Upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor.git synced 2024-12-02 07:03:35 +01:00
Code Issues Projects Releases Wiki Activity
11,181 Commits 53 Branches 317 Tags 335 MiB
584245ec4d
Commit Graph

5314 Commits

Author SHA1 Message Date
stonezdj(Daojun Zhang)
1971e5a3ef
Merge pull request #16462 from stonezdj/22mar3_withnotary_jobservice 
The DB config manager is not init on jobservice call config.WithNotary
 2022-03-03 16:04:11 +08:00
stonezdj
5618f6d211 The DB config manager is not init on jobservice to call config.WithNotary 
Make func defaultMgr() public
  Set DefaultCfgManager to RestCfgManager and Load it in the jobservice main
  config.WithNotary call DefaultMgr(), it wil get the RestCfgManager
  Fixes #16418

Signed-off-by: stonezdj <stonezdj@gmail.com>
 2022-03-03 14:42:56 +08:00
孙世军
75bc82e5f3
Fix ui issues found on testing day (#16444) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2022-03-03 10:06:28 +08:00
孙世军
eca5f48adb
Upgrade swagger-ui to the latest version (#16443) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2022-03-02 14:47:36 +08:00
stonezdj(Daojun Zhang)
8c698325b5
Merge pull request #16424 from stonezdj/22feb24_trace_failure 
Add IP and agent in trace for failed login
 2022-03-02 11:46:32 +08:00
MinerYang
848efd067d
bump up github.com/docker/distribution to v2.8.0+incompatible (#16435) 
Signed-off-by: yminer <yminer@vmmware.com>

rgoo mod vendor

Signed-off-by: yminer <yminer@vmmware.com>

Co-authored-by: yminer <yminer@vmmware.com>
 2022-03-01 17:29:02 +08:00
stonezdj
7aed95eda9 Add IP and agent in trace for failed login 
Fixes #16423

Signed-off-by: stonezdj <stonezdj@gmail.com>
 2022-02-28 15:17:55 +08:00
He Weiwei
abd85284d2
feat: merge local and remote tags for repo of proxy cache project in list API (#16394) 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2022-02-24 10:27:45 +08:00
Wang Yan
6ef4874011
fix replicate reference accessory (#16401) 
fixes #16375

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2022-02-23 21:24:15 +08:00
Chenyu Zhang
490fe4e5b3
fix: ignore untagged artifact when perform immutable policy (#16386) 
Signed-off-by: chlins <chenyuzh@vmware.com>
 2022-02-22 15:18:29 +08:00
Wang Yan
8d05007eb5
fix accessory copy for index (#16378) 
When issue an copy, it has to copy the reference's accessory as well

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2022-02-17 12:43:09 +08:00
Chenyu Zhang
1e211db540
Merge pull request #16374 from chlins/fix/codeql-alerts-2 
fix: trim linebreaks for log parameters
 2022-02-17 09:56:46 +08:00
Chenyu Zhang
9d1e788f8f
Merge pull request #16352 from chlins/fix/exporter-cmd-typo 
fix: correct typo in exporter cmd
 2022-02-17 09:43:27 +08:00
chlins
3d7a5064e9 fix: trim linebreaks for log parameters 
Signed-off-by: chlins <chenyuzh@vmware.com>
 2022-02-16 10:52:58 +08:00
孙世军
fd92efe140
Upgrade karma and angular devkit (#16366) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2022-02-15 20:24:29 +08:00
Chenyu Zhang
7d10dac4bc
Merge pull request #16359 from chlins/fix/codeql-alerts 
fix: fix codeql alerts
 2022-02-15 18:54:16 +08:00
chlins
b37a987073 fix: fix codeql alerts 
Signed-off-by: chlins <chenyuzh@vmware.com>
 2022-02-15 17:25:02 +08:00
stonezdj(Daojun Zhang)
79edbf8f82
Merge pull request #16272 from stonezdj/22jan24_improve_upgrade_process 
Improve the migrate process
 2022-02-14 16:35:35 +08:00
stonezdj
478d21687b Improve the migrate process 
In order to separate the migrate process from core process, add parameter -mode for main function, it can be normal, migrate, skip_migrate.
Signed-off-by: stonezdj <stonezdj@gmail.com>
 2022-02-14 13:15:18 +08:00
chlins
d2124ce469 fix: correct typo in exporter cmd 
Signed-off-by: chlins <chenyuzh@vmware.com>
 2022-02-11 15:28:02 +08:00
stonezdj(Daojun Zhang)
02e13390e0
Remove noise in log (#16333) 
DB Config Manager could be registered twice if need to enable cache
  Get trace config only when the trace is enabled

