Wenkai Yin
54a1155140
Prevent copying artifact to a proxy cache project
...
Prevent copying artifact to a proxy cache project
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-07-17 15:24:18 +08:00
Wenkai Yin
9493611666
Don't return the error detail back to the client when adding registry
...
Don't return the error detail back to the client when adding registry to avoid security issue
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-07-17 11:58:08 +08:00
danfengliu
af3a638980
Merge pull request #12498 from danfengliu/add-push-based-replication-test
...
Add push-based replication test in nightly
2020-07-17 11:01:38 +08:00
danfengliu
aa43afb601
Add push-based replication test in nightly
...
Signed-off-by: danfengliu <danfengl@vmware.com>
2020-07-16 19:50:42 +08:00
Ziming Zhang
e7c89ce1d9
fix SWR replication adapter pull-based
...
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2020-07-16 19:19:18 +08:00
Daniel Jiang
840aa86dfa
Provide secret manager for proxy cache project
...
This commit provides the secret manager for proxy cache.
The secret is used for pushing blobs to local when it's proxied from
remote registry.
Each secret can be used only once and has a relatively short expiration
time.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-07-16 19:12:52 +08:00
Alvaro Iradier
81a7239c66
Better error handling
...
* Raise an internal error if username claim is not found, instead of just logging a warning
* Don't remove userInfoKey for session on error when it is not required
* Rename "OIDC Username Claim" to just "Username claim"
Signed-off-by: Alvaro Iradier <airadier@gmail.com>
2020-07-16 12:12:08 +02:00
Alvaro Iradier
6f88ff7429
Fix test suite and add test for userClaim
...
Signed-off-by: Alvaro Iradier <airadier@gmail.com>
2020-07-16 12:12:08 +02:00
Alvaro Iradier
714f989759
Add options for automatic onboarding and username claim
...
- Add an option in the UI to enable or disable the automatic user onboarding
- Add an option to specify the claim name where the username is retrieved from.
Signed-off-by: Alvaro Iradier <airadier@gmail.com>
2020-07-16 12:12:08 +02:00
Wang Yan
bad8f026fc
upgrade golang to v1.14.5 ( #12489 )
...
Signed-off-by: wang yan <wangyan@vmware.com>
2020-07-16 16:20:54 +08:00
Wang Yan
d73265d10d
revise gc job to align non blocking gc ( #12439 )
...
two phases:
1, mark, select the gc candidates bases on the DB and mark them as status delete.
2, sweep, select the candidate and mark it as status deleting and remove it from backend and database.
Signed-off-by: wang yan <wangyan@vmware.com>
2020-07-16 14:35:54 +08:00
Steven Zou
4d4a04fad4
Merge pull request #12478 from steven-zou/feat/read_pro_config
...
feat(p2p):enhance policy enforcer
2020-07-16 11:40:29 +08:00
Qian Deng
bd26c294e8
Merge pull request #12341 from ninjadq/support_multi_down_version
...
Enhance: Support multi downversion in migration
2020-07-15 23:39:11 +08:00
Ted Guan
9e7edb7a6e
Fix for project metadata ( #12410 )
...
Signed-off-by: guanxiatao <guanxiatao@corp.netease.com>
2020-07-15 18:46:45 +08:00
Steven Zou
fcfde5a588
feat(p2p):enhance policy enforcer
...
Read security settings from the project configurations and override the preheat policy settings if necessary.
Check the project security settings and override the related settings in the policy if necessary.
NOTES: if the security settings (relevant with signature and vulnerability) are set at the project configuration,
they will have the highest priority and override the related settings of the preheat policy.
e.g (use signature as an example, similar case to vulnerability severity part):
if policy.signature = false and project.config.signature = true; then policy.signature = true
if policy.signature = true and project.config.signature = true; then policy.signature = true
if policy.signature = true and project.config.signature = false; then policy.signature = true
if policy.signature = false and project.config.signature = false; then policy.signature = false
Signed-off-by: Steven Zou <szou@vmware.com>
Signed-off-by: Steven Zou <szou@vmware.com>
2020-07-15 14:18:34 +08:00
He Weiwei
cadcd4b877
Merge pull request #12480 from heww/move-pkg-types
...
refactor(quota): move pkg/types to pkg/quota/types
2020-07-15 11:32:27 +08:00
Daniel Jiang
947eadaa72
Merge pull request #12440 from heww/remove-init-clair-db
...
refactor: remove initialization of clair db
2020-07-15 00:38:12 +08:00
He Weiwei
a22d803a95
refactor(quota): move pkg/types to pkg/quota/types
...
Closes #9664
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-07-14 14:28:53 +00:00
He Weiwei
c000608d55
Merge pull request #12437 from heww/db-max-connections
...
chore(db): change max_connections of postgres to 1024
2020-07-14 17:24:16 +08:00
stonezdj(Daojun Zhang)
00a5f215fb
Merge pull request #12404 from stonezdj/20200615_proxy_forbid_push
...
Add disable push for proxy project
2020-07-14 15:39:19 +08:00
He Weiwei
2a6fe801bc
chore(db): change max_connections of postgres to 1024
...
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-07-14 07:34:37 +00:00
stonezdj
b9c861f3f1
Add disable push for proxy project
...
Add middleware for blob and manifest push operation
Signed-off-by: stonezdj <stonezdj@gmail.com>
2020-07-14 10:13:38 +08:00
疯魔慕薇
f187509a90
Merge pull request #12454 from chlins/feat/list-providers-at-project-level
...
feat(preheat): add list providers under project level handler
2020-07-14 08:17:53 +08:00
stonezdj(Daojun Zhang)
ae2a2683c9
Merge pull request #12274 from stonezdj/20200617_proxy_demo
...
