ConfirmationDialogComponent } from '../confirmation-dialog/confirmation-dialog.component';
import { ConfirmationAcknowledgement } from '../confirmation-dialog/confirmation-state-message';
import { TranslateService } from '@ngx-translate/core';
import {ConfirmationState, ConfirmationTargets} from '../shared/shared.const';
import {ConfirmationMessage} from '../confirmation-dialog/confirmation-message';
import {ConfirmationDialogComponent} from '../confirmation-dialog/confirmation-dialog.component';
import {ConfirmationAcknowledgement} from '../confirmation-dialog/confirmation-state-message';
import {TranslateService} from '@ngx-translate/core';
import { Project } from './project';
import {Project} from './project';
import {SystemInfo, SystemInfoService} from '../service/index';
import { UserPermissionService } from '../service/permission.service';
import { USERSTATICPERMISSION } from '../service/permission-static';
import {UserPermissionService} from '../service/permission.service';
import {USERSTATICPERMISSION} from '../service/permission-static';
const ONE_THOUSAND: number = 1000;
const LOW: string = 'low';
export class ProjectPolicy {
Public: boolean;
@ -27,7 +31,7 @@ export class ProjectPolicy {
this.Public = false;
this.ContentTrust = false;
this.PreventVulImg = false;
this.PreventVulImgSeverity = 'low';
this.PreventVulImgSeverity = LOW;
this.ScanImgOnPush = false;
}
@ -35,7 +39,9 @@ export class ProjectPolicy {
this.Public = pro.metadata.public === 'true' ? true : false;
this.ContentTrust = pro.metadata.enable_content_trust === 'true' ? true : false;
this.PreventVulImg = pro.metadata.prevent_vul === 'true' ? true : false;
if (pro.metadata.severity) { this.PreventVulImgSeverity = pro.metadata.severity; }
if (pro.metadata.severity) {
this.PreventVulImgSeverity = pro.metadata.severity;
}
this.ScanImgOnPush = pro.metadata.auto_scan === 'true' ? true : false;
}
}
@ -54,6 +60,8 @@ export class ProjectPolicyConfigComponent implements OnInit {
@Input() hasProjectAdminRole: boolean;
@ViewChild('cfgConfirmationDialog') confirmationDlg: ConfirmationDialogComponent;
@ViewChild('dateInput') dateInput: ElementRef;
@ViewChild('dateSystemInput') dateSystemInput: ElementRef;
systemInfo: SystemInfo;
orgProjectPolicy = new ProjectPolicy();
@ -65,14 +73,26 @@ export class ProjectPolicyConfigComponent implements OnInit {
{severity: 'low', severityLevel: 'VULNERABILITY.SEVERITY.LOW'},
{severity: 'negligible', severityLevel: 'VULNERABILITY.SEVERITY.NEGLIGIBLE'},
];
userSystemWhitelist: boolean = true;
showAddModal: boolean = false;
systemWhitelist: SystemCVEWhitelist;
cveIds: string;
systemExpiresDate: Date;
systemExpiresDateString: string;
userProjectWhitelist = false;
systemWhitelistOrProjectWhitelist: string;
systemWhitelistOrProjectWhitelistOrigin: string;
projectWhitelist;
projectWhitelistOrigin;
constructor(
private errorHandler: ErrorHandler,
private translate: TranslateService,
private projectService: ProjectService,
private systemInfoService: SystemInfoService,
private userPermission: UserPermissionService
) {}
private userPermission: UserPermissionService,
) {
}
ngOnInit(): void {
// assert if project id exist
@ -80,22 +100,46 @@ export class ProjectPolicyConfigComponent implements OnInit {
this.errorHandler.error('Project ID cannot be unset.');
return;
}
// get system info
this.systemInfoService.getSystemInfo()
.subscribe(systemInfo => this.systemInfo = systemInfo
, error => this.errorHandler.error(error));
.subscribe(systemInfo => {
this.systemInfo = systemInfo;
setTimeout(() => {
this.dateSystemInput.nativeElement.parentNode.setAttribute("hidden", "hidden");
}, 100);
} , error => this.errorHandler.error(error));
// retrive project level policy data
this.retrieve();
this.getPermission();
this.getSystemWhitelist();
}
getSystemWhitelist() {
this.systemInfoService.getSystemWhitelist()
.subscribe((systemWhitelist) => {
if (systemWhitelist) {
this.systemWhitelist = systemWhitelist;
if (this.systemWhitelist.expires_at) {
this.systemExpiresDate = new Date(this.systemWhitelist.expires_at * ONE_THOUSAND);
setTimeout( () => {
this.systemExpiresDateString = this.dateSystemInput.nativeElement.value;
}, 100);
}
}
}, error => {
this.errorHandler.error(error);
}
);
}
private getPermission(): void {
this.userPermission.getPermission(this.projectId,
USERSTATICPERMISSION.CONFIGURATION.KEY, USERSTATICPERMISSION.CONFIGURATION.VALUE.UPDATE).subscribe(permissins => {
this.hasChangeConfigRole = permissins as boolean;
});
}
public get withNotary(): boolean {
return this.systemInfo ? this.systemInfo.with_notary : false;
}
@ -110,11 +154,26 @@ export class ProjectPolicyConfigComponent implements OnInit {
response => {
this.orgProjectPolicy.initByProject(response);
this.projectPolicy.initByProject(response);
}, error => this.errorHandler.error(error));
// get projectWhitelist
if (!response.cve_whitelist) {
response.cve_whitelist = {
items: [],
expires_at: null
};
}
