diff --git a/docs/1.10/README.md b/docs/1.10/README.md
deleted file mode 100644
index 7331d7ecd..000000000
--- a/docs/1.10/README.md
+++ /dev/null
@@ -1,3 +0,0 @@
-# Harbor Documentation
-
-You access the Harbor documentation from the [Table of Contents](index.md).
diff --git a/docs/1.10/index.md b/docs/1.10/_index.md
similarity index 99%
rename from docs/1.10/index.md
rename to docs/1.10/_index.md
index 9ae9be25f..8b595d200 100644
--- a/docs/1.10/index.md
+++ b/docs/1.10/_index.md
@@ -1,4 +1,6 @@
-# Harbor 1.10 Documentation
+---
+title: Harbor Documentation
+---
This is the main table of contents for the Harbor 1.10.x documentation.
diff --git a/docs/1.10/administration/README.md b/docs/1.10/administration/_index.md
similarity index 70%
rename from docs/1.10/administration/README.md
rename to docs/1.10/administration/_index.md
index ff326ee77..a30bfeff7 100644
--- a/docs/1.10/administration/README.md
+++ b/docs/1.10/administration/_index.md
@@ -1,18 +1,16 @@
-# Harbor Administration
+---
+title: Harbor Administration
+---
This section describes how to configure and maintain Harbor after deployment. These operations are performed by the Harbor system administrator. The Harbor system administrator performs global configuration operations that apply to the whole Harbor instance.
The operations that are performed by the Harbor system administrator are the following.
-- Select database, LDAP/Active Directory, or OIDC based authentication. For information, see [Configuring Authentication](configure_authentication/configure_authentication.md).
-- Add users in database authentication mode and assign the system administrator role to other users. For information, see [Role Based Access Control](managing_users/rbac.md).
-- Configure global settings, such as configuring an email server, setting the registry to read-only mode, and restriction who can create projects. For information, see [Configure Global Settings](general_settings.md).
-- Apply resource quotas to projects. For information, see [Configure Project Quotas](configure_project_quotas.md).
-- Set up replication of images between Harbor and another Harbor instance or a 3rd party replication target. For information, see [Configuring Replication](configuring_replication/configuring_replication.md).
-- Set up vulnerability scanners to check the images in the registry for CVE vulnerabilities. For information, see [Vulnerability Scanning](vulnerability_scanning/vulnerability_scanning.md).
-- Perform garbage collection, to remove unnecessary data from Harbor. For information, see [Garbage Collection](garbage_collection.md).
-- Upgrade Harbor when a new version becomes available. For information, see [Upgrading Harbor](upgrade/upgrade_migrate_data.md).
-
-----------
-
-[Back to table of contents](../index.md)
\ No newline at end of file
+- Select database, LDAP/Active Directory, or OIDC based authentication. For information, see [Configuring Authentication](configure-authentication).
+- Add users in database authentication mode and assign the system administrator role to other users. For information, see [Role Based Access Control](managing-users/rbac.md).
+- Configure global settings, such as configuring an email server, setting the registry to read-only mode, and restriction who can create projects. For information, see [Configure Global Settings](../general-settings.md).
+- Apply resource quotas to projects. For information, see [Configure Project Quotas](../configure-project-quotas.md).
+- Set up replication of images between Harbor and another Harbor instance or a 3rd party replication target. For information, see [Configuring Replication](configuring-replication).
+- Set up vulnerability scanners to check the images in the registry for CVE vulnerabilities. For information, see [Vulnerability Scanning](vulnerability-scanning).
+- Perform garbage collection, to remove unnecessary data from Harbor. For information, see [Garbage Collection](../garbage-collection.md).
+- Upgrade Harbor when a new version becomes available. For information, see [Upgrading Harbor](upgrade/upgrade-migrate-data.md).
diff --git a/docs/1.10/administration/configure_authentication/configure_authentication.md b/docs/1.10/administration/configure-authentication/_index.md
similarity index 54%
rename from docs/1.10/administration/configure_authentication/configure_authentication.md
rename to docs/1.10/administration/configure-authentication/_index.md
index 0837b524c..a51fdd3e2 100644
--- a/docs/1.10/administration/configure_authentication/configure_authentication.md
+++ b/docs/1.10/administration/configure-authentication/_index.md
@@ -1,16 +1,15 @@
-# Configuring Authentication
+---
+title: Configuring Authentication
+---
-Harbor supports different modes for authenticating users and managing user accounts. You should select an authentication mode as soon as you deploy Harbor.
+Harbor supports different modes for authenticating users and managing user accounts. You should select an authentication mode as soon as you deploy Harbor.
-**IMPORTANT**: If you create user accounts in the Harbor database, Harbor is locked in database mode. You cannot change to a different authentication mode after you have created local users.
+{{< important >}}
+If you create user accounts in the Harbor database, Harbor is locked in database mode. You cannot change to a different authentication mode after you have created local users.
+{{< /important >}}
-- [Database Authentication](db_auth.md): You create and manage user accounts directly in Harbor. The user accounts are stored in the Harbor database.
-- [LDAP/Active Directory Authentication](ldap_auth.md): You connect Harbor to an external LDAP/Active Directory server. The user accounts are created and managed by your LDAP/AD provider.
-- [OIDC Provider Authentication](oidc_auth.md): You connect Harbor to an external OIDC provider. The user accounts are created and managed by your ODIC provider.
+- [Database Authentication](db-auth.md): You create and manage user accounts directly in Harbor. The user accounts are stored in the Harbor database.
+- [LDAP/Active Directory Authentication](ldap-auth.md): You connect Harbor to an external LDAP/Active Directory server. The user accounts are created and managed by your LDAP/AD provider.
+- [OIDC Provider Authentication](oidc-auth.md): You connect Harbor to an external OIDC provider. The user accounts are created and managed by your ODIC provider.
The Harbor interface offers an option to configure UAA authentication. This authentication mode is not recommended and is not documented in this guide.
-
-
-----------
-
-[Back to table of contents](../../index.md)
\ No newline at end of file
diff --git a/docs/1.10/administration/configure_authentication/db_auth.md b/docs/1.10/administration/configure-authentication/db-auth.md
similarity index 69%
rename from docs/1.10/administration/configure_authentication/db_auth.md
rename to docs/1.10/administration/configure-authentication/db-auth.md
index de9265cfc..a5b5a02bc 100644
--- a/docs/1.10/administration/configure_authentication/db_auth.md
+++ b/docs/1.10/administration/configure-authentication/db-auth.md
@@ -1,22 +1,22 @@
-[Back to table of contents](../../index.md)
-
-----------
-
-# Configure Database Authentication
+---
+title: Configure Database Authentication
+---
In database authentication mode, user accounts are stored in the local database. By default, only the Harbor system administrator can create user accounts to add users to Harbor. You can optionally configure Harbor to allow self-registration.
-**IMPORTANT**: If you create users in the database, Harbor is locked in database mode. You cannot change to a different authentication mode after you have created local users.
+{{< important >}}
+If you create users in the database, Harbor is locked in database mode. You cannot change to a different authentication mode after you have created local users.
+{{< /important >}}
1. Log in to the Harbor interface with an account that has Harbor system administrator privileges.
1. Under **Administration**, go to **Configuration** and select the **Authentication** tab.
1. Leave **Auth Mode** set to the default **Database** option.
- 
+ 
1. Optionally select the **Allow Self-Registration** check box.
- 
+ 
If you enable the self registration option, users can register themselves in Harbor. Self-registration is disabled by default. If you enable self-registration, unregistered users can sign up for a Harbor account by clicking **Sign up for an account** in the Harbor log in page.
@@ -24,8 +24,4 @@ In database authentication mode, user accounts are stored in the local database.
## What to Do Next
-For information about how to create users in database authentication mode, see [Create User Accounts in Database Mode](../managing_users/create_users_db.md).
-
-----------
-
-[Back to table of contents](../../index.md)
+For information about how to create users in database authentication mode, see [Create User Accounts in Database Mode](../managing_users/create-users-db.md).
diff --git a/docs/1.10/administration/configure_authentication/ldap_auth.md b/docs/1.10/administration/configure-authentication/ldap-auth.md
similarity index 78%
rename from docs/1.10/administration/configure_authentication/ldap_auth.md
rename to docs/1.10/administration/configure-authentication/ldap-auth.md
index 992ad3b29..ec21bbb58 100644
--- a/docs/1.10/administration/configure_authentication/ldap_auth.md
+++ b/docs/1.10/administration/configure-authentication/ldap-auth.md
@@ -1,22 +1,22 @@
-[Back to table of contents](../../index.md)
-
-----------
-
-# Configure LDAP/Active Directory Authentication
+---
+title: Configure LDAP/Active Directory Authentication
+---
If you select LDAP/AD authentication, users whose credentials are stored in an external LDAP or AD server can log in to Harbor directly. In this case, you do not create user accounts in Harbor.
-**IMPORTANT**: You can change the authentication mode from database to LDAP only if no local users have been added to the database. If there is at least one user other than `admin` in the Harbor database, you cannot change the authentication mode.
+{{< important >}}
+You can change the authentication mode from database to LDAP only if no local users have been added to the database. If there is at least one user other than `admin` in the Harbor database, you cannot change the authentication mode.
+{{< /important >}}
Because the users are managed by LDAP or AD, self-registration, creating users, deleting users, changing passwords, and resetting passwords are not supported in LDAP/AD authentication mode.
-If you want to manage user authentication by using LDAP groups, you must enable the `memberof` feature on the LDAP/AD server. With the `memberof` feature, the LDAP/AD user entity's `memberof` attribute is updated when the group entity's `member` attribute is updated, for example by adding or removing an LDAP/AD user from the LDAP/AD group. This feature is enabled by default in Active Directory. For information about how to enable and verify `memberof` overlay in OpenLDAP, see [this technical note]( https://technicalnotes.wordpress.com/2014/04/19/openldap-setup-with-memberof-overlay/).
+If you want to manage user authentication by using LDAP groups, you must enable the `memberof` feature on the LDAP/AD server. With the `memberof` feature, the LDAP/AD user entity's `memberof` attribute is updated when the group entity's `member` attribute is updated, for example by adding or removing an LDAP/AD user from the LDAP/AD group. This feature is enabled by default in Active Directory. For information about how to enable and verify `memberof` overlay in OpenLDAP, see [this technical note](https://technicalnotes.wordpress.com/2014/04/19/openldap-setup-with-memberof-overlay).
1. Log in to the Harbor interface with an account that has Harbor system administrator privileges.
1. Under **Administration**, go to **Configuration** and select the **Authentication** tab.
1. Use the **Auth Mode** drop-down menu to select **LDAP**.
- 
+ 
1. Enter the address of your LDAP server, for example `ldaps://10.162.16.194`.
1. Enter information about your LDAP server.
@@ -26,7 +26,7 @@ If you want to manage user authentication by using LDAP groups, you must enable
- **LDAP UID**: An attribute, for example `uid`, or `cn`, that is used to match a user with the username. If a match is found, the user's password is verified by a bind request to the LDAP/AD server.
- **LDAP Scope**: The scope to search for LDAP/AD users. Select from **Subtree**, **Base**, and **OneLevel**.
- 
+ 
1. If you want to manage user authentication with LDAP groups, configure the group settings.
- **LDAP Group Base DN**: The base DN from which to lookup a group in LDAP/AD. For example, `ou=groups,dc=example,dc=com`.
- **LDAP Group Filter**: The filter to search for LDAP/AD groups. For example, `objectclass=groupOfNames`.
@@ -35,13 +35,9 @@ If you want to manage user authentication by using LDAP groups, you must enable
- **LDAP Group Membership**: The user attribute usd to identify a user as a member of a group. By default this is `memberof`.
- **LDAP Scope**: The scope to search for LDAP/AD groups. Select from **Subtree**, **Base**, and **OneLevel**.
- 
+ 
1. Uncheck **LDAP Verify Cert** if the LDAP/AD server uses a self-signed or untrusted certificate.
- 
+ 
1. Click **Test LDAP Server** to make sure that your configuration is correct.
1. Click **Save** to complete the configuration.
-
-----------
-
-[Back to table of contents](../../index.md)
diff --git a/docs/1.10/administration/configure_authentication/oidc_auth.md b/docs/1.10/administration/configure-authentication/oidc-auth.md
similarity index 82%
rename from docs/1.10/administration/configure_authentication/oidc_auth.md
rename to docs/1.10/administration/configure-authentication/oidc-auth.md
index 33bb7e721..7ab83e964 100644
--- a/docs/1.10/administration/configure_authentication/oidc_auth.md
+++ b/docs/1.10/administration/configure-authentication/oidc-auth.md
@@ -1,14 +1,14 @@
-[Back to table of contents](../../index.md)
-
-----------
-
-# Configure OIDC Provider Authentication
+---
+title: Configure OIDC Provider Authentication
+---
If you select OpenID Connect (OIDC) authentication, users log in to the Harbor interface via an OIDC single sign-on (SSO) provider, such as Okta, KeyCloak, or dex. In this case, you do not create user accounts in Harbor.
-**IMPORTANT**: You can change the authentication mode from database to OIDC only if no local users have been added to the database. If there is at least one user other than `admin` in the Harbor database, you cannot change the authentication mode.
+{{< important >}}
+You can change the authentication mode from database to OIDC only if no local users have been added to the database. If there is at least one user other than `admin` in the Harbor database, you cannot change the authentication mode.
+{{< /important >}}
-Because the users are managed by the OIDC provider, self-registration, creating users, deleting users, changing passwords, and resetting passwords are not supported in OIDC authentication mode.
+Because the users are managed by the OIDC provider, self-registration, creating users, deleting users, changing passwords, and resetting passwords are not supported in OIDC authentication mode.
### Configure Your OIDC Provider
@@ -27,7 +27,7 @@ Before configuring an OIDC provider in Harbor, make sure that your provider is c
1. Under **Administration**, go to **Configuration** and select the **Authentication** tab.
1. Use the **Auth Mode** drop-down menu to select **OIDC**.
- 
+ 
1. Enter information about your OIDC provider.
- **OIDC Provider Name**: The name of the OIDC provider.
@@ -39,11 +39,11 @@ Before configuring an OIDC provider in Harbor, make sure that your provider is c
The OIDC scope must contain `openid` and usually also contains `profile` and `email`. To obtain refresh tokens it should also contain `offline_access`. If you are using OIDC groups, a scope must identify the group claim. Check with your OIDC provider administrator for precise details of how to identify the group claim scope, as this differs from vendor to vendor.
- 
+ 
1. Uncheck **Verify Certificate** if the OIDC Provider uses a self-signed or untrusted certificate.
1. Verify that the Redirect URI that you configured in your OIDC provider is the same as the one displayed at the bottom of the page.
- 
+ 
1. Click **Test OIDC Server** to make sure that your configuration is correct.
1. Click **Save** to complete the configuration.
@@ -51,7 +51,7 @@ Before configuring an OIDC provider in Harbor, make sure that your provider is c
When the Harbor system administrator has configured Harbor to authenticate via OIDC a **Login via OIDC Provider** button appears on the Harbor login page.
-
+
**NOTE:** When Harbor is configured authentication via OIDC, the **Username** and **Password** fields are reserved for the local Harbor system administrator to log in.
@@ -60,7 +60,7 @@ When the Harbor system administrator has configured Harbor to authenticate via O
This redirects you to the OIDC Provider for authentication.
1. If this is the first time that you are logging in to Harbor with OIDC, specify a user name for Harbor to associate with your OIDC username.
- 
+ 
This is the user name by which you are identified in Harbor, which is used when adding you to projects, assigning roles, and so on. If the username is already taken, you are prompted to choose another one.
1. After the OIDC provider has authenticated you, you are redirected back to Harbor.
@@ -74,13 +74,13 @@ The Docker and Helm CLIs cannot handle redirection for OIDC, so Harbor provides
1. Log in to Harbor with an OIDC user account.
1. Click your username at the top of the screen and select **User Profile**.
- 
+ 
1. Click the clipboard icon to copy the CLI secret associated with your account.
- 
+ 
1. Optionally click the **...** icon in your user profile to display buttons for automatically generating or manually creating a new CLI secret.
- 
+ 
A user can only have one CLI secret, so when a new secret is generated or create, the old one becomes invalid.
1. If you generated a new CLI secret, click the clipboard icon to copy it.
@@ -91,8 +91,6 @@ You can now use your CLI secret as the password when logging in to Harbor from t
sh docker login -u testuser -p cli_secret jt-test.local.goharbor.io
-**NOTE**: The CLI secret is associated with the OIDC ID token. Harbor will try to refresh the token, so the CLI secret will be valid after the ID token expires. However, if the OIDC Provider does not provide a refresh token or the refresh fails, the CLI secret becomes invalid. In this case, log out and log back in to Harbor via your OIDC provider so that Harbor can get a new ID token. The CLI secret will then work again.
-
-----------
-
-[Back to table of contents](../../index.md)
+{{< note >}}
+The CLI secret is associated with the OIDC ID token. Harbor will try to refresh the token, so the CLI secret will be valid after the ID token expires. However, if the OIDC Provider does not provide a refresh token or the refresh fails, the CLI secret becomes invalid. In this case, log out and log back in to Harbor via your OIDC provider so that Harbor can get a new ID token. The CLI secret will then work again.
+{{< /note >}}
diff --git a/docs/1.10/administration/configure_project_quotas.md b/docs/1.10/administration/configure-project-quotas.md
similarity index 92%
rename from docs/1.10/administration/configure_project_quotas.md
rename to docs/1.10/administration/configure-project-quotas.md
index 1687e646c..0995a5261 100644
--- a/docs/1.10/administration/configure_project_quotas.md
+++ b/docs/1.10/administration/configure-project-quotas.md
@@ -1,12 +1,12 @@
-[Back to table of contents](../index.md)
-
-----------
-
-# Configure Project Quotas
+---
+title: Configure Project Quotas
+---
To exercise control over resource use, as a Harbor system administrator you can set quotas on projects. You can limit the number of tags that a project can contain and limit the amount of storage capacity that a project can consume. You can set default quotas that apply to all projects globally.
-**NOTE**: Default quotas apply to projects that are created after you set or change the default quota. The default quota is not applied to projects that already existed before you set it.
+{{< note >}}
+Default quotas apply to projects that are created after you set or change the default quota. The default quota is not applied to projects that already existed before you set it.
+{{< /note >}}
You can also set quotas on individual projects. If you set a global default quota and you set different quotas on individual projects, the per-project quotas are applied.
@@ -45,7 +45,3 @@ When setting project quotas, it is useful to know how Harbor calculates tag numb
- During garbage collection, Harbor frees the storage used by untagged blobs in the project.
- If the tag count reaches the limit, image blobs can be pushed into a project and storage usage is updated accordingly. You can consider these blobs to be untagged blobs. They can be removed by garbage collection, and the storage that they consume is returned after garbage colletion.
- Helm chart size is not calculated. Only tag counts are calculated.
-
-----------
-
-[Back to table of contents](../index.md)
diff --git a/docs/1.10/administration/configuring_replication/configuring_replication.md b/docs/1.10/administration/configuring-replication/_index.md
similarity index 71%
rename from docs/1.10/administration/configuring_replication/configuring_replication.md
rename to docs/1.10/administration/configuring-replication/_index.md
index 6055f19cb..75bccf746 100644
--- a/docs/1.10/administration/configuring_replication/configuring_replication.md
+++ b/docs/1.10/administration/configuring-replication/_index.md
@@ -1,4 +1,6 @@
-# Configuring Replication
+---
+title: Configuring Replication
+---
Replication allows users to replicate resources, namely images and charts, between Harbor and non-Harbor registries, in both pull or push mode.
@@ -6,13 +8,10 @@ When the Harbor system administrator has set a replication rule, all resources t
There might be some delay during replication based on the condition of the network. If a replication task fails, it is re-scheduled for a few minutes later and retried several times.
-**NOTE:** Due to API changes, replication between different versions of Harbor is not supported.
+{{< note >}}
+Due to API changes, replication between different versions of Harbor is not supported.
+{{< /note >}}
-- [Create Replication Endpoints](create_replication_endpoints.md)
-- [Create Replication Rules](create_replication_rules.md)
-- [Running Replication Manually](manage_replications.md)
-
-
-----------
-
-[Back to table of contents](../../index.md)
+- [Create Replication Endpoints](create-replication-endpoints.md)
+- [Create Replication Rules](create-replication-rules.md)
+- [Running Replication Manually](manage-replications.md)
diff --git a/docs/1.10/administration/configuring_replication/create_replication_endpoints.md b/docs/1.10/administration/configuring-replication/create-replication-endpoints.md
similarity index 90%
rename from docs/1.10/administration/configuring_replication/create_replication_endpoints.md
rename to docs/1.10/administration/configuring-replication/create-replication-endpoints.md
index 3ecff2e91..1190f53b4 100644
--- a/docs/1.10/administration/configuring_replication/create_replication_endpoints.md
+++ b/docs/1.10/administration/configuring-replication/create-replication-endpoints.md
@@ -1,8 +1,6 @@
-[Back to table of contents](../../index.md)
-
-----------
-
-# Creating Replication Endpoints
+---
+title: Creating Replication Endpoints
+---
To replicate image repositories from one instance of Harbor to another Harbor or non-Harbor registry, you first create replication endpoints.
@@ -33,7 +31,7 @@ To replicate image repositories from one instance of Harbor to another Harbor or
For example, to replicate to another Harbor instance, enter https://harbor_instance_address:443. The registry must exist and be running before you create the endpoint.
1. Enter the Access ID and Access Secret for the endpoint registry instance.
- Use an account that has the appropriate privileges on that registry, or an account that has write permission on the corresponding project in a Harbor registry.
+ Use an account that has the appropriate privileges on that registry, or an account that has write permission on the corresponding project in a Harbor registry.
**NOTES**:
- AWS ECR adapters should use access keys, not a username and password. The access key should have sufficient permissions, such as storage permission.
@@ -44,13 +42,8 @@ To replicate image repositories from one instance of Harbor to another Harbor or
1. Click **Test Connection**.
1. When you have successfully tested the connection, click **OK**.
-
## Managing Registries
+
You can list, add, edit and delete registries under `Administration->Registries`. Only registries which are not referenced by any rules can be deleted.
-
-
-
-----------
-
-[Back to table of contents](../../index.md)
\ No newline at end of file
+
diff --git a/docs/1.10/administration/configuring_replication/create_replication_rules.md b/docs/1.10/administration/configuring-replication/create-replication-rules.md
similarity index 88%
rename from docs/1.10/administration/configuring_replication/create_replication_rules.md
rename to docs/1.10/administration/configuring-replication/create-replication-rules.md
index d1505b77b..f8360cecc 100644
--- a/docs/1.10/administration/configuring_replication/create_replication_rules.md
+++ b/docs/1.10/administration/configuring-replication/create-replication-rules.md
@@ -1,10 +1,8 @@
-[Back to table of contents](../../index.md)
+---
+title: Creating a Replication Rule
+---
-----------
-
-# Creating a Replication Rule
-
-A replication endpoint must exist before you create a replication rule. To create an endpoint, follow the instructions in [Creating Replication Endpoints](create_replication_endpoints.md).
+A replication endpoint must exist before you create a replication rule. To create an endpoint, follow the instructions in [Creating Replication Endpoints](create-replication-endpoints.md).
1. Log in to the Harbor interface with an account that has Harbor system administrator privileges.
1. Expand **Administration**, and select **Replications**.
@@ -54,14 +52,11 @@ A replication endpoint must exist before you create a replication rule. To creat
* **Scheduled**: Replicate the resources periodically by defining a cron job. **Note**: Deletion operations are not replicated.
* **Event Based**: When a new resource is pushed to the project, or an image is retagged, it is replicated to the remote registry immediately. If you select the `Delete remote resources when locally deleted`, if you delete an image, it is automatically deleted from the replication target.
- **NOTE**: You can filter images for replication based on the labels that are applied to the images. However, changing a label on an image does not trigger replication. Event-based replication is limited to pushing, retagging, and deleting images.
+ {{< note >}}
+ You can filter images for replication based on the labels that are applied to the images. However, changing a label on an image does not trigger replication. Event-based replication is limited to pushing, retagging, and deleting images.
+ {{< /note >}}
1. Optionally select the Override checkbox to force replicated resources to replace resources at the destination with the same name.
1. Click **Save** to create the replication rule.
-
-
-----------
-
-[Back to table of contents](../../index.md)
\ No newline at end of file
diff --git a/docs/1.10/administration/configuring_replication/manage_replications.md b/docs/1.10/administration/configuring-replication/manage-replications.md
similarity index 84%
rename from docs/1.10/administration/configuring_replication/manage_replications.md
rename to docs/1.10/administration/configuring-replication/manage-replications.md
index f8dd561ab..de0f9c22b 100644
--- a/docs/1.10/administration/configuring_replication/manage_replications.md
+++ b/docs/1.10/administration/configuring-replication/manage-replications.md
@@ -1,8 +1,6 @@
-[Back to table of contents](../../index.md)
-
-----------
-
-# Running Replication Manually
+---
+title: Running Replication Manually
+---
1. Log in to the Harbor interface with an account that has Harbor system administrator privileges.
1. Expand **Administration**, and select **Replications**.
@@ -16,13 +14,8 @@
1. Optionally click **STOP** to stop the replication.
1. Click the log icon to see detailed information about the replication task.
-
+
To edit or delete a replication rule, select the replication rule in the **Replications** view and click **Edit** or **Delete**. Only rules which have no executions in progress can be edited deleted.
-
-
-----------
-
-[Back to table of contents](../../index.md)
\ No newline at end of file
diff --git a/docs/1.10/administration/garbage_collection.md b/docs/1.10/administration/garbage-collection.md
similarity index 86%
rename from docs/1.10/administration/garbage_collection.md
rename to docs/1.10/administration/garbage-collection.md
index 993515a1d..5e47576eb 100644
--- a/docs/1.10/administration/garbage_collection.md
+++ b/docs/1.10/administration/garbage-collection.md
@@ -1,8 +1,6 @@
-[Back to table of contents](../index.md)
-
-----------
-
-# Garbage Collection
+---
+title: Garbage Collection
+---
When you delete images from Harbor, space is not automatically freed up. You must run garbage collection to free up space by removing blobs that are no longer referenced by a manifest from the file system.
@@ -23,7 +21,7 @@ To avoid triggering the garbage collection process too frequently, the availabil
1. Expand **Administration**, and select **Garbage Collection**.
1. Select the **'Garbage Collection'** tab.
1. Use the drop down-menu to select how often to run garbage collection.
- 
+ 
* **None**: No garbage collection is scheduled.
* **Hourly**: Run garbage collection at the beginning of every hour.
* **Daily**: Run garbage collection at midnight every day.
@@ -31,9 +29,5 @@ To avoid triggering the garbage collection process too frequently, the availabil
* **Custom**: Run garbage collection according to a `cron` job.
1. Click **Save**.
1. Select the **History** tab to view records of the 10 most recent garbage collection runs.
- 
+ 
1. Click on the **Logs** link to view the related logs.
-
-----------
-
-[Back to table of contents](../index.md)
\ No newline at end of file
diff --git a/docs/1.10/administration/general_settings.md b/docs/1.10/administration/general-settings.md
similarity index 67%
rename from docs/1.10/administration/general_settings.md
rename to docs/1.10/administration/general-settings.md
index b539b6532..14abd43d3 100644
--- a/docs/1.10/administration/general_settings.md
+++ b/docs/1.10/administration/general-settings.md
@@ -1,40 +1,35 @@
-[Back to table of contents](../index.md)
-
-----------
-
-# Configure Global Settings
+---
+title: Configure Global Settings
+---
You can configure Harbor to connect to an email server, set the registry in read-only mode, and configure Harbor so that only system administrators can create projects.
## Configure an Email Server
-You can configure Harbor to connect to an email server. The email server is only used to send out responses to users who request to reset their password.
+You can configure Harbor to connect to an email server. The email server is only used to send out responses to users who request to reset their password.
-
+
## Make the Registry Read Only
You can set Harbor to read-only mode. In read-only mode, Harbor allows `docker pull` but prevents `docker push` and the deletion of repositories and tags.
-
+
If it set to true, deleting repositories, tags and pushing images are not permitted.
-
+
-```
-$ docker push 10.117.169.182/demo/ubuntu:14.04
+```sh
+$ docker push 10.117.169.182/demo/ubuntu:14.04
The push refers to a repository [10.117.169.182/demo/ubuntu]
0271b8eebde3: Preparing
-denied: The system is in read only mode. Any modification is prohibited.
+denied: The system is in read only mode. Any modification is prohibited.
```
## Set Who Can Create Projects
-Use the **Project Creation** drop-down menu to set which users can create projects. Select **Everyone** to allow all users to create projects. Select **Admin Only** to allow only users with the Harbor system administrator role to create projects.
-
+Use the **Project Creation** drop-down menu to set which users can create projects. Select **Everyone** to allow all users to create projects. Select **Admin Only** to allow only users with the Harbor system administrator role to create projects.
-----------
-
-[Back to table of contents](../index.md)
\ No newline at end of file
+
diff --git a/docs/1.10/administration/managing-users/_index.md b/docs/1.10/administration/managing-users/_index.md
new file mode 100644
index 000000000..d67860c3e
--- /dev/null
+++ b/docs/1.10/administration/managing-users/_index.md
@@ -0,0 +1,3 @@
+---
+title: Managing Users
+---
diff --git a/docs/1.10/administration/managing_users/create_users_db.md b/docs/1.10/administration/managing-users/create-users-db.md
similarity index 68%
rename from docs/1.10/administration/managing_users/create_users_db.md
rename to docs/1.10/administration/managing-users/create-users-db.md
index e6a7ad954..eae74ea56 100644
--- a/docs/1.10/administration/managing_users/create_users_db.md
+++ b/docs/1.10/administration/managing-users/create-users-db.md
@@ -1,26 +1,20 @@
-[Back to table of contents](../../index.md)
-
-----------
-
-# Create User Accounts in Database Mode
+---
+title: Create User Accounts in Database Mode
+---
In database authentication mode, the Harbor system administrator creates user accounts manually.
1. Log in to the Harbor interface with an account that has Harbor system administrator privileges.
1. Under **Administration**, go to **Users**.
- 
+ 
1. Click **New User**.
1. Enter information about the new user.
- 
+ 
- The username must be unique in the Harbor system
- The email address is used for password recovery
- The password must contain at least 8 characters with 1 lowercase letter, 1 uppercase letter and 1 numeric character
-If users forget their password, there is a **Forgot Password** in the Harbor log in page. To use this feature, you must [configure an email server](../general_settings.md).
-
-----------
-
-[Back to table of contents](../../index.md)
\ No newline at end of file
+If users forget their password, there is a **Forgot Password** in the Harbor log in page. To use this feature, you must [configure an email server](../general-settings.md).
diff --git a/docs/1.10/administration/managing_users/rbac.md b/docs/1.10/administration/managing-users/rbac.md
similarity index 78%
rename from docs/1.10/administration/managing_users/rbac.md
rename to docs/1.10/administration/managing-users/rbac.md
index 538110007..f126d3a8a 100644
--- a/docs/1.10/administration/managing_users/rbac.md
+++ b/docs/1.10/administration/managing-users/rbac.md
@@ -1,38 +1,32 @@
-[Back to table of contents](../../index.md)
+---
+title: Harbor Role Based Access Control (RBAC)
+---
-----------
-
-# Harbor Role Based Access Control (RBAC)
-
-Harbor manages images through projects. You provide access to these images to users by including the users in projects and assigning one of the following roles to them.
+Harbor manages images through projects. You provide access to these images to users by including the users in projects and assigning one of the following roles to them.