Signed-off-by: stonezdj <stonezdj@gmail.com>
 2022-02-10 15:42:45 +08:00
Chenyu Zhang
4ef2d65451
Merge pull request #16286 from chlins/fix/skip-replication-for-proxy-cache 
fix: skip replication to proxy cache project
 2022-02-07 17:06:03 +08:00
Wang Yan
93c0e572a0
fix 16224 (#16307) 
fixes #16224, deny the request to scan an accessory.

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2022-01-30 03:03:39 +08:00
Wang Yan
cda127c27e
bump up containerd to 1.5.9 (#16316) 
Signed-off-by: Wang Yan <wangyan@vmware.com>
 2022-01-29 18:00:23 +08:00
孙世军
1cbdeb0b64
Improve UI style (#16314) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2022-01-29 14:16:46 +08:00
孙世军
88fd4feef5
Add list tag permission for robot account (#16311) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2022-01-28 14:22:37 +08:00
孙世军
45d9ece105
Modify CVSS3 column for cve datagrid (#16298) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2022-01-28 11:46:28 +08:00
Wang Yan
2275c6e969
fix accessory lost tags (#16304) 
It needs to copy tags for the accessories.

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2022-01-28 10:44:29 +08:00
孙世军
241391984b
Add delete repo permission for robot account (#16297) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2022-01-27 13:04:18 +08:00
He Weiwei
8554b7d7c5
refactor: replace lib/pq with jackc/pgx (#16267) 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2022-01-27 11:09:37 +08:00
Wang Yan
0a183feab6
add cosign support in replication (#16282) 
For the case Harbor-to-Harbor, the accessory can be replicated from source or to target.

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2022-01-26 21:35:17 +08:00
chlins
b1afd2efb0 fix: skip replication to proxy cache project 
Signed-off-by: chlins <chenyuzh@vmware.com>
 2022-01-26 17:24:39 +08:00
孙世军
c9af6c0c35
Improve tooltips for LDAP group config (#16280) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2022-01-25 15:43:21 +08:00
Daniel Jiang
60189f2cef
Merge pull request #16181 from JoooostB/16180-oidc-auto-onboard 
Store Username in auto-onboard flow (resolves #16180)
 2022-01-25 11:00:38 +08:00
stonezdj(Daojun Zhang)
307b8973ce
Merge pull request #16260 from stonezdj/22jan21_ldap_group_duplicate 
Group members lose access to push or see projects on Harbor
 2022-01-25 10:15:54 +08:00
Joost Buskermolen
c103a6e9ef
fix: Store Username in auto-onboard flow 
Signed-off-by: Joost Buskermolen <joost@buskervezel.nl>

fix: Remove conditional & elaborate comment on fix

Signed-off-by: Joost Buskermolen <joost@buskervezel.nl>

Add conditional to res.Username override

Signed-off-by: Joost Buskermolen <joost@buskervezel.nl>

test: Set Username based on configured UserClaim

Signed-off-by: Joost Buskermolen <joost@buskervezel.nl>

fix: Remove breaking conditional
Username may be set already if the token has a name claim.
Username is should always be set as the autoOnboard setting.

