Commit Graph

11577 Commits

Author SHA1 Message Date
MinerYang
306e780590
Add autoescape parameter for 2.5 & 2.6 jinja (#17439)
Signed-off-by: yminer <yminer@vmware.com>

update
2022-08-29 10:22:33 +08:00
Yang Jiao
0ec167a7c1
Add audit log and log rotation test cases (#17465)
1. Add audit log test case
2. Add log rotation test case
3. Add log rotation schedule test case

Signed-off-by: Yang Jiao <jiaoya@vmware.com>

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-08-26 18:00:12 +08:00
Shijun Sun
c3e98c8848
Change title for Swagger UI (#17451)
Signed-off-by: AllForNothing <sshijun@vmware.com>

Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-08-24 16:00:26 +08:00
Yang Jiao
1ea2ce6134
Update portal-base and nginx-base Dockerfile.base (#17442)
Installing nginx 1.22 creates the nginx group and nginx user, so instead
of creating them again, modify them.

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-08-24 14:48:09 +08:00
Shijun Sun
006f495c82
Add WASM filter for artifacts list (#17447)
Signed-off-by: AllForNothing <sshijun@vmware.com>

Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-08-23 17:00:34 +08:00
Shijun Sun
83bce02e61
Refactor swagger ui (#17428)
Signed-off-by: AllForNothing <sshijun@vmware.com>

Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-08-23 12:03:45 +08:00
Soumik Majumder
861ca553df
Add autoescape parameter to jinja environments (#15770)
Signed-off-by: Soumik Majumder <soumikm@vmware.com>

Signed-off-by: Soumik Majumder <soumikm@vmware.com>
2022-08-23 11:02:16 +08:00
Chenyu Zhang
31a3c6d18c
fix: validate the existence of project for export cve api (#17437)
Validate the existence of the project for export CVE API handler, return
not found error if the project is not exist.

Closes: #17430

Signed-off-by: chlins <chenyuzh@vmware.com>
2022-08-22 15:44:57 +08:00
Chenyu Zhang
5d7a549620
upgrade: bump up mockery to v2.14.0 (#17415)
Signed-off-by: chlins <chenyuzh@vmware.com>
2022-08-22 14:21:13 +08:00
Chenyu Zhang
c2a3020e0e
fix: correct description for export cve project parameter (#17433)
Correct the description for the project parameter of export CVE API in
the swagger.

Closes: #17429

Signed-off-by: chlins <chenyuzh@vmware.com>
2022-08-22 10:51:25 +08:00
Wang Yan
4faab2618e
add an example of harbor systemd service (#17420)
Dependencies
1, You must have docker with compose plugin installed.
2, You must have the directory /etc/goharbor/harbor in your env.

Tested
1, ubuntu 20.04

Signed-off-by: Wang Yan <wangyan@vmware.com>
2022-08-17 16:53:13 +08:00
MinerYang
c9a61d37e3
adjust golangci-lint installation hint (#17418)
Signed-off-by: yminer <yminer@vmware.com>

update
2022-08-17 14:55:41 +08:00
Matt Busche
548b27a0c6
Update to latest version of angular (#17303)
* Update to the latest version of angular

Signed-off-by: Matt Busche <mrbusche@gmail.com>
2022-08-17 11:30:48 +08:00
MinerYang
a272158023
add deprecation msg for chartmsuem and notary (#17398)
Signed-off-by: yminer <yminer@vmware.com>

adjust msg

adjust typo

adjust
2022-08-17 09:30:15 +08:00
Chenyu Zhang
24d60eb119
enhancement: add error log for create task (#17397)
Signed-off-by: chlins <chenyuzh@vmware.com>

Signed-off-by: chlins <chenyuzh@vmware.com>
2022-08-16 11:35:05 +08:00
Wang Yan
8e7a630b0d
bump the base version (#17380)
Update the base version to next minor release, v2.7.0

Signed-off-by: Wang Yan <wangyan@vmware.com>

Signed-off-by: Wang Yan <wangyan@vmware.com>
2022-08-12 14:50:13 +08:00
Yang Jiao
f913b84a01
Update replication and trivy testcases (#17367)
1 Update replication filter_label_xpath because of this PR #17267 updated xpath
2 Update the Manual Scan All test case, because Scan All will affect other testcases if it is not finished running

