harbor

mirror of https://github.com/goharbor/harbor.git synced 2024-11-16 23:35:20 +01:00

Author	SHA1	Message	Date
Wenkai Yin	d6c6231e08	Implement the retention client Implement the retention client Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-07-17 14:04:29 +08:00
stonezdj	bb2ae7c093	Add HTTP group feature Signed-off-by: stonezdj <stonezdj@gmail.com>	2019-07-16 15:38:46 +08:00
Ziming Zhang	c22c38994a	retention api Change-Id: I70f2c34d6bb96ecf4cb5359e2b1ab2dbb99fdbf9 Signed-off-by: Ziming Zhang <zziming@vmware.com>	2019-07-16 15:06:37 +08:00
Wang Yan	8ac6bdbbb0	Add quota workflow for quota 1, apply count for manifest if it's a new image 2, insert data for artifact and artifact_blob Signed-off-by: wang yan <wangyan@vmware.com>	2019-07-16 14:48:05 +08:00
wang yan	f066d986b9	merge with latest master code	2019-07-11 20:21:15 +08:00
Wenkai Yin	91b050a01b	Implement the launcher The commit implements the launcher for tag retention Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-07-11 17:18:46 +08:00
Wenkai Yin(尹文开)	3bebf7bc64	Merge pull request #8238 from reasonerjt/project-cve-whitelist Enable project level CVE whitelist	2019-07-10 14:41:01 +08:00
wang yan	6d0271ee5c	Merge branch 'master' of https://github.com/goharbor/harbor into project-quota-dev	2019-07-10 10:57:10 +08:00
wang yan	7b38389898	update codes per review comments Signed-off-by: wang yan <wangyan@vmware.com> fix middlewares per review comments 1, add scheme1 and scheme2 check 2, change MustCompile to Compile Signed-off-by: wang yan <wangyan@vmware.com>	2019-07-09 11:08:19 +08:00
wang yan	b3c5137a2f	add copyright and fix codecy Signed-off-by: wang yan <wangyan@vmware.com>	2019-07-09 11:08:19 +08:00
wang yan	57821b1b4c	Refactor interceptors code with chain 1, add a blob inteceptors for quota usage 2, add a manifest inteceptors for quota usage Signed-off-by: wang yan <wangyan@vmware.com>	2019-07-09 11:08:11 +08:00
Daniel Jiang	8f5f0031c7	Enable project level CVE whitelist This commit update the project API to support "reuse_sys_cve_whitelist" setting in project metadata and "cve_whitelist" in project request. Also modify the interceptor to support project level CVE whitelist if the reuse flag is false. Signed-off-by: Daniel Jiang <jiangd@vmware.com>	2019-07-08 18:55:54 +08:00
Daniel Jiang	c296f0ddfb	Merge pull request #8176 from stonezdj/http_group Refactor LDAP usergroup	2019-07-08 09:54:31 +08:00
stonezdj	c0ed55445d	Refactor LDAP group Signed-off-by: stonezdj <stonezdj@gmail.com>	2019-07-05 14:44:18 +08:00
Daniel Jiang	8a9d352f54	Handle helm push in OIDC filter Fixes #8130 Enable OIDC filter to handle requests to /api/chartrepo/* Signed-off-by: Daniel Jiang <jiangd@vmware.com>	2019-07-03 17:29:37 +08:00
Daniel Jiang	5d887ad0d8	Merge pull request #8179 from reasonerjt/interceptor-use-whitelist Apply CVE white list in interceptor	2019-07-03 15:12:33 +08:00
Daniel Jiang	bba4b2a6a4	Apply CVE white list in interceptor Interceptor will filter the vulnerability in whitelist while calculating the serverity of an image and determine whether or not to block client form pulling it. It will use the system level whitelist in this commit, another commit will switch to project level whitelist based on setting in a project. Signed-off-by: Daniel Jiang <jiangd@vmware.com>	2019-07-03 14:13:00 +08:00
Daniel Jiang	6f166bc02c	Merge pull request #8154 from markpeek/markpeek-registry-health-check Switch registry health check to a 200 response url	2019-07-03 10:29:35 +08:00
He Weiwei	720dcc72bd	Fix read permission of project member read api Signed-off-by: He Weiwei <hweiwei@vmware.com>	2019-07-02 14:40:46 +08:00
mmpei	5dfc3f2402	Optimize fetch manifest loop when handling notification Signed-off-by: mmpei <peimingming@corp.netease.com>	2019-07-01 17:54:52 +08:00
Steven Zou	5521b7b7ad	Merge pull request #7915 from bitsf/replication_ecr_1.9 aws driver for replication	2019-06-27 11:24:54 +08:00
Wenkai Yin(尹文开)	fce920bbee	Merge pull request #8075 from reasonerjt/sys-vuln-whitelist-api API for system level vulnerability whitelist	2019-06-27 10:53:09 +08:00
Mark Peek	3cae31da54	Switch registry health check to a 200 response url The health check for the registry was using "/v2" which returned an unauthorized response and put additional errors in the logs. Switch to using "/" which returns an OK response with reduced logging. Signed-off-by: Mark Peek <markpeek@vmware.com>	2019-06-26 14:23:08 -07:00
Daniel Jiang	4aca812ff2	API for system level vulnerability whitelist Signed-off-by: Daniel Jiang <jiangd@vmware.com>	2019-06-26 23:35:40 +08:00
Ziming Zhang	072bdd101b	aws driver for replication Change-Id: I8792ffce2eaa5975359bb6159a1ba7b85926a925 Signed-off-by: Ziming Zhang <zziming@vmware.com>	2019-06-25 19:11:27 +08:00
guanxiatao	b40ee6edc9	Set Event.Type value to event.EventTypeImageDelete instead of event.EventTypeImagePush when deleting Signed-off-by: guanxiatao <guanxiatao@corp.netease.com>	2019-06-20 09:39:45 +08:00
Steven Zou	9bac5e602d	Merge pull request #8030 from ywk253100/190605_replication_bugfix Fix replication bug	2019-06-13 19:12:29 +08:00
Wenkai Yin	5fef7585c7	Fix replication bug Fixes #7875, fixes #7968 Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-06-13 17:17:29 +08:00
Daniel Jiang	c928924fa5	Merge pull request #8003 from reasonerjt/bump-up-go112 Bump up to go 1.12.5 enable go.mod	2019-06-11 13:21:32 +08:00
wang yan	a4b202d656	remove the id in the post body when to create a robot account Signed-off-by: wang yan <wangyan@vmware.com>	2019-06-11 10:47:56 +08:00
Daniel Jiang	737eaa396c	Bump up to go 1.12.5 enable go.mod This commit bumps up the version of Go to compile the code to v1.12.5, and shifts to go.mod for managing depedency. Some code from "harbor/tests" to "harbor/src/testing" to avoid depedency loop of modules. Note that in short term we will still vendor the dependency. Signed-off-by: Daniel Jiang <jiangd@vmware.com>	2019-06-11 00:42:20 +08:00
Qian Deng	592e40bacf	Merge pull request #7859 from wy65701436/return-robot-id Return account id when to issue a robot	2019-05-29 10:55:20 +08:00
wang yan	15ca9bfb81	Add ensure settings when to search user in auth proxy This issue is regresssion that introduced by `f92bc8076d (diff-42381e6df5f17ebd3d9165a325d5d8f4)`, the a.ensure() was removed from SearchUser(), which leads to the alwaysonboard cannot be updated. Signed-off-by: wang yan <wangyan@vmware.com>	2019-05-22 17:16:16 +08:00
wang yan	056cfc7e31	Return account id when to issue a robot Signed-off-by: wang yan <wangyan@vmware.com>	2019-05-22 10:39:26 +08:00
