Upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor.git synced 2024-11-20 01:05:19 +01:00
Code Issues Projects Releases Wiki Activity

All content now migrated into new structure

Browse Source
This commit is contained in:
Stuart Clements 2019-12-17 12:42:52 +01:00
parent e1e17165a4
commit 6a03724223
6 changed files with 96 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/harbor-doc-reorg/administration/upgrade/roll_back_upgrade.md
View File

@ -1,4 +1,4 @@
# Roll Back an Upgrade # Roll Back from an Upgrade
If, for any reason, you want to roll back to the previous version of Harbor, perform the following steps: If, for any reason, you want to roll back to the previous version of Harbor, perform the following steps:

11
docs/harbor-doc-reorg/administration/upgrade/upgrade_migrate_data.md
View File

@ -14,7 +14,7 @@ Since the migration might alter the database schema and the settings of `harbor.
- With the introduction of storage and artifact quotas in version 1.9.0, migration from 1.7.x and 1.8.x might take a few minutes. This is because the `core` walks through all blobs in the registry and populates the database with information about the layers and artifacts in projects. - With the introduction of storage and artifact quotas in version 1.9.0, migration from 1.7.x and 1.8.x might take a few minutes. This is because the `core` walks through all blobs in the registry and populates the database with information about the layers and artifacts in projects.
- With the introduction of storage and artifact quotas in version 1.9.0, replication between version 1.9.0 and a previous version of Harbor does not work. You must upgrade all Harbor nodes to 1.9.0 if you have configured replication between them. - With the introduction of storage and artifact quotas in version 1.9.0, replication between version 1.9.0 and a previous version of Harbor does not work. You must upgrade all Harbor nodes to 1.9.0 if you have configured replication between them.
## Procedure ## Upgrading Harbor and Migrating Data
1. Log in to the host that Harbor runs on, stop and remove existing Harbor instance if it is still running: 1. Log in to the host that Harbor runs on, stop and remove existing Harbor instance if it is still running:
@ -38,12 +38,19 @@ Since the migration might alter the database schema and the settings of `harbor.
3. Get the latest Harbor release package from Github: 3. Get the latest Harbor release package from Github:
[https://github.com/goharbor/harbor/releases](https://github.com/goharbor/harbor/releases) [https://github.com/goharbor/harbor/releases](https://github.com/goharbor/harbor/releases)
4. Before upgrading Harbor, perform a migration first. The migration tool is delivered as a docker image, so you should pull the image from docker hub. Replace [tag] with the release version of Harbor (for example, v1.9.0) in the command below: 4. Before upgrading Harbor, perform migration first. The migration tool is delivered as a docker image.
You can pull the image from docker hub. Replace [tag] with the release version of Harbor (e.g. v1.5.0) in the below command:
```sh ```sh
docker pull goharbor/harbor-migrator:[tag] docker pull goharbor/harbor-migrator:[tag]
``` ```
Alternatively, if you are using an offline installer package you can load it from the image tarball included in the offline installer package. Replace [version] with the release version of Harbor (e.g. v1.5.0) in the below command:
```sh
tar zxf <offline package>
docker image load -i harbor/harbor.[version].tar.gz
```
5. If you are current version is v1.7.x or earlier, i.e. migrate config file from `harbor.cfg` to `harbor.yml`. 5. If you are current version is v1.7.x or earlier, i.e. migrate config file from `harbor.cfg` to `harbor.yml`.
**NOTE:** You can find the ${harbor_yml} in the extracted installer you got in step `3`, after the migration the file `harbor.yml` **NOTE:** You can find the ${harbor_yml} in the extracted installer you got in step `3`, after the migration the file `harbor.yml`

40
docs/harbor-doc-reorg/build_customize_contribute/registry_landscape.md
View File

