Upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor.git synced 2024-11-16 15:25:18 +01:00
Code Issues Projects Releases Wiki Activity
12,007 Commits 49 Branches 315 Tags 351 MiB
8bec57ffd4
Commit Graph

122 Commits

Author SHA1 Message Date
MinerYang
b38de22054
bump golang 1.21.5 & fix golangci-lint error (#19722) 
bump golang 1.21.5

update golangci-lint && fix revive error

fix white space lint

Signed-off-by: yminer <yminer@vmware.com>
 2023-12-19 09:41:26 +08:00
stonezdj(Daojun Zhang)
307a3121aa
Return empty result when no scanner configured (#19577) 
fixes #19534

Signed-off-by: stonezdj <daojunz@vmware.com>
 2023-11-17 07:29:19 +00:00
stonezdj(Daojun Zhang)
d4aa9b13c4
Add vulnerability search API (#18924) 
use q.Query to pass all query conditions

Signed-off-by: stonezdj <daojunz@vmware.com>
 2023-07-19 10:17:14 +08:00
stonezdj(Daojun Zhang)
93e428d0d2
Add security hub summary API (#18872) 
include WithCVE, WithArtifact option

Signed-off-by: stonezdj <daojunz@vmware.com>
 2023-07-12 19:18:08 +08:00
stonezdj(Daojun Zhang)
d84b1d07d2
Update table scan_report and extract cvss_v3_score from vendor attribute (#18854) 
For better performance when query cve information, add summary information to scan_report
    Extract cve_score from vendor attribute in vulnerability_record
    SQL migrate script for the update

Signed-off-by: stonezdj <daojunz@vmware.com>
 2023-06-29 17:30:50 +08:00
MinerYang
ebac530b46
add goheader linter settings (#18503) 
fix files for goheader linter

fix copyright 2018/2019

Signed-off-by: yminer <yminer@vmware.com>
 2023-04-25 11:18:42 +08:00
Chlins Zhang
6e9f72315f
fix: fix the invalid jobid for scan data export (#18398) 
Change the JobId param type from int to string, use int will bring some
problems for encode/decode type mismatch which generate the invalid
repository name.

Fixes: #18380

Signed-off-by: chlins <chenyuzh@vmware.com>
 2023-03-29 10:29:08 +08:00
Chlins Zhang
da1637e1d3
fix: resolve the oidc or ldap group user cannot export cve (#18219) 
Remove the project filter in the scan data export job as they have been
validated by API handler, fix the oidc or ldap group users cannot export
cve.

Fixes: #18112

Signed-off-by: chlins <chenyuzh@vmware.com>
 2023-02-20 14:22:27 +08:00
Wang Yan
738fde7d3b
remove chartmuseum backend (#18191) 
Harbor deprecates chartmuseum as of v2.8.0

Epic: https://github.com/goharbor/harbor/issues/17958

Discussion: https://github.com/goharbor/harbor/discussions/15057

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2023-02-16 18:11:05 +08:00
Chlins Zhang
bfe4362a67
fix: remove the scan exports volume (#18107) 
1. Change the Export CVE temporary file directory to /tmp.
2. Remove the scan data export volume in Dockerfile and docker-compose
   yaml.

Fixes: #18067

Signed-off-by: chlins <chenyuzh@vmware.com>
 2023-01-31 17:30:47 +08:00
Wang Yan
18a3373725
bump beego (#17801) 
* bump beego

upgrade beego version from v1.10.12 to v2.0.5

1, beego v2 vserver/web refactor
2, beego v2 context refactor
3, beego v2 session refactor
4, beego v2 cache refactor
5, beego v2 orm refactor

Signed-off-by: MinerYang <yminer@vmware.com>
 2022-11-24 18:07:42 +08:00
Chlins Zhang
321a9abfb3
fix: skip to push system artifact for empty CSV file (#17816) 
1. Skip to push system artifact to the distribution when the exported CSV file is empty.
2. Add status message for cve export execution.

Signed-off-by: chlins <chenyuzh@vmware.com>
 2022-11-18 14:16:36 +08:00
MinerYang
62223bd36d
update golangci-lint for golang1.19 (#17817) 
update golaci-lint for golang1.19

Signed-off-by: yminer <yminer@vmware.com>

update ci version to v1.50.1
 2022-11-18 11:40:01 +08:00
yanggang
0f4e2daf4c
Replaced io/ioutil with "os / io" package. (#17792) 
Signed-off-by: yanggang <gang.yang@daocloud.io>

update typo

Signed-off-by: yminer <yminer@vmware.com>

Signed-off-by: yminer <yminer@vmware.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
 2022-11-17 10:02:29 +08:00
Chenyu Zhang
49d73fa57d
fix: export cve for image manifest list (#17333) 
1. Fix export cve for image manifest list
2. Remove row_id column in csv file
3. Update cve execution swagger API description

