Chenyu Zhang
49999ab1c0
fix: replication webhook lost when src namespace different with dest ( #17312 )
...
Fix the replication webhook notification lost when the rule is
pull-based and src namespace different with dest.
Closes : #17298
Signed-off-by: chlins <chenyuzh@vmware.com>
2022-08-04 15:10:19 +08:00
Chenyu Zhang
70a95a9696
fix: reduce the high db cpu usage for tag retention ( #17296 )
...
1. Add two indexes to database migrations.
2. Skip refresh quota in middleware for requests from jobservice.
3. Refresh quota by self in the end of tag retention job.
Closes : #14708
Signed-off-by: chlins <chenyuzh@vmware.com>
2022-08-04 10:08:02 +08:00
Wang Yan
914d9a5526
fix copy artifact accessory quota issue ( #17293 )
...
It needs to request quota for accessory on copying artifact.
Signed-off-by: wang yan <wangyan@vmware.com>
2022-08-03 20:02:20 +08:00
MinerYang
0fbff49eb0
bumpup golang to v1.18.5 ( #17307 )
...
Signed-off-by: yminer <yminer@vmware.com>
2022-08-03 17:44:03 +08:00
lengrongfu
dac3c7b31d
fix: distribution v2.8.0 tag does not match checksum ( #17306 )
...
Signed-off-by: lengrongfu <1275177125@qq.com>
2022-08-03 17:43:37 +08:00
Wang Yan
ebab99613f
update session log level ( #17300 )
...
To avoid too much noise in the core log, udpate the level to debug.
Signed-off-by: Wang Yan <wangyan@vmware.com>
2022-08-03 13:51:26 +08:00
MinerYang
722d1a19ea
update image extra attributes author in labels ( #17291 )
...
update image extra attributes author
Signed-off-by: yminer <yminer@vmware.com>
adding spec comment
Signed-off-by: yminer <yminer@vmware.com>
2022-08-03 11:50:54 +08:00
stonezdj(Daojun Zhang)
66d34c8e0c
Return time.Time{} when cron string is empty ( #17289 )
...
change log level to debug to avoid noise
Signed-off-by: stonezdj <stonezdj@gmail.com>
2022-08-02 15:18:25 +08:00
Shijun Sun
b4f2f170b4
Upgrade Angular dev-tool package ( #17287 )
...
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-08-01 18:10:34 +08:00
MinerYang
1296e7ebf0
Enable staticcheck ( #17286 )
...
enable golangci-lint staticcheck
enable staticcheck in golangci-lint
Signed-off-by: yminer <yminer@vmware.com>
2022-08-01 16:58:51 +08:00
Yang Jiao
1dd2b0bc7c
Add purge audit log API test cases ( #17175 )
...
Added test cases for the following APIs:
1. PUT /system/purgeaudit/{purge_id} Stop the specific purge audit log execution
2. GET /system/purgeaudit/{purge_id} Get purge job status
3. GET /system/purgeaudit/{purge_id}/log Get purge job log
4. PUT /system/purgeaudit/schedule Update purge job's schedule
5. POST /system/purgeaudit/schedule Create a purge job schedule
6. GET /system/purgeaudit/schedule Get purge's schedule
7. GET /system/purgeaudit Get purge job results.
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-08-01 16:52:57 +08:00
Adam
bf741ad381
feature: Use RegisteredClaims instead of deprecated staruct StandardClaims ( #16206 )
...
Signed-off-by: wujw39640 <wujw39640@hundsun.com>
2022-08-01 10:23:47 +08:00
Chenyu Zhang
bbc7282c46
upgrade: bump up beego to 1.12.11 ( #17277 )
...
Signed-off-by: chlins <chenyuzh@vmware.com>
2022-07-31 16:23:28 +08:00
Thomas Maroschik
0559ce7e28
fix: oidc token is not respected in /service/token endpoint ( #16442 )
...
Signed-off-by: Thomas Maroschik <tmaroschik@dfau.de>
2022-07-30 13:01:51 +02:00
Shijun Sun
455ebf51fc
Fix null pointer issue for creating reolication rule ( #17274 )
...
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-07-30 17:17:10 +08:00
Eike David Lenz
0fe5eed55d
fix cve allowlist projectmeta validation ( #15800 )
...
Signed-off-by: Eike David Lenz <e.lenz@mittwald.de>
2022-07-30 16:59:18 +08:00
Shijun Sun
7e7ae7ea1b
Add permission check to CVE export ( #17267 )
...
