Upstream
/
harbor
mirror of https://github.com/goharbor/harbor.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
11,019 Commits 48 Branches 302 Tags 358 MiB
Commit Graph

11019 Commits

Author SHA1 Message Date
He Weiwei b390112f5a
fix: convert severity from negligible to none before saving to db (#15791) 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2021-10-14 16:02:38 +08:00
stonezdj 3b2ac06639 Change the span name to <method>_<request uri> 
Use the same trace option for HTTPTransport
  fixes #15726
Signed-off-by: stonezdj <stonezdj@gmail.com>
 2021-10-14 14:33:16 +08:00
Soumik Majumder 2679b2427b
Fix semgrep use-of-weak-crypto error (#15784) 
Signed-off-by: Soumik Majumder <soumikm@vmware.com>
 2021-10-14 14:28:59 +08:00
Wenkai Yin(尹文开) 7fc22e4344
Merge pull request #15789 from wy65701436/fix-replication-db 
fix replication DB connection issue
 2021-10-14 13:52:03 +08:00
Wang Yan 729d2e6590 fix replication DB connection issue 
fixes #15736

For the current imple, the GetWorker() may hang when there is no worker available, and will not release the DB connection.
In this case, the DB connection could reach the up limit that leads to harbor core for service unavailable.

1, move GetWorker() in the goroutine, release the DB connection for API.
2, reduce the worker count per harbor-core from 1024 to 10.
3, reduce the runner count per worker to 30.

After above, the max connection per harbor-core should be 300.

Worker: To control how many replicaiton exectuions can have at most at the same time.
Runner: To control the speed to generate an jobservice replicaiton job.

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2021-10-14 11:31:33 +08:00
AllForNothing b2775292ef Remove negligible and unknown severities and add none severity 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-10-13 16:45:16 +08:00
Shengwen YU 4d89c845d0
fix: webhook log (#15756) 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>

Co-authored-by: Shengwen Yu <yshengwen@vmware.com>
 2021-10-13 15:46:04 +08:00
Yang Jiao 4632e49cc0
Merge pull request #15765 from YangJiao0817/update-robot-account-case 
Update robot account permission item all list
 2021-10-13 10:53:34 +08:00
Yang Jiao bc321a331a Update robot account permission item all list 
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
 2021-10-13 09:46:56 +08:00
Wang Yan 5c92b2f308
bump up containerd version (#15752) 
Signed-off-by: Wang Yan <wangyan@vmware.com>
 2021-10-11 17:45:21 +08:00
Wenkai Yin(尹文开) dc8477bd7a
Merge pull request #15680 from antbreton/fix/15679 
fix filename processing to support both URI and URL
 2021-10-11 17:18:23 +08:00
Yang Jiao 7b39bab0f3
Merge pull request #15738 from YangJiao0817/fix-helm-cli 
Update helm cm-push plugin
 2021-10-11 11:58:46 +08:00
Wang Yan f57c426409
bump up jwt version (#15730) 
Upgrade the jwt to github.com/golang-jwt/jwt/v4, and it's backwards compatible with v3.x.y.

Signed-off-by: wang yan <wangyan@vmware.com>
 2021-10-08 16:09:00 +08:00
Yang Jiao e79dd316cd Update helm cm-push plugin 
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
 2021-10-08 15:27:44 +08:00
孙世军 96f5caa635
Add list artifact and list repo permissions to robot account (#15718) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-10-08 10:56:37 +08:00
stonezdj(Daojun Zhang) 32023891eb
Merge pull request #15675 from stonezdj/21sep22_email_nullable 
Allow empty email attribute for ldap/oidc user
 2021-10-02 10:33:38 +08:00
Wang Yan 4e984e8c6e
fix legacy robot edit issue (#15709) 
fixes #15690, for the legacy robot, update is denied.

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2021-10-01 00:41:54 +08:00
孙世军 7345021800
Fix lagecy robot edit issue (#15716) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-09-30 15:01:19 +08:00
stonezdj 06715af303 Allow empty email attribute for ldap/oidc user 
Define user.Email as sql.NullString to avoid unique constraint when email is empty in LDAP/OIDC
  Separate the common/models/User with the pkg/user/dao/User
  Fixes #10400
Signed-off-by: stonezdj <stonezdj@gmail.com>
 2021-09-30 14:35:18 +08:00
孙世军 c1169d66be
Improve routing links (#15706) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-09-30 10:25:19 +08:00
stonezdj a00a83df38 Fix all issues related to the noise in the logs 
Change log level to debug when required
Signed-off-by: stonezdj <stonezdj@gmail.com>
 2021-09-29 20:19:53 +08:00
Qian Deng 18c236d3cd
Merge pull request #15674 from ninjadq/add_validation_for_tracing 
Add validation for tracing
 2021-09-29 18:13:46 +08:00
Steven Zou 93e644119d
Merge pull request #15219 from danielpacak/bump_up_trivy_adapter_to_v0.20.0 
chore(trivy): Bump up Trivy adapter from v0.19.0 to v0.20.0
 2021-09-29 09:09:52 +08:00
antbreton db2a6fb970 fix filename processing to support both URI and URL 
Signed-off-by: antbreton <antoine.breton06@gmail.com>
 2021-09-27 16:13:21 +02:00
Qian Deng 3c23926bdc Add validation for tracing 
* add  validation of tracing in validating process

