Upstream
/
harbor
mirror of https://github.com/goharbor/harbor.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
12,115 Commits 41 Branches 299 Tags 351 MiB
Commit Graph

12115 Commits

Author SHA1 Message Date
Lichao Xue 840d4085f0
Fix and Should to display Unsupported if no SBOM accessories found (#20426) 
Should this be Unsupported either for SBOM

Signed-off-by: xuelichao <xuel@vmware.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-05-16 17:40:42 +08:00
stonezdj(Daojun Zhang) 8ccf98a2ac
Initialize execution Manager in Report Assembler (#20437) 
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-05-16 16:08:06 +08:00
MinerYang 2da4d5883f
bump golang 1.22.3 (#20433) 
* bump golang 1.22.3

Signed-off-by: yminer <yminer@vmware.com>

* debug api_common_install.sh

Signed-off-by: yminer <yminer@vmware.com>

* remove set DNS for docker v20

Signed-off-by: yminer <yminer@vmware.com>

---------

Signed-off-by: yminer <yminer@vmware.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
 2024-05-16 14:32:59 +08:00
stonezdj(Daojun Zhang) 2b4fe6ced7
Add additional link for sboms (#20423) 
artifact object's addition_links has sboms item when it support to generate sbom
  fixes #20346

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-05-15 13:34:22 +00:00
stonezdj(Daojun Zhang) df5b3618c7
Display status in sbom_overview for image index (#20425) 
fixes #20418

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-05-15 11:52:39 +00:00
Shengwen YU bb6c7242a4
add membership=true back for gitlab replication adapter (#20400) 
fix: add membership=true back for gitlab replication adapter

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2024-05-15 10:38:01 +00:00
dependabot[bot] 0fc87eaf35
chore(deps): bump github.com/go-openapi/strfmt from 0.22.0 to 0.23.0 in /src (#20396) 
chore(deps): bump github.com/go-openapi/strfmt in /src

Bumps [github.com/go-openapi/strfmt](https://github.com/go-openapi/strfmt) from 0.22.0 to 0.23.0.
- [Commits](https://github.com/go-openapi/strfmt/compare/v0.22.0...v0.23.0)

---
updated-dependencies:
- dependency-name: github.com/go-openapi/strfmt
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-15 09:11:11 +00:00
dependabot[bot] 372102c824
chore(deps): bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux from 0.46.1 to 0.51.0 in /src (#20394) 
chore(deps): bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux

Bumps [go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux](https://github.com/open-telemetry/opentelemetry-go-contrib) from 0.46.1 to 0.51.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go-contrib/compare/zpages/v0.46.1...zpages/v0.51.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: MinerYang <yminer@vmware.com>
 2024-05-15 08:33:53 +00:00
dependabot[bot] 34dfbfd6bd
chore(deps): bump github.com/golang-jwt/jwt/v5 from 5.2.0 to 5.2.1 in /src (#20397) 
chore(deps): bump github.com/golang-jwt/jwt/v5 in /src

Bumps [github.com/golang-jwt/jwt/v5](https://github.com/golang-jwt/jwt) from 5.2.0 to 5.2.1.
- [Release notes](https://github.com/golang-jwt/jwt/releases)
- [Changelog](https://github.com/golang-jwt/jwt/blob/main/VERSION_HISTORY.md)
- [Commits](https://github.com/golang-jwt/jwt/compare/v5.2.0...v5.2.1)

---
updated-dependencies:
- dependency-name: github.com/golang-jwt/jwt/v5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: MinerYang <yminer@vmware.com>
 2024-05-15 15:57:04 +08:00
Wang Yan 2977fec006
fix issue 19928 (#20409) 
* fix issue 19928

it needs to consider the user who is in any group that has been granted with the project admin role.

Signed-off-by: wang yan <wangyan@vmware.com>
 2024-05-15 13:07:30 +08:00
stonezdj(Daojun Zhang) 232f9ba7ea
Skip scan in-toto sbom artifact (#20415) 
fixes #20337

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
 2024-05-13 17:12:04 +08:00
Wang Yan 65e266fecf
fix issue 20407 (#20416) 
fixes #20407
It needs to specify the insecure option on parsing the reference

Signed-off-by: wang yan <wangyan@vmware.com>
 2024-05-13 14:44:51 +08:00
MinerYang 068ae006fe
Update scan job request log for enabled_capabilities (#20414) 
update scan job request log

Signed-off-by: yminer <yminer@vmware.com>
 2024-05-10 17:17:47 +08:00
Shengwen YU beb5f3f7cb
fix: enale stop_scan for ci (#20378) 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2024-05-06 17:35:40 +08:00
Shengwen YU 33966fbc79
fix update TRIVYVERSION=v0.50.4 & TRIVYADAPTERVERSION=v0.31.1 (#20390) 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2024-05-06 16:59:31 +08:00
dependabot[bot] c4409c053b
Bump helm.sh/helm/v3 from 3.14.2 to 3.14.4 in /src (#20373) 
Bumps [helm.sh/helm/v3](https://github.com/helm/helm) from 3.14.2 to 3.14.4.
- [Release notes](https://github.com/helm/helm/releases)
- [Commits](https://github.com/helm/helm/compare/v3.14.2...v3.14.4)

