Upstream
/
harbor
mirror of https://github.com/goharbor/harbor.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
12,139 Commits 46 Branches 302 Tags 356 MiB
Commit Graph

639 Commits

Author SHA1 Message Date
Daniel Jiang fb687aeef8 Use pkg/token to generate JWT token 
This commit refactors the approach to encode a token in handler of /service/token,
by reusing pkg/token to avoid inconsistency.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2020-10-15 16:16:44 +08:00
DQ 184e89365b Fix internal tls config upgrade issue 
internal tls config upgrade is not included in template, this pr is to add it.

Signed-off-by: DQ <dengq@vmware.com>
 2020-09-25 09:54:31 +08:00
DQ 17f3bfccb4 Fix trivy setting in upgrading script 
Signed-off-by: DQ <dengq@vmware.com>
 2020-09-08 18:15:57 +08:00
He Weiwei 687043c298
Merge pull request #12880 from stefannica/use-exit-in-db-entrypoint 
Use exec in harbor database entrypoint
 2020-08-28 10:09:58 +08:00
Ziming Zhang ff19dd499c fix(jobservice) redis sentinel failover hang 
Signed-off-by: Ziming Zhang <zziming@vmware.com>
 2020-08-26 10:42:44 +08:00
Stefan Nica 1c768d0bf1 Use exec in harbor database entrypoint 
The harbor-db pod takes a long time to terminate. Using an `exec`
command in the entrypoint ensures that Unix signals reach the
postgres process [1].

[1] https://docs.docker.com/engine/reference/builder/#exec-form-entrypoint-example

Signed-off-by: Stefan Nica <snica@suse.com>
 2020-08-25 20:24:52 +02:00
Daniel Jiang 4f812f7926
Merge pull request #12811 from ninjadq/fix_portal_health_check 
Fix schema of the portal health check
 2020-08-21 13:44:47 +08:00
Dirk Mueller 08a4d8efd2
Update to golang 1.14.7 (#12809) 
We should use a golang that isn't having security issues.

This includes:
* go1.14.6 (released 2020/07/16) includes fixes to the go command, the
compiler, the linker, vet, and the database/sql, encoding/json,
net/http, reflect, and testing packages. See the Go 1.14.6 milestone on
our issue tracker for details.

* go1.14.7 (released 2020/08/06) includes security fixes to the
encoding/binary package. See the Go 1.14.7 milestone on our issue
tracker for details (CVE-2020-16845)

Signed-off-by: Dirk Mueller <dirk@dmllr.de>
Signed-off-by: Dirk Mueller <dmueller@suse.com>
 2020-08-20 15:38:35 +08:00
DQ e9323ca268 Fix schema of the portal health check 
it should be https

Signed-off-by: DQ <dengq@vmware.com>
 2020-08-19 15:58:51 +08:00
Wenkai Yin b1ddb5e2cc Implement the icon API to get the icon of artifact 
Implement the icon API to get the icon of artifact

Signed-off-by: Wenkai Yin <yinw@vmware.com>
 2020-08-15 08:40:38 +08:00
Qian Deng 5dbbfa76d3
Merge pull request #12766 from ninjadq/add_log_dependency_to_trivy 
Add log denpendency ti trivy
 2020-08-13 18:23:09 +08:00
Qian Deng 78d4b54ddc
Merge pull request #12765 from ninjadq/fix_trivy_append_in_2_1_0_config 
Fix: append trivy every time when run migrate
 2020-08-13 14:47:54 +08:00
DQ a251e90507 Add log denpendency ti trivy 
To void trivy can not start issue

Signed-off-by: DQ <dengq@vmware.com>
 2020-08-13 11:35:21 +08:00
DQ 7ba498be5b Fix: append trivy every time run migrate 
Signed-off-by: DQ <dengq@vmware.com>
 2020-08-11 17:43:25 +08:00
He Weiwei 8f036c765a chore(images): install shadow package in base images 
The latest `photon:2.0` does not include `groupadd` and `useradd`
we need to install `shadow` package which includes these commands.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2020-08-10 10:23:48 +00:00
Wenkai Yin(尹文开) e8f9fb63c0
Merge pull request #12674 from reasonerjt/standalone-db-migrator 
Provide a standalone migrator to migrate DB schema.
 2020-08-10 15:11:52 +08:00
Tianon Gravi 4752cac051 Remove unused "sudo" package from most images 
Notably missing is the "log" image, which still uses sudo.

Signed-off-by: Tianon Gravi <tianon@infosiftr.com>
 2020-08-06 12:44:06 -07:00
Daniel Jiang 4f94f59d2a Provide a standalone migrator to migrate DB schema. 
Fixes #11885
This part will not by default be packaged into release.
A README.md will be added in another commit.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2020-08-06 18:57:55 +08:00
DQ b015440074 Remove expose port in dockerfiles 
The export is dynamical now because of introduce of internal TLS

Signed-off-by: DQ <dengq@vmware.com>
 2020-08-05 10:42:46 +08:00
Qian Deng fbef7fd088
Merge pull request #12651 from ninjadq/add_migration_2_1_0 
Add migration 2.1.0
 2020-08-03 15:59:28 +08:00
DQ 1e32792dc5 Add migration 2.1.0 
db_max_open_comms should be 1000 if its value between 100 and 1000

Signed-off-by: DQ <dengq@vmware.com>
 2020-08-03 15:17:41 +08:00
DQ d3ab9d7c6b Add internal tls configs for portal 
add related file, config, command to enabled https for portal

Signed-off-by: DQ <dengq@vmware.com>
 2020-07-31 12:10:47 +08:00
DQ d7618a6274 Fix: beego app config port hardcode 
the port should be flexible depend on the internal tls

Signed-off-by: DQ <dengq@vmware.com>
 2020-07-27 15:35:43 +08:00
Ziming Zhang 8857e89e40 feature(redis) support redis sentinel 
Signed-off-by: Ziming Zhang <zziming@vmware.com>
 2020-07-19 21:19:03 +08:00
Wang Yan bad8f026fc
upgrade golang to v1.14.5 (#12489) 
Signed-off-by: wang yan <wangyan@vmware.com>
 2020-07-16 16:20:54 +08:00
Qian Deng bd26c294e8
Merge pull request #12341 from ninjadq/support_multi_down_version 
Enhance: Support multi downversion in migration
 2020-07-15 23:39:11 +08:00
Daniel Jiang 947eadaa72
Merge pull request #12440 from heww/remove-init-clair-db 
refactor: remove initialization of clair db
 2020-07-15 00:38:12 +08:00
He Weiwei 2a6fe801bc chore(db): change max_connections of postgres to 1024 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2020-07-14 07:34:37 +00:00
He Weiwei 039aef5356 refactor: remove initialization of clair db 
To fetch vulnerability database updated time of the Clair had moved to
the Clair adapter so removes the initialization of clair db in the core.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2020-07-09 15:26:14 +00:00
DQ 4617e0ff38 Enhance: Support multi downversion in migration 
1. Change down version to list to accept multi verstion value
2. Update search function use BFS to find migration path
2. Add test case

