Wenkai Yin
6511417ba6
Merge pull request #7495 from stonezdj/const_debts
...
Replace string with const in metadatalist.go
2019-04-25 17:41:04 +08:00
stonezdj
504eab56c3
Replace string with const in metadatalist.go
...
Signed-off-by: stonezdj <stonezdj@gmail.com>
2019-04-25 17:01:43 +08:00
Wenkai Yin
66087aac82
Merge pull request #7493 from stonezdj/tech_debts
...
Remove adminserver in sourcecode
2019-04-24 16:24:59 +08:00
Steven Zou
9bd2de3e35
Merge pull request #7452 from steven-zou/fix_issues_for_jobservice
...
Fix issues for jobservice
2019-04-24 16:15:43 +08:00
Wenkai Yin
d8310cc708
Fix replication bugs ( #7470 )
...
1. Only return the event based trigger for local Harbor
2. Valid the trigger pattern and cron string when creating/updating policies
3. Set the schema as "http" if it isn't specified when creating/updating registries
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2019-04-23 19:34:29 +08:00
Steven Zou
823d9c04a9
Merge pull request #7497 from wy65701436/fix-replc-500
...
refine chart clint http response
2019-04-23 19:30:36 +08:00
wang yan
0d563fda9c
refine chart clint http response
...
Chart client eats the http error if not status ok, after refactor, the
real http response will be catched in core api.
Signed-off-by: wang yan <wangyan@vmware.com>
2019-04-23 18:22:23 +08:00
Steven Zou
69d9a28860
Merge pull request #7482 from wy65701436/chart-upload
...
Fix chart upload issue on event based
2019-04-23 17:33:08 +08:00
stonezdj(Daojun Zhang)
e4506604e2
fix error message ( #7459 )
...
Signed-off-by: stonezdj <stonezdj@gmail.com>
2019-04-23 15:53:34 +08:00
stonezdj
d7798a12d2
Remove adminserver in sourcecode
...
Signed-off-by: stonezdj <stonezdj@gmail.com>
2019-04-23 15:05:29 +08:00
wang yan
a3763466b3
Update err message to general information
...
Signed-off-by: wang yan <wangyan@vmware.com>
2019-04-23 10:57:31 +08:00
wang yan
1b4c75af25
Add event into upload ctx
...
Signed-off-by: wang yan <wangyan@vmware.com>
2019-04-23 10:57:31 +08:00
wang yan
df6e0600c9
Fix chart upload issue on event based
...
Use chart API to load the uploaded chart file to get the name and version
Signed-off-by: wang yan <wangyan@vmware.com>
2019-04-23 10:57:31 +08:00
Steven Zou
3937c8b0dc
Merge branch 'master' into fix_issues_for_jobservice
2019-04-22 19:26:51 +08:00
Daniel Jiang
1fdc2e6ba9
Provide API to generate CLI secret
...
This commit provide an API to allow a user that is onboarded via OIDC
authn update his CLI secret.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2019-04-22 13:34:12 +08:00
Steven Zou
8e734407c0
Merge branch 'master' into fix_issues_for_jobservice
2019-04-19 21:15:21 +08:00
Steven Zou
e92164c886
Merge pull request #7442 from ywk253100/190418_replication_bug_fix
...
Fix bug in replication
2019-04-19 17:04:34 +08:00
stonezdj(Daojun Zhang)
36d13e8243
Merge pull request #7328 from stonezdj/debts
...
Fix issue 6450 Test LDAP server error without save configuration
2019-04-19 16:51:57 +08:00
Daniel Jiang
6b45b5ef7c
Merge pull request #7451 from reasonerjt/oidc-logout
...
Skip verifying OIDC token for local user
2019-04-19 14:55:26 +08:00
Steven Zou
f8feaa192e
add get scheduled and periodic executions APIs
...
Signed-off-by: Steven Zou <szou@vmware.com>
2019-04-19 13:54:23 +08:00
Wenkai Yin
cf5cd5902f
Fix bug in replication
...
1. Fix bug when creating the namespace
2. Keep the same logic for hiding access secret
3. Filter only push mode policies for event trigger
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2019-04-19 13:34:04 +08:00
Daniel Jiang
5292aea89e
Skip verifying OIDC token for local user
...
If a user does not have OIDC meta data in DB, it means he's not
onboarded via OIDC authn, hence, we should not check the token.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2019-04-19 13:07:06 +08:00
Wenkai Yin
059b75e97c
Merge pull request #7392 from reasonerjt/oidc-logout
...
Handle OIDC user invalidation from OIDC provider.
2019-04-19 12:46:36 +08:00
Daniel Jiang
239b33c5fb
Handle OIDC user invalidation from OIDC provider.
...
Ths commmit ensures that when user's token is invalidated OIDC provider, he
cannot access protected resource in Harbor with the user info in his session.
We share the code path with secret verification b/c the refresh token
can be used only once, so it has to be stored in one place.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2019-04-19 01:27:31 +08:00
Steven Zou
1f481e492c
Refactor job servcie primary logic to fix related bugs
...
Signed-off-by: Steven Zou <szou@vmware.com>
2019-04-18 16:02:49 +08:00
stonezdj
41a574e55c
Fix issue 6450 Test LDAP server error without save configuration
...