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-08-10 18:26:36 +08:00
Shijun Sun
4521189e5e
Improve unit test for sub-accessories component (#17372)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-08-10 16:20:55 +08:00
Shijun Sun
423647ea33
Improve input validator for copy-component (#17310)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-08-09 12:15:17 +08:00
Shijun Sun
893cb0a655
Fix ui issues found in testing-day-round-2 (#17357)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-08-09 12:14:53 +08:00
MinerYang
daf0874ed5
project userid not found log level into debug (#17343)
Signed-off-by: yminer <yminer@vmware.com>
2022-08-08 14:20:13 +08:00
Chenyu Zhang
1e13999fff
fix: validate export cve request params (#17341)
1. Validate export cve request params in the API handler
2. Trim space for request in the scan export job

Closes: #17326

Signed-off-by: chlins <chenyuzh@vmware.com>
2022-08-08 11:07:05 +08:00
Chenyu Zhang
49d73fa57d
fix: export cve for image manifest list (#17333)
1. Fix export cve for image manifest list
2. Remove row_id column in csv file
3. Update cve execution swagger API description

Closes: #17331,#17330,#17335,#17334

Signed-off-by: chlins <chenyuzh@vmware.com>
2022-08-05 20:07:02 +08:00
MinerYang
bd102fbf7d
_version:2.6.0 correction in migration yml jinja (#17328)
Signed-off-by: yminer <yminer@vmware.com>
2022-08-05 16:54:16 +08:00
prahaladdarkin
c776ea8bfe
Export CVE data Score column empty values (#17321)
Closes: https://github.com/goharbor/harbor/issues/17189

Signed-off-by: prahaladdarkin <prahaladd@vmware.com>
2022-08-05 10:03:42 +08:00
Chenyu Zhang
41105b5191
docs: add helpful description for cache layer configurations (#17317)
docs: add helpful description for cache layer configurations in harbor.yml.tmpl

Signed-off-by: chlins <chenyuzh@vmware.com>
2022-08-04 15:14:45 +08:00
Chenyu Zhang
49999ab1c0
fix: replication webhook lost when src namespace different with dest (#17312)
Fix the replication webhook notification lost when the rule is
pull-based and src namespace different with dest.

Closes: #17298

Signed-off-by: chlins <chenyuzh@vmware.com>
2022-08-04 15:10:19 +08:00
Chenyu Zhang
70a95a9696
fix: reduce the high db cpu usage for tag retention (#17296)
1. Add two indexes to database migrations.
2. Skip refresh quota in middleware for requests from jobservice.
3. Refresh quota by self in the end of tag retention job.

Closes: #14708

Signed-off-by: chlins <chenyuzh@vmware.com>
2022-08-04 10:08:02 +08:00
Wang Yan
914d9a5526
fix copy artifact accessory quota issue (#17293)
It needs to request quota for accessory on copying artifact.

Signed-off-by: wang yan <wangyan@vmware.com>
2022-08-03 20:02:20 +08:00
MinerYang
0fbff49eb0
bumpup golang to v1.18.5 (#17307)
Signed-off-by: yminer <yminer@vmware.com>
2022-08-03 17:44:03 +08:00
lengrongfu
dac3c7b31d
fix: distribution v2.8.0 tag does not match checksum (#17306)
Signed-off-by: lengrongfu <1275177125@qq.com>
2022-08-03 17:43:37 +08:00
Wang Yan
ebab99613f
update session log level (#17300)
To avoid too much noise in the core log, udpate the level to debug.

Signed-off-by: Wang Yan <wangyan@vmware.com>
2022-08-03 13:51:26 +08:00
MinerYang
722d1a19ea
update image extra attributes author in labels (#17291)
update image extra attributes author

Signed-off-by: yminer <yminer@vmware.com>

adding spec comment

Signed-off-by: yminer <yminer@vmware.com>
2022-08-03 11:50:54 +08:00
stonezdj(Daojun Zhang)
66d34c8e0c
Return time.Time{} when cron string is empty (#17289)
change log level to debug to avoid noise

