Commit Graph

10215 Commits

Author SHA1 Message Date
danfengliu
5f713f22fd Push harbor build images to docker-hub in build workflow
Signed-off-by: danfengliu <danfengl@vmware.com>
2021-01-11 18:24:57 +08:00
Wang Yan
2d4456c630
refractor project rbac (#13924)
As the system rbac introduced, move the code of project rbac into project directory

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-01-11 11:27:26 +08:00
Wang Yan
64e61c0d11
fix robot cannot update expirsat (#13944)
Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-01-11 11:26:05 +08:00
Ziming Zhang
5bff3e94a0 fix(immutability) swagger test case
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2021-01-11 03:21:12 +00:00
Ziming Zhang
be58c1d3ff fix(retention) swagger test case
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2021-01-11 03:21:12 +00:00
Daniel Jiang
efa63d905a
Update the reg-exp to match v2/catalog api (#13941)
A more strict check is applied such that all requests to
/v2/_catalog/...  will be verified.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-01-09 13:17:51 +08:00
Wenkai Yin(尹文开)
d86b2be033
Merge pull request #13945 from ywk253100/210107_replication
Check the stop error during the replication process
2021-01-08 17:08:42 +08:00
Wenkai Yin
7b7b5e4977 Check the stop error during the replication process
Check the stop error during the replication process

Fixes #13912

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2021-01-08 16:14:05 +08:00
Ziming Zhang
39fb500318 feat(retention) refactor to use go swagger api
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2021-01-08 07:09:28 +00:00
Will Sun
f566748c77
Fix nightly case by add to scan button (#13937)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-01-08 15:01:26 +08:00
Wenkai Yin(尹文开)
3e09eeb62b
Merge pull request #13935 from heww/delete-scan-report
chore: delete records of scan_report
2021-01-08 14:05:57 +08:00
danfengliu
b43b59cc8e
Merge pull request #13781 from danfengliu/add-py-test-for-system-robot-account
Add py test for system robot account
2021-01-08 14:03:50 +08:00
Steven Zou
1f79ce1181
Merge pull request #13554 from shaobo322/reform_compare_method
reform job status compare method
2021-01-08 12:49:39 +08:00
danfengliu
f57dc13081 Add py-test for system robot account
In this py-test, add a new system robot account, and verify all project privileges.

Signed-off-by: danfengliu <danfengl@vmware.com>
2021-01-08 12:01:53 +08:00
He Weiwei
4a326aa8b0 chore: delete records of scan_report
The report in previous scan_report records not work well the
vulnerabilities stored in the schema table, so delete the scan_report
records.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-01-08 03:39:11 +00:00
He Weiwei
755c6490f9
feat: remove duplicate CVE in scan report and summary (#13918)
1. Remove the duplicate CVE records in the report/summary for the image
index.
2. Add scanner field in the scan overview for the API.

Closes #13913

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-01-08 11:00:43 +08:00
Wenkai Yin(尹文开)
4580aeff3b
Merge pull request #13910 from mmpei/official-feature-artifact-hub-replicate
Support artifact hub replication using new API
2021-01-08 10:15:55 +08:00
He Weiwei
9402077695
feat: save summary for the scan all execution (#13931)
Compute the summary info for the scan all and save it to the extra attrs
of the execution.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-01-08 10:10:31 +08:00
Qian Deng
642d56041d
Add san for notary cert (#13928)
Signed-off-by: DQ <dengq@vmware.com>
2021-01-08 01:00:34 +08:00
Will Sun
4ea881564e
Modify UI to match scanner upgrading (#13915)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-01-07 17:16:52 +08:00
Wang Yan
0cf43d766c
enable system resource access (#13826)
1, introduce & define the system resources.
2, replace the IsSysAdmin judge method.
3, give the robot the system access capability.

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-01-07 15:45:04 +08:00
Steven Zou
be98748ca7
Merge pull request #13896 from ywk253100/210105_replication
Fix replication filter bug
2021-01-07 13:45:46 +08:00
Wenkai Yin(尹文开)
3408f0b577
Merge pull request #13909 from ywk253100/210106_task
Provide a mechanism to sweep the execution/task records in task manager
2021-01-07 13:44:21 +08:00
Will Sun
bd585481c7
Fix tag retention ui loading issue (#13905)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-01-07 10:20:12 +08:00
peimingming
28714f8b70 Support artifact hub replication using new API
Signed-off-by: peimingming <peimingming@corp.netease.com>
2021-01-06 20:46:04 +08:00
stonezdj(Daojun Zhang)
2ae57cdeb5
Merge pull request #13897 from stonezdj/210105_add_quay_proxy
Add  quay registry to proxy cache
2021-01-06 20:27:27 +08:00
He Weiwei
ed31cf9417
feat: return scan report and summary by header (#13898)
Add X-Accept-Vulnerabilities header to the list/get artifact and get
artifact vulnerability addition APIs, and these APIs will traverse the
mime types in this header and return the first report and summary found
from the mime type.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-01-06 17:54:36 +08:00
stonezdj
6b8fb8431d Add quay registry to proxy cache
Update env.jinja to add quay

