Commit Graph

4128 Commits

Author SHA1 Message Date
Wenkai Yin
df1f52dba4 Use insecure transport when creating the adapter for local instance in replication
Use insecure transport when creating the adapter for local instance in replication

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-04-10 16:45:57 +08:00
Yogi_Wang
33ed4fb67e Separate swagger to get v2.0 swagger and chart swagger
1. Partial helm api version number clear
2. Separate swagger to get v2.0 swagger and chart swagger
3. router add chart swagger

Signed-off-by: Yogi_Wang <yawang@vmware.com>
2020-04-10 16:25:30 +08:00
Yogi_Wang
3c771670ca [Fix] Fix part issue of round2
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2020-04-10 16:15:42 +08:00
Wenkai Yin
847a513cea Add "delete" into the action map if the action in token is "*"
Fixes #11563, add "delete" into the action map if the action in token is "*"

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-04-10 16:11:44 +08:00
He Weiwei
f4821e96b3
Merge pull request #11527 from heww/refresh-quota-ignore-limitation
feat(quota): ignore limitation support for quota RefreshMiddleware
2020-04-10 15:29:41 +08:00
Daniel Jiang
56b404bfb7
Get digest in content trust middleware (#11554)
This commit removes the EnsureArtifactDigest as its implementation is
problematic: the artifactinfo in context is immutable.
When the content trust middleware needs the digest it will retrieve it
via artifact controller.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-04-10 14:11:56 +08:00
Steven Zou
6986af6e74
Merge pull request #11558 from danielpacak/fix/issue_11310/preserve_default_scanner
fix(scanner): Do not override the default scanner on init
2020-04-10 12:42:39 +08:00
Steven Zou
5661ff937b
Merge pull request #11493 from steven-zou/fix/js_ut_case_failure
fix(js UT cases):fix the cron spec bug
2020-04-10 10:16:05 +08:00
Daniel Pacak
dcbf0726e5 fix(scanner): Do not override the default scanner on init
Resolves: #11310

Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
2020-04-09 17:56:07 +02:00
Wenkai Yin(尹文开)
340027a882
Merge pull request #11484 from ywk253100/200407_replication_hairpin
Fix replication failure in kubernetes with hairpin mode disabled
2020-04-09 16:50:46 +08:00
Wenkai Yin
8ee3421176 Fix replication failure in kubernetes with hairpin mode disabled
Fixes #11480
Fixes #11461
Fix replication failure in kubernetes with hairpin mode disabled

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-04-09 15:10:25 +08:00
Will Sun
71821a1c9a
Merge pull request #11497 from AllForNothing/css
Fix css bugs of label 'target2.0'
2020-04-09 14:20:30 +08:00
Wenkai Yin(尹文开)
8fb46d4bc7
Just log the signature not found error in debug mode (#11529)
Fixes #11510, just log the signature not found error in debug mode when deleting artifacts

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-04-09 14:17:40 +08:00
AllForNothing
a411879196 Fix css bugs of label 'target2.0'
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-04-09 10:32:07 +08:00
He Weiwei
0b26b36737 feat(quota): ignore limitation support for quota RefreshMiddleware
1. Ignore limitation when refresh quota for project.
2. Return 403 when quota errors occurred.
3. Add test for Refresh method of quota controller.

Closes #11512

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-04-08 19:17:41 +00:00
He Weiwei
20115b92c7 fix(vulnerable): fix the wrong count of vulnerabilities in message
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-04-08 09:06:31 +00:00
Steven Zou
59f14dff98 fix(js UT cases):fix the cron spec bug
- eliminate the time of cron spec  overflow issue in the UT case