Signed-off-by: stonezdj <stonezdj@gmail.com>
2019-04-18 14:24:21 +08:00
Wenkai Yin
a5cc228781
Merge pull request #7420 from ywk253100/190417_revert_local_harbor
...
Update the migration sql
2019-04-17 19:58:31 +08:00
wang yan
ddec7bd645
fix error handlering in job notification
...
Signed-off-by: wang yan <wangyan@vmware.com>
2019-04-17 18:19:01 +08:00
wang yan
e017294f71
merge with master latest
...
Signed-off-by: wang yan <wangyan@vmware.com>
2019-04-17 17:52:39 +08:00
Wenkai Yin
547c2337de
Update the migration sql
...
1. Update the migration sql
2. Rename the ResourceRepository from repository to image
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2019-04-17 17:18:03 +08:00
Wang Yan
a6af9e9972
Support well-formatted error returned from the REST APIs. ( #6957 )
...
Signed-off-by: wang yan <wangyan@vmware.com>
2019-04-17 16:43:06 +08:00
Wenkai Yin
6e0d892963
Support creating project with service account
...
This commit introduces a solution to workaround the restriction of project creation API: only normal users can create projects
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2019-04-17 14:50:32 +08:00
Wenkai Yin
3f7884d9d2
Revert "Add new registry type: LocalHarbor"
...
This reverts commit 94cacf762a
.
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2019-04-17 14:50:24 +08:00
Wenkai Yin
94cacf762a
Add new registry type: LocalHarbor
...
The "LocalHarbor" is the type of registry where the replication service is running on
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2019-04-16 11:42:36 +08:00
Wenkai Yin
2f1d2257d5
Remove the namespace concept in replication
...
Update the replication logic to remove the "namespace"
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2019-04-16 08:36:42 +08:00
wang yan
7a373c2eed
Add event trigger to helm upload/deletion replication
...
Signed-off-by: wang yan <wangyan@vmware.com>
2019-04-15 19:02:33 +08:00
Wenkai Yin
ba038eb883
Support replication all projects in Harbor
...
Support replication all projects in Harbor
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2019-04-13 20:23:19 +08:00
Wenkai Yin
c222f18fa7
Update replication
...
1. Refine the health check of docker hub
2. Remove the GetNamespace method from adapter interface
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2019-04-13 15:20:06 +08:00
Daniel Jiang
f92bc8076d
"Skip verify cert" to "verify cert"
...
This commit tweaks the attribute for auth proxy mode and OIDC auth mode.
To change it from "Skip verify cert" to "verify cert" so they are more
consistent with other modes.
Additionally it removes a workaround in `SearchUser` in auth proxy
authenticator.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2019-04-12 23:25:54 +08:00
Wenkai Yin
1d16e18dff
Remove "ng" from source code
...
Remove "ng" from source code
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2019-04-12 22:42:27 +08:00
cd1989
8ca5e17c58
Correct some typos and do some small adjustments
...
Signed-off-by: cd1989 <chende@caicloud.io>
2019-04-12 21:17:33 +08:00
cd1989
a9fa22269c
Check health status when add/update registry
...
Signed-off-by: cd1989 <chende@caicloud.io>
2019-04-12 17:29:05 +08:00
Wenkai Yin
188d66d875
Merge pull request #7350 from ywk253100/190411_bugfix
...
Fix bug of replication
2019-04-12 08:22:59 +08:00
Wenkai Yin
bc0123662b
Fix bug of replication
...
1. check the disable/enable status before starting the replication
2. process the support_namespace property
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2019-04-12 07:59:57 +08:00
Wenkai Yin
1f574e7d10
Merge pull request #7354 from wy65701436/replication_ng_namespace
...
Add api to get namespaces of registry
2019-04-11 23:44:24 +08:00
wang yan
117c36d52c
Add api to get namespaces of registry
...
To query the namespace of the registry according to its ID.
Signed-off-by: wang yan <wangyan@vmware.com>
2019-04-11 23:17:33 +08:00
Wenkai Yin
a2fcb41b31
Fix bug in ping registry API
...
Fix bug in ping registry API: accept both ID and other properties
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2019-04-11 18:00:44 +08:00
Daniel Jiang
763c5df010
Add UT
...
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2019-04-11 15:30:19 +08:00
Wenkai Yin
b73acde051
Support the migration for scheduled replication rule from previous version of Harbor
...
Support the migration for scheduled replication rule from previous version of Harbor
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2019-04-11 13:14:32 +08:00
Wenkai Yin
5a047a7eb6
Update the adapter interface
...
Add ConvertResourceMetadata and PrepareForPush methods
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2019-04-10 23:37:11 +08:00
Daniel Jiang
0d18e6c82f
Update according to comments
...
For more context see PR #7335
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2019-04-10 19:38:12 +08:00
Daniel Jiang
0a2343f542
Support secret for docker CLI
...
As CLI does not support oauth flow, we'll use secret for help OIDC user
to authenticate via CLI.
Add column to store secret and token, and add code to support
verify/refresh token associates with secret. Such that when the user is
removed from OIDC provider the secret will no longer work.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2019-04-10 19:38:11 +08:00
Daniel Jiang
08e00744be
Fix misc bugs for e2e OIDC user onboard process
...
