kunw
f2a1659d96
Merge remote-tracking branch 'upstream/dev' into dev-revised
2017-03-08 15:36:05 +08:00
Aron Parsons
8ab45d439b
label volumes for SELinux
...
allow Harbor to run when dockerd is running with --selinux-enabled
example AVC denials:
type=AVC msg=audit(1488384855.681:154671): avc: denied { read } for pid=454 comm="registry" name="config.yml" dev="dm-8" ino=12583048 scontext=system_u:system_r:svirt_lxc_net_t:s0:c298,c958 tcontext=system_u:object_r:default_t:s0 tclass=file
type=AVC msg=audit(1488384855.681:154671): avc: denied { open } for pid=454 comm="registry" path="/etc/registry/config.yml" dev="dm-8" ino=12583048 scontext=system_u:system_r:svirt_lxc_net_t:s0:c298,c958 tcontext=system_u:object_r:default_t:s0 tclass=file
type=AVC msg=audit(1488384855.687:154672): avc: denied { append } for pid=350 comm=72733A6D61696E20513A526567 name="registry.log" dev="dm-5" ino=4315920 scontext=system_u:system_r:svirt_lxc_net_t:s0:c599,c800 tcontext=system_u:object_r:default_t:s0 tclass=file
type=AVC msg=audit(1488384856.895:154702): avc: denied { remove_name } for pid=708 comm="mysqld" name="4691d4d62464.lower-test" dev="dm-12" ino=402656159 scontext=system_u:system_r:svirt_lxc_net_t:s0:c149,c797 tcontext=system_u:object_r:default_t:s0 tclass=dir
type=AVC msg=audit(1488384856.926:154703): avc: denied { lock } for pid=708 comm="mysqld" path="/var/lib/mysql/ibdata1" dev="dm-12" ino=402656097 scontext=system_u:system_r:svirt_lxc_net_t:s0:c149,c797 tcontext=system_u:object_r:default_t:s0 tclass=file
type=AVC msg=audit(1488384857.958:154736): avc: denied { open } for pid=924 comm="harbor_jobservi" path="/etc/jobservice/app.conf" dev="dm-8" ino=142 scontext=system_u:system_r:svirt_lxc_net_t:s0:c102,c158 tcontext=system_u:object_r:default_t:s0 tclass=file
type=AVC msg=audit(1488384858.089:154737): avc: denied { read } for pid=1017 comm="nginx" name="nginx.conf" dev="dm-8" ino=4194445 scontext=system_u:system_r:svirt_lxc_net_t:s0:c847,c996 tcontext=system_u:object_r:default_t:s0 tclass=file
type=AVC msg=audit(1488384858.089:154737): avc: denied { open } for pid=1017 comm="nginx" path="/etc/nginx/nginx.conf" dev="dm-8" ino=4194445 scontext=system_u:system_r:svirt_lxc_net_t:s0:c847,c996 tcontext=system_u:object_r:default_t:s0 tclass=file
2017-03-03 14:13:39 -05:00
Wenkai Yin
a4cb261df9
read some configs from env
2017-03-02 13:24:41 +08:00
kunw
dbce11ce42
Updates for node clarity build.
2017-03-01 17:14:09 +08:00
kunw
f517502193
Merge remote-tracking branch 'upstream/dev' into dev-revised
2017-02-28 12:17:34 +08:00
kunw
f01569c4dd
Updates for clarity docker-compose files.
2017-02-27 22:07:39 +08:00
Tan Jiang
6454ccfc3a
fix the 'v2' URL conflict issue, and remove the work around in token service code
2017-02-27 21:01:26 +08:00
Wenkai Yin
5b885a7ad6
Merge pull request #1469 from yhua123/dev
...
fix #1332
2017-02-27 19:21:25 +08:00
yhua
9f18c8458b
fix #1332
2017-02-27 18:52:22 +08:00
Steven Zou
2e20a65121
Merge pull request #1458 from wknet123/harbor-clarity-integration
...
Merge Harbor clarity integration to into Dev branch.
2017-02-27 16:20:22 +08:00
kunw
46cef020eb
Rename directory name.
2017-02-27 11:41:46 +08:00
Tan Jiang
7620cd3b86
refactor token service
2017-02-26 19:53:13 +08:00
kunw
23f0ff1ea5
Refactor Harbor Clarity integration code structure.
2017-02-24 17:54:50 +08:00
Wenkai Yin
9f3f48be59
add harbor network to adminserver
2017-02-24 14:35:11 +08:00
kunw
914255d6c2
Updates for docker-compose sources.
2017-02-24 14:12:45 +08:00
Wenkai Yin
414e8a8bcf
Merge remote-tracking branch 'upstream/dev' into 170224_merge_config
...
Conflicts:
make/docker-compose.tpl
src/ui/service/token/authutils.go
2017-02-24 13:52:19 +08:00
Wenkai Yin
a1858098c5
using different secret to mark himself when communicates with other components
2017-02-23 18:24:32 +08:00
Daniel Jiang
ef34b96256
Merge pull request #1422 from ywk253100/170221_secretkey
...