Signed-off-by: stonezdj <stonezdj@gmail.com>
2022-08-02 15:18:25 +08:00
Shijun Sun
b4f2f170b4
Upgrade Angular dev-tool package (#17287)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-08-01 18:10:34 +08:00
MinerYang
1296e7ebf0
Enable staticcheck (#17286)
enable golangci-lint staticcheck

enable staticcheck in golangci-lint

Signed-off-by: yminer <yminer@vmware.com>
2022-08-01 16:58:51 +08:00
Yang Jiao
1dd2b0bc7c
Add purge audit log API test cases (#17175)
Added test cases for the following APIs:
1. PUT /system/purgeaudit/{purge_id}  Stop the specific purge audit log execution
2. GET /system/purgeaudit/{purge_id}  Get purge job status
3. GET /system/purgeaudit/{purge_id}/log  Get purge job log
4. PUT /system/purgeaudit/schedule   Update purge job's schedule
5. POST /system/purgeaudit/schedule  Create a purge job schedule
6. GET /system/purgeaudit/schedule  Get purge's schedule
7. GET /system/purgeaudit  Get purge job results.

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-08-01 16:52:57 +08:00
Adam
bf741ad381
feature: Use RegisteredClaims instead of deprecated staruct StandardClaims (#16206)
Signed-off-by: wujw39640 <wujw39640@hundsun.com>
2022-08-01 10:23:47 +08:00
Chenyu Zhang
bbc7282c46
upgrade: bump up beego to 1.12.11 (#17277)
Signed-off-by: chlins <chenyuzh@vmware.com>
2022-07-31 16:23:28 +08:00
Thomas Maroschik
0559ce7e28
fix: oidc token is not respected in /service/token endpoint (#16442)
Signed-off-by: Thomas Maroschik <tmaroschik@dfau.de>
2022-07-30 13:01:51 +02:00
Shijun Sun
455ebf51fc
Fix null pointer issue for creating reolication rule (#17274)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-07-30 17:17:10 +08:00
Eike David Lenz
0fe5eed55d
fix cve allowlist projectmeta validation (#15800)
Signed-off-by: Eike David Lenz <e.lenz@mittwald.de>
2022-07-30 16:59:18 +08:00
Shijun Sun
7e7ae7ea1b
Add permission check to CVE export (#17267)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-07-29 19:48:39 +08:00
Shijun Sun
04fa3853c9
Fix router issues for UI (#17235)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-07-29 19:04:01 +08:00
Chenyu Zhang
bff4e13087
fix: export cve adds resource check and project validation (#17265)
1. Add resource permission check for API handler
2. Validate export cve params project
3. Optimize friendly human message when execution status is error

Signed-off-by: chlins <chenyuzh@vmware.com>
2022-07-29 19:01:46 +08:00
MinerYang
bd1d441b01
bumpup golang version to v1.18.4 (#17257)
Signed-off-by: yminer <yminer@vmware.com>
2022-07-29 09:43:01 +08:00
Chenyu Zhang
19e73174e2
refactor: refact codebase of cve export process and filter (#17254)
1. Refact the scan export FilterProcessor interface
2. Optmize the sql template for export cve report
3. Update the process of cve export job

Signed-off-by: chlins <chenyuzh@vmware.com>
2022-07-28 16:05:12 +08:00
Wang Yan
02c41573d6
fix update robot regression (#17248)
Only check the project id for the project level robot

Signed-off-by: Wang Yan <wangyan@vmware.com>
2022-07-27 20:13:46 +08:00
MinerYang
f7ebf20d2e
Disable Nydus middleware for v2.6 (#17233)
disable nydus middleware for v2.6

Signed-off-by: yminer <yminer@vmware.com>

remove nyduus module import in main.go

Signed-off-by: yminer <yminer@vmware.com>
2022-07-27 08:41:33 +08:00
prahaladdarkin
d53af792ad
Fixes for various bugs/issues logged as a part of the test day. (#17232)
Closes:
* CVE Data Export API IDOR issue
* https://github.com/goharbor/harbor/issues/17199
* https://github.com/goharbor/harbor/issues/17193
* https://github.com/goharbor/harbor/issues/17188
* https://github.com/goharbor/harbor/issues/17184

Signed-off-by: prahaladdarkin <prahaladd@vmware.com>
2022-07-26 16:50:54 +08:00