* **Limited Guest**: A Limited Guest does not have full read privileges for a project. They can pull images but cannot push, and they cannot see logs or the other members of a project. For example, you can create limited guests for users from different organizations who share access to a project.
* **Guest**: Guest has read-only privilege for a specified project. They can pull and retag images, but cannot push.
* **Developer**: Developer has read and write privileges for a project.
-* **Master**: Master has elevated permissions beyond those of 'Developer' including the ability to scan images, view replications jobs, and delete images and helm charts.
+* **Master**: Master has elevated permissions beyond those of 'Developer' including the ability to scan images, view replications jobs, and delete images and helm charts.
* **ProjectAdmin**: When creating a new project, you will be assigned the "ProjectAdmin" role to the project. Besides read-write privileges, the "ProjectAdmin" also has some management privileges, such as adding and removing members, starting a vulnerability scan.
-Besides the above roles, there are two system-level roles:
+Besides the above roles, there are two system-level roles:
-* **Harbor system administrator**: "Harbor system administrator" has the most privileges. In addition to the privileges mentioned above, "Harbor system administrator" can also list all projects, set an ordinary user as administrator, delete users and set vulnerability scan policy for all images. The public project "library" is also owned by the administrator.
-* **Anonymous**: When a user is not logged in, the user is considered as an "Anonymous" user. An anonymous user has no access to private projects and has read-only access to public projects.
+* **Harbor system administrator**: "Harbor system administrator" has the most privileges. In addition to the privileges mentioned above, "Harbor system administrator" can also list all projects, set an ordinary user as administrator, delete users and set vulnerability scan policy for all images. The public project "library" is also owned by the administrator.
+* **Anonymous**: When a user is not logged in, the user is considered as an "Anonymous" user. An anonymous user has no access to private projects and has read-only access to public projects.
-For full details of the permissions of the different roles, see [User Permissions By Role](user_permissions_by_role.md).
+For full details of the permissions of the different roles, see [User Permissions By Role](../user-permissions-by-role.md).
-If you run Harbor in database authentication mode, you create user accounts directly in the Harbor interface. For information about how to create local user accounts, see [Create User Accounts in Database Mode](create_users_db.md).
+If you run Harbor in database authentication mode, you create user accounts directly in the Harbor interface. For information about how to create local user accounts, see [Create User Accounts in Database Mode](../create-users-db.md).
If you run Harbor in LDAP/AD or OIDC authentication mode, you create and manage user accounts in your LDAP/AD or OIDC provider. Harbor obtains the users from the LDAP/AD or OIDC server and displays them in the **Users** tab of the Harbor interface.
## Assigning the Harbor System Administrator Role
-Harbor system administrators can assign the Harbor system administrator role to other users by selecting usernames and clicking **Set as Administrator** in the **Users** tab.
+Harbor system administrators can assign the Harbor system administrator role to other users by selecting usernames and clicking **Set as Administrator** in the **Users** tab.
-
+
To delete users, select a user and click `DELETE`. Deleting user is only supported under database authentication mode.
-
-----------
-
-[Back to table of contents](../../index.md)
\ No newline at end of file
diff --git a/docs/1.10/administration/managing_users/user_permissions_by_role.md b/docs/1.10/administration/managing-users/user-permissions-by-role.md
similarity index 90%
rename from docs/1.10/administration/managing_users/user_permissions_by_role.md
rename to docs/1.10/administration/managing-users/user-permissions-by-role.md
index c69a9150f..01376600f 100644
--- a/docs/1.10/administration/managing_users/user_permissions_by_role.md
+++ b/docs/1.10/administration/managing-users/user-permissions-by-role.md
@@ -1,8 +1,6 @@
-[Back to table of contents](../../index.md)
-
-----------
-
-# User Permissions By Role
+---
+title: User Permissions By Role
+---
Users have different abilities depending on the role they in a project.
@@ -33,8 +31,8 @@ The following table depicts the various user permission levels in a project.
| Pull image | ✓ | ✓ | ✓ | ✓ | ✓ |
| Push image | | | ✓ | ✓ | ✓ |
| Scan/delete image | | | | ✓ | ✓ |
-| Add scanners to Harbor | | | | | |
-| Edit scanners in projects | | | | | ✓ |
+| Add scanners to Harbor | | | | | |
+| Edit scanners in projects | | | | | ✓ |
| See a list of image vulnerabilities | ✓ | ✓ | ✓ | ✓ | ✓ |
| See image build history | ✓ | ✓ | ✓ | ✓ | ✓ |
| Add/Remove labels of image | | | ✓ | ✓ | ✓ |
@@ -54,13 +52,9 @@ The following table depicts the various user permission levels in a project.
| Enable/disable webhooks | | | ✓ | ✓ | ✓ |
| Create/delete tag retention rules | | | ✓ | ✓ | ✓ |
| Enable/disable tag retention rules | | | ✓ | ✓ | ✓ |
-| Create/delete tag immutability rules | | | | | ✓ |
-| Enable/disable tag immutability rules | | | | | ✓ |
+| Create/delete tag immutability rules | | | | | ✓ |
+| Enable/disable tag immutability rules | | | | | ✓ |
| See project quotas | ✓ | ✓ | ✓ | ✓ | ✓ |
-| Edit project quotas * | | | | | |
+| Edit project quotas * | | | | | |
* Only the Harbor system administrator can edit project quotas and add new scanners.
-
-----------
-
-[Back to table of contents](../../index.md)
\ No newline at end of file
diff --git a/docs/1.10/administration/upgrade/_index.md b/docs/1.10/administration/upgrade/_index.md
new file mode 100644
index 000000000..e1e0249ee
--- /dev/null
+++ b/docs/1.10/administration/upgrade/_index.md
@@ -0,0 +1,3 @@
+---
+title: Upgrade
+---
diff --git a/docs/1.10/administration/upgrade/helm_upgrade.md b/docs/1.10/administration/upgrade/helm-upgrade.md
similarity index 75%
rename from docs/1.10/administration/upgrade/helm_upgrade.md
rename to docs/1.10/administration/upgrade/helm-upgrade.md
index e8aa04980..8f2d490e5 100644
--- a/docs/1.10/administration/upgrade/helm_upgrade.md
+++ b/docs/1.10/administration/upgrade/helm-upgrade.md
@@ -1,8 +1,6 @@
-[Back to table of contents](../../index.md)
-
-----------
-
-# Upgrading Harbor Deployed with Helm
+---
+title: Upgrading Harbor Deployed with Helm
+---
This guide is used to upgrade Harbor deployed by chart since version 0.3.0.
@@ -27,7 +25,7 @@ Configure the new chart to make sure that the configuration items have the same
> Note: if TLS is enabled and the certificate is generated by chart automatically, a new certificate will be generated and overwrite the old one during the upgrade, this may cause some issues if you have distributed the certificate. You can follow the below steps to configure the new chart to use the old certificate:
-1) Get the secret name which certificate is stored in:
+1. Get the secret name which certificate is stored in:
```bash
kubectl get secret
@@ -35,24 +33,22 @@ Configure the new chart to make sure that the configuration items have the same
Find the secret whose name ends with `-harbor-ingress` (expose service via `Ingress`) or `-harbor-nginx`(expose service via `ClusterIP` or `NodePort`)
-2) Export the secret as yaml file:
+2. Export the secret as yaml file:
```bash
kubectl get secret -o yaml > secret.yaml
```
+3. Rename the secret by setting `metadata.name` in `secret.yaml`
-
-3) Rename the secret by setting `metadata.name` in `secret.yaml`
-
-4) Create a new secret:
+4. Create a new secret:
```bash
kubectl create -f secret.yaml
```
-5) Configure the chart to use the new secret by setting `expose.tls.secretName` as the value you set in step **3**
+5. Configure the chart to use the new secret by setting `expose.tls.secretName` as the value you set in step **3**
### 4. Upgrade
@@ -62,13 +58,10 @@ Run upgrade command:
helm upgrade release-name --force .
```
-> The `--force` is necessary if upgrade from version 0.3.0 due to issue [#30](https://github.com/goharbor/harbor-helm/issues/30).
+{{< note >}}
+The `--force` is necessary if upgrade from version 0.3.0 due to issue [#30](https://github.com/goharbor/harbor-helm/issues/30).
+{{< /note >}}
## Known issues
- The job logs will be lost if you upgrade from version 0.3.0 as the logs are store in a `emptyDir` in 0.3.0.
-
-
-----------
-
-[Back to table of contents](../../index.md)
\ No newline at end of file
diff --git a/docs/1.10/administration/upgrade/roll_back_upgrade.md b/docs/1.10/administration/upgrade/roll-back-upgrade.md
similarity index 60%
rename from docs/1.10/administration/upgrade/roll_back_upgrade.md
rename to docs/1.10/administration/upgrade/roll-back-upgrade.md
index f1e3c856c..1ba58726d 100644
--- a/docs/1.10/administration/upgrade/roll_back_upgrade.md
+++ b/docs/1.10/administration/upgrade/roll-back-upgrade.md
@@ -1,12 +1,12 @@
-[Back to table of contents](../../index.md)
-
-----------
-
-# Roll Back from an Upgrade
+---
+title: Roll Back from an Upgrade
+---
If, for any reason, you need to roll back to the previous version of Harbor, perform the following steps.
-**NOTE**: To roll back from an upgrade, you must have backed up the previous version of Harbor. For information about backing up Harbor before an upgrade, see [Upgrade Harbor and Migrate Data](upgrade_migrate_data.md).
+{{< note >}}
+To roll back from an upgrade, you must have backed up the previous version of Harbor. For information about backing up Harbor before an upgrade, see [Upgrade Harbor and Migrate Data](../upgrade-migrate-data.md).
+{{< /note >}}
1. Stop and remove the current Harbor service if it is still running.
@@ -38,8 +38,6 @@ If, for any reason, you need to roll back to the previous version of Harbor, per
./install.sh
```
-**NOTE**: While you can roll back an upgrade to the state before you started the upgrade, Harbor does not support downgrades.
-
-----------
-
-[Back to table of contents](../../index.md)
\ No newline at end of file
+{{< note >}}
+While you can roll back an upgrade to the state before you started the upgrade, Harbor does not support downgrades.
+{{< /note >}}
diff --git a/docs/1.10/administration/upgrade/upgrade_migrate_data.md b/docs/1.10/administration/upgrade/upgrade-migrate-data.md
similarity index 91%
rename from docs/1.10/administration/upgrade/upgrade_migrate_data.md
rename to docs/1.10/administration/upgrade/upgrade-migrate-data.md
index 02fd460e7..500570cc9 100644
--- a/docs/1.10/administration/upgrade/upgrade_migrate_data.md
+++ b/docs/1.10/administration/upgrade/upgrade-migrate-data.md
@@ -1,15 +1,13 @@
-[Back to table of contents](../../index.md)
-
-----------
-
-# Upgrade Harbor and Migrate Data
+---
+title: Upgrade Harbor and Migrate Data
+---
This guide covers upgrade and migration to version 1.10.0. This guide only covers migration from v1.8.x and later to the current version. If you are upgrading from an earlier version, refer to the migration guide in the `release-1.8.0` branch to upgrade to v1.8.x first, then follow this guide to perform the migration to this version.
When upgrading an existing Harbor instance to a newer version, you might need to migrate the data in your database and the settings in `harbor.cfg`.
Since the migration might alter the database schema and the settings of `harbor.cfg`, you should **always** back up your data before any migration.
-**NOTES:**
+## Notes
- Again, you must back up your data before any data migration.
- In version 1.9.0, some containers are started by `non-root`. This does not pose problems if you are upgrading an officially released version of Harbor, but if you have deployed a customized instance of Harbor, you might encounter permission issues.
@@ -64,10 +62,6 @@ Since the migration might alter the database schema and the settings of `harbor.
1. In the `./harbor` directory, run the `./install.sh` script to install the new Harbor instance.
- To install Harbor with components such as Notary, Clair, and chartmuseum, see [Run the Installer Script](../../install_config/run_installer_script.md) for more information.
+ To install Harbor with components such as Notary, Clair, and chartmuseum, see [Run the Installer Script](../../install-config/run-installer-script.md) for more information.
-If you need to roll back to the previous version of Harbor, see [Roll Back from an Upgrade](roll_back_upgrade.md).
-
-----------
-
-[Back to table of contents](../../index.md)
\ No newline at end of file
+If you need to roll back to the previous version of Harbor, see [Roll Back from an Upgrade](roll-back-upgrade.md).
diff --git a/docs/1.10/administration/upgrade/upgradetest.md b/docs/1.10/administration/upgrade/upgrade-test.md
similarity index 98%
rename from docs/1.10/administration/upgrade/upgradetest.md
rename to docs/1.10/administration/upgrade/upgrade-test.md
index 0f2608dc3..e43c301ab 100644
--- a/docs/1.10/administration/upgrade/upgradetest.md
+++ b/docs/1.10/administration/upgrade/upgrade-test.md
@@ -1,4 +1,6 @@
-# Test Harbor Upgrade
+---
+title: Test Harbor Upgrade
+---
## Prepare data
1. Add user usera userb userc userd usere, set usera userb as system admin.
diff --git a/docs/1.10/administration/vulnerability_scanning/vulnerability_scanning.md b/docs/1.10/administration/vulnerability-scanning/_index.md
similarity index 59%
rename from docs/1.10/administration/vulnerability_scanning/vulnerability_scanning.md
rename to docs/1.10/administration/vulnerability-scanning/_index.md
index 7fd63626e..1315a4c75 100644
--- a/docs/1.10/administration/vulnerability_scanning/vulnerability_scanning.md
+++ b/docs/1.10/administration/vulnerability-scanning/_index.md
@@ -1,28 +1,24 @@
-[Back to table of contents](../../index.md)
-
-----------
-
-# Vulnerability Scanning
+---
+title: Vulnerability Scanning
+---
Harbor provides static analysis of vulnerabilities in images through the open source [Clair](https://github.com/coreos/clair) project.
-**IMPORTANT**: Clair is an optional component. To be able to use Clair you must have enabled Clair when you installed your Harbor instance.
+{{< important >}}
+Clair is an optional component. To be able to use Clair you must have enabled Clair when you installed your Harbor instance.
+{{< /important >}}
-You can also connect Harbor to your own instance of Clair or to additional vulnerability scanners by using an interrogation service. You configure additional scanners in the Harbor interface, after you have installed Harbor. For the list of additional scanners that are currently supported, see the [Harbor Compatibility List](../../install_config/harbor_compatibility_list.md#scanner-adapters).
+You can also connect Harbor to your own instance of Clair or to additional vulnerability scanners by using an interrogation service. You configure additional scanners in the Harbor interface, after you have installed Harbor. For the list of additional scanners that are currently supported, see the [Harbor Compatibility List](../../install-config/harbor-compatibility-list.md#scanner-adapters).
It might be necessary to connect Harbor to other scanners for corporate compliance reasons, or because your organization already uses a particular scanner. Different scanners also use different vulnerability databases, capture different CVE sets, and apply different severity thresholds. By connecting Harbor to more than one vulnerability scanner, you broaden the scope of your protection against vulnerabilities.
-For information about installing Harbor with Clair, see the [Run the Installer Script](../../install_config/run_installer_script.md).
+For information about installing Harbor with Clair, see the [Run the Installer Script](../../install-config/run-installer_script.md).
You can manually initiate scanning on a particular image, or on all images in Harbor. Additionally, you can also set a policy to automatically scan all of the images at specific intervals.
-- [Connect Harbor to Additional Vulnerability Scanners](pluggable_scanners.md)
-- [Scan Individual Images](scan_individual_image.md)
-- [Scan All Images](scan_all_images.md)
-- [Schedule Scans](schedule_scans.md)
-- [Import Vulnerability Data to an Offline Harbor instance](import_vulnerability_data.md)
-- [Configure System-Wide CVE Whitelists](configure_system_whitelist.md)
-
-----------
-
-[Back to table of contents](../../index.md)
\ No newline at end of file
+- [Connect Harbor to Additional Vulnerability Scanners](../pluggable-scanners.md)
+- [Scan Individual Images](../scan-individual-image.md)
+- [Scan All Images](../scan-all-images.md)
+- [Schedule Scans](../schedule-scans.md)
+- [Import Vulnerability Data to an Offline Harbor instance](../import-vulnerability-data.md)
+- [Configure System-Wide CVE Whitelists](../configure-system-whitelist.md)
diff --git a/docs/1.10/administration/vulnerability_scanning/configure_system_whitelist.md b/docs/1.10/administration/vulnerability-scanning/configure-system-whitelist.md
similarity index 88%
rename from docs/1.10/administration/vulnerability_scanning/configure_system_whitelist.md
rename to docs/1.10/administration/vulnerability-scanning/configure-system-whitelist.md
index d23c8b7fc..34e7a53cd 100644
--- a/docs/1.10/administration/vulnerability_scanning/configure_system_whitelist.md
+++ b/docs/1.10/administration/vulnerability-scanning/configure-system-whitelist.md
@@ -1,12 +1,10 @@
-[Back to table of contents](../../index.md)
-
-----------
-
-# Configure System-Wide CVE Whitelists
+---
+title: Configure System-Wide CVE Whitelists
+---
When you run vulnerability scans, images that are subject to Common Vulnerabilities and Exposures (CVE) are identified. According to the severity of the CVE and your security settings, these images might not be permitted to run. As a Harbor system administrator, you can create whitelists of CVEs to ignore during vulnerability scanning.
-You can set a system-wide CVE whitelist or you can set CVE whitelists on a per-project basis. For information about per-project CVE whitelists, see [Configure a Per-Project CVE Whitelist](../../working_with_projects/configure_project_whitelist.md).
+You can set a system-wide CVE whitelist or you can set CVE whitelists on a per-project basis. For information about per-project CVE whitelists, see [Configure a Per-Project CVE Whitelist](../../working-with-projects/configure-project-whitelist.md).
System-wide CVE whitelists apply to all of the projects in a Harbor instance.
@@ -25,7 +23,3 @@ System-wide CVE whitelists apply to all of the projects in a Harbor instance.
After you have created a system whitelist, you can remove CVE IDs from the list by clicking the delete button next to it in the list. You can click **Add** to add more CVE IDs to the system whitelist.
-
-----------
-
-[Back to table of contents](../../index.md)
diff --git a/docs/1.10/administration/vulnerability_scanning/import_vulnerability_data.md b/docs/1.10/administration/vulnerability-scanning/import-vulnerability-data.md
similarity index 81%
rename from docs/1.10/administration/vulnerability_scanning/import_vulnerability_data.md
rename to docs/1.10/administration/vulnerability-scanning/import-vulnerability-data.md
index 9876286cf..ff7bcf9db 100644
--- a/docs/1.10/administration/vulnerability_scanning/import_vulnerability_data.md
+++ b/docs/1.10/administration/vulnerability-scanning/import-vulnerability-data.md
@@ -1,8 +1,6 @@
-[Back to table of contents](../../index.md)
-
-----------
-
-# Import Vulnerability Data to an Offline Harbor instance
+---
+title: Import Vulnerability Data to an Offline Harbor instance
+---
If Harbor is installed in an environment without an internet connection, Clair cannot fetch data from the public vulnerability database. In this case, the Harbor administrator must update the Clair database manually.
@@ -14,6 +12,7 @@ If Harbor is installed in an environment without an internet connection, Clair c
1. Use `docker ps` to find out the container ID of the Clair service.
1. Run `docker logs ` to check the log of the Clair container. If you are using Harbor you can find the latest Clair logs under `/var/log/harbor/2017-xx-xx/clair.log`.
1. Look for logs that look like the following:
+
```
Jul 3 20:40:45 172.18.0.1 clair[3516]: {"Event":"finished fetching","Level":"info","Location":"updater.go:227","Time":"2017-07-04 03:40:45.890364","updater name":"rhel"}
Jul 3 20:40:46 172.18.0.1 clair[3516]: {"Event":"finished fetching","Level":"info","Location":"updater.go:227","Time":"2017-07-04 03:40:46.768924","updater name":"alpine"}
@@ -31,15 +30,14 @@ The phrase `finished fetching` indicates that Clair has finished a round of vuln
1. Log in to the host, that is connected to Internet, on which the Postgres Clair database is running.
1. Dump Clair's vulnerability database by running the following commands.
- **NOTE**: The container name `clair-db` is a placeholder for the database container used by the internet-connected instance of Clair.
+ {{< note >}}
+ The container name `clair-db` is a placeholder for the database container used by the internet-connected instance of Clair.
+ {{< /note >}}
- ```
- $ docker exec clair-db /bin/sh -c "pg_dump -U postgres -a -t feature -t keyvalue -t namespace -t schema_migrations -t vulnerability -t vulnerability_fixedin_feature" > vulnerability.sql
- ```
-
- ```
- $ docker exec clair-db /bin/sh -c "pg_dump -U postgres -c -s" > clear.sql
- ```
+ ```shell
+ $ docker exec clair-db /bin/sh -c "pg_dump -U postgres -a -t feature -t keyvalue -t namespace -t schema_migrations -t vulnerability -t vulnerability_fixedin_feature" > vulnerability.sql
+ $ docker exec clair-db /bin/sh -c "pg_dump -U postgres -c -s" > clear.sql
+ ```
The files `vulnerability.sql` and `clear.sql` are generated.
@@ -47,8 +45,8 @@ The files `vulnerability.sql` and `clear.sql` are generated.
Before importing the data, it is strongly recommended to back up the Clair database in Harbor.
-```
- $ docker exec harbor-db /bin/sh -c "pg_dump -U postgres -c" > all.sql
+```shell
+docker exec harbor-db /bin/sh -c "pg_dump -U postgres -c" > all.sql
```
## Update the Harbor Clair Database
@@ -56,18 +54,11 @@ Before importing the data, it is strongly recommended to back up the Clair datab
1. Copy the `vulnerability.sql` and `clear.sql` files to the host on which Harbor is running.
1. Run the following commands to import the data to the Harbor Clair database:
- ```
- $ docker exec -i harbor-db psql -U postgres < clear.sql
- ```
- ```
- $ docker exec -i harbor-db psql -U postgres < vulnerability.sql
- ```
+ ```shell
+ docker exec -i harbor-db psql -U postgres < clear.sql
+ docker exec -i harbor-db psql -U postgres < vulnerability.sql
+ ```
## Rescan the Images
-After importing the data, trigger the scanning process in the Harbor interface. For information about running a scan, see [Scan All Images](scan_all_images.md).
-
-----------
-
-[Back to table of contents](../../index.md)
-
+After importing the data, trigger the scanning process in the Harbor interface. For information about running a scan, see [Scan All Images](../scan-all-images.md).
diff --git a/docs/1.10/administration/vulnerability_scanning/pluggable_scanners.md b/docs/1.10/administration/vulnerability-scanning/pluggable-scanners.md
similarity index 91%
rename from docs/1.10/administration/vulnerability_scanning/pluggable_scanners.md
rename to docs/1.10/administration/vulnerability-scanning/pluggable-scanners.md
index a97b39a63..8c92b0f8d 100644
--- a/docs/1.10/administration/vulnerability_scanning/pluggable_scanners.md
+++ b/docs/1.10/administration/vulnerability-scanning/pluggable-scanners.md
@@ -1,8 +1,6 @@
-[Back to table of contents](../../index.md)
-
-----------
-
-# Connect Harbor to Additional Vulnerability Scanners
+---
+title: Connect Harbor to Additional Vulnerability Scanners
+---
To connect Harbor to additional vulnerability scanners, you must install and configure an instance of the additional scanner according to the scanner vendor's requirements. The scanner must expose an API endpoint to allow Harbor to trigger the scan process or get reports. You can deploy multiple different scanners, and multiple instances of the same type of scanner.
@@ -36,12 +34,8 @@ To connect Harbor to additional vulnerability scanners, you must install and con
Vulnerability scanners depend on the vulnerability metadata to complete the analysis process. After the first initial installation, the vulnerability scanner automatically starts to update the metadata database from different vulnerability repositories. The database update might take a while, based on the data size and network connection.
Depending on the scanner that you use, once the database is ready, the timestamp of the last update is shown in the **Interrogation Services** > **Vulnerability** tab. Currently, only Clair and Anchore provide timestamp information.
-
+
Until the database has been fully populated, the timestamp is replaced by a warning symbol. When the database is ready, you can scan images individually or scan all images across all projects.
-If your Harbor instance is not connected to the external internet, you must manually update the vulnerability metadata. For information about how to update Clair manually, see [Import Vulnerability Data to an Offline Harbor instance](import_vulnerability_data.md).
-
-----------
-
-[Back to table of contents](../../index.md)
\ No newline at end of file
+If your Harbor instance is not connected to the external internet, you must manually update the vulnerability metadata. For information about how to update Clair manually, see [Import Vulnerability Data to an Offline Harbor instance](../import-vulnerability-data.md).
diff --git a/docs/1.10/administration/vulnerability_scanning/scan_all_images.md b/docs/1.10/administration/vulnerability-scanning/scan-all-images.md
similarity index 75%
rename from docs/1.10/administration/vulnerability_scanning/scan_all_images.md
rename to docs/1.10/administration/vulnerability-scanning/scan-all-images.md
index 1e5e76681..fa5c4753f 100644
--- a/docs/1.10/administration/vulnerability_scanning/scan_all_images.md
+++ b/docs/1.10/administration/vulnerability-scanning/scan-all-images.md
@@ -1,8 +1,6 @@
-[Back to table of contents](../../index.md)
-
-----------
-
-# Scan All Images
+---
+title: Scan All Images
+---
In addition to scanning individual images in projects, you can run global scans on all of the images in a Harbor instance, across all projects.
@@ -10,10 +8,6 @@ In addition to scanning individual images in projects, you can run global scans
1. Expand **Administration**, and select **Interrogation Services**.
1. Select the **Vulnerability** tab and click **Scan Now** to scan all of the images in all projects.
- 
+ 
Scanning requires intensive resource consumption. If scanning is in progress, the **Scan Now** button is unavailable.
-
-----------
-
-[Back to table of contents](../../index.md)
diff --git a/docs/1.10/administration/vulnerability-scanning/scan-individual-image.md b/docs/1.10/administration/vulnerability-scanning/scan-individual-image.md
new file mode 100644
index 000000000..89680476f
--- /dev/null
+++ b/docs/1.10/administration/vulnerability-scanning/scan-individual-image.md
@@ -0,0 +1,58 @@
+---
+title: Scan Individual Images
+---
+
+1. Log in to the Harbor interface with an account that has at least project administrator privileges.
+1. Go to **Projects** and select a project.
+1. Select the **Scanner** tab.
+
+ The **Scanner** tab shows the details of the scanner that is currently set as the scanner to use for this project.
+
+ 
+
+1. Click **Edit** to select a different scanner from the list of scanners that are connected to this Harbor instance, and click **OK**.
+
+ 
+
+ {{< note >}}
+ If you have selected the **Prevent vulnerable images from running** option in the project **Configuration** tab, the prevention of pulling vulnerable images is determined by the scanner that is set in the project, or by the global default scanner if no scanner is configured specifically for the project. Different scanners might apply different levels of severity to image vulnerabilities.
+ {{< /note >}}
+
+1. Select the **Repositories** tab and select a repository.
+
+ For each tag in the repository, the **Vulnerabilities** column displays the vulnerability scanning status and related information.
+
+ 
+
+1. Select a tag, or use the check box at the top to select all tags in the repository, and click the **Scan** button to run the vulnerability scan on this image.
+
+ 
+
+ **NOTE**: You can start a scan at any time, unless the status is **Queued** or **Scanning**. If the database has not been fully populated, you should not run a scan. The following statuses are displayed in the **Vulnerabilities** column:
+
+ * **Not Scanned:** The tag has never been scanned.
+ * **Queued:** The scanning task is scheduled but has not run yet.
+ * **Scanning:** The scanning task is in progress and a progress bar is displayed.
+ * **View log:** The scanning task failed to complete. Click **View Log** link to view the related logs.
+ * **Complete:** The scanning task completed successfully.
+
+ If the process completes successfully, the result indicates the overall severity level, with the total number of vulnerabilities found for each severity level, and the number of fixable vulnerabilities.
+
+ 
+
+ * **Red:** At least one critical vulnerability found
+ * **Orange:** At least one high level vulnerability found
+ * **Yellow:** At least one medium level vulnerability found
+ * **Blue:** At least one low level vulnerability found
+ * **Green:** No vulnerabilities found
+ * **Grey:** Unknown vulnerabilities
+
+1. Hover over the number of fixable vulnerabilities to see a summary of the vulnerability report.
+
+ 
+
+1. Click on the tag name to see a detailed vulnerability report.
+
+ 
+
+ In addition to information about the tag, all of the vulnerabilities found in the last scan are listed. You can order or filter the list by the different columns. You can also click **Scan** in the report page to run a scan on this image tag.
diff --git a/docs/1.10/administration/vulnerability_scanning/schedule_scans.md b/docs/1.10/administration/vulnerability-scanning/schedule-scans.md
similarity index 79%
rename from docs/1.10/administration/vulnerability_scanning/schedule_scans.md
rename to docs/1.10/administration/vulnerability-scanning/schedule-scans.md
index efa5db672..e5836f2eb 100644
--- a/docs/1.10/administration/vulnerability_scanning/schedule_scans.md
+++ b/docs/1.10/administration/vulnerability-scanning/schedule-scans.md
@@ -1,8 +1,6 @@
-[Back to table of contents](../../index.md)
-
-----------
-
-# Schedule Scans
+---
+title: Schedule Scans
+---
You can set policies to control when vulnerability scanning should run.
@@ -11,7 +9,7 @@ You can set policies to control when vulnerability scanning should run.
1. Select the **Vulnerability** tab and click the **Edit** button next to **Schedule to scan all**.
1. Use the drop down-menu to select how often to run scans.
- 
+ 
* **None**: No scans are scheduled.
* **Hourly**: Run a scan at the beginning of every hour.
@@ -19,7 +17,3 @@ You can set policies to control when vulnerability scanning should run.
* **Weekly**: Run a scan at midnight every Saturday.
* **Custom**: Run a scan according to a `cron` job.
1. Click **Save**.
-
-----------
-
-[Back to table of contents](../../index.md)
\ No newline at end of file
diff --git a/docs/1.10/administration/vulnerability_scanning/scan_individual_image.md b/docs/1.10/administration/vulnerability_scanning/scan_individual_image.md
deleted file mode 100644
index 23a7d977a..000000000
--- a/docs/1.10/administration/vulnerability_scanning/scan_individual_image.md
+++ /dev/null
@@ -1,57 +0,0 @@
-[Back to table of contents](../../index.md)
-
-----------
-
-# Scan Individual Images
-
-1. Log in to the Harbor interface with an account that has at least project administrator privileges.
-1. Go to **Projects** and select a project.
-1. Select the **Scanner** tab.
-
- The **Scanner** tab shows the details of the scanner that is currently set as the scanner to use for this project.
-
- 
-1. Click **Edit** to select a different scanner from the list of scanners that are connected to this Harbor instance, and click **OK**.
-
- 
-
- **NOTE**: If you have selected the **Prevent vulnerable images from running** option in the project **Configuration** tab, the prevention of pulling vulnerable images is determined by the scanner that is set in the project, or by the global default scanner if no scanner is configured specifically for the project. Different scanners might apply different levels of severity to image vulnerabilities.
-1. Select the **Repositories** tab and select a repository.
-
- For each tag in the repository, the **Vulnerabilities** column displays the vulnerability scanning status and related information.
-
- 
-1. Select a tag, or use the check box at the top to select all tags in the repository, and click the **Scan** button to run the vulnerability scan on this image.
-
- 
-
- **NOTE**: You can start a scan at any time, unless the status is **Queued** or **Scanning**. If the database has not been fully populated, you should not run a scan. The following statuses are displayed in the **Vulnerabilities** column:
-
- * **Not Scanned:** The tag has never been scanned.
