Commit Graph

1003 Commits

Author SHA1 Message Date
Daniel Jiang
cf5bcbebb9 Merge pull request #3415 from reasonerjt/mariadb-on-photon
Provide Dockerfile and artifacts for building mariadb on photon OS.
2017-10-23 12:19:04 +08:00
yixingj
535e7cadd5 Update OSS in rsyslog images
1> change to new photon base images
2> update OSS to latest
2017-10-23 12:02:22 +08:00
yixingj
83a5ab2818 Update OSS package in Jobservice
1>update OSS package in Job eservice images
2>use new photon base images
2017-10-23 10:49:27 +08:00
Wenkai Yin
2156750b04 Move certificate verification to target level
The certificate verification is on system level before this commit. Moving it
to target level makes the configuration more flexible for different targets.
2017-10-20 15:36:56 +08:00
Tan Jiang
1871011a5d Provide Dockerfile and artifacts for building mariadb on photon OS.
Also update the docker-compose template such that the notary db instance
will be provisioned via the mariadb-photon image.
2017-10-20 14:41:36 +08:00
Wenkai Yin
66b2d0d3f3 Apply project level policies to standalone Harbor
The following features are only enabled in integration mode, this commit moves
these to standalone Harbor:
 - Content trust policy: only signed images can be pulled
 - Vulnerability policy: only images whose severity is below the threshold can be pulled
 - Automatic scan policy: automatic scan pushed images
2017-10-19 17:33:28 +08:00
yixingjia
95743f9a81 Merge pull request #3373 from yixingjia/updatenginx
Update nginx images OSS to latest
2017-10-17 22:13:11 -07:00
yixingjia
98472237e5 Merge pull request #3389 from yixingjia/updateadminserver
Update OSS packages in adminserver images
2017-10-17 22:12:56 -07:00
yixingj
0f3380c3ef user change image tag to 20170928
due to photon os images 1.0 has bugs.
fallback to 20170928, we shuld change this to 1.0
when the bug fixed.
2017-10-17 16:55:30 +08:00
yixingj
7cf47fafc4 Update docker file 2017-10-17 15:33:07 +08:00
yixingj
882b077d2f Update OSS packages in adminserver images
remove unneeded packages
move to vmware/photon images base
2017-10-17 14:56:34 +08:00
Daniel Jiang
e6874cf9f1 Merge pull request #3383 from reasonerjt/uaa-integration
Make the root CA certificate of UAA configurable
2017-10-17 12:20:22 +08:00
Daniel Jiang
b5551af27f Merge pull request #3382 from ywk253100/171013_rotate
Make log rotate days configurable
2017-10-17 11:22:46 +08:00
yixingj
4e9e6b2641 Update adminserver software images 2017-10-17 10:54:00 +08:00
Tan Jiang
eab6b43d99 Make the root CA certificate of UAA should be configurable 2017-10-16 17:40:29 +08:00
Wenkai Yin
bc3d859571 make log rotate days configurable 2017-10-16 17:09:28 +08:00
yixingj
28b60bd197 Update nginx images OSS to latest
1>update nginx images OSS to latest
2>Fix nginx version issue
2017-10-13 15:25:19 +08:00
yixingj
3dc0f65fb3 Update OSS in postgresql image
1> update OSS in postgresql image
2> update postgresql to 9.6.5
2017-10-12 17:08:47 +08:00
Tan Jiang
51286d9baa Provide UAA authenticator for password based authentication. 2017-10-07 00:16:53 +08:00
Daniel Jiang
ddaad98526 Merge pull request #3307 from wy65701436/add-build-notary
build scripts for notary(signer/server) docker images based on photon 1.0
2017-09-29 17:23:19 +08:00
Daniel Jiang
1bc4db0ec8 Merge pull request #3340 from reasonerjt/k8s-deploy
Refine doc, rename script.
2017-09-29 16:42:08 +08:00
Wenkai Yin
b2420c035f Merge pull request #3336 from ywk253100/170927_pro_policy
Implement the default project metadata manager
2017-09-28 17:21:43 +08:00
Tan Jiang
72b9c5f39e Refine document to add limitation and clarify loading the image, also update the name of prepare script to k8s-prepare, to differentiate the default one. 2017-09-28 16:28:59 +08:00
Wenkai Yin
e495357d98 implement the default project metadata manager 2017-09-28 16:17:51 +08:00
Daniel Jiang
21c4e45cd3 Merge pull request #3302 from reasonerjt/k8s-deploy
Refine k8s deployment scripts and document
2017-09-28 13:02:08 +08:00
wangyan
c2e4e9aa1b remove the binary files from commit, and get them from the private repo. 2017-09-26 17:52:34 +08:00
wangyan
0aac7832eb automate scripts for notary(signer/server) docker images bases on photon 1.0, code is not based on 0.5.0
remove the binary temp folder, just keep on binary path.
2017-09-26 17:21:50 +08:00
Tan Jiang
0615f7ba9b Refine k8s deployment scripts and document 2017-09-26 13:57:44 +08:00
yixingj
2a53c64c59 move database configuration to HA only seciton 2017-09-25 13:33:45 +08:00
yixingj
6df2623956 Merge branch 'makedatabgaseconfigurable' of github.com:yixingjia/harbor into makedatabgaseconfigurable 2017-09-25 13:31:35 +08:00
yixingj
357004fbf1 Make Harbor database configurable 2017-09-25 13:29:49 +08:00
yixingj
fb690a972f Make Harbor database configurable 2017-09-22 11:23:08 +08:00
Daniel Jiang
9c6468f963 Merge pull request #3088 from m-masataka/k8s-deploy
k8s deployment
2017-09-19 15:22:34 +08:00
yixingj
026e8e7f95 disable nginx buffer
When host in low disk status, enable the buffer will cause upload error.
2017-09-01 18:44:13 +08:00
Yan
408c1b429b update registry image (#3135)
update

