Upstream
/
harbor
mirror of https://github.com/goharbor/harbor.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
12,139 Commits 46 Branches 302 Tags 356 MiB
Commit Graph

5959 Commits

Author SHA1 Message Date
Todd Whiteman 06f53368cd
ScanAll should only log an error when an error occurs (#20087) 
Signed-off-by: Todd Whiteman <todd.whiteman@joyent.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
 2024-03-27 15:15:14 +08:00
Lichao Xue aa4a142bc1
Add two columns to display capability type for scanner (#20111) 
Signed-off-by: xuelichao <xuel@vmware.com>
Signed-off-by: Lichao Xue <68891670+xuelichao@users.noreply.github.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
 2024-03-26 14:36:18 +08:00
James Kang fd81e7c43e
chore: fix function names (#20159) 
Signed-off-by: majorteach <csgcgl@126.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
 2024-03-26 13:53:44 +08:00
stonezdj(Daojun Zhang) 80a9c688fc
panic due to mark retention task error (#20161) 
panic due to mark retention task error

fixes #20129

Signed-off-by: stonezdj <daojunz@vmware.com>
 2024-03-26 04:52:17 +00:00
Wang Yan 2eb5464603
add type for scanner metadata (#20108) 
Signed-off-by: wang yan <wangyan@vmware.com>
 2024-03-25 07:02:39 +00:00
okestro-yj.yoo 69fc957d7e
[new-feature]Add Korean Translation (#19883) 
* Add Korean Translation

Signed-off-by: Youngjun <yj.yoo@okestro.com>

* Add Korean Translation

Signed-off-by: Youngjun <yj.yoo@okestro.com>

* Update src/portal/src/i18n/lang/ko-kr-lang.json

Co-authored-by: Brian Hong <ushiii111798@gmail.com>
Signed-off-by: okestro-yj.yoo <153485739+yj-yoo@users.noreply.github.com>

* Update src/portal/src/i18n/lang/ko-kr-lang.json

Co-authored-by: Brian Hong <ushiii111798@gmail.com>
Signed-off-by: okestro-yj.yoo <153485739+yj-yoo@users.noreply.github.com>

* Update src/portal/src/i18n/lang/ko-kr-lang.json

Co-authored-by: Brian Hong <ushiii111798@gmail.com>
Signed-off-by: okestro-yj.yoo <153485739+yj-yoo@users.noreply.github.com>

* Update src/portal/src/i18n/lang/ko-kr-lang.json

Co-authored-by: Brian Hong <ushiii111798@gmail.com>
Signed-off-by: okestro-yj.yoo <153485739+yj-yoo@users.noreply.github.com>

* Update src/portal/src/i18n/lang/ko-kr-lang.json

Co-authored-by: Brian Hong <ushiii111798@gmail.com>
Signed-off-by: okestro-yj.yoo <153485739+yj-yoo@users.noreply.github.com>

* Update src/portal/src/i18n/lang/ko-kr-lang.json

Co-authored-by: Brian Hong <ushiii111798@gmail.com>
Signed-off-by: okestro-yj.yoo <153485739+yj-yoo@users.noreply.github.com>

* Update src/portal/src/i18n/lang/ko-kr-lang.json

Co-authored-by: Brian Hong <ushiii111798@gmail.com>
Signed-off-by: okestro-yj.yoo <153485739+yj-yoo@users.noreply.github.com>

* Update src/portal/src/i18n/lang/ko-kr-lang.json

Co-authored-by: Brian Hong <ushiii111798@gmail.com>
Signed-off-by: okestro-yj.yoo <153485739+yj-yoo@users.noreply.github.com>

* Update src/portal/src/i18n/lang/ko-kr-lang.json

Co-authored-by: Brian Hong <ushiii111798@gmail.com>
Signed-off-by: okestro-yj.yoo <153485739+yj-yoo@users.noreply.github.com>

* Update src/portal/src/i18n/lang/ko-kr-lang.json

Co-authored-by: Brian Hong <ushiii111798@gmail.com>
Signed-off-by: okestro-yj.yoo <153485739+yj-yoo@users.noreply.github.com>

* Change '푸쉬' to '푸시'

Signed-off-by: Youngjun <yj.yoo@okestro.com>

* Update src/portal/src/i18n/lang/ko-kr-lang.json

Co-authored-by: Brian Hong <ushiii111798@gmail.com>
Signed-off-by: okestro-yj.yoo <153485739+yj-yoo@users.noreply.github.com>

* Update src/portal/src/i18n/lang/ko-kr-lang.json

Co-authored-by: Sion Kang <siontama@gmail.com>
Signed-off-by: okestro-yj.yoo <153485739+yj-yoo@users.noreply.github.com>

* Update src/portal/src/i18n/lang/ko-kr-lang.json

Co-authored-by: Sion Kang <siontama@gmail.com>
Signed-off-by: okestro-yj.yoo <153485739+yj-yoo@users.noreply.github.com>

* Update src/portal/src/i18n/lang/ko-kr-lang.json

Co-authored-by: Sion Kang <siontama@gmail.com>
Signed-off-by: okestro-yj.yoo <153485739+yj-yoo@users.noreply.github.com>

* Update src/portal/src/i18n/lang/ko-kr-lang.json

Co-authored-by: Sion Kang <siontama@gmail.com>
Signed-off-by: okestro-yj.yoo <153485739+yj-yoo@users.noreply.github.com>

* Update src/portal/src/i18n/lang/ko-kr-lang.json

Co-authored-by: Sion Kang <siontama@gmail.com>
Signed-off-by: okestro-yj.yoo <153485739+yj-yoo@users.noreply.github.com>

* Update src/portal/src/i18n/lang/ko-kr-lang.json

Co-authored-by: Sion Kang <siontama@gmail.com>
Signed-off-by: okestro-yj.yoo <153485739+yj-yoo@users.noreply.github.com>

* unify technical vocabulary consistently.

Signed-off-by: Youngjun <yj.yoo@okestro.com>

---------

Signed-off-by: Youngjun <yj.yoo@okestro.com>
Signed-off-by: okestro-yj.yoo <153485739+yj-yoo@users.noreply.github.com>
Co-authored-by: Brian Hong <ushiii111798@gmail.com>
Co-authored-by: Sion Kang <siontama@gmail.com>
Co-authored-by: MinerYang <yminer@vmware.com>
 2024-03-14 11:52:45 +08:00
MinerYang f7a3392020
Update deletion for index type of accessory (#20073) 
update delete for index accessory

Signed-off-by: yminer <yminer@vmware.com>

revert error code

update lint and comments
 2024-03-13 14:46:11 +08:00
MinerYang a269b4f31c
Update support for artifactType for both manifest and index (#20030) 
add artifact_type for artifact model to support artifactType filter

Signed-off-by: yminer <yminer@vmware.com>

add 2.11 sql schema & update index artifactType omitted

Signed-off-by: yminer <yminer@vmware.com>

update UT

update migrate sql for artifact_type

Signed-off-by: yminer <yminer@vmware.com>

remove debug line
 2024-03-12 13:52:56 +00:00
Wang Yan dbe9790147
add generate sbom object utility (#20097) 
* add generate sbom object utility

Leverage the go-containerregistry to generate the oci object for sbom and add it as an accessory of the subject artifact.