---
updated-dependencies:
- dependency-name: helm.sh/helm/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Shengwen YU <yshengwen@vmware.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-05-06 15:49:37 +08:00
dependabot[bot] 1ef61995b8
Bump github.com/go-asn1-ber/asn1-ber from 1.5.5 to 1.5.6 in /src (#20372) 
Bumps [github.com/go-asn1-ber/asn1-ber](https://github.com/go-asn1-ber/asn1-ber) from 1.5.5 to 1.5.6.
- [Release notes](https://github.com/go-asn1-ber/asn1-ber/releases)
- [Commits](https://github.com/go-asn1-ber/asn1-ber/compare/v1.5.5...v1.5.6)

---
updated-dependencies:
- dependency-name: github.com/go-asn1-ber/asn1-ber
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-05-06 14:45:37 +08:00
dependabot[bot] 34cb462cd9
Bump github.com/gorilla/csrf from 1.6.2 to 1.7.2 in /src (#20376) 
Bumps [github.com/gorilla/csrf](https://github.com/gorilla/csrf) from 1.6.2 to 1.7.2.
- [Release notes](https://github.com/gorilla/csrf/releases)
- [Commits](https://github.com/gorilla/csrf/compare/v1.6.2...v1.7.2)

---
updated-dependencies:
- dependency-name: github.com/gorilla/csrf
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Shengwen YU <yshengwen@vmware.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-05-06 14:08:10 +08:00
dependabot[bot] 132c389216
Bump k8s.io/api from 0.29.3 to 0.30.0 in /src (#20375) 
Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.29.3 to 0.30.0.
- [Commits](https://github.com/kubernetes/api/compare/v0.29.3...v0.30.0)

---
updated-dependencies:
- dependency-name: k8s.io/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-05-06 13:18:42 +08:00
dependabot[bot] 50dc773a5a
Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp from 1.24.0 to 1.26.0 in /src (#20374) 
Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp

Bumps [go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp](https://github.com/open-telemetry/opentelemetry-go) from 1.24.0 to 1.26.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.24.0...v1.26.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-05-06 10:53:35 +08:00
stonezdj(Daojun Zhang) 8431c9c30a
Rename harbor.sbom to sbom.harbor (#20359) 
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-05-02 23:48:07 +00:00
MinerYang d01dfd450a
do not delete accessory relationship while still referenced (#20360) 
Signed-off-by: yminer <yminer@vmware.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
 2024-04-30 01:18:09 +00:00
stonezdj(Daojun Zhang) d154c27362
Add scan type in webhook event (#20363) 
fixes #20331

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-04-29 13:51:09 +00:00
Lichao Xue 9b5dd7951e
Fix UI sbom status not updated to grid item after job done (#20368) 
Fix UI sbom status not updated after job done

Signed-off-by: xuelichao <xuel@vmware.com>
 2024-04-29 17:26:01 +08:00
Shengwen YU bc3e47f0fe
fix: update stop scan tc (#20369) 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2024-04-29 13:39:27 +08:00
dependabot[bot] 1146cbeca1
Bump github.com/cenkalti/backoff/v4 from 4.2.1 to 4.3.0 in /src (#20316) 
Bumps [github.com/cenkalti/backoff/v4](https://github.com/cenkalti/backoff) from 4.2.1 to 4.3.0.
- [Commits](https://github.com/cenkalti/backoff/compare/v4.2.1...v4.3.0)

---
updated-dependencies:
- dependency-name: github.com/cenkalti/backoff/v4
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Shengwen YU <yshengwen@vmware.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-04-29 12:49:55 +08:00
dependabot[bot] 01a28dc66d
Bump go.opentelemetry.io/otel/sdk from 1.24.0 to 1.26.0 in /src (#20370) 
Bumps [go.opentelemetry.io/otel/sdk](https://github.com/open-telemetry/opentelemetry-go) from 1.24.0 to 1.26.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.24.0...v1.26.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/sdk
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-04-29 10:19:48 +08:00
dependabot[bot] 7306f6d7d9
Bump github.com/golang-migrate/migrate/v4 from 4.16.2 to 4.17.1 in /src (#20317) 
Bumps [github.com/golang-migrate/migrate/v4](https://github.com/golang-migrate/migrate) from 4.16.2 to 4.17.1.
- [Release notes](https://github.com/golang-migrate/migrate/releases)
- [Changelog](https://github.com/golang-migrate/migrate/blob/master/.goreleaser.yml)
- [Commits](https://github.com/golang-migrate/migrate/compare/v4.16.2...v4.17.1)