Closes: #17331,#17330,#17335,#17334

Signed-off-by: chlins <chenyuzh@vmware.com>
 2022-08-05 20:07:02 +08:00
prahaladdarkin
c776ea8bfe
Export CVE data Score column empty values (#17321) 
Closes: https://github.com/goharbor/harbor/issues/17189

Signed-off-by: prahaladdarkin <prahaladd@vmware.com>
 2022-08-05 10:03:42 +08:00
Chenyu Zhang
bff4e13087
fix: export cve adds resource check and project validation (#17265) 
1. Add resource permission check for API handler
2. Validate export cve params project
3. Optimize friendly human message when execution status is error

Signed-off-by: chlins <chenyuzh@vmware.com>
 2022-07-29 19:01:46 +08:00
Chenyu Zhang
19e73174e2
refactor: refact codebase of cve export process and filter (#17254) 
1. Refact the scan export FilterProcessor interface
2. Optmize the sql template for export cve report
3. Update the process of cve export job

Signed-off-by: chlins <chenyuzh@vmware.com>
 2022-07-28 16:05:12 +08:00
prahaladdarkin
d53af792ad
Fixes for various bugs/issues logged as a part of the test day. (#17232) 
Closes:
* CVE Data Export API IDOR issue
* https://github.com/goharbor/harbor/issues/17199
* https://github.com/goharbor/harbor/issues/17193
* https://github.com/goharbor/harbor/issues/17188
* https://github.com/goharbor/harbor/issues/17184

Signed-off-by: prahaladdarkin <prahaladd@vmware.com>
 2022-07-26 16:50:54 +08:00
Loong Dai
09371b48e8
lint: sort imports (#17131) 
* lint: add goimports

Signed-off-by: Loong Dai <loong.dai@intel.com>
 2022-07-20 11:33:08 +08:00
prahaladdarkin
f3edb03b49
Fix to CVE Data Export functionality for images pushed by docker push (#17182) 
Closes:
* https://github.com/goharbor/harbor/issues/17167

Signed-off-by: prahaladdarkin <prahaladd@vmware.com>
 2022-07-18 09:22:15 +08:00
prahaladdarkin
3f383e3ffd
Improvements to Vulnerability Data Export functionality. (#17161) 
Closes:
* https://github.com/goharbor/harbor/issues/17152
* https://github.com/goharbor/harbor/issues/17153
Better error handling in case of task executions not found in the system

Signed-off-by: prahaladdarkin <prahaladd@vmware.com>
 2022-07-14 15:08:25 +08:00
prahaladdarkin
130452111b
Vulnerability scan data export functionality (#15998) 
Vulnerability Scan Data (CVE) Export Functionality
Proposal - goharbor/community#174
Closes - https://github.com/goharbor/harbor/issues/17150
Changes:
* CVE Data export to CSV with filtering support.
* Implement CSV data export job for creating CSVs
* APIs to trigger CSV export job executions

Signed-off-by: prahaladdarkin <prahaladd@vmware.com>
 2022-07-11 16:35:04 +08:00
Shengwen YU
e9fca3de45
fix: refactor code for golangci-lint whitespace (#17005) 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2022-06-16 17:42:46 +08:00
Shengwen YU
c2a9f5de64
fix: update code for golangci-lint gosimple (#16974) 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2022-06-14 13:44:09 +08:00
Shengwen YU
b43ba15f40
fix: golangci-lint errcheck (#16920) 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2022-06-07 17:00:36 +08:00
MinerYang
9d8e9158de
fix deadcode lint & update golangci-lint.yaml (#16896) 
* fix deadcode lint & update golangci-lint.yaml

Signed-off-by: yminer <yminer@vmmware.com>

mock.go

Signed-off-by: yminer <yminer@vmmware.com>

commentfmt

Signed-off-by: yminer <yminer@vmmware.com>

mock.go update

Signed-off-by: yminer <yminer@vmmware.com>

update makefile

Signed-off-by: yminer <yminer@vmmware.com>

* update /pkg/allowlist/validator.go

Signed-off-by: yminer <yminer@vmmware.com>

Co-authored-by: yminer <yminer@vmmware.com>
 2022-05-26 10:32:07 +08:00
Wang Yan
d3d4ad6a34
fix staticcheck issues (#16828) 
Fix the staticcheck problems that reported by golangci-line staticcheck

