wang yan
903e15235e
Update validation and error message per comments
2019-01-17 15:33:05 +08:00
wang yan
4cde11892a
update the conflict check with DB unique constrain error message
...
Signed-off-by: wang yan <wangyan@vmware.com>
2019-01-17 13:13:55 +08:00
Yan
1af0f3c3b9
Add API implementation of robot account
...
Add API implementation of robot account
1. POST /api/project/pid/robots
2, GET /api/project/pid/robots/id?
3, PUT /api/project/pid/robots/id
4, DELETE /api/project/pid/robots/id
Signed-off-by: wang yan <wangyan@vmware.com>
2019-01-17 13:13:55 +08:00
He Weiwei
8dab10bbed
Merge pull request #6765 from heww/rename-ram
...
Rename ram to rbac
2019-01-17 11:50:14 +08:00
He Weiwei
bacfe64979
Rename ram to rbac
...
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2019-01-16 18:20:30 +08:00
Wenkai Yin
f8d9653419
Merge pull request #6737 from ywk253100/190109_health_check
...
Implement the unified health check API
2019-01-16 18:14:14 +08:00
He Weiwei
76bee7a9fc
Merge pull request #6710 from heww/security-by-ram
...
Implement current security interfaces using ram
2019-01-16 17:47:13 +08:00
Wenkai Yin
be4455ec1b
Implement the unified health check API
...
The commit implements an unified health check API for all Harbor services
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2019-01-16 17:21:04 +08:00
He Weiwei
ebd26c0105
Implement current security interfaces using ram
...
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2019-01-16 16:08:17 +08:00
Steven Zou
464bdf71cd
Merge pull request #6727 from wy65701436/robot-dao
...
Add dao of robot account
2019-01-14 19:34:23 +08:00
wang yan
d349c256e8
add support for query nil
...
Signed-off-by: wang yan <wangyan@vmware.com>
2019-01-11 16:19:42 +08:00
Daniel Jiang
a1d4bfd332
Merge pull request #6344 from reasonerjt/bump-up-golang
...
Bump up golang to 1.11.2
2019-01-11 16:15:59 +08:00
Daniel Jiang
5d59d6fab8
Bump up golang to 1.11.2
...
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2019-01-11 14:44:32 +08:00
wang yan
6bd6fbd4ad
Add fuzzy match and delete funt per review comments
...
Signed-off-by: wang yan <wangyan@vmware.com>
2019-01-11 14:26:49 +08:00
wang yan
c6ae1388ec
Add dao of robot account
...
Signed-off-by: wang yan <wangyan@vmware.com>
2019-01-10 14:51:33 +08:00
Daniel Jiang
80af81154c
Merge pull request #6702 from wy65701436/robot-db-scheme
...
Add DB table for robot account
2019-01-10 14:25:58 +08:00
wang yan
db09f9f101
Update token length and upper case the sql key words
...
Signed-off-by: wang yan <wangyan@vmware.com>
2019-01-09 10:00:54 +08:00
wang yan
362a0638d0
Add DB table for robot account
...
This commit is to add DB scheme for robot account and update the db orm releated.
Signed-off-by: wang yan <wangyan@vmware.com>
2019-01-08 18:46:16 +08:00
Daniel Jiang
b5788f0695
Merge pull request #6671 from heww/ram
...
Add ram pkg
2019-01-08 15:39:36 +08:00
He Weiwei
79f786ecbe
Add ram pkg
...
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2019-01-04 13:17:13 +08:00
Wenkai Yin
75d45ebd9d
Merge pull request #6547 from cd1989/retag-input-validation
...
Validate repo and tag names in retag
2019-01-03 17:45:44 +08:00
cd1989
c117a23133
Validate repo and tag names in retag
...
Signed-off-by: cd1989 <chende@caicloud.io>
2018-12-24 16:49:39 +08:00
Daniel Jiang
93c0a18b06
Merge pull request #6537 from stonezdj/ref_admin_driver
...
Refactor config settings stage2
2018-12-21 15:12:56 +08:00
stonezdj
2446878f6b
Refactor config settings stage2
...
Signed-off-by: stonezdj <stonezdj@gmail.com>
2018-12-21 10:59:11 +08:00
Wenkai Yin
b28bca7af4
Merge pull request #6541 from salkin/proxy-transport
...
Add support for http proxy in transport
2018-12-18 15:46:29 +08:00
Niklas Wik
138bc69f0f
Add support for http proxy in transport
...
Signed-off-by: Niklas Wik <niklas.wik@nokia.com>
2018-12-17 10:35:27 +02:00
stonezdj(Daojun Zhang)
13511d74ed
Refactor config settings encrypt + metadata ( #6387 )
...
Signed-off-by: stonezdj <stonezdj@gmail.com>
2018-12-12 12:14:33 +08:00
Wenkai Yin
f7a28ee2a2
Remove the duplicate http error struct ( #6516 )
...
There are two different types to represent http error in the current code. This commit updates the codes to keep only one.
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2018-12-12 11:51:19 +08:00
cd1989
caf07a96fe
Give meaningful messages when retag forbided
...
Signed-off-by: cd1989 <chende@caicloud.io>
2018-12-06 16:25:21 +08:00
Daniel Jiang
ae240df031
Remove the Scan all in-memory marker ( #6399 )
...
Previously there was a in-memory marker to prevent user from frequently
calling the "scan all" API. This has become problematic in HA
deployment, and is no longer needed after enhancement in jobservice.
This commit removes the marker for "scan all" api, however, we need to
review the mechanism and rework to make it stateless.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2018-12-02 15:40:50 +08:00
Steven Zou
ec2ad4d0b8
Merge pull request #6093 from cd1989/replication-record-id
...
Add op uuid to image replication
2018-11-30 14:54:43 +08:00
Wenkai Yin
9d5cf57373
Check the existence of name when creating replication rule and fix bugs in testing library ( #6381 )
...
1. Fix #5102 by checking the existence of name when creating/editing replication rule
2. Add unique constraint to the name of replication policy and target
3. Fix bugs of testing library
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2018-11-30 13:32:20 +08:00
peimingming
238dbc0347
Add UT and review comments and issue fix ( #6144 )
...
Signed-off-by: peimingming <peimingming@corp.netease.com>
2018-11-28 17:43:14 +08:00
peimingming
c67fdc40f5
Support store job log in DB ( #6144 )
...
Signed-off-by: peimingming <peimingming@corp.netease.com>
2018-11-28 15:09:29 +08:00
Steven Zou
e6d4c024ee
Update README of job service to reflect latest updates
...
Signed-off-by: Steven Zou <szou@vmware.com>
2018-11-08 10:35:12 +08:00
Steven Zou
7b106d06c5
Build logger framework to support configurable loggers/sweepers/getters
...
Signed-off-by: Steven Zou <szou@vmware.com>
2018-11-06 09:31:31 +08:00
Daniel Jiang
39b4d011c7
Not submit scan all job when core container starts
...
Fixes #6115
As for the change in migration sql file, in 1.7 we'll switch to
jobservice for scheduling "scan all" job. To avoid inconsistency,
this item will be reset and user will need to configure the policy again.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2018-10-25 19:01:52 +08:00
Steven Zou
3b76a960e1
Merge pull request #6039 from stonezdj/refact_5996
...
Refactor capacity
2018-10-24 10:50:11 +08:00
陈德
1ffd9d8fba
Add op uuid to image replication
...
Signed-off-by: 陈德 <chende@caicloud.io>
2018-10-21 23:55:57 +08:00
Steven Zou
db24cbe25a
Merge pull request #5779 from cd1989/images-retag
...
Merge Images retag
2018-10-19 11:04:48 +08:00
Daniel Jiang
fe2e58e1a0
Ignore duplication error when inserting config
...
This commit mitigates the situation when more then one adminserver is
deployed and there may be duplication error when they try to initialize
the configuration to DB.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2018-10-19 10:23:00 +08:00
陈德
a1b4729aa7
Add more unit tests
...
Signed-off-by: 陈德 <chende@caicloud.io>
2018-10-18 00:26:25 +08:00
stonezdj
0278981523
Change admin server to core in jobservice
...
Signed-off-by: stonezdj <stonezdj@gmail.com>
2018-10-16 19:23:12 +08:00
stonezdj(Daojun Zhang)
b764033fc9
Merge pull request #6007 from stonezdj/refact_5998
...
Change admin server to core in jobservice
2018-10-15 17:52:24 +08:00
stonezdj
79bac7a64e
Change admin server to core in jobservice
...