Signed-off-by: wang yan <wangyan@vmware.com>

* remove vendor

Signed-off-by: wang yan <wangyan@vmware.com>

* resolve comments

Signed-off-by: wang yan <wangyan@vmware.com>

* fix ut

Signed-off-by: wang yan <wangyan@vmware.com>

* resolve comments

Signed-off-by: wang yan <wangyan@vmware.com>

* remove the todo comments

Signed-off-by: wang yan <wangyan@vmware.com>

---------

Signed-off-by: wang yan <wangyan@vmware.com>
 2024-03-12 12:27:34 +08:00
Lichao Xue 9b7c1a2274
Configure to auto generate SBOM or not on project configuration page. (#20059) 
Signed-off-by: xuelichao <xuel@vmware.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
 2024-03-06 08:06:25 +00:00
Wang Yan d25f3556a9
update referrers api (#20068) 
Update the referrers API according to the changeset in distribution spec 1.1, available at https://github.com/opencontainers/distribution-spec/pull/491/files.

Signed-off-by: wang yan <wangyan@vmware.com>
 2024-03-01 15:25:38 +08:00
Wang Yan 3782bab80a
add sbom settings for project (#20069) 
Add a new switcher for sbom generation, by default is false.

Signed-off-by: wang yan <wangyan@vmware.com>
 2024-03-01 14:40:02 +08:00
Lichao Xue d79e4b1176
revise the tags of Interrogation Services (#20049) 
Signed-off-by: xuelichao <xuel@vmware.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
 2024-02-29 14:37:26 +08:00
Lichao Xue 47546a5f9d
update help message for bandwidth of replication rule (#20016) 
Signed-off-by: xuelichao <xuel@vmware.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-02-26 16:57:24 +08:00
dependabot[bot] c5790ced14
Bump github.com/aws/aws-sdk-go from 1.50.5 to 1.50.24 in /src (#20018) 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.50.5 to 1.50.24.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.50.5...v1.50.24)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-02-26 12:05:17 +08:00
dependabot[bot] 2fd4588782
Bump helm.sh/helm/v3 from 3.11.3 to 3.14.2 in /src (#20017) 
Bumps [helm.sh/helm/v3](https://github.com/helm/helm) from 3.11.3 to 3.14.2.
- [Release notes](https://github.com/helm/helm/releases)
- [Commits](https://github.com/helm/helm/compare/v3.11.3...v3.14.2)

---
updated-dependencies:
- dependency-name: helm.sh/helm/v3
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-02-26 10:08:51 +08:00
stonezdj(Daojun Zhang) 5b832c1724
Limit url to local path (#20025) 2024-02-24 01:34:30 +00:00
dependabot[bot] 056c41fd80
Bump github.com/google/uuid from 1.3.1 to 1.6.0 in /src (#19954) 
Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.3.1 to 1.6.0.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](https://github.com/google/uuid/compare/v1.3.1...v1.6.0)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Shengwen YU <yshengwen@vmware.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-02-23 18:19:40 +08:00
dependabot[bot] cb04005098
Bump github.com/go-openapi/strfmt from 0.21.8 to 0.22.0 in /src (#19955) 
Bumps [github.com/go-openapi/strfmt](https://github.com/go-openapi/strfmt) from 0.21.8 to 0.22.0.
- [Commits](https://github.com/go-openapi/strfmt/compare/v0.21.8...v0.22.0)

---
updated-dependencies:
- dependency-name: github.com/go-openapi/strfmt
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-02-23 17:40:46 +08:00
dependabot[bot] 35f98344e6
Bump go.opentelemetry.io/otel from 1.21.0 to 1.23.1 in /src (#19972) 
Bumps [go.opentelemetry.io/otel](https://github.com/open-telemetry/opentelemetry-go) from 1.21.0 to 1.23.1.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.21.0...v1.23.1)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-02-23 16:54:30 +08:00
stonezdj(Daojun Zhang) 54819ba8cd
Limit url to local site (#20013) 
Signed-off-by: stonezdj <daojunz@vmware.com>
Co-authored-by: stonezdj <daojunz@vmware.com>
 2024-02-23 07:40:13 +00:00
Antoine Jouve 73c2884e58
[Token/JWT] Update to golang-jwt v5.2.0 (#19802) 
* feat: update to golang-jwt v5.2.0

Signed-off-by: Antoine Jouve <ant.jouve@gmail.com>

* fix: module issues and robot claims

Signed-off-by: Antoine Jouve <ant.jouve@gmail.com>

* fix: add missing time import

Signed-off-by: Antoine Jouve <ant.jouve@gmail.com>

* feat: set jwt validation leeway to 60s

Signed-off-by: Antoine Jouve <ant.jouve@gmail.com>

* fix: update leeways that were still set to 10s

Signed-off-by: Antoine Jouve <ant.jouve@gmail.com>

* feat: update go.sum

Signed-off-by: Antoine Jouve <ant.jouve@gmail.com>

* feat: add two leeway related test cases

Signed-off-by: Antoine Jouve <ant.jouve@gmail.com>

* fix: correct jwt audience validation

Signed-off-by: Antoine Jouve <ant.jouve@gmail.com>

* fix: gofmt v2_token.go

Signed-off-by: Antoine Jouve <ant.jouve@gmail.com>

* feat: take into account review comments

Signed-off-by: Antoine Jouve <ant.jouve@gmail.com>

* feat: use a common constant to store JWT leeway

Signed-off-by: Antoine Jouve <ant.jouve@gmail.com>

---------

Signed-off-by: Antoine Jouve <ant.jouve@gmail.com>
Signed-off-by: Antoine Jouve <an-toine@users.noreply.github.com>
Co-authored-by: MinerYang <yminer@vmware.com>
 2024-02-23 11:30:13 +08:00
tostt 0e580836bb
Updated internationalisation : fr-fr (#19915) 
* Internationalisation : fr-fr

