Upstream
/
harbor
mirror of https://github.com/goharbor/harbor.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fixes to links, images, code samples, etc. 

Signed-off-by: lucperkins <lucperkins@gmail.com>
This commit is contained in:
lucperkins 2020-01-27 10:15:44 -08:00
parent c50b8b9752
commit 37e1b74724
15 changed files with 144 additions and 126 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
docs/1.10/administration/configure-authentication/db-auth.md
View File

@ -12,16 +12,16 @@ If you create users in the database, Harbor is locked in database mode. You cann
1. Under **Administration**, go to **Configuration** and select the **Authentication** tab.
1. Leave **Auth Mode** set to the default **Database** option.
![Database authentication](../../img/db-auth.png)
![Database authentication](../../../img/db-auth.png)
1. Optionally select the **Allow Self-Registration** check box.
![Enable self-registration](../../img/new-self-reg.png)
![Enable self-registration](../../../img/new-self-reg.png)
If you enable the self registration option, users can register themselves in Harbor. Self-registration is disabled by default. If you enable self-registration, unregistered users can sign up for a Harbor account by clicking **Sign up for an account** in the Harbor log in page.
![Enable self-registration](../../img/self-registration-login.png)
![Enable self-registration](../../../img/self-registration-login.png)
## What to Do Next
For information about how to create users in database authentication mode, see [Create User Accounts in Database Mode](../managing_users/create-users-db.md).
For information about how to create users in database authentication mode, see [Create User Accounts in Database Mode](../managing-users/create-users-db.md).

8
docs/1.10/administration/configure-authentication/ldap-auth.md
View File

@ -16,7 +16,7 @@ If you want to manage user authentication by using LDAP groups, you must enable
1. Under **Administration**, go to **Configuration** and select the **Authentication** tab.
1. Use the **Auth Mode** drop-down menu to select **LDAP**.
![LDAP authentication](../../img/select-ldap-auth.png)
![LDAP authentication](../../../img/select-ldap-auth.png)
1. Enter the address of your LDAP server, for example `ldaps://10.162.16.194`.
1. Enter information about your LDAP server.
@ -26,7 +26,7 @@ If you want to manage user authentication by using LDAP groups, you must enable
- **LDAP UID**: An attribute, for example `uid`, or `cn`, that is used to match a user with the username. If a match is found, the user's password is verified by a bind request to the LDAP/AD server.
- **LDAP Scope**: The scope to search for LDAP/AD users. Select from **Subtree**, **Base**, and **OneLevel**.
![Basic LDAP configuration](../../img/ldap-auth.png)
![Basic LDAP configuration](../../../img/ldap-auth.png)
1. If you want to manage user authentication with LDAP groups, configure the group settings.
- **LDAP Group Base DN**: The base DN from which to lookup a group in LDAP/AD. For example, `ou=groups,dc=example,dc=com`.
- **LDAP Group Filter**: The filter to search for LDAP/AD groups. For example, `objectclass=groupOfNames`.
@ -35,9 +35,9 @@ If you want to manage user authentication by using LDAP groups, you must enable
- **LDAP Group Membership**: The user attribute usd to identify a user as a member of a group. By default this is `memberof`.
- **LDAP Scope**: The scope to search for LDAP/AD groups. Select from **Subtree**, **Base**, and **OneLevel**.
![LDAP group configuration](../../img/ldap-groups.png)
![LDAP group configuration](../../../img/ldap-groups.png)
1. Uncheck **LDAP Verify Cert** if the LDAP/AD server uses a self-signed or untrusted certificate.
![LDAP certificate verification](../../img/ldap-cert-test.png)
![LDAP certificate verification](../../../img/ldap-cert-test.png)
1. Click **Test LDAP Server** to make sure that your configuration is correct.
1. Click **Save** to complete the configuration.