update
2017-08-30 16:13:54 +08:00
yixingjia
8f34945d4b Merge pull request #3112 from yixingjia/nginx_temp_path
Try to fix some wired permission error
2017-08-25 20:32:56 -07:00
yixingj
362bf1a83e Try to fix some wired permission error 2017-08-24 15:42:20 +08:00
Daniel Jiang
0659edeebc Merge pull request #2855 from wy65701436/build-registry
build registry
2017-08-23 13:58:24 +08:00
Wassim Dhif
70f2865500 use $REGISTRY instead of $4 (#3103) 2017-08-22 18:24:34 +08:00
Daniel Jiang
bf8aef8e7e Merge pull request #3092 from reasonerjt/clair-conf-change
Clair conf change
2017-08-22 13:40:18 +08:00
yixingjia
549ad02ac7 Update postgresql to 9.6.4 (#3093) 2017-08-21 18:16:57 +08:00
Tan Jiang
c1bbcb5bab update the interval of clair updater to 12 hours, and update the interval for scan all to 2 hours 2017-08-21 13:45:23 +08:00
root
f9480b92b5 k8s deployment 2017-08-18 18:11:15 +00:00
Wenkai Yin
7296bdc131 increase length of username in database to 256 2017-08-17 15:24:34 +08:00
Daniel Jiang
0b2d7ae6c2 Merge pull request #2973 from reasonerjt/master
Enable buffer on nginx
2017-08-07 12:48:24 +08:00
Tan Jiang
885ddfddd0 enable buffer on nginx 2017-08-04 21:22:22 +08:00
Wenkai Yin
232b9ca70c update the psc token dir 2017-08-02 14:50:49 +08:00
yixingjia
af1b11df2f Limit clair resource (#2924)
When run clair full scan it will take more than 60% percent of CPU if no limit
this change to limit clair to use at most 1.5cpu

We can this it to cpus when we move to docker compose3.0
2017-08-02 13:11:26 +08:00
wangyan
efc10127f3 update message 2017-07-26 02:22:03 -07:00
wangyan
c952db3c73 update 2017-07-24 18:32:50 -07:00
wangyan
3f831b2326 update per comments 2017-07-24 17:49:59 -07:00
wangyan
694bbef633 build registry 2017-07-24 03:21:38 -07:00
Yan
686b477775 update registry to 2.6.2 (#2851)
rm dockerfile

update

add comments
2017-07-24 02:19:32 -07:00
Daniel Jiang
5c8be3502c Merge pull request #2697 from yixingjia/rsyslog
Prepare rsyslog docker based on photon
2017-07-19 18:08:05 +08:00
Wenkai Yin
7573d59624 update token file location 2017-07-19 13:46:10 +08:00
Tan Jiang
629cf29850 The password to access clair db can be configured in harbor.cfg, skip auto-scan if clair-db is not ready 2017-07-17 15:25:47 +08:00
Yan
7040e5ad5a Clair photon (#2721)
* update

