Wang Yan
496a178eb3
fix quota dao sql injection
...
Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-02-10 03:55:59 +08:00
Wang Yan
21d35f9702
update blob list query ( #14195 )
...
* update blob list query
Deprecate blob list parameters, and use the query for instead.
Signed-off-by: wang yan <wangyan@vmware.com>
* update per review comments
Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-02-09 17:08:26 +08:00
Daniel Jiang
7231679373
Use the Email address from DB instead of request ( #14212 )
...
This commit updates the controller for sending reset pwd Email,
to make it use the Email from DB query result.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-02-09 17:04:15 +08:00
He Weiwei
a0561da5ce
test: fix the TestRetryUntil ( #14210 )
...
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-02-09 13:25:22 +08:00
Daniel Jiang
0b2ef922c0
Escape the service and email passed via request ( #14186 )
...
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-02-08 14:34:52 +08:00
Steven Zou
8725fa3af5
Merge pull request #14198 from steven-zou/fix/issue_#14079
...
fix(jobservice):wrong depth of job logging
2021-02-08 11:38:46 +08:00
Steven Zou
21a40467bb
Merge pull request #14187 from ywk253100/210205_recover_cherrypick
...
[cherry-pick]Recover the panic of the process of replication adapter and fix bug of gitlab adapter
2021-02-07 19:51:13 +08:00
Steven Zou
d61e560890
fix(jobservice):wrong depth of job logging
...
- use separate std logger for job, not shared with jobservice std logger
- merge and remove useless functions
Signed-off-by: Steven Zou <szou@vmware.com>
fix #14079
2021-02-07 18:07:02 +08:00
danfengliu
f51bcd9fdf
Merge pull request #14092 from dirkmueller/zip_slip
...
Update oras to 0.9.0 to fix "zip slip" vulnerability
2021-02-07 16:15:11 +08:00
Wenkai Yin(尹文开)
a7a8b6fa28
Merge pull request #14190 from ninjadq/fix_http_ineternl_metric_port
...
Fix metrics template for http mode
2021-02-07 11:11:48 +08:00
DQ
307c5a8ed4
Fix metrics template for http mode
...
the port shouldn't be hardcode
Signed-off-by: DQ <dengq@vmware.com>
2021-02-05 18:44:28 +00:00
Wenkai Yin
cc3e240d56
Recover the panic of the process of replication adapter and fix bug of gitlab adapter
...
Recover the panic of the process of replication adapter
Fix bug of gitlab adapter
Fixes #14153
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2021-02-05 20:21:10 +08:00
Ziming Zhang
ec83f49a1a
fix(retention) migrate sql error
...
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2021-02-05 09:09:26 +00:00
Wang Yan
24ec772978
fix gc migration issue ( #14174 )
...
For the upgrade path v1.10 - v2.1.* - v2.2.0, if user doesn't reset the GC schdule that was created in 1.10 in the v2.1,
the job parameters will keep empty in the database. The fix gives a default value for the schedule record.
Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-02-05 12:25:24 +08:00
He Weiwei
44ba7de738
fix: wrap report vuls record creating in transaction ( #14176 )
...
Make the creating of the ReportVulnerabilityRecord in transaction to
avoid parallel problem
Closes #14171
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-02-05 12:15:52 +08:00
He Weiwei
de97b900cf
fix: remove default execution sweeper count ( #14168 )
...
1. Remove the default execution sweeper count for execution vendor.
2. Set the execution sweeper count for gc, preheat, replication,
retention to 50.
3. Disable sweep for the executions of the scan job.
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-02-05 12:15:15 +08:00
Wenkai Yin(尹文开)
99bc251a13
Merge pull request #14164 from heww/update-report-improve
...
fix: 404 if report not found when updating report
2021-02-04 16:30:18 +08:00
Wang Yan
885a268268
rename permission of robot account ( #14150 )
...
* rename permission of robot account
fixes #14060
Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-02-04 15:32:44 +08:00
He Weiwei
060a282e71
fix: 404 if report not found when updating report
...
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-02-04 07:10:58 +00:00
Wenkai Yin(尹文开)
9cd33ac5e7
Merge pull request #14162 from ywk253100/210204_sweeper
...
[cherry-pick]Ignore the not found error in some cases
2021-02-04 14:05:15 +08:00
Wenkai Yin(尹文开)
c45adabf5d
Merge pull request #14155 from ywk253100/210203_sweeper
...
Ignore the not found error in some cases
2021-02-04 14:02:46 +08:00
Wenkai Yin
0d44d9a2ac
Ignore the not found error in some cases
...
Ignore the not found error in some cases
Fixes #14154
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2021-02-04 11:41:33 +08:00
Will Sun
e51b98b8dd
Fix UI issues with label 2.2.0 ( #14151 )
...
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-02-04 10:32:27 +08:00
Wenkai Yin
027c80ea58
Ignore the not found error in some cases
...
Ignore the not found error in some cases
Fixes #14154
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2021-02-03 20:26:50 +08:00
Wenkai Yin(尹文开)
5144ed6f7a
Merge pull request #14148 from wy65701436/fix-log
...
update adapter log level to debug
2021-02-03 14:05:34 +08:00
Wang Yan
3c9ec4c778
update adapter log level to debug
...
Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-02-03 10:58:05 +08:00
xaleeks
2227bbdd65
Merge pull request #14107 from a-mccarthy/add-release-checklist
...
update RELEASES.md to include release checklist
2021-02-01 23:58:05 -05:00
Steven Zou
4737a394ee
Merge pull request #13947 from shaobo322/fix_improper_spell
...
fix improper spelling
2021-02-01 16:50:02 +08:00
Wenkai Yin(尹文开)
120d88a0dd
Merge pull request #14116 from reasonerjt/reduce-oidc-warning
...
Reduce warning logs in OIDC middleware
2021-02-01 09:55:41 +08:00
Wang Yan
1b85c67f63
fix catalog performance issue ( #14120 )
...
Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-01-31 21:31:21 +08:00
Abigail McCarthy
b655001e34
Small fixes from review
...
Signed-off-by: Abigail McCarthy <mabigail@vmware.com>
2021-01-29 11:27:22 -05:00
Abigail McCarthy
25b154419d
Fix numbers and clarify release expectations
...
Signed-off-by: Abigail McCarthy <mabigail@vmware.com>
2021-01-29 11:23:19 -05:00
Qian Deng
a211b0c9d7
Merge pull request #14126 from ninjadq/fix_unknown_metrics
...
Fix: unkonw metrics issue
2021-01-29 18:59:35 +08:00
DQ
15ad870262
Fix: unkonw metrics issue
...
Signed-off-by: DQ <dengq@vmware.com>
2021-01-29 18:07:06 +08:00
Qian Deng
6d78189dff
Merge pull request #14117 from ninjadq/fix_quota_metric_name
...
Chagne quota usage metric name
2021-01-29 10:36:55 +08:00
danfengliu
b0e54f5a33
Merge pull request #14041 from danfengliu/upgrade-containerd-in-e2e-dockerfile
...
Upgrade containerd in E2E Dockerfile
2021-01-29 09:42:41 +08:00
DQ
eb5e31a442
Chagne quota usage metric name
...
from `harbor_project_usage_byte` to `harbor_project_quota_usage_byte`
Signed-off-by: DQ <dengq@vmware.com>
2021-01-28 18:10:59 +08:00
Daniel Jiang
2dd499bacf
Reduce warning logs in OIDC middleware
...
If the request does not have bearer token in the header, do not decode
the empty string.
Fixes #12261
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-01-28 18:08:28 +08:00
He Weiwei
3ba0d5a590
fix: make a new ctx when start scan all in async
...
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-01-28 09:45:17 +00:00
Qian Deng
30a89f2368
Merge pull request #14112 from ninjadq/internal_tls_fail_early_without_san
...
Add sen existed check for internal cert
2021-01-28 17:28:17 +08:00
Qian Deng
ebe05919be
Merge pull request #14078 from ninjadq/fix_self_registration_metric
...
Fix metric label related things
2021-01-28 17:27:53 +08:00
Qian Deng
6f3774ac8b
Merge pull request #14084 from ninjadq/support_multiple_artifact_type_in_metric
...
Support multiple artifact type in metric
2021-01-28 17:27:16 +08:00
DQ
051b5f289d
Add sen existed check for internal cert
...
fali ealier when there is no san
Signed-off-by: DQ <dengq@vmware.com>
2021-01-28 08:22:07 +00:00
danfengliu
642bb26c39
Fix nightly issues caused by docker upgrade to 20
...
1. Local image should be removed, otherwise docker 20 will not tigger
get manifest request to harbor;
2. E2E image Dockerfile update;
3. Fix nighlty test issue of tag retention, add execution refesh to get
result;
4. Fix nighlty test keyword 'Create An New Project And Go Into
Project' issue that waiting long enough time for list display;
5. Add nightly test case, in GUI, scan result will show if cve id exist in allow list configuration;
6. Move proxy cache test to schdule pipeline, it will save some time for
db pipeline.
Signed-off-by: danfengliu <danfengl@vmware.com>
2021-01-28 11:44:32 +08:00
Abigail McCarthy
593ef8b882
update RELEASES.md to includee release checklist
...
Signed-off-by: Abigail McCarthy <mabigail@vmware.com>
2021-01-27 13:53:51 -05:00
danfengliu
5c9342a338
Merge pull request #14086 from danfengliu/upgrade-to-python3-in-CI-host
...
Upgrade python to v3 in git action CI host
2021-01-27 18:03:35 +08:00
Daniel Jiang
ea76594469
Improve the way config store transforms a value to string
...
This commit provide a better way to transform the value to string when
they are loaded from the driver.
Fixes #14074
However the way the config driver loaded config values and configstore
stores it back and forth seems repetitive and should be optimized.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-01-27 08:41:49 +00:00
Will Sun
fbfc943e8f
Fix UI bugs found in round 2 testing ( #14098 )
...
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-01-27 15:38:17 +08:00
Wenkai Yin(尹文开)
50a1e85095
Make sure the revision of execution isn't null during the upgrade ( #14085 )
...
Make sure the revision of execution isn't null during the upgrade
Fixes #14075
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2021-01-27 10:10:36 +08:00
Dirk Mueller
3ddc44e28b
Update oras to 0.9.0 to fix "zip slip" vulnerability
...
See https://github.com/deislabs/oras/security/advisories/GHSA-g5v4-5x39-vwhx
for details
Signed-off-by: Dirk Mueller <dirk@dmllr.de>
Signed-off-by: Dirk Mueller <dmueller@suse.com>
2021-01-26 20:36:52 +01:00