Signed-off-by: stonezdj <stonezdj@gmail.com>
2018-10-15 14:56:18 +08:00
Daniel Jiang
00c8344c13
Remove the local scheduler
...
This is no longer needed after moving the "scan all" to job-service.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2018-10-15 14:14:11 +08:00
Wenkai Yin
83147b1982
Merge pull request #6003 from wy65701436/fix-gc-bug
...
Fix gc api issues
2018-10-11 10:26:38 +08:00
Daniel Jiang
1188bd89b9
Use secure transport to access HTTP endpoint
...
In various parts of the code, we used insecure transport in http Client
when we assume the endpoint is http. This causes complaints form
security scanner. We should use secure transport in such cases.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2018-10-10 17:51:02 +08:00
wang yan
a4ad4c7282
Fix gc api issues
...
1, filter out the scan all jobs in the gc list.
2, make it able to delete unexecuted scheduler.
Signed-off-by: wang yan <wangyan@vmware.com>
2018-10-10 15:45:03 +08:00
陈德
b648084d95
Improve code styles and fix after Harbor refactoring
...
Signed-off-by: 陈德 <chende@caicloud.io>
2018-10-09 10:49:03 +08:00
陈德
03d5157eaf
Updae retag api spec
...
Signed-off-by: 陈德 <chende@caicloud.io>
2018-10-08 19:07:23 +08:00
陈德
75f1cdb449
Update swagger file to add retag API
...
Signed-off-by: 陈德 <chende@caicloud.io>
2018-10-08 19:07:22 +08:00
陈德
48d2435146
Fix notification event filtered because of user agent
...
Signed-off-by: 陈德 <chende@caicloud.io>
2018-10-08 19:07:22 +08:00
陈德
03af3c5936
Add image retag API
...
Signed-off-by: 陈德 <chende@caicloud.io>
2018-10-08 19:07:21 +08:00
James Zabala
e09a157dce
Merge pull request #5896 from erks/normalize_ldap_group_dn
...
Normalize (make lowercase) ldap_group_dn during onboarding
2018-10-02 16:03:03 -04:00
Daniel Jiang
b12dc3b5d8
Schedule "scan all" via jobservice
...
This commit leverage the jobservice to trigger "scan all" and
gets rid of the local scheduler to make the harbor-core container
stateless.
It keeps using the notifer mechanism to handle the configuration change.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2018-09-28 15:42:37 +08:00
Steven Zou
8b538cbc0a
Return the total count of charts under the project in project API
...
- add new interface method to get total count of charts under namespaces by calling get index
- add new field 'chart_count' in project model
- append chart count to the project model in project API
Signed-off-by: Steven Zou <szou@vmware.com>
2018-09-25 17:56:11 +08:00
Daniel Jiang
0699980924
Add Scan All job to job service ( #5934 )
...
This commit adds the job to scan all images on registry.
It also makes necessary change to Secret based security context, to
job service has higher permission to call the API of core service.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2018-09-22 13:07:32 +08:00
clouderati
587459df15
Replacing copyright notices with "Copyright Project Harbor Authors".
...
Signed-off-by: clouderati <35942204+clouderati@users.noreply.github.com>
2018-09-19 16:59:36 +00:00
Qian Deng
7873a0312a
Rename harbor-ui to harbor-core
...
1. Update the nginx.conf
2. Update Makefile
3. Update docker-compose
4. Update image name
5. Rename folder ui to core
6. Change the harbor-ui's package name to core
7. Remove unused static file on harbor-core
8. Remove unused code for harbor-portal
Signed-off-by: Qian Deng <dengq@vmware.com>
2018-09-19 16:35:13 +08:00
Yan
29ca31cf6c
Update gc api to fix issues found by UI implemention ( #5920 )
...
This commit is to update gc api to fix issues found by UI implemention:
1, Return json format of gc schedule
2, Unify capital and small letter
3,Return gc records by desc
Signed-off-by: wang yan <wangyan@vmware.com>
2018-09-19 14:36:47 +08:00
Touch Ungboriboonpisal
e256547411
Normalize (make lowercase) the ldap group dn when onboarding
...
Fixes #5895
Signed-off-by: Touch Ungboriboonpisal <tungbori@zynga.com>
2018-09-18 13:37:35 -07:00
Wenkai Yin
dfcd6f044d
Merge pull request #5888 from steven-zou/mark_labels_to_chart
...
Add API to support marking labels to charts
2018-09-14 15:09:46 +08:00
Steven Zou
7b8fe27c22
Add API to support marking labels to charts
...
- add related chart label API entries
- extract label related functionalities to a separate manager interface
- add a base controller for label related actions
- add related UT cases
Signed-off-by: Steven Zou <szou@vmware.com>
2018-09-14 13:27:50 +08:00
Wenkai Yin
89893779fb
Support configuring sslmode for the connection of database ( #5861 )
...
The sslmode of the connection with postgresql is hardcoded as "disable" currently, this commit expose it as an environment variable so that users can configure it
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2018-09-14 13:05:05 +08:00
Wenkai Yin
1f195c2b5f
Merge pull request #5840 from Colstuwjx/fix-tcp-probe
...
Fix `TestTCPConn` break issue.
2018-09-10 14:46:04 +08:00
Daniel Jiang
cd31cbf892
Merge pull request #5828 from stonezdj/ldap_caseinsense
...
LDAP group DN should be case insensitively
2018-09-07 10:48:31 +08:00
Colstuwjx
e49a9de2f4
Fix TestTCPConn
break issue.
...
Signed-off-by: Colstuwjx <Colstuwjx@gmail.com>
2018-09-06 14:58:04 +08:00
stonezdj
9dca49ba6e
LDAP group DN should be case insensitive
...
Fix issue #5776 , LDAP servers are case insensitive. because only LDAP
group DN is used to compare/equal operation, lowercase all LDAP group DN
when retrieves it from LDAP server, and lowercase them before save in DB
Signed-off-by: stonezdj <stonezdj@gmail.com>
2018-09-06 11:33:05 +08:00
Wenkai Yin
5427c0064c
Merge pull request #5731 from Colstuwjx/fix-log-test
...
Fix logger test case, add SetSkipLine func.
2018-09-06 08:17:17 +08:00
Colstuwjx
bab203c0f4
Fix logger test case.
...
Signed-off-by: Colstuwjx <Colstuwjx@gmail.com>
2018-09-05 19:25:17 +08:00
陈德
0582db9a82
Apply consistent format for comments
...
Signed-off-by: 陈德 <chende@caicloud.io>
2018-09-05 16:16:31 +08:00
Wenkai Yin
49bb5cfafb
Test TCP connection before upgrading database schema
...
This commit moves the database schema upgrading after database initialization. The init will test TCP connection.
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2018-09-05 02:07:47 +08:00
陈德
6eb972c383
Add pull scope to post/put/patch method
...
Signed-off-by: 陈德 <chende@caicloud.io>
2018-09-03 11:12:11 +08:00
陈德
a59af8ce82
fix gofmt
...
Signed-off-by: 陈德 <chende@caicloud.io>
2018-08-30 14:11:18 +08:00
陈德
666bd692fe
Support repo list sorting
...
Signed-off-by: 陈德 <chende@caicloud.io>
2018-08-30 10:56:50 +08:00
wang yan
aab761ac8a
Fix gofmt check results
...
Signed-off-by: wang yan <wangyan@vmware.com>
2018-08-29 11:50:00 +08:00
Yan
fca2bb3a6b
Fix misspell checking results ( #5749 )
...
Signed-off-by: wang yan <wangyan@vmware.com>
2018-08-29 10:25:42 +08:00
Daniel Jiang
dcf4e2ee78
Update import path in go code
...
vmware -> goharbor
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2018-08-23 17:50:53 +08:00
wangyan
9a95f14918
Cherry-pick -- Fix security issue found by gas
2018-08-03 01:16:53 -07:00
Daniel Jiang
6062bf279b
Set default creation_time and update_time at model
...
This commit set the default value of creation_time and update_time to
data objects by adding `orm:add_now` annotations.
2018-07-31 12:56:14 +08:00
stonezdj
9b209858f4
Ldap_group_admin_dn can not updated via rest
2018-07-24 17:47:57 +08:00
silenceshell
7745b79b2e
var name should not be error ( #5332 )
...
Rename the variable names from "error" to "err"
2018-07-24 11:33:21 +08:00
Steven Zou
bb380e6dbc
Merge pull request #5314 from steven-zou/chart_repo_supporting
...