updateProjectPolicy(projectId: string|number, pp: ProjectPolicy) {
this.projectService.updateProjectPolicy(projectId, pp);
if (!response.cve_whitelist['items']) {
response.cve_whitelist['items'] = [];
}
if (!response.cve_whitelist['expires_at']) {
response.cve_whitelist['expires_at'] = null;
}
if (response && response.cve_whitelist) {
this.projectWhitelist = clone(response.cve_whitelist);
this.projectWhitelistOrigin = clone(response.cve_whitelist);
this.systemWhitelistOrProjectWhitelist = response.metadata.reuse_sys_cve_whitelist;
this.systemWhitelistOrProjectWhitelistOrigin = response.metadata.reuse_sys_cve_whitelist;
}
}, error => this.errorHandler.error(error));
}
refresh() {
@ -134,14 +193,17 @@ export class ProjectPolicyConfigComponent implements OnInit {
}
save() {
if (!this.hasChanges()) {
if (!this.hasChanges() && !this.hasWhitelistChanged) {
return;
}
this.onGoing = true;
this.projectService.updateProjectPolicy(this.projectId, this.projectPolicy)
this.projectService.updateProjectPolicy(
this.projectId,
this.projectPolicy,
this.systemWhitelistOrProjectWhitelist,
this.projectWhitelist)
.subscribe(() => {
this.onGoing = false;
this.translate.get('CONFIG.SAVE_SUCCESS').subscribe((res: string) => {
this.errorHandler.info(res);
});
@ -171,6 +233,138 @@ export class ProjectPolicyConfigComponent implements OnInit {
if (ack && ack.source === ConfirmationTargets.CONFIG &&
ack.state === ConfirmationState.CONFIRMED) {
this.reset();
if (this.hasWhitelistChanged) {
this.projectWhitelist = clone(this.projectWhitelistOrigin);
this.systemWhitelistOrProjectWhitelist = this.systemWhitelistOrProjectWhitelistOrigin;
}
}
}
isUseSystemWhitelist(): boolean {
return this.systemWhitelistOrProjectWhitelist === 'true';
}
deleteItem(index: number) {
this.projectWhitelist.items.splice(index, 1);
}
addSystem() {
this.showAddModal = false;
if (!(this.systemWhitelist && this.systemWhitelist.items && this.systemWhitelist.items.length > 0)) {
return;
}
if (this.projectWhitelist && !this.projectWhitelist.items) {
this.projectWhitelist.items = [];
}
// remove duplication and add to projectWhitelist
let map = {};
this.projectWhitelist.items.forEach(item => {
map[item.cve_id] = true;
});
this.systemWhitelist.items.forEach(item => {
if (!map[item.cve_id]) {
map[item.cve_id] = true;
this.projectWhitelist.items.push(item);
}
});
}
addToProjectWhitelist() {
if (this.projectWhitelist && !this.projectWhitelist.items) {
this.projectWhitelist.items = [];
}
// remove duplication and add to projectWhitelist
let map = {};
this.projectWhitelist.items.forEach(item => {
map[item.cve_id] = true;
});
this.cveIds.split(/[\n,]+/).forEach(id => {
let cveObj: any = {};
cveObj.cve_id = id.trim();
if (!map[cveObj.cve_id]) {
map[cveObj.cve_id] = true;
this.projectWhitelist.items.push(cveObj);
}
});
// clear modal and close modal
this.cveIds = null;
this.showAddModal = false;
}
get hasWhitelistChanged(): boolean {
return !(compareValue(this.projectWhitelist, this.projectWhitelistOrigin)
&& this.systemWhitelistOrProjectWhitelistOrigin === this.systemWhitelistOrProjectWhitelist);
}
isDisabled(): boolean {
if (this.cveIds) {
let arr = this.cveIds.split(/[\n,]+/);
let flag = false;
for (let i = 0; i < arr.length; i++) {
let id = arr[i].trim();
if (!/^CVE-[\d]+-[\d]+$/.test(id)) {
flag = true;
break;
}
}
return flag;
}
return true;
}
get expiresDate() {
if (this.systemWhitelistOrProjectWhitelist === 'true') {
if (this.systemWhitelist && this.systemWhitelist.expires_at) {
return new Date(this.systemWhitelist.expires_at * ONE_THOUSAND);
}
} else {
if (this.projectWhitelist && this.projectWhitelist.expires_at) {
return new Date(this.projectWhitelist.expires_at * ONE_THOUSAND);
}
}
return null;
}
set expiresDate(date) {
if (this.systemWhitelistOrProjectWhitelist === 'false') {
if (this.projectWhitelist && date) {
this.projectWhitelist.expires_at = Math.floor(date.getTime() / ONE_THOUSAND);
}
}
}
get neverExpires(): boolean {
if (this.systemWhitelistOrProjectWhitelist === 'true') {
if (this.systemWhitelist && this.systemWhitelist.expires_at) {
return !(this.systemWhitelist && this.systemWhitelist.expires_at);
}
} else {
if (this.projectWhitelist && this.projectWhitelist.expires_at) {
return !(this.projectWhitelist && this.projectWhitelist.expires_at);
}
}
return true;
}
set neverExpires(flag) {
if (flag) {
this.projectWhitelist.expires_at = null;
this.systemInfoService.resetDateInput(this.dateInput);
} else {
this.projectWhitelist.expires_at = Math.floor(new Date().getTime() / ONE_THOUSAND);
}
}
get hasExpired(): boolean {
if (this.systemWhitelistOrProjectWhitelist === 'true') {
if (this.systemWhitelist && this.systemWhitelist.expires_at) {
return new Date().getTime() > this.systemWhitelist.expires_at * ONE_THOUSAND;
}
} else {
if (this.projectWhitelistOrigin && this.projectWhitelistOrigin.expires_at) {
return new Date().getTime() > this.projectWhitelistOrigin.expires_at * ONE_THOUSAND;
}
}
return false;
}
}

