Commit Graph

455 Commits

Author SHA1 Message Date
Wenkai Yin
0673e7c0a9 Add VOLUME definition in Dockerfile of chart museum
The VOLUME definition in Dockerfile of chart museum will mount a volume automatically by docker if no specific volume is provided.

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2018-08-20 17:00:40 +08:00
Daniel Jiang
bda3878ab8 Update registry image to enable inject root cert
In some user's environment, there's local object storage hosted with
self-signed certificate.
Because registry process runs in a photon container, it has to trust
the certificate in the photon level such that the registry can access
the storage service.

This commit updates the registry image to append custom cert to the root
bundle when the container is started.  And make the customer cert
configurable in `harbor.cfg`

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2018-08-16 18:36:21 +08:00
wangyan
29d0d51403 Signed-off-by: wangyan <wangyan@vmware.com>
Add clean registry cache to gc job

To workaround the issue: https://github.com/docker/distribution/issues/2094
GC needs to clean cache before to call the docker reigstry api to delete blobs.
Otherwise, the following docker push will not be performed as docker registry
does not clean cache in GC, it thinks the image is still there, and the new
blobs will be uploaded.
2018-08-13 02:58:27 -07:00
wangyan
e2ff77c4cd Fix namespace when to build harbor images 2018-08-09 23:41:30 -07:00
wangyan
7713764aec Batch update docker image namespace to goharbor
This commit is to move all the images of harbor from vmware to goharbor
2018-08-09 23:24:21 -07:00
Steven Zou
79b2f01bab
Merge pull request #5569 from steven-zou/change_notes_in_installation_script
Update the usage message to include chart repository server related info
2018-08-09 15:42:34 +08:00
Yan
0ffa6e076c
Unify redis configuration for harbor components (#5564)
this commit is to specrate the redis_url into host,port,pwd and index for
different components, and make it possible to set external redis server.
2018-08-09 15:27:46 +08:00
Steven Zou
7fe16eba19 Update the usage message to include chart repository server related info 2018-08-09 14:55:31 +08:00
wangyan
063e44c486 Remove the tdnf error eater in docker files 2018-08-07 22:58:01 -07:00
Deng, Qian
37176c8fe5 Unlink harbor-ui after UI complling.
After UI compilling should unlink harbor-ui.
Because it create a link with root user in container that will cause permission issues next time you want to aceess this file.
2018-08-06 19:53:07 +08:00
Steven Zou
e0ed44cc13 Enable chart/prov files overwriting option
change 'ALLOW_OVERWRITE' from 'false' to 'true'
2018-08-01 15:20:38 +08:00
Deng, Qian
8feb49c64e Feature of helm chart UI
1. Add Charts list view
2. Add Charts card view
3. Add Chart version list view
4. Add chart version card view
5. Add Chart Detail Summary
6. Add Chart Detail Value
6. Add Chart Detail Deps
7. Update nodeclarity Dockerfile
8. Add markdown support
9. Add package-lock file to src
2018-08-01 13:20:06 +08:00
Daniel Jiang
bda0a92ea9
Merge pull request #5427 from ywk253100/180730_redirect
Remove the URL rewrite for docker registry request
2018-07-31 13:34:15 +08:00
wangyan
22411cf6b2 Fix pgsql creation column bug
Root cause: Use default 'now'::timestamp will not generate timestamp for each transaction,
PG will convert now to a timestamp as soon as the constant is parsed. To fix it, update it
to defult CURRENT_TIMESTAMP, thie setting is the same as default now(), which returns the
start time of current transaction because ther are fuction calls, hey will give the desired
behavior of defaulting to the time of row insertion.

Reference: https://www.postgresql.org/docs/9.6/static/functions-datetime.html#FUNCTIONS-DATETIME-CURRENT
PG version: 9.6.9
2018-07-30 04:58:44 -07:00
Wenkai Yin
7e6a13915b Remove the URL rewrite for docker registry request
This commit redirects the request to UI directory without URL rewrite
2018-07-30 17:24:15 +08:00
Daniel Jiang
46de1432f2 Enable cfg migrator to 1.6.0
In 1.6, there will be only one DB process in the default deployment.
The migrator will try to handle the setting by "guessing" whether Harbor
was pointed to external DB.