Refactor chart API endpoints
2018-07-20 20:43:55 +08:00
Steven Zou
0227a1315a
Keep the chart server related configurations in adminserver
...
append chart server related config options to the supporting list of adminserver
provide chart server related config access method in the API layer
update prepare script and ui env template file to enable cache driver config for chart server API
append flag info in the systeminfo API to indicate if chart server is deployed with Harbor
refactor the response rewriting logic to return structual error object
add api init method to initilizing objects required in API handlers
chage owner of the storage folder
update offline/online package scripts in Harbor-Util.robot
2018-07-20 19:40:33 +08:00
Yan
efdb57548f
add admin job api ( #5344 )
...
It supports Harbor admin to trigger job either manual or
schedule. The job will be populated to job service to execute.
The api includes:
1. POST /api/system/gc
2, GET /api/system/gc/:id
3, GET /api/system/gc/:id/log
4, PUT/GET/POST /api/system/gc/schedule
2018-07-20 19:22:37 +08:00
stonezdj
f5e82f75a7
Add SafeCast function and set default value for some sytem configure
...
Add SafeCastString, SafeCastInt, SafeCastFloat64, SafeCastBool function to check
the type matched and avoid panic in runtime
Add default value to configure settings to avoid cannot save configure
issue
2018-07-17 17:00:06 +08:00
Yan
9e65499c10
Add garbage collection job implemention, this job could ( #5268 )
...
be triggered by manual and schedule. It calls registrtctl
to do the GC job, and log the output.
2018-07-16 18:08:40 +08:00
Yan
d5b85a6748
Add the registry controller httpserver, it's responsible for controlling ( #5265 )
...
docker regsitry. This version has the API to call regsitry GC with jobservice
secret. Seprates it into a standalone container as do not want to invoke two
processes in one container.
It needs to mount the registry storage into this container in order to do GC,
and needs to copy the registry binary into it.
2018-07-16 16:50:28 +08:00
Daniel Jiang
0d6ea995e1
Let adminserver initialise the DB schema.
...
This commit make update to remove the code from ui container to init the
DB schema. As UI has dependency on admin server, so it's safe to assume
adminserver has to be ready first. Regardless the setting of the config
store of admin server, it will try to access and intialize the schema of
database.
2018-07-13 17:32:17 +08:00
stonezdj
62acdb14f3
Add settings to define admin with LDAP group DN
2018-07-05 14:46:44 +08:00
Deng, Qian
edbe2fe620
Update migrator to 1 6 0
...
1. Add new alembic_pg folder for postgres
2. Add migration file for 1.6.0
3. Update version to 1.6.0
4. update migrator dockerfile
2018-07-02 21:23:47 +08:00
Daniel Jiang
1afb09b6cf
Merge pull request #5194 from ywk253100/180626_search
...
Fix bug in search API
2018-06-29 21:13:09 +08:00
Daniel Jiang
aef3213dfa
Merge pull request #5190 from stonezdj/reload_config
...
Fix issue that harbor tile can not save customized settings
2018-06-29 13:04:36 +08:00
Daniel Jiang
c9b1962b1e
Initialise Harbor DB schema in Harbor UI/adminserver container
...
This commit fixes #5040 , the harbor-db image will only contain empty
databases, and harbor ui container will use migrate tool to run initial
SQL scripts to do initialization. This is helpful for the case to
configure Harbor against external DB or DBaaS like RDS for HA deployment
However, this change will results some confusion as there are two tables
to track schema versions have been using alembic for migration, for this
release we'll try to use alembic to mock a `migration` table during
upgrade so the migrator will be bypassed, in future we'll consider to
consolidate to the golang based migrator.
Another issue is that the UI and adminserver containers will access DB
after start up in different congurations, can't ensure the sequence, so
both of them will try to update the schema when started up.
2018-06-28 16:22:53 +08:00
stonezdj
72e9b22e10
Fix issue that harbor tile can not save customized settings
2018-06-28 16:20:10 +08:00
Wenkai Yin
982760a132
Fix bug in search API
...
Refactor the logic of search API to fix bug mentioned in issue #5156 and #3838
2018-06-27 12:51:08 +08:00
stonezdj
d6a4d79a03
Handle Invalid syntax and not found error
2018-06-20 14:27:29 +08:00
Daniel Jiang
255a6d6f95
Merge pull request #5070 from ywk253100/180601_label_fuzzy_match
...
Fix #4742 : fuzzy match label name
2018-06-12 14:39:35 +08:00
Wenkai Yin 79628
0c56493fb6
Soft delete label
...
Modify the deletion of label to soft deletion, in this way the names of deleted labels referenced by replication rules can be shown to users
2018-06-07 17:14:12 +08:00
Wenkai Yin 79628
07c092c9be
Fix #4742
...
This commit provides the support of fuzzy matching for label name when listing labels
2018-06-01 07:38:21 +08:00
Daniel Jiang
2f4950b80c
Merge pull request #5034 from ywk253100/180524_relativeurl
...
Fix replication issue when the remote registry enables relativeurls
2018-05-25 19:33:29 +08:00
Wenkai Yin 79628
29a4a3335e
Fix replication issue when the remote registry enables relativeurls
...
The location header returned by the remote registry contains no scheme and host parts if "relativeurls" is enabled,
this commit fix it by adding them at the beginning of location.
2018-05-24 15:34:31 +08:00
Wenkai Yin 79628
76274dbf84
Update change password API
...
Modify the changing password API to support that admin user can change the password of normal users without old password
2018-05-22 19:02:20 +08:00
stone
d3930ae17c
Put user info into session ( #4885 )
...
Fix the following issues.
1) GroupList is not found in SecurityContext user info
2) Retrieve multiple memberof information from LDAP.
3) If user is in two groups with guest, administrator role separately, display the max privilege role.
2018-05-17 16:23:51 +08:00
stonezdj
b8a48d0326
Update security context for assign role to project group member
...
The project list will contain all public projects, user is a member of this project, or user is in the group which is a member of this projects.
Change the behaviour of user roles, if the user is not a member of this project, then return the user's groups role of current project
2018-05-03 16:49:16 +08:00
Yan
ae257433cc
Fully migrate harbor db to postgresql ( #4689 )
...
* Merge harbor db to postgres
2018-04-27 02:27:12 -07:00
Wenkai Yin
f77e4167ac
Merge pull request #4802 from ywk253100/180427_label_db
...
Modify unique constraint of table harbor_label
2018-04-27 17:10:05 +08:00
Wenkai Yin
73babbf1ab
Modify unique constraint of table harbor_label
...
Add unique constraint to column name, scope and project_id of table harbor_label to make creating same name labels under different projects valid
2017-12-19 22:15:56 +08:00
Tan Jiang
93c448d91b
Fix mis-interpretation of severity in Clair
...
Currently "Critical" vulnerablity is treated as "Unknown" in Harbor.
This commit provides a quickfix that it will be interpret as "High". In
future, we should consider introduce "Critical" and enable UI to handle
it to be more consistent with CVSS spec.
2018-04-25 10:31:12 +08:00
Tan Jiang
1fc4142e1a
Do not call chown
to config files
...
This commit fixes a recently discovered issue on Kubernetes #4496
It make necessary to avoid calling `chown` to config files during the
bootstrap of the containers.
2018-04-20 13:44:21 +08:00
Daniel Jiang
f8d577994f
Merge pull request #4719 from reasonerjt/fix-db-broken-pipe
...
Fix intermittent `broken pipe` issue in log
2018-04-19 10:23:59 +08:00
Tan Jiang
7fa8261661
Fix intermittent broken pipe
issue in log
...
This commit fixes #4713 , by adopting the suggested fix in:
https://github.com/go-sql-driver/mysql/issues/529
When creating the DB instance in orm, call `SetConnMaxLifetime()`
2018-04-18 17:39:13 +08:00
Wenkai Yin 79628
f6bd2f245d
Fix bug #4688
...
Fix bug: the user can push images although he have no permisson by checking empty value before assign permissions.
2018-04-18 12:03:06 +08:00
stonezdj
7e57c685ac
Add project member search by name
...
Previous implementation contains the search user by name feature. This implementation can search user and user group by name.
2018-04-16 18:38:10 +08:00
stonezdj
de49165427
Refactor project member API
...