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2022-05-10 16:07:10 +08:00
Lars Lehtonen
ef835e107a
pkg/scan: fix dropped error 
Signed-off-by: Lars Lehtonen <lars.lehtonen@gmail.com>
 2022-04-18 10:34:27 -07:00
Wang Yan
ed1f4ab6fb
enhance health validataion (#16549) 
Signed-off-by: Wang Yan <wangyan@vmware.com>
 2022-03-18 18:36:50 +08:00
Alexis L
5fd6168c57
fix(scan): Add function to avoid writing creds in jobservice logs, switch to debug instead of info (#15747) 
Signed-off-by: Alexis <60alexis@gmail.com>
 2021-10-22 11:34:15 +08:00
He Weiwei
b390112f5a
fix: convert severity from negligible to none before saving to db (#15791) 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2021-10-14 16:02:38 +08:00
Qian Deng
354a2bd80d Enhance the trace related code 
* Move request id to requestid middleware
* fix span pass to child ctx on orm
* fix typos
* remove unused code
* add operation name to Transaction

Signed-off-by: Qian Deng <dengq@vmware.com>
 2021-09-22 04:14:43 +00:00
Qian Deng
879eecc926 Refactor and Add trace to http Transport 
* Refactor common http GetTransport function signature
* Remove redendent GetHTTPTransport and similar functions
* Update Authorized function signature to meet new HTTPTransport
* Add trace for default Transport

Signed-off-by: Qian Deng <dengq@vmware.com>
 2021-09-18 10:58:52 +00:00
Shengwen Yu
e2e3bcca1c feat: add stop scan & stop scan-all feature 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2021-09-13 11:19:21 +08:00
He Weiwei
f6a1c31f9f refactor: convert scan report in scan job 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2021-05-29 12:19:36 +00:00
He Weiwei
0c315d8aee
refactor: remove allowlist in GetSummary of scan controller (#14836) 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2021-05-18 14:01:59 +08:00
He Weiwei
6f3607cebd
perf: cache the metadata of the scanner (#14879) 
1. Cache the metadata of scanner 30s.
2. Change the scanner client request timeout to 5s.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2021-05-14 14:27:37 +08:00
stonezdj
107e468b60 Refactor configure api to new programming model 
Changes include:
1. Move core/config to controller/config
2. Change the job_service and gcreadonly to depends on lib/config instead of core/config
3. Move the config related dao, manager and driver to pkg/config
4. Adjust the invocation of the config API, most of then should provide a context parameter, when accessing system config, you can call it with background context, when accessing user config, the context should provide orm.Context

Signed-off-by: stonezdj <stonezdj@gmail.com>
 2021-04-09 08:10:11 +08:00
Daniel Jiang
0d4992a41e
API for system CVE allowlist to new model (#14412) 
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2021-03-12 10:23:48 +08:00
Wenkai Yin
506d1ad465 Introduce "sort" in query to provide a general solution for sorting 
Introduce "sort" in query to provide a general solution for sorting

Signed-off-by: Wenkai Yin <yinw@vmware.com>
 2021-03-11 08:25:49 +08:00
He Weiwei
ef0bdf6954 refactor: generate scanner APIs by go-swagger 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2021-03-03 04:23:36 +00:00
He Weiwei
9161a3fbdf
refactor: use ormer from the ctx for scanner ctl mgr and dao (#14313) 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2021-03-01 12:02:40 +08:00
He Weiwei
44ba7de738
fix: wrap report vuls record creating in transaction (#14176) 
Make the creating of the ReportVulnerabilityRecord in transaction to
avoid parallel problem

Closes #14171

Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2021-02-05 12:15:52 +08:00
He Weiwei
6a16d9a914
fix: correct Authorize of basic and berer authorizer (#14036) 
Closes #13734

Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2021-01-20 14:33:28 +08:00
Steven Zou
1f79ce1181
Merge pull request #13554 from shaobo322/reform_compare_method 
reform job status compare method
 2021-01-08 12:49:39 +08:00
He Weiwei
755c6490f9
feat: remove duplicate CVE in scan report and summary (#13918) 
1. Remove the duplicate CVE records in the report/summary for the image
index.
2. Add scanner field in the scan overview for the API.

Closes #13913

Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2021-01-08 11:00:43 +08:00
shaobo
434758b71e reform job status compare method 
Signed-off-by: shaobo <shaobo@caicloud.io>
 2021-01-04 21:34:53 +08:00
Wang Yan
0271efd3f7
enable visible when to list/create robot (#13840) 
1, enable the visible attribute when to create/list robots
2, rename package name from robot2 to robot

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2021-01-04 10:24:31 +08:00
prahaladdarkin
a890b28e1e
Store vulnerability data from scanner into a relational format (#13616) 
feat: Store vulnerability report from scanner into a relational format

Convert vulnerability report JSON obtained  from scanner into a relational format describe in:https://github.com/goharbor/community/pull/145

Signed-off-by: prahaladdarkin <prahaladd@vmware.com>
 2020-12-25 08:47:46 +08:00