Upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor.git synced 2024-06-29 08:15:06 +02:00
Code Issues Projects Releases Wiki Activity
11,961 Commits 47 Branches 303 Tags 361 MiB
04a140332e
Commit Graph

5822 Commits

Author SHA1 Message Date
ShengqiWang
04a140332e
fix artifact page bug (#19807) 
* fix artifact page bug

* update testcase
 2024-01-15 06:09:56 +00:00
Yang Jiao
eb125419cc
Add verification that robot account duration is not 0 (#19829) 
Signed-off-by: Yang Jiao <yang.jiao@broadcom.com>
 2024-01-15 13:25:56 +08:00
stonezdj(Daojun Zhang)
891f6785f2
Cache image list with digest key (#19801) 
fixes #19429

Signed-off-by: stonezdj <daojunz@vmware.com>
Co-authored-by: stonezdj <daojunz@vmware.com>
 2024-01-11 06:55:35 +00:00
Yang Jiao
7268a3f3e2
Remove robot account update quota permission (#19819) 
Signed-off-by: Yang Jiao <yang.jiao@broadcom.com>
Co-authored-by: Yang Jiao <yang.jiao@broadcom.com>
 2024-01-10 03:07:24 +00:00
Lars Lehtonen
49c5a068ad
registryctl/api/registry/blob: fix dropped test error (#19721) 
Signed-off-by: Lars Lehtonen <lars.lehtonen@gmail.com>
 2024-01-09 12:45:24 +00:00
Maksym Trofimenko
9e5efc99e8
add repository read permission to limitedGuest (#19757) 
Signed-off-by: Maksym Trofimenko <maksym@container-registry.com>
Co-authored-by: Maksym Trofimenko <maksym@container-registry.com>
 2024-01-08 11:42:39 +00:00
dependabot[bot]
f8d2169712
Bump github.com/go-openapi/runtime from 0.19.20 to 0.26.2 in /src (#19763) 
Bumps [github.com/go-openapi/runtime](https://github.com/go-openapi/runtime) from 0.19.20 to 0.26.2.
- [Release notes](https://github.com/go-openapi/runtime/releases)
- [Commits](https://github.com/go-openapi/runtime/compare/v0.19.20...v0.26.2)

---
updated-dependencies:
- dependency-name: github.com/go-openapi/runtime
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Shengwen YU <yshengwen@vmware.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-01-08 16:02:08 +08:00
dependabot[bot]
bb2581c669
Bump gopkg.in/h2non/gock.v1 from 1.0.16 to 1.1.2 in /src (#19765) 
Bumps gopkg.in/h2non/gock.v1 from 1.0.16 to 1.1.2.

---
updated-dependencies:
- dependency-name: gopkg.in/h2non/gock.v1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-01-08 14:42:26 +08:00
Yang Jiao
64a2296b58
Add quota permissions to robot account (#19799) 
Fix #19792

Signed-off-by: Yang Jiao <yang.jiao@broadcom.com>
Co-authored-by: Yang Jiao <yang.jiao@broadcom.com>
 2024-01-08 11:43:22 +08:00
dependabot[bot]
de7ea2849e
Bump github.com/cloudevents/sdk-go/v2 from 2.13.0 to 2.14.0 in /src (#19764) 
Bumps [github.com/cloudevents/sdk-go/v2](https://github.com/cloudevents/sdk-go) from 2.13.0 to 2.14.0.
- [Release notes](https://github.com/cloudevents/sdk-go/releases)
- [Commits](https://github.com/cloudevents/sdk-go/compare/v2.13.0...v2.14.0)

---
updated-dependencies:
- dependency-name: github.com/cloudevents/sdk-go/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-01-08 09:46:21 +08:00
dependabot[bot]
88a4cabcaf
Bump github.com/golang-jwt/jwt/v4 from 4.4.2 to 4.5.0 in /src (#19766) 
Bumps [github.com/golang-jwt/jwt/v4](https://github.com/golang-jwt/jwt) from 4.4.2 to 4.5.0.
- [Release notes](https://github.com/golang-jwt/jwt/releases)
- [Changelog](https://github.com/golang-jwt/jwt/blob/main/VERSION_HISTORY.md)
- [Commits](https://github.com/golang-jwt/jwt/compare/v4.4.2...v4.5.0)

