refactor: refact the notification job API and life process
1. Introduce new APIs for webhook jobs management.
2. Refact legacy APIs for backforward compatible.
3. Migrate the webhook jobs process to unified execution/task framework.
Closes: #18210
Signed-off-by: chlins <chenyuzh@vmware.com>
fixes#17887
enhance the timeout to 5m to avoid system artifact failed to schedule in the helm base installation.
Signed-off-by: Wang Yan <wangyan@vmware.com>
Signed-off-by: Wang Yan <wangyan@vmware.com>
Add configuration session_timeout for API, then user can customize the
timeout from system config page or API. The timeout is 60 minutes by
default.
Signed-off-by: chlins <chenyuzh@vmware.com>
Signed-off-by: chlins <chenyuzh@vmware.com>
Scheduling of system artifact depends on the jobservice, where gorountine is used to avoid the circular dependencies between core and jobservice.
Signed-off-by: Wang Yan <wangyan@vmware.com>
In order to separate the migrate process from core process, add parameter -mode for main function, it can be normal, migrate, skip_migrate.
Signed-off-by: stonezdj <stonezdj@gmail.com>
Define user.Email as sql.NullString to avoid unique constraint when email is empty in LDAP/OIDC
Separate the common/models/User with the pkg/user/dao/User
Fixes#10400
Signed-off-by: stonezdj <stonezdj@gmail.com>
* use lib trace helper function
* add gracefull shutdown
* Add commens for new added exposed function
* Add licence on top of new created files
* Update trace library
* Update configs
* Add attribute and namespance in config
Signed-off-by: Qian Deng <dengq@vmware.com>
1. Use ctx from http request for the readonly middleware.
2. Refactor the AuthenticateHelper to let it get orm from ctx of the http request.
3. Change to use ctx from http request for oidc and authproxy http handlers.
Signed-off-by: He Weiwei <hweiwei@vmware.com>
Fixes#15450
Add paging function to usergroup list/search API
Fix some 500 error when adding LDAP user/group to project member
Signed-off-by: stonezdj <stonezdj@gmail.com>
The init design of this API is to avoid the quota error leads to system disaster.
As quota has been refineded and redis lock has been removed, the API can be deprecated safely.
And this API is only call the DB to refresh quota data, user can call the SyncQuota API to handle this.
Signed-off-by: Wang Yan <wangyan@vmware.com>
update the jwt model to github.com/golang-jwt/jwt
Starting from v3.2.1, the import path has changed from github.com/dgrijalva/jwt-go to github.com/golang-jwt/jwt.
Signed-off-by: Wang Yan <wangyan@vmware.com>
This commit include 2 changes to mitigate and remediate the problem
described in #15241
1. When the token is to be updated in the "oidc_user" table, make sure
only the column "token" will be udpated.
2. Restore the subiss column for the record that has this column cleared
by mistake, by decoding the persisted token.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
There are code in the core component to conditionally execute code based
on the pattern of url path, and different ingress controller or reverse
proxy may handle the dup slashes in the url path differently.
This commit merge dup slashes in the url paths to make things more
consistent.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>