Upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor.git synced 2024-09-30 06:18:02 +02:00
Code Issues Projects Releases Wiki Activity
11,186 Commits 45 Branches 311 Tags 339 MiB
27ec871185
Commit Graph

718 Commits

Author SHA1 Message Date
prahaladdarkin
27ec871185
System Artifact Manager database schema creation, model definitons, and tests (#16678) 
Closes:
https://github.com/goharbor/harbor/issues/16540
https://github.com/goharbor/harbor/issues/16541
https://github.com/goharbor/harbor/issues/16542

Signed-off-by: prahaladdarkin <prahaladd@vmware.com>
 2022-05-09 17:32:57 +08:00
Wang Yan
c333218ba2
fix close response missing (#16820) 
It has to close the http response on deleting manifest

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2022-05-07 13:03:15 +08:00
MinerYang
083b44e719
bump up astaxie/beego@v1.12.1 to beego/beego/@v1.12.7 (#16770) 
Signed-off-by: yminer <yminer@vmmware.com>

goo mod tidy

Signed-off-by: yminer <yminer@vmmware.com>

Co-authored-by: yminer <yminer@vmmware.com>
 2022-04-28 11:58:44 +08:00
chlins
8c223135e7 feat: add cache layer for artifact (#16739) 
Implement cache layer for resource artifact and define common
cache manager and workflow. Also add cache related options to
configuration yaml.

Signed-off-by: chlins <chenyuzh@vmware.com>
 2022-04-25 18:01:45 +08:00
Lars Lehtonen
ef835e107a
pkg/scan: fix dropped error 
Signed-off-by: Lars Lehtonen <lars.lehtonen@gmail.com>
 2022-04-18 10:34:27 -07:00
Wang Yan
7531168c92
update log with more inclusive language (#16569) 
Use the deactive for instead in the error log

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2022-03-23 10:56:00 +08:00
Wang Yan
ed1f4ab6fb
enhance health validataion (#16549) 
Signed-off-by: Wang Yan <wangyan@vmware.com>
 2022-03-18 18:36:50 +08:00
Wang Yan
7cb5c34f7e
add cosign signature icon (#16533) 
Return icon message for UI to render

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2022-03-17 11:08:39 +08:00
chlins
5be0b93caa refactor: import go-redis to core as replacement of redigo 
Signed-off-by: chlins <chenyuzh@vmware.com>
 2022-03-15 20:44:44 +08:00
疯魔慕薇
1c4495361b
Fix & UT (#16279) 
1. Fix TCR Adapter namespcae check.
2. Add Chart UT.

Signed-off-by: 疯魔慕薇 <kfanjian@gmail.com>
 2022-03-04 14:09:25 +08:00
He Weiwei
abd85284d2
feat: merge local and remote tags for repo of proxy cache project in list API (#16394) 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2022-02-24 10:27:45 +08:00
Wang Yan
6ef4874011
fix replicate reference accessory (#16401) 
fixes #16375

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2022-02-23 21:24:15 +08:00
Chenyu Zhang
490fe4e5b3
fix: ignore untagged artifact when perform immutable policy (#16386) 
Signed-off-by: chlins <chenyuzh@vmware.com>
 2022-02-22 15:18:29 +08:00
chlins
b37a987073 fix: fix codeql alerts 
Signed-off-by: chlins <chenyuzh@vmware.com>
 2022-02-15 17:25:02 +08:00
stonezdj(Daojun Zhang)
02e13390e0
Remove noise in log (#16333) 
DB Config Manager could be registered twice if need to enable cache
  Get trace config only when the trace is enabled

Signed-off-by: stonezdj <stonezdj@gmail.com>
 2022-02-10 15:42:45 +08:00
Chenyu Zhang
4ef2d65451
Merge pull request #16286 from chlins/fix/skip-replication-for-proxy-cache 
fix: skip replication to proxy cache project
 2022-02-07 17:06:03 +08:00
He Weiwei
8554b7d7c5
refactor: replace lib/pq with jackc/pgx (#16267) 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2022-01-27 11:09:37 +08:00
Wang Yan
0a183feab6
add cosign support in replication (#16282) 
For the case Harbor-to-Harbor, the accessory can be replicated from source or to target.

