Commit Graph

4457 Commits

Author SHA1 Message Date
Daniel Jiang
0ac5568619
Merge pull request #12183 from reasonerjt/project-id-401
Change status code for projects API
2020-06-09 23:09:14 +08:00
jwangyangls
9e1778b32a
Merge pull request #12165 from jwangyangls/popup-unauthorized
[fix][unauthorized] Support show relogin when unauthorized  in popup modal
2020-06-09 13:05:45 +08:00
Daniel Jiang
f73aa3ce80 Change status code for projects API
Update to projects API so it will not differentiate if a project
does not exist or the user doesn't have permission to access it.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-06-09 08:24:06 +08:00
Wang Yan
c993103e01
enable storage driver of gcs and oss (#12180)
Add go build tags for gcs and oss, otherwise these drivers cannot be registered and the error "StorageDriver is not regsited: GCS" will raise on registryctl launch under the setting of GCS storage.

These build tags are designed in the distribution, just refer to https://github.com/docker/distribution/blob/release/2.7/registry/storage/driver/gcs/gcs.go#L13

Pin the google cloud API to a old version is because distribution depends on it, otherwise go mode will use v0.17.0 that go-migrate is using as the dependency version, but this version will break the compile process with following error:
harbor/pkg/mod/google.golang.org/cloud@v0.0.0-20151119220103-975617b05ea8/storage/acl.go:65:16: invalid type assertion: v.(map[string]<inter>) (non-interface type *storage.ObjectAccessControl on left)
that's bacause another dependency google.golang.org/cloud requires the pinned version of google.golang.org/api.

The pinned package should be removed once https://github.com/docker/distribution/pull/3019 is merged, and distribution ships their v2.8.0

Signed-off-by: wang yan <wangyan@vmware.com>
2020-06-09 00:57:27 +08:00
Yogi_Wang
6f7aa68c89 [fix][unauthorized] Support show relogin when unauthorized in popup modal
1.support show relogin when unauthorized  in popup modali
2.change change member role error handle
3.change helm chart service error handle
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2020-06-08 16:40:34 +08:00
Wang Yan
dec8397c21
Add api to delete blob and manifest (#12006)
* Add api to delete blob and manifest

Enable the capability of registry controller to delete blob and manifest

Signed-off-by: wang yan <wangyan@vmware.com>
2020-06-06 01:34:23 +08:00
Daniel Jiang
9f159393df
Merge pull request #12163 from reasonerjt/disable-webhook-test
Remove the API to test a webhook
2020-06-05 18:14:39 +08:00
Daniel Jiang
39a5efd54c
Merge pull request #12160 from reasonerjt/bump-up-go-migrator
Bump up golang-migrate
2020-06-05 18:13:40 +08:00
Daniel Jiang
9a9e7d61fc Remove the API to test a webhook
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-06-05 13:16:18 +08:00
Daniel Jiang
bc7ede21c7 Bump up golang-migrate
This commit bumps it up to 4.11.0
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-06-05 10:29:02 +08:00
Wenkai Yin(尹文开)
b7b1ce457b
Merge pull request #10389 from lxShaDoWxl/fix/gitlab
Fixed search images in registry gitlab
2020-06-04 14:49:40 +08:00
Steven Zou
6db856c3e2
Merge pull request #12121 from steven-zou/fix/job_stop_status_issue
fix(jobservice):mismatch status issue when stopping job
2020-06-03 18:13:23 +08:00
Steven Zou
3cd47af9a5 fix(jobservice):mismatch status issue when stopping job
- returnning nil instead of error when trying to stop a job that has been in the final status(Error/Success/Stopped)
- do enhancements to the periodic job unschedule func
- fix a UT nil ptr issue

Signed-off-by: Steven Zou <szou@vmware.com>
2020-06-03 16:18:42 +08:00
AllForNothing
8bf77d01f4 Fix bugs with label 'target 2.0.1'
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-06-03 11:25:22 +08:00
jwangyangls
6939446c3c
Merge pull request #12115 from jwangyangls/fix-issue-add-label
[fix] Fix  issue in front ui 2.0.1
2020-06-02 15:52:37 +08:00
Yogi_Wang
459314308b [fix] issue in front ui 2.0.1
1.fix add label issue
2.fix unauthorized user can contrl page
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2020-06-02 13:54:22 +08:00
Steven Zou
c7c1742b88
Merge pull request #12106 from heww/clean-clair-url
refactor(configuration): cleanup unneeded CLAIR_URL configuration in core
2020-06-01 19:24:19 +08:00
Steven Zou
a032c546f8
Merge pull request #12096 from steven-zou/fix/remove_checkin_data
fix(jobservice):fix issues of jobservice
2020-05-29 16:49:33 +08:00
He Weiwei
d97be71234 refactor(configuration): cleanup unneeded CLAIR_URL configuration in core
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-05-29 07:27:50 +00:00
Steven Zou
51f1b2e590 fix(jobservice):fix issues of jobservice
- never expire the jobs that are not entering the final status (Error,Success or Stopped)
- set different expireation time to the jobs with different status
- never store the `check_in` data in the redis db to save space

