Commit Graph

276 Commits

Author SHA1 Message Date
Tan Jiang
12cd733678 Remove useless code from UI router and API
Some URLs are not used on UI, so they are removed.  And the validation
code of API is removed as we use the security context approach.

fix test issue
2017-12-20 23:10:38 +08:00
Tan Jiang
2ffc58a5d4 Refactor the configuraiton of UAA
Remove the attribute "uaa_ca_root" from harbor.cfg and introduce
"uaa_verify_cert".  Similar to LDAP settings, this allow user to
explicitly turn of the cert verification against UAA server, such that
the code will work with self-signed certificate.
2017-12-19 14:42:07 +08:00
Daniel Jiang
62cebbdb5d
Merge pull request #3797 from reasonerjt/uaa-restriction
Disable user management features when auth mode is UAA.
2017-12-18 22:47:08 +08:00
Daniel Jiang
cdadc94d0f
Merge pull request #3804 from ywk253100/171215_jobservice
Print stack trace when recover from panic and print warning message rather than returning an error when updating 0 records
2017-12-18 16:36:20 +08:00
Tan Jiang
224f75b9a6 Refactor /users API, add more restircation in password reset
Simplified the code when checking if a user is modiable in different
auth modes.
Also add restriction in password, such that when the auth mode is not DB
auth, only the super user can choose to reset his password.
2017-12-18 14:32:29 +08:00
stonezdj
9393d26fdc Fix ldap ping issue #3653 2017-12-15 14:47:54 +08:00
Wenkai Yin
43489c2b67 Print stack trace when recover from panic and print warning message rather than returning an error when updating 0 records 2017-12-14 13:48:45 +08:00
stone
cbd1431333
Merge pull request #3726 from stonezdj/ldap_refactor2
Refactor LDAP code

Changes include:
1. Use session to manage the lifecycle of LDAP connections
2. Abstract common AuthenticateHelper interface for db_auth, ldap_auth, uaa_auth
2017-12-13 16:21:20 +08:00
stonezdj
ec67974104 Refactor ldap
Changes include:

1. Use Session to manage the lifecycle of ldap connections
2. Abstract common AuthenticateHelper interface for db_auth, ldap_auth,
uaa_auth mode
2017-12-13 14:57:04 +08:00
yixingj
9b03c93afd Add database driver for Harbor configurations
1>Add a new database driver for configurations
2> change the current default driver from json
to database
2017-12-06 13:06:54 +08:00
Daniel Jiang
d13321f2b5
Support getting user info via token in UAA Client (#3686) 2017-11-27 18:13:36 +08:00
stonezdj
16243cfbbc Add LDAP remote certifcate validation
push test