Signed-off-by: Joost Buskermolen <joost@buskervezel.nl>

Remove conditional altogether
autoOnboardUsername should always be the same as Username

Signed-off-by: Joost Buskermolen <joost@buskervezel.nl>
 2022-01-24 14:38:23 +01:00
stonezdj
20526c5c52 Group members lose access to push or see projects on Harbor 
Handle the case if there is duplicate user group name when onboard ldap user group
   Continue to attach groups when it fail on one item
   Fixes #16220

Signed-off-by: stonezdj <stonezdj@gmail.com>
 2022-01-22 15:07:34 +08:00
孙世军
feeb54e5f8
upgrade ngx-markdown to the latest version (#16251) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2022-01-20 15:37:33 +08:00
chlins
ed4d9a533e fix: add worker pool for execution sweep to limit workers 
Signed-off-by: chlins <chenyuzh@vmware.com>
 2022-01-20 10:45:00 +08:00
Wang Yan
cd8d48794a
update pull policy code (#16237) 
Reduce the DB call on pulling artifact with policy disabled

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2022-01-17 21:55:20 +08:00
Wang Yan
0b4f98074e
fix cosign conflict error on landing data (#16228) 
Cosign client will generate the same signature to the same manifest, ignore the conflict error in middleware

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2022-01-17 19:09:56 +08:00
Wang Yan
01c6f6084b
modify artifact copy api to support cosign (#16194) 
Signed-off-by: Wang Yan <wangyan@vmware.com>
 2022-01-17 15:52:14 +08:00
孙世军
8f77567589
Upgrade UI dependencies (#16233) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2022-01-17 14:20:20 +08:00
孙世军
cc1a204a6b
Encode repo name for deleting accessory (#16234) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2022-01-17 14:19:19 +08:00
孙世军
7ff0bf188a
Add "expires in" column for robot UI (#16227) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2022-01-14 15:42:02 +08:00
MinerYang
719155d595
bump up github.com/opencontainers/runc to v1.0.3 (#16202) 
Signed-off-by: yminer <yminer@vmmware.com>

Co-authored-by: yminer <yminer@vmmware.com>
 2022-01-14 14:19:31 +08:00
Shengwen Yu
b7af0f1529 feat: add current_time to the response of systeminfo api when user logged in 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2022-01-11 17:36:08 +08:00
孙世军
634f0139a0
Add co-sign checkbox for project policy (#16184) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2022-01-10 18:14:34 +08:00
Wang Yan
063991078a
Cosign policy checker (#16187) 
Enable policy checker for cosign, when it's enabled, user cannot pull artifact without cosign.

Signed-off-by: wang yan <wangyan@vmware.com>
 2022-01-10 17:44:01 +08:00
Shengwen Yu
d2ae0165c9 feat: add failure-tolerance for gc 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2022-01-10 11:34:10 +08:00
孙世军
2eda360d9d
Add co-sign UI (#16155) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2022-01-05 13:41:51 +08:00
Chenyu Zhang
b417e877b5
Merge pull request #16107 from chlins/feat/async-update-artifact-pull_count 
feat: async update artifact pull time and repository pull count
 2022-01-05 11:14:28 +08:00
Wang Yan
2111703d8d
Cosign artifact api 
1,update artifact list & delete api to support accessory
2, add list accesories api

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2022-01-05 11:13:40 +08:00
chlins
de7978e1b5 feat: async update artifact pull time and repository pull count 
Signed-off-by: chlins <chenyuzh@vmware.com>
 2021-12-24 11:17:44 +08:00
Julio H Morimoto
ce319a9eca
Improvements for Brazilian Portuguese (pt-br) translation. (#15921) 
Missing items and minor updates to improve the translation.

