MinerYang
1f8e578d5e
[cherry-pick]add v6 port for nginx ad portal config ( #19894 )
...
add v6 port for nginx ad portal config
Signed-off-by: yminer <yminer@vmware.com>
2024-01-26 23:00:43 +01:00
Shengwen YU
4694d8880d
[Cherry-Pick] Update replication rule filter label xpath ( #19895 ) ( #19904 )
...
Update replication rule filter label xpath (#19895 )
Signed-off-by: Yang Jiao <yang.jiao@broadcom.com>
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
Co-authored-by: Yang Jiao <72076317+YangJiao0817@users.noreply.github.com>
2024-01-25 09:21:30 +08:00
Yang Jiao
f5b86470c6
[cherry-pick]fix label select bugs ( #19850 ) ( #19862 )
...
fix label select bugs (#19850 )
Signed-off-by: shengqiw <shengqiw@vmware.com>
Co-authored-by: ShengqiWang <124650040+ShengqiWang@users.noreply.github.com>
2024-01-19 15:11:44 +08:00
Wang Yan
236ece8c70
[cherry-pick]remove the log for ScannerSkipUpdatePullTime ( #19846 )
...
remove the log for ScannerSkipUpdatePullTime
fixes #19795 , remove the noise in the log
Signed-off-by: wang yan <wangyan@vmware.com>
2024-01-16 09:35:32 +08:00
Maksym Trofimenko
cf41c69475
[Cherry pick] add repository read permission to limitedGuest ( #19816 )
...
add repository read permission to limitedGuest
Signed-off-by: Maksym Trofimenko <maksym@container-registry.com>
Co-authored-by: Maksym Trofimenko <maksym@container-registry.com>
2024-01-15 16:29:04 +08:00
stonezdj(Daojun Zhang)
773931d855
[cherry-pick] Cache image list with digest key ( #19838 )
...
Cache image list with digest key
fixes #19429
Signed-off-by: stonezdj <daojunz@vmware.com>
Co-authored-by: stonezdj <daojunz@vmware.com>
2024-01-12 21:59:01 +08:00
Yang Jiao
8cecf2e554
[cherry-pick]Add quota permissions testcase ( #19823 )
...
Add quota permissions testcase
Signed-off-by: Yang Jiao <yang.jiao@broadcom.com>
Co-authored-by: Yang Jiao <yang.jiao@broadcom.com>
2024-01-12 10:25:46 +08:00
Yang Jiao
241b417412
[cherry-pick]Remove robot account update quota permission ( #19818 )
...
Remove robot account update quota permission
Signed-off-by: Yang Jiao <yang.jiao@broadcom.com>
Co-authored-by: Yang Jiao <yang.jiao@broadcom.com>
2024-01-10 10:44:07 +08:00
Yang Jiao
f62f04bda1
[cherry-pick]Add quota permissions to robot account ( #19800 )
...
Add quota permissions to robot account
Fix #19792
Signed-off-by: Yang Jiao <yang.jiao@broadcom.com>
Co-authored-by: Yang Jiao <yang.jiao@broadcom.com>
2024-01-08 11:43:37 +08:00
Yang Jiao
7f11c0e6a4
[cherry-pick]Add multi-tier accessory replication test cases ( #19736 )
...
Add multi-tier accessory replication test cases
Fix #19275
Signed-off-by: Yang Jiao <yang.jiao@broadcom.com>
Co-authored-by: Yang Jiao <yang.jiao@broadcom.com>
2023-12-20 15:31:56 +08:00
Yang Jiao
5b52c29124
[cherry-pick]Add notation replication test case ( #19739 )
...
Add notation replication test case
Fix #19548
Signed-off-by: Yang Jiao <yang.jiao@broadcom.com>
Co-authored-by: Yang Jiao <yang.jiao@broadcom.com>
2023-12-20 15:31:11 +08:00
Yang Jiao
6abb4eab2d
Refresh base images on release-2.10.0 ( #19713 )
...