Verified 1.5->1.6 and 1.4->1.6 migration.
2018-07-27 17:11:45 +08:00
Wenkai Yin
c3106fc447
Merge pull request #5401 from reasonerjt/config-clair-interval
Enable configuring the interval of clair updaters
2018-07-26 18:18:16 +08:00
Daniel Jiang
733a89dea2 Enable configuring the interval of clair updaters
To mitigate the impact we saw in the updater issues in clair, this
commit enable configuring the interval, include disabling the updaters
of clair.
2018-07-26 16:27:23 +08:00
Daniel Jiang
ad0c0eba36 Add registry to default no_proxy hosts for Clair
When proxy is set for Clair, there may be issue when Clair pulls image
from the registryif the `no_proxy` attribute is not updated.  This
commit adds `registry` to the default setting.
2018-07-26 14:41:03 +08:00
Steven Zou
32f0ceade3 Modify the cfg option 'max_job_workers' from 50 to 10 to reduce the resource requirement 2018-07-23 13:36:46 +08:00
Steven Zou
bb380e6dbc
Merge pull request #5314 from steven-zou/chart_repo_supporting
Refactor chart API endpoints
2018-07-20 20:43:55 +08:00
Steven Zou
0227a1315a Keep the chart server related configurations in adminserver
append chart server related config options to the supporting list of adminserver
provide chart server related config access method in the API layer
update prepare script and ui env template file to enable cache driver config for chart server API
append flag info in the systeminfo API to indicate if chart server is deployed with Harbor
refactor the response rewriting logic to return structual error object
add api init method to initilizing objects required in API handlers
chage owner of the storage folder
update offline/online package scripts in Harbor-Util.robot
2018-07-20 19:40:33 +08:00
Yan
efdb57548f
add admin job api (#5344)
It supports Harbor admin to trigger job either manual or
schedule. The job will be populated to job service to execute. 
The api includes:
1. POST /api/system/gc
2, GET /api/system/gc/:id 
3, GET /api/system/gc/:id/log
4, PUT/GET/POST /api/system/gc/schedule
2018-07-20 19:22:37 +08:00
Daniel Jiang
6c664ee993 Update photon base images (#5346)
This commit update the base photon image from vmware/photon:1.0 to
photon:1.0, per suggestion by photon team.
2018-07-19 20:45:20 +08:00
Steven Zou
726d81803b Fix conflicts in Makefiles and prepare script files with upstream 2018-07-19 03:17:05 -07:00
Steven Zou
22ea7dd91f Update the related build scripts to package the chart repo server
add env file template for chart repo server in make/common/config/chartserver
update the Makefiles to support build chart repo server
add docker file and related build scripts for upstream chart server - chartmuseum
update prepare to support generating chart server related configs
add docker compose file for the chart server
add build/install command options to install with/without chart repo server
update install.sh to support chart repo server installation
2018-07-19 16:47:05 +08:00
Yan
d5b85a6748
Add the registry controller httpserver, it's responsible for controlling (#5265)
docker regsitry. This version has the API to call regsitry GC with jobservice
secret. Seprates it into a standalone container as do not want to invoke two
processes in one container.

It needs to mount the registry storage into this container in order to do GC,
and needs to copy the registry binary into it.
2018-07-16 16:50:28 +08:00
Wenkai Yin
8a92019e8e
Merge pull request #5310 from reasonerjt/adminserver-update-schema
Let adminserver initialise the DB schema.
2018-07-16 12:52:11 +08:00
Daniel Jiang
0d6ea995e1 Let adminserver initialise the DB schema.
This commit make update to remove the code from ui container to init the
DB schema.  As UI has dependency on admin server, so it's safe to assume
adminserver has to be ready first.  Regardless the setting of the config
store of admin server, it will try to access and intialize the schema of
database.
2018-07-13 17:32:17 +08:00
Daniel Jiang
bd92b165c8
Merge pull request #5309 from ywk253100/180713_redis
Fix permission deny issue when Redis starting
2018-07-13 15:33:51 +08:00
Wenkai Yin
e0f2a3d5ce Fix permission deny issue when Redis starting
This commit changes the ownership of directory that Redis uses to user redis when starting up
2018-07-13 14:20:20 +08:00
timchenxiaoyu
a912a55ac2 add sync registry env (#5294)
By default Harbor will call catalog API of registry and sync the result to DB, this becomes problematic when registry is configured to custom storage service, there maybe inconsistent result and the whole process may be very time consuming.
So in this commit a env var SYNC_REGISTRY is introduced if user want Harbor to sync the repo when it starts up, by default it's false.
2018-07-13 11:15:41 +08:00
Daniel Jiang
f7a29363ed
Merge pull request #5296 from reasonerjt/clair-bump-up-v2.0.4
Bump up clair to v2.0.4
2018-07-12 15:09:17 +08:00
Daniel Jiang
bc1969156e Bump up clair to v2.0.4
This commit bump up clair to v2.0.4.  The current build process is
download the binary from google storage, the update of the binary in
google storage is not reflected in this commit.
2018-07-12 13:59:51 +08:00
Steven Zou
0dfc273ee8
Merge pull request #5246 from kulong0105/master
make/docker-compose.tpl: fix wrong mount configuration(#5208)
2018-07-12 13:54:35 +08:00
wangyan
bba96b3669 Update docker registry cache from inmemory to redis.
It gives Harbor the capability to controll the cache of docker
registry, and the workaround for cache invalidation bug caused
by garbage collection, that is clean cache in GC job.

