Commit Graph

9377 Commits

Author SHA1 Message Date
stonezdj
82f59cb760 Add temporary secret for harbor proxy service
Use GenerateRandomStringWithLength function to generate secret for harbor_proxyservice
Add harbor-proxyservice secret used by proxy service

Signed-off-by: stonezdj <stonezdj@gmail.com>
2020-06-15 14:43:43 +08:00
Daniel Jiang
373ac25b9b
Merge pull request #12195 from reasonerjt/fix-post-user-403
Makes api/users return 401 for request not authenticated
2020-06-11 15:51:52 +08:00
Steven Zou
64f03cc7fe
Merge pull request #12079 from ninjadq/chartrepo_enumeration_master
Fix: chart repo response code inconsistent
2020-06-11 15:08:14 +08:00
Wenkai Yin(尹文开)
b08dfd57b6
Merge pull request #12127 from ywk253100/200603_label
Remove the label from artifacts when deleting a label
2020-06-11 14:49:14 +08:00
Wenkai Yin
06f7b7f763 Remove the label from artifacts when deleting a label
Fixes #12112, remove the label from artifacts when deleting a label

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-06-11 14:02:46 +08:00
DQ
e1313da2f0 Fix: chart repo response code inconsistent
Response code should consistent whether namespace is existed or not

Signed-off-by: DQ <dengq@vmware.com>
2020-06-11 13:55:12 +08:00
Will Sun
3f4c8cc983
Merge pull request #12191 from AllForNothing/new-2.0.1
Fix UI issues with label target 2.0.1
2020-06-11 12:09:56 +08:00
AllForNothing
a773115cc3 Fix UI issues with label target 2.0.1
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-06-11 11:29:18 +08:00
jwangyangls
4b496438b1
Merge pull request #12204 from jwangyangls/fix-harbor-icon-safari-break
[fix][ui] about dialog Icon cutoff in safari
2020-06-11 10:15:09 +08:00
Daniel Jiang
9b4f2cb0bc
Merge pull request #12194 from reasonerjt/unknown-serverity-lower
Lower the severity of a "Unknown" vulnerability
2020-06-10 20:31:26 +08:00
Yogi_Wang
622cb4da2b [fix][ui] about dialog Icon cutoff in safari
fix #12144
env 10.78.96.167
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2020-06-10 17:28:34 +08:00
Daniel Jiang
3b776d1a47 Makes api/users return 401 for request not authenticated
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-06-10 16:37:49 +08:00
Daniel Jiang
091dbc3454 Lower the severity of a "Unknown" vulnerability
This commit lower the actual severity of "Unknown" vulnerability to the
same level of "None"

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-06-10 15:16:25 +08:00
danfengliu
d5cce98d56
Merge pull request #12188 from danfengliu/add-singularity-py-test
Add singularity py-test
2020-06-10 14:16:47 +08:00
danfengliu
4b5080d44e Add singularity py-test
Signed-off-by: danfengliu <danfengl@vmware.com>
2020-06-10 11:09:41 +08:00
Daniel Jiang
0ac5568619
Merge pull request #12183 from reasonerjt/project-id-401
Change status code for projects API
2020-06-09 23:09:14 +08:00
jwangyangls
9e1778b32a
Merge pull request #12165 from jwangyangls/popup-unauthorized
[fix][unauthorized] Support show relogin when unauthorized  in popup modal
2020-06-09 13:05:45 +08:00
Daniel Jiang
f73aa3ce80 Change status code for projects API
Update to projects API so it will not differentiate if a project
does not exist or the user doesn't have permission to access it.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-06-09 08:24:06 +08:00
Wang Yan
c993103e01
enable storage driver of gcs and oss (#12180)
Add go build tags for gcs and oss, otherwise these drivers cannot be registered and the error "StorageDriver is not regsited: GCS" will raise on registryctl launch under the setting of GCS storage.

