Wenkai Yin
2156750b04
Move certificate verification to target level
...
The certificate verification is on system level before this commit. Moving it
to target level makes the configuration more flexible for different targets.
2017-10-20 15:36:56 +08:00
Tan Jiang
1871011a5d
Provide Dockerfile and artifacts for building mariadb on photon OS.
...
Also update the docker-compose template such that the notary db instance
will be provisioned via the mariadb-photon image.
2017-10-20 14:41:36 +08:00
Wenkai Yin
66b2d0d3f3
Apply project level policies to standalone Harbor
...
The following features are only enabled in integration mode, this commit moves
these to standalone Harbor:
- Content trust policy: only signed images can be pulled
- Vulnerability policy: only images whose severity is below the threshold can be pulled
- Automatic scan policy: automatic scan pushed images
2017-10-19 17:33:28 +08:00
yixingjia
95743f9a81
Merge pull request #3373 from yixingjia/updatenginx
...
Update nginx images OSS to latest
2017-10-17 22:13:11 -07:00
yixingjia
98472237e5
Merge pull request #3389 from yixingjia/updateadminserver
...
Update OSS packages in adminserver images
2017-10-17 22:12:56 -07:00
yixingj
0f3380c3ef
user change image tag to 20170928
...
due to photon os images 1.0 has bugs.
fallback to 20170928, we shuld change this to 1.0
when the bug fixed.
2017-10-17 16:55:30 +08:00
yixingj
7cf47fafc4
Update docker file
2017-10-17 15:33:07 +08:00
yixingj
882b077d2f
Update OSS packages in adminserver images
...
remove unneeded packages
move to vmware/photon images base
2017-10-17 14:56:34 +08:00
Daniel Jiang
e6874cf9f1
Merge pull request #3383 from reasonerjt/uaa-integration
...
Make the root CA certificate of UAA configurable
2017-10-17 12:20:22 +08:00
Daniel Jiang
b5551af27f
Merge pull request #3382 from ywk253100/171013_rotate
...
Make log rotate days configurable
2017-10-17 11:22:46 +08:00
yixingj
4e9e6b2641
Update adminserver software images
2017-10-17 10:54:00 +08:00
Tan Jiang
eab6b43d99
Make the root CA certificate of UAA should be configurable
2017-10-16 17:40:29 +08:00
Wenkai Yin
bc3d859571
make log rotate days configurable
2017-10-16 17:09:28 +08:00
yixingj
28b60bd197
Update nginx images OSS to latest
...
1>update nginx images OSS to latest
2>Fix nginx version issue
2017-10-13 15:25:19 +08:00
yixingj
3dc0f65fb3
Update OSS in postgresql image
...
1> update OSS in postgresql image
2> update postgresql to 9.6.5
2017-10-12 17:08:47 +08:00
Tan Jiang
51286d9baa
Provide UAA authenticator for password based authentication.
2017-10-07 00:16:53 +08:00
Daniel Jiang
ddaad98526
Merge pull request #3307 from wy65701436/add-build-notary
...
build scripts for notary(signer/server) docker images based on photon 1.0
2017-09-29 17:23:19 +08:00
Daniel Jiang
1bc4db0ec8
Merge pull request #3340 from reasonerjt/k8s-deploy
...
Refine doc, rename script.
2017-09-29 16:42:08 +08:00
Wenkai Yin
b2420c035f
Merge pull request #3336 from ywk253100/170927_pro_policy
...
Implement the default project metadata manager
2017-09-28 17:21:43 +08:00
Tan Jiang
72b9c5f39e
Refine document to add limitation and clarify loading the image, also update the name of prepare script to k8s-prepare, to differentiate the default one.
2017-09-28 16:28:59 +08:00
Wenkai Yin
e495357d98
implement the default project metadata manager
2017-09-28 16:17:51 +08:00
Daniel Jiang
21c4e45cd3
Merge pull request #3302 from reasonerjt/k8s-deploy
...
Refine k8s deployment scripts and document
2017-09-28 13:02:08 +08:00
wangyan
c2e4e9aa1b
remove the binary files from commit, and get them from the private repo.
2017-09-26 17:52:34 +08:00
wangyan
0aac7832eb
automate scripts for notary(signer/server) docker images bases on photon 1.0, code is not based on 0.5.0
...
remove the binary temp folder, just keep on binary path.
