Daniel Jiang
052521b92c
Merge pull request #3821 from reasonerjt/uaa-restriction
...
Refactor the configuraiton of UAA
2017-12-19 19:36:09 +08:00
Tan Jiang
2ffc58a5d4
Refactor the configuraiton of UAA
...
Remove the attribute "uaa_ca_root" from harbor.cfg and introduce
"uaa_verify_cert". Similar to LDAP settings, this allow user to
explicitly turn of the cert verification against UAA server, such that
the code will work with self-signed certificate.
2017-12-19 14:42:07 +08:00
wangyan
6b7df3636c
Temporary workaround for photon distro-sync error
2017-12-18 22:18:21 -08:00
wangyan
1e750a1ed4
Unify images tags and build process
2017-12-14 23:52:18 -08:00
Wenkai Yin
a54b7dd4c0
Merge remote-tracking branch 'upstream/master' into 171219_merge
2017-12-15 08:48:57 +08:00
Wenkai Yin
665a54edc3
Merge remote-tracking branch 'upstream/master' into 171213_merge
2017-12-13 13:40:24 +08:00
yixingjia
ec269047c7
Merge pull request #3736 from yixingjia/HA
...
HA installation script
2017-12-12 16:27:28 +08:00
yixingjia
f4d0fd4d23
Merge pull request #3640 from yixingjia/moveconftoDB
...
Add database driver for Harbor configurations
2017-12-11 10:42:05 +08:00
yixingj
d328e2586e
HA installation script
...
Add --ha options when install Harbor.
Currently it does nothing.
2017-12-07 22:56:57 +08:00
wangyan
8cd5ac5171
Update prepare chmod to support python3
2017-12-07 00:31:02 -08:00
yixingj
9b03c93afd
Add database driver for Harbor configurations
...
1>Add a new database driver for configurations
2> change the current default driver from json
to database
2017-12-06 13:06:54 +08:00
stone
30e536b18b
Merge pull request #3683 from stonezdj/local_ldap_enhance
...
Ldap enhancement
2017-11-27 14:36:20 +08:00
Wenkai Yin
6b0ee138e5
Implement immediate trigger and the methods of WatchList
2017-11-27 14:23:21 +08:00
A31882(Wu Yi Chung)
0ae6eccde4
Replace Nginx-Proxy with Ingress
2017-11-27 09:25:24 +08:00
A31882(Wu Yi Chung)
ae2b702ea5
Replace ReplicationController with Deployment
2017-11-24 16:50:09 +08:00
A31882(Wu Yi Chung)
ee8144b98a
change config path to fit with what defined in Dockerfile
2017-11-24 16:28:17 +08:00
stonezdj
16243cfbbc
Add LDAP remote certifcate validation
...
push test
Add unit test for ldap verify cert
remove common.VerifyRemoteCert
Update code with PR review comments
Add change ldaps config and add UT testcase for TLS feature
add ldap verfiy cert checkbox about #3513
Draft harbor ova install guide
Search and import ldap user when add project members
Add unit test case for SearchAndImportUser
ova guide
Add ova install guide
Add ova install guide 2
Add ova install guide 3
Call ValidateLdapConf before search ldap
trim space in username
Remove leading space in openLdap username
Remove doc change in this branch
Update unit test for ldap search and import user
Add test case about ldap verify cert checkbox
Modify ldap testcase
2017-11-24 12:41:51 +08:00
yixingj
0af4e3a41d
Fix clair permission issue
...
Clair will call bzr, without -H in sudo it will usr root user's
Home envrionment.
2017-11-23 20:03:57 +08:00
Daniel Jiang
a409cf8088
Merge pull request #3648 from reasonerjt/rebuild-images
...
[Upload Build]Bump up mariaDB's version
2017-11-21 23:47:45 +08:00
Yan
bef15d6180
Merge pull request #3655 from reasonerjt/scanjob-permission-fix
...
Fix permission issue in job_log directory
2017-11-21 23:28:39 +08:00
reasonerjt
074aa352ba
Bump up mariaDB's version
2017-11-21 06:42:41 -08:00
Tan Jiang
b3e0af2382
Fix permission issue in job_log directory
2017-11-21 19:31:15 +08:00
yixingj
ceba1fd629
Fix Clair config permission issue
...
Change config file own to clair
2017-11-21 17:48:48 +08:00
Tan Jiang
e60de3e39d
Update the log level of registry to info
2017-11-20 00:08:47 +08:00
reasonerjt
1f5a9cdee8
Fix issue in Docker files
...