This commit adjust the code and fix some bugs to make onboard process
work.
Only thing missed is that the UI will need to initiate the redirection,
because the request of onboarding a user was sent via ajax call and didn't
handle the 302.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2019-04-10 19:38:11 +08:00
Wenkai Yin
5a65480594
Handle the policy from previous versions
...
Handle the policy from previous versions
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2019-04-09 17:43:07 +08:00
Wenkai Yin
7ff46acd25
Merge pull request #7289 from cd1989/add-registry-ping
...
Add registry ping API
2019-04-08 14:08:53 +08:00
cd1989
5a2d03593f
Add helth check method to registry adapter
...
Signed-off-by: cd1989 <chende@caicloud.io>
2019-04-08 10:03:28 +08:00
cd1989
f71a110bec
Add registry ping API
...
Signed-off-by: cd1989 <chende@caicloud.io>
2019-04-06 17:00:52 +08:00
cd1989
07139684ce
Wait randomly before registry health checking
...
Signed-off-by: cd1989 <chende@caicloud.io>
2019-04-05 20:46:29 +08:00
cd1989
fe004e1bfc
Init replication in core
...
Signed-off-by: cd1989 <chende@caicloud.io>
2019-04-04 21:58:31 +08:00
cd1989
2450dacecb
Use policy controller in registry deletion
...
Signed-off-by: cd1989 <chende@caicloud.io>
2019-04-04 21:26:27 +08:00
Wenkai Yin
4116433de8
Merge pull request #7306 from ywk253100/190404_cleanup
...
Remove the useless replication code
2019-04-04 21:18:04 +08:00
Wenkai Yin
c2f702be2a
Remove the useless replication code
...
This commit removes the useless replication code
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2019-04-04 20:56:25 +08:00
Wenkai Yin
58a73de3e5
Merge pull request #7299 from ywk253100/190404_sync
...
Sync with master branch
2019-04-04 17:33:11 +08:00
Wenkai Yin
1c735a7464
Filter the events triggerred by replication
...
Filter the events triggerred by replication pull
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2019-04-04 16:03:38 +08:00
Wenkai Yin
b66b1f341e
Merge remote-tracking branch 'upstream/master' into 190404_sync
2019-04-04 14:55:09 +08:00
Wenkai Yin
48f02d0605
Merge pull request #7291 from cd1989/registry-with-empty-credential
...
Handle registry with empty credential
2019-04-03 21:35:32 +08:00
Yan
da0e20ec60
Add controller to onboard oidc user ( #7286 )
...
Signed-off-by: wang yan <wangyan@vmware.com>
2019-04-03 20:47:22 +08:00
cd1989
e2c86f8f59
Handle registry with empty credential
...
Signed-off-by: cd1989 <chende@caicloud.io>
2019-04-03 20:33:26 +08:00
cd1989
8968e82675
Allow edit registry description
...
Signed-off-by: cd1989 <chende@caicloud.io>
2019-04-03 19:47:14 +08:00
wang yan
dcf1d704e6
fix dao UT issue and refine the error of onboard OIDC user
...
Signed-off-by: wang yan <wangyan@vmware.com>
2019-04-03 14:05:18 +08:00
wang yan
41018041f7
remove oidc controller and add more UTs
...
Signed-off-by: wang yan <wangyan@vmware.com>
2019-04-03 09:54:21 +08:00
Yan
0de5999f52
add the controller for ocdi onboard user
...
Signed-off-by: wang yan <wangyan@vmware.com>
2019-04-03 09:52:22 +08:00
Wenkai Yin
5219073c49
Call Harbor API to delete the images in Harbor adapter
...
Call Harbor API to delete the images in Harbor adapter to avoid the inconsistent between the different versions of Harbor
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2019-04-02 17:02:15 +08:00
Wenkai Yin
4484bca756
Fix replication related issues
...
1. Add operation property for tasks
2. Add trigger property for executions
3. Update the getting registry info API to allow passing 0 as ID to get the info of local Harbor registry
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2019-04-02 14:26:17 +08:00
Daniel Jiang
587acd33ad
Add callback controller for OIDC
...
This commit add callback controller to handle the redirection from
successful OIDC authentication.
For E2E case this requires callback controller to kick off onboard
process, which will be covered in subsequent commits.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2019-04-01 12:35:31 +08:00
Wenkai Yin
71b706e60a
Update the replication API
...
1. Add getting execution by ID API
2. Return registry detail info in listing policies API
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2019-03-30 20:46:02 +08:00
Wenkai Yin
8c7b63bac2
Merge pull request #7248 from ywk253100/190326_event
...
Add event based trigger and scheduled trigger
2019-03-29 14:58:09 +08:00
Wenkai Yin
4f8e283e8e
Add event based trigger and scheduled trigger
...
This commit implements the event based trigger and scheduled trigger in replilcation
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2019-03-29 13:48:34 +08:00
Daniel Jiang
9ce98f4acd
Add controller to handle oidc login
...
The controller will redirect user to the OIDC login page based on
configuration.