@ -3,16 +3,30 @@ The cloud native ecosystem is moving rapidlyregistries and their featuresets
If you find something outdated or outright erroneous, please submit a PR and we'll fix it right away. If you find something outdated or outright erroneous, please submit a PR and we'll fix it right away.
| Feature | Harbor | Docker Trusted Registry | Quay | Cloud Providers (GCP, AWS, Azure) | Docker Distribution | Artifactory | Table updated on 10/21/2019 against Harbor 1.9.
| -------------: | :----: | :---------------------: | :--: | :-------------------------------: | :-----------------: | :---------: |
| Local Auth | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ | | Feature | Harbor | Docker Trusted Registry | Quay | Cloud Providers (GCP, AWS, Azure) | Docker Distribution | Artifactory | GitLab |
| LDAP-based Auth | ✓ | ✓ | ✓ | partial | ✗ | ✓ | | -------------: | :----: | :---------------------: | :-----: | :-------------------------------: | :-----------------: | :---------: | :------: |
| Content Trust and Validation | ✓ | ✓ | ✗ | ✗ | partial | partial | | Ability to Determine Version of Binaries in Containers | ✓ | ✓ | ✓ | ✗ | ✗ | ? | ? |
| Vulnerability Scanning & Monitoring | ✓ | ✓ | ✓ | ✗ | ✗ | ✓ | | Artifact Repository (rpms, git, jar, etc) | ✗ | ✗ | ✗ | ✗ | ✗ | ✓ | partial |
| Replication | ✓ | ✓ | ✓ | n/a | ✗ | ✓ | | Audit Logs | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ | ✓ |
| Multi-Tenancy (projects, teams, etc.) | ✓ | ✓ | ✓ | partial | ✗ | ✓ | | Content Trust and Validation | ✓ | ✓ | ✗ | ✗ | partial | partial | ✗ |
| Role-Based Access Control | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ | | Custom TLS Certificates | ✓ | ✓ | ✓ | ✗ | ✓ | ✓ | ✓ |
| Custom TLS Certificates | ✓ | ✓ | ✓ | ✗ | ✓ | ✓ | | Helm Chart Repository Manager | ✓ | ✗ | partial | ✗ | ✗ | ✓ | ✗ |
| Ability to Determine Version of Binaries in Containers | ✓ | ✓ | ✓ | ✗ | ✗ | ? | | LDAP-based Auth | ✓ | ✓ | ✓ | partial | ✗ | ✓ | ✓ |
| Upstream Registry Proxy Cache | ✗ | ✓ | ✗ | ✗ | ✓ | ✓ | | Local Auth | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ | ✓ |
| Audit Logs | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ | | Multi-Tenancy (projects, teams, namespaces, etc) | ✓ | ✓ | ✓ | partial | ✗ | ✓ | ✓ |
| Open Source | ✓ | partial | ✗ | ✗ | ✓ | partial | partial |
| Project Quotas (by image count & storage consumption) | ✓ | ✗ | ✗ | partial | ✗ | ✗ | ✗ |
| Replication between instances | ✓ | ✓ | ✓ | n/a | ✗ | ✓ | ✗ |
| Replication between non-instances | ✓ | ✗ | ✓ | n/a | ✗ | ✗ | ✗ |
| Robot Accounts for Helm Charts | ✓ | ✗ | ✗ | ? | ✗ | ✗ | ✗ |
| Robot Accounts for Images | ✓ | ? | ✓ | ? | ✗ | ? | ? |
| Role-Based Access Control | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ | ✗ |
| Single Sign On (OIDC) | ✓ | ✓ | ✓ | ✓ | ✗ | partial | ✗ |
| Tag Retention Policy | ✓ | ✗ | partial | ✗ | ✗ | ✗ | ✗ |
| Upstream Registry Proxy Cache | ✗ | ✓ | ✗ | ✗ | ✓ | ✓ | ✗ |
| Vulnerability Scanning & Monitoring | ✓ | ✓ | ✓ | ✗ | ✗ | ✓ | partial |
| Vulnerability Scanning Plugin Framework | ✓ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ |
| Vulnerability Whitelisting | ✓ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ |
| Webhooks | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |

12
docs/harbor-doc-reorg/build_customize_contribute/ui_contribution_get_started.md
View File

@ -1,4 +1,4 @@
# Developing the Harbor Frontend # Harbor frontend environment get started guide
If you already have a harbor backend environment, you can build a frontend development environment with the following configuration. If you already have a harbor backend environment, you can build a frontend development environment with the following configuration.
@ -84,17 +84,11 @@ If you already have a harbor backend environment, you can build a frontend devel
npm install npm install
``` ```
3. Compile the frontend code by the following command. 3. Execute the following commandserve Harbor locally.
```
npm run build_all
```
4. Execute the following commandserve Harbor locally.
``` ```
npm run start npm run start
``` ```
5. Then you can visit the Harbor by address: https://localhost:4200. 4. Then you can visit the Harbor by address: https://localhost:4200.

6
docs/harbor-doc-reorg/build_customize_contribute/use_make.md
View File

@ -1,4 +1,4 @@
# Using Make ### Variables
Variable | Description Variable | Description
-------------------|------------- -------------------|-------------
BASEIMAGE | Container base image, default: photon BASEIMAGE | Container base image, default: photon
@ -36,10 +36,10 @@ version | set harbor version
#### EXAMPLE: #### EXAMPLE:
#### Build and run harbor from source code. #### Build and run harbor from source code.
make install GOBUILDIMAGE=golang:1.12.5 COMPILETAG=compile_golangimage NOTARYFLAG=true make install GOBUILDIMAGE=golang:1.13.4 COMPILETAG=compile_golangimage NOTARYFLAG=true
### Package offline installer ### Package offline installer
make package_offline GOBUILDIMAGE=golang:1.12.5 COMPILETAG=compile_golangimage NOTARYFLAG=true make package_offline GOBUILDIMAGE=golang:1.13.4 COMPILETAG=compile_golangimage NOTARYFLAG=true
### Start harbor with notary ### Start harbor with notary
make -e NOTARYFLAG=true start make -e NOTARYFLAG=true start

51
docs/harbor-doc-reorg/install_config/installation/harbor_compatibility_list.md Normal file
View File

@ -0,0 +1,51 @@
# Harbor Compatibility List
This document provides compatibility information for all Harbor components.
## Replication Adapters
| | Registries | Pull Mode | Push Mode | Introduced in Release | Automated Pipeline Covered |
|-----|------------------|-----------|-----------|-----------------------|---------------------------|
| [Harbor](https://goharbor.io/)| ![Harbor](img/replication_adapters/harbor_logo.png)|![Y](img/replication_adapters/right.png)|![Y](img/replication_adapters/right.png)| V1.8 | Y |
| [distribution](https://github.com/docker/distribution) | ![distribution](img/replication_adapters/distribution.png)|![Y](img/replication_adapters/right.png)|![Y](img/replication_adapters/right.png)| V1.8 | Y |
| [docker hub](https://hub.docker.com/) | ![docker hub](img/replication_adapters/docker_hub.png)|![Y](img/replication_adapters/right.png)|![Y](img/replication_adapters/right.png)| V1.8 | Y |
| [Huawei SWR](https://www.huaweicloud.com/en-us/product/swr.html) | ![Huawei SWR](img/replication_adapters/hw.png)|![Y](img/replication_adapters/right.png)|![Y](img/replication_adapters/right.png)| V1.8 | N |
| [GCR](https://cloud.google.com/container-registry/) | ![GCR](img/replication_adapters/gcr.png)|![Y](img/replication_adapters/right.png)|![Y](img/replication_adapters/right.png)| V1.9 | Y |
| [ECR](https://aws.amazon.com/ecr/) | ![ECR](img/replication_adapters/ecr.png)|![Y](img/replication_adapters/right.png)|![Y](img/replication_adapters/right.png)| V1.9 | Y |
