By default, use the nvd score as the primary score, and if it is unavailable, fallback to the redhat score.
fix#20269
Signed-off-by: wang yan <wangyan@vmware.com>
* add stop sbom scanning API
1. [UI] support to stop sbom scanning #20200
2. add type for stop scanning api, make it able to support both vulnerability and sbom.
3. refactor the db query to support multiple extra attributes.
Signed-off-by: wang yan <wangyan@vmware.com>
Signed-off-by: xuelichao <xuel@vmware.com>
Co-authored-by: xuelichao <xuel@vmware.com>
delete membership=0 in getProjectsByName but lets getProjects still using membership=1 for reserve if getProjectsByName not found any
Signed-off-by: prima <prima101112@gmail.com>
add artifact_type for artifact model to support artifactType filter
Signed-off-by: yminer <yminer@vmware.com>
add 2.11 sql schema & update index artifactType omitted
Signed-off-by: yminer <yminer@vmware.com>
update UT
update migrate sql for artifact_type
Signed-off-by: yminer <yminer@vmware.com>
remove debug line
* add generate sbom object utility
Leverage the go-containerregistry to generate the oci object for sbom and add it as an accessory of the subject artifact.
Signed-off-by: wang yan <wangyan@vmware.com>
* remove vendor
Signed-off-by: wang yan <wangyan@vmware.com>
* resolve comments
Signed-off-by: wang yan <wangyan@vmware.com>
* fix ut
Signed-off-by: wang yan <wangyan@vmware.com>
* resolve comments
Signed-off-by: wang yan <wangyan@vmware.com>
* remove the todo comments
Signed-off-by: wang yan <wangyan@vmware.com>
---------
Signed-off-by: wang yan <wangyan@vmware.com>
* feat: update to golang-jwt v5.2.0
Signed-off-by: Antoine Jouve <ant.jouve@gmail.com>
* fix: module issues and robot claims
Signed-off-by: Antoine Jouve <ant.jouve@gmail.com>
* fix: add missing time import
Signed-off-by: Antoine Jouve <ant.jouve@gmail.com>
* feat: set jwt validation leeway to 60s
Signed-off-by: Antoine Jouve <ant.jouve@gmail.com>
* fix: update leeways that were still set to 10s
Signed-off-by: Antoine Jouve <ant.jouve@gmail.com>
* feat: update go.sum
Signed-off-by: Antoine Jouve <ant.jouve@gmail.com>
* feat: add two leeway related test cases
Signed-off-by: Antoine Jouve <ant.jouve@gmail.com>
* fix: correct jwt audience validation
Signed-off-by: Antoine Jouve <ant.jouve@gmail.com>
* fix: gofmt v2_token.go
Signed-off-by: Antoine Jouve <ant.jouve@gmail.com>
* feat: take into account review comments
Signed-off-by: Antoine Jouve <ant.jouve@gmail.com>
* feat: use a common constant to store JWT leeway
Signed-off-by: Antoine Jouve <ant.jouve@gmail.com>
---------
Signed-off-by: Antoine Jouve <ant.jouve@gmail.com>
Signed-off-by: Antoine Jouve <an-toine@users.noreply.github.com>
Co-authored-by: MinerYang <yminer@vmware.com>
1. Add db index for subject_artifact_id in table artifact_accessory.
2. Optimize the SQL of excluding the accessory for artifact count.
Signed-off-by: chlins <chenyuzh@vmware.com>
The permission api targets to return the full set of permissons for robot to use.
And only system and project admin have the access
Signed-off-by: wang yan <wangyan@vmware.com>
Check username when creating user by API
Replace comma with underscore in username for OnboardUser
Fixes#19356
Signed-off-by: stonezdj <daojunz@vmware.com>
In certain cases, the OCI client may push the subject artifact and accessory in either order.
Therefore, it is necessary to handle situations where the client pushes the accessory ahead of the subject artifact.
Signed-off-by: wang yan <wangyan@vmware.com>
Remove job status track information from redis after stop the job in the queue
After stop in the queue:
Remove key in {harbor_job_service_namespace}:job_track:inprogress
Remove {harbor_job_service_namespace}:job_stats:<job_id>
fixes#19211
Signed-off-by: stonezdj <daojunz@vmware.com>
Support to configure the customized redis db for cache layer and other
misc business for core, by default the behavior is same with
previous(stored in db 0).
Signed-off-by: chlins <chenyuzh@vmware.com>
1. Change some logs level to reduce the noise.
2. Wrap the go-redis.Nil error as ErrNotFound to avoid confusing
Signed-off-by: chlins <chenyuzh@vmware.com>
fix: add storage_limit check (add ValidateQuotaLimit as a general method to validate quota limit value)
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
Check it is referred by a scan_report
Add index to report_vulnerability_record to improve performance
Fixes#19014#19028
Signed-off-by: stonezdj <daojunz@vmware.com>