Signed-off-by: Steven Zou <szou@vmware.com>
2020-04-08 15:59:05 +08:00
Daniel Jiang
6ad855f0ee
Merge pull request #11475 from reasonerjt/rm-token-claims-registry
Remove the registry claim pacakge
2020-04-08 12:19:56 +08:00
AllForNothing
e342b4ef0b Add new nightly cases for tag CRUD
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-04-08 09:56:27 +08:00
Steven Zou
76625eab54
Merge pull request #11473 from steven-zou/fix/issue_#11466
fix[jobservice]:enqueue job with UTC
2020-04-08 08:44:43 +08:00
Wenkai Yin(尹文开)
e1ba985b7c
Merge pull request #11436 from ywk253100/200404_repo_encode
Update APIs to only accept encoded repository name that contains slash
2020-04-07 23:14:44 +08:00
Wenkai Yin(尹文开)
bf6c4ff1f1
Merge pull request #11479 from ywk253100/200407_replication
Fix replication bug
2020-04-07 22:41:19 +08:00
Yogi_Wang
3775509ce5 Update APIs to only accept encoded repository name
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2020-04-07 22:40:39 +08:00
Wenkai Yin
2171634000 Fix replication bug
Remove the URL replacing logic temporarily to make replication work and will introduce a new solution for the hairpin issue

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-04-07 21:27:06 +08:00
Wenkai Yin
7188e01569 Update APIs to only accept encoded repository name that contains slash
Update APIs to only accept encoded repository name that contains slash

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-04-07 20:57:50 +08:00
Wenkai Yin
0a372a85eb Remove "GetMyProjects" and "GetProjectRoles" in the interface "security.Context"
Fixes #11125, remove "GetMyProjects" and "GetProjectRoles" in the interface "security.Context"

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-04-07 19:53:38 +08:00
Steven Zou
0fc7629865 fix[jobservice]:enqueue job with UTC
- schedule the periodical jobs following the UTC timezone
  - e.g: 5 10 10 * * * means run jobs at UTC time 10:10:05 everyday
- fix issue #11466

Signed-off-by: Steven Zou <szou@vmware.com>
2020-04-07 17:10:19 +08:00
He Weiwei
3f567514b5
Merge pull request #11468 from wy65701436/remove-count-quota-code
remove the chart handling in quota
2020-04-07 16:51:07 +08:00
Daniel Jiang
c303dcf617 Remove the registry claim pacakge
This commit removes `src/pkg/token/claims/registry` that is not referenced by other
packages.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-04-07 16:43:28 +08:00
Wenkai Yin(尹文开)
88ae9c458c
Update tags related APIs (#11435)
* Update tags related APIs

1. Remove API for listing tags of repository
2. Add API for listing tags of artifact
3. Support filter artifact by tag name

Signed-off-by: Wenkai Yin <yinw@vmware.com>

* [OCI] modify artifact tag name check
1. switch api get tag list
2. modify artifact tag name check
Signed-off-by: Yogi_Wang <yawang@vmware.com>

Co-authored-by: Yogi_Wang <yawang@vmware.com>
2020-04-07 16:28:51 +08:00
wang yan
a96d2f3746 remove the chart handling in quota
1, remove the chartmuseum controller
2, doesn't handle chartrepo url in v2 middleware

Signed-off-by: wang yan <wangyan@vmware.com>
2020-04-07 15:26:34 +08:00
He Weiwei
dd95866e6a
Merge pull request #11467 from heww/fix-issue-11131
fix(scan): dump nil slice of vulnerabilities as empty slice in report
2020-04-07 15:01:17 +08:00
Wenkai Yin(尹文开)
5d55bd1d0c
Merge pull request #11463 from ywk253100/200407_copy
Update the logic of copy artifact
2020-04-07 14:36:27 +08:00
He Weiwei
e1ab30dadf fix(scan): dump nil slice of vulnerabilities as empty slice in report
Closes #11131

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-04-07 06:20:25 +00:00
He Weiwei
8ddfe2d0a5
Merge pull request #11460 from heww/merge-scan-report
feat(scan): merge reports for image index
2020-04-07 13:07:52 +08:00
He Weiwei
43df7b2577
Merge pull request #11459 from heww/scan-cleanup
refactor: cleanup unused code about scan
2020-04-07 12:00:48 +08:00
Wenkai Yin
9bfabff4d2 Update the logic of copy artifact
1. Copy artifact will not return 409 anymore.
2. Make sure the tags of source artifact exist in the target artifact