Additionally this commit add some basic code to wrap `oauth2` package
and `provider` in `go-oidc`, and fixed an issue in UT to make
InMemoryDriver for config management thread-safe.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2019-03-28 11:29:05 +08:00
Wenkai Yin
0e9bdbc09c
Merge pull request #7225 from ywk253100/190326_structure
...
Adjust the file structure of replication package
2019-03-27 13:08:05 +08:00
Yan
03709e4ec1
add authn proxy ( #7199 )
...
* add authn proxy docker login support
User could use the web hook token issued by k8s api server to login to harbor.
The username should add a specific prefix.
Signed-off-by: wang yan <wangyan@vmware.com>
* update code per review comments
Signed-off-by: wang yan <wangyan@vmware.com>
* Add UT for auth proxy modifier
Signed-off-by: wang yan <wangyan@vmware.com>
2019-03-27 12:37:54 +08:00
Wenkai Yin
017bba8dc1
Merge remote-tracking branch 'upstream/master' into 190327_sync
2019-03-27 11:43:51 +08:00
Wenkai Yin
de4eb0369a
Adjust the file structure of replication package
...
Move the scheduler, execution, hook and flow package into operation
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2019-03-26 14:59:58 +08:00
Daniel Jiang
49aae76205
Onbard settings for OIDC provider ( #7204 )
...
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2019-03-25 12:24:39 +08:00
Wenkai Yin
b37f4018a6
Update the registry adapter interface
...
This commit adds the Info() method to the registry adapter interface
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2019-03-23 07:49:59 +08:00
Wenkai Yin
679b0d3d6a
Convert job status to replication task status
...
This commits converts job status to task status
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2019-03-22 18:16:27 +08:00
Yan
8d3946a0e2
Refactor scan all api ( #7120 )
...
* Refactor scan all api
This commit is to let scan all api using admin job to handle schedule
management. After the PR, GC and scan all share unified code path.
Signed-off-by: wang yan <wangyan@vmware.com>
* update admin job api code according to review comments
Signed-off-by: wang yan <wangyan@vmware.com>
* Update test code and comments per review
Signed-off-by: wang yan <wangyan@vmware.com>
2019-03-22 17:52:21 +08:00
Wenkai Yin
49cf50adb1
Merge remote-tracking branch 'upstream/master' into 190324_sync
...
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2019-03-22 15:55:52 +08:00
Wenkai Yin
791aecddfa
Merge pull request #7210 from ywk253100/190321_delete
...
Add support for replicating the delation of resource
2019-03-23 20:08:13 +08:00
Wenkai Yin
1120368c9c
Add support for replicating the delation of resource
...
This commit refines the replication flows and provides the support for replicating resource deletion
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2019-03-22 12:37:39 +08:00
Meina Zhou
130e132f86
Merge branch 'master' into replication_ng
...
Signed-off-by: Meina Zhou <meinaz@vmware.com>
2019-03-21 14:16:33 +08:00
Wenkai Yin
c65d5e6669
Update listing/getting replication adapter API
...
This commit updates the listing/getting replication adapter API
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2019-03-20 05:30:15 +08:00
Daniel Jiang
a73b499988
Expose HTTP auth proxy infor in systeminfo API ( #7164 )
...
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2019-03-19 15:54:40 +08:00
Wenkai Yin
258b22a9a5
Fix bug in replication
...
This commit fixes bugs found in the implement of replciation NG
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2019-03-10 20:57:59 +08:00
Wenkai Yin
cabef73980
Add Harbor adapter for replication
...
Implement the replication adapter for Harbor registry
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2019-03-13 21:39:39 +08:00
peimingming
4efad287ce
Add execution and hooks
...
Signed-off-by: peimingming <peimingming@corp.netease.com>
2019-03-13 09:35:01 +08:00
Wenkai Yin
772367498f
Merge remote-tracking branch 'upstream/master' into 190311_sync
2019-03-11 20:34:49 +08:00
Wenkai Yin
d1f4c20e64
Implement replication policy management API
...
This commit implements the replication policy management API
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2019-03-09 01:32:51 +08:00
Wenkai Yin
ec2a7f9239
Implement replication operation API
...
This commit implements the replication operation related APIs
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2019-03-08 10:06:33 +08:00
Wenkai Yin
db7a709aad
Merge pull request #7063 from heww/users-search
...
Add users search API
2019-03-07 15:58:26 +08:00
stonezdj(Daojun Zhang)
f7745baf30
Merge pull request #6599 from stonezdj/pr6161
...
Add new parameter ldap_group_membership_attribute (PR#6161)
2019-03-07 13:26:26 +08:00
He Weiwei
20556aebd2
Add users search API
...
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2019-03-07 12:47:26 +08:00
Wenkai Yin
7f49151115
Implement replication adapter API
...
This commit implements the replication adapter API
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2019-03-06 15:01:33 +08:00
Daniel Jiang
002094dbbb
Merge pull request #7075 from wy65701436/cron-str
...
update gc api to support raw cron string
2019-03-06 13:36:52 +08:00
Qian Deng
b68f09cf41
Fix: global search not work when chart enabled
...
Global search result data does not contain the chart info when chart is empty
Signed-off-by: Qian Deng <dengq@vmware.com>
2019-03-06 10:37:41 +08:00
wang yan
e373167546
update gc api to support raw cron string
...