- * **Queued:** The scanning task is scheduled but has not run yet.
- * **Scanning:** The scanning task is in progress and a progress bar is displayed.
- * **View log:** The scanning task failed to complete. Click **View Log** link to view the related logs.
- * **Complete:** The scanning task completed successfully.
-
- If the process completes successfully, the result indicates the overall severity level, with the total number of vulnerabilities found for each severity level, and the number of fixable vulnerabilities.
-
- 
-
- * **Red:** At least one critical vulnerability found
- * **Orange:** At least one high level vulnerability found
- * **Yellow:** At least one medium level vulnerability found
- * **Blue:** At least one low level vulnerability found
- * **Green:** No vulnerabilities found
- * **Grey:** Unknown vulnerabilities
-1. Hover over the number of fixable vulnerabilities to see a summary of the vulnerability report.
-
- 
-1. Click on the tag name to see a detailed vulnerability report.
-
- 
-
- In addition to information about the tag, all of the vulnerabilities found in the last scan are listed. You can order or filter the list by the different columns. You can also click **Scan** in the report page to run a scan on this image tag.
-
-----------
-
-[Back to table of contents](../../index.md)
\ No newline at end of file
diff --git a/docs/1.10/build-customize-contribute/_index.md b/docs/1.10/build-customize-contribute/_index.md
new file mode 100644
index 000000000..602bece50
--- /dev/null
+++ b/docs/1.10/build-customize-contribute/_index.md
@@ -0,0 +1,3 @@
+---
+title: Building, Customizing, and Contributing to Harbor
+---
diff --git a/docs/1.10/build_customize_contribute/compile_guide.md b/docs/1.10/build-customize-contribute/compile-guide.md
similarity index 81%
rename from docs/1.10/build_customize_contribute/compile_guide.md
rename to docs/1.10/build-customize-contribute/compile-guide.md
index 7678082f8..7be3d6911 100644
--- a/docs/1.10/build_customize_contribute/compile_guide.md
+++ b/docs/1.10/build-customize-contribute/compile-guide.md
@@ -1,8 +1,6 @@
-[Back to table of contents](../index.md)
-
-----------
-
-# Build Harbor from Source Code
+---
+title: Build Harbor from Source Code
+---
This guide provides instructions for developers to build and run Harbor from source code.
@@ -31,11 +29,11 @@ Harbor is deployed as several Docker containers and most of the code is written
### Configuration
-Edit the file **make/harbor.yml** and make necessary configuration changes such as hostname, admin password and mail server. Refer to **[Installation and Configuration Guide](installation_guide.md#configuring-harbor)** for more info.
+Edit the file **make/harbor.yml** and make necessary configuration changes such as hostname, admin password and mail server. Refer to the [Installation and Configuration Guide](../installation-guide.md#configuring-harbor) for more info.
```sh
- $ cd harbor
- $ vi make/harbor.yml
+cd harbor
+vi make/harbor.yml
```
### Compiling and Running
@@ -46,62 +44,62 @@ You can compile the code by one of the three approaches:
- Get official Golang image from docker hub:
- ```sh
- $ docker pull golang:1.12.5
- ```
+ ```sh
+ docker pull golang:1.12.5
+ ```
- Build, install and bring up Harbor without Notary:
- ```sh
- $ make install GOBUILDIMAGE=golang:1.12.5 COMPILETAG=compile_golangimage
- ```
+ ```sh
+ make install GOBUILDIMAGE=golang:1.12.5 COMPILETAG=compile_golangimage
+ ```
- Build, install and bring up Harbor with Notary:
- ```sh
- $ make install GOBUILDIMAGE=golang:1.12.5 COMPILETAG=compile_golangimage NOTARYFLAG=true
- ```
+ ```sh
+ make install GOBUILDIMAGE=golang:1.12.5 COMPILETAG=compile_golangimage NOTARYFLAG=true
+ ```
- Build, install and bring up Harbor with Clair:
- ```sh
- $ make install GOBUILDIMAGE=golang:1.12.5 COMPILETAG=compile_golangimage CLAIRFLAG=true
- ```
+ ```sh
+ make install GOBUILDIMAGE=golang:1.12.5 COMPILETAG=compile_golangimage CLAIRFLAG=true
+ ```
#### II. Compile code with your own Golang environment, then build Harbor
- Move source code to \$GOPATH
- ```sh
- $ mkdir $GOPATH/src/github.com/goharbor/
- $ cd ..
- $ mv harbor $GOPATH/src/github.com/goharbor/.
- ```
+ ```sh
+ mkdir $GOPATH/src/github.com/goharbor/
+ cd ..
+ mv harbor $GOPATH/src/github.com/goharbor/.
+ ```
- Build, install and run Harbor without Notary and Clair:
- ```sh
- $ cd $GOPATH/src/github.com/goharbor/harbor
- $ make install
- ```
+ ```sh
+ cd $GOPATH/src/github.com/goharbor/harbor
+ $ make install
+ ```
- Build, install and run Harbor with Notary and Clair:
- ```sh
- $ cd $GOPATH/src/github.com/goharbor/harbor
- $ make install -e NOTARYFLAG=true CLAIRFLAG=true
- ```
+ ```sh
+ cd $GOPATH/src/github.com/goharbor/harbor
+ make install -e NOTARYFLAG=true CLAIRFLAG=true
+ ```
### Verify your installation
-If everything worked properly, you can get the below message:
+If everything worked properly, you will see this message:
```sh
- ...
- Start complete. You can visit harbor now.
+...
+Start complete. You can visit harbor now.
```
-Refer to [Installation and Configuration Guide](installation_guide.md#managing-harbors-lifecycle) for more information about managing your Harbor instance.
+Refer to [Installation and Configuration Guide](../installation-guide.md#managing-harbors-lifecycle) for more information about managing your Harbor instance.
## Appendix
@@ -154,22 +152,19 @@ The `Makefile` contains these configurable parameters:
#### Push Harbor images to specific registry server
```sh
- $ make pushimage -e DEVFLAG=false REGISTRYSERVER=[$SERVERADDRESS] REGISTRYUSER=[$USERNAME] REGISTRYPASSWORD=[$PASSWORD] REGISTRYPROJECTNAME=[$PROJECTNAME]
-
+make pushimage -e DEVFLAG=false REGISTRYSERVER=[$SERVERADDRESS] REGISTRYUSER=[$USERNAME] REGISTRYPASSWORD=[$PASSWORD] REGISTRYPROJECTNAME=[$PROJECTNAME]
```
**Note**: need add "/" on end of REGISTRYSERVER. If REGISTRYSERVER is not set, images will be pushed directly to Docker Hub.
```sh
- $ make pushimage -e DEVFLAG=false REGISTRYUSER=[$USERNAME] REGISTRYPASSWORD=[$PASSWORD] REGISTRYPROJECTNAME=[$PROJECTNAME]
-
+make pushimage -e DEVFLAG=false REGISTRYUSER=[$USERNAME] REGISTRYPASSWORD=[$PASSWORD] REGISTRYPROJECTNAME=[$PROJECTNAME]
```
#### Clean up binaries and images of a specific version
```sh
- $ make clean -e VERSIONTAG=[TAG]
-
+make clean -e VERSIONTAG=[TAG]
```
**Note**: If new code had been added to Github, the git commit TAG will change. Better use this command to clean up images and files of previous TAG.
@@ -177,11 +172,5 @@ The `Makefile` contains these configurable parameters:
#### By default, the make process create a development build. To create a release build of Harbor, set the below flag to false.
```sh
- $ make XXXX -e DEVFLAG=false
-
+make XXXX -e DEVFLAG=false
```
-
-
-----------
-
-[Back to table of contents](../index.md)
diff --git a/docs/1.10/build_customize_contribute/configure_swagger.md b/docs/1.10/build-customize-contribute/configure-swagger.md
similarity index 61%
rename from docs/1.10/build_customize_contribute/configure_swagger.md
rename to docs/1.10/build-customize-contribute/configure-swagger.md
index b5e63b77f..a84ea19db 100644
--- a/docs/1.10/build_customize_contribute/configure_swagger.md
+++ b/docs/1.10/build-customize-contribute/configure-swagger.md
@@ -1,15 +1,15 @@
-[Back to table of contents](../index.md)
+---
+title: View and Test the Harbor REST API via Swagger
+---
-----------
-
-# View and test Harbor REST API via Swagger
A Swagger file is provided for viewing and testing Harbor REST API.
## Viewing Harbor REST API
-* Open the file **swagger.yaml** under the _docs_ directory in Harbor project;
+
+* Open the file **swagger.yaml** under the _docs_ directory in Harbor project
* Paste all its content into the online Swagger Editor at http://editor.swagger.io. The descriptions of Harbor API will be shown on the right pane of the page.
-
+
## Testing Harbor REST API
From time to time, you may need to mannually test Harbor REST API. You can deploy the Swagger file into Harbor's service node. Suppose you install Harbor through online or offline installer, you should have a Harbor directory after you un-tar the installer, such as **~/harbor**.
@@ -17,64 +17,78 @@ From time to time, you may need to mannually test Harbor REST API. You can deplo
**Caution:** When using Swagger to send REST requests to Harbor, you may alter the data of Harbor accidentally. For this reason, it is NOT recommended using Swagger against a production Harbor instance.
* Download _prepare-swagger.sh_ and _swagger.yaml_ under the _docs_ directory to your local Harbor directory, e.g. **~/harbor**.
-```sh
- wget https://raw.githubusercontent.com/goharbor/harbor/master/docs/prepare-swagger.sh https://raw.githubusercontent.com/goharbor/harbor/master/docs/swagger.yaml
-```
+
+ ```sh
+ wget https://raw.githubusercontent.com/goharbor/harbor/master/docs/prepare-swagger.sh https://raw.githubusercontent.com/goharbor/harbor/master/docs/swagger.yaml
+ ```
+
* Edit the script file _prepare-swagger.sh_.
-```sh
- vi prepare-swagger.sh
-```
+
+ ```sh
+ vi prepare-swagger.sh
+ ```
+
* Change the SCHEME to the protocol scheme of your Harbor server.
-```sh
- SCHEME=
-```
+
+ ```sh
+ SCHEME=
+ ```
+
* Change the SERVER_IP to the IP address of your Harbor server.
-```sh
- SERVER_IP=
-```
+
+ ```sh
+ SERVER_IP=
+ ```
+
* Change the file mode.
-```sh
- chmod +x prepare-swagger.sh
-````
+
+ ```sh
+ chmod +x prepare-swagger.sh
+ ```
+
* Run the shell script. It downloads a Swagger package and extracts files into the _../static_ directory.
-```sh
- ./prepare-swagger.sh
-```
+
+ ```sh
+ ./prepare-swagger.sh
+ ```
+
* Edit the _docker-compose.yml_ file under your local Harbor directory.
-```sh
- vi docker-compose.yml
-```
+
+ ```sh
+ vi docker-compose.yml
+ ```
+
* Add two lines to the file _docker-compose.yml_ under the section _ui.volumes_.
-```docker
-...
-ui:
- ...
- volumes:
- - ./common/config/ui/app.conf:/etc/core/app.conf:z
- - ./common/config/ui/private_key.pem:/etc/core/private_key.pem:z
- - /data/secretkey:/etc/core/key:z
- - /data/ca_download/:/etc/core/ca/:z
- ## add two lines as below ##
- - ../src/ui/static/vendors/swagger-ui-2.1.4/dist:/harbor/static/vendors/swagger
- - ../src/ui/static/resources/yaml/swagger.yaml:/harbor/static/resources/yaml/swagger.yaml
+
+ ```docker
...
-```
+ ui:
+ ...
+ volumes:
+ - ./common/config/ui/app.conf:/etc/core/app.conf:z
+ - ./common/config/ui/private_key.pem:/etc/core/private_key.pem:z
+ - /data/secretkey:/etc/core/key:z
+ - /data/ca_download/:/etc/core/ca/:z
+ ## add two lines as below ##
+ - ../src/ui/static/vendors/swagger-ui-2.1.4/dist:/harbor/static/vendors/swagger
+ - ../src/ui/static/resources/yaml/swagger.yaml:/harbor/static/resources/yaml/swagger.yaml
+ ...
+ ```
+
* Recreate Harbor containers
-```docker
+
+ ```docker
docker-compose down -v && docker-compose up -d
-```
+ ```
* Because a session ID is usually required by Harbor API, **you should log in first from a browser.**
* Open another tab in the same browser so that the session is shared between tabs.
* Enter the URL of the Swagger page in Harbor as below. The `````` should be replaced by the IP address or the hostname of the Harbor server.
-```
- http:///static/vendors/swagger/index.html
-```
+
+ ```
+ http:///static/vendors/swagger/index.html
+ ```
+
* You should see a Swagger UI page with Harbor API _swagger.yaml_ file loaded in the same domain, **be aware that your REST request submitted by Swagger may change the data of Harbor**.
-
-
-
-----------
-
-[Back to table of contents](../index.md)
\ No newline at end of file
+ 
diff --git a/docs/1.10/build_customize_contribute/customize_look_feel.md b/docs/1.10/build-customize-contribute/customize-look-feel.md
similarity index 91%
rename from docs/1.10/build_customize_contribute/customize_look_feel.md
rename to docs/1.10/build-customize-contribute/customize-look-feel.md
index d895dea68..45f822bbb 100644
--- a/docs/1.10/build_customize_contribute/customize_look_feel.md
+++ b/docs/1.10/build-customize-contribute/customize-look-feel.md
@@ -1,15 +1,14 @@
-[Back to table of contents](../index.md)
-
-----------
-
-# Customize the Harbor Look & Feel
+---
+title: Customize the Look and Feel of Harbor
+---
The primary look & feel of Harbor supports to be customized with several simple steps. All the relevant customization in configurations are saved in the `setting.json` file under `$HARBOR_DIR/src/portal/src` folder with `json` format and will be loaded when Harbor is launched.
## Configure
+
Open the `setting.json` file, you'll see the default content as shown below:
-```
+```json
{
"headerBgColor": "#004a70",
"headerLogo": "",
@@ -40,9 +39,3 @@ Change the values of configuration if you want to override the default style to
## Build
Once the `setting.json` configurations has been updated, re-[build](#configure) your product to apply the new changes.
-
-
-
-----------
-
-[Back to table of contents](../index.md)
\ No newline at end of file
diff --git a/docs/1.10/build_customize_contribute/developer_guide_i18n.md b/docs/1.10/build-customize-contribute/developer-guide-i18n.md
similarity index 82%
rename from docs/1.10/build_customize_contribute/developer_guide_i18n.md
rename to docs/1.10/build-customize-contribute/developer-guide-i18n.md
index 5f188f105..03db859e3 100644
--- a/docs/1.10/build_customize_contribute/developer_guide_i18n.md
+++ b/docs/1.10/build-customize-contribute/developer-guide-i18n.md
@@ -1,17 +1,18 @@
-[Back to table of contents](../index.md)
+---
+title: Developing for Internationalization
+---
-----------
-
-# Developing for Internationalization
-
-*NOTE: All the files you created should use UTF-8 encoding.*
+{{< note >}}
+All the files you created should use UTF-8 encoding.
+{{< /note >}}
Steps to localize the UI in your language
1. In the folder `src/portal/src/i18n/lang`, copy json file `en-us-lang.json` to a new file and rename it to `--lang.json` .
The file contains a JSON object including all the key-value pairs of UI strings:
- ```
+
+ ```json
{
"APP_TITLE": {
"VMW_HARBOR": "Harbor",
@@ -20,17 +21,21 @@ Steps to localize the UI in your language
},
...
}
- ```
+ ```
+
In the file `--lang.json`, translate all the values into your language. Do not change any keys.
2. After creating your language file, you should add it to the language supporting list.
Locate the file `src/portal/src/app/shared/shared.const.ts`.
+
Append `-` to the language supporting list:
+
```
export const supportedLangs = ['en-us', 'zh-cn', '-'];
```
Define the language display name and append it to the name list:
+
```
export const languageNames = {
"en-us": "English",
@@ -39,19 +44,24 @@ Steps to localize the UI in your language
};
```
- **NOTE: Don't miss the comma before the new key-value item you've added.**
+ {{< note >}}
+ Don't miss the comma before the new key-value item you've added.
+ {{< /note >}}
3. Enable the new language in the view.
Locate the file `src/portal/src/app/base/navigator/navigator.component.html` and then find the following code piece:
- ```
+
+ ```html
```
- Add new menu item for your language:
- ```
+
+ Add a new menu item for your language:
+
+ ```html
English中文简体
@@ -59,9 +69,4 @@ Steps to localize the UI in your language
```
-4. Next, please refer [compile guideline](compile_guide.md) to rebuild and restart Harbor.
-
-
-----------
-
-[Back to table of contents](../index.md)
\ No newline at end of file
+4. Next, please refer [compile guideline](../compile-guide.md) to rebuild and restart Harbor.
diff --git a/docs/1.10/build_customize_contribute/prepare-swagger.sh b/docs/1.10/build-customize-contribute/prepare-swagger.sh
similarity index 100%
rename from docs/1.10/build_customize_contribute/prepare-swagger.sh
rename to docs/1.10/build-customize-contribute/prepare-swagger.sh
diff --git a/docs/1.10/build_customize_contribute/registry_landscape.md b/docs/1.10/build-customize-contribute/registry-landscape.md
similarity index 96%
rename from docs/1.10/build_customize_contribute/registry_landscape.md
rename to docs/1.10/build-customize-contribute/registry-landscape.md
index ac2389980..e3e258156 100644
--- a/docs/1.10/build_customize_contribute/registry_landscape.md
+++ b/docs/1.10/build-customize-contribute/registry-landscape.md
@@ -1,10 +1,8 @@
-[Back to table of contents](../index.md)
+---
+title: Registry Landscape
+---
-----------
-
-# Registry Landscape
-
-The cloud native ecosystem is moving rapidly–registries and their feature sets are no exception. We've made our best effort to survey the container registry landscape and compare to our core feature set.
+The cloud native ecosystem is moving rapidly—registries and their feature sets are no exception. We've made our best effort to survey the container registry landscape and compare to our core feature set.
If you find something outdated or outright erroneous, please submit a PR and we'll fix it right away.
@@ -35,8 +33,3 @@ Table updated on 10/21/2019 against Harbor 1.9.
| Vulnerability Scanning Plugin Framework | ✓ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ |
| Vulnerability Whitelisting | ✓ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ |
| Webhooks | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
-
-
-----------
-
-[Back to table of contents](../index.md)
\ No newline at end of file
diff --git a/docs/1.10/build_customize_contribute/swagger.yaml b/docs/1.10/build-customize-contribute/swagger.yaml
similarity index 100%
rename from docs/1.10/build_customize_contribute/swagger.yaml
rename to docs/1.10/build-customize-contribute/swagger.yaml
diff --git a/docs/1.10/build_customize_contribute/ui_contribution_get_started.md b/docs/1.10/build-customize-contribute/ui-contribution-get-started.md
similarity index 88%
rename from docs/1.10/build_customize_contribute/ui_contribution_get_started.md
rename to docs/1.10/build-customize-contribute/ui-contribution-get-started.md
index 398dd9fb3..993e06ef9 100644
--- a/docs/1.10/build_customize_contribute/ui_contribution_get_started.md
+++ b/docs/1.10/build-customize-contribute/ui-contribution-get-started.md
@@ -1,16 +1,14 @@
-[Back to table of contents](../index.md)
-
-----------
-
-# Developing the Harbor Frontend
+---
+title: Developing the Harbor Frontend
+---
If you already have a harbor backend environment, you can build a frontend development environment with the following configuration.
1. Create the file proxy.config.json in the directory harbor/src/portal,and config it according to the sample below.
- **NOTE:** You should replace “$IP_ADDRESS” with your own ip address.
+ **NOTE:** You should replace “$IP_ADDRESS” with your own ip address.
- ```
+ ```json
{
"/api/*": {
"target": "$IP_ADDRESS",
@@ -83,21 +81,16 @@ If you already have a harbor backend environment, you can build a frontend devel
```
2. Open the terminal and run the following command,install npm packages as 3rd-party dependencies.
- ```
+
+ ```sh
cd harbor/src/portal
npm install
```
3. Execute the following command,serve Harbor locally.
- ```
+ ```sh
npm run start
```
-4. Then you can visit the Harbor by address: https://localhost:4200.
-
-
-
-----------
-
-[Back to table of contents](../index.md)
\ No newline at end of file
+4. Then you can visit the Harbor by address: https://localhost:4200.
diff --git a/docs/1.10/build_customize_contribute/use_make.md b/docs/1.10/build-customize-contribute/use-make.md
similarity index 93%
rename from docs/1.10/build_customize_contribute/use_make.md
rename to docs/1.10/build-customize-contribute/use-make.md
index c76ffd25d..8a50cdd1e 100644
--- a/docs/1.10/build_customize_contribute/use_make.md
+++ b/docs/1.10/build-customize-contribute/use-make.md
@@ -1,7 +1,6 @@
-[Back to table of contents](../index.md)
-
-----------
-# Using Make
+---
+title: Using Make
+---
## Variables
@@ -42,19 +41,26 @@ version | set harbor version
## Examples
-### Build and run harbor from source code.
+### Build and run harbor from source code
+
+```sh
make install GOBUILDIMAGE=golang:1.13.4 COMPILETAG=compile_golangimage NOTARYFLAG=true
+```
### Package offline installer
+
+```sh
make package_offline GOBUILDIMAGE=golang:1.13.4 COMPILETAG=compile_golangimage NOTARYFLAG=true
+```
### Start harbor with notary
+
+```sh
make -e NOTARYFLAG=true start
+```
### Stop harbor with notary
+
+```sh
make -e NOTARYFLAG=true down
-
-
-----------
-
-[Back to table of contents](../index.md)
\ No newline at end of file
+```
diff --git a/docs/1.10/img/OIDC/google_identity.png b/docs/1.10/img/OIDC/google-identity.png
similarity index 100%
rename from docs/1.10/img/OIDC/google_identity.png
rename to docs/1.10/img/OIDC/google-identity.png
diff --git a/docs/1.10/img/add_group.png b/docs/1.10/img/add-group.png
similarity index 100%
rename from docs/1.10/img/add_group.png
rename to docs/1.10/img/add-group.png
diff --git a/docs/1.10/img/add_labesl_to_chart_versions.png b/docs/1.10/img/add-labels-to-chart-versions.png
similarity index 100%
rename from docs/1.10/img/add_labesl_to_chart_versions.png
rename to docs/1.10/img/add-labels-to-chart-versions.png
diff --git a/docs/1.10/img/add_labels_to_images.png b/docs/1.10/img/add-labels-to-images.png
similarity index 100%
rename from docs/1.10/img/add_labels_to_images.png
rename to docs/1.10/img/add-labels-to-images.png
diff --git a/docs/1.10/img/add_oidc_group.png b/docs/1.10/img/add-oidc-group.png
similarity index 100%
rename from docs/1.10/img/add_oidc_group.png
rename to docs/1.10/img/add-oidc-group.png
diff --git a/docs/1.10/img/add_robot_account_2.png b/docs/1.10/img/add-robot-account-2.png
similarity index 100%
rename from docs/1.10/img/add_robot_account_2.png
rename to docs/1.10/img/add-robot-account-2.png
diff --git a/docs/1.10/img/add_robot_account.png b/docs/1.10/img/add-robot-account.png
similarity index 100%
rename from docs/1.10/img/add_robot_account.png
rename to docs/1.10/img/add-robot-account.png
diff --git a/docs/1.10/img/api_explorer_btn.png b/docs/1.10/img/api-explorer-btn.png
similarity index 100%
rename from docs/1.10/img/api_explorer_btn.png
rename to docs/1.10/img/api-explorer-btn.png
diff --git a/docs/1.10/img/browse_project_repositories.png b/docs/1.10/img/browse-project-repositories.png
similarity index 100%
rename from docs/1.10/img/browse_project_repositories.png
rename to docs/1.10/img/browse-project-repositories.png
diff --git a/docs/1.10/img/build_history.png b/docs/1.10/img/build-history.png
similarity index 100%
rename from docs/1.10/img/build_history.png
rename to docs/1.10/img/build-history.png
diff --git a/docs/1.10/img/chart_dependencies.png b/docs/1.10/img/chart-dependencies.png
similarity index 100%
rename from docs/1.10/img/chart_dependencies.png
rename to docs/1.10/img/chart-dependencies.png
diff --git a/docs/1.10/img/chart_details.png b/docs/1.10/img/chart-details.png
similarity index 100%
rename from docs/1.10/img/chart_details.png
rename to docs/1.10/img/chart-details.png
diff --git a/docs/1.10/img/chart_values.png b/docs/1.10/img/chart-values.png
similarity index 100%
rename from docs/1.10/img/chart_values.png
rename to docs/1.10/img/chart-values.png
diff --git a/docs/1.10/img/clair_ready.png b/docs/1.10/img/clair-ready.png
similarity index 100%
rename from docs/1.10/img/clair_ready.png
rename to docs/1.10/img/clair-ready.png
diff --git a/docs/1.10/img/content_trust.png b/docs/1.10/img/content-trust.png
similarity index 100%
rename from docs/1.10/img/content_trust.png
rename to docs/1.10/img/content-trust.png
diff --git a/docs/1.10/img/copy_robot_account_token.png b/docs/1.10/img/copy-robot-account-token.png
similarity index 100%
rename from docs/1.10/img/copy_robot_account_token.png
rename to docs/1.10/img/copy-robot-account-token.png
diff --git a/docs/1.10/img/create_user.png b/docs/1.10/img/create-user.png
similarity index 100%
rename from docs/1.10/img/create_user.png
rename to docs/1.10/img/create-user.png
diff --git a/docs/1.10/img/db_auth.png b/docs/1.10/img/db-auth.png
similarity index 100%
rename from docs/1.10/img/db_auth.png
rename to docs/1.10/img/db-auth.png
diff --git a/docs/1.10/img/disable_delete_robot_account.png b/docs/1.10/img/disable-delete-robot-account.png
similarity index 100%
rename from docs/1.10/img/disable_delete_robot_account.png
rename to docs/1.10/img/disable-delete-robot-account.png
diff --git a/docs/1.10/img/download_harbor_certs.png b/docs/1.10/img/download-harbor-certs.png
similarity index 100%
rename from docs/1.10/img/download_harbor_certs.png
rename to docs/1.10/img/download-harbor-certs.png
diff --git a/docs/1.10/img/edit_description.png b/docs/1.10/img/edit-description.png
similarity index 100%
rename from docs/1.10/img/edit_description.png
rename to docs/1.10/img/edit-description.png
diff --git a/docs/1.10/img/filter_chart_versions_by_label.png b/docs/1.10/img/filter-chart-versions-by-label.png
similarity index 100%
rename from docs/1.10/img/filter_chart_versions_by_label.png
rename to docs/1.10/img/filter-chart-versions-by-label.png
diff --git a/docs/1.10/img/filter_images_by_label.png b/docs/1.10/img/filter-images-by-label.png
similarity index 100%
rename from docs/1.10/img/filter_images_by_label.png
rename to docs/1.10/img/filter-images-by-label.png
diff --git a/docs/1.10/img/gc_history.png b/docs/1.10/img/gc-history.png
similarity index 100%
rename from docs/1.10/img/gc_history.png
rename to docs/1.10/img/gc-history.png
diff --git a/docs/1.10/img/gc_policy.png b/docs/1.10/img/gc-policy.png
similarity index 100%
rename from docs/1.10/img/gc_policy.png
rename to docs/1.10/img/gc-policy.png
diff --git a/docs/1.10/img/generate_create_new_secret.png b/docs/1.10/img/generate-create-new-secret.png
similarity index 100%
rename from docs/1.10/img/generate_create_new_secret.png
rename to docs/1.10/img/generate-create-new-secret.png
diff --git a/docs/1.10/img/ldap_auth.png b/docs/1.10/img/ldap-auth.png
similarity index 100%
rename from docs/1.10/img/ldap_auth.png
rename to docs/1.10/img/ldap-auth.png
diff --git a/docs/1.10/img/ldap_cert_test.png b/docs/1.10/img/ldap-cert-test.png
similarity index 100%
rename from docs/1.10/img/ldap_cert_test.png
rename to docs/1.10/img/ldap-cert-test.png
diff --git a/docs/1.10/img/ldap_group_addgroup_dialog.png b/docs/1.10/img/ldap-group-addgroup-dialog.png
similarity index 100%
rename from docs/1.10/img/ldap_group_addgroup_dialog.png
rename to docs/1.10/img/ldap-group-addgroup-dialog.png
diff --git a/docs/1.10/img/ldap_groups.png b/docs/1.10/img/ldap-groups.png
similarity index 100%
rename from docs/1.10/img/ldap_groups.png
rename to docs/1.10/img/ldap-groups.png
diff --git a/docs/1.10/img/list_chart_versions.png b/docs/1.10/img/list-chart-versions.png
similarity index 100%
rename from docs/1.10/img/list_chart_versions.png
rename to docs/1.10/img/list-chart-versions.png
diff --git a/docs/1.10/img/list_charts.png b/docs/1.10/img/list-charts.png
similarity index 100%
rename from docs/1.10/img/list_charts.png
rename to docs/1.10/img/list-charts.png
diff --git a/docs/1.10/img/list_tasks.png b/docs/1.10/img/list-tasks.png
similarity index 100%
rename from docs/1.10/img/list_tasks.png
rename to docs/1.10/img/list-tasks.png
diff --git a/docs/1.10/img/log_filter.png b/docs/1.10/img/log-filter.png
similarity index 100%
rename from docs/1.10/img/log_filter.png
rename to docs/1.10/img/log-filter.png
diff --git a/docs/1.10/img/log_search_advanced_date.png b/docs/1.10/img/log-search-advanced-date.png
similarity index 100%
rename from docs/1.10/img/log_search_advanced_date.png
rename to docs/1.10/img/log-search-advanced-date.png
diff --git a/docs/1.10/img/log_search_advanced.png b/docs/1.10/img/log-search-advanced.png
similarity index 100%
rename from docs/1.10/img/log_search_advanced.png
rename to docs/1.10/img/log-search-advanced.png
diff --git a/docs/1.10/img/manage_global_level_labels.png b/docs/1.10/img/manage-global-level-labels.png
similarity index 100%
rename from docs/1.10/img/manage_global_level_labels.png
rename to docs/1.10/img/manage-global-level-labels.png
diff --git a/docs/1.10/img/manage_project_level_labels.png b/docs/1.10/img/manage-project-level-labels.png
similarity index 100%
rename from docs/1.10/img/manage_project_level_labels.png
rename to docs/1.10/img/manage-project-level-labels.png
diff --git a/docs/1.10/img/manage_registry.png b/docs/1.10/img/manage-registry.png
similarity index 100%
rename from docs/1.10/img/manage_registry.png
rename to docs/1.10/img/manage-registry.png
diff --git a/docs/1.10/img/new_add_member.png b/docs/1.10/img/new-add-member.png
similarity index 100%
rename from docs/1.10/img/new_add_member.png
rename to docs/1.10/img/new-add-member.png
diff --git a/docs/1.10/img/new_browse_project.png b/docs/1.10/img/new-browse-project.png
similarity index 100%
rename from docs/1.10/img/new_browse_project.png
rename to docs/1.10/img/new-browse-project.png
diff --git a/docs/1.10/img/new_config_email.png b/docs/1.10/img/new-config-email.png
similarity index 100%
rename from docs/1.10/img/new_config_email.png
rename to docs/1.10/img/new-config-email.png
diff --git a/docs/1.10/img/new_create_project.png b/docs/1.10/img/new-create-project.png
similarity index 100%
rename from docs/1.10/img/new_create_project.png
rename to docs/1.10/img/new-create-project.png
diff --git a/docs/1.10/img/new_delete_repo.png b/docs/1.10/img/new-delete-repo.png
similarity index 100%
rename from docs/1.10/img/new_delete_repo.png
rename to docs/1.10/img/new-delete-repo.png
diff --git a/docs/1.10/img/new_delete_tag.png b/docs/1.10/img/new-delete-tag.png
similarity index 100%
rename from docs/1.10/img/new_delete_tag.png
rename to docs/1.10/img/new-delete-tag.png
diff --git a/docs/1.10/img/new_proj_create.png b/docs/1.10/img/new-proj-create.png
similarity index 100%
rename from docs/1.10/img/new_proj_create.png
rename to docs/1.10/img/new-proj-create.png
diff --git a/docs/1.10/img/new_project_log.png b/docs/1.10/img/new-project-log.png
similarity index 100%
rename from docs/1.10/img/new_project_log.png
