Commit Graph

12093 Commits

Author SHA1 Message Date
Shengwen YU
8a99eb052c
Merge branch 'main' into tc_fix_stop_scan 2024-04-29 12:50:37 +08:00
dependabot[bot]
1146cbeca1
Bump github.com/cenkalti/backoff/v4 from 4.2.1 to 4.3.0 in /src (#20316)
Bumps [github.com/cenkalti/backoff/v4](https://github.com/cenkalti/backoff) from 4.2.1 to 4.3.0.
- [Commits](https://github.com/cenkalti/backoff/compare/v4.2.1...v4.3.0)

---
updated-dependencies:
- dependency-name: github.com/cenkalti/backoff/v4
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Shengwen YU <yshengwen@vmware.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-04-29 12:49:55 +08:00
Shengwen YU
8f15ee0de9
Merge branch 'main' into tc_fix_stop_scan 2024-04-29 10:20:45 +08:00
dependabot[bot]
01a28dc66d
Bump go.opentelemetry.io/otel/sdk from 1.24.0 to 1.26.0 in /src (#20370)
Bumps [go.opentelemetry.io/otel/sdk](https://github.com/open-telemetry/opentelemetry-go) from 1.24.0 to 1.26.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.24.0...v1.26.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/sdk
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-04-29 10:19:48 +08:00
dependabot[bot]
7306f6d7d9
Bump github.com/golang-migrate/migrate/v4 from 4.16.2 to 4.17.1 in /src (#20317)
Bumps [github.com/golang-migrate/migrate/v4](https://github.com/golang-migrate/migrate) from 4.16.2 to 4.17.1.
- [Release notes](https://github.com/golang-migrate/migrate/releases)
- [Changelog](https://github.com/golang-migrate/migrate/blob/master/.goreleaser.yml)
- [Commits](https://github.com/golang-migrate/migrate/compare/v4.16.2...v4.17.1)

---
updated-dependencies:
- dependency-name: github.com/golang-migrate/migrate/v4
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Shengwen YU <yshengwen@vmware.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-04-28 17:32:58 +08:00
dependabot[bot]
d7ab8254cc
Bump golang.org/x/net from 0.22.0 to 0.24.0 in /src (#20318)
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.22.0 to 0.24.0.
- [Commits](https://github.com/golang/net/compare/v0.22.0...v0.24.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-04-28 15:47:57 +08:00
Shengwen Yu
6dfdc70a0c fix: update stop scan tc
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2024-04-28 13:58:21 +08:00
stonezdj(Daojun Zhang)
fba4c40c65
Delete scan_report when accessory is removed (#20365)
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
2024-04-27 01:56:30 +00:00
Shengwen YU
9471f5d5a6
fix: update total permission count to 59 (#20352)
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2024-04-26 08:21:27 +00:00
Lichao Xue
dee73a44f3
Fix UI bugs (#20364)
Signed-off-by: xuelichao <xuel@vmware.com>
2024-04-26 06:56:23 +00:00
Shengwen YU
c791b39a26
fix: add stop_scan_payload when call stop scan api (#20353)
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2024-04-26 06:13:00 +00:00
Shengwen YU
822784aac8
fix: update to "clr-dg-cell[10]" to fix the pull time tc due to addin… (#20361)
fix: update to "clr-dg-cell[10]" to fix the pull time tc due to adding an SBOM column

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2024-04-26 04:28:22 +00:00
Shengwen YU
d0cb200ed5
fix: update nightly test case for verifying audit log of image digest (#20354)
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2024-04-26 03:44:00 +00:00
Shengwen YU
0e8dce72be
fix: fresh scanner list when updating scanner (#20366)
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2024-04-26 10:52:11 +08:00
stonezdj(Daojun Zhang)
ec8d692fe6
Add scanner info and report_id to sbom_overview on listing artifact (#20358)
Add scan_status and report_id when scan has a failed task