2017-09-26 17:21:50 +08:00
Tan Jiang
0615f7ba9b
Refine k8s deployment scripts and document
2017-09-26 13:57:44 +08:00
yixingj
2a53c64c59
move database configuration to HA only seciton
2017-09-25 13:33:45 +08:00
yixingj
6df2623956
Merge branch 'makedatabgaseconfigurable' of github.com:yixingjia/harbor into makedatabgaseconfigurable
2017-09-25 13:31:35 +08:00
yixingj
357004fbf1
Make Harbor database configurable
2017-09-25 13:29:49 +08:00
yixingj
fb690a972f
Make Harbor database configurable
2017-09-22 11:23:08 +08:00
Daniel Jiang
9c6468f963
Merge pull request #3088 from m-masataka/k8s-deploy
...
k8s deployment
2017-09-19 15:22:34 +08:00
yixingj
026e8e7f95
disable nginx buffer
...
When host in low disk status, enable the buffer will cause upload error.
2017-09-01 18:44:13 +08:00
Yan
408c1b429b
update registry image ( #3135 )
...
update
update
2017-08-30 16:13:54 +08:00
yixingjia
8f34945d4b
Merge pull request #3112 from yixingjia/nginx_temp_path
...
Try to fix some wired permission error
2017-08-25 20:32:56 -07:00
yixingj
362bf1a83e
Try to fix some wired permission error
2017-08-24 15:42:20 +08:00
Daniel Jiang
0659edeebc
Merge pull request #2855 from wy65701436/build-registry
...
build registry
2017-08-23 13:58:24 +08:00
Wassim Dhif
70f2865500
use $REGISTRY instead of $4 ( #3103 )
2017-08-22 18:24:34 +08:00
Daniel Jiang
bf8aef8e7e
Merge pull request #3092 from reasonerjt/clair-conf-change
...
Clair conf change
2017-08-22 13:40:18 +08:00
yixingjia
549ad02ac7
Update postgresql to 9.6.4 ( #3093 )
2017-08-21 18:16:57 +08:00
Tan Jiang
c1bbcb5bab
update the interval of clair updater to 12 hours, and update the interval for scan all to 2 hours
2017-08-21 13:45:23 +08:00
root
f9480b92b5
k8s deployment
2017-08-18 18:11:15 +00:00
Wenkai Yin
7296bdc131
increase length of username in database to 256
2017-08-17 15:24:34 +08:00
Daniel Jiang
0b2d7ae6c2
Merge pull request #2973 from reasonerjt/master
...
Enable buffer on nginx
2017-08-07 12:48:24 +08:00
Tan Jiang
885ddfddd0
enable buffer on nginx
2017-08-04 21:22:22 +08:00
Wenkai Yin
232b9ca70c
update the psc token dir
2017-08-02 14:50:49 +08:00
yixingjia
af1b11df2f
Limit clair resource ( #2924 )
...
When run clair full scan it will take more than 60% percent of CPU if no limit
this change to limit clair to use at most 1.5cpu
We can this it to cpus when we move to docker compose3.0
2017-08-02 13:11:26 +08:00
wangyan
efc10127f3
update message
2017-07-26 02:22:03 -07:00
wangyan
c952db3c73
update
2017-07-24 18:32:50 -07:00
wangyan
3f831b2326
update per comments
2017-07-24 17:49:59 -07:00
wangyan
694bbef633
build registry
2017-07-24 03:21:38 -07:00
Yan
686b477775
update registry to 2.6.2 ( #2851 )
...
rm dockerfile
update
add comments
2017-07-24 02:19:32 -07:00
Daniel Jiang
5c8be3502c
Merge pull request #2697 from yixingjia/rsyslog
...
Prepare rsyslog docker based on photon
2017-07-19 18:08:05 +08:00
Wenkai Yin
7573d59624
update token file location
2017-07-19 13:46:10 +08:00
Tan Jiang
629cf29850
The password to access clair db can be configured in harbor.cfg, skip auto-scan if clair-db is not ready
2017-07-17 15:25:47 +08:00
Yan
7040e5ad5a
Clair photon ( #2721 )
...
* update
* update
* modify docker compose
* update tag
* update
2017-07-10 21:00:44 -07:00
Tan Jiang
e1e975096c
add int id for scan overview and revoke the change in beego
2017-07-09 12:37:08 +08:00
yixingjia
326b65ef23
Merge pull request #2700 from yixingjia/upgradeclair
...
Update Clair to 2.0.1
2017-07-06 11:02:56 +08:00
Daniel Jiang
b96770b90a
Merge pull request #2693 from reasonerjt/clair-notification
...
Clair notification handler
2017-07-05 20:18:34 +08:00
Yan
d849c36e3f
Merge pull request #2570 from samifruit514/master
...
Allow 255 chars for Realname
2017-07-05 03:17:57 -07:00
Tan Jiang
8b31715b34
provide Clair notification handler
...
update the timestamp in DB, when handling the notification
2017-07-05 15:35:53 +08:00
yixingj
3d5cd32ee8
Base dockerfile for rsyslog
2017-07-04 17:57:37 +08:00
yixingj
34c812243e
Update Clair to 2.0.1
...
fix the Debian mapping issue.
