Commit Graph

530 Commits

Author SHA1 Message Date
He Weiwei
3f8e06a8bc Support master role for project member create and update apis (#6780)
* Support master role for project member create and update apis

Signed-off-by: He Weiwei <hweiwei@vmware.com>

* Fix description for role_id in swagger.yaml

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2019-01-23 14:56:23 +08:00
Daniel Jiang
a1d4bfd332
Merge pull request #6344 from reasonerjt/bump-up-golang
Bump up golang to 1.11.2
2019-01-11 16:15:59 +08:00
Daniel Jiang
5d59d6fab8 Bump up golang to 1.11.2
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2019-01-11 14:44:32 +08:00
Daniel Jiang
80af81154c
Merge pull request #6702 from wy65701436/robot-db-scheme
Add DB table for robot account
2019-01-10 14:25:58 +08:00
wang yan
db09f9f101 Update token length and upper case the sql key words
Signed-off-by: wang yan <wangyan@vmware.com>
2019-01-09 10:00:54 +08:00
wang yan
362a0638d0 Add DB table for robot account
This commit is to add DB scheme for robot account and update the db orm releated.

Signed-off-by: wang yan <wangyan@vmware.com>
2019-01-08 18:46:16 +08:00
Wenkai Yin
edcbb8f29f Update the upgrade sql to rename the duplicate records
Rename the "name" colume in table "replication_policy" and "replication_target" before adding the "UNIQUE" constraint to avoid the upgrade failure

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2019-01-04 14:55:33 +08:00
overdogwatch
a8d0ab1a21 Update Dockerfile
I guess that the purpose of this check is to verify that the container is listening on port 10514. Healthcheck default timeout is 30 sec. In places where the DNS resolver is not working properly, this check could take more than 30 sec, which leads to decide that the container health is unhealthy. I advise you to add to your check the option n, which prevents netstat trying to determine the symbolic host.

Signed-off-by: overdogwatch <overdogwatch@gmail.com>
2018-12-27 09:47:48 +02:00
Qian Deng
af7b61ebd5 Add customized config file for proxy
This is a solution for product that using harbor as proxy to add customized location

Signed-off-by: Qian Deng <dengq@vmware.com>
2018-12-26 13:35:07 +08:00
Meina Zhou
d45ccbbb29 add developer center in swagger ui way
Signed-off-by: Meina Zhou <meinaz@vmware.com>
2018-12-13 15:17:38 +08:00
Daniel Jiang
481bdb01a2
Merge pull request #6409 from ninjadq/upgrade_config_2_170
Feat: Upgrade harbor.cfg from 1.6.0 to 1.7.0
2018-12-04 01:05:59 -08:00
Qian Deng
7647e688fd Feat: Upgrade harbor.cfg from 1.6.0 to 1.7.0
Add script to upgrade harbor.cfg

Signed-off-by: Qian Deng <dengq@vmware.com>
2018-12-04 10:36:11 +08:00
Steven Zou
ec2ad4d0b8
Merge pull request #6093 from cd1989/replication-record-id
Add op uuid to image replication
2018-11-30 14:54:43 +08:00
Wenkai Yin
9d5cf57373 Check the existence of name when creating replication rule and fix bugs in testing library (#6381)
1. Fix #5102 by checking the existence of name when creating/editing replication rule
2. Add unique constraint to the name of replication policy and target
3. Fix bugs of testing library

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2018-11-30 13:32:20 +08:00
James Zabala
399c9c44d8
Merge pull request #6384 from SDBrett/photon-build
Corrected errors in photon build
2018-11-29 18:08:52 -05:00
Brett Johnson
1eb64e43ef added stage alias
resolve build error 'invalid from flag value 0: repository sha256 not found: does not exist or no pull access'

Signed-off-by: Brett Johnson <brett@sdbrett.com>
2018-11-29 16:02:26 +11:00
peimingming
c67fdc40f5 Support store job log in DB (#6144)
Signed-off-by: peimingming <peimingming@corp.netease.com>
2018-11-28 15:09:29 +08:00
Wenkai Yin
fefb955cfe Drop all capabilities when starting containers
Drop all capabilities when starting containers by modifying docker-compose files to avoid security issue