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-07-29 19:48:39 +08:00
Shijun Sun
04fa3853c9
Fix router issues for UI ( #17235 )
...
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-07-29 19:04:01 +08:00
Chenyu Zhang
bff4e13087
fix: export cve adds resource check and project validation ( #17265 )
...
1. Add resource permission check for API handler
2. Validate export cve params project
3. Optimize friendly human message when execution status is error
Signed-off-by: chlins <chenyuzh@vmware.com>
2022-07-29 19:01:46 +08:00
MinerYang
bd1d441b01
bumpup golang version to v1.18.4 ( #17257 )
...
Signed-off-by: yminer <yminer@vmware.com>
2022-07-29 09:43:01 +08:00
Chenyu Zhang
19e73174e2
refactor: refact codebase of cve export process and filter ( #17254 )
...
1. Refact the scan export FilterProcessor interface
2. Optmize the sql template for export cve report
3. Update the process of cve export job
Signed-off-by: chlins <chenyuzh@vmware.com>
2022-07-28 16:05:12 +08:00
Wang Yan
02c41573d6
fix update robot regression ( #17248 )
...
Only check the project id for the project level robot
Signed-off-by: Wang Yan <wangyan@vmware.com>
2022-07-27 20:13:46 +08:00
MinerYang
f7ebf20d2e
Disable Nydus middleware for v2.6 ( #17233 )
...
disable nydus middleware for v2.6
Signed-off-by: yminer <yminer@vmware.com>
remove nyduus module import in main.go
Signed-off-by: yminer <yminer@vmware.com>
2022-07-27 08:41:33 +08:00
prahaladdarkin
d53af792ad
Fixes for various bugs/issues logged as a part of the test day. ( #17232 )
...
Closes:
* CVE Data Export API IDOR issue
* https://github.com/goharbor/harbor/issues/17199
* https://github.com/goharbor/harbor/issues/17193
* https://github.com/goharbor/harbor/issues/17188
* https://github.com/goharbor/harbor/issues/17184
Signed-off-by: prahaladdarkin <prahaladd@vmware.com>
2022-07-26 16:50:54 +08:00
Wang Yan
02eae9dede
Filter out accessory from list artifact results ( #17231 )
...
Fixed #17145
1, Filter out the accessory from the artifact list.
2, Disable the display func of the accessory interface, currently this will not impact any kind of accessory, like signature and nydus. If we'd like to introduce it, it needs to resolve the pagiation issue of artifact list.
Signed-off-by: Wang Yan <wangyan@vmware.com>
2022-07-26 00:38:05 +08:00
Abirdcfly
2fece8c9ea
delete duplicate import and use ST1019 in golangci-lint ( #17211 )
...
Signed-off-by: Abirdcfly <fp544037857@gmail.com>
2022-07-25 14:12:00 +08:00
Shijun Sun
e9855a88dd
Fix cve export UI issues ( #17227 )
...
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-07-25 10:41:44 +08:00
Yang Jiao
a4c577f9ec
Refresh base images ( #17176 )
...
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-07-22 15:48:47 +08:00
stonezdj(Daojun Zhang)
712419778a
Return bad request if audit log retention hour > 240000 hour ( #17217 )
...
Cap the retention hour to 240000 hour
Fixes #17198
Signed-off-by: stonezdj <stonezdj@gmail.com>
2022-07-22 15:14:10 +08:00
stonezdj(Daojun Zhang)
8e876d847c
Add resource type in forward audit log ( #17216 )
...
Add resource type when forward audit log
fixes #17201
Signed-off-by: stonezdj <stonezdj@gmail.com>
2022-07-22 09:54:07 +08:00
Yang Jiao
e58f18bd51
Update routing test case ( #17221 )
...
Add retry to improve test case stability
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-07-21 17:40:38 +08:00
Shijun Sun
56e669ebbc
Fix log rotation UI issues ( #17220 )
...
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-07-21 16:49:26 +08:00
Shengwen YU
acc2872fa8
fix: remove redundant check due to always false ( #17206 )
...
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2022-07-20 16:53:56 +08:00
Loong Dai
09371b48e8
lint: sort imports ( #17131 )
...
* lint: add goimports
Signed-off-by: Loong Dai <loong.dai@intel.com>
2022-07-20 11:33:08 +08:00
prahaladdarkin
f3edb03b49
Fix to CVE Data Export functionality for images pushed by docker push
( #17182 )
...
Closes:
* https://github.com/goharbor/harbor/issues/17167
Signed-off-by: prahaladdarkin <prahaladd@vmware.com>
2022-07-18 09:22:15 +08:00
Yang Jiao
72cd65df6a
Update delete multi project testcase ( #17169 )
...