Signed-off-by: Steven Zou <szou@vmware.com>
2020-05-29 11:36:08 +08:00
Chlins Zhang
f862805244
Merge pull request #11998 from chlins/fix/replication-pull-blob-content-length
fix(replication): ignore the problem of not getting Content-Length fr…
2020-05-29 10:06:44 +08:00
mmpei
7c2bfb1378
Fix helmhub insecure issue when using with a proxy (#12014)
Signed-off-by: peimingming <peimingming@corp.netease.com>
2020-05-28 10:57:51 +08:00
He Weiwei
9f5f8e4681
Merge pull request #12077 from heww/fix-issue-11951
fix(cve-whitelist): fix panic in `Get` method of whitelist manager
2020-05-27 19:16:11 +08:00
He Weiwei
0d1b9c96ff fix(cve-whitelist): fix panic in Get method of whitelist manager
Closes #11951

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-05-27 09:55:54 +00:00
chlins
54895def90 fix(replication): ignore the problem of not getting Content-Length from the pull blob api
Signed-off-by: chlins <chlins.zhang@gmail.com>
2020-05-27 13:00:54 +08:00
Will Sun
31a943bb42
Merge pull request #12043 from AllForNothing/disable-test
Remove test button for webhook
2020-05-27 11:46:58 +08:00
AllForNothing
ea753bec97 Remove test button for webhook
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-05-27 10:26:41 +08:00
Will Sun
da0e80b712
Merge pull request #11452 from jd615645/master
Chinese(Traditional) translation #402
2020-05-27 10:01:25 +08:00
lxShaDoWxl
681e97482e fix(Registries/Gitlab): upgrade testing
Signed-off-by: lxShaDoWxl <lxshadowxkingxl@gmail.com>
2020-05-26 20:22:26 +06:00
lxShaDoWxl
05f78a561a Merge remote-tracking branch 'origin/master' into fix/gitlab 2020-05-24 16:05:32 +06:00
Will Sun
2ff0638f8b
Merge pull request #10576 from hobti01/repo-slash
fix: Allow forward slash in destination namespace
2020-05-21 10:50:55 +08:00
yuzhiquan
6332daef31 struct instead of int within signal chan, and trans Printf to Println
Signed-off-by: yuzhiquan <yuzhiquanlong@gmail.com>
2020-05-21 00:47:55 +08:00
Wenkai Yin
a31315aa36 Fix replication bugs #11974, #11939
Fix replication bugs: fix #11974, fix #11939

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-05-21 00:25:49 +08:00
He Weiwei
69fe9e9bf7
Merge pull request #11106 from qinshaoxuan/fix_11051
Fix bug when scanner is unhealthy
2020-05-20 21:06:22 +08:00
ctu
7ea8ed2588 🐈 Add zh-tw translate
Signed-off-by: ctu <ctu@cs.nctu.edu.tw>
2020-05-20 10:56:29 +00:00
Tim Hobbs
36747087ce
fix: Allow forward slash in destination namespace
Signed-off-by: Tim Hobbs <timothy.hobbs@ic-consult.com>
2020-05-20 11:27:50 +02:00
Daniel Jiang
b803975b36
Merge pull request #11971 from wy65701436/fixes-11949
fix conformance issue on deleting manifest
2020-05-20 13:19:47 +08:00
AllForNothing
2d141a919d Add more UT for create project component
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-05-19 17:39:42 +08:00
wang yan
f0fabb9ef8 fix conformance issue on deleting manifest
fixes #11949
When to call delete manifest API with a tag as the reference, Harbor should give a unsupported error code.

Reference: Note that a manifest can only be deleted by digest. https://github.com/opencontainers/distribution-spec/blob/master/spec.md#delete-manifest

Signed-off-by: wang yan <wangyan@vmware.com>
2020-05-19 15:58:33 +08:00
Wang Yan
b1793e795c
fix conformance test ErrorsCodes failure (#11961)
fixes #11945
When client calls PUT with an invalid digtest, Harbor has to give a 400 instead of 500.

