Wang Yan
bd7940217a
upgrade golang version to v1.13.8 ( #11006 )
...
The vesrion contains two security bug fix - CVE-2020-0601, CVE-2020-7919
More details, see the golang milestone:
https://github.com/golang/go/issues?q=milestone%3AGo1.13.8+label%3ACherryPickApproved
Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-11 12:20:06 +08:00
He Weiwei
41edfaf3a6
fix(api): escape path paramters before APIs and unescape them in the Prepare of operations ( #11013 )
...
1. Escape the path paramters before the APIs.
2. Unescape the path paramters in the Prepare stage of the swagger
operations.
Closes #10860
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-03-11 12:18:40 +08:00
stonezdj(Daojun Zhang)
c7fd3bdfc5
Refactor event model ( #10876 )
...
Move src/pkg/notification/model/const.go to src/pkg/notifier/model/const.go
Add auditlog handler to log project event, repo event, artifact event and tag event.
Signed-off-by: stonezdj <stonezdj@gmail.com>
2020-03-11 11:51:28 +08:00
Yogi_Wang
fe047a2ad3
[OCI] Artifact filter params changes in ui
...
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2020-03-11 11:21:08 +08:00
Wang Yan
f49994d81d
enable garbage colloection api test case ( #11000 )
...
Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-11 11:19:29 +08:00
Michael Michael
950eddad1e
Merge pull request #10847 from lucperkins/lperkins/fix-img-links
...
Fix image links
2020-03-10 08:51:35 -05:00
Steven Zou
4406ccbd29
Merge pull request #10963 from bitsf/retention_move_selectors
...
feat(pkg) move artifactselector to src/internal/selector
2020-03-10 17:54:24 +08:00
Ziming Zhang
5622a20058
feat(pkg) move artifactselector to src/internal
...
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2020-03-10 17:01:25 +08:00
Steven Zou
b2434945ff
fix[js_ut]:update stop job case of js
...
remove the status checking loop
Signed-off-by: Steven Zou <szou@vmware.com>
2020-03-10 15:54:10 +08:00
Ziming
890200ea19
feature(tag_retention) add webhook for deleted artifacts ( #10982 )
...
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2020-03-10 10:46:58 +08:00
Will Sun
cb370f8dd9
Merge pull request #10980 from AllForNothing/scan-bug
...
Fix a bug for scanning
2020-03-10 09:51:10 +08:00
Daniel Jiang
e4ad35a655
Merge pull request #10924 from bitsf/fix_version_tag
...
use unified version as tag name
2020-03-09 23:48:23 +08:00
Ziming
b0c9ec7855
feat(ci) enable trivy in CI test ( #10992 )
...
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2020-03-09 22:20:11 +08:00
Wenkai Yin(尹文开)
307dbc6fba
Accept the pagination information in the separated query string ( #10991 )
...
Accept the pagination information in the separated query string
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-09 22:19:42 +08:00
Ziming
5dd68cdc69
use codecov badge in README ( #10988 )
...
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2020-03-09 22:03:24 +08:00
Ziming
05e842270e
Merge pull request #10987 from wy65701436/add-trivy-image
...
add trivy into offline/online package
2020-03-09 19:13:45 +08:00
AllForNothing
de009f49fb
Add new parameter for GC page
...
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-03-09 17:51:00 +08:00
Ziming Zhang
695a2559be
feat(cicd) use unified version as tag name, clean more
...
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2020-03-09 17:13:28 +08:00
jwangyangls
90b766a9af
Merge pull request #10989 from jwangyangls/csrf-2-0-0
...
Csrf change to v2.0 in ui
2020-03-09 15:55:58 +08:00
Ziming Zhang
200c352c35
feat(cicd) use unified version as tag name
...
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2020-03-09 15:30:03 +08:00
Yogi_Wang
a8a7975522
Csrf change to v2.0 in ui
...
1.delete personal xsrf service
2.change to direactive get token
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2020-03-09 15:08:50 +08:00
Wenkai Yin(尹文开)
30896f3a10
Merge pull request #10968 from ywk253100/200306_artifact_query
...
Add support for querying artifact by labels and tags
2020-03-09 14:10:19 +08:00
wang yan
1b84bfde23
add trivy into offline/online package
...
Package trivy adapter image into offline image and ship dev to hub
Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-09 13:56:49 +08:00
wang yan
371f59e3e1
Bump up base version to v2.0.0
...
Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-09 12:36:22 +08:00
Daniel Jiang
6d89553c4d
Merge pull request #10937 from reasonerjt/csrf-2.0
...
Update CSRF mechanism
2020-03-09 12:31:08 +08:00
Wang Yan
073d95b89f
add scanner pull check in policy checker middleware ( #10971 )
...
Scanner uses the robot account to pull image and scan, the policy checker should bypass the
pull action even the policy enabled, otherwise the scan job will fail.
Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-09 12:11:54 +08:00
Daniel Jiang
7897fd752b
Merge pull request #10969 from reasonerjt/rm-travis
...