1) Remove the previous /api/projects/?:project_id/members/:userid
2) Move the /api/projects/:project_id/projectmembers/?:pmid to
/api/projects/:project_id/members/?:pmid
3) Change the project member maintain ui to call new REST API
2018-04-11 17:49:33 +08:00
Tan Jiang
ff06ec05c3
Store secret in header instead of cookie
2018-04-07 22:02:06 +08:00
Daniel Jiang
b5f52bc3fb
Merge pull request #4586 from reasonerjt/job-context-props
...
Read the system properties from scan job context
2018-04-07 10:23:30 +08:00
Tan Jiang
15580a5e8c
Read the system properties from scan job context
2018-04-04 19:58:54 +08:00
stone
df63a73fd4
Merge pull request #4483 from stonezdj/api4assign_role_to_group4
...
Add REST API for assign role to group
2018-04-04 16:19:37 +08:00
stonezdj
9bcfaedc0e
Add REST API for assign role to group
2018-04-04 13:39:42 +08:00
Wenkai Yin
79f0ca96bc
Merge pull request #4572 from ywk253100/180402_job
...
Hide schedule job when listing replication jobs
2018-04-03 16:12:10 +08:00
Wenkai Yin
500651a5a1
Hide schedule job when listing replication jobs
2018-04-03 01:11:55 +08:00
Tan Jiang
7aec4d9f21
Add UT and remove useless code.
2018-04-02 21:28:46 +08:00
Wenkai Yin
3436729d52
Merge pull request #4547 from ywk253100/180328_schedule_replication_job
...
Move schedule replication job to new jobservice
2018-03-30 21:03:45 +08:00
Steven Zou
ba91fc2861
Merge master into job_service and fix conflicts
2018-03-30 19:26:04 +08:00
Wenkai Yin
dd40f187ec
Move schedule replication job to new jobservice
2018-03-30 17:44:05 +08:00
Steven Zou
d1899c840d
Merge branch 'master' into job_service
2018-03-29 23:25:20 +08:00
Tan Jiang
5dd75bb0b0
Trust Root CA of VIC appliance when accessing Admiral
2018-03-29 19:53:41 +08:00
Daniel Jiang
2c2cbd9c52
Merge pull request #4510 from reasonerjt/master
...
Add indexes to job tables and bump up schema version.
2018-03-28 16:58:16 +08:00
Tan Jiang
b6df6cf169
Add indexes to job tables and bump up schema version.
2018-03-28 16:15:54 +08:00
stone
203b1b52bb
Merge pull request #4415 from stonezdj/user_group_and_project_member
...
Add DAO for user group and project member
2018-03-26 15:21:20 +08:00
stonezdj
49d960b060
Add DAO for project member and user group
2018-03-26 14:38:32 +08:00
yixingj
cb64ad96ff
Make endpoint configurable
...
Move all the endpoint to harbor.cfg
2018-03-26 10:50:18 +08:00
Wenkai Yin
dd156ca243
Handle replication job status hook
2018-03-24 21:18:58 +08:00
Tan Jiang
be97a91650
Integrate with jobservice webhook
2018-03-27 21:27:52 +08:00
Tan Jiang
c859616e25
fix golint and go vet issue
2018-03-26 22:10:01 +08:00
Tan Jiang
582deea9e7
resolve conflict
2018-03-26 18:11:39 +08:00
Tan Jiang
41ce0891ab
Trigger scan job from UI.
2018-03-26 18:07:21 +08:00
Wenkai Yin
38568a1d2c
Merge pull request #4485 from ywk253100/180326_period_job
...
Create a job to call UI's replication API to do the period replication job
2018-03-26 17:31:10 +08:00
Tan Jiang
745b21abbc
Merge remote-tracking branch 'upstream/master' into scan-job-migrate
2018-03-26 15:39:42 +08:00
Tan Jiang
381ecc3521
Merge with master
2018-03-26 10:37:17 +08:00
Wenkai Yin
85f357ec6b
Delete the mapping relationship between resources and labels when the label is deleted
2018-03-24 02:22:51 +08:00
Wenkai Yin
e63d5a1c06
Create a job to call UI's replication API to do the period replication job
2018-03-23 23:53:15 +08:00
Wenkai Yin
ed08a42e4b
Migrate replication job to the new jobservice
2018-03-23 18:36:37 +08:00
Yan
cbcca015b0
add read only mode to stop docker push ( #4433 )
2018-03-23 03:16:08 -07:00
Wenkai Yin
c6e65d2ded
Fuzzy matching repository name in GET repositories API
2018-03-22 13:38:26 +08:00
Tan Jiang
b8ec419c8e
Add missed package to fix compilation issue
2018-03-21 16:59:32 +08:00
Tan Jiang
613464bc16
Migrate scan job to job service V1 phase1
2018-03-21 16:25:32 +08:00
Wenkai Yin
838b439560
Implement filter repository and tags by label API
2018-03-21 10:51:06 +08:00
stonezdj
44fc373c6d
Add LDAP Group Search Configure Param
2018-03-15 06:16:47 +08:00
Wenkai Yin
36b9c4e458
Implement adding/removing labels to/from repositories and images API
2018-03-12 19:30:05 +08:00
Wenkai Yin
379f113452
Implement label management API
2018-03-09 12:17:27 +08:00
Wenkai Yin
0a8929b85e
Do the authentication with CRAM-MD5 when the connection is insecure
2018-03-08 14:21:44 +08:00
stonezdj
4c6d1488bd
Add UT
2018-02-09 15:29:08 +08:00
stonezdj
f138067242
Refactor project member
2018-02-09 10:38:51 +08:00
Wenkai Yin
10f56d26fe
Change codes to make everything OK after upgrading to beego 1.9.0
2018-02-05 13:07:52 +08:00
Wenkai Yin
9022abfc13
Fix code issues found by Gas
2018-01-29 15:17:03 +08:00
Wenkai Yin
515cac010a
Merge pull request #4071 from ywk253100/180117_policy_pagination
...
Add pagination support in listing replication policy API
2018-01-19 15:19:45 +08:00
Wenkai Yin
611709a7be
Add pagination support in listing replication policy API
2018-01-18 15:54:12 +08:00
stone
c815dc01dd
Merge pull request #4043 from reasonerjt/uaa-bugfix
...
Read Email from UAA while onboarding user.
2018-01-18 14:04:35 +08:00
Tan Jiang
d5d913f51d
Read Email from UAA while onboarding user.
...
Will call the userinfo API of UAA to get user info and generage user
model based on the response. Also this commit include a change that
whenever the UAA Client is to be used it will update the configuraiton,
this is needed as we enable user to update the configuration of UAA via
UI.
2018-01-17 10:28:49 +08:00
Wenkai Yin
8cda2d8d65
Merge pull request #4036 from ywk253100/180116_s3
...
Propagate registry storage driver name to adminserver and return it in /api/systeminfo
2018-01-16 18:41:08 +08:00
Qian Deng
5017670d00
Merge pull request #4005 from ninjadq/db_migrate_from_1_3_to_1_4
...
Update migration tool for v1.4
2018-01-16 17:04:54 +08:00
Wenkai Yin
53d5a2256a
Propagate registry storage driver name to adminserver and return it in /api/systeminfo
2018-01-16 16:57:28 +08:00
Deng, Qian
b3e65ed71e
Update migration tool for v1.4
...
1. Update database meta file
2. Add migration file for 1.4
2018-01-16 15:38:51 +08:00
Wenkai Yin
a1dd8c3bff
Merge pull request #4004 from ywk253100/180111_jobservice
...
Provide a mechanism to stop pending and retrying jobs
2018-01-15 12:55:44 +08:00
Tan Jiang
d6bf0ea11d
Remove data generated by dao_test after the test.
2018-01-12 15:56:30 +08:00
Wenkai Yin
4070ed5152
Provide a mechanism to stop pending and retrying jobs
2018-01-12 15:29:20 +08:00
Daniel Jiang
43afd426bb
Merge pull request #3995 from reasonerjt/admin-rename
...
Provide API to rename admin
2018-01-12 13:59:13 +08:00
stone
ec173305a3
Merge pull request #3974 from stonezdj/ldap_ping_timeout
...
Setting timeout for ldap ping
2018-01-12 11:22:27 +08:00
Tan Jiang
a392a8dc29
Provide API to rename admin
...
This is to provide a workaround for very corner case that in user's
authentication backend (LDAP, UAA) has a user called "admin" and because
Harbor's super user is hard coded to "admin" it's not possible to login
the "admin" with credentials in LDAP or UAA.
To minimize the impact, we'll provide an internal API for user to update
the super user's username from "admin" to "admin@harbor.local", this API
can be called by "admin" only, and is not reversible.
