Daniel Jiang
387be3686a
Refine the way to set X-Forwarded-Proto in nginx
...
Refine the way to set the header so user won't need to comment it if
Harbor is sitting behind a reverse proxy.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-02-25 17:43:55 +08:00
Josh Soref
dfe360040b
Spelling
...
* addition
* attribute
* auditing
* availability
* available
* bandwidth
* browser
* business
* cadence
* chartmuseum
* client
* column
* content
* demonstrate
* described
* endpoints
* facilitate
* github
* harbor
* information
* instance
* manual
* meaningful
* operation
* overridden
* password
* possible
* project
* refactor
* replication
* requires
* running
* scanned
* settings
* signup
* those
* unsigned
* vulnerability
--
Also removes trailing space from a filename
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
2021-02-19 11:59:15 +08:00
DQ
307c5a8ed4
Fix metrics template for http mode
...
the port shouldn't be hardcode
Signed-off-by: DQ <dengq@vmware.com>
2021-02-05 18:44:28 +00:00
DQ
051b5f289d
Add sen existed check for internal cert
...
fali ealier when there is no san
Signed-off-by: DQ <dengq@vmware.com>
2021-01-28 08:22:07 +00:00
Qian Deng
f013d88efc
Merge pull request #14013 from ninjadq/upgrade_script_for_2_2_0
...
Harbor upgrading for 2.2
2021-01-22 18:10:24 +08:00
Qian Deng
045e1d9abe
Merge pull request #14040 from ninjadq/metric_improvement
...
Metric improvement
2021-01-22 17:13:57 +08:00
DQ
489f31d8fe
Add upgrade scirpt for 2.2
...
1. add metrics config item in config
2. upgrade version in template
Signed-off-by: DQ <dengq@vmware.com>
2021-01-22 16:15:06 +08:00
Wang Yan
dba229d0df
build third party binaries in CI ( #14019 )
...
Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-01-22 11:33:42 +08:00
DQ
92cf728371
Add custom cert for exporter
...
* injecting custom certs related config to exporter
Signed-off-by: DQ <dengq@vmware.com>
2021-01-20 10:52:34 +08:00
DQ
a61e9b0e2e
Add san for notary upgrading
...
if san not exists then remove that cert, prepare will regenerate one
Signed-off-by: DQ <dengq@vmware.com>
2021-01-18 21:00:35 +08:00
Daniel Jiang
1b64b9fdc2
Bump up the go-migrate ( #13914 )
...
Bump it up to v4.11.0 to be consistent with harbor-core
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-01-11 19:08:17 +08:00
Qian Deng
642d56041d
Add san for notary cert ( #13928 )
...
Signed-off-by: DQ <dengq@vmware.com>
2021-01-08 01:00:34 +08:00
stonezdj
6b8fb8431d
Add quay registry to proxy cache
...
Update env.jinja to add quay
Signed-off-by: stonezdj <stonezdj@gmail.com>
2021-01-06 17:22:57 +08:00
Wenkai Yin(尹文开)
19ad8ad68d
Merge pull request #13823 from reasonerjt/inst-cert-home-dir
...
Replace tilde in install_cert.sh
2020-12-25 10:25:51 +08:00
Wang Yan
7a8a8fa104
upgrade go version to v1.15.6 ( #13836 )
...
Signed-off-by: wang yan <wangyan@vmware.com>
2020-12-23 18:53:09 +08:00
Daniel Jiang
9d99dfa82b
Replace tilde in install_cert.sh
...
This commit fixes #13287 to remove the usage of tilde as the $HOME is not available in some
cases. More details see #13287
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-12-21 20:39:34 +08:00
Qian Deng
31138f12b0
Merge pull request #13806 from ninjadq/fix_python_yaml_load
...
Fix pythom yaml load to safe_load
2020-12-21 16:04:12 +08:00
Qian Deng
9197471e70
Add Scan for internal tls ( #13810 )
...
Signed-off-by: DQ <dengq@vmware.com>
2020-12-21 15:23:11 +08:00
Will Sun
4392a626f3
Merge pull request #13804 from AllForNothing/scan-all
...
Fix robot account UI issues
2020-12-18 15:48:26 +08:00
AllForNothing
b20cc474b3
Fix robot account UI issues
...
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-12-18 14:11:08 +08:00
DQ
234b29e170
Fix pythom yaml load to safe_load
...
Signed-off-by: DQ <dengq@vmware.com>
2020-12-16 14:59:06 +08:00
DQ
19e8527cc1
Fix log level issue in registry
...
1. fix level issue in registry.jinja
2. add log level to registryctl
Signed-off-by: DQ <dengq@vmware.com>
2020-12-14 11:52:42 +08:00
DQ
d95f22448c
Add cache for exporter
...
Add timed cache for exporter
default cache time is 30s, cleanup job run every 4 hours
Signed-off-by: DQ <dengq@vmware.com>
2020-12-09 21:22:40 +08:00
DQ
f0db193895
Add prepare file for exporter
...
prepare env for exporter
Signed-off-by: DQ <dengq@vmware.com>
2020-12-09 21:22:13 +08:00
DQ
dc0047c48c
Add build script for exporter
...
- Add dockerfile
- update makefile
Signed-off-by: DQ <dengq@vmware.com>
2020-12-09 20:42:21 +08:00
DQ
590212b485
Remove clair related code
...
- clair code in harbor core
- clair code in frontend
- clair code in robotcase
Signed-off-by: DQ <dengq@vmware.com>
2020-11-27 14:01:04 +08:00
stonezdj(Daojun Zhang)
be4e6a5985
Merge pull request #13537 from stonezdj/201118_add_more_registry_type
...