20
docs/1.10/administration/configure-authentication/oidc-auth.md
View File

@ -27,7 +27,7 @@ Before configuring an OIDC provider in Harbor, make sure that your provider is c
1. Under **Administration**, go to **Configuration** and select the **Authentication** tab.
1. Use the **Auth Mode** drop-down menu to select **OIDC**.
![LDAP authentication](../../img/select-oidc-auth.png)
![LDAP authentication](../../../img/select-oidc-auth.png)
1. Enter information about your OIDC provider.
- **OIDC Provider Name**: The name of the OIDC provider.
@ -39,11 +39,11 @@ Before configuring an OIDC provider in Harbor, make sure that your provider is c
The OIDC scope must contain `openid` and usually also contains `profile` and `email`. To obtain refresh tokens it should also contain `offline_access`. If you are using OIDC groups, a scope must identify the group claim. Check with your OIDC provider administrator for precise details of how to identify the group claim scope, as this differs from vendor to vendor.
![OIDC settings](../../img/oidc-auth-setting.png)
![OIDC settings](../../../img/oidc-auth-setting.png)
1. Uncheck **Verify Certificate** if the OIDC Provider uses a self-signed or untrusted certificate.
1. Verify that the Redirect URI that you configured in your OIDC provider is the same as the one displayed at the bottom of the page.
![OIDC certificate verification, URI, and test ](../../img/oidc-cert-verification.png)
![OIDC certificate verification, URI, and test ](../../../img/oidc-cert-verification.png)
1. Click **Test OIDC Server** to make sure that your configuration is correct.
1. Click **Save** to complete the configuration.
@ -51,7 +51,7 @@ Before configuring an OIDC provider in Harbor, make sure that your provider is c
When the Harbor system administrator has configured Harbor to authenticate via OIDC a **Login via OIDC Provider** button appears on the Harbor login page.
![oidc_login](../../img/oidc-login.png)
![oidc_login](../../../img/oidc-login.png)
**NOTE:** When Harbor is configured authentication via OIDC, the **Username** and **Password** fields are reserved for the local Harbor system administrator to log in.
@ -60,7 +60,7 @@ When the Harbor system administrator has configured Harbor to authenticate via O
This redirects you to the OIDC Provider for authentication.
1. If this is the first time that you are logging in to Harbor with OIDC, specify a user name for Harbor to associate with your OIDC username.
![Specify Harbor username for OIDC](../../img/oidc-onboard-dlg.png)
![Specify Harbor username for OIDC](../../../img/oidc-onboard-dlg.png)
This is the user name by which you are identified in Harbor, which is used when adding you to projects, assigning roles, and so on. If the username is already taken, you are prompted to choose another one.
1. After the OIDC provider has authenticated you, you are redirected back to Harbor.
@ -74,13 +74,13 @@ The Docker and Helm CLIs cannot handle redirection for OIDC, so Harbor provides
1. Log in to Harbor with an OIDC user account.
1. Click your username at the top of the screen and select **User Profile**.
![Access user profile](../../img/user-profile.png)
![Access user profile](../../../img/user-profile.png)
1. Click the clipboard icon to copy the CLI secret associated with your account.
![Copy CLI secret](../../img/profile-dlg.png)
![Copy CLI secret](../../../img/profile-dlg.png)
1. Optionally click the **...** icon in your user profile to display buttons for automatically generating or manually creating a new CLI secret.
![Copy CLI secret](../../img/generate-create-new-secret.png)
![Copy CLI secret](../../../img/generate-create-new-secret.png)
A user can only have one CLI secret, so when a new secret is generated or create, the old one becomes invalid.
1. If you generated a new CLI secret, click the clipboard icon to copy it.
@ -88,8 +88,8 @@ The Docker and Helm CLIs cannot handle redirection for OIDC, so Harbor provides
You can now use your CLI secret as the password when logging in to Harbor from the Docker or Helm CLI.
<pre>
sh docker login -u testuser -p <i>cli_secret</i> jt-test.local.goharbor.io
</pre>
docker login -u testuser -p <i>cli_secret</i> jt-test.local.goharbor.io
</pre>
{{< note >}}
The CLI secret is associated with the OIDC ID token. Harbor will try to refresh the token, so the CLI secret will be valid after the ID token expires. However, if the OIDC Provider does not provide a refresh token or the refresh fails, the CLI secret becomes invalid. In this case, log out and log back in to Harbor via your OIDC provider so that Harbor can get a new ID token. The CLI secret will then work again.