Add proxy cache feature
2020-07-13 22:50:09 +08:00
chlins
7322d0ac7c
feat(preheat): add list providers under project level handler
...
Signed-off-by: chlins <chlins.zhang@gmail.com>
2020-07-13 21:53:50 +08:00
stonezdj
3abe77d6cb
Add proxy cache feature
...
Update route to add proxy related middleware
Add proxy controller
Signed-off-by: stonezdj <stonezdj@gmail.com>
2020-07-13 21:18:43 +08:00
疯魔慕薇
3b43162b6d
Merge pull request #12462 from chlins/feat/preheat-execution-api
...
Feat/preheat execution api
2020-07-13 20:55:12 +08:00
Daniel Jiang
e96165412d
Merge pull request #12432 from ywk253100/200709_allowlist
...
Rename "reuse_sys_cve_whitelist" to "reuse_sys_cve_allowlist"
2020-07-13 16:42:43 +08:00
chlins
08bd46e125
feat: add preheat execution api handler
...
Signed-off-by: chlins <chlins.zhang@gmail.com>
2020-07-13 13:14:08 +08:00
chlins
2863e68718
feat: add task controller
...
Signed-off-by: chlins <chlins.zhang@gmail.com>
2020-07-13 13:02:24 +08:00
Steven Zou
2efc4f230d
Merge pull request #12458 from kofj/add_rbac
...
Enable RBAC control in the preheat API
2020-07-13 12:38:08 +08:00
fanjiankong
a99aa21c8a
Enable RBAC control in the preheat API
...
Signed-off-by: fanjiankong <fanjiankong@tencent.com>
2020-07-13 11:06:25 +08:00
Will Sun
85f53bbfc4
Merge pull request #12459 from AllForNothing/instance-name
...
Query preheat instance by name
2020-07-13 10:59:18 +08:00
AllForNothing
4ec919dfe6
Query preheat instance by name
...
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-07-11 17:41:56 +08:00
Will Sun
ec1ac6dbc8
Merge pull request #12344 from AllForNothing/p2p
...
Add P2p preheat distribution instance UI
2020-07-10 16:01:04 +08:00
Steven Zou
1dfc93c3f6
Merge pull request #12430 from kofj/preheat_and_healthcheck
...
Preheat and healthcheck
2020-07-10 15:17:34 +08:00
Steven Zou
fdff077ff0
Merge pull request #12445 from chlins/fix/preheat-instance-and-policy-name-validation
...
fix(preheat): validate instance/policy name and set unique name
2020-07-10 15:14:44 +08:00
chlins
38d14dff30
fix(preheat): validate instance/policy name, set unique filed and policy
...
manager adds parsePolicy
Signed-off-by: chlins <chlins.zhang@gmail.com>
2020-07-10 10:29:47 +08:00
fanjiankong
080afbfe1b
Add preheat APIs, handlers.
...
1. Manual preheat.
2. Instance health check.
Signed-off-by: fanjiankong <fanjiankong@tencent.com>
2020-07-10 09:48:35 +08:00
He Weiwei
039aef5356
refactor: remove initialization of clair db
...
To fetch vulnerability database updated time of the Clair had moved to
the Clair adapter so removes the initialization of clair db in the core.
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-07-09 15:26:14 +00:00
He Weiwei
9483559d18
Merge pull request #12433 from heww/fix-db-max-open-conns
...
fix(db): set max open conns of sql.DB manually
2020-07-09 17:58:14 +08:00
疯魔慕薇
5d7f757b7b
Merge pull request #12428 from mmpei/official-master-p2p-200708
...
Add P2P trigger event and handler
2020-07-09 15:54:24 +08:00
Steven Zou
82bdce19d6
Merge pull request #12415 from kofj/instance_handler
...
Instance handler.
2020-07-09 12:23:25 +08:00
Steven Zou
77ca209a98
chore(readme):add code scanning badge
2020-07-09 12:19:12 +08:00
He Weiwei
e095958a27
fix(db): set max open conns of sql.DB manually
...
Due to the issues of beego v1.12.1 and v1.12.2, we set the max open conns
ourselves.
Closes #12403
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-07-09 03:35:41 +00:00
peimingming
65c5561032
Add P2P trigger event and handler
...
Signed-off-by: peimingming <peimingming@corp.netease.com>
2020-07-09 11:20:22 +08:00
Wenkai Yin
cd6c1b8c31
Rename "reuse_sys_cve_whitelist" to "reuse_sys_cve_allowlist"
...
Rename "reuse_sys_cve_whitelist" to "reuse_sys_cve_allowlist" in project metadata
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-07-09 11:04:44 +08:00
fanjiankong
8a44ee400d
Instance handler.
...
- Add logic of preheat instance methods without RBAC.
Signed-off-by: fanjiankong <fanjiankong@tencent.com>
2020-07-09 00:01:14 +08:00
Steven Zou
3b2934bf48
Merge pull request #12419 from chlins/feat/p2p-preheat-healthcheck-controller
...
feat(preheat): add healthcheck methods for p2p preheat controller
2020-07-08 23:49:26 +08:00
Steven Zou
d97569832c
Merge pull request #12408 from xaleeks/07072020_docs_create_webhook_permission
...
webhook related permissions correction
2020-07-08 22:20:07 +08:00