Stephan Hohn
4f3393e615
http2 enabled and ciphers changed to get an A+ rating instead of B fr… ( #16990 )
...
* Make strong cipher cfg optional
Signed-off-by: Stephan Hohn <stephan.hohn@tech11.com>
---------
Signed-off-by: Stephan Hohn <stephan.hohn@tech11.com>
Signed-off-by: MinerYang <yminer@vmware.com>
Co-authored-by: Stephan Hohn <stephan.hohn@tech11.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
Co-authored-by: MinerYang <yminer@vmware.com>
2023-05-29 10:37:57 +08:00
Wang Yan
bf7c82b9a8
remove the notary from backend ( #18668 )
...
Since harbor deprecates notary since v2.9.0, this pull request targets to remove the code related with notary.
Signed-off-by: Wang Yan <wangyan@vmware.com>
2023-05-18 18:47:42 +08:00
Per
e20e4401cb
fix: link to Github's rate limiting documentation. ( #18588 )
...
Co-authored-by: Orlix <7236111+OrlinVasilev@users.noreply.github.com>
2023-04-25 13:11:40 +03:00
Chlins Zhang
395ae77d64
fix: change the default max retry count for webhook job to 3 ( #18392 )
...
Signed-off-by: chlins <chenyuzh@vmware.com>
2023-03-22 17:36:50 +08:00
Peter Jakubis
284d58453c
Change storage_service.redirect.disabled in harbor.yml.tmpl to storage_service.redirect.deactivate ( #14615 )
...
* set to disable
Signed-off-by: Peter Jakubis <balonik32@gmail.com>
* move pr-14615 prepare migration version from 2.7.0 to 2.8.0
Signed-off-by: yminer <yminer@vmware.com>
---------
Signed-off-by: Peter Jakubis <balonik32@gmail.com>
Signed-off-by: yminer <yminer@vmware.com>
Co-authored-by: Peter Jakubis <peter.jakubis@piano.io>
Co-authored-by: Vadim Bauer <vb@container-registry.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
Co-authored-by: yminer <yminer@vmware.com>
2023-03-22 13:55:22 +08:00
Chlins Zhang
67d3f9add8
feat: support configurate the http client timeout for webhook job ( #18382 )
...
Signed-off-by: chlins <chenyuzh@vmware.com>
2023-03-21 11:54:10 +08:00
Chlins Zhang
14df2b2b60
feat: support configrate the jobservice logger sweeper duration ( #18365 )
...
Support configurate the jobservice logger sweeper duration from
harbor.yml.
Closes : #10958
Signed-off-by: chlins <chenyuzh@vmware.com>
2023-03-18 10:46:40 +08:00
MinerYang
e76aff6a0a
add external redis username config to support redis6 ACL ( #18364 )
...
add external redis username o support redis6 ACL
Signed-off-by: yminer <yminer@vmware.com>
2023-03-17 14:16:19 +08:00
Wang Yan
738fde7d3b
remove chartmuseum backend ( #18191 )
...
Harbor deprecates chartmuseum as of v2.8.0
Epic: https://github.com/goharbor/harbor/issues/17958
Discussion: https://github.com/goharbor/harbor/discussions/15057
Signed-off-by: Wang Yan <wangyan@vmware.com>
2023-02-16 18:11:05 +08:00
asta1992
6e51dc0161
Fix: Small typos in harbor.yml.tmpl ( #18009 )
...
Signed-off-by: Andreas Stalder <andreas.stalder@terreactive.ch>
2022-12-21 09:56:12 +08:00
Jianwei Guo
cb11540a14
add parameters for PostgreSQL ( #16641 )
...
Signed-off-by: sayaoailun <guojianwei007@126.com>
2022-11-30 19:08:08 +08:00
MinerYang
9ae35dbc50
add migration script for 2.7 ( #17838 )
...
add migration script for 2.7
Signed-off-by: yminer <yminer@vmware.com>
2022-11-23 17:49:55 +08:00
Shengwen YU
0acfbdc7a1
feat: bump TRIVYVERSION to v0.32.1 and bump TRIVYADAPTERVERSION to v0.30.2 ( #17681 )
...
