Commit Graph

1225 Commits

Author SHA1 Message Date
MinerYang
6f1f2c0395
update 2.5.0 migration script harbor.yml.jinja (#16354)
Signed-off-by: yminer <yminer@vmmware.com>

Co-authored-by: yminer <yminer@vmmware.com>
2022-02-11 17:30:06 +08:00
MinerYang
6c97d3f0c7
rollback to delete external redis username (#16353)
Signed-off-by: yminer <yminer@vmmware.com>

Co-authored-by: yminer <yminer@vmmware.com>
2022-02-11 17:28:10 +08:00
MinerYang
77b6a130f8
Add Migration Script for Harbor 2.5 (#16346)
* add Harbor2.5 migration script

Signed-off-by: yminer <yminer@vmmware.com>

* update 2_5_0 migration harbor.yml.jinja

Signed-off-by: yminer <yminer@vmmware.com>

Co-authored-by: yminer <yminer@vmmware.com>
2022-02-11 12:18:06 +08:00
Wang Yan
6c3f9a8366
bump up distribution version to v2.8 (#16338)
Signed-off-by: Wang Yan <wangyan@vmware.com>
2022-02-10 11:46:58 +08:00
MinerYang
1a2dd256b5
Add external redis username for AUTH (#16336)
* add external redis username for AUTH

* update harbor.yml.tmpl

* add external redis username for AUTH

update harbor.yml.tmpl

Co-authored-by: yminer <yminer@vmmware.com>
2022-02-09 22:06:28 +08:00
Shengwen YU
0bf5998f96
upgrade Chartmuseum to v0.14.0 (#16334)
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>

Co-authored-by: Shengwen Yu <yshengwen@vmware.com>
2022-02-09 12:13:05 +08:00
Shengwen Yu
aacebcc8c4 fix: vulnerability_record & report_vulnerability_record table "integer out of range" error
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2022-02-09 10:19:46 +08:00
Yang Jiao
709a154724 Specify postgresql version to 13
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-01-27 06:46:15 +00:00
He Weiwei
8554b7d7c5
refactor: replace lib/pq with jackc/pgx (#16267)
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2022-01-27 11:09:37 +08:00
He Weiwei
89fe7b0819
Move removing old version scan reports of trivy to 2.4.2 (#16261)
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2022-01-24 14:05:24 +08:00
Shengwen Yu
46f97ecf6c feat: bump TRIVYVERSION to v0.22.0 and bump TRIVYADAPTERVERSION to v0.25.0
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2022-01-21 09:14:07 +08:00
Morlay
9ad68aa526
Updates goharbor to var IMAGENAMESPACE in Makefiles to make injectable (#15218)
Signed-off-by: Morlay <morlay.null@gmail.com>
2022-01-20 12:14:29 +08:00
MinerYang
6abc505060
Merge pull request #16239 from MinerYang/bump_up/go_v1.17.6
bump up go version to v1.17.6
2022-01-18 10:32:09 +08:00
yminer
9acf3d21ce bump up go version to v1.17.6
Signed-off-by: yminer <yminer@vmmware.com>
2022-01-17 17:45:22 +00:00
孙世军
8f77567589
Upgrade UI dependencies (#16233)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-01-17 14:20:20 +08:00
He Weiwei
097efb201b
fix: Clean old version scan reports of trivy (#16235)
From harbor 2.4, the trivy does not support scan report v1.0, we need to remove the old version scan reports from the DB.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2022-01-17 13:59:28 +08:00
Yang Jiao
b4de95941b Specify postgresql version to 13
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-01-12 08:55:42 +00:00
stonezdj
17d8b7b813 Add upload purge config to registry/config.yml
Enable the uploadpurging by default
  Fixes #15641

Signed-off-by: stonezdj <stonezdj@gmail.com>
2022-01-04 11:15:51 +08:00
Qian Deng
69a194b2b4 Fix: using traditional PKCS#1 format RSA key
The openssl 3.0.0 using newer `PKCS#8` format.
But it's not compatitable with harbor core
So using tradictional format instead

