Commit Graph

10671 Commits

Author SHA1 Message Date
Daniel Jiang
ebe5733f27 Check user in security context before getting the ID
This commit fix a potential nil pointer issue when trying to read User
ID from security context

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-05-18 14:54:58 +08:00
He Weiwei
0c315d8aee
refactor: remove allowlist in GetSummary of scan controller (#14836)
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-05-18 14:01:59 +08:00
Vadim Bauer
1a3335edc5
Provide information about missing RBAC permissions in debug mode. (#14906)
Signed-off-by: Vadim Bauer <vb@container-registry.com>

Co-authored-by: Vadim Bauer <vb@container-registry.com>
2021-05-18 10:02:34 +08:00
Wenkai Yin(尹文开)
aaff28f6ff
Merge pull request #14843 from ninjadq/fix_webhook_parse_chartname
Fix webhook parse chartname panic
2021-05-18 09:30:22 +08:00
Will Sun
0a8ff4c1f9
Update project summary page (#14874)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-05-17 10:39:33 +08:00
Wenkai Yin(尹文开)
e553cbe795
Merge pull request #14887 from wy65701436/golang-15
bump up go to v1.15.12
2021-05-17 10:32:19 +08:00
He Weiwei
73045c55ce
fix: disable x-omitempty for repo_count and chart_count (#14895)
Closes #13664

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-05-17 10:22:51 +08:00
Will Sun
ba68f16b8d
Support searching quota by project name (#14881)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-05-17 09:46:24 +08:00
He Weiwei
7fb1bc538c
refactor: remove unused core/api/models pkg (#14882)
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-05-14 17:15:44 +08:00
Wang Yan
0fb520a33b bump up go to v1.15.12
Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-05-14 15:36:23 +08:00
He Weiwei
6f3607cebd
perf: cache the metadata of the scanner (#14879)
1. Cache the metadata of scanner 30s.
2. Change the scanner client request timeout to 5s.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-05-14 14:27:37 +08:00
Qian Deng
a19f6f8748
Add grafana example for metrics (#14504)
add json file for grafana

Signed-off-by: DQ <dengq@vmware.com>
2021-05-14 14:19:27 +08:00
Ziming
1665dbcbc8
fix(retention) add delete retention API (#14747)
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2021-05-14 14:15:42 +08:00
Daniel Jiang
35c9a98272
Merge pull request #14875 from heww/fix-scan-all
fix: using new ctx to scan artifact when scanAll
2021-05-14 12:56:10 +08:00
He Weiwei
eed91dab45
fix: requires authn for apis of project scanner (#14880)
Closes #14863

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-05-14 11:27:23 +08:00
Daniel Pacak
7e6235bd3b
chore(trivy): Bump up Trivy scanner adapter to v0.19.0 (#14797)
Trivy scanner adpater v0.19.0 comes with Trivy v0.17
which adds support for Java JAR/WAR/EAR archives and
Go binaries scanning.

The release notes are published on
https://github.com/aquasecurity/trivy/releases/tag/v0.17.0

Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
2021-05-14 10:30:17 +08:00
He Weiwei
f800d531ec fix: using new ctx to scan artifact when scanAll
DB transaction failure may break the loop query of the artifacts, the
result is that not all artifacts are scanned in one scan all job. Using
a new DB connection to call the Scan method of the controller to avoid
this problem.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-05-13 12:33:10 +00:00
Daniel Jiang
fa46b0d736
Merge pull request #14095 from jsoref/tokens
Tokens
2021-05-13 13:25:58 +08:00
Daniel Jiang
25c9b9dcb8
Merge pull request #14325 from a-mccarthy/update-2.2
Update support matrix to include 2.2
2021-05-13 11:47:20 +08:00
Wang Yan
ad9569da26
refactor preheat model (#14858)
Move the notification to preheat models

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-05-12 22:29:01 +08:00
DQ
2583107446 Fix panic issue when there are '--' in chart name
let webhook get name function consistent with chartmuseum

Signed-off-by: DQ <dengq@vmware.com>
2021-05-12 14:11:57 +00:00
Qian Deng
17dd48e5a3
Merge pull request #14854 from ninjadq/upgrade_helm_chart
Upgrade helm chart
2021-05-12 19:33:03 +08:00
xiaorunkun
eab4a6161f word correct 2021-05-12 17:08:20 +08:00
stonezdj(Daojun Zhang)
0dfc801a50
Error string should not be capitalized (#14840)
Signed-off-by: stonezdj <stonezdj@gmail.com>
2021-05-12 16:53:37 +08:00
Wenkai Yin(尹文开)
c1f9b14a22
Merge pull request #14860 from ywk253100/210512_dup_task
[cherry-pick]Fix duplicate execution record issue
2021-05-12 16:50:37 +08:00
Wenkai Yin
c04f3a2aac Fix duplicate execution record issue
When the core service cannot response the checkin request in time, duplicated execution records may be created, this commit introduces the revision column to make sure there is only one record for one schedule trigger