* update

* modify docker compose

* update tag

* update
2017-07-10 21:00:44 -07:00
Tan Jiang
e1e975096c add int id for scan overview and revoke the change in beego 2017-07-09 12:37:08 +08:00
yixingjia
326b65ef23 Merge pull request #2700 from yixingjia/upgradeclair
Update Clair to 2.0.1
2017-07-06 11:02:56 +08:00
Daniel Jiang
b96770b90a Merge pull request #2693 from reasonerjt/clair-notification
Clair notification handler
2017-07-05 20:18:34 +08:00
Yan
d849c36e3f Merge pull request #2570 from samifruit514/master
Allow 255 chars for Realname
2017-07-05 03:17:57 -07:00
Tan Jiang
8b31715b34 provide Clair notification handler
update the timestamp in DB, when handling the notification
2017-07-05 15:35:53 +08:00
yixingj
3d5cd32ee8 Base dockerfile for rsyslog 2017-07-04 17:57:37 +08:00
yixingj
34c812243e Update Clair to 2.0.1
fix the Debian mapping issue.
2017-07-04 17:44:10 +08:00
Yan
2638e3dc7d Merge pull request #2682 from wy65701436/db-migrate
1.2.0 DB migrator
2017-07-03 22:51:31 -07:00
yixingj
2762eec4ed Prepare rsyslog docker based on photon 2017-07-03 17:57:46 +08:00
Daniel Jiang
1ca1eddb0f Merge pull request #2676 from yixingjia/nginxonphoton
Move nginx to photon OS
2017-07-01 00:08:08 +08:00
wangyan
c986c33a6c 1.2.0 DB migration
update

update
2017-06-30 03:01:56 -07:00
Wenkai Yin
bdbdb383ac update 2017-06-30 16:21:55 +08:00
yixingj
fc50fd51d5 Move nginx to photon OS 2017-06-30 14:03:42 +08:00
Wenkai Yin
84b443e2b2 Merge remote-tracking branch 'upstream/master' into 170628_getpm
Conflicts:
	src/ui/config/config.go
	src/ui/proxy/interceptor_test.go
2017-06-30 00:14:45 +08:00
Wenkai Yin
d6b4330cc8 create a global project manager 2017-06-30 00:08:45 +08:00
yixingjia
b79b80c6ee Merge pull request #2657 from yixingjia/clairofflinedata
Support include offline data on clair startup
2017-06-28 18:01:34 +08:00
yixingj
a23c6ee8c6 Support include offline data on clair startup 2017-06-28 15:45:16 +08:00
Steven Zou
c90dacb0ba Merge pull request #2648 from steven-zou/master
Upgrade UI builder to 1.2.7
2017-06-27 19:26:57 +08:00
yixingjia
a64926231d Merge pull request #2629 from yixingjia/postgresqlonphoton
Update clair postgresql to use photon os
2017-06-27 17:30:26 +08:00
Steven Zou
85db2ad892 fix issue of ui builder image entry command 2017-06-27 13:49:41 +08:00
yixingj
27670742b4 Change version fromat and add init db sql directory 2017-06-26 15:31:34 +08:00
yixingj
e0af9c036f Update clair postgresql to use photon os 2017-06-26 10:56:29 +08:00
Steven Zou
7c68c1ca69 Enhance script in make/dev/nodeclarity/entrypoint.sh 2017-06-23 18:58:58 +08:00
Steven Zou
a12ec997cc Fix tooltip cut issue
Change Dockerfile of UI builder
2017-06-23 18:58:43 +08:00
Steven Zou
7c0e79d10a update ui builder to 1.2.6 2017-06-23 18:58:14 +08:00
Steven Zou
deeb37ac87 Update ui building process 2017-06-22 17:09:53 +08:00
Steven Zou
ed1263148f Merge pull request #2562 from steven-zou/master
Refactor harnor portal with sharable components in harbor-ui lib
2017-06-21 16:51:46 +08:00
Archambault, Samuel
18cea61121 Allow 255 chars for Realname 2017-06-19 13:54:21 -04:00
Steven Zou
4d9eeac434 change angualr cli version to 1.2.0 2017-06-19 12:43:43 +08:00
Tan Jiang
15384317e0 add with_clair flag in systeminfo 2017-06-15 16:15:46 +08:00
Daniel Jiang
f61ba725c5 Merge pull request #2505 from wy65701436/master
clair integration
2017-06-14 21:02:16 +08:00
wangyan
b71584457f udpate DB image version 2017-06-14 02:22:26 -07:00
Tan Jiang
ae2d868fd4 handlers for image scan, store results overview in DB 2017-06-13 23:37:54 +08:00
wangyan
02df58b4b6 clair integration 2017-06-13 02:13:24 -07:00
Daniel Jiang
42984fe1c9 refactory for scan job service (#2459)
* refactory for scan job service and implement ScanJob.
2017-06-08 15:04:23 +08:00
Daniel Jiang
32102c1523 Merge pull request #2332 from vmware/release-1.1.0
merge 1.1.0 to master
2017-05-19 07:19:46 -07:00
Daniel Jiang
0b02231093 Update registry img (#2330)
* update the registry image