Signed-off-by: DQ <dengq@vmware.com>
 2020-07-07 21:36:58 +08:00
Wenkai Yin 02690d1d04 Suport filtering registries by type in listing registry API 
Suport filtering registries by type in listing registry API

Signed-off-by: Wenkai Yin <yinw@vmware.com>
 2020-07-07 10:30:46 +08:00
DQ d0ddd61ad9 Fix Amazon S3 storage not work 
The Chartmuseum S3 client need set an Env variable
Ref: https://github.com/helm/chartmuseum/issues/280

Signed-off-by: DQ <dengq@vmware.com>
 2020-06-30 15:16:18 +08:00
He Weiwei 0474a2a040
Merge pull request #12322 from heww/install-tls-ca 
feat(certs): install internal tls ca from /etc/harbor/ssl dir
 2020-06-25 21:03:35 +08:00
He Weiwei 13436b75a6 feat(certs): install internal tls ca from /etc/harbor/ssl dir 
Closes #10222

Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2020-06-24 08:58:08 +00:00
Max Rosin 34d5591b1b Fix DOCKERIMASES and SWAAGER_IMAGE_BUILD_CMD typos in Makefiles 
Fix #12259

Signed-off-by: Max Rosin <git@hackrid.de>
 2020-06-16 12:18:55 +02:00
Wang Yan dec8397c21
Add api to delete blob and manifest (#12006) 
* Add api to delete blob and manifest

Enable the capability of registry controller to delete blob and manifest

Signed-off-by: wang yan <wangyan@vmware.com>
 2020-06-06 01:34:23 +08:00
Qian Deng 9e1302211b
Merge pull request #12072 from ninjadq/add_timeout_in_nginx_config 
Add timeout in nginx config
 2020-06-02 15:14:42 +08:00
Steven Zou c7c1742b88
Merge pull request #12106 from heww/clean-clair-url 
refactor(configuration): cleanup unneeded CLAIR_URL configuration in core
 2020-06-01 19:24:19 +08:00
Daniel Jiang 58894e9d9c
Merge pull request #12071 from ninjadq/upgrade_chartversion 
Enhance: Upgrade chartmuseum version
 2020-06-01 13:36:54 +08:00
Daniel Jiang 6271da471b
Update health check script for harbor-db (#12103) 
This patch remove the trailing space of the hostname introduced by
`hostname -i`.

The trailing space will cause resolution error after this patch is
applied to glibc in photon:
https://github.com/vmware/photon/blob/2.0/SPECS/glibc/glibc-fix-CVE-2019-10739.patch

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2020-05-30 14:05:39 +08:00
He Weiwei d97be71234 refactor(configuration): cleanup unneeded CLAIR_URL configuration in core 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2020-05-29 07:27:50 +00:00
DQ 278338e401 Add timount on nginx configs 
set timeout to 900

Signed-off-by: DQ <dengq@vmware.com>
 2020-05-26 16:18:35 +08:00
DQ 715685ae51 Remove tls1.1 in notary 
Signed-off-by: DQ <dengq@vmware.com>
 2020-05-26 16:11:57 +08:00
DQ f7ffd991cc Enhance: Upgrade chartmuseum version 
Upgrade chartmuseum version 0.12.0

Signed-off-by: DQ <dengq@vmware.com>
 2020-05-26 15:59:58 +08:00
AllForNothing 90e34e0104 Improve i18n service 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2020-05-06 14:45:56 +08:00
DQ b06e19a637 Fix: GCS storage gc issue 
Mount gcs key to registryctl

Signed-off-by: DQ <dengq@vmware.com>
 2020-04-29 15:04:16 +08:00
Qian Deng 9469252e85
Merge pull request #11745 from ninjadq/mount_ca_bundle 
Enhance: Create shared to store shared ca
 2020-04-28 10:19:26 +08:00
DQ f70339870a Enhance: Create shared to store shared ca 
this shared ca will mount to all harbor components

Signed-off-by: DQ <dengq@vmware.com>
 2020-04-28 02:58:11 +08:00
DQ 90faf700f8 Enhance: output the stdout of gen cert script 
use popen replace check_all

Signed-off-by: DQ <dengq@vmware.com>
 2020-04-27 10:43:22 +08:00
DQ 026e37e777 Fix chart museum absolute url issue 
if absolute url is enabled return true else set it to false

Signed-off-by: DQ <dengq@vmware.com>
 2020-04-26 13:04:29 +08:00
DQ 599ca98c09 Hidden veriify client cert verfiy option 
Remove to avoid replication access core from external_url issue

Signed-off-by: DQ <dengq@vmware.com>
 2020-04-23 10:14:36 +08:00
Daniel Jiang 2ecf0425a4 Remove the certs of notary signer 
Since `prepare` generates the certs as needed during installation, these
certs should not exist in the repo.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2020-04-21 13:20:19 +08:00
DQ b728f04d0a Fix tls min version for registry 
cert,key,mintls should in the same context

Signed-off-by: DQ <dengq@vmware.com>
 2020-04-20 19:19:15 +08:00
Qian Deng 9c7caddeae
Merge pull request #11635 from hyy0322/set-root-password-never-expire 
fix: set root password never expire
 2020-04-16 22:05:10 +08:00
Daniel Pacak 5c3abee135 chore(trivy): Bump up trivy adapter to 0.9.0 
- Vendor the latest Trivy release 0.6.0
- Configure TLS 1.2 as min version when TLS is enabled
- Add more tracing to adapter config to facilitate troubleshooting

Resolves: #11544

Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
 2020-04-16 08:40:27 +02:00
DQ 42c1095216 Fix cert issue of trivy 
Trivy can't access harbor from external if https enabled so inject cert to trivy container trust

Signed-off-by: DQ <dengq@vmware.com>
 2020-04-16 10:52:03 +08:00
Yiyang Huang 4598f52057 fix: set root password never expire 
Signed-off-by: Yiyang Huang <huangyiyang@caicloud.io>
 2020-04-16 00:15:28 +08:00
He Weiwei 355c16943c chore(clair): bump up clair adapter version to 1.0.2 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2020-04-15 14:07:46 +00:00
Qian Deng 95d7c9382b
Merge pull request #11592 from ninjadq/min_version_tls_to_12 
Min version tls to 12
 2020-04-14 18:12:55 +08:00
wang yan ff2a6c7a01 add warning to registry binary name 
Fixes #11606

As we DO NOT want to user to execute GC in the container, rename it and append the warning message.

