Upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor.git synced 2024-12-19 23:28:20 +01:00
Code Issues Projects Releases Wiki Activity
6,054 Commits 55 Branches 319 Tags 338 MiB
49aae76205
Commit Graph

519 Commits

Author SHA1 Message Date
Daniel Jiang
49aae76205 Onbard settings for OIDC provider (#7204) 
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2019-03-25 12:24:39 +08:00
Yan
8d3946a0e2
Refactor scan all api (#7120) 
* Refactor scan all api

This commit is to let scan all api using admin job to handle schedule
management. After the PR, GC and scan all share unified code path.

Signed-off-by: wang yan <wangyan@vmware.com>

* update admin job api code according to review comments

Signed-off-by: wang yan <wangyan@vmware.com>

* Update test code and comments per review

Signed-off-by: wang yan <wangyan@vmware.com>
 2019-03-22 17:52:21 +08:00
He Weiwei
79235fffd1 Fix pagination for users and users search apis 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2019-03-21 13:03:30 +08:00
stonezdj(Daojun Zhang)
7060747d5b ldap_url and ldap_base_dn not exist in user config (#7115) 
Signed-off-by: stonezdj <stonezdj@gmail.com>
 2019-03-15 15:20:12 +08:00
wang yan
73d68903d6 update robot account return attribute 
Signed-off-by: wang yan <wangyan@vmware.com>
 2019-03-14 13:57:50 +08:00
stonezdj(Daojun Zhang)
f7745baf30
Merge pull request #6599 from stonezdj/pr6161 
Add new parameter ldap_group_membership_attribute (PR#6161)
 2019-03-07 13:26:26 +08:00
stonezdj
4dfee0c1f0 Remove verify_remote_cert 
Signed-off-by: stonezdj <stonezdj@gmail.com>
 2019-03-05 14:04:10 +08:00
stonezdj
cf134bc80e Add new parameter ldap_group_membership_attribute 
Signed-off-by: stonezdj <stonezdj@gmail.com>
 2019-03-03 10:03:22 +08:00
Daniel Jiang
321874c815 Move Settings of HTTP auth proxy (#7047) 
Previously the settings of HTTP authproxy were set in environment
variable.
This commit move them to the configuration API

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2019-03-01 14:11:14 +08:00
wang yan
91aa67a541 Update expiration variable name to expiresat/tokenduration 
Signed-off-by: wang yan <wangyan@vmware.com>
 2019-02-25 11:55:42 +08:00
wang yan
36a778b482 Update expiration schema to bigint and default unit to minute 
Signed-off-by: wang yan <wangyan@vmware.com>
 2019-02-22 18:42:43 +08:00
wang yan
47a09b5891 add expiration of robot account 
This commit is to make the expiration of robot account configurable

1, The expiration could be set by system admin in the configuation page or
by /api/config with robot_token_expiration=60, the default value is 30 days.
2, The expiration could be shown in the robot account infor both on UI and API.

Signed-off-by: wang yan <wangyan@vmware.com>
 2019-02-22 18:42:34 +08:00
stonezdj(Daojun Zhang)
4cb49e5388
Merge pull request #6963 from stonezdj/remove_container 
Remove everything of adminserver container
 2019-02-22 18:27:43 +08:00
stonezdj
0cba36d79f Remove everything of adminserver 
Signed-off-by: stonezdj <stonezdj@gmail.com>
 2019-02-22 16:34:39 +08:00
Nguyen Quang Huy
eda6c47b3e add signoff for DCO gate (#6981) 
Some variable name, function name is colliding with builtin function.

Signed-off-by: Nguyen Quang Huy <huynq0911@gmail.com>
 2019-02-22 15:00:18 +08:00
Daniel Jiang
321adc8362
Merge pull request #6941 from ywk253100/190213_replication_policy 
Fix #6698: cannot create a same name replication policy after deleting it
 2019-02-21 16:03:55 +08:00
stonezdj
7a5fbf718f Revise code with review comments 
Signed-off-by: stonezdj <stonezdj@gmail.com>
 2019-02-18 15:20:54 +08:00
stonezdj
36e1c13a43 fix ut error in systeminfo_test.go 
Signed-off-by: stonezdj <stonezdj@gmail.com>
 2019-02-18 14:06:19 +08:00
stonezdj
1ae5126bb4 Refactor adminserver stage 3: replace config api and change ut settings 
Signed-off-by: stonezdj <stonezdj@gmail.com>
 2019-02-18 14:06:19 +08:00
Wenkai Yin
530ba1d27b Fix #6698 
This commit fixes the issue #6698: cannot create a same name replication policy after deleting it

Signed-off-by: Wenkai Yin <yinw@vmware.com>
 2019-02-15 15:17:48 +08:00
Daniel Jiang
81639e2110
Merge pull request #6865 from wy65701436/remove-token 
Remove the token attribute from robot table
 2019-02-13 19:23:06 +08:00
Yan
e9556a4cec
Add post response for robot account API (#6906) 
This commit is to do:
1, Add post response on creating robot account
2, Lower-case the attribute of response

Signed-off-by: wang yan <wangyan@vmware.com>
 2019-02-13 14:40:04 +08:00
He Weiwei
1c4b9aa346 Protect API using rbac 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2019-02-01 18:55:06 +08:00
wang yan
5d6a28d73e Remove the token attribute for robot table 
This commit is to remove the token attribute as harbor doesn't store the token in DB.