rename to docs/1.10/img/new-project-log.png
diff --git a/docs/1.10/img/new_remove_update_member.png b/docs/1.10/img/new-remove-update-member.png
similarity index 100%
rename from docs/1.10/img/new_remove_update_member.png
rename to docs/1.10/img/new-remove-update-member.png
diff --git a/docs/1.10/img/new_robot_account.png b/docs/1.10/img/new-robot-account.png
similarity index 100%
rename from docs/1.10/img/new_robot_account.png
rename to docs/1.10/img/new-robot-account.png
diff --git a/docs/1.10/img/new_search.png b/docs/1.10/img/new-search.png
similarity index 100%
rename from docs/1.10/img/new_search.png
rename to docs/1.10/img/new-search.png
diff --git a/docs/1.10/img/new_self_reg.png b/docs/1.10/img/new-self-reg.png
similarity index 100%
rename from docs/1.10/img/new_self_reg.png
rename to docs/1.10/img/new-self-reg.png
diff --git a/docs/1.10/img/new_set_admin_remove_user.png b/docs/1.10/img/new-set-admin-remove-user.png
similarity index 100%
rename from docs/1.10/img/new_set_admin_remove_user.png
rename to docs/1.10/img/new-set-admin-remove-user.png
diff --git a/docs/1.10/img/new_user.png b/docs/1.10/img/new-user.png
similarity index 100%
rename from docs/1.10/img/new_user.png
rename to docs/1.10/img/new-user.png
diff --git a/docs/1.10/img/oidc_auth_setting.png b/docs/1.10/img/oidc-auth-setting.png
similarity index 100%
rename from docs/1.10/img/oidc_auth_setting.png
rename to docs/1.10/img/oidc-auth-setting.png
diff --git a/docs/1.10/img/oidc_cert_verification.png b/docs/1.10/img/oidc-cert-verification.png
similarity index 100%
rename from docs/1.10/img/oidc_cert_verification.png
rename to docs/1.10/img/oidc-cert-verification.png
diff --git a/docs/1.10/img/oidc_login.png b/docs/1.10/img/oidc-login.png
similarity index 100%
rename from docs/1.10/img/oidc_login.png
rename to docs/1.10/img/oidc-login.png
diff --git a/docs/1.10/img/oidc_onboard_dlg.png b/docs/1.10/img/oidc-onboard-dlg.png
similarity index 100%
rename from docs/1.10/img/oidc_onboard_dlg.png
rename to docs/1.10/img/oidc-onboard-dlg.png
diff --git a/docs/1.10/img/prevent_vulnerable_images.png b/docs/1.10/img/prevent-vulnerable-images.png
similarity index 100%
rename from docs/1.10/img/prevent_vulnerable_images.png
rename to docs/1.10/img/prevent-vulnerable-images.png
diff --git a/docs/1.10/img/profile_dlg.png b/docs/1.10/img/profile-dlg.png
similarity index 100%
rename from docs/1.10/img/profile_dlg.png
rename to docs/1.10/img/profile-dlg.png
diff --git a/docs/1.10/img/project_configuration.png b/docs/1.10/img/project-configuration.png
similarity index 100%
rename from docs/1.10/img/project_configuration.png
rename to docs/1.10/img/project-configuration.png
diff --git a/docs/1.10/img/project_logs.png b/docs/1.10/img/project-logs.png
similarity index 100%
rename from docs/1.10/img/project_logs.png
rename to docs/1.10/img/project-logs.png
diff --git a/docs/1.10/img/project_members.png b/docs/1.10/img/project-members.png
similarity index 100%
rename from docs/1.10/img/project_members.png
rename to docs/1.10/img/project-members.png
diff --git a/docs/1.10/img/read_only_enable.png b/docs/1.10/img/read-only-enable.png
similarity index 100%
rename from docs/1.10/img/read_only_enable.png
rename to docs/1.10/img/read-only-enable.png
diff --git a/docs/1.10/img/read_only.png b/docs/1.10/img/read-only.png
similarity index 100%
rename from docs/1.10/img/read_only.png
rename to docs/1.10/img/read-only.png
diff --git a/docs/img/renderedSwagger.png b/docs/1.10/img/rendered-swagger.png
similarity index 100%
rename from docs/img/renderedSwagger.png
rename to docs/1.10/img/rendered-swagger.png
diff --git a/docs/1.10/img/replication_adapters/acr.png b/docs/1.10/img/replication-adapters/acr.png
similarity index 100%
rename from docs/1.10/img/replication_adapters/acr.png
rename to docs/1.10/img/replication-adapters/acr.png
diff --git a/docs/1.10/img/replication_adapters/ali-cr.png b/docs/1.10/img/replication-adapters/ali-cr.png
similarity index 100%
rename from docs/1.10/img/replication_adapters/ali-cr.png
rename to docs/1.10/img/replication-adapters/ali-cr.png
diff --git a/docs/1.10/img/replication_adapters/artifactory.png b/docs/1.10/img/replication-adapters/artifactory.png
similarity index 100%
rename from docs/1.10/img/replication_adapters/artifactory.png
rename to docs/1.10/img/replication-adapters/artifactory.png
diff --git a/docs/1.10/img/replication_adapters/distribution.png b/docs/1.10/img/replication-adapters/distribution.png
similarity index 100%
rename from docs/1.10/img/replication_adapters/distribution.png
rename to docs/1.10/img/replication-adapters/distribution.png
diff --git a/docs/1.10/img/replication_adapters/docker_hub.png b/docs/1.10/img/replication-adapters/docker-hub.png
similarity index 100%
rename from docs/1.10/img/replication_adapters/docker_hub.png
rename to docs/1.10/img/replication-adapters/docker-hub.png
diff --git a/docs/1.10/img/replication_adapters/ecr-aws.png b/docs/1.10/img/replication-adapters/ecr-aws.png
similarity index 100%
rename from docs/1.10/img/replication_adapters/ecr-aws.png
rename to docs/1.10/img/replication-adapters/ecr-aws.png
diff --git a/docs/1.10/img/replication_adapters/ecr.png b/docs/1.10/img/replication-adapters/ecr.png
similarity index 100%
rename from docs/1.10/img/replication_adapters/ecr.png
rename to docs/1.10/img/replication-adapters/ecr.png
diff --git a/docs/1.10/img/replication_adapters/gcr.png b/docs/1.10/img/replication-adapters/gcr.png
similarity index 100%
rename from docs/1.10/img/replication_adapters/gcr.png
rename to docs/1.10/img/replication-adapters/gcr.png
diff --git a/docs/1.10/img/replication_adapters/gitlab.png b/docs/1.10/img/replication-adapters/gitlab.png
similarity index 100%
rename from docs/1.10/img/replication_adapters/gitlab.png
rename to docs/1.10/img/replication-adapters/gitlab.png
diff --git a/docs/1.10/img/replication_adapters/harbor_logo.png b/docs/1.10/img/replication-adapters/harbor-logo.png
similarity index 100%
rename from docs/1.10/img/replication_adapters/harbor_logo.png
rename to docs/1.10/img/replication-adapters/harbor-logo.png
diff --git a/docs/1.10/img/replication_adapters/helm-hub.png b/docs/1.10/img/replication-adapters/helm-hub.png
similarity index 100%
rename from docs/1.10/img/replication_adapters/helm-hub.png
rename to docs/1.10/img/replication-adapters/helm-hub.png
diff --git a/docs/1.10/img/replication_adapters/hw.png b/docs/1.10/img/replication-adapters/hw.png
similarity index 100%
rename from docs/1.10/img/replication_adapters/hw.png
rename to docs/1.10/img/replication-adapters/hw.png
diff --git a/docs/1.10/img/replication_adapters/quay.png b/docs/1.10/img/replication-adapters/quay.png
similarity index 100%
rename from docs/1.10/img/replication_adapters/quay.png
rename to docs/1.10/img/replication-adapters/quay.png
diff --git a/docs/1.10/img/replication_adapters/right.png b/docs/1.10/img/replication-adapters/right.png
similarity index 100%
rename from docs/1.10/img/replication_adapters/right.png
rename to docs/1.10/img/replication-adapters/right.png
diff --git a/docs/1.10/img/retag_image.png b/docs/1.10/img/retag-image.png
similarity index 100%
rename from docs/1.10/img/retag_image.png
rename to docs/1.10/img/retag-image.png
diff --git a/docs/1.10/img/robotaccount/add_robot_account_2.png b/docs/1.10/img/robotaccount/add-robot-account-2.png
similarity index 100%
rename from docs/1.10/img/robotaccount/add_robot_account_2.png
rename to docs/1.10/img/robotaccount/add-robot-account-2.png
diff --git a/docs/1.10/img/robotaccount/add_robot_account.png b/docs/1.10/img/robotaccount/add-robot-account.png
similarity index 100%
rename from docs/1.10/img/robotaccount/add_robot_account.png
rename to docs/1.10/img/robotaccount/add-robot-account.png
diff --git a/docs/1.10/img/robotaccount/copy_robot_account_token.png b/docs/1.10/img/robotaccount/copy-robot-account-token.png
similarity index 100%
rename from docs/1.10/img/robotaccount/copy_robot_account_token.png
rename to docs/1.10/img/robotaccount/copy-robot-account-token.png
diff --git a/docs/1.10/img/robotaccount/disable_delete_robot_account.png b/docs/1.10/img/robotaccount/disable-delete-robot-account.png
similarity index 100%
rename from docs/1.10/img/robotaccount/disable_delete_robot_account.png
rename to docs/1.10/img/robotaccount/disable-delete-robot-account.png
diff --git a/docs/1.10/img/robotaccount/new_robot_account.png b/docs/1.10/img/robotaccount/new-robot-account.png
similarity index 100%
rename from docs/1.10/img/robotaccount/new_robot_account.png
rename to docs/1.10/img/robotaccount/new-robot-account.png
diff --git a/docs/1.10/img/robotaccount/set_robot_account_token_duration.png b/docs/1.10/img/robotaccount/set-robot-account-token-duration.png
similarity index 100%
rename from docs/1.10/img/robotaccount/set_robot_account_token_duration.png
rename to docs/1.10/img/robotaccount/set-robot-account-token-duration.png
diff --git a/docs/1.10/img/scan_all.png b/docs/1.10/img/scan-all.png
similarity index 100%
rename from docs/1.10/img/scan_all.png
rename to docs/1.10/img/scan-all.png
diff --git a/docs/1.10/img/scan_image.png b/docs/1.10/img/scan-image.png
similarity index 100%
rename from docs/1.10/img/scan_image.png
rename to docs/1.10/img/scan-image.png
diff --git a/docs/1.10/img/scan_on_push.png b/docs/1.10/img/scan-on-push.png
similarity index 100%
rename from docs/1.10/img/scan_on_push.png
rename to docs/1.10/img/scan-on-push.png
diff --git a/docs/1.10/img/scan_policy.png b/docs/1.10/img/scan-policy.png
similarity index 100%
rename from docs/1.10/img/scan_policy.png
rename to docs/1.10/img/scan-policy.png
diff --git a/docs/1.10/img/select_ldap_auth.png b/docs/1.10/img/select-ldap-auth.png
similarity index 100%
rename from docs/1.10/img/select_ldap_auth.png
rename to docs/1.10/img/select-ldap-auth.png
diff --git a/docs/1.10/img/select_oidc_auth.png b/docs/1.10/img/select-oidc-auth.png
similarity index 100%
rename from docs/1.10/img/select_oidc_auth.png
rename to docs/1.10/img/select-oidc-auth.png
diff --git a/docs/1.10/img/set_robot_account_token_duration.png b/docs/1.10/img/set-robot-account-token-duration.png
similarity index 100%
rename from docs/1.10/img/set_robot_account_token_duration.png
rename to docs/1.10/img/set-robot-account-token-duration.png
diff --git a/docs/1.10/img/set_vulnerability_threshold.png b/docs/1.10/img/set-vulnerability-threshold.png
similarity index 100%
rename from docs/1.10/img/set_vulnerability_threshold.png
rename to docs/1.10/img/set-vulnerability-threshold.png
diff --git a/docs/img/swaggerEditor.png b/docs/1.10/img/swagger-editor.png
similarity index 100%
rename from docs/img/swaggerEditor.png
rename to docs/1.10/img/swagger-editor.png
diff --git a/docs/1.10/img/tag_detail.png b/docs/1.10/img/tag-detail.png
similarity index 100%
rename from docs/1.10/img/tag_detail.png
rename to docs/1.10/img/tag-detail.png
diff --git a/docs/1.10/img/upload_charts.png b/docs/1.10/img/upload-charts.png
similarity index 100%
rename from docs/1.10/img/upload_charts.png
rename to docs/1.10/img/upload-charts.png
diff --git a/docs/1.10/img/user_profile.png b/docs/1.10/img/user-profile.png
similarity index 100%
rename from docs/1.10/img/user_profile.png
rename to docs/1.10/img/user-profile.png
diff --git a/docs/1.10/install_config/README.md b/docs/1.10/install-config/_index.md
similarity index 70%
rename from docs/1.10/install_config/README.md
rename to docs/1.10/install-config/_index.md
index a8e3488a2..d9229461c 100644
--- a/docs/1.10/install_config/README.md
+++ b/docs/1.10/install-config/_index.md
@@ -1,44 +1,42 @@
-[Back to table of contents](../index.md)
-
-----------
-
-# Harbor Installation and Configuration
+---
+title: Harbor Installation and Configuration
+---
This section describes how to perform a new installation of Harbor.
-If you are upgrading from a previous version of Harbor, you might need to update the configuration file and migrate your data to fit the database schema of the later version. For information about upgrading, see [Upgrading Harbor](../../administration/upgrade/upgrade_migrate_data.md).
+If you are upgrading from a previous version of Harbor, you might need to update the configuration file and migrate your data to fit the database schema of the later version. For information about upgrading, see [Upgrading Harbor](../../administration/upgrade/upgrade-migrate-data.md).
-Before you install Harbor, you can test its functionality on a demo server that the Harbor team has made available. For information, see [Test Harbor with the Demo Server](demo_server.md).
+Before you install Harbor, you can test its functionality on a demo server that the Harbor team has made available. For information, see [Test Harbor with the Demo Server](demo-server.md).
-You can use Harbor with different 3rd party replication adapters, OIDC adapters, and scanner adapters. For information about the supported adapters, see the [Harbor Compatibility List](harbor_compatibility_list.md).
+You can use Harbor with different 3rd party replication adapters, OIDC adapters, and scanner adapters. For information about the supported adapters, see the [Harbor Compatibility List](harbor-compatibility-list.md).
## Installation Process
The standard Harbor installation process involves the following stages:
-1. Make sure that your target host meets the [Harbor Installation Prerequisites](installation_prereqs.md).
-1. [Download the Harbor Installer](download_installer.md)
-1. [Configure HTTPS Access to Harbor](configure_https.md)
-1. [Configure the Harbor YML File](configure_yml_file.md)
-1. [Run the Installer Script](run_installer_script.md)
+1. Make sure that your target host meets the [Harbor Installation Prerequisites](installation-prereqs.md).
+1. [Download the Harbor Installer](download-installer.md)
+1. [Configure HTTPS Access to Harbor](configure-https.md)
+1. [Configure the Harbor YML File](configure-yml-file.md)
+1. [Run the Installer Script](run-installer-script.md)
-If installation fails, see [Troubleshooting Harbor Installation](troubleshoot_installation.md).
+If installation fails, see [Troubleshooting Harbor Installation](troubleshoot-installation.md).
## Quick Installation
-You can run a script that deploys Harbor to Ubuntu 18.04 with a single command. For information, see [Deploy Harbor with the Quick Installation Script](quick_install_script.md).
+You can run a script that deploys Harbor to Ubuntu 18.04 with a single command. For information, see [Deploy Harbor with the Quick Installation Script](quick-install-script.md).
## Deploy Harbor on Kubernetes
-You can also use Helm to install Harbor on a Kubernetes cluster, to make it highly available. For information about installing Harbor with Helm on a Kubernetes cluster, see [Deploying Harbor with High Availability via Helm](harbor_ha_helm.md).
+You can also use Helm to install Harbor on a Kubernetes cluster, to make it highly available. For information about installing Harbor with Helm on a Kubernetes cluster, see [Deploying Harbor with High Availability via Helm](harbor-ha-helm.md).
## Post-Installation Configuration
-For information about how manage your deployed Harbor instance, see [Reconfigure Harbor and Manage the Harbor Lifecycle](reconfigure_manage_lifecycle.md).
+For information about how manage your deployed Harbor instance, see [Reconfigure Harbor and Manage the Harbor Lifecycle](reconfigure-manage-lifecycle.md).
-By default, Harbor uses its own private key and certificate to authenticate with Docker. For information about how to optionally customize your configuration to use your own key and certificate, see [Customize the Harbor Token Service](customize_token_service.md).
+By default, Harbor uses its own private key and certificate to authenticate with Docker. For information about how to optionally customize your configuration to use your own key and certificate, see [Customize the Harbor Token Service](customize-token-service.md).
-After installation, you perform configuration operations in the Harbor interface. However, Harbor also provides a command line interface (CLI) that allows yoy to [Configure Harbor User Settings at the Command Line](configure_user_settings_cli.md).
+After installation, you perform configuration operations in the Harbor interface. However, Harbor also provides a command line interface (CLI) that allows yoy to [Configure Harbor User Settings at the Command Line](configure-user-settings-cli.md).
## Harbor Components
@@ -55,6 +53,3 @@ The table below lists the components that are deployed when you deploy Harbor.
|Docker/notary|0.6.1|
|Helm|2.9.1|
|Swagger-ui|3.22.1|
-
-----------
-[Back to table of contents](../index.md)
\ No newline at end of file
diff --git a/docs/1.10/install_config/configure_https.md b/docs/1.10/install-config/configure-https.md
similarity index 64%
rename from docs/1.10/install_config/configure_https.md
rename to docs/1.10/install-config/configure-https.md
index 4ac6beaf8..d20bf4b3d 100644
--- a/docs/1.10/install_config/configure_https.md
+++ b/docs/1.10/install-config/configure-https.md
@@ -1,8 +1,6 @@
-[Back to table of contents](../index.md)
-
-----------
-
-# Configure HTTPS Access to Harbor
+---
+title: Configure HTTPS Access to Harbor
+---
By default, Harbor does not ship with certificates. It is possible to deploy Harbor without security, so that you can connect to it over HTTP. However, using HTTP is acceptable only in air-gapped test or development environments that do not have a connection to the external internet. Using HTTP in environments that are not air-gapped exposes you to man-in-the-middle attacks. In production environments, always use HTTPS. If you enable Content Trust with Notary to properly sign all images, you must use HTTPS.
@@ -16,14 +14,15 @@ In a production environment, you should obtain a certificate from a CA. In a tes
1. Generate a CA certificate private key.
- ```
+ ```sh
openssl genrsa -out ca.key 4096
- ```
+ ```
+
1. Generate the CA certificate.
Adapt the values in the `-subj` option to reflect your organization. If you use an FQDN to connect your Harbor host, you must specify it as the common name (`CN`) attribute.
- ```
+ ```sh
openssl req -x509 -new -nodes -sha512 -days 3650 \
-subj "/C=CN/ST=Beijing/L=Beijing/O=example/OU=Personal/CN=yourdomain.com" \
-key ca.key \
@@ -36,48 +35,51 @@ The certificate usually contains a `.crt` file and a `.key` file, for example, `
1. Generate a private key.
- ```
+ ```sh
openssl genrsa -out yourdomain.com.key 4096
```
+
1. Generate a certificate signing request (CSR).
Adapt the values in the `-subj` option to reflect your organization. If you use an FQDN to connect your Harbor host, you must specify it as the common name (`CN`) attribute and use it in the key and CSR filenames.
- ```
+ ```sh
openssl req -sha512 -new \
-subj "/C=CN/ST=Beijing/L=Beijing/O=example/OU=Personal/CN=yourdomain.com" \
-key yourdomain.com.key \
-out yourdomain.com.csr
```
+
1. Generate an x509 v3 extension file.
- Regardless of whether you're using either an FQDN or an IP address to connect to your Harbor host, you must create this file so that you can generate a certificate for your Harbor host that complies with the Subject Alternative Name (SAN) and x509 v3 extension requirements. Replace the `DNS` entries to reflect your domain.
+ Regardless of whether you're using either an FQDN or an IP address to connect to your Harbor host, you must create this file so that you can generate a certificate for your Harbor host that complies with the Subject Alternative Name (SAN) and x509 v3 extension requirements. Replace the `DNS` entries to reflect your domain.
- ```
- cat > v3.ext <<-EOF
- authorityKeyIdentifier=keyid,issuer
- basicConstraints=CA:FALSE
- keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
- extendedKeyUsage = serverAuth
- subjectAltName = @alt_names
+ ```sh
+ cat > v3.ext <<-EOF
+ authorityKeyIdentifier=keyid,issuer
+ basicConstraints=CA:FALSE
+ keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
+ extendedKeyUsage = serverAuth
+ subjectAltName = @alt_names
+
+ [alt_names]
+ DNS.1=yourdomain.com
+ DNS.2=yourdomain
+ DNS.3=hostname
+ EOF
+ ```
- [alt_names]
- DNS.1=yourdomain.com
- DNS.2=yourdomain
- DNS.3=hostname
- EOF
- ```
1. Use the `v3.ext` file to generate a certificate for your Harbor host.
- Replace the `yourdomain.com` in the CRS and CRT file names with the Harbor host name.
-
- ```
- openssl x509 -req -sha512 -days 3650 \
- -extfile v3.ext \
- -CA ca.crt -CAkey ca.key -CAcreateserial \
- -in yourdomain.com.csr \
- -out yourdomain.com.crt
- ```
+ Replace the `yourdomain.com` in the CRS and CRT file names with the Harbor host name.
+
+ ```sh
+ openssl x509 -req -sha512 -days 3650 \
+ -extfile v3.ext \
+ -CA ca.crt -CAkey ca.key -CAcreateserial \
+ -in yourdomain.com.csr \
+ -out yourdomain.com.crt
+ ```
## Provide the Certificates to Harbor and Docker
@@ -85,37 +87,36 @@ After generating the `ca.crt`, `yourdomain.com.crt`, and `yourdomain.com.key` fi
1. Copy the server certificate and key into the certficates folder on your Harbor host.
- ```
- cp yourdomain.com.crt /data/cert/
- ```
- ```
- cp yourdomain.com.key /data/cert/
- ```
+ ```sh
+ cp yourdomain.com.crt /data/cert/
+ cp yourdomain.com.key /data/cert/
+ ```
+
1. Convert `yourdomain.com.crt` to `yourdomain.com.cert`, for use by Docker.
- The Docker daemon interprets `.crt` files as CA certificates and `.cert` files as client certificates.
-
- ```
+ The Docker daemon interprets `.crt` files as CA certificates and `.cert` files as client certificates.
+
+ ```sh
openssl x509 -inform PEM -in yourdomain.com.crt -out yourdomain.com.cert
```
+
1. Copy the server certificate, key and CA files into the Docker certificates folder on the Harbor host. You must create the appropriate folders first.
- ```
+ ```sh
cp yourdomain.com.cert /etc/docker/certs.d/yourdomain.com/
- ```
- ```
cp yourdomain.com.key /etc/docker/certs.d/yourdomain.com/
- ```
- ```
cp ca.crt /etc/docker/certs.d/yourdomain.com/
```
-
- If you mapped the default `nginx` port 443 to a different port, create the folder `/etc/docker/certs.d/yourdomain.com:port`, or `/etc/docker/certs.d/harbor_IP:port`.
+
+ If you mapped the default `nginx` port 443 to a different port, create the folder `/etc/docker/certs.d/yourdomain.com:port`, or `/etc/docker/certs.d/harbor_IP:port`.
+
1. Restart Docker Engine.
- `systemctl restart docker`
+ ```sh
+ systemctl restart docker
+ ```
-You might also need to trust the certificate at the OS level. See [Troubleshooting Harbor Installation](troubleshoot_installation.md#https) for more information.
+You might also need to trust the certificate at the OS level. See [Troubleshooting Harbor Installation](../troubleshoot-installation.md#https) for more information.
The following example illustrates a configuration that uses custom certificates.
@@ -129,29 +130,31 @@ The following example illustrates a configuration that uses custom certificates.
## Deploy or Reconfigure Harbor
-If you have not yet deployed Harbor, see [Configure the Harbor YML File](configure_yml_file.md) for information about how to configure Harbor to use the certificates by specifying the `hostname` and `https` attributes in `harbor.yml`.
+If you have not yet deployed Harbor, see [Configure the Harbor YML File](../configure-yml-file.md) for information about how to configure Harbor to use the certificates by specifying the `hostname` and `https` attributes in `harbor.yml`.
If you already deployed Harbor with HTTP and want to reconfigure it to use HTTPS, perform the following steps.
1. Run the `prepare` script to enable HTTPS.
- Harbor uses an `nginx` instance as a reverse proxy for all services. You use the `prepare` script to configure `nginx` to use HTTPS. The `prepare` is in the Harbor installer bundle, at the same level as the `install.sh` script.
+ Harbor uses an `nginx` instance as a reverse proxy for all services. You use the `prepare` script to configure `nginx` to use HTTPS. The `prepare` is in the Harbor installer bundle, at the same level as the `install.sh` script.
+
+ ```sh
+ ./prepare
+ ```
- ```
- ./prepare
- ```
1. If Harbor is running, stop and remove the existing instance.
- Your image data remains in the file system, so no data is lost.
+ Your image data remains in the file system, so no data is lost.
+
+ ```sh
+ docker-compose down -v
+ ```
- ```
- docker-compose down -v
- ```
1. Restart Harbor:
- ```
- docker-compose up -d
- ```
+ ```sh
+ docker-compose up -d
+ ```
## Verify the HTTPS Connection
@@ -159,27 +162,23 @@ After setting up HTTPS for Harbor, you can verify the HTTPS connection by perfor
* Open a browser and enter https://yourdomain.com. It should display the Harbor interface.
- Some browsers might show a warning stating that the Certificate Authority (CA) is unknown. This happens when using a self-signed CA that is not from a trusted third-party CA. You can import the CA to the browser to remove the warning.
+ Some browsers might show a warning stating that the Certificate Authority (CA) is unknown. This happens when using a self-signed CA that is not from a trusted third-party CA. You can import the CA to the browser to remove the warning.
* On a machine that runs the Docker daemon, check the `/etc/docker/daemon.json` file to make sure that the `-insecure-registry` option is not set for https://yourdomain.com.
* Log into Harbor from the Docker client.
- ```
- docker login yourdomain.com
- ```
+ ```sh
+ docker login yourdomain.com
+ ```
- If you've mapped `nginx` 443 port to a different port,add the port in the `login` command.
+ If you've mapped `nginx` 443 port to a different port,add the port in the `login` command.
- ```
- docker login yourdomain.com:port
- ```
+ ```sh
+ docker login yourdomain.com:port
+ ```
-## What to Do Next ##
+## What to Do Next
-- If the verification succeeds, see [Harbor Administration](../administration/README.md) for information about using Harbor.
-- If installation fails, see [Troubleshooting Harbor Installation](troubleshoot_installation.md).
-
-----------
-
-[Back to table of contents](../index.md)
\ No newline at end of file
+- If the verification succeeds, see [Harbor Administration](../administration) for information about using Harbor.
+- If installation fails, see [Troubleshooting Harbor Installation](../troubleshoot-installation.md).
diff --git a/docs/1.10/install_config/configure_user_settings_cli.md b/docs/1.10/install-config/configure-user-settings-cli.md
similarity index 89%
rename from docs/1.10/install_config/configure_user_settings_cli.md
rename to docs/1.10/install-config/configure-user-settings-cli.md
index 19f22f2be..4b0bb6c74 100644
--- a/docs/1.10/install_config/configure_user_settings_cli.md
+++ b/docs/1.10/install-config/configure-user-settings-cli.md
@@ -1,8 +1,6 @@
-[Back to table of contents](../index.md)
-
-----------
-
-# Configure Harbor User Settings at the Command Line
+---
+title: Configure Harbor User Settings at the Command Line
+---
From release 1.8.0 onwards, user settings are configured separately from the system settings. You do not configure user settings in the `harbor.yml` file, but rather in the Harbor interface or via HTTP requests.
@@ -10,11 +8,15 @@ From release 1.8.0 onwards, user settings are configured separately from the sys
**Add a new user in the local database:**
-`curl -X PUT -u ":" -H "Content-Type: application/json" -ki /api/configurations -d'{"":""}'`
+```sh
+curl -X PUT -u ":" -H "Content-Type: application/json" -ki /api/configurations -d'{"":""}'
+```
**Get the current configuration:**
-`curl -u ":" -H "Content-Type: application/json" -ki /api/configurations`
+```sh
+curl -u ":" -H "Content-Type: application/json" -ki /api/configurations
+```
**Update Harbor to use LDAP authentication:**
@@ -120,11 +122,6 @@ oidc_scope | Ccope for OIDC auth | string| required(oidc_auth)
oidc_verify_cert | Verify certificate for OIDC auth, true or false | boolean | optional| true
robot_token_duration | Robot token expiration time in minutes | number | optional | 43200 (30days)
-
-
-**Note:** Both booleans and numbers can be enclosed with double quote in the request json, for example: `123`, `"123"`, `"true"` or `true` is OK.
-
-
-----------
-
-[Back to table of contents](../index.md)
+{{< note >}}
+Both booleans and numbers can be enclosed with double quote in the request json, for example: `123`, `"123"`, `"true"` or `true` is OK.
+{{< /note >}}
diff --git a/docs/1.10/install_config/configure_yml_file.md b/docs/1.10/install-config/configure-yml-file.md
similarity index 97%
rename from docs/1.10/install_config/configure_yml_file.md
rename to docs/1.10/install-config/configure-yml-file.md
index 64cf95846..746f58bc2 100644
--- a/docs/1.10/install_config/configure_yml_file.md
+++ b/docs/1.10/install-config/configure-yml-file.md
@@ -1,8 +1,6 @@
-[Back to table of contents](../index.md)
-
-----------
-
-# Configure the Harbor YML File
+---
+title: Configure the Harbor YML File
+---
You set system level parameters for Harbor in the `harbor.yml` file that is contained in the installer package. These parameters take effect when you run the `install.sh` script to install or reconfigure Harbor.
@@ -14,7 +12,7 @@ The table below lists the parameters that must be set when you deploy Harbor. By
**IMPORTANT**: Harbor does not ship with any certificates. In versions up to and including 1.9.x, by default Harbor uses HTTP to serve registry requests. This is acceptable only in air-gapped test or development environments. In production environments, always use HTTPS. If you enable Content Trust with Notary to properly sign all images, you must use HTTPS.
-You can use certificates that are signed by a trusted third-party CA, or you can use self-signed certificates. For information about how to create a CA, and how to use a CA to sign a server certificate and a client certificate, see [Configuring Harbor with HTTPS Access](configure_https.md).