Signed-off-by: wang yan <wangyan@vmware.com>
 2020-04-14 15:16:50 +08:00
DQ 75f78b64b2 Set registry tls version to 1.2 
when internal tls enabled set min version of registry to 1.2

Signed-off-by: DQ <dengq@vmware.com>
 2020-04-13 18:13:30 +08:00
jwangyangls e28b5811f7
Merge pull request #11176 from jwangyangls/change-helm-version 
Separate swagger to get v2.0 swagger and chart swagger
 2020-04-10 17:12:00 +08:00
Yogi_Wang 33ed4fb67e Separate swagger to get v2.0 swagger and chart swagger 
1. Partial helm api version number clear
2. Separate swagger to get v2.0 swagger and chart swagger
3. router add chart swagger

Signed-off-by: Yogi_Wang <yawang@vmware.com>
 2020-04-10 16:25:30 +08:00
DQ e907cbe2b6 Fix health check for jobservice and regctl 
need cert when mTLS is enabled

Signed-off-by: DQ <dengq@vmware.com>
 2020-04-09 20:35:46 +08:00
DQ 08ff622310 Remove lines not needed 
volume already defined above

Signed-off-by: DQ <dengq@vmware.com>
 2020-04-09 20:06:51 +08:00
Ziming Zhang 572ebef685 feat(cicd) parameterize docker base image and external url 
Signed-off-by: Ziming Zhang <zziming@vmware.com>
 2020-04-08 00:21:47 +08:00
DQ 6ae1b1dc97 Add missiong entrypoint file for trivy-adapter 
Signed-off-by: DQ <dengq@vmware.com>
 2020-04-07 10:39:07 +00:00
Daniel Jiang 5bcd015d6f
Merge pull request #11469 from ninjadq/clean_up_migrator 
Remove migrator flags in script
 2020-04-07 16:37:24 +08:00
DQ 1ae50b8d66 Remove migrator flags in script 
Because migrator tool removed

Signed-off-by: DQ <dengq@vmware.com>
 2020-04-07 14:57:10 +08:00
DQ 4a836ea975 Fix health check url 
health check url should depend on internal https

Signed-off-by: DQ <dengq@vmware.com>
 2020-04-07 03:35:52 +00:00
DQ cdb675bf3d Add proxy cert file to jobservice when https enabled 
jobservice may request via absolute path of url to harbor

Signed-off-by: DQ <dengq@vmware.com>
 2020-04-04 17:44:34 +00:00
DQ 23ed189ed4 Add SAN to gencert script 
add localhost and 127.0.0.1 to SAN

Signed-off-by: DQ <dengq@vmware.com>
 2020-04-04 17:44:34 +00:00
He Weiwei 77a8c3205f fix(prepare): not accpet items of false value in external_redis 
Item in yaml without value will be as None in python, which will make
the password of redis as `None` in `get_redis_configs`. This fix will
not accept items of `false value` in `external_redis` configurations.

Closes #11367

Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2020-04-03 04:09:26 +00:00
Qian Deng a702c32346
Merge pull request #11063 from ninjadq/fix_syslog_dir_in_tpl 
Fix: fix logrotate is dir issue
 2020-04-02 11:37:29 +08:00
DQ dc271e1a87 Add packaging to pipenv 
Signed-off-by: DQ <dengq@vmware.com>
 2020-04-01 22:54:47 +08:00
DQ d636f2ea5c Enhance help message 
Provide more info in help message
Add requried opition and they will show missing option if you are not provide them instead of Exception

Signed-off-by: DQ <dengq@vmware.com>
 2020-04-01 17:02:59 +08:00
DQ b2e1905e7a Enhance: Stop upgrade when input version less then 1.9.0 
The migration script should failure early when version is not supported

Signed-off-by: DQ <dengq@vmware.com>
 2020-04-01 15:35:49 +08:00
Qian Deng 9e101b73a4
Merge pull request #11156 from ninjadq/migrate_config_to_harbor2 
Migrate config to harbor2
 2020-03-25 16:02:18 +08:00
DQ 85ec0e7820 Enhance: Refactor the migration structure 
1. Refactor structure of migrate file
2. fix some previous bugs

Signed-off-by: DQ <dengq@vmware.com>
 2020-03-23 21:26:28 +08:00
DQ 444678fe07 Fix: module path raise exception when it is loop 
add test for loop

Signed-off-by: DQ <dengq@vmware.com>
 2020-03-23 19:29:59 +08:00
DQ e8bb977ae1 Feat: Upgrade configs to harbor 2.0 
add migrate files for harbor 2.0

Signed-off-by: DQ <dengq@vmware.com>
 2020-03-20 15:20:32 +08:00
DQ 1e0c9f7231 Feat: Add config migrator to prepare 
deprecated migrator container and move config migration to prepare

Signed-off-by: DQ <dengq@vmware.com>
 2020-03-20 03:04:10 +08:00
Steven Zou 2859cd8b69
Merge pull request #11134 from danielpacak/feat/issue_11090/trivy_skip_update_flag 
feat(trivy): Configure Trivy to skip database updates
 2020-03-19 18:13:08 +08:00
DQ f18a546429 Fix: return error when internal_tls_not_provided 
When iinternal_tls is empty, prepare should works as usual

Signed-off-by: DQ <dengq@vmware.com>
 2020-03-19 10:37:58 +08:00
Daniel Pacak 7325105714 feat(trivy): Configure Trivy to skip database updates 
Resolves: #11090

Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
 2020-03-18 17:11:47 +01:00
DQ 6e8d44101f Enhance: User can generate cert by their own ca key pair 
User can put their ca key pair on internal cert dir and name them to `harbor_internal_ca.key` and `harbor_internal_ca.crt` we wil use them to generate other certs

Signed-off-by: DQ <dengq@vmware.com>
 2020-03-18 19:22:10 +08:00
DQ b93092e012 Add tls for trivy 
Add trivy tls cert files
Add tivey tls env and config
enhance gencert

Signed-off-by: DQ <dengq@vmware.com>
 2020-03-18 19:22:10 +08:00
DQ c954969bcd Add mTLS configs 
mTLS only enabled in jobservice and registryctl

Signed-off-by: DQ <dengq@vmware.com>
 2020-03-18 19:22:10 +08:00
DQ c5d73e6a0c Add switch to https 
use switch to make decision whether mTLS or server TLS

Signed-off-by: DQ <dengq@vmware.com>
 2020-03-18 19:22:10 +08:00
DQ 454382149f TLS update for chart, clairadapter, registry 
Remove trustca in chartmuseum
Remove trustca in registry
Add tls in clair-adapter

Signed-off-by: DQ <dengq@vmware.com>
 2020-03-18 19:22:10 +08:00
DQ 03e11c63c7 Fix docker file with secure tls change 
Signed-off-by: DQ <dengq@vmware.com>
 2020-03-18 19:22:10 +08:00
DQ dcc6950af7 Feat: auto install ca in registry 
Signed-off-by: DQ <dengq@vmware.com>
 2020-03-18 19:22:09 +08:00
DQ b852605193 Feat: enable mtls in harbor replication 
Signed-off-by: DQ <dengq@vmware.com>
 2020-03-18 19:22:09 +08:00
DQ 40e67f3b14 Feat: Enable mtls for registry 
Signed-off-by: DQ <dengq@vmware.com>
 2020-03-18 19:22:09 +08:00
DQ 07a1d51693 Feat: enable tls in registryctlAdd tls related code in registryctl 
Signed-off-by: DQ <dengq@vmware.com>
 2020-03-18 19:22:09 +08:00
DQ da359f609f Feat: enable mtls in core 
add mtls related code in core

