Commit Graph

11371 Commits

Author SHA1 Message Date
Soumik Majumder
861ca553df
Add autoescape parameter to jinja environments (#15770)
Signed-off-by: Soumik Majumder <soumikm@vmware.com>

Signed-off-by: Soumik Majumder <soumikm@vmware.com>
2022-08-23 11:02:16 +08:00
Chenyu Zhang
31a3c6d18c
fix: validate the existence of project for export cve api (#17437)
Validate the existence of the project for export CVE API handler, return
not found error if the project is not exist.

Closes: #17430

Signed-off-by: chlins <chenyuzh@vmware.com>
2022-08-22 15:44:57 +08:00
Chenyu Zhang
5d7a549620
upgrade: bump up mockery to v2.14.0 (#17415)
Signed-off-by: chlins <chenyuzh@vmware.com>
2022-08-22 14:21:13 +08:00
Chenyu Zhang
c2a3020e0e
fix: correct description for export cve project parameter (#17433)
Correct the description for the project parameter of export CVE API in
the swagger.

Closes: #17429

Signed-off-by: chlins <chenyuzh@vmware.com>
2022-08-22 10:51:25 +08:00
Wang Yan
4faab2618e
add an example of harbor systemd service (#17420)
Dependencies
1, You must have docker with compose plugin installed.
2, You must have the directory /etc/goharbor/harbor in your env.

Tested
1, ubuntu 20.04

Signed-off-by: Wang Yan <wangyan@vmware.com>
2022-08-17 16:53:13 +08:00
MinerYang
c9a61d37e3
adjust golangci-lint installation hint (#17418)
Signed-off-by: yminer <yminer@vmware.com>

update
2022-08-17 14:55:41 +08:00
Matt Busche
548b27a0c6
Update to latest version of angular (#17303)
* Update to the latest version of angular

Signed-off-by: Matt Busche <mrbusche@gmail.com>
2022-08-17 11:30:48 +08:00
MinerYang
a272158023
add deprecation msg for chartmsuem and notary (#17398)
Signed-off-by: yminer <yminer@vmware.com>

adjust msg

adjust typo

adjust
2022-08-17 09:30:15 +08:00
Chenyu Zhang
24d60eb119
enhancement: add error log for create task (#17397)
Signed-off-by: chlins <chenyuzh@vmware.com>

Signed-off-by: chlins <chenyuzh@vmware.com>
2022-08-16 11:35:05 +08:00
Wang Yan
8e7a630b0d
bump the base version (#17380)
Update the base version to next minor release, v2.7.0

Signed-off-by: Wang Yan <wangyan@vmware.com>

Signed-off-by: Wang Yan <wangyan@vmware.com>
2022-08-12 14:50:13 +08:00
Yang Jiao
f913b84a01
Update replication and trivy testcases (#17367)
1 Update replication filter_label_xpath because of this PR #17267 updated xpath
2 Update the Manual Scan All test case, because Scan All will affect other testcases if it is not finished running

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-08-10 18:26:36 +08:00
Shijun Sun
4521189e5e
Improve unit test for sub-accessories component (#17372)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-08-10 16:20:55 +08:00
Shijun Sun
423647ea33
Improve input validator for copy-component (#17310)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-08-09 12:15:17 +08:00
Shijun Sun
893cb0a655
Fix ui issues found in testing-day-round-2 (#17357)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-08-09 12:14:53 +08:00
MinerYang
daf0874ed5
project userid not found log level into debug (#17343)
Signed-off-by: yminer <yminer@vmware.com>
2022-08-08 14:20:13 +08:00
Chenyu Zhang
1e13999fff
fix: validate export cve request params (#17341)
1. Validate export cve request params in the API handler
2. Trim space for request in the scan export job

Closes: #17326

Signed-off-by: chlins <chenyuzh@vmware.com>
2022-08-08 11:07:05 +08:00
Chenyu Zhang
49d73fa57d
fix: export cve for image manifest list (#17333)
1. Fix export cve for image manifest list
2. Remove row_id column in csv file
3. Update cve execution swagger API description

