prahaladdarkin
27ec871185
System Artifact Manager database schema creation, model definitons, and tests ( #16678 )
...
Closes:
https://github.com/goharbor/harbor/issues/16540
https://github.com/goharbor/harbor/issues/16541
https://github.com/goharbor/harbor/issues/16542
Signed-off-by: prahaladdarkin <prahaladd@vmware.com>
2022-05-09 17:32:57 +08:00
Wang Yan
c333218ba2
fix close response missing ( #16820 )
...
It has to close the http response on deleting manifest
Signed-off-by: Wang Yan <wangyan@vmware.com>
2022-05-07 13:03:15 +08:00
MinerYang
083b44e719
bump up astaxie/beego@v1.12.1 to beego/beego/@v1.12.7 ( #16770 )
...
Signed-off-by: yminer <yminer@vmmware.com>
goo mod tidy
Signed-off-by: yminer <yminer@vmmware.com>
Co-authored-by: yminer <yminer@vmmware.com>
2022-04-28 11:58:44 +08:00
chlins
8c223135e7
feat: add cache layer for artifact ( #16739 )
...
Implement cache layer for resource artifact and define common
cache manager and workflow. Also add cache related options to
configuration yaml.
Signed-off-by: chlins <chenyuzh@vmware.com>
2022-04-25 18:01:45 +08:00
Lars Lehtonen
ef835e107a
pkg/scan: fix dropped error
...
Signed-off-by: Lars Lehtonen <lars.lehtonen@gmail.com>
2022-04-18 10:34:27 -07:00
Wang Yan
7531168c92
update log with more inclusive language ( #16569 )
...
Use the deactive for instead in the error log
Signed-off-by: Wang Yan <wangyan@vmware.com>
2022-03-23 10:56:00 +08:00
Wang Yan
ed1f4ab6fb
enhance health validataion ( #16549 )
...
Signed-off-by: Wang Yan <wangyan@vmware.com>
2022-03-18 18:36:50 +08:00
Wang Yan
7cb5c34f7e
add cosign signature icon ( #16533 )
...
Return icon message for UI to render
Signed-off-by: Wang Yan <wangyan@vmware.com>
2022-03-17 11:08:39 +08:00
chlins
5be0b93caa
refactor: import go-redis to core as replacement of redigo
...
Signed-off-by: chlins <chenyuzh@vmware.com>
2022-03-15 20:44:44 +08:00
疯魔慕薇
1c4495361b
Fix & UT ( #16279 )
...
1. Fix TCR Adapter namespcae check.
2. Add Chart UT.
Signed-off-by: 疯魔慕薇 <kfanjian@gmail.com>
2022-03-04 14:09:25 +08:00
He Weiwei
abd85284d2
feat: merge local and remote tags for repo of proxy cache project in list API ( #16394 )
...
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2022-02-24 10:27:45 +08:00
Wang Yan
6ef4874011
fix replicate reference accessory ( #16401 )
...
fixes #16375
Signed-off-by: Wang Yan <wangyan@vmware.com>
2022-02-23 21:24:15 +08:00
Chenyu Zhang
490fe4e5b3
fix: ignore untagged artifact when perform immutable policy ( #16386 )
...
Signed-off-by: chlins <chenyuzh@vmware.com>
2022-02-22 15:18:29 +08:00
chlins
b37a987073
fix: fix codeql alerts
...
Signed-off-by: chlins <chenyuzh@vmware.com>
2022-02-15 17:25:02 +08:00
stonezdj(Daojun Zhang)
02e13390e0
Remove noise in log ( #16333 )
...
DB Config Manager could be registered twice if need to enable cache
Get trace config only when the trace is enabled
Signed-off-by: stonezdj <stonezdj@gmail.com>
2022-02-10 15:42:45 +08:00
Chenyu Zhang
4ef2d65451
Merge pull request #16286 from chlins/fix/skip-replication-for-proxy-cache
...
fix: skip replication to proxy cache project
2022-02-07 17:06:03 +08:00
He Weiwei
8554b7d7c5
refactor: replace lib/pq with jackc/pgx ( #16267 )
...
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2022-01-27 11:09:37 +08:00
Wang Yan
0a183feab6
add cosign support in replication ( #16282 )
...
For the case Harbor-to-Harbor, the accessory can be replicated from source or to target.
