Daniel Jiang
c660727877
Merge pull request #13800 from reasonerjt/authproxy-redirect
...
Add handler to handle redirect via authproxy
2020-12-23 03:00:18 +08:00
stonezdj(Daojun Zhang)
bc0b6b43ed
Merge pull request #13791 from reasonerjt/oidc-redirect-extra-parm
...
Add extra parms when forming redirect URI for OIDC
2020-12-22 21:45:53 +08:00
Daniel Jiang
7321e3547d
Add handler to handle redirect via authproxy
...
This commit add a handler to handle the request to
"/c/authproxy/redirect". Harbor is configured to authenticate against
an authproxy, if a request with query string `?token=xxxx`
is sent to this URI, the handler will do tokenreview according to the
setting of authproxy and simulate a `login` workflow based on the result
of token review.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-12-22 18:59:17 +08:00
He Weiwei
3831e82b20
refactor: remove code of admin job ( #13819 )
...
Remove code of admin job as it's not needed by scan all/gc now.
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-12-22 11:48:16 +08:00
He Weiwei
8fa03e3739
refactor: remove code of scan all job ( #13821 )
...
Remove code of scan all job as it's implemented by execution now.
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-12-22 11:39:18 +08:00
Daniel Jiang
9d99dfa82b
Replace tilde in install_cert.sh
...
This commit fixes #13287 to remove the usage of tilde as the $HOME is not available in some
cases. More details see #13287
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-12-21 20:39:34 +08:00
stonezdj
aa3002e7a5
Add content type and length in header
...
Fixes #13740
Update ManifestExist to return Descriptor instead of digest
For docker 20.10 or containerd, it HEAD the manifest before pull, then
it GET the manifest with digest, add logic to handle this scenario and
correlate the tag between the digest in proxy cache
Signed-off-by: stonezdj <stonezdj@gmail.com>
2020-12-21 20:21:28 +08:00
Wenkai Yin(尹文开)
53c8ad8228
Merge pull request #13813 from heww/scan-all-apis
...
refactor(api): move scan all apis to go-swagger
2020-12-21 16:40:09 +08:00
fanjiankong
1b93a9f4b0
Remove some TCR UT Case
...
Signed-off-by: fanjiankong <fanjiankong@tencent.com>
2020-12-21 16:24:46 +08:00
Qian Deng
31138f12b0
Merge pull request #13806 from ninjadq/fix_python_yaml_load
...
Fix pythom yaml load to safe_load
2020-12-21 16:04:12 +08:00
Will Sun
86e1732b16
Merge pull request #13817 from AllForNothing/filter
...
Fix filter bug for replication tasks page
2020-12-21 16:02:39 +08:00
Qian Deng
9197471e70
Add Scan for internal tls ( #13810 )
...
Signed-off-by: DQ <dengq@vmware.com>
2020-12-21 15:23:11 +08:00
AllForNothing
b749ba4e54
Fix filter bug for replication tasks page
...
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-12-21 15:11:35 +08:00
He Weiwei
ce6ed3eeb7
refactor(api): move scan all apis to go-swagger
...
Move scan all APIs from beego to go-swagger.
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-12-21 02:17:02 +00:00
Wang Yan
9bc6f3cee4
fix robot account update issue ( #13741 )
...
* fix robot account update issue
enable the update method to support both v1 & v2 robot update
Signed-off-by: Wang Yan <wangyan@vmware.com>
* resolve review comments
Signed-off-by: Wang Yan <wangyan@vmware.com>
2020-12-18 20:01:26 +08:00
danfengliu
045f0aab45
Merge pull request #13750 from danfengliu/add-py-test-for-scan-manifest-list
...
Add py-test for scan manifest list and CNAB bundle
2020-12-18 17:34:41 +08:00
danfengliu
4f0842bd23
Add py-test for scan manifest list and CNAB bundle
...
Due to complicate logic of scan report in multi-level artifacts, should add scan tests
for into manifest list and CNAB bundle python test suit.
Signed-off-by: danfengliu <danfengl@vmware.com>
2020-12-18 16:37:53 +08:00
Wang Yan
6bc1047013
migration admin job data ( #13766 )
...
1, migrate gc and scan all schedule to schedule/task/exectuion
2, migrate gc history to task/execution
Signed-off-by: Wang Yan <wangyan@vmware.com>
2020-12-18 16:35:24 +08:00
Will Sun
4392a626f3
Merge pull request #13804 from AllForNothing/scan-all
...
Fix robot account UI issues
2020-12-18 15:48:26 +08:00
Wang Yan
e9797d7c16
fix gc log not found issue ( #13790 )
...
It needs to use the execution ID to get task firstly and then use the required task id to query GC log
Signed-off-by: Wang Yan <wangyan@vmware.com>
2020-12-18 14:50:50 +08:00
Qian Deng
64fcfeaa2f
Merge pull request #13754 from ninjadq/fix_loglevel_parsing_for_registry
...
Fix log level issue in registry
2020-12-18 14:47:15 +08:00
AllForNothing
b20cc474b3
Fix robot account UI issues
...
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-12-18 14:11:08 +08:00
stonezdj(Daojun Zhang)
98f3c5d452
Merge pull request #13803 from stonezdj/201212_revert_add_contenttype
...
Revert "Add content type and length in header"
2020-12-18 13:22:30 +08:00
stonezdj
3334defd92
Revert "fix issue"
...