2017-07-04 17:44:10 +08:00
Yan
2638e3dc7d
Merge pull request #2682 from wy65701436/db-migrate
...
1.2.0 DB migrator
2017-07-03 22:51:31 -07:00
yixingj
2762eec4ed
Prepare rsyslog docker based on photon
2017-07-03 17:57:46 +08:00
Daniel Jiang
1ca1eddb0f
Merge pull request #2676 from yixingjia/nginxonphoton
...
Move nginx to photon OS
2017-07-01 00:08:08 +08:00
wangyan
c986c33a6c
1.2.0 DB migration
...
update
update
2017-06-30 03:01:56 -07:00
Wenkai Yin
bdbdb383ac
update
2017-06-30 16:21:55 +08:00
yixingj
fc50fd51d5
Move nginx to photon OS
2017-06-30 14:03:42 +08:00
Wenkai Yin
84b443e2b2
Merge remote-tracking branch 'upstream/master' into 170628_getpm
...
Conflicts:
src/ui/config/config.go
src/ui/proxy/interceptor_test.go
2017-06-30 00:14:45 +08:00
Wenkai Yin
d6b4330cc8
create a global project manager
2017-06-30 00:08:45 +08:00
yixingjia
b79b80c6ee
Merge pull request #2657 from yixingjia/clairofflinedata
...
Support include offline data on clair startup
2017-06-28 18:01:34 +08:00
yixingj
a23c6ee8c6
Support include offline data on clair startup
2017-06-28 15:45:16 +08:00
Steven Zou
c90dacb0ba
Merge pull request #2648 from steven-zou/master
...
Upgrade UI builder to 1.2.7
2017-06-27 19:26:57 +08:00
yixingjia
a64926231d
Merge pull request #2629 from yixingjia/postgresqlonphoton
...
Update clair postgresql to use photon os
2017-06-27 17:30:26 +08:00
Steven Zou
85db2ad892
fix issue of ui builder image entry command
2017-06-27 13:49:41 +08:00
yixingj
27670742b4
Change version fromat and add init db sql directory
2017-06-26 15:31:34 +08:00
yixingj
e0af9c036f
Update clair postgresql to use photon os
2017-06-26 10:56:29 +08:00
Steven Zou
7c68c1ca69
Enhance script in make/dev/nodeclarity/entrypoint.sh
2017-06-23 18:58:58 +08:00
Steven Zou
a12ec997cc
Fix tooltip cut issue
...
Change Dockerfile of UI builder
2017-06-23 18:58:43 +08:00
Steven Zou
7c0e79d10a
update ui builder to 1.2.6
2017-06-23 18:58:14 +08:00
Steven Zou
deeb37ac87
Update ui building process
2017-06-22 17:09:53 +08:00
Steven Zou
ed1263148f
Merge pull request #2562 from steven-zou/master
...
Refactor harnor portal with sharable components in harbor-ui lib
2017-06-21 16:51:46 +08:00
Archambault, Samuel
18cea61121
Allow 255 chars for Realname
2017-06-19 13:54:21 -04:00
Steven Zou
4d9eeac434
change angualr cli version to 1.2.0
2017-06-19 12:43:43 +08:00
Tan Jiang
15384317e0
add with_clair flag in systeminfo
2017-06-15 16:15:46 +08:00
Daniel Jiang
f61ba725c5
Merge pull request #2505 from wy65701436/master
...
clair integration
2017-06-14 21:02:16 +08:00
wangyan
b71584457f
udpate DB image version
2017-06-14 02:22:26 -07:00
Tan Jiang
ae2d868fd4
handlers for image scan, store results overview in DB
2017-06-13 23:37:54 +08:00
wangyan
02df58b4b6
clair integration
2017-06-13 02:13:24 -07:00
Daniel Jiang
42984fe1c9
refactory for scan job service ( #2459 )
...
* refactory for scan job service and implement ScanJob.
2017-06-08 15:04:23 +08:00
Daniel Jiang
32102c1523
Merge pull request #2332 from vmware/release-1.1.0
...
merge 1.1.0 to master
2017-05-19 07:19:46 -07:00
Daniel Jiang
0b02231093
Update registry img ( #2330 )
...
* update the registry image
* update other yml files and docs to reflect image update
2017-05-19 00:19:27 -07:00
Daniel Jiang
5892ef29c2
Merge pull request #2291 from reasonerjt/vulscan-job-refactory
...
add scan job table and dao functions
2017-05-12 02:45:55 -04:00
Tan Jiang
dcbfb4d309
add scan job table and dao functions
2017-05-11 21:41:57 +08:00
Wenkai Yin
1e28f01365
delete foreign key
2017-05-10 18:28:19 +08:00
Yan
8db1b2807e
Merge pull request #2197 from ywk253100/170502_change_userid
...