25
docs/1.10/administration/configure-project-quotas.md
View File

@ -13,18 +13,21 @@ You can also set quotas on individual projects. If you set a global default quot
By default, all projects have unlimited quotas for both tags and storage use.
1. Select the **Project Quotas** view.
![Project quotas](../../img/project-quota1.png)
![Project quotas](../../img/project-quota1.png)
1. To set global default quotas on all projects, click **Edit**.
![Project quotas](../../img/project-quota2.png)
1. For **Default artifact count**, enter the maximum number of tags that any project can contain at a given time, or enter `-1` to set the default to unlimited.
1. For **Default storage consumption**, enter the maximum quantity of storage that any project can consume, selecting `MB`, `GB`, or `TB` from the drop-down menu, or enter `-1` to set the default to unlimited.
![Project quotas](../../img/project-quota3.png)
1. Click **OK**.
![Project quotas](../../img/project-quota2.png)
1. For **Default artifact count**, enter the maximum number of tags that any project can contain at a given time, or enter `-1` to set the default to unlimited.
1. For **Default storage consumption**, enter the maximum quantity of storage that any project can consume, selecting `MB`, `GB`, or `TB` from the drop-down menu, or enter `-1` to set the default to unlimited.
![Project quotas](../../img/project-quota3.png)
1. Click **OK**.
1. To set quotas on an individual project, click the 3 vertical dots next to a project and select **Edit**.
![Project quotas](../../img/project-quota4.png)
1. For **Default artifact count**, enter the maximum number of tags that this individual project can contain, or enter `-1` to set the default to unlimited.
1. For **Default storage consumption**, enter the maximum quantity of storage that this individual project can consume, selecting `MB`, `GB`, or `TB` from the drop-down menu.
![Project quotas](../../img/project-quota4.png)
1. For **Default artifact count**, enter the maximum number of tags that this individual project can contain, or enter `-1` to set the default to unlimited.
1. For **Default storage consumption**, enter the maximum quantity of storage that this individual project can consume, selecting `MB`, `GB`, or `TB` from the drop-down menu.
After you set quotas, you can see how much of their quotas each project has consumed.
@ -37,7 +40,9 @@ When setting project quotas, it is useful to know how Harbor calculates tag numb
- Harbor computes image size when blobs and manifests are pushed from the Docker client.
- Harbor computes tag counts when manifests are pushed from the Docker client.
**NOTE**: When users push an image, the manifest is pushed last, after all of the associated blobs have been pushed successfully to the registry. If several images are pushed concurrently and if there is an insufficient number of tags left in the quota for all of them, images are accepted in the order that their manifests arrive. Consequently, an attempt to push an image might not be immediately rejected for exceeding the quota. This is because there was availability in the tag quota when the push was initiated, but by the time the manifest arrived the quota had been exhausted.
{{< note >}}
When users push an image, the manifest is pushed last, after all of the associated blobs have been pushed successfully to the registry. If several images are pushed concurrently and if there is an insufficient number of tags left in the quota for all of them, images are accepted in the order that their manifests arrive. Consequently, an attempt to push an image might not be immediately rejected for exceeding the quota. This is because there was availability in the tag quota when the push was initiated, but by the time the manifest arrived the quota had been exhausted.
{{< /note >}}
- Shared blobs are only computed once per project. In Docker, blob sharing is defined globally. In Harbor, blob sharing is defined at the project level. As a consequence, overall storage usage can be greater than the actual disk capacity.
- Retagging images reserves and releases resources:
- If you retag an image within a project, the tag count increases by one, but storage usage does not change because there are no new blobs or manifests.

15
docs/1.10/administration/configuring-replication/create-replication-endpoints.md
View File