Signed-off-by: wang yan <wangyan@vmware.com>
2019-03-05 16:31:35 +08:00
cd1989
b00098d492
Add unit tests and fix CI
...
Signed-off-by: cd1989 <chende@caicloud.io>
2019-03-05 15:37:36 +08:00
stonezdj(Daojun Zhang)
dffb971366
Merge pull request #7055 from stonezdj/bug7038
...
Remove verify_remote_cert
2019-03-05 14:54:02 +08:00
stonezdj
4dfee0c1f0
Remove verify_remote_cert
...
Signed-off-by: stonezdj <stonezdj@gmail.com>
2019-03-05 14:04:10 +08:00
Wenkai Yin
77688c90b9
Merge pull request #7061 from stonezdj/bug6767
...
Search local DB first when adding a project member with username
2019-03-05 12:56:19 +08:00
Mia ZHOU
76a07eb5fe
Merge pull request #7059 from ninjadq/fix_global_search_issue
...
Fix global search issue
2019-03-05 08:41:30 +08:00
Qian Deng
4ba012ab8e
Fix: global search not work issue
...
Both Frontend and Backend should not send chart data when chartmusuem not enabled
Signed-off-by: Qian Deng <dengq@vmware.com>
2019-03-04 17:44:34 +08:00
stonezdj
3fdc0fd9ba
Search local DB first when adding a project member with username
...
Signed-off-by: stonezdj <stonezdj@gmail.com>
2019-03-04 11:22:37 +08:00
stonezdj
cf134bc80e
Add new parameter ldap_group_membership_attribute
...
Signed-off-by: stonezdj <stonezdj@gmail.com>
2019-03-03 10:03:22 +08:00
Daniel Jiang
321874c815
Move Settings of HTTP auth proxy ( #7047 )
...
Previously the settings of HTTP authproxy were set in environment
variable.
This commit move them to the configuration API
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2019-03-01 14:11:14 +08:00
cd1989
8732a20709
Rewrite registry manager with new interface
...
Signed-off-by: cd1989 <chende@caicloud.io>
2019-02-27 11:54:04 +08:00
cd1989
6bdf3053a7
Implement registries manager
...
Signed-off-by: cd1989 <chende@caicloud.io>
2019-02-27 11:54:04 +08:00
wang yan
91aa67a541
Update expiration variable name to expiresat/tokenduration
...
Signed-off-by: wang yan <wangyan@vmware.com>
2019-02-25 11:55:42 +08:00
wang yan
36a778b482
Update expiration schema to bigint and default unit to minute
...
Signed-off-by: wang yan <wangyan@vmware.com>
2019-02-22 18:42:43 +08:00
wang yan
47a09b5891
add expiration of robot account
...
This commit is to make the expiration of robot account configurable
1, The expiration could be set by system admin in the configuation page or
by /api/config with robot_token_expiration=60, the default value is 30 days.
2, The expiration could be shown in the robot account infor both on UI and API.
Signed-off-by: wang yan <wangyan@vmware.com>
2019-02-22 18:42:34 +08:00
Nguyen Quang Huy
eda6c47b3e
add signoff for DCO gate ( #6981 )
...
Some variable name, function name is colliding with builtin function.
Signed-off-by: Nguyen Quang Huy <huynq0911@gmail.com>
2019-02-22 15:00:18 +08:00
stonezdj
7a5fbf718f
Revise code with review comments
...
Signed-off-by: stonezdj <stonezdj@gmail.com>
2019-02-18 15:20:54 +08:00
stonezdj
880051c08a
Add load for user settings in core/config/config.go
...
Signed-off-by: stonezdj <stonezdj@gmail.com>
2019-02-18 14:06:19 +08:00
stonezdj
36e1c13a43
fix ut error in systeminfo_test.go
...
Signed-off-by: stonezdj <stonezdj@gmail.com>
2019-02-18 14:06:19 +08:00
stonezdj
1ae5126bb4
Refactor adminserver stage 3: replace config api and change ut settings
...
Signed-off-by: stonezdj <stonezdj@gmail.com>
2019-02-18 14:06:19 +08:00
He Weiwei
1c4b9aa346
Protect API using rbac
...
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2019-02-01 18:55:06 +08:00
Daniel Jiang
bf663df0e7
Merge pull request #6820 from wy65701436/robot-service
...
Add robot account authn & authz implementation
2019-01-29 16:08:25 +08:00
He Weiwei
6e95b98108
Standard actions for rbac
...
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2019-01-29 11:59:11 +08:00
He Weiwei
1da0a66fe5
Merge pull request #6781 from heww/user-permissions-api
...
Implement api for get current user permissions
2019-01-29 01:58:51 +08:00
wang yan
2d7ea9c383
update codes per review comments
...
Signed-off-by: wang yan <wangyan@vmware.com>
2019-01-28 21:26:06 +08:00
He Weiwei
8b5e68073d
Implement api for get current user permissions
...
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2019-01-28 18:06:52 +08:00
Yan
71f37fb820
* Add robot account authn & authz implementation.
...
This commit is to add the jwt token service, and do the authn & authz for robot account.