wang yan	2068732eef	add validation for robot account registration Signed-off-by: wang yan <wangyan@vmware.com>	2019-05-15 15:03:35 +08:00
Wang Yan	3be14b7997	fix issue7793: ping ldap server is always success (#7795 ) Signed-off-by: stonezdj <stonezdj@gmail.com>	2019-05-15 11:35:57 +08:00
Wenkai Yin	e399ffca54	Merge pull request #7799 from reasonerjt/oidc-onboard-user-name Set the real name of OIDC user when onboarding	2019-05-15 11:35:42 +08:00
Daniel Jiang	5f11dbe675	Set the real name of OIDC user when onboarding Signed-off-by: Daniel Jiang <jiangd@vmware.com>	2019-05-15 00:44:51 +08:00
stonezdj	99c0a5a498	fix issue7793: ping ldap server is always success Signed-off-by: stonezdj <stonezdj@gmail.com>	2019-05-14 19:20:54 +08:00
Qian Deng	f607c5177d	Fix frontend failure caused by absolute path Fix failures because front downlowd chart using relative path Signed-off-by: Qian Deng <dengq@vmware.com>	2019-05-14 13:22:06 +08:00
Qian Deng	cd6c5a9f10	Enable absolute url in helm chart assign public_url to chart-url remove namespace merge in index.yaml Signed-off-by: Qian Deng <dengq@vmware.com>	2019-05-14 12:56:20 +08:00
Daniel Jiang	e963ee88c7	Update login controller to return 403 for redirection As the UI cannot handle 302, update the login controller to return 403 and put the redirection URL in a json response body. Signed-off-by: Daniel Jiang <jiangd@vmware.com>	2019-05-13 18:16:06 +08:00
Daniel Jiang	d81afe274c	Add filter to handle request with ID token (#7759 ) This commit allows request with a valid ID token to access the API. Signed-off-by: Daniel Jiang <jiangd@vmware.com>	2019-05-10 16:58:25 +08:00
Wenkai Yin	8348c1fa4b	Merge pull request #7635 from heww/validation-failed-status-code Return 400 status code for validation failed	2019-05-10 14:22:05 +08:00
He Weiwei	58cbaaace8	Return 400 status code for validation failed Signed-off-by: He Weiwei <hweiwei@vmware.com>	2019-05-10 10:35:25 +08:00
Wang Yan	774a9f8d75	Remove unused configure item cfg_expiration (#7744 ) Signed-off-by: wang yan <wangyan@vmware.com>	2019-05-09 22:07:18 +08:00
wang yan	5c12c7713d	Return 200 when to post an none schedule 1, Throw the error of job service to UI when to create job schedule. 2, Return 200 when to save none without schedule. Fixed #7675 Signed-off-by: wang yan <wangyan@vmware.com>	2019-05-09 13:32:46 +08:00
Daniel Jiang	cbbf2ea973	Redirect regular user to OIDC login page (#7717 ) When the auth mode is OIDC, when a user login via Harbor's login form. If the user does not exist or the user is onboarded via OIDC, he will be redirected to the OIDC login page. Signed-off-by: Daniel Jiang <jiangd@vmware.com>	2019-05-09 10:53:40 +08:00
Wang Yan	095f7b2ff7	add scan all and gc schedule migration (#7628 ) * add scan all and gc schedule migration Signed-off-by: wang yan <wangyan@vmware.com> * Fix gofmt errors Signed-off-by: wang yan <wangyan@vmware.com> * Update code according to review comments Signed-off-by: wang yan <wangyan@vmware.com> * remove convertschedule return name just return value Signed-off-by: wang yan <wangyan@vmware.com>	2019-05-08 19:11:33 +08:00
Daniel Jiang	58aed3dde9	Merge pull request #7707 from renmaosheng/harbor-6838 Don't display password when calling api/users API.	2019-05-08 12:50:39 +08:00
Steven Ren	8311ff729a	Don't display password when calling api/users API. This change fixes github issue 6838 Signed-off-by: Steven Ren <stevenr@stevenr-a01.vmware.com>	2019-05-07 18:40:36 +08:00
wang yan	ab08a576e4	add multiple manifest intercepetor handler 1, Add a interceptor to block request to upload manifest list 2, Discard notiification without tag. Signed-off-by: wang yan <wangyan@vmware.com>	2019-05-07 16:10:09 +08:00
Wenkai Yin	d27a6c0335	Fix a few bugs of replication (#7619 ) 1. handle the public/private property when creating the projects 2. extend the length of access_secret 3. update the task status by using orm functions Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-05-07 10:47:14 +08:00
stonezdj(Daojun Zhang)	86bfd7a733	fix issue7637: /api/systeminfo cannot return 500 when DB is down (#7650 ) Signed-off-by: stonezdj <stonezdj@gmail.com>	2019-05-07 10:36:10 +08:00
Qian Deng	210081604c	Merge pull request #7648 from reasonerjt/rm-index-controller Remove IndexController	2019-05-06 18:29:14 +08:00
Daniel Jiang	45210f7c40	Fix condition for OIDC security filter (#7645 ) Signed-off-by: Daniel Jiang <jiangd@vmware.com>	2019-05-06 16:30:09 +08:00
Daniel Jiang	28871b78ae	Remove IndexController Signed-off-by: Daniel Jiang <jiangd@vmware.com>	2019-05-06 14:04:06 +08:00
Daniel Jiang	6c3df3c8ce	Disable CA download when hosted via HTTP Signed-off-by: Daniel Jiang <jiangd@vmware.com>	2019-05-06 11:14:39 +08:00
Wenkai Yin	12d58370ad	Merge pull request #7503 from ywk253100/190424_stop_execution Check the task status of execution whose status is running when deleting the policy	2019-04-30 11:28:49 +08:00
wang yan	02c7cbeec2	Fix get log issue of Periodic job Use the latest error or success execution as the periodic job log Signed-off-by: wang yan <wangyan@vmware.com>	2019-04-29 15:30:05 +08:00
Wenkai Yin	7e4c227318	Check the task status of execution whose status is running when deleting the policy Check the task status of execution whose status is running when deleting the policy Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-04-29 15:04:41 +08:00
Daniel Jiang	56c7d55c73	Merge pull request #7593 from reasonerjt/ext-url-systeminfo Add Ext URL to response of systeminfo API	2019-04-29 14:51:40 +08:00
Wenkai Yin	c53d73775a	Merge pull request #7590 from reasonerjt/oidc-wrong-secret-err Return more details for error in exchange token	2019-04-29 14:22:37 +08:00
Daniel Jiang	02cf75c142	Add Ext URL to response of systeminfo API Signed-off-by: Daniel Jiang <jiangd@vmware.com>	2019-04-29 13:31:52 +08:00
wang yan	2b99e148d9	Add gc parameters when to update gc schedule Signed-off-by: wang yan <wangyan@vmware.com>	2019-04-28 18:17:08 +08:00
Wang Yan	c26f655bce	add periodic job UUID to upstream job id and use execution log as the… (#7530 ) * add periodic job UUID to upstream job id and use execution log as the periodic log Signed-off-by: wang yan <wangyan@vmware.com> * add comments to fix codacy Signed-off-by: wang yan <wangyan@vmware.com> * Update code per comments Signed-off-by: wang yan <wangyan@vmware.com>	2019-04-28 15:09:56 +08:00
Wenkai Yin	7af679af7e	Merge pull request #7567 from reasonerjt/oidc-google-refresh-token Persist the new token in DB after login	2019-04-28 14:12:25 +08:00
Daniel Jiang	80176cc354	Check whether user is nil in Prepare() of users API (#7507 ) Signed-off-by: Daniel Jiang <jiangd@vmware.com>	2019-04-28 14:06:35 +08:00