Delete column user_id from table access_log
2017-05-10 00:02:54 -07:00
Daniel Jiang
79903ca3f3
Merge pull request #2194 from reasonerjt/create-reverse-proxy
...
create reverse proxy
2017-05-03 15:09:11 +08:00
Wenkai Yin
3be9cca0f5
delete column user_id from table accesslog
2017-05-03 14:18:07 +08:00
Tan Jiang
785298e6b9
create reverseproxy
2017-05-02 20:27:45 +08:00
Wenkai Yin
4eca617916
Merge remote-tracking branch 'upstream/master' into 170427_delete_ownerid
2017-05-02 14:58:36 +08:00
Wenkai Yin
4f9d9ed5d8
delete owner_id column from table repository
2017-05-02 14:57:07 +08:00
kunw
5ed47c0316
Merge release-1.1.0
2017-05-02 13:27:06 +08:00
Tan Jiang
83b9196925
use docker-compose to deploy clair with harbor
2017-04-27 19:13:53 +08:00
Tan Jiang
c3c34ea7c3
set restart policy of notary to 'always'
2017-04-27 17:07:38 +08:00
kunw
eddde3c804
Update for harbor UI builder image.
2017-04-26 16:00:18 +08:00
kunw
ba49eb79f1
Update for ui image building.
2017-04-21 19:34:57 +08:00
wangyan
29845dbcca
add clarity support
2017-04-21 02:08:13 -07:00
Yan
c06abe9b8a
Merge pull request #2026 from wy65701436/1.1.0-document
...
update compile document
2017-04-17 22:16:15 -07:00
wangyan
f41fcdeeb4
update compile document
...
update makefile
update per comments
update document
2017-04-17 04:05:33 -07:00
Haining Henry Zhang
425106524f
update documents ( #2020 )
...
* update change log
* update documents
* update documents
* update AUTHORS
* update README
* update harbor.cfg
2017-04-17 13:46:39 +08:00
wy65701436
20458f88d2
fix mysql image to 5.6.35
2017-04-12 03:47:23 -07:00
Yan
a7d21baebc
Merge branch 'master' into master
2017-04-11 14:19:43 +08:00
wy65701436
91a86faa75
update
2017-04-10 22:33:39 -07:00
wy65701436
ec06bd2073
add crt 0600
2017-04-10 22:06:39 -07:00
Tan Jiang
0471c8ed2c
escape mysql root password
2017-04-11 12:50:13 +08:00
wy65701436
6b2b9cdc83
fix issue 1932
2017-04-09 05:16:52 -07:00
Wenkai Yin
2cdd2bb659
fix word mistake
2017-04-07 18:24:08 +08:00
Tan Jiang
965c7a5e70
reference the patched nginx image
2017-04-07 15:07:46 +08:00
Daniel Jiang
93f5c78b4b
Merge pull request #1948 from ywk253100/170406_secretkey
...
Mount config to another dir, fix #1939
2017-04-07 11:35:58 +08:00
Wenkai Yin
e60fd0530f
mount config to another dir, fix #1939
2017-04-07 09:14:41 +08:00
Tan Jiang
a2726b55a8
Merge remote-tracking branch 'upstream/master' into enable-gzip
2017-04-06 15:28:41 +08:00
Tan Jiang
d527a543bd
enable gzip by default
2017-04-06 14:47:41 +08:00
wy65701436
f6c4137af1
fix issue 1916
2017-04-05 22:53:09 -07:00
Daniel Jiang
7d6d641827
Merge branch 'master' into dev
2017-04-05 17:01:27 +08:00
wy65701436
b827fdd5a5
use gzip to save docker images.
2017-04-04 23:48:29 -07:00
Daniel Jiang
d49a307312
Merge pull request #1868 from reasonerjt/nginx-log-format
...
update nginx log format to include response time
2017-03-30 15:12:30 +08:00
Wenkai Yin
2528ad9c62
Merge pull request #1870 from ywk253100/170330_ca_download_dir
...
Mount ca dir to UI container
2017-03-30 13:52:27 +08:00
Wenkai Yin
ec27e2dc07
remove compress js flag
2017-03-30 12:59:47 +08:00
Wenkai Yin
ee2a6748c0
mount ca dir to container, fix #1829
2017-03-30 12:50:20 +08:00
Tan Jiang
7555dd9d48
update nginx log format to include response time
2017-03-30 12:46:13 +08:00
Tan Jiang
864e0f415e
prepare should remove the temp files generated for creating certificate
2017-03-29 17:08:28 +08:00
Tan Jiang
715d87dc80
fixes #1818
2017-03-28 10:11:13 +08:00
Tan Jiang
851f61032a
Do not generate new alias each time prepare runs
2017-03-24 20:05:13 +08:00
Tan Jiang
a33f4151e2
merge with dev branch
2017-03-24 14:40:34 +08:00
Yan
e2fe74598b
Merge pull request #1776 from wy65701436/dev
...
add -v to docker-compose down
2017-03-24 14:05:48 +08:00
wy65701436
02431de5a4
add -v to docker-compose down
2017-03-23 22:45:01 -07:00
Tan Jiang
3e8d71538f
generate cert for notary signer in prepare,
...
update the default certificates so the subject is formal.