Signed-off-by: DQ <dengq@vmware.com>
 2020-03-18 19:22:09 +08:00
DQ a4855cca36 Feat: update prepare to support tls 
update makefile
add model for prepare
update jinja template for prepare

Signed-off-by: DQ <dengq@vmware.com>
 2020-03-18 19:22:09 +08:00
Daniel Pacak 9c13116963 chore(trivy): Allow configuring HTTP(S) proxy 
Resolves: #11032

Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
 2020-03-16 12:26:49 +01:00
Daniel Pacak 46fb43bc25 chore: Bump up Trivy adapter to v0.4.0 
Allows configuring SCANNER_TRIVY_GITHUB_TOKEN environment variable,
which is passed to trivy executable binary when it starts scanning
a given artifact.

This is to increase GitHub requests rate limit from 60 per hours
(for anonymous requests) to 5000 when Trivy download its
vulnerabilities database.

Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
 2020-03-16 09:53:16 +01:00
DQ 1eeea6b888 Fix: fix logrotate is dir issue 
Change it to bind command

Signed-off-by: DQ <dengq@vmware.com>
 2020-03-13 14:58:45 +08:00
Wang Yan bd7940217a
upgrade golang version to v1.13.8 (#11006) 
The vesrion contains two security bug fix - CVE-2020-0601, CVE-2020-7919

More details, see the golang milestone:

https://github.com/golang/go/issues?q=milestone%3AGo1.13.8+label%3ACherryPickApproved

Signed-off-by: wang yan <wangyan@vmware.com>
 2020-03-11 12:20:06 +08:00
Ziming Zhang 695a2559be feat(cicd) use unified version as tag name, clean more 
Signed-off-by: Ziming Zhang <zziming@vmware.com>
 2020-03-09 17:13:28 +08:00
Ziming Zhang 200c352c35 feat(cicd) use unified version as tag name 
Signed-off-by: Ziming Zhang <zziming@vmware.com>
 2020-03-09 15:30:03 +08:00
Daniel Jiang ae5ffce83a Update CSRF mechanism 
This commit replaces beego's CSRF mechanism with gorilla's csrf library.
The criteria for requests to skip the csrf check remain the same.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2020-03-09 01:15:54 +08:00
wang yan 2b0b7576b2 Fix gc issue on clean the artifact trash 
1, enable dao test for artifact trash
2, set default flush trash table to false
3, hanlder empty parameter in API call
4, add registry auth info into jobservice container

Signed-off-by: wang yan <wangyan@vmware.com>
 2020-03-06 03:11:31 +08:00
Will Sun a5d9a3b65d
Merge pull request #10863 from AllForNothing/api-center 
Fix Api cennter
 2020-03-05 10:00:15 +08:00
Daniel Jiang 1823c984f7
Merge branch 'master' into redis-idle-timeout 2020-02-27 22:01:22 +08:00
AllForNothing d41c5496a2 Fix Api cennter 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2020-02-27 15:55:20 +08:00
stonezdj(Daojun Zhang) a7e5873f46
Merge pull request #10821 from stonezdj/20200224_remove_notification 
Remove registry notification and change core health check url
 2020-02-25 13:34:37 +08:00
Ziming Zhang 94230b5e19 feat(cicd) fix some build problem 
Signed-off-by: Ziming Zhang <zziming@vmware.com>
 2020-02-25 12:05:39 +08:00
stonezdj 6005101c95 Remove registry notification and change /api/ping 
Update config.yaml.jinja to remove notification
Change api/ping in core/Dockerfile

Signed-off-by: stonezdj <stonezdj@gmail.com>
 2020-02-25 11:24:21 +08:00
Wenkai Yin bd204464f3 Remove dead code 
Remove dead code

Signed-off-by: Wenkai Yin <yinw@vmware.com>
 2020-02-23 17:11:46 +08:00
dechen e642a73280 Set redis idle timeout for core 
Signed-off-by: dechen <xxyydream@gmail.com>
 2020-02-23 12:31:56 +08:00
Steven Zou f1374737f6
Merge pull request #10694 from danielpacak/feature/install_with_trivy 
chore(install): Add --with-trivy arg to the installation script
 2020-02-19 16:27:57 +08:00
Daniel Pacak 1b60bb255c refactor(Makefile): Add variables for download URLs 
Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
 2020-02-14 11:58:59 +01:00
Wenkai Yin 94787ea60d Bump up the version of legacy APIs to v2.0 
Bump up the version of legacy APIs to v2.0

Signed-off-by: Wenkai Yin <yinw@vmware.com>
 2020-02-14 13:16:30 +08:00
Daniel Pacak 70dda1387a chore: Configure Redis URL for Trivy adapter 
Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
 2020-02-13 17:57:02 +01:00
Daniel Pacak 4755439b75 chore: Build Trivy adapter from sources 
Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
 2020-02-13 15:32:57 +01:00
Daniel Pacak a642667ffc chore(install): Add --with-trivy arg to the installation script 
Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
 2020-02-12 23:47:56 +01:00
Will Sun acfcd2d175
Merge pull request #10489 from AllForNothing/postinstall 
Fix postinstall script in Docker
 2020-02-03 14:13:12 +08:00
Daniel Jiang 2064a1cd6d Switch to basic authentication for registry 
1. Add basic authorizer for registry which modify the request
to add basic authorization header to request based on configuration.
2. Set basic auth header for proxy when accessing registry
3. Switche the registry to use basic auth by default and use the basic
authorizer to access Harbor.
4. Make necessary change to test cases, particularly
"test_robot_account.py" and "docker_api.py", because the error is
changed after siwtched to basic auth from token auth.  #10604 is opened
to track the follow up work.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2020-01-31 21:46:47 +09:00
sshijun 3175d5f646 Fix postinstall script in Docker 
Signed-off-by: sshijun <sshijun@vmware.com>
 2020-01-15 16:28:57 +08:00
Daniel Jiang a087ba02e3 Populate basic auth information for registry 
This commit updates `prepare` and templates to populate the credential
for registry for basic authentication.