Daniel Jiang	15626fcae0	Return more details for error in exchange token This commit update the response off OIDC callback when there's error in exchange token. Additionally add comments to clarify that by default 500 error will not contain any details. Signed-off-by: Daniel Jiang <jiangd@vmware.com>	2019-04-28 13:41:53 +08:00
Wenkai Yin	2a463016a9	Upgrade the distribution and notary library (#7516 ) * Return 404 when the log of task doesn't exist Return 404 when the log of task doesn't exist Signed-off-by: Wenkai Yin <yinw@vmware.com> * Upgrade the distribution and notary library Upgrade the distribution library to 2.7.1, the notary library to 0.6.1 Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-04-28 12:00:26 +08:00
Daniel Jiang	473fed5689	Persist the new token in DB after login This commit make sure the token is persist to DB after every time after a user logs in via OIDC provider, to make sure the secret is usable for the OIDC providers that don't provide refresh token. It also updates the authorize URL for google to make sure the refresh token will be returned. Also some misc refinement included, including add comment to the OIDC onboarded user, preset the username in onboard dialog. Signed-off-by: Daniel Jiang <jiangd@vmware.com>	2019-04-27 23:03:59 +08:00
Daniel Jiang	b9f5f1027c	Merge pull request #7504 from reasonerjt/reload-auth-proxy-cert-verify Update Transport of HTTP cient in auth proxy client	2019-04-26 23:24:33 +08:00
Daniel Jiang	07d15a8553	Update Transport of HTTP cient in auth proxy client This commit ensures that the TLS config of the HTTP client for auth proxy is updated when the configuration is changed. Signed-off-by: Daniel Jiang <jiangd@vmware.com>	2019-04-26 18:39:28 +08:00
Wenkai Yin	6511417ba6	Merge pull request #7495 from stonezdj/const_debts Replace string with const in metadatalist.go	2019-04-25 17:41:04 +08:00
stonezdj	504eab56c3	Replace string with const in metadatalist.go Signed-off-by: stonezdj <stonezdj@gmail.com>	2019-04-25 17:01:43 +08:00
Wenkai Yin	66087aac82	Merge pull request #7493 from stonezdj/tech_debts Remove adminserver in sourcecode	2019-04-24 16:24:59 +08:00
Steven Zou	9bd2de3e35	Merge pull request #7452 from steven-zou/fix_issues_for_jobservice Fix issues for jobservice	2019-04-24 16:15:43 +08:00
Wenkai Yin	d8310cc708	Fix replication bugs (#7470 ) 1. Only return the event based trigger for local Harbor 2. Valid the trigger pattern and cron string when creating/updating policies 3. Set the schema as "http" if it isn't specified when creating/updating registries Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-04-23 19:34:29 +08:00
Steven Zou	823d9c04a9	Merge pull request #7497 from wy65701436/fix-replc-500 refine chart clint http response	2019-04-23 19:30:36 +08:00
wang yan	0d563fda9c	refine chart clint http response Chart client eats the http error if not status ok, after refactor, the real http response will be catched in core api. Signed-off-by: wang yan <wangyan@vmware.com>	2019-04-23 18:22:23 +08:00
Steven Zou	69d9a28860	Merge pull request #7482 from wy65701436/chart-upload Fix chart upload issue on event based	2019-04-23 17:33:08 +08:00
stonezdj(Daojun Zhang)	e4506604e2	fix error message (#7459 ) Signed-off-by: stonezdj <stonezdj@gmail.com>	2019-04-23 15:53:34 +08:00
stonezdj	d7798a12d2	Remove adminserver in sourcecode Signed-off-by: stonezdj <stonezdj@gmail.com>	2019-04-23 15:05:29 +08:00
wang yan	a3763466b3	Update err message to general information Signed-off-by: wang yan <wangyan@vmware.com>	2019-04-23 10:57:31 +08:00
wang yan	1b4c75af25	Add event into upload ctx Signed-off-by: wang yan <wangyan@vmware.com>	2019-04-23 10:57:31 +08:00
wang yan	df6e0600c9	Fix chart upload issue on event based Use chart API to load the uploaded chart file to get the name and version Signed-off-by: wang yan <wangyan@vmware.com>	2019-04-23 10:57:31 +08:00
Steven Zou	3937c8b0dc	Merge branch 'master' into fix_issues_for_jobservice	2019-04-22 19:26:51 +08:00
Daniel Jiang	1fdc2e6ba9	Provide API to generate CLI secret This commit provide an API to allow a user that is onboarded via OIDC authn update his CLI secret. Signed-off-by: Daniel Jiang <jiangd@vmware.com>	2019-04-22 13:34:12 +08:00
Steven Zou	8e734407c0	Merge branch 'master' into fix_issues_for_jobservice	2019-04-19 21:15:21 +08:00
Steven Zou	e92164c886	Merge pull request #7442 from ywk253100/190418_replication_bug_fix Fix bug in replication	2019-04-19 17:04:34 +08:00
stonezdj(Daojun Zhang)	36d13e8243	Merge pull request #7328 from stonezdj/debts Fix issue 6450 Test LDAP server error without save configuration	2019-04-19 16:51:57 +08:00
Daniel Jiang	6b45b5ef7c	Merge pull request #7451 from reasonerjt/oidc-logout Skip verifying OIDC token for local user	2019-04-19 14:55:26 +08:00
Steven Zou	f8feaa192e	add get scheduled and periodic executions APIs Signed-off-by: Steven Zou <szou@vmware.com>	2019-04-19 13:54:23 +08:00
Wenkai Yin	cf5cd5902f	Fix bug in replication 1. Fix bug when creating the namespace 2. Keep the same logic for hiding access secret 3. Filter only push mode policies for event trigger Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-04-19 13:34:04 +08:00
Daniel Jiang	5292aea89e	Skip verifying OIDC token for local user If a user does not have OIDC meta data in DB, it means he's not onboarded via OIDC authn, hence, we should not check the token. Signed-off-by: Daniel Jiang <jiangd@vmware.com>	2019-04-19 13:07:06 +08:00
Wenkai Yin	059b75e97c	Merge pull request #7392 from reasonerjt/oidc-logout Handle OIDC user invalidation from OIDC provider.	2019-04-19 12:46:36 +08:00
Daniel Jiang	239b33c5fb	Handle OIDC user invalidation from OIDC provider. Ths commmit ensures that when user's token is invalidated OIDC provider, he cannot access protected resource in Harbor with the user info in his session. We share the code path with secret verification b/c the refresh token can be used only once, so it has to be stored in one place. Signed-off-by: Daniel Jiang <jiangd@vmware.com>	2019-04-19 01:27:31 +08:00
Steven Zou	1f481e492c	Refactor job servcie primary logic to fix related bugs Signed-off-by: Steven Zou <szou@vmware.com>	2019-04-18 16:02:49 +08:00
stonezdj	41a574e55c	Fix issue 6450 Test LDAP server error without save configuration Signed-off-by: stonezdj <stonezdj@gmail.com>	2019-04-18 14:24:21 +08:00
Wenkai Yin	a5cc228781	Merge pull request #7420 from ywk253100/190417_revert_local_harbor Update the migration sql	2019-04-17 19:58:31 +08:00
wang yan	ddec7bd645	fix error handlering in job notification Signed-off-by: wang yan <wangyan@vmware.com>	2019-04-17 18:19:01 +08:00