Edited file fr-fr-lang.json:
- Translation of new strings in French
- Entries have been sorted the same way as en-us-lang.json

Signed-off-by: tostt <tostt@users.noreply.github.com>

* Update fr-fr-lang.json

Corrections

Signed-off-by: tostt <tostt@users.noreply.github.com>

* Update src/portal/src/i18n/lang/fr-fr-lang.json

Co-authored-by: Thomas Coudert <couderthomas@gmail.com>
Signed-off-by: tostt <tostt@users.noreply.github.com>

* Update src/portal/src/i18n/lang/fr-fr-lang.json

Co-authored-by: Thomas Coudert <couderthomas@gmail.com>
Signed-off-by: tostt <tostt@users.noreply.github.com>

* Added missing translation

Signed-off-by: tostt <tostt@users.noreply.github.com>

---------

Signed-off-by: tostt <tostt@users.noreply.github.com>
Co-authored-by: Thomas Coudert <couderthomas@gmail.com>
 2024-02-11 14:21:10 +00:00
dependabot[bot] f910c5654b
Bump vite and @angular-devkit/build-angular in /src/portal (#19945) 
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) to 4.5.2 and updates ancestor dependency [@angular-devkit/build-angular](https://github.com/angular/angular-cli). These dependencies need to be updated together.


Updates `vite` from 4.4.7 to 4.5.2
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/v4.5.2/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v4.5.2/packages/vite)

Updates `@angular-devkit/build-angular` from 16.2.9 to 16.2.12
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Changelog](https://github.com/angular/angular-cli/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular-cli/compare/16.2.9...16.2.12)

---
updated-dependencies:
- dependency-name: vite
  dependency-type: indirect
- dependency-name: "@angular-devkit/build-angular"
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-02-05 10:03:07 +08:00
dependabot[bot] db20b3b6ac
Bump github.com/go-ldap/ldap/v3 from 3.2.4 to 3.4.6 in /src (#19889) 
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.2.4 to 3.4.6.
- [Release notes](https://github.com/go-ldap/ldap/releases)
- [Commits](https://github.com/go-ldap/ldap/compare/v3.2.4...v3.4.6)

---
updated-dependencies:
- dependency-name: github.com/go-ldap/ldap/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Shengwen YU <yshengwen@vmware.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-02-04 20:08:50 +08:00
dependabot[bot] 7cfc685b7a
Bump github.com/go-openapi/errors from 0.20.4 to 0.21.0 in /src (#19890) 
Bumps [github.com/go-openapi/errors](https://github.com/go-openapi/errors) from 0.20.4 to 0.21.0.
- [Commits](https://github.com/go-openapi/errors/compare/v0.20.4...v0.21.0)

---
updated-dependencies:
- dependency-name: github.com/go-openapi/errors
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Shengwen YU <yshengwen@vmware.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-02-04 19:27:48 +08:00
dependabot[bot] f562c3016d
Bump github.com/aws/aws-sdk-go from 1.34.28 to 1.50.5 in /src (#19920) 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.34.28 to 1.50.5.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.34.28...v1.50.5)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-02-04 18:32:12 +08:00
Bin Liu 5a576174b1
skip transaction for POST /service/token (#19339) 
Habor doesnot support POST /service/token endpoint,
put this request into a transaction will consume
extra database resources and generate many logs.

Signed-off-by: bin liu <liubin0329@gmail.com>
 2024-01-19 07:11:32 +00:00
zycupup ee6f61c502
feat: volc cr adapter (#19456) 
feat: support volcEngine replication

Signed-off-by: zhuyuchen.1 <zhuyuchen.1@bytedance.com>
 2024-01-19 14:15:49 +08:00
dependabot[bot] 6d854a5534
Bump github.com/go-openapi/swag from 0.22.4 to 0.22.7 in /src (#19809) 
Bumps [github.com/go-openapi/swag](https://github.com/go-openapi/swag) from 0.22.4 to 0.22.7.
- [Commits](https://github.com/go-openapi/swag/compare/v0.22.4...v0.22.7)

---
updated-dependencies:
- dependency-name: github.com/go-openapi/swag
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-01-18 14:14:44 +08:00
dependabot[bot] 6b1e5d2312
Bump github.com/vmihailenco/msgpack/v5 from 5.0.0-rc.2 to 5.4.1 in /src (#19810) 
Bumps [github.com/vmihailenco/msgpack/v5](https://github.com/vmihailenco/msgpack) from 5.0.0-rc.2 to 5.4.1.
- [Release notes](https://github.com/vmihailenco/msgpack/releases)
- [Changelog](https://github.com/vmihailenco/msgpack/blob/v5/CHANGELOG.md)
- [Commits](https://github.com/vmihailenco/msgpack/compare/v5.0.0-rc.2...v5.4.1)

---
updated-dependencies:
- dependency-name: github.com/vmihailenco/msgpack/v5
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-01-18 13:34:33 +08:00
dependabot[bot] 6f6e85863e
Bump k8s.io/client-go from 0.26.2 to 0.29.0 in /src (#19813) 
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.26.2 to 0.29.0.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes/client-go/compare/v0.26.2...v0.29.0)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-01-18 12:54:39 +08:00
ShengqiWang caaa641521
fix label select bugs (#19850) 
Signed-off-by: shengqiw <shengqiw@vmware.com>
 2024-01-18 02:46:25 +00:00
Yang Jiao 308c6cf657
Update isValidDuration function (#19843) 
Signed-off-by: Yang Jiao <yang.jiao@broadcom.com>
 2024-01-17 08:41:45 +00:00
Ha Son Hai 7e0f6cc501
Fixing typo for About UI (#19840) 
Signed-off-by: Ha, Son Hai <sonhaiha@kpmg.com>
Co-authored-by: Ha, Son Hai <sonhaiha@kpmg.com>
Co-authored-by: MinerYang <yminer@vmware.com>
 2024-01-15 15:16:23 +00:00
Shuaiyi f17d90fadf
Log ensureArtifact ConflictErr (#19294) 
* Log ensureArtifact ConflictErr

Signed-off-by: Shuaiyi Liu <liushuaiyi@gmail.com>

* Log ensureArtifact ConflictErr

Signed-off-by: Shuaiyi Liu <liushuaiyi@gmail.com>

---------

Signed-off-by: Shuaiyi Liu <liushuaiyi@gmail.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
 2024-01-15 18:39:01 +08:00
Wang Yan fdc012c237
remove the log for ScannerSkipUpdatePullTime (#19845) 
fixes #19795, remove the noise in the log

Signed-off-by: wang yan <wangyan@vmware.com>
 2024-01-15 17:47:16 +08:00
ShengqiWang 04a140332e
fix artifact page bug (#19807) 
* fix artifact page bug

