Wang Yan
738fde7d3b
remove chartmuseum backend ( #18191 )
...
Harbor deprecates chartmuseum as of v2.8.0
Epic: https://github.com/goharbor/harbor/issues/17958
Discussion: https://github.com/goharbor/harbor/discussions/15057
Signed-off-by: Wang Yan <wangyan@vmware.com>
2023-02-16 18:11:05 +08:00
Chlins Zhang
bfe4362a67
fix: remove the scan exports volume ( #18107 )
...
1. Change the Export CVE temporary file directory to /tmp.
2. Remove the scan data export volume in Dockerfile and docker-compose
yaml.
Fixes : #18067
Signed-off-by: chlins <chenyuzh@vmware.com>
2023-01-31 17:30:47 +08:00
prahaladdarkin
130452111b
Vulnerability scan data export functionality ( #15998 )
...
Vulnerability Scan Data (CVE) Export Functionality
Proposal - goharbor/community#174
Closes - https://github.com/goharbor/harbor/issues/17150
Changes:
* CVE Data export to CSV with filtering support.
* Implement CSV data export job for creating CSVs
* APIs to trigger CSV export job executions
Signed-off-by: prahaladdarkin <prahaladd@vmware.com>
2022-07-11 16:35:04 +08:00
Wang Yan
93a078d225
deprecate dns search ( #15557 )
...
For details, please refer to https://github.com/goharbor/harbor/issues/14146#issuecomment-793390718
and https://github.com/docker/for-linux/issues/1164 .
If anyone encounter the issue mentioned by https://github.com/goharbor/harbor/issues/6031 , add the dns_search: . to the releated container.
Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-09-08 14:22:59 +08:00
DQ
68ac772726
Fix: Remove v6 format of harbor
...
Signed-off-by: DQ <dengq@vmware.com>
2021-06-07 16:26:53 +08:00
Qian Deng
0867a6bfd6
Merge pull request #15055 from ninjadq/health_check_url_2_dn_instead_of_ip
...
Add IPv6 support
2021-06-03 17:57:55 +08:00
DQ
1b6b47f860
Add IPv6 support
...
* 127.0.0.1 to localhost
* listening net addr add ipv6 format
Signed-off-by: DQ <dengq@vmware.com>
2021-06-03 09:04:49 +00:00
Wang Yan
eec9893918
set shm size of postgres
...
Fixed #15034 , as for postgres 13, the default shm size is 64MB, set to 1gb to avoid could not resize shared memory segment error.
Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-06-03 11:05:33 +08:00
DQ
92cf728371
Add custom cert for exporter
...
* injecting custom certs related config to exporter
Signed-off-by: DQ <dengq@vmware.com>
2021-01-20 10:52:34 +08:00
DQ
f0db193895
Add prepare file for exporter
...
prepare env for exporter
Signed-off-by: DQ <dengq@vmware.com>
2020-12-09 21:22:13 +08:00
DQ
0c9faea294
Clean up Clair in prepare script
...
Signed-off-by: DQ <dengq@vmware.com>
2020-11-10 11:39:18 +08:00
DQ
eb470501be
Add metrics to Harbor Core
...
1. Add configs in prepare
2. Add models and config items in Core
3. Encapdulate getting metric in commom package
4. Add a middleware for global request to collect 3 metrics
Signed-off-by: DQ <dengq@vmware.com>
2020-11-03 14:33:10 +08:00
DQ
a251e90507
Add log denpendency ti trivy
...
To void trivy can not start issue
Signed-off-by: DQ <dengq@vmware.com>
2020-08-13 11:35:21 +08:00
DQ
d3ab9d7c6b
Add internal tls configs for portal
...
add related file, config, command to enabled https for portal
Signed-off-by: DQ <dengq@vmware.com>
2020-07-31 12:10:47 +08:00
DQ
b06e19a637
Fix: GCS storage gc issue
...
Mount gcs key to registryctl
Signed-off-by: DQ <dengq@vmware.com>
2020-04-29 15:04:16 +08:00
DQ
f70339870a
Enhance: Create shared to store shared ca
...
this shared ca will mount to all harbor components
Signed-off-by: DQ <dengq@vmware.com>
2020-04-28 02:58:11 +08:00
DQ
42c1095216
Fix cert issue of trivy
...
Trivy can't access harbor from external if https enabled so inject cert to trivy container trust
Signed-off-by: DQ <dengq@vmware.com>
2020-04-16 10:52:03 +08:00
DQ
08ff622310
Remove lines not needed
...
volume already defined above
Signed-off-by: DQ <dengq@vmware.com>
2020-04-09 20:06:51 +08:00
DQ
4a836ea975
Fix health check url
...
health check url should depend on internal https
Signed-off-by: DQ <dengq@vmware.com>
2020-04-07 03:35:52 +00:00
DQ
cdb675bf3d
Add proxy cert file to jobservice when https enabled
...
jobservice may request via absolute path of url to harbor
Signed-off-by: DQ <dengq@vmware.com>
2020-04-04 17:44:34 +00:00
Qian Deng
a702c32346
Merge pull request #11063 from ninjadq/fix_syslog_dir_in_tpl
...
Fix: fix logrotate is dir issue
2020-04-02 11:37:29 +08:00
DQ
b93092e012
Add tls for trivy
...
Add trivy tls cert files
Add tivey tls env and config
enhance gencert
Signed-off-by: DQ <dengq@vmware.com>
2020-03-18 19:22:10 +08:00
DQ
03e11c63c7
Fix docker file with secure tls change
...