Signed-off-by: wang yan <wangyan@vmware.com>
 2019-01-30 23:56:23 +08:00
wang yan
f4f4535304 Fix action and resouce of RBAC change 
Signed-off-by: wang yan <wangyan@vmware.com>
 2019-01-29 17:05:15 +08:00
Daniel Jiang
bf663df0e7
Merge pull request #6820 from wy65701436/robot-service 
Add robot account authn & authz implementation
 2019-01-29 16:08:25 +08:00
He Weiwei
6e95b98108 Standard actions for rbac 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2019-01-29 11:59:11 +08:00
He Weiwei
1da0a66fe5
Merge pull request #6781 from heww/user-permissions-api 
Implement api for get current user permissions
 2019-01-29 01:58:51 +08:00
He Weiwei
0ab7c93e16 Replace casbin builtin keyMatch2 with custom match func 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2019-01-29 01:26:38 +08:00
wang yan
2d7ea9c383 update codes per review comments 
Signed-off-by: wang yan <wangyan@vmware.com>
 2019-01-28 21:26:06 +08:00
He Weiwei
8b5e68073d Implement api for get current user permissions 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2019-01-28 18:06:52 +08:00
Yan
71f37fb820 * Add robot account authn & authz implementation. 
This commit is to add the jwt token service, and do the authn & authz for robot account.

Signed-off-by: wang yan <wangyan@vmware.com>
 2019-01-28 17:39:57 +08:00
Daniel Jiang
20db0e737b Provide HTTP authenticator 
An HTTP authenticator verifies the credentials by sending a POST request
to an HTTP endpoint.  After successful authentication he will be
onboarded to Harbor's local DB and assigned a role in a project.

This commit provides the initial implementation.
Currently one limitation is that we don't have clear definition about
how we would "search" a user via this HTTP authenticator, a flag for
"alway onboard" is provided to skip the search, otherwise, a user has
to login first before he can be assigned a role in Harbor.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2019-01-28 15:43:44 +08:00
He Weiwei
3f8e06a8bc Support master role for project member create and update apis (#6780) 
* Support master role for project member create and update apis

Signed-off-by: He Weiwei <hweiwei@vmware.com>

* Fix description for role_id in swagger.yaml

Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2019-01-23 14:56:23 +08:00
He Weiwei
ae061482ae Add Can method to securty.Context interface (#6779) 
* Add Can method to securty.Context interface

Signed-off-by: He Weiwei <hweiwei@vmware.com>

* Improve mockSecurityContext Can method

Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2019-01-23 14:32:37 +08:00
wang yan
903e15235e Update validation and error message per comments 2019-01-17 15:33:05 +08:00
wang yan
4cde11892a update the conflict check with DB unique constrain error message 
Signed-off-by: wang yan <wangyan@vmware.com>
 2019-01-17 13:13:55 +08:00
Yan
1af0f3c3b9 Add API implementation of robot account 
Add API implementation of robot account

1. POST /api/project/pid/robots
2, GET /api/project/pid/robots/id?
3, PUT /api/project/pid/robots/id
4, DELETE /api/project/pid/robots/id

Signed-off-by: wang yan <wangyan@vmware.com>
 2019-01-17 13:13:55 +08:00
He Weiwei
8dab10bbed
Merge pull request #6765 from heww/rename-ram 
Rename ram to rbac
 2019-01-17 11:50:14 +08:00
He Weiwei
bacfe64979 Rename ram to rbac 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2019-01-16 18:20:30 +08:00
Wenkai Yin
f8d9653419
Merge pull request #6737 from ywk253100/190109_health_check 
Implement the unified health check API
 2019-01-16 18:14:14 +08:00
He Weiwei
76bee7a9fc
Merge pull request #6710 from heww/security-by-ram 
Implement current security interfaces using ram
 2019-01-16 17:47:13 +08:00
Wenkai Yin
be4455ec1b Implement the unified health check API 
The commit implements an unified health check API for all Harbor services

Signed-off-by: Wenkai Yin <yinw@vmware.com>
 2019-01-16 17:21:04 +08:00
He Weiwei
ebd26c0105 Implement current security interfaces using ram 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2019-01-16 16:08:17 +08:00
Steven Zou
464bdf71cd
Merge pull request #6727 from wy65701436/robot-dao 
Add dao of robot account
 2019-01-14 19:34:23 +08:00
wang yan
d349c256e8 add support for query nil 
Signed-off-by: wang yan <wangyan@vmware.com>
 2019-01-11 16:19:42 +08:00
Daniel Jiang
a1d4bfd332
Merge pull request #6344 from reasonerjt/bump-up-golang 
Bump up golang to 1.11.2
 2019-01-11 16:15:59 +08:00
Daniel Jiang
5d59d6fab8 Bump up golang to 1.11.2 
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2019-01-11 14:44:32 +08:00
wang yan
6bd6fbd4ad Add fuzzy match and delete funt per review comments 
Signed-off-by: wang yan <wangyan@vmware.com>
 2019-01-11 14:26:49 +08:00
wang yan
c6ae1388ec Add dao of robot account 
Signed-off-by: wang yan <wangyan@vmware.com>
 2019-01-10 14:51:33 +08:00