* update testcase
 2024-01-15 06:09:56 +00:00
Yang Jiao eb125419cc
Add verification that robot account duration is not 0 (#19829) 
Signed-off-by: Yang Jiao <yang.jiao@broadcom.com>
 2024-01-15 13:25:56 +08:00
stonezdj(Daojun Zhang) 891f6785f2
Cache image list with digest key (#19801) 
fixes #19429

Signed-off-by: stonezdj <daojunz@vmware.com>
Co-authored-by: stonezdj <daojunz@vmware.com>
 2024-01-11 06:55:35 +00:00
Yang Jiao 7268a3f3e2
Remove robot account update quota permission (#19819) 
Signed-off-by: Yang Jiao <yang.jiao@broadcom.com>
Co-authored-by: Yang Jiao <yang.jiao@broadcom.com>
 2024-01-10 03:07:24 +00:00
Lars Lehtonen 49c5a068ad
registryctl/api/registry/blob: fix dropped test error (#19721) 
Signed-off-by: Lars Lehtonen <lars.lehtonen@gmail.com>
 2024-01-09 12:45:24 +00:00
Maksym Trofimenko 9e5efc99e8
add repository read permission to limitedGuest (#19757) 
Signed-off-by: Maksym Trofimenko <maksym@container-registry.com>
Co-authored-by: Maksym Trofimenko <maksym@container-registry.com>
 2024-01-08 11:42:39 +00:00
dependabot[bot] f8d2169712
Bump github.com/go-openapi/runtime from 0.19.20 to 0.26.2 in /src (#19763) 
Bumps [github.com/go-openapi/runtime](https://github.com/go-openapi/runtime) from 0.19.20 to 0.26.2.
- [Release notes](https://github.com/go-openapi/runtime/releases)
- [Commits](https://github.com/go-openapi/runtime/compare/v0.19.20...v0.26.2)

---
updated-dependencies:
- dependency-name: github.com/go-openapi/runtime
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Shengwen YU <yshengwen@vmware.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-01-08 16:02:08 +08:00
dependabot[bot] bb2581c669
Bump gopkg.in/h2non/gock.v1 from 1.0.16 to 1.1.2 in /src (#19765) 
Bumps gopkg.in/h2non/gock.v1 from 1.0.16 to 1.1.2.

---
updated-dependencies:
- dependency-name: gopkg.in/h2non/gock.v1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-01-08 14:42:26 +08:00
Yang Jiao 64a2296b58
Add quota permissions to robot account (#19799) 
Fix #19792

Signed-off-by: Yang Jiao <yang.jiao@broadcom.com>
Co-authored-by: Yang Jiao <yang.jiao@broadcom.com>
 2024-01-08 11:43:22 +08:00
dependabot[bot] de7ea2849e
Bump github.com/cloudevents/sdk-go/v2 from 2.13.0 to 2.14.0 in /src (#19764) 
Bumps [github.com/cloudevents/sdk-go/v2](https://github.com/cloudevents/sdk-go) from 2.13.0 to 2.14.0.
- [Release notes](https://github.com/cloudevents/sdk-go/releases)
- [Commits](https://github.com/cloudevents/sdk-go/compare/v2.13.0...v2.14.0)

---
updated-dependencies:
- dependency-name: github.com/cloudevents/sdk-go/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-01-08 09:46:21 +08:00
dependabot[bot] 88a4cabcaf
Bump github.com/golang-jwt/jwt/v4 from 4.4.2 to 4.5.0 in /src (#19766) 
Bumps [github.com/golang-jwt/jwt/v4](https://github.com/golang-jwt/jwt) from 4.4.2 to 4.5.0.
- [Release notes](https://github.com/golang-jwt/jwt/releases)
- [Changelog](https://github.com/golang-jwt/jwt/blob/main/VERSION_HISTORY.md)
- [Commits](https://github.com/golang-jwt/jwt/compare/v4.4.2...v4.5.0)

---
updated-dependencies:
- dependency-name: github.com/golang-jwt/jwt/v4
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-05 17:20:40 +08:00
dependabot[bot] 378ff62350
Bump golang.org/x/time from 0.4.0 to 0.5.0 in /src (#19767) 
Bumps [golang.org/x/time](https://github.com/golang/time) from 0.4.0 to 0.5.0.
- [Commits](https://github.com/golang/time/compare/v0.4.0...v0.5.0)

---
updated-dependencies:
- dependency-name: golang.org/x/time
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-01-05 16:15:15 +08:00
ShengqiWang ed4587b491
update project-SelectScanner modal Default field css (#19753) 
Co-authored-by: Wang Yan <wangyan@vmware.com>
 2024-01-04 02:23:55 +00:00
ShengqiWang 923295c990
add description in scanner page (#19733) 
Signed-off-by: shengqiw <shengqiw@vmware.com>
 2023-12-21 14:52:11 +08:00
dependabot[bot] 49ee3b7759
Bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux from 0.45.0 to 0.46.1 in /src (#19727) 
Bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux

Bumps [go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux](https://github.com/open-telemetry/opentelemetry-go-contrib) from 0.45.0 to 0.46.1.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go-contrib/compare/zpages/v0.45.0...zpages/v0.46.1)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2023-12-21 10:09:50 +08:00
Yang Jiao 6793da72e3
Fix project metadata validate bug (#19746) 
Signed-off-by: Yang Jiao <yang.jiao@broadcom.com>
Co-authored-by: Yang Jiao <yang.jiao@broadcom.com>
 2023-12-20 15:28:07 +08:00
dependabot[bot] 2f2a6462ad
Bump github.com/bmatcuk/doublestar from 1.1.1 to 1.3.4 in /src (#19698) 
Bumps [github.com/bmatcuk/doublestar](https://github.com/bmatcuk/doublestar) from 1.1.1 to 1.3.4.
- [Release notes](https://github.com/bmatcuk/doublestar/releases)
- [Commits](https://github.com/bmatcuk/doublestar/compare/v1.1.1...v1.3.4)

---
updated-dependencies:
- dependency-name: github.com/bmatcuk/doublestar
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2023-12-20 13:33:53 +08:00
dependabot[bot] 41adc7508a
Bump github.com/prometheus/client_golang from 1.14.0 to 1.17.0 in /src (#19699) 
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.14.0 to 1.17.0.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prometheus/client_golang/compare/v1.14.0...v1.17.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2023-12-20 10:48:20 +08:00
dependabot[bot] dcd3c3dbfd
Bump github.com/coreos/go-oidc/v3 from 3.7.0 to 3.9.0 in /src (#19701) 
Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc) from 3.7.0 to 3.9.0.
- [Release notes](https://github.com/coreos/go-oidc/releases)
- [Commits](https://github.com/coreos/go-oidc/compare/v3.7.0...v3.9.0)