+You can use certificates that are signed by a trusted third-party CA, or you can use self-signed certificates. For information about how to create a CA, and how to use a CA to sign a server certificate and a client certificate, see [Configuring Harbor with HTTPS Access](../configure-https.md).
@@ -296,10 +294,11 @@ The following table lists the additional, optional parameters that you can set t
-**NOTE**: The `harbor.yml` file includes options to configure a UAA CA certificate. This authentication mode is not recommended and is not documented.
+{{< note >}}
+The `harbor.yml` file includes options to configure a UAA CA certificate. This authentication mode is not recommended and is not documented.
+{{< /notee >}}
-
-### Configuring a Storage Backend
+### Configuring a Storage Backend {#backend}
By default Harbor uses local storage for the registry, but you can optionally configure the `storage_service` setting so that Harbor uses external storage. For information about how to configure the storage backend of a registry for different storage providers, see the [Registry Configuration Reference](https://docs.docker.com/registry/configuration/#storage) in the Docker documentation. For example, if you use Openstack Swift as your storage backend, the parameters might resemble the following:
@@ -318,10 +317,6 @@ storage_service:
disable: false
```
-## What to Do Next ##
+## What to Do Next
-To install Harbor, [Run the Installer Script](run_installer_script.md).
-
-----------
-
-[Back to table of contents](../index.md)
\ No newline at end of file
+To install Harbor, [Run the Installer Script](../run-installer-script.md).
diff --git a/docs/1.10/install_config/customize_token_service.md b/docs/1.10/install-config/customize-token-service.md
similarity index 70%
rename from docs/1.10/install_config/customize_token_service.md
rename to docs/1.10/install-config/customize-token-service.md
index e43442185..b92a1bf86 100644
--- a/docs/1.10/install_config/customize_token_service.md
+++ b/docs/1.10/install-config/customize-token-service.md
@@ -1,8 +1,6 @@
-[Back to table of contents](../index.md)
-
-----------
-
-# Customize the Harbor Token Service
+---
+title: Customize the Harbor Token Service
+---
By default, Harbor uses its own private key and certificate to authenticate with Docker clients. This topic describes how to optionally customize your configuration to use your own key and certificate.
@@ -11,19 +9,18 @@ Harbor requires the Docker client to access the Harbor registry with a token. Th
- If you do not already have a certificate, follow the instructions in [Generate a Root Certificate](#gen-cert) to generate a root certificate by using openSSL.
- If you already have a certificate, go to [Provide the Certificate to Harbor](#provide-cert).
-
-## Generate a Root Certificate
+## Generate a Root Certificate {#gen-cert}
1. Generate a private key.
```sh
- $ openssl genrsa -out private_key.pem 4096
+ openssl genrsa -out private_key.pem 4096
```
1. Generate a certificate.
```sh
- $ openssl req -new -x509 -key private_key.pem -out root.crt -days 3650
+ openssl req -new -x509 -key private_key.pem -out root.crt -days 3650
```
1. Enter information to include in your certificate request.
@@ -40,29 +37,24 @@ Harbor requires the Docker client to access the Harbor registry with a token. Th
After you run these commands, the files `private_key.pem` and `root.crt` are created in the current directory.
-
-## Provide the Certificate to Harbor
+## Provide the Certificate to Harbor {#provide-cert}
-See [Run the Installer Script](run_installer_script.md) or [Reconfigure Harbor and Manage the Harbor Lifecycle](reconfigure_manage_lifecycle.md) to install or reconfigure Harbor. After you run `./install` or `./prepare`, Harbor generates several configuration files. You need to replace the original private key and certificate with your own key and certificate.
+See [Run the Installer Script](../run-installer-script.md) or [Reconfigure Harbor and Manage the Harbor Lifecycle](../reconfigure-manage-lifecycle.md) to install or reconfigure Harbor. After you run `./install` or `./prepare`, Harbor generates several configuration files. You need to replace the original private key and certificate with your own key and certificate.
1. Replace the default key and certificate.
Assuming that the key and certificate are in `/root/cert`, run the following commands:
- ```
- $ cd config/ui
- $ cp /root/cert/private_key.pem private_key.pem
- $ cp /root/cert/root.crt ../registry/root.crt
+ ```sh
+ cd config/ui
+ cp /root/cert/private_key.pem private_key.pem
+ cp /root/cert/root.crt ../registry/root.crt
```
1. Go back to the `make` directory, and start Harbor by using following command:
- ```
- $ docker-compose up -d
+ ```sh
+ docker-compose up -d
```
1. Push and pull images to and from Harbor to check that your own certificate works.
-
-----------
-
-[Back to table of contents](../index.md)
diff --git a/docs/1.10/install_config/demo_server.md b/docs/1.10/install-config/demo-server.md
similarity index 77%
rename from docs/1.10/install_config/demo_server.md
rename to docs/1.10/install-config/demo-server.md
index 801e0574e..92b8fedb9 100644
--- a/docs/1.10/install_config/demo_server.md
+++ b/docs/1.10/install-config/demo-server.md
@@ -1,8 +1,6 @@
-[Back to table of contents](../index.md)
-
-----------
-
-# Test Harbor with the Demo Server
+---
+title: Test Harbor with the Demo Server
+---
The Harbor team has made available a demo Harbor instance that you can use to experiment with Harbor and test its functionalities.
@@ -28,33 +26,34 @@ If you encounter any problems while using the demo server, open an [issue on Git
1. Explore the default project, `library`.
1. Click **New Project** to create your own project.
- For information about how to create a project, see [Create a Project](../working_with_projects/create_projects.md).
+ For information about how to create a project, see [Create a Project](../working-with-projects/create-projects.md).
+
1. Open a Docker client and log in to Harbor with the credentials that you created above.
- ```
- docker login demo.goharbor.io
- ```
+ ```sh
+ docker login demo.goharbor.io
+ ```
+
1. Create a very simple `Dockerfile` with the following contents.
- ```
- FROM busybox:latest
- ```
+ ```dockerfile
+ FROM busybox:latest
+ ```
+
1. Build an image from this Dockerfile and tag it.
- ```
- docker build -t demo.goharbor.io/your-project/test-image .
- ```
+ ```sh
+ docker build -t demo.goharbor.io/your-project/test-image .
+ ```
+
1. Push the image to your project in Harbor.
- ```
- docker push demo.goharbor.io/your-project/test-image
- ```
+ ```sh
+ docker push demo.goharbor.io/your-project/test-image
+ ```
+
1. In the Harbor interface, go to **Projects** > *your_project* > **Repositories** to view the image repository that you pushed to your Harbor project.
## What to Do Next ##
-See the [Harbor Installation Prerequisites](installation_prereqs.md).
-
-----------
-
-[Back to table of contents](../index.md)
\ No newline at end of file
+See the [Harbor Installation Prerequisites](../installation-prereqs.md).
diff --git a/docs/1.10/install_config/download_installer.md b/docs/1.10/install-config/download-installer.md
similarity index 90%
rename from docs/1.10/install_config/download_installer.md
rename to docs/1.10/install-config/download-installer.md
index b92d604c5..d5264ce11 100644
--- a/docs/1.10/install_config/download_installer.md
+++ b/docs/1.10/install-config/download-installer.md
@@ -1,8 +1,6 @@
-[Back to table of contents](../index.md)
-
-----------
-
-# Download the Harbor Installer
+---
+title: Download the Harbor Installer
+---
You download the Harbor installers from the [official releases](https://github.com/goharbor/harbor/releases) page. Download either the online installer or the offline installer.
@@ -32,14 +30,15 @@ The installation processes are almost the same for both the online and offline i
The `gpg` command verifies that the signature of the bundle matches that of the `*.asc` key file. You should see confirmation that the signature is correct.
-
+ ```
gpg: armor header: Version: GnuPG v1
gpg: assuming signed data in 'harbor-offline-installer-v1.10.0-rc2.tgz'
gpg: Signature made Fri, Dec 6, 2019 5:04:17 AM WEST
gpg: using RSA key 644FF454C0B4115C
gpg: using pgp trust model
- gpg: Good signature from "Harbor-sign (The key for signing Harbor build) <jiangd@vmware.com> [unknown]
-
+ gpg: Good signature from "Harbor-sign (The key for signing Harbor build) [unknown]
+ ```
+
1. Use `tar` to extract the installer package:
- Online installer:
bash $ tar xvf harbor-online-installer-version.tgz
@@ -47,9 +46,5 @@ The installation processes are almost the same for both the online and offline i
## Next Steps
-- To secure the connections to Harbor, see [Configure HTTPS Access to Harbor](configure_https.md).
-- To configure your Harbor installation, see [Configure the Harbor YML File](configure_yml_file.md).
-
-----------
-
-[Back to table of contents](../index.md)
\ No newline at end of file
+- To secure the connections to Harbor, see [Configure HTTPS Access to Harbor](../configure-https.md).
+- To configure your Harbor installation, see [Configure the Harbor YML File](../configure-yml-file.md).
diff --git a/docs/1.10/install_config/harbor_compatibility_list.md b/docs/1.10/install-config/harbor-compatibility-list.md
similarity index 56%
rename from docs/1.10/install_config/harbor_compatibility_list.md
rename to docs/1.10/install-config/harbor-compatibility-list.md
index 071970c16..7285f7536 100644
--- a/docs/1.10/install_config/harbor_compatibility_list.md
+++ b/docs/1.10/install-config/harbor-compatibility-list.md
@@ -1,8 +1,6 @@
-[Back to table of contents](../index.md)
-
-----------
-
-# Harbor Compatibility List
+---
+title: Harbor Compatibility List
+---
This document provides compatibility information for all Harbor components.
@@ -10,49 +8,45 @@ This document provides compatibility information for all Harbor components.
| | Registries | Pull Mode | Push Mode | Introduced in Release | Automated Pipeline Covered |
|-----|------------------|-----------|-----------|-----------------------|---------------------------|
-| [Harbor](https://goharbor.io/)| ||| V1.8 | Y |
-| [distribution](https://github.com/docker/distribution) | ||| V1.8 | Y |
-| [docker hub](https://hub.docker.com/) | ||| V1.8 | Y |
-| [Huawei SWR](https://www.huaweicloud.com/en-us/product/swr.html) | ||| V1.8 | N |
-| [GCR](https://cloud.google.com/container-registry/) | ||| V1.9 | Y |
-| [ECR](https://aws.amazon.com/ecr/) | ||| V1.9 | Y |
-| [ACR](https://azure.microsoft.com/en-us/services/container-registry/) | ||| V1.9 | N |
-| [AliCR](https://www.alibabacloud.com/product/container-registry) | ||| V1.9 | N |
-| [Helm Hub](https://hub.helm.sh/) | || N/A | V1.9 | N |
-| [Artifactory](https://jfrog.com/artifactory/) | ||  | V1.10 | N |
-| [Quay](https://github.com/quay/quay) | ||  | V1.10 | N |
-| [GitLab Registry](https://docs.gitlab.com/ee/user/packages/container_registry/) | ||  | V1.10 | N |
-
-**Notes**:
+| [Harbor](https://goharbor.io/)| ||| V1.8 | Y |
+| [distribution](https://github.com/docker/distribution) | ||| V1.8 | Y |
+| [docker hub](https://hub.docker.com/) | ||| V1.8 | Y |
+| [Huawei SWR](https://www.huaweicloud.com/en-us/product/swr.html) | ||| V1.8 | N |
+| [GCR](https://cloud.google.com/container-registry/) | ||| V1.9 | Y |
+| [ECR](https://aws.amazon.com/ecr/) | ||| V1.9 | Y |
+| [ACR](https://azure.microsoft.com/en-us/services/container-registry/) | ||| V1.9 | N |
+| [AliCR](https://www.alibabacloud.com/product/container-registry) | ||| V1.9 | N |
+| [Helm Hub](https://hub.helm.sh/) | || N/A | V1.9 | N |
+| [Artifactory](https://jfrog.com/artifactory/) | ||  | V1.10 | N |
+| [Quay](https://github.com/quay/quay) | ||  | V1.10 | N |
+| [GitLab Registry](https://docs.gitlab.com/ee/user/packages/container_registry/) | ||  | V1.10 | N |
+{{< note >}}
* `Pull` mode replicates artifacts from the specified source registries into Harbor.
* `Push` mode replicates artifacts from Harbor to the specified target registries.
+{{< /note >}}
## OIDC Adapters
| | OIDC Providers | Officially Verified | End User Verified | Verified in Release |
|---|-----------------|---------------------|---------------------|-----------------------|
-| [Google Identity](https://developers.google.com/identity/protocols/OpenIDConnect) | |  | |V1.9|
-| [Dex](https://github.com/dexidp/dex) |  | | | V1.9 |
-| [Ping Identity](https://www.pingidentity.com) |  | | | V1.9 |
-| [Keycloak](https://www.keycloak.org/) |  |  | | V1.10 |
-| [Auth0](https://auth0.com/) |  |  | | V1.10 |
+| [Google Identity](https://developers.google.com/identity/protocols/OpenIDConnect) | |  | |V1.9|
+| [Dex](https://github.com/dexidp/dex) |  | | | V1.9 |
+| [Ping Identity](https://www.pingidentity.com) |  | | | V1.9 |
+| [Keycloak](https://www.keycloak.org/) |  |  | | V1.10 |
+| [Auth0](https://auth0.com/) |  |  | | V1.10 |
## Scanner Adapters
| | Scanners | Providers | Evaluated | As Default | Onboard in Release |
|---|----------|-----------|-----------|------------|--------------------|
-| [Clair](https://github.com/goharbor/harbor-scanner-clair) || CentOS ||| v1.10 |
-| [Anchore](https://github.com/anchore/harbor-scanner-adapter) | | Anchore || N | v1.10 |
-| [Trivy](https://github.com/aquasecurity/harbor-scanner-trivy)|| Aqua || N | v1.10 |
+| [Clair](https://github.com/goharbor/harbor-scanner-clair) || CentOS ||| v1.10 |
+| [Anchore](https://github.com/anchore/harbor-scanner-adapter) | | Anchore || N | v1.10 |
+| [Trivy](https://github.com/aquasecurity/harbor-scanner-trivy)|| Aqua || N | v1.10 |
| [CSP](https://github.com/aquasecurity/harbor-scanner-aqua) || Aqua | N | N | v1.10 |
| [DoSec](https://github.com/dosec-cn/harbor-scanner/blob/master/README_en.md)| | DoSec | N | N | v1.10 |
-**Notes:**
-
+{{< note >}}
* `Evaluated` means that the scanner implementation has been officially tested and verified.
* `As Default` means that the scanner is provided as a default option and can be deployed together with the main Harbor components by providing extra options during installation. You must install other scanners manually.
-
-----------
-
-[Back to table of contents](../index.md)
\ No newline at end of file
+{{< /note >}}
diff --git a/docs/1.10/install_config/harbor_ha_helm.md b/docs/1.10/install-config/harbor-ha-helm.md
similarity index 95%
rename from docs/1.10/install_config/harbor_ha_helm.md
rename to docs/1.10/install-config/harbor-ha-helm.md
index bac2552f0..7d426329f 100644
--- a/docs/1.10/install_config/harbor_ha_helm.md
+++ b/docs/1.10/install-config/harbor-ha-helm.md
@@ -1,8 +1,6 @@
-[Back to table of contents](../index.md)
-
-----------
-
-# Deploying Harbor with High Availability via Helm
+---
+title: Deploying Harbor with High Availability via Helm
+---
## Goal
@@ -70,16 +68,14 @@ Configure the followings items in `values.yaml`, you can also set them as parame
Install the Harbor helm chart with a release name `my-release`:
-helm 2:
+Helm 2:
+
```bash
helm install --name my-release .
```
-helm 3:
-```
+
+Helm 3:
+
+```bash
helm install my-release .
```
-
-
-----------
-
-[Back to table of contents](../index.md)
\ No newline at end of file
diff --git a/docs/1.10/install_config/installation_prereqs.md b/docs/1.10/install-config/installation-prereqs.md
similarity index 88%
rename from docs/1.10/install_config/installation_prereqs.md
rename to docs/1.10/install-config/installation-prereqs.md
index 3cdcf3c89..883f36fd7 100644
--- a/docs/1.10/install_config/installation_prereqs.md
+++ b/docs/1.10/install-config/installation-prereqs.md
@@ -1,8 +1,6 @@
-[Back to table of contents](../index.md)
-
-----------
-
-# Harbor Installation Prerequisites
+---
+title: Harbor Installation Prerequisites
+---
Harbor is deployed as several Docker containers. You can therefore deploy it on any Linux distribution that supports Docker. The target host requires Docker, and Docker Compose to be installed.
@@ -38,8 +36,4 @@ Harbor requires that the following ports be open on the target host.
## What to Do Next ##
-[Download the Harbor Installer](download_installer.md).
-
-----------
-
-[Back to table of contents](../index.md)
\ No newline at end of file
+[Download the Harbor Installer](../download-installer.md).
diff --git a/docs/1.10/install_config/quick_install_script.md b/docs/1.10/install-config/quick-install-script.md
similarity index 73%
rename from docs/1.10/install_config/quick_install_script.md
rename to docs/1.10/install-config/quick-install-script.md
index c544aaa4e..9494ada63 100644
--- a/docs/1.10/install_config/quick_install_script.md
+++ b/docs/1.10/install-config/quick-install-script.md
@@ -1,4 +1,6 @@
-# Deploy Harbor with the Quick Installation Script
+---
+title: Deploy Harbor with the Quick Installation Script
+---
The Harbor community has provided a script that with a single command prepares an Ubuntu 18.04 machine for Harbor and deploys the latest stable version.
@@ -10,13 +12,20 @@ You have a machine or VM that is running Ubuntu 18.04. The script does not work
## Procedure
-1. Download the `harbor.sh` script from [gist.github.com](https://gist.github.com/kacole2/95e83ac84fec950b1a70b0853d6594dc) to your Ubuntu machine or VM.
+1. Download the `harbor.sh` script from [this GitHub Gist](https://gist.github.com/kacole2/95e83ac84fec950b1a70b0853d6594dc) to your Ubuntu machine or VM.
+
1. Grant run permissions to the current user.
- ```$ chmod u+x```
+ ```sh
+ chmod u+x
+ ```
+
1. Run the script as superuser.
- ```$ sudo ./harbor.sh```
+ ```sh
+ sudo ./harbor.sh
+ ```
+
1. Select whether to deploy Harbor using the IP address or FQDN of the host machine.
This is the address at which you access the Harbor interface and the registry service.
@@ -28,10 +37,13 @@ You have a machine or VM that is running Ubuntu 18.04. The script does not work
1. When the script reports `Harbor Installation Complete`, log in to your new Harbor instance.
- ```$ docker login ```
+ ```sh
+ docker login
+ ```
- - User name: `admin`
- - Password: `VMware12345`
+ - User name: `admin`
+ - Password: `VMware12345`
+
1. Enter the Harbor address in a browser to log in to the Harbor interface.
-After deployment, you can enable HTTPS and Notary by reconfiguring the installation. For information, see [Reconfigure Harbor and Manage the Harbor Lifecycle](reconfigure_manage_lifecycle.md).
\ No newline at end of file
+After deployment, you can enable HTTPS and Notary by reconfiguring the installation. For information, see [Reconfigure Harbor and Manage the Harbor Lifecycle](../reconfigure-manage-lifecycle.md).
\ No newline at end of file
diff --git a/docs/1.10/install_config/reconfigure_manage_lifecycle.md b/docs/1.10/install-config/reconfigure-manage-lifecycle.md
similarity index 84%
rename from docs/1.10/install_config/reconfigure_manage_lifecycle.md
rename to docs/1.10/install-config/reconfigure-manage-lifecycle.md
index 0503539e8..f3e7e0c17 100644
--- a/docs/1.10/install_config/reconfigure_manage_lifecycle.md
+++ b/docs/1.10/install-config/reconfigure-manage-lifecycle.md
@@ -1,8 +1,6 @@
-[Back to table of contents](../index.md)
-
-----------
-
-# Reconfigure Harbor and Manage the Harbor Lifecycle
+---
+title: Reconfigure Harbor and Manage the Harbor Lifecycle
+---
You use `docker-compose` to manage the lifecycle of Harbor. This topic provides some useful commands. You must run the commands in the directory in which `docker-compose.yml` is located.
@@ -12,8 +10,8 @@ See the [Docker Compose command-line reference](https://docs.docker.com/compose/
To stop Harbor, run the following command.
-```
-$ sudo docker-compose stop
+```sh
+sudo docker-compose stop
Stopping nginx ... done
Stopping harbor-portal ... done
Stopping harbor-jobservice ... done
@@ -29,8 +27,8 @@ Stopping harbor-log ... done
To restart Harbor, run the following command.
-```
-$ sudo docker-compose start
+```sh
+sudo docker-compose start
Starting log ... done
Starting registry ... done
Starting registryctl ... done
@@ -48,27 +46,31 @@ To reconfigure Harbor, perform the following steps.
1. Stop Harbor.
- ```
+ ```sh
sudo docker-compose down -v
```
+
1. Update `harbor.yml`.
- ```
+ ```sh
vim harbor.yml
```
+
1. Run the `prepare` script to populate the configuration.
- ```
+ ```sh
sudo prepare
```
+
To reconfigure Harbor to install Notary, Clair, and the chart repository service, include all of the components in the `prepare` command.
- ```
+ ```sh
sudo prepare --with-notary --with-clair --with-chartmuseum
```
+
1. Re-create and start the Harbor instance.
- ```
+ ```sh
sudo docker-compose up -d
```
@@ -76,17 +78,13 @@ To reconfigure Harbor, perform the following steps.
Remove Harbor's containers but keep all of the image data and Harbor's database files in the file system:
-```
-$ sudo docker-compose down -v
+```sh
+sudo docker-compose down -v
```
Remove the Harbor database and image data before performing a clean re-installation:
+```sh
+rm -r /data/database
+rm -r /data/registry
```
-$ rm -r /data/database
-$ rm -r /data/registry
-```
-
-----------
-
-[Back to table of contents](../index.md)
\ No newline at end of file
diff --git a/docs/1.10/install_config/run_installer_script.md b/docs/1.10/install-config/run-installer-script.md
similarity index 83%
rename from docs/1.10/install_config/run_installer_script.md
rename to docs/1.10/install-config/run-installer-script.md
index 6c763a9dc..741139556 100644
--- a/docs/1.10/install_config/run_installer_script.md
+++ b/docs/1.10/install-config/run-installer-script.md
@@ -1,8 +1,6 @@
-[Back to table of contents](../index.md)
-
-----------
-
-# Run the Installer Script
+---
+title: Run the Installer Script
+---
Once you have configured `harbor.yml` and optionally set up a storage backend, you install and start Harbor by using the `install.sh` script. Note that it might take some time for the online installer to download all of the Harbor images from Docker hub.
@@ -18,7 +16,7 @@ You can install Harbor in different configurations:
The default Harbor installation does not include Notary or Clair service. Run the following command
-```
+```sh
sudo ./install.sh
```
@@ -26,26 +24,27 @@ If the installation succeeds, you can open a browser to visit the Harbor interfa
Log in to the admin portal and create a new project, for example, `myproject`. You can then use Docker commands to log in to Harbor, tag images, and push them to Harbor.
-```
+```sh
docker login reg.yourdomain.com
-```
-```
docker push reg.yourdomain.com/myproject/myrepo:mytag
```
-**IMPORTANT:**
-- If your installation of Harbor uses HTTPS, you must provide the Harbor certificates to the Docker client. For information, see [Configure HTTPS Access to Harbor](configure_https.md#provide-the-certificates-to-harbor-and-docker).
-- If your installation of Harbor uses HTTP, you must add the option `--insecure-registry` to your client's Docker daemon and restart the Docker service. For more information, see [Connecting to Harbor via HTTP](#connect_http) below.
+{{< important >}}
+- If your installation of Harbor uses HTTPS, you must provide the Harbor certificates to the Docker client. For information, see [Configure HTTPS Access to Harbor](../configure-https.md#provide-the-certificates-to-harbor-and-docker).
+- If your installation of Harbor uses HTTP, you must add the option `--insecure-registry` to your client's Docker daemon and restart the Docker service. For more information, see [Connecting to Harbor via HTTP](#connect-http) below.
+{{< /important >}}
## Installation with Notary
To install Harbor with the Notary service, add the `--with-notary` parameter when you run `install.sh`:
-```
+```sh
sudo ./install.sh --with-notary
```
-**NOTE**: For installation with Notary, you must configure Harbor to use HTTPS.
+{{< note >}}
+For installation with Notary, you must configure Harbor to use HTTPS.
+{{< /note >}}
For more information about Notary and Docker Content Trust, see [Content Trust](https://docs.docker.com/engine/security/trust/content_trust/) in the Docker documentation.
@@ -53,7 +52,7 @@ For more information about Notary and Docker Content Trust, see [Content Trust](
To install Harbor with Clair service, add the `--with-clair` parameter when you run `install.sh`:
-```
+```sh
sudo ./install.sh --with-clair
```
@@ -77,8 +76,7 @@ If you want to install all three of Notary, Clair and chart repository service,
sudo ./install.sh --with-notary --with-clair --with-chartmuseum
```
-
-## Connecting to Harbor via HTTP
+## Connecting to Harbor via HTTP {#connect-http}
**IMPORTANT:** If your installation of Harbor uses HTTP rather than HTTPS, you must add the option `--insecure-registry` to your client's Docker daemon. By default, the daemon file is located at `/etc/docker/daemon.json`.
@@ -94,20 +92,24 @@ After you update `daemon.json`, you must restart both Docker Engine and Harbor.
1. Restart Docker Engine.
- `systemctl restart docker`
+ ```sh
+ systemctl restart docker
+ ```
+
1. Stop Harbor.
- `docker-compose down -v`
+ ```sh
+ docker-compose down -v
+ ```
+
1. Restart Harbor.
- `docker-compose up -d`
+ ```sh
+ docker-compose up -d
+ ```
## What to Do Next ##
-- If the installation succeeds, see [Harbor Administration](../administration/README.md) for information about using Harbor.
-- If you deployed Harbor with HTTP and you want to secure the connections to Harbor, see [Configure HTTPS Access to Harbor](configure_https.md).
-- If installation fails, see [Troubleshooting Harbor Installation](troubleshoot_installation.md).
-
-----------
-
-[Back to table of contents](../index.md)
\ No newline at end of file
+- If the installation succeeds, see [Harbor Administration](../administration) for information about using Harbor.
+- If you deployed Harbor with HTTP and you want to secure the connections to Harbor, see [Configure HTTPS Access to Harbor](../configure-https.md).
+- If installation fails, see [Troubleshooting Harbor Installation](../troubleshoot-installation.md).
diff --git a/docs/1.10/install_config/troubleshoot_installation.md b/docs/1.10/install-config/troubleshoot-installation.md
similarity index 86%
rename from docs/1.10/install_config/troubleshoot_installation.md
rename to docs/1.10/install-config/troubleshoot-installation.md
index 0766ace5c..2e03716a8 100644
--- a/docs/1.10/install_config/troubleshoot_installation.md
+++ b/docs/1.10/install-config/troubleshoot-installation.md
@@ -1,14 +1,12 @@
-[Back to table of contents](../index.md)
-
-----------
-
-# Troubleshooting Harbor Installation
+---
+title: Troubleshooting Harbor Installation
+---
The following sections help you to solve problems when installing Harbor.
## Access Harbor Logs
-By default, registry data is persisted in the host's `/data/` directory. This data remains unchanged even when Harbor's containers are removed and/or recreated, you can edit the `data_volume` in `harbor.yml` file to change this directory.
+By default, registry data is persisted in the host's `/data/` directory. This data remains unchanged even when Harbor's containers are removed and/or recreated, you can edit the `data_volume` in `harbor.yml` file to change this directory.
In addition, Harbor uses `rsyslog` to collect the logs of each container. By default, these log files are stored in the directory `/var/log/harbor/` on the target host for troubleshooting, also you can change the log directory in `harbor.yml`.
@@ -41,10 +39,9 @@ If Harbor is running behind an `nginx` proxy or elastic load balancing, open the
proxy_set_header X-Forwarded-Proto $scheme;
```
-If the proxy already has similar settings, remove it from the sections `location /`, `location /v2/` and `location /service/` and redeploy Harbor. For instructions about how to redeploy Harbor, see [Reconfigure Harbor and Manage the Harbor Lifecycle](../configuration/reconfigure_manage_lifecycle.md).
+If the proxy already has similar settings, remove it from the sections `location /`, `location /v2/` and `location /service/` and redeploy Harbor. For instructions about how to redeploy Harbor, see [Reconfigure Harbor and Manage the Harbor Lifecycle](../configuration/reconfigure-manage-lifecycle.md).
-
-## Troubleshoot HTTPS Connections
+## Troubleshoot HTTPS Connections {#https}
If you use an intermediate certificate from a certificate issuer, merge the intermediate certificate with your own certificate to create a certificate bundle. Run the following command.
@@ -55,18 +52,14 @@ When the Docker daemon runs on certain operating systems, you might need to trus
- Ubuntu:
- ```
+ ```sh
cp yourdomain.com.crt /usr/local/share/ca-certificates/yourdomain.com.crt
update-ca-certificates
```
- Red Hat (CentOS etc):
- ```
+ ```sh
cp yourdomain.com.crt /etc/pki/ca-trust/source/anchors/yourdomain.com.crt
update-ca-trust
```
-
-----------
-
-[Back to table of contents](../index.md)
\ No newline at end of file
diff --git a/docs/1.10/working-with-projects/_index.md b/docs/1.10/working-with-projects/_index.md
new file mode 100644
index 000000000..88dce6e8e
--- /dev/null
+++ b/docs/1.10/working-with-projects/_index.md
@@ -0,0 +1,9 @@
+---
+title: Working with Projects
+---
+
+This section describes how users with the developer, master, and project administrator roles manage and participate in Harbor projects. The Harbor administrator can also perform all of these tasks.
+
+- [Create Projects](create-projects.md)
+- [Project Configuration](project-configuration.md)
+- [Working with Images, Tags, and Helm Charts](working-with-images.md)
diff --git a/docs/1.10/working_with_projects/access_project_logs.md b/docs/1.10/working-with-projects/access-project-logs.md
similarity index 56%
rename from docs/1.10/working_with_projects/access_project_logs.md
rename to docs/1.10/working-with-projects/access-project-logs.md
index 9fdde935f..5e70f1537 100644
--- a/docs/1.10/working_with_projects/access_project_logs.md
+++ b/docs/1.10/working-with-projects/access-project-logs.md
@@ -1,8 +1,6 @@
-[Back to table of contents](../index.md)
-
-----------
-
-# Access and Search Project Logs
+---
+title: Access and Search Project Logs
+---
Harbor keeps a log of all of the operations that users perform in a project. You can apply filters to help you to search the logs.
@@ -11,24 +9,25 @@ Harbor keeps a log of all of the operations that users perform in a project. You
Log in to Harbor with a Harbor administrator, project administrator, master, developer, or guest account.
## Procedure
-
+
1. Go to **Projects**, select a project, and select **Logs**.
- 
+ 
+
+ All logs for the project are displayed.
- All logs for the project are displayed.
1. Click the **Search** icon and start typing to filter the logs by name.
- 
-1. Click **Advanced**.
+ 
+
+1. Click **Advanced**.
+
+ 
- 
1. Use the **Operations** drop-down menu to filter by operation type.
- 
+
+ 
+
1. Click the calendar icons to enter dates between which to search for logs of the types you set in the **Operations** drop-down menu.