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2022-10-25 14:26:53 +08:00
Chenyu Zhang
41105b5191
docs: add helpful description for cache layer configurations ( #17317 )
...
docs: add helpful description for cache layer configurations in harbor.yml.tmpl
Signed-off-by: chlins <chenyuzh@vmware.com>
2022-08-04 15:14:45 +08:00
MinerYang
8ba6a2bede
Add migration script for Harbor 2.6 ( #17116 )
...
add migration script for Harbor 2.6
Signed-off-by: yminer <yminer@vmware.com>
2022-07-06 14:08:24 +08:00
chlins
8c223135e7
feat: add cache layer for artifact ( #16739 )
...
Implement cache layer for resource artifact and define common
cache manager and workflow. Also add cache related options to
configuration yaml.
Signed-off-by: chlins <chenyuzh@vmware.com>
2022-04-25 18:01:45 +08:00
MinerYang
6c97d3f0c7
rollback to delete external redis username ( #16353 )
...
Signed-off-by: yminer <yminer@vmmware.com>
Co-authored-by: yminer <yminer@vmmware.com>
2022-02-11 17:28:10 +08:00
MinerYang
77b6a130f8
Add Migration Script for Harbor 2.5 ( #16346 )
...
* add Harbor2.5 migration script
Signed-off-by: yminer <yminer@vmmware.com>
* update 2_5_0 migration harbor.yml.jinja
Signed-off-by: yminer <yminer@vmmware.com>
Co-authored-by: yminer <yminer@vmmware.com>
2022-02-11 12:18:06 +08:00
MinerYang
1a2dd256b5
Add external redis username for AUTH ( #16336 )
...
* add external redis username for AUTH
* update harbor.yml.tmpl
* add external redis username for AUTH
update harbor.yml.tmpl
Co-authored-by: yminer <yminer@vmmware.com>
2022-02-09 22:06:28 +08:00
Shengwen Yu
46f97ecf6c
feat: bump TRIVYVERSION to v0.22.0 and bump TRIVYADAPTERVERSION to v0.25.0
...
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2022-01-21 09:14:07 +08:00
stonezdj
17d8b7b813
Add upload purge config to registry/config.yml
...
Enable the uploadpurging by default
Fixes #15641
Signed-off-by: stonezdj <stonezdj@gmail.com>
2022-01-04 11:15:51 +08:00
stonezdj(Daojun Zhang)
c814daa894
Update the jaeger settings in harbor.yaml.tmpl ( #15841 )
...
agent default port to 6831
Signed-off-by: stonezdj <stonezdj@gmail.com>
2021-10-22 13:43:28 +08:00
Qian Deng
354a2bd80d
Enhance the trace related code
...
* Move request id to requestid middleware
* fix span pass to child ctx on orm
* fix typos
* remove unused code
* add operation name to Transaction
Signed-off-by: Qian Deng <dengq@vmware.com>
2021-09-22 04:14:43 +00:00
Qian Deng
bad913cf6d
Refactor trace code
...
* use lib trace helper function
* add gracefull shutdown
* Add commens for new added exposed function
* Add licence on top of new created files
* Update trace library
* Update configs
* Add attribute and namespance in config
Signed-off-by: Qian Deng <dengq@vmware.com>
2021-09-18 10:58:52 +00:00
Qian Deng
b812a300be
Add trace related configs
...
* Update harbor config template
* Update python config parsing
* Update env template
Signed-off-by: Qian Deng <dengq@vmware.com>
2021-09-18 10:58:52 +00:00
DQ
e4c1521efc
Add migration script for harbor 2.4
...
Signed-off-by: DQ <dengq@vmware.com>
2021-09-16 09:31:39 +00:00
He Weiwei
72f1afe2cc
perf: configurations for perf improvement ( #15142 )
...
Closes #15041
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-06-15 18:39:15 +08:00
DQ
5d02acd043
Add upgrade script for harbor 2.3
...
no new config item added. harbor.yml keep the same as last version
Signed-off-by: DQ <dengq@vmware.com>
2021-05-28 20:30:12 +08:00
DQ
489f31d8fe
Add upgrade scirpt for 2.2
...
1. add metrics config item in config
2. upgrade version in template
Signed-off-by: DQ <dengq@vmware.com>
2021-01-22 16:15:06 +08:00
DQ
590212b485
Remove clair related code
...
- clair code in harbor core
- clair code in frontend
- clair code in robotcase
Signed-off-by: DQ <dengq@vmware.com>
2020-11-27 14:01:04 +08:00
DQ
8a584aff89
Clean up clair and clair-adapter in build scripts
...
