mirror of
https://github.com/goharbor/harbor.git
synced 2024-11-25 03:35:21 +01:00
Merge remote-tracking branch 'upstream/master' into update_license
This commit is contained in:
Tan Jiang
commit
3f70768490
@ -6,6 +6,9 @@ MAINTAINER wangyan@vmware.com
|
||||
COPY entrypoint.sh /
|
||||
RUN chmod u+x /entrypoint.sh
|
||||
|
||||
RUN mkdir -p /etc/docker/registry
|
||||
COPY config.yml /etc/docker/registry/config.yml
|
||||
|
||||
COPY binary/registry /usr/bin
|
||||
RUN chmod u+x /usr/bin/registry
|
||||
|
||||
|
||||
@ -53,10 +53,12 @@ docker rmi -f registry-golang
|
||||
echo "Build registry binary success, then to build photon image..."
|
||||
cd $cur
|
||||
echo $PHOTONIMAGE
|
||||
cp $TEMP/cmd/registry/config-example.yml config.yml
|
||||
docker build -f Dockerfile -t $PHOTONIMAGE .
|
||||
|
||||
rm -rf $TEMP
|
||||
rm -rf binary
|
||||
rm -rf config.yml
|
||||
|
||||
echo 'Push image to docker hub.'
|
||||
../../pushimage.sh $PHOTONIMAGE USERNAME PASSWORD
|
||||
../../pushimage.sh $PHOTONIMAGE $USERNAME $PASSWORD
|
||||
@ -204,8 +204,8 @@ func TestCopyResp(t *testing.T) {
|
||||
|
||||
func TestMarshalError(t *testing.T) {
|
||||
assert := assert.New(t)
|
||||
js := marshalError("Not Found", 404)
|
||||
assert.Equal("{\"code\":404,\"message\":\"Not Found\",\"details\":\"Not Found\"}", js)
|
||||
js := marshalError("Not Found")
|
||||
assert.Equal("{\"errors\":[{\"code\":\"PROJECT_POLICY_VIOLATION\",\"message\":\"Not Found\",\"detail\":\"Not Found\"}]}", js)
|
||||
}
|
||||
|
||||
func TestIsDigest(t *testing.T) {
|
||||
|
||||
@ -140,20 +140,20 @@ func (uh urlHandler) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
|
||||
if flag {
|
||||
components := strings.SplitN(repository, "/", 2)
|
||||
if len(components) < 2 {
|
||||
http.Error(rw, marshalError(fmt.Sprintf("Bad repository name: %s", repository), http.StatusInternalServerError), http.StatusBadRequest)
|
||||
http.Error(rw, marshalError(fmt.Sprintf("Bad repository name: %s", repository)), http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
client, err := uiutils.NewRepositoryClientForUI(tokenUsername, repository)
|
||||
if err != nil {
|
||||
log.Errorf("Error creating repository Client: %v", err)
|
||||
http.Error(rw, marshalError(fmt.Sprintf("Failed due to internal Error: %v", err), http.StatusInternalServerError), http.StatusInternalServerError)
|
||||
http.Error(rw, marshalError(fmt.Sprintf("Failed due to internal Error: %v", err)), http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
digest, _, err := client.ManifestExist(reference)
|
||||
if err != nil {
|
||||
log.Errorf("Failed to get digest for reference: %s, error: %v", reference, err)
|
||||
http.Error(rw, marshalError(fmt.Sprintf("Failed due to internal Error: %v", err), http.StatusInternalServerError), http.StatusInternalServerError)
|
||||
http.Error(rw, marshalError(fmt.Sprintf("Failed due to internal Error: %v", err)), http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
@ -244,12 +244,12 @@ func (cth contentTrustHandler) ServeHTTP(rw http.ResponseWriter, req *http.Reque
|
||||
}
|
||||
match, err := matchNotaryDigest(img)
|
||||
if err != nil {
|
||||
http.Error(rw, marshalError("Failed in communication with Notary please check the log", http.StatusInternalServerError), http.StatusInternalServerError)
|
||||
http.Error(rw, marshalError("Failed in communication with Notary please check the log"), http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
if !match {
|
||||
log.Debugf("digest mismatch, failing the response.")
|
||||
http.Error(rw, marshalError("The image is not signed in Notary.", http.StatusPreconditionFailed), http.StatusPreconditionFailed)
|
||||
http.Error(rw, marshalError("The image is not signed in Notary."), http.StatusPreconditionFailed)
|
||||
return
|
||||
}
|
||||
cth.next.ServeHTTP(rw, req)
|
||||
@ -278,20 +278,19 @@ func (vh vulnerableHandler) ServeHTTP(rw http.ResponseWriter, req *http.Request)
|
||||
overview, err := dao.GetImgScanOverview(img.digest)
|
||||
if err != nil {
|
||||
log.Errorf("failed to get ImgScanOverview with repo: %s, reference: %s, digest: %s. Error: %v", img.repository, img.reference, img.digest, err)
|
||||
http.Error(rw, marshalError("Failed to get ImgScanOverview.", http.StatusPreconditionFailed), http.StatusPreconditionFailed)
|
||||
http.Error(rw, marshalError("Failed to get ImgScanOverview."), http.StatusPreconditionFailed)
|
||||
return
|
||||
}
|
||||
// severity is 0 means that the image fails to scan or not scanned successfully.