---
updated-dependencies:
- dependency-name: github.com/coreos/go-oidc/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2023-12-19 17:06:32 +08:00
dependabot[bot] 80b3ea5501
Bump golang.org/x/crypto from 0.14.0 to 0.17.0 in /src (#19729) 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.14.0 to 0.17.0.
- [Commits](https://github.com/golang/crypto/compare/v0.14.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2023-12-19 14:19:48 +08:00
MinerYang b38de22054
bump golang 1.21.5 & fix golangci-lint error (#19722) 
bump golang 1.21.5

update golangci-lint && fix revive error

fix white space lint

Signed-off-by: yminer <yminer@vmware.com>
 2023-12-19 09:41:26 +08:00
dependabot[bot] 5f828ea72f
Bump github.com/go-openapi/errors from 0.19.6 to 0.20.4 in /src (#19697) 
Bumps [github.com/go-openapi/errors](https://github.com/go-openapi/errors) from 0.19.6 to 0.20.4.
- [Commits](https://github.com/go-openapi/errors/compare/v0.19.6...v0.20.4)

---
updated-dependencies:
- dependency-name: github.com/go-openapi/errors
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2023-12-14 12:10:51 +08:00
dependabot[bot] 6b41277b03
Bump sigs.k8s.io/yaml from 1.3.0 to 1.4.0 in /src (#19631) 
Bumps [sigs.k8s.io/yaml](https://github.com/kubernetes-sigs/yaml) from 1.3.0 to 1.4.0.
- [Release notes](https://github.com/kubernetes-sigs/yaml/releases)
- [Changelog](https://github.com/kubernetes-sigs/yaml/blob/master/RELEASE.md)
- [Commits](https://github.com/kubernetes-sigs/yaml/compare/v1.3.0...v1.4.0)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/yaml
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2023-12-08 15:11:38 +08:00
dependabot[bot] 8859f69668
Bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1 in /src (#19636) 
Bumps [github.com/go-jose/go-jose/v3](https://github.com/go-jose/go-jose) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/go-jose/go-jose/releases)
- [Changelog](https://github.com/go-jose/go-jose/blob/v3/CHANGELOG.md)
- [Commits](https://github.com/go-jose/go-jose/compare/v3.0.0...v3.0.1)

---
updated-dependencies:
- dependency-name: github.com/go-jose/go-jose/v3
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2023-12-08 13:20:20 +08:00
dependabot[bot] af4c6b6f0f
Bump github.com/gorilla/handlers from 1.5.1 to 1.5.2 in /src (#19632) 
Bumps [github.com/gorilla/handlers](https://github.com/gorilla/handlers) from 1.5.1 to 1.5.2.
- [Release notes](https://github.com/gorilla/handlers/releases)
- [Commits](https://github.com/gorilla/handlers/compare/v1.5.1...v1.5.2)

---
updated-dependencies:
- dependency-name: github.com/gorilla/handlers
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2023-12-08 09:59:06 +08:00
dependabot[bot] 2984c2e04b
Bump github.com/robfig/cron/v3 from 3.0.0 to 3.0.1 in /src (#19633) 
Bumps [github.com/robfig/cron/v3](https://github.com/robfig/cron) from 3.0.0 to 3.0.1.
- [Commits](https://github.com/robfig/cron/compare/v3.0.0...v3.0.1)

---
updated-dependencies:
- dependency-name: github.com/robfig/cron/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2023-12-07 17:49:21 +08:00
Shijun Sun f99a619bc6
Add min-width to the permission column (#19675) 
1. To avoid style confusion

Signed-off-by: AllForNothing <shijun.sun@broadcom.com>
 2023-12-07 05:37:45 +00:00
Shijun Sun 323e11fefb
Update the wording text for the system robot account (#19666) 
Signed-off-by: AllForNothing <shijun.sun@broadcom.com>
 2023-12-05 09:43:02 +00:00
Shijun Sun 469b6a495b
Update the style for the robot acccount ui (#19663) 
1. Fixes #19614
2. Fixes #19617

Signed-off-by: AllForNothing <shijun.sun@broadcom.com>
 2023-12-05 09:00:17 +00:00
Shengwen YU 1cbc901599
fix: upgrade google.golang.org/grpc (#19648) 
fix: upgrade google.golang.org/grpc and go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2023-12-05 16:22:39 +08:00
Wang Yan 7b40dc6f46
fix the landing accessory data (#19661) 
Fix the keywords when to list accessories belong to the subject manifest.

Signed-off-by: wang yan <wangyan@vmware.com>
 2023-12-05 14:14:32 +08:00
Shijun Sun 7fee99b5fe
Update the name checking for the robot account (#19645) 
1. Fixes #19612

Signed-off-by: AllForNothing <shijun.sun@broadcom.com>
 2023-12-05 03:01:40 +00:00
dependabot[bot] bf251ef0aa
Bump github.com/coreos/go-oidc/v3 from 3.0.0 to 3.7.0 in /src (#19542) 
Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc) from 3.0.0 to 3.7.0.
- [Release notes](https://github.com/coreos/go-oidc/releases)
- [Commits](https://github.com/coreos/go-oidc/compare/v3.0.0...v3.7.0)

---
updated-dependencies:
- dependency-name: github.com/coreos/go-oidc/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2023-11-28 09:31:16 +08:00
Wang Yan 3f72604d57
fix robot account access issue (#19627) 
fixes #19622
Resolve the 403 issue occurring when a robot account, equipped with both system and project scope, attempts to access project resources.

Signed-off-by: wang yan <wangyan@vmware.com>
 2023-11-27 19:16:37 +08:00
dependabot[bot] e1df9b0a73
Bump golang.org/x/time from 0.0.0-20220210224613-90d013bbcef8 to 0.4.0 in /src (#19541) 
Bump golang.org/x/time in /src

Bumps [golang.org/x/time](https://github.com/golang/time) from 0.0.0-20220210224613-90d013bbcef8 to 0.4.0.
- [Commits](https://github.com/golang/time/commits/v0.4.0)

---
updated-dependencies:
- dependency-name: golang.org/x/time
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2023-11-27 16:58:28 +08:00
Wang Yan e6900301ce
fix system label resource (#19621) 
Make sure robot can use rbac.Resource(label) to access system level label

Signed-off-by: wang yan <wangyan@vmware.com>
 2023-11-27 13:34:17 +08:00
Shijun Sun d967ac0fb6
Update the permission scope (#19603) 
1. Update the permission scope
2. Sort the resources and actions by unicode

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-11-22 06:37:31 +00:00
Wang Yan 062d144d22
add permission validation for robot creating and updating. (#19598) 
* add permission validation for robot creating and updating.

