stonezdj(Daojun Zhang)
0e92eaea18
Sort most dangerous vulnerabilities by score and severity level ( #19103 )
...
Check it is referred by a scan_report
Add index to report_vulnerability_record to improve performance
Fixes #19014 #19028
Signed-off-by: stonezdj <daojunz@vmware.com>
2023-08-07 10:13:34 +08:00
stonezdj(Daojun Zhang)
c62ec7daac
Add artifact digest to query condition ( #19102 )
...
Fixes #19023
Signed-off-by: stonezdj <daojunz@vmware.com>
2023-08-07 09:24:44 +08:00
stonezdj(Daojun Zhang)
3de778e9f1
Fix incorrect artifact and scanned artifact count issue ( #19106 )
...
* Fix incorrect artifact and scanned artifact count issue
fixes #19009 #19020 #19013
Signed-off-by: stonezdj <daojunz@vmware.com>
* fix issue
Signed-off-by: stonezdj <daojunz@vmware.com>
---------
Signed-off-by: stonezdj <daojunz@vmware.com>
2023-08-07 08:40:26 +08:00
Shijun Sun
f8cf772d86
Update style for add-replication-rule page ( #19100 )
...
1. Fixes #19098
Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-08-04 14:12:15 +08:00
Chlins Zhang
8c23bcdc54
fix: fix replication list projects with pure numberic name ( #19090 )
...
Quote the project name when listing projects in the replication, resolve
the issue of pure number name of project.
Signed-off-by: chlins <chenyuzh@vmware.com>
2023-08-04 09:29:51 +08:00
Shijun Sun
530b78285b
Convert the string "0" to number 0 ( #19080 )
...
1. Fixes #19046
Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-08-03 21:52:49 +08:00
Shijun Sun
d34775296c
Update cron ui for add replicatipn rule page ( #19083 )
...
1.Fixes #19072
Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-08-03 18:18:54 +08:00
Shijun Sun
26b53ef343
Show banner message on log in page ( #19078 )
...
1. Fixes #19076
Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-08-03 17:24:09 +08:00
Shijun Sun
1d81b3d8ad
Update ui for gc history and banner message ( #19094 )
...
1. Fixes #19031
2. Fixes #19049
Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-08-03 14:36:20 +08:00
Shijun Sun
cdd3f267b5
Merge cosign check and notation check ( #19079 )
...
1.Merge cosign check and notaion check into one API call, related issue #19077
Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-08-03 13:06:15 +08:00
Shengwen YU
1132a6654e
fix: bump up TRIVYVERSION=v0.44.0 and TRIVYADAPTERVERSION=v0.30.15 ( #19087 )
...
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2023-08-03 11:49:49 +08:00
MinerYang
e1c1f5625d
bump golang 1.20.6 on main ( #19066 )
...
bump golang 1.20.6
Signed-off-by: yminer <yminer@vmware.com>
2023-08-02 11:01:32 +08:00
Shijun Sun
39ec1e4b1f
Add validator for duration of banner message ( #19057 )
...
1.Fixes #19049
Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-08-01 18:31:32 +08:00
Shijun Sun
b496edf304
Update style for banner message ui ( #19069 )
...
1.Fixes #19021
2.Fixes #19022
Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-08-01 17:24:28 +08:00
Shijun Sun
28e6a99eb9
Remove cache for project policy updating ( #19068 )
...
1. Fixes #19065
Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-08-01 15:31:32 +08:00
Yang Jiao
5e130bd06c
Bump up photon version from 4.0 to 5.0 ( #19006 )
...
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-08-01 11:52:33 +08:00
Shijun Sun
854e0295d1
Update security hub ui ( #19062 )
...
1. Fixes #19010
2. Fixes #19011
3. Fixes #19012
4. Fixes #19015
5. Fixes #19025
6. Fixes #19026
7. Fixes #19034
8. Fixes #19037
Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-07-31 20:25:05 +08:00
Wang Yan
d93f24a4dc
fix dry run creation time ( #19060 )
...
fixes #19059
Give the mock time for dry run, otherwise, it will be zero.