Closes: #17331,#17330,#17335,#17334

Signed-off-by: chlins <chenyuzh@vmware.com>
2022-08-05 20:07:02 +08:00
MinerYang
bd102fbf7d
_version:2.6.0 correction in migration yml jinja (#17328)
Signed-off-by: yminer <yminer@vmware.com>
2022-08-05 16:54:16 +08:00
prahaladdarkin
c776ea8bfe
Export CVE data Score column empty values (#17321)
Closes: https://github.com/goharbor/harbor/issues/17189

Signed-off-by: prahaladdarkin <prahaladd@vmware.com>
2022-08-05 10:03:42 +08:00
Chenyu Zhang
41105b5191
docs: add helpful description for cache layer configurations (#17317)
docs: add helpful description for cache layer configurations in harbor.yml.tmpl

Signed-off-by: chlins <chenyuzh@vmware.com>
2022-08-04 15:14:45 +08:00
Chenyu Zhang
49999ab1c0
fix: replication webhook lost when src namespace different with dest (#17312)
Fix the replication webhook notification lost when the rule is
pull-based and src namespace different with dest.

Closes: #17298

Signed-off-by: chlins <chenyuzh@vmware.com>
2022-08-04 15:10:19 +08:00
Chenyu Zhang
70a95a9696
fix: reduce the high db cpu usage for tag retention (#17296)
1. Add two indexes to database migrations.
2. Skip refresh quota in middleware for requests from jobservice.
3. Refresh quota by self in the end of tag retention job.

Closes: #14708

Signed-off-by: chlins <chenyuzh@vmware.com>
2022-08-04 10:08:02 +08:00
Wang Yan
914d9a5526
fix copy artifact accessory quota issue (#17293)
It needs to request quota for accessory on copying artifact.

Signed-off-by: wang yan <wangyan@vmware.com>
2022-08-03 20:02:20 +08:00
MinerYang
0fbff49eb0
bumpup golang to v1.18.5 (#17307)
Signed-off-by: yminer <yminer@vmware.com>
2022-08-03 17:44:03 +08:00
lengrongfu
dac3c7b31d
fix: distribution v2.8.0 tag does not match checksum (#17306)
Signed-off-by: lengrongfu <1275177125@qq.com>
2022-08-03 17:43:37 +08:00
Wang Yan
ebab99613f
update session log level (#17300)
To avoid too much noise in the core log, udpate the level to debug.

Signed-off-by: Wang Yan <wangyan@vmware.com>
2022-08-03 13:51:26 +08:00
MinerYang
722d1a19ea
update image extra attributes author in labels (#17291)
update image extra attributes author

Signed-off-by: yminer <yminer@vmware.com>

adding spec comment

Signed-off-by: yminer <yminer@vmware.com>
2022-08-03 11:50:54 +08:00
stonezdj(Daojun Zhang)
66d34c8e0c
Return time.Time{} when cron string is empty (#17289)
change log level to debug to avoid noise

Signed-off-by: stonezdj <stonezdj@gmail.com>
2022-08-02 15:18:25 +08:00
Shijun Sun
b4f2f170b4
Upgrade Angular dev-tool package (#17287)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-08-01 18:10:34 +08:00
MinerYang
1296e7ebf0
Enable staticcheck (#17286)
enable golangci-lint staticcheck

enable staticcheck in golangci-lint

Signed-off-by: yminer <yminer@vmware.com>
2022-08-01 16:58:51 +08:00
Yang Jiao
1dd2b0bc7c
Add purge audit log API test cases (#17175)
Added test cases for the following APIs:
1. PUT /system/purgeaudit/{purge_id}  Stop the specific purge audit log execution
2. GET /system/purgeaudit/{purge_id}  Get purge job status
3. GET /system/purgeaudit/{purge_id}/log  Get purge job log
4. PUT /system/purgeaudit/schedule   Update purge job's schedule
5. POST /system/purgeaudit/schedule  Create a purge job schedule
6. GET /system/purgeaudit/schedule  Get purge's schedule
7. GET /system/purgeaudit  Get purge job results.

