Upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor.git synced 2024-11-21 17:55:30 +01:00
Code Issues Projects Releases Wiki Activity
12,255 Commits 54 Branches 317 Tags 352 MiB
main
Commit Graph

12255 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
stonezdj(Daojun Zhang)
232f9ba7ea
Skip scan in-toto sbom artifact (#20415) 
fixes #20337

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
 2024-05-13 17:12:04 +08:00
Wang Yan
65e266fecf
fix issue 20407 (#20416) 
fixes #20407
It needs to specify the insecure option on parsing the reference

Signed-off-by: wang yan <wangyan@vmware.com>
 2024-05-13 14:44:51 +08:00
MinerYang
068ae006fe
Update scan job request log for enabled_capabilities (#20414) 
update scan job request log

Signed-off-by: yminer <yminer@vmware.com>
 2024-05-10 17:17:47 +08:00
Shengwen YU
beb5f3f7cb
fix: enale stop_scan for ci (#20378) 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2024-05-06 17:35:40 +08:00
Shengwen YU
33966fbc79
fix update TRIVYVERSION=v0.50.4 & TRIVYADAPTERVERSION=v0.31.1 (#20390) 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2024-05-06 16:59:31 +08:00
dependabot[bot]
c4409c053b
Bump helm.sh/helm/v3 from 3.14.2 to 3.14.4 in /src (#20373) 
Bumps [helm.sh/helm/v3](https://github.com/helm/helm) from 3.14.2 to 3.14.4.
- [Release notes](https://github.com/helm/helm/releases)
- [Commits](https://github.com/helm/helm/compare/v3.14.2...v3.14.4)

---
updated-dependencies:
- dependency-name: helm.sh/helm/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Shengwen YU <yshengwen@vmware.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-05-06 15:49:37 +08:00
dependabot[bot]
1ef61995b8
Bump github.com/go-asn1-ber/asn1-ber from 1.5.5 to 1.5.6 in /src (#20372) 
Bumps [github.com/go-asn1-ber/asn1-ber](https://github.com/go-asn1-ber/asn1-ber) from 1.5.5 to 1.5.6.
- [Release notes](https://github.com/go-asn1-ber/asn1-ber/releases)
- [Commits](https://github.com/go-asn1-ber/asn1-ber/compare/v1.5.5...v1.5.6)

---
updated-dependencies:
- dependency-name: github.com/go-asn1-ber/asn1-ber
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-05-06 14:45:37 +08:00
dependabot[bot]
34cb462cd9
Bump github.com/gorilla/csrf from 1.6.2 to 1.7.2 in /src (#20376) 
Bumps [github.com/gorilla/csrf](https://github.com/gorilla/csrf) from 1.6.2 to 1.7.2.
- [Release notes](https://github.com/gorilla/csrf/releases)
- [Commits](https://github.com/gorilla/csrf/compare/v1.6.2...v1.7.2)

---
updated-dependencies:
- dependency-name: github.com/gorilla/csrf
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Shengwen YU <yshengwen@vmware.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-05-06 14:08:10 +08:00
dependabot[bot]
132c389216
Bump k8s.io/api from 0.29.3 to 0.30.0 in /src (#20375) 
Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.29.3 to 0.30.0.
- [Commits](https://github.com/kubernetes/api/compare/v0.29.3...v0.30.0)

---
updated-dependencies:
- dependency-name: k8s.io/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-05-06 13:18:42 +08:00
dependabot[bot]
50dc773a5a
Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp from 1.24.0 to 1.26.0 in /src (#20374) 
Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp

Bumps [go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp](https://github.com/open-telemetry/opentelemetry-go) from 1.24.0 to 1.26.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.24.0...v1.26.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-05-06 10:53:35 +08:00
stonezdj(Daojun Zhang)
8431c9c30a
Rename harbor.sbom to sbom.harbor (#20359) 
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-05-02 23:48:07 +00:00
MinerYang
d01dfd450a
do not delete accessory relationship while still referenced (#20360) 
Signed-off-by: yminer <yminer@vmware.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
 2024-04-30 01:18:09 +00:00
stonezdj(Daojun Zhang)
d154c27362
Add scan type in webhook event (#20363) 
fixes #20331

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-04-29 13:51:09 +00:00
Lichao Xue
9b5dd7951e
Fix UI sbom status not updated to grid item after job done (#20368) 
Fix UI sbom status not updated after job done

Signed-off-by: xuelichao <xuel@vmware.com>
 2024-04-29 17:26:01 +08:00
Shengwen YU
bc3e47f0fe
fix: update stop scan tc (#20369) 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2024-04-29 13:39:27 +08:00
dependabot[bot]
1146cbeca1
Bump github.com/cenkalti/backoff/v4 from 4.2.1 to 4.3.0 in /src (#20316) 
Bumps [github.com/cenkalti/backoff/v4](https://github.com/cenkalti/backoff) from 4.2.1 to 4.3.0.
- [Commits](https://github.com/cenkalti/backoff/compare/v4.2.1...v4.3.0)