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
2024-04-25 17:00:35 +08:00
Shengwen YU
2af02f3b25
fix: update image reference to "@" in audit log when pushing & deleting images (#20348)
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2024-04-24 16:05:14 +08:00
stonezdj(Daojun Zhang)
c80e9bf477
Add 422 in the swagger.yaml (#20344)
change log level with no content message
  fix time in sbom accessory
  fixes #20342 #20332 #20328

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
2024-04-24 09:57:46 +08:00
stonezdj(Daojun Zhang)
b7d4bf0d07
Log and skip adapter ping error when retrieve adapter capability (#20314)
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
2024-04-22 09:43:04 +00:00
MinerYang
ea3cd06171
add prepare migration script for 2.11.0 (#20315)
Signed-off-by: yminer <yminer@vmware.com>

correct jaeger agent_host

update ip_family part
2024-04-22 16:34:08 +08:00
Shengwen YU
9b164f3fee
feat: add tc for limited guest of a project to get repository (#20311)
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2024-04-22 06:36:35 +00:00
Lichao Xue
e7fce62723
Wrong values shown for the columns of support_sbom and support_vulnerability in scanner list (#20308)
Fix wrong value shown for the columns of support_sbom and support_vulnerability in scanner list

Signed-off-by: xuelichao <xuel@vmware.com>
2024-04-22 13:29:48 +08:00
stonezdj(Daojun Zhang)
d759429831
Set default capability for old scanners (#20306)
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
2024-04-20 10:37:30 +08:00
stonezdj(Daojun Zhang)
0d9dc4b4a4
Add enableCapabilities to extraAttrs for stop (#20299)
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
2024-04-19 07:36:56 +00:00
Lichao Xue
b3dc183f47
Fixed an issue where the scan stop button can only be clicked once (#20302)
Signed-off-by: xuelichao <xuel@vmware.com>
2024-04-19 13:01:54 +08:00
stonezdj(Daojun Zhang)
9c3fc28250
Allow generate sbom in proxy cache project (#20298)
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
2024-04-19 02:14:28 +00:00
Lichao Xue
e8907a47ab
SBOM UI feature implementation (#19946)
* draft: sbom UI feature implementation

Signed-off-by: xuelichao <xuel@vmware.com>

* refactor based on swagger yaml changes

Signed-off-by: xuelichao <xuel@vmware.com>

* update scan type for scan and stop sbom request

Signed-off-by: xuelichao <xuel@vmware.com>

---------

Signed-off-by: xuelichao <xuel@vmware.com>
2024-04-18 08:22:11 +00:00
Ikko Eltociear Ashimine
4fd11ce072
refactor: update controller.go (#20297)
minor fix

Signed-off-by: Ikko Eltociear Ashimine <eltociear@gmail.com>
Co-authored-by: MinerYang <yminer@vmware.com>
2024-04-18 14:26:03 +08:00
stonezdj(Daojun Zhang)
2ea7d09412
skip to log scan sbom accessory for sbom accessory (#20290)
Avoid to log the generate SBOM failure message when the artifact is SBOM in webhook event

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
2024-04-17 14:51:11 +00:00
stonezdj(Daojun Zhang)
fb2e0042d0
Rename scan request type (#20288)
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
2024-04-17 09:52:50 +00:00
Shengwen YU
6709c789fb
feat: add test case for customizing OIDC provider name (#20287)
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2024-04-17 15:52:58 +08:00
stonezdj(Daojun Zhang)
654aa8edcf
Add generate SBOM feature (#20251)
* Add SBOM scan feature

  Add scan handler for sbom
  Delete previous sbom accessory before the job service

