harbor

mirror of https://github.com/goharbor/harbor.git synced 2025-03-27 05:49:17 +01:00

Author	SHA1	Message	Date
stonezdj(Daojun Zhang)	9c3fc28250	Allow generate sbom in proxy cache project (#20298 ) Signed-off-by: stonezdj <stone.zhang@broadcom.com>	2024-04-19 02:14:28 +00:00
Lichao Xue	e8907a47ab	SBOM UI feature implementation (#19946 ) * draft: sbom UI feature implementation Signed-off-by: xuelichao <xuel@vmware.com> * refactor based on swagger yaml changes Signed-off-by: xuelichao <xuel@vmware.com> * update scan type for scan and stop sbom request Signed-off-by: xuelichao <xuel@vmware.com> --------- Signed-off-by: xuelichao <xuel@vmware.com>	2024-04-18 08:22:11 +00:00
Ikko Eltociear Ashimine	4fd11ce072	refactor: update controller.go (#20297 ) minor fix Signed-off-by: Ikko Eltociear Ashimine <eltociear@gmail.com> Co-authored-by: MinerYang <yminer@vmware.com>	2024-04-18 14:26:03 +08:00
stonezdj(Daojun Zhang)	2ea7d09412	skip to log scan sbom accessory for sbom accessory (#20290 ) Avoid to log the generate SBOM failure message when the artifact is SBOM in webhook event Signed-off-by: stonezdj <stone.zhang@broadcom.com>	2024-04-17 14:51:11 +00:00
stonezdj(Daojun Zhang)	fb2e0042d0	Rename scan request type (#20288 ) Signed-off-by: stonezdj <stone.zhang@broadcom.com>	2024-04-17 09:52:50 +00:00
Shengwen YU	6709c789fb	feat: add test case for customizing OIDC provider name (#20287 ) Signed-off-by: Shengwen Yu <yshengwen@vmware.com>	2024-04-17 15:52:58 +08:00
stonezdj(Daojun Zhang)	654aa8edcf	Add generate SBOM feature (#20251 ) * Add SBOM scan feature Add scan handler for sbom Delete previous sbom accessory before the job service Signed-off-by: stonezdj <daojunz@vmware.com> * fix issue Signed-off-by: stonezdj <stone.zhang@broadcom.com> --------- Signed-off-by: stonezdj <daojunz@vmware.com> Signed-off-by: stonezdj <stone.zhang@broadcom.com> Co-authored-by: stonezdj <daojunz@vmware.com>	2024-04-16 13:34:19 +00:00
Shengwen YU	67c03ddc4f	fix: update TRIVYVERSION=v0.50.1 && TRIVYADAPTERVERSION=v0.31.0 (#20285 ) Signed-off-by: Shengwen Yu <yshengwen@vmware.com>	2024-04-16 18:37:16 +08:00
Wang Yan	550bf1d750	fix issue 20269 (#20274 ) By default, use the nvd score as the primary score, and if it is unavailable, fallback to the redhat score. fix #20269 Signed-off-by: wang yan <wangyan@vmware.com>	2024-04-16 16:49:52 +08:00
Shengwen YU	91efec1e2a	fix: update the image reference format for audit log when pulling image (#20278 ) Signed-off-by: Shengwen Yu <yshengwen@vmware.com>	2024-04-16 11:11:59 +08:00
dependabot[bot]	938c804513	Bump go.uber.org/ratelimit from 0.2.0 to 0.3.1 in /src (#20204 ) Bumps [go.uber.org/ratelimit](https://github.com/uber-go/ratelimit) from 0.2.0 to 0.3.1. - [Changelog](https://github.com/uber-go/ratelimit/blob/main/CHANGELOG.md) - [Commits](https://github.com/uber-go/ratelimit/compare/v0.2.0...v0.3.1) --- updated-dependencies: - dependency-name: go.uber.org/ratelimit dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com> Co-authored-by: Wang Yan <wangyan@vmware.com>	2024-04-16 10:11:19 +08:00
Iceber Gu	a2507dc3fc	Sending signals by closing the channel (#17917 ) Signed-off-by: Iceber Gu <wei.cai-nat@daocloud.io>	2024-04-15 12:37:59 +00:00