---
updated-dependencies:
- dependency-name: github.com/cenkalti/backoff/v4
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Shengwen YU <yshengwen@vmware.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-04-29 12:49:55 +08:00
dependabot[bot]
01a28dc66d
Bump go.opentelemetry.io/otel/sdk from 1.24.0 to 1.26.0 in /src (#20370) 
Bumps [go.opentelemetry.io/otel/sdk](https://github.com/open-telemetry/opentelemetry-go) from 1.24.0 to 1.26.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.24.0...v1.26.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/sdk
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-04-29 10:19:48 +08:00
dependabot[bot]
7306f6d7d9
Bump github.com/golang-migrate/migrate/v4 from 4.16.2 to 4.17.1 in /src (#20317) 
Bumps [github.com/golang-migrate/migrate/v4](https://github.com/golang-migrate/migrate) from 4.16.2 to 4.17.1.
- [Release notes](https://github.com/golang-migrate/migrate/releases)
- [Changelog](https://github.com/golang-migrate/migrate/blob/master/.goreleaser.yml)
- [Commits](https://github.com/golang-migrate/migrate/compare/v4.16.2...v4.17.1)

---
updated-dependencies:
- dependency-name: github.com/golang-migrate/migrate/v4
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Shengwen YU <yshengwen@vmware.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-04-28 17:32:58 +08:00
dependabot[bot]
d7ab8254cc
Bump golang.org/x/net from 0.22.0 to 0.24.0 in /src (#20318) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.22.0 to 0.24.0.
- [Commits](https://github.com/golang/net/compare/v0.22.0...v0.24.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-04-28 15:47:57 +08:00
stonezdj(Daojun Zhang)
fba4c40c65
Delete scan_report when accessory is removed (#20365) 
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-04-27 01:56:30 +00:00
Shengwen YU
9471f5d5a6
fix: update total permission count to 59 (#20352) 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2024-04-26 08:21:27 +00:00
Lichao Xue
dee73a44f3
Fix UI bugs (#20364) 
Signed-off-by: xuelichao <xuel@vmware.com>
 2024-04-26 06:56:23 +00:00
Shengwen YU
c791b39a26
fix: add stop_scan_payload when call stop scan api (#20353) 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2024-04-26 06:13:00 +00:00
Shengwen YU
822784aac8
fix: update to "clr-dg-cell[10]" to fix the pull time tc due to addin… (#20361) 
fix: update to "clr-dg-cell[10]" to fix the pull time tc due to adding an SBOM column

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2024-04-26 04:28:22 +00:00
Shengwen YU
d0cb200ed5
fix: update nightly test case for verifying audit log of image digest (#20354) 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2024-04-26 03:44:00 +00:00
Shengwen YU
0e8dce72be
fix: fresh scanner list when updating scanner (#20366) 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2024-04-26 10:52:11 +08:00
stonezdj(Daojun Zhang)
ec8d692fe6
Add scanner info and report_id to sbom_overview on listing artifact (#20358) 
Add scan_status and report_id when scan has a failed task

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-04-25 17:00:35 +08:00
Shengwen YU
2af02f3b25
fix: update image reference to "@" in audit log when pushing & deleting images (#20348) 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2024-04-24 16:05:14 +08:00
stonezdj(Daojun Zhang)
c80e9bf477
Add 422 in the swagger.yaml (#20344) 
change log level with no content message
  fix time in sbom accessory
  fixes #20342 #20332 #20328

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-04-24 09:57:46 +08:00
stonezdj(Daojun Zhang)
b7d4bf0d07
Log and skip adapter ping error when retrieve adapter capability (#20314) 
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-04-22 09:43:04 +00:00
MinerYang
ea3cd06171
add prepare migration script for 2.11.0 (#20315) 
Signed-off-by: yminer <yminer@vmware.com>

correct jaeger agent_host

update ip_family part
 2024-04-22 16:34:08 +08:00
Shengwen YU
9b164f3fee
feat: add tc for limited guest of a project to get repository (#20311) 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2024-04-22 06:36:35 +00:00
Lichao Xue
e7fce62723
Wrong values shown for the columns of support_sbom and support_vulnerability in scanner list (#20308) 
Fix wrong value shown for the columns of support_sbom and support_vulnerability in scanner list