2018-01-11 23:01:06 +08:00
stonezdj
c48c7f7b6a
Setting timeout for ldap ping
2018-01-10 15:14:30 +08:00
Wenkai Yin
e26b442c9c
Merge pull request #3951 from ywk253100/180104_replicate_interval
...
Manual starting replication will be rejected if there are pending/running jobs
2018-01-10 10:56:45 +08:00
Daniel Jiang
f8af1f275e
Merge pull request #3911 from stonezdj/ldap_search_level
...
Ambiguous UI and internal values ldap_scope
2018-01-08 14:53:55 +08:00
Wenkai Yin
87ce1c84d5
Manual starting replication will be rejected if there are pending/running jobs
2018-01-05 17:05:57 +08:00
stonezdj
26b86984d2
Ambiguous UI and internal values ldap_scope #3764
2018-01-05 15:51:37 +08:00
pfh
13308ce9d8
Merge remote-tracking branch 'upstream/master' into repEnhance
2018-01-05 14:09:03 +08:00
Wenkai Yin
51297cdfd7
Merge pull request #3887 from ywk253100/171227_ssrf
...
Fix SSRF security issue #3755 in ping target, email server and LDAP server APIs
2018-01-04 18:11:47 +08:00
Daniel Jiang
8e5115c832
Merge pull request #3870 from stonezdj/ldap_syncuser2
...
Sync user email in ldap #3663
2018-01-04 13:28:51 +08:00
Wenkai Yin
3448fd9a2d
Fix SSRF security issue #3755 in ping target, email server and LDAP server APIs
2018-01-04 12:26:17 +08:00
Tan Jiang
e02de2068a
Enable configuring the CA Certificate for UAA
...
Enable configuring the path of root cert of UAA in harbor.cfg. It only
takes effects if the verify_cert is set to "true" If the file does not
exist, the configuration is skipped.
The intention for this commit is to support integration with nested UAA
in PAS or PKS, we don't expect user to manually configure this value,
though he can do it if he wants.
2018-01-03 16:21:29 +08:00
Wenkai Yin
96a63c56b1
Merge remote-tracking branch 'upstream/master' into 180103_merge
2018-01-03 10:32:03 +08:00
Wenkai Yin
a9d7403bee
Update project ID property if needed when updating replication policy
2017-12-27 15:04:26 +08:00
stonezdj
35716dedd3
Sync user email in ldap #3663
2017-12-26 18:53:32 +08:00
stonezdj
9f99d0400c
Call EscapeFilter for filter to avoid security issue
2017-12-26 15:34:14 +08:00
Daniel Jiang
94c78b3bee
Merge pull request #3858 from xuri/master
...
Simple code and typo fixed.
2017-12-26 12:06:27 +08:00
Tan Jiang
da20e4f11c
Search UAA when adding member to a project.
...
1)Enable UAA client to search UAA by calling '/Users' API.
2)Implement 'SearchUser' in UAA auth helper, register it to auth
package.
2017-12-26 00:25:32 +08:00
Ri Xu
9adccd3723
Simple code and typo fixed.
...
Signed-off-by: Ri Xu <xuri.me@gmail.com>
2017-12-23 20:55:07 +08:00
yixingjia
fa67e11680
Merge pull request #3831 from yixingjia/HA_Clair
...
Make Clair DB configurable
2017-12-21 11:31:26 +08:00
Tan Jiang
12cd733678
Remove useless code from UI router and API
...
Some URLs are not used on UI, so they are removed. And the validation
code of API is removed as we use the security context approach.
fix test issue
2017-12-20 23:10:38 +08:00
yixingj
f63588855f
Make Clair DB configurable
...
Make the HOST,PORT,USERNAME,DB configurable for
Clair
2017-12-20 18:29:50 +08:00
Wenkai Yin
8d62d989a5
Fix bug #4791
...
Remove the table join when querying repositories with project name
2017-12-19 21:47:39 +08:00
Tan Jiang
2ffc58a5d4
Refactor the configuraiton of UAA
...
Remove the attribute "uaa_ca_root" from harbor.cfg and introduce
"uaa_verify_cert". Similar to LDAP settings, this allow user to
explicitly turn of the cert verification against UAA server, such that
the code will work with self-signed certificate.
2017-12-19 14:42:07 +08:00
Daniel Jiang
62cebbdb5d
Merge pull request #3797 from reasonerjt/uaa-restriction
...
Disable user management features when auth mode is UAA.
2017-12-18 22:47:08 +08:00
Daniel Jiang
cdadc94d0f
Merge pull request #3804 from ywk253100/171215_jobservice
...
Print stack trace when recover from panic and print warning message rather than returning an error when updating 0 records
2017-12-18 16:36:20 +08:00
Tan Jiang
224f75b9a6
Refactor /users API, add more restircation in password reset
...
Simplified the code when checking if a user is modiable in different
auth modes.
Also add restriction in password, such that when the auth mode is not DB
auth, only the super user can choose to reset his password.
2017-12-18 14:32:29 +08:00
Wenkai Yin
260ef561c4
Update the HTTP client for easy use by add more util functions
2017-12-16 06:45:59 +08:00
stonezdj
9393d26fdc
Fix ldap ping issue #3653
2017-12-15 14:47:54 +08:00
Wenkai Yin
a736cb7b09
Update the HTTP client according to the comments
2017-12-15 09:40:31 +08:00
Wenkai Yin
b5e7de331e
Delete enabled and start_time properties of replication rule
2017-12-15 09:40:31 +08:00
Wenkai Yin
fe10c2e7f5
Create replicator to submit replication job to jobservice
2017-12-15 09:40:31 +08:00
Wenkai Yin
8b4fdfc2cc
Add unit tests for replication related methods
2017-12-15 09:40:31 +08:00
Wenkai Yin
a54b7dd4c0
Merge remote-tracking branch 'upstream/master' into 171219_merge
2017-12-15 08:48:57 +08:00
Wenkai Yin
43489c2b67
Print stack trace when recover from panic and print warning message rather than returning an error when updating 0 records
2017-12-14 13:48:45 +08:00
stone
cbd1431333
Merge pull request #3726 from stonezdj/ldap_refactor2
...
Refactor LDAP code
Changes include:
1. Use session to manage the lifecycle of LDAP connections
2. Abstract common AuthenticateHelper interface for db_auth, ldap_auth, uaa_auth
2017-12-13 16:21:20 +08:00
stonezdj
ec67974104
Refactor ldap
...
Changes include:
1. Use Session to manage the lifecycle of ldap connections
2. Abstract common AuthenticateHelper interface for db_auth, ldap_auth,
uaa_auth mode
2017-12-13 14:57:04 +08:00
Wenkai Yin
665a54edc3
Merge remote-tracking branch 'upstream/master' into 171213_merge
2017-12-13 13:40:24 +08:00
yixingj
9b03c93afd
Add database driver for Harbor configurations
...
1>Add a new database driver for configurations
2> change the current default driver from json
to database
2017-12-06 13:06:54 +08:00
Wenkai Yin
594d213630
Publish replication notification for manual, scheduel and immediate trigger
2017-12-04 15:07:30 +08:00
Daniel Jiang
d13321f2b5
Support getting user info via token in UAA Client ( #3686 )
2017-11-27 18:13:36 +08:00
Wenkai Yin
6b0ee138e5
Implement immediate trigger and the methods of WatchList
2017-11-27 14:23:21 +08:00
stonezdj
16243cfbbc
Add LDAP remote certifcate validation
...
push test
Add unit test for ldap verify cert
remove common.VerifyRemoteCert
Update code with PR review comments
Add change ldaps config and add UT testcase for TLS feature
add ldap verfiy cert checkbox about #3513
Draft harbor ova install guide
Search and import ldap user when add project members
Add unit test case for SearchAndImportUser
ova guide
Add ova install guide
Add ova install guide 2
Add ova install guide 3
Call ValidateLdapConf before search ldap
trim space in username
Remove leading space in openLdap username
Remove doc change in this branch
Update unit test for ldap search and import user
Add test case about ldap verify cert checkbox
Modify ldap testcase
2017-11-24 12:41:51 +08:00
Wenkai Yin
31cf6c078e
Implement replication policy manager
2017-11-16 10:55:03 +08:00
Steven Zou
c2e0c8d1f2
Define the related interfaces for triggers and core controllers of replication service
2017-11-10 15:06:24 +08:00
reasonerjt
19a13e8575
Deprivilege harbor-ui harbor-jobservice harbor-adminserver
...