Add unit test for ldap verify cert

remove common.VerifyRemoteCert

Update code with PR review comments

Add change ldaps config and add UT testcase for TLS feature

add ldap verfiy cert checkbox about #3513

Draft harbor ova install guide

Search and import ldap user when add project members

Add unit test case for SearchAndImportUser

ova guide

Add ova install guide

Add ova install guide 2

Add ova install guide 3

Call ValidateLdapConf before search ldap

trim space in username

Remove leading space in openLdap username

Remove doc change in this branch

Update unit test for ldap search and import user

Add test case about ldap verify cert checkbox

Modify ldap testcase
2017-11-24 12:41:51 +08:00
reasonerjt
19a13e8575 Deprivilege harbor-ui harbor-jobservice harbor-adminserver
Use non-root user to run the service within these docker images, and provide HEALTHCHECK
mechanism.
2017-11-09 03:09:09 -08:00
Daniel Jiang
8dfe5f0bfc
Merge pull request #3536 from ywk253100/171102_fail_earlier
Fail earlier when found database schema dismatch
2017-11-07 15:01:14 +08:00
Wenkai Yin
5293a9287b Fail earlier when found database schema dismatch 2017-11-07 13:07:56 +08:00
Tan Jiang
512384722a Make the internal URL of UI and JobService configurable 2017-11-03 20:43:25 +08:00
Wenkai Yin
0ddca31355 Add column id to table project_metadagta as the primary key 2017-10-30 17:37:25 +08:00
Wenkai Yin
5b2ececae8 Merge pull request #3436 from ywk253100/171020_meta_api
Add project metadata API
2017-10-27 05:16:50 -05:00
Wenkai Yin
c355034c14 Add project metadata API
Project metadata API can be used to integrated with project management
service which can not provide all metadatas needed by Harbor.
2017-10-27 17:05:15 +08:00
Daniel Jiang
d8634290e8 Merge pull request #3420 from reasonerjt/master
Add Unit test cases for Clair Client.
2017-10-23 12:18:05 +08:00
Tan Jiang
b925569767 Add Unit test cases for Clair Client. 2017-10-22 21:54:04 +08:00
Wenkai Yin
2156750b04 Move certificate verification to target level
The certificate verification is on system level before this commit. Moving it
to target level makes the configuration more flexible for different targets.
2017-10-20 15:36:56 +08:00
Wenkai Yin
66b2d0d3f3 Apply project level policies to standalone Harbor
The following features are only enabled in integration mode, this commit moves
these to standalone Harbor:
 - Content trust policy: only signed images can be pulled
 - Vulnerability policy: only images whose severity is below the threshold can be pulled
 - Automatic scan policy: automatic scan pushed images
2017-10-19 17:33:28 +08:00
Tan Jiang
eab6b43d99 Make the root CA certificate of UAA should be configurable 2017-10-16 17:40:29 +08:00
Tan Jiang
51286d9baa Provide UAA authenticator for password based authentication. 2017-10-07 00:16:53 +08:00
Wenkai Yin
e495357d98 implement the default project metadata manager 2017-09-28 16:17:51 +08:00
Wenkai Yin
e79334a445 Add interfaces to implement project level policy (#3271)
* add interfaces to implement project level policy
2017-09-26 16:41:08 +08:00
Wenkai Yin
dc4f2ece72 readjust package structure 2017-09-20 15:24:19 +08:00
Wenkai Yin
f0946b63cf fix code style issues reported by golint 2017-09-19 17:16:54 +08:00
Wenkai Yin
8d7644b8b5 Merge pull request #3151 from ywk253100/170830_email_insecure
Expose the insecure flag for email configuration
2017-09-15 15:01:30 +08:00
weibaohui
84d66d85fa Correct spelling
Correct spelling
2017-09-11 15:13:24 +08:00
Wenkai Yin
923a8d65b1 expose insecure flag in api 2017-09-04 15:10:07 +08:00
Daniel Jiang
f41d2ff436 Merge pull request #3101 from ywk253100/170822_replica
Convert 500 error returned by Admiral to duplicate project error when creating duplicate project
2017-08-22 15:59:19 +08:00
Wenkai Yin
599d94be0c update 2017-08-22 15:22:25 +08:00
Wenkai Yin
ffb2f4201b update 2017-08-22 14:28:45 +08:00
Wenkai Yin
bb958a7f4b convert 500 error returned by Admiral to duplicate project error when creating duplicate project 2017-08-22 13:34:06 +08:00
Tan Jiang
c1bbcb5bab update the interval of clair updater to 12 hours, and update the interval for scan all to 2 hours 2017-08-21 13:45:23 +08:00
Wenkai Yin
7296bdc131 increase length of username in database to 256 2017-08-17 15:24:34 +08:00
Tan Jiang
2ffcf10eaa restart scan jobs when jobservice is started 2017-08-16 17:24:41 +08:00
Daniel Jiang
1403fe09ff Merge pull request #3030 from reasonerjt/fix-jobservice-update-vuln-bug
Do not throw error if the scan result is unchanged
2017-08-11 13:26:15 +08:00
Tan Jiang
882683ae6f Do not throw error if the scan result is unchanged 2017-08-10 17:26:39 +08:00
Tan Jiang
5846d7d28d add cve link in Harbor API 2017-08-10 15:27:30 +08:00
Daniel Jiang
5ba363657f Merge pull request #3006 from ywk253100/170808_bug_fix
[BAT]Remove useless codes
2017-08-09 16:05:16 +08:00
Daniel Jiang
78bacbc80a Merge pull request #2978 from wy65701436/issue-2975
Issue 2975
2017-08-09 16:05:00 +08:00
Wenkai Yin
7fedca3a4a remove useless codes 2017-08-09 15:13:51 +08:00
Daniel Jiang
383a09e21f Merge pull request #2982 from reasonerjt/tc-vuln-data
add tc for vulnerability transform
2017-08-08 12:15:54 +08:00
Steven Zou
b6b232ce6a Merge pull request #2945 from vmware/fix_issue_#2762
Fix data race issues of go sources
2017-08-07 21:57:03 +08:00
Tan Jiang
5b6c53a1bf add the json file required by UT 2017-08-07 21:12:49 +08:00
wangyan
657d3c322f fix issue 2975
udpate

update

update

update

update

update
2017-08-07 18:01:37 +08:00
Tan Jiang
8f41be471d add tc for vulnerability transform 2017-08-07 17:14:51 +08:00