Signed-off-by: Qian Deng <dengq@vmware.com>
2021-12-10 11:34:12 +08:00
Wang Yan
742e7ded00
add accessory dao service (#16045)
Signed-off-by: wang yan <wangyan@vmware.com>
2021-12-03 14:34:02 +08:00
Qian Deng
5fc4449450
Merge pull request #16029 from ninjadq/fix_chart_replication_issue
Fix: chart replication dup files issue
2021-12-03 13:47:42 +08:00
Qian Deng
593117a127 Fix: chart replication dup files issue
this patch fixed #15522

Signed-off-by: Qian Deng <dengq@vmware.com>
2021-11-17 11:24:43 +00:00
Wang Yan
a956758302
bump up go version to v1.17 (#15865)
* bump up go version to v1.17

Signed-off-by: Wang Yan <wangyan@vmware.com>

* gofmt fail

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-10-25 17:28:29 +08:00
Rolf Ahrenberg
5f3972f86d
Add configurable timeout for Trivy scans (#15796)
Signed-off-by: Rolf Ahrenberg <Rolf.Ahrenberg@saunalahti.fi>
2021-10-22 14:36:12 +08:00
stonezdj(Daojun Zhang)
c814daa894
Update the jaeger settings in harbor.yaml.tmpl (#15841)
agent default port to 6831

Signed-off-by: stonezdj <stonezdj@gmail.com>
2021-10-22 13:43:28 +08:00
Yurii Paneiko
be1e762b70
For some reason this script hangs on bzip2 presence checking (#15647)
Steps to reproduce:

Clone repo from master branch
Run: make install COMPILETAG=compile_golangimage
Wait until script will check that bzip2 is installed

Signed-off-by: YuriiPaneiko <yurapaneyko@gmail.com>
2021-10-14 20:11:14 +08:00
He Weiwei
b390112f5a
fix: convert severity from negligible to none before saving to db (#15791)
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-10-14 16:02:38 +08:00
stonezdj(Daojun Zhang)
32023891eb
Merge pull request #15675 from stonezdj/21sep22_email_nullable
Allow empty email attribute for ldap/oidc user
2021-10-02 10:33:38 +08:00
stonezdj
06715af303 Allow empty email attribute for ldap/oidc user
Define user.Email as sql.NullString to avoid unique constraint when email is empty in LDAP/OIDC
  Separate the common/models/User with the pkg/user/dao/User
  Fixes #10400
Signed-off-by: stonezdj <stonezdj@gmail.com>
2021-09-30 14:35:18 +08:00
Qian Deng
3c23926bdc Add validation for tracing
* add  validation of tracing in validating process

Signed-off-by: Qian Deng <dengq@vmware.com>
2021-09-27 13:10:55 +00:00
stonezdj(Daojun Zhang)
972fa0880b
Merge pull request #15505 from ninjadq/add_distributed_tracing
Add distributed tracing
2021-09-22 14:16:19 +08:00
Qian Deng
354a2bd80d Enhance the trace related code
* Move request id to requestid middleware
* fix span pass to child ctx on orm
* fix typos
* remove unused code
* add operation name to Transaction

Signed-off-by: Qian Deng <dengq@vmware.com>
2021-09-22 04:14:43 +00:00
Qian Deng
05bc946444
Merge pull request #14383 from XavierDuthil/use-exec-in-entrypoints
Use exec in all components' entrypoints
2021-09-22 10:49:21 +08:00
Qian Deng
bad913cf6d Refactor trace code
* use lib trace helper function
* add gracefull shutdown
* Add commens for new added exposed function
* Add licence on top of new created files
* Update trace library
* Update configs
* Add attribute and namespance in config

Signed-off-by: Qian Deng <dengq@vmware.com>
2021-09-18 10:58:52 +00:00
Qian Deng
6fec5b2873 Add trace to jobservice
* Add trace init in main
* Add env template
* Add trace for router

Signed-off-by: Qian Deng <dengq@vmware.com>
2021-09-18 10:58:52 +00:00
Qian Deng
14095fb10b Add trace to registryctl
* Add trace init to main
* Add trace for http server
* Add trace for gc
* Add env template trace

Signed-off-by: Qian Deng <dengq@vmware.com>
2021-09-18 10:58:52 +00:00
Qian Deng
a15983432c Add trace for core
* Add trace related lib
* Add trace middleware for core
* add rid for middleware

Signed-off-by: Qian Deng <dengq@vmware.com>
2021-09-18 10:58:52 +00:00
Qian Deng
b812a300be Add trace related configs
* Update harbor config template
* Update python config parsing
* Update env template