Encrypt the passwords in configuration file
2017-02-23 10:25:39 +08:00
kun wang
f4d35414d2
Merge pull request #1425 from wknet123/harbor-clarity-integration
...
Updates for building node-clarity image.
2017-02-22 18:31:42 +08:00
kunw
bb674ea977
Updates for building node-clarity image.
2017-02-22 18:30:37 +08:00
Wenkai Yin
40eb6bb7d3
encrypt passwords enhancement
2017-02-22 16:59:28 +08:00
kunw
3a621faba3
Fixed some issues and merged latest codes.
2017-02-22 13:03:05 +08:00
Steven Zou
668f39c732
Merge pull request #1419 from wknet123/harbor-clarity-integration
...
Fixed some issues and merged latest codes.
2017-02-22 12:27:28 +08:00
Steven Zou
e829b04f1f
Merge pull request #1407 from wknet123/harbor-clarity-integration
...
Harbor Clarity UI integration.
2017-02-22 11:26:23 +08:00
kunw
3c112f2a2c
Harbor Clarity UI integration.
2017-02-21 14:54:42 +08:00
Wenkai Yin
bf39b3a956
modify Makefile of Harbor based on photon ( #1404 )
...
LGTM
2017-02-21 13:45:12 +08:00
Tan Jiang
8cbfffa9c8
deploy notary within Harbor
2017-02-20 19:31:28 +08:00
Tan Jiang
c3c1b84ed1
preparae --conf instead of -conf
2017-02-20 13:21:29 +08:00
Wenkai Yin
390f89ee0a
encrypt passwords and secret
2017-02-17 18:23:21 +08:00
Daniel Jiang
a17cd5bcfe
add a default network for containers in harbor ( #1384 )
...
LGTM
2017-02-16 14:51:21 +08:00
Wenkai Yin
2e3174f404
update
2017-02-15 15:28:50 +08:00
Wenkai Yin
06519bb3f2
update
2017-02-13 17:17:46 +08:00
Wenkai Yin
6dc6b4fa79
update Makefile
2017-02-10 17:03:21 +08:00
Tan Jiang
27802f7620
Merge branch 'master' into dev
2017-01-24 12:16:53 +08:00
Wenkai Yin
f1f78a5649
update
2017-01-19 17:56:08 +08:00
Kira
00259567a8
update kubernetes deployment
2017-01-16 12:06:35 +08:00
Wenkai Yin
75f660fa77
Merge remote-tracking branch 'upstream/dev' into 161228_config
...
Conflicts:
make/common/templates/ui/env
src/ui/auth/ldap/ldap.go
src/ui/config/config.go
2017-01-12 17:41:14 +08:00
Wenkai Yin
b62a958250
configure harbor
2017-01-12 17:15:32 +08:00
yhua
4c213a8717
remove openldap lib from Dockerfile and support build with offcial golang image(1.7.3)
2017-01-04 17:48:20 +08:00
Ricardo Katz
160e22f0fe
Changes LDAP Library and other LDAP improvements ( #1277 )
...
* Changes LDAP library to go-ldap and creates new ldap timeout directive
* Add support for connection on LDAP using TLS
2016-12-30 16:03:30 +08:00
Wenkai Yin
111638ae8e
Merge pull request #1249 from yhua123/dev-update-registry
...
update registry from 2.5.0 to 2.5.1
2016-12-16 18:03:53 +08:00
Wenkai Yin
3717b37dca
Merge pull request #1251 from yhua123/dev-update-golang
...
upgrade golang baseimage from 1.6.2 to 1.7.3
2016-12-16 17:27:24 +08:00
yhua
0249f2181a
update registry from 2.5.0 to 2.5.1
2016-12-15 16:50:50 +08:00
yhua
10306e784b
upgrade golang baseimage from 1.6.2 to 1.7.3
2016-12-15 13:16:14 +08:00
yhua123
0d09379fb7
Merge branch 'dev' into dev
2016-12-12 15:11:00 +08:00
yhua
90be98bc5d
add 'data_volume' in harbor.cfg
2016-12-12 14:35:28 +08:00
Wenkai Yin
d6d4711700
1.fix issue: deleting repo action will fall in deadlock between two Harbor if they are configured to sync to each other 2. Filter notification request in nginx
2016-12-09 18:10:20 +08:00
dejwsz
719072e0ba
remove rsyslogd.pid before start to allow container restarts
...
This change mitigate problems with container restarts (stop, start) or automatic restart after host machine restart. Rsyslogd strictly checks existence of its pid file and won't start if such one exists.
2016-12-01 15:31:14 +01:00
kunw
dc6d3e552c
Update comment.
2016-11-24 17:50:41 +08:00
kunw
4d916e7127
Update for email_identity setting.