@ -6,7 +6,7 @@ To replicate image repositories from one instance of Harbor to another Harbor or
1. Go to **Registries** and click the **+ New Endpoint** button.
![New replication endpoint](../../img/replication-endpoint1.png)
![New replication endpoint](../../../img/replication-endpoint1.png)
1. For **Provider**, use the drop-down menu to select the type of registry to set up as a replication endpoint.
The endpoint can be another Harbor instance, or a non-Harbor registry. Currently, the following non-Harbor registries are supported:
@ -23,7 +23,7 @@ To replicate image repositories from one instance of Harbor to another Harbor or
- Quay.io
- Jfrog Artifactory
![Replication providers](../../img/replication-endpoint2.png)
![Replication providers](../../../img/replication-endpoint2.png)
1. Enter a suitable name and description for the new replication endpoint.
1. Enter the full URL of the registry to set up as a replication endpoint.
@ -31,11 +31,12 @@ To replicate image repositories from one instance of Harbor to another Harbor or
For example, to replicate to another Harbor instance, enter https://harbor_instance_address:443. The registry must exist and be running before you create the endpoint.
1. Enter the Access ID and Access Secret for the endpoint registry instance.
Use an account that has the appropriate privileges on that registry, or an account that has write permission on the corresponding project in a Harbor registry.
**NOTES**:
Use an account that has the appropriate privileges on that registry, or an account that has write permission on the corresponding project in a Harbor registry.
{{< note >}}
- AWS ECR adapters should use access keys, not a username and password. The access key should have sufficient permissions, such as storage permission.
- Google GCR adapters should use the entire JSON key generated in the service account. The namespace should start with the project ID.
{{< /note >}}
1. Optionally, select the **Verify Remote Cert** check box.
Deselect the check box if the remote registry uses a self-signed or untrusted certificate.
@ -44,6 +45,6 @@ To replicate image repositories from one instance of Harbor to another Harbor or
## Managing Registries
You can list, add, edit and delete registries under `Administration->Registries`. Only registries which are not referenced by any rules can be deleted.
You can list, add, edit and delete registries under **Administration** -> **Registries**. Only registries which are not referenced by any rules can be deleted.
![browse project](../../img/manage-registry.png)
![browse project](../../../img/manage-registry.png)

18
docs/1.10/administration/configuring-replication/create-replication-rules.md
View File

@ -7,15 +7,15 @@ A replication endpoint must exist before you create a replication rule. To creat
1. Log in to the Harbor interface with an account that has Harbor system administrator privileges.
1. Expand **Administration**, and select **Replications**.
![Add a replication rule](../../img/replication-rule1.png)
![Add a replication rule](../../../img/replication-rule1.png)
1. Click **New Replication Rule**.
1. Provide a name and description for the replication rule.
1. Select **Push-based** or **Pull-based** replication, depending on whether you want to replicate images to or from the remote registry.
![Replication mode](../../img/replication-rule2.png)
![Replication mode](../../../img/replication-rule2.png)
1. For **Source resource filter**, identify the images to replicate.
![Replication filters](../../img/replication-rule3.png)
![Replication filters](../../../img/replication-rule3.png)
* **Name**: Replicate resources with a given name by entering an image name or fragment.
* **Tag**: Replicate resources with a given tag by entering a tag name or fragment.
@ -46,17 +46,17 @@ A replication endpoint must exist before you create a replication rule. To creat
If you do not enter a namespace, resources are placed in the same namespace as in the source registry.
![Destination and namespaces](../../img/replication-rule4.png)
![Destination and namespaces](../../../img/replication-rule4.png)
1. Use the Trigger Mode drop-down menu to select how and when to run the rule.
* **Manual**: Replicate the resources manually when needed. **Note**: Deletion operations are not replicated.
* **Scheduled**: Replicate the resources periodically by defining a cron job. **Note**: Deletion operations are not replicated.
* **Event Based**: When a new resource is pushed to the project, or an image is retagged, it is replicated to the remote registry immediately. If you select the `Delete remote resources when locally deleted`, if you delete an image, it is automatically deleted from the replication target.
* **Event Based**: When a new resource is pushed to the project, or an image is retagged, it is replicated to the remote registry immediately. If you select the **Delete remote resources when locally deleted**, if you delete an image, it is automatically deleted from the replication target.
{{< note >}}
You can filter images for replication based on the labels that are applied to the images. However, changing a label on an image does not trigger replication. Event-based replication is limited to pushing, retagging, and deleting images.
{{< /note >}}
{{< note >}}
You can filter images for replication based on the labels that are applied to the images. However, changing a label on an image does not trigger replication. Event-based replication is limited to pushing, retagging, and deleting images.
{{< /note >}}
![Trigger mode](../../img/replication-rule5.png)
![Trigger mode](../../../img/replication-rule5.png)
1. Optionally select the Override checkbox to force replicated resources to replace resources at the destination with the same name.
1. Click **Save** to create the replication rule.