1)Fix a syntax error in clair Dockerfile
2)Fix permission issue in database migrator image.
2017-11-16 01:15:59 -08:00
Ben Sebastian
ef14b1f308
Use dumb-init for Clair entrypoint ( #3361 )
2017-11-16 00:02:09 -06:00
yixingjia
effa92e7f0
Merge pull request #3605 from reasonerjt/dockerfile-refine
...
Refine the Dockerfile
2017-11-13 18:50:12 -08:00
Tan Jiang
6d7c028729
Refine the Dockerfile
...
Refine the Dockerfile to remove temporary workarounds.
Also fixes #3587 , to make sure the configuration files of rsyslog can be
read by uid 10000.
2017-11-13 18:04:17 +08:00
Yan
e91fa5f7a5
Merge pull request #3489 from Evalle/fix-notary-link
...
ISSUE-3460 - Fix link to Notary repo
2017-11-13 16:19:06 +08:00
Daniel Jiang
01493508c1
Merge pull request #3589 from yixingjia/noroot_notary
...
Run notary related images with user notary
2017-11-12 22:56:59 -06:00
Evgeny Shmarnev
6c07689d85
Fix link to Notary repo
2017-11-10 11:16:37 +01:00
yixingj
12abeb0a36
Run notary related images with user notary
...
1>Change the user from root to notary
2>Update the images.
2017-11-10 14:38:41 +08:00
reasonerjt
19a13e8575
Deprivilege harbor-ui harbor-jobservice harbor-adminserver
...
Use non-root user to run the service within these docker images, and provide HEALTHCHECK
mechanism.
2017-11-09 03:09:09 -08:00
Wenkai Yin
367c2b142f
Merge pull request #3571 from ywk253100/171107_log_rotate
...
Improve log rotation configurability
2017-11-09 15:19:18 +08:00
Wenkai Yin
66b9699ac2
Improve log rotation configurability
2017-11-09 14:33:05 +08:00
Daniel Jiang
b654a55e85
Merge pull request #3546 from yixingjia/noroot_clair
...
Run clair with limited user
2017-11-08 13:51:16 +08:00
yixingj
e9d1b89936
Run clair with limited user
...
1>creat user clair
2>run clair with user clair
2017-11-08 12:31:35 +08:00
Daniel Jiang
8dfe5f0bfc
Merge pull request #3536 from ywk253100/171102_fail_earlier
...
Fail earlier when found database schema dismatch
2017-11-07 15:01:14 +08:00
Wenkai Yin
5293a9287b
Fail earlier when found database schema dismatch
2017-11-07 13:07:56 +08:00
reasonerjt
9382cac934
Remove the Dockerfile of rsyslog image
2017-11-05 21:52:23 -08:00
Tan Jiang
512384722a
Make the internal URL of UI and JobService configurable
2017-11-03 20:43:25 +08:00
root
6f335bdb1a
Deprivilege harobr-log, harbor-db, registry image.
...
This change involves using non-root user to run the process of the
docker images. Also made update in Dockerfile to make the containers
support "read-only" and introduce "HEALTHCHECK". Note the "read-only"
options are not enabled in docker-compose, to cover the very corner
case when user wants to update the container filesystem manually.
Remove read only option from docker-compose template by default
2017-11-02 23:35:06 -07:00
Daniel Jiang
6a9dc8a133
Merge pull request #3495 from ywk253100/171031_config
...
Add email_insecure and delete verify_remote_cert configuration item from harbor.cfg
2017-11-02 17:47:48 +08:00
Wenkai Yin
51d5df0849
Update replication policy API to support trigger and filter
2017-11-02 14:59:26 +08:00
Daniel Jiang
f7967e22ab
Merge pull request #3482 from yixingjia/ossclairupdate
...
Update Clair base images
2017-11-02 14:23:33 +08:00
yixingjia
8908b75085
Merge pull request #3481 from yixingjia/ossnotaryupdate
...
Update Notary base images and oss package
2017-10-31 19:46:07 -07:00
Daniel Jiang
f7b4218022
Merge pull request #3476 from yixingjia/ossUpdateUI
...
Update UI image oss package to latest
2017-10-31 17:50:03 +08:00
yixingjia
5e54f793e1
Merge pull request #3477 from yixingjia/ossUpdateRegistry
...
Update registry image oss package to latest
2017-10-31 00:40:07 -07:00
Wenkai Yin
f3a4cecdcb
Add email_insecure and delete verify_remote_cert configuration item from harbor.cfg
2017-10-31 13:51:49 +08:00
Wenkai Yin
0ddca31355
Add column id to table project_metadagta as the primary key
2017-10-30 17:37:25 +08:00
yixingj
651cb81389
Update Clair base images
...