Use non-root user to run the service within these docker images, and provide HEALTHCHECK
mechanism.
2017-11-09 03:09:09 -08:00
Wenkai Yin
149b628292
update
2017-11-09 16:20:56 +08:00
Wenkai Yin
5cef58baa1
update according to the comments
2017-11-08 17:53:41 +08:00
Daniel Jiang
8dfe5f0bfc
Merge pull request #3536 from ywk253100/171102_fail_earlier
...
Fail earlier when found database schema dismatch
2017-11-07 15:01:14 +08:00
Wenkai Yin
5293a9287b
Fail earlier when found database schema dismatch
2017-11-07 13:07:56 +08:00
Tan Jiang
512384722a
Make the internal URL of UI and JobService configurable
2017-11-03 20:43:25 +08:00
Wenkai Yin
51d5df0849
Update replication policy API to support trigger and filter
2017-11-02 14:59:26 +08:00
Steven Zou
87d966e369
Merge pull request #3510 from steven-zou/master
...
Update the alternate policy and corresponding task to support byweekly
2017-11-01 21:51:04 -05:00
Steven Zou
cee0bcec22
Update the alternate policy and corresponding task to support by weekly besides daily
2017-11-01 13:55:56 +08:00
Wenkai Yin
0ddca31355
Add column id to table project_metadagta as the primary key
2017-10-30 17:37:25 +08:00
Wenkai Yin
5b2ececae8
Merge pull request #3436 from ywk253100/171020_meta_api
...
Add project metadata API
2017-10-27 05:16:50 -05:00
Wenkai Yin
c355034c14
Add project metadata API
...
Project metadata API can be used to integrated with project management
service which can not provide all metadatas needed by Harbor.
2017-10-27 17:05:15 +08:00
Daniel Jiang
d8634290e8
Merge pull request #3420 from reasonerjt/master
...
Add Unit test cases for Clair Client.
2017-10-23 12:18:05 +08:00
Tan Jiang
b925569767
Add Unit test cases for Clair Client.
2017-10-22 21:54:04 +08:00
Wenkai Yin
2156750b04
Move certificate verification to target level
...
The certificate verification is on system level before this commit. Moving it
to target level makes the configuration more flexible for different targets.
2017-10-20 15:36:56 +08:00
Wenkai Yin
66b2d0d3f3
Apply project level policies to standalone Harbor
...
The following features are only enabled in integration mode, this commit moves
these to standalone Harbor:
- Content trust policy: only signed images can be pulled
- Vulnerability policy: only images whose severity is below the threshold can be pulled
- Automatic scan policy: automatic scan pushed images
2017-10-19 17:33:28 +08:00
Tan Jiang
eab6b43d99
Make the root CA certificate of UAA should be configurable
2017-10-16 17:40:29 +08:00
Tan Jiang
51286d9baa
Provide UAA authenticator for password based authentication.
2017-10-07 00:16:53 +08:00
Wenkai Yin
e495357d98
implement the default project metadata manager
2017-09-28 16:17:51 +08:00
Wenkai Yin
e79334a445
Add interfaces to implement project level policy ( #3271 )
...
* add interfaces to implement project level policy
2017-09-26 16:41:08 +08:00
Wenkai Yin
dc4f2ece72
readjust package structure
2017-09-20 15:24:19 +08:00
Wenkai Yin
f0946b63cf
fix code style issues reported by golint
2017-09-19 17:16:54 +08:00
Wenkai Yin
8d7644b8b5
Merge pull request #3151 from ywk253100/170830_email_insecure
...
Expose the insecure flag for email configuration
2017-09-15 15:01:30 +08:00
weibaohui
84d66d85fa
Correct spelling
...
Correct spelling
2017-09-11 15:13:24 +08:00
Wenkai Yin
923a8d65b1
expose insecure flag in api
2017-09-04 15:10:07 +08:00
Daniel Jiang
f41d2ff436
Merge pull request #3101 from ywk253100/170822_replica
...
Convert 500 error returned by Admiral to duplicate project error when creating duplicate project
2017-08-22 15:59:19 +08:00
Wenkai Yin
599d94be0c
update
2017-08-22 15:22:25 +08:00
Wenkai Yin
ffb2f4201b
update
2017-08-22 14:28:45 +08:00
Wenkai Yin
bb958a7f4b
convert 500 error returned by Admiral to duplicate project error when creating duplicate project
2017-08-22 13:34:06 +08:00
Tan Jiang
c1bbcb5bab
update the interval of clair updater to 12 hours, and update the interval for scan all to 2 hours
2017-08-21 13:45:23 +08:00
Wenkai Yin
7296bdc131
increase length of username in database to 256
2017-08-17 15:24:34 +08:00
Tan Jiang
2ffcf10eaa
restart scan jobs when jobservice is started
2017-08-16 17:24:41 +08:00
Daniel Jiang
1403fe09ff
Merge pull request #3030 from reasonerjt/fix-jobservice-update-vuln-bug
...
Do not throw error if the scan result is unchanged
2017-08-11 13:26:15 +08:00
Tan Jiang
882683ae6f
Do not throw error if the scan result is unchanged
2017-08-10 17:26:39 +08:00
Tan Jiang
5846d7d28d
add cve link in Harbor API
2017-08-10 15:27:30 +08:00
Daniel Jiang
5ba363657f
Merge pull request #3006 from ywk253100/170808_bug_fix
...
[BAT]Remove useless codes
2017-08-09 16:05:16 +08:00
Daniel Jiang
78bacbc80a
Merge pull request #2978 from wy65701436/issue-2975
...
Issue 2975
2017-08-09 16:05:00 +08:00
Wenkai Yin
7fedca3a4a
remove useless codes
2017-08-09 15:13:51 +08:00
Daniel Jiang
383a09e21f
Merge pull request #2982 from reasonerjt/tc-vuln-data
...
add tc for vulnerability transform
2017-08-08 12:15:54 +08:00
Steven Zou
b6b232ce6a
Merge pull request #2945 from vmware/fix_issue_#2762
...
Fix data race issues of go sources
2017-08-07 21:57:03 +08:00
Tan Jiang
5b6c53a1bf
add the json file required by UT
2017-08-07 21:12:49 +08:00
wangyan
657d3c322f
fix issue 2975
...
udpate
update
update
update
update
update
2017-08-07 18:01:37 +08:00
Tan Jiang
8f41be471d
add tc for vulnerability transform
2017-08-07 17:14:51 +08:00
Steven Zou
21d3f4a549
Fix data race issues of go sources
2017-08-07 14:50:37 +08:00
Daniel Jiang
6bd622196e
Merge pull request #2972 from reasonerjt/master
...
Fix perf issue and connection leak in Clair.
2017-08-04 19:48:26 +08:00
Tan Jiang
fa0cb8731c
Fix performance issue and connection leakage
2017-08-04 19:22:52 +08:00
Daniel Jiang
d4dce3bb60
Merge pull request #2970 from wy65701436/issue-2965
...
fix 2965
2017-08-04 19:17:01 +08:00
wangyan
5b54b554ab
update
2017-08-04 18:59:16 +08:00
wangyan
bcc1a5c41d
fix 2965
...
update package
update
2017-08-04 18:44:00 +08:00
Wenkai Yin
8963a15520
remove useless insecure flag
2017-07-31 13:45:49 +08:00
Wenkai Yin
a8dc75dd15
update
2017-07-28 13:10:26 +08:00
Wenkai Yin
1da9b8653b
update according to the comments
2017-07-27 18:23:55 +08:00
Wenkai Yin
0a74a0f1e4
update
2017-07-27 08:17:29 +08:00
Wenkai Yin
71e4c3c447
Merge remote-tracking branch 'upstream/master' into 170724_registry
...
Conflicts:
src/ui/utils/utils.go
2017-07-26 18:46:41 +08:00
Wenkai Yin
cc264f85e7
do not ping if using raw token authorizer
2017-07-26 18:41:36 +08:00
Daniel Jiang
69c49dd7d1
Merge pull request #2856 from reasonerjt/project-scan-all
...
Provide API for scanning images under a project
2017-07-26 10:58:58 +03:00
Tan Jiang
10c8573464
provide API for scanning images under a projet
2017-07-26 15:19:17 +08:00
Steven Zou
7c2699953d
Fix config change watching issue
2017-07-25 20:27:25 +08:00
Yan
274f764622
update interceptor error code ( #2836 )
...