- 
-
-----------
-
-[Back to table of contents](../index.md)
\ No newline at end of file
+ 
diff --git a/docs/1.10/working_with_projects/add_users.md b/docs/1.10/working-with-projects/add-users.md
similarity index 74%
rename from docs/1.10/working_with_projects/add_users.md
rename to docs/1.10/working-with-projects/add-users.md
index beb9b7973..82ab05368 100644
--- a/docs/1.10/working_with_projects/add_users.md
+++ b/docs/1.10/working-with-projects/add-users.md
@@ -1,12 +1,10 @@
-[Back to table of contents](../index.md)
-
-----------
-
-# Assign Users to a Project
+---
+title: Assign Users to a Project
+---
You can add individual users to an existing project and assign a role to them. You can add an LDAP/AD or OIDC user to the project members if you use LDAP/AD or OIDC authentication, or a user that you have already created if you use database authentication. If you use LDAP/AD or OIDC authentication, you can add groups to projects and assign a role to the group.
-For more information about users and roles in Harbor, see [User Permissions By Role](../administration/managing_users/user_permissions_by_role.md).
+For more information about users and roles in Harbor, see [User Permissions By Role](../administration/managing-users/user-permissions-by-role.md).
## Add Individual Members to Projects
@@ -14,13 +12,13 @@ For more information about users and roles in Harbor, see [User Permissions By R
1. Go to **Projects** and select a project.
1. Select the **Members** tab and click **+User**.
- 
+ 
1. Enter the name of an existing database, LDAP/AD, or OIDC user and select a role for this user.
- 
+ 
1. Optionally select one or more members, click **Action**, and select a different role for the user or users, or select **Remove** to remove them from the project.
- 
+ 
## Add LDAP/AD Groups to Projects
@@ -28,10 +26,10 @@ For more information about users and roles in Harbor, see [User Permissions By R
1. Go to **Projects** and select a project.
1. Select the **Members** tab and click **+Group**.
- 
+ 
1. Select **Add an existing user group to project members** or **Add a group from LDAP to project member**.
- 
+ 
- If you selected **Add an existing user group to project members**, enter the name of a group that you have already used in Harbor and assign a role to that group.
- If you selected **Add a group from LDAP to project member**, enter the LDAP Group DN and assign a role to that group.
@@ -42,19 +40,17 @@ If a user in the LDAP group has admin privilege, the user has the same privilege
## Add OIDC Groups to Projects
-To be able to add OIDC groups to projects, your OIDC provider and Harbor instance must be configured correctly. For information about how to configure OIDC so that Harbor can use groups, see [OIDC Provider Authentication](#oidc_auth).
+To be able to add OIDC groups to projects, your OIDC provider and Harbor instance must be configured correctly. For information about how to configure OIDC so that Harbor can use groups, see [OIDC Provider Authentication](#oidc-auth).
1. Log in to the Harbor interface with an account that has at least project administrator privileges.
1. Go to **Projects** and select a project.
1. Select the **Members** tab and click **+Group**.
- 
+ 
1. Enter the name of a group that already exists in your OIDC provider and assign a role to that group.
- 
-
-**NOTE**: Unlike with LDAP groups, Harbor cannot check whether OIDC groups exist when you add them to a project. If you mistype the group name, or if the group does not exist in your OIDC provider, Harbor still creates the group.
+ 
-----------
-
-[Back to table of contents](../index.md)
+{{< note >}}
+Unlike with LDAP groups, Harbor cannot check whether OIDC groups exist when you add them to a project. If you mistype the group name, or if the group does not exist in your OIDC provider, Harbor still creates the group.
+{{< /note >}}
diff --git a/docs/1.10/working_with_projects/configure_project_whitelist.md b/docs/1.10/working-with-projects/configure-project-whitelist.md
similarity index 61%
rename from docs/1.10/working_with_projects/configure_project_whitelist.md
rename to docs/1.10/working-with-projects/configure-project-whitelist.md
index 9115478dc..d8643c8c1 100644
--- a/docs/1.10/working_with_projects/configure_project_whitelist.md
+++ b/docs/1.10/working-with-projects/configure-project-whitelist.md
@@ -1,21 +1,23 @@
-[Back to table of contents](../index.md)
-
-----------
-
-# Configure a Per-Project CVE Whitelist
+---
+title: Configure a Per-Project CVE Whitelist
+---
When you run vulnerability scans, images that are subject to Common Vulnerabilities and Exposures (CVE) are identified. According to the severity of the CVE and your security settings, these images might not be permitted to run. You can create whitelists of CVEs to ignore during vulnerability scanning.
-Harbor administrators can set a system-wide CVE whitelist. For information about site-wide CVE whitelists, see [Configure System-Wide CVE Whitelists](../administration/vulnerability_scanning/configure_system_whitelist.md). By default, the system whitelist is applied to all projects. You can configure different CVE whitelists for individual projects, that override the system whitelist.
+Harbor administrators can set a system-wide CVE whitelist. For information about site-wide CVE whitelists, see [Configure System-Wide CVE Whitelists](../administration/vulnerability-scanning/configure-system-whitelist.md). By default, the system whitelist is applied to all projects. You can configure different CVE whitelists for individual projects, that override the system whitelist.
1. Go to **Projects**, select a project, and select **Configuration**.
-1. Under **CVE whitelist**, select **Project whitelist**.
- 
-1. Optionally click **Copy From System** to add all of the CVE IDs from the system CVE whitelist to this project whitelist.
-1. Click **Add** and enter a list of additional CVE IDs to ignore during vulnerability scanning of this project.
- 
+1. Under **CVE whitelist**, select **Project whitelist**.
+
+ 
+
+1. Optionally click **Copy From System** to add all of the CVE IDs from the system CVE whitelist to this project whitelist.
+1. Click **Add** and enter a list of additional CVE IDs to ignore during vulnerability scanning of this project.
+
+ 
+
+ Either use a comma-separated list or newlines to add multiple CVE IDs to the list.
- Either use a comma-separated list or newlines to add multiple CVE IDs to the list.
1. Click **Add** at the bottom of the window to add the CVEs to the project whitelist.
1. Optionally uncheck the **Never expires** checkbox and use the calendar selector to set an expiry date for the whitelist.
1. Click **Save** at the bottom of the page to save your settings.
@@ -24,8 +26,6 @@ After you have created a project whitelist, you can remove CVE IDs from the list
If CVEs are added to the system whitelist after you have created a project whitelist, click **Copy From System** to add the new entries from the system whitelist to the project whitelist.
-**NOTE**: If CVEs are deleted from the system whitelist after you have created a project whitelist, and if you added the system whitelist to the project whitelist, you must manually remove the deleted CVEs from the project whitelist. If you click **Copy From System** after CVEs have been deleted from the system whitelist, the deleted CVEs are not automatically removed from the project whitelist.
-
-----------
-
-[Back to table of contents](../index.md)
+{{< note >}}
+If CVEs are deleted from the system whitelist after you have created a project whitelist, and if you added the system whitelist to the project whitelist, you must manually remove the deleted CVEs from the project whitelist. If you click **Copy From System** after CVEs have been deleted from the system whitelist, the deleted CVEs are not automatically removed from the project whitelist.
+{{< /note >}}
diff --git a/docs/1.10/working_with_projects/configure_webhooks.md b/docs/1.10/working-with-projects/configure-webhooks.md
similarity index 86%
rename from docs/1.10/working_with_projects/configure_webhooks.md
rename to docs/1.10/working-with-projects/configure-webhooks.md
index 78a6613b1..799bc911d 100644
--- a/docs/1.10/working_with_projects/configure_webhooks.md
+++ b/docs/1.10/working-with-projects/configure-webhooks.md
@@ -1,8 +1,6 @@
-[Back to table of contents](../index.md)
-
-----------
-
-# Configure Webhook Notifications
+---
+title: Configure Webhook Notifications
+---
If you are a project administrator, you can configure a connection from a project in Harbor to a webhook endpoint. If you configure webhooks, Harbor notifies the webhook endpoint of certain events that occur in the project. Webhooks allow you to integrate Harbor with other tools to streamline continuous integration and development processes.
@@ -28,20 +26,20 @@ You can define one webhook endpoint per project. Webhook notifications provide i
The webhook notification is delivered in JSON format. The following example shows the JSON notification for a push image event:
-```
+```json
{
- "event_type": "pushImage"
- "events": [
- {
- "project": "prj",
- "repo_name": "repo1",
- "tag": "latest",
- "full_name": "prj/repo1",
- "trigger_time": 158322233213,
- "image_id": "9e2c9d5f44efbb6ee83aecd17a120c513047d289d142ec5738c9f02f9b24ad07",
- "project_type": "Private"
- }
- ]
+ "event_type": "pushImage",
+ "events": [
+ {
+ "project": "prj",
+ "repo_name": "repo1",
+ "tag": "latest",
+ "full_name": "prj/repo1",
+ "trigger_time": 158322233213,
+ "image_id": "9e2c9d5f44efbb6ee83aecd17a120c513047d289d142ec5738c9f02f9b24ad07",
+ "project_type": "Private"
+ }
+ ]
}
```
@@ -67,18 +65,22 @@ You can configure your continuous integration and development infrastructure so
1. Log in to the Harbor interface with an account that has at least project administrator privileges.
1. Go to **Projects**, select a project, and select **Webhooks**.
- 
+ 
+
1. Enter the URL for your webhook endpoint listener.
1. If your webhook listener implements authentication, enter the authentication header.
1. To implement `HTTPS POST` instead of `HTTP POST`, select the **Verifiy Remote Certficate** check box.
- 
+ 
+
1. Click **Test Endpoint** to make sure that Harbor can connect to the listener.
1. Click **Continue** to create the webhook.
When you have created the webhook, you see the status of the different notifications and the timestamp of the last time each notification was triggered. You can click **Disable** to disable notifications.
-**NOTE**: You can only disable and reenable all notifications. You cannot disable and enable selected notifications.
+{{< note >}}
+You can only disable and reenable all notifications. You cannot disable and enable selected notifications.
+{{< /note >}}
@@ -91,8 +93,4 @@ As a Harbor system administrator, you can enable and disable webhook notificatio
1. Go to **Configuration** > **System Settings**.
1. Scroll down and check or uncheck the **Webhooks enabled** check box.
- 
-
-----------
-
-[Back to table of contents](../index.md)
+ 
diff --git a/docs/1.10/working_with_projects/create_labels.md b/docs/1.10/working-with-projects/create-labels.md
similarity index 75%
rename from docs/1.10/working_with_projects/create_labels.md
rename to docs/1.10/working-with-projects/create-labels.md
index 2c4d8847d..edd3a87c2 100644
--- a/docs/1.10/working_with_projects/create_labels.md
+++ b/docs/1.10/working-with-projects/create-labels.md
@@ -1,8 +1,6 @@
-[Back to table of contents](../index.md)
-
-----------
-
-# Managing Labels
+---
+title: Managing Labels
+---
Harbor provides two kinds of labels to isolate different kinds of resources:
@@ -12,23 +10,19 @@ Harbor provides two kinds of labels to isolate different kinds of resources:
## Managing Global Labels
The Harbor system administrators can list, create, update and delete the global level labels under `Administration->Configuration->Labels`:
-
+
## Managing Project-Level Labels
The project administrators and Harbor system administrators can list, create, update and delete the project level labels under `Labels` tab of the project detail page:
-
+
## Adding and Removing Labels to and from Images
Users who have Harbor system administrator, project administrator or project developer role can click the `ADD LABELS` button to add labels to or remove labels from images. The label list contains both globel level labels(come first) and project level labels:
-
+
## Filtering Images by Label
The images can be filtered by labels:
-
-
-----------
-
-[Back to table of contents](../index.md)
\ No newline at end of file
+
diff --git a/docs/1.10/working_with_projects/create_projects.md b/docs/1.10/working-with-projects/create-projects.md
similarity index 63%
rename from docs/1.10/working_with_projects/create_projects.md
rename to docs/1.10/working-with-projects/create-projects.md
index b86743e96..7852bcdc5 100644
--- a/docs/1.10/working_with_projects/create_projects.md
+++ b/docs/1.10/working-with-projects/create-projects.md
@@ -1,12 +1,10 @@
-[Back to table of contents](../index.md)
-
-----------
-
-# Create Projects
+---
+title: Create Projects
+---
A project in Harbor contains all repositories of an application. Images cannot be pushed to Harbor before a project is created. Role-Based Access Control (RBAC) is applied to projects, so that only users with the appropriate roles can perform certain operations.
-There are two types of project in Harbor:
+There are two types of project in Harbor:
* **Public**: Any user can pull images from this project. This is a convenient way for you to share repositories with others.
* **Private**: Only users who are members of the project can pull images
@@ -19,42 +17,39 @@ Log in to Harbor with a Harbor administrator or project administrator account.
## Procedure
-1. Go to **Projects** and click **New Project**.
+1. Go to **Projects** and click **New Project**.
1. Provide a name for the project.
1. (Optional) Check the **Public** check box to make the project public.
- If you set the project to **Public**, any user can pull images from this project. If you leave the project set to **Private**, only users who are members of the project can pull images. You can toggle projects from public to private, or the reverse, at any moment after you create the project.
-
- 
-
+ If you set the project to **Public**, any user can pull images from this project. If you leave the project set to **Private**, only users who are members of the project can pull images. You can toggle projects from public to private, or the reverse, at any moment after you create the project.
+
+ 
+
5. Click **OK**.
After the project is created, you can browse repositories, members, logs, replication and configuration using the navigation tab.
-
+
There are two views to show repositories, list view and card view, you can switch between them by clicking the corresponding icon.
-
+
Project properties can be changed by clicking "Configuration".
* To make all repositories under the project accessible to everyone, select the `Public` checkbox.
-* To prevent un-signed images under the project from being pulled, select the `Enable content trust` checkbox. For more information about content trust, see [Implementing Content Trust](implementing_content_trust.md).
+* To prevent un-signed images under the project from being pulled, select the `Enable content trust` checkbox. For more information about content trust, see [Implementing Content Trust](../implementing-content-trust.md).
-
+
## Searching Projects and Repositories
-Entering a keyword in the search field at the top lists all matching projects and repositories. The search result includes both public and private repositories you have access to.
+Entering a keyword in the search field at the top lists all matching projects and repositories. The search result includes both public and private repositories you have access to.
-
+
## What to Do Next
-[Assign Users to a Project](add_users.md)
+[Assign Users to a Project](../add-users.md)
-----------
-
-[Back to table of contents](../index.md)
diff --git a/docs/1.10/working_with_projects/create_robot_accounts.md b/docs/1.10/working-with-projects/create-robot-accounts.md
similarity index 64%
rename from docs/1.10/working_with_projects/create_robot_accounts.md
rename to docs/1.10/working-with-projects/create-robot-accounts.md
index af45c6d41..d985327c3 100644
--- a/docs/1.10/working_with_projects/create_robot_accounts.md
+++ b/docs/1.10/working-with-projects/create-robot-accounts.md
@@ -1,8 +1,6 @@
-[Back to table of contents](../index.md)
-
-----------
-
-# Create Robot Accounts
+---
+title: Create Robot Accounts
+---
You can create robot accounts to run automated operations. Robot accounts have the following limitations:
@@ -14,27 +12,32 @@ You can create robot accounts to run automated operations. Robot accounts have t
1. Log in to the Harbor interface with an account that has at least project administrator privileges.
1. Go to **Projects**, select a project, and select **Robot Accounts**.
- 
+ 
+
1. Click **New Robot Account**.
1. Enter a name and an optional description for this robot account.
1. Grant permission to the robot account to push images and to push and pull Helm charts.
- Robot accounts can always pull images, so you cannot deselect this option.
+ Robot accounts can always pull images, so you cannot deselect this option.
- 
+ 
+
1. Click **Save**.
1. In the confirmation window, click **Export to File** to download the access token as a JSON file, or click the clipboard icon to copy its contents to the clipboard.
-
- 
- **IMPORTANT**: Harbor does not store robot account tokens, so you must either download the token JSON or copy and paste its contents into a text file. There is no way to get the token from Harbor after you have created the robot account.
-
- The new robot account appears as `robot$account_name` in the list of robot accounts. The `robot$` prefix makes it easily distinguishable from a normal Harbor user account.
+ 
+
+ {{< important >}}
+ Harbor does not store robot account tokens, so you must either download the token JSON or copy and paste its contents into a text file. There is no way to get the token from Harbor after you have created the robot account.
+ {{< /important >}}
+
+ The new robot account appears as `robot$account_name` in the list of robot accounts. The `robot$` prefix makes it easily distinguishable from a normal Harbor user account.
+
+ 
- 
1. To delete or disable a robot account, select the account in the list, and select **Disable account** or **Delete** from the Action drop-down menu.
- 
+ 
### Configure the Expiry Period of Robot Accounts
@@ -43,8 +46,8 @@ By default, robot accounts expire after 30 days. You can set a longer or shorter
1. Log in to the Harbor interface with an account that has Harbor system administrator privileges.
1. Go to **Configuration** and select **System Settings**.
1. In the **Robot Token Expiration (Days)** row, modify the number of days after which robot account tokens expire.
-
- 
+
+ 
### Authenticate with a Robot Account
@@ -55,7 +58,3 @@ docker login harbor_address
Username: robot$account_name
Password: robot_account_token
-
-----------
-
-[Back to table of contents](../index.md)
diff --git a/docs/1.10/working_with_projects/create_tag_immutability_rules.md b/docs/1.10/working-with-projects/create-tag-immutability-rules.md
similarity index 74%
rename from docs/1.10/working_with_projects/create_tag_immutability_rules.md
rename to docs/1.10/working-with-projects/create-tag-immutability-rules.md
index 1b2510474..542a580ba 100644
--- a/docs/1.10/working_with_projects/create_tag_immutability_rules.md
+++ b/docs/1.10/working-with-projects/create-tag-immutability-rules.md
@@ -1,10 +1,8 @@
-[Back to table of contents](../index.md)
+---
+title: Tag Immutability Rules
+---
-----------
-
-# Tag Immutability Rules
-
-By default, users can repeatedly push an image with the same tag to repositories in Harbor. This causes the previous image to effectively be overwritten with each push, in that the tag now points to a different image and the image that previously used the tag now becomes tagless. This is due to the Docker implementation, that does not enforce the mapping between an image tag and the image digest. This can be undesirable in certain cases, because the tag can no longer be trusted to identify the image version. The sha256 digest remains reliable and always points to the same build, but it is not rendered in a human-readable format.
+By default, users can repeatedly push an image with the same tag to repositories in Harbor. This causes the previous image to effectively be overwritten with each push, in that the tag now points to a different image and the image that previously used the tag now becomes tagless. This is due to the Docker implementation, that does not enforce the mapping between an image tag and the image digest. This can be undesirable in certain cases, because the tag can no longer be trusted to identify the image version. The sha256 digest remains reliable and always points to the same build, but it is not rendered in a human-readable format.
Moreover, the Docker implementation requires that deleting a tag results in the deletion of all other tags that point to the same digest, causing unwanted image deletions.
@@ -28,21 +26,22 @@ In this case, you cannot delete `hello-world:v2` because it shares the sha256 di
1. Log in to the Harbor interface with an account that has at least project administrator privileges.
1. Go to **Projects**, select a project, and select **Tag Immutability**.
- 
+ 
+
1. Click **Add Rule**.
- - In the **Respositories** row, enter a comma-separated list of repositories to which to either apply or exclude from the rule by selecting either **matching** or **excluding** from the drop-down menu.
- - In the **Tags** row, enter a comma-separated list of tags to which to either apply or exclude from the rule by selecting either **matching** or **excluding** from the drop-down menu.
+ - In the **Respositories** row, enter a comma-separated list of repositories to which to either apply or exclude from the rule by selecting either **matching** or **excluding** from the drop-down menu.
+ - In the **Tags** row, enter a comma-separated list of tags to which to either apply or exclude from the rule by selecting either **matching** or **excluding** from the drop-down menu.
- 
+ 
1. Click **Add** to save the rule.
- You can add a maximum of 15 immutability rules per project.
+ You can add a maximum of 15 immutability rules per project.
- After you add a rule, any tags that are identified by the rule are marked **Immutable** in the Repositories tab.
+ After you add a rule, any tags that are identified by the rule are marked **Immutable** in the Repositories tab.
1. To modify an existing rule, use the **Action** drop-down menu next to a rule to disable, edit, or delete that rule.
- 
+ 
## Example
@@ -55,7 +54,3 @@ To allow the tags `rc`, `test`, and `nightly` to be overwritten but make all oth
- Set **For the respositories** to **matching** and enter `**`.
- Set **Tags** to **excluding** and enter `rc,test,nightly`.
-
-----------
-
-[Back to table of contents](../index.md)
diff --git a/docs/1.10/working_with_projects/create_tag_retention_rules.md b/docs/1.10/working-with-projects/create-tag-retention-rules.md
similarity index 98%
rename from docs/1.10/working_with_projects/create_tag_retention_rules.md
rename to docs/1.10/working-with-projects/create-tag-retention-rules.md
index 05269355e..808b8ce5b 100644
--- a/docs/1.10/working_with_projects/create_tag_retention_rules.md
+++ b/docs/1.10/working-with-projects/create-tag-retention-rules.md
@@ -1,8 +1,6 @@
-[Back to table of contents](../index.md)
-
-----------
-
-# Create Tag Retention Rules
+---
+title: Create Tag Retention Rules
+---
A repository can rapidly accumulate a large number of image tags, many of which might not be required after a given time or once they have been superseded by a subsequent image build. These excess tags can obviously consume large quantities of storage capacity. As a Harbor system administrator, you can define rules that govern how many tags of a given repository to retain, or for how long to retain certain tags.
@@ -97,7 +95,7 @@ In this example, the rules are applied to the following 7 tags:
## How Tag Retention Rules Interact with Project Quotas
-The Harbor system administrator can set a maximum on the number of tags that a project can contain and the amount of storage that it can consume. For information about project quotas, see [Configure Project Quotas](../administration/configure_project_quotas.md).
+The Harbor system administrator can set a maximum on the number of tags that a project can contain and the amount of storage that it can consume. For information about project quotas, see [Configure Project Quotas](../administration/configure-project-quotas.md).
If you set a quota on a project, this quota cannot be exceeded. The quota is applied to a project even if you set a retention rule that would exceed it. In other words, you cannot use retention rules to bypass quotas.
@@ -159,7 +157,3 @@ If you set a quota on a project, this quota cannot be exceeded. The quota is app
To modify an existing rule, use the **Action** drop-down menu next to a rule to disable, edit, or delete that rule.
-
-----------
-
-[Back to table of contents](../index.md)
diff --git a/docs/1.10/working-with-projects/implementing-content-trust.md b/docs/1.10/working-with-projects/implementing-content-trust.md
new file mode 100644
index 000000000..b49a23276
--- /dev/null
+++ b/docs/1.10/working-with-projects/implementing-content-trust.md
@@ -0,0 +1,27 @@
+---
+title: Implementing Content Trust
+---
+
+{{< note >}}
+Notary is an optional component, please make sure you have already installed it in your Harbor instance before you go through this section.
+{{< /note >}}
+
+If you want to enable content trust to ensure that images are signed, please set two environment variables in the command line before pushing or pulling any image:
+
+```sh
+export DOCKER_CONTENT_TRUST=1
+export DOCKER_CONTENT_TRUST_SERVER=https://10.117.169.182:4443
+```
+
+If you push the image for the first time, You will be asked to enter the root key passphrase. This will be needed every time you push a new image while the `DOCKER_CONTENT_TRUST` flag is set.
+The root key is generated at: `/root/.docker/trust/private/root_keys`
+You will also be asked to enter a new passphrase for the image. This is generated at `/root/.docker/trust/private/tuf_keys/[registry name] /[imagepath]`.
+If you are using a self-signed cert, make sure to copy the CA cert into `/etc/docker/certs.d/10.117.169.182` and `$HOME/.docker/tls/10.117.169.182:4443/`. When an image is signed, it is indicated in the Web UI.
+
+{{< note >}}
+Replace "10.117.169.182" with the IP address or domain name of your Harbor node. In order to use content trust, HTTPS must be enabled in Harbor.
+{{< /note >}}
+
+When an image is signed, it has a tick shown in UI; otherwise, a cross sign(X) is displayed instead.
+
+
diff --git a/docs/1.10/working_with_projects/managing_helm_charts.md b/docs/1.10/working-with-projects/managing-helm-charts.md
similarity index 80%
rename from docs/1.10/working_with_projects/managing_helm_charts.md
rename to docs/1.10/working-with-projects/managing-helm-charts.md
index 72fce9ddf..8a01c8394 100644
--- a/docs/1.10/working_with_projects/managing_helm_charts.md
+++ b/docs/1.10/working-with-projects/managing-helm-charts.md
@@ -1,39 +1,42 @@
-[Back to table of contents](../index.md)
+---
+title: Managing Helm Charts
+---
-----------
-
-# Managing Helm Charts
[Helm](https://helm.sh) is a package manager for [Kubernetes](https://kubernetes.io). Helm uses a packaging format called [charts](https://docs.helm.sh/developing_charts). Since version 1.6.0 Harbor is now a composite cloud-native registry which supports both container image management and Helm charts management. Access to Helm charts in Harbor is controlled by [role-based access controls (RBAC)](https://en.wikipedia.org/wiki/Role-based_access_control) and is restricted by projects.
## Manage Helm Charts via the Harbor Interface
+
### List charts
+
Click your project to enter the project detail page after successful logging in. The existing helm charts will be listed under the tab `Helm Charts` which is beside the image `Repositories` tab with the following information:
* Name of helm chart
* The status of the chart: Active or Deprecated
* The count of chart versions
* The created time of the chart
-
+
You can click the icon buttons on the top right to switch views between card view and list view.
### Upload a New Chart
+
Click the `UPLOAD` button on the top left to open the chart uploading dialog. Choose the uploading chart from your filesystem. Click the `UPLOAD` button to upload it to the chart repository server.
-
+
If the chart is signed, you can choose the corresponding provenance file from your filesystem and Click the `UPLOAD` button to upload them together at once.
If the chart is successfully uploaded, it will be displayed in the chart list at once.
### List Chart Versions
+
Clicking the chart name from the chart list will show all the available versions of that chart with the following information:
* the chart version number
* the maintainers of the chart version
* the template engine used (default is gotpl)
* the created timestamp of the chart version
-
+
Obviously, there will be at least 1 version for each of the charts in the top chart list. Same with chart list view, you can also click the icon buttons on the top right to switch views between card view and list view.
@@ -45,13 +48,13 @@ Check the checkbox at the 1st column to select the specified chart versions:
### Adding Labels to and Removing Labels from Chart Versions
Users who have Harbor system administrator, project administrator or project developer role can click the `ADD LABELS` button to add labels to or remove labels from chart versions.
-
+
### Filtering Chart Versions by Label
The chart versions can be filtered by labels:
-
+
### View Chart Version Details
Clicking the chart version number link will open the chart version details view. You can see more details about the specified chart version here. There are three content sections:
@@ -59,58 +62,77 @@ Clicking the chart version number link will open the chart version details view.
* readme of the chart
* overall metadata like home, created timestamp and application version
* related helm commands for reference, such as `helm add repo` and `helm install` etc.
-
+
* **Dependencies:**
* list all the dependant sun charts with 'name', 'version' and 'repository' fields
-
+
* **Values:**
* display the content from `values.yaml` file with highlight code preview
* clicking the icon buttons on the top right to switch the yaml file view to k-v value pair list view
-
+
Clicking the `DOWNLOAD` button on the top right will start the downloading process.
## Working with the Helm CLI
+
As a helm chart repository, Harbor can work smoothly with Helm CLI. About how to install Helm CLI, please refer [install helm](https://docs.helm.sh/using_helm/#installing-helm). Run command `helm version` to make sure the version of Helm CLI is v2.9.1+.
-```
+
+```sh
helm version
#Client: &version.Version{SemVer:"v2.9.1", GitCommit:"20adb27c7c5868466912eebdf6664e7390ebe710", GitTreeState:"clean"}
#Server: &version.Version{SemVer:"v2.9.1", GitCommit:"20adb27c7c5868466912eebdf6664e7390ebe710", GitTreeState:"clean"}
```
+
### Add Harbor to the Repository List
+
Before working, Harbor should be added into the repository list with `helm repo add` command. Two different modes are supported.
+
* Add Harbor as a unified single index entry point
-With this mode Helm can be made aware of all the charts located in different projects and which are accessible by the currently authenticated user.
-```
-helm repo add --ca-file ca.crt --username=admin --password=Passw0rd myrepo https://xx.xx.xx.xx/chartrepo
-```
-**NOTES:** Providing both ca file and cert files is caused by an issue from helm.
+ With this mode Helm can be made aware of all the charts located in different projects and which are accessible by the currently authenticated user.
+
+ ```sh
+ helm repo add --ca-file ca.crt --username=admin --password=Passw0rd myrepo https://xx.xx.xx.xx/chartrepo
+ ```
+
+ {{< note >}}
+ Providing both a CA file and cert files is necessary due to an issue in Helm.
+ {{< /note >}}
* Add Harbor project as separate index entry point
-With this mode, helm can only pull charts in the specified project.
-```
-helm repo add --ca-file ca.crt --username=admin --password=Passw0rd myrepo https://xx.xx.xx.xx/chartrepo/myproject
-```
+ With this mode, Helm can only pull charts in the specified project.
+
+ ```sh
+ helm repo add --ca-file ca.crt --username=admin --password=Passw0rd myrepo https://xx.xx.xx.xx/chartrepo/myproject
+ ```
### Push Charts to the Repository Server with the CLI
+
As an alternative, you can also upload charts via the CLI. It is not supported by the native helm CLI. A plugin from the community should be installed before pushing. Run `helm plugin install` to install the `push` plugin first.
-```
+
+```sh
helm plugin install https://github.com/chartmuseum/helm-push
```
-After a successful installation, run `push` command to upload your charts:
-```
+
+After a successful installation, run the `push` command to upload your charts:
+
+```sh
helm push --ca-file=ca.crt --username=admin --password=passw0rd chart_repo/hello-helm-0.1.0.tgz myrepo
```
-**NOTES:** `push` command does not support pushing a prov file of a signed chart yet.
+
+{{< note >}}
+The `push` command does not yet support pushing a prov file of a signed chart.
+{{< /note >}}
### Install Charts
+
Before installing, make sure your helm is correctly initialized with command `helm init` and the chart index is synchronized with command `helm repo update`.
Search the chart with the keyword if you're not sure where it is:
-```
+
+```sh
helm search hello
#NAME CHART VERSION APP VERSION DESCRIPTION
@@ -118,13 +140,12 @@ helm search hello
#myrepo/chart_repo/hello-helm 0.1.10 1.2 A Helm chart for Kubernetes
#myrepo/library/hello-helm 0.3.10 1.3 A Helm chart for Kubernetes
```
-Everything is ready, install the chart to your kubernetes:
-```
+
+If everything is ready, install the chart in your Kubernetes cluster:
+
+```sh
helm install --ca-file=ca.crt --username=admin --password=Passw0rd --version 0.1.10 repo248/chart_repo/hello-helm
```
For other more helm commands like how to sign a chart, please refer to the [helm doc](https://docs.helm.sh/helm/#helm).
-----------
-
-[Back to table of contents](../index.md)
diff --git a/docs/1.10/working_with_projects/project_configuration.md b/docs/1.10/working-with-projects/project-configuration.md
similarity index 81%
rename from docs/1.10/working_with_projects/project_configuration.md
rename to docs/1.10/working-with-projects/project-configuration.md
index cd44eabdd..245645972 100644
--- a/docs/1.10/working_with_projects/project_configuration.md
+++ b/docs/1.10/working-with-projects/project-configuration.md
@@ -1,25 +1,22 @@
-[Back to table of contents](../index.md)
-
-----------
-
-# Project Configuration
+---
+title: Project Configuration
+---
After the initial creation of a project, you can configure or reconfigure its properties in the **Configuration** tab for that project.