8
docs/1.10/administration/configuring-replication/manage-replications.md
View File

@ -6,16 +6,16 @@ title: Running Replication Manually
1. Expand **Administration**, and select **Replications**.
1. Select a replication rule and click **Replicate**.
![Add a replication rule](../../img/replication-rule6.png)
![Add a replication rule](../../../img/replication-rule6.png)
The resources to which the rule is applied start to replicate from the source registry to the destination immediately.
The resources to which the rule is applied start to replicate from the source registry to the destination immediately.
1. Click the rule to see its execution status.
1. Click the **ID** of the execution to see the details of the replication and the task list. The count of `IN PROGRESS` status in the summary includes both `Pending` and `In Progress` tasks.
1. Optionally click **STOP** to stop the replication.
1. Click the log icon to see detailed information about the replication task.
![View replication task](../../img/list-tasks.png)
![View replication task](../../../img/list-tasks.png)
To edit or delete a replication rule, select the replication rule in the **Replications** view and click **Edit** or **Delete**. Only rules which have no executions in progress can be edited deleted.
![Delete or edit rule](../../img/replication-rule6.png)
![Delete or edit rule](../../../img/replication-rule6.png)

22
docs/1.10/administration/garbage-collection.md
View File

@ -9,7 +9,9 @@ When you delete images from Harbor, space is not automatically freed up. You mus
1. Log in to the Harbor interface with an account that has Harbor system administrator privileges.
1. Expand **Administration**, and select **Garbage Collection**.
1. Select the **'Garbage Collection'** tab.
![Garbage collection](../../img/garbage-collection.png)
![Garbage collection](../../img/garbage-collection.png)
1. To run garbage collection immediately, click **GC Now**.
When you run garbage collection, Harbor goes into read-only mode. All modifications to the registry are prohibited.
@ -21,13 +23,17 @@ To avoid triggering the garbage collection process too frequently, the availabil
1. Expand **Administration**, and select **Garbage Collection**.
1. Select the **'Garbage Collection'** tab.
1. Use the drop down-menu to select how often to run garbage collection.
![Schedule garbage collection](../../img/gc-policy.png)
* **None**: No garbage collection is scheduled.
* **Hourly**: Run garbage collection at the beginning of every hour.
* **Daily**: Run garbage collection at midnight every day.
* **Weekly**: Run garbage collection at midnight every Saturday.
* **Custom**: Run garbage collection according to a `cron` job.
![Schedule garbage collection](../../img/gc-policy.png)
* **None**: No garbage collection is scheduled.
* **Hourly**: Run garbage collection at the beginning of every hour.
* **Daily**: Run garbage collection at midnight every day.
* **Weekly**: Run garbage collection at midnight every Saturday.
* **Custom**: Run garbage collection according to a `cron` job.
1. Click **Save**.
1. Select the **History** tab to view records of the 10 most recent garbage collection runs.
![Garbage collection history](../../img/gc-history.png)
![Garbage collection history](../../img/gc-history.png)
1. Click on the **Logs** link to view the related logs.