A temporary flag `registry_use_basic_auth` was added to avoid breakage.
It MUST be removed before the release.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2019-12-31 14:50:46 +08:00
Ziming e32649adb4 enhance[cicd] introduce github action for CICD 
In order to replace travis.
Implement 5 CI jobs
- UTTEST
- APITEST_DB
- APITEST_LDAP
- OFFLINE
- UI_UT

Signed-off-by: Ziming Zhang <zziming@vmware.com>
 2019-12-17 18:36:33 +08:00
Steven Zou 7bf9372f32 chore[api]:rename API folder to api 
- update swagger yaml file reference in `Makefile`
- update swagger yaml file reference in `README`
- update swagger yaml file reference in `docs/configure_swagger.md`
- update swagger yaml file reference in `make/photon/portal/Dockerfile`
- update swagger yaml file reference in `tests/swaggerchecker.sh`

Signed-off-by: Steven Zou <szou@vmware.com>
 2019-12-11 17:41:27 +08:00
Wang Yan 550d690997
Merge pull request #10135 from bitsf/upgrade_clair 
upgrade clair to v2.1.1
 2019-12-06 11:52:10 +08:00
Ziming 9cad403762 fix(build): npm install with special endpoint (#10168) 
Signed-off-by: Ziming Zhang <zziming@vmware.com>
Change-Id: Iaaf33310a2621d58cdc3b9d3359607a961fef05e
 2019-12-06 11:45:48 +08:00
Wang Yan 2a63382236
Merge pull request #10047 from bitsf/makefile_clean 
optimize the makefile process
 2019-12-05 19:03:19 +08:00
He Weiwei 4ea5c41553
chore(scanner): upgrade clair scanner to 1.0.1 (#10147) 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2019-12-05 17:52:37 +08:00
Ziming Zhang 332f88ec8c add make clean 
Change-Id: Ibe806972a19cd69bfd90be051cdc340c4d7c6afb
Signed-off-by: Ziming Zhang <zziming@vmware.com>
 2019-12-05 14:44:07 +08:00
Ziming Zhang 744ae62831 upgrade clair to v2.1.1 
Change-Id: Idb2ad0470a51666d75895d8c5e68d80a67e05276
Signed-off-by: Ziming Zhang <zziming@vmware.com>
 2019-12-05 14:27:26 +08:00
Wenkai Yin(尹文开) d145f4baf4
Merge pull request #10034 from ywk253100/191128_clean 
Clean up admiral-related code
 2019-12-04 17:33:31 +08:00
Daniel Jiang 7bb71db478
Merge pull request #10003 from ninjadq/migrator_miss_component_no_proxy 
Add default domainname for no_proxy
 2019-12-03 10:50:32 +08:00
Qian Deng e5f8c2d779
Merge pull request #10022 from ninjadq/fix_ca_bundle_path_join 
Fix ca bundle path join issue
 2019-12-02 11:31:23 +08:00
Wenkai Yin dd2bc0ecef Clean up admiral-related code 
Clean up admiral-related code as it's useless

Signed-off-by: Wenkai Yin <yinw@vmware.com>
 2019-11-28 17:28:54 +08:00
DQ 79344887b9 Fix ca bundle path join issue 
CA bundle name start with '/' will break the os path join

Signed-off-by: DQ <dengq@vmware.com>
 2019-11-27 18:37:45 +08:00
Will Sun a52b99e180
Merge branch 'master' into remove-lib 2019-11-27 17:44:30 +08:00
DQ ed6438cf69 Add default domainname for no_proxy 
All internal service and known internal hostname shuold add to no_proxy by default

Signed-off-by: DQ <dengq@vmware.com>
 2019-11-27 15:10:42 +08:00
sshijun c692f5c67e Move lib into src for better UI building 
Signed-off-by: sshijun <sshijun@vmware.com>
 2019-11-27 09:59:06 +08:00
wang yan 7b664f64f1 Bump up golang version to v1.13.4 
Signed-off-by: wang yan <wangyan@vmware.com>
 2019-11-26 19:18:45 +08:00
He Weiwei b8308f41a0 fix(prepaire,clair): disable clair updaters when its interval is 0 
Closes #9961

Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2019-11-22 03:31:20 +00:00
Daniel Jiang 2fcd174e4b
Merge pull request #9828 from wy65701436/cii-docker-base 
add base images when to build harbor assets
 2019-11-15 14:24:11 +08:00
He Weiwei fe69a5df99 build(scanner-adapter): bump up clair adapter to v1.0.1-rc2 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2019-11-13 02:35:21 +00:00
wang yan 47793e77e3 update base file name ane pass base version to build file 
Signed-off-by: wang yan <wangyan@vmware.com>
 2019-11-12 19:12:49 +08:00
Wang Yan 544cc98971 add base images when to build harbor assets 
* add base images when to build harbor assets

Signed-off-by: wang yan <wangyan@vmware.com>
 2019-11-12 15:38:51 +08:00
Yogi_Wang cddc1149f1 Modify the memory of nodejs used from 8192MB to 2048MB 
Signed-off-by: Yogi_Wang <yawang@vmware.com>
 2019-11-11 17:05:42 +08:00
Wang Yan 6da183d576
Merge pull request #9800 from ninjadq/failure_earlier_of_ca_bundle_permission_check 
Failure earlier of ca bundle permission check
 2019-11-11 14:09:21 +08:00
Wang Yan 0b09bd14b1
Merge pull request #9756 from ninjadq/add_ignore_media_type 
Add ignore mediatypes for registry
 2019-11-08 18:34:13 +08:00
DQ 80c3e76b5a check the permission of ca bundle file 
CA bundle need check before use

Signed-off-by: DQ <dengq@vmware.com>
 2019-11-08 15:34:17 +08:00
Daniel Jiang 06e4e124d8
Refine request handle process (#9760) 
* Refine request handle process

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2019-11-07 13:02:17 +08:00
DQ 45868107aa Add ignore mediatypes for registry 
Add these mediatypes to reduce the amount of registry event

Signed-off-by: DQ <dengq@vmware.com>
 2019-11-06 21:39:08 +08:00
Wang Yan 27cb25cc04
Merge pull request #9400 from ninjadq/inject_certs_to_non_root 
Inject certs to non root
 2019-11-05 14:49:08 +08:00
DQ ece321a53a Change certs's owner to 10000 
Signed-off-by: DQ <dengq@vmware.com>
 2019-11-04 17:38:41 +08:00
Wang Yan 3f39b0ba4f
Merge pull request #9550 from ninjadq/enable_https_by_default 
Enable https by default
 2019-11-04 16:51:33 +08:00
DQ a0462f0baa Change the clair container to non root user 
Signed-off-by: DQ <dengq@vmware.com>
 2019-11-04 11:36:39 +08:00
DQ d0ed075b91 Change chartmuseum container to non-root 
Signed-off-by: DQ <dengq@vmware.com>
 2019-11-04 11:36:39 +08:00
DQ 1c76d52152 Add registryctl to non-root 
And the install_cert.sh will changed for non-root too

Signed-off-by: DQ <dengq@vmware.com>
 2019-11-04 11:36:39 +08:00
Qian Deng 336dbfd3e1
Merge pull request #9452 from ninjadq/add_certs_in_specific_dir 
All certs in /harbor_cust_certs will appended to ca_bundle
 2019-11-01 13:13:18 +08:00
Daniel Jiang 02dab35a43
Merge pull request #9683 from ninjadq/upgrade_python_rand_gen 
Replance python ran lib to secrets
 2019-10-31 21:51:38 +08:00
DQ 873d9f5b82 Enable https by default 
1. Umcomment https related configs
2. Remove the https prepare related thing in ci

