Yang Jiao
5e130bd06c
Bump up photon version from 4.0 to 5.0 ( #19006 )
...
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-08-01 11:52:33 +08:00
Alexis Leroux
84a131773a
Conserve sentinel_master_set value between upgraded versions ( #18875 )
...
fix(migration): Conserve sentinel_master_set value between upgraded versions
Signed-off-by: Alexis Leroux <alexis.leroux@worldline.com>
Co-authored-by: Alexis Leroux <alexis.leroux@worldline.com>
Co-authored-by: MinerYang <yminer@vmware.com>
2023-07-27 18:35:01 +08:00
MinerYang
8102304621
add migration script for 2.9 ( #18997 )
...
add miigration script for 2.9
Signed-off-by: yminer <yminer@vmware.com>
update quota_update_provider
update typo
update comment
2023-07-25 17:52:37 +08:00
Shengwen YU
320c0d63ca
feat: add config for job_loggers ( #18970 )
...
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2023-07-24 22:10:36 +08:00
Chlins Zhang
8ff095d68f
feat: add the configuration for quota update provider ( #18928 )
...
Add the related configurations for the quota update provider to the
harbor.yml.
Signed-off-by: chlins <chenyuzh@vmware.com>
2023-07-24 16:28:19 +08:00
MinerYang
14192dfb06
add strong_ssl_ciphers for nginx https jinja template ( #18748 )
...
Signed-off-by: yminer <yminer@vmware.com>
2023-05-29 21:57:15 +08:00
Stephan Hohn
4f3393e615
http2 enabled and ciphers changed to get an A+ rating instead of B fr… ( #16990 )
...
* Make strong cipher cfg optional
Signed-off-by: Stephan Hohn <stephan.hohn@tech11.com>
---------
Signed-off-by: Stephan Hohn <stephan.hohn@tech11.com>
Signed-off-by: MinerYang <yminer@vmware.com>
Co-authored-by: Stephan Hohn <stephan.hohn@tech11.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
Co-authored-by: MinerYang <yminer@vmware.com>
2023-05-29 10:37:57 +08:00
malmor
135ca37e3f
Add support for TLSv1.3 in nginx configurations ( #18659 )
...
Signed-off-by: malmor <62105800+malmor@users.noreply.github.com>
Co-authored-by: MinerYang <yminer@vmware.com>
2023-05-26 10:29:54 +08:00
Wang Yan
bf7c82b9a8
remove the notary from backend ( #18668 )
...
Since harbor deprecates notary since v2.9.0, this pull request targets to remove the code related with notary.
Signed-off-by: Wang Yan <wangyan@vmware.com>
2023-05-18 18:47:42 +08:00
MinerYang
2d98e8fe1e
Allow redis password using safe special characters ( #18566 )
...
allow redis password safe special characters
Signed-off-by: yminer <yminer@vmware.com>
string and None type conversion
2023-04-24 11:01:46 +08:00
Chlins Zhang
395ae77d64
fix: change the default max retry count for webhook job to 3 ( #18392 )
...
Signed-off-by: chlins <chenyuzh@vmware.com>
2023-03-22 17:36:50 +08:00
Peter Jakubis
284d58453c
Change storage_service.redirect.disabled in harbor.yml.tmpl to storage_service.redirect.deactivate ( #14615 )
...
* set to disable
Signed-off-by: Peter Jakubis <balonik32@gmail.com>
* move pr-14615 prepare migration version from 2.7.0 to 2.8.0
Signed-off-by: yminer <yminer@vmware.com>
---------
Signed-off-by: Peter Jakubis <balonik32@gmail.com>
Signed-off-by: yminer <yminer@vmware.com>
Co-authored-by: Peter Jakubis <peter.jakubis@piano.io>
Co-authored-by: Vadim Bauer <vb@container-registry.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
Co-authored-by: yminer <yminer@vmware.com>
2023-03-22 13:55:22 +08:00
stonezdj(Daojun Zhang)
46fa91f866
Fix dangling state execution ( #18272 )
...
Add max update hour and max dangling hour setting in config.yaml
Fixes #17611
Signed-off-by: stonezdj <daojunz@vmware.com>
2023-03-21 18:48:14 +08:00
Chlins Zhang
67d3f9add8
feat: support configurate the http client timeout for webhook job ( #18382 )
...
Signed-off-by: chlins <chenyuzh@vmware.com>
2023-03-21 11:54:10 +08:00
Chlins Zhang
14df2b2b60
feat: support configrate the jobservice logger sweeper duration ( #18365 )
...
Support configurate the jobservice logger sweeper duration from
harbor.yml.
Closes : #10958
Signed-off-by: chlins <chenyuzh@vmware.com>
2023-03-18 10:46:40 +08:00
MinerYang
e76aff6a0a
add external redis username config to support redis6 ACL ( #18364 )
...
add external redis username o support redis6 ACL
Signed-off-by: yminer <yminer@vmware.com>
2023-03-17 14:16:19 +08:00
stonezdj(Daojun Zhang)
5c0266e719
Get job log by job_id in worker ( #18261 )
...