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2022-01-26 21:35:17 +08:00
chlins
b1afd2efb0 fix: skip replication to proxy cache project 
Signed-off-by: chlins <chenyuzh@vmware.com>
 2022-01-26 17:24:39 +08:00
Daniel Jiang
60189f2cef
Merge pull request #16181 from JoooostB/16180-oidc-auto-onboard 
Store Username in auto-onboard flow (resolves #16180)
 2022-01-25 11:00:38 +08:00
stonezdj(Daojun Zhang)
307b8973ce
Merge pull request #16260 from stonezdj/22jan21_ldap_group_duplicate 
Group members lose access to push or see projects on Harbor
 2022-01-25 10:15:54 +08:00
Joost Buskermolen
c103a6e9ef
fix: Store Username in auto-onboard flow 
Signed-off-by: Joost Buskermolen <joost@buskervezel.nl>

fix: Remove conditional & elaborate comment on fix

Signed-off-by: Joost Buskermolen <joost@buskervezel.nl>

Add conditional to res.Username override

Signed-off-by: Joost Buskermolen <joost@buskervezel.nl>

test: Set Username based on configured UserClaim

Signed-off-by: Joost Buskermolen <joost@buskervezel.nl>

fix: Remove breaking conditional
Username may be set already if the token has a name claim.
Username is should always be set as the autoOnboard setting.

Signed-off-by: Joost Buskermolen <joost@buskervezel.nl>

Remove conditional altogether
autoOnboardUsername should always be the same as Username

Signed-off-by: Joost Buskermolen <joost@buskervezel.nl>
 2022-01-24 14:38:23 +01:00
stonezdj
20526c5c52 Group members lose access to push or see projects on Harbor 
Handle the case if there is duplicate user group name when onboard ldap user group
   Continue to attach groups when it fail on one item
   Fixes #16220

Signed-off-by: stonezdj <stonezdj@gmail.com>
 2022-01-22 15:07:34 +08:00
chlins
ed4d9a533e fix: add worker pool for execution sweep to limit workers 
Signed-off-by: chlins <chenyuzh@vmware.com>
 2022-01-20 10:45:00 +08:00
Wang Yan
01c6f6084b
modify artifact copy api to support cosign (#16194) 
Signed-off-by: Wang Yan <wangyan@vmware.com>
 2022-01-17 15:52:14 +08:00
Wang Yan
063991078a
Cosign policy checker (#16187) 
Enable policy checker for cosign, when it's enabled, user cannot pull artifact without cosign.

Signed-off-by: wang yan <wangyan@vmware.com>
 2022-01-10 17:44:01 +08:00
Chenyu Zhang
b417e877b5
Merge pull request #16107 from chlins/feat/async-update-artifact-pull_count 
feat: async update artifact pull time and repository pull count
 2022-01-05 11:14:28 +08:00
Wang Yan
2111703d8d
Cosign artifact api 
1,update artifact list & delete api to support accessory
2, add list accesories api

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2022-01-05 11:13:40 +08:00
chlins
de7978e1b5 feat: async update artifact pull time and repository pull count 
Signed-off-by: chlins <chenyuzh@vmware.com>
 2021-12-24 11:17:44 +08:00
rao yunkun
ce6bf73884 Merge remote-tracking branch 'upstream/main' 2021-12-05 16:34:04 +08:00
Wang Yan
742e7ded00
add accessory dao service (#16045) 
Signed-off-by: wang yan <wangyan@vmware.com>
 2021-12-03 14:34:02 +08:00
stonezdj(Daojun Zhang)
060341ba4e
Merge pull request #15949 from stonezdj/21nov4_cache_properties 
Enable db config cache explicitly
 2021-11-16 14:39:10 +08:00
chlins
f880bc3361 fix(replication): enhance the replication rule validation 
Signed-off-by: chlins <chenyuzh@vmware.com>
 2021-11-12 09:53:11 +08:00
Chenyu Zhang
3aa698c7c9
fix(replication): list projects before replicate to reduce create duplicate project and requests to target registry (#15934) 
Signed-off-by: chlins <chenyuzh@vmware.com>
 2021-11-08 10:39:58 +08:00
stonezdj
21601f5e3c Enable db config cache explicitly 
previous config is not cached because it is initialized when cache is not ready