1>update clair base iamges to vmware/photon:1.0
2>update oss packages to latest
2017-10-30 17:04:14 +08:00
yixingj
2953ca9967
Update Notary base images and oss package
...
1> Update Notary server image to vmware/photon
2> Update NOtary signer image to vmware/photon
3> update oss package to latest
2017-10-30 14:46:33 +08:00
yixingj
d8919f4da9
Update Clair base images
...
1>update clair base iamges to vmware/photon:1.0
2>update oss packages to latest
2017-10-30 13:50:44 +08:00
yixingj
beefb40d0d
Update Notary base images and oss package
...
1> Update Notary server image to vmware/photon
2> Update NOtary signer image to vmware/photon
3> update oss package to latest
2017-10-30 13:12:47 +08:00
yixingj
d173fd7256
Update registry image oss package to latest
...
1>Change base image to vmware/photon
2>update oss pakcage and remove vim package.
2017-10-30 11:06:48 +08:00
yixingj
c4024f03a1
Update UI image oss package to latest
...
Update base image to photon
Remove vim from the image
2017-10-30 10:56:18 +08:00
Tan Jiang
5b12747761
Fix the bug to change permission of bootstrap scripts
2017-10-27 14:10:48 +08:00
Tan Jiang
2cedfff4b3
Rebuild Harbor DB docker image on top of Maria DB
...
This change reworked the vmware/harbor-db image to build it on top of
vmware/mariadb-photon.
Also made minor change in the entrypoint script of mariadb image to
execute upgrade script during bootstrap, and fix a file permission
issue in the bootstrap scripts.
2017-10-26 12:27:09 +08:00
Daniel Jiang
bda38bd72e
Merge pull request #3451 from reasonerjt/commit-message
...
Provide a template for git commit messages
2017-10-24 19:20:08 +08:00
Tan Jiang
aa84090587
Provide a template for git commit messages
...
Also removed some comment in the entrypoint script.
2017-10-24 17:54:06 +08:00
yixingjia
160c716d83
Merge pull request #3423 from yixingjia/ossrsyslog
...
Update OSS in rsyslog images
2017-10-23 21:11:51 -07:00
yixingjia
844d3a7893
Merge pull request #3424 from yixingjia/ossJobservice
...
Update OSS package in Jobservice
2017-10-23 21:11:37 -07:00
yixingj
20929350b1
Update OSS in rsyslog images
...
1> change to new photon base images
2> update OSS to latest
2017-10-23 16:37:28 +08:00
Daniel Jiang
cf5bcbebb9
Merge pull request #3415 from reasonerjt/mariadb-on-photon
...
Provide Dockerfile and artifacts for building mariadb on photon OS.
2017-10-23 12:19:04 +08:00
yixingj
535e7cadd5
Update OSS in rsyslog images
...
1> change to new photon base images
2> update OSS to latest
2017-10-23 12:02:22 +08:00
yixingj
83a5ab2818
Update OSS package in Jobservice
...
1>update OSS package in Job eservice images
2>use new photon base images
2017-10-23 10:49:27 +08:00
Wenkai Yin
2156750b04
Move certificate verification to target level
...
The certificate verification is on system level before this commit. Moving it
to target level makes the configuration more flexible for different targets.
2017-10-20 15:36:56 +08:00
Tan Jiang
1871011a5d
Provide Dockerfile and artifacts for building mariadb on photon OS.
...
Also update the docker-compose template such that the notary db instance
will be provisioned via the mariadb-photon image.
2017-10-20 14:41:36 +08:00
Wenkai Yin
66b2d0d3f3
Apply project level policies to standalone Harbor
...
The following features are only enabled in integration mode, this commit moves
these to standalone Harbor:
- Content trust policy: only signed images can be pulled
- Vulnerability policy: only images whose severity is below the threshold can be pulled
- Automatic scan policy: automatic scan pushed images
2017-10-19 17:33:28 +08:00
yixingjia
95743f9a81
Merge pull request #3373 from yixingjia/updatenginx
...
Update nginx images OSS to latest
2017-10-17 22:13:11 -07:00
yixingjia
98472237e5
Merge pull request #3389 from yixingjia/updateadminserver
...