View File

@ -18,7 +18,9 @@ export class Project {
prevent_vul: string | boolean;
severity: string;
auto_scan: string | boolean;
reuse_sys_cve_whitelist?: string;
};
cve_whitelist?: object;
constructor () {
this.metadata.public = false;
this.metadata.enable_content_trust = false;

View File

@ -434,8 +434,15 @@ export interface HttpOptionTextInterface {
withCredentials?: boolean;
}
export interface ProjectRootInterface {
NAME: string;
VALUE: number;
LABEL: string;
}
export interface SystemCVEWhitelist {
id: number;
project_id: number;
expires_at: number;
items: Array<{ "cve_id": string; }>;
}

View File

@ -1,8 +1,8 @@
import {throwError as observableThrowError, Observable } from "rxjs";
import { Injectable, Inject } from "@angular/core";
import {Injectable, Inject} from "@angular/core";
import { HttpClient, HttpParams, HttpResponse } from "@angular/common/http";
import { map , catchError } from "rxjs/operators";
import { catchError } from "rxjs/operators";
import { SERVICE_CONFIG, IServiceConfig } from "../service.config";
import { Project } from "../project-policy-config/project";
@ -12,7 +12,6 @@ import {
HTTP_GET_OPTIONS,
buildHttpRequestOptionsWithObserveResponse
} from "../utils";
import { RequestQueryParams } from "./RequestQueryParams";
/**
* Define the service methods to handle the Project related things.
@ -47,7 +46,9 @@ export abstract class ProjectService {
*/
abstract updateProjectPolicy(
projectId: number | string,
projectPolicy: ProjectPolicy
projectPolicy: ProjectPolicy,
reuseSysCVEVWhitelist: string,
projectWhitelist: object
): Observable<any>;
/**
@ -107,7 +108,9 @@ export class ProjectDefaultService extends ProjectService {
public updateProjectPolicy(
projectId: number | string,
projectPolicy: ProjectPolicy
projectPolicy: ProjectPolicy,
reuseSysCVEVWhitelist: string,
projectWhitelist: object
): any {
let baseUrl: string = this.config.projectBaseEndpoint
? this.config.projectBaseEndpoint
@ -121,8 +124,10 @@ export class ProjectDefaultService extends ProjectService {
enable_content_trust: projectPolicy.ContentTrust ? "true" : "false",
prevent_vul: projectPolicy.PreventVulImg ? "true" : "false",
severity: projectPolicy.PreventVulImgSeverity,
auto_scan: projectPolicy.ScanImgOnPush ? "true" : "false"
}
auto_scan: projectPolicy.ScanImgOnPush ? "true" : "false",
reuse_sys_cve_whitelist: reuseSysCVEVWhitelist
},
cve_whitelist: projectWhitelist
},
HTTP_JSON_OPTIONS
)

View File

@ -1,10 +1,10 @@
import { Inject, Injectable } from '@angular/core';
import {ElementRef, Inject, Injectable} from '@angular/core';
import { HttpClient } from '@angular/common/http';
import { map, catchError } from "rxjs/operators";
import { Observable, throwError as observableThrowError } from "rxjs";
import { SystemInfo } from './interface';
import {SystemCVEWhitelist, SystemInfo} from './interface';
import { SERVICE_CONFIG, IServiceConfig } from '../service.config';
import { HTTP_GET_OPTIONS } from "../utils";
import {HTTP_GET_OPTIONS, HTTP_JSON_OPTIONS} from "../utils";
/**
* Get System information about current backend server.
@ -18,6 +18,20 @@ export abstract class SystemInfoService {
* returns
*/
abstract getSystemInfo(): Observable<SystemInfo>;
/**
* get system CEVWhitelist
*/
abstract getSystemWhitelist(): Observable<SystemCVEWhitelist>;
/**
* update systemCVEWhitelist
* @param systemCVEWhitelist
*/
abstract updateSystemWhitelist(systemCVEWhitelist: SystemCVEWhitelist): Observable<any>;
/**
* set null to the date type input
* @param ref
*/
abstract resetDateInput(ref: ElementRef);
}
@Injectable()
@ -33,5 +47,20 @@ export class SystemInfoDefaultService extends SystemInfoService {
.pipe(map(systemInfo => systemInfo as SystemInfo)
, catchError(error => observableThrowError(error)));
}
public getSystemWhitelist(): Observable<SystemCVEWhitelist> {
return this.http.get("/api/system/CVEWhitelist", HTTP_GET_OPTIONS)
.pipe(map(systemCVEWhitelist => systemCVEWhitelist as SystemCVEWhitelist)
, catchError(error => observableThrowError(error)));
}
public updateSystemWhitelist(systemCVEWhitelist: SystemCVEWhitelist): Observable<any> {
return this.http.put("/api/system/CVEWhitelist", JSON.stringify(systemCVEWhitelist), HTTP_JSON_OPTIONS)
.pipe(map(response => response)
, catchError(error => observableThrowError(error)));
}
public resetDateInput(ref: ElementRef) {
if (ref) {
ref.nativeElement.value = null ;
}
}
}