---
updated-dependencies:
- dependency-name: github.com/golang-jwt/jwt/v4
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-05 17:20:40 +08:00
dependabot[bot]
378ff62350
Bump golang.org/x/time from 0.4.0 to 0.5.0 in /src (#19767) 
Bumps [golang.org/x/time](https://github.com/golang/time) from 0.4.0 to 0.5.0.
- [Commits](https://github.com/golang/time/compare/v0.4.0...v0.5.0)

---
updated-dependencies:
- dependency-name: golang.org/x/time
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-01-05 16:15:15 +08:00
ShengqiWang
ed4587b491
update project-SelectScanner modal Default field css (#19753) 
Co-authored-by: Wang Yan <wangyan@vmware.com>
 2024-01-04 02:23:55 +00:00
ShengqiWang
923295c990
add description in scanner page (#19733) 
Signed-off-by: shengqiw <shengqiw@vmware.com>
 2023-12-21 14:52:11 +08:00
dependabot[bot]
49ee3b7759
Bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux from 0.45.0 to 0.46.1 in /src (#19727) 
Bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux

Bumps [go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux](https://github.com/open-telemetry/opentelemetry-go-contrib) from 0.45.0 to 0.46.1.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go-contrib/compare/zpages/v0.45.0...zpages/v0.46.1)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2023-12-21 10:09:50 +08:00
Yang Jiao
6793da72e3
Fix project metadata validate bug (#19746) 
Signed-off-by: Yang Jiao <yang.jiao@broadcom.com>
Co-authored-by: Yang Jiao <yang.jiao@broadcom.com>
 2023-12-20 15:28:07 +08:00
dependabot[bot]
2f2a6462ad
Bump github.com/bmatcuk/doublestar from 1.1.1 to 1.3.4 in /src (#19698) 
Bumps [github.com/bmatcuk/doublestar](https://github.com/bmatcuk/doublestar) from 1.1.1 to 1.3.4.
- [Release notes](https://github.com/bmatcuk/doublestar/releases)
- [Commits](https://github.com/bmatcuk/doublestar/compare/v1.1.1...v1.3.4)

---
updated-dependencies:
- dependency-name: github.com/bmatcuk/doublestar
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2023-12-20 13:33:53 +08:00
dependabot[bot]
41adc7508a
Bump github.com/prometheus/client_golang from 1.14.0 to 1.17.0 in /src (#19699) 
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.14.0 to 1.17.0.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prometheus/client_golang/compare/v1.14.0...v1.17.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2023-12-20 10:48:20 +08:00
dependabot[bot]
dcd3c3dbfd
Bump github.com/coreos/go-oidc/v3 from 3.7.0 to 3.9.0 in /src (#19701) 
Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc) from 3.7.0 to 3.9.0.
- [Release notes](https://github.com/coreos/go-oidc/releases)
- [Commits](https://github.com/coreos/go-oidc/compare/v3.7.0...v3.9.0)

---
updated-dependencies:
- dependency-name: github.com/coreos/go-oidc/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2023-12-19 17:06:32 +08:00
dependabot[bot]
80b3ea5501
Bump golang.org/x/crypto from 0.14.0 to 0.17.0 in /src (#19729) 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.14.0 to 0.17.0.
- [Commits](https://github.com/golang/crypto/compare/v0.14.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2023-12-19 14:19:48 +08:00
MinerYang
b38de22054
bump golang 1.21.5 & fix golangci-lint error (#19722) 
bump golang 1.21.5

update golangci-lint && fix revive error

fix white space lint

Signed-off-by: yminer <yminer@vmware.com>
 2023-12-19 09:41:26 +08:00
dependabot[bot]
5f828ea72f
Bump github.com/go-openapi/errors from 0.19.6 to 0.20.4 in /src (#19697) 
Bumps [github.com/go-openapi/errors](https://github.com/go-openapi/errors) from 0.19.6 to 0.20.4.
- [Commits](https://github.com/go-openapi/errors/compare/v0.19.6...v0.20.4)