These build tags are designed in the distribution, just refer to https://github.com/docker/distribution/blob/release/2.7/registry/storage/driver/gcs/gcs.go#L13

Pin the google cloud API to a old version is because distribution depends on it, otherwise go mode will use v0.17.0 that go-migrate is using as the dependency version, but this version will break the compile process with following error:
harbor/pkg/mod/google.golang.org/cloud@v0.0.0-20151119220103-975617b05ea8/storage/acl.go:65:16: invalid type assertion: v.(map[string]<inter>) (non-interface type *storage.ObjectAccessControl on left)
that's bacause another dependency google.golang.org/cloud requires the pinned version of google.golang.org/api.

The pinned package should be removed once https://github.com/docker/distribution/pull/3019 is merged, and distribution ships their v2.8.0

Signed-off-by: wang yan <wangyan@vmware.com>
2020-06-09 00:57:27 +08:00
danfengliu
6a30fda874
Merge pull request #12138 from danfengliu/add-oras-py-test
add oras cli py-test
2020-06-08 16:53:30 +08:00
Yogi_Wang
6f7aa68c89 [fix][unauthorized] Support show relogin when unauthorized in popup modal
1.support show relogin when unauthorized  in popup modali
2.change change member role error handle
3.change helm chart service error handle
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2020-06-08 16:40:34 +08:00
danfengliu
e020b90bf0 add oras cli py-test
1. Add oras cli py-test;
2. Add env for notary url, allow to input different notary port instead of solid 4443;
3. Add retry for keyword Cannot Pull Image and make it longer during retry.

Signed-off-by: danfengliu <danfengl@vmware.com>
2020-06-08 11:10:07 +08:00
Steven Zou
d69f6f3673
Merge pull request #12168 from danielpacak/bump_up_trivy_adapter_to_0.11.0
fix(trivy): Bump up Trivy adapter to v0.11.0
2020-06-06 11:54:02 +08:00
Wang Yan
dec8397c21
Add api to delete blob and manifest (#12006)
* Add api to delete blob and manifest

Enable the capability of registry controller to delete blob and manifest

Signed-off-by: wang yan <wangyan@vmware.com>
2020-06-06 01:34:23 +08:00
Daniel Jiang
9f159393df
Merge pull request #12163 from reasonerjt/disable-webhook-test
Remove the API to test a webhook
2020-06-05 18:14:39 +08:00
Daniel Jiang
39a5efd54c
Merge pull request #12160 from reasonerjt/bump-up-go-migrator
Bump up golang-migrate
2020-06-05 18:13:40 +08:00
Daniel Pacak
dfcee80ae5 fix(trivy): Bump up Trivy adapter to v0.11.0
This commit bumps up Trivy to resolve the following issues reported
in the aquasecurity/harbor-scanner-trivy repository:

- https://github.com/aquasecurity/harbor-scanner-trivy/issues/114
- https://github.com/aquasecurity/harbor-scanner-trivy/issues/108

Note that this adapter vendors in Trivy v0.9.0 which has changed
the algorithm for qualifying severities. Previous versions of Trivy
preferred NVD scores, whereas this version will use vendor score
whenever it's possible.

We believe it's more suitable approach for qualifying severities.
Even though this change might impact vulnerability summaries in
some cases, the total number of vulnerabilities should stay the
same.

Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
2020-06-05 10:48:16 +02:00
Daniel Jiang
9a9e7d61fc Remove the API to test a webhook
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-06-05 13:16:18 +08:00
Daniel Jiang
bc7ede21c7 Bump up golang-migrate
This commit bumps it up to 4.11.0
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-06-05 10:29:02 +08:00
danfengliu
c261555b59
Merge pull request #12136 from danfengliu/adapt-trivy-latest-behavior
Scan result behavior changed after trivy upgrade
2020-06-04 17:41:53 +08:00
danfengliu
3f2850ffdf Scan result behavior changed after trivy upgrade
Signed-off-by: danfengliu <danfengl@vmware.com>
2020-06-04 16:25:21 +08:00
Wenkai Yin(尹文开)
b7b1ce457b
Merge pull request #10389 from lxShaDoWxl/fix/gitlab
Fixed search images in registry gitlab
2020-06-04 14:49:40 +08:00
Steven Zou
6db856c3e2
Merge pull request #12121 from steven-zou/fix/job_stop_status_issue
fix(jobservice):mismatch status issue when stopping job
2020-06-03 18:13:23 +08:00
danfengliu
5da22bc2fc
Merge pull request #12100 from danfengliu/add-replication-schedule-test-1
Add replication schedule test
2020-06-03 16:55:18 +08:00
Steven Zou
3cd47af9a5 fix(jobservice):mismatch status issue when stopping job
- returnning nil instead of error when trying to stop a job that has been in the final status(Error/Success/Stopped)
- do enhancements to the periodic job unschedule func
- fix a UT nil ptr issue