Signed-off-by: wang yan <wangyan@vmware.com>
2020-05-18 17:20:23 +08:00
guanxiatao
0aefd8f2e2 Add UT for webhook when replicating with docker registry
Signed-off-by: guanxiatao <guanxiatao@corp.netease.com>
2020-05-13 19:09:33 +08:00
AllForNothing
1c670329dc Fix duration and log bugs for replication task UI
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-05-13 12:38:23 +08:00
Will Sun
5289b3519e
Merge pull request #11860 from AllForNothing/docker-logo
Modify doc and fix some ui bugs
2020-05-11 11:00:36 +08:00
guanxiatao
e8655c667c Core panic fix when triggering a webhook of docker-registry replication
Signed-off-by: guanxiatao <guanxiatao@corp.netease.com>
2020-05-11 10:33:23 +08:00
AllForNothing
c50cbbf3cc Modify doc and fix some ui bugs
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-05-11 09:39:33 +08:00
Will Sun
119751e0fd
Merge pull request #11835 from AllForNothing/ui-bugs
Fix some UI bugs
2020-05-07 11:45:57 +08:00
AllForNothing
bdf6c5b8d9 Fix some UI bugs
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-05-06 16:41:35 +08:00
lxShaDoWxl
47a57b80d7 Merge remote-tracking branch 'origin/master' into fix/gitlab 2020-05-06 13:26:18 +06:00
AllForNothing
90e34e0104 Improve i18n service
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-05-06 14:45:56 +08:00
Ziming
56609a8026
fix(retention) set pushtime and pulltime for untagged (#11786)
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2020-04-28 19:20:46 +08:00
Will Sun
4324f0d2c8
Merge pull request #11780 from AllForNothing/tag-re
Replace images with artifacts for tag-retention
2020-04-28 16:53:47 +08:00
danfengliu
16f6ad3688
Merge pull request #11768 from AllForNothing/nightly-login
Add new nightly case  admin add new users
2020-04-28 14:57:37 +08:00
AllForNothing
b5617c0868 Replace images with artifacts for tag-retention
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-04-28 14:04:09 +08:00
AllForNothing
8ff4003438 Add new nightly case admin add new users
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-04-28 11:10:06 +08:00
He Weiwei
5c5ba0b764
Merge pull request #11765 from heww/quota-webhook-enhancement
feat(quota,webhook): send quota webhook for put and mount blob
2020-04-28 09:35:57 +08:00
He Weiwei
b1c9d452ce feat(quota,webhook): send quota webhook for put and mount blob
Closes #11712

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-04-28 00:59:16 +00:00
Daniel Jiang
87f006d3a9
Merge pull request #11755 from reasonerjt/token-service-core-url
v2 auth middleware handles the ping request from internal
2020-04-27 15:04:10 +08:00
stonezdj(Daojun Zhang)
fb90bc23f2
Merge pull request #11757 from heww/fix-issue-11692
feat(scan): support to scan artifact automatic after it pushed
2020-04-27 12:08:06 +08:00
Daniel Jiang
ef008fd4cf
Merge pull request #11751 from wy65701436/fixes-11744
fix return code on getting non exist manifest
2020-04-27 12:06:37 +08:00
Daniel Jiang
fe587d0cc8 v2 auth middleware handles the ping request from internal
When scanner like trivy handles the auth flow to pull image, it pings
the /v2 and access the token service url in response body, by default it
will be external endpoint of Harbor.
There will be problem when Harbor is deployed on a single node with hairpinning not
supported.

This commit makes sure the address of token service in the challenge is
internal url of core component when the request is from internal.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-04-27 00:54:49 +08:00
He Weiwei
bc1f7b8079 feat(scan): support to scan artifact automatic after it pushed
Closes #11692

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-04-26 15:56:58 +00:00
wang yan
c4c279089a fix return code on getting non exist manifest
It's found by conformance test, it should be 404 instead of 500 when to get a non exist manifest

Signed-off-by: wang yan <wangyan@vmware.com>
2020-04-26 23:31:11 +08:00
AllForNothing
fd65520fa0 dESTInation namespace should support slash
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-04-26 17:24:15 +08:00
Steven Zou
06d955c6e3
Merge pull request #11737 from steven-zou/fix/issue_#11720
fix(jobservice):fix job stats NOT_FOUND issue
2020-04-26 16:56:25 +08:00
Wang Yan
8d5fc4c752
Fix delete repository event issue (#11722)
In the delete repository scenario, the repository has already been removed from the DB, the repository cannot be retrived.
Just let the creation time as empty.