Because this PR(#16236 ) update the delete project button xpath, so update synchronously
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-07-14 22:47:53 +08:00
stonezdj(Daojun Zhang)
9a41272986
Change the log to logger in purge job ( #17162 )
...
Fixes #17151
Signed-off-by: stonezdj <stonezdj@gmail.com>
2022-07-14 17:46:52 +08:00
prahaladdarkin
3f383e3ffd
Improvements to Vulnerability Data Export functionality. ( #17161 )
...
Closes:
* https://github.com/goharbor/harbor/issues/17152
* https://github.com/goharbor/harbor/issues/17153
Better error handling in case of task executions not found in the system
Signed-off-by: prahaladdarkin <prahaladd@vmware.com>
2022-07-14 15:08:25 +08:00
Yang Jiao
349d220372
Update delete project test case ( #17158 )
...
Because this PR(#16236 ) update the delete project button xpath, so update synchronously
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-07-13 17:39:12 +08:00
Yang Jiao
8d397d5a07
Add retry to project quota GC test case ( #17164 )
...
Add retry to improve test case stability
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-07-13 17:38:22 +08:00
Wang Yan
ef8b8f0be7
resolve the cve export volumn permission ( #17157 )
...
See the right uid and gid for the scandata_exports in the prepare
Signed-off-by: Wang Yan <wangyan@vmware.com>
2022-07-12 14:52:18 +08:00
Shijun Sun
aa3cdcbc6c
Add CVE data exporting UI ( #16236 )
...
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-07-11 17:43:25 +08:00
prahaladdarkin
130452111b
Vulnerability scan data export functionality ( #15998 )
...
Vulnerability Scan Data (CVE) Export Functionality
Proposal - goharbor/community#174
Closes - https://github.com/goharbor/harbor/issues/17150
Changes:
* CVE Data export to CSV with filtering support.
* Implement CSV data export job for creating CSVs
* APIs to trigger CSV export job executions
Signed-off-by: prahaladdarkin <prahaladd@vmware.com>
2022-07-11 16:35:04 +08:00
Yang Jiao
f852996fe5
Update tag immutability xpath ( #17149 )
...
Because this PR(#17138 ) update the tag immutability xpath, so update synchronously
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-07-11 15:59:55 +08:00
Orlix
ba0637f562
Tune stale action ( #17146 )
...
Tube stale action
- 60 days grace period for stale
- exclude issues and PR with labels : never-stale, kind/requirement
Signed-off-by: OrlinVasilev <ovasilev@vmware.com>
Co-authored-by: OrlinVasilev <ovasilev@vmware.com>
2022-07-08 23:11:42 +02:00
Roooocky
7e4b26b220
Add new feature for supporting WebAssembly artifact ( #16931 )
...
support wasm
Signed-off-by: ln23415 <ln23415@hotmail.com>
2022-07-08 23:08:28 +08:00
Shijun Sun
af802a4416
Hide pull command for Nydus ( #17143 )
...
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-07-08 17:03:02 +08:00
Shijun Sun
6c1fbde2a8
Developer role should be able to view tag-retention rules ( #17138 )
...
Developer role should be able to view tag-rerention rules
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-07-08 11:38:54 +08:00
MinerYang
efd9632e96
add nydus middleware ( #17126 )
...
Signed-off-by: yminer <yminer@vmware.com>
remove comments
Signed-off-by: yminer <yminer@vmware.com>
update ut manifest
Signed-off-by: yminer <yminer@vmware.com>
modify comment manifest
Signed-off-by: yminer <yminer@vmware.com>
updtae ut testcase
Signed-off-by: yminer <yminer@vmware.com>
fixwhitespace lint
Signed-off-by: yminer <yminer@vmware.com>
update isNydus judgement && define annotation var
Signed-off-by: yminer <yminer@vmware.com>
whitespace lint
Signed-off-by: yminer <yminer@vmware.com>
2022-07-08 09:56:10 +08:00
Wang Yan
bd8d66c68d
resolve robot authgen password format issue ( #17134 )
...
In some cases, the robot automatically generates passwords that do not meet confidentiality requirements.
The fix adds retry for auto generating passwords, and the timeout is 1 minute.
The requirement: the secret must longer than 8 chars with at least 1 uppercase letter, 1 lowercase letter and 1 number
Signed-off-by: Wang Yan <wangyan@vmware.com>
2022-07-08 02:05:32 +08:00