Signed-off-by: stonezdj <daojunz@vmware.com>

* fix issue

Signed-off-by: stonezdj <stone.zhang@broadcom.com>

---------

Signed-off-by: stonezdj <daojunz@vmware.com>
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
Co-authored-by: stonezdj <daojunz@vmware.com>
2024-04-16 13:34:19 +00:00
Shengwen YU
67c03ddc4f
fix: update TRIVYVERSION=v0.50.1 && TRIVYADAPTERVERSION=v0.31.0 (#20285)
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2024-04-16 18:37:16 +08:00
Wang Yan
550bf1d750
fix issue 20269 (#20274)
By default, use the nvd score as the primary score, and if it is unavailable, fallback to the redhat score.
fix #20269

Signed-off-by: wang yan <wangyan@vmware.com>
2024-04-16 16:49:52 +08:00
Shengwen YU
91efec1e2a
fix: update the image reference format for audit log when pulling image (#20278)
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2024-04-16 11:11:59 +08:00
dependabot[bot]
938c804513
Bump go.uber.org/ratelimit from 0.2.0 to 0.3.1 in /src (#20204)
Bumps [go.uber.org/ratelimit](https://github.com/uber-go/ratelimit) from 0.2.0 to 0.3.1.
- [Changelog](https://github.com/uber-go/ratelimit/blob/main/CHANGELOG.md)
- [Commits](https://github.com/uber-go/ratelimit/compare/v0.2.0...v0.3.1)

---
updated-dependencies:
- dependency-name: go.uber.org/ratelimit
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
2024-04-16 10:11:19 +08:00
Iceber Gu
a2507dc3fc
Sending signals by closing the channel (#17917)
Signed-off-by: Iceber Gu <wei.cai-nat@daocloud.io>
2024-04-15 12:37:59 +00:00
dependabot[bot]
79dbebd48d
Bump golang.org/x/oauth2 from 0.15.0 to 0.19.0 in /src (#20247)
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.15.0 to 0.19.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.15.0...v0.19.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-04-15 19:04:22 +08:00
dependabot[bot]
b8392968ac
Bump github.com/coreos/go-oidc/v3 from 3.9.0 to 3.10.0 in /src (#20202)
Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc) from 3.9.0 to 3.10.0.
- [Release notes](https://github.com/coreos/go-oidc/releases)
- [Commits](https://github.com/coreos/go-oidc/compare/v3.9.0...v3.10.0)

---
updated-dependencies:
- dependency-name: github.com/coreos/go-oidc/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-04-15 18:18:53 +08:00
dependabot[bot]
8bf26c0d1d
Bump k8s.io/api from 0.29.0 to 0.29.3 in /src (#20205)
Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.29.0 to 0.29.3.
- [Commits](https://github.com/kubernetes/api/compare/v0.29.0...v0.29.3)

---
updated-dependencies:
- dependency-name: k8s.io/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-04-15 16:47:55 +08:00
MinerYang
7465a29919
add SBOM icon (#20270)
Signed-off-by: yminer <yminer@vmware.com>
2024-04-12 20:12:46 +08:00
MinerYang
7e8032b144
bump golang to 1.22.2 (#20256)
Signed-off-by: yminer <yminer@vmware.com>

replace go get to go install

update go.mod
2024-04-12 13:46:29 +08:00
MinerYang
e9d2f50669
update mockery to v2.42.2 (#20258)
Signed-off-by: yminer <yminer@vmware.com>
2024-04-11 03:37:59 +00:00
Shengwen YU
643e84cdfe
feat: expose trivy.timeout to configure the duration to wait for scan completion (#20257)
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2024-04-11 10:47:07 +08:00
Shengwen YU
4c9e84cae1
fix: update e2e test engine images (#20223)
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2024-04-11 10:05:05 +08:00
stonezdj(Daojun Zhang)
5d7c668028
Support list artifact with_sbom_overview option (#20244)
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
Co-authored-by: stonezdj <daojunz@vmware.com>
2024-04-10 14:47:45 +00:00
stonezdj(Daojun Zhang)
89995075a7
Update swagger API to display SBOM content in addition API (#20234)
complete task #20066