Signed-off-by: Qian Deng <dengq@vmware.com>
2021-09-18 10:58:52 +00:00
He Weiwei
ecc1a04c92
refactor: implement a lock free quota (#15399)
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-09-17 11:26:37 +08:00
DQ
e4c1521efc Add migration script for harbor 2.4
Signed-off-by: DQ <dengq@vmware.com>
2021-09-16 09:31:39 +00:00
Ziming Zhang
98cef43ead limit replication bandwidth
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2021-09-14 11:23:28 +08:00
Wenkai Yin(尹文开)
3ce072016f
Merge pull request #15527 from sevendials/logrotate_fails_when_cwd_is_not_readable
Logrotate fails when cwd is not accessible
2021-09-13 16:08:23 +08:00
Wang Yan
dbcbc8bad0
bump up go to v1.16.7 (#15564)
Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-09-09 17:58:00 +08:00
Wang Yan
93a078d225
deprecate dns search (#15557)
For details, please refer to https://github.com/goharbor/harbor/issues/14146#issuecomment-793390718
and https://github.com/docker/for-linux/issues/1164.

If anyone encounter the issue mentioned by https://github.com/goharbor/harbor/issues/6031, add the dns_search: . to the releated container.

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-09-08 14:22:59 +08:00
Christopher Jenkins
0585b148c7 Logrotate fails when cwd is not accessible
Logrotate is run with sudo as the syslog user by cron.hourly
The current working directory is `/root` which is inaccessible to the syslog
user so the logrotate command fails. Currently the following stderr is being
thrown away by the cron script:
```
error: cannot open current directory: Permission denied
```

Fixes #15468

Signed-off-by: Christopher Jenkins <christj@gmail.com>
2021-09-01 15:28:30 -07:00
孙世军
67681b1d83
update node version for portal container (#15396)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-08-10 09:14:46 +08:00
stonezdj(Daojun Zhang)
2fa530eefa
Merge pull request #15247 from stonezdj/21jun30_remove_auth_user
Delete users under auth_mode other than db_auth
2021-07-14 13:25:43 +08:00
stonezdj
c163bc8317 Delete users under auth_mode other than db_auth
The following information should cleanup before delete user:
  Delete project member of this user.
  Delete oidc_user when auth_mode is oidc_auth.
  Fixes #8424
  It also removes the deleted user from project member and the deleted condition in the project member query for consistency
Signed-off-by: stonezdj <stonezdj@gmail.com>
2021-07-12 11:31:40 +08:00
Wang Yan
494d74d32d
bump up go version to 1.16 (#15286)
Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-07-08 16:25:15 +08:00
Wang Yan
4017e995b7 roll back go for notary binary
Fixes #14932

Harbor recompiles the notary v0.6.1 with go 1.15 from v2.2.0, which introduces an break change that leads to notary key not found after migration.

[Root cause]
Notary v0.6.1 consumed an old version dvsekhvalnov/jose2, which is not compatible with go 1.15.

[References]
https://github.com/dvsekhvalnov/jose2go/issues/26
https://github.com/golang/go/issues/41089

[Resolve]
To resolve this issue, we have to roll back go vesrion to v1.14 for notary v0.6.1 binary and keep it until upstream have a patch release to support go 1.15 or above.

[Break change]
If you pushed and signed image using Harbor v2.2.0 ~ v2.2.2 and created new repository key in notary, you will encouter the same issue after migrate to v2.2.3(or above) or v2.3.1(or above) because of the go version downgrade. We will have a FAQ to help you to resovle this particular scenario.

The influence path of the particular case:
Harbor v2.1.0(or lower) --> [v2.2.0 ~ v2.2.2] --> v2.2.3(or above)
Harbor v2.1.0(or lower) --> v2.3.0 --> v2.3.1(or above)

The non influence path of the paticular case:
Harbor v2.1.0(or lower) --> v2.2.3(or above)
Harbor v2.1.0(or lower) --> v2.3.1(or above)

[Fix in Version]
Harbor v2.2.3 or above
Harbor v2.3.1 or above

[Note]
If you're a heavy user of notary, avoid using v2.2.0, v2.2.1, v2.2.2 and v2.3.0, and use the fixed version for instead.

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-06-29 16:18:55 +08:00