2017-03-24 13:33:49 +08:00
Tan Jiang
90bc280ea1
add a 4443 ssl server to nginx config
2017-03-24 13:16:48 +08:00
Tan Jiang
402a482bc6
generate cert for notary signer in prepare
2017-03-23 21:00:53 +08:00
Tan Jiang
980101eab5
package vmware/registry into offline package
2017-03-23 12:36:36 +08:00
Daniel Jiang
6d013531a7
Merge pull request #1717 from reasonerjt/dev
...
restrict access to notary db
2017-03-23 11:01:01 +08:00
Tan Jiang
44cd3ec85b
update make file and docker compose template
2017-03-22 20:56:08 +08:00
Tan Jiang
f9180c0c96
rebuild registry image on photon
2017-03-22 20:27:15 +08:00
Tan Jiang
3c16d6c1a1
restrict access to notary db
2017-03-22 18:15:16 +08:00
wy65701436
c5633f7ce8
add version support
2017-03-21 04:56:59 -07:00
Daniel Jiang
7f099ebe50
Merge pull request #1703 from reasonerjt/dev
...
Use notary images based on photon, migrate db in notary's images
2017-03-21 19:35:27 +08:00
Tan Jiang
6e09ae89e3
Use notary images based on photon, migrate db in notary's images
2017-03-21 18:46:10 +08:00
Wenkai Yin
383997f785
read capacity from adminserver
2017-03-21 16:28:24 +08:00
Yan
038d7dd90c
Dev new ui ( #1 )
...
* Updates for verfied tags deletion.
* Remove old UI.
* Move i18n folder.
* Updates for latest UI codes.
* make travis with latest dev code.
* update test code
* add cat log
* cat nginx
* cat nginx
* fix template error
* remove --with-notary
* remove controller test
* fix controller test bug
* modify controller test
* debug controller test
* update controller test
* update index title to harbor, discussed with Kun.
* Update package.json
* Merge latest UI changes.
* remove git
2017-03-20 18:51:20 +08:00
Yan
43578a2a6f
Merge pull request #1656 from reasonerjt/dev
...
fix issue in location.conf
2017-03-17 20:03:47 +08:00
Tan Jiang
098d7d5765
fix issue in location.conf
2017-03-17 19:44:54 +08:00
Yan
92d9f8516f
Merge pull request #1626 from ywk253100/170315_registry_upgrade
...
Upgrade registry to 2.6.0
2017-03-17 18:25:22 +08:00
Tan Jiang
9d87279152
fix #1570 , #1628
2017-03-16 16:09:05 +08:00
Wenkai Yin
108aa21499
upgrade registry to 2.6.0
2017-03-16 13:44:16 +08:00
Wenkai Yin
c3626edd42
reset config
2017-03-16 11:27:45 +08:00
kunw
e80840c2d3
Merge remote-tracking branch 'upstream/dev' into dev-revised
2017-03-13 18:23:09 +08:00
Daniel Jiang
f9e8394be9
Merge pull request #1541 from wy65701436/dev
...
to support nortary
2017-03-13 10:45:53 +08:00
wy65701436
fd5a2824b6
update per review.
2017-03-10 02:57:10 -08:00
Tan Jiang
ef906c96d0
provide systeminfo API for UI
2017-03-10 18:53:11 +08:00
kunw
1c2fcc168f
Merge remote-tracking branch 'upstream/dev' into dev-revised
2017-03-10 15:27:35 +08:00
wy65701436
481ba06003
support notary
2017-03-09 03:02:44 -08:00
Tan Jiang
04a5eb6606
notary containers should use syslog as log driver
2017-03-08 17:24:32 +08:00
kunw
f2a1659d96
Merge remote-tracking branch 'upstream/dev' into dev-revised
2017-03-08 15:36:05 +08:00
Aron Parsons
8ab45d439b
label volumes for SELinux
...