dependabot[bot]	79dbebd48d	Bump golang.org/x/oauth2 from 0.15.0 to 0.19.0 in /src (#20247 ) Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.15.0 to 0.19.0. - [Commits](https://github.com/golang/oauth2/compare/v0.15.0...v0.19.0) --- updated-dependencies: - dependency-name: golang.org/x/oauth2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-04-15 19:04:22 +08:00
dependabot[bot]	b8392968ac	Bump github.com/coreos/go-oidc/v3 from 3.9.0 to 3.10.0 in /src (#20202 ) Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc) from 3.9.0 to 3.10.0. - [Release notes](https://github.com/coreos/go-oidc/releases) - [Commits](https://github.com/coreos/go-oidc/compare/v3.9.0...v3.10.0) --- updated-dependencies: - dependency-name: github.com/coreos/go-oidc/v3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-04-15 18:18:53 +08:00
dependabot[bot]	8bf26c0d1d	Bump k8s.io/api from 0.29.0 to 0.29.3 in /src (#20205 ) Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.29.0 to 0.29.3. - [Commits](https://github.com/kubernetes/api/compare/v0.29.0...v0.29.3) --- updated-dependencies: - dependency-name: k8s.io/api dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-04-15 16:47:55 +08:00
MinerYang	7465a29919	add SBOM icon (#20270 ) Signed-off-by: yminer <yminer@vmware.com>	2024-04-12 20:12:46 +08:00
MinerYang	7e8032b144	bump golang to 1.22.2 (#20256 ) Signed-off-by: yminer <yminer@vmware.com> replace go get to go install update go.mod	2024-04-12 13:46:29 +08:00
MinerYang	e9d2f50669	update mockery to v2.42.2 (#20258 ) Signed-off-by: yminer <yminer@vmware.com>	2024-04-11 03:37:59 +00:00
Shengwen YU	643e84cdfe	feat: expose `trivy.timeout` to configure the duration to wait for scan completion (#20257 ) Signed-off-by: Shengwen Yu <yshengwen@vmware.com>	2024-04-11 10:47:07 +08:00
Shengwen YU	4c9e84cae1	fix: update e2e test engine images (#20223 ) Signed-off-by: Shengwen Yu <yshengwen@vmware.com>	2024-04-11 10:05:05 +08:00
stonezdj(Daojun Zhang)	5d7c668028	Support list artifact with_sbom_overview option (#20244 ) Signed-off-by: stonezdj <stone.zhang@broadcom.com> Co-authored-by: stonezdj <daojunz@vmware.com>	2024-04-10 14:47:45 +00:00
stonezdj(Daojun Zhang)	89995075a7	Update swagger API to display SBOM content in addition API (#20234 ) complete task #20066 Signed-off-by: stonezdj <daojunz@vmware.com> Co-authored-by: stonezdj <daojunz@vmware.com>	2024-04-10 12:39:25 +00:00
tostt	a858fb4f4d	Updated internationalisation : fr-fr (#20179 ) * Update french translation Signed-off-by: tostt <tostt@users.noreply.github.com> * More updates french language Signed-off-by: tostt <tostt@users.noreply.github.com> * Corr. spelling Signed-off-by: tostt <tostt@users.noreply.github.com> * Update src/portal/src/i18n/lang/fr-fr-lang.json Co-authored-by: Florian Blampey <flbla@users.noreply.github.com> Signed-off-by: tostt <tostt@users.noreply.github.com> * Update src/portal/src/i18n/lang/fr-fr-lang.json Co-authored-by: Florian Blampey <flbla@users.noreply.github.com> Signed-off-by: tostt <tostt@users.noreply.github.com> * Update src/portal/src/i18n/lang/fr-fr-lang.json Co-authored-by: Thomas Coudert <couderthomas@gmail.com> Signed-off-by: tostt <tostt@users.noreply.github.com> * Update src/portal/src/i18n/lang/fr-fr-lang.json Co-authored-by: Thomas Coudert <couderthomas@gmail.com> Signed-off-by: tostt <tostt@users.noreply.github.com> * Update src/portal/src/i18n/lang/fr-fr-lang.json Co-authored-by: Thomas Coudert <couderthomas@gmail.com> Signed-off-by: tostt <tostt@users.noreply.github.com> * Update src/portal/src/i18n/lang/fr-fr-lang.json Co-authored-by: Thomas Coudert <couderthomas@gmail.com> Signed-off-by: tostt <tostt@users.noreply.github.com> * Update src/portal/src/i18n/lang/fr-fr-lang.json Co-authored-by: Thomas Coudert <couderthomas@gmail.com> Signed-off-by: tostt <tostt@users.noreply.github.com> * Update src/portal/src/i18n/lang/fr-fr-lang.json Co-authored-by: Thomas Coudert <couderthomas@gmail.com> Signed-off-by: tostt <tostt@users.noreply.github.com> * Update fr-fr-lang.json : further changes following thcdrt's review Signed-off-by: tostt <tostt@users.noreply.github.com> * Update src/portal/src/i18n/lang/fr-fr-lang.json Co-authored-by: Thomas Coudert <couderthomas@gmail.com> Signed-off-by: tostt <tostt@users.noreply.github.com> * Update fr-fr-lang.json: translate Expand to Déplier Signed-off-by: tostt <tostt@users.noreply.github.com> * Update fr-fr-lang.json: Remove duplicate portion of text Signed-off-by: tostt <tostt@users.noreply.github.com> --------- Signed-off-by: tostt <tostt@users.noreply.github.com> Co-authored-by: Vadim Bauer <vb@container-registry.com> Co-authored-by: Florian Blampey <flbla@users.noreply.github.com> Co-authored-by: Thomas Coudert <couderthomas@gmail.com> Co-authored-by: Wang Yan <wangyan@vmware.com>	2024-04-10 15:17:30 +08:00
MinerYang	2bb5166c80	adopt cosign with oci-spec 1.1 (#20245 ) Signed-off-by: yminer <yminer@vmware.com> add comment for cosign middlware	2024-04-10 13:46:00 +08:00
stonezdj(Daojun Zhang)	2e7db335b3	Add auto generate SBOM on push feature (#20250 ) Signed-off-by: stonezdj <daojunz@vmware.com> Co-authored-by: stonezdj <daojunz@vmware.com> Co-authored-by: Wang Yan <wangyan@vmware.com>	2024-04-09 09:30:53 +00:00
MinerYang	03d9575d84	update referrer manifest descriptor size (#20207 ) cache manifest when first time pull if cacheEnabled Signed-off-by: yminer <yminer@vmware.com>	2024-04-09 08:50:46 +00:00
Wang Yan	461a5fa50d	add stop sbom scanning API (#20200 ) * add stop sbom scanning API 1. [UI] support to stop sbom scanning #20200 2. add type for stop scanning api, make it able to support both vulnerability and sbom. 3. refactor the db query to support multiple extra attributes. Signed-off-by: wang yan <wangyan@vmware.com> Signed-off-by: xuelichao <xuel@vmware.com> Co-authored-by: xuelichao <xuel@vmware.com>	2024-04-09 16:07:47 +08:00
stonezdj(Daojun Zhang)	be648ea47f	Refactor scan job service make it easy to add new scan type (#20177 ) Signed-off-by: stonezdj <daojunz@vmware.com> Signed-off-by: stonezdj(Daojun Zhang) <stonezdj@gmail.com> Co-authored-by: stonezdj <daojunz@vmware.com>	2024-04-09 16:05:30 +08:00
guangwu	ff1a5056d7	fix: close blob io ReadCloser (#20225 ) Signed-off-by: guoguangwu <guoguangwug@gmail.com> Co-authored-by: Wang Yan <wangyan@vmware.com>	2024-04-09 14:27:46 +08:00
stonezdj(Daojun Zhang)	96ba34a93c	Allow empty path in redirect_url (#20238 ) fixes #20226 Signed-off-by: stonezdj <daojunz@vmware.com> Co-authored-by: stonezdj <daojunz@vmware.com>	2024-04-09 02:24:57 +00:00