Signed-off-by: juliohm1978 <jhm@juliohm.com.br>
 2021-12-17 10:36:42 +08:00
孙世军
d9a4f34819
Fix overlapping for repo cardview (#16125) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-12-16 13:49:20 +08:00
chlins
adf866e629 fix: resolve the codeql alerts 
Signed-off-by: chlins <chenyuzh@vmware.com>
 2021-12-15 13:49:42 +08:00
孙世军
46507c2fa9
Add preventDefault for action button of repo card view (#16117) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-12-14 11:44:25 +08:00
孙世军
2a7d4ae4d3
Add share operator to icon observable (#16101) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-12-14 11:44:07 +08:00
孙世军
d711f02401
Add querry parameter for setting.json (#16081) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-12-14 11:20:34 +08:00
孙世军
eb8db3215c
Fix unescaped URL for repo links (#16092) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-12-09 10:15:21 +08:00
Wang Yan
76b981faec
add cosign middleware (#16078) 
The middleware is to land the cosign signature linkage with the subject artifact ID.

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2021-12-07 15:43:10 +08:00
rao yunkun
ce6bf73884 Merge remote-tracking branch 'upstream/main' 2021-12-05 16:34:04 +08:00
stonezdj(Daojun Zhang)
0c0489cbae
Merge pull request #15913 from stonezdj/21nov1_proxy_manifest_list_contenttype 
Cache content type for manifest list and image index in perspective
 2021-12-04 09:05:20 +08:00
Wang Yan
742e7ded00
add accessory dao service (#16045) 
Signed-off-by: wang yan <wangyan@vmware.com>
 2021-12-03 14:34:02 +08:00
stonezdj
6b77c11696 Cache content type for manifest list and image index in perspective 
manifest list: application/vnd.docker.distribution.manifest.list.v2+json
  image index: application/vnd.oci.image.index.v1+json
  fixes #15837

Signed-off-by: stonezdj <stonezdj@gmail.com>
 2021-12-03 14:14:01 +08:00
孙世军
846d690b85
Refactor config component (#16064) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-12-01 10:07:46 +08:00
Wang Yan
7608df4b5c
add pull update control env (#16051) 
These variables are temporary solution for issue: https://github.com/goharbor/harbor/issues/16039
When user disable the pull count/time/audit log, it will decrease the database access, especially in large concurrency pull scenarios.

1, PULL_TIME_UPDATE_DISABLE : The flag to indicate if pull time is disable for pull request.
2, PULL_COUNT_UPDATE_DISABLE : The flag to indicate if pull count is disable for pull request.
3, pull audit log will not create on disabling pull time.

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2021-11-26 18:13:23 +08:00
孙世军
cad78f6af4
Audit fixing for package-lock.json (#16043) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-11-23 15:56:09 +08:00
Wang Yan
91e406ba60
bump up dep versions (#16038) 
1, upgrade containerd to v1.14.12
2. upgrade image-spec to v1.0.2

Signed-off-by: wy65701436 <wangyan@vmware.com>
 2021-11-23 10:32:29 +08:00
孙世军
784cdabc61
Fix null point exception for chart version (#16006) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-11-22 10:48:42 +08:00
孙世军
21dfba7330
Redirect to sign-in page when user session timed out (#16005) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-11-22 10:47:49 +08:00
stonezdj(Daojun Zhang)
060341ba4e
Merge pull request #15949 from stonezdj/21nov4_cache_properties 
Enable db config cache explicitly
 2021-11-16 14:39:10 +08:00
Chenyu Zhang
d260e632d8
Merge pull request #15985 from chlins/fix/replication-rule-enhancement 
fix(replication): enhance the replication rule validation
 2021-11-12 11:12:41 +08:00
chlins
f880bc3361 fix(replication): enhance the replication rule validation 
Signed-off-by: chlins <chenyuzh@vmware.com>
 2021-11-12 09:53:11 +08:00
孙世军
ddd4cdb306
Not allow space in replication rule filters (#15984) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-11-11 12:23:26 +08:00
孙世军
ea16f1fb5e
Change base tag to "/" for index.html (#15965) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-11-08 17:42:07 +08:00
孙世军
d5a4f0b8bc
Add select-all and unselect-all for robot permissions (#15962) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-11-08 14:38:26 +08:00
孙世军
ab037c35cc
Fix ng-change-checking error for repos component (#15961) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-11-08 14:37:45 +08:00
孙世军
0413b8b6f7
Support right click to open a link in a new tab (#15935) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-11-08 14:37:27 +08:00
sluetze
3760375ba9 updated german translation for 2.4 
Signed-off-by: sluetze <13255307+sluetze@users.noreply.github.com>
 2021-11-08 11:15:55 +08:00
Chenyu Zhang
3aa698c7c9
fix(replication): list projects before replicate to reduce create duplicate project and requests to target registry (#15934) 
Signed-off-by: chlins <chenyuzh@vmware.com>
 2021-11-08 10:39:58 +08:00
He Weiwei
b2268dbf8e
fix: remove x-go-type in swagger.yaml (#15923) 
Closes #15912

Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2021-11-04 23:39:36 +08:00
stonezdj
21601f5e3c Enable db config cache explicitly 
previous config is not cached because it is initialized when cache is not ready

Signed-off-by: stonezdj <stonezdj@gmail.com>
 2021-11-04 16:01:25 +08:00
孙世军
71ee8b57c2
Remove loading for auto refreshing (#15914) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-11-03 14:29:54 +08:00
孙世军
264a320d38
Add pagination for user groups (#15932) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-11-03 14:29:24 +08:00
stonezdj(Daojun Zhang)
465240216a
Merge pull request #15864 from stonezdj/21oct25_fix_crash_missing_ldap_attribut 
Check empty ldap attributes value
 2021-11-02 08:56:33 +08:00
stonezdj
ec23ddabc3 Check empty ldap attributes value 
fixes #11986

Signed-off-by: stonezdj <stonezdj@gmail.com>
 2021-11-01 17:56:37 +08:00
孙世军
44f477e965
Change ng-swagger-gen to a stable version (#15903) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-10-29 18:44:20 +08:00
孙世军
fed84069a2
Fix css issue for chart label filter (#15891) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-10-29 10:38:52 +08:00
孙世军
ec1c8c9cd3
Upgrade Clarity and Angular to latest stable version (#15887) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-10-28 17:21:39 +08:00
Aaron Layfield
7b75a456d3
Robot Account CREATE / DELETE Label (#15815) 
Signed-off-by: Aaron Layfield <aaron.layfield@gmail.com>
 2021-10-27 14:24:07 +08:00
Wang Yan
a956758302
bump up go version to v1.17 (#15865) 
* bump up go version to v1.17

Signed-off-by: Wang Yan <wangyan@vmware.com>

* gofmt fail

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2021-10-25 17:28:29 +08:00
stonezdj(Daojun Zhang)
adc2e8873f
Add hostname to trace span name (#15806) 
Fixes #15726, unify the trace span name in all components

Signed-off-by: stonezdj <stonezdj@gmail.com>
 2021-10-25 17:09:59 +08:00
孙世军
266f0c41da
Enlarge index artifact folder icon (#15860) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-10-25 13:46:32 +08:00
孙世军
528d028f1d
Add XAcceptVulnerabilities header when getting artifact scan overview (#15853) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-10-22 17:12:35 +08:00
Chenyu Zhang
be27792170
Merge pull request #15845 from chlins/fix/codeql-golang-security-issues 
fix: handle codeql golang security issues
 2021-10-22 13:27:07 +08:00
Alexis L
5fd6168c57
fix(scan): Add function to avoid writing creds in jobservice logs, switch to debug instead of info (#15747) 
Signed-off-by: Alexis <60alexis@gmail.com>
 2021-10-22 11:34:15 +08:00
chlins
9e8218f63b fix: handle codeql golang security issues 
Signed-off-by: chlins <chenyuzh@vmware.com>
 2021-10-22 10:51:26 +08:00
孙世军
3da8e573a0
Fix css issues for robot and replication (#15834) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-10-22 10:09:16 +08:00