Signed-off-by: DQ <dengq@vmware.com>
2020-03-18 19:22:10 +08:00
DQ
dcc6950af7
Feat: auto install ca in registry
...
Signed-off-by: DQ <dengq@vmware.com>
2020-03-18 19:22:09 +08:00
DQ
a4855cca36
Feat: update prepare to support tls
...
update makefile
add model for prepare
update jinja template for prepare
Signed-off-by: DQ <dengq@vmware.com>
2020-03-18 19:22:09 +08:00
DQ
1eeea6b888
Fix: fix logrotate is dir issue
...
Change it to bind command
Signed-off-by: DQ <dengq@vmware.com>
2020-03-13 14:58:45 +08:00
Daniel Pacak
a642667ffc
chore(install): Add --with-trivy arg to the installation script
...
Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
2020-02-12 23:47:56 +01:00
Wenkai Yin
dd2bc0ecef
Clean up admiral-related code
...
Clean up admiral-related code as it's useless
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2019-11-28 17:28:54 +08:00
He Weiwei
fe69a5df99
build(scanner-adapter): bump up clair adapter to v1.0.1-rc2
...
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2019-11-13 02:35:21 +00:00
He Weiwei
8964a8697a
build(clair): internal clair adapter when install with clair
...
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2019-10-17 12:00:51 +08:00
DQ
fe3c71094b
Disable redis and db containers if external db enabled
...
If depend on external redis or pg. local db and redis should not start. Therefore can save some resources.
Signed-off-by: DQ <dengq@vmware.com>
2019-08-26 17:59:13 +08:00
Qian Deng
b4975d8601
Fix nginx permission issue
...
* mount root of host
* copy file to data dir and change ownership and permission
Signed-off-by: Qian Deng <dengq@vmware.com>
2019-08-13 02:59:27 +00:00
Qian Deng
303471563f
DB container run as non-root
...
Signed-off-by: Qian Deng <dengq@vmware.com>
2019-08-06 05:21:47 +00:00
Qian Deng
8b7f1ae4c0
Add proxy nginx container as non-root user
...
Signed-off-by: Qian Deng <dengq@vmware.com>
2019-08-06 05:21:47 +00:00
Qian Deng
904f04fac1
Enhance: Running contaienr with non-root user
...
* core
* portal
Signed-off-by: Qian Deng <dengq@vmware.com>
2019-08-06 05:21:45 +00:00
DQ
6cf4596292
Add supoort for external endpoint
...
Add config item in harbor.yml
Make fowarding rule configurable
Signed-off-by: DQ <dengq@vmware.com>
2019-07-17 16:23:37 +08:00
stonezdj
a8cd1bca59
Change the mount target of gcs.key file
...
Signed-off-by: stonezdj <stonezdj@gmail.com>
2019-06-16 13:34:32 +08:00
Qian Deng
d255e66604
Remove -it in docker run
...
Signed-off-by: Qian Deng <dengq@vmware.com>
2019-05-10 15:31:58 +08:00
Qian Deng
f9f9661acd
New type of bind volume
...
using long style bind volume
Signed-off-by: Qian Deng <dengq@vmware.com>
2019-05-10 13:18:48 +08:00
Qian Deng
cd9932db23
Update the path of server.key and server.crt
...
change the path of cert key paris to prevent futrue issues.
Signed-off-by: Qian Deng <dengq@vmware.com>
2019-05-10 13:18:48 +08:00
Qian Deng
39f2bf2dfe
Merge pull request #7639 from ninjadq/fix_chart_storage_issue
...
Fix chart storage keyfile issue in gcs
2019-05-09 16:26:03 +08:00
Daniel Jiang
a67cc2b8b5
Merge pull request #7640 from ninjadq/remove_env_duplicate_items
...
Remove duplicate env items
2019-05-09 15:35:26 +08:00
Qian Deng
322b108acf
Remove duplicate env items
...
some env items are duplicate in both env and config_env file
Signed-off-by: Qian Deng <dengq@vmware.com>
2019-05-09 10:55:39 +08:00
Qian Deng
d0e5936665
Fix chart storage keyfile issue in gcs
...
Add volumn binding on docker-compose.yml
Signed-off-by: Qian Deng <dengq@vmware.com>
2019-05-08 19:20:36 +08:00
Qian Deng
3550e2eb23
Merge pull request #7624 from ninjadq/prepare_for_harbor_tile
...
Prepare for harbor tile
2019-05-08 17:45:38 +08:00
Qian Deng
a70202f063
Add redirect disable item
...
if set storage redirect disable ture, will render it in registry config file
Signed-off-by: Qian Deng <dengq@vmware.com>
2019-05-08 16:05:22 +08:00
Daniel Jiang
0bb2829d27
Alow user to set CA cert for UAA in harbor.yml
...
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2019-05-06 17:32:02 +08:00
Wang Yan
a1ad6374ae
add install cert for registry contoller ( #7633 )
...
Mount the ca bunlder into registry controller, and add them into os
trust store that resolves the problem of garabe collection on ca
enabled registry.
Signed-off-by: wang yan <wangyan@vmware.com>
2019-05-05 15:24:52 +08:00
Qian Deng
9ddfd259d3
Fix bug when rendering port in proxy
...
rendering 443 when https enabled
rendering 4443 when notary enabled
Signed-off-by: Qian Deng <dengq@vmware.com>
2019-04-16 11:20:13 +08:00
Qian Deng
deba378842
Enhance: Refacotr Registry config file
...
1. Refactor registry configs
2. cp gcs keyfile is exist
Signed-off-by: Qian Deng <dengq@vmware.com>
2019-04-09 14:40:41 +08:00