| [ACR](https://azure.microsoft.com/en-us/services/container-registry/) | ![ACR](img/replication_adapters/acr.png)|![Y](img/replication_adapters/right.png)|![Y](img/replication_adapters/right.png)| V1.9 | N |
| [AliCR](https://www.alibabacloud.com/product/container-registry) | ![AliCR](img/replication_adapters/ali-cr.png)|![Y](img/replication_adapters/right.png)|![Y](img/replication_adapters/right.png)| V1.9 | N |
| [Helm Hub](https://hub.helm.sh/) | ![Helm Hub](img/replication_adapters/helm-hub.png)|![Y](img/replication_adapters/right.png)| N/A | V1.9 | N |
| [Artifactory](https://jfrog.com/artifactory/) | ![Artifactory](img/replication_adapters/artifactory.png)|![Y](img/replication_adapters/right.png)| ![Y](img/replication_adapters/right.png) | V1.10 | N |
| [Quay](https://github.com/quay/quay) | ![Quay](img/replication_adapters/quay.png)|![Y](img/replication_adapters/right.png)| ![Y](img/replication_adapters/right.png) | V1.10 | N |
| [GitLab Registry](https://docs.gitlab.com/ee/user/packages/container_registry/) | ![GitLab Registry](img/replication_adapters/gitlab.png)|![Y](img/replication_adapters/right.png)| ![Y](img/replication_adapters/right.png) | V1.10 | N |
**Notes**:
* `Pull` mode replicates artifacts from the specified source registries into Harbor.
* `Push` mode replicates artifacts from Harbor to the specified target registries.
## OIDC Adapters
| | OIDC Providers | Officially Verified | End User Verified | Verified in Release |
|---|-----------------|---------------------|---------------------|-----------------------|
| [Google Identity](https://developers.google.com/identity/protocols/OpenIDConnect) | ![google identity](img/OIDC/google_identity.png)| ![Y](img/replication_adapters/right.png) | |V1.9|
| [Dex](https://github.com/dexidp/dex) | ![dex](img/OIDC/dex.png) | ![Y](img/replication_adapters/right.png)| | V1.9 |
| [Ping Identity](https://www.pingidentity.com) | ![ping identity](img/OIDC/ping.png) | | ![Y](img/replication_adapters/right.png)| V1.9 |
| [Keycloak](https://www.keycloak.org/) | ![Keycloak](img/OIDC/keycloak.png) | ![Y](img/replication_adapters/right.png) | | V1.10 |
| [Auth0](https://auth0.com/) | ![Auth0](img/OIDC/auth0.png) | ![Y](img/replication_adapters/right.png) | | V1.10 |
## Scanner Adapters
| | Scanners | Providers | Evaluated | As Default | Onboard in Release |
|---|----------|-----------|-----------|------------|--------------------|
| [Clair](https://github.com/goharbor/harbor-scanner-clair) |![Clair](img/scanners/clair.png)| CentOS |![Y](img/replication_adapters/right.png)|![Y](img/replication_adapters/right.png)| v1.10 |
| [Anchore](https://github.com/anchore/harbor-scanner-adapter) |![Anchore](img/scanners/anchore.png) | Anchore |![Y](img/replication_adapters/right.png)| N | v1.10 |
| [Trivy](https://github.com/aquasecurity/harbor-scanner-trivy)|![Trivy](img/scanners/trivy.png)| Aqua |![Y](img/replication_adapters/right.png)| N | v1.10 |
| [CSP](https://github.com/aquasecurity/harbor-scanner-aqua) |![Aqua](img/scanners/aqua.png)| Aqua | N | N | v1.10 |
| [DoSec](https://github.com/dosec-cn/harbor-scanner/blob/master/README_en.md)|![DoSec](img/scanners/dosec.png) | DoSec | N | N | v1.10 |
**Notes:**
* `Evaluated` means that the scanner implementation has been officially tested and verified.
* `As Default` means that the scanner is provided as a default option and can be deployed together with the main Harbor components by providing extra options during installation. You must install other scanners manually.