View File

@ -176,13 +176,15 @@
"version": "1.40.0",
"resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.40.0.tgz",
"integrity": "sha512-jYdeOMPy9vnxEqFRRo6ZvTZ8d9oPb+k18PKoYNYUe2stVEBPPwsln/qWzdbmaIvnhZ9v2P+CuecK+fpUfsV2mA==",
"dev": true
"dev": true,
"optional": true
},
"mime-types": {
"version": "2.1.24",
"resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.24.tgz",
"integrity": "sha512-WaFHS3MCl5fapm3oLxU4eYDw77IQM2ACcxQ9RIxfaC3ooc6PFuBMGZZsYpvoXS5D5QTWPieo1jjLdAm3TBP3cQ==",
"dev": true,
"optional": true,
"requires": {
"mime-db": "1.40.0"
}
@ -3146,7 +3148,8 @@
"acorn": {
"version": "6.1.1",
"resolved": "https://registry.npmjs.org/acorn/-/acorn-6.1.1.tgz",
"integrity": "sha512-jPTiwtOxaHNaAPg/dmrJ/beuzLRnXtB0kQPQ8JpotKJgTB6rX6c8mlf315941pyjBSaPg8NHXS9fhP4u17DpGA=="
"integrity": "sha512-jPTiwtOxaHNaAPg/dmrJ/beuzLRnXtB0kQPQ8JpotKJgTB6rX6c8mlf315941pyjBSaPg8NHXS9fhP4u17DpGA==",
"dev": true
},
"acorn-dynamic-import": {
"version": "4.0.0",
@ -6491,7 +6494,8 @@
"version": "2.1.1",
"resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-2.1.1.tgz",
"integrity": "sha1-w7M6te42DYbg5ijwRorn7yfWVN8=",
"dev": true
"dev": true,
"optional": true
},
"aproba": {
"version": "1.2.0",
@ -6515,13 +6519,15 @@
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.0.tgz",
"integrity": "sha1-ibTRmasr7kneFk6gK4nORi1xt2c=",
"dev": true
"dev": true,
"optional": true
},
"brace-expansion": {
"version": "1.1.11",
"resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz",
"integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==",
"dev": true,
"optional": true,
"requires": {
"balanced-match": "^1.0.0",
"concat-map": "0.0.1"
@ -6538,19 +6544,22 @@
"version": "1.1.0",
"resolved": "https://registry.npmjs.org/code-point-at/-/code-point-at-1.1.0.tgz",
"integrity": "sha1-DQcLTQQ6W+ozovGkDi7bPZpMz3c=",
"dev": true
"dev": true,
"optional": true
},
"concat-map": {
"version": "0.0.1",
"resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz",
"integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=",
"dev": true
"dev": true,
"optional": true
},
"console-control-strings": {
"version": "1.1.0",
"resolved": "https://registry.npmjs.org/console-control-strings/-/console-control-strings-1.1.0.tgz",
"integrity": "sha1-PXz0Rk22RG6mRL9LOVB/mFEAjo4=",
"dev": true
"dev": true,
"optional": true
},
"core-util-is": {
"version": "1.0.2",
@ -6681,7 +6690,8 @@
"version": "2.0.3",
"resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.3.tgz",
"integrity": "sha1-Yzwsg+PaQqUC9SRmAiSA9CCCYd4=",
"dev": true
"dev": true,
"optional": true
},
"ini": {
"version": "1.3.5",
@ -6695,6 +6705,7 @@
"resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-1.0.0.tgz",
"integrity": "sha1-754xOG8DGn8NZDr4L95QxFfvAMs=",
"dev": true,
"optional": true,
"requires": {
"number-is-nan": "^1.0.0"
}
@ -6711,6 +6722,7 @@
"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz",
"integrity": "sha512-yJHVQEhyqPLUTgt9B83PXu6W3rx4MvvHvSUvToogpwoGDOUQ+yDrR0HRot+yOCdCO7u4hX3pWft6kWBBcqh0UA==",
"dev": true,
"optional": true,
"requires": {
"brace-expansion": "^1.1.7"
}
@ -6719,13 +6731,15 @@
"version": "0.0.8",
"resolved": "https://registry.npmjs.org/minimist/-/minimist-0.0.8.tgz",
"integrity": "sha1-hX/Kv8M5fSYluCKCYuhqp6ARsF0=",
"dev": true
"dev": true,
"optional": true
},
"minipass": {
"version": "2.2.4",
"resolved": "https://registry.npmjs.org/minipass/-/minipass-2.2.4.tgz",
"integrity": "sha512-hzXIWWet/BzWhYs2b+u7dRHlruXhwdgvlTMDKC6Cb1U7ps6Ac6yQlR39xsbjWJE377YTCtKwIXIpJ5oP+j5y8g==",
"dev": true,
"optional": true,
"requires": {
"safe-buffer": "^5.1.1",
"yallist": "^3.0.0"
@ -6746,6 +6760,7 @@
"resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-0.5.1.tgz",
"integrity": "sha1-MAV0OOrGz3+MR2fzhkjWaX11yQM=",
"dev": true,
"optional": true,
"requires": {
"minimist": "0.0.8"
}
@ -6834,7 +6849,8 @@
"version": "1.0.1",
"resolved": "https://registry.npmjs.org/number-is-nan/-/number-is-nan-1.0.1.tgz",
"integrity": "sha1-CXtgK1NCKlIsGvuHkDGDNpQaAR0=",
"dev": true
"dev": true,
"optional": true
},
"object-assign": {
"version": "4.1.1",
@ -6848,6 +6864,7 @@
"resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz",
"integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=",
"dev": true,
"optional": true,
"requires": {
"wrappy": "1"
}
@ -6943,7 +6960,8 @@
"version": "5.1.1",
"resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.1.tgz",
"integrity": "sha512-kKvNJn6Mm93gAczWVJg7wH+wGYWNrDHdWvpUmHyEsgCtIwwo3bqPtV4tR5tuPaUhTOo/kvhVwd8XwwOllGYkbg==",
"dev": true
"dev": true,
"optional": true
},
"safer-buffer": {
"version": "2.1.2",
@ -6985,6 +7003,7 @@
"resolved": "https://registry.npmjs.org/string-width/-/string-width-1.0.2.tgz",
"integrity": "sha1-EYvfW4zcUaKn5w0hHgfisLmxB9M=",
"dev": true,
"optional": true,
"requires": {
"code-point-at": "^1.0.0",
"is-fullwidth-code-point": "^1.0.0",
@ -7006,6 +7025,7 @@
"resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-3.0.1.tgz",
"integrity": "sha1-ajhfuIU9lS1f8F0Oiq+UJ43GPc8=",
"dev": true,
"optional": true,
"requires": {
"ansi-regex": "^2.0.0"
}
@ -7054,13 +7074,15 @@
"version": "1.0.2",
"resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz",
"integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=",
"dev": true
"dev": true,
"optional": true
},
"yallist": {
"version": "3.0.2",
"resolved": "https://registry.npmjs.org/yallist/-/yallist-3.0.2.tgz",
"integrity": "sha1-hFK0u36Dx8GI2AQcGoN8dz1ti7k=",
"dev": true
"dev": true,
"optional": true
}
}
},
@ -10632,7 +10654,8 @@
},
"ansi-regex": {
"version": "2.1.1",
"bundled": true
"bundled": true,
"optional": true
},
"aproba": {
"version": "1.2.0",
@ -10650,11 +10673,13 @@
},
"balanced-match": {
"version": "1.0.0",
"bundled": true
"bundled": true,
"optional": true
},
"brace-expansion": {
"version": "1.1.11",
"bundled": true,
"optional": true,
"requires": {
"balanced-match": "^1.0.0",
"concat-map": "0.0.1"
@ -10667,15 +10692,18 @@
},
"code-point-at": {
"version": "1.1.0",
"bundled": true
"bundled": true,
"optional": true
},
"concat-map": {
"version": "0.0.1",
"bundled": true
"bundled": true,
"optional": true
},
"console-control-strings": {
"version": "1.1.0",
"bundled": true
"bundled": true,
"optional": true
},
"core-util-is": {
"version": "1.0.2",
@ -10778,7 +10806,8 @@
},
"inherits": {
"version": "2.0.3",
"bundled": true
"bundled": true,
"optional": true
},
"ini": {
"version": "1.3.5",
@ -10788,6 +10817,7 @@
"is-fullwidth-code-point": {
"version": "1.0.0",
"bundled": true,
"optional": true,
"requires": {
"number-is-nan": "^1.0.0"
}
@ -10800,17 +10830,20 @@
"minimatch": {