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2018-11-23 15:38:21 +08:00
stonezdj(Daojun Zhang)
ae007c2a49
Merge pull request #6247 from stonezdj/trust_cert2
Install custom cert for clair, registry, chartmuseum
2018-11-12 14:07:34 +08:00
Daniel Jiang
555c0cb181
Merge pull request #6220 from stonezdj/add_util_linux
Fix issue when query psql cli failed on more command not found
2018-11-09 17:39:47 +08:00
stonezdj
0a72f3729a Install custom cert for clair, registry, chartmuseum
Signed-off-by: stonezdj <stonezdj@gmail.com>
2018-11-09 15:03:03 +08:00
Daniel Jiang
dd9bd10e68
Merge pull request #6238 from ywk253100/181108_proxy
Replace ui with core for no_proxy in harbor.cfg
2018-11-09 14:19:13 +08:00
Steven Zou
b3c87673a6
Merge pull request #6215 from steven-zou/logger_framework_job_service
Build logger framework to support configurable loggers/sweepers/getters
2018-11-08 18:15:36 +08:00
Wenkai Yin
64cb507421 Replace ui with core for no_proxy in harbor.cfg
As we split UI into two components: portal and core, the value of no_proxy needs to be updated

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2018-11-08 16:10:26 +08:00
Steven Zou
093bf9fc8a Update the job service config yaml in the installation template
Signed-off-by: Steven Zou <szou@vmware.com>
2018-11-08 10:40:39 +08:00
stonezdj
8c37b0877a Fix issue when query psql cli failed on more command
Signed-off-by: stonezdj <stonezdj@gmail.com>
2018-11-06 13:09:20 +08:00
Daniel Jiang
1e9b34325c Make rendered files less visible
Some configuration files and env files contain sensitive information,
they should not be readable by any user by default.

This commit updates the `prepare` script to update the mask of the
rendered files.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2018-11-05 15:06:00 +08:00
James Zabala
b58ff42dff
Merge pull request #6184 from wy65701436/bump-up-clair
Build clair version into clair image
2018-11-02 17:04:25 -04:00
Daniel Jiang
ec01a97eb8 Clair image should accept parms
Update the entrypoint to allow the image accept other parms,
to help debug in the future.

If replace "$*" with "$@" only one parm will be passed to dumbinit

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2018-11-01 22:25:55 -07:00
wang yan
072127a70c Build clair version into clair image
This commit is to add the clair_version into the harbor images, then clair
will use it in the user-agent, and helpful for the debugging.

Signed-off-by: wang yan <wangyan@vmware.com>
2018-10-31 16:29:06 +08:00
Daniel Jiang
39b4d011c7 Not submit scan all job when core container starts
Fixes #6115

As for the change in migration sql file, in 1.7 we'll switch to
jobservice for scheduling "scan all" job.  To avoid inconsistency,
this item will be reset and user will need to configure the policy again.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2018-10-25 19:01:52 +08:00
Steven Zou
3b76a960e1
Merge pull request #6039 from stonezdj/refact_5996
Refactor capacity
2018-10-24 10:50:11 +08:00
Stéphane Albert
0d44e4f535 Send 308 status on redirect from http to https
Modify nginx configuration to use 308 instead of 301 on the http to
https redirect.
Fix problems with some clients on POST requests that are transformed to
GET on 301 redirect (per HTTP 1.1 standard).
See [RFC7538](https://tools.ietf.org/html/rfc7538).

Signed-off-by: Stéphane Albert <sheeprine@oh.its.fake.nullplace.com>
2018-10-23 20:25:35 +02:00
Christian Witts
e9c01255da
Fix install issue with default hostname commented
Update the `grep` filter to anchor at the start of the line
and allow for whitespace characters, in order to correctly
determine the hostname being set if the default is merely
commented out and the custom one added, instead of overridden.

Fixes #6117

Signed-off-by: Christian Witts <cwitts@gmail.com>
2018-10-23 14:55:27 +02:00
Daniel Jiang
6f4f941854 Fix permission issue in rsyslog container.
This commit fixes the permission issues introduced after migration to photon:2.0 base image.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2018-10-21 21:45:42 -07:00
陈德
1ffd9d8fba Add op uuid to image replication
Signed-off-by: 陈德 <chende@caicloud.io>
2018-10-21 23:55:57 +08:00
Daniel Jiang
3d09089a9c Rebuild Harbor images based on photon:2.0 (#6054)
Make necessary change to make things work with photon 2.0 docker image.
Remove distro-sync to mitigate the build issue and add `--pull` to docker build
command to make sure the latest photon:2.0 will be pulled during build process.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2018-10-18 11:03:28 +08:00
Daniel Jiang
3c577d588c
Merge pull request #6063 from wy65701436/fix-dns
Use docker official way to unset dns search
2018-10-17 17:08:00 +08:00
wang yan
f44ff2e4c3 Remove the env GODEBUG=netdns=cgo
This env is the workaroud of dns resolver on golang 1.7.3.
Remove it is bacause of harbor is using golang 1.9.2, the bug
has already been fixed.