Signed-off-by: xuelichao <xuel@vmware.com>
 2024-04-22 13:29:48 +08:00
stonezdj(Daojun Zhang)
d759429831
Set default capability for old scanners (#20306) 
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
 2024-04-20 10:37:30 +08:00
stonezdj(Daojun Zhang)
0d9dc4b4a4
Add enableCapabilities to extraAttrs for stop (#20299) 
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-04-19 07:36:56 +00:00
Lichao Xue
b3dc183f47
Fixed an issue where the scan stop button can only be clicked once (#20302) 
Signed-off-by: xuelichao <xuel@vmware.com>
 2024-04-19 13:01:54 +08:00
stonezdj(Daojun Zhang)
9c3fc28250
Allow generate sbom in proxy cache project (#20298) 
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-04-19 02:14:28 +00:00
Lichao Xue
e8907a47ab
SBOM UI feature implementation (#19946) 
* draft: sbom UI feature implementation

Signed-off-by: xuelichao <xuel@vmware.com>

* refactor based on swagger yaml changes

Signed-off-by: xuelichao <xuel@vmware.com>

* update scan type for scan and stop sbom request

Signed-off-by: xuelichao <xuel@vmware.com>

---------

Signed-off-by: xuelichao <xuel@vmware.com>
 2024-04-18 08:22:11 +00:00
Ikko Eltociear Ashimine
4fd11ce072
refactor: update controller.go (#20297) 
minor fix

Signed-off-by: Ikko Eltociear Ashimine <eltociear@gmail.com>
Co-authored-by: MinerYang <yminer@vmware.com>
 2024-04-18 14:26:03 +08:00
stonezdj(Daojun Zhang)
2ea7d09412
skip to log scan sbom accessory for sbom accessory (#20290) 
Avoid to log the generate SBOM failure message when the artifact is SBOM in webhook event

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-04-17 14:51:11 +00:00
stonezdj(Daojun Zhang)
fb2e0042d0
Rename scan request type (#20288) 
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-04-17 09:52:50 +00:00
Shengwen YU
6709c789fb
feat: add test case for customizing OIDC provider name (#20287) 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2024-04-17 15:52:58 +08:00
stonezdj(Daojun Zhang)
654aa8edcf
Add generate SBOM feature (#20251) 
* Add SBOM scan feature

  Add scan handler for sbom
  Delete previous sbom accessory before the job service

Signed-off-by: stonezdj <daojunz@vmware.com>

* fix issue

Signed-off-by: stonezdj <stone.zhang@broadcom.com>

---------

Signed-off-by: stonezdj <daojunz@vmware.com>
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
Co-authored-by: stonezdj <daojunz@vmware.com>
 2024-04-16 13:34:19 +00:00
Shengwen YU
67c03ddc4f
fix: update TRIVYVERSION=v0.50.1 && TRIVYADAPTERVERSION=v0.31.0 (#20285) 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2024-04-16 18:37:16 +08:00
Wang Yan
550bf1d750
fix issue 20269 (#20274) 
By default, use the nvd score as the primary score, and if it is unavailable, fallback to the redhat score.
fix #20269

Signed-off-by: wang yan <wangyan@vmware.com>
 2024-04-16 16:49:52 +08:00
Shengwen YU
91efec1e2a
fix: update the image reference format for audit log when pulling image (#20278) 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2024-04-16 11:11:59 +08:00
dependabot[bot]
938c804513
Bump go.uber.org/ratelimit from 0.2.0 to 0.3.1 in /src (#20204) 
Bumps [go.uber.org/ratelimit](https://github.com/uber-go/ratelimit) from 0.2.0 to 0.3.1.
- [Changelog](https://github.com/uber-go/ratelimit/blob/main/CHANGELOG.md)
- [Commits](https://github.com/uber-go/ratelimit/compare/v0.2.0...v0.3.1)

---
updated-dependencies:
- dependency-name: go.uber.org/ratelimit
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
 2024-04-16 10:11:19 +08:00
Iceber Gu
a2507dc3fc
Sending signals by closing the channel (#17917) 
Signed-off-by: Iceber Gu <wei.cai-nat@daocloud.io>
 2024-04-15 12:37:59 +00:00
dependabot[bot]
79dbebd48d
Bump golang.org/x/oauth2 from 0.15.0 to 0.19.0 in /src (#20247) 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.15.0 to 0.19.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.15.0...v0.19.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-04-15 19:04:22 +08:00
dependabot[bot]
b8392968ac
Bump github.com/coreos/go-oidc/v3 from 3.9.0 to 3.10.0 in /src (#20202) 
Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc) from 3.9.0 to 3.10.0.
- [Release notes](https://github.com/coreos/go-oidc/releases)
- [Commits](https://github.com/coreos/go-oidc/compare/v3.9.0...v3.10.0)

---
updated-dependencies:
- dependency-name: github.com/coreos/go-oidc/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-04-15 18:18:53 +08:00