wang yan	e017294f71	merge with master latest Signed-off-by: wang yan <wangyan@vmware.com>	2019-04-17 17:52:39 +08:00
Wenkai Yin	547c2337de	Update the migration sql 1. Update the migration sql 2. Rename the ResourceRepository from repository to image Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-04-17 17:18:03 +08:00
Wang Yan	a6af9e9972	Support well-formatted error returned from the REST APIs. (#6957 ) Signed-off-by: wang yan <wangyan@vmware.com>	2019-04-17 16:43:06 +08:00
Wenkai Yin	6e0d892963	Support creating project with service account This commit introduces a solution to workaround the restriction of project creation API: only normal users can create projects Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-04-17 14:50:32 +08:00
Wenkai Yin	3f7884d9d2	Revert "Add new registry type: LocalHarbor" This reverts commit `94cacf762a`. Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-04-17 14:50:24 +08:00
Wenkai Yin	94cacf762a	Add new registry type: LocalHarbor The "LocalHarbor" is the type of registry where the replication service is running on Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-04-16 11:42:36 +08:00
Wenkai Yin	2f1d2257d5	Remove the namespace concept in replication Update the replication logic to remove the "namespace" Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-04-16 08:36:42 +08:00
wang yan	7a373c2eed	Add event trigger to helm upload/deletion replication Signed-off-by: wang yan <wangyan@vmware.com>	2019-04-15 19:02:33 +08:00
Wenkai Yin	ba038eb883	Support replication all projects in Harbor Support replication all projects in Harbor Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-04-13 20:23:19 +08:00
Wenkai Yin	c222f18fa7	Update replication 1. Refine the health check of docker hub 2. Remove the GetNamespace method from adapter interface Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-04-13 15:20:06 +08:00
Daniel Jiang	f92bc8076d	"Skip verify cert" to "verify cert" This commit tweaks the attribute for auth proxy mode and OIDC auth mode. To change it from "Skip verify cert" to "verify cert" so they are more consistent with other modes. Additionally it removes a workaround in `SearchUser` in auth proxy authenticator. Signed-off-by: Daniel Jiang <jiangd@vmware.com>	2019-04-12 23:25:54 +08:00
Wenkai Yin	1d16e18dff	Remove "ng" from source code Remove "ng" from source code Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-04-12 22:42:27 +08:00
cd1989	8ca5e17c58	Correct some typos and do some small adjustments Signed-off-by: cd1989 <chende@caicloud.io>	2019-04-12 21:17:33 +08:00
cd1989	a9fa22269c	Check health status when add/update registry Signed-off-by: cd1989 <chende@caicloud.io>	2019-04-12 17:29:05 +08:00
Wenkai Yin	188d66d875	Merge pull request #7350 from ywk253100/190411_bugfix Fix bug of replication	2019-04-12 08:22:59 +08:00
Wenkai Yin	bc0123662b	Fix bug of replication 1. check the disable/enable status before starting the replication 2. process the support_namespace property Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-04-12 07:59:57 +08:00
Wenkai Yin	1f574e7d10	Merge pull request #7354 from wy65701436/replication_ng_namespace Add api to get namespaces of registry	2019-04-11 23:44:24 +08:00
wang yan	117c36d52c	Add api to get namespaces of registry To query the namespace of the registry according to its ID. Signed-off-by: wang yan <wangyan@vmware.com>	2019-04-11 23:17:33 +08:00
Wenkai Yin	a2fcb41b31	Fix bug in ping registry API Fix bug in ping registry API: accept both ID and other properties Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-04-11 18:00:44 +08:00
Daniel Jiang	763c5df010	Add UT Signed-off-by: Daniel Jiang <jiangd@vmware.com>	2019-04-11 15:30:19 +08:00
Wenkai Yin	b73acde051	Support the migration for scheduled replication rule from previous version of Harbor Support the migration for scheduled replication rule from previous version of Harbor Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-04-11 13:14:32 +08:00
Wenkai Yin	5a047a7eb6	Update the adapter interface Add ConvertResourceMetadata and PrepareForPush methods Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-04-10 23:37:11 +08:00
Daniel Jiang	0d18e6c82f	Update according to comments For more context see PR #7335 Signed-off-by: Daniel Jiang <jiangd@vmware.com>	2019-04-10 19:38:12 +08:00
Daniel Jiang	0a2343f542	Support secret for docker CLI As CLI does not support oauth flow, we'll use secret for help OIDC user to authenticate via CLI. Add column to store secret and token, and add code to support verify/refresh token associates with secret. Such that when the user is removed from OIDC provider the secret will no longer work. Signed-off-by: Daniel Jiang <jiangd@vmware.com>	2019-04-10 19:38:11 +08:00
Daniel Jiang	08e00744be	Fix misc bugs for e2e OIDC user onboard process This commit adjust the code and fix some bugs to make onboard process work. Only thing missed is that the UI will need to initiate the redirection, because the request of onboarding a user was sent via ajax call and didn't handle the 302. Signed-off-by: Daniel Jiang <jiangd@vmware.com>	2019-04-10 19:38:11 +08:00
Wenkai Yin	5a65480594	Handle the policy from previous versions Handle the policy from previous versions Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-04-09 17:43:07 +08:00
Wenkai Yin	7ff46acd25	Merge pull request #7289 from cd1989/add-registry-ping Add registry ping API	2019-04-08 14:08:53 +08:00
cd1989	5a2d03593f	Add helth check method to registry adapter Signed-off-by: cd1989 <chende@caicloud.io>	2019-04-08 10:03:28 +08:00
cd1989	f71a110bec	Add registry ping API Signed-off-by: cd1989 <chende@caicloud.io>	2019-04-06 17:00:52 +08:00
cd1989	07139684ce	Wait randomly before registry health checking Signed-off-by: cd1989 <chende@caicloud.io>	2019-04-05 20:46:29 +08:00
cd1989	fe004e1bfc	Init replication in core Signed-off-by: cd1989 <chende@caicloud.io>	2019-04-04 21:58:31 +08:00
cd1989	2450dacecb	Use policy controller in registry deletion Signed-off-by: cd1989 <chende@caicloud.io>	2019-04-04 21:26:27 +08:00
Wenkai Yin	4116433de8	Merge pull request #7306 from ywk253100/190404_cleanup Remove the useless replication code	2019-04-04 21:18:04 +08:00
Wenkai Yin	c2f702be2a	Remove the useless replication code This commit removes the useless replication code Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-04-04 20:56:25 +08:00
Wenkai Yin	58a73de3e5	Merge pull request #7299 from ywk253100/190404_sync Sync with master branch	2019-04-04 17:33:11 +08:00