3
docs/1.10/administration/general-settings.md
View File

@ -20,9 +20,8 @@ If it set to true, deleting repositories, tags and pushing images are not permit
![browse project](../../img/read-only-enable.png)
```sh
$ docker push 10.117.169.182/demo/ubuntu:14.04
docker push 10.117.169.182/demo/ubuntu:14.04
The push refers to a repository [10.117.169.182/demo/ubuntu]
0271b8eebde3: Preparing
denied: The system is in read only mode. Any modification is prohibited.

10
docs/1.10/administration/managing-users/create-users-db.md
View File

@ -7,14 +7,14 @@ In database authentication mode, the Harbor system administrator creates user ac
1. Log in to the Harbor interface with an account that has Harbor system administrator privileges.
1. Under **Administration**, go to **Users**.
![Create user account](../../img/create-user.png)
![Create user account](../../../img/create-user.png)
1. Click **New User**.
1. Enter information about the new user.
![Provide user information](../../img/new-user.png)
![Provide user information](../../../img/new-user.png)
- The username must be unique in the Harbor system
- The email address is used for password recovery
- The password must contain at least 8 characters with 1 lowercase letter, 1 uppercase letter and 1 numeric character
- The username must be unique in the Harbor system
- The email address is used for password recovery
- The password must contain at least 8 characters with 1 lowercase letter, 1 uppercase letter and 1 numeric character
If users forget their password, there is a **Forgot Password** in the Harbor log in page. To use this feature, you must [configure an email server](../general-settings.md).

6
docs/1.10/administration/managing-users/rbac.md
View File

@ -4,7 +4,7 @@ title: Harbor Role Based Access Control (RBAC)
Harbor manages images through projects. You provide access to these images to users by including the users in projects and assigning one of the following roles to them.
![rbac](../../img/rbac.png)
![RBAC](../../../img/rbac.png)
* **Limited Guest**: A Limited Guest does not have full read privileges for a project. They can pull images but cannot push, and they cannot see logs or the other members of a project. For example, you can create limited guests for users from different organizations who share access to a project.
* **Guest**: Guest has read-only privilege for a specified project. They can pull and retag images, but cannot push.
@ -27,6 +27,6 @@ If you run Harbor in LDAP/AD or OIDC authentication mode, you create and manage
Harbor system administrators can assign the Harbor system administrator role to other users by selecting usernames and clicking **Set as Administrator** in the **Users** tab.
![browse project](../../img/new-set-admin-remove-user.png)
![browse project](../../../img/new-set-admin-remove-user.png)
To delete users, select a user and click `DELETE`. Deleting user is only supported under database authentication mode.
To delete users, select a user and click `DELETE`. Deleting users is only supported under database authentication mode.

54
docs/1.10/build-customize-contribute/compile-guide.md
View File

@ -22,7 +22,7 @@ Harbor is deployed as several Docker containers and most of the code is written
## Step 2: Getting the source code
```sh
$ git clone https://github.com/goharbor/harbor
git clone https://github.com/goharbor/harbor
```
## Step 3: Building and installing Harbor
@ -44,21 +44,21 @@ You can compile the code by one of the three approaches:
- Get official Golang image from docker hub:
```sh
docker pull golang:1.12.5
```
```sh
docker pull golang:1.12.5
```
- Build, install and bring up Harbor without Notary:
```sh
make install GOBUILDIMAGE=golang:1.12.5 COMPILETAG=compile_golangimage
```
```sh
make install GOBUILDIMAGE=golang:1.12.5 COMPILETAG=compile_golangimage
```
- Build, install and bring up Harbor with Notary:
```sh
make install GOBUILDIMAGE=golang:1.12.5 COMPILETAG=compile_golangimage NOTARYFLAG=true
```
```sh
make install GOBUILDIMAGE=golang:1.12.5 COMPILETAG=compile_golangimage NOTARYFLAG=true
```
- Build, install and bring up Harbor with Clair:
@ -68,27 +68,27 @@ You can compile the code by one of the three approaches:
#### II. Compile code with your own Golang environment, then build Harbor
- Move source code to \$GOPATH
- Move source code to `$GOPATH`
```sh
mkdir $GOPATH/src/github.com/goharbor/
cd ..
mv harbor $GOPATH/src/github.com/goharbor/.
```
```sh
mkdir $GOPATH/src/github.com/goharbor/
cd ..
mv harbor $GOPATH/src/github.com/goharbor/.
```
- Build, install and run Harbor without Notary and Clair:
```sh
cd $GOPATH/src/github.com/goharbor/harbor
$ make install
```
```sh
