Upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor.git synced 2024-07-26 14:15:11 +02:00
Code Issues Projects Releases Wiki Activity
9,838 Commits 41 Branches 306 Tags 338 MiB
17f3bfccb4
Commit Graph

437 Commits

Author SHA1 Message Date
DQ
17f3bfccb4 Fix trivy setting in upgrading script 
Signed-off-by: DQ <dengq@vmware.com>
 2020-09-08 18:15:57 +08:00
He Weiwei
687043c298
Merge pull request #12880 from stefannica/use-exit-in-db-entrypoint 
Use exec in harbor database entrypoint
 2020-08-28 10:09:58 +08:00
Ziming Zhang
ff19dd499c fix(jobservice) redis sentinel failover hang 
Signed-off-by: Ziming Zhang <zziming@vmware.com>
 2020-08-26 10:42:44 +08:00
Stefan Nica
1c768d0bf1 Use exec in harbor database entrypoint 
The harbor-db pod takes a long time to terminate. Using an `exec`
command in the entrypoint ensures that Unix signals reach the
postgres process [1].

[1] https://docs.docker.com/engine/reference/builder/#exec-form-entrypoint-example

Signed-off-by: Stefan Nica <snica@suse.com>
 2020-08-25 20:24:52 +02:00
Daniel Jiang
4f812f7926
Merge pull request #12811 from ninjadq/fix_portal_health_check 
Fix schema of the portal health check
 2020-08-21 13:44:47 +08:00
Dirk Mueller
08a4d8efd2
Update to golang 1.14.7 (#12809) 
We should use a golang that isn't having security issues.

This includes:
* go1.14.6 (released 2020/07/16) includes fixes to the go command, the
compiler, the linker, vet, and the database/sql, encoding/json,
net/http, reflect, and testing packages. See the Go 1.14.6 milestone on
our issue tracker for details.

* go1.14.7 (released 2020/08/06) includes security fixes to the
encoding/binary package. See the Go 1.14.7 milestone on our issue
tracker for details (CVE-2020-16845)

Signed-off-by: Dirk Mueller <dirk@dmllr.de>
Signed-off-by: Dirk Mueller <dmueller@suse.com>
 2020-08-20 15:38:35 +08:00
DQ
e9323ca268 Fix schema of the portal health check 
it should be https

Signed-off-by: DQ <dengq@vmware.com>
 2020-08-19 15:58:51 +08:00
Wenkai Yin
b1ddb5e2cc Implement the icon API to get the icon of artifact 
Implement the icon API to get the icon of artifact

Signed-off-by: Wenkai Yin <yinw@vmware.com>
 2020-08-15 08:40:38 +08:00
Qian Deng
5dbbfa76d3
Merge pull request #12766 from ninjadq/add_log_dependency_to_trivy 
Add log denpendency ti trivy
 2020-08-13 18:23:09 +08:00
Qian Deng
78d4b54ddc
Merge pull request #12765 from ninjadq/fix_trivy_append_in_2_1_0_config 
Fix: append trivy every time when run migrate
 2020-08-13 14:47:54 +08:00
DQ
a251e90507 Add log denpendency ti trivy 
To void trivy can not start issue

Signed-off-by: DQ <dengq@vmware.com>
 2020-08-13 11:35:21 +08:00
DQ
7ba498be5b Fix: append trivy every time run migrate 
Signed-off-by: DQ <dengq@vmware.com>
 2020-08-11 17:43:25 +08:00
He Weiwei
8f036c765a chore(images): install shadow package in base images 
The latest `photon:2.0` does not include `groupadd` and `useradd`
we need to install `shadow` package which includes these commands.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2020-08-10 10:23:48 +00:00
Wenkai Yin(尹文开)
e8f9fb63c0
Merge pull request #12674 from reasonerjt/standalone-db-migrator 
Provide a standalone migrator to migrate DB schema.
 2020-08-10 15:11:52 +08:00
Tianon Gravi
4752cac051 Remove unused "sudo" package from most images 
Notably missing is the "log" image, which still uses sudo.

