Commit Graph

9656 Commits

Author SHA1 Message Date
DQ
f70339870a Enhance: Create shared to store shared ca
this shared ca will mount to all harbor components

Signed-off-by: DQ <dengq@vmware.com>
2020-04-28 02:58:11 +08:00
guanxiatao
f96cfab100 Table notification_policy fix when updgrding to 2.0
Signed-off-by: guanxiatao <guanxiatao@corp.netease.com>
2020-04-27 20:13:46 +08:00
Wang Yan
add8dedc90
Fix the database upgrade issue (#11766)
It's a workaround for issue https://github.com/goharbor/harbor/issues/11754

The phenomenon is the repository data is gone, but artifacts belong to the repository are still there.
To resolve it, just set the repository_id to a negative, and cannot duplicate.

Signed-off-by: wang yan <wangyan@vmware.com>
2020-04-27 17:28:36 +08:00
Daniel Jiang
87f006d3a9
Merge pull request #11755 from reasonerjt/token-service-core-url
v2 auth middleware handles the ping request from internal
2020-04-27 15:04:10 +08:00
stonezdj(Daojun Zhang)
fb90bc23f2
Merge pull request #11757 from heww/fix-issue-11692
feat(scan): support to scan artifact automatic after it pushed
2020-04-27 12:08:06 +08:00
Daniel Jiang
ef008fd4cf
Merge pull request #11751 from wy65701436/fixes-11744
fix return code on getting non exist manifest
2020-04-27 12:06:37 +08:00
Will Sun
be54e644e7
Merge pull request #11749 from AllForNothing/replication
Destination namespace should support slash
2020-04-27 11:40:32 +08:00
DQ
90faf700f8 Enhance: output the stdout of gen cert script
use popen replace check_all

Signed-off-by: DQ <dengq@vmware.com>
2020-04-27 10:43:22 +08:00
Daniel Jiang
fe587d0cc8 v2 auth middleware handles the ping request from internal
When scanner like trivy handles the auth flow to pull image, it pings
the /v2 and access the token service url in response body, by default it
will be external endpoint of Harbor.
There will be problem when Harbor is deployed on a single node with hairpinning not
supported.

This commit makes sure the address of token service in the challenge is
internal url of core component when the request is from internal.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-04-27 00:54:49 +08:00
He Weiwei
bc1f7b8079 feat(scan): support to scan artifact automatic after it pushed
Closes #11692

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-04-26 15:56:58 +00:00
wang yan
c4c279089a fix return code on getting non exist manifest
It's found by conformance test, it should be 404 instead of 500 when to get a non exist manifest

Signed-off-by: wang yan <wangyan@vmware.com>
2020-04-26 23:31:11 +08:00
AllForNothing
fd65520fa0 dESTInation namespace should support slash
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-04-26 17:24:15 +08:00
Steven Zou
06d955c6e3
Merge pull request #11737 from steven-zou/fix/issue_#11720
fix(jobservice):fix job stats NOT_FOUND issue
2020-04-26 16:56:25 +08:00
Wang Yan
8d5fc4c752
Fix delete repository event issue (#11722)
In the delete repository scenario, the repository has already been removed from the DB, the repository cannot be retrived.
Just let the creation time as empty.

Signed-off-by: wang yan <wangyan@vmware.com>
2020-04-26 16:51:13 +08:00
Steven Zou
0ccea49c18 fix(jobservice):fix job stats NOT_FOUND issue
Signed-off-by: Steven Zou <szou@vmware.com>
2020-04-26 16:23:10 +08:00
Daniel Jiang
c28f6bd6ff
Merge pull request #11738 from bitsf/retention_not_retry
fix(retention) not retry retention job
2020-04-26 15:34:34 +08:00
Daniel Jiang
0c01484489
Merge pull request #11734 from ninjadq/fix_chart_absolute_url
Fix chart museum absolute url issue
2020-04-26 15:29:52 +08:00
Ziming Zhang
97a7a6dc35 fix(retention) fix retention repository with slash
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2020-04-26 15:07:25 +08:00
Ziming Zhang
601ce08660 fix(retention) not retry retention job
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2020-04-26 14:33:21 +08:00
Ziming Zhang
6dfe504325 fix(retention) add extras field to retention swagger
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2020-04-26 14:29:11 +08:00
DQ
026e37e777 Fix chart museum absolute url issue
if absolute url is enabled return true else set it to false