Get job by job_id in redis
Get the last 10MB of data if it exceeds 10MB
Signed-off-by: stonezdj <daojunz@vmware.com>
2023-03-06 13:19:10 +08:00
stonezdj(Daojun Zhang)
d03f0dcf2d
Skip to update pull time and pull count for scanner robot account ( #17807 )
...
Add prefix for scanner robot account
Fixes #14638
Signed-off-by: stonezdj <daojunz@vmware.com>
# Conflicts:
# api/v2.0/swagger.yaml
# src/common/const.go
# src/lib/config/metadata/metadatalist.go
2023-02-20 15:09:21 +08:00
Wang Yan
738fde7d3b
remove chartmuseum backend ( #18191 )
...
Harbor deprecates chartmuseum as of v2.8.0
Epic: https://github.com/goharbor/harbor/issues/17958
Discussion: https://github.com/goharbor/harbor/discussions/15057
Signed-off-by: Wang Yan <wangyan@vmware.com>
2023-02-16 18:11:05 +08:00
Chlins Zhang
bfe4362a67
fix: remove the scan exports volume ( #18107 )
...
1. Change the Export CVE temporary file directory to /tmp.
2. Remove the scan data export volume in Dockerfile and docker-compose
yaml.
Fixes : #18067
Signed-off-by: chlins <chenyuzh@vmware.com>
2023-01-31 17:30:47 +08:00
Jianwei Guo
cb11540a14
add parameters for PostgreSQL ( #16641 )
...
Signed-off-by: sayaoailun <guojianwei007@126.com>
2022-11-30 19:08:08 +08:00
MinerYang
9ae35dbc50
add migration script for 2.7 ( #17838 )
...
add migration script for 2.7
Signed-off-by: yminer <yminer@vmware.com>
2022-11-23 17:49:55 +08:00
erismaster
ec7717e23b
Add JFrog Artifactory As Supported Proxy-Cache Registry Source ( #17738 )
...
Add JFrog Artifactory As Supported Proxy-Cache
Enables the support of JFrog Artifactory as a source for proxy-cache. I
have tested this with a local build and was able to proxy images just
fine.
Signed-off-by: Derrik Campau <dcampau@vmware.com>
Signed-off-by: Derrik Campau <dcampau@vmware.com>
2022-11-04 12:50:34 +08:00
Shengwen YU
0acfbdc7a1
feat: bump TRIVYVERSION to v0.32.1 and bump TRIVYADAPTERVERSION to v0.30.2 ( #17681 )
...
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2022-10-25 14:26:53 +08:00
MinerYang
306e780590
Add autoescape parameter for 2.5 & 2.6 jinja ( #17439 )
...
Signed-off-by: yminer <yminer@vmware.com>
update
2022-08-29 10:22:33 +08:00
Shijun Sun
83bce02e61
Refactor swagger ui ( #17428 )
...
Signed-off-by: AllForNothing <sshijun@vmware.com>
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-08-23 12:03:45 +08:00
Soumik Majumder
861ca553df
Add autoescape parameter to jinja environments ( #15770 )
...
Signed-off-by: Soumik Majumder <soumikm@vmware.com>
Signed-off-by: Soumik Majumder <soumikm@vmware.com>
2022-08-23 11:02:16 +08:00
MinerYang
bd102fbf7d
_version:2.6.0 correction in migration yml jinja ( #17328 )
...
Signed-off-by: yminer <yminer@vmware.com>
2022-08-05 16:54:16 +08:00
Wang Yan
ef8b8f0be7
resolve the cve export volumn permission ( #17157 )
...
See the right uid and gid for the scandata_exports in the prepare
Signed-off-by: Wang Yan <wangyan@vmware.com>
2022-07-12 14:52:18 +08:00
prahaladdarkin
130452111b
Vulnerability scan data export functionality ( #15998 )
...
Vulnerability Scan Data (CVE) Export Functionality
Proposal - goharbor/community#174
Closes - https://github.com/goharbor/harbor/issues/17150
Changes:
* CVE Data export to CSV with filtering support.
* Implement CSV data export job for creating CSVs
* APIs to trigger CSV export job executions
Signed-off-by: prahaladdarkin <prahaladd@vmware.com>
2022-07-11 16:35:04 +08:00
Chenyu Zhang
1a1ce634cc
Fix the process of cache layer ( #17010 )
...
fix: fix cache layer issues (#16995,#16997,#16996,#17038)
1. Load config and initialize cache layer in jobservice(for GC)
2. Cache artifact by digest the key should contains repository name
3. Repository cache cleanup error when update
4. Skip save cache when request ctx in transaction
Signed-off-by: chlins <chenyuzh@vmware.com>
2022-07-06 16:11:53 +08:00
MinerYang
8ba6a2bede
Add migration script for Harbor 2.6 ( #17116 )
...
add migration script for Harbor 2.6
Signed-off-by: yminer <yminer@vmware.com>
2022-07-06 14:08:24 +08:00
Yang Jiao
77d28105bc
Upgrade pipenv to 2022.1.8 ( #17093 )
...