* update other yml files and docs to reflect image update
2017-05-19 00:19:27 -07:00
Daniel Jiang
5892ef29c2 Merge pull request #2291 from reasonerjt/vulscan-job-refactory
add scan job table and dao functions
2017-05-12 02:45:55 -04:00
Tan Jiang
dcbfb4d309 add scan job table and dao functions 2017-05-11 21:41:57 +08:00
Wenkai Yin
1e28f01365 delete foreign key 2017-05-10 18:28:19 +08:00
Yan
8db1b2807e Merge pull request #2197 from ywk253100/170502_change_userid
Delete column user_id from table access_log
2017-05-10 00:02:54 -07:00
Daniel Jiang
79903ca3f3 Merge pull request #2194 from reasonerjt/create-reverse-proxy
create reverse proxy
2017-05-03 15:09:11 +08:00
Wenkai Yin
3be9cca0f5 delete column user_id from table accesslog 2017-05-03 14:18:07 +08:00
Tan Jiang
785298e6b9 create reverseproxy 2017-05-02 20:27:45 +08:00
Wenkai Yin
4eca617916 Merge remote-tracking branch 'upstream/master' into 170427_delete_ownerid 2017-05-02 14:58:36 +08:00
Wenkai Yin
4f9d9ed5d8 delete owner_id column from table repository 2017-05-02 14:57:07 +08:00
kunw
5ed47c0316 Merge release-1.1.0 2017-05-02 13:27:06 +08:00
Tan Jiang
83b9196925 use docker-compose to deploy clair with harbor 2017-04-27 19:13:53 +08:00
Tan Jiang
c3c34ea7c3 set restart policy of notary to 'always' 2017-04-27 17:07:38 +08:00
kunw
eddde3c804 Update for harbor UI builder image. 2017-04-26 16:00:18 +08:00
kunw
ba49eb79f1 Update for ui image building. 2017-04-21 19:34:57 +08:00
wangyan
29845dbcca add clarity support 2017-04-21 02:08:13 -07:00
Yan
c06abe9b8a Merge pull request #2026 from wy65701436/1.1.0-document
update compile document
2017-04-17 22:16:15 -07:00
wangyan
f41fcdeeb4 update compile document
update makefile

update per comments

update document
2017-04-17 04:05:33 -07:00
Haining Henry Zhang
425106524f update documents (#2020)
* update change log

* update documents

* update documents

* update AUTHORS

* update README

* update harbor.cfg
2017-04-17 13:46:39 +08:00
wy65701436
20458f88d2 fix mysql image to 5.6.35 2017-04-12 03:47:23 -07:00
Yan
a7d21baebc Merge branch 'master' into master 2017-04-11 14:19:43 +08:00
wy65701436
91a86faa75 update 2017-04-10 22:33:39 -07:00
wy65701436
ec06bd2073 add crt 0600 2017-04-10 22:06:39 -07:00
Tan Jiang
0471c8ed2c escape mysql root password 2017-04-11 12:50:13 +08:00
wy65701436
6b2b9cdc83 fix issue 1932 2017-04-09 05:16:52 -07:00
Wenkai Yin
2cdd2bb659 fix word mistake 2017-04-07 18:24:08 +08:00
Tan Jiang
965c7a5e70 reference the patched nginx image 2017-04-07 15:07:46 +08:00
Daniel Jiang
93f5c78b4b Merge pull request #1948 from ywk253100/170406_secretkey
Mount config to another dir, fix #1939
2017-04-07 11:35:58 +08:00
Wenkai Yin
e60fd0530f mount config to another dir, fix #1939 2017-04-07 09:14:41 +08:00
Tan Jiang
a2726b55a8 Merge remote-tracking branch 'upstream/master' into enable-gzip 2017-04-06 15:28:41 +08:00
Tan Jiang
d527a543bd enable gzip by default 2017-04-06 14:47:41 +08:00
wy65701436
f6c4137af1 fix issue 1916 2017-04-05 22:53:09 -07:00
Daniel Jiang
7d6d641827 Merge branch 'master' into dev 2017-04-05 17:01:27 +08:00
wy65701436
b827fdd5a5 use gzip to save docker images. 2017-04-04 23:48:29 -07:00
Daniel Jiang
d49a307312 Merge pull request #1868 from reasonerjt/nginx-log-format
update nginx log format to include response time
2017-03-30 15:12:30 +08:00
Wenkai Yin
2528ad9c62 Merge pull request #1870 from ywk253100/170330_ca_download_dir
Mount ca dir to UI container
2017-03-30 13:52:27 +08:00
Wenkai Yin
ec27e2dc07 remove compress js flag 2017-03-30 12:59:47 +08:00
Wenkai Yin
ee2a6748c0 mount ca dir to container, fix #1829 2017-03-30 12:50:20 +08:00
Tan Jiang
7555dd9d48 update nginx log format to include response time 2017-03-30 12:46:13 +08:00
Tan Jiang
864e0f415e prepare should remove the temp files generated for creating certificate 2017-03-29 17:08:28 +08:00
Tan Jiang
715d87dc80 fixes #1818 2017-03-28 10:11:13 +08:00
Tan Jiang
851f61032a Do not generate new alias each time prepare runs 2017-03-24 20:05:13 +08:00
Tan Jiang
a33f4151e2 merge with dev branch 2017-03-24 14:40:34 +08:00
Yan
e2fe74598b Merge pull request #1776 from wy65701436/dev
add -v to docker-compose down
2017-03-24 14:05:48 +08:00
wy65701436
02431de5a4 add -v to docker-compose down 2017-03-23 22:45:01 -07:00
Tan Jiang
3e8d71538f generate cert for notary signer in prepare,
update the default certificates so the subject is formal.
2017-03-24 13:33:49 +08:00
Tan Jiang
90bc280ea1 add a 4443 ssl server to nginx config 2017-03-24 13:16:48 +08:00
Tan Jiang
402a482bc6 generate cert for notary signer in prepare 2017-03-23 21:00:53 +08:00
Tan Jiang
980101eab5 package vmware/registry into offline package 2017-03-23 12:36:36 +08:00
Daniel Jiang
6d013531a7 Merge pull request #1717 from reasonerjt/dev
restrict access to notary db
2017-03-23 11:01:01 +08:00
Tan Jiang
44cd3ec85b update make file and docker compose template 2017-03-22 20:56:08 +08:00
Tan Jiang
f9180c0c96 rebuild registry image on photon 2017-03-22 20:27:15 +08:00
Tan Jiang
3c16d6c1a1 restrict access to notary db 2017-03-22 18:15:16 +08:00
wy65701436
c5633f7ce8 add version support 2017-03-21 04:56:59 -07:00
Daniel Jiang
7f099ebe50 Merge pull request #1703 from reasonerjt/dev
Use notary images based on photon, migrate db in notary's images
2017-03-21 19:35:27 +08:00
Tan Jiang
6e09ae89e3 Use notary images based on photon, migrate db in notary's images 2017-03-21 18:46:10 +08:00
Wenkai Yin
383997f785 read capacity from adminserver 2017-03-21 16:28:24 +08:00
Yan
038d7dd90c Dev new ui (#1)
* Updates for verfied tags deletion.