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-04-07 10:55:55 +08:00
He Weiwei
6b066bade5 feat(scan): merge reports for image index
1. Merge the scanning reports of referenced artifacts for image index.
2. Add artifact info for report.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-04-07 02:54:01 +00:00
Wenkai Yin(尹文开)
b819e7ae83
Merge pull request #11438 from ywk253100/200402_replication
Support replication between Harbor 2.0 and 1.x
2020-04-07 10:24:59 +08:00
Daniel Jiang
db10720e80
Merge pull request #11406 from reasonerjt/reenable-token-auth-for-cli-new
Reenable token auth for cli
2020-04-07 08:55:25 +08:00
He Weiwei
69ca7a0dae refactor: cleanup unused code about scan
1. Cleanup unused code about clair.
2. Cleanup unused definitions in legacy_swagger.yaml about scan.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-04-06 17:34:25 +00:00
He Weiwei
80027c3b86
Merge pull request #11397 from ywk253100/200402_chart_api
Add a seperated swagger file for chart API
2020-04-07 00:05:49 +08:00
Wenkai Yin(尹文开)
e6f96e2a8b
Merge pull request #11427 from wy65701436/fixes-11280
Add trace information into internal error
2020-04-06 17:51:40 +08:00
wang yan
44825e819e deprecate quota count on artifact
Fixes #11241

1, remove count quota from quota manager
2, remove count in DB scheme
3, remove UI relates on quota
4, update UT, API test and UI UT.

Signed-off-by: wang yan <wangyan@vmware.com>
2020-04-06 16:56:11 +08:00
Wenkai Yin
8f8b4d5e8d Add a seperated swagger file for chart API
Add a seperated swagger file for chart API as these APIs have no version

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-04-06 16:30:26 +08:00
Daniel Jiang
e8f98259dd Make sure middleware handle scanner-pull claim for v2token
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-04-05 01:10:45 +08:00
Wenkai Yin
8f11cb7ff0 Support replication between Harbor 2.0 and 1.x
Fixes #11374, fixes #11302, support replication between Harbor 2.0 and 1.x by providing versioning adapter

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-04-04 22:08:11 +08:00
Wenkai Yin(尹文开)
9ca87b85a5
Merge pull request #11389 from wy65701436/fix-dao-ut
fix artifact dao UT issue
2020-04-04 10:32:03 +08:00
wang yan
8bd2dc6394 Add trace information into internal error
Fixes #10839
Add a StackTrace func in to Error, and log it when Harbor gets a internal

Signed-off-by: wang yan <wangyan@vmware.com>
2020-04-04 01:38:36 +08:00
He Weiwei
bd6c2f8870
fix(vulnerable,middleware): improve vulnerable middleware (#11407)
1. Prevent the pull action when scan report status is not successfuly.
2. Bypass the checking when no vulnerabilities not found.
3. Improve the returned message when prevented the pull action.

Closes #11202

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-04-04 00:54:57 +08:00
Daniel Jiang
08f9ffa000 Reenable token auth for cli
Docker CLI fails if it's not logged in upon seeing "basic" realm challenging while pinging the "/v2" endpoint. (#11266)
Some CLI will send HEAD to artifact endpoint before pushing (#11188)(#11271)

To fix such problems, this commit re-introduce the token auth flow to the CLIs.

For a HEAD request to "/v2/xxx" with no "Authoirzation" header, the v2_auth middleware populates the
"Www-Authenticate" header to redirect it to token endpoint with proper
requested scope.

It also adds security context to based on the content of the JWT which has the claims of the registry.
So a request from CLI carrying a token signed by the "/service/token" will have proper permissions.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-04-04 00:05:58 +08:00
danfengliu
616c2d9e0f
Merge pull request #11408 from jwangyangls/nightly-case-trivy-3
[Test Case] Add nightly case for CVE
2020-04-03 19:23:26 +08:00
Yogi_Wang
2610fe530f [Test Case] Add nightly case for CVE
1. add nightly case for cve
2. change translate words
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2020-04-03 16:59:45 +08:00
He Weiwei
e9543a1e3c
Fix merge scan summary (#11392)
* fix(scan): fix ScanStatus when merge NativeReportSummary

1. Running and success status is high priority when merge ScanStatus of
NativeReportSummary, otherwise chose the bigger status.
2. Merge scan logs of referenced artifacts when get the scan logs of
image index.