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2021-05-12 15:40:52 +08:00
Moshe Immerman
d1b553fd3a
feat: add ORM_DEBUG env option (#14709)
Signed-off-by: Moshe Immerman <moshe@flanksource.com>
2021-05-12 10:56:30 +08:00
Daniel Jiang
bd9a1c6722
Merge pull request #14829 from reasonerjt/user-common-dao-cleanup
Move user related funcs from common/dao
2021-05-12 10:56:18 +08:00
Will Sun
eec3619df1
UI enhancement for replication namespace (#14818)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-05-12 10:11:04 +08:00
stonezdj(Daojun Zhang)
a6d92ca807
Merge pull request #14777 from stonezdj/21apr15_declarative_config
Implement declarative configure feature
2021-05-12 09:21:57 +08:00
Daniel Jiang
6d0e391740 Move user related funcs from common/dao
This commit moves more user related funcs, such as ChangePassword,
Login, ChangeUserProfile from common/dao to rely on /pkg/user and
pkg/oidc.
It also removes the code for resetting user's password as it's disabled.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-05-12 01:12:57 +08:00
Wang Yan
b714baae87
fixes immutable rule issue (#14849)
fixes #14568

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-05-11 23:28:03 +08:00
DQ
04ba4a4033 Upgrade chartmuseum version
from 1.12.0 to 1.13.1

Signed-off-by: DQ <dengq@vmware.com>
2021-05-11 13:51:55 +00:00
DQ
9a974d2b2c Upgrade Helm Client Version
From version 3.1.1 to 3.4.2

Signed-off-by: DQ <dengq@vmware.com>
2021-05-11 13:51:55 +00:00
stonezdj
3825220ca6 Implement declarative configure feature
Add env CONFIG_OVERWRITE_JSON for declarative config
Init config with the json in CONFIG_OVERWRITE_JSON in main.go

Signed-off-by: stonezdj <stonezdj@gmail.com>
2021-05-11 20:58:19 +08:00
Wenkai Yin(尹文开)
5cd7594a6a
Merge pull request #14841 from heww/fix-artifact-size-migration
fix: change art_size to bigint in migrations
2021-05-11 13:26:31 +08:00
He Weiwei
476732df89 fix: change art_size to bigint in migrations
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-05-11 04:01:02 +00:00
Wenkai Yin(尹文开)
48fa2d4d7f
Merge pull request #14834 from danfengliu/fix-ca-import-location-issue-and-statistics-test-issue
Fix ca import location issue and statistics test issue
2021-05-11 11:37:47 +08:00
He Weiwei
0d7250f83d
perf: skip db tx for get, head and options api requests (#14837)
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-05-11 10:54:15 +08:00
danfengliu
072f364d0b Add manifest and CNAB replication tests
1. Add manifest and CNAB replication tests;
2. Duplicate ORAS and sigularity tests from API test to nightly common
tests;
3. Optimize get dns code in CI;
4. Optimize E2E dockerfile;
5. Sample image size should be cover requirement for large size like 512M.

Signed-off-by: danfengliu <danfengl@vmware.com>
2021-05-10 21:47:48 +08:00
Wenkai Yin(尹文开)
e006f4bab5
Support specifying multiple fields for default sorting (#14788)
Support specifying multiple fields for default sorting
Fixes #14433

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2021-05-10 17:04:10 +08:00
Will Sun
3322716bc6
Update storage display (#14807)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-05-07 11:15:13 +08:00
Daniel Jiang
dce3522b4e
Merge pull request #14809 from reasonerjt/bump-up-go-oidc
Bump up go-oidc to v3
2021-05-06 17:15:05 +08:00
Daniel Jiang
8fa45a5338 Bump up go-oidc to v3
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-05-06 16:07:16 +08:00
stonezdj(Daojun Zhang)
c7852df8d3
Remove unused items in legacy_swagger.yaml (#14785)
Also updated the api test

Signed-off-by: stonezdj <stonezdj@gmail.com>
2021-05-06 10:55:33 +08:00
Daniel Jiang
a66809cf85
Remove register and userexists funcs from dao pkg (#14798)
This commit replaces them with funcs with user pkg

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-05-05 17:55:56 +08:00
Wenkai Yin(尹文开)
f8171cdf6e
Merge pull request #14783 from reasonerjt/clean-common-dao-user
Clean up user related funcs in common/dao
2021-04-30 14:10:38 +08:00
stonezdj(Daojun Zhang)
e2794bef9c
Merge pull request #14782 from reasonerjt/rm-sys-cve-legacy-swagger
Remove CVE List related items from legacy swagger doc
2021-04-30 12:39:47 +08:00
stonezdj(Daojun Zhang)
8f16831c75
Merge pull request #14717 from stonezdj/21pr16_verify_ldap_group_settings
Add the ldap group config validation
2021-04-30 10:19:43 +08:00
stonezdj
9010eeb832 Add the ldap group config validation
When ldap_group_search_filter is set, check other required fields
When ldap_group_search_filter is empty, skip to attach group

Signed-off-by: stonezdj <stonezdj@gmail.com>
2021-04-29 22:11:38 +08:00