MinerYang
306e780590
Add autoescape parameter for 2.5 & 2.6 jinja ( #17439 )
...
Signed-off-by: yminer <yminer@vmware.com>
update
2022-08-29 10:22:33 +08:00
Yang Jiao
0ec167a7c1
Add audit log and log rotation test cases ( #17465 )
...
1. Add audit log test case
2. Add log rotation test case
3. Add log rotation schedule test case
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-08-26 18:00:12 +08:00
Shijun Sun
c3e98c8848
Change title for Swagger UI ( #17451 )
...
Signed-off-by: AllForNothing <sshijun@vmware.com>
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-08-24 16:00:26 +08:00
Yang Jiao
1ea2ce6134
Update portal-base and nginx-base Dockerfile.base ( #17442 )
...
Installing nginx 1.22 creates the nginx group and nginx user, so instead
of creating them again, modify them.
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-08-24 14:48:09 +08:00
Shijun Sun
006f495c82
Add WASM filter for artifacts list ( #17447 )
...
Signed-off-by: AllForNothing <sshijun@vmware.com>
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-08-23 17:00:34 +08:00
Shijun Sun
83bce02e61
Refactor swagger ui ( #17428 )
...
Signed-off-by: AllForNothing <sshijun@vmware.com>
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-08-23 12:03:45 +08:00
Soumik Majumder
861ca553df
Add autoescape parameter to jinja environments ( #15770 )
...
Signed-off-by: Soumik Majumder <soumikm@vmware.com>
Signed-off-by: Soumik Majumder <soumikm@vmware.com>
2022-08-23 11:02:16 +08:00
Chenyu Zhang
31a3c6d18c
fix: validate the existence of project for export cve api ( #17437 )
...
Validate the existence of the project for export CVE API handler, return
not found error if the project is not exist.
Closes : #17430
Signed-off-by: chlins <chenyuzh@vmware.com>
2022-08-22 15:44:57 +08:00
Chenyu Zhang
5d7a549620
upgrade: bump up mockery to v2.14.0 ( #17415 )
...
Signed-off-by: chlins <chenyuzh@vmware.com>
2022-08-22 14:21:13 +08:00
Chenyu Zhang
c2a3020e0e
fix: correct description for export cve project parameter ( #17433 )
...
Correct the description for the project parameter of export CVE API in
the swagger.
Closes : #17429
Signed-off-by: chlins <chenyuzh@vmware.com>
2022-08-22 10:51:25 +08:00
Wang Yan
4faab2618e
add an example of harbor systemd service ( #17420 )
...
Dependencies
1, You must have docker with compose plugin installed.
2, You must have the directory /etc/goharbor/harbor in your env.
Tested
1, ubuntu 20.04
Signed-off-by: Wang Yan <wangyan@vmware.com>
2022-08-17 16:53:13 +08:00
MinerYang
c9a61d37e3
adjust golangci-lint installation hint ( #17418 )
...
Signed-off-by: yminer <yminer@vmware.com>
update
2022-08-17 14:55:41 +08:00
Matt Busche
548b27a0c6
Update to latest version of angular ( #17303 )
...
* Update to the latest version of angular
Signed-off-by: Matt Busche <mrbusche@gmail.com>
2022-08-17 11:30:48 +08:00
MinerYang
a272158023
add deprecation msg for chartmsuem and notary ( #17398 )
...
Signed-off-by: yminer <yminer@vmware.com>
adjust msg
adjust typo
adjust
2022-08-17 09:30:15 +08:00
Chenyu Zhang
24d60eb119
enhancement: add error log for create task ( #17397 )
...
Signed-off-by: chlins <chenyuzh@vmware.com>
Signed-off-by: chlins <chenyuzh@vmware.com>
2022-08-16 11:35:05 +08:00
Wang Yan
8e7a630b0d
bump the base version ( #17380 )
...
Update the base version to next minor release, v2.7.0
Signed-off-by: Wang Yan <wangyan@vmware.com>
Signed-off-by: Wang Yan <wangyan@vmware.com>
2022-08-12 14:50:13 +08:00
Yang Jiao
f913b84a01
Update replication and trivy testcases ( #17367 )
...
1 Update replication filter_label_xpath because of this PR #17267 updated xpath
2 Update the Manual Scan All test case, because Scan All will affect other testcases if it is not finished running
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-08-10 18:26:36 +08:00
Shijun Sun
4521189e5e
Improve unit test for sub-accessories component ( #17372 )
...