2016-11-24 15:48:36 +08:00
Tan Jiang
b868634007
update version of photon OS to 1.0 in Docker files
2016-11-21 16:15:43 +08:00
Tan Jiang
35407d12db
update TOKEN_URL to TOKEN_ENDPOINT
2016-11-18 16:37:46 +08:00
Wenkai Yin
8523db5427
make cert dir
2016-11-17 16:14:22 +08:00
Wenkai Yin
e4bf4af9ba
mkdir if it does not exist
2016-11-17 15:09:12 +08:00
Wenkai Yin
f867ff42a0
Merge pull request #1099 from ywk253100/161115_https
...
Generate self-signed certificate
2016-11-17 12:59:28 +08:00
Daniel Jiang
ffbe980622
Merge pull request #1101 from reasonerjt/config-refactory
...
Config refactory
2016-11-16 22:00:20 +08:00
Wenkai Yin
ce56ff2fae
generate self-signed certificate
2016-11-16 21:42:31 +08:00
Tan Jiang
5ea0e50f0f
reset to default value in harbor.cfg
2016-11-16 20:42:29 +08:00
Tan Jiang
9d7a18a0a3
fix issue in golint, support project creation restriction at backend
2016-11-16 20:31:04 +08:00
kunw
e367ec24a8
Merge remote-tracking branch 'upstream/dev' into dev-volume-info
2016-11-16 14:23:27 +08:00
Tan Jiang
0e3cb2e3f4
ui config refactory
2016-11-16 13:33:14 +08:00
Tan Jiang
c34b2872bc
config refactory for common pkg
2016-11-16 13:33:14 +08:00
kunw
c1c5ba8157
Update for adding timestamp to JS file name to avoid browser cache.
2016-11-14 18:27:56 +08:00
Daniel Jiang
0025134a91
Merge pull request #1039 from yhua123/dev
...
modify prepare for genrate all common/config files from template
2016-11-11 22:38:44 +08:00
yhua
20873a9d17
remove 2 cert file delete action, already delete previous
2016-11-11 16:08:49 +08:00
Daniel Jiang
a44a399761
Merge pull request #1046 from ywk253100/161109_cert_path
...
Fixes #1002
2016-11-10 08:26:17 +08:00
yhua
f19e19eaf0
move root.crt and private_key.pem to template
2016-11-09 18:21:28 +08:00
Wenkai Yin
5d183da0f9
fixes #1002
2016-11-09 18:12:00 +08:00
kunw
55b98f9abd
Merge remote-tracking branch 'upstream/dev' into dev-volume-info
2016-11-09 14:53:26 +08:00
kun wang
126b7fae55
Merge pull request #1023 from fillet54/add-mail-identity-config
...
Make mail identity configurable
2016-11-09 14:35:09 +08:00
yhua
09b62157cf
modify prepare for genrate all common/config files from template
2016-11-08 17:40:19 +08:00
Daniel Jiang
5a0c203557
Merge pull request #1017 from reasonerjt/dev
...
set secure flag for cookie
2016-11-07 11:01:40 +08:00
Phillip Gomez
0dfce1d837
Make mail identity configurable
...
The identity field parameter passed to smtp.SendMail is now
configurable instead of being hardcoded to 'Mail Config'.
This fixes issue #900
2016-11-06 18:05:46 -08:00
Tan Jiang
b92b1036bf
set secure flag for cookie
2016-11-05 00:08:37 +08:00
Wenkai Yin
018b32a1b4
update nginx in Makefile
2016-11-03 14:48:50 +08:00
Wenkai Yin
4fcfffeb47
upgrade nginx to 1.11.5
2016-11-02 15:49:28 +08:00
kunw
560b41b5e6
Merge remote-tracking branch 'upstream/dev' into dev-volume-info
2016-11-02 12:46:57 +08:00
Tan Jiang
7f55520b27
Merge remote-tracking branch 'upstream/dev' into dev
2016-10-28 22:44:59 +08:00
Tan Jiang
b75844e622
update ciphers for nginx
2016-10-28 18:48:12 +08:00
Daniel Jiang
098643303f
Merge pull request #952 from ywk253100/161026_log_rotate
...
Log rotate
2016-10-28 12:59:54 +08:00
Wenkai Yin
0689935da4
log rotate
2016-10-26 18:26:02 +08:00
yhua
a6e7a6ba45
fix baseimage issue
2016-10-26 13:46:22 +08:00
yhua
03e2a3ee56
remove tag in docker-compose.yml
2016-10-26 13:09:12 +08:00
kunw
811401f40e
Added volume info of UI.
2016-10-25 12:44:27 +08:00
yhua
271787dd94
update for fix #925
2016-10-24 16:51:42 +08:00
yhua
ebc852b7cc
fix #924 #925
2016-10-24 16:48:48 +08:00
yhua
1043ec063d
rm binary
2016-10-24 14:18:56 +08:00
yhua
69797c30f2
fix pushimage, update .gitignore, add DEVFLAG
2016-10-24 14:06:23 +08:00
yhua
311cf8da07
change code 20161019
2016-10-21 18:39:10 +08:00