Signed-off-by: Qian Deng <dengq@vmware.com>
 2021-09-27 13:10:55 +00:00
孙世军 38e0910fc7
Auto-focus for filter component (#15672) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-09-27 18:46:27 +08:00
Alan fc1db450b2
fix translation error in zh for cron (#15668) 
Signed-off-by: alan <zg.zhu@daocloud.io>
 2021-09-27 12:50:20 +08:00
孙世军 ad1a6d64d5
Improve css style for project detail and add webhook components (#15650) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-09-27 11:00:16 +08:00
yxxhero 63b8e6a9ce
add unittest for jobservice/common/utils package and fix a issue for IsValidURL (#15539) 
add unittest for common utils package and fix a issue

Signed-off-by: yxxhero <aiopsclub@163.com>
 2021-09-24 19:07:55 +08:00
Daniel Jiang c3f92a748c
Merge pull request #15660 from reasonerjt/no-warning-groupclaim 
Do not print warning message if group claim is empty
 2021-09-24 18:23:05 +08:00
Daniel Jiang 5522ccbd93
Merge pull request #15521 from wy65701436/remove-quota-switch 
remove the internal legacy API to switch quota
 2021-09-24 18:21:53 +08:00
Yang Jiao c8e6e7a790
Merge pull request #15656 from YangJiao0817/fix-UserViewLogs-testcase 
Fix User View Logs test case error
 2021-09-24 16:07:22 +08:00
Daniel Jiang fbcba772e9 Do not print warning message if group claim is empty 
fixes #15616

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2021-09-24 15:43:54 +08:00
Yang Jiao a404cda6ce Fix User View Logs test case error 
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
 2021-09-24 12:24:57 +08:00
Wang Yan 0a2db1405a
update go dep version (#15648) 
To fix the Dependabot alerts

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2021-09-23 17:37:38 +08:00
Yang Jiao 90747caf87
Merge pull request #15643 from YangJiao0817/master-refresh-base-image 
Refresh base image
 2021-09-23 16:26:44 +08:00
孙世军 37cd3ce98c
Improve style for add replication rule component (#15632) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-09-23 15:10:59 +08:00
Yang Jiao 3cf0ccab88 Refresh base image 
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
 2021-09-23 15:01:41 +08:00
孙世军 ce1cb0cb88
Remove push option for project access log component (#15629) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-09-23 11:19:43 +08:00
Qian Deng 0490d96d7d
Merge pull request #15634 from ninjadq/upgrade_opentelemery 
Upgrade opentelemetry to 1.0.0
 2021-09-23 10:27:12 +08:00
Qian Deng da9faf0c6c Upgrade opentelemetry to 1.0.0 
* upgrade from 1.0.0-RC3 to 1.0.0
* remove fork

Signed-off-by: Qian Deng <dengq@vmware.com>
 2021-09-22 14:00:00 +00:00
stonezdj(Daojun Zhang) 972fa0880b
Merge pull request #15505 from ninjadq/add_distributed_tracing 
Add distributed tracing
 2021-09-22 14:16:19 +08:00
Qian Deng 354a2bd80d Enhance the trace related code 
* Move request id to requestid middleware
* fix span pass to child ctx on orm
* fix typos
* remove unused code
* add operation name to Transaction

Signed-off-by: Qian Deng <dengq@vmware.com>
 2021-09-22 04:14:43 +00:00
Daniel Jiang 36a17ed7a7
Merge pull request #15625 from reasonerjt/oidc-username-prty 
Make sure auto-onboard username claim has higher priority
 2021-09-22 11:53:43 +08:00
Daniel Jiang 3f007b8c7a
Merge pull request #15621 from reasonerjt/rm-error-user-ctl-get 
Do not check security context in Get of user controller
 2021-09-22 11:53:26 +08:00
Qian Deng 05bc946444
Merge pull request #14383 from XavierDuthil/use-exec-in-entrypoints 
Use exec in all components' entrypoints
 2021-09-22 10:49:21 +08:00
Daniel Jiang 91131098c3 Make sure auto-onboard username claim has higher priority 
This commit adjust the priority when consolidating data from userinfo
endpoint and id token, making sure the auto-onboard username claim from
ID token has highest priority.

fixes #15504

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2021-09-22 08:59:59 +08:00
Daniel Jiang 884da19414 Do not check security context in Get of user controller 
This commit make sure when security context is not found the `Get`
function in user controller should not return error.
Because this func will be called by security middleware, at which point
of time the security context is not generated.
Additionally, checking security context is not necessary because the
permission checking is already done in the API handler layer.

fixes #15535

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2021-09-21 16:40:16 +08:00
Qian Deng 31707dbf25 Using harbor lib config 
using config manager to get env configs

Signed-off-by: Qian Deng <dengq@vmware.com>
 2021-09-18 10:58:52 +00:00
Qian Deng 543d044f7a Update vendors 
Update vendors for trace

Signed-off-by: Qian Deng <dengq@vmware.com>
 2021-09-18 10:58:52 +00:00