-
1. Log in to the Harbor interface with an account that has at least project administrator privileges.
1. Go to **Projects** and select a project.
1. Select the **Configuration** tab.
1. To make all repositories under the project accessible to everyone, select the `Public` checkbox, or deselect this checkbox to make the project private.
1. To prevent un-signed images under the project from being pulled, select the `Enable content trust` checkbox.
-
+
## Searching projects and repositories
Enter a keyword in the search field at the top to list all matching projects and repositories. The search result includes both public and private repositories you have access to.
-
+
## Configure Vulnerability Settings in Projects
@@ -30,16 +27,16 @@ You can configure projects so that images with vulnerabilities cannot be run, an
1. Select the **Configuration** tab.
1. To prevent vulnerable images under the project from being pulled, select the **Prevent vulnerable images from running** checkbox.
- 
+ 
1. Select the severity level of vulnerabilities to prevent images from running.
- 
+ 
Images cannot be pulled if their level is equal to or higher than the selected level of severity. Harbor does not prevent images with a vulnerability severity of `negligible` from running.
1. To activate an immediate vulnerability scan on new images that are pushed to the project, select the **Automatically scan images on push** check box.
- 
+ 
## Build history
@@ -47,8 +44,4 @@ Build history makes it easy to see the contents of a container image, find the c
In Harbor portal, enter your project, select the repository, click on the link of tag name you'd like to see its build history, the detail page will be opened. Then switch to `Build History` tab, you can see the build history information.
-
-
-----------
-
-[Back to table of contents](../index.md)
+
diff --git a/docs/1.10/working_with_projects/pulling_pushing_images.md b/docs/1.10/working-with-projects/pulling-pushing-images.md
similarity index 59%
rename from docs/1.10/working_with_projects/pulling_pushing_images.md
rename to docs/1.10/working-with-projects/pulling-pushing-images.md
index b0d992184..e3f7b4b41 100644
--- a/docs/1.10/working_with_projects/pulling_pushing_images.md
+++ b/docs/1.10/working-with-projects/pulling-pushing-images.md
@@ -1,8 +1,6 @@
-[Back to table of contents](../index.md)
-
-----------
-
-# Pulling and Pushing Images in the Docker Client
+---
+title: Pulling and Pushing Images in the Docker Client
+---
Harbor optionally supports HTTP connections, however the Docker client always attempts to connect to registries by first using HTTPS. If Harbor is configured for HTTP, you must configure your Docker client so that it can connect to insecure registries. In your Docker client is not configured for insecure registries, you will see the following error when you attempt to pull or push images to Harbor:
@@ -10,91 +8,92 @@ Harbor optionally supports HTTP connections, however the Docker client always at
Error response from daemon: Get https://myregistrydomain.com/v1/users/: dial tcp myregistrydomain.com:443 getsockopt: connection refused.
-For information about how to add insecure registries to your Docker client, see [Connecting to Harbor via HTTP](../install_config/run_installer_script.md#connect_http).
+For information about how to add insecure registries to your Docker client, see [Connecting to Harbor via HTTP](../install-config/run-installer-script.md#connect_http).
-You also see this error if Harbor uses HTTPS with an unknown CA certificate. In this case, obtain the registry's CA certificate, and copy it to /etc/docker/certs.d/myregistrydomain.com/ca.crt.
+You also see this error if Harbor uses HTTPS with an unknown CA certificate. In this case, obtain the registry's CA certificate, and copy it to /etc/docker/certs.d/myregistrydomain.com/ca.crt.
-**NOTE**: Harbor only supports the Registry V2 API. You must use Docker client 1.6.0 or higher when pushing and pulling images.
+{{< note >}}
+Harbor only supports the Registry V2 API. You must use Docker client 1.6.0 or higher when pushing and pulling images.
+{{< /note >}}
-## Pulling Images
+## Pulling Images
-If the project that the image belongs to is private, you must sign in first:
+If the project that the image belongs to is private, you must sign in first:
-```
-sh
-$ docker login
+```sh
+docker login
```
-You can now pull an image:
+You can now pull an image:
-```
-sh
-$ docker pull /library/ubuntu:14.04
+```sh
+docker pull /library/ubuntu:14.04
```
-**NOTE**: You cannot pull an unsigned image if you have enabled content trust.
+{{< note >}}
+You cannot pull an unsigned image if you have enabled content trust.
+{{< /note >}}
-## Pushing Images
+## Pushing Images
-Before you can push an image to Harbor, you must create a corresponding project in the Harbor interface. For information about how to create a project, see [Create Projects](create_projects.md).
+Before you can push an image to Harbor, you must create a corresponding project in the Harbor interface. For information about how to create a project, see [Create Projects](../create-projects.md).
-First, log in from Docker client:
+First, log in from Docker client:
-```
-sh
-$ docker login
+```sh
+docker login
```
-Tag the image:
+Tag the image:
-```
-sh
-$ docker tag ubuntu:14.04 /demo/ubuntu:14.04
+```sh
+docker tag ubuntu:14.04 /demo/ubuntu:14.04
```
Push the image:
-```
-sh
-$ docker push /demo/ubuntu:14.04
+```sh
+docker push /demo/ubuntu:14.04
```
-## Add Descriptions to Repositories
+## Add Descriptions to Repositories
After pushing an image, the project administrator can add information to describe the repository.
Go into the repository and select the **Info** tab, and click the **Edit** button. Enter a description and click **Save** to save the description.
-
+
## Download the Harbor Certificate
-Users can click the **Registry Certificate** button to download the registry certificate.
+Users can click the **Registry Certificate** button to download the registry certificate.
-
+
-## Deleting Repositories
+## Deleting Repositories
-Deleting repositories involves two steps.
+Deleting repositories involves two steps.
-First, you delete a repository in the Harbor interface. This is soft deletion. You can delete the entire repository or just one of its tags. After the soft deletion, the repository is no longer managed by Harbor, however, the repository files remain in the Harbor storage.
+First, you delete a repository in the Harbor interface. This is soft deletion. You can delete the entire repository or just one of its tags. After the soft deletion, the repository is no longer managed by Harbor, however, the repository files remain in the Harbor storage.
-
-
+
+
-**CAUTION: If both tag A and tag B refer to the same image, after deleting tag A, B will also get deleted. if you enabled content trust, you need to use notary command line tool to delete the tag's signature before you delete an image.**
+{{< caution >}}
+If both tag A and tag B refer to the same image, after deleting tag A, B will also get deleted. if you enabled content trust, you need to use notary command line tool to delete the tag's signature before you delete an image.
+{{< /caution >}}
-Next, delete the repository files by running [garbage collection](../administration/garbage_collection.md) in the Harbor interface.
+Next, delete the repository files by running [garbage collection](../administration/garbage-collection.md) in the Harbor interface.
## Pulling Images from Harbor in Kubernetes
-Kubernetes users can easily deploy pods with images stored in Harbor. The settings are similar to those of any other private registry. There are two issues to be aware of:
+Kubernetes users can easily deploy pods with images stored in Harbor. The settings are similar to those of any other private registry. There are two issues to be aware of:
-1. When your Harbor instance is hosting HTTP and the certificate is self-signed, you must modify `daemon.json` on each work node of your cluster. For information, see https://docs.docker.com/registry/insecure/#deploy-a-plain-http-registry.
-2. If your pod references an image under a private project, you must create a secret with the credentials of a user who has permission to pull images from the project. For information, see https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/.
+1. When your Harbor instance is hosting HTTP and the certificate is self-signed, you must modify `daemon.json` on each work node of your cluster. For information, see https://docs.docker.com/registry/insecure/#deploy-a-plain-http-registry.
+2. If your pod references an image under a private project, you must create a secret with the credentials of a user who has permission to pull images from the project. For information, see https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/.
## Configure Notary Content Trust
-Make sure that `https` is enabled in `harbor.yml` and the attributes `ssl_cert` and `ssl_cert_key` point to valid certificates. For more information about generating a HTTPS certificate, see [Configure HTTPS Access to Harbor](../install_config/configure_https.md).
+Make sure that `https` is enabled in `harbor.yml` and the attributes `ssl_cert` and `ssl_cert_key` point to valid certificates. For more information about generating a HTTPS certificate, see [Configure HTTPS Access to Harbor](../install-config/configure-https.md).
### Copy the Root Certificate
@@ -104,7 +103,7 @@ If Harbor instance is hosted at 192.168.0.5, ff you are using a self-signed cert
You can enable content trust by setting the following environment variables on the machine on which you run the Docker client.
-```
+```sh
export DOCKER_CONTENT_TRUST=1
export DOCKER_CONTENT_TRUST_SERVER=https://192.168.0.5:4443
```
@@ -113,11 +112,6 @@ export DOCKER_CONTENT_TRUST_SERVER=https://192.168.0.5:4443
By default the local directory for storing meta files for the Notary client is different from the one for the Docker client. To simplify the use of the Notary client to manipulate the keys/meta files that are generated by Docker content trust, you can set an alias.
+```sh
+alias notary="notary -s https://192.168.0.5:4443 -d ~/.docker/trust --tlscacert /etc/docker/certs.d/192.168.0.5/ca.crt"
```
-alias notary="notary -s https://192.168.0.5:4443 -d ~/.docker/trust --tlscacert /etc/docker/certs.d/192.168.0.5/ca.crt"
-
-```
-
-----------
-
-[Back to table of contents](../index.md)
\ No newline at end of file
diff --git a/docs/1.10/working_with_projects/retagging_images.md b/docs/1.10/working-with-projects/retagging-images.md
similarity index 78%
rename from docs/1.10/working_with_projects/retagging_images.md
rename to docs/1.10/working-with-projects/retagging-images.md
index 032b88718..6efd6c5c9 100644
--- a/docs/1.10/working_with_projects/retagging_images.md
+++ b/docs/1.10/working-with-projects/retagging-images.md
@@ -1,8 +1,6 @@
-[Back to table of contents](../index.md)
-
-----------
-
-# Retagging Images
+---
+title: Retagging Images
+---
You can retag images in Harbor. Users with sufficient privileges can retag images to different repositories and projects. For example, you can retag images as follows:
@@ -13,11 +11,6 @@ To retag an image, you must have read permission (guest role or above) in the so
In the Harbor interface, select the image to retag, and click `Retag`.
-
+
In the Retag windown, enter the project name, repository name, the new tag name, and click **Confirm**.
-
-----------
-
-[Back to table of contents](../index.md)
-
diff --git a/docs/1.10/working_with_projects/using_api_explorer.md b/docs/1.10/working-with-projects/using-api-explorer.md
similarity index 77%
rename from docs/1.10/working_with_projects/using_api_explorer.md
rename to docs/1.10/working-with-projects/using-api-explorer.md
index c7e2e93cd..1cb46f9e8 100644
--- a/docs/1.10/working_with_projects/using_api_explorer.md
+++ b/docs/1.10/working-with-projects/using-api-explorer.md
@@ -1,19 +1,13 @@
-[Back to table of contents](../index.md)
-
-----------
-
-# Using the API Explorer
+---
+title: Using the API Explorer
+---
Harbor integrated swagger UI from 1.8. That means all apis can be invoked through UI. Normally, user have 2 ways to navigate to API Explorer.
1. User can login harbor, and click the "API EXPLORER" button.All apis will be invoked with current user authorization.
-
+
2. User can navigate to swagger page by ip address by router "devcenter". For example: https://10.192.111.118/devcenter. After go to the page, need to click "authorize" button to give basic authentication to all apis. All apis will be invoked with the authorized user authorization.
-----------
-
-[Back to table of contents](../index.md)
-
diff --git a/docs/1.10/working-with-projects/working-with-images.md b/docs/1.10/working-with-projects/working-with-images.md
new file mode 100644
index 000000000..afb28188b
--- /dev/null
+++ b/docs/1.10/working-with-projects/working-with-images.md
@@ -0,0 +1,12 @@
+---
+title: Working with Images and Tags
+---
+
+This section describes how to work with images and tags in Harbor.
+
+- [Pulling and Pushing Images](../pulling-pushing-images.md)
+- [Create Labels](../create-labels.md)
+- [Retag Images](../retagging-images.md)
+- [Create Tag Retention Rules](../create-tag-retention-rules.md)
+- [Create Tag Immutability Rules](../create-tag-immutability-rules.md)
+- [Manage Kubernetes Packages with Helm Charts](../managing-helm-charts.md)
diff --git a/docs/1.10/working_with_projects/README.md b/docs/1.10/working_with_projects/README.md
deleted file mode 100644
index 2664ddfdf..000000000
--- a/docs/1.10/working_with_projects/README.md
+++ /dev/null
@@ -1,11 +0,0 @@
-# Working with Projects
-
-This section describes how users with the developer, master, and project administrator roles manage and participate in Harbor projects. The Harbor administrator can also perform all of these tasks.
-
-- [Create Projects](create_projects.md)
-- [Project Configuration](project_configuration.md)
-- [Working with Images, Tags, and Helm Charts](working_with_images.md)
-
-----------
-
-[Back to table of contents](../index.md)
diff --git a/docs/1.10/working_with_projects/implementing_content_trust.md b/docs/1.10/working_with_projects/implementing_content_trust.md
deleted file mode 100644
index 1e6f4c252..000000000
--- a/docs/1.10/working_with_projects/implementing_content_trust.md
+++ /dev/null
@@ -1,25 +0,0 @@
-[Back to table of contents](../index.md)
-
-----------
-
-# Implementing Content Trust
-
-**NOTE: Notary is an optional component, please make sure you have already installed it in your Harbor instance before you go through this section.**
-
-If you want to enable content trust to ensure that images are signed, please set two environment variables in the command line before pushing or pulling any image:
-```sh
-export DOCKER_CONTENT_TRUST=1
-export DOCKER_CONTENT_TRUST_SERVER=https://10.117.169.182:4443
-```
-If you push the image for the first time, You will be asked to enter the root key passphrase. This will be needed every time you push a new image while the ``DOCKER_CONTENT_TRUST`` flag is set.
-The root key is generated at: ``/root/.docker/trust/private/root_keys``
-You will also be asked to enter a new passphrase for the image. This is generated at ``/root/.docker/trust/private/tuf_keys/[registry name] /[imagepath]``.
-If you are using a self-signed cert, make sure to copy the CA cert into ```/etc/docker/certs.d/10.117.169.182``` and ```$HOME/.docker/tls/10.117.169.182:4443/```. When an image is signed, it is indicated in the Web UI.
-**Note: Replace "10.117.169.182" with the IP address or domain name of your Harbor node. In order to use content trust, HTTPS must be enabled in Harbor.**
-
-When an image is signed, it has a tick shown in UI; otherwise, a cross sign(X) is displayed instead.
-
-
-----------
-
-[Back to table of contents](../index.md)
diff --git a/docs/1.10/working_with_projects/working_with_images.md b/docs/1.10/working_with_projects/working_with_images.md
deleted file mode 100644
index 9799f5c7c..000000000
--- a/docs/1.10/working_with_projects/working_with_images.md
+++ /dev/null
@@ -1,15 +0,0 @@
-# Working with Images and Tags
-
-This section describes how to work with images and tags in Harbor.
-
-- [Pulling and Pushing Images](pulling_pushing_images.md)
-- [Create Labels](create_labels.md)
-- [Retag Images](retagging_images.md)
-- [Create Tag Retention Rules](create_tag_retention_rules.md)
-- [Create Tag Immutability Rules](create_tag_immutability_rules.md)
-- [Manage Kubernetes Packages with Helm Charts](managing_helm_charts.md)
-
-
-----------
-
-[Back to table of contents](../index.md)
diff --git a/docs/img/360.png b/docs/img/360.png
deleted file mode 100644
index bb8feab6b..000000000
Binary files a/docs/img/360.png and /dev/null differ
diff --git a/docs/img/OIDC/auth0.png b/docs/img/OIDC/auth0.png
deleted file mode 100644
index 5798dfa3b..000000000
Binary files a/docs/img/OIDC/auth0.png and /dev/null differ
diff --git a/docs/img/OIDC/dex.png b/docs/img/OIDC/dex.png
deleted file mode 100644
index 88b6df0f3..000000000
Binary files a/docs/img/OIDC/dex.png and /dev/null differ
diff --git a/docs/img/OIDC/google_identity.png b/docs/img/OIDC/google_identity.png
deleted file mode 100644
index c739b37b8..000000000
Binary files a/docs/img/OIDC/google_identity.png and /dev/null differ
diff --git a/docs/img/OIDC/keycloak.png b/docs/img/OIDC/keycloak.png
deleted file mode 100644
index 73084d784..000000000
Binary files a/docs/img/OIDC/keycloak.png and /dev/null differ
diff --git a/docs/img/OIDC/ping.png b/docs/img/OIDC/ping.png
deleted file mode 100644
index a6f459d20..000000000
Binary files a/docs/img/OIDC/ping.png and /dev/null differ
diff --git a/docs/img/UserMaDai.jpg b/docs/img/UserMaDai.jpg
deleted file mode 100644
index a14661946..000000000
Binary files a/docs/img/UserMaDai.jpg and /dev/null differ
diff --git a/docs/img/Yanrong.jpg b/docs/img/Yanrong.jpg
deleted file mode 100644
index 3a4d892d4..000000000
Binary files a/docs/img/Yanrong.jpg and /dev/null differ
diff --git a/docs/img/add-immutability-rule.png b/docs/img/add-immutability-rule.png
deleted file mode 100644
index 7d15ce9fd..000000000
Binary files a/docs/img/add-immutability-rule.png and /dev/null differ
diff --git a/docs/img/add-scanner.png b/docs/img/add-scanner.png
deleted file mode 100644
index e41e0757d..000000000
Binary files a/docs/img/add-scanner.png and /dev/null differ
diff --git a/docs/img/add_group.png b/docs/img/add_group.png
deleted file mode 100644
index 944ca2c83..000000000
Binary files a/docs/img/add_group.png and /dev/null differ
diff --git a/docs/img/add_labels_to_images.png b/docs/img/add_labels_to_images.png
deleted file mode 100644
index d74c6112a..000000000
Binary files a/docs/img/add_labels_to_images.png and /dev/null differ
diff --git a/docs/img/add_member.png b/docs/img/add_member.png
deleted file mode 100755
index 85d578f26..000000000
Binary files a/docs/img/add_member.png and /dev/null differ
diff --git a/docs/img/add_oidc_group.png b/docs/img/add_oidc_group.png
deleted file mode 100644
index 788c23fa5..000000000
Binary files a/docs/img/add_oidc_group.png and /dev/null differ
diff --git a/docs/img/anchore_logo.png b/docs/img/anchore_logo.png
deleted file mode 100644
index 289da968e..000000000
Binary files a/docs/img/anchore_logo.png and /dev/null differ
diff --git a/docs/img/api_explorer_btn.png b/docs/img/api_explorer_btn.png
deleted file mode 100644
index bf41bb24b..000000000
Binary files a/docs/img/api_explorer_btn.png and /dev/null differ
diff --git a/docs/img/authorize.png b/docs/img/authorize.png
deleted file mode 100644
index 22c1c0d99..000000000
Binary files a/docs/img/authorize.png and /dev/null differ
diff --git a/docs/img/axatp.png b/docs/img/axatp.png
deleted file mode 100644
index 2401c56c8..000000000
Binary files a/docs/img/axatp.png and /dev/null differ
diff --git a/docs/img/bar_chart.png b/docs/img/bar_chart.png
deleted file mode 100644
index e701dd06b..000000000
Binary files a/docs/img/bar_chart.png and /dev/null differ
diff --git a/docs/img/beegoLogo.png b/docs/img/beegoLogo.png
deleted file mode 100644
index ada97519d..000000000
Binary files a/docs/img/beegoLogo.png and /dev/null differ
diff --git a/docs/img/bell-outline-badged.svg b/docs/img/bell-outline-badged.svg
deleted file mode 100644
index a8b0a96d0..000000000
--- a/docs/img/bell-outline-badged.svg
+++ /dev/null
@@ -1,5 +0,0 @@
-
\ No newline at end of file
diff --git a/docs/img/beyondsoft.png b/docs/img/beyondsoft.png
deleted file mode 100644
index 49867c396..000000000
Binary files a/docs/img/beyondsoft.png and /dev/null differ
diff --git a/docs/img/bingocloud.png b/docs/img/bingocloud.png
deleted file mode 100644
index d1fac9f19..000000000
Binary files a/docs/img/bingocloud.png and /dev/null differ
diff --git a/docs/img/bocoit.png b/docs/img/bocoit.png
deleted file mode 100644
index 7560b646f..000000000
Binary files a/docs/img/bocoit.png and /dev/null differ
diff --git a/docs/img/boer.png b/docs/img/boer.png
deleted file mode 100644
index af54d40f6..000000000
Binary files a/docs/img/boer.png and /dev/null differ
diff --git a/docs/img/browse_project.png b/docs/img/browse_project.png
deleted file mode 100755
index a9683f767..000000000
Binary files a/docs/img/browse_project.png and /dev/null differ
diff --git a/docs/img/browse_project_repositories.png b/docs/img/browse_project_repositories.png
deleted file mode 100644
index 13746d70c..000000000
Binary files a/docs/img/browse_project_repositories.png and /dev/null differ
diff --git a/docs/img/build_history.png b/docs/img/build_history.png
deleted file mode 100644
index 0c634f29b..000000000
Binary files a/docs/img/build_history.png and /dev/null differ
diff --git a/docs/img/caicloud.png b/docs/img/caicloud.png
deleted file mode 100644
index 37e26c0ec..000000000
Binary files a/docs/img/caicloud.png and /dev/null differ
diff --git a/docs/img/chartrepo/add_labesl_to_chart_versions.png b/docs/img/chartrepo/add_labesl_to_chart_versions.png
deleted file mode 100644
index 3a43127d7..000000000
Binary files a/docs/img/chartrepo/add_labesl_to_chart_versions.png and /dev/null differ
diff --git a/docs/img/chartrepo/chart_dependencies.png b/docs/img/chartrepo/chart_dependencies.png
deleted file mode 100644
index bc19cd0b8..000000000
Binary files a/docs/img/chartrepo/chart_dependencies.png and /dev/null differ
diff --git a/docs/img/chartrepo/chart_details.png b/docs/img/chartrepo/chart_details.png
deleted file mode 100644
index e642feb51..000000000
Binary files a/docs/img/chartrepo/chart_details.png and /dev/null differ
diff --git a/docs/img/chartrepo/chart_values.png b/docs/img/chartrepo/chart_values.png
deleted file mode 100644
index 26e7b379b..000000000
Binary files a/docs/img/chartrepo/chart_values.png and /dev/null differ
diff --git a/docs/img/chartrepo/filter_chart_versions_by_label.png b/docs/img/chartrepo/filter_chart_versions_by_label.png
deleted file mode 100644
index 1bfc46505..000000000
Binary files a/docs/img/chartrepo/filter_chart_versions_by_label.png and /dev/null differ
diff --git a/docs/img/chartrepo/list_chart_versions.png b/docs/img/chartrepo/list_chart_versions.png
deleted file mode 100644
index ed06fcf33..000000000
Binary files a/docs/img/chartrepo/list_chart_versions.png and /dev/null differ
diff --git a/docs/img/chartrepo/list_charts.png b/docs/img/chartrepo/list_charts.png
deleted file mode 100644
index 92bbdbc02..000000000
Binary files a/docs/img/chartrepo/list_charts.png and /dev/null differ
diff --git a/docs/img/chartrepo/upload_charts.png b/docs/img/chartrepo/upload_charts.png
deleted file mode 100644
index 9f040d87a..000000000
Binary files a/docs/img/chartrepo/upload_charts.png and /dev/null differ
diff --git a/docs/img/china-mobile.png b/docs/img/china-mobile.png
deleted file mode 100644
index 98e3589da..000000000
Binary files a/docs/img/china-mobile.png and /dev/null differ
diff --git a/docs/img/clair_not_ready.png b/docs/img/clair_not_ready.png
deleted file mode 100644
index c8a978856..000000000
Binary files a/docs/img/clair_not_ready.png and /dev/null differ
diff --git a/docs/img/clair_not_ready2.png b/docs/img/clair_not_ready2.png
deleted file mode 100644
index 0fa425941..000000000
Binary files a/docs/img/clair_not_ready2.png and /dev/null differ
diff --git a/docs/img/clair_ready.png b/docs/img/clair_ready.png
deleted file mode 100644
index e30256dc2..000000000
Binary files a/docs/img/clair_ready.png and /dev/null differ
diff --git a/docs/img/cloudchef.png b/docs/img/cloudchef.png
deleted file mode 100644
index 2a5cd00c4..000000000
Binary files a/docs/img/cloudchef.png and /dev/null differ
diff --git a/docs/img/cloudstar.png b/docs/img/cloudstar.png
deleted file mode 100644
index fe0a58904..000000000
Binary files a/docs/img/cloudstar.png and /dev/null differ
diff --git a/docs/img/content_trust.png b/docs/img/content_trust.png
deleted file mode 100644
index 55d716ad6..000000000
Binary files a/docs/img/content_trust.png and /dev/null differ
diff --git a/docs/img/create_project.png b/docs/img/create_project.png
deleted file mode 100755
index 827ba957b..000000000
Binary files a/docs/img/create_project.png and /dev/null differ
diff --git a/docs/img/create_rule.png b/docs/img/create_rule.png
deleted file mode 100644
index 26679ead2..000000000
Binary files a/docs/img/create_rule.png and /dev/null differ
diff --git a/docs/img/create_user.png b/docs/img/create_user.png
deleted file mode 100644
index 7c7903eff..000000000
Binary files a/docs/img/create_user.png and /dev/null differ
diff --git a/docs/img/cve-whitelist1.png b/docs/img/cve-whitelist1.png
deleted file mode 100644
index f345c4e88..000000000
Binary files a/docs/img/cve-whitelist1.png and /dev/null differ
diff --git a/docs/img/cve-whitelist2.png b/docs/img/cve-whitelist2.png
deleted file mode 100644
index 905768294..000000000
Binary files a/docs/img/cve-whitelist2.png and /dev/null differ
diff --git a/docs/img/cve-whitelist3.png b/docs/img/cve-whitelist3.png
deleted file mode 100644
index 524db9387..000000000
Binary files a/docs/img/cve-whitelist3.png and /dev/null differ
diff --git a/docs/img/cve-whitelist4.png b/docs/img/cve-whitelist4.png
deleted file mode 100644
index 972e84c98..000000000
Binary files a/docs/img/cve-whitelist4.png and /dev/null differ
diff --git a/docs/img/cve-whitelist5.png b/docs/img/cve-whitelist5.png
deleted file mode 100644
index d9bc6c929..000000000
Binary files a/docs/img/cve-whitelist5.png and /dev/null differ
diff --git a/docs/img/cve-whitelist6.png b/docs/img/cve-whitelist6.png
deleted file mode 100644
index 1bbc149a8..000000000
Binary files a/docs/img/cve-whitelist6.png and /dev/null differ
diff --git a/docs/img/dataman.png b/docs/img/dataman.png
deleted file mode 100644
index 914a3a549..000000000
Binary files a/docs/img/dataman.png and /dev/null differ
diff --git a/docs/img/datayes.png b/docs/img/datayes.png
deleted file mode 100644
index 707aacfe5..000000000
Binary files a/docs/img/datayes.png and /dev/null differ
diff --git a/docs/img/db_auth.png b/docs/img/db_auth.png
deleted file mode 100644
index ff1d828d3..000000000
Binary files a/docs/img/db_auth.png and /dev/null differ
diff --git a/docs/img/delete_rule.png b/docs/img/delete_rule.png
deleted file mode 100644
index f71e05ace..000000000
Binary files a/docs/img/delete_rule.png and /dev/null differ
diff --git a/docs/img/demos/content_trust.png b/docs/img/demos/content_trust.png
deleted file mode 100644
index 45da0e65f..000000000
Binary files a/docs/img/demos/content_trust.png and /dev/null differ
diff --git a/docs/img/demos/image_replication.png b/docs/img/demos/image_replication.png
deleted file mode 100644
index 35f5bfe13..000000000
Binary files a/docs/img/demos/image_replication.png and /dev/null differ
diff --git a/docs/img/demos/rbac.png b/docs/img/demos/rbac.png
deleted file mode 100644
index 48c1dff2e..000000000
Binary files a/docs/img/demos/rbac.png and /dev/null differ
diff --git a/docs/img/demos/vul_scan.png b/docs/img/demos/vul_scan.png
deleted file mode 100644
index 0e84b1c28..000000000
Binary files a/docs/img/demos/vul_scan.png and /dev/null differ
diff --git a/docs/img/dianrong.png b/docs/img/dianrong.png
deleted file mode 100644
index a7a8cd85c..000000000
Binary files a/docs/img/dianrong.png and /dev/null differ
diff --git a/docs/img/download_harbor_certs.png b/docs/img/download_harbor_certs.png
deleted file mode 100644
index 22d89b9c7..000000000
Binary files a/docs/img/download_harbor_certs.png and /dev/null differ
diff --git a/docs/img/edit-tag-immutability.png b/docs/img/edit-tag-immutability.png
deleted file mode 100644
index d1593ae2d..000000000
Binary files a/docs/img/edit-tag-immutability.png and /dev/null differ
diff --git a/docs/img/edit_description.png b/docs/img/edit_description.png
deleted file mode 100644
index bf27994a9..000000000
Binary files a/docs/img/edit_description.png and /dev/null differ
diff --git a/docs/img/filter_images_by_label.png b/docs/img/filter_images_by_label.png
deleted file mode 100644
index 556505ed5..000000000
Binary files a/docs/img/filter_images_by_label.png and /dev/null differ
diff --git a/docs/img/garbage-collection.png b/docs/img/garbage-collection.png
deleted file mode 100644
index a8aad2aa5..000000000
Binary files a/docs/img/garbage-collection.png and /dev/null differ
diff --git a/docs/img/gc_details.png b/docs/img/gc_details.png
deleted file mode 100644
index d1c31e007..000000000
Binary files a/docs/img/gc_details.png and /dev/null differ
diff --git a/docs/img/gc_history.png b/docs/img/gc_history.png
deleted file mode 100644
index bd5813bff..000000000
Binary files a/docs/img/gc_history.png and /dev/null differ
diff --git a/docs/img/gc_now.png b/docs/img/gc_now.png
deleted file mode 100644
index 4c046e23f..000000000
Binary files a/docs/img/gc_now.png and /dev/null differ
diff --git a/docs/img/gc_now2.png b/docs/img/gc_now2.png
deleted file mode 100644
index b507cb94e..000000000