Closes #11265

Signed-off-by: He Weiwei <hweiwei@vmware.com>

* fix(portal): fix the annotation for the scan completed percent in scan overview

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-04-03 16:21:36 +08:00
Wenkai Yin(尹文开)
2783fd0950
Merge pull request #11276 from mmpei/offical-webhook-slack-fix
fix webhook slack test error
2020-04-03 10:37:21 +08:00
He Weiwei
c0246e2130
Merge pull request #11400 from heww/fix-issue-11391
fix(log): correct file and line when use logger
2020-04-02 22:23:15 +08:00
peimingming
5924658092 fix webhook slack test error
Signed-off-by: peimingming <peimingming@corp.netease.com>
2020-04-02 20:02:27 +08:00
He Weiwei
207463e91e fix(log): correct file and line when use logger
1. When use the helper functions of log pkg, the depth is 4 to get the
correct file and line.
2. Whe use the default logger of log pkg, the depth is 3 to get the
correct file and line.

Closes #11391

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-04-02 10:49:38 +00:00
Will Sun
2c3552904d
Merge pull request #11393 from AllForNothing/improve-webhook
Improve webhook UI according to the UX
2020-04-02 17:51:13 +08:00
wang yan
7104461716 fix artifact dao UT issue
The update column should be PullTime instead of PushTime

Signed-off-by: wang yan <wangyan@vmware.com>
2020-04-02 14:45:43 +08:00
AllForNothing
ba5fd67b08 Improve webhook UI according to the UX
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-04-02 14:30:21 +08:00
wang yan
a11a70d941 move logger from common to lib
The logger is the fundamental library, so move it into lib folder
Signed-off-by: wang yan <wangyan@vmware.com>
2020-04-02 14:09:03 +08:00
jwangyangls
4ea7b13215
Merge pull request #11385 from jwangyangls/nightly-case-trivy-2
[Nightly] Project Level Image Serverity Policy
2020-04-02 11:14:21 +08:00
Yogi_Wang
01f8291bb7 [Nightly] Project Level Image Serverity Policy
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2020-04-02 10:16:57 +08:00
danfengliu
f11e713ada
Merge pull request #11380 from jwangyangls/nightly-case-trivy-1
[Nightly] add case about trivy
2020-04-01 22:45:40 +08:00
Steven Zou
1f6301267c
Merge pull request #11369 from steven-zou/fix/issue_#11361
fix[lua_scripts]:add default values for tonumber
2020-04-01 19:01:02 +08:00
Qian Deng
b1284da96b
Merge pull request #11360 from ninjadq/rever_chart_api_change
Rever chart api change
2020-04-01 18:58:57 +08:00
Wenkai Yin(尹文开)
d187a8e69e
Merge pull request #11333 from ywk253100/200325_copy
Update the existence checking logic when copying artifact
2020-04-01 18:09:20 +08:00
Wang Yan
4594d58ba8
add clean untagged blobs in gc job (#11248)
Fixes #11190, delete all of non-referenced blobs of each project in GC job, thun the quota
can be released.

Signed-off-by: wang yan <wangyan@vmware.com>
2020-04-01 18:01:46 +08:00
Will Sun
b0d0b292cd
Merge pull request #11288 from AllForNothing/nightly-webhook
Fix nightly cases for webhook
2020-04-01 17:37:11 +08:00
Wenkai Yin(尹文开)
9f4f3be00d
Merge pull request #11364 from ywk253100/200331_replication
Some tiny improvement for replication
2020-04-01 17:29:08 +08:00
Wenkai Yin
e4d42deb75 Make sure the tag filter have the same behavior for empty value and *
Fixes #11233, make sure the tag filter have the same behavior for empty value and *