Wenkai Yin	1c735a7464	Filter the events triggerred by replication Filter the events triggerred by replication pull Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-04-04 16:03:38 +08:00
Wenkai Yin	b66b1f341e	Merge remote-tracking branch 'upstream/master' into 190404_sync	2019-04-04 14:55:09 +08:00
Wenkai Yin	48f02d0605	Merge pull request #7291 from cd1989/registry-with-empty-credential Handle registry with empty credential	2019-04-03 21:35:32 +08:00
Yan	da0e20ec60	Add controller to onboard oidc user (#7286 ) Signed-off-by: wang yan <wangyan@vmware.com>	2019-04-03 20:47:22 +08:00
cd1989	e2c86f8f59	Handle registry with empty credential Signed-off-by: cd1989 <chende@caicloud.io>	2019-04-03 20:33:26 +08:00
cd1989	8968e82675	Allow edit registry description Signed-off-by: cd1989 <chende@caicloud.io>	2019-04-03 19:47:14 +08:00
wang yan	dcf1d704e6	fix dao UT issue and refine the error of onboard OIDC user Signed-off-by: wang yan <wangyan@vmware.com>	2019-04-03 14:05:18 +08:00
wang yan	41018041f7	remove oidc controller and add more UTs Signed-off-by: wang yan <wangyan@vmware.com>	2019-04-03 09:54:21 +08:00
Yan	0de5999f52	add the controller for ocdi onboard user Signed-off-by: wang yan <wangyan@vmware.com>	2019-04-03 09:52:22 +08:00
Wenkai Yin	5219073c49	Call Harbor API to delete the images in Harbor adapter Call Harbor API to delete the images in Harbor adapter to avoid the inconsistent between the different versions of Harbor Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-04-02 17:02:15 +08:00
Wenkai Yin	4484bca756	Fix replication related issues 1. Add operation property for tasks 2. Add trigger property for executions 3. Update the getting registry info API to allow passing 0 as ID to get the info of local Harbor registry Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-04-02 14:26:17 +08:00
Daniel Jiang	587acd33ad	Add callback controller for OIDC This commit add callback controller to handle the redirection from successful OIDC authentication. For E2E case this requires callback controller to kick off onboard process, which will be covered in subsequent commits. Signed-off-by: Daniel Jiang <jiangd@vmware.com>	2019-04-01 12:35:31 +08:00
Wenkai Yin	71b706e60a	Update the replication API 1. Add getting execution by ID API 2. Return registry detail info in listing policies API Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-03-30 20:46:02 +08:00
Wenkai Yin	8c7b63bac2	Merge pull request #7248 from ywk253100/190326_event Add event based trigger and scheduled trigger	2019-03-29 14:58:09 +08:00
Wenkai Yin	4f8e283e8e	Add event based trigger and scheduled trigger This commit implements the event based trigger and scheduled trigger in replilcation Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-03-29 13:48:34 +08:00
Daniel Jiang	9ce98f4acd	Add controller to handle oidc login The controller will redirect user to the OIDC login page based on configuration. Additionally this commit add some basic code to wrap `oauth2` package and `provider` in `go-oidc`, and fixed an issue in UT to make InMemoryDriver for config management thread-safe. Signed-off-by: Daniel Jiang <jiangd@vmware.com>	2019-03-28 11:29:05 +08:00
Wenkai Yin	0e9bdbc09c	Merge pull request #7225 from ywk253100/190326_structure Adjust the file structure of replication package	2019-03-27 13:08:05 +08:00
Yan	03709e4ec1	add authn proxy (#7199 ) * add authn proxy docker login support User could use the web hook token issued by k8s api server to login to harbor. The username should add a specific prefix. Signed-off-by: wang yan <wangyan@vmware.com> * update code per review comments Signed-off-by: wang yan <wangyan@vmware.com> * Add UT for auth proxy modifier Signed-off-by: wang yan <wangyan@vmware.com>	2019-03-27 12:37:54 +08:00
Wenkai Yin	017bba8dc1	Merge remote-tracking branch 'upstream/master' into 190327_sync	2019-03-27 11:43:51 +08:00
Wenkai Yin	de4eb0369a	Adjust the file structure of replication package Move the scheduler, execution, hook and flow package into operation Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-03-26 14:59:58 +08:00
Daniel Jiang	49aae76205	Onbard settings for OIDC provider (#7204 ) Signed-off-by: Daniel Jiang <jiangd@vmware.com>	2019-03-25 12:24:39 +08:00
Wenkai Yin	b37f4018a6	Update the registry adapter interface This commit adds the Info() method to the registry adapter interface Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-03-23 07:49:59 +08:00
Wenkai Yin	679b0d3d6a	Convert job status to replication task status This commits converts job status to task status Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-03-22 18:16:27 +08:00
Yan	8d3946a0e2	Refactor scan all api (#7120 ) * Refactor scan all api This commit is to let scan all api using admin job to handle schedule management. After the PR, GC and scan all share unified code path. Signed-off-by: wang yan <wangyan@vmware.com> * update admin job api code according to review comments Signed-off-by: wang yan <wangyan@vmware.com> * Update test code and comments per review Signed-off-by: wang yan <wangyan@vmware.com>	2019-03-22 17:52:21 +08:00
Wenkai Yin	49cf50adb1	Merge remote-tracking branch 'upstream/master' into 190324_sync Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-03-22 15:55:52 +08:00
Wenkai Yin	791aecddfa	Merge pull request #7210 from ywk253100/190321_delete Add support for replicating the delation of resource	2019-03-23 20:08:13 +08:00
Wenkai Yin	1120368c9c	Add support for replicating the delation of resource This commit refines the replication flows and provides the support for replicating resource deletion Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-03-22 12:37:39 +08:00
Meina Zhou	130e132f86	Merge branch 'master' into replication_ng Signed-off-by: Meina Zhou <meinaz@vmware.com>	2019-03-21 14:16:33 +08:00
Wenkai Yin	c65d5e6669	Update listing/getting replication adapter API This commit updates the listing/getting replication adapter API Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-03-20 05:30:15 +08:00
Daniel Jiang	a73b499988	Expose HTTP auth proxy infor in systeminfo API (#7164 ) Signed-off-by: Daniel Jiang <jiangd@vmware.com>	2019-03-19 15:54:40 +08:00
Wenkai Yin	258b22a9a5	Fix bug in replication This commit fixes bugs found in the implement of replciation NG Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-03-10 20:57:59 +08:00
Wenkai Yin	cabef73980	Add Harbor adapter for replication Implement the replication adapter for Harbor registry Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-03-13 21:39:39 +08:00
peimingming	4efad287ce	Add execution and hooks Signed-off-by: peimingming <peimingming@corp.netease.com>	2019-03-13 09:35:01 +08:00