Signed-off-by: Tianon Gravi <tianon@infosiftr.com>
 2020-08-06 12:44:06 -07:00
Daniel Jiang
4f94f59d2a Provide a standalone migrator to migrate DB schema. 
Fixes #11885
This part will not by default be packaged into release.
A README.md will be added in another commit.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2020-08-06 18:57:55 +08:00
DQ
b015440074 Remove expose port in dockerfiles 
The export is dynamical now because of introduce of internal TLS

Signed-off-by: DQ <dengq@vmware.com>
 2020-08-05 10:42:46 +08:00
Qian Deng
fbef7fd088
Merge pull request #12651 from ninjadq/add_migration_2_1_0 
Add migration 2.1.0
 2020-08-03 15:59:28 +08:00
DQ
1e32792dc5 Add migration 2.1.0 
db_max_open_comms should be 1000 if its value between 100 and 1000

Signed-off-by: DQ <dengq@vmware.com>
 2020-08-03 15:17:41 +08:00
DQ
d3ab9d7c6b Add internal tls configs for portal 
add related file, config, command to enabled https for portal

Signed-off-by: DQ <dengq@vmware.com>
 2020-07-31 12:10:47 +08:00
DQ
d7618a6274 Fix: beego app config port hardcode 
the port should be flexible depend on the internal tls

Signed-off-by: DQ <dengq@vmware.com>
 2020-07-27 15:35:43 +08:00
Ziming Zhang
8857e89e40 feature(redis) support redis sentinel 
Signed-off-by: Ziming Zhang <zziming@vmware.com>
 2020-07-19 21:19:03 +08:00
Wang Yan
bad8f026fc
upgrade golang to v1.14.5 (#12489) 
Signed-off-by: wang yan <wangyan@vmware.com>
 2020-07-16 16:20:54 +08:00
Qian Deng
bd26c294e8
Merge pull request #12341 from ninjadq/support_multi_down_version 
Enhance: Support multi downversion in migration
 2020-07-15 23:39:11 +08:00
Daniel Jiang
947eadaa72
Merge pull request #12440 from heww/remove-init-clair-db 
refactor: remove initialization of clair db
 2020-07-15 00:38:12 +08:00
He Weiwei
2a6fe801bc chore(db): change max_connections of postgres to 1024 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2020-07-14 07:34:37 +00:00
He Weiwei
039aef5356 refactor: remove initialization of clair db 
To fetch vulnerability database updated time of the Clair had moved to
the Clair adapter so removes the initialization of clair db in the core.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2020-07-09 15:26:14 +00:00
DQ
4617e0ff38 Enhance: Support multi downversion in migration 
1. Change down version to list to accept multi verstion value
2. Update search function use BFS to find migration path
2. Add test case

Signed-off-by: DQ <dengq@vmware.com>
 2020-07-07 21:36:58 +08:00
Wenkai Yin
02690d1d04 Suport filtering registries by type in listing registry API 
Suport filtering registries by type in listing registry API

Signed-off-by: Wenkai Yin <yinw@vmware.com>
 2020-07-07 10:30:46 +08:00
DQ
d0ddd61ad9 Fix Amazon S3 storage not work 
The Chartmuseum S3 client need set an Env variable
Ref: https://github.com/helm/chartmuseum/issues/280

Signed-off-by: DQ <dengq@vmware.com>
 2020-06-30 15:16:18 +08:00
He Weiwei
0474a2a040
Merge pull request #12322 from heww/install-tls-ca 
feat(certs): install internal tls ca from /etc/harbor/ssl dir
 2020-06-25 21:03:35 +08:00
He Weiwei
13436b75a6 feat(certs): install internal tls ca from /etc/harbor/ssl dir 
Closes #10222

Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2020-06-24 08:58:08 +00:00
Max Rosin
34d5591b1b Fix DOCKERIMASES and SWAAGER_IMAGE_BUILD_CMD typos in Makefiles 
Fix #12259

Signed-off-by: Max Rosin <git@hackrid.de>
 2020-06-16 12:18:55 +02:00
Wang Yan
dec8397c21
Add api to delete blob and manifest (#12006) 
* Add api to delete blob and manifest

Enable the capability of registry controller to delete blob and manifest

Signed-off-by: wang yan <wangyan@vmware.com>
 2020-06-06 01:34:23 +08:00
Qian Deng
9e1302211b
Merge pull request #12072 from ninjadq/add_timeout_in_nginx_config 
Add timeout in nginx config
 2020-06-02 15:14:42 +08:00
Steven Zou
c7c1742b88
Merge pull request #12106 from heww/clean-clair-url 
refactor(configuration): cleanup unneeded CLAIR_URL configuration in core
 2020-06-01 19:24:19 +08:00
Daniel Jiang
58894e9d9c
Merge pull request #12071 from ninjadq/upgrade_chartversion 
Enhance: Upgrade chartmuseum version
 2020-06-01 13:36:54 +08:00
Daniel Jiang
6271da471b
Update health check script for harbor-db (#12103) 
This patch remove the trailing space of the hostname introduced by
`hostname -i`.

The trailing space will cause resolution error after this patch is
applied to glibc in photon:
https://github.com/vmware/photon/blob/2.0/SPECS/glibc/glibc-fix-CVE-2019-10739.patch

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2020-05-30 14:05:39 +08:00
He Weiwei
d97be71234 refactor(configuration): cleanup unneeded CLAIR_URL configuration in core 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2020-05-29 07:27:50 +00:00
DQ
278338e401 Add timount on nginx configs 
set timeout to 900

Signed-off-by: DQ <dengq@vmware.com>
 2020-05-26 16:18:35 +08:00
DQ
715685ae51 Remove tls1.1 in notary 
Signed-off-by: DQ <dengq@vmware.com>
 2020-05-26 16:11:57 +08:00
DQ
f7ffd991cc Enhance: Upgrade chartmuseum version 
Upgrade chartmuseum version 0.12.0

Signed-off-by: DQ <dengq@vmware.com>
 2020-05-26 15:59:58 +08:00
AllForNothing
90e34e0104 Improve i18n service 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2020-05-06 14:45:56 +08:00
DQ
b06e19a637 Fix: GCS storage gc issue 
Mount gcs key to registryctl

Signed-off-by: DQ <dengq@vmware.com>
 2020-04-29 15:04:16 +08:00
Qian Deng
9469252e85
Merge pull request #11745 from ninjadq/mount_ca_bundle 
Enhance: Create shared to store shared ca
 2020-04-28 10:19:26 +08:00
DQ
f70339870a Enhance: Create shared to store shared ca 
this shared ca will mount to all harbor components

Signed-off-by: DQ <dengq@vmware.com>
 2020-04-28 02:58:11 +08:00
DQ
90faf700f8 Enhance: output the stdout of gen cert script 
use popen replace check_all

Signed-off-by: DQ <dengq@vmware.com>
 2020-04-27 10:43:22 +08:00
DQ
026e37e777 Fix chart museum absolute url issue 
if absolute url is enabled return true else set it to false

Signed-off-by: DQ <dengq@vmware.com>
 2020-04-26 13:04:29 +08:00
DQ
599ca98c09 Hidden veriify client cert verfiy option 
Remove to avoid replication access core from external_url issue

Signed-off-by: DQ <dengq@vmware.com>
 2020-04-23 10:14:36 +08:00
Daniel Jiang
2ecf0425a4 Remove the certs of notary signer 
Since `prepare` generates the certs as needed during installation, these
certs should not exist in the repo.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2020-04-21 13:20:19 +08:00