Commit Graph

7941 Commits

Author SHA1 Message Date
Daniel Jiang
f0cb16cb86 Update OIDC token refresh process
1) Disassociate id token from user session

2) Some OIDC providers do not return id_token in the response of refresh
request:
https://openid.net/specs/openid-connect-core-1_0.html#RefreshTokenResponse
When validating the CLI secret it will not validate the id token,
instead it will check the expiration of the access token, and try to
refresh it.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2019-10-17 11:26:18 +08:00
AllForNothing
c2e30b4bad Add scanner UI
Signed-off-by: AllForNothing <sshijun@vmware.com>
2019-10-17 10:27:54 +08:00
jwangyangls
8d65bd6da7
Merge pull request #9426 from jwangyangls/remove-validate-in-oidc-claim
Remove validation about oidc claim group
2019-10-17 10:03:47 +08:00
sshijun
645e9331b0 Remove CVE ID check
Signed-off-by: sshijun <sshijun@vmware.com>
2019-10-17 09:23:45 +08:00
Steven Zou
f18afc0a3f do changes to let the vul policy check compatiable with new framework
- update the scan/scanner controller
- enhance the report summary generation
- do changes to the vulnerable handler
- remove the unused clair related code
- add more UT cases
- update the scan web hook event
- drop the unsed tables/index/triggers in sql schema

Signed-off-by: Steven Zou <szou@vmware.com>
2019-10-16 23:15:26 +08:00
stonezdj(Daojun Zhang)
2973ddcf6b
Merge pull request #9428 from stonezdj/disable_self_reg
Update default self_registration=false
2019-10-16 17:41:21 +08:00
Wenkai Yin(尹文开)
32a2c41c3b
Merge pull request #9273 from gavinfish/typo
Fix typos in core package
2019-10-16 17:10:35 +08:00
stonezdj
3636a1afa5 Update default self_registration=false
Signed-off-by: stonezdj <stonezdj@gmail.com>
2019-10-16 01:33:48 -07:00
Ziming
eed8aa91a5
Merge pull request #9033 from lxShaDoWxl/feat/gitlab
Added Gitlab Registry Support
2019-10-16 16:26:51 +08:00
Ziming
3725667448
Merge branch 'master' into feat/gitlab 2019-10-16 14:34:21 +08:00
Qian Deng
6447294741
Merge pull request #9405 from heww/speed-up-test
perf(test): speed up TestAddBlobsToProject test in dao pkg
2019-10-16 13:45:58 +08:00
wang yan
66e9278fef add npm registry when to build offline package in drone CI
Signed-off-by: wang yan <wangyan@vmware.com>
2019-10-16 11:59:42 +08:00
stonezdj(Daojun Zhang)
0fa4934679
Merge pull request #8596 from JakubOnderka/patch-4
nginx: Remove TLSv1.1 support
2019-10-16 11:39:55 +08:00
Yogi_Wang
baa5f1171e Remove validation about oidc claim group
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2019-10-16 11:17:36 +08:00
Wenkai Yin(尹文开)
372875ad64
Merge pull request #9393 from wy65701436/immutable-match
add immutable match
2019-10-15 18:51:43 +08:00
stonezdj(Daojun Zhang)
ff04b2c930
Merge pull request #9411 from wy65701436/fix-list-robot
fix list robot account API return an internal error
2019-10-15 17:47:38 +08:00
wang yan
ae4c698ab4 use only 1 repo and tag selector to match
Signed-off-by: wang yan <wangyan@vmware.com>
2019-10-15 16:44:17 +08:00
Wang Yan
551a956fcb
Merge pull request #9418 from wy65701436/quota-dup
ignore the duplicate error when to insert project_blobs on quota syncing
2019-10-15 16:37:21 +08:00
wang yan
288e4cc193 igonre the duplicate error when to insert project_blobs on quota syncing
Signed-off-by: wang yan <wangyan@vmware.com>
2019-10-15 14:14:58 +08:00
wang yan
5e8f7297f5 fix list robot account API return an internal error
Signed-off-by: wang yan <wangyan@vmware.com>
2019-10-15 12:29:44 +08:00
Will Sun
285d3e1e5c
Merge pull request #9189 from strainovic/patch-1
Use external_url if exists on Add Repo Command chart details page
2019-10-15 12:18:37 +08:00
danfengliu
aeaf3a1281
Merge pull request #9387 from danfengliu/Fix-prepary-for-upgrade-pipeline
Fix a 'if' position error in project metadata population
2019-10-15 09:48:40 +08:00
He Weiwei
d9a539807b perf(test): speed up TestAddBlobsToProject test in dao pkg
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2019-10-14 16:46:01 +00:00
Arvan Pritchard
91bef09aab Document offline migration
Add instructions for migration using offline installer.
Requested by Wang Yan in issue #7831