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-06-28 23:40:48 +08:00
MinerYang
b11970ac3c
update install htpasswd in prepare dockerfile ( #17056 )
...
update install htpasswd in prepare dockerfle
Signed-off-by: yminer <yminer@vmware.com>
2022-06-23 16:31:37 +08:00
Chenyu Zhang
7ecd4a3f29
fix(prepare): validate expire hours when enable cache ( #16949 ) ( #16953 )
...
Signed-off-by: chlins <chenyuzh@vmware.com>
2022-06-07 13:21:47 +08:00
Wilmar den Ouden
79600f3fee
feat: enabled Github GHCR as proxy cache ( #16834 )
...
Signed-off-by: wilmardo <info@wilmardenouden.nl>
2022-06-06 15:36:16 +08:00
MinerYang
615a4cbb52
install only htpasswd binary from photon package httpd ( #16771 )
...
Signed-off-by: yminer <yminer@vmmware.com>
cpio -u
Signed-off-by: yminer <yminer@vmmware.com>
Co-authored-by: yminer <yminer@vmmware.com>
2022-04-28 13:20:03 +08:00
chlins
8c223135e7
feat: add cache layer for artifact ( #16739 )
...
Implement cache layer for resource artifact and define common
cache manager and workflow. Also add cache related options to
configuration yaml.
Signed-off-by: chlins <chenyuzh@vmware.com>
2022-04-25 18:01:45 +08:00
MinerYang
6f1f2c0395
update 2.5.0 migration script harbor.yml.jinja ( #16354 )
...
Signed-off-by: yminer <yminer@vmmware.com>
Co-authored-by: yminer <yminer@vmmware.com>
2022-02-11 17:30:06 +08:00
MinerYang
6c97d3f0c7
rollback to delete external redis username ( #16353 )
...
Signed-off-by: yminer <yminer@vmmware.com>
Co-authored-by: yminer <yminer@vmmware.com>
2022-02-11 17:28:10 +08:00
MinerYang
77b6a130f8
Add Migration Script for Harbor 2.5 ( #16346 )
...
* add Harbor2.5 migration script
Signed-off-by: yminer <yminer@vmmware.com>
* update 2_5_0 migration harbor.yml.jinja
Signed-off-by: yminer <yminer@vmmware.com>
Co-authored-by: yminer <yminer@vmmware.com>
2022-02-11 12:18:06 +08:00
MinerYang
1a2dd256b5
Add external redis username for AUTH ( #16336 )
...
* add external redis username for AUTH
* update harbor.yml.tmpl
* add external redis username for AUTH
update harbor.yml.tmpl
Co-authored-by: yminer <yminer@vmmware.com>
2022-02-09 22:06:28 +08:00
Shengwen Yu
46f97ecf6c
feat: bump TRIVYVERSION to v0.22.0 and bump TRIVYADAPTERVERSION to v0.25.0
...
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2022-01-21 09:14:07 +08:00
stonezdj
17d8b7b813
Add upload purge config to registry/config.yml
...
Enable the uploadpurging by default
Fixes #15641
Signed-off-by: stonezdj <stonezdj@gmail.com>
2022-01-04 11:15:51 +08:00
Qian Deng
69a194b2b4
Fix: using traditional PKCS#1
format RSA key
...
The openssl 3.0.0 using newer `PKCS#8` format.
But it's not compatitable with harbor core
So using tradictional format instead
Signed-off-by: Qian Deng <dengq@vmware.com>
2021-12-10 11:34:12 +08:00
Rolf Ahrenberg
5f3972f86d
Add configurable timeout for Trivy scans ( #15796 )
...
Signed-off-by: Rolf Ahrenberg <Rolf.Ahrenberg@saunalahti.fi>
2021-10-22 14:36:12 +08:00
Qian Deng
3c23926bdc
Add validation for tracing
...
* add validation of tracing in validating process
Signed-off-by: Qian Deng <dengq@vmware.com>
2021-09-27 13:10:55 +00:00
Qian Deng
354a2bd80d
Enhance the trace related code
...
* Move request id to requestid middleware
* fix span pass to child ctx on orm
* fix typos
* remove unused code
* add operation name to Transaction
Signed-off-by: Qian Deng <dengq@vmware.com>
2021-09-22 04:14:43 +00:00
Qian Deng
bad913cf6d
Refactor trace code
...
* use lib trace helper function
* add gracefull shutdown
* Add commens for new added exposed function
* Add licence on top of new created files
* Update trace library
* Update configs
* Add attribute and namespance in config
Signed-off-by: Qian Deng <dengq@vmware.com>
2021-09-18 10:58:52 +00:00
Qian Deng
6fec5b2873
Add trace to jobservice
...
* Add trace init in main
* Add env template
* Add trace for router
Signed-off-by: Qian Deng <dengq@vmware.com>
2021-09-18 10:58:52 +00:00