Commit Graph

6855 Commits

Author SHA1 Message Date
Daniel Jiang
4f00c0e227 Fix error in swagger doc for ping OIDC API
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2019-07-22 12:52:28 +08:00
Daniel Jiang
96e2e0b145 Add API to ping OIDC endpoint
This commit adds an API to help admin verify the OIDC endpoint is a
valid one.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2019-07-18 19:32:12 +08:00
Daniel Jiang
e0e6a1d30b
Merge pull request #8301 from ninjadq/external_endpoint_support
Add supoort for external endpoint
2019-07-18 01:36:08 +08:00
Qian Deng
739b4723db
Merge pull request #8308 from ninjadq/upgrade_chartmuseum_2_v0_9_0
Upgrade chartmuseum from v0.8.1 to v0.9.0
2019-07-17 16:48:52 +08:00
danfengliu
554b0771fe
Due to adding new feature for white list, xpath of configuration changed, it caused failure of nightly tests, so it should be fixed. (#8307)
Signed-off-by: Danfeng Liu (c) <danfengl@vmware.com>
2019-07-17 16:46:26 +08:00
DQ
6cf4596292 Add supoort for external endpoint
Add config item in harbor.yml
Make fowarding rule configurable

Signed-off-by: DQ <dengq@vmware.com>
2019-07-17 16:23:37 +08:00
Wang Yan
4cdb6fb975
Merge pull request #8239 from bitsf/fix_replication_dockerhub_tls
fix replication dockerhub skip tls
2019-07-17 15:35:29 +08:00
danfengliu
9b61bf4fce
In nightly test case 'list helm chart', delete chart (#8280)
Signed-off-by: danfengliu <danfengl@vmware.com>
2019-07-17 15:32:10 +08:00
Wenkai Yin(尹文开)
a64e089773
Merge pull request #8210 from stonezdj/http_group_dao2
Add HTTP group support
2019-07-17 15:22:36 +08:00
Qian Deng
5cd3594f20 Upgrade chartmuseum from v0.8.1 to v0.9.0
Signed-off-by: Qian Deng <dengqian0826@gmail.com>
2019-07-17 06:45:23 +00:00
Will Sun
8ea339f882
Merge pull request #8297 from AllForNothing/cve-whitelist
modify UT for cve-whitelist UI
2019-07-16 17:14:08 +08:00
stonezdj
bb2ae7c093 Add HTTP group feature
Signed-off-by: stonezdj <stonezdj@gmail.com>
2019-07-16 15:38:46 +08:00
Shijun Sun (c)
140a3da238 modify UT for cve-whitelist UI
Signed-off-by: Shijun Sun (c) <sshijun@vmware.com>
2019-07-16 15:24:15 +08:00
danfengliu
a8300d91e6
Add a nightly test case helm CLI, in this case, we verify help repo add and helm push. (#8240)
Signed-off-by: danfengliu <danfengl@vmware.com>
2019-07-16 14:00:30 +08:00
Will Sun
3cfb626b0d
Merge pull request #8245 from AllForNothing/cve-whitelist
Cve whitelist
2019-07-15 21:22:13 +08:00
Shijun Sun (c)
274ab7bcff add CVE-Whitelist
Signed-off-by: Shijun Sun (c) <sshijun@vmware.com>
2019-07-15 19:47:46 +08:00
De Chen
b7123cd4c2
Merge pull request #8171 from rvanbutselaar/prepare_selinux
Add SELinux label to all volumes inside prepare script
2019-07-15 13:48:24 +08:00
Wang Yan
b98ca7bf0b
Merge pull request #8237 from wy65701436/redis-locker
add redis lock
2019-07-11 20:10:16 +08:00
wang yan
ef14f0cf35 add redis lock, it will be used to lock digest in the quota scenario
Signed-off-by: wang yan <wangyan@vmware.com>
2019-07-11 19:24:24 +08:00
Wenkai Yin(尹文开)
3bebf7bc64
Merge pull request #8238 from reasonerjt/project-cve-whitelist
Enable project level CVE whitelist
2019-07-10 14:41:01 +08:00
jwangyangls
432f08b5b5
Merge pull request #8241 from jwangyangls/fixReplicationLabelFilterbug
Fix bug when no labels
2019-07-10 14:38:51 +08:00
jwangyangls
c73fa851ff
Merge pull request #8221 from jwangyangls/addGroupInhttpMode
Add user group when http auth mode
2019-07-10 14:38:31 +08:00
Yogi_Wang
6ef82d4db9 Fix bug when no labels
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2019-07-10 13:02:34 +08:00
Daniel Jiang
8f5f0031c7 Enable project level CVE whitelist
This commit update the project API to support "reuse_sys_cve_whitelist"
setting in project metadata and "cve_whitelist" in project request.
Also modify the interceptor to support project level CVE whitelist if
the reuse flag is false.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2019-07-08 18:55:54 +08:00
Yogi_Wang
c57087574a Add user group when http auth mode
add the pages  in project and system