Signed-off-by: stonezdj <stonezdj@gmail.com>
2021-01-06 17:22:57 +08:00
danfengliu
511bd86930
Merge pull request #13849 from danfengliu/add-gui-test-for-system-robot-account
Ad  nightly GUI test for system robot account
2021-01-06 16:59:05 +08:00
danfengliu
b5607850af
Merge pull request #13834 from danfengliu/clear-local-useless-images-in-nightly
Clear local images in nightly test
2021-01-06 16:55:22 +08:00
Wenkai Yin
fb871dbbe8 Provide a mechanism to sweep the execution/task records in task manager
Provide a mechanism to sweep the execution/task records in task manager
Fixes #13888

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2021-01-06 16:41:46 +08:00
He Weiwei
e33ff932d1
test: fix the data race in the test of scan controller (#13899)
Closes #13876

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-01-06 16:17:47 +08:00
Danfeng Liu (c)
ae05e3fdb0 Add Nightly GUI test for system robot account
1. Add GUI test for system robot account feature;
2. Fix issue of failing to catch docker pull image exception in API test.

Signed-off-by: Danfeng Liu (c) <danfengl@vmware.com>
2021-01-06 15:47:04 +08:00
stonezdj(Daojun Zhang)
b748852ee8
Merge pull request #13805 from stonezdj/201218_add_content_type_length
Add content type and length in header
2021-01-06 15:02:34 +08:00
Will Sun
a1a5ef5e20
support quay registry as proxy cache (#13902)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-01-06 14:15:15 +08:00
stonezdj
1d50be31aa Refactor Manifest cache process
Separate manifest, manifest list and image index.

Signed-off-by: stonezdj <stonezdj@gmail.com>
2021-01-06 14:01:02 +08:00
Daniel Jiang
06e993ff76
Remove scanner-pull from system admin's permission (#13901)
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-01-06 12:35:58 +08:00
Wenkai Yin
d474750e9f Fix replication filter bug
This commit fixes the bug of replication filter, see #13593 for more detail
Fixes #13593

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2021-01-06 09:36:31 +08:00
Will Sun
839c36c876
Fix bugs for robot account UI (#13894)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-01-05 22:28:56 +08:00
Wenkai Yin(尹文开)
17400acea8
Merge pull request #13853 from bitsf/retention_task_manager
feat(retention) refactor task manager
2021-01-05 18:53:09 +08:00
Ziming Zhang
8faa76a1b6 feat(retention) refactor task manager
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2021-01-05 12:08:03 +08:00
shaobo
434758b71e reform job status compare method
Signed-off-by: shaobo <shaobo@caicloud.io>
2021-01-04 21:34:53 +08:00
Daniel Jiang
d0152cb446
Merge pull request #13872 from reasonerjt/token-scope
Refine the token scope generation
2021-01-04 11:16:59 +08:00
danfengliu
076ebb5ee8 Clear local images in nightly test
Remove local image right after pushing operation, then pull operation can be triggered by docker 20.

Signed-off-by: danfengliu <danfengl@vmware.com>
2021-01-04 10:25:02 +08:00
Wang Yan
0271efd3f7
enable visible when to list/create robot (#13840)
1, enable the visible attribute when to create/list robots
2, rename package name from robot2 to robot

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-01-04 10:24:31 +08:00
Daniel Jiang
eb75123638 Refine the token scope generation
This commit directly maps the actoin permission in security context to
the scope generated by the token service in harbor-core.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-01-03 23:12:04 +08:00
Daniel Pacak
bd46af691c
chore(trivy): Bump up Trivy scanner adapter to v0.17.0 (#13639)
The adapter implements Pluggable Scanners API v1.1
and ships with Trivy v0.14.0.

There's also a tiny change in the way Trivy settings
are displayed in the scanner metadata response, i.e.
instead of com.github.aquasecurity.trivy.debugMode
it prints env.SCANNER_TRIVY_DEBUG_MODE. It makes it
explicit which env is use to set this parameter.

Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
2020-12-25 15:34:00 +08:00
Wenkai Yin(尹文开)
19ad8ad68d
Merge pull request #13823 from reasonerjt/inst-cert-home-dir
Replace tilde in install_cert.sh
2020-12-25 10:25:51 +08:00
prahaladdarkin
a890b28e1e
Store vulnerability data from scanner into a relational format (#13616)
feat: Store vulnerability report from scanner into a relational format

Convert vulnerability report JSON obtained  from scanner into a relational format describe in:https://github.com/goharbor/community/pull/145

Signed-off-by: prahaladdarkin <prahaladd@vmware.com>
2020-12-25 08:47:46 +08:00
Wang Yan
47841a04b9
fix quota cannot be updated after gc (#13844)
Signed-off-by: Wang Yan <wangyan@vmware.com>
2020-12-24 20:10:57 +08:00