Signed-off-by: wang yan <wangyan@vmware.com>
2019-01-28 17:39:57 +08:00
Daniel Jiang
20db0e737b
Provide HTTP authenticator
...
An HTTP authenticator verifies the credentials by sending a POST request
to an HTTP endpoint. After successful authentication he will be
onboarded to Harbor's local DB and assigned a role in a project.
This commit provides the initial implementation.
Currently one limitation is that we don't have clear definition about
how we would "search" a user via this HTTP authenticator, a flag for
"alway onboard" is provided to skip the search, otherwise, a user has
to login first before he can be assigned a role in Harbor.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2019-01-28 15:43:44 +08:00
He Weiwei
3f8e06a8bc
Support master role for project member create and update apis ( #6780 )
...
* Support master role for project member create and update apis
Signed-off-by: He Weiwei <hweiwei@vmware.com>
* Fix description for role_id in swagger.yaml
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2019-01-23 14:56:23 +08:00
He Weiwei
ae061482ae
Add Can method to securty.Context interface ( #6779 )
...
* Add Can method to securty.Context interface
Signed-off-by: He Weiwei <hweiwei@vmware.com>
* Improve mockSecurityContext Can method
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2019-01-23 14:32:37 +08:00
wang yan
903e15235e
Update validation and error message per comments
2019-01-17 15:33:05 +08:00
wang yan
4cde11892a
update the conflict check with DB unique constrain error message
...
Signed-off-by: wang yan <wangyan@vmware.com>
2019-01-17 13:13:55 +08:00
Yan
1af0f3c3b9
Add API implementation of robot account
...
Add API implementation of robot account
1. POST /api/project/pid/robots
2, GET /api/project/pid/robots/id?
3, PUT /api/project/pid/robots/id
4, DELETE /api/project/pid/robots/id
Signed-off-by: wang yan <wangyan@vmware.com>
2019-01-17 13:13:55 +08:00
Wenkai Yin
f8d9653419
Merge pull request #6737 from ywk253100/190109_health_check
...
Implement the unified health check API
2019-01-16 18:14:14 +08:00
Wenkai Yin
be4455ec1b
Implement the unified health check API
...
The commit implements an unified health check API for all Harbor services
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2019-01-16 17:21:04 +08:00
Daniel Jiang
5d59d6fab8
Bump up golang to 1.11.2
...
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2019-01-11 14:44:32 +08:00
Jan-Otto Kröpke
8b65e4f424
Remove user agent check for docker notifications
...
Fixes #5729
Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de>
2019-01-03 21:17:29 +01:00
Wenkai Yin
75d45ebd9d
Merge pull request #6547 from cd1989/retag-input-validation
...
Validate repo and tag names in retag
2019-01-03 17:45:44 +08:00
cd1989
c117a23133
Validate repo and tag names in retag
...
Signed-off-by: cd1989 <chende@caicloud.io>
2018-12-24 16:49:39 +08:00
He Weiwei
f403e50234
Merge pull request #6577 from heww/master
...
Include os version in image tag detail page
2018-12-20 18:18:44 +08:00
He Weiwei
e7f09643bd
Include os version in image tag detail page
...
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2018-12-20 15:12:19 +08:00
Wenkai Yin
b28bca7af4
Merge pull request #6541 from salkin/proxy-transport
...
Add support for http proxy in transport
2018-12-18 15:46:29 +08:00
Niklas Wik
138bc69f0f
Add support for http proxy in transport
...
Signed-off-by: Niklas Wik <niklas.wik@nokia.com>
2018-12-17 10:35:27 +02:00
Wenkai Yin
f7a28ee2a2
Remove the duplicate http error struct ( #6516 )
...
There are two different types to represent http error in the current code. This commit updates the codes to keep only one.
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2018-12-12 11:51:19 +08:00
Wenkai Yin
bcd6947fcc
Merge pull request #6470 from cd1989/retag-problem
...
Give meaningful error messages when retag is forbidden
2018-12-06 18:47:58 +08:00
De Chen
60d65a9d86
Block retag requests in read-only mode ( #6457 )
...
Signed-off-by: cd1989 <chende@caicloud.io>
2018-12-06 18:35:22 +08:00
cd1989
caf07a96fe
Give meaningful messages when retag forbided
...
Signed-off-by: cd1989 <chende@caicloud.io>
2018-12-06 16:25:21 +08:00
Wenkai Yin
746d58ceb4
Return the error message when changing password with wrong old password ( #6466 )
...
Return a meaningful error message when changing password but the a wrong old password is provided to render on UI
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2018-12-06 13:29:30 +08:00
Daniel Jiang
29d5b5da72
Return 409 when there is a scan all job running ( #6460 )
...
* Return 409 when user trigger another "scan all"
This commit fixes #6418 , that when multiple "scan all" jobs are
triggered, the API should not return 500.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
* Update swagger to add 409 to scanAll API
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2018-12-06 11:46:38 +08:00
Wenkai Yin
538082ceb6
Remove the permission checking for getcert API ( #6436 )
...
The Harbor root cert can be downloaded by all users now, so the permission checking is not needed anymore
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2018-12-05 12:15:23 +08:00
Daniel Jiang
ae240df031
Remove the Scan all in-memory marker ( #6399 )
...