Add more registry type to proxy cache
2020-11-26 11:16:16 +08:00
Ziming Zhang
d55f55aeb9
fix(chartmuseum) compatible s3 cache fail
...
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2020-11-25 17:00:16 +08:00
stonezdj
e667121a34
Add more registry type to proxy cache
...
Includes: azure-acr, aws-ecr, google-gcr
Signed-off-by: stonezdj <stonezdj@gmail.com>
2020-11-18 10:38:07 +08:00
Will Sun
eca3de3489
Merge pull request #13494 from dirkmueller/lock_json_include
...
Include package.json/package-lock.json in portal image
2020-11-16 16:38:02 +08:00
Dirk Mueller
12adc63a48
Include package.json/package-lock.json in portal image
...
This allows Trivy and other vulnerability scanners to correctly
determine the embedded dependencies in minified harbor-portal image.
Also simplify build process by reducing the number of layers in the
final stage container image
Signed-off-by: Dirk Mueller <dirk@dmllr.de>
2020-11-11 21:21:28 +01:00
DQ
0c9faea294
Clean up Clair in prepare script
...
Signed-off-by: DQ <dengq@vmware.com>
2020-11-10 11:39:18 +08:00
DQ
8a584aff89
Clean up clair and clair-adapter in build scripts
...
1. Makefles
2. Dockerfiles
3. Installation script
4. harbor.yml template
Signed-off-by: DQ <dengq@vmware.com>
2020-11-10 11:39:18 +08:00
DQ
9152521b11
Fix: log container password expire
...
move chage command to base image
Signed-off-by: DQ <dengq@vmware.com>
2020-11-09 18:29:41 +08:00
DQ
eb470501be
Add metrics to Harbor Core
...
1. Add configs in prepare
2. Add models and config items in Core
3. Encapdulate getting metric in commom package
4. Add a middleware for global request to collect 3 metrics
Signed-off-by: DQ <dengq@vmware.com>
2020-11-03 14:33:10 +08:00
Daniel Jiang
fb687aeef8
Use pkg/token to generate JWT token
...
This commit refactors the approach to encode a token in handler of /service/token,
by reusing pkg/token to avoid inconsistency.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-10-15 16:16:44 +08:00
DQ
184e89365b
Fix internal tls config upgrade issue
...
internal tls config upgrade is not included in template, this pr is to add it.
Signed-off-by: DQ <dengq@vmware.com>
2020-09-25 09:54:31 +08:00
DQ
17f3bfccb4
Fix trivy setting in upgrading script
...
Signed-off-by: DQ <dengq@vmware.com>
2020-09-08 18:15:57 +08:00
He Weiwei
687043c298
Merge pull request #12880 from stefannica/use-exit-in-db-entrypoint
...
Use exec in harbor database entrypoint
2020-08-28 10:09:58 +08:00
Ziming Zhang
ff19dd499c
fix(jobservice) redis sentinel failover hang
...
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2020-08-26 10:42:44 +08:00
Stefan Nica
1c768d0bf1
Use exec in harbor database entrypoint
...
The harbor-db pod takes a long time to terminate. Using an `exec`
command in the entrypoint ensures that Unix signals reach the
postgres process [1].
[1] https://docs.docker.com/engine/reference/builder/#exec-form-entrypoint-example
Signed-off-by: Stefan Nica <snica@suse.com>
2020-08-25 20:24:52 +02:00
Daniel Jiang
4f812f7926
Merge pull request #12811 from ninjadq/fix_portal_health_check
...
Fix schema of the portal health check
2020-08-21 13:44:47 +08:00
Dirk Mueller
08a4d8efd2
Update to golang 1.14.7 ( #12809 )
...
We should use a golang that isn't having security issues.
This includes:
* go1.14.6 (released 2020/07/16) includes fixes to the go command, the
compiler, the linker, vet, and the database/sql, encoding/json,
net/http, reflect, and testing packages. See the Go 1.14.6 milestone on
our issue tracker for details.
* go1.14.7 (released 2020/08/06) includes security fixes to the
encoding/binary package. See the Go 1.14.7 milestone on our issue
tracker for details (CVE-2020-16845)
Signed-off-by: Dirk Mueller <dirk@dmllr.de>
Signed-off-by: Dirk Mueller <dmueller@suse.com>
2020-08-20 15:38:35 +08:00
DQ
e9323ca268
Fix schema of the portal health check
...
it should be https
Signed-off-by: DQ <dengq@vmware.com>
2020-08-19 15:58:51 +08:00
Wenkai Yin
b1ddb5e2cc
Implement the icon API to get the icon of artifact
...
Implement the icon API to get the icon of artifact
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-08-15 08:40:38 +08:00
Qian Deng
5dbbfa76d3
Merge pull request #12766 from ninjadq/add_log_dependency_to_trivy
...
Add log denpendency ti trivy
2020-08-13 18:23:09 +08:00
Qian Deng
78d4b54ddc
Merge pull request #12765 from ninjadq/fix_trivy_append_in_2_1_0_config
...
Fix: append trivy every time when run migrate
2020-08-13 14:47:54 +08:00
DQ
a251e90507
Add log denpendency ti trivy
...
To void trivy can not start issue
Signed-off-by: DQ <dengq@vmware.com>
2020-08-13 11:35:21 +08:00
DQ
7ba498be5b
Fix: append trivy every time run migrate
...
Signed-off-by: DQ <dengq@vmware.com>
2020-08-11 17:43:25 +08:00
He Weiwei
8f036c765a
chore(images): install shadow package in base images
...
The latest `photon:2.0` does not include `groupadd` and `useradd`
we need to install `shadow` package which includes these commands.
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-08-10 10:23:48 +00:00