|
||||
if overview == nil || overview.Sev == 0 {
|
||||
log.Debugf("cannot get the image scan overview info, failing the response.")
|
||||
http.Error(rw, marshalError("Cannot get the image severity.", http.StatusPreconditionFailed), http.StatusPreconditionFailed)
|
||||
http.Error(rw, marshalError("Cannot get the image severity."), http.StatusPreconditionFailed)
|
||||
return
|
||||
}
|
||||
imageSev := overview.Sev
|
||||
if imageSev >= int(projectVulnerableSeverity) {
|
||||
log.Debugf("the image severity: %q is higher then project setting: %q, failing the response.", models.Severity(imageSev), projectVulnerableSeverity)
|
||||
http.Error(rw, marshalError(fmt.Sprintf("The severity of vulnerability of the image: %q is equal or higher than the threshold in project setting: %q.", models.Severity(imageSev), projectVulnerableSeverity),
|
||||
http.StatusPreconditionFailed), http.StatusPreconditionFailed)
|
||||
http.Error(rw, marshalError(fmt.Sprintf("The severity of vulnerability of the image: %q is equal or higher than the threshold in project setting: %q.", models.Severity(imageSev), projectVulnerableSeverity)), http.StatusPreconditionFailed)
|
||||
return
|
||||
}
|
||||
vh.next.ServeHTTP(rw, req)
|
||||
@ -341,13 +340,17 @@ func copyResp(rec *httptest.ResponseRecorder, rw http.ResponseWriter) {
|
||||
rw.Write(rec.Body.Bytes())
|
||||
}
|
||||
|
||||
func marshalError(msg string, statusCode int) string {
|
||||
je := &JSONError{
|
||||
Message: msg,
|
||||
Code: statusCode,
|
||||
Details: msg,
|
||||
func marshalError(msg string) string {
|
||||
var tmpErrs struct {
|
||||
Errors []JSONError `json:"errors,omitempty"`
|
||||
}
|
||||
str, err := json.Marshal(je)
|
||||
tmpErrs.Errors = append(tmpErrs.Errors, JSONError{
|
||||
Code: "PROJECT_POLICY_VIOLATION",
|
||||
Message: msg,
|
||||
Detail: msg,
|
||||
})
|
||||
|
||||
str, err := json.Marshal(tmpErrs)
|
||||
if err != nil {
|
||||
log.Debugf("failed to marshal json error, %v", err)
|
||||
return msg
|
||||
@ -357,7 +360,7 @@ func marshalError(msg string, statusCode int) string {
|
||||
|
||||
// JSONError wraps a concrete Code and Message, it's readable for docker deamon.
|
||||
type JSONError struct {
|
||||
Code int `json:"code,omitempty"`
|
||||
Code string `json:"code,omitempty"`
|
||||
Message string `json:"message,omitempty"`
|
||||
Details string `json:"details,omitempty"`
|
||||
Detail string `json:"detail,omitempty"`
|
||||
}
|
||||
|
||||
@ -197,11 +197,11 @@ export class RepositoryStackviewComponent implements OnChanges, OnInit {
|
||||
signedDataSet(repoName: string): void {
|
||||
let signature: string = '';
|
||||
if (this.signedCon[repoName].length === 0) {
|
||||
this.confirmationDialogSet('DELETION_TITLE_REPO', signature, repoName, 'REPOSITORY.DELETION_SUMMARY_REPO', ConfirmationButtons.DELETE_CANCEL);
|
||||
this.confirmationDialogSet('REPOSITORY.DELETION_TITLE_REPO', signature, repoName, 'REPOSITORY.DELETION_SUMMARY_REPO', ConfirmationButtons.DELETE_CANCEL);
|
||||
return;
|
||||
}
|
||||
signature = this.signedCon[repoName].join(',');
|
||||
this.confirmationDialogSet('DELETION_TITLE_REPO_SIGNED', signature, repoName, 'REPOSITORY.DELETION_SUMMARY_REPO_SIGNED', ConfirmationButtons.CLOSE);
|
||||
this.confirmationDialogSet('REPOSITORY.DELETION_TITLE_REPO_SIGNED', signature, repoName, 'REPOSITORY.DELETION_SUMMARY_REPO_SIGNED', ConfirmationButtons.CLOSE);
|
||||
}
|
||||
|
||||
confirmationDialogSet(summaryTitle: string, signature: string, repoName: string, summaryKey: string, button: ConfirmationButtons): void {
|
||||
|
||||
@ -175,6 +175,7 @@ export class ResultBarChartComponent implements OnInit, OnDestroy {
|
||||
copyValue(newVal: VulnerabilitySummary): void {
