1. Add resource permission check for API handler
2. Validate export cve params project
3. Optimize friendly human message when execution status is error
Signed-off-by: chlins <chenyuzh@vmware.com>
1. Refact the scan export FilterProcessor interface
2. Optmize the sql template for export cve report
3. Update the process of cve export job
Signed-off-by: chlins <chenyuzh@vmware.com>
Fixed#17145
1, Filter out the accessory from the artifact list.
2, Disable the display func of the accessory interface, currently this will not impact any kind of accessory, like signature and nydus. If we'd like to introduce it, it needs to resolve the pagiation issue of artifact list.
Signed-off-by: Wang Yan <wangyan@vmware.com>
Tube stale action
- 60 days grace period for stale
- exclude issues and PR with labels : never-stale, kind/requirement
Signed-off-by: OrlinVasilev <ovasilev@vmware.com>
Co-authored-by: OrlinVasilev <ovasilev@vmware.com>
In some cases, the robot automatically generates passwords that do not meet confidentiality requirements.
The fix adds retry for auto generating passwords, and the timeout is 1 minute.
The requirement: the secret must longer than 8 chars with at least 1 uppercase letter, 1 lowercase letter and 1 number
Signed-off-by: Wang Yan <wangyan@vmware.com>
* added rbac.ResourceTagRetention to developer
Added Permissions to Developer to according to the "User Pemission by Role" Table
Signed-off-by: DarthBlair <Marcel.Bassuener@googlemail.com>
Co-authored-by: Shengwen Yu <yshengwen@vmware.com>
Add migrations sql to repair the execution status when it does not
consistent with task status.
Closes: #17114
Signed-off-by: chlins <chenyuzh@vmware.com>
fix: fix cache layer issues (#16995,#16997,#16996,#17038)
1. Load config and initialize cache layer in jobservice(for GC)
2. Cache artifact by digest the key should contains repository name
3. Repository cache cleanup error when update
4. Skip save cache when request ctx in transaction
Signed-off-by: chlins <chenyuzh@vmware.com>
Fixes#16269, exclude the admin account by default
Add excludeDefaultAdmin method -- exclude default admin by option
Update authModeCanBeModified method -- the user count should be 0 without admin
Signed-off-by: stonezdj <stonezdj@gmail.com>
If the artifact has more than one signaure, it will currently copy the last one. After the fix, all accessories can be copied to the target project.
Signed-off-by: wang yan <wangyan@vmware.com>
Attach labels for replication event, list labels by artifact ID so for
event-based replication rule filter by label can work as expect.
Closes: #17014
Signed-off-by: chlins <chenyuzh@vmware.com>
Added group_type information for type 3 OIDC group
Signed-off-by: Dannyx323 <46710098+Dannyx323@users.noreply.github.com>
Update swagger.yaml
Added group_type information for type 3 OIDC group
Signed-off-by: Dannyx323 <46710098+Dannyx323@users.noreply.github.com>
- reducing the stale ime to 30 days
- adding operations-per-run to 1000 so we can clean a bit more
Signed-off-by: OrlinVasilev <ovasilev@vmware.com>
Co-authored-by: OrlinVasilev <ovasilev@vmware.com>
Scheduling of system artifact depends on the jobservice, where gorountine is used to avoid the circular dependencies between core and jobservice.
Signed-off-by: Wang Yan <wangyan@vmware.com>