Signed-off-by: wang yan <wangyan@vmware.com>
2023-07-31 17:29:56 +08:00
Wang Yan
bef4ccc782
fixes 19043 ( #19054 )
...
fixes #19043
Skip the policy checking when to pull the notation signature
Signed-off-by: wang yan <wangyan@vmware.com>
2023-07-31 15:11:21 +08:00
Wang Yan
638c26c41a
add details for gc dry-run ( #19050 )
...
* add details for gc dry-run
fixes 19040
Gives the make details for the dry-run
Signed-off-by: wang yan <wangyan@vmware.com>
* Update details column for gc history (#164 )
1.Fixes #19038
Signed-off-by: AllForNothing <sshijun@vmware.com>
---------
Signed-off-by: wang yan <wangyan@vmware.com>
Signed-off-by: AllForNothing <sshijun@vmware.com>
Co-authored-by: Shijun Sun <30999793+AllForNothing@users.noreply.github.com>
2023-07-31 13:53:51 +08:00
Wang Yan
ae33dbd801
fix accessory import issue ( #19053 )
...
fixes #19041
The issuse was introduced by https://github.com/goharbor/harbor/pull/17087 .
To move the import to main since the anonymous imports only allowed at main in go-cilint.
Fixes it:
To add the anonymous imports at the jobservice main since the gc job needs to remove accessory when to delete an artifact
Signed-off-by: wang yan <wangyan@vmware.com>
2023-07-30 22:36:03 +08:00
Alexis Leroux
84a131773a
Conserve sentinel_master_set value between upgraded versions ( #18875 )
...
fix(migration): Conserve sentinel_master_set value between upgraded versions
Signed-off-by: Alexis Leroux <alexis.leroux@worldline.com>
Co-authored-by: Alexis Leroux <alexis.leroux@worldline.com>
Co-authored-by: MinerYang <yminer@vmware.com>
2023-07-27 18:35:01 +08:00
MinerYang
3af605eedc
update installation hint ( #19024 )
...
Signed-off-by: yminer <yminer@vmware.com>
2023-07-27 10:41:05 +08:00
Wang Yan
db82d6e082
fix signer name ( #19001 )
...
Append the signer name to the error message which will be returned by the client
Signed-off-by: wang yan <wangyan@vmware.com>
2023-07-25 21:30:32 +08:00
stonezdj(Daojun Zhang)
c25a7ca68d
Skip to run migrate script when data available ( #18976 )
2023-07-25 19:41:35 +08:00
MinerYang
8102304621
add migration script for 2.9 ( #18997 )
...
add miigration script for 2.9
Signed-off-by: yminer <yminer@vmware.com>
update quota_update_provider
update typo
update comment
2023-07-25 17:52:37 +08:00
Yang Jiao
70554fe4f1
Fix build harbor-db-base error ( #19003 )
...
Fix #19002
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-07-25 16:45:23 +08:00
Yang Jiao
7862870c45
Update webhook and replication testcase ( #18998 )
...
Sync test case updates because of changes to webhook and replication
1. #18923
2. #18906
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-07-25 15:06:04 +08:00
stonezdj(Daojun Zhang)
d92aca9d39
Fix wrong scanned artifact count when there are multiple report for an artifact ( #18975 )
...
Signed-off-by: stonezdj <daojunz@vmware.com>
2023-07-25 14:10:10 +08:00
Shengwen YU
d7ff8bf55e
fix: bump-up TRIVYVERSION=v0.43.0 and TRIVYADAPTERVERSION=v0.30.14 ( #18993 )
...
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2023-07-25 10:25:06 +08:00
Shengwen YU
320c0d63ca
feat: add config for job_loggers ( #18970 )
...
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2023-07-24 22:10:36 +08:00
Chlins Zhang
8ff095d68f
feat: add the configuration for quota update provider ( #18928 )
...
Add the related configurations for the quota update provider to the
harbor.yml.
Signed-off-by: chlins <chenyuzh@vmware.com>
2023-07-24 16:28:19 +08:00
Chlins Zhang
c030fd7863
refactor: replace the gc redigo client to the standard cache ( #18965 )
...
Refactor the clean redis logic in the GC job, replace the redigo client
to the lib cache interface which can simplify operations.