Signed-off-by: DQ <dengq@vmware.com>
2020-04-26 13:04:29 +08:00
Ziming Zhang
257924856c fix(retention) fix empty pull time log
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2020-04-26 11:56:26 +08:00
Daniel Jiang
f2d5f4e256
Merge pull request #11628 from reasonerjt/doc-refactor-master
Refactor the structure of docs directory
2020-04-24 22:45:40 +08:00
jwangyangls
0460e40a28
Merge pull request #11680 from jwangyangls/200421-fix-issue-2.0
[Fixed] Fix issue #11334 #11252 #11191
2020-04-24 17:46:22 +08:00
Will Sun
ae9f8f6d5d
Merge pull request #11717 from AllForNothing/testing-3
Fix bugs for testing kick 3
2020-04-24 17:43:58 +08:00
AllForNothing
432f5512d8 Fix bugs for testing kick 3
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-04-24 17:11:34 +08:00
Yogi_Wang
7bb7c2c868 [Fixed] Fix issue #11334 #11252 #11191
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2020-04-24 16:38:59 +08:00
Qian Deng
f59d0737cd
Merge pull request #11688 from ninjadq/remove_mtls_config_option
Hidden veriify client cert verfiy option
2020-04-24 10:50:34 +08:00
Daniel Jiang
b140a58a9a
Merge pull request #11693 from reasonerjt/admin-check-userExistence
Allow sys admin to call /c/UserExists
2020-04-24 00:55:26 +08:00
Daniel Jiang
447ec13527 Allow sys admin to call /c/UserExists
The commit fix a regression introduced by #11672 which impacts admin
adding new users.
When admin is creating new users, /c/UserExists is called by UI. We must
allow it called by admin when self-registration is turned off.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-04-23 11:40:54 +08:00
DQ
599ca98c09 Hidden veriify client cert verfiy option
Remove to avoid replication access core from external_url issue

Signed-off-by: DQ <dengq@vmware.com>
2020-04-23 10:14:36 +08:00
Will Sun
7d784ef02f
Merge pull request #11674 from AllForNothing/more-ut
Add more UT
2020-04-22 17:13:20 +08:00
Daniel Jiang
4a292bf1ab
Merge pull request #11346 from reasonerjt/rm-notary-signer-certs
Remove the certs of notary signer
2020-04-21 15:17:17 +08:00
Wang Yan
619345200f
Bump up clair version to v2.1.2 (#11675)
Clair v2.1.2 has been released to fix the RHEL updater issue.
https://github.com/quay/clair/releases/tag/v2.1.2

Signed-off-by: wang yan <wangyan@vmware.com>
2020-04-21 15:11:25 +08:00
Ziming Zhang
41e8bb91ce fix some cicd problems
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2020-04-21 14:34:45 +08:00
Daniel Jiang
2ecf0425a4 Remove the certs of notary signer
Since `prepare` generates the certs as needed during installation, these
certs should not exist in the repo.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-04-21 13:20:19 +08:00
Daniel Jiang
4c41ac81d9
Merge pull request #11672 from reasonerjt/restrict-userexists
Enable userExists only when self-registration is turned on.
2020-04-21 13:19:20 +08:00
mmpei
4b6196a00d
fix slack rate limit issue (#11623)
Signed-off-by: peimingming <peimingming@corp.netease.com>
2020-04-21 11:44:58 +08:00
AllForNothing
0c5d3cc899 Add more UT
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-04-21 09:54:32 +08:00
jonasrosland
48966f4364 Move 1.10 docs into the main docs folder
Signed-off-by: jonasrosland <jrosland@vmware.com>
2020-04-21 00:29:25 +08:00
Daniel Jiang
b52a698469 Rename the folder name for docs to be published on webite
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-04-21 00:29:24 +08:00
Daniel Jiang
201955c2fb Enable userExists only when self-registration is turned on.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-04-21 00:17:12 +08:00
Wang Yan
ff2a7e61c9
fix catalog api issue (#11666)
The v2 catalog API needs to filter out the empty repository and the repository which artifacts are all with no tags.

1,In v2.0.0, Harbor does not delete repository even there is no artifact, it's different with v1.10.0
2, Compares with docker distribution, it doesn't return the respository with untagged images.

Signed-off-by: wang yan <wangyan@vmware.com>
2020-04-20 23:37:16 +08:00
Daniel Jiang
b747fdb68d
Merge pull request #11660 from ninjadq/add_tls_12_min_version_for_registry
Add tls 12 min version for registry
2020-04-20 22:43:52 +08:00
DQ
e0b98685f3 Add comments for new tls transport
To explain why use this to avoid replication hang forever issue

Signed-off-by: DQ <dengq@vmware.com>
2020-04-20 19:19:15 +08:00
DQ
b728f04d0a Fix tls min version for registry
cert,key,mintls should in the same context

Signed-off-by: DQ <dengq@vmware.com>
2020-04-20 19:19:15 +08:00
danfengliu
dbc1f17919
Merge pull request #11667 from danfengliu/clean-gitaction-and-add-tag-for-pytest
Clean up gitaction env and add tag for pytest
2020-04-20 18:49:13 +08:00
danfengliu
fdded0744a Clean up gitaction env and add tag for pytest
1. Add docker prune cmd to release some space;
2. Add tag for pytest in case of debugging requirement;
3. Replace image to smaller size in robot account pytest;

Signed-off-by: danfengliu <danfengl@vmware.com>
2020-04-20 18:19:28 +08:00
jwangyangls
e93bd75d38
Merge pull request #11649 from jwangyangls/fix-signed-issue
[Fixed] Fix issue when delete signed tag
2020-04-17 16:54:42 +08:00
Yogi_Wang
cd98a7a9b6 [Fixed] Fix issue when delete signed tag
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2020-04-17 16:04:16 +08:00