* Remove old UI.

* Move i18n folder.

* Updates for latest UI codes.

* make travis with latest dev code.

* update test code

* add cat log

* cat nginx

* cat nginx

* fix template error

* remove --with-notary

* remove controller test

* fix controller test bug

* modify controller test

* debug controller test

* update controller test

* update index title to harbor, discussed with Kun.

* Update package.json

* Merge latest UI changes.

* remove git
2017-03-20 18:51:20 +08:00
Yan
43578a2a6f Merge pull request #1656 from reasonerjt/dev
fix issue in location.conf
2017-03-17 20:03:47 +08:00
Tan Jiang
098d7d5765 fix issue in location.conf 2017-03-17 19:44:54 +08:00
Yan
92d9f8516f Merge pull request #1626 from ywk253100/170315_registry_upgrade
Upgrade registry to 2.6.0
2017-03-17 18:25:22 +08:00
Tan Jiang
9d87279152 fix #1570, #1628 2017-03-16 16:09:05 +08:00
Wenkai Yin
108aa21499 upgrade registry to 2.6.0 2017-03-16 13:44:16 +08:00
Wenkai Yin
c3626edd42 reset config 2017-03-16 11:27:45 +08:00
kunw
e80840c2d3 Merge remote-tracking branch 'upstream/dev' into dev-revised 2017-03-13 18:23:09 +08:00
Daniel Jiang
f9e8394be9 Merge pull request #1541 from wy65701436/dev
to support nortary
2017-03-13 10:45:53 +08:00
wy65701436
fd5a2824b6 update per review. 2017-03-10 02:57:10 -08:00
Tan Jiang
ef906c96d0 provide systeminfo API for UI 2017-03-10 18:53:11 +08:00
kunw
1c2fcc168f Merge remote-tracking branch 'upstream/dev' into dev-revised 2017-03-10 15:27:35 +08:00
wy65701436
481ba06003 support notary 2017-03-09 03:02:44 -08:00
Tan Jiang
04a5eb6606 notary containers should use syslog as log driver 2017-03-08 17:24:32 +08:00
kunw
f2a1659d96 Merge remote-tracking branch 'upstream/dev' into dev-revised 2017-03-08 15:36:05 +08:00
Aron Parsons
8ab45d439b label volumes for SELinux
allow Harbor to run when dockerd is running with --selinux-enabled