allow Harbor to run when dockerd is running with --selinux-enabled
example AVC denials:
type=AVC msg=audit(1488384855.681:154671): avc: denied { read } for pid=454 comm="registry" name="config.yml" dev="dm-8" ino=12583048 scontext=system_u:system_r:svirt_lxc_net_t:s0:c298,c958 tcontext=system_u:object_r:default_t:s0 tclass=file
type=AVC msg=audit(1488384855.681:154671): avc: denied { open } for pid=454 comm="registry" path="/etc/registry/config.yml" dev="dm-8" ino=12583048 scontext=system_u:system_r:svirt_lxc_net_t:s0:c298,c958 tcontext=system_u:object_r:default_t:s0 tclass=file
type=AVC msg=audit(1488384855.687:154672): avc: denied { append } for pid=350 comm=72733A6D61696E20513A526567 name="registry.log" dev="dm-5" ino=4315920 scontext=system_u:system_r:svirt_lxc_net_t:s0:c599,c800 tcontext=system_u:object_r:default_t:s0 tclass=file
type=AVC msg=audit(1488384856.895:154702): avc: denied { remove_name } for pid=708 comm="mysqld" name="4691d4d62464.lower-test" dev="dm-12" ino=402656159 scontext=system_u:system_r:svirt_lxc_net_t:s0:c149,c797 tcontext=system_u:object_r:default_t:s0 tclass=dir
type=AVC msg=audit(1488384856.926:154703): avc: denied { lock } for pid=708 comm="mysqld" path="/var/lib/mysql/ibdata1" dev="dm-12" ino=402656097 scontext=system_u:system_r:svirt_lxc_net_t:s0:c149,c797 tcontext=system_u:object_r:default_t:s0 tclass=file
type=AVC msg=audit(1488384857.958:154736): avc: denied { open } for pid=924 comm="harbor_jobservi" path="/etc/jobservice/app.conf" dev="dm-8" ino=142 scontext=system_u:system_r:svirt_lxc_net_t:s0:c102,c158 tcontext=system_u:object_r:default_t:s0 tclass=file
type=AVC msg=audit(1488384858.089:154737): avc: denied { read } for pid=1017 comm="nginx" name="nginx.conf" dev="dm-8" ino=4194445 scontext=system_u:system_r:svirt_lxc_net_t:s0:c847,c996 tcontext=system_u:object_r:default_t:s0 tclass=file
type=AVC msg=audit(1488384858.089:154737): avc: denied { open } for pid=1017 comm="nginx" path="/etc/nginx/nginx.conf" dev="dm-8" ino=4194445 scontext=system_u:system_r:svirt_lxc_net_t:s0:c847,c996 tcontext=system_u:object_r:default_t:s0 tclass=file
2017-03-03 14:13:39 -05:00
Wenkai Yin
a4cb261df9
read some configs from env
2017-03-02 13:24:41 +08:00
kunw
dbce11ce42
Updates for node clarity build.
2017-03-01 17:14:09 +08:00
kunw
f517502193
Merge remote-tracking branch 'upstream/dev' into dev-revised
2017-02-28 12:17:34 +08:00
kunw
f01569c4dd
Updates for clarity docker-compose files.
2017-02-27 22:07:39 +08:00
Tan Jiang
6454ccfc3a
fix the 'v2' URL conflict issue, and remove the work around in token service code
2017-02-27 21:01:26 +08:00
Wenkai Yin
5b885a7ad6
Merge pull request #1469 from yhua123/dev
...
fix #1332
2017-02-27 19:21:25 +08:00
yhua
9f18c8458b
fix #1332
2017-02-27 18:52:22 +08:00
Steven Zou
2e20a65121
Merge pull request #1458 from wknet123/harbor-clarity-integration
...
Merge Harbor clarity integration to into Dev branch.
2017-02-27 16:20:22 +08:00
kunw
46cef020eb
Rename directory name.
2017-02-27 11:41:46 +08:00
Tan Jiang
7620cd3b86
refactor token service
2017-02-26 19:53:13 +08:00
kunw
23f0ff1ea5
Refactor Harbor Clarity integration code structure.
2017-02-24 17:54:50 +08:00
Wenkai Yin
9f3f48be59
add harbor network to adminserver
2017-02-24 14:35:11 +08:00
kunw
914255d6c2
Updates for docker-compose sources.
2017-02-24 14:12:45 +08:00
Wenkai Yin
414e8a8bcf
Merge remote-tracking branch 'upstream/dev' into 170224_merge_config
...
Conflicts:
make/docker-compose.tpl
src/ui/service/token/authutils.go
2017-02-24 13:52:19 +08:00
Wenkai Yin
a1858098c5
using different secret to mark himself when communicates with other components
2017-02-23 18:24:32 +08:00
Daniel Jiang
ef34b96256
Merge pull request #1422 from ywk253100/170221_secretkey
...
Encrypt the passwords in configuration file
2017-02-23 10:25:39 +08:00
kun wang
f4d35414d2
Merge pull request #1425 from wknet123/harbor-clarity-integration
...
Updates for building node-clarity image.
2017-02-22 18:31:42 +08:00
kunw
bb674ea977
Updates for building node-clarity image.
