Commit Graph

10809 Commits

Author SHA1 Message Date
Daniel Jiang
c660727877
Merge pull request #13800 from reasonerjt/authproxy-redirect
Add handler to handle redirect via authproxy
2020-12-23 03:00:18 +08:00
stonezdj(Daojun Zhang)
bc0b6b43ed
Merge pull request #13791 from reasonerjt/oidc-redirect-extra-parm
Add extra parms when forming redirect URI for OIDC
2020-12-22 21:45:53 +08:00
Daniel Jiang
7321e3547d Add handler to handle redirect via authproxy
This commit add a handler to handle the request to
"/c/authproxy/redirect".  Harbor is configured to authenticate against
an authproxy, if a request with query string `?token=xxxx`
is sent to this URI, the handler will do tokenreview according to the
setting of authproxy and simulate a `login` workflow based on the result
of token review.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-12-22 18:59:17 +08:00
He Weiwei
3831e82b20
refactor: remove code of admin job (#13819)
Remove code of admin job as it's not needed by scan all/gc now.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-12-22 11:48:16 +08:00
He Weiwei
8fa03e3739
refactor: remove code of scan all job (#13821)
Remove code of scan all job as it's implemented by execution now.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-12-22 11:39:18 +08:00
Daniel Jiang
9d99dfa82b Replace tilde in install_cert.sh
This commit fixes #13287 to remove the usage of tilde as the $HOME is not available in some
cases.  More details see #13287

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-12-21 20:39:34 +08:00
stonezdj
aa3002e7a5 Add content type and length in header
Fixes #13740
Update ManifestExist to return Descriptor instead of digest
For docker 20.10 or containerd, it HEAD the manifest before pull, then
it GET the manifest with digest, add logic to handle this scenario and
correlate the tag between the digest in proxy cache

Signed-off-by: stonezdj <stonezdj@gmail.com>
2020-12-21 20:21:28 +08:00
Wenkai Yin(尹文开)
53c8ad8228
Merge pull request #13813 from heww/scan-all-apis
refactor(api): move scan all apis to go-swagger
2020-12-21 16:40:09 +08:00
fanjiankong
1b93a9f4b0 Remove some TCR UT Case
Signed-off-by: fanjiankong <fanjiankong@tencent.com>
2020-12-21 16:24:46 +08:00
Qian Deng
31138f12b0
Merge pull request #13806 from ninjadq/fix_python_yaml_load
Fix pythom yaml load to safe_load
2020-12-21 16:04:12 +08:00
Will Sun
86e1732b16
Merge pull request #13817 from AllForNothing/filter
Fix filter bug for replication tasks page
2020-12-21 16:02:39 +08:00
Qian Deng
9197471e70
Add Scan for internal tls (#13810)
Signed-off-by: DQ <dengq@vmware.com>
2020-12-21 15:23:11 +08:00
AllForNothing
b749ba4e54 Fix filter bug for replication tasks page
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-12-21 15:11:35 +08:00
He Weiwei
ce6ed3eeb7 refactor(api): move scan all apis to go-swagger
Move scan all APIs from beego to go-swagger.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-12-21 02:17:02 +00:00
Wang Yan
9bc6f3cee4
fix robot account update issue (#13741)
* fix robot account update issue

enable the update method to support both v1 & v2 robot update

Signed-off-by: Wang Yan <wangyan@vmware.com>

* resolve review comments

Signed-off-by: Wang Yan <wangyan@vmware.com>
2020-12-18 20:01:26 +08:00
danfengliu
045f0aab45
Merge pull request #13750 from danfengliu/add-py-test-for-scan-manifest-list
Add py-test for scan manifest list and CNAB bundle
2020-12-18 17:34:41 +08:00
danfengliu
4f0842bd23 Add py-test for scan manifest list and CNAB bundle
Due to complicate logic of scan report in multi-level artifacts, should add scan tests
for into manifest list and CNAB bundle python test suit.

Signed-off-by: danfengliu <danfengl@vmware.com>
2020-12-18 16:37:53 +08:00
Wang Yan
6bc1047013
migration admin job data (#13766)
1, migrate gc and scan all schedule to schedule/task/exectuion
2, migrate gc history to task/execution

Signed-off-by: Wang Yan <wangyan@vmware.com>
2020-12-18 16:35:24 +08:00
Will Sun
4392a626f3
Merge pull request #13804 from AllForNothing/scan-all
Fix robot account UI issues
2020-12-18 15:48:26 +08:00
Wang Yan
e9797d7c16
fix gc log not found issue (#13790)
It needs to use the execution ID to get task firstly and then use the required task id to query GC log

Signed-off-by: Wang Yan <wangyan@vmware.com>
2020-12-18 14:50:50 +08:00
Qian Deng
64fcfeaa2f
Merge pull request #13754 from ninjadq/fix_loglevel_parsing_for_registry
Fix log level issue in registry
2020-12-18 14:47:15 +08:00
AllForNothing
b20cc474b3 Fix robot account UI issues
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-12-18 14:11:08 +08:00
stonezdj(Daojun Zhang)
98f3c5d452
Merge pull request #13803 from stonezdj/201212_revert_add_contenttype
Revert "Add content type and length in header"
2020-12-18 13:22:30 +08:00
stonezdj
3334defd92 Revert "fix issue"
This reverts commit e6f80259
This reverts commit 918fe125

Signed-off-by: stonezdj <stonezdj@gmail.com>

Revert "Add content type and length in header"

This reverts commit ca379111

Signed-off-by: stonezdj <stonezdj@gmail.com>
2020-12-18 12:35:39 +08:00
stonezdj(Daojun Zhang)
05f327cfbd
Merge pull request #13751 from stonezdj/201211_add_content_type_length
Add content type and length in header
2020-12-17 18:19:38 +08:00
Wang Yan
dfe678457f
fixes robot account list permission issue (#13792)
fixes #13786, do not add the removed project into the permission list of a system level robot account.