Wenkai Yin	772367498f	Merge remote-tracking branch 'upstream/master' into 190311_sync	2019-03-11 20:34:49 +08:00
Wenkai Yin	d1f4c20e64	Implement replication policy management API This commit implements the replication policy management API Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-03-09 01:32:51 +08:00
Wenkai Yin	ec2a7f9239	Implement replication operation API This commit implements the replication operation related APIs Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-03-08 10:06:33 +08:00
Wenkai Yin	db7a709aad	Merge pull request #7063 from heww/users-search Add users search API	2019-03-07 15:58:26 +08:00
stonezdj(Daojun Zhang)	f7745baf30	Merge pull request #6599 from stonezdj/pr6161 Add new parameter ldap_group_membership_attribute (PR#6161)	2019-03-07 13:26:26 +08:00
He Weiwei	20556aebd2	Add users search API Signed-off-by: He Weiwei <hweiwei@vmware.com>	2019-03-07 12:47:26 +08:00
Wenkai Yin	7f49151115	Implement replication adapter API This commit implements the replication adapter API Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-03-06 15:01:33 +08:00
Daniel Jiang	002094dbbb	Merge pull request #7075 from wy65701436/cron-str update gc api to support raw cron string	2019-03-06 13:36:52 +08:00
Qian Deng	b68f09cf41	Fix: global search not work when chart enabled Global search result data does not contain the chart info when chart is empty Signed-off-by: Qian Deng <dengq@vmware.com>	2019-03-06 10:37:41 +08:00
wang yan	e373167546	update gc api to support raw cron string Signed-off-by: wang yan <wangyan@vmware.com>	2019-03-05 16:31:35 +08:00
cd1989	b00098d492	Add unit tests and fix CI Signed-off-by: cd1989 <chende@caicloud.io>	2019-03-05 15:37:36 +08:00
stonezdj(Daojun Zhang)	dffb971366	Merge pull request #7055 from stonezdj/bug7038 Remove verify_remote_cert	2019-03-05 14:54:02 +08:00
stonezdj	4dfee0c1f0	Remove verify_remote_cert Signed-off-by: stonezdj <stonezdj@gmail.com>	2019-03-05 14:04:10 +08:00
Wenkai Yin	77688c90b9	Merge pull request #7061 from stonezdj/bug6767 Search local DB first when adding a project member with username	2019-03-05 12:56:19 +08:00
Mia ZHOU	76a07eb5fe	Merge pull request #7059 from ninjadq/fix_global_search_issue Fix global search issue	2019-03-05 08:41:30 +08:00
Qian Deng	4ba012ab8e	Fix: global search not work issue Both Frontend and Backend should not send chart data when chartmusuem not enabled Signed-off-by: Qian Deng <dengq@vmware.com>	2019-03-04 17:44:34 +08:00
stonezdj	3fdc0fd9ba	Search local DB first when adding a project member with username Signed-off-by: stonezdj <stonezdj@gmail.com>	2019-03-04 11:22:37 +08:00
stonezdj	cf134bc80e	Add new parameter ldap_group_membership_attribute Signed-off-by: stonezdj <stonezdj@gmail.com>	2019-03-03 10:03:22 +08:00
Daniel Jiang	321874c815	Move Settings of HTTP auth proxy (#7047 ) Previously the settings of HTTP authproxy were set in environment variable. This commit move them to the configuration API Signed-off-by: Daniel Jiang <jiangd@vmware.com>	2019-03-01 14:11:14 +08:00
cd1989	8732a20709	Rewrite registry manager with new interface Signed-off-by: cd1989 <chende@caicloud.io>	2019-02-27 11:54:04 +08:00
cd1989	6bdf3053a7	Implement registries manager Signed-off-by: cd1989 <chende@caicloud.io>	2019-02-27 11:54:04 +08:00
wang yan	91aa67a541	Update expiration variable name to expiresat/tokenduration Signed-off-by: wang yan <wangyan@vmware.com>	2019-02-25 11:55:42 +08:00
wang yan	36a778b482	Update expiration schema to bigint and default unit to minute Signed-off-by: wang yan <wangyan@vmware.com>	2019-02-22 18:42:43 +08:00
wang yan	47a09b5891	add expiration of robot account This commit is to make the expiration of robot account configurable 1, The expiration could be set by system admin in the configuation page or by /api/config with robot_token_expiration=60, the default value is 30 days. 2, The expiration could be shown in the robot account infor both on UI and API. Signed-off-by: wang yan <wangyan@vmware.com>	2019-02-22 18:42:34 +08:00
Nguyen Quang Huy	eda6c47b3e	add signoff for DCO gate (#6981 ) Some variable name, function name is colliding with builtin function. Signed-off-by: Nguyen Quang Huy <huynq0911@gmail.com>	2019-02-22 15:00:18 +08:00
stonezdj	7a5fbf718f	Revise code with review comments Signed-off-by: stonezdj <stonezdj@gmail.com>	2019-02-18 15:20:54 +08:00
stonezdj	880051c08a	Add load for user settings in core/config/config.go Signed-off-by: stonezdj <stonezdj@gmail.com>	2019-02-18 14:06:19 +08:00
stonezdj	36e1c13a43	fix ut error in systeminfo_test.go Signed-off-by: stonezdj <stonezdj@gmail.com>	2019-02-18 14:06:19 +08:00
stonezdj	1ae5126bb4	Refactor adminserver stage 3: replace config api and change ut settings Signed-off-by: stonezdj <stonezdj@gmail.com>	2019-02-18 14:06:19 +08:00
He Weiwei	1c4b9aa346	Protect API using rbac Signed-off-by: He Weiwei <hweiwei@vmware.com>	2019-02-01 18:55:06 +08:00
Daniel Jiang	bf663df0e7	Merge pull request #6820 from wy65701436/robot-service Add robot account authn & authz implementation	2019-01-29 16:08:25 +08:00
He Weiwei	6e95b98108	Standard actions for rbac Signed-off-by: He Weiwei <hweiwei@vmware.com>	2019-01-29 11:59:11 +08:00
He Weiwei	1da0a66fe5	Merge pull request #6781 from heww/user-permissions-api Implement api for get current user permissions	2019-01-29 01:58:51 +08:00
wang yan	2d7ea9c383	update codes per review comments Signed-off-by: wang yan <wangyan@vmware.com>	2019-01-28 21:26:06 +08:00
He Weiwei	8b5e68073d	Implement api for get current user permissions Signed-off-by: He Weiwei <hweiwei@vmware.com>	2019-01-28 18:06:52 +08:00
Yan	71f37fb820	* Add robot account authn & authz implementation. This commit is to add the jwt token service, and do the authn & authz for robot account. Signed-off-by: wang yan <wangyan@vmware.com>	2019-01-28 17:39:57 +08:00
Daniel Jiang	20db0e737b	Provide HTTP authenticator An HTTP authenticator verifies the credentials by sending a POST request to an HTTP endpoint. After successful authentication he will be onboarded to Harbor's local DB and assigned a role in a project. This commit provides the initial implementation. Currently one limitation is that we don't have clear definition about how we would "search" a user via this HTTP authenticator, a flag for "alway onboard" is provided to skip the search, otherwise, a user has to login first before he can be assigned a role in Harbor. Signed-off-by: Daniel Jiang <jiangd@vmware.com>	2019-01-28 15:43:44 +08:00
