An HTTP authenticator verifies the credentials by sending a POST request
to an HTTP endpoint. After successful authentication he will be
onboarded to Harbor's local DB and assigned a role in a project.
This commit provides the initial implementation.
Currently one limitation is that we don't have clear definition about
how we would "search" a user via this HTTP authenticator, a flag for
"alway onboard" is provided to skip the search, otherwise, a user has
to login first before he can be assigned a role in Harbor.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
* Support master role for project member create and update apis
Signed-off-by: He Weiwei <hweiwei@vmware.com>
* Fix description for role_id in swagger.yaml
Signed-off-by: He Weiwei <hweiwei@vmware.com>
* Add Can method to securty.Context interface
Signed-off-by: He Weiwei <hweiwei@vmware.com>
* Improve mockSecurityContext Can method
Signed-off-by: He Weiwei <hweiwei@vmware.com>
Add API implementation of robot account
1. POST /api/project/pid/robots
2, GET /api/project/pid/robots/id?
3, PUT /api/project/pid/robots/id
4, DELETE /api/project/pid/robots/id
Signed-off-by: wang yan <wangyan@vmware.com>
There are two different types to represent http error in the current code. This commit updates the codes to keep only one.
Signed-off-by: Wenkai Yin <yinw@vmware.com>
Return a meaningful error message when changing password but the a wrong old password is provided to render on UI
Signed-off-by: Wenkai Yin <yinw@vmware.com>
* Return 409 when user trigger another "scan all"
This commit fixes#6418, that when multiple "scan all" jobs are
triggered, the API should not return 500.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
* Update swagger to add 409 to scanAll API
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
Previously there was a in-memory marker to prevent user from frequently
calling the "scan all" API. This has become problematic in HA
deployment, and is no longer needed after enhancement in jobservice.
This commit removes the marker for "scan all" api, however, we need to
review the mechanism and rework to make it stateless.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
1. Fix#5102 by checking the existence of name when creating/editing replication rule
2. Add unique constraint to the name of replication policy and target
3. Fix bugs of testing library
Signed-off-by: Wenkai Yin <yinw@vmware.com>
There's an issue in registry 2.6.x, that when the webhook is sent the
manifest of the image may not be written.
For details: https://github.com/docker/distribution/issues/2625
This will cause issue in "scan on push" or replication.
This commit mitigates the issue by adding retries in notification
handler.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
Fixes#6115
As for the change in migration sql file, in 1.7 we'll switch to
jobservice for scheduling "scan all" job. To avoid inconsistency,
this item will be reset and user will need to configure the policy again.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
This commit leverage the jobservice to trigger "scan all" and
gets rid of the local scheduler to make the harbor-core container
stateless.
It keeps using the notifer mechanism to handle the configuration change.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
- add new interface method to get total count of charts under namespaces by calling get index
- add new field 'chart_count' in project model
- append chart count to the project model in project API
Signed-off-by: Steven Zou <szou@vmware.com>
- add more cases in the ChartRepositoryAPI controller
- move chart utility testing functions to a separate go file under testing
- ignore testing coverage for testing folder
- update other UT cases to reflect the change of adding chart testing utility functions
Signed-off-by: Steven Zou <szou@vmware.com>
1. Update the nginx.conf
2. Update Makefile
3. Update docker-compose
4. Update image name
5. Rename folder ui to core
6. Change the harbor-ui's package name to core
7. Remove unused static file on harbor-core
8. Remove unused code for harbor-portal
Signed-off-by: Qian Deng <dengq@vmware.com>