2017-02-22 18:30:37 +08:00
Wenkai Yin
40eb6bb7d3
encrypt passwords enhancement
2017-02-22 16:59:28 +08:00
kunw
3a621faba3
Fixed some issues and merged latest codes.
2017-02-22 13:03:05 +08:00
Steven Zou
668f39c732
Merge pull request #1419 from wknet123/harbor-clarity-integration
...
Fixed some issues and merged latest codes.
2017-02-22 12:27:28 +08:00
Steven Zou
e829b04f1f
Merge pull request #1407 from wknet123/harbor-clarity-integration
...
Harbor Clarity UI integration.
2017-02-22 11:26:23 +08:00
kunw
3c112f2a2c
Harbor Clarity UI integration.
2017-02-21 14:54:42 +08:00
Wenkai Yin
bf39b3a956
modify Makefile of Harbor based on photon ( #1404 )
...
LGTM
2017-02-21 13:45:12 +08:00
Tan Jiang
8cbfffa9c8
deploy notary within Harbor
2017-02-20 19:31:28 +08:00
Tan Jiang
c3c1b84ed1
preparae --conf instead of -conf
2017-02-20 13:21:29 +08:00
Wenkai Yin
390f89ee0a
encrypt passwords and secret
2017-02-17 18:23:21 +08:00
Daniel Jiang
a17cd5bcfe
add a default network for containers in harbor ( #1384 )
...
LGTM
2017-02-16 14:51:21 +08:00
Wenkai Yin
2e3174f404
update
2017-02-15 15:28:50 +08:00
Wenkai Yin
06519bb3f2
update
2017-02-13 17:17:46 +08:00
Wenkai Yin
6dc6b4fa79
update Makefile
2017-02-10 17:03:21 +08:00
Tan Jiang
27802f7620
Merge branch 'master' into dev
2017-01-24 12:16:53 +08:00
Wenkai Yin
f1f78a5649
update
2017-01-19 17:56:08 +08:00
Kira
00259567a8
update kubernetes deployment
2017-01-16 12:06:35 +08:00
Wenkai Yin
75f660fa77
Merge remote-tracking branch 'upstream/dev' into 161228_config
...
Conflicts:
make/common/templates/ui/env
src/ui/auth/ldap/ldap.go
src/ui/config/config.go
2017-01-12 17:41:14 +08:00
Wenkai Yin
b62a958250
configure harbor
2017-01-12 17:15:32 +08:00
yhua
4c213a8717
remove openldap lib from Dockerfile and support build with offcial golang image(1.7.3)
2017-01-04 17:48:20 +08:00
Ricardo Katz
160e22f0fe
Changes LDAP Library and other LDAP improvements ( #1277 )
...
* Changes LDAP library to go-ldap and creates new ldap timeout directive
* Add support for connection on LDAP using TLS
2016-12-30 16:03:30 +08:00
Wenkai Yin
111638ae8e
Merge pull request #1249 from yhua123/dev-update-registry
...
update registry from 2.5.0 to 2.5.1
2016-12-16 18:03:53 +08:00
Wenkai Yin
3717b37dca
Merge pull request #1251 from yhua123/dev-update-golang
...
upgrade golang baseimage from 1.6.2 to 1.7.3
2016-12-16 17:27:24 +08:00
yhua
0249f2181a
update registry from 2.5.0 to 2.5.1
2016-12-15 16:50:50 +08:00
yhua
10306e784b
upgrade golang baseimage from 1.6.2 to 1.7.3
2016-12-15 13:16:14 +08:00
yhua123
0d09379fb7
Merge branch 'dev' into dev
2016-12-12 15:11:00 +08:00
yhua
90be98bc5d
add 'data_volume' in harbor.cfg
2016-12-12 14:35:28 +08:00
Wenkai Yin
d6d4711700
1.fix issue: deleting repo action will fall in deadlock between two Harbor if they are configured to sync to each other 2. Filter notification request in nginx
2016-12-09 18:10:20 +08:00
dejwsz
719072e0ba
remove rsyslogd.pid before start to allow container restarts
...
This change mitigate problems with container restarts (stop, start) or automatic restart after host machine restart. Rsyslogd strictly checks existence of its pid file and won't start if such one exists.
2016-12-01 15:31:14 +01:00
kunw
dc6d3e552c
Update comment.
2016-11-24 17:50:41 +08:00
kunw
4d916e7127
Update for email_identity setting.
2016-11-24 15:48:36 +08:00
Tan Jiang
b868634007
update version of photon OS to 1.0 in Docker files
2016-11-21 16:15:43 +08:00
Tan Jiang
35407d12db
update TOKEN_URL to TOKEN_ENDPOINT
2016-11-18 16:37:46 +08:00
Wenkai Yin
8523db5427
make cert dir
2016-11-17 16:14:22 +08:00
Wenkai Yin
e4bf4af9ba
mkdir if it does not exist
2016-11-17 15:09:12 +08:00
Wenkai Yin
f867ff42a0
Merge pull request #1099 from ywk253100/161115_https
...