Signed-off-by: wang yan <wangyan@vmware.com>
2018-10-17 16:11:25 +08:00
Yan
a5e7ac9164
Upgrade notary complile golang version to 1.9.4 (#6064)
This commit is to upgrade the golang version to 1.9.4, it because a
bug of golang 17.3 could introduce one dns resolver issue for harbor
mentioned by #6031.

The bug of golang is https://github.com/golang/go/issues/15419, it makes
harbor containers to lookup 'endpoint.' firstly which may cause network
issue.

Signed-off-by: wang yan <wangyan@vmware.com>
2018-10-17 16:04:14 +08:00
wang yan
bad68c5429 Use docker official way to unset dns search
According docker official document, use 'dns_search= .' in the docker
compose file if you don't wish to set the search domain.

https://docs.docker.com/v17.09/engine/userguide/networking/default_network/configure-dns/

Signed-off-by: wang yan <wangyan@vmware.com>
2018-10-17 14:27:29 +08:00
stonezdj
0278981523 Change admin server to core in jobservice
Signed-off-by: stonezdj <stonezdj@gmail.com>
2018-10-16 19:23:12 +08:00
Yan
08ae5f2f37
Limit dns search in harbor containers (#6057)
This commit is to set dns search to null in the harbor containers,
that means the dns search domains of docker host doesn't impact
the network IO in the containers.

If do not set this, Harbor notary-server and notary-signer are resolving
the "mysql" alias to the resolv.conf search path instead of to "mysql."
for the notary-db bridge IP, see #6031.

Signed-off-by: wang yan <wangyan@vmware.com>
2018-10-16 18:34:36 +08:00
stonezdj(Daojun Zhang)
b764033fc9
Merge pull request #6007 from stonezdj/refact_5998
Change admin server to core in jobservice
2018-10-15 17:52:24 +08:00
stonezdj
79bac7a64e Change admin server to core in jobservice
Signed-off-by: stonezdj <stonezdj@gmail.com>
2018-10-15 14:56:18 +08:00
Daniel Jiang
c8cb2f8481 Create shcema migration table in DB container
The migrate tool will try to create table schema_migration upon opening
the connection to DB.  This will cause error when there are multiple
instance of adminserver trying to access the migrator upon start.
This commit move the creation of the table during the initialization of
the DB container.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2018-10-12 17:17:31 +08:00
Daniel Jiang
31096a35af Run chown to job log directory
This commit revoke part of the change introduced in commit #1fc4142, by
calling chown to job log directory within the container when the job
service bootstraps.  The reason is we are seeing permission issue in
helm-chart deployment, and we want to reduce effort to handle the
permission on different deployment approaches.

There are some code in `prepare` script to change the ownership of the
JOB_LOG directory, it will be left for now to avoid regression in VIC
integration.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2018-09-22 12:05:37 +08:00
Qian Deng
88bb461314 Reactor backend api for authrization
1. Change backend api
2. Change frontend api
3. Change the proxy config file

Signed-off-by: Qian Deng <dengq@vmware.com>
2018-09-21 14:03:17 +08:00
Qian Deng
7873a0312a Rename harbor-ui to harbor-core
1. Update the nginx.conf
2. Update Makefile
3. Update docker-compose
4. Update image name
5. Rename folder ui to core
6. Change the harbor-ui's package name to core
7. Remove unused static file on harbor-core
8. Remove unused code for harbor-portal

Signed-off-by: Qian Deng <dengq@vmware.com>
2018-09-19 16:35:13 +08:00
Wenkai Yin
89893779fb Support configuring sslmode for the connection of database (#5861)
The sslmode of the connection with postgresql is hardcoded as "disable" currently, this commit expose it as an environment variable so that users can configure it

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2018-09-14 13:05:05 +08:00