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-08-10 16:20:55 +08:00
Shijun Sun
423647ea33
Improve input validator for copy-component ( #17310 )
...
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-08-09 12:15:17 +08:00
Shijun Sun
893cb0a655
Fix ui issues found in testing-day-round-2 ( #17357 )
...
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-08-09 12:14:53 +08:00
MinerYang
daf0874ed5
project userid not found log level into debug ( #17343 )
...
Signed-off-by: yminer <yminer@vmware.com>
2022-08-08 14:20:13 +08:00
Chenyu Zhang
1e13999fff
fix: validate export cve request params ( #17341 )
...
1. Validate export cve request params in the API handler
2. Trim space for request in the scan export job
Closes : #17326
Signed-off-by: chlins <chenyuzh@vmware.com>
2022-08-08 11:07:05 +08:00
Chenyu Zhang
49d73fa57d
fix: export cve for image manifest list ( #17333 )
...
1. Fix export cve for image manifest list
2. Remove row_id column in csv file
3. Update cve execution swagger API description
Closes: #17331,#17330,#17335,#17334
Signed-off-by: chlins <chenyuzh@vmware.com>
2022-08-05 20:07:02 +08:00
MinerYang
bd102fbf7d
_version:2.6.0 correction in migration yml jinja ( #17328 )
...
Signed-off-by: yminer <yminer@vmware.com>
2022-08-05 16:54:16 +08:00
prahaladdarkin
c776ea8bfe
Export CVE data Score column empty values ( #17321 )
...
Closes: https://github.com/goharbor/harbor/issues/17189
Signed-off-by: prahaladdarkin <prahaladd@vmware.com>
2022-08-05 10:03:42 +08:00
Chenyu Zhang
41105b5191
docs: add helpful description for cache layer configurations ( #17317 )
...
docs: add helpful description for cache layer configurations in harbor.yml.tmpl
Signed-off-by: chlins <chenyuzh@vmware.com>
2022-08-04 15:14:45 +08:00
Chenyu Zhang
49999ab1c0
fix: replication webhook lost when src namespace different with dest ( #17312 )
...
Fix the replication webhook notification lost when the rule is
pull-based and src namespace different with dest.
Closes : #17298
Signed-off-by: chlins <chenyuzh@vmware.com>
2022-08-04 15:10:19 +08:00
Chenyu Zhang
70a95a9696
fix: reduce the high db cpu usage for tag retention ( #17296 )
...
1. Add two indexes to database migrations.
2. Skip refresh quota in middleware for requests from jobservice.
3. Refresh quota by self in the end of tag retention job.
Closes : #14708
Signed-off-by: chlins <chenyuzh@vmware.com>
2022-08-04 10:08:02 +08:00
Wang Yan
914d9a5526
fix copy artifact accessory quota issue ( #17293 )
...
It needs to request quota for accessory on copying artifact.
Signed-off-by: wang yan <wangyan@vmware.com>
2022-08-03 20:02:20 +08:00
MinerYang
0fbff49eb0
bumpup golang to v1.18.5 ( #17307 )
...
Signed-off-by: yminer <yminer@vmware.com>
2022-08-03 17:44:03 +08:00
lengrongfu
dac3c7b31d
fix: distribution v2.8.0 tag does not match checksum ( #17306 )
...
Signed-off-by: lengrongfu <1275177125@qq.com>
2022-08-03 17:43:37 +08:00
Wang Yan
ebab99613f
update session log level ( #17300 )
...
To avoid too much noise in the core log, udpate the level to debug.
Signed-off-by: Wang Yan <wangyan@vmware.com>
2022-08-03 13:51:26 +08:00
MinerYang
722d1a19ea
update image extra attributes author in labels ( #17291 )
...
update image extra attributes author
Signed-off-by: yminer <yminer@vmware.com>
adding spec comment
Signed-off-by: yminer <yminer@vmware.com>
2022-08-03 11:50:54 +08:00
stonezdj(Daojun Zhang)
66d34c8e0c
Return time.Time{} when cron string is empty ( #17289 )
...
change log level to debug to avoid noise
Signed-off-by: stonezdj <stonezdj@gmail.com>
2022-08-02 15:18:25 +08:00
Shijun Sun
b4f2f170b4
Upgrade Angular dev-tool package ( #17287 )
...