"version": "3.0.4",
"bundled": true,
"optional": true,
"requires": {
"brace-expansion": "^1.1.7"
}
},
"minimist": {
"version": "0.0.8",
"bundled": true
"bundled": true,
"optional": true
},
"minipass": {
"version": "2.3.5",
"bundled": true,
"optional": true,
"requires": {
"safe-buffer": "^5.1.2",
"yallist": "^3.0.0"
@ -10827,6 +10860,7 @@
"mkdirp": {
"version": "0.5.1",
"bundled": true,
"optional": true,
"requires": {
"minimist": "0.0.8"
}
@ -10899,7 +10933,8 @@
},
"number-is-nan": {
"version": "1.0.1",
"bundled": true
"bundled": true,
"optional": true
},
"object-assign": {
"version": "4.1.1",
@ -10909,6 +10944,7 @@
"once": {
"version": "1.4.0",
"bundled": true,
"optional": true,
"requires": {
"wrappy": "1"
}
@ -10984,7 +11020,8 @@
},
"safe-buffer": {
"version": "5.1.2",
"bundled": true
"bundled": true,
"optional": true
},
"safer-buffer": {
"version": "2.1.2",
@ -11014,6 +11051,7 @@
"string-width": {
"version": "1.0.2",
"bundled": true,
"optional": true,
"requires": {
"code-point-at": "^1.0.0",
"is-fullwidth-code-point": "^1.0.0",
@ -11031,6 +11069,7 @@
"strip-ansi": {
"version": "3.0.1",
"bundled": true,
"optional": true,
"requires": {
"ansi-regex": "^2.0.0"
}
@ -11069,11 +11108,13 @@
},
"wrappy": {
"version": "1.0.2",
"bundled": true
"bundled": true,
"optional": true
},
"yallist": {
"version": "3.0.3",
"bundled": true
"bundled": true,
"optional": true
}
}
},
@ -17118,7 +17159,8 @@
"ansi-regex": {
"version": "2.1.1",
"bundled": true,
"dev": true
"dev": true,
"optional": true
},
"aproba": {
"version": "1.2.0",
@ -17139,12 +17181,14 @@
"balanced-match": {
"version": "1.0.0",
"bundled": true,
"dev": true
"dev": true,
"optional": true
},
"brace-expansion": {
"version": "1.1.11",
"bundled": true,
"dev": true,
"optional": true,
"requires": {
"balanced-match": "^1.0.0",
"concat-map": "0.0.1"
@ -17159,17 +17203,20 @@
"code-point-at": {
"version": "1.1.0",
"bundled": true,
"dev": true
"dev": true,
"optional": true
},
"concat-map": {
"version": "0.0.1",
"bundled": true,
"dev": true
"dev": true,
"optional": true
},
"console-control-strings": {
"version": "1.1.0",
"bundled": true,
"dev": true
"dev": true,
"optional": true
},
"core-util-is": {
"version": "1.0.2",
@ -17286,7 +17333,8 @@
"inherits": {
"version": "2.0.3",
"bundled": true,
"dev": true
"dev": true,
"optional": true
},
"ini": {
"version": "1.3.5",
@ -17298,6 +17346,7 @@
"version": "1.0.0",
"bundled": true,
"dev": true,
"optional": true,
"requires": {
"number-is-nan": "^1.0.0"
}
@ -17312,6 +17361,7 @@
"version": "3.0.4",
"bundled": true,
"dev": true,
"optional": true,
"requires": {
"brace-expansion": "^1.1.7"
}
@ -17319,12 +17369,14 @@
"minimist": {
"version": "0.0.8",
"bundled": true,
"dev": true
"dev": true,
"optional": true
},
"minipass": {
"version": "2.3.5",
"bundled": true,
"dev": true,
"optional": true,
"requires": {
"safe-buffer": "^5.1.2",
"yallist": "^3.0.0"
@ -17343,6 +17395,7 @@
"version": "0.5.1",
"bundled": true,
"dev": true,
"optional": true,
"requires": {
"minimist": "0.0.8"
}
@ -17423,7 +17476,8 @@
"number-is-nan": {
"version": "1.0.1",
"bundled": true,
"dev": true
"dev": true,
"optional": true
},
"object-assign": {
"version": "4.1.1",
@ -17435,6 +17489,7 @@
"version": "1.4.0",
"bundled": true,
"dev": true,
"optional": true,
"requires": {
"wrappy": "1"
}
@ -17520,7 +17575,8 @@
"safe-buffer": {
"version": "5.1.2",
"bundled": true,
"dev": true
"dev": true,
"optional": true
},
"safer-buffer": {
"version": "2.1.2",
@ -17556,6 +17612,7 @@
"version": "1.0.2",
"bundled": true,
"dev": true,
"optional": true,
"requires": {
"code-point-at": "^1.0.0",
"is-fullwidth-code-point": "^1.0.0",
@ -17575,6 +17632,7 @@
"version": "3.0.1",
"bundled": true,
"dev": true,
"optional": true,
"requires": {
"ansi-regex": "^2.0.0"
}
@ -17618,12 +17676,14 @@
"wrappy": {
"version": "1.0.2",
"bundled": true,
"dev": true
"dev": true,
"optional": true
},
"yallist": {
"version": "3.0.3",
"bundled": true,
"dev": true
"dev": true,
"optional": true
}
}
},
@ -18718,7 +18778,8 @@
"ansi-regex": {
"version": "2.1.1",
"bundled": true,
"dev": true
"dev": true,
"optional": true
},
"aproba": {
"version": "1.2.0",
@ -18739,12 +18800,14 @@
"balanced-match": {
"version": "1.0.0",
"bundled": true,
"dev": true
"dev": true,
"optional": true
},
"brace-expansion": {
"version": "1.1.11",
"bundled": true,
"dev": true,
"optional": true,
"requires": {
"balanced-match": "^1.0.0",
"concat-map": "0.0.1"
@ -18759,17 +18822,20 @@
"code-point-at": {
"version": "1.1.0",
"bundled": true,
"dev": true
"dev": true,
"optional": true
},
"concat-map": {
"version": "0.0.1",
"bundled": true,
"dev": true
"dev": true,
"optional": true
},
"console-control-strings": {
"version": "1.1.0",
"bundled": true,
"dev": true
"dev": true,
"optional": true
},
"core-util-is": {
"version": "1.0.2",
@ -18886,7 +18952,8 @@
"inherits": {
"version": "2.0.3",
"bundled": true,
"dev": true
"dev": true,
"optional": true
},
"ini": {
"version": "1.3.5",
@ -18898,6 +18965,7 @@
"version": "1.0.0",
"bundled": true,
"dev": true,
"optional": true,
"requires": {
"number-is-nan": "^1.0.0"
}
@ -18912,6 +18980,7 @@
"version": "3.0.4",
"bundled": true,
"dev": true,
"optional": true,
"requires": {
"brace-expansion": "^1.1.7"
}
@ -18919,12 +18988,14 @@
"minimist": {
"version": "0.0.8",
"bundled": true,
"dev": true
"dev": true,
"optional": true
},
"minipass": {
"version": "2.3.5",
"bundled": true,
"dev": true,
"optional": true,
"requires": {
"safe-buffer": "^5.1.2",
"yallist": "^3.0.0"
@ -18943,6 +19014,7 @@
"version": "0.5.1",
"bundled": true,
"dev": true,
"optional": true,
"requires": {
"minimist": "0.0.8"
}
@ -19023,7 +19095,8 @@
"number-is-nan": {
"version": "1.0.1",
"bundled": true,
"dev": true
"dev": true,
"optional": true
},
"object-assign": {
"version": "4.1.1",
@ -19035,6 +19108,7 @@
"version": "1.4.0",
"bundled": true,
"dev": true,
"optional": true,
"requires": {
"wrappy": "1"
}
@ -19120,7 +19194,8 @@
"safe-buffer": {
"version": "5.1.2",
"bundled": true,
"dev": true
"dev": true,
"optional": true
},
"safer-buffer": {
"version": "2.1.2",
@ -19156,6 +19231,7 @@
"version": "1.0.2",
"bundled": true,
"dev": true,
"optional": true,
"requires": {
"code-point-at": "^1.0.0",
"is-fullwidth-code-point": "^1.0.0",
@ -19175,6 +19251,7 @@
"version": "3.0.1",
"bundled": true,
"dev": true,
"optional": true,
"requires": {
"ansi-regex": "^2.0.0"
}
@ -19218,12 +19295,14 @@
"wrappy": {
"version": "1.0.2",
"bundled": true,
"dev": true
"dev": true,
"optional": true
},
"yallist": {
"version": "3.0.3",
"bundled": true,
"dev": true
"dev": true,
"optional": true
}
}
},