cd $GOPATH/src/github.com/goharbor/harbor
$ make install
```
- Build, install and run Harbor with Notary and Clair:
```sh
cd $GOPATH/src/github.com/goharbor/harbor
make install -e NOTARYFLAG=true CLAIRFLAG=true
```
```sh
cd $GOPATH/src/github.com/goharbor/harbor
make install -e NOTARYFLAG=true CLAIRFLAG=true
```
### Verify your installation
@ -99,7 +99,7 @@ If everything worked properly, you will see this message:
Start complete. You can visit harbor now.
```
Refer to [Installation and Configuration Guide](../installation-guide.md#managing-harbors-lifecycle) for more information about managing your Harbor instance.
Refer to the [Installation and Configuration Guide](../installation-guide.md#managing-harbors-lifecycle) for more information about managing your Harbor instance.
## Appendix
@ -167,7 +167,9 @@ make pushimage -e DEVFLAG=false REGISTRYUSER=[$USERNAME] REGISTRYPASSWORD=[$PASS
make clean -e VERSIONTAG=[TAG]
```
**Note**: If new code had been added to Github, the git commit TAG will change. Better use this command to clean up images and files of previous TAG.
{{< note >}}
If new code has been added to Github, the git commit TAG will change. Better use this command to clean up images and files of previous TAG.
{{< /note >}}
#### By default, the make process create a development build. To create a release build of Harbor, set the below flag to false.

32
docs/1.10/build-customize-contribute/configure-swagger.md
View File

@ -9,20 +9,22 @@ A Swagger file is provided for viewing and testing Harbor REST API.
* Open the file **swagger.yaml** under the _docs_ directory in Harbor project
* Paste all its content into the online Swagger Editor at http://editor.swagger.io. The descriptions of Harbor API will be shown on the right pane of the page.
![Swagger Editor](../img/swagger-editor.png)
![Swagger Editor](../../img/swagger-editor.png)
## Testing Harbor REST API
From time to time, you may need to mannually test Harbor REST API. You can deploy the Swagger file into Harbor's service node. Suppose you install Harbor through online or offline installer, you should have a Harbor directory after you un-tar the installer, such as **~/harbor**.
From time to time, you may need to mannually test Harbor REST API. You can deploy the Swagger file into Harbor's service node. Suppose you install Harbor through online or offline installer, you should have a Harbor directory after you un-tar the installer, such as `~/harbor`.
**Caution:** When using Swagger to send REST requests to Harbor, you may alter the data of Harbor accidentally. For this reason, it is NOT recommended using Swagger against a production Harbor instance.
{{< danger >}}
When using Swagger to send REST requests to Harbor, you may alter the data of Harbor accidentally. For this reason, we do **not** recommended using Swagger against a production Harbor instance.
{{< /danger >}}
* Download _prepare-swagger.sh_ and _swagger.yaml_ under the _docs_ directory to your local Harbor directory, e.g. **~/harbor**.
* Download `prepare-swagger.sh` and `swagger.yaml` under the `docs` directory to your local Harbor directory, e.g. `~/harbor`.
```sh
wget https://raw.githubusercontent.com/goharbor/harbor/master/docs/prepare-swagger.sh https://raw.githubusercontent.com/goharbor/harbor/master/docs/swagger.yaml
```
* Edit the script file _prepare-swagger.sh_.
* Edit the script file `prepare-swagger.sh`.
```sh
vi prepare-swagger.sh
@ -34,7 +36,7 @@ From time to time, you may need to mannually test Harbor REST API. You can deplo
SCHEME=<HARBOR_SERVER_SCHEME>
```
* Change the SERVER_IP to the IP address of your Harbor server.
* Change the `SERVER_IP` to the IP address of your Harbor server.
```sh
SERVER_IP=<HARBOR_SERVER_DOMAIN>
@ -46,24 +48,24 @@ From time to time, you may need to mannually test Harbor REST API. You can deplo
chmod +x prepare-swagger.sh
```
* Run the shell script. It downloads a Swagger package and extracts files into the _../static_ directory.
* Run the shell script. It downloads a Swagger package and extracts files into the `../static` directory.
```sh
./prepare-swagger.sh
```
* Edit the _docker-compose.yml_ file under your local Harbor directory.
* Edit the `docker-compose.yml` file under your local Harbor directory.
```sh
vi docker-compose.yml
```
* Add two lines to the file _docker-compose.yml_ under the section _ui.volumes_.
* Add two lines to the file `docker-compose.yml` under the section `ui.volumes`.
```docker
...
```yaml
# ...
ui:
...
# ...
volumes:
- ./common/config/ui/app.conf:/etc/core/app.conf:z
- ./common/config/ui/private_key.pem:/etc/core/private_key.pem:z