He Weiwei	3f8e06a8bc	Support master role for project member create and update apis (#6780 ) * Support master role for project member create and update apis Signed-off-by: He Weiwei <hweiwei@vmware.com> * Fix description for role_id in swagger.yaml Signed-off-by: He Weiwei <hweiwei@vmware.com>	2019-01-23 14:56:23 +08:00
He Weiwei	ae061482ae	Add Can method to securty.Context interface (#6779 ) * Add Can method to securty.Context interface Signed-off-by: He Weiwei <hweiwei@vmware.com> * Improve mockSecurityContext Can method Signed-off-by: He Weiwei <hweiwei@vmware.com>	2019-01-23 14:32:37 +08:00
wang yan	903e15235e	Update validation and error message per comments	2019-01-17 15:33:05 +08:00
wang yan	4cde11892a	update the conflict check with DB unique constrain error message Signed-off-by: wang yan <wangyan@vmware.com>	2019-01-17 13:13:55 +08:00
Yan	1af0f3c3b9	Add API implementation of robot account Add API implementation of robot account 1. POST /api/project/pid/robots 2, GET /api/project/pid/robots/id? 3, PUT /api/project/pid/robots/id 4, DELETE /api/project/pid/robots/id Signed-off-by: wang yan <wangyan@vmware.com>	2019-01-17 13:13:55 +08:00
Wenkai Yin	f8d9653419	Merge pull request #6737 from ywk253100/190109_health_check Implement the unified health check API	2019-01-16 18:14:14 +08:00
Wenkai Yin	be4455ec1b	Implement the unified health check API The commit implements an unified health check API for all Harbor services Signed-off-by: Wenkai Yin <yinw@vmware.com>	2019-01-16 17:21:04 +08:00
Daniel Jiang	5d59d6fab8	Bump up golang to 1.11.2 Signed-off-by: Daniel Jiang <jiangd@vmware.com>	2019-01-11 14:44:32 +08:00
Jan-Otto Kröpke	8b65e4f424	Remove user agent check for docker notifications Fixes #5729 Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de>	2019-01-03 21:17:29 +01:00
Wenkai Yin	75d45ebd9d	Merge pull request #6547 from cd1989/retag-input-validation Validate repo and tag names in retag	2019-01-03 17:45:44 +08:00
cd1989	c117a23133	Validate repo and tag names in retag Signed-off-by: cd1989 <chende@caicloud.io>	2018-12-24 16:49:39 +08:00
He Weiwei	f403e50234	Merge pull request #6577 from heww/master Include os version in image tag detail page	2018-12-20 18:18:44 +08:00
He Weiwei	e7f09643bd	Include os version in image tag detail page Signed-off-by: He Weiwei <hweiwei@vmware.com>	2018-12-20 15:12:19 +08:00
Wenkai Yin	b28bca7af4	Merge pull request #6541 from salkin/proxy-transport Add support for http proxy in transport	2018-12-18 15:46:29 +08:00
Niklas Wik	138bc69f0f	Add support for http proxy in transport Signed-off-by: Niklas Wik <niklas.wik@nokia.com>	2018-12-17 10:35:27 +02:00
Wenkai Yin	f7a28ee2a2	Remove the duplicate http error struct (#6516 ) There are two different types to represent http error in the current code. This commit updates the codes to keep only one. Signed-off-by: Wenkai Yin <yinw@vmware.com>	2018-12-12 11:51:19 +08:00
Wenkai Yin	bcd6947fcc	Merge pull request #6470 from cd1989/retag-problem Give meaningful error messages when retag is forbidden	2018-12-06 18:47:58 +08:00
De Chen	60d65a9d86	Block retag requests in read-only mode (#6457 ) Signed-off-by: cd1989 <chende@caicloud.io>	2018-12-06 18:35:22 +08:00
cd1989	caf07a96fe	Give meaningful messages when retag forbided Signed-off-by: cd1989 <chende@caicloud.io>	2018-12-06 16:25:21 +08:00
Wenkai Yin	746d58ceb4	Return the error message when changing password with wrong old password (#6466 ) Return a meaningful error message when changing password but the a wrong old password is provided to render on UI Signed-off-by: Wenkai Yin <yinw@vmware.com>	2018-12-06 13:29:30 +08:00
Daniel Jiang	29d5b5da72	Return 409 when there is a scan all job running (#6460 ) * Return 409 when user trigger another "scan all" This commit fixes #6418, that when multiple "scan all" jobs are triggered, the API should not return 500. Signed-off-by: Daniel Jiang <jiangd@vmware.com> * Update swagger to add 409 to scanAll API Signed-off-by: Daniel Jiang <jiangd@vmware.com>	2018-12-06 11:46:38 +08:00
Wenkai Yin	538082ceb6	Remove the permission checking for getcert API (#6436 ) The Harbor root cert can be downloaded by all users now, so the permission checking is not needed anymore Signed-off-by: Wenkai Yin <yinw@vmware.com>	2018-12-05 12:15:23 +08:00
Daniel Jiang	ae240df031	Remove the Scan all in-memory marker (#6399 ) Previously there was a in-memory marker to prevent user from frequently calling the "scan all" API. This has become problematic in HA deployment, and is no longer needed after enhancement in jobservice. This commit removes the marker for "scan all" api, however, we need to review the mechanism and rework to make it stateless. Signed-off-by: Daniel Jiang <jiangd@vmware.com>	2018-12-02 15:40:50 +08:00
Wenkai Yin	a81346a4ba	Merge pull request #6386 from heww/session change session cookie name to sid	2018-11-30 16:13:45 +08:00
Steven Zou	ec2ad4d0b8	Merge pull request #6093 from cd1989/replication-record-id Add op uuid to image replication	2018-11-30 14:54:43 +08:00
Wenkai Yin	9d5cf57373	Check the existence of name when creating replication rule and fix bugs in testing library (#6381 ) 1. Fix #5102 by checking the existence of name when creating/editing replication rule 2. Add unique constraint to the name of replication policy and target 3. Fix bugs of testing library Signed-off-by: Wenkai Yin <yinw@vmware.com>	2018-11-30 13:32:20 +08:00
stonezdj	3b165d41d4	Fix LDAP search error Signed-off-by: stonezdj <stonezdj@gmail.com>	2018-11-29 18:37:23 +08:00
Steven Zou	68b1b98f0a	Merge pull request #6375 from steven-zou/fix_global_search_502_issue Fix global search 502 issue happened when chart repo is not enabled	2018-11-29 16:29:08 +08:00
Steven Zou	e7ffaecca5	Fix global search 502 issue happened when chart repo is not enabled Signed-off-by: Steven Zou <szou@vmware.com>	2018-11-29 15:53:09 +08:00
He Weiwei	00a3948fff	change session cookie name to sid Signed-off-by: He Weiwei <hweiwei@vmware.com>	2018-11-29 15:18:15 +08:00
陈德	f72c7766ae	Fix status code for permission check in retag, use 403 Signed-off-by: 陈德 <chende@caicloud.io>	2018-11-28 19:48:25 +08:00
Daniel Jiang	abe728325b	Wait for manifest in notification handler There's an issue in registry 2.6.x, that when the webhook is sent the manifest of the image may not be written. For details: https://github.com/docker/distribution/issues/2625 This will cause issue in "scan on push" or replication. This commit mitigates the issue by adding retries in notification handler. Signed-off-by: Daniel Jiang <jiangd@vmware.com>	2018-11-06 19:23:54 +08:00
Qian Deng	35f3346948	Merge pull request #6155 from mmpei/6086-UserNameLength Support longer UserName	2018-11-06 10:50:50 +08:00