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-04-01 17:15:23 +08:00
Yogi_Wang
24b57715ab [Night] add case about trivy
`
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2020-04-01 17:06:34 +08:00
AllForNothing
e6e3f0a6af Fix nightly cases for webhook
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-04-01 16:27:40 +08:00
DQ
6216073d2a Add ui change
using api/chartreport for ui

Signed-off-by: DQ <dengq@vmware.com>
2020-04-01 11:55:22 +08:00
DQ
9ff7d46e8f Rever chart version to original
Because chart version should consistent with previous version

Signed-off-by: DQ <dengq@vmware.com>
2020-04-01 11:55:22 +08:00
Wang Yan
f6c0608e22
fix GC jobs upgrade issue (#11365)
Fixes #11313
Fixes #11275

1, Add more details log in GC job
2, Add type assertion for the upgrading case, the delete_untagged parameter is introduced from v2.0
3, Add UT

Signed-off-by: wang yan <wangyan@vmware.com>
2020-04-01 11:53:41 +08:00
Wenkai Yin(尹文开)
c2c9fa28eb
Merge pull request #11368 from heww/fix-ongoing-of-metrics
fix(scan): ongoing is true for schedule scan all only when job is running
2020-03-31 20:10:40 +08:00
He Weiwei
1a7cad3a14
Merge pull request #11370 from heww/fix-issue-11198
fix(scan): add scanner name as prefix for name of the robot when submit scan job
2020-03-31 19:23:28 +08:00
Steven Zou
b5fceae734 fix[lua_scripts]:add default values for tonumber
- add default values for the integer vars converted by tonumber()

Signed-off-by: Steven Zou <szou@vmware.com>
2020-03-31 18:20:52 +08:00
Wang Yan
d6261d9456
Does not throw err in the notification job (#11363)
Fixes #11280, no error return but just log.

Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-31 18:12:12 +08:00
He Weiwei
120be36fec fix(scan): ongoing is true for schedule scan all only when job is running
Closes #11289

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-03-31 10:08:22 +00:00
AllForNothing
0275108cb2 Fix bugs for round 1 testing
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-03-31 16:21:37 +08:00
jwangyangls
ceded08507
Merge pull request #11362 from jwangyangls/refact-artifact-tag
[OCI] Refact artifact tag
2020-03-31 15:46:45 +08:00
Yogi_Wang
a6e986df62 [OCI] Refact artifact tag
1.get artifact tag from another api
2.add refresh button  in artifact tag
3.fix permission change
4.some ui style
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2020-03-31 14:57:39 +08:00
Wenkai Yin
d9a5c71289 Some tiny improvement for replication
1. Add timeout when transter artifacts
2. Check 404 error when unschedule the policy
3. Add line to mark the job failure in job log

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-31 14:50:37 +08:00
Wang Yan
34d05dae58
fix content trust middleware bypass scanner pull (#11321)
Fixes #11206
1, fix middleware doesn't work for docker pull without auth
2, fix middleware doesn't bypass scanner pull

Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-31 11:12:21 +08:00
jwangyangls
3c6f5cce54
Merge pull request #11352 from jwangyangls/fix-bug-2.0-2
[Fix] some harbor 2.0 UI bug
2020-03-31 11:02:06 +08:00
He Weiwei
86d446ce81
fix(log): change log level from warning to debug when unescape path params (#11359)
Closes #11186

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-03-31 10:33:18 +08:00
Daniel Jiang
fdb82ae4fa
Merge pull request #11349 from reasonerjt/fix-10602
Not checking for registry credentials in v2auth
2020-03-31 10:26:33 +08:00
Daniel Jiang
37f9d650bd Not checking for registry credentials in v2auth
That was added to support core process sending request to `/v2/xxx`.
It's no longer needed after reworking the flow.
This commit removes this.