@ -72,7 +74,7 @@ From time to time, you may need to mannually test Harbor REST API. You can deplo
## add two lines as below ##
- ../src/ui/static/vendors/swagger-ui-2.1.4/dist:/harbor/static/vendors/swagger
- ../src/ui/static/resources/yaml/swagger.yaml:/harbor/static/resources/yaml/swagger.yaml
...
# ...
```
* Recreate Harbor containers
@ -85,10 +87,10 @@ From time to time, you may need to mannually test Harbor REST API. You can deplo
* Open another tab in the same browser so that the session is shared between tabs.
* Enter the URL of the Swagger page in Harbor as below. The ```<HARBOR_SERVER>``` should be replaced by the IP address or the hostname of the Harbor server.
```
```text
http://<HARBOR_SERVER>/static/vendors/swagger/index.html
```
* You should see a Swagger UI page with Harbor API _swagger.yaml_ file loaded in the same domain, **be aware that your REST request submitted by Swagger may change the data of Harbor**.
![Harbor API](../img/rendered-swagger.png)
![Harbor API](../../img/rendered-swagger.png)

35
docs/1.10/build-customize-contribute/developer-guide-i18n.md
View File

@ -12,14 +12,14 @@ Steps to localize the UI in your language
The file contains a JSON object including all the key-value pairs of UI strings:
```json
```javascript
{
"APP_TITLE": {
"VMW_HARBOR": "Harbor",
"HARBOR": "Harbor",
...
},
...
"APP_TITLE": {
"VMW_HARBOR": "Harbor",
"HARBOR": "Harbor",
// ...
},
// ...
}
```
@ -31,12 +31,13 @@ Steps to localize the UI in your language
Append `<language>-<locale>` to the language supporting list:
```
```typescript
export const supportedLangs = ['en-us', 'zh-cn', '<language>-<locale>'];
```
Define the language display name and append it to the name list:
```
```typescript
export const languageNames = {
"en-us": "English",
"zh-cn": "中文简体",
@ -44,9 +45,9 @@ Steps to localize the UI in your language
};
```
{{< note >}}
Don't miss the comma before the new key-value item you've added.
{{< /note >}}
{{< note >}}
Don't miss the comma before the new key-value item you've added.
{{< /note >}}
3. Enable the new language in the view.
@ -54,8 +55,8 @@ Steps to localize the UI in your language
```html
<div class="dropdown-menu">
<a href="javascript:void(0)" clrDropdownItem (click)='switchLanguage("en-us")' [class.lang-selected]='matchLang("en-us")'>English</a>
<a href="javascript:void(0)" clrDropdownItem (click)='switchLanguage("zh-cn")' [class.lang-selected]='matchLang("zh-cn")'>中文简体</a>
<a href="javascript:void(0)" clrDropdownItem (click)='switchLanguage("en-us")' [class.lang-selected]='matchLang("en-us")'>English</a>
<a href="javascript:void(0)" clrDropdownItem (click)='switchLanguage("zh-cn")' [class.lang-selected]='matchLang("zh-cn")'>中文简体</a>
</div>
```
@ -63,9 +64,9 @@ Steps to localize the UI in your language
```html
<div class="dropdown-menu">
<a href="javascript:void(0)" clrDropdownItem (click)='switchLanguage("en-us")' [class.lang-selected]='matchLang("en-us")'>English</a>
<a href="javascript:void(0)" clrDropdownItem (click)='switchLanguage("zh-cn")' [class.lang-selected]='matchLang("zh-cn")'>中文简体</a>
<a href="javascript:void(0)" clrDropdownItem (click)='switchLanguage("<language>-<locale>")' [class.lang-selected]='matchLang("<language>-<locale>")'>DISPLAY_NAME</a>
<a href="javascript:void(0)" clrDropdownItem (click)='switchLanguage("en-us")' [class.lang-selected]='matchLang("en-us")'>English</a>
<a href="javascript:void(0)" clrDropdownItem (click)='switchLanguage("zh-cn")' [class.lang-selected]='matchLang("zh-cn")'>中文简体</a>
<a href="javascript:void(0)" clrDropdownItem (click)='switchLanguage("<language>-<locale>")' [class.lang-selected]='matchLang("<language>-<locale>")'>DISPLAY_NAME</a>
</div>
```

6
docs/1.10/install-config/download-installer.md
View File

@ -20,7 +20,9 @@ The installation processes are almost the same for both the online and offline i
1. Obtain the public key for the `*.asc` file.
<pre>gpg --keyserver hkps://keyserver.ubuntu.com --receive-keys 644FF454C0B4115C</pre>
```sh
gpg --keyserver hkps://keyserver.ubuntu.com --receive-keys 644FF454C0B4115C
```
You should see the message ` public key "Harbor-sign (The key for signing Harbor build) <jiangd@vmware.com>" imported`
1. Verify that the package is genuine by running one of the following commands.
@ -30,7 +32,7 @@ The installation processes are almost the same for both the online and offline i
The `gpg` command verifies that the signature of the bundle matches that of the `*.asc` key file. You should see confirmation that the signature is correct.
```
```sh
gpg: armor header: Version: GnuPG v1
gpg: assuming signed data in 'harbor-offline-installer-v1.10.0-rc2.tgz'
gpg: Signature made Fri, Dec 6, 2019 5:04:17 AM WEST