Signed-off-by: Yogi_Wang <yawang@vmware.com>
2019-07-08 17:28:38 +08:00
Ziming Zhang
0691a5ad9c fix replication dockerhub tls skip tls
Change-Id: I9584d89cf9bda2b782b0fd556450a81be0fc7510
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2019-07-08 08:17:26 +00:00
danfengliu
fa51ac6406
Add user027 and user028 to ldap service, it was added in ldap_test.ldif for nightly test. (#8158)
Signed-off-by: danfengliu <danfengl@vmware.com>
2019-07-08 15:30:08 +08:00
danfengliu
db012c816d
In nightly test case <Delete Multi Member>, 'action' was clicked, but the dropdown list was't not shown up, so we should add a comfirmation to make sure the expected element show up. (#8146)
Signed-off-by: danfengliu <danfengl@vmware.com>
2019-07-08 15:28:28 +08:00
Wenkai Yin(尹文开)
5f9420a5a7
Merge pull request #8190 from ywk253100/190701_replication
Merge Default ImageRegistry into the native adapter to reduce the duplicate code
2019-07-08 12:47:55 +08:00
Daniel Jiang
c296f0ddfb
Merge pull request #8176 from stonezdj/http_group
Refactor LDAP usergroup
2019-07-08 09:54:31 +08:00
stonezdj
c0ed55445d Refactor LDAP group
Signed-off-by: stonezdj <stonezdj@gmail.com>
2019-07-05 14:44:18 +08:00
Wenkai Yin(尹文开)
0f28fe42fd
Merge pull request #8167 from ywk253100/190622_replication
Support v1 signed media type when do the replication
2019-07-05 14:33:22 +08:00
Wenkai Yin(尹文开)
c01bedb740
Merge pull request #8220 from reasonerjt/oidc-rotation-fix
Reload OIDC provider older than 3 seconds
2019-07-05 10:12:33 +08:00
Daniel Jiang
a75bc027de
Merge pull request #8213 from reasonerjt/oidc-helm-push
Handle helm push in OIDC filter
2019-07-04 15:56:50 +08:00
Daniel Jiang
88a5572f8e Reload OIDC provider older than 3 seconds
This commit make sure the OIDC is more actively recreated, to mitigate
the problem in #8177

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2019-07-04 14:55:34 +08:00
Steven Zou
63e2ce7606
Merge pull request #8209 from steven-zou/fix/enqueuer_schedule_slot
use separate key for the last periodic enqueue data
2019-07-03 21:48:21 +08:00
Steven Zou
8fc693d843
Merge pull request #8208 from steven-zou/fix/enqueuer_ut
fix failure ut case of job service
2019-07-03 17:32:13 +08:00
Daniel Jiang
8a9d352f54 Handle helm push in OIDC filter
Fixes #8130
Enable OIDC filter to handle requests to /api/chartrepo/*

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2019-07-03 17:29:37 +08:00
Steven Zou
b88159e747 use separate key for the last periodic enqueue data
Signed-off-by: Steven Zou <szou@vmware.com>
2019-07-03 17:08:23 +08:00
Daniel Jiang
5d887ad0d8
Merge pull request #8179 from reasonerjt/interceptor-use-whitelist
Apply CVE white list in interceptor
2019-07-03 15:12:33 +08:00
Steven Zou
1002e3ce17 fix failure ut case of job service
Signed-off-by: Steven Zou <szou@vmware.com>
2019-07-03 15:10:41 +08:00
Daniel Jiang
bba4b2a6a4 Apply CVE white list in interceptor
Interceptor will filter the vulnerability in whitelist while calculating
the serverity of an image and determine whether or not to block client
form pulling it.

It will use the system level whitelist in this commit, another commit
will switch to project level whitelist based on setting in a project.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2019-07-03 14:13:00 +08:00
Steven Zou
8bb18e73d2
Merge pull request #8159 from ywk253100/190627_label_filter
Update replication label filter
2019-07-03 13:08:54 +08:00
Wenkai Yin(尹文开)
6528070633
Merge pull request #8155 from markpeek/markpeek-makefile-typos
Fix a couple of error message typos in the Makefile
2019-07-03 10:31:00 +08:00
Wenkai Yin(尹文开)
a5b03fdf52
Merge pull request #8156 from markpeek/markpeek-compile-docs-goversion
Reflect change to golang:1.12.5 in the docs
2019-07-03 10:30:18 +08:00
Daniel Jiang
6f166bc02c
Merge pull request #8154 from markpeek/markpeek-registry-health-check
Switch registry health check to a 200 response url
2019-07-03 10:29:35 +08:00
He Weiwei
d85b1643ae
Merge pull request #8196 from heww/fix-project-member-read-permission
Fix read permission of project member read api
2019-07-02 15:41:19 +08:00
He Weiwei
720dcc72bd Fix read permission of project member read api
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2019-07-02 14:40:46 +08:00
stonezdj(Daojun Zhang)
07b358eff9
Merge pull request #8120 from stonezdj/update_ldap_config_doc
Update LDAP group documents
2019-07-02 13:07:40 +08:00
jwangyangls
02c5823915
Merge pull request #8182 from jwangyangls/fixVulnerabilityWidth
Fix the different width on vulnerability
2019-07-02 11:56:48 +08:00