Update OSS packages in adminserver images
2017-10-17 22:12:56 -07:00
yixingj
0f3380c3ef
user change image tag to 20170928
...
due to photon os images 1.0 has bugs.
fallback to 20170928, we shuld change this to 1.0
when the bug fixed.
2017-10-17 16:55:30 +08:00
yixingj
7cf47fafc4
Update docker file
2017-10-17 15:33:07 +08:00
yixingj
882b077d2f
Update OSS packages in adminserver images
...
remove unneeded packages
move to vmware/photon images base
2017-10-17 14:56:34 +08:00
Daniel Jiang
e6874cf9f1
Merge pull request #3383 from reasonerjt/uaa-integration
...
Make the root CA certificate of UAA configurable
2017-10-17 12:20:22 +08:00
Daniel Jiang
b5551af27f
Merge pull request #3382 from ywk253100/171013_rotate
...
Make log rotate days configurable
2017-10-17 11:22:46 +08:00
yixingj
4e9e6b2641
Update adminserver software images
2017-10-17 10:54:00 +08:00
Tan Jiang
eab6b43d99
Make the root CA certificate of UAA should be configurable
2017-10-16 17:40:29 +08:00
Wenkai Yin
bc3d859571
make log rotate days configurable
2017-10-16 17:09:28 +08:00
yixingj
28b60bd197
Update nginx images OSS to latest
...
1>update nginx images OSS to latest
2>Fix nginx version issue
2017-10-13 15:25:19 +08:00
yixingj
3dc0f65fb3
Update OSS in postgresql image
...
1> update OSS in postgresql image
2> update postgresql to 9.6.5
2017-10-12 17:08:47 +08:00
Tan Jiang
51286d9baa
Provide UAA authenticator for password based authentication.
2017-10-07 00:16:53 +08:00
Daniel Jiang
ddaad98526
Merge pull request #3307 from wy65701436/add-build-notary
...
build scripts for notary(signer/server) docker images based on photon 1.0
2017-09-29 17:23:19 +08:00
Daniel Jiang
1bc4db0ec8
Merge pull request #3340 from reasonerjt/k8s-deploy
...
Refine doc, rename script.
2017-09-29 16:42:08 +08:00
Wenkai Yin
b2420c035f
Merge pull request #3336 from ywk253100/170927_pro_policy
...
Implement the default project metadata manager
2017-09-28 17:21:43 +08:00
Tan Jiang
72b9c5f39e
Refine document to add limitation and clarify loading the image, also update the name of prepare script to k8s-prepare, to differentiate the default one.
2017-09-28 16:28:59 +08:00
Wenkai Yin
e495357d98
implement the default project metadata manager
2017-09-28 16:17:51 +08:00
Daniel Jiang
21c4e45cd3
Merge pull request #3302 from reasonerjt/k8s-deploy
...
Refine k8s deployment scripts and document
2017-09-28 13:02:08 +08:00
wangyan
c2e4e9aa1b
remove the binary files from commit, and get them from the private repo.
2017-09-26 17:52:34 +08:00
wangyan
0aac7832eb
automate scripts for notary(signer/server) docker images bases on photon 1.0, code is not based on 0.5.0
...
remove the binary temp folder, just keep on binary path.
2017-09-26 17:21:50 +08:00
Tan Jiang
0615f7ba9b
Refine k8s deployment scripts and document
2017-09-26 13:57:44 +08:00
yixingj
2a53c64c59
move database configuration to HA only seciton
2017-09-25 13:33:45 +08:00
yixingj
6df2623956
Merge branch 'makedatabgaseconfigurable' of github.com:yixingjia/harbor into makedatabgaseconfigurable
2017-09-25 13:31:35 +08:00
yixingj
357004fbf1
Make Harbor database configurable
2017-09-25 13:29:49 +08:00
yixingj
fb690a972f
Make Harbor database configurable
2017-09-22 11:23:08 +08:00
Daniel Jiang
9c6468f963
Merge pull request #3088 from m-masataka/k8s-deploy
...
k8s deployment
2017-09-19 15:22:34 +08:00
yixingj
026e8e7f95
disable nginx buffer
...
When host in low disk status, enable the buffer will cause upload error.
2017-09-01 18:44:13 +08:00
Yan
408c1b429b
update registry image ( #3135 )
...
update
update
2017-08-30 16:13:54 +08:00
yixingjia
8f34945d4b
Merge pull request #3112 from yixingjia/nginx_temp_path
...
Try to fix some wired permission error
2017-08-25 20:32:56 -07:00
yixingj
362bf1a83e
Try to fix some wired permission error
2017-08-24 15:42:20 +08:00