Signed-off-by: DQ <dengq@vmware.com>
 2019-10-31 20:58:09 +08:00
DQ 2529f69fba All certs in /harbor_cust_certs will appended to ca_bundle 
Signed-off-by: DQ <dengq@vmware.com>
 2019-10-31 20:51:08 +08:00
Daniel Jiang bc65609a10
Merge pull request #9657 from wy65701436/quota-sync-switcher 
add a switcher for quota sync on core launch
 2019-10-31 19:22:23 +08:00
Wang Yan fa784d7514
Merge pull request #9649 from wy65701436/fix-9081 
add ldflags for harbor compiler and linker
 2019-10-31 19:14:16 +08:00
DQ 6c01049d94 Replance python ran lib to secrets 
Secrets is included in python 3.6, so just import and use it

Signed-off-by: DQ <dengq@vmware.com>
 2019-10-31 17:23:19 +08:00
wang yan c46d7e856a add a switcher for quota sync on core launch 
As the quota sync is default called by harbor-core on every launch, and it will break the launch process if any failure throwed.

1, The commit is to provide an switcher for the system admin to bypass the quota sync.
2, In case Harbor goes into the restarting cycle.

Harbor already provides an internal API to sync quota data, in the failure case,
system admin can launch harbor and call the /api/internal/syncquota to sync quota.

Signed-off-by: wang yan <wangyan@vmware.com>
 2019-10-31 16:17:27 +08:00
Steven Zou 7b6e83090e create API folder to keep API swagger files 
- create API folder
- move harbor API swagger file to API/harbor
- add scanner adapter open API swagger file to API/scanner
- update protal build Dockerfile
- update swagger explorer build command in Makefile

Signed-off-by: Steven Zou <szou@vmware.com>
 2019-10-30 21:41:03 +08:00
wang yan 253e87d186 inject ldflags for harbor compiler and linker 
1, replace the UIVERSION file with ldflags, which is generarted by make to inject into the UI core.
2, inject additional ldflags for harbor compiler

Signed-off-by: wang yan <wangyan@vmware.com>
 2019-10-30 18:31:42 +08:00
He Weiwei b0f7404231
chore(log): log level support for clair adapter (#9640) 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2019-10-29 16:50:26 +08:00
He Weiwei 28e0c0693b Upgrade clair adapter to v1.0.0 
1. Upgrade clair adapter to v1.0.0.
2. Make the clair adapter which installed by harbor immutable and using internal registry address.
3. Add support to build clair adapter image from binary.
4. Switch to ScannerPull action when make authorization for the scan request.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2019-10-26 17:25:36 +00:00
Wang Yan d503f2a245
Merge pull request #9489 from reasonerjt/bump-up-golang 
Bump up golang to 1.12.12
 2019-10-22 10:54:35 +08:00
Daniel Jiang 6e131d511c Hide DB URL from notary migrator script 
This commit modify the log message from upstream notary DB migrator, to
make sure the DB URL is not displayed.
Fixes #7510

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2019-10-21 23:10:27 +08:00
Daniel Jiang dbe6ebceec Bump up golang to 1.12.12 
Bump up the golang for compiling the binaries to 1.12.12
This commit also includes some minor changes to Makefile to fix issue in
building the binary files.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2019-10-21 15:55:58 +08:00
He Weiwei 8964a8697a build(clair): internal clair adapter when install with clair 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2019-10-17 12:00:51 +08:00
stonezdj(Daojun Zhang) 0fa4934679
Merge pull request #8596 from JakubOnderka/patch-4 
nginx: Remove TLSv1.1 support
 2019-10-16 11:39:55 +08:00
He Weiwei 6fbb77d65a
build(portal): npm registry configurable and build cache support (#9356) 
1. Introduce NPM_REGISTRY in Makefile to support npm registry
configuration when build portal image.
2. Install npm pkgs before copy portal src so that build cache works for
npm install in portal image.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2019-10-10 15:29:50 +08:00
Wang Yan 7e73dfb754
Merge pull request #9221 from wy65701436/fix-9186 
patch registry fix of issue 2553
 2019-09-26 19:34:18 +08:00
wang yan 3cf7e702be patch regsitry fix of issue 2553 
This commit is target to fix harbor issue #9186, which root cause is mentioned by
https://github.com/docker/distribution/issues/2553, and fixed by https://github.com/docker/distribution/pull/2879.

As the latest distribution release(v2.7.1) does not contain this fix, but it will break the quota migraion process on S3 storage, we have to path this fix into Harbor regsitry binary.

[Tag Version]
It uses the issue number(2553) as the tag naming convention, like v2.7.1-patch-2553, means that we patch the fix of issue 2553 into v2.7.1.

[Note]
So far, this fix is only targets on docker regsitry v2.7.1. If the registry has this fix in new release, we'll move on.

Signed-off-by: wang yan <wangyan@vmware.com>
 2019-09-26 18:27:53 +08:00
Qian Deng 578adaa064
Merge pull request #9240 from ninjadq/add_extra_headers_in_nginx 
Add headers in nginx config file
 2019-09-26 10:27:08 +08:00
DQ e7394041ab Add headers in nginx config file 
extra headered added in https and http config

Signed-off-by: DQ <dengq@vmware.com>
 2019-09-24 17:50:40 +08:00
Daniel Jiang 3e5973fc6e Add Secure flag to cookie 
This commit modifies nginx configuration file to make sure the secure
flag is added to "Set-Cookie" header when Harbor is serving https

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2019-09-19 21:04:37 +08:00
Yogi_Wang a7c7a8e675 Upgrade angualr from 7.1.3 to 8.2.0 and clarity from 1.0 to 2.2 
Signed-off-by: Yogi_Wang <yawang@vmware.com>

Signed-off-by: Meina Zhou <meinaz@vmware.com>
Signed-off-by: sshijun <sshijun@vmware.com>
 2019-09-18 10:12:20 +08:00
stonezdj(Daojun Zhang) ca97c85279
Merge pull request #8927 from ninjadq/fix_config_with_components 
Add logic to read clair and notary config
 2019-09-09 15:50:09 +08:00
DQ 495a257ab5 Add logic to read clair and notary config 
Signed-off-by: DQ <dengq@vmware.com>
 2019-09-05 12:49:32 +08:00
Daniel Jiang b75cbe1a7e
Merge pull request #8912 from ninjadq/no_cache_index_html 
Add no-cache to index.html
 2019-09-03 13:01:55 +08:00
Qian Deng 97c40df40f
Merge pull request #8593 from ninjadq/fix_wording_in_doc 
Update config file names
 2019-09-03 10:53:23 +08:00
DQ d50df0f0db Add no-cache to index.html 
shouldn't cache index.html for access fresh page after upgrade.