This reverts commit e6f80259
This reverts commit 918fe125
Signed-off-by: stonezdj <stonezdj@gmail.com>
Revert "Add content type and length in header"
This reverts commit ca379111
Signed-off-by: stonezdj <stonezdj@gmail.com>
2020-12-18 12:35:39 +08:00
stonezdj(Daojun Zhang)
05f327cfbd
Merge pull request #13751 from stonezdj/201211_add_content_type_length
...
Add content type and length in header
2020-12-17 18:19:38 +08:00
Wang Yan
dfe678457f
fixes robot account list permission issue ( #13792 )
...
fixes #13786 , do not add the removed project into the permission list of a system level robot account.
Signed-off-by: Wang Yan <wangyan@vmware.com>
2020-12-17 17:50:14 +08:00
He Weiwei
792dcc4ac3
fix(scan): returns 400 when artifact not support by scanner ( #13785 )
...
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-12-17 16:58:49 +08:00
stonezdj
e6f80259f7
fix issue
...
Signed-off-by: stonezdj <stonezdj@gmail.com>
2020-12-17 16:33:17 +08:00
He Weiwei
164acad24f
build: add cleanbaseimage target in Makefile ( #13777 )
...
Add cleanbaseimage target in Makefile, and append it to the dependencies
of the cleanall target.
Closes #13602
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-12-17 16:18:12 +08:00
stonezdj
918fe125b7
fix issue
...
Signed-off-by: stonezdj <stonezdj@gmail.com>
2020-12-17 16:17:56 +08:00
stonezdj
ca37911113
Add content type and length in header
...
Fixes #13740
Update ManifestExist to return Descriptor instead of digest
Signed-off-by: stonezdj <stonezdj@gmail.com>
2020-12-17 15:42:49 +08:00
Daniel Jiang
bc2a161f13
Merge pull request #13789 from heww/fix-codeql-errors
...
fix: fix errors detected by codeql
2020-12-17 15:16:51 +08:00
He Weiwei
18b850782e
fix: fix errors detected by codeql
...
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-12-17 06:15:34 +00:00
Daniel Jiang
c1c55d0cee
Add extra parms when forming redirect URI for OIDC
...
Fixes #13092
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-12-16 19:41:13 +08:00
DQ
234b29e170
Fix pythom yaml load to safe_load
...
Signed-off-by: DQ <dengq@vmware.com>
2020-12-16 14:59:06 +08:00
Daniel Jiang
b0c8cadad7
Add default CVE allowlist to project library ( #13770 )
...
fixes #12700
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-12-16 14:20:56 +08:00
Daniel Jiang
3b04d2f8f5
Escape the values to contains
operator in dao packages ( #13774 )
...
fixes #13018
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-12-16 14:19:20 +08:00
Will Sun
488d802a2b
Merge pull request #13768 from AllForNothing/permission-list
...
Add new permissions to robot account
2020-12-16 13:30:24 +08:00
Wang Yan
01eb60c36b
add permission checking for gc operation ( #13756 )
...
Signed-off-by: Wang Yan <wangyan@vmware.com>
2020-12-15 23:27:12 +08:00
AllForNothing
055572df3d
Add new permissions to robot account
...
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-12-15 18:34:37 +08:00
stonezdj(Daojun Zhang)
1eb0287ecb
Merge pull request #13709 from stonezdj/201209_dockerhub_limit2
...
Cache manifest list for proxy cache
2020-12-15 14:03:39 +08:00
Will Sun
6849cd03a9
Merge pull request #13719 from sluetze/13568-typofix
...
fixed small typos in variable names
2020-12-15 13:47:30 +08:00
stonezdj
670a94835b
Cache manifest list for proxy cache
...
Fixes #13566 : Quota of dockerhub is still used in v2.1.1 after the image is cached
Cache manifest list in redis cache.
Trade off between efficiency and data integrity, it might cause the proxy cache return the full content of a manifest list instead of the actual manifest list saved in the Harbor storage, which is a part of the manifest list. but this change doesn't break any /v2/ API, just caches full manifest list.
Signed-off-by: stonezdj <stonezdj@gmail.com>
2020-12-15 11:30:30 +08:00
He Weiwei
10e4350360
test(cache): increase sleep time to fix ut ( #13761 )
...
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-12-14 19:22:42 +08:00
Wenkai Yin(尹文开)
fd900889c1
Merge pull request #13729 from ywk253100/201210_fix
...
Tiny fixes for task manager
2020-12-14 18:41:46 +08:00
Wenkai Yin(尹文开)
c6bfa04661
Merge pull request #13759 from bitsf/fix_tencenttcr_getAdapterInfo
...
fix_tencenttcr_getAdapterInfo
2020-12-14 17:30:22 +08:00
Wenkai Yin
69808f033e
Tiny fixes for task manager
...
1. Add update time for execution
2. Add unique constraint for schedule to avoid dup records when updating policies
3. Format replication log
4. Keep the webhook handler for legacy replication jobs to avoid jobservice resending the status change request
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-12-14 17:26:32 +08:00
Will Sun
fff1bbe8d9
Merge pull request #13757 from AllForNothing/new-auth-mode
...
Add admin groups parameter to http auth
2020-12-14 17:02:24 +08:00
AllForNothing
11b706adeb
Add admin groups parameter to http auth
...
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-12-14 16:02:34 +08:00
Ziming Zhang
d8b5746df1
fix_tencenttcr_getAdapterInfo
...
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2020-12-14 16:02:19 +08:00