It is not allowed to create an new robot with the access outside the predefined scope.

Signed-off-by: wang yan <wangyan@vmware.com>

* Fix robot testcase and update robot permission metadata (#167)

1. Fix robot testcase
2. update robot permission metadata

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
Signed-off-by: wang yan <wangyan@vmware.com>

---------

Signed-off-by: wang yan <wangyan@vmware.com>
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
Co-authored-by: Yang Jiao <72076317+YangJiao0817@users.noreply.github.com>
 2023-11-22 12:51:03 +08:00
Chlins Zhang 43ccd2f09f
perf: optimize the performance of accessory query (#19557) 
1. Add db index for subject_artifact_id in table artifact_accessory.
2. Optimize the SQL of excluding the accessory for artifact count.

Signed-off-by: chlins <chenyuzh@vmware.com>
 2023-11-22 02:11:11 +00:00
Chlins Zhang 553c85eed0
fix: increase beego max memory and upload size (#19578) 
1. Increase the default beego max memory and upload size from 32GB to
   128GB.
2. Support customize the two beego configs from env.

Signed-off-by: chlins <chenyuzh@vmware.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
 2023-11-21 15:36:06 +08:00
Maksym Trofimenko 996e57b511
Feature: GDPR compliant audit logs (#17396) 2023-11-20 21:31:22 +01:00
stonezdj(Daojun Zhang) 307a3121aa
Return empty result when no scanner configured (#19577) 
fixes #19534

Signed-off-by: stonezdj <daojunz@vmware.com>
 2023-11-17 07:29:19 +00:00
Shijun Sun 95b4032201
Correct loop condition for replication tasks (#19570) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-11-15 09:50:06 +00:00
Shijun Sun da9e263ca7
Avoid menu closure when filtering labels (#19561) 
1. Fixes #19554

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-11-15 17:12:55 +08:00
Shijun Sun 30730c6716
Add a placeholder to the cards for the security-hub (#19536) 
1. Related issue #19249

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-11-15 08:23:07 +00:00
Shijun Sun 7718134301
Add quota sorting to the project quotas list (#19576) 
1. For #16517

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-11-15 07:25:55 +00:00
Shijun Sun 6a6e29570c
Show OIDC provider name on the OIDC login button (#19581) 
1. Related issue #13198

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-11-15 05:23:57 +00:00
stonezdj(Daojun Zhang) 3f6c0298fe
Add oidc provider name to systeminfo API (#19575) 
fixes #13198

Signed-off-by: stonezdj <daojunz@vmware.com>
 2023-11-15 11:00:39 +08:00
Shengwen YU e941f3272b
fix: sorting quota (#19538) 
fix: sort Project Quotas

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2023-11-13 14:37:41 +08:00
jmichot-exotec 219e4ba48d
19559 cannot see full label easily (#19564) 
* modified label css to allow hover on it

Signed-off-by: Julien Michot <julien.michot.ext@exotec.com>

* modified label css to allow hover on it

Signed-off-by: Julien Michot <julien.michot.ext@exotec.com>

* Update common.scss

Signed-off-by: jmichot-exotec <150228661+jmichot-exotec@users.noreply.github.com>

* used title way to show full label on hover

Signed-off-by: Julien Michot <julien.michot.ext@exotec.com>

---------

Signed-off-by: Julien Michot <julien.michot.ext@exotec.com>
Signed-off-by: jmichot-exotec <150228661+jmichot-exotec@users.noreply.github.com>
Co-authored-by: Julien Michot <julien.michot.ext@exotec.com>
 2023-11-13 04:02:59 +00:00
stonezdj(Daojun Zhang) 3a9d68a32a
Allow POST method to request service/token in readonly mode (#19556) 
fixes #18243

Signed-off-by: stonezdj <daojunz@vmware.com>
 2023-11-10 05:08:31 +00:00
Chlins Zhang f6d5bf2e0f
perf: optimize the trigger retention API (#19533) 
Enhance the API for triggering retention by optimizing it from synchronous to asynchronous to solve the problem of slow response in the case of a large number of tasks.

Signed-off-by: chlins <chenyuzh@vmware.com>
 2023-11-09 07:45:01 +00:00
Shijun Sun b7116fff0f
Add full permissions for the robot account (#19507) 
1.Fixes #19353

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-11-09 03:18:07 +00:00
Wang Yan 5c02fd807e
add permission api (#19543) 
The permission api targets to return the full set of permissons for robot to use.
And only system and project admin have the access

Signed-off-by: wang yan <wangyan@vmware.com>
 2023-11-09 09:47:07 +08:00
stonezdj(Daojun Zhang) da949bfc3f
Delete project member when delete project (#19523) 
Signed-off-by: stonezdj <daojunz@vmware.com>
 2023-11-08 20:51:21 +08:00
Shijun Sun bfd44b9115
Update UI package to clear security alerts (#19553) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-11-08 15:30:08 +08:00
stonezdj(Daojun Zhang) c9214256e5
Skip to validate username when update user profile (#19552) 
fixes #19528

Signed-off-by: stonezdj <daojunz@vmware.com>
 2023-11-08 13:29:30 +08:00
Daniel Jiang 3f7c605cf5
[WIP] Remove vendor folder from harbor code base (#19508) 
* Remove vendor folder from harbor code base

Signed-off-by: Daniel Jiang <jiangd@vmware.com>

* debug ut failure

* debug failure

* debug failure

---------

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2023-11-05 14:37:25 +08:00
Shijun Sun d0a9754786
Update the style for severity (#19525) 
1.Related issue #19249

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-11-02 09:02:32 +00:00
stonezdj(Daojun Zhang) b337f51e7e
Replace comma in username to avoid casbin issue (#19505) 
Check username when creating user by API
   Replace comma with underscore in username for OnboardUser
   Fixes #19356

Signed-off-by: stonezdj <daojunz@vmware.com>
 2023-11-02 03:50:50 +00:00
Shijun Sun f75a2f9407
Add a tooltip for the replication rule (#19509) 
1. Fixes #19371