Signed-off-by: Steven Zou <szou@vmware.com>
2020-06-03 16:18:42 +08:00
Will Sun
faa156e8df
Merge pull request #11952 from timchenxiaoyu/fixdocs
Fixdocs
2020-06-03 14:56:35 +08:00
Will Sun
22503fdfa0
Merge pull request #12107 from AllForNothing/2.0.1
Fix bugs with label 'target 2.0.1'
2020-06-03 14:52:30 +08:00
AllForNothing
8bf77d01f4 Fix bugs with label 'target 2.0.1'
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-06-03 11:25:22 +08:00
Daniel Pacak
f5d482854b
fix(trivy): Handle gracefully scratch and slim images (#11983)
This commit bumps up Trivy to 0.7.0 and Trivy adapter service to 0.10.0
in order to handle scratch and slim images, for which we cannot detect
the underlying operating system.

Resolves: #11964

Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
2020-06-02 10:51:14 +02:00
jwangyangls
6939446c3c
Merge pull request #12115 from jwangyangls/fix-issue-add-label
[fix] Fix  issue in front ui 2.0.1
2020-06-02 15:52:37 +08:00
danfengliu
ceaa0a57b3 Add replication schedule test
1. Add replication schedule test;
2. Add some sleep after project creation before push image to avoid push image v2 error.
   It fixed issue# 12094: Scan image vmware/photon:1.0 return unsupported occasionally.
3. Add some sleep in test_user_view_logs.py, can't get operation logs sometimes.

Signed-off-by: danfengliu <danfengl@vmware.com>
2020-06-02 15:51:10 +08:00
Qian Deng
9e1302211b
Merge pull request #12072 from ninjadq/add_timeout_in_nginx_config
Add timeout in nginx config
2020-06-02 15:14:42 +08:00
jwangyangls
972c61ccde
Merge pull request #10586 from dhs-shine/fix_typo
Fix typo (ODIC -> OIDC)
2020-06-02 14:25:25 +08:00
Yogi_Wang
459314308b [fix] issue in front ui 2.0.1
1.fix add label issue
2.fix unauthorized user can contrl page
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2020-06-02 13:54:22 +08:00
Steven Zou
c7c1742b88
Merge pull request #12106 from heww/clean-clair-url
refactor(configuration): cleanup unneeded CLAIR_URL configuration in core
2020-06-01 19:24:19 +08:00
Daniel Jiang
58894e9d9c
Merge pull request #12071 from ninjadq/upgrade_chartversion
Enhance: Upgrade chartmuseum version
2020-06-01 13:36:54 +08:00
Daniel Jiang
6271da471b
Update health check script for harbor-db (#12103)
This patch remove the trailing space of the hostname introduced by
`hostname -i`.

The trailing space will cause resolution error after this patch is
applied to glibc in photon:
https://github.com/vmware/photon/blob/2.0/SPECS/glibc/glibc-fix-CVE-2019-10739.patch

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-05-30 14:05:39 +08:00
Steven Zou
a032c546f8
Merge pull request #12096 from steven-zou/fix/remove_checkin_data
fix(jobservice):fix issues of jobservice
2020-05-29 16:49:33 +08:00
He Weiwei
d97be71234 refactor(configuration): cleanup unneeded CLAIR_URL configuration in core
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-05-29 07:27:50 +00:00
xiaoyuchen9
8a3311e38e fix docs
Signed-off-by: xiaoyuchen9 <xiaoyuchen9@creditease.cn>
2020-05-29 14:51:32 +08:00