Signed-off-by: Arvan Pritchard <apritchard@pulsesecure.net>
2019-10-14 17:30:53 +01:00
liuxu
79322f2df2 fix fatal error
Signed-off-by: liuxu <liuxu623@gmail.com>
2019-10-14 21:41:29 +08:00
Danfeng Liu (c)
848002df83 Fix an error in prepary.py in Jenkins upgrade pipeline, which is a 'if' position error in project metadata population.
Signed-off-by: Danfeng Liu (c) <danfengl@vmware.com>
2019-10-14 18:11:17 +08:00
Will Sun
0076f23195
Merge pull request #9377 from zhoumeina/add_ut
add more unit test
2019-10-14 17:16:03 +08:00
Steven Zou
e0901410e1
Merge pull request #9381 from beautytiger/dev-191011-fixtime
fix wrong time parse by wrong year representation
2019-10-14 17:02:06 +08:00
Stuart Clements
ed70e37c05 Fixed typo per pr 9372 2019-10-14 10:44:45 +02:00
Daniel Jiang
ee9e92b6dd
Merge pull request #9157 from phin1x/master
Escape user dn in ldap group search filter
2019-10-14 16:41:27 +08:00
wang yan
a3546478eb add immutable match
Signed-off-by: wang yan <wangyan@vmware.com>
2019-10-14 16:21:32 +08:00
Wenkai Yin(尹文开)
9d37e9472c
Merge pull request #9378 from wy65701436/robot-invisiable
add visible attribute to robot account
2019-10-14 15:18:41 +08:00
wang yan
7c16cbfeef fix scan controller test introduced by api change
Signed-off-by: wang yan <wangyan@vmware.com>
2019-10-14 14:39:46 +08:00
wang yan
25f638a989 Merge branch 'master' of https://github.com/goharbor/harbor into robot-invisiable 2019-10-14 14:35:45 +08:00
wang yan
c597e46756 do not expose visible attribute of robot account to user
Signed-off-by: wang yan <wangyan@vmware.com>
2019-10-14 14:11:09 +08:00
Wang Yan
17ad4aca55
Merge pull request #9343 from ywk253100/191009_bug_fix
Check the existence of project before the next action
2019-10-14 11:27:34 +08:00
Wenkai Yin(尹文开)
7d0505593f
Merge pull request #8556 from chlins/feat/image-replication-adapter-for-quay.io
Feat/image replication adapter for quay.io
2019-10-14 09:16:45 +08:00
Steven Zou
179a04da8a
Merge pull request #9369 from steven-zou/feature/pluggable_scanner_s3_merge
Implement the pluggable scanner framework - stage 3
2019-10-12 17:10:58 +08:00
Steven Zou
6e8e601c8d make robot account with new robot controller
Signed-off-by: Steven Zou <szou@vmware.com>
2019-10-12 16:34:08 +08:00
Steven Zou
a86afd6ebc Merge branch 'master' into feature/pluggable_scanner_s3_merge 2019-10-12 15:18:06 +08:00
xaleeks
21a0dd1d28
Merge pull request #9372 from stuclem/fix-typo
Fixed typo
2019-10-12 11:28:38 +08:00
wang yan
3e81bd7f1d add visible attribute to robot account
The commit is to make robot controller could create invisible robot account for internal use

Signed-off-by: wang yan <wangyan@vmware.com>
2019-10-12 00:51:48 +08:00
Guangming Wang
bea8609a58 fix wrong time parse by wrong year representation
Signed-off-by: Guangming Wang <guangming.wang@daocloud.io>
2019-10-11 22:59:40 +08:00
Wang Yan
40d80f82ba
Merge pull request #9368 from reasonerjt/set-cli-secret-api
API for user to set the CLI secret
2019-10-11 18:38:58 +08:00
Wang Yan
d7375992b5
Merge pull request #9363 from wy65701436/robot-refactor
refactor robot api
2019-10-11 18:16:28 +08:00
Steven Zou
9fd8b6306c refactor code to reflect code review comments
- refactor the db schema \
- refactor  permission checking in API handlers \

to follow the latest code/interface changes

Signed-off-by: Steven Zou <szou@vmware.com>
2019-10-11 18:07:47 +08:00
wang yan
6f6f113f0f refactor robot api
1, add API controller for robot account, make it callable internally
2, add Manager to handler dao releate operation

Signed-off-by: wang yan <wangyan@vmware.com>
2019-10-11 17:26:18 +08:00
Meina Zhou
728cea5859 add more unit test
Signed-off-by: Meina Zhou <meinaz@vmware.com>
2019-10-11 17:25:50 +08:00
Stuart Clements
67dfc5b35c Fixed typo 2019-10-11 09:16:22 +02:00
Daniel Jiang
53a13e165d API for user to set the CLI secret
This commit replace the API to generate CLI secret with a new API to
update the secret

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2019-10-11 14:15:08 +08:00