This commit is to make the expiration of robot account configurable
1, The expiration could be set by system admin in the configuation page or
by /api/config with robot_token_expiration=60, the default value is 30 days.
2, The expiration could be shown in the robot account infor both on UI and API.
Signed-off-by: wang yan <wangyan@vmware.com>
fixes#5863
The migrate binary that we include in notary is quite out dated.
Additionally it introduced a breaking change, more details see #5863
In this commit a go program was added to workaround this issue to ensure the
migration process works, and refined bootstrap scripts and make process accordingly.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
* Support master role for project member create and update apis
Signed-off-by: He Weiwei <hweiwei@vmware.com>
* Fix description for role_id in swagger.yaml
Signed-off-by: He Weiwei <hweiwei@vmware.com>
Rename the "name" colume in table "replication_policy" and "replication_target" before adding the "UNIQUE" constraint to avoid the upgrade failure
Signed-off-by: Wenkai Yin <yinw@vmware.com>
I guess that the purpose of this check is to verify that the container is listening on port 10514. Healthcheck default timeout is 30 sec. In places where the DNS resolver is not working properly, this check could take more than 30 sec, which leads to decide that the container health is unhealthy. I advise you to add to your check the option n, which prevents netstat trying to determine the symbolic host.
Signed-off-by: overdogwatch <overdogwatch@gmail.com>
1. Fix#5102 by checking the existence of name when creating/editing replication rule
2. Add unique constraint to the name of replication policy and target
3. Fix bugs of testing library
Signed-off-by: Wenkai Yin <yinw@vmware.com>
resolve build error 'invalid from flag value 0: repository sha256 not found: does not exist or no pull access'
Signed-off-by: Brett Johnson <brett@sdbrett.com>
Some configuration files and env files contain sensitive information,
they should not be readable by any user by default.
This commit updates the `prepare` script to update the mask of the
rendered files.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
Update the entrypoint to allow the image accept other parms,
to help debug in the future.
If replace "$*" with "$@" only one parm will be passed to dumbinit
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
This commit is to add the clair_version into the harbor images, then clair
will use it in the user-agent, and helpful for the debugging.
Signed-off-by: wang yan <wangyan@vmware.com>
Fixes#6115
As for the change in migration sql file, in 1.7 we'll switch to
jobservice for scheduling "scan all" job. To avoid inconsistency,
this item will be reset and user will need to configure the policy again.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
Modify nginx configuration to use 308 instead of 301 on the http to
https redirect.
Fix problems with some clients on POST requests that are transformed to
GET on 301 redirect (per HTTP 1.1 standard).
See [RFC7538](https://tools.ietf.org/html/rfc7538).
Signed-off-by: Stéphane Albert <sheeprine@oh.its.fake.nullplace.com>
Update the `grep` filter to anchor at the start of the line
and allow for whitespace characters, in order to correctly
determine the hostname being set if the default is merely
commented out and the custom one added, instead of overridden.
Fixes#6117
Signed-off-by: Christian Witts <cwitts@gmail.com>