Commit Graph

9762 Commits

Author SHA1 Message Date
Ted Guan
645dea36a6
Fix for duplicate webhook policy name (#12729)
Signed-off-by: guanxiatao <guanxiatao@corp.netease.com>
2020-08-20 18:02:13 +08:00
Will Sun
29f3ced3ff
Merge pull request #12826 from goharbor/csrf-local
CSRF token cookie -> header
2020-08-20 17:42:49 +08:00
AllForNothing
b472907362 Change storage of csrf token from cookie to localstorage
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-08-20 16:22:25 +08:00
Daniel Jiang
05afb94b9b Store csrf token in the header of response instead of cookie
The current approach will prevent the effectiveness of `Cache-Control`
header and gorilla's library add `Vary:Cookie` header in all responses.

We will set the token in a header of response so the response can be
cached when needed.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-08-20 15:46:02 +08:00
Dirk Mueller
08a4d8efd2
Update to golang 1.14.7 (#12809)
We should use a golang that isn't having security issues.

This includes:
* go1.14.6 (released 2020/07/16) includes fixes to the go command, the
compiler, the linker, vet, and the database/sql, encoding/json,
net/http, reflect, and testing packages. See the Go 1.14.6 milestone on
our issue tracker for details.

* go1.14.7 (released 2020/08/06) includes security fixes to the
encoding/binary package. See the Go 1.14.7 milestone on our issue
tracker for details (CVE-2020-16845)

Signed-off-by: Dirk Mueller <dirk@dmllr.de>
Signed-off-by: Dirk Mueller <dmueller@suse.com>
2020-08-20 15:38:35 +08:00
Will Sun
446ae4c173
Merge pull request #12817 from AllForNothing/test-2
Fix issues with label target 2.1 and RC
2020-08-20 15:13:27 +08:00
Wenkai Yin(尹文开)
d4f18139ef
Merge pull request #12618 from ywk253100/200729_tk_mgr
Refresh the status of execution for every status changing of task
2020-08-20 14:38:09 +08:00
Wenkai Yin(尹文开)
8d7d5790b8
Upload the harbor log icon as it's referenced by the released Harbor chart (#12670)
Upload the harbor log icon as it's referenced by the released Harbor chart

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-08-19 18:49:03 +08:00
He Weiwei
a6c1d023c2
Merge pull request #12805 from wy65701436/fix-resource-order
udpate resource list order
2020-08-19 17:48:24 +08:00
AllForNothing
56083cd5c9 Fix issues with label target 2.1 and RC
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-08-19 16:46:28 +08:00
wang yan
a7b9495ba0 Merge branch 'master' of https://github.com/goharbor/harbor into fix-resource-order 2020-08-19 15:30:48 +08:00
He Weiwei
d894d4c8bc
Merge pull request #12799 from wy65701436/fixes-12795
fix gc job submit issue
2020-08-19 15:27:02 +08:00
Will Sun
c35a39d432
Merge pull request #12814 from AllForNothing/ui-ut
Improve UI UT for artifact list page
2020-08-19 15:08:19 +08:00
AllForNothing
2b441a7ee5 Improve UI UT for artifact list page
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-08-19 12:45:39 +08:00
wang yan
1cc73bd92a Merge branch 'master' of https://github.com/goharbor/harbor into fix-resource-order 2020-08-19 12:21:45 +08:00
wang yan
648b80bc34 udpate resource list order
1, order label by creation time.
2, order webhook policy by creation time.
3, order replication policy by creation time.

Signed-off-by: wang yan <wangyan@vmware.com>
2020-08-19 11:20:31 +08:00
Steven Zou
c1b6be6ac9
Merge pull request #12801 from heww/fix-issue-9471
refactor(scan): remove duplicate CVESet types
2020-08-19 10:37:10 +08:00
Ted Guan
eb317fb8cb
tag retention webhook support (#12749)
Signed-off-by: guanxiatao <guanxiatao@corp.netease.com>
2020-08-19 00:07:45 +08:00
Wang Yan
af0f36a153
add timeout for CI (#12803)
Add 1 hour(60 minutes) as the timeout of gitactions.

Signed-off-by: wang yan <wangyan@vmware.com>
2020-08-18 17:49:30 +08:00
stonezdj(Daojun Zhang)
f7e1d186e0
Merge pull request #12792 from ywk253100/200814_proxy_cache
Return 403 when trying to push artifacts into the proxy cache project…
2020-08-18 16:22:51 +08:00
stonezdj(Daojun Zhang)
716625a769
Merge pull request #12793 from ywk253100/200816_disable_tag
Disable the tag creation for the artifact under a proxy cache project
2020-08-18 16:15:33 +08:00
He Weiwei
ef37bd1afb refactor(scan): remove duplicate CVESet types
Closes #9471

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-08-18 06:33:17 +00:00
wang yan
44f7bf6739 fix gc job submit issue
fixes #12795
Return 409 on triggering a GC job when there is a job ongoing.

Signed-off-by: wang yan <wangyan@vmware.com>
2020-08-18 14:31:54 +08:00
Wang Yan
60427e7187
build base image in CI (#12750)
In git action, use the local build base images instead of pulling from docker hub.