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-10-31 10:32:00 +00:00
MinerYang 193b00b9e6
bump golang to 1.21.3 (#19504) 
update ut mock

update go mod

Signed-off-by: yminer <yminer@vmware.com>
 2023-10-31 15:01:23 +08:00
Shijun Sun 064a109f56
Not allow comma for the user name (#19501) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-10-30 16:02:52 +01:00
SphinxKnight d3907f6eee
fix: Accessibility - change color for WCAG AA (#19472) 
* fix: Accessibility - change color for WCAG AA

Signed-off-by: julieng <julien.gattelier@gmail.com>

* fix: #ffffff to #fff to comply with stylelint

Signed-off-by: julieng <julien.gattelier@gmail.com>

* Factoring in #19249

Signed-off-by: julieng <julien.gattelier@gmail.com>

---------

Signed-off-by: julieng <julien.gattelier@gmail.com>
 2023-10-25 03:44:54 +00:00
MinerYang adb066cf50
bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/m… (#19477) 
bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux

Signed-off-by: yminer <yminer@vmware.com>
 2023-10-24 08:21:34 +00:00
stonezdj(Daojun Zhang) 7b0beed934
Delete tag retention rule and tag immutable rule when deleting project (#19390) 
fixes #18250

Signed-off-by: stonezdj <daojunz@vmware.com>
 2023-10-24 04:28:16 +00:00
Kenji Gaillac a1effcbb98
Add label's description as tooltip (#19421) 
* feat(ui): add label's description as tooltip

Will only display the tooltip on artifact-list-page.

Signed-off-by: Kenji Gaillac <kenji@gaillac.eu>

* fix(ui): remove redundant condition

Signed-off-by: Kenji Gaillac <kenji@gaillac.eu>

---------

Signed-off-by: Kenji Gaillac <kenji@gaillac.eu>
 2023-10-24 01:52:35 +00:00
Chlins Zhang 99b40bf764
feat: enhance the replication webhook payload (#19433) 
Add the new filed 'references' to the replication webhook payload, which
can help user better know the replicated artifact tags or digests.
(references is the lists of the artifact tag name or digest if no tag)

Signed-off-by: chlins <chenyuzh@vmware.com>
 2023-10-23 03:29:30 +00:00
imeoer 13f4fca96e
subject: fix missing media type recognition for nydus (#19453) 
Nydus images are compatible with both docker scheme v2 and OCI image spec v1
types of config media type:

  - application/vnd.oci.image.config.v1+json
  - application/vnd.docker.container.image.v1+json

The patch fixes the media type recognition on the accessory type check.

Signed-off-by: Yan Song <yansong.ys@antgroup.com>
Co-authored-by: MinerYang <yminer@vmware.com>
 2023-10-19 10:53:13 +08:00
stonezdj(Daojun Zhang) d030ab216b
Use batch to list the job id in the job queue to avoid crash redis (#19444) 
fixes: #19436

Signed-off-by: stonezdj <daojunz@vmware.com>
 2023-10-18 09:31:37 +00:00
MinerYang 84a85fb299
bump golang.org/x/net to v0.17.0 && go.opentelemetry.io/contrib (#19461) 
bump golang.org/x/net to v0.17.0

Signed-off-by: yminer <yminer@vmware.com>

bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp  to v0.45.0
 2023-10-18 14:34:51 +08:00
Shijun Sun 18b979576d
Update the style for operation-component (#19445) 
1.Fixes #19399

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-10-17 09:29:23 +08:00
Wang Yan f9ab185ed0
fix issue 19392 (#19437) 
Needs to set the repo when to handle the accessory before subject manifest.

Signed-off-by: wang yan <wangyan@vmware.com>
 2023-10-12 15:15:42 +08:00
stonezdj(Daojun Zhang) 663d0b81a7
Change fixed_version to package_version in query dangerous CVE sql (#19397) 
Change fixed_version to package_version
  fixes #19391

Signed-off-by: stonezdj <daojunz@vmware.com>
 2023-10-11 07:57:19 +00:00
Kenji Gaillac 27e70cdf4f
feat(i18n): update french translations (#19418) 
Signed-off-by: Kenji Gaillac <kenji@gaillac.eu>
 2023-10-10 09:29:06 +00:00
Shijun Sun d0322dfcba
Hide version property if the value is undefined (#19395) 
1.Related issue #19391

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-09-28 10:59:10 +08:00
Wang Yan 3338f27189
support accessory in either order (#19375) 
In certain cases, the OCI client may push the subject artifact and accessory in either order.
Therefore, it is necessary to handle situations where the client pushes the accessory ahead of the subject artifact.

Signed-off-by: wang yan <wangyan@vmware.com>
 2023-09-23 02:42:58 +08:00
MinerYang 6fd4a2bd37
update default processor for unknwon type config (#19372) 
update OCI-Subject header

Signed-off-by: yminer <yminer@vmware.com>

update default processor & add ut for artifact icon

update ut coverage
 2023-09-21 15:19:42 +08:00
Wang Yan 4051b2b302
fix user resource (#19366) 
fix the user resrouce defination of user api

Signed-off-by: wang yan <wangyan@vmware.com>
 2023-09-18 14:16:25 +08:00
Bin Liu 26a4f6eeea
Remove duplicated sort fields from order by clause (#19347) 
In MustClone() it will set Sorts field twice, that will
generate two duplicated order by fields in the generated SQL.

Signed-off-by: bin liu <liubin0329@gmail.com>
 2023-09-17 02:01:30 +08:00
Wang Yan ed370a496b
deprecate resource label (#19349) 
There is no api is using the DAO, remove it from the source code.

Signed-off-by: wang yan <wangyan@vmware.com>
 2023-09-14 01:25:52 +08:00
Shijun Sun 12ce91594f
Upgrade UI packages (#19330) 
1.Upgrade Angular packages to 16.2.1
2.Upgrade cypress to 13.1.0

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-09-12 16:50:29 +08:00
rongfu.leng d55823d888
remove chart-museum related to logic (#18722) 
Signed-off-by: lengrongfu <1275177125@qq.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
 2023-09-11 15:15:02 +08:00
stonezdj(Daojun Zhang) 7f191630e4
Remove job status track information from redis after stop (#19227) 
Remove job status track information from redis after stop the job in the queue

  After stop in the queue:
  Remove key in {harbor_job_service_namespace}:job_track:inprogress
  Remove {harbor_job_service_namespace}:job_stats:<job_id>
  fixes #19211

Signed-off-by: stonezdj <daojunz@vmware.com>
 2023-09-05 10:30:48 +08:00
Shijun Sun e2d088987c
Switch to a new chart library (#19262) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-09-01 16:46:43 +08:00
Bin Liu 0e039b255c
exporter: add field alias for count(*) func (#18840) 
Add an alias so that orm can parse the column name regardless of
the type and version of the database.