Signed-off-by: Wang Yan <wangyan@vmware.com>
2020-12-17 17:50:14 +08:00
He Weiwei
792dcc4ac3
fix(scan): returns 400 when artifact not support by scanner (#13785)
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-12-17 16:58:49 +08:00
stonezdj
e6f80259f7 fix issue
Signed-off-by: stonezdj <stonezdj@gmail.com>
2020-12-17 16:33:17 +08:00
He Weiwei
164acad24f
build: add cleanbaseimage target in Makefile (#13777)
Add cleanbaseimage target in Makefile, and append it to the dependencies
of the cleanall target.

Closes #13602

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-12-17 16:18:12 +08:00
stonezdj
918fe125b7 fix issue
Signed-off-by: stonezdj <stonezdj@gmail.com>
2020-12-17 16:17:56 +08:00
stonezdj
ca37911113 Add content type and length in header
Fixes #13740
Update ManifestExist to return Descriptor instead of digest

Signed-off-by: stonezdj <stonezdj@gmail.com>
2020-12-17 15:42:49 +08:00
Daniel Jiang
bc2a161f13
Merge pull request #13789 from heww/fix-codeql-errors
fix: fix errors detected by codeql
2020-12-17 15:16:51 +08:00
He Weiwei
18b850782e fix: fix errors detected by codeql
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-12-17 06:15:34 +00:00
Daniel Jiang
c1c55d0cee Add extra parms when forming redirect URI for OIDC
Fixes #13092

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-12-16 19:41:13 +08:00
DQ
234b29e170 Fix pythom yaml load to safe_load
Signed-off-by: DQ <dengq@vmware.com>
2020-12-16 14:59:06 +08:00
Daniel Jiang
b0c8cadad7
Add default CVE allowlist to project library (#13770)
fixes #12700

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-12-16 14:20:56 +08:00
Daniel Jiang
3b04d2f8f5
Escape the values to contains operator in dao packages (#13774)
fixes #13018

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-12-16 14:19:20 +08:00
Will Sun
488d802a2b
Merge pull request #13768 from AllForNothing/permission-list
Add new permissions to robot account
2020-12-16 13:30:24 +08:00
Wang Yan
01eb60c36b
add permission checking for gc operation (#13756)
Signed-off-by: Wang Yan <wangyan@vmware.com>
2020-12-15 23:27:12 +08:00
AllForNothing
055572df3d Add new permissions to robot account
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-12-15 18:34:37 +08:00
stonezdj(Daojun Zhang)
1eb0287ecb
Merge pull request #13709 from stonezdj/201209_dockerhub_limit2
Cache manifest list for proxy cache
2020-12-15 14:03:39 +08:00
Will Sun
6849cd03a9
Merge pull request #13719 from sluetze/13568-typofix
fixed small typos in variable names
2020-12-15 13:47:30 +08:00
stonezdj
670a94835b Cache manifest list for proxy cache
Fixes #13566: Quota of dockerhub is still used in v2.1.1 after the image is cached
Cache manifest list in redis cache.
Trade off between efficiency and data integrity, it might cause the proxy cache return the full content of a manifest list instead of the actual manifest list saved in the Harbor storage, which is a part of the manifest list. but this change doesn't break any /v2/ API, just caches full manifest list.

Signed-off-by: stonezdj <stonezdj@gmail.com>
2020-12-15 11:30:30 +08:00
He Weiwei
10e4350360
test(cache): increase sleep time to fix ut (#13761)
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-12-14 19:22:42 +08:00
Wenkai Yin(尹文开)
fd900889c1
Merge pull request #13729 from ywk253100/201210_fix
Tiny fixes for task manager
2020-12-14 18:41:46 +08:00
Wenkai Yin(尹文开)
c6bfa04661
Merge pull request #13759 from bitsf/fix_tencenttcr_getAdapterInfo
fix_tencenttcr_getAdapterInfo
2020-12-14 17:30:22 +08:00
Wenkai Yin
69808f033e Tiny fixes for task manager
1. Add update time for execution
2. Add unique constraint for schedule to avoid dup records when updating policies
3. Format replication log
4. Keep the webhook handler for legacy replication jobs to avoid jobservice resending the status change request

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-12-14 17:26:32 +08:00
Will Sun
fff1bbe8d9
Merge pull request #13757 from AllForNothing/new-auth-mode
Add admin groups parameter to http auth
2020-12-14 17:02:24 +08:00
AllForNothing
11b706adeb Add admin groups parameter to http auth
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-12-14 16:02:34 +08:00
Ziming Zhang
d8b5746df1 fix_tencenttcr_getAdapterInfo
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2020-12-14 16:02:19 +08:00