* update interceptor error code
* update
* update error string
* update interceptor error code
update
update error string
2017-07-23 18:34:44 -07:00
Wenkai Yin
b127ba391d
Merge pull request #2827 from ywk253100/170720_replic
...
Fix replicate issue
2017-07-20 18:48:33 +08:00
Wenkai Yin
2e427bffe2
fix replicate issue
2017-07-20 16:47:14 +08:00
Wenkai Yin
603d15671a
delete the method of getting security context of specific user
2017-07-19 18:05:50 +08:00
Steven Zou
8f921db588
Refine scheduler
2017-07-19 16:57:22 +08:00
Steven Zou
5c876621ec
Merge branch 'master' into fix_issue_#2793
2017-07-19 12:34:43 +08:00
Wenkai Yin
44ad4581e5
Merge pull request #2807 from ywk253100/170718_integration
...
Support basic auth in integration mode
2017-07-19 10:14:44 +08:00
Wenkai Yin
fc2bb51582
support basic auth in integration mode
2017-07-18 19:20:19 +08:00
Steven Zou
201095a259
Enhance scanning policy notify handler and add more testing cases
2017-07-17 23:43:24 +08:00
Steven Zou
db58ca673d
Fix issue of detecting configuration changes
2017-07-17 17:39:41 +08:00
Tan Jiang
629cf29850
The password to access clair db can be configured in harbor.cfg, skip auto-scan if clair-db is not ready
2017-07-17 15:25:47 +08:00
Tan Jiang
771e26a188
fix bug
2017-07-14 14:53:12 +08:00
Tan Jiang
72b3a020e3
provide default timestamp for all distros in system info api
2017-07-13 18:48:05 +08:00
Daniel Jiang
ca6bd3b585
Merge pull request #2741 from reasonerjt/fetch-timestamp-from-clairdb
...
read last update from clair db, return in system info
2017-07-12 17:16:30 +08:00
Tan Jiang
7fdb77f6d2
fix tc
2017-07-12 16:48:57 +08:00
Tan Jiang
436f0efab8
overall timestamp returns 0 when error happens, split check and mark into two func
2017-07-12 15:57:57 +08:00
Wenkai Yin
ba22ee5022
Merge pull request #2738 from ywk253100/170711_integration
...
Disable some APIs in integration mode
2017-07-12 15:13:50 +08:00
Tan Jiang
5f233f3e21
address comment
2017-07-12 15:05:27 +08:00
Wenkai Yin
005d783463
Merge pull request #2732 from ywk253100/170710_bug_fix
...
Bug fix
2017-07-12 12:59:24 +08:00
Tan Jiang
543cf62e14
read last update from clair db, return in system info
2017-07-11 21:26:31 +08:00
Wenkai Yin
52f9e5f1c8
disable some APIs in integration mode
2017-07-11 18:13:48 +08:00
Steven Zou
cbdf49c8e9
Merge remote-tracking branch 'upstream/master'
2017-07-11 15:44:32 +08:00
Steven Zou
7ee052b9dd
Update policy scheduler according to comments
2017-07-11 15:22:00 +08:00
Wenkai Yin
0de64ed139
bug fix
2017-07-10 18:38:21 +08:00
Daniel Jiang
6fa12cdb1e
Merge pull request #2730 from reasonerjt/scan-all-control
...
restrict scan all API, it should be called once every a period of time
2017-07-10 16:17:26 +08:00
Wenkai Yin
0b282039e9
Merge pull request #2725 from ywk253100/170707_status_code
...
Return real status code returned by admiral APIs
2017-07-10 10:12:50 +08:00
Tan Jiang
eb11cda596
restrict scan all API, it should be called once every a period of time
2017-07-09 22:06:13 +08:00
Tan Jiang
e1e975096c
add int id for scan overview and revoke the change in beego
2017-07-09 12:37:08 +08:00
Steven Zou
ff889cedde
Fix conflict
2017-07-07 20:15:40 +08:00
Steven Zou
a0718385c1
Fix the import cycle issue
2017-07-07 20:12:01 +08:00
Wenkai Yin
d668730ffa
return real status code returned by admiral APIs
2017-07-07 18:40:57 +08:00
Tan Jiang
ca805759d9
update scan overview in notification handler, and return clair vuln timestamp in system info
2017-07-07 17:47:52 +08:00
Steven Zou
cadc1187c2
Merge remote-tracking branch 'upstream/master'
2017-07-07 00:39:29 +08:00
Steven Zou
44be165edf
Enable policy scheduler in ui main
2017-07-07 00:38:38 +08:00
Wenkai Yin
f7412b0c31
update auth context as Admiral's API changed
2017-07-06 18:32:22 +08:00
Wenkai Yin
cbaf24fe81
Merge pull request #2713 from ywk253100/170704_pm
...
Move some method of project manager to security context
2017-07-06 14:29:21 +08:00
Steven Zou
82e17fade1
refine scheduler according to review comments
2017-07-05 19:13:49 +08:00
Steven Zou
5a5eb1d377
Update commnets of exported methods and structs
2017-07-05 17:57:20 +08:00
Wenkai Yin
b866200e4f
Move some method of project manager to security context
2017-07-05 17:41:58 +08:00
Tan Jiang
8b31715b34
provide Clair notification handler
...
update the timestamp in DB, when handling the notification
2017-07-05 15:35:53 +08:00
Steven Zou
2bc557b559
Implement policy scheduler
2017-07-05 02:41:52 +08:00
Wenkai Yin
94507fc8a1
fix bugs found in test
2017-07-04 17:18:24 +08:00
Wenkai Yin
aac742e8ba
update
2017-07-04 12:33:11 +08:00
Wenkai Yin
3ebe1a824b
update codes of auth context
2017-07-03 13:37:55 +08:00
Daniel Jiang
ea827ffd6e
Merge pull request #2658 from ywk253100/170627_registry
...
Provide a method to get token from token service
2017-06-29 17:56:38 +08:00
Tan Jiang
af0e8c85bb
configuration api can handle scan all policy
2017-06-29 15:14:11 +08:00
Wenkai Yin
f806adaac4
update test cases of PMS project manager
2017-06-28 15:44:40 +08:00
Wenkai Yin
ab65bca2fe
Merge pull request #2649 from ywk253100/170627_service_account
...
Implement GetByMember function in PMS project manager
2017-06-28 15:25:21 +08:00
Wenkai Yin
4770aeba90
provide a method to get token from token service
2017-06-28 12:23:14 +08:00
Tan Jiang
00e86d86b6
provide an API to scan all images, and some refactory
2017-06-27 19:25:11 +08:00
Wenkai Yin
016af6bc78
implement GetByMember function in PMS project manager
2017-06-27 18:44:20 +08:00
Daniel Jiang
34871fe202
Merge pull request #2627 from reasonerjt/clair-integration
...
small refinement to clair client
2017-06-26 14:34:08 +08:00
Wenkai Yin
c50e2a5606
Merge pull request #2607 from ywk253100/170622_project
...
Fix bug: can't show the role of member
2017-06-26 10:17:36 +08:00
Tan Jiang
ed296812f0
small refinement to clair client
2017-06-25 11:44:56 +08:00
Wenkai Yin
b960565d11
Merge remote-tracking branch 'upstream/master' into 170621_auth
...
Conflicts:
src/ui/filter/security.go
2017-06-23 18:49:08 +08:00
Wenkai Yin
94822746f1
implement admiral login
2017-06-23 18:17:45 +08:00
Wenkai Yin
419cf8dfc3
fix bug: can't show the role of member
2017-06-23 17:23:00 +08:00
Wenkai Yin
0b55ce6e80
add GetAll support in PMS project manager
2017-06-23 16:53:59 +08:00
Wenkai Yin
4fe5881121
bug fix
2017-06-21 19:24:29 +08:00
Yan
38b09f9f3f
Merge pull request #2579 from ywk253100/170620_pm
...
Using project manager instead of DAO project methods
2017-06-20 05:40:55 -07:00
Wenkai Yin
d0eec5bb0d
Merge pull request #2558 from ywk253100/170618_auth
...
Add security context based on admiral
2017-06-20 17:18:28 +08:00
Wenkai Yin
de2479edee
update
2017-06-20 13:49:41 +08:00
Wenkai Yin
0aed9a1171
use project manager instead of dao method
2017-06-20 13:19:43 +08:00
Tan Jiang
a1a08ebed0
provide API to get vulnerability details
2017-06-20 12:10:55 +08:00
Wenkai Yin
8191f4a476
add security context based on admiral
2017-06-18 22:19:12 +08:00
Wenkai Yin
482f91d91a
Merge pull request #2547 from ywk253100/170616_user
...