View File

@ -2,7 +2,8 @@
<global-message [isAppLevel]="true"></global-message>
<navigator (showAccountSettingsModal)="openModal($event)" (showPwdChangeModal)="openModal($event)"></navigator>
<div class="content-container">
<div class="content-area" [class.container-override]="showSearch" [class.content-area-override]="!shouldOverrideContent"
<div class="content-area" [class.container-override]="showSearch"
[class.content-area-override]="!shouldOverrideContent"
[class.start-content-padding]="shouldOverrideContent">
<global-message [isAppLevel]="false"></global-message>
<!-- Only appear when searching -->
@ -28,7 +29,7 @@
<clr-icon shape="users" clrVerticalNavIcon></clr-icon>
{{'SIDE_NAV.SYSTEM_MGMT.USER' | translate}}
</a>
<a *ngIf='isLdapMode || isHttpAuthMode' clrVerticalNavLink routerLink="/harbor/groups" routerLinkActive="active">
<a *ngIf='isLdapMode' clrVerticalNavLink routerLink="/harbor/groups" routerLinkActive="active">
<clr-icon shape="users" clrVerticalNavIcon></clr-icon>
{{'SIDE_NAV.SYSTEM_MGMT.GROUP' | translate}}
</a>
@ -40,10 +41,6 @@
<clr-icon shape="cloud-traffic" clrVerticalNavIcon></clr-icon>
{{'SIDE_NAV.SYSTEM_MGMT.REPLICATION' | translate}}
</a>
<a clrVerticalNavLink routerLink="/harbor/configs" routerLinkActive="active">
<clr-icon shape="cog" clrVerticalNavIcon></clr-icon>
{{'SIDE_NAV.SYSTEM_MGMT.CONFIG' | translate}}
</a>
</clr-vertical-nav-group-children>
</clr-vertical-nav-group>
<clr-vertical-nav-group *ngIf="isSystemAdmin && (withClair || hasAdminRole)" routerLinkActive="active">
@ -51,7 +48,8 @@
{{'SIDE_NAV.TASKS' | translate}}
<a routerLink="#" hidden aria-hidden="true"></a>
<clr-vertical-nav-group-children *clrIfExpanded="true">
<a clrVerticalNavLink *ngIf="withClair" routerLink="/harbor/vulnerability" routerLinkActive="active">
<a clrVerticalNavLink *ngIf="withClair" routerLink="/harbor/vulnerability"
routerLinkActive="active">
{{'SIDE_NAV.SYSTEM_MGMT.VULNERABILITY' | translate}}
</a>
<a clrVerticalNavLink *ngIf="hasAdminRole" routerLink="/harbor/gc" routerLinkActive="active">
@ -59,6 +57,10 @@
</a>
</clr-vertical-nav-group-children>
</clr-vertical-nav-group>
<a *ngIf="isSystemAdmin" clrVerticalNavLink routerLinkActive="active" routerLink="/harbor/configs">
<clr-icon shape="cog" clrVerticalNavIcon></clr-icon>
{{'SIDE_NAV.SYSTEM_MGMT.CONFIG' | translate}}
</a>
</div>
<div class="vertical-nav-footer">
<a clrVerticalNavLink target="_blank" routerLink="/devcenter">

View File

@ -1024,6 +1024,26 @@
"MSG_SUCCESS": "Retag successfully",
"TIP_REPO": "A repository name is broken up into path components. A component of a repository name must be at least one lowercase, alpha-numeric characters, optionally separated by periods, dashes or underscores. More strictly, it must match the regular expression [a-z0-9]+(?:[._-][a-z0-9]+)*.If a repository name has two or more path components, they must be separated by a forward slash ('/').The total length of a repository name, including slashes, must be less the 256 characters.",
"TIP_TAG": "A tag is a label applied to a Docker image in a repository. Tags are how various images in a repository are distinguished from each other.It need to match Regex: (`[\\w][\\w.-]{0,127}`)"
},
"CVE_WHITELIST": {
"DEPLOYMENT_SECURITY": "Deployment security",
"CVE_WHITELIST": "CVE whitelist",
"SYS_WHITELIST_EXPLAIN": "System whitelist allows vulnerabilities in this list to be ignored when calculating the vulnerability of an image.",
"ADD_SYS": "Add CVE IDs to the system whitelist",
"WARNING_SYS": "The system CVE whitelist has expired. You can enable the whitelist by extending the expiration date.",
"WARNING_PRO": "The project CVE whitelist has expired. You can enable the whitelist by extending the expiration date.",
"ADD": "ADD",
"ENTER": "Enter CVE ID(s)",
"HELP": "Separator: commas or newline characters",
"NONE": "None",
"EXPIRES_AT": "Expires at",
"NEVER_EXPIRES": "Never expires",
"PRO_WHITELIST_EXPLAIN": "Project whitelist allows vulnerabilities in this list to be ignored in this project when pushing and pulling images.",
"PRO_OR_SYS": "Use the system whitelist as is or select “Project whitelist” to create a new whitelist.",
"MERGE_INTO": "Merge the system whitelist into this project, add individual CVE IDs.",
"SYS_WHITELIST": "System whitelist",
"PRO_WHITELIST": "Project whitelist",
"ADD_SYSTEM": "ADD SYSTEM"
}
}