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-08-01 18:10:34 +08:00
MinerYang
1296e7ebf0
Enable staticcheck ( #17286 )
...
enable golangci-lint staticcheck
enable staticcheck in golangci-lint
Signed-off-by: yminer <yminer@vmware.com>
2022-08-01 16:58:51 +08:00
Yang Jiao
1dd2b0bc7c
Add purge audit log API test cases ( #17175 )
...
Added test cases for the following APIs:
1. PUT /system/purgeaudit/{purge_id} Stop the specific purge audit log execution
2. GET /system/purgeaudit/{purge_id} Get purge job status
3. GET /system/purgeaudit/{purge_id}/log Get purge job log
4. PUT /system/purgeaudit/schedule Update purge job's schedule
5. POST /system/purgeaudit/schedule Create a purge job schedule
6. GET /system/purgeaudit/schedule Get purge's schedule
7. GET /system/purgeaudit Get purge job results.
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-08-01 16:52:57 +08:00
Adam
bf741ad381
feature: Use RegisteredClaims instead of deprecated staruct StandardClaims ( #16206 )
...
Signed-off-by: wujw39640 <wujw39640@hundsun.com>
2022-08-01 10:23:47 +08:00
Chenyu Zhang
bbc7282c46
upgrade: bump up beego to 1.12.11 ( #17277 )
...
Signed-off-by: chlins <chenyuzh@vmware.com>
2022-07-31 16:23:28 +08:00
Thomas Maroschik
0559ce7e28
fix: oidc token is not respected in /service/token endpoint ( #16442 )
...
Signed-off-by: Thomas Maroschik <tmaroschik@dfau.de>
2022-07-30 13:01:51 +02:00
Shijun Sun
455ebf51fc
Fix null pointer issue for creating reolication rule ( #17274 )
...
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-07-30 17:17:10 +08:00
Eike David Lenz
0fe5eed55d
fix cve allowlist projectmeta validation ( #15800 )
...
Signed-off-by: Eike David Lenz <e.lenz@mittwald.de>
2022-07-30 16:59:18 +08:00
Shijun Sun
7e7ae7ea1b
Add permission check to CVE export ( #17267 )
...
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-07-29 19:48:39 +08:00
Shijun Sun
04fa3853c9
Fix router issues for UI ( #17235 )
...
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-07-29 19:04:01 +08:00
Chenyu Zhang
bff4e13087
fix: export cve adds resource check and project validation ( #17265 )
...
1. Add resource permission check for API handler
2. Validate export cve params project
3. Optimize friendly human message when execution status is error
Signed-off-by: chlins <chenyuzh@vmware.com>
2022-07-29 19:01:46 +08:00
MinerYang
bd1d441b01
bumpup golang version to v1.18.4 ( #17257 )
...
Signed-off-by: yminer <yminer@vmware.com>
2022-07-29 09:43:01 +08:00
Chenyu Zhang
19e73174e2
refactor: refact codebase of cve export process and filter ( #17254 )
...
1. Refact the scan export FilterProcessor interface
2. Optmize the sql template for export cve report
3. Update the process of cve export job
Signed-off-by: chlins <chenyuzh@vmware.com>
2022-07-28 16:05:12 +08:00
Wang Yan
02c41573d6
fix update robot regression ( #17248 )
...
Only check the project id for the project level robot
Signed-off-by: Wang Yan <wangyan@vmware.com>
2022-07-27 20:13:46 +08:00
MinerYang
f7ebf20d2e
Disable Nydus middleware for v2.6 ( #17233 )
...
disable nydus middleware for v2.6
Signed-off-by: yminer <yminer@vmware.com>
remove nyduus module import in main.go
Signed-off-by: yminer <yminer@vmware.com>
2022-07-27 08:41:33 +08:00
prahaladdarkin
d53af792ad
Fixes for various bugs/issues logged as a part of the test day. ( #17232 )
...
Closes:
* CVE Data Export API IDOR issue
* https://github.com/goharbor/harbor/issues/17199
* https://github.com/goharbor/harbor/issues/17193
* https://github.com/goharbor/harbor/issues/17188
* https://github.com/goharbor/harbor/issues/17184
Signed-off-by: prahaladdarkin <prahaladd@vmware.com>
2022-07-26 16:50:54 +08:00