1. Makefles
2. Dockerfiles
3. Installation script
4. harbor.yml template
Signed-off-by: DQ <dengq@vmware.com>
2020-11-10 11:39:18 +08:00
DQ
eb470501be
Add metrics to Harbor Core
...
1. Add configs in prepare
2. Add models and config items in Core
3. Encapdulate getting metric in commom package
4. Add a middleware for global request to collect 3 metrics
Signed-off-by: DQ <dengq@vmware.com>
2020-11-03 14:33:10 +08:00
Daniel Pacak
9397dff093
docs: Explain how to use Trivy in offline mode ( #12102 )
...
Resolves : #11985
Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
2020-08-10 08:48:04 +02:00
Ziming Zhang
8857e89e40
feature(redis) support redis sentinel
...
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2020-07-19 21:19:03 +08:00
He Weiwei
2a6fe801bc
chore(db): change max_connections of postgres to 1024
...
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-07-14 07:34:37 +00:00
DQ
599ca98c09
Hidden veriify client cert verfiy option
...
Remove to avoid replication access core from external_url issue
Signed-off-by: DQ <dengq@vmware.com>
2020-04-23 10:14:36 +08:00
Daniel Pacak
5c3abee135
chore(trivy): Bump up trivy adapter to 0.9.0
...
- Vendor the latest Trivy release 0.6.0
- Configure TLS 1.2 as min version when TLS is enabled
- Add more tracing to adapter config to facilitate troubleshooting
Resolves : #11544
Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
2020-04-16 08:40:27 +02:00
Qian Deng
9e101b73a4
Merge pull request #11156 from ninjadq/migrate_config_to_harbor2
...
Migrate config to harbor2
2020-03-25 16:02:18 +08:00
DQ
e8bb977ae1
Feat: Upgrade configs to harbor 2.0
...
add migrate files for harbor 2.0
Signed-off-by: DQ <dengq@vmware.com>
2020-03-20 15:20:32 +08:00
DQ
1e0c9f7231
Feat: Add config migrator to prepare
...
deprecated migrator container and move config migration to prepare
Signed-off-by: DQ <dengq@vmware.com>
2020-03-20 03:04:10 +08:00
Steven Zou
2859cd8b69
Merge pull request #11134 from danielpacak/feat/issue_11090/trivy_skip_update_flag
...
feat(trivy): Configure Trivy to skip database updates
2020-03-19 18:13:08 +08:00
Daniel Pacak
7325105714
feat(trivy): Configure Trivy to skip database updates
...
Resolves : #11090
Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
2020-03-18 17:11:47 +01:00
DQ
c954969bcd
Add mTLS configs
...
mTLS only enabled in jobservice and registryctl
Signed-off-by: DQ <dengq@vmware.com>
2020-03-18 19:22:10 +08:00
DQ
c5d73e6a0c
Add switch to https
...
use switch to make decision whether mTLS or server TLS
Signed-off-by: DQ <dengq@vmware.com>
2020-03-18 19:22:10 +08:00
DQ
dcc6950af7
Feat: auto install ca in registry
...
Signed-off-by: DQ <dengq@vmware.com>
2020-03-18 19:22:09 +08:00
DQ
a4855cca36
Feat: update prepare to support tls
...
update makefile
add model for prepare
update jinja template for prepare
Signed-off-by: DQ <dengq@vmware.com>
2020-03-18 19:22:09 +08:00
Daniel Pacak
9c13116963
chore(trivy): Allow configuring HTTP(S) proxy
...
Resolves : #11032
Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
2020-03-16 12:26:49 +01:00
Daniel Pacak
46fb43bc25
chore: Bump up Trivy adapter to v0.4.0
...
Allows configuring SCANNER_TRIVY_GITHUB_TOKEN environment variable,
which is passed to trivy executable binary when it starts scanning
a given artifact.
This is to increase GitHub requests rate limit from 60 per hours
(for anonymous requests) to 5000 when Trivy download its
vulnerabilities database.
Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
2020-03-16 09:53:16 +01:00
dechen
e642a73280
Set redis idle timeout for core
...
Signed-off-by: dechen <xxyydream@gmail.com>
2020-02-23 12:31:56 +08:00
Daniel Pacak
70dda1387a
chore: Configure Redis URL for Trivy adapter
...
Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
2020-02-13 17:57:02 +01:00