Signed-off-by: DQ <dengq@vmware.com>
 2019-09-02 18:48:02 +08:00
DQ 377739204b Update config file names 
Signed-off-by: DQ <dengq@vmware.com>
 2019-09-02 18:19:06 +08:00
stonezdj(Daojun Zhang) 469018ae9e
Merge pull request #8891 from ninjadq/fix_prepare_file_permission 
Fix: prepare permission issue
 2019-09-02 18:07:14 +08:00
Qian Deng 86f2bb26a3 Fix docker-compose file permmission 
non-root user can see the content

Signed-off-by: Qian Deng <dengq@vmware.com>
 2019-09-02 13:57:18 +08:00
DQ 6ed3d52615 Fix: prepare permission issue 
1. recursivele change ownership for all prepare dir
2. database file permission fix

Signed-off-by: DQ <dengq@vmware.com>
 2019-09-02 10:04:38 +08:00
Wang Yan 6e462baa0d
Merge pull request #8837 from ninjadq/disable_redis_n_db_container_if_use_exeternal 
Disable redis and db containers if external db enabled
 2019-09-01 17:47:28 +08:00
He Weiwei e2a19d8ab9
fix(build): max idle and open conn settings for external db (#8854) 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2019-08-29 15:04:10 +08:00
Wang Yan 39f78ae768
Merge pull request #7872 from cd1989/config-redis-pool-idletimeout 
Config idle timeout for redis pool to avoid jobservice restarting
 2019-08-27 14:46:01 +08:00
DQ fe3c71094b Disable redis and db containers if external db enabled 
If depend on external redis or pg. local db and redis should not start. Therefore can save some resources.

Signed-off-by: DQ <dengq@vmware.com>
 2019-08-26 17:59:13 +08:00
He Weiwei a2c8536d37 fix(build): install tzdata pkg for core and jobservice images 
Closes #8314

Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2019-08-21 14:40:29 +00:00
cd1989 db9b52d827 Config idle timeout for redis pool 
Signed-off-by: cd1989 <chende@caicloud.io>
 2019-08-20 17:23:32 +08:00
Daniel Jiang f674bb4e6c
Merge pull request #8590 from ninjadq/fix_registry_log_level 
Fix: registry log level rendering issue
 2019-08-20 09:11:56 +08:00
Daniel Jiang b34fda173c Bump up Clair to v2.0.9 
Fixes #8584

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2019-08-19 16:19:29 +08:00
He Weiwei 98e1f68468 feat(configuration,db): connection pool configs for db 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2019-08-14 14:30:34 +08:00
Daniel Jiang ca585f8b9c
Merge pull request #8640 from ninjadq/fix_permission_of_nginx_cert 
Fix permission of nginx cert
 2019-08-14 14:23:40 +08:00
Wenkai Yin(尹文开) a6445c1ebe
Merge pull request #8472 from kofj/feature/proxy 
Proxy
 2019-08-13 12:27:19 +08:00
Qian Deng b4975d8601 Fix nginx permission issue 
* mount root of host
* copy file to data dir and change ownership and permission

Signed-off-by: Qian Deng <dengq@vmware.com>
 2019-08-13 02:59:27 +00:00
疯魔慕薇 3e8a73ca1e Proxy 
1. Global proxy config for components.
2. Prepare proxy configure for clair, core and jobservice.

Signed-off-by: 疯魔慕薇 <kfanjian@gmail.com>
 2019-08-11 00:24:18 +08:00
Yogi_Wang 53bd4d7897 Fix issue width Link to license in the about dialog should not be hardcoded to master 
Signed-off-by: Yogi_Wang <yawang@vmware.com>
 2019-08-09 13:26:43 +08:00
Qian Deng a935823e3d
Merge pull request #8362 from ninjadq/non-root-contaienr 
Non root contaienr
 2019-08-08 17:34:25 +08:00
Jakub Onderka 8f83310022 nginx: Remove TLSv1.1 support 
Signed-off-by: Jakub Onderka <jakub.onderka@gmail.com>
 2019-08-07 17:51:31 +02:00
王添 94d4f9c6b6 add webhook job 
Signed-off-by: 王添 <wangtian@corp.netease.com>
 2019-08-07 20:56:31 +08:00
DQ 057bc34703 Fix: registry log level rendering issue 
when log level is warning, the actual value of registry should be warn

Signed-off-by: DQ <dengq@vmware.com>
 2019-08-07 14:35:36 +08:00
Qian Deng dacb1fc79e Add healthcheck in Dockerfile* redis* jobservice 
Signed-off-by: Qian Deng <dengq@vmware.com>
 2019-08-06 13:16:12 +00:00
Qian Deng 89d6370201 Remove ruby dependency while build portal 
Python is already intalled in node image. so we can use python to parse yaml file

Signed-off-by: Qian Deng <dengq@vmware.com>
 2019-08-06 05:21:47 +00:00
Qian Deng 303471563f DB container run as non-root 
Signed-off-by: Qian Deng <dengq@vmware.com>
 2019-08-06 05:21:47 +00:00
Qian Deng 8b7f1ae4c0 Add proxy nginx container as non-root user 
Signed-off-by: Qian Deng <dengq@vmware.com>
 2019-08-06 05:21:47 +00:00
Qian Deng f8a8040c8f Add notary as non-root user 
Signed-off-by: Qian Deng <dengq@vmware.com>
 2019-08-06 05:21:47 +00:00
Qian Deng 29727148b3 Running job service with non-root container 
job-service running with 10000:10000 user

Signed-off-by: Qian Deng <dengq@vmware.com>
 2019-08-06 05:21:45 +00:00
Qian Deng e62a9f1e18 Running redis using non-root user 
redis running with user redis

Signed-off-by: Qian Deng <dengq@vmware.com>
 2019-08-06 05:21:45 +00:00
Qian Deng 904f04fac1 Enhance: Running contaienr with non-root user 
* core
* portal

Signed-off-by: Qian Deng <dengq@vmware.com>
 2019-08-06 05:21:45 +00:00
Qian Deng 96b62e5741 Make core container to non-root user 
Signed-off-by: Qian Deng <dengq@vmware.com>
 2019-08-06 05:21:45 +00:00
Daniel Jiang eec4fc2798 Remove clair notifier 
The way Harbor handles notification is problematic.
It currently triggers rescan, which will cause problem when there are
lot of images in the registry.
Such as #7316
This commit removes the notifier and we need to revisit the notification
to figure out how to map the notification to a particular image if need
the notification mechanism in future.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2019-08-06 01:58:15 +08:00
Jakub Onderka 53b5dcfece nginx.https.conf.jinja template indention fix 
Signed-off-by: Jakub Onderka <jakub.onderka@gmail.com>
 2019-08-01 22:24:19 +02:00
wang yan 4410cc93f9 add internal reg request handler chain 
this is for internal registry api call, the request should be intercpeted by quota middlerwares, like retag and delete.
Note: The api developer has to know that if the internal registry call in your api, please consider to use
NewRepositoryClientForLocal() to init the repository client, which can handle quota change.