Previously there was a in-memory marker to prevent user from frequently
calling the "scan all" API. This has become problematic in HA
deployment, and is no longer needed after enhancement in jobservice.
This commit removes the marker for "scan all" api, however, we need to
review the mechanism and rework to make it stateless.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2018-12-02 15:40:50 +08:00
Wenkai Yin
a81346a4ba
Merge pull request #6386 from heww/session
...
change session cookie name to sid
2018-11-30 16:13:45 +08:00
Steven Zou
ec2ad4d0b8
Merge pull request #6093 from cd1989/replication-record-id
...
Add op uuid to image replication
2018-11-30 14:54:43 +08:00
Wenkai Yin
9d5cf57373
Check the existence of name when creating replication rule and fix bugs in testing library ( #6381 )
...
1. Fix #5102 by checking the existence of name when creating/editing replication rule
2. Add unique constraint to the name of replication policy and target
3. Fix bugs of testing library
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2018-11-30 13:32:20 +08:00
stonezdj
3b165d41d4
Fix LDAP search error
...
Signed-off-by: stonezdj <stonezdj@gmail.com>
2018-11-29 18:37:23 +08:00
Steven Zou
68b1b98f0a
Merge pull request #6375 from steven-zou/fix_global_search_502_issue
...
Fix global search 502 issue happened when chart repo is not enabled
2018-11-29 16:29:08 +08:00
Steven Zou
e7ffaecca5
Fix global search 502 issue happened when chart repo is not enabled
...
Signed-off-by: Steven Zou <szou@vmware.com>
2018-11-29 15:53:09 +08:00
He Weiwei
00a3948fff
change session cookie name to sid
...
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2018-11-29 15:18:15 +08:00
陈德
f72c7766ae
Fix status code for permission check in retag, use 403
...
Signed-off-by: 陈德 <chende@caicloud.io>
2018-11-28 19:48:25 +08:00
Daniel Jiang
abe728325b
Wait for manifest in notification handler
...
There's an issue in registry 2.6.x, that when the webhook is sent the
manifest of the image may not be written.
For details: https://github.com/docker/distribution/issues/2625
This will cause issue in "scan on push" or replication.
This commit mitigates the issue by adding retries in notification
handler.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2018-11-06 19:23:54 +08:00
Qian Deng
35f3346948
Merge pull request #6155 from mmpei/6086-UserNameLength
...
Support longer UserName
2018-11-06 10:50:50 +08:00
Steven Zou
1b1ab60802
Merge pull request #6152 from mmpei/5178-jibSupporting
...
5178 jib supporting
2018-10-29 16:34:13 +08:00
peimingming
d3a617efd6
Support longer UserName
...
Signed-off-by: peimingming <peimingming@corp.netease.com>
2018-10-29 15:59:17 +08:00
mmpei
a209519b0e
add support jib
...
Signed-off-by: mmpei <peimingming1986@126.com>
Signed-off-by: peimingming <peimingming@corp.netease.com>
2018-10-26 15:32:10 +08:00
mmpei
99c70ceab9
issue 5851 support jib client
...
Signed-off-by: mmpei <peimingming1986@126.com>
2018-10-26 15:27:28 +08:00
Daniel Jiang
39b4d011c7
Not submit scan all job when core container starts
...
Fixes #6115
As for the change in migration sql file, in 1.7 we'll switch to
jobservice for scheduling "scan all" job. To avoid inconsistency,
this item will be reset and user will need to configure the policy again.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2018-10-25 19:01:52 +08:00
Steven Zou
3b76a960e1
Merge pull request #6039 from stonezdj/refact_5996
...
Refactor capacity
2018-10-24 10:50:11 +08:00
Daniel Jiang
2920ec5f9b
Merge pull request #6077 from clouderati/update-copyright
...
Updating copyright notices
2018-10-23 18:38:15 +08:00
陈德
1ffd9d8fba
Add op uuid to image replication
...
Signed-off-by: 陈德 <chende@caicloud.io>
2018-10-21 23:55:57 +08:00
Steven Zou
db24cbe25a
Merge pull request #5779 from cd1989/images-retag
...
Merge Images retag
2018-10-19 11:04:48 +08:00
clouderati
9a93f225d7
Updating copyright notices
...
Replacing copyright notices with "Copyright 2018 The Harbor Authors".
Signed-off-by: clouderati <35942204+clouderati@users.noreply.github.com>
2018-10-18 16:04:36 +00:00
陈德
a1b4729aa7
Add more unit tests
...
Signed-off-by: 陈德 <chende@caicloud.io>
2018-10-18 00:26:25 +08:00
stonezdj
0278981523
Change admin server to core in jobservice
...
Signed-off-by: stonezdj <stonezdj@gmail.com>
2018-10-16 19:23:12 +08:00
stonezdj(Daojun Zhang)
b764033fc9
Merge pull request #6007 from stonezdj/refact_5998
...
Change admin server to core in jobservice
2018-10-15 17:52:24 +08:00
stonezdj
79bac7a64e
Change admin server to core in jobservice
...
Signed-off-by: stonezdj <stonezdj@gmail.com>
2018-10-15 14:56:18 +08:00
Wenkai Yin
0ebed68f5b
Merge pull request #5924 from cd1989/replication-status-check
...