|
||||
if (!newVal || !newVal.scan_status) { return; }
|
||||
this.summary.scan_status = newVal.scan_status;
|
||||
this.summary.job_id = newVal.job_id;
|
||||
this.summary.severity = newVal.severity;
|
||||
this.summary.components = newVal.components;
|
||||
this.summary.update_time = newVal.update_time;
|
||||
|
||||
@ -31,7 +31,7 @@
|
||||
"clarity-icons": "^0.9.8",
|
||||
"clarity-ui": "^0.9.8",
|
||||
"core-js": "^2.4.1",
|
||||
"harbor-ui": "0.4.52",
|
||||
"harbor-ui": "0.4.60",
|
||||
"intl": "^1.2.5",
|
||||
"mutationobserver-shim": "^0.3.2",
|
||||
"ngx-cookie": "^1.0.0",
|
||||
|
||||
@ -323,7 +323,7 @@
|
||||
"DELETION_TITLE_REPO": "Confirm Repository Deletion",
|
||||
"DELETION_TITLE_REPO_SIGNED": "Repository cannot be deleted",
|
||||
"DELETION_SUMMARY_REPO_SIGNED": "Repository '{{repoName}}' cannot be deleted because the following signed images existing.\n{{signedImages}} \nYou should unsign all the signed images before deleting the repository!",
|
||||
"DELETION_SUMMARY_REPO": "Do you want to delete repository {{param}}?",
|
||||
"DELETION_SUMMARY_REPO": "Do you want to delete repository {{repoName}}?",
|
||||
"DELETION_TITLE_TAG": "Confirm Tag Deletion",
|
||||
"DELETION_SUMMARY_TAG": "Do you want to delete tag {{param}}?",
|
||||
"DELETION_TITLE_TAG_DENIED": "Signed tag cannot be deleted",
|
||||
|
||||
@ -324,7 +324,7 @@
|
||||
"DELETION_TITLE_REPO": "Confirmar Eliminación de Repositorio",
|
||||
"DELETION_TITLE_REPO_SIGNED": "Repository cannot be deleted",
|
||||
"DELETION_SUMMARY_REPO_SIGNED": "Repository '{{repoName}}' cannot be deleted because the following signed images existing.\n{{signedImages}} \nYou should unsign all the signed images before deleting the repository!",
|
||||
"DELETION_SUMMARY_REPO": "¿Quiere eliminar el repositorio {{param}}?",
|
||||
"DELETION_SUMMARY_REPO": "¿Quiere eliminar el repositorio {{repoName}}?",
|
||||
"DELETION_TITLE_TAG": "Confirmación de Eliminación de Etiqueta",
|
||||
"DELETION_SUMMARY_TAG": "¿Quiere eliminar la etiqueta {{param}}?",
|
||||
"DELETION_TITLE_TAG_DENIED": "La etiqueta firmada no puede ser eliminada",
|
||||
|
||||
@ -323,7 +323,7 @@
|
||||
"DELETION_TITLE_REPO": "删除镜像仓库确认",
|
||||
"DELETION_TITLE_REPO_SIGNED": "仓库不能被删除",
|
||||
"DELETION_SUMMARY_REPO_SIGNED": "镜像仓库 '{{repoName}}' 不能被删除,因为存在以下签名镜像.\n{{signedImages}} \n在删除镜像仓库前需先删除所有的签名镜像",
|
||||
"DELETION_SUMMARY_REPO": "确认删除镜像仓库 {{param}}?",
|
||||
"DELETION_SUMMARY_REPO": "确认删除镜像仓库 {{repoName}}?",
|
||||
"DELETION_TITLE_TAG": "删除镜像标签确认",
|
||||
"DELETION_SUMMARY_TAG": "确认删除镜像标签 {{param}}?",
|
||||
"DELETION_TITLE_TAG_DENIED": "已签名的镜像不能被删除",
|
||||
|
||||
@ -75,7 +75,7 @@ echo $rc
|
||||
|
||||
timestamp=$(date +%s)
|
||||
outfile="integration_logs_"$DRONE_BUILD_NUMBER"_"$DRONE_COMMIT".zip"
|
||||
zip -9 $outfile output.xml log.html *.png package.list *container-logs.zip *.log /var/log/harbor/*/*.log /data/config/*
|
||||
zip -9 $outfile output.xml log.html *.png package.list *container-logs.zip *.log /var/log/harbor/*/*.log /data/config/* /data/job_logs/*
|
||||
if [ -f "$outfile" ]; then
|
||||
gsutil cp $outfile gs://harbor-ci-logs
|
||||
echo "----------------------------------------------"
|
||||
|
||||
@ -36,7 +36,7 @@ Create An New Rule With New Endpoint
|
||||
Input text xpath=${destination_username_xpath} ${destination_username}
|
||||
Input text xpath=${destination_password_xpath} ${destination_password}
|
||||
Click element xpath=${replicaton_save_xpath}
|
||||
Sleep 2
|
||||
Sleep 5
|
||||
Capture Page Screenshot rule_${policy_name}.png
|
||||
Wait Until Page Contains ${policy_name}
|
||||
Wait Until Page Contains ${policy_description}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user