MinerYang	389a8c49f4	update artifact_type column alteration (#20239 ) update column if is null Signed-off-by: yminer <yminer@vmware.com> Co-authored-by: Wang Yan <wangyan@vmware.com>	2024-04-08 14:25:19 +08:00
Shengwen YU	c8370faeeb	fix: test robot account permission (#20240 ) Signed-off-by: Shengwen Yu <yshengwen@vmware.com>	2024-04-08 12:57:38 +08:00
Shengwen YU	c12064df4e	feat: add api test case for quota sorting (#20209 ) Signed-off-by: Shengwen Yu <yshengwen@vmware.com>	2024-04-07 13:47:49 +08:00
Prima Adi Pradana	7b8a322a88	delete membership=0 in getProjectsByName (#20153 ) delete membership=0 in getProjectsByName but lets getProjects still using membership=1 for reserve if getProjectsByName not found any Signed-off-by: prima <prima101112@gmail.com>	2024-04-05 15:29:07 +00:00
stonezdj(Daojun Zhang)	dd76fe47ce	Add SBOM scan REST API (#20215 ) Update swagger API for generate SBOM Signed-off-by: stonezdj <daojunz@vmware.com> Co-authored-by: stonezdj <daojunz@vmware.com>	2024-04-03 08:38:09 +00:00
stonezdj(Daojun Zhang)	b6366e03e9	Update GenAccessoryArt API to generate valid accessory for SBOM (#20214 ) Signed-off-by: stonezdj <daojunz@vmware.com> Co-authored-by: stonezdj <daojunz@vmware.com>	2024-04-03 07:59:15 +00:00
guangwu	9778176ff1	fix: close file (#20189 ) Signed-off-by: guoguangwu <guoguangwug@gmail.com> Co-authored-by: Wang Yan <wangyan@vmware.com>	2024-04-03 11:45:59 +08:00
stonezdj(Daojun Zhang)	cea47c7db3	Add accessory type for sbom (#20208 ) Signed-off-by: stonezdj <daojunz@vmware.com> Co-authored-by: stonezdj <daojunz@vmware.com>	2024-04-02 18:11:27 +08:00
MinerYang	680a6a828b	bump golang 1.21.8 on main (#20197 ) bump golang 1.21.8 Signed-off-by: yminer <yminer@vmware.com>	2024-04-02 10:22:03 +08:00
guangwu	b66d14d9f3	fix: typo (#20190 ) Signed-off-by: guoguangwu <guoguangwug@gmail.com>	2024-04-01 10:03:24 +08:00
Taras Katkov	da3c85be5a	fix image name extraction (#18992 ) * Update replication.go It also could be 'library/bitnami/fluentd:1.13.3-debian-10-r0' so we need to split resource to only 2 parts - possible namespace and image name which may include slashes for example - namespace: library, image: bitnami/fluentd:1.13.3-debian-10-r0 Signed-off-by: Taras Katkov <tkatkov@gmail.com> * Update replication_test.go Adding namespace and resource extraction tests. Signed-off-by: Taras Katkov <tkatkov@gmail.com> * Reformat only Signed-off-by: Taras Katkov <tkatkov@gmail.com> --------- Signed-off-by: Taras Katkov <tkatkov@gmail.com>	2024-03-30 13:41:50 +00:00
dependabot[bot]	7c2158bdf9	Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp from 1.21.0 to 1.24.0 in /src (#20037 ) Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp Bumps [go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp](https://github.com/open-telemetry/opentelemetry-go) from 1.21.0 to 1.24.0. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.21.0...v1.24.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Shengwen YU <yshengwen@vmware.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-03-29 18:08:06 +08:00
dependabot[bot]	6c2cafe7ba	Bump github.com/docker/docker from 24.0.7+incompatible to 24.0.9+incompatible in /src (#20147 ) Bump github.com/docker/docker in /src Bumps [github.com/docker/docker](https://github.com/docker/docker) from 24.0.7+incompatible to 24.0.9+incompatible. - [Release notes](https://github.com/docker/docker/releases) - [Commits](https://github.com/docker/docker/compare/v24.0.7...v24.0.9) --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-03-29 17:29:09 +08:00