---
updated-dependencies:
- dependency-name: github.com/golang-migrate/migrate/v4
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Shengwen YU <yshengwen@vmware.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-04-28 17:32:58 +08:00
dependabot[bot] d7ab8254cc
Bump golang.org/x/net from 0.22.0 to 0.24.0 in /src (#20318) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.22.0 to 0.24.0.
- [Commits](https://github.com/golang/net/compare/v0.22.0...v0.24.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-04-28 15:47:57 +08:00
stonezdj(Daojun Zhang) fba4c40c65
Delete scan_report when accessory is removed (#20365) 
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-04-27 01:56:30 +00:00
Shengwen YU 9471f5d5a6
fix: update total permission count to 59 (#20352) 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2024-04-26 08:21:27 +00:00
Lichao Xue dee73a44f3
Fix UI bugs (#20364) 
Signed-off-by: xuelichao <xuel@vmware.com>
 2024-04-26 06:56:23 +00:00
Shengwen YU c791b39a26
fix: add stop_scan_payload when call stop scan api (#20353) 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2024-04-26 06:13:00 +00:00
Shengwen YU 822784aac8
fix: update to "clr-dg-cell[10]" to fix the pull time tc due to addin… (#20361) 
fix: update to "clr-dg-cell[10]" to fix the pull time tc due to adding an SBOM column

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2024-04-26 04:28:22 +00:00
Shengwen YU d0cb200ed5
fix: update nightly test case for verifying audit log of image digest (#20354) 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2024-04-26 03:44:00 +00:00
Shengwen YU 0e8dce72be
fix: fresh scanner list when updating scanner (#20366) 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2024-04-26 10:52:11 +08:00
stonezdj(Daojun Zhang) ec8d692fe6
Add scanner info and report_id to sbom_overview on listing artifact (#20358) 
Add scan_status and report_id when scan has a failed task

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-04-25 17:00:35 +08:00
Shengwen YU 2af02f3b25
fix: update image reference to "@" in audit log when pushing & deleting images (#20348) 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2024-04-24 16:05:14 +08:00
stonezdj(Daojun Zhang) c80e9bf477
Add 422 in the swagger.yaml (#20344) 
change log level with no content message
  fix time in sbom accessory
  fixes #20342 #20332 #20328

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-04-24 09:57:46 +08:00
stonezdj(Daojun Zhang) b7d4bf0d07
Log and skip adapter ping error when retrieve adapter capability (#20314) 
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-04-22 09:43:04 +00:00
MinerYang ea3cd06171
add prepare migration script for 2.11.0 (#20315) 
Signed-off-by: yminer <yminer@vmware.com>

correct jaeger agent_host

update ip_family part
 2024-04-22 16:34:08 +08:00
Shengwen YU 9b164f3fee
feat: add tc for limited guest of a project to get repository (#20311) 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2024-04-22 06:36:35 +00:00
Lichao Xue e7fce62723
Wrong values shown for the columns of support_sbom and support_vulnerability in scanner list (#20308) 
Fix wrong value shown for the columns of support_sbom and support_vulnerability in scanner list

Signed-off-by: xuelichao <xuel@vmware.com>
 2024-04-22 13:29:48 +08:00
stonezdj(Daojun Zhang) d759429831
Set default capability for old scanners (#20306) 
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
 2024-04-20 10:37:30 +08:00
stonezdj(Daojun Zhang) 0d9dc4b4a4
Add enableCapabilities to extraAttrs for stop (#20299) 
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-04-19 07:36:56 +00:00
Lichao Xue b3dc183f47
Fixed an issue where the scan stop button can only be clicked once (#20302) 
Signed-off-by: xuelichao <xuel@vmware.com>
 2024-04-19 13:01:54 +08:00
stonezdj(Daojun Zhang) 9c3fc28250
Allow generate sbom in proxy cache project (#20298) 
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-04-19 02:14:28 +00:00
Lichao Xue e8907a47ab
SBOM UI feature implementation (#19946) 
* draft: sbom UI feature implementation

Signed-off-by: xuelichao <xuel@vmware.com>

* refactor based on swagger yaml changes

Signed-off-by: xuelichao <xuel@vmware.com>

* update scan type for scan and stop sbom request

Signed-off-by: xuelichao <xuel@vmware.com>

---------

Signed-off-by: xuelichao <xuel@vmware.com>
 2024-04-18 08:22:11 +00:00
Ikko Eltociear Ashimine 4fd11ce072
refactor: update controller.go (#20297) 
minor fix

Signed-off-by: Ikko Eltociear Ashimine <eltociear@gmail.com>
Co-authored-by: MinerYang <yminer@vmware.com>
 2024-04-18 14:26:03 +08:00
stonezdj(Daojun Zhang) 2ea7d09412
skip to log scan sbom accessory for sbom accessory (#20290) 
Avoid to log the generate SBOM failure message when the artifact is SBOM in webhook event

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-04-17 14:51:11 +00:00