Signed-off-by: Yang Jiao <yang.jiao@broadcom.com>
2023-12-14 14:23:19 +08:00
Yang Jiao
4f19f84dd5
[cherry-pick]Update Robot Account Test Case ( #19711 )
...
Update Robot Account Test Case
Update project and system robot account testcase
Update system robot account do replication testcase
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-12-14 03:26:30 +00:00
Yang Jiao
ee793bf25b
Refresh base image on 2.10.0 ( #19691 )
...
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-12-11 13:18:56 +08:00
Wang Yan
aa1f79cd0c
bump distribution ( #19669 )
...
Bump up the distribution to v2.8.3
Signed-off-by: wang yan <wangyan@vmware.com>
2023-12-11 10:11:39 +08:00
dependabot[bot]
66716b7826
Bump actions/setup-go from 1 to 5 ( #19684 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 1 to 5.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](https://github.com/actions/setup-go/compare/v1...v5 )
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2023-12-08 17:07:59 +08:00
dependabot[bot]
eabc6f4289
Bump google-github-actions/auth from 1 to 2 ( #19649 )
...
Bumps [google-github-actions/auth](https://github.com/google-github-actions/auth ) from 1 to 2.
- [Release notes](https://github.com/google-github-actions/auth/releases )
- [Changelog](https://github.com/google-github-actions/auth/blob/main/CHANGELOG.md )
- [Commits](https://github.com/google-github-actions/auth/compare/v1...v2 )
---
updated-dependencies:
- dependency-name: google-github-actions/auth
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2023-12-08 16:29:04 +08:00
dependabot[bot]
6b41277b03
Bump sigs.k8s.io/yaml from 1.3.0 to 1.4.0 in /src ( #19631 )
...
Bumps [sigs.k8s.io/yaml](https://github.com/kubernetes-sigs/yaml ) from 1.3.0 to 1.4.0.
- [Release notes](https://github.com/kubernetes-sigs/yaml/releases )
- [Changelog](https://github.com/kubernetes-sigs/yaml/blob/master/RELEASE.md )
- [Commits](https://github.com/kubernetes-sigs/yaml/compare/v1.3.0...v1.4.0 )
---
updated-dependencies:
- dependency-name: sigs.k8s.io/yaml
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2023-12-08 15:11:38 +08:00
Yang Jiao
52d2d5c303
Updating Permission Test Scripts ( #19687 )
...
Support for test cases that run multiple resources in a single run
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-12-08 06:10:19 +00:00
dependabot[bot]
8859f69668
Bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1 in /src ( #19636 )
...
Bumps [github.com/go-jose/go-jose/v3](https://github.com/go-jose/go-jose ) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/go-jose/go-jose/releases )
- [Changelog](https://github.com/go-jose/go-jose/blob/v3/CHANGELOG.md )
- [Commits](https://github.com/go-jose/go-jose/compare/v3.0.0...v3.0.1 )
---
updated-dependencies:
- dependency-name: github.com/go-jose/go-jose/v3
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2023-12-08 13:20:20 +08:00
dependabot[bot]
af4c6b6f0f
Bump github.com/gorilla/handlers from 1.5.1 to 1.5.2 in /src ( #19632 )
...
Bumps [github.com/gorilla/handlers](https://github.com/gorilla/handlers ) from 1.5.1 to 1.5.2.
- [Release notes](https://github.com/gorilla/handlers/releases )
- [Commits](https://github.com/gorilla/handlers/compare/v1.5.1...v1.5.2 )
---
updated-dependencies:
- dependency-name: github.com/gorilla/handlers
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2023-12-08 09:59:06 +08:00
dependabot[bot]
2984c2e04b
Bump github.com/robfig/cron/v3 from 3.0.0 to 3.0.1 in /src ( #19633 )
...
Bumps [github.com/robfig/cron/v3](https://github.com/robfig/cron ) from 3.0.0 to 3.0.1.