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-08-01 16:52:57 +08:00
Adam
bf741ad381
feature: Use RegisteredClaims instead of deprecated staruct StandardClaims (#16206)
Signed-off-by: wujw39640 <wujw39640@hundsun.com>
2022-08-01 10:23:47 +08:00
Chenyu Zhang
bbc7282c46
upgrade: bump up beego to 1.12.11 (#17277)
Signed-off-by: chlins <chenyuzh@vmware.com>
2022-07-31 16:23:28 +08:00
Thomas Maroschik
0559ce7e28
fix: oidc token is not respected in /service/token endpoint (#16442)
Signed-off-by: Thomas Maroschik <tmaroschik@dfau.de>
2022-07-30 13:01:51 +02:00
Shijun Sun
455ebf51fc
Fix null pointer issue for creating reolication rule (#17274)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-07-30 17:17:10 +08:00
Eike David Lenz
0fe5eed55d
fix cve allowlist projectmeta validation (#15800)
Signed-off-by: Eike David Lenz <e.lenz@mittwald.de>
2022-07-30 16:59:18 +08:00
Shijun Sun
7e7ae7ea1b
Add permission check to CVE export (#17267)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-07-29 19:48:39 +08:00
Shijun Sun
04fa3853c9
Fix router issues for UI (#17235)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-07-29 19:04:01 +08:00
Chenyu Zhang
bff4e13087
fix: export cve adds resource check and project validation (#17265)
1. Add resource permission check for API handler
2. Validate export cve params project
3. Optimize friendly human message when execution status is error

Signed-off-by: chlins <chenyuzh@vmware.com>
2022-07-29 19:01:46 +08:00
MinerYang
bd1d441b01
bumpup golang version to v1.18.4 (#17257)
Signed-off-by: yminer <yminer@vmware.com>
2022-07-29 09:43:01 +08:00
Chenyu Zhang
19e73174e2
refactor: refact codebase of cve export process and filter (#17254)
1. Refact the scan export FilterProcessor interface
2. Optmize the sql template for export cve report
3. Update the process of cve export job

Signed-off-by: chlins <chenyuzh@vmware.com>
2022-07-28 16:05:12 +08:00
Wang Yan
02c41573d6
fix update robot regression (#17248)
Only check the project id for the project level robot

Signed-off-by: Wang Yan <wangyan@vmware.com>
2022-07-27 20:13:46 +08:00
MinerYang
f7ebf20d2e
Disable Nydus middleware for v2.6 (#17233)
disable nydus middleware for v2.6

Signed-off-by: yminer <yminer@vmware.com>

remove nyduus module import in main.go

Signed-off-by: yminer <yminer@vmware.com>
2022-07-27 08:41:33 +08:00
prahaladdarkin
d53af792ad
Fixes for various bugs/issues logged as a part of the test day. (#17232)
Closes:
* CVE Data Export API IDOR issue
* https://github.com/goharbor/harbor/issues/17199
* https://github.com/goharbor/harbor/issues/17193
* https://github.com/goharbor/harbor/issues/17188
* https://github.com/goharbor/harbor/issues/17184

Signed-off-by: prahaladdarkin <prahaladd@vmware.com>
2022-07-26 16:50:54 +08:00
Wang Yan
02eae9dede
Filter out accessory from list artifact results (#17231)
Fixed #17145
1, Filter out the accessory from the artifact list.
2, Disable the display func of the accessory interface, currently this will not impact any kind of accessory, like signature and nydus. If we'd like to introduce it, it needs to resolve the pagiation issue of artifact list.

Signed-off-by: Wang Yan <wangyan@vmware.com>
2022-07-26 00:38:05 +08:00
Abirdcfly
2fece8c9ea
delete duplicate import and use ST1019 in golangci-lint (#17211)
Signed-off-by: Abirdcfly <fp544037857@gmail.com>
2022-07-25 14:12:00 +08:00
Shijun Sun
e9855a88dd
Fix cve export UI issues (#17227)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-07-25 10:41:44 +08:00
Yang Jiao
a4c577f9ec
Refresh base images (#17176)
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-07-22 15:48:47 +08:00
stonezdj(Daojun Zhang)
712419778a
Return bad request if audit log retention hour > 240000 hour (#17217)
Cap the retention hour to 240000 hour
  Fixes #17198

Signed-off-by: stonezdj <stonezdj@gmail.com>
2022-07-22 15:14:10 +08:00
stonezdj(Daojun Zhang)
8e876d847c
Add resource type in forward audit log (#17216)
Add resource type when forward audit log

  fixes #17201

Signed-off-by: stonezdj <stonezdj@gmail.com>
2022-07-22 09:54:07 +08:00