Fixes #10602, as it's not a case we need to support for now.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-03-31 01:08:37 +08:00
He Weiwei
f4d96d85f8 fix(scan): add scanner name as prefix for name of the robot when submit scan job
Closes #11198

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-03-30 16:52:04 +00:00
Steven Zou
3d6c65f53b
fix[UT]:improve the UT cases of enqueuer (#11358)
- change the test cron spec
- use cretaed timer for timeout

Signed-off-by: Steven Zou <szou@vmware.com>
2020-03-31 00:09:20 +08:00
Steven Zou
f2beed577f
fix[logger]:update log ID validation logic (#11351)
Signed-off-by: Steven Zou <szou@vmware.com>
2020-03-31 00:08:55 +08:00
Yogi_Wang
661867240d [Fix] 2.0 UI bug
1.fix #11312
2.fix #11235
3.fix #11230
4.fix #11209
5.fix #11199
6.fix #11034
7.fix #9926
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2020-03-30 17:49:42 +08:00
Wenkai Yin(尹文开)
4faff18b2d
Merge pull request #11339 from ywk253100/200328_limit_offset
Add "order by" clause to avoid the duplicat rows
2020-03-30 17:14:44 +08:00
Wenkai Yin
fb975d902c Add "order by" clause to avoid the duplicat rows
Add "order by" clause to avoid the duplicat rows: https://www.postgresql.org/docs/9.6/queries-limit.html

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-30 16:42:43 +08:00
Wenkai Yin(尹文开)
6815e8dc4d
Merge pull request #11348 from ywk253100/200330_tag_filter
Make sure the tag filter have the same behavior for empty value and *
2020-03-30 14:02:37 +08:00
He Weiwei
fbae9f0c25
Merge pull request #11347 from heww/refactor-errors
Refactor errors
2020-03-30 13:06:07 +08:00
Wenkai Yin
7ec5595bd8 Make sure the tag filter have the same behavior for empty value and *
Fixes #11233, make sure the tag filter have the same behavior for empty value and *

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-30 10:10:12 +08:00
Will Sun
9a205ddbc3
Merge pull request #11332 from AllForNothing/scan-result-modify
Modify UI for scanning result
2020-03-30 09:47:45 +08:00
He Weiwei
1bf142c33b refactor: use lib/errors to instead of scan/errs
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-03-29 05:19:06 +00:00
He Weiwei
9c06c79ff4 refactor(errors): rename pkglib/error to lib/errors
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-03-29 05:19:05 +00:00
Wenkai Yin(尹文开)
98759642b7
Add API to list tags under the specific repository (#11336)
Add API to list tags under the specific repository

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-29 12:19:54 +08:00
Steven Zou
1bbd3585e5
Merge pull request #11296 from ywk253100/200326_replication
Support replicate images with media type application/vnd.docker.distribution.manifest.v1+json
2020-03-27 18:12:12 +08:00
Steven Zou
36552ba18b
Merge pull request #11318 from ywk253100/200326_remove_pagination_default
Iterate the link header when listing artifact
2020-03-27 18:07:03 +08:00
Wang Yan
eccb8aa708
append pull permission for push policy (#11303)
Fixes #11225
As registry changes to basic auth, the push action lost the pull permission.
Add it in the robot security context.

Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-27 17:10:04 +08:00
AllForNothing
3c51e37702 Modify UI for scanning result
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-03-27 16:41:38 +08:00
He Weiwei
033d6dac6b
fix(quota): allowed to put blob which size is zero (#11314)
Closes #11239

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-03-27 14:39:25 +08:00
Wenkai Yin(尹文开)
f4ad0fbf00
Use the same logic to parse the registry URL (#11320)
Use the same logic to parse the registry URL to fix #11274

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-27 10:33:20 +08:00
Wenkai Yin(尹文开)
e8cc84738a
Merge pull request #11309 from ywk253100/200326_error
Fix bugs of replication
2020-03-27 10:31:03 +08:00
Wang Yan
a5c1eae81a
give the username to anonymous when to pull public resource without authN (#11306)
For pull a public resource, there is no need to login, give the access name to anonymous in the audit logs

Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-27 10:24:59 +08:00
Wenkai Yin
9a92b9e725 Fix bugs of replication
1. Bump up the version of API used in replicatoin scheduler job
2. Check the error message to determine whether the job exists or not in jobservice when unschedule a job

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-26 23:12:02 +08:00
Wenkai Yin
afdfedcb49 Iterate the link header when listing artifact
Fixes #11315
When specify no pagination in listing artifact request, the go-swagger will set the default value for them, so we need to iterate the link header to get all of artifacts