- [Commits](https://github.com/robfig/cron/compare/v3.0.0...v3.0.1 )
---
updated-dependencies:
- dependency-name: github.com/robfig/cron/v3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2023-12-07 17:49:21 +08:00
Shijun Sun
f99a619bc6
Add min-width to the permission column ( #19675 )
...
1. To avoid style confusion
Signed-off-by: AllForNothing <shijun.sun@broadcom.com>
2023-12-07 05:37:45 +00:00
Yang Jiao
ed0a69cf80
Add external scanner test case ( #19682 )
...
Fix #19279
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-12-07 11:20:11 +08:00
Shijun Sun
323e11fefb
Update the wording text for the system robot account ( #19666 )
...
Signed-off-by: AllForNothing <shijun.sun@broadcom.com>
2023-12-05 09:43:02 +00:00
Shijun Sun
469b6a495b
Update the style for the robot acccount ui ( #19663 )
...
1. Fixes #19614
2. Fixes #19617
Signed-off-by: AllForNothing <shijun.sun@broadcom.com>
2023-12-05 09:00:17 +00:00
Shengwen YU
1cbc901599
fix: upgrade google.golang.org/grpc ( #19648 )
...
fix: upgrade google.golang.org/grpc and go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2023-12-05 16:22:39 +08:00
MinerYang
3b127bc477
fix 2.10 prepare migration version ( #19665 )
...
fix 2.10 prepare migration
Signed-off-by: yminer <yminer@vmware.com>
2023-12-05 15:31:17 +08:00
Wang Yan
7b40dc6f46
fix the landing accessory data ( #19661 )
...
Fix the keywords when to list accessories belong to the subject manifest.
Signed-off-by: wang yan <wangyan@vmware.com>
2023-12-05 14:14:32 +08:00
Shijun Sun
7fee99b5fe
Update the name checking for the robot account ( #19645 )
...
1. Fixes #19612
Signed-off-by: AllForNothing <shijun.sun@broadcom.com>
2023-12-05 03:01:40 +00:00
Aaron Steinberg
3c56f2d1a0
[release-note/docs] swagger.yaml "repositoryName" parameter description update ( #19651 )
...
* swagger.yaml fix
Signed-off-by: Aaron Steinberg <asteinber-contractor@aurora.tech>
* Signed-off by: Aaron Steinberg <aaron@aa.codes>
Signed-off-by: Aaron Steinberg <asteinber-contractor@aurora.tech>
---------
Signed-off-by: Aaron Steinberg <asteinber-contractor@aurora.tech>
2023-11-30 09:17:05 +00:00
Yang Jiao
7cef4217b0
Add user API test case ( #19638 )
...
Fix #19280
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-11-29 10:25:02 +08:00
Shijun Sun
f26b9f52e9
Update the test script for the project permissions ( #19623 )
...
Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-11-28 02:16:02 +00:00
dependabot[bot]
bf251ef0aa
Bump github.com/coreos/go-oidc/v3 from 3.0.0 to 3.7.0 in /src ( #19542 )
...
Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc ) from 3.0.0 to 3.7.0.
- [Release notes](https://github.com/coreos/go-oidc/releases )
- [Commits](https://github.com/coreos/go-oidc/compare/v3.0.0...v3.7.0 )
---
updated-dependencies:
- dependency-name: github.com/coreos/go-oidc/v3
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2023-11-28 09:31:16 +08:00
Shengwen YU
f14635a5d3
fix: update TRIVYVERSION=v0.47.0 && TRIVYADAPTERVERSION=v0.30.19 ( #19624 )
...
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2023-11-28 08:43:37 +08:00
Wang Yan
3f72604d57
fix robot account access issue ( #19627 )
...
fixes #19622
Resolve the 403 issue occurring when a robot account, equipped with both system and project scope, attempts to access project resources.
Signed-off-by: wang yan <wangyan@vmware.com>
2023-11-27 19:16:37 +08:00
Yang Jiao
4fbcf92da9
Add jump to CNAB Bundle index artifact list test case ( #19629 )
...