Bug fix
2017-06-16 18:12:21 +08:00
Wenkai Yin
df56010739
bug fix
2017-06-16 17:23:22 +08:00
Wenkai Yin
9fb0ad6c0d
Merge pull request #2543 from reasonerjt/clair-integration
...
provide POST api/repostitores/xxx/tags/xxx/scan to trigger image scan
2017-06-16 17:04:34 +08:00
Wenkai Yin
b8d17eeb79
replace trimleft with trimprefix
2017-06-16 16:30:40 +08:00
Tan Jiang
41346fe8c0
provide POST api/repostitores/xxx/tags/xxx/scan to trigger image scan
2017-06-15 20:23:55 +08:00
Tan Jiang
15384317e0
add with_clair flag in systeminfo
2017-06-15 16:15:46 +08:00
Daniel Jiang
6a85012dbd
Merge pull request #2525 from reasonerjt/clair-integration
...
GET tags api includes scan overview
2017-06-15 15:34:05 +08:00
Wenkai Yin
7d595c10c5
Merge pull request #2485 from ywk253100/170608_project
...
Refactor GET /projects API
2017-06-14 21:03:28 +08:00
Tan Jiang
f016dd113c
GET tags api includes scan overview
2017-06-14 21:02:59 +08:00
Wenkai Yin
d6c084485b
Merge pull request #2497 from ywk253100/170612_user
...
Support pagination in GET /users API
2017-06-14 20:49:59 +08:00
Wenkai Yin
aecfcef51a
Merge remote-tracking branch 'upstream/master' into 170608_project
2017-06-14 20:46:23 +08:00
Wenkai Yin
421e9b114e
update
2017-06-14 20:35:51 +08:00
Wenkai Yin
802a2fbcce
update
2017-06-14 20:23:29 +08:00
Tan Jiang
8590c8d6bb
remove orm debug setting from test case
2017-06-14 16:11:23 +08:00
Tan Jiang
ae2d868fd4
handlers for image scan, store results overview in DB
2017-06-13 23:37:54 +08:00
Wenkai Yin
f0c47b990b
Merge pull request #2495 from ywk253100/170605_pm
...
Implement project manager based on PMS
2017-06-13 15:46:48 +08:00
Wenkai Yin
5a25445096
update according to the comments
2017-06-13 15:28:48 +08:00
Wenkai Yin
539c0375a1
support pagination
2017-06-12 18:36:10 +08:00
Wenkai Yin
0925fd35f1
implement project manager based on PMS
2017-06-12 14:43:26 +08:00
Wenkai Yin
20cf8de0f7
Merge remote-tracking branch 'upstream/master' into 170608_project
2017-06-09 16:41:13 +08:00
Wenkai Yin
e97d7dab85
refactor GET /projects
2017-06-09 16:41:02 +08:00
Tan Jiang
58c4993974
add handlers in statemachine
2017-06-09 14:55:15 +08:00
Wenkai Yin
f700b1bfc6
Merge pull request #2461 from ywk253100/170607_log_api
...
Support query logs according to different conditions
2017-06-09 11:08:08 +08:00
Daniel Jiang
42984fe1c9
refactory for scan job service ( #2459 )
...
* refactory for scan job service and implement ScanJob.
2017-06-08 15:04:23 +08:00
Wenkai Yin
b2380818fd
support query logs according to conditions
2017-06-08 14:44:08 +08:00
Wenkai Yin
9c4adbe8c9
Merge remote-tracking branch 'upstream/master' into 170525_log_pagination
...
Conflicts:
src/common/security/rbac/context_test.go
src/ui/api/statistic.go
src/ui/projectmanager/pm.go
2017-06-05 16:53:15 +08:00
Yan
d00aba8de8
Merge pull request #2367 from ywk253100/170524_search
...
Refactor search API
2017-06-04 22:41:55 -07:00
Yan
158d14f559
Merge pull request #2358 from ywk253100/170523_replica
...
Refactor policy, job, target API
2017-06-04 20:29:05 -07:00
Wenkai Yin
1b83c0b076
support pagination in GET recent logs API
2017-05-26 17:51:20 +08:00
Wenkai Yin
cf306ec66e
refactor statistics API
2017-05-24 16:34:33 +08:00
Wenkai Yin
97972028e1
refactor search API
2017-05-24 13:33:46 +08:00
Wenkai Yin
33e2e87b62
refactor system info API
2017-05-23 18:40:09 +08:00
Wenkai Yin
92dcf4bfd3
refactor policy, job, target API
2017-05-23 16:57:25 +08:00
Daniel Jiang
1c441b17be
refactor job service ( #2348 )
2017-05-22 22:33:20 -07:00
Wenkai Yin
7df2be19de
update
2017-05-19 13:24:31 +08:00
Wenkai Yin
b5279ea1f1
update
2017-05-17 17:54:10 +08:00
Wenkai Yin
e1c1b8ec34
refactor project api
2017-05-16 15:02:37 +08:00
Wenkai Yin
e28ad39430
Merge pull request #2290 from ywk253100/170511_merge
...
Refactor auth of token service
2017-05-12 16:42:23 +08:00
Wenkai Yin
7e805b2dd4
refactor auth of token service
2017-05-12 16:27:13 +08:00
Daniel Jiang
5892ef29c2
Merge pull request #2291 from reasonerjt/vulscan-job-refactory
...
add scan job table and dao functions
2017-05-12 02:45:55 -04:00
Tan Jiang
7d7d0c48f4
fix golin, add update status
2017-05-11 23:47:12 +08:00
Tan Jiang
dcbfb4d309
add scan job table and dao functions
2017-05-11 21:41:57 +08:00
Wenkai Yin
06ba7e0de0
update
2017-05-11 12:34:14 +08:00
Wenkai Yin
8f396b44f3
Merge remote-tracking branch 'upstream/master' into 170509_repo_api
...
Conflicts:
src/ui/api/repository.go
2017-05-10 15:53:24 +08:00
Wenkai Yin
b02bbc0adf
refactor repository API
2017-05-10 15:43:45 +08:00
Yan
8db1b2807e
Merge pull request #2197 from ywk253100/170502_change_userid
...
Delete column user_id from table access_log
2017-05-10 00:02:54 -07:00
Wenkai Yin
b5ef2c231d
Merge pull request #2254 from ywk253100/170504_security_context
...
Create different security contexts and project managers according to the request
2017-05-09 17:41:19 +08:00
Wenkai Yin
f8615e4746
create different security context according to the rquest
2017-05-09 17:02:29 +08:00
Tan Jiang
fd8fd2fbe1
Enable project level content trust, controlled by environment variable
2017-05-09 15:36:58 +08:00
Wenkai Yin
3591086259
update
2017-05-04 12:27:14 +08:00
Wenkai Yin
22826b5309
update
2017-05-03 17:22:19 +08:00
Wenkai Yin
d5db9db00b
update
2017-05-03 17:21:38 +08:00
Wenkai Yin
3be9cca0f5
delete column user_id from table accesslog
2017-05-03 14:18:07 +08:00
Wenkai Yin
ac7256efbd
implement security context interface for database
2017-05-02 17:36:38 +08:00
Wenkai Yin
4eca617916
Merge remote-tracking branch 'upstream/master' into 170427_delete_ownerid
2017-05-02 14:58:36 +08:00
Wenkai Yin
4f9d9ed5d8
delete owner_id column from table repository
2017-05-02 14:57:07 +08:00
kunw
5ed47c0316
Merge release-1.1.0
2017-05-02 13:27:06 +08:00
Wenkai Yin
80d83d97bd
Merge pull request #2158 from ywk253100/170427_pm
...
Implement security context for secret
2017-05-02 13:12:20 +08:00
Daniel Jiang
97e214c3d3
bypass some email test ( #2184 )
2017-05-02 12:48:44 +08:00
Wenkai Yin
e08b8217c3
implement security context for secret
2017-04-27 17:33:24 +08:00
Daniel Jiang
eb39fbf814
Merge pull request #2157 from vmware/release-1.1.0
...
merge 1.1.0 fix code into master
2017-04-27 17:27:23 +08:00
Wenkai Yin
f92b17e8b9
Merge remote-tracking branch 'upstream/release-1.1.0' into 170424_ldap_fix
2017-04-26 15:29:04 +08:00