Binary files a/docs/img/gc_now2.png and /dev/null differ
diff --git a/docs/img/gc_policy.png b/docs/img/gc_policy.png
deleted file mode 100644
index 15829a84d..000000000
Binary files a/docs/img/gc_policy.png and /dev/null differ
diff --git a/docs/img/generate_create_new_secret.png b/docs/img/generate_create_new_secret.png
deleted file mode 100644
index 36594f2ec..000000000
Binary files a/docs/img/generate_create_new_secret.png and /dev/null differ
diff --git a/docs/img/group/ldap_group_addgroup.png b/docs/img/group/ldap_group_addgroup.png
deleted file mode 100644
index 3c5f27487..000000000
Binary files a/docs/img/group/ldap_group_addgroup.png and /dev/null differ
diff --git a/docs/img/group/ldap_group_addgroup_dialog.png b/docs/img/group/ldap_group_addgroup_dialog.png
deleted file mode 100644
index fe552dad4..000000000
Binary files a/docs/img/group/ldap_group_addgroup_dialog.png and /dev/null differ
diff --git a/docs/img/group/ldap_group_config.png b/docs/img/group/ldap_group_config.png
deleted file mode 100644
index 89bdd6623..000000000
Binary files a/docs/img/group/ldap_group_config.png and /dev/null differ
diff --git a/docs/img/ha/Architecture.png b/docs/img/ha/Architecture.png
deleted file mode 100644
index 8e4e3f184..000000000
Binary files a/docs/img/ha/Architecture.png and /dev/null differ
diff --git a/docs/img/ha/LabInstallation.png b/docs/img/ha/LabInstallation.png
deleted file mode 100644
index 16c200849..000000000
Binary files a/docs/img/ha/LabInstallation.png and /dev/null differ
diff --git a/docs/img/harbor-arch.png b/docs/img/harbor-arch.png
deleted file mode 100644
index 4e19dd272..000000000
Binary files a/docs/img/harbor-arch.png and /dev/null differ
diff --git a/docs/img/harbor-architecture-1.10.png b/docs/img/harbor-architecture-1.10.png
deleted file mode 100644
index 4acbe548a..000000000
Binary files a/docs/img/harbor-architecture-1.10.png and /dev/null differ
diff --git a/docs/img/harbor_logo.png b/docs/img/harbor_logo.png
deleted file mode 100644
index 57408660e..000000000
Binary files a/docs/img/harbor_logo.png and /dev/null differ
diff --git a/docs/img/hydsoft.png b/docs/img/hydsoft.png
deleted file mode 100644
index 0a694fa67..000000000
Binary files a/docs/img/hydsoft.png and /dev/null differ
diff --git a/docs/img/ifre.png b/docs/img/ifre.png
deleted file mode 100644
index de0d4cbea..000000000
Binary files a/docs/img/ifre.png and /dev/null differ
diff --git a/docs/img/interrogation-services.png b/docs/img/interrogation-services.png
deleted file mode 100644
index b271e1a2f..000000000
Binary files a/docs/img/interrogation-services.png and /dev/null differ
diff --git a/docs/img/jd.png b/docs/img/jd.png
deleted file mode 100644
index d21d155e0..000000000
Binary files a/docs/img/jd.png and /dev/null differ
diff --git a/docs/img/jobservice/js-arch.png b/docs/img/jobservice/js-arch.png
deleted file mode 100644
index e56259118..000000000
Binary files a/docs/img/jobservice/js-arch.png and /dev/null differ
diff --git a/docs/img/jobservice/js-deploy.png b/docs/img/jobservice/js-deploy.png
deleted file mode 100644
index 9602a5473..000000000
Binary files a/docs/img/jobservice/js-deploy.png and /dev/null differ
diff --git a/docs/img/ldap_auth.png b/docs/img/ldap_auth.png
deleted file mode 100644
index a72a9f26d..000000000
Binary files a/docs/img/ldap_auth.png and /dev/null differ
diff --git a/docs/img/ldap_cert_test.png b/docs/img/ldap_cert_test.png
deleted file mode 100644
index eef322e3b..000000000
Binary files a/docs/img/ldap_cert_test.png and /dev/null differ
diff --git a/docs/img/ldap_groups.png b/docs/img/ldap_groups.png
deleted file mode 100644
index 9bda27d3f..000000000
Binary files a/docs/img/ldap_groups.png and /dev/null differ
diff --git a/docs/img/list_stop_executions.png b/docs/img/list_stop_executions.png
deleted file mode 100644
index 6ef1200e0..000000000
Binary files a/docs/img/list_stop_executions.png and /dev/null differ
diff --git a/docs/img/list_tasks.png b/docs/img/list_tasks.png
deleted file mode 100644
index 3efc09042..000000000
Binary files a/docs/img/list_tasks.png and /dev/null differ
diff --git a/docs/img/log_filter.png b/docs/img/log_filter.png
deleted file mode 100644
index 8da927398..000000000
Binary files a/docs/img/log_filter.png and /dev/null differ
diff --git a/docs/img/log_search_advanced.png b/docs/img/log_search_advanced.png
deleted file mode 100644
index 5ac7cb912..000000000
Binary files a/docs/img/log_search_advanced.png and /dev/null differ
diff --git a/docs/img/log_search_advanced_date.png b/docs/img/log_search_advanced_date.png
deleted file mode 100644
index 0c1cf6bfb..000000000
Binary files a/docs/img/log_search_advanced_date.png and /dev/null differ
diff --git a/docs/img/log_viewer.png b/docs/img/log_viewer.png
deleted file mode 100644
index 91ec502c3..000000000
Binary files a/docs/img/log_viewer.png and /dev/null differ
diff --git a/docs/img/manage_global_level_labels.png b/docs/img/manage_global_level_labels.png
deleted file mode 100644
index 4c8fa87ba..000000000
Binary files a/docs/img/manage_global_level_labels.png and /dev/null differ
diff --git a/docs/img/manage_project_level_labels.png b/docs/img/manage_project_level_labels.png
deleted file mode 100644
index 94b8ec63e..000000000
Binary files a/docs/img/manage_project_level_labels.png and /dev/null differ
diff --git a/docs/img/manage_registry.png b/docs/img/manage_registry.png
deleted file mode 100644
index cc369b003..000000000
Binary files a/docs/img/manage_registry.png and /dev/null differ
diff --git a/docs/img/manage_replication.png b/docs/img/manage_replication.png
deleted file mode 100644
index 918708941..000000000
Binary files a/docs/img/manage_replication.png and /dev/null differ
diff --git a/docs/img/new_add_member.png b/docs/img/new_add_member.png
deleted file mode 100644
index ae4b56a82..000000000
Binary files a/docs/img/new_add_member.png and /dev/null differ
diff --git a/docs/img/new_auth.png b/docs/img/new_auth.png
deleted file mode 100644
index 76bcf438e..000000000
Binary files a/docs/img/new_auth.png and /dev/null differ
diff --git a/docs/img/new_browse_project.png b/docs/img/new_browse_project.png
deleted file mode 100644
index 71d55866b..000000000
Binary files a/docs/img/new_browse_project.png and /dev/null differ
diff --git a/docs/img/new_config_email.png b/docs/img/new_config_email.png
deleted file mode 100644
index 35237912c..000000000
Binary files a/docs/img/new_config_email.png and /dev/null differ
diff --git a/docs/img/new_config_token.png b/docs/img/new_config_token.png
deleted file mode 100644
index f8e2343bc..000000000
Binary files a/docs/img/new_config_token.png and /dev/null differ
diff --git a/docs/img/new_create_policy.png b/docs/img/new_create_policy.png
deleted file mode 100644
index 28c0f5479..000000000
Binary files a/docs/img/new_create_policy.png and /dev/null differ
diff --git a/docs/img/new_create_project.png b/docs/img/new_create_project.png
deleted file mode 100644
index 352d5f556..000000000
Binary files a/docs/img/new_create_project.png and /dev/null differ
diff --git a/docs/img/new_create_rule.png b/docs/img/new_create_rule.png
deleted file mode 100644
index 125d26c5f..000000000
Binary files a/docs/img/new_create_rule.png and /dev/null differ
diff --git a/docs/img/new_delete_repo.png b/docs/img/new_delete_repo.png
deleted file mode 100644
index 05450b8e4..000000000
Binary files a/docs/img/new_delete_repo.png and /dev/null differ
diff --git a/docs/img/new_delete_repository.png b/docs/img/new_delete_repository.png
deleted file mode 100644
index a9d2a9228..000000000
Binary files a/docs/img/new_delete_repository.png and /dev/null differ
diff --git a/docs/img/new_delete_tag.png b/docs/img/new_delete_tag.png
deleted file mode 100644
index ac4d6dc60..000000000
Binary files a/docs/img/new_delete_tag.png and /dev/null differ
diff --git a/docs/img/new_manage_destination.png b/docs/img/new_manage_destination.png
deleted file mode 100644
index 4846dbf42..000000000
Binary files a/docs/img/new_manage_destination.png and /dev/null differ
diff --git a/docs/img/new_manage_endpoint.png b/docs/img/new_manage_endpoint.png
deleted file mode 100644
index d344e6d31..000000000
Binary files a/docs/img/new_manage_endpoint.png and /dev/null differ
diff --git a/docs/img/new_manage_replication.png b/docs/img/new_manage_replication.png
deleted file mode 100644
index fd782bb46..000000000
Binary files a/docs/img/new_manage_replication.png and /dev/null differ
diff --git a/docs/img/new_policy_list.png b/docs/img/new_policy_list.png
deleted file mode 100644
index c8979d938..000000000
Binary files a/docs/img/new_policy_list.png and /dev/null differ
diff --git a/docs/img/new_proj_create.png b/docs/img/new_proj_create.png
deleted file mode 100644
index fbe3f72ab..000000000
Binary files a/docs/img/new_proj_create.png and /dev/null differ
diff --git a/docs/img/new_project_log.png b/docs/img/new_project_log.png
deleted file mode 100644
index 54a96f6b9..000000000
Binary files a/docs/img/new_project_log.png and /dev/null differ
diff --git a/docs/img/new_remote_cert.png b/docs/img/new_remote_cert.png
deleted file mode 100644
index c475b6a80..000000000
Binary files a/docs/img/new_remote_cert.png and /dev/null differ
diff --git a/docs/img/new_remove_update_member.png b/docs/img/new_remove_update_member.png
deleted file mode 100644
index a0c760843..000000000
Binary files a/docs/img/new_remove_update_member.png and /dev/null differ
diff --git a/docs/img/new_rule_list.png b/docs/img/new_rule_list.png
deleted file mode 100644
index b734eec46..000000000
Binary files a/docs/img/new_rule_list.png and /dev/null differ
diff --git a/docs/img/new_search.png b/docs/img/new_search.png
deleted file mode 100644
index b5d362fa4..000000000
Binary files a/docs/img/new_search.png and /dev/null differ
diff --git a/docs/img/new_self_reg.png b/docs/img/new_self_reg.png
deleted file mode 100644
index 93986ea3b..000000000
Binary files a/docs/img/new_self_reg.png and /dev/null differ
diff --git a/docs/img/new_set_admin_remove_user.png b/docs/img/new_set_admin_remove_user.png
deleted file mode 100644
index 8b5c2c35c..000000000
Binary files a/docs/img/new_set_admin_remove_user.png and /dev/null differ
diff --git a/docs/img/new_user.png b/docs/img/new_user.png
deleted file mode 100644
index 0b8c42f17..000000000
Binary files a/docs/img/new_user.png and /dev/null differ
diff --git a/docs/img/oidc_auth_setting.png b/docs/img/oidc_auth_setting.png
deleted file mode 100644
index 211935dcd..000000000
Binary files a/docs/img/oidc_auth_setting.png and /dev/null differ
diff --git a/docs/img/oidc_cert_verification.png b/docs/img/oidc_cert_verification.png
deleted file mode 100644
index f13e6450f..000000000
Binary files a/docs/img/oidc_cert_verification.png and /dev/null differ
diff --git a/docs/img/oidc_login.png b/docs/img/oidc_login.png
deleted file mode 100644
index 1bf77656a..000000000
Binary files a/docs/img/oidc_login.png and /dev/null differ
diff --git a/docs/img/oidc_onboard_dlg.png b/docs/img/oidc_onboard_dlg.png
deleted file mode 100644
index 6537ec0ae..000000000
Binary files a/docs/img/oidc_onboard_dlg.png and /dev/null differ
diff --git a/docs/img/openedutainment.png b/docs/img/openedutainment.png
deleted file mode 100644
index 45def4daa..000000000
Binary files a/docs/img/openedutainment.png and /dev/null differ
diff --git a/docs/img/pivotal.png b/docs/img/pivotal.png
deleted file mode 100644
index 7b5a47ec0..000000000
Binary files a/docs/img/pivotal.png and /dev/null differ
diff --git a/docs/img/prevent_vulnerable_images.png b/docs/img/prevent_vulnerable_images.png
deleted file mode 100644
index 55c9dbb93..000000000
Binary files a/docs/img/prevent_vulnerable_images.png and /dev/null differ
diff --git a/docs/img/profile_dlg.png b/docs/img/profile_dlg.png
deleted file mode 100644
index ffaa6330e..000000000
Binary files a/docs/img/profile_dlg.png and /dev/null differ
diff --git a/docs/img/project-quota1.png b/docs/img/project-quota1.png
deleted file mode 100644
index dfe7e453e..000000000
Binary files a/docs/img/project-quota1.png and /dev/null differ
diff --git a/docs/img/project-quota2.png b/docs/img/project-quota2.png
deleted file mode 100644
index 2d2c5b7fb..000000000
Binary files a/docs/img/project-quota2.png and /dev/null differ
diff --git a/docs/img/project-quota3.png b/docs/img/project-quota3.png
deleted file mode 100644
index d9a6cafd3..000000000
Binary files a/docs/img/project-quota3.png and /dev/null differ
diff --git a/docs/img/project-quota4.png b/docs/img/project-quota4.png
deleted file mode 100644
index 44abc5c7d..000000000
Binary files a/docs/img/project-quota4.png and /dev/null differ
diff --git a/docs/img/project-quota5.png b/docs/img/project-quota5.png
deleted file mode 100644
index 598cc42c2..000000000
Binary files a/docs/img/project-quota5.png and /dev/null differ
diff --git a/docs/img/project-scanners.png b/docs/img/project-scanners.png
deleted file mode 100644
index 14904c601..000000000
Binary files a/docs/img/project-scanners.png and /dev/null differ
diff --git a/docs/img/project_configuration.png b/docs/img/project_configuration.png
deleted file mode 100644
index c4e5d572e..000000000
Binary files a/docs/img/project_configuration.png and /dev/null differ
diff --git a/docs/img/project_log.png b/docs/img/project_log.png
deleted file mode 100755
index 8e559fd83..000000000
Binary files a/docs/img/project_log.png and /dev/null differ
diff --git a/docs/img/project_logs.png b/docs/img/project_logs.png
deleted file mode 100644
index ff711d919..000000000
Binary files a/docs/img/project_logs.png and /dev/null differ
diff --git a/docs/img/project_members.png b/docs/img/project_members.png
deleted file mode 100644
index 740a955d3..000000000
Binary files a/docs/img/project_members.png and /dev/null differ
diff --git a/docs/img/rancher.png b/docs/img/rancher.png
deleted file mode 100644
index 99d095776..000000000
Binary files a/docs/img/rancher.png and /dev/null differ
diff --git a/docs/img/rbac.png b/docs/img/rbac.png
deleted file mode 100644
index 17b1c080c..000000000
Binary files a/docs/img/rbac.png and /dev/null differ
diff --git a/docs/img/read_only.png b/docs/img/read_only.png
deleted file mode 100644
index ce48fec29..000000000
Binary files a/docs/img/read_only.png and /dev/null differ
diff --git a/docs/img/read_only_enable.png b/docs/img/read_only_enable.png
deleted file mode 100644
index 29ad806d1..000000000
Binary files a/docs/img/read_only_enable.png and /dev/null differ
diff --git a/docs/img/read_ony_enable.png b/docs/img/read_ony_enable.png
deleted file mode 100644
index 9e7c88a40..000000000
Binary files a/docs/img/read_ony_enable.png and /dev/null differ
diff --git a/docs/img/remove_update_member.png b/docs/img/remove_update_member.png
deleted file mode 100755
index a3375a6e4..000000000
Binary files a/docs/img/remove_update_member.png and /dev/null differ
diff --git a/docs/img/replication-endpoint1.png b/docs/img/replication-endpoint1.png
deleted file mode 100644
index b5077dcdf..000000000
Binary files a/docs/img/replication-endpoint1.png and /dev/null differ
diff --git a/docs/img/replication-endpoint2.png b/docs/img/replication-endpoint2.png
deleted file mode 100644
index 53020d763..000000000
Binary files a/docs/img/replication-endpoint2.png and /dev/null differ
diff --git a/docs/img/replication-rule1.png b/docs/img/replication-rule1.png
deleted file mode 100644
index 43441f7d5..000000000
Binary files a/docs/img/replication-rule1.png and /dev/null differ
diff --git a/docs/img/replication-rule2.png b/docs/img/replication-rule2.png
deleted file mode 100644
index f0e0244c6..000000000
Binary files a/docs/img/replication-rule2.png and /dev/null differ
diff --git a/docs/img/replication-rule3.png b/docs/img/replication-rule3.png
deleted file mode 100644
index c50dd0c18..000000000
Binary files a/docs/img/replication-rule3.png and /dev/null differ
diff --git a/docs/img/replication-rule4.png b/docs/img/replication-rule4.png
deleted file mode 100644
index 892855b56..000000000
Binary files a/docs/img/replication-rule4.png and /dev/null differ
diff --git a/docs/img/replication-rule5.png b/docs/img/replication-rule5.png
deleted file mode 100644
index 7d148a6cf..000000000
Binary files a/docs/img/replication-rule5.png and /dev/null differ
diff --git a/docs/img/replication-rule6.png b/docs/img/replication-rule6.png
deleted file mode 100644
index 1f615b2e5..000000000
Binary files a/docs/img/replication-rule6.png and /dev/null differ
diff --git a/docs/img/replication_adapters/acr.png b/docs/img/replication_adapters/acr.png
deleted file mode 100644
index ff15570cb..000000000
Binary files a/docs/img/replication_adapters/acr.png and /dev/null differ
diff --git a/docs/img/replication_adapters/ali-cr.png b/docs/img/replication_adapters/ali-cr.png
deleted file mode 100644
index 35f4bcae7..000000000
Binary files a/docs/img/replication_adapters/ali-cr.png and /dev/null differ
diff --git a/docs/img/replication_adapters/artifactory.png b/docs/img/replication_adapters/artifactory.png
deleted file mode 100644
index 326fe344c..000000000
Binary files a/docs/img/replication_adapters/artifactory.png and /dev/null differ
diff --git a/docs/img/replication_adapters/distribution.png b/docs/img/replication_adapters/distribution.png
deleted file mode 100644
index d52a76d2b..000000000
Binary files a/docs/img/replication_adapters/distribution.png and /dev/null differ
diff --git a/docs/img/replication_adapters/docker_hub.png b/docs/img/replication_adapters/docker_hub.png
deleted file mode 100644
index f9dd0ea67..000000000
Binary files a/docs/img/replication_adapters/docker_hub.png and /dev/null differ
diff --git a/docs/img/replication_adapters/ecr-aws.png b/docs/img/replication_adapters/ecr-aws.png
deleted file mode 100644
index 4410013de..000000000
Binary files a/docs/img/replication_adapters/ecr-aws.png and /dev/null differ
diff --git a/docs/img/replication_adapters/ecr.png b/docs/img/replication_adapters/ecr.png
deleted file mode 100644
index cd5cc8194..000000000
Binary files a/docs/img/replication_adapters/ecr.png and /dev/null differ
diff --git a/docs/img/replication_adapters/gcr.png b/docs/img/replication_adapters/gcr.png
deleted file mode 100644
index bc4e6deca..000000000
Binary files a/docs/img/replication_adapters/gcr.png and /dev/null differ
diff --git a/docs/img/replication_adapters/gitlab.png b/docs/img/replication_adapters/gitlab.png
deleted file mode 100644
index f2442ccb6..000000000
Binary files a/docs/img/replication_adapters/gitlab.png and /dev/null differ
diff --git a/docs/img/replication_adapters/harbor_logo.png b/docs/img/replication_adapters/harbor_logo.png
deleted file mode 100644
index dc395201a..000000000
Binary files a/docs/img/replication_adapters/harbor_logo.png and /dev/null differ
diff --git a/docs/img/replication_adapters/helm-hub.png b/docs/img/replication_adapters/helm-hub.png
deleted file mode 100644
index 834b1d4db..000000000
Binary files a/docs/img/replication_adapters/helm-hub.png and /dev/null differ
diff --git a/docs/img/replication_adapters/hw.png b/docs/img/replication_adapters/hw.png
deleted file mode 100644
index 14cdd5397..000000000
Binary files a/docs/img/replication_adapters/hw.png and /dev/null differ
diff --git a/docs/img/replication_adapters/quay.png b/docs/img/replication_adapters/quay.png
deleted file mode 100644
index 17ff9cbdc..000000000
Binary files a/docs/img/replication_adapters/quay.png and /dev/null differ
diff --git a/docs/img/replication_adapters/right.png b/docs/img/replication_adapters/right.png
deleted file mode 100644
index 4961f2c79..000000000
Binary files a/docs/img/replication_adapters/right.png and /dev/null differ
diff --git a/docs/img/retag_image.png b/docs/img/retag_image.png
deleted file mode 100644
index 08c705f46..000000000
Binary files a/docs/img/retag_image.png and /dev/null differ
diff --git a/docs/img/robotaccount/add_robot_account.png b/docs/img/robotaccount/add_robot_account.png
deleted file mode 100644
index 316f94bc6..000000000
Binary files a/docs/img/robotaccount/add_robot_account.png and /dev/null differ
diff --git a/docs/img/robotaccount/add_robot_account_2.png b/docs/img/robotaccount/add_robot_account_2.png
deleted file mode 100644
index 645d7970c..000000000
Binary files a/docs/img/robotaccount/add_robot_account_2.png and /dev/null differ
diff --git a/docs/img/robotaccount/copy_robot_account_token.png b/docs/img/robotaccount/copy_robot_account_token.png
deleted file mode 100644
index 33fa2a234..000000000
Binary files a/docs/img/robotaccount/copy_robot_account_token.png and /dev/null differ
diff --git a/docs/img/robotaccount/disable_delete_robot_account.png b/docs/img/robotaccount/disable_delete_robot_account.png
deleted file mode 100644
index d387a6559..000000000
Binary files a/docs/img/robotaccount/disable_delete_robot_account.png and /dev/null differ
diff --git a/docs/img/robotaccount/new_robot_account.png b/docs/img/robotaccount/new_robot_account.png
deleted file mode 100644
index b81a85996..000000000
Binary files a/docs/img/robotaccount/new_robot_account.png and /dev/null differ
diff --git a/docs/img/robotaccount/set_robot_account_token_duration.png b/docs/img/robotaccount/set_robot_account_token_duration.png
deleted file mode 100644
index 37c62343e..000000000
Binary files a/docs/img/robotaccount/set_robot_account_token_duration.png and /dev/null differ
diff --git a/docs/img/rule_under_project_view.png b/docs/img/rule_under_project_view.png
deleted file mode 100644
index e626ced07..000000000
Binary files a/docs/img/rule_under_project_view.png and /dev/null differ
diff --git a/docs/img/scan-result.png b/docs/img/scan-result.png
deleted file mode 100644
index a0915b7f4..000000000
Binary files a/docs/img/scan-result.png and /dev/null differ
diff --git a/docs/img/scan-view-log.png b/docs/img/scan-view-log.png
deleted file mode 100644
index 3a4922760..000000000
Binary files a/docs/img/scan-view-log.png and /dev/null differ
diff --git a/docs/img/scan_all.png b/docs/img/scan_all.png
deleted file mode 100644
index e763ba1f0..000000000
Binary files a/docs/img/scan_all.png and /dev/null differ
diff --git a/docs/img/scan_all2.png b/docs/img/scan_all2.png
deleted file mode 100644
index 2dd35912d..000000000
Binary files a/docs/img/scan_all2.png and /dev/null differ
diff --git a/docs/img/scan_image.png b/docs/img/scan_image.png
deleted file mode 100644
index fd6d3dbb9..000000000
Binary files a/docs/img/scan_image.png and /dev/null differ
diff --git a/docs/img/scan_on_push.png b/docs/img/scan_on_push.png
deleted file mode 100644
index 63a26dfc4..000000000
Binary files a/docs/img/scan_on_push.png and /dev/null differ
diff --git a/docs/img/scan_policy.png b/docs/img/scan_policy.png
deleted file mode 100644
index eab9d3675..000000000
Binary files a/docs/img/scan_policy.png and /dev/null differ
diff --git a/docs/img/scanner-auth.png b/docs/img/scanner-auth.png
deleted file mode 100644
index b470868cf..000000000
Binary files a/docs/img/scanner-auth.png and /dev/null differ
diff --git a/docs/img/scanners/anchore.png b/docs/img/scanners/anchore.png
deleted file mode 100644
index c9cea2a3d..000000000
Binary files a/docs/img/scanners/anchore.png and /dev/null differ
diff --git a/docs/img/scanners/aqua.png b/docs/img/scanners/aqua.png
deleted file mode 100644
index db68fdd75..000000000
Binary files a/docs/img/scanners/aqua.png and /dev/null differ
diff --git a/docs/img/scanners/clair.png b/docs/img/scanners/clair.png
deleted file mode 100644
index f11d0d0cd..000000000
Binary files a/docs/img/scanners/clair.png and /dev/null differ
diff --git a/docs/img/scanners/dosec.png b/docs/img/scanners/dosec.png
deleted file mode 100644
index b27c9ffd2..000000000
Binary files a/docs/img/scanners/dosec.png and /dev/null differ
diff --git a/docs/img/scanners/trivy.png b/docs/img/scanners/trivy.png
deleted file mode 100644
index 3cc551f9d..000000000
Binary files a/docs/img/scanners/trivy.png and /dev/null differ
diff --git a/docs/img/search.png b/docs/img/search.png
deleted file mode 100755
index 98ac16991..000000000
Binary files a/docs/img/search.png and /dev/null differ
diff --git a/docs/img/select-scanner.png b/docs/img/select-scanner.png
deleted file mode 100644
index c21a4d51b..000000000
Binary files a/docs/img/select-scanner.png and /dev/null differ
diff --git a/docs/img/select_ldap_auth.png b/docs/img/select_ldap_auth.png
deleted file mode 100644
index 151a3256d..000000000
Binary files a/docs/img/select_ldap_auth.png and /dev/null differ
diff --git a/docs/img/select_oidc_auth.png b/docs/img/select_oidc_auth.png
deleted file mode 100644
index 6260398fb..000000000
Binary files a/docs/img/select_oidc_auth.png and /dev/null differ
diff --git a/docs/img/self-registration-login.png b/docs/img/self-registration-login.png
deleted file mode 100644
index c2332ae60..000000000
Binary files a/docs/img/self-registration-login.png and /dev/null differ
diff --git a/docs/img/set_admin_remove_user.png b/docs/img/set_admin_remove_user.png
deleted file mode 100755
index c8f752d15..000000000
Binary files a/docs/img/set_admin_remove_user.png and /dev/null differ
diff --git a/docs/img/set_vulnerability_threshold.png b/docs/img/set_vulnerability_threshold.png
deleted file mode 100644
index c6d8f9f9c..000000000
Binary files a/docs/img/set_vulnerability_threshold.png and /dev/null differ
diff --git a/docs/img/slamtec.png b/docs/img/slamtec.png
deleted file mode 100644
index df3a46427..000000000
Binary files a/docs/img/slamtec.png and /dev/null differ
diff --git a/docs/img/slamteclogo.png b/docs/img/slamteclogo.png
deleted file mode 100644
index 4ed39f5cf..000000000
Binary files a/docs/img/slamteclogo.png and /dev/null differ
diff --git a/docs/img/start_replicate.png b/docs/img/start_replicate.png
deleted file mode 100644
index bc0ec3e4a..000000000
Binary files a/docs/img/start_replicate.png and /dev/null differ
diff --git a/docs/img/summary_tooltip.png b/docs/img/summary_tooltip.png
deleted file mode 100644
index 7601efb80..000000000
Binary files a/docs/img/summary_tooltip.png and /dev/null differ
diff --git a/docs/img/tag-immutability.png b/docs/img/tag-immutability.png
deleted file mode 100644
index 1c58ef1ef..000000000
Binary files a/docs/img/tag-immutability.png and /dev/null differ
diff --git a/docs/img/tag-retention1.png b/docs/img/tag-retention1.png
deleted file mode 100644
index 6a2901545..000000000
Binary files a/docs/img/tag-retention1.png and /dev/null differ
diff --git a/docs/img/tag-retention2.png b/docs/img/tag-retention2.png
deleted file mode 100644
index 99368b576..000000000
Binary files a/docs/img/tag-retention2.png and /dev/null differ
diff --git a/docs/img/tag-retention3.png b/docs/img/tag-retention3.png
deleted file mode 100644
index dd8208d4f..000000000
Binary files a/docs/img/tag-retention3.png and /dev/null differ
diff --git a/docs/img/tag-retention4.png b/docs/img/tag-retention4.png
deleted file mode 100644
index 6f02f89ba..000000000
Binary files a/docs/img/tag-retention4.png and /dev/null differ
diff --git a/docs/img/tag-retention5.png b/docs/img/tag-retention5.png
deleted file mode 100644
index 3525a18db..000000000
Binary files a/docs/img/tag-retention5.png and /dev/null differ
diff --git a/docs/img/tag-vulnerability-status.png b/docs/img/tag-vulnerability-status.png
deleted file mode 100644
index a56d42cfa..000000000
Binary files a/docs/img/tag-vulnerability-status.png and /dev/null differ
diff --git a/docs/img/tag_detail.png b/docs/img/tag_detail.png
deleted file mode 100644
index 8dc1c2058..000000000
Binary files a/docs/img/tag_detail.png and /dev/null differ
diff --git a/docs/img/talkingdata.png b/docs/img/talkingdata.png
deleted file mode 100644
index c0b69622b..000000000
Binary files a/docs/img/talkingdata.png and /dev/null differ
diff --git a/docs/img/tenxcloud.png b/docs/img/tenxcloud.png
deleted file mode 100644
index 8db40928b..000000000
Binary files a/docs/img/tenxcloud.png and /dev/null differ
diff --git a/docs/img/test-scanner-connection.png b/docs/img/test-scanner-connection.png
deleted file mode 100644
index a9b6306dc..000000000
Binary files a/docs/img/test-scanner-connection.png and /dev/null differ
diff --git a/docs/img/trendmicro.png b/docs/img/trendmicro.png
deleted file mode 100644
index 589254d29..000000000
Binary files a/docs/img/trendmicro.png and /dev/null differ
diff --git a/docs/img/user_profile.png b/docs/img/user_profile.png
deleted file mode 100644
index ae9f154d1..000000000
Binary files a/docs/img/user_profile.png and /dev/null differ
diff --git a/docs/img/video.png b/docs/img/video.png
deleted file mode 100644
index d766cdb34..000000000
Binary files a/docs/img/video.png and /dev/null differ
diff --git a/docs/img/vulnerability-summary.png b/docs/img/vulnerability-summary.png
deleted file mode 100644
index 860afc36c..000000000
Binary files a/docs/img/vulnerability-summary.png and /dev/null differ
diff --git a/docs/img/wangyi.png b/docs/img/wangyi.png
deleted file mode 100644
index 13aad21b2..000000000
Binary files a/docs/img/wangyi.png and /dev/null differ
diff --git a/docs/img/webhooks1.png b/docs/img/webhooks1.png
deleted file mode 100644
index 28bd516f7..000000000
Binary files a/docs/img/webhooks1.png and /dev/null differ
diff --git a/docs/img/webhooks2.png b/docs/img/webhooks2.png
deleted file mode 100644
index 7c2498995..000000000
Binary files a/docs/img/webhooks2.png and /dev/null differ
diff --git a/docs/img/webhooks3.png b/docs/img/webhooks3.png
deleted file mode 100644
index 76d0472cb..000000000
Binary files a/docs/img/webhooks3.png and /dev/null differ
diff --git a/docs/img/webhooks4.png b/docs/img/webhooks4.png
deleted file mode 100644
index 790dab3ec..000000000
Binary files a/docs/img/webhooks4.png and /dev/null differ
diff --git a/docs/img/wise2c.png b/docs/img/wise2c.png
deleted file mode 100644
index eca8db2cb..000000000
Binary files a/docs/img/wise2c.png and /dev/null differ
diff --git a/docs/img/workflow.png b/docs/img/workflow.png
deleted file mode 100644
index 851332536..000000000
Binary files a/docs/img/workflow.png and /dev/null differ