---
updated-dependencies:
- dependency-name: github.com/go-openapi/errors
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2023-12-14 12:10:51 +08:00
dependabot[bot]
6b41277b03
Bump sigs.k8s.io/yaml from 1.3.0 to 1.4.0 in /src (#19631) 
Bumps [sigs.k8s.io/yaml](https://github.com/kubernetes-sigs/yaml) from 1.3.0 to 1.4.0.
- [Release notes](https://github.com/kubernetes-sigs/yaml/releases)
- [Changelog](https://github.com/kubernetes-sigs/yaml/blob/master/RELEASE.md)
- [Commits](https://github.com/kubernetes-sigs/yaml/compare/v1.3.0...v1.4.0)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/yaml
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2023-12-08 15:11:38 +08:00
dependabot[bot]
8859f69668
Bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1 in /src (#19636) 
Bumps [github.com/go-jose/go-jose/v3](https://github.com/go-jose/go-jose) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/go-jose/go-jose/releases)
- [Changelog](https://github.com/go-jose/go-jose/blob/v3/CHANGELOG.md)
- [Commits](https://github.com/go-jose/go-jose/compare/v3.0.0...v3.0.1)

---
updated-dependencies:
- dependency-name: github.com/go-jose/go-jose/v3
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2023-12-08 13:20:20 +08:00
dependabot[bot]
af4c6b6f0f
Bump github.com/gorilla/handlers from 1.5.1 to 1.5.2 in /src (#19632) 
Bumps [github.com/gorilla/handlers](https://github.com/gorilla/handlers) from 1.5.1 to 1.5.2.
- [Release notes](https://github.com/gorilla/handlers/releases)
- [Commits](https://github.com/gorilla/handlers/compare/v1.5.1...v1.5.2)

---
updated-dependencies:
- dependency-name: github.com/gorilla/handlers
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2023-12-08 09:59:06 +08:00
dependabot[bot]
2984c2e04b
Bump github.com/robfig/cron/v3 from 3.0.0 to 3.0.1 in /src (#19633) 
Bumps [github.com/robfig/cron/v3](https://github.com/robfig/cron) from 3.0.0 to 3.0.1.
- [Commits](https://github.com/robfig/cron/compare/v3.0.0...v3.0.1)

---
updated-dependencies:
- dependency-name: github.com/robfig/cron/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2023-12-07 17:49:21 +08:00
Shijun Sun
f99a619bc6
Add min-width to the permission column (#19675) 
1. To avoid style confusion

Signed-off-by: AllForNothing <shijun.sun@broadcom.com>
 2023-12-07 05:37:45 +00:00
Shijun Sun
323e11fefb
Update the wording text for the system robot account (#19666) 
Signed-off-by: AllForNothing <shijun.sun@broadcom.com>
 2023-12-05 09:43:02 +00:00
Shijun Sun
469b6a495b
Update the style for the robot acccount ui (#19663) 
1. Fixes #19614
2. Fixes #19617

Signed-off-by: AllForNothing <shijun.sun@broadcom.com>
 2023-12-05 09:00:17 +00:00
Shengwen YU
1cbc901599
fix: upgrade google.golang.org/grpc (#19648) 
fix: upgrade google.golang.org/grpc and go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2023-12-05 16:22:39 +08:00
Wang Yan
7b40dc6f46
fix the landing accessory data (#19661) 
Fix the keywords when to list accessories belong to the subject manifest.

Signed-off-by: wang yan <wangyan@vmware.com>
 2023-12-05 14:14:32 +08:00
Shijun Sun
7fee99b5fe
Update the name checking for the robot account (#19645) 
1. Fixes #19612

Signed-off-by: AllForNothing <shijun.sun@broadcom.com>
 2023-12-05 03:01:40 +00:00
dependabot[bot]
bf251ef0aa
Bump github.com/coreos/go-oidc/v3 from 3.0.0 to 3.7.0 in /src (#19542) 
Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc) from 3.0.0 to 3.7.0.
- [Release notes](https://github.com/coreos/go-oidc/releases)
- [Commits](https://github.com/coreos/go-oidc/compare/v3.0.0...v3.7.0)

---
updated-dependencies:
- dependency-name: github.com/coreos/go-oidc/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2023-11-28 09:31:16 +08:00
Wang Yan
3f72604d57
fix robot account access issue (#19627) 
fixes #19622
Resolve the 403 issue occurring when a robot account, equipped with both system and project scope, attempts to access project resources.