Signed-off-by: stonezdj <stonezdj@gmail.com>
 2021-11-04 16:01:25 +08:00
stonezdj(Daojun Zhang)
465240216a
Merge pull request #15864 from stonezdj/21oct25_fix_crash_missing_ldap_attribut 
Check empty ldap attributes value
 2021-11-02 08:56:33 +08:00
stonezdj
ec23ddabc3 Check empty ldap attributes value 
fixes #11986

Signed-off-by: stonezdj <stonezdj@gmail.com>
 2021-11-01 17:56:37 +08:00
Chenyu Zhang
be27792170
Merge pull request #15845 from chlins/fix/codeql-golang-security-issues 
fix: handle codeql golang security issues
 2021-10-22 13:27:07 +08:00
Alexis L
5fd6168c57
fix(scan): Add function to avoid writing creds in jobservice logs, switch to debug instead of info (#15747) 
Signed-off-by: Alexis <60alexis@gmail.com>
 2021-10-22 11:34:15 +08:00
chlins
9e8218f63b fix: handle codeql golang security issues 
Signed-off-by: chlins <chenyuzh@vmware.com>
 2021-10-22 10:51:26 +08:00
Wang Yan
6014646bcb
fixes gc dry run issue (#15804) 
fixes #15332, for the dry run mode, gc job should not remove the untagged candidates.
To fix it, use the simulate untagged artifact deletion for dry-run.

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2021-10-19 07:42:54 +08:00
Shatakshi Gupta
76733d72be
fixed S1008 bugbash error (#15781) 
Signed-off-by: Shatakshi <shatakshi.gupta85@gmail.com>
 2021-10-14 20:10:48 +08:00
Soumik Majumder
eb7329a471
Fix semgrep sprintf-host-port (#15782) 
Signed-off-by: Soumik Majumder <soumikm@vmware.com>
 2021-10-14 20:10:27 +08:00
Wang Yan
f9d1294b45
roll back the runner count (#15792) 
It takes about 1 hour to perform data for 40000 repositories per performance testing.

Roll back the runner count to 100 could speed the data preparation time.
It's safe since it only takes 100 DB connection counts at most per execution per core.

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2021-10-14 19:05:30 +08:00
He Weiwei
b390112f5a
fix: convert severity from negligible to none before saving to db (#15791) 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2021-10-14 16:02:38 +08:00
Wang Yan
729d2e6590 fix replication DB connection issue 
fixes #15736

For the current imple, the GetWorker() may hang when there is no worker available, and will not release the DB connection.
In this case, the DB connection could reach the up limit that leads to harbor core for service unavailable.

1, move GetWorker() in the goroutine, release the DB connection for API.
2, reduce the worker count per harbor-core from 1024 to 10.
3, reduce the runner count per worker to 30.

After above, the max connection per harbor-core should be 300.

Worker: To control how many replicaiton exectuions can have at most at the same time.
Runner: To control the speed to generate an jobservice replicaiton job.

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2021-10-14 11:31:33 +08:00
Shengwen YU
4d89c845d0
fix: webhook log (#15756) 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>

Co-authored-by: Shengwen Yu <yshengwen@vmware.com>
 2021-10-13 15:46:04 +08:00
Wang Yan
f57c426409
bump up jwt version (#15730) 
Upgrade the jwt to github.com/golang-jwt/jwt/v4, and it's backwards compatible with v3.x.y.

Signed-off-by: wang yan <wangyan@vmware.com>
 2021-10-08 16:09:00 +08:00
stonezdj
06715af303 Allow empty email attribute for ldap/oidc user 
Define user.Email as sql.NullString to avoid unique constraint when email is empty in LDAP/OIDC
  Separate the common/models/User with the pkg/user/dao/User
  Fixes #10400
Signed-off-by: stonezdj <stonezdj@gmail.com>
 2021-09-30 14:35:18 +08:00
Daniel Jiang
c3f92a748c
Merge pull request #15660 from reasonerjt/no-warning-groupclaim 
Do not print warning message if group claim is empty
 2021-09-24 18:23:05 +08:00