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-26 21:26:09 +08:00
Daniel Pacak
48df949c30
feat(trivy): Return Trivy DB update timestamp in /api/v1/metadata response (#11285)
Resolves: #11284

Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
2020-03-26 19:22:28 +08:00
Wenkai Yin
64e4651b3f Support replicate images with media type application/vnd.docker.distribution.manifest.v1+json
Fixes #11272, support replicate images with media type application/vnd.docker.distribution.manifest.v1+json

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-26 19:09:48 +08:00
Wenkai Yin
213c534e8a Return 404 rather than 500 error when getting registry info
In Harbor 2.0, the replication isn't supported between instances with different versions, this commit returns the 404 error when trying to get the registry info whose version is different with the current one

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-26 18:07:11 +08:00
He Weiwei
73f3a305ce
refactor: rename testing/api to testing/controller (#11295)
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-03-26 14:00:11 +08:00
jwangyangls
96572c3c86
Merge pull request #11254 from jwangyangls/nightly-case-3
[Fix]   Fix issue 2.0
2020-03-26 12:14:37 +08:00
Yogi_Wang
cba4490a5a [Fixed] Fix bug for 2.0 and add case for trivy
Signed-off-by: Yogi_Wang <yawang@vmware.com>
1.add case for trivy
2.vunerbility refresh bug
3.scan mutiple artifact
4.fix global search bug
5.disable delete tag btn when remove immutable tag
6.cancel selectRow when add label or remove label;fix #11195
7.fix cron tootip
2020-03-26 11:39:57 +08:00
qinshaoxuan
df9c2bdc46 Fix bug when scanner is unhealthy
The function GetRegistrationByProject should not return err when Ping
return err.  The return value 'registration' has 'Health' field which
shows the scanner health status.

Resolves: #11051
See also: #9788, #9807

Signed-off-by: qinshaoxuan <qinshaoxuan@baidu.com>
2020-03-26 11:25:47 +08:00
Wang Yan
da8902da53
Handle empty orlist in orm query (#11270)
Fixes #11267
When caller parse an empty orlist to orm lib, it will parse the empty vaule to beego orm.
But beego will panic if the query string is empty.

Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-26 11:23:20 +08:00
Wenkai Yin(尹文开)
d05817c8a2
Update the URL checking logic of auth proxy security generator (#11180)
As we don't support bearer token in Harbor 2.0, the URL checking logic in auth proxy security generator should be updated

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-25 01:19:11 +08:00
Wenkai Yin(尹文开)
8984979bd2
Relocate/rename some packages (#11183)
Fixes #11016
1. src/pkg/q->src/internal/q
2. src/internal->src/lib (internal is a reserved package name of golang)
3. src/api->src/controller

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-24 20:45:45 +08:00
Ted Guan
e49a247d3d
Replication webhook support (#11179)
* replication webhook support

Signed-off-by: guanxiatao <guanxiatao@corp.netease.com>

* replication webhook support with ut fixed

Signed-off-by: guanxiatao <guanxiatao@corp.netease.com>
2020-03-23 18:45:58 +08:00
Wang Yan
168637a743
Add permission check for audit logs API (#11154)
add a base method to require system admin permission

Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-23 16:59:10 +08:00
Wang Yan
15d2a93aa2
Fix orm query setter issue (#11177)
For the Andlist, the query setter should ignore it

Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-23 16:05:20 +08:00
Wenkai Yin(尹文开)
1762bfae69
Merge pull request #11158 from ywk253100/200320_repository_api
Add "_self" suffix for repository API to avoid conflict
2020-03-23 14:45:52 +08:00
Wenkai Yin(尹文开)
c4af6ff824
Fix bug when deleting the repository (#11121)
Fixes #10997 by looping the artifact candidates until all of them are deleted