example AVC denials:
type=AVC msg=audit(1488384855.681:154671): avc:  denied  { read } for  pid=454 comm="registry" name="config.yml" dev="dm-8" ino=12583048 scontext=system_u:system_r:svirt_lxc_net_t:s0:c298,c958 tcontext=system_u:object_r:default_t:s0 tclass=file
type=AVC msg=audit(1488384855.681:154671): avc:  denied  { open } for  pid=454 comm="registry" path="/etc/registry/config.yml" dev="dm-8" ino=12583048 scontext=system_u:system_r:svirt_lxc_net_t:s0:c298,c958 tcontext=system_u:object_r:default_t:s0 tclass=file
type=AVC msg=audit(1488384855.687:154672): avc:  denied  { append } for  pid=350 comm=72733A6D61696E20513A526567 name="registry.log" dev="dm-5" ino=4315920 scontext=system_u:system_r:svirt_lxc_net_t:s0:c599,c800 tcontext=system_u:object_r:default_t:s0 tclass=file
type=AVC msg=audit(1488384856.895:154702): avc:  denied  { remove_name } for  pid=708 comm="mysqld" name="4691d4d62464.lower-test" dev="dm-12" ino=402656159 scontext=system_u:system_r:svirt_lxc_net_t:s0:c149,c797 tcontext=system_u:object_r:default_t:s0 tclass=dir
type=AVC msg=audit(1488384856.926:154703): avc:  denied  { lock } for  pid=708 comm="mysqld" path="/var/lib/mysql/ibdata1" dev="dm-12" ino=402656097 scontext=system_u:system_r:svirt_lxc_net_t:s0:c149,c797 tcontext=system_u:object_r:default_t:s0 tclass=file
type=AVC msg=audit(1488384857.958:154736): avc:  denied  { open } for  pid=924 comm="harbor_jobservi" path="/etc/jobservice/app.conf" dev="dm-8" ino=142 scontext=system_u:system_r:svirt_lxc_net_t:s0:c102,c158 tcontext=system_u:object_r:default_t:s0 tclass=file
type=AVC msg=audit(1488384858.089:154737): avc:  denied  { read } for  pid=1017 comm="nginx" name="nginx.conf" dev="dm-8" ino=4194445 scontext=system_u:system_r:svirt_lxc_net_t:s0:c847,c996 tcontext=system_u:object_r:default_t:s0 tclass=file
type=AVC msg=audit(1488384858.089:154737): avc:  denied  { open } for  pid=1017 comm="nginx" path="/etc/nginx/nginx.conf" dev="dm-8" ino=4194445 scontext=system_u:system_r:svirt_lxc_net_t:s0:c847,c996 tcontext=system_u:object_r:default_t:s0 tclass=file
2017-03-03 14:13:39 -05:00
Wenkai Yin
a4cb261df9 read some configs from env 2017-03-02 13:24:41 +08:00
kunw
dbce11ce42 Updates for node clarity build. 2017-03-01 17:14:09 +08:00
kunw
f517502193 Merge remote-tracking branch 'upstream/dev' into dev-revised 2017-02-28 12:17:34 +08:00
kunw
f01569c4dd Updates for clarity docker-compose files. 2017-02-27 22:07:39 +08:00
Tan Jiang
6454ccfc3a fix the 'v2' URL conflict issue, and remove the work around in token service code 2017-02-27 21:01:26 +08:00
Wenkai Yin
5b885a7ad6 Merge pull request #1469 from yhua123/dev
fix #1332
2017-02-27 19:21:25 +08:00
yhua
9f18c8458b fix #1332 2017-02-27 18:52:22 +08:00
Steven Zou
2e20a65121 Merge pull request #1458 from wknet123/harbor-clarity-integration
Merge Harbor clarity integration to into Dev branch.
2017-02-27 16:20:22 +08:00
kunw
46cef020eb Rename directory name. 2017-02-27 11:41:46 +08:00
Tan Jiang
7620cd3b86 refactor token service 2017-02-26 19:53:13 +08:00
kunw
23f0ff1ea5 Refactor Harbor Clarity integration code structure. 2017-02-24 17:54:50 +08:00
Wenkai Yin
9f3f48be59 add harbor network to adminserver 2017-02-24 14:35:11 +08:00
kunw
914255d6c2 Updates for docker-compose sources. 2017-02-24 14:12:45 +08:00
Wenkai Yin
414e8a8bcf Merge remote-tracking branch 'upstream/dev' into 170224_merge_config
Conflicts:
	make/docker-compose.tpl
	src/ui/service/token/authutils.go
2017-02-24 13:52:19 +08:00
Wenkai Yin
a1858098c5 using different secret to mark himself when communicates with other components 2017-02-23 18:24:32 +08:00
Daniel Jiang
ef34b96256 Merge pull request #1422 from ywk253100/170221_secretkey
Encrypt the passwords in configuration file
2017-02-23 10:25:39 +08:00
kun wang
f4d35414d2 Merge pull request #1425 from wknet123/harbor-clarity-integration
Updates for building node-clarity image.
2017-02-22 18:31:42 +08:00
kunw
bb674ea977 Updates for building node-clarity image. 2017-02-22 18:30:37 +08:00
Wenkai Yin
40eb6bb7d3 encrypt passwords enhancement 2017-02-22 16:59:28 +08:00
kunw
3a621faba3 Fixed some issues and merged latest codes. 2017-02-22 13:03:05 +08:00
Steven Zou
668f39c732 Merge pull request #1419 from wknet123/harbor-clarity-integration
Fixed some issues and merged latest codes.
2017-02-22 12:27:28 +08:00
Steven Zou
e829b04f1f Merge pull request #1407 from wknet123/harbor-clarity-integration
Harbor Clarity UI integration.
2017-02-22 11:26:23 +08:00
kunw
3c112f2a2c Harbor Clarity UI integration. 2017-02-21 14:54:42 +08:00
Wenkai Yin
bf39b3a956 modify Makefile of Harbor based on photon (#1404)
LGTM
2017-02-21 13:45:12 +08:00
Tan Jiang
8cbfffa9c8 deploy notary within Harbor 2017-02-20 19:31:28 +08:00
Tan Jiang
c3c1b84ed1 preparae --conf instead of -conf 2017-02-20 13:21:29 +08:00
Wenkai Yin
390f89ee0a encrypt passwords and secret 2017-02-17 18:23:21 +08:00
Daniel Jiang
a17cd5bcfe add a default network for containers in harbor (#1384)
LGTM
2017-02-16 14:51:21 +08:00
Wenkai Yin
2e3174f404 update 2017-02-15 15:28:50 +08:00
Wenkai Yin
06519bb3f2 update 2017-02-13 17:17:46 +08:00
Wenkai Yin
6dc6b4fa79 update Makefile 2017-02-10 17:03:21 +08:00
Tan Jiang
27802f7620 Merge branch 'master' into dev 2017-01-24 12:16:53 +08:00
Wenkai Yin
f1f78a5649 update 2017-01-19 17:56:08 +08:00
Kira
00259567a8 update kubernetes deployment 2017-01-16 12:06:35 +08:00
Wenkai Yin
75f660fa77 Merge remote-tracking branch 'upstream/dev' into 161228_config
Conflicts:
	make/common/templates/ui/env
	src/ui/auth/ldap/ldap.go
	src/ui/config/config.go
2017-01-12 17:41:14 +08:00
Wenkai Yin
b62a958250 configure harbor 2017-01-12 17:15:32 +08:00
yhua
4c213a8717 remove openldap lib from Dockerfile and support build with offcial golang image(1.7.3) 2017-01-04 17:48:20 +08:00
Ricardo Katz
160e22f0fe Changes LDAP Library and other LDAP improvements (#1277)
* Changes LDAP library to go-ldap and creates new ldap timeout directive