Signed-off-by: wang yan <wangyan@vmware.com>
 2019-07-30 19:39:56 +08:00
Daniel Jiang e0e6a1d30b
Merge pull request #8301 from ninjadq/external_endpoint_support 
Add supoort for external endpoint
 2019-07-18 01:36:08 +08:00
DQ 6cf4596292 Add supoort for external endpoint 
Add config item in harbor.yml
Make fowarding rule configurable

Signed-off-by: DQ <dengq@vmware.com>
 2019-07-17 16:23:37 +08:00
Qian Deng 5cd3594f20 Upgrade chartmuseum from v0.8.1 to v0.9.0 
Signed-off-by: Qian Deng <dengqian0826@gmail.com>
 2019-07-17 06:45:23 +00:00
Ziming Zhang 072bdd101b aws driver for replication 
Change-Id: I8792ffce2eaa5975359bb6159a1ba7b85926a925
Signed-off-by: Ziming Zhang <zziming@vmware.com>
 2019-06-25 19:11:27 +08:00
stonezdj a8cd1bca59 Change the mount target of gcs.key file 
Signed-off-by: stonezdj <stonezdj@gmail.com>
 2019-06-16 13:34:32 +08:00
Wenkai Yin 1ceb7a2fb9
Merge pull request #7825 from ninjadq/update_installation_doc 
Update doc caused by refactor prepare
 2019-05-17 10:02:47 +08:00
Qian Deng 48151f6d46 Update doc caused by refactor prepare 
Signed-off-by: Qian Deng <dengq@vmware.com>
 2019-05-16 23:01:12 +08:00
Wenkai Yin 64cacc99e0
Merge pull request #7750 from liqiang-fit2cloud/fix-7288 
Fix issue: harbor 1.7.4 aliyun oss chartmuseum 500
 2019-05-16 18:23:35 +08:00
Qian Deng f4ac7f9b4a
Merge pull request #7816 from ninjadq/fix_typo_of_azure 
fix typo of azure config
 2019-05-16 10:53:22 +08:00
Qian Deng ea889d5a50 Fix typo in azure config 
Fix typo in chart azure

Signed-off-by: Qian Deng <dengq@vmware.com>
 2019-05-15 18:25:34 +08:00
Wenkai Yin 1a8a55855b Add "MaxMessageSize" to the config of rsyslogd 
Add "MaxMessageSize" to the config of rsyslogd to avoid the mess of log file when the size of one log line > 8k

Signed-off-by: Wenkai Yin <yinw@vmware.com>
 2019-05-15 18:10:22 +08:00
Qian Deng 1677686140 Made logs in jobservice configurable 
Signed-off-by: Qian Deng <dengq@vmware.com>
 2019-05-15 10:57:42 +08:00
Qian Deng 4188c4db76
Merge pull request #7719 from ninjadq/fix_chart_relative_url_issue 
Fix chart relative url issue
 2019-05-15 10:02:07 +08:00
stonezdj(Daojun Zhang) 47f24cab4b
Merge pull request #7770 from ninjadq/fix_typo_in_registry_config 
Typo in registry config
 2019-05-14 13:58:03 +08:00
Qian Deng f607c5177d Fix frontend failure caused by absolute path 
Fix failures because front downlowd chart using relative path

Signed-off-by: Qian Deng <dengq@vmware.com>
 2019-05-14 13:22:06 +08:00
Qian Deng 3022b617f2 Add chart absolute url item in config 
Add a config item to enable and disalbe chart_url

Signed-off-by: Qian Deng <dengq@vmware.com>
 2019-05-14 12:56:20 +08:00
Qian Deng cd6c5a9f10 Enable absolute url in helm chart 
assign public_url to chart-url
remove namespace merge in index.yaml

Signed-off-by: Qian Deng <dengq@vmware.com>
 2019-05-14 12:56:20 +08:00
Qian Deng 41e399dec0 Fix issue caused by notary default_alias 
Fix notary issue

Signed-off-by: Qian Deng <dengq@vmware.com>
 2019-05-13 18:43:15 +08:00
Qian Deng 6db39f9c71 Typo in registry config 
it should be disable not disabled

Signed-off-by: Qian Deng <dengq@vmware.com>
 2019-05-10 23:08:21 +08:00
Qian Deng 439b44c61f Fix public url shoud not display port is it's default value (#7760) 
if https port is 443 or http port is 80, then only showing url

Signed-off-by: Qian Deng <dengq@vmware.com>
 2019-05-10 16:53:25 +08:00
Qian Deng eba20baba5
Merge pull request #7612 from ninjadq/fix_tls_related_issues 
Fix tls related issues
 2019-05-10 16:36:51 +08:00
Qian Deng d255e66604 Remove -it in docker run 
Signed-off-by: Qian Deng <dengq@vmware.com>
 2019-05-10 15:31:58 +08:00
Qian Deng 286167ad74
Merge pull request #7755 from ninjadq/fix_rendering_none_in_jinja 
Fix None rendered in jinja2
 2019-05-10 14:59:21 +08:00
Qian Deng f9f9661acd New type of bind volume 
using long style bind volume

Signed-off-by: Qian Deng <dengq@vmware.com>
 2019-05-10 13:18:48 +08:00
Qian Deng cd9932db23 Update the path of server.key and server.crt 
change the path of cert key paris to prevent futrue issues.

Signed-off-by: Qian Deng <dengq@vmware.com>
 2019-05-10 13:18:48 +08:00
Qian Deng 3dfebed98e Enhance: Add an empty cert files if not exist 
To avoid confusion error message

Signed-off-by: Qian Deng <dengq@vmware.com>
 2019-05-10 13:18:48 +08:00
Qian Deng 0aaccf62b2 Fix None rendered in jinja2 
jinja2 render None to empty string

Signed-off-by: Qian Deng <dengq@vmware.com>
 2019-05-10 12:17:02 +08:00
Qian Deng bb66358df8 Update migratrion script (#7728) 
* Fix migration script

1. port is string when parsed from configparser
2. remove index and db_user in if condition

Signed-off-by: Qian Deng <dengq@vmware.com>

* Add port to public_url

Add port to public_url

Signed-off-by: Qian Deng <dengq@vmware.com>

* Customized value for notary and clair

db config in notary and clair is hardcoded

Signed-off-by: Qian Deng <dengq@vmware.com>

* Add notary and clair db config in harbor.yml

Add notary clair config to harbor.yml and fix related regression

Signed-off-by: Qian Deng <dengq@vmware.com>
 2019-05-10 10:44:05 +08:00
Wang Yan 774a9f8d75
Remove unused configure item cfg_expiration (#7744) 
Signed-off-by: wang yan <wangyan@vmware.com>
 2019-05-09 22:07:18 +08:00
liqiang-fit2cloud 218889acdd Fix issue: https://github.com/goharbor/harbor/issues/7288 
Signed-off-by: liqiang-fit2cloud <liqiang@fit2cloud.com>
 2019-05-09 18:57:57 +08:00