Steven Zou	1b1ab60802	Merge pull request #6152 from mmpei/5178-jibSupporting 5178 jib supporting	2018-10-29 16:34:13 +08:00
peimingming	d3a617efd6	Support longer UserName Signed-off-by: peimingming <peimingming@corp.netease.com>	2018-10-29 15:59:17 +08:00
mmpei	a209519b0e	add support jib Signed-off-by: mmpei <peimingming1986@126.com> Signed-off-by: peimingming <peimingming@corp.netease.com>	2018-10-26 15:32:10 +08:00
mmpei	99c70ceab9	issue 5851 support jib client Signed-off-by: mmpei <peimingming1986@126.com>	2018-10-26 15:27:28 +08:00
Daniel Jiang	39b4d011c7	Not submit scan all job when core container starts Fixes #6115 As for the change in migration sql file, in 1.7 we'll switch to jobservice for scheduling "scan all" job. To avoid inconsistency, this item will be reset and user will need to configure the policy again. Signed-off-by: Daniel Jiang <jiangd@vmware.com>	2018-10-25 19:01:52 +08:00
Steven Zou	3b76a960e1	Merge pull request #6039 from stonezdj/refact_5996 Refactor capacity	2018-10-24 10:50:11 +08:00
Daniel Jiang	2920ec5f9b	Merge pull request #6077 from clouderati/update-copyright Updating copyright notices	2018-10-23 18:38:15 +08:00
陈德	1ffd9d8fba	Add op uuid to image replication Signed-off-by: 陈德 <chende@caicloud.io>	2018-10-21 23:55:57 +08:00
Steven Zou	db24cbe25a	Merge pull request #5779 from cd1989/images-retag Merge Images retag	2018-10-19 11:04:48 +08:00
clouderati	9a93f225d7	Updating copyright notices Replacing copyright notices with "Copyright 2018 The Harbor Authors". Signed-off-by: clouderati <35942204+clouderati@users.noreply.github.com>	2018-10-18 16:04:36 +00:00
陈德	a1b4729aa7	Add more unit tests Signed-off-by: 陈德 <chende@caicloud.io>	2018-10-18 00:26:25 +08:00
stonezdj	0278981523	Change admin server to core in jobservice Signed-off-by: stonezdj <stonezdj@gmail.com>	2018-10-16 19:23:12 +08:00
stonezdj(Daojun Zhang)	b764033fc9	Merge pull request #6007 from stonezdj/refact_5998 Change admin server to core in jobservice	2018-10-15 17:52:24 +08:00
stonezdj	79bac7a64e	Change admin server to core in jobservice Signed-off-by: stonezdj <stonezdj@gmail.com>	2018-10-15 14:56:18 +08:00
Wenkai Yin	0ebed68f5b	Merge pull request #5924 from cd1989/replication-status-check Fix statuses condition when trigger replication	2018-10-15 11:26:22 +08:00
陈德	e5e5ba79a5	Add operations filter Signed-off-by: 陈德 <chende@caicloud.io>	2018-10-13 11:09:53 +08:00
陈德	d6f5560145	Fix status check when trigger replication Signed-off-by: 陈德 <chende@caicloud.io>	2018-10-11 09:03:49 +08:00
wang yan	a4ad4c7282	Fix gc api issues 1, filter out the scan all jobs in the gc list. 2, make it able to delete unexecuted scheduler. Signed-off-by: wang yan <wangyan@vmware.com>	2018-10-10 15:45:03 +08:00
陈德	b648084d95	Improve code styles and fix after Harbor refactoring Signed-off-by: 陈德 <chende@caicloud.io>	2018-10-09 10:49:03 +08:00
陈德	03d5157eaf	Updae retag api spec Signed-off-by: 陈德 <chende@caicloud.io>	2018-10-08 19:07:23 +08:00
陈德	48d2435146	Fix notification event filtered because of user agent Signed-off-by: 陈德 <chende@caicloud.io>	2018-10-08 19:07:22 +08:00
陈德	03af3c5936	Add image retag API Signed-off-by: 陈德 <chende@caicloud.io>	2018-10-08 19:07:21 +08:00
James Zabala	ce0e195d18	Merge pull request #5957 from reasonerjt/scan-all-jobsvc Schedule "scan all" via jobservice	2018-10-02 15:31:42 -04:00
Daniel Jiang	b12dc3b5d8	Schedule "scan all" via jobservice This commit leverage the jobservice to trigger "scan all" and gets rid of the local scheduler to make the harbor-core container stateless. It keeps using the notifer mechanism to handle the configuration change. Signed-off-by: Daniel Jiang <jiangd@vmware.com>	2018-09-28 15:42:37 +08:00
Steven Zou	55c50f310d	Fix #5956 issue: The APIs should not get chart information when Harbor is not installed with chart repo Signed-off-by: Steven Zou <szou@vmware.com>	2018-09-27 13:22:25 +08:00
Steven Zou	8b538cbc0a	Return the total count of charts under the project in project API - add new interface method to get total count of charts under namespaces by calling get index - add new field 'chart_count' in project model - append chart count to the project model in project API Signed-off-by: Steven Zou <szou@vmware.com>	2018-09-25 17:56:11 +08:00
Wenkai Yin	978f8721e6	Merge pull request #5927 from steven-zou/return_labels_in_chart_api Refactor the chart service implementation to provide more extending flexibilities	2018-09-21 15:59:53 +08:00
Qian Deng	0cb430d463	Merge pull request #5932 from ninjadq/refactor_auth_api Refactor backend api for authrization	2018-09-21 15:59:07 +08:00
Qian Deng	88bb461314	Reactor backend api for authrization 1. Change backend api 2. Change frontend api 3. Change the proxy config file Signed-off-by: Qian Deng <dengq@vmware.com>	2018-09-21 14:03:17 +08:00
Steven Zou	78b9cbf35e	Fix failures of UT cases of chart API related Signed-off-by: Steven Zou <szou@vmware.com>	2018-09-21 14:02:45 +08:00
Daniel Jiang	6c84a3dc4f	Merge pull request #5690 from goharbor/clouderati-copyright-update Updating copyright notices	2018-09-20 19:38:26 +08:00
Steven Zou	d4c423ea8e	Merge branch 'master' into return_labels_in_chart_api	2018-09-20 17:55:48 +08:00
Steven Zou	24c0be789d	Add more UT cases for changed chart API - add more cases in the ChartRepositoryAPI controller - move chart utility testing functions to a separate go file under testing - ignore testing coverage for testing folder - update other UT cases to reflect the change of adding chart testing utility functions Signed-off-by: Steven Zou <szou@vmware.com>	2018-09-20 17:51:27 +08:00
De Chen	970d84f1b9	Add comment format check to makefile and travis (#5832 ) * Add comment format check to makefile and travis Signed-off-by: 陈德 <chende@caicloud.io>	2018-09-20 11:48:38 +08:00
Steven Zou	e6de7f080d	Rename the import path of new package 'label' Signed-off-by: Steven Zou <szou@vmware.com>	2018-09-20 10:31:29 +08:00
clouderati	587459df15	Replacing copyright notices with "Copyright Project Harbor Authors". Signed-off-by: clouderati <35942204+clouderati@users.noreply.github.com>	2018-09-19 16:59:36 +00:00
Steven Zou	3a204dbf7d	Rebase to fix conflicts	2018-09-19 17:46:47 +08:00
Qian Deng	7873a0312a	Rename harbor-ui to harbor-core 1. Update the nginx.conf 2. Update Makefile 3. Update docker-compose 4. Update image name 5. Rename folder ui to core 6. Change the harbor-ui's package name to core 7. Remove unused static file on harbor-core 8. Remove unused code for harbor-portal Signed-off-by: Qian Deng <dengq@vmware.com>	2018-09-19 16:35:13 +08:00

... 11 12 13 14 15 ...

877 Commits