View File

@ -1022,6 +1022,26 @@
"MSG_SUCCESS": "Retag successfully",
"TIP_REPO": "A repository name is broken up into path components. A component of a repository name must be at least one lowercase, alpha-numeric characters, optionally separated by periods, dashes or underscores. More strictly, it must match the regular expression [a-z0-9]+(?:[._-][a-z0-9]+)*.If a repository name has two or more path components, they must be separated by a forward slash ('/').The total length of a repository name, including slashes, must be less the 256 characters.",
"TIP_TAG": "A tag is a label applied to a Docker image in a repository. Tags are how various images in a repository are distinguished from each other.It need to match Regex: (`[\\w][\\w.-]{0,127}`)"
},
"CVE_WHITELIST": {
"DEPLOYMENT_SECURITY": "Deployment security",
"CVE_WHITELIST": "CVE whitelist",
"SYS_WHITELIST_EXPLAIN": "System whitelist allows vulnerabilities in this list to be ignored when calculating the vulnerability of an image.",
"ADD_SYS": "Add CVE IDs to the system whitelist",
"WARNING_SYS": "The system CVE whitelist has expired. You can enable the whitelist by extending the expiration date.",
"WARNING_PRO": "The project CVE whitelist has expired. You can enable the whitelist by extending the expiration date.",
"ADD": "ADD",
"ENTER": "Enter CVE ID(s)",
"HELP": "Separator: commas or newline characters",
"NONE": "None",
"EXPIRES_AT": "Expires at",
"NEVER_EXPIRES": "Never expires",
"PRO_WHITELIST_EXPLAIN": "Project whitelist allows vulnerabilities in this list to be ignored in this project when pushing and pulling images.",
"PRO_OR_SYS": "Use the system whitelist as is or select “Project whitelist” to create a new whitelist.",
"MERGE_INTO": "Merge the system whitelist into this project, add individual CVE IDs.",
"SYS_WHITELIST": "System whitelist",
"PRO_WHITELIST": "Project whitelist",
"ADD_SYSTEM": "ADD SYSTEM"
}
}

View File

@ -994,6 +994,26 @@
"MSG_SUCCESS": "Retag successfully",
"TIP_REPO": "A repository name is broken up into path components. A component of a repository name must be at least one lowercase, alpha-numeric characters, optionally separated by periods, dashes or underscores. More strictly, it must match the regular expression [a-z0-9]+(?:[._-][a-z0-9]+)*.If a repository name has two or more path components, they must be separated by a forward slash ('/').The total length of a repository name, including slashes, must be less the 256 characters.",
"TIP_TAG": "A tag is a label applied to a Docker image in a repository. Tags are how various images in a repository are distinguished from each other.It need to match Regex: (`[\\w][\\w.-]{0,127}`)"
},
"CVE_WHITELIST": {
"DEPLOYMENT_SECURITY": "Deployment security",
"CVE_WHITELIST": "CVE whitelist",
"SYS_WHITELIST_EXPLAIN": "System whitelist allows vulnerabilities in this list to be ignored when calculating the vulnerability of an image.",
"ADD_SYS": "Add CVE IDs to the system whitelist",
"WARNING_SYS": "The system CVE whitelist has expired. You can enable the whitelist by extending the expiration date.",
"WARNING_PRO": "The project CVE whitelist has expired. You can enable the whitelist by extending the expiration date.",
"ADD": "ADD",
"ENTER": "Enter CVE ID(s)",
"HELP": "Separator: commas or newline characters",
"NONE": "None",
"EXPIRES_AT": "Expires at",
"NEVER_EXPIRES": "Never expires",
"PRO_WHITELIST_EXPLAIN": "Project whitelist allows vulnerabilities in this list to be ignored in this project when pushing and pulling images.",
"PRO_OR_SYS": "Use the system whitelist as is or select “Project whitelist” to create a new whitelist.",
"MERGE_INTO": "Merge the system whitelist into this project, add individual CVE IDs.",
"SYS_WHITELIST": "System whitelist",
"PRO_WHITELIST": "Project whitelist",
"ADD_SYSTEM": "ADD SYSTEM"
}
}

View File

@ -1018,6 +1018,26 @@
"MSG_SUCCESS": "Retag successfully",
"TIP_REPO": "A repository name is broken up into path components. A component of a repository name must be at least one lowercase, alpha-numeric characters, optionally separated by periods, dashes or underscores. More strictly, it must match the regular expression [a-z0-9]+(?:[._-][a-z0-9]+)*.If a repository name has two or more path components, they must be separated by a forward slash ('/').The total length of a repository name, including slashes, must be less the 256 characters.",
"TIP_TAG": "A tag is a label applied to a Docker image in a repository. Tags are how various images in a repository are distinguished from each other.It need to match Regex: (`[\\w][\\w.-]{0,127}`)"
},
"CVE_WHITELIST": {
"DEPLOYMENT_SECURITY": "Deployment security",
"CVE_WHITELIST": "CVE whitelist",
"SYS_WHITELIST_EXPLAIN": "System whitelist allows vulnerabilities in this list to be ignored when calculating the vulnerability of an image.",
"ADD_SYS": "Add CVE IDs to the system whitelist",
"WARNING_SYS": "The system CVE whitelist has expired. You can enable the whitelist by extending the expiration date.",
"WARNING_PRO": "The project CVE whitelist has expired. You can enable the whitelist by extending the expiration date.",
"ADD": "ADD",
"ENTER": "Enter CVE ID(s)",
"HELP": "Separator: commas or newline characters",
"NONE": "None",
"EXPIRES_AT": "Expires at",
"NEVER_EXPIRES": "Never expires",
"PRO_WHITELIST_EXPLAIN": "Project whitelist allows vulnerabilities in this list to be ignored in this project when pushing and pulling images.",
"PRO_OR_SYS": "Use the system whitelist as is or select “Project whitelist” to create a new whitelist.",
"MERGE_INTO": "Merge the system whitelist into this project, add individual CVE IDs.",
"SYS_WHITELIST": "System whitelist",
"PRO_WHITELIST": "Project whitelist",
"ADD_SYSTEM": "ADD SYSTEM"
}