For more details, see Harbor issue #5078.
2018-07-09 02:32:07 -07:00
Daniel Jiang
3bb4e2c921
Merge pull request #5260 from halfa/master
Change empty_subj to fix #2920 openssl issue
2018-07-06 15:08:10 +08:00
stonezdj
62acdb14f3 Add settings to define admin with LDAP group DN 2018-07-05 14:46:44 +08:00
Yan
d366134fe8
Fix bug of packaging offline installer (#5245)
The init sql script name nad path was changed by PR #5197, this
commit is to update these and log the package command to console,
make it more easy to debug in future. Also remove the action to
pull migrator as it will built each time locally.
2018-07-04 20:03:44 +08:00
Daniel Jiang
c04d99b1ab Workaround the Clair issue in ubuntu updater
This commit is a temp fix to workaround coreos/clair#562
Recompiled the code at the tip of release-2.0 branch of clair and
updated Makefile.
Once clair provides a new release, we'll need to make update in
Makefiles and Dockerfiles again to consume it.
2018-07-04 17:28:47 +08:00
Yilong Ren
15d6145f5c make/docker-compose.tpl: fix wrong mount configuration(#5208) 2018-07-04 14:12:10 +08:00
Daniel Jiang
a161f2c95b
Merge pull request #4965 from jouve/reg_upstream
remove unused upstream
2018-07-03 16:29:08 +08:00
Steven Zou
6dfccc7dea
Merge pull request #5074 from ninjadq/ldap_search_ui
Add LDAP search UI
2018-07-03 15:30:18 +08:00
Deng, Qian
72dfdd552f Add ldap serach
1. Add group management
2. Add rewrite import user to member ui
3. Add import group to member
4. Add new items in configuration page
2018-07-03 14:00:59 +08:00
Daniel Jiang
cb0acbace4 Restrict the CPU usage of Clair (#5217)
This commit fixes #5072
Due to an issue in bzr, Clair container may consume a lot of CPU
resource while updating the vuln data.  This commit mitigates the impact
by setting the cpu_quota of clair container. (default value of
cpu_period is 100000 in v2 docker-compose template)
2018-07-03 11:23:56 +08:00
Deng, Qian
edbe2fe620 Update migrator to 1 6 0
1. Add new alembic_pg folder for postgres
2. Add migration file for 1.6.0
3. Update version to 1.6.0
4. update migrator dockerfile
2018-07-02 21:23:47 +08:00
Daniel Jiang
aef3213dfa
Merge pull request #5190 from stonezdj/reload_config
Fix issue that harbor tile can not save customized settings
2018-06-29 13:04:36 +08:00
Daniel Jiang
c9b1962b1e Initialise Harbor DB schema in Harbor UI/adminserver container
This commit fixes #5040, the harbor-db image will only contain empty
databases, and harbor ui container will use migrate tool to run initial
SQL scripts to do initialization.  This is helpful for the case to
configure Harbor against external DB or DBaaS like RDS for HA deployment
However, this change will results some confusion as there are two tables
to track schema versions have been using alembic for migration, for this
release we'll try to use alembic to mock a `migration` table during
upgrade so the migrator will be bypassed, in future we'll consider to
consolidate to the golang based migrator.
Another issue is that the UI and adminserver containers will access DB
after start up in different congurations, can't ensure the sequence, so
both of them will try to update the schema when started up.
2018-06-28 16:22:53 +08:00
stonezdj
72e9b22e10 Fix issue that harbor tile can not save customized settings 2018-06-28 16:20:10 +08:00
mricher
ee60eaec16
Change empty_subj to fix openssl issue 2018-06-27 16:50:26 +02:00