Fix statuses condition when trigger replication
2018-10-15 11:26:22 +08:00
陈德
e5e5ba79a5
Add operations filter
...
Signed-off-by: 陈德 <chende@caicloud.io>
2018-10-13 11:09:53 +08:00
陈德
d6f5560145
Fix status check when trigger replication
...
Signed-off-by: 陈德 <chende@caicloud.io>
2018-10-11 09:03:49 +08:00
wang yan
a4ad4c7282
Fix gc api issues
...
1, filter out the scan all jobs in the gc list.
2, make it able to delete unexecuted scheduler.
Signed-off-by: wang yan <wangyan@vmware.com>
2018-10-10 15:45:03 +08:00
陈德
b648084d95
Improve code styles and fix after Harbor refactoring
...
Signed-off-by: 陈德 <chende@caicloud.io>
2018-10-09 10:49:03 +08:00
陈德
03d5157eaf
Updae retag api spec
...
Signed-off-by: 陈德 <chende@caicloud.io>
2018-10-08 19:07:23 +08:00
陈德
48d2435146
Fix notification event filtered because of user agent
...
Signed-off-by: 陈德 <chende@caicloud.io>
2018-10-08 19:07:22 +08:00
陈德
03af3c5936
Add image retag API
...
Signed-off-by: 陈德 <chende@caicloud.io>
2018-10-08 19:07:21 +08:00
James Zabala
ce0e195d18
Merge pull request #5957 from reasonerjt/scan-all-jobsvc
...
Schedule "scan all" via jobservice
2018-10-02 15:31:42 -04:00
Daniel Jiang
b12dc3b5d8
Schedule "scan all" via jobservice
...
This commit leverage the jobservice to trigger "scan all" and
gets rid of the local scheduler to make the harbor-core container
stateless.
It keeps using the notifer mechanism to handle the configuration change.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2018-09-28 15:42:37 +08:00
Steven Zou
55c50f310d
Fix #5956 issue: The APIs should not get chart information when Harbor is not installed with chart repo
...
Signed-off-by: Steven Zou <szou@vmware.com>
2018-09-27 13:22:25 +08:00
Steven Zou
8b538cbc0a
Return the total count of charts under the project in project API
...
- add new interface method to get total count of charts under namespaces by calling get index
- add new field 'chart_count' in project model
- append chart count to the project model in project API
Signed-off-by: Steven Zou <szou@vmware.com>
2018-09-25 17:56:11 +08:00
Wenkai Yin
978f8721e6
Merge pull request #5927 from steven-zou/return_labels_in_chart_api
...
Refactor the chart service implementation to provide more extending flexibilities
2018-09-21 15:59:53 +08:00
Qian Deng
0cb430d463
Merge pull request #5932 from ninjadq/refactor_auth_api
...
Refactor backend api for authrization
2018-09-21 15:59:07 +08:00
Qian Deng
88bb461314
Reactor backend api for authrization
...
1. Change backend api
2. Change frontend api
3. Change the proxy config file
Signed-off-by: Qian Deng <dengq@vmware.com>
2018-09-21 14:03:17 +08:00
Steven Zou
78b9cbf35e
Fix failures of UT cases of chart API related
...
Signed-off-by: Steven Zou <szou@vmware.com>
2018-09-21 14:02:45 +08:00
Daniel Jiang
6c84a3dc4f
Merge pull request #5690 from goharbor/clouderati-copyright-update
...
Updating copyright notices
2018-09-20 19:38:26 +08:00
Steven Zou
d4c423ea8e
Merge branch 'master' into return_labels_in_chart_api
2018-09-20 17:55:48 +08:00
Steven Zou
24c0be789d
Add more UT cases for changed chart API
...
- add more cases in the ChartRepositoryAPI controller
- move chart utility testing functions to a separate go file under testing
- ignore testing coverage for testing folder
- update other UT cases to reflect the change of adding chart testing utility functions
Signed-off-by: Steven Zou <szou@vmware.com>
2018-09-20 17:51:27 +08:00
De Chen
970d84f1b9
Add comment format check to makefile and travis ( #5832 )
...
* Add comment format check to makefile and travis
Signed-off-by: 陈德 <chende@caicloud.io>
2018-09-20 11:48:38 +08:00
Steven Zou
e6de7f080d
Rename the import path of new package 'label'
...
Signed-off-by: Steven Zou <szou@vmware.com>
2018-09-20 10:31:29 +08:00
clouderati
587459df15
Replacing copyright notices with "Copyright Project Harbor Authors".
...
Signed-off-by: clouderati <35942204+clouderati@users.noreply.github.com>
2018-09-19 16:59:36 +00:00
Steven Zou
3a204dbf7d
Rebase to fix conflicts
2018-09-19 17:46:47 +08:00
Qian Deng
7873a0312a
Rename harbor-ui to harbor-core
...
1. Update the nginx.conf
2. Update Makefile
3. Update docker-compose
4. Update image name
5. Rename folder ui to core
6. Change the harbor-ui's package name to core
7. Remove unused static file on harbor-core
8. Remove unused code for harbor-portal
Signed-off-by: Qian Deng <dengq@vmware.com>
2018-09-19 16:35:13 +08:00