Signed-off-by: wang yan <wangyan@vmware.com>
2020-08-18 14:11:52 +08:00
Wang Yan
da52e677e5
remove robot accounts when to delete a project (#12789)
The robots associate with the project should be removed after the project is deleted.

Signed-off-by: wang yan <wangyan@vmware.com>
2020-08-18 10:38:45 +08:00
Daniel Jiang
77281ca68b
Token service handling invalid resource (#12790)
This commit updates the way token service handles invalid resource, for
example a resource without projectname.
It will clear the requested access instead of returning 500 error.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-08-18 10:37:20 +08:00
Will Sun
89b597a811
Merge pull request #12783 from AllForNothing/p2p-4
Fix UI bugs found on testing day for target 2.1
2020-08-18 10:29:52 +08:00
Will Sun
9671ff1f10
Merge pull request #12701 from AllForNothing/artifact-icon
get artifact icon from backend API
2020-08-18 10:29:15 +08:00
Steven Zou
3364f76d99
Merge pull request #12698 from kofj/fix_p2p_policy_delete
[FIX] Delete executions of the P2P policy.
2020-08-17 22:18:16 +08:00
fanjiankong
09ba463cc7 Fix.
Signed-off-by: fanjiankong <fanjiankong@tencent.com>
2020-08-17 21:40:37 +08:00
He Weiwei
16d1613b10
Merge pull request #12786 from heww/fix-artifact-scan-permission
fix(scan): fix the permission checking for artifact scanning
2020-08-17 18:30:18 +08:00
He Weiwei
f659523f50 fix(scan): fix the permission checking for artifact scanning
Closes #12778

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-08-17 09:55:38 +00:00
Wenkai Yin
0fd230c2d6 Refresh the status of execution for every status changing of task
Refresh the status of execution for every status changing of task to support filtering executions by status directly

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-08-17 17:38:55 +08:00
AllForNothing
b664c3c235 Fix UI bugs found on testing day for target 2.1
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-08-17 15:22:18 +08:00
He Weiwei
929fc8b3f7
Merge pull request #12787 from chlins/fix/preheat-get-log-api
fix(preheat): fix the swagger definition of preheat get log api
2020-08-17 14:54:12 +08:00
Wenkai Yin(尹文开)
2de10700d8
Merge pull request #12762 from monofone/10712-remove-forgot-password
remove reset password dialog from sign-in component
2020-08-17 14:24:36 +08:00
chlins
4f95c4d067 fix(preheat): fix the swagger definition of preheat get log api
Signed-off-by: chlins <chlins.zhang@gmail.com>
2020-08-17 12:41:02 +08:00
AllForNothing
e6541672d5 get artifact icon from backend API
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-08-17 10:21:47 +08:00
Wenkai Yin
e9ce631aa3 Disable the tag creation for the artifact under a proxy cache project
Disable the tag creation for the artifact under a proxy cache project
Fixes #12713

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-08-16 22:02:30 +08:00
Wenkai Yin
a73742c0a7 Return 403 when trying to push artifacts into the proxy cache project to avoid the retrying in the docker client
Return 403 when trying to push artifacts into the proxy cache project to avoid the retrying in the docker client
fixes #12731

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-08-16 21:22:22 +08:00
He Weiwei
0921beaf4c
Merge pull request #12707 from heww/gen-project-apis
refactor(api): generate project apis by go-swagger
2020-08-16 00:56:23 +08:00
He Weiwei
f309896f2f refactor(api): generate project apis by go-swagger
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-08-15 16:10:57 +00:00
Wenkai Yin(尹文开)
6c168174bd
Merge pull request #12683 from ywk253100/200804_icon
Implement the icon API to get the icon of artifact
2020-08-15 09:18:34 +08:00
Wenkai Yin
b1ddb5e2cc Implement the icon API to get the icon of artifact
Implement the icon API to get the icon of artifact

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-08-15 08:40:38 +08:00
stonezdj(Daojun Zhang)
205f4f6695
Merge pull request #12768 from stonezdj/200813_bug12741
Use orm.Context instead request context in background go routing
2020-08-14 21:15:15 +08:00
stonezdj
ff937e90d3 Use orm.Context instead request context in background go routing
Fixes #12741,
Avoid use ctx info in event handler because it is background go routine

Signed-off-by: stonezdj <stonezdj@gmail.com>
2020-08-14 15:25:06 +08:00
Wenkai Yin(尹文开)
3b7a2e11b4
Merge pull request #12751 from ywk253100/200812_migration
Use a separated database table to store the data version
2020-08-14 12:52:52 +08:00
Wenkai Yin
cca1dcca51 Use a separated database table to store the data version
Use a separated database table to store the data version.
Fixes #12747

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-08-14 11:38:13 +08:00
danfengliu
5cb239af1e
Fix echo parameter issue (#12775)
Signed-off-by: danfengliu <danfengl@vmware.com>
2020-08-14 10:23:58 +08:00
danfengliu
e1eac2b4d0
Merge pull request #12688 from danfengliu/fix-upgrade-test-wrong-keyword-issue
Fix wrong keyword issue in upgrade test
2020-08-14 10:11:37 +08:00