Signed-off-by: bin liu <liubin0329@gmail.com>
 2023-08-30 09:05:44 +08:00
Bin Liu 7ed1920d66
Delete unused code (#19061) 
func GetRedisOfRegURL is not referenced.

Signed-off-by: bin liu <liubin0329@gmail.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
 2023-08-29 19:23:20 +08:00
rongfu.leng f3e4216124
change JOB_ID to Task_ID (#19127) 
Signed-off-by: lengrongfu <1275177125@qq.com>
 2023-08-25 15:49:56 +08:00
MinerYang 06139c1396
change Referrers Content-Type to application/vnd.oci.image.index.v1+json (#19212) 
Signed-off-by: yminer <yminer@vmware.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
 2023-08-25 11:54:55 +08:00
Shijun Sun dd90313c72
Add a tooltip for the page title of security hub (#19231) 
1. This tooltip explains the artifacts total count

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-08-24 18:21:39 +08:00
Bin Liu 23fd87a316
i18n: fix typo for CONFIRM_SECRET (#19140) 
Signed-off-by: bin liu <liubin0329@gmail.com>
 2023-08-24 14:52:52 +08:00
stonezdj(Daojun Zhang) 298ecbbe7d
Refine total artifact and scanned artifact (#19228) 
Artifact include all accessory, child artifact
  fixes #19215

Signed-off-by: stonezdj <daojunz@vmware.com>
 2023-08-22 16:03:33 +08:00
Shijun Sun 444404f7f4
Add new uri path to ShouldNotReuseRoute array (#19217) 
1.Fixes #19216

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-08-21 18:54:44 +08:00
Wang Yan 927e7f92a2
fix gc dry run issue (#19208) 
In the dry run mode, the accessories should be considered when try to simulate delete the subject manifest.

Signed-off-by: wang yan <wangyan@vmware.com>
 2023-08-21 13:28:07 +08:00
Chlins Zhang c7e25295fe
fix: support customize cache db for business (#19182) 
Support to configure the customized redis db for cache layer and other
misc business for core, by default the behavior is same with
previous(stored in db 0).

Signed-off-by: chlins <chenyuzh@vmware.com>
 2023-08-18 11:04:16 +08:00
stonezdj(Daojun Zhang) 83ff2b277a
Wrong artifact scanned count (#19198) 
fixes #19197

Signed-off-by: stonezdj <daojunz@vmware.com>
 2023-08-17 14:12:07 +08:00
Chlins Zhang 52e66155d4
log: change log level to reduce the noise logs (#19146) 
1. Change some logs level to reduce the noise.
2. Wrap the go-redis.Nil error as ErrNotFound to avoid confusing

Signed-off-by: chlins <chenyuzh@vmware.com>
 2023-08-17 11:11:04 +08:00
stonezdj(Daojun Zhang) d98699b5fc
Filter artifact without CVE from top 5 dangerous artifacts (#19187) 
Fixes #19186

Signed-off-by: stonezdj <daojunz@vmware.com>
 2023-08-17 09:29:23 +08:00
Shijun Sun 0e9fe03e54
Update the max length for the filters (#19194) 
1.Fixes #19193

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-08-16 17:14:34 +08:00
Peter Dave Hello 289d4e27cc
Update zh-tw (Traditional Chinese) locale (#19161) 
Update zh-tw (Traditional Chinese) locale, follow up of #18608

Signed-off-by: Peter Dave Hello <hsu@peterdavehello.org>
 2023-08-16 09:57:52 +08:00
Shijun Sun 296e905940
ignore spaces for vulnerability filters (#19180) 
1.Fixes #19168

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-08-15 11:41:50 +08:00
Shengwen YU 88c6018950
fix: cron string validation (#19071) 
fix: cron string validation (the 1st field of a cron string must be 0 when there are 6 fields)

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2023-08-09 10:22:54 +08:00
Shengwen YU 90de9092ce
fix: add storage_limit check (#19095) 
fix: add storage_limit check (add ValidateQuotaLimit as a general method to validate quota limit value)

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2023-08-09 09:37:07 +08:00
Shijun Sun 958bed2ee0
Update ui to fix some issues (#19101) 
1. Add digest filter for vulnerability search, for #19023
2. Fixes #19104

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-08-07 14:49:50 +08:00
Chlins Zhang a036e4a7b0
fix: skip to delete scan reports if the digest still referenced (#19110) 
fix: skip to delete scan reports if the digest still referenced by other artifacts

Avoid to delete the scan reports in case the artifact deleted but still
referenced by the other artifacts.

Signed-off-by: chlins <chenyuzh@vmware.com>
 2023-08-07 14:00:26 +08:00
stonezdj(Daojun Zhang) 0e92eaea18
Sort most dangerous vulnerabilities by score and severity level (#19103) 
Check it is referred by a scan_report
  Add index to report_vulnerability_record to improve performance
  Fixes #19014 #19028

Signed-off-by: stonezdj <daojunz@vmware.com>
 2023-08-07 10:13:34 +08:00
stonezdj(Daojun Zhang) c62ec7daac
Add artifact digest to query condition (#19102) 
Fixes #19023

Signed-off-by: stonezdj <daojunz@vmware.com>
 2023-08-07 09:24:44 +08:00
stonezdj(Daojun Zhang) 3de778e9f1
Fix incorrect artifact and scanned artifact count issue (#19106) 
* Fix incorrect artifact and scanned artifact count issue

  fixes #19009 #19020 #19013

Signed-off-by: stonezdj <daojunz@vmware.com>

* fix issue

Signed-off-by: stonezdj <daojunz@vmware.com>

---------

Signed-off-by: stonezdj <daojunz@vmware.com>
 2023-08-07 08:40:26 +08:00
Shijun Sun f8cf772d86
Update style for add-replication-rule page (#19100) 
1. Fixes #19098

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-08-04 14:12:15 +08:00
Chlins Zhang 8c23bcdc54
fix: fix replication list projects with pure numberic name (#19090) 
Quote the project name when listing projects in the replication, resolve
the issue of pure number name of project.

Signed-off-by: chlins <chenyuzh@vmware.com>
 2023-08-04 09:29:51 +08:00
Shijun Sun 530b78285b
Convert the string "0" to number 0 (#19080) 
1. Fixes #19046

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-08-03 21:52:49 +08:00
Shijun Sun d34775296c
Update cron ui for add replicatipn rule page (#19083) 
1.Fixes #19072

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-08-03 18:18:54 +08:00
Shijun Sun 26b53ef343
Show banner message on log in page (#19078) 
1. Fixes #19076

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-08-03 17:24:09 +08:00