Signed-off-by: Wang Yan <wangyan@vmware.com>
2022-01-26 21:35:17 +08:00
chlins
b1afd2efb0
fix: skip replication to proxy cache project
...
Signed-off-by: chlins <chenyuzh@vmware.com>
2022-01-26 17:24:39 +08:00
Daniel Jiang
60189f2cef
Merge pull request #16181 from JoooostB/16180-oidc-auto-onboard
...
Store Username in auto-onboard flow (resolves #16180 )
2022-01-25 11:00:38 +08:00
stonezdj(Daojun Zhang)
307b8973ce
Merge pull request #16260 from stonezdj/22jan21_ldap_group_duplicate
...
Group members lose access to push or see projects on Harbor
2022-01-25 10:15:54 +08:00
Joost Buskermolen
c103a6e9ef
fix: Store Username in auto-onboard flow
...
Signed-off-by: Joost Buskermolen <joost@buskervezel.nl>
fix: Remove conditional & elaborate comment on fix
Signed-off-by: Joost Buskermolen <joost@buskervezel.nl>
Add conditional to res.Username override
Signed-off-by: Joost Buskermolen <joost@buskervezel.nl>
test: Set Username based on configured UserClaim
Signed-off-by: Joost Buskermolen <joost@buskervezel.nl>
fix: Remove breaking conditional
Username may be set already if the token has a name claim.
Username is should always be set as the autoOnboard setting.
Signed-off-by: Joost Buskermolen <joost@buskervezel.nl>
Remove conditional altogether
autoOnboardUsername should always be the same as Username
Signed-off-by: Joost Buskermolen <joost@buskervezel.nl>
2022-01-24 14:38:23 +01:00
stonezdj
20526c5c52
Group members lose access to push or see projects on Harbor
...
Handle the case if there is duplicate user group name when onboard ldap user group
Continue to attach groups when it fail on one item
Fixes #16220
Signed-off-by: stonezdj <stonezdj@gmail.com>
2022-01-22 15:07:34 +08:00
chlins
ed4d9a533e
fix: add worker pool for execution sweep to limit workers
...
Signed-off-by: chlins <chenyuzh@vmware.com>
2022-01-20 10:45:00 +08:00
Wang Yan
01c6f6084b
modify artifact copy api to support cosign ( #16194 )
...
Signed-off-by: Wang Yan <wangyan@vmware.com>
2022-01-17 15:52:14 +08:00
Wang Yan
063991078a
Cosign policy checker ( #16187 )
...
Enable policy checker for cosign, when it's enabled, user cannot pull artifact without cosign.
Signed-off-by: wang yan <wangyan@vmware.com>
2022-01-10 17:44:01 +08:00
Chenyu Zhang
b417e877b5
Merge pull request #16107 from chlins/feat/async-update-artifact-pull_count
...
feat: async update artifact pull time and repository pull count
2022-01-05 11:14:28 +08:00
Wang Yan
2111703d8d
Cosign artifact api
...
1,update artifact list & delete api to support accessory
2, add list accesories api
Signed-off-by: Wang Yan <wangyan@vmware.com>
2022-01-05 11:13:40 +08:00
chlins
de7978e1b5
feat: async update artifact pull time and repository pull count
...
Signed-off-by: chlins <chenyuzh@vmware.com>
2021-12-24 11:17:44 +08:00
rao yunkun
ce6bf73884
Merge remote-tracking branch 'upstream/main'
2021-12-05 16:34:04 +08:00
Wang Yan
742e7ded00
add accessory dao service ( #16045 )
...
Signed-off-by: wang yan <wangyan@vmware.com>
2021-12-03 14:34:02 +08:00
stonezdj(Daojun Zhang)
060341ba4e
Merge pull request #15949 from stonezdj/21nov4_cache_properties
...
Enable db config cache explicitly
2021-11-16 14:39:10 +08:00
chlins
f880bc3361
fix(replication): enhance the replication rule validation
...
Signed-off-by: chlins <chenyuzh@vmware.com>
2021-11-12 09:53:11 +08:00
Chenyu Zhang
3aa698c7c9
fix(replication): list projects before replicate to reduce create duplicate project and requests to target registry ( #15934 )
...