Remove dependency on travis-ci
2020-03-09 12:06:57 +08:00
Wenkai Yin(尹文开)
c0542776e0
Merge pull request #10961 from ywk253100/200306_replication
...
Make replication work with new artifact(phase 2)
2020-03-09 11:58:26 +08:00
Wenkai Yin(尹文开)
52c6d354d1
Merge pull request #10967 from ywk253100/200307_auth_header
...
Only set "Www-Authenticate" header for registry API
2020-03-09 11:58:09 +08:00
Wang Yan
7b8aca6cd2
Merge pull request #10973 from wy65701436/inlimited-robot
...
add no expriation limited robot account
2020-03-09 11:30:21 +08:00
Wang Yan
4c167b7a33
Merge pull request #10972 from wy65701436/conformance-fix
...
fix Conformance testing failure
2020-03-09 11:28:45 +08:00
Wenkai Yin
8bd632316c
Only set "Www-Authenticate" header for registry API
...
If "Www-Authenticate" header is set for Harbor management API, the browser will show a basic auth dialog when get 401 error, this commit moves the header to the registry APIs
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-09 10:57:42 +08:00
AllForNothing
c5e7e51b60
Fix a bug for scanning
...
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-03-09 10:52:25 +08:00
wang yan
18bd2f162c
fix Conformance testing failure
...
1, Return DIGEST_INVALID error in delete manifest instead of NOT_FOUND
2, Disable return 500 in immutable middleware
3, Return empty array in catalog and tags API instead of null
Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-09 10:29:10 +08:00
Wenkai Yin(尹文开)
75eb7a8c5a
Merge pull request #10955 from wy65701436/migrate-access
...
add sql for migrating access log
2020-03-09 10:00:08 +08:00
Wenkai Yin(尹文开)
e4bee937ff
Merge pull request #10970 from wy65701436/remove-regtoken
...
remove middleware regtoken
2020-03-09 09:41:46 +08:00
Daniel Jiang
0f0e27179b
Remove dependency on travis-ci
...
Github actions work fine, we no longer needs travi-ci to trigger the
tests.
This commit removes it.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-03-09 01:30:38 +08:00
Daniel Jiang
ae5ffce83a
Update CSRF mechanism
...
This commit replaces beego's CSRF mechanism with gorilla's csrf library.
The criteria for requests to skip the csrf check remain the same.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-03-09 01:15:54 +08:00
wang yan
b23111063d
add no expriation limited robot account
...
"-1" means the robot account is a permanent account, no expiration time set.
The ExpiresAt claim is optional, so if it's not set, it will still be considered a valid claim
Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-08 16:47:40 +08:00
Wang Yan
e86d3a728c
Merge pull request #10899 from steven-zou/fix/failure_js_ut_cases
...
fix[js]:fix ut case faulure
2020-03-07 19:10:02 +08:00
wang yan
ddc0f83ccd
remove middleware regtoken
...
Remove it since we don's use bearer token as the registry token and the skipper of scanner pull will
be covered in the robot account access scope.
Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-07 19:06:30 +08:00
Wenkai Yin
b14762ee17
Add support for querying artifact by labels and tags
...
Add support for querying artifact by labels and tags
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-07 11:32:15 +08:00
Wenkai Yin
e237a686c4
Make replication work with new artifact(phase 2)
...
Provide the resource type filter for users to choose when replicating from harbor to other registries
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-06 18:26:37 +08:00
Wang Yan
50e9d1a56e
Merge pull request #10951 from wy65701436/readonly-filter
...
skip configuration update in readonly mode
2020-03-06 16:22:14 +08:00
Wang Yan
ea45fee3fe
Merge pull request #10954 from wy65701436/fix-gc-job
...
Fix gc issue on clean the artifact trash
2020-03-06 14:47:05 +08:00
Wenkai Yin(尹文开)
63cf1041f7
Merge pull request #10941 from ywk253100/200304_query_label
...
Implement query string builder
2020-03-06 13:18:10 +08:00
wang yan
288c7790d0
add sql for migrating access log
...
1, loop each access log, change to resource/resource_type, and insert into audit log
2, loop each first push operation, change it to create repository and insert into audit log.
Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-06 12:06:12 +08:00
danfengliu
440a75228a
Merge pull request #10933 from danfengliu/API-test-of-push-helm-chart
...
Add API test python script - Push chart by Helm3 registry/chart CLI
2020-03-06 10:37:44 +08:00
wang yan
2b0b7576b2
Fix gc issue on clean the artifact trash
...
1, enable dao test for artifact trash
2, set default flush trash table to false
3, hanlder empty parameter in API call
4, add registry auth info into jobservice container
Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-06 03:11:31 +08:00
wang yan
8b4211717e
skip configuration update in readonly mode
...
Admin must have a way to switch off the readonly by call configuration api,
either internal or external.
Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-06 00:34:26 +08:00