Signed-off-by: stonezdj <daojunz@vmware.com>
Co-authored-by: stonezdj <daojunz@vmware.com>
2024-04-10 12:39:25 +00:00
tostt
a858fb4f4d
Updated internationalisation : fr-fr (#20179)
* Update french translation

Signed-off-by: tostt <tostt@users.noreply.github.com>

* More updates french language

Signed-off-by: tostt <tostt@users.noreply.github.com>

* Corr. spelling

Signed-off-by: tostt <tostt@users.noreply.github.com>

* Update src/portal/src/i18n/lang/fr-fr-lang.json

Co-authored-by: Florian Blampey <flbla@users.noreply.github.com>
Signed-off-by: tostt <tostt@users.noreply.github.com>

* Update src/portal/src/i18n/lang/fr-fr-lang.json

Co-authored-by: Florian Blampey <flbla@users.noreply.github.com>
Signed-off-by: tostt <tostt@users.noreply.github.com>

* Update src/portal/src/i18n/lang/fr-fr-lang.json

Co-authored-by: Thomas Coudert <couderthomas@gmail.com>
Signed-off-by: tostt <tostt@users.noreply.github.com>

* Update src/portal/src/i18n/lang/fr-fr-lang.json

Co-authored-by: Thomas Coudert <couderthomas@gmail.com>
Signed-off-by: tostt <tostt@users.noreply.github.com>

* Update src/portal/src/i18n/lang/fr-fr-lang.json

Co-authored-by: Thomas Coudert <couderthomas@gmail.com>
Signed-off-by: tostt <tostt@users.noreply.github.com>

* Update src/portal/src/i18n/lang/fr-fr-lang.json

Co-authored-by: Thomas Coudert <couderthomas@gmail.com>
Signed-off-by: tostt <tostt@users.noreply.github.com>

* Update src/portal/src/i18n/lang/fr-fr-lang.json

Co-authored-by: Thomas Coudert <couderthomas@gmail.com>
Signed-off-by: tostt <tostt@users.noreply.github.com>

* Update src/portal/src/i18n/lang/fr-fr-lang.json

Co-authored-by: Thomas Coudert <couderthomas@gmail.com>
Signed-off-by: tostt <tostt@users.noreply.github.com>

* Update fr-fr-lang.json : further changes following thcdrt's review

Signed-off-by: tostt <tostt@users.noreply.github.com>

* Update src/portal/src/i18n/lang/fr-fr-lang.json

Co-authored-by: Thomas Coudert <couderthomas@gmail.com>
Signed-off-by: tostt <tostt@users.noreply.github.com>

* Update fr-fr-lang.json: translate Expand to Déplier

Signed-off-by: tostt <tostt@users.noreply.github.com>

* Update fr-fr-lang.json: Remove duplicate portion of text

Signed-off-by: tostt <tostt@users.noreply.github.com>

---------

Signed-off-by: tostt <tostt@users.noreply.github.com>
Co-authored-by: Vadim Bauer <vb@container-registry.com>
Co-authored-by: Florian Blampey <flbla@users.noreply.github.com>
Co-authored-by: Thomas Coudert <couderthomas@gmail.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
2024-04-10 15:17:30 +08:00
MinerYang
2bb5166c80
adopt cosign with oci-spec 1.1 (#20245)
Signed-off-by: yminer <yminer@vmware.com>

add comment for cosign middlware
2024-04-10 13:46:00 +08:00
stonezdj(Daojun Zhang)
2e7db335b3
Add auto generate SBOM on push feature (#20250)
Signed-off-by: stonezdj <daojunz@vmware.com>
Co-authored-by: stonezdj <daojunz@vmware.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
2024-04-09 09:30:53 +00:00
MinerYang
03d9575d84
update referrer manifest descriptor size (#20207)
cache manifest when first time pull if cacheEnabled

Signed-off-by: yminer <yminer@vmware.com>
2024-04-09 08:50:46 +00:00