dependabot[bot]	290b22cf17	Bump google.golang.org/protobuf from 1.31.0 to 1.33.0 in /src (#20124 ) Bumps google.golang.org/protobuf from 1.31.0 to 1.33.0. --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-03-29 16:51:51 +08:00
dependabot[bot]	6a0ee091d8	Bump github.com/jackc/pgx/v4 from 4.18.1 to 4.18.3 in /src (#20139 ) Bumps [github.com/jackc/pgx/v4](https://github.com/jackc/pgx) from 4.18.1 to 4.18.3. - [Changelog](https://github.com/jackc/pgx/blob/v4.18.3/CHANGELOG.md) - [Commits](https://github.com/jackc/pgx/compare/v4.18.1...v4.18.3) --- updated-dependencies: - dependency-name: github.com/jackc/pgx/v4 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Shengwen YU <yshengwen@vmware.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-03-29 16:14:23 +08:00
dependabot[bot]	ebb8050068	Bump golang.org/x/net from 0.17.0 to 0.22.0 in /src (#20113 ) Bumps [golang.org/x/net](https://github.com/golang/net) from 0.17.0 to 0.22.0. - [Commits](https://github.com/golang/net/compare/v0.17.0...v0.22.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Shengwen YU <yshengwen@vmware.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-03-29 15:15:28 +08:00
dependabot[bot]	ba840c20d4	Bump softprops/action-gh-release from 1 to 2 (#20115 ) Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release) from 1 to 2. - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](https://github.com/softprops/action-gh-release/compare/v1...v2) --- updated-dependencies: - dependency-name: softprops/action-gh-release dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-03-29 10:49:52 +08:00
dependabot[bot]	9beede0d82	Bump github.com/cloudevents/sdk-go/v2 from 2.14.0 to 2.15.2 in /src (#20099 ) Bumps [github.com/cloudevents/sdk-go/v2](https://github.com/cloudevents/sdk-go) from 2.14.0 to 2.15.2. - [Release notes](https://github.com/cloudevents/sdk-go/releases) - [Commits](https://github.com/cloudevents/sdk-go/compare/v2.14.0...v2.15.2) --- updated-dependencies: - dependency-name: github.com/cloudevents/sdk-go/v2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-03-28 11:02:43 +00:00
dependabot[bot]	4acde986a9	Bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.3 in /src (#20104 ) Bumps [github.com/go-jose/go-jose/v3](https://github.com/go-jose/go-jose) from 3.0.1 to 3.0.3. - [Release notes](https://github.com/go-jose/go-jose/releases) - [Changelog](https://github.com/go-jose/go-jose/blob/v3.0.3/CHANGELOG.md) - [Commits](https://github.com/go-jose/go-jose/compare/v3.0.1...v3.0.3) --- updated-dependencies: - dependency-name: github.com/go-jose/go-jose/v3 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-03-28 18:24:03 +08:00
dependabot[bot]	8b8b88d86a	Bump golang.org/x/sync from 0.3.0 to 0.6.0 in /src (#20036 ) Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.3.0 to 0.6.0. - [Commits](https://github.com/golang/sync/compare/v0.3.0...v0.6.0) --- updated-dependencies: - dependency-name: golang.org/x/sync dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-03-28 17:46:37 +08:00

1 2 3 4 5 ...

12119 Commits