Signed-off-by: chlins <chenyuzh@vmware.com>
2023-07-24 14:30:25 +08:00
Chlins Zhang
94c76002a2
refactor: remove duplicated artifact deletion handler ( #18959 )
...
Remove the duplicated artifact deletion event handler and enhance the
internal artifact onDelete method.
Signed-off-by: chlins <chenyuzh@vmware.com>
2023-07-24 13:38:39 +08:00
Yang Jiao
26f6197230
Fix APITEST_DB_PROXY_CACHE x509 ( #18977 )
...
Fix APITEST_DB_PROXY_CACHE x509, Because cicd.harbor.vmwarecna uses a self-signed certificate.
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-07-24 10:52:54 +08:00
Shijun Sun
b380b7869b
Update the parameter to search cosign ( #18963 )
...
1.Fixes #18960
Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-07-21 01:07:22 +08:00
Shengwen YU
9091661539
fix: replication policy cron setting - the 1st field must be 0; the Minutes field cannot be * ( #18923 )
...
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2023-07-20 17:55:48 +08:00
Wang Yan
ce893635aa
support nydus as a accessory ( #18953 )
...
Recognize nydus image(with subject) as a kind of accessory and built the releationship with subject manifest
Signed-off-by: wang yan <wangyan@vmware.com>
2023-07-20 15:54:23 +08:00
stonezdj(Daojun Zhang)
5e4163b53b
Create index in vulnerability_record table ( #18949 )
...
add index for better query performance
Signed-off-by: stonezdj <daojunz@vmware.com>
2023-07-20 14:00:40 +08:00
Shijun Sun
73533d8f4f
Add Security Hub UI ( #18942 )
...
1.Fixes #18819
2.Add Security Hub page as a new tab for Interrogation Services
Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-07-20 10:54:07 +08:00
Shijun Sun
b08dce4805
Update the regex for policy name and the tooltip message ( #18947 )
...
1. Fixes task 6 for #18091
Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-07-19 20:04:12 +08:00
Shijun Sun
79e8c396bf
Add Notation UI for deployment security ( #18952 )
...
1. for #18927
Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-07-19 18:22:11 +08:00
Chlins Zhang
970bdab936
fix: correct the operator in the webhook payload ( #18906 )
...
Fix the incorrect or meaningless operator in the webhook payload.
Fixes : #18438
Signed-off-by: chlins <chenyuzh@vmware.com>
2023-07-19 15:40:29 +08:00
stonezdj(Daojun Zhang)
d4aa9b13c4
Add vulnerability search API ( #18924 )
...
use q.Query to pass all query conditions
Signed-off-by: stonezdj <daojunz@vmware.com>
2023-07-19 10:17:14 +08:00
stonezdj(Daojun Zhang)
82ee5295ea
Log warning message when current user is freeze ( #18937 )
...
Signed-off-by: stonezdj <daojunz@vmware.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
2023-07-18 15:34:28 +08:00
Wang Yan
d745ad9175
fix gc schedule issue ( #18934 )
...
fixes #18881
Save workers settings into the metadata of the garbage collection schedule
Signed-off-by: wang yan <wangyan@vmware.com>
2023-07-17 15:28:21 +08:00
Wang Yan
ff2b99d711
enable notary v2 policy checker ( #18927 )
...
add notary v2 pull policy, when it enables, the artifact cannot be pull without the notation signature.
Signed-off-by: wang yan <wangyan@vmware.com>
2023-07-14 13:35:56 +08:00
Wang Yan
5cce621471
add notation support ( #18909 )
...
Accept and recognize the signature of notation client
Signed-off-by: wang yan <wangyan@vmware.com>
2023-07-13 11:18:34 +08:00
Kane
06c4c1c076
update icons ( #18767 )
...
Signed-off-by: vndroid <diracsvip@gmail.com>
Co-authored-by: Vadim Bauer <vb@container-registry.com>
2023-07-12 17:35:14 +03:00
stonezdj(Daojun Zhang)
93e428d0d2
Add security hub summary API ( #18872 )
...
include WithCVE, WithArtifact option
Signed-off-by: stonezdj <daojunz@vmware.com>
2023-07-12 19:18:08 +08:00