Fix #19278
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-11-27 18:26:06 +08:00
Yang Jiao
38ac8bf717
Add notation pull policy test case ( #19625 )
...
Fix #19547
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-11-27 09:44:20 +00:00
dependabot[bot]
e1df9b0a73
Bump golang.org/x/time from 0.0.0-20220210224613-90d013bbcef8 to 0.4.0 in /src ( #19541 )
...
Bump golang.org/x/time in /src
Bumps [golang.org/x/time](https://github.com/golang/time ) from 0.0.0-20220210224613-90d013bbcef8 to 0.4.0.
- [Commits](https://github.com/golang/time/commits/v0.4.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/time
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2023-11-27 16:58:28 +08:00
dependabot[bot]
4fac10a97d
Bump actions/setup-node from 3 to 4 ( #19478 )
...
Bumps [actions/setup-node](https://github.com/actions/setup-node ) from 3 to 4.
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](https://github.com/actions/setup-node/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/setup-node
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Orlix <7236111+OrlinVasilev@users.noreply.github.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
2023-11-27 15:48:21 +08:00
Wang Yan
e6900301ce
fix system label resource ( #19621 )
...
Make sure robot can use rbac.Resource(label) to access system level label
Signed-off-by: wang yan <wangyan@vmware.com>
2023-11-27 13:34:17 +08:00
Yang Jiao
969dd1be66
Add notation accessory copy test case ( #19605 )
...
Fix #19546
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-11-22 18:13:44 +08:00
Yang Jiao
45b41d4443
Add API(scan,volumes,jobservice,scanner,label,securityhub,catalog) permission testcases ( #19595 )
...
Add scan,volumes,jobservice,scanner,label,securityhub,catalog permission testcases
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-11-22 09:08:27 +00:00
Shijun Sun
13ae233729
Add test cases for the project level permissions ( #19593 )
...
Add API test cases for project permission of a robot account
Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-11-22 08:13:04 +00:00
Shijun Sun
d967ac0fb6
Update the permission scope ( #19603 )
...
1. Update the permission scope
2. Sort the resources and actions by unicode
Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-11-22 06:37:31 +00:00
MinerYang
9875965837
add prepare migration script for 2.10 ( #19600 )
...
Signed-off-by: yminer <yminer@vmware.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
2023-11-22 13:58:45 +08:00
Wang Yan
062d144d22
add permission validation for robot creating and updating. ( #19598 )
...
* add permission validation for robot creating and updating.
It is not allowed to create an new robot with the access outside the predefined scope.
Signed-off-by: wang yan <wangyan@vmware.com>
* Fix robot testcase and update robot permission metadata (#167 )
1. Fix robot testcase
2. update robot permission metadata
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
Signed-off-by: wang yan <wangyan@vmware.com>
---------
Signed-off-by: wang yan <wangyan@vmware.com>
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
Co-authored-by: Yang Jiao <72076317+YangJiao0817@users.noreply.github.com>
2023-11-22 12:51:03 +08:00
Chlins Zhang
43ccd2f09f
perf: optimize the performance of accessory query ( #19557 )
...
1. Add db index for subject_artifact_id in table artifact_accessory.
2. Optimize the SQL of excluding the accessory for artifact count.
Signed-off-by: chlins <chenyuzh@vmware.com>
2023-11-22 02:11:11 +00:00
MinerYang
17c17ffd8e
bump golang to 1.21.4 ( #19601 )
...
Signed-off-by: yminer <yminer@vmware.com>
2023-11-21 19:23:16 +08:00
Chlins Zhang
553c85eed0
fix: increase beego max memory and upload size ( #19578 )
...
1. Increase the default beego max memory and upload size from 32GB to
128GB.
2. Support customize the two beego configs from env.
Signed-off-by: chlins <chenyuzh@vmware.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
2023-11-21 15:36:06 +08:00