Signed-off-by: wang yan <wangyan@vmware.com>
 2023-11-27 19:16:37 +08:00
dependabot[bot]
e1df9b0a73
Bump golang.org/x/time from 0.0.0-20220210224613-90d013bbcef8 to 0.4.0 in /src (#19541) 
Bump golang.org/x/time in /src

Bumps [golang.org/x/time](https://github.com/golang/time) from 0.0.0-20220210224613-90d013bbcef8 to 0.4.0.
- [Commits](https://github.com/golang/time/commits/v0.4.0)

---
updated-dependencies:
- dependency-name: golang.org/x/time
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2023-11-27 16:58:28 +08:00
Wang Yan
e6900301ce
fix system label resource (#19621) 
Make sure robot can use rbac.Resource(label) to access system level label

Signed-off-by: wang yan <wangyan@vmware.com>
 2023-11-27 13:34:17 +08:00
Shijun Sun
d967ac0fb6
Update the permission scope (#19603) 
1. Update the permission scope
2. Sort the resources and actions by unicode

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-11-22 06:37:31 +00:00
Wang Yan
062d144d22
add permission validation for robot creating and updating. (#19598) 
* add permission validation for robot creating and updating.

It is not allowed to create an new robot with the access outside the predefined scope.

Signed-off-by: wang yan <wangyan@vmware.com>

* Fix robot testcase and update robot permission metadata (#167)

1. Fix robot testcase
2. update robot permission metadata

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
Signed-off-by: wang yan <wangyan@vmware.com>

---------

Signed-off-by: wang yan <wangyan@vmware.com>
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
Co-authored-by: Yang Jiao <72076317+YangJiao0817@users.noreply.github.com>
 2023-11-22 12:51:03 +08:00
Chlins Zhang
43ccd2f09f
perf: optimize the performance of accessory query (#19557) 
1. Add db index for subject_artifact_id in table artifact_accessory.
2. Optimize the SQL of excluding the accessory for artifact count.

Signed-off-by: chlins <chenyuzh@vmware.com>
 2023-11-22 02:11:11 +00:00
Chlins Zhang
553c85eed0
fix: increase beego max memory and upload size (#19578) 
1. Increase the default beego max memory and upload size from 32GB to
   128GB.
2. Support customize the two beego configs from env.

Signed-off-by: chlins <chenyuzh@vmware.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
 2023-11-21 15:36:06 +08:00
Maksym Trofimenko
996e57b511
Feature: GDPR compliant audit logs (#17396) 2023-11-20 21:31:22 +01:00
stonezdj(Daojun Zhang)
307a3121aa
Return empty result when no scanner configured (#19577) 
fixes #19534

Signed-off-by: stonezdj <daojunz@vmware.com>
 2023-11-17 07:29:19 +00:00
Shijun Sun
95b4032201
Correct loop condition for replication tasks (#19570) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-11-15 09:50:06 +00:00
Shijun Sun
da9e263ca7
Avoid menu closure when filtering labels (#19561) 
1. Fixes #19554

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-11-15 17:12:55 +08:00
Shijun Sun
30730c6716
Add a placeholder to the cards for the security-hub (#19536) 
1. Related issue #19249

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-11-15 08:23:07 +00:00
Shijun Sun
7718134301
Add quota sorting to the project quotas list (#19576) 
1. For #16517

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-11-15 07:25:55 +00:00
Shijun Sun
6a6e29570c
Show OIDC provider name on the OIDC login button (#19581) 
1. Related issue #13198

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-11-15 05:23:57 +00:00
stonezdj(Daojun Zhang)
3f6c0298fe
Add oidc provider name to systeminfo API (#19575) 
fixes #13198

Signed-off-by: stonezdj <daojunz@vmware.com>
 2023-11-15 11:00:39 +08:00
Shengwen YU
e941f3272b
fix: sorting quota (#19538) 
fix: sort Project Quotas

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2023-11-13 14:37:41 +08:00
jmichot-exotec
219e4ba48d
19559 cannot see full label easily (#19564) 
* modified label css to allow hover on it

Signed-off-by: Julien Michot <julien.michot.ext@exotec.com>

* modified label css to allow hover on it

Signed-off-by: Julien Michot <julien.michot.ext@exotec.com>

* Update common.scss

Signed-off-by: jmichot-exotec <150228661+jmichot-exotec@users.noreply.github.com>

* used title way to show full label on hover

Signed-off-by: Julien Michot <julien.michot.ext@exotec.com>

---------

Signed-off-by: Julien Michot <julien.michot.ext@exotec.com>
Signed-off-by: jmichot-exotec <150228661+jmichot-exotec@users.noreply.github.com>
Co-authored-by: Julien Michot <julien.michot.ext@exotec.com>
 2023-11-13 04:02:59 +00:00