Generate self-signed certificate
2016-11-17 12:59:28 +08:00
Daniel Jiang
ffbe980622
Merge pull request #1101 from reasonerjt/config-refactory
...
Config refactory
2016-11-16 22:00:20 +08:00
Wenkai Yin
ce56ff2fae
generate self-signed certificate
2016-11-16 21:42:31 +08:00
Tan Jiang
5ea0e50f0f
reset to default value in harbor.cfg
2016-11-16 20:42:29 +08:00
Tan Jiang
9d7a18a0a3
fix issue in golint, support project creation restriction at backend
2016-11-16 20:31:04 +08:00
kunw
e367ec24a8
Merge remote-tracking branch 'upstream/dev' into dev-volume-info
2016-11-16 14:23:27 +08:00
Tan Jiang
0e3cb2e3f4
ui config refactory
2016-11-16 13:33:14 +08:00
Tan Jiang
c34b2872bc
config refactory for common pkg
2016-11-16 13:33:14 +08:00
kunw
c1c5ba8157
Update for adding timestamp to JS file name to avoid browser cache.
2016-11-14 18:27:56 +08:00
Daniel Jiang
0025134a91
Merge pull request #1039 from yhua123/dev
...
modify prepare for genrate all common/config files from template
2016-11-11 22:38:44 +08:00
yhua
20873a9d17
remove 2 cert file delete action, already delete previous
2016-11-11 16:08:49 +08:00
Daniel Jiang
a44a399761
Merge pull request #1046 from ywk253100/161109_cert_path
...
Fixes #1002
2016-11-10 08:26:17 +08:00
yhua
f19e19eaf0
move root.crt and private_key.pem to template
2016-11-09 18:21:28 +08:00
Wenkai Yin
5d183da0f9
fixes #1002
2016-11-09 18:12:00 +08:00
kunw
55b98f9abd
Merge remote-tracking branch 'upstream/dev' into dev-volume-info
2016-11-09 14:53:26 +08:00
kun wang
126b7fae55
Merge pull request #1023 from fillet54/add-mail-identity-config
...
Make mail identity configurable
2016-11-09 14:35:09 +08:00
yhua
09b62157cf
modify prepare for genrate all common/config files from template
2016-11-08 17:40:19 +08:00
Daniel Jiang
5a0c203557
Merge pull request #1017 from reasonerjt/dev
...
set secure flag for cookie
2016-11-07 11:01:40 +08:00
Phillip Gomez
0dfce1d837
Make mail identity configurable
...
The identity field parameter passed to smtp.SendMail is now
configurable instead of being hardcoded to 'Mail Config'.
This fixes issue #900
2016-11-06 18:05:46 -08:00
Tan Jiang
b92b1036bf
set secure flag for cookie
2016-11-05 00:08:37 +08:00
Wenkai Yin
018b32a1b4
update nginx in Makefile
2016-11-03 14:48:50 +08:00
Wenkai Yin
4fcfffeb47
upgrade nginx to 1.11.5
2016-11-02 15:49:28 +08:00
kunw
560b41b5e6
Merge remote-tracking branch 'upstream/dev' into dev-volume-info
2016-11-02 12:46:57 +08:00
Tan Jiang
7f55520b27
Merge remote-tracking branch 'upstream/dev' into dev
2016-10-28 22:44:59 +08:00
Tan Jiang
b75844e622
update ciphers for nginx
2016-10-28 18:48:12 +08:00
Daniel Jiang
098643303f
Merge pull request #952 from ywk253100/161026_log_rotate
...
Log rotate
2016-10-28 12:59:54 +08:00
Wenkai Yin
0689935da4
log rotate
2016-10-26 18:26:02 +08:00
yhua
a6e7a6ba45
fix baseimage issue
2016-10-26 13:46:22 +08:00
yhua
03e2a3ee56
remove tag in docker-compose.yml
2016-10-26 13:09:12 +08:00
kunw
811401f40e
Added volume info of UI.
2016-10-25 12:44:27 +08:00
yhua
271787dd94
update for fix #925
2016-10-24 16:51:42 +08:00
yhua
ebc852b7cc
fix #924 #925
2016-10-24 16:48:48 +08:00
yhua
1043ec063d
rm binary
2016-10-24 14:18:56 +08:00
yhua
69797c30f2
fix pushimage, update .gitignore, add DEVFLAG
2016-10-24 14:06:23 +08:00
yhua
311cf8da07
change code 20161019
2016-10-21 18:39:10 +08:00