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-23 10:38:47 +08:00
Wenkai Yin(尹文开)
8688f78cd2
Merge pull request #11144 from ywk253100/200319_security_middleware
Rewrite the filters with middleware mechinism
2020-03-23 10:12:48 +08:00
Will Sun
b740903314
Merge pull request #11143 from AllForNothing/resolver
Add routing-resolvers
2020-03-23 10:12:17 +08:00
Wenkai Yin
0453709b74 Rewrite the filters with middleware mechinism
Fixes 10532,rewrite the filters with middleware mechinism

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-23 09:26:20 +08:00
jwangyangls
61d7eaa405
Merge pull request #11160 from jwangyangls/repo-pagination
[fix] fix repo pagination
2020-03-20 19:46:02 +08:00
Wenkai Yin(尹文开)
5f982bfee1
Merge pull request #11163 from heww/gc-refresh-quotas
feat(gc,quota): refersh quotas for projects after gc
2020-03-20 19:23:36 +08:00
Wenkai Yin(尹文开)
bf3b185357
Merge pull request #11162 from reasonerjt/rm-reset-pwd
Remove route entry to reset password
2020-03-20 19:17:53 +08:00
Yogi_Wang
2786a3347c [fix] fix repo pagination
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2020-03-20 17:22:28 +08:00
He Weiwei
5641ae49df feat(gc,quota): refersh quotas for projects after gc
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-03-20 09:13:50 +00:00
Wenkai Yin
dca06b6ede Add "_self" suffix for repository API to avoid conflict
Add "_self" suffix for repository API to avoid conflict

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-20 17:08:08 +08:00
danfengliu
b51076ffa8
Merge pull request #11151 from jwangyangls/oci-nightly-change-2
[OCI] Change nightly case and change delete artifact words
2020-03-20 16:32:03 +08:00
Yogi_Wang
13ae4482ab [OCI] Change nightly case and change delete artifact words
1.nightly: fix tag retention and immutable tag case xpath
2.nightly: fix the part of delete repo button xpath
3.nightly: fix the api version when GC
4.nightly: fix add label of artifact xpath
5.text:   change delete artifact show words
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2020-03-20 15:59:16 +08:00
Daniel Jiang
9b750f60df Remove route entry to reset password
fixes #10712
The functions in CommonController are kept as a reference.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-03-20 14:05:21 +08:00
Wang Yan
63cf1fce7f
Unescape tags query when to list artifact (#11148)
The query string is encoded by UI, and we have to unescape the "=" in "q=tag=nil",
otherwise, the query doesn't work, and returns 400

Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-20 10:07:34 +08:00
Steven Zou
e8d5ba9491
Merge pull request #11004 from steven-zou/fix/update_js_ut_case
fix[js_ut]:update stop job case of js
2020-03-19 15:49:08 +08:00
Wang Yan
dc6eec8a73
Enable API logs test case (#11142)
1, enable user view log api test case
2, update project logs api permission check
3, use project ctl instead in permission check base method

Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-19 14:56:37 +08:00
AllForNothing
887d693fa4 Add routing-resolvers
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-03-19 14:45:04 +08:00
He Weiwei
21349e30af
feat(middleware,vulnerable): add image index checking for vulnerability prevention (#11084)
1. Skip vulnerability prevention checking when artifact is not
scannable.
2. Skip vulnerability prevention checking when artifact is image index
and its type is `IMAGE` or `CNAB`.
3. Skip vulnerability prevention checking when the artifact is pulling
by the scanner.
4. Change `hasCapability` from blacklist to whitelist.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-03-19 10:48:19 +08:00
Wang Yan
9e4fdc571a
update internal common error (#10994)
1, New support construct with string or err
2, Add Wrap/Errorf method

Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-19 10:46:07 +08:00
Qian Deng
cf90ec27f2
Merge pull request #10706 from ninjadq/enable_tls_on_all_components
Enable tls on all components
2020-03-18 21:25:40 +08:00
Wenkai Yin(尹文开)
dbedcf960c
Merge pull request #11128 from wy65701436/perf-list-artifact
simplify query string when to list artifact
2020-03-18 21:00:19 +08:00
Wenkai Yin(尹文开)
c505c82d57
Merge pull request #11126 from ywk253100/200318_label_resource
Remove the API to listing the resources that added with the specific label
2020-03-18 20:58:28 +08:00