* Add support for connection on LDAP using TLS
2016-12-30 16:03:30 +08:00
Wenkai Yin
111638ae8e Merge pull request #1249 from yhua123/dev-update-registry
update registry from 2.5.0 to 2.5.1
2016-12-16 18:03:53 +08:00
Wenkai Yin
3717b37dca Merge pull request #1251 from yhua123/dev-update-golang
upgrade golang baseimage from 1.6.2 to 1.7.3
2016-12-16 17:27:24 +08:00
yhua
0249f2181a update registry from 2.5.0 to 2.5.1 2016-12-15 16:50:50 +08:00
yhua
10306e784b upgrade golang baseimage from 1.6.2 to 1.7.3 2016-12-15 13:16:14 +08:00
yhua123
0d09379fb7 Merge branch 'dev' into dev 2016-12-12 15:11:00 +08:00
yhua
90be98bc5d add 'data_volume' in harbor.cfg 2016-12-12 14:35:28 +08:00
Wenkai Yin
d6d4711700 1.fix issue: deleting repo action will fall in deadlock between two Harbor if they are configured to sync to each other 2. Filter notification request in nginx 2016-12-09 18:10:20 +08:00
dejwsz
719072e0ba remove rsyslogd.pid before start to allow container restarts
This change mitigate problems with container restarts (stop, start) or automatic restart after host machine restart. Rsyslogd strictly checks existence of its pid file and won't start if such one exists.
2016-12-01 15:31:14 +01:00
kunw
dc6d3e552c Update comment. 2016-11-24 17:50:41 +08:00
kunw
4d916e7127 Update for email_identity setting. 2016-11-24 15:48:36 +08:00
Tan Jiang
b868634007 update version of photon OS to 1.0 in Docker files 2016-11-21 16:15:43 +08:00
Tan Jiang
35407d12db update TOKEN_URL to TOKEN_ENDPOINT 2016-11-18 16:37:46 +08:00
Wenkai Yin
8523db5427 make cert dir 2016-11-17 16:14:22 +08:00
Wenkai Yin
e4bf4af9ba mkdir if it does not exist 2016-11-17 15:09:12 +08:00
Wenkai Yin
f867ff42a0 Merge pull request #1099 from ywk253100/161115_https
Generate self-signed certificate
2016-11-17 12:59:28 +08:00
Daniel Jiang
ffbe980622 Merge pull request #1101 from reasonerjt/config-refactory
Config refactory
2016-11-16 22:00:20 +08:00
Wenkai Yin
ce56ff2fae generate self-signed certificate 2016-11-16 21:42:31 +08:00
Tan Jiang
5ea0e50f0f reset to default value in harbor.cfg 2016-11-16 20:42:29 +08:00
Tan Jiang
9d7a18a0a3 fix issue in golint, support project creation restriction at backend 2016-11-16 20:31:04 +08:00
kunw
e367ec24a8 Merge remote-tracking branch 'upstream/dev' into dev-volume-info 2016-11-16 14:23:27 +08:00
Tan Jiang
0e3cb2e3f4 ui config refactory 2016-11-16 13:33:14 +08:00
Tan Jiang
c34b2872bc config refactory for common pkg 2016-11-16 13:33:14 +08:00
kunw
c1c5ba8157 Update for adding timestamp to JS file name to avoid browser cache. 2016-11-14 18:27:56 +08:00
Daniel Jiang
0025134a91 Merge pull request #1039 from yhua123/dev
modify prepare for genrate all common/config files from template
2016-11-11 22:38:44 +08:00
yhua
20873a9d17 remove 2 cert file delete action, already delete previous 2016-11-11 16:08:49 +08:00
Daniel Jiang
a44a399761 Merge pull request #1046 from ywk253100/161109_cert_path
Fixes #1002
2016-11-10 08:26:17 +08:00
yhua
f19e19eaf0 move root.crt and private_key.pem to template 2016-11-09 18:21:28 +08:00
Wenkai Yin
5d183da0f9 fixes #1002 2016-11-09 18:12:00 +08:00
kunw
55b98f9abd Merge remote-tracking branch 'upstream/dev' into dev-volume-info 2016-11-09 14:53:26 +08:00
kun wang
126b7fae55 Merge pull request #1023 from fillet54/add-mail-identity-config
Make mail identity configurable
2016-11-09 14:35:09 +08:00
yhua
09b62157cf modify prepare for genrate all common/config files from template 2016-11-08 17:40:19 +08:00
Daniel Jiang
5a0c203557 Merge pull request #1017 from reasonerjt/dev
set secure flag for cookie
2016-11-07 11:01:40 +08:00
Phillip Gomez
0dfce1d837 Make mail identity configurable
The identity field parameter passed to smtp.SendMail is now
configurable instead of being hardcoded to 'Mail Config'.