View File

@ -1020,6 +1020,26 @@
"MSG_SUCCESS": "同步成功",
"TIP_REPO": "镜像仓库名被分解为路径组件。仓库名必须至少有一个小写字母、字母数字字符,可选句点、破折号或下划线分隔。严格意义上说,它必须匹配正则表达式[a-z0-9]+(?[.-][a-z0-9]+)*.如果仓库名有两个或多个路径组件,则它们必须用正斜杠('/')分隔。包括斜杠在内的仓库名的总长度必须小于256个字符。",
"TIP_TAG": "标签是应用于存储库中的Docker映像的一种标签它用于区分多种镜像。它需要匹配Regex([\\w][\\w.-]{0,127})"
},
"CVE_WHITELIST": {
"DEPLOYMENT_SECURITY": "部署安全性",
"CVE_WHITELIST": "CVE白名单",
"SYS_WHITELIST_EXPLAIN": "在计算镜像的的安全性漏洞时在系统的CVE白名单中的漏洞将会被忽略。",
"ADD_SYS": "可添加一条或多条CVE ID至系统的CVE白名单中",
"WARNING_SYS": "系统的CVE白名单已过期. 请延长有效期以使白名单生效",
"WARNING_PRO": "该项目的CVE白名单已过期. 请延长有效期以使白名单生效",
"ADD": "添加",
"ENTER": "输入一条或多条CVE ID",
"HELP": "CVE ID之间请用英文逗号隔开或者换行",
"NONE": "无",
"EXPIRES_AT": "有效期至",
"NEVER_EXPIRES": "永不过期",
"PRO_WHITELIST_EXPLAIN": "在推送和拉取镜像时在项目的CVE白名单中的漏洞将会被忽略",
"PRO_OR_SYS": "您可以选择使用系统的CVE白名单作为该项目的白名单也可勾选“启用项目白名单”项来建立该项目自己的CVE白名单",
"MERGE_INTO": "您可以点击“添加系统白名单”项将系统白名单合并至该项目白名单中并可为该项目白名单添加特有的CVE IDs",
"SYS_WHITELIST": "启用系统白名单",
"PRO_WHITELIST": "启用项目白名单",
"ADD_SYSTEM": "添加系统白名单"
}
}

View File

@ -31,6 +31,7 @@ Upload Chart files
Go Into Chart Version
[Arguments] ${chart_name}
Retry Element Click xpath=//hbr-helm-chart//a[contains(., '${chart_name}')]
Sleep 3
Capture Page Screenshot viewchartversion.png
Go Into Chart Detail

View File

@ -0,0 +1,32 @@
# Copyright Project Harbor Authors
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License
*** Settings ***
Documentation This resource provides helper functions for docker operations
Library OperatingSystem
Library Process
*** Keywords ***
Helm Repo Add
[Arguments] ${harbor_url} ${user} ${pwd} ${project_name}=library ${helm_repo_name}=myrepo
${rc} ${output}= Run And Return Rc And Output helm repo remove ${project_name}
Log To Console ${output}
Wait Unitl Command Success helm repo add --ca-file /helm_ca/server.crt --username=${user} --password=${pwd} ${helm_repo_name} ${harbor_url}/chartrepo/${project_name}
Helm Repo Push
[Arguments] ${harbor_url} ${user} ${pwd} ${chart_filename} ${project_name}=library ${helm_repo_name}=myrepo
${current_dir}= Run pwd
Run cd ${current_dir}
Run wget ${harbor_chart_file_url}
Wait Unitl Command Success helm push --ca-file=/helm_ca/server.crt --username=${user} --password=${pwd} ${chart_filename} ${helm_repo_name}

View File

@ -142,3 +142,15 @@ Manage Project Member Without Sign In Harbor
User Should Not Be A Member Of Project ${test_user1} ${sign_in_pwd} project${d} is_oidc_mode=${is_oidc_mode}
Push image ip=${ip} user=${sign_in_user} pwd=${sign_in_pwd} project=project${d} image=hello-world
User Should Be Guest ${test_user2} ${sign_in_pwd} project${d} is_oidc_mode=${is_oidc_mode}
Helm CLI Push Without Sign In Harbor
[Arguments] ${sign_in_user} ${sign_in_pwd}
${d}= Get Current Date result_format=%m%s
Create An New Project project${d}
Helm Repo Add ${HARBOR_URL} ${sign_in_user} ${sign_in_pwd} project_name=project${d}
Helm Repo Push ${HARBOR_URL} ${sign_in_user} ${sign_in_pwd} ${harbor_chart_filename} project_name=project${d}
Go Into Project project${d} has_image=${false}
Switch To Project Charts
Go Into Chart Version ${harbor_chart_name}
Retry Wait Until Page Contains ${harbor_chart_version}
Capture Page Screenshot

View File

@ -59,6 +59,7 @@ Resource Harbor-Pages/OIDC_Auth.robot
Resource Harbor-Pages/OIDC_Auth_Elements.robot
Resource Harbor-Pages/Verify.robot
Resource Docker-Util.robot
Resource Helm-Util.robot
Resource Admiral-Util.robot
Resource OVA-Util.robot
Resource Cert-Util.robot

View File

@ -1,3 +1,4 @@
// Copyright (c) 2017 VMware, Inc. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
@ -542,6 +543,13 @@ Test Case - View Scan Error
Test Case - List Helm Charts
Body Of List Helm Charts
Test Case - Helm CLI Push
Init Chrome Driver
${user}= Set Variable user004
${pwd}= Set Variable Test1@34
Sign In Harbor ${HARBOR_URL} ${user} ${pwd}
Helm CLI Push Without Sign In Harbor ${user} ${pwd}
Test Case - Admin Push Signed Image
Body Of Admin Push Signed Image
@ -612,3 +620,4 @@ Test Case - Project Level Image Serverity Policy
Set Vulnerabilty Serverity 0
Cannot pull image ${ip} ${HARBOR_ADMIN} ${HARBOR_PASSWORD} project${d} haproxy
Close Browser

View File

@ -83,3 +83,9 @@ Test Case - Generate User CLI Secret
Cannot Docker Login Harbor ${ip} ${OIDC_USERNAME} ${secret_old}
Pull image ${ip} ${OIDC_USERNAME} ${secret_new} project${d} ${image}
Push image ${ip} ${OIDC_USERNAME} ${secret_new} project${d} ${image}
Test Case - Helm CLI Push
Init Chrome Driver
Sign In Harbor With OIDC User ${HARBOR_URL}
${secret}= Get Secrete By API ${HARBOR_URL}
Helm CLI Push Without Sign In Harbor ${OIDC_USERNAME} ${secret}