Signed-off-by: chlins <chenyuzh@vmware.com>
2021-11-08 10:39:58 +08:00
stonezdj
21601f5e3c
Enable db config cache explicitly
...
previous config is not cached because it is initialized when cache is not ready
Signed-off-by: stonezdj <stonezdj@gmail.com>
2021-11-04 16:01:25 +08:00
stonezdj(Daojun Zhang)
465240216a
Merge pull request #15864 from stonezdj/21oct25_fix_crash_missing_ldap_attribut
...
Check empty ldap attributes value
2021-11-02 08:56:33 +08:00
stonezdj
ec23ddabc3
Check empty ldap attributes value
...
fixes #11986
Signed-off-by: stonezdj <stonezdj@gmail.com>
2021-11-01 17:56:37 +08:00
Chenyu Zhang
be27792170
Merge pull request #15845 from chlins/fix/codeql-golang-security-issues
...
fix: handle codeql golang security issues
2021-10-22 13:27:07 +08:00
Alexis L
5fd6168c57
fix(scan): Add function to avoid writing creds in jobservice logs, switch to debug instead of info ( #15747 )
...
Signed-off-by: Alexis <60alexis@gmail.com>
2021-10-22 11:34:15 +08:00
chlins
9e8218f63b
fix: handle codeql golang security issues
...
Signed-off-by: chlins <chenyuzh@vmware.com>
2021-10-22 10:51:26 +08:00
Wang Yan
6014646bcb
fixes gc dry run issue ( #15804 )
...
fixes #15332 , for the dry run mode, gc job should not remove the untagged candidates.
To fix it, use the simulate untagged artifact deletion for dry-run.
Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-10-19 07:42:54 +08:00
Shatakshi Gupta
76733d72be
fixed S1008 bugbash error ( #15781 )
...
Signed-off-by: Shatakshi <shatakshi.gupta85@gmail.com>
2021-10-14 20:10:48 +08:00
Soumik Majumder
eb7329a471
Fix semgrep sprintf-host-port ( #15782 )
...
Signed-off-by: Soumik Majumder <soumikm@vmware.com>
2021-10-14 20:10:27 +08:00
Wang Yan
f9d1294b45
roll back the runner count ( #15792 )
...
It takes about 1 hour to perform data for 40000 repositories per performance testing.
Roll back the runner count to 100 could speed the data preparation time.
It's safe since it only takes 100 DB connection counts at most per execution per core.
Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-10-14 19:05:30 +08:00
He Weiwei
b390112f5a
fix: convert severity from negligible to none before saving to db ( #15791 )
...
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-10-14 16:02:38 +08:00
Wang Yan
729d2e6590
fix replication DB connection issue
...
fixes #15736
For the current imple, the GetWorker() may hang when there is no worker available, and will not release the DB connection.
In this case, the DB connection could reach the up limit that leads to harbor core for service unavailable.
1, move GetWorker() in the goroutine, release the DB connection for API.
2, reduce the worker count per harbor-core from 1024 to 10.
3, reduce the runner count per worker to 30.
After above, the max connection per harbor-core should be 300.
Worker: To control how many replicaiton exectuions can have at most at the same time.
Runner: To control the speed to generate an jobservice replicaiton job.
Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-10-14 11:31:33 +08:00
Shengwen YU
4d89c845d0
fix: webhook log ( #15756 )
...
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
Co-authored-by: Shengwen Yu <yshengwen@vmware.com>
2021-10-13 15:46:04 +08:00
Wang Yan
f57c426409
bump up jwt version ( #15730 )
...
Upgrade the jwt to github.com/golang-jwt/jwt/v4, and it's backwards compatible with v3.x.y.
Signed-off-by: wang yan <wangyan@vmware.com>
2021-10-08 16:09:00 +08:00
stonezdj
06715af303
Allow empty email attribute for ldap/oidc user
...
Define user.Email as sql.NullString to avoid unique constraint when email is empty in LDAP/OIDC
Separate the common/models/User with the pkg/user/dao/User
Fixes #10400
Signed-off-by: stonezdj <stonezdj@gmail.com>
2021-09-30 14:35:18 +08:00
Daniel Jiang
c3f92a748c
Merge pull request #15660 from reasonerjt/no-warning-groupclaim
...
Do not print warning message if group claim is empty
2021-09-24 18:23:05 +08:00