This fixes issue #900
2016-11-06 18:05:46 -08:00
Tan Jiang
b92b1036bf set secure flag for cookie 2016-11-05 00:08:37 +08:00
Wenkai Yin
018b32a1b4 update nginx in Makefile 2016-11-03 14:48:50 +08:00
Wenkai Yin
4fcfffeb47 upgrade nginx to 1.11.5 2016-11-02 15:49:28 +08:00
kunw
560b41b5e6 Merge remote-tracking branch 'upstream/dev' into dev-volume-info 2016-11-02 12:46:57 +08:00
Tan Jiang
7f55520b27 Merge remote-tracking branch 'upstream/dev' into dev 2016-10-28 22:44:59 +08:00
Tan Jiang
b75844e622 update ciphers for nginx 2016-10-28 18:48:12 +08:00
Daniel Jiang
098643303f Merge pull request #952 from ywk253100/161026_log_rotate
Log rotate
2016-10-28 12:59:54 +08:00
Wenkai Yin
0689935da4 log rotate 2016-10-26 18:26:02 +08:00
yhua
a6e7a6ba45 fix baseimage issue 2016-10-26 13:46:22 +08:00
yhua
03e2a3ee56 remove tag in docker-compose.yml 2016-10-26 13:09:12 +08:00
kunw
811401f40e Added volume info of UI. 2016-10-25 12:44:27 +08:00
yhua
271787dd94 update for fix #925 2016-10-24 16:51:42 +08:00
yhua
ebc852b7cc fix #924 #925 2016-10-24 16:48:48 +08:00
yhua
1043ec063d rm binary 2016-10-24 14:18:56 +08:00
yhua
69797c30f2 fix pushimage, update .gitignore, add DEVFLAG 2016-10-24 14:06:23 +08:00
yhua
311cf8da07 change code 20161019 2016-10-21 18:39:10 +08:00