Signed-off-by: wang yan <wangyan@vmware.com>
2020-04-26 16:51:13 +08:00
Steven Zou
0ccea49c18 fix(jobservice):fix job stats NOT_FOUND issue
Signed-off-by: Steven Zou <szou@vmware.com>
2020-04-26 16:23:10 +08:00
Daniel Jiang
c28f6bd6ff
Merge pull request #11738 from bitsf/retention_not_retry
fix(retention) not retry retention job
2020-04-26 15:34:34 +08:00
Ziming Zhang
97a7a6dc35 fix(retention) fix retention repository with slash
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2020-04-26 15:07:25 +08:00
Ziming Zhang
601ce08660 fix(retention) not retry retention job
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2020-04-26 14:33:21 +08:00
Ziming Zhang
257924856c fix(retention) fix empty pull time log
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2020-04-26 11:56:26 +08:00
jwangyangls
0460e40a28
Merge pull request #11680 from jwangyangls/200421-fix-issue-2.0
[Fixed] Fix issue #11334 #11252 #11191
2020-04-24 17:46:22 +08:00
AllForNothing
432f5512d8 Fix bugs for testing kick 3
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-04-24 17:11:34 +08:00
Yogi_Wang
7bb7c2c868 [Fixed] Fix issue #11334 #11252 #11191
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2020-04-24 16:38:59 +08:00
Daniel Jiang
447ec13527 Allow sys admin to call /c/UserExists
The commit fix a regression introduced by #11672 which impacts admin
adding new users.
When admin is creating new users, /c/UserExists is called by UI. We must
allow it called by admin when self-registration is turned off.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-04-23 11:40:54 +08:00
Will Sun
7d784ef02f
Merge pull request #11674 from AllForNothing/more-ut
Add more UT
2020-04-22 17:13:20 +08:00
Daniel Jiang
4c41ac81d9
Merge pull request #11672 from reasonerjt/restrict-userexists
Enable userExists only when self-registration is turned on.
2020-04-21 13:19:20 +08:00
mmpei
4b6196a00d
fix slack rate limit issue (#11623)
Signed-off-by: peimingming <peimingming@corp.netease.com>
2020-04-21 11:44:58 +08:00
AllForNothing
0c5d3cc899 Add more UT
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-04-21 09:54:32 +08:00
Daniel Jiang
201955c2fb Enable userExists only when self-registration is turned on.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-04-21 00:17:12 +08:00
Wang Yan
ff2a7e61c9
fix catalog api issue (#11666)
The v2 catalog API needs to filter out the empty repository and the repository which artifacts are all with no tags.

1,In v2.0.0, Harbor does not delete repository even there is no artifact, it's different with v1.10.0
2, Compares with docker distribution, it doesn't return the respository with untagged images.

Signed-off-by: wang yan <wangyan@vmware.com>
2020-04-20 23:37:16 +08:00
DQ
e0b98685f3 Add comments for new tls transport
To explain why use this to avoid replication hang forever issue

Signed-off-by: DQ <dengq@vmware.com>
2020-04-20 19:19:15 +08:00
Yogi_Wang
cd98a7a9b6 [Fixed] Fix issue when delete signed tag
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2020-04-17 16:04:16 +08:00
Steven Zou
3b0b9f3c7d
Merge pull request #11645 from ninjadq/avoid_default_transport_https_bug
Fix: Default Transport HTTP2 related hang issue
2020-04-17 15:44:52 +08:00
jwangyangls
981cae9f11
Merge pull request #11648 from jwangyangls/add-sign-pop-when-delete
[feat] Add pop up command when delete signed tag
2020-04-17 13:14:19 +08:00
Yogi_Wang
6f54262889 [feat] Add pop up command when delete signed tag
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2020-04-17 12:45:57 +08:00
DQ
53111d1d16 Fix: Default Transport HTTP2 related hang issue
Create a transport the same as default except forceattempthttp2

Signed-off-by: DQ <dengq@vmware.com>
2020-04-17 11:36:02 +08:00
Wenkai Yin(尹文开)
e3cbfac0cc
Fix bug for replicating chart triggered by event (#11578)
Use the new event model to fix bug for replicating chart triggered by event

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-04-16 16:15:21 +08:00
Wang Yan
8a0e8627ff
replace pkg errors with lib errors (#11605)
Fixes #9704

As we do want to unify error handling, so just decreprates pkg errors, use lib/errors instead for Harbor internal used errors model.

1, The lib/errors can cover all of funcs of pkg/errors, and also it has code attribute to define the http return value.
2, lib/errors can give a OCI standard error format, like {"errors":[{"code":"UNAUTHORIZED","message":"unauthorized"}]}

If you'd like to use pkg/errors, use lib/errors instead. If it cannot meet your request, enhance it.

Signed-off-by: wang yan <wangyan@vmware.com>
2020-04-15 22:41:45 +08:00
Will Sun
205e3a969f
Merge pull request #11621 from AllForNothing/gc-ui
Modify gc ui
2020-04-15 22:01:59 +08:00
He Weiwei
385aaac00d
Merge pull request #11620 from heww/fix-issue-11524
feat(scanner): make Clair and Trivy as reserved name for scanners
2020-04-15 15:21:35 +08:00
Wang Yan
9bc96dd97a
add MarshalJSON func for lib errs (#11614)
Customize the json output with message with err.Error(). Otherwise, the wrappged message will be lost
in the final errors object.

Signed-off-by: wang yan <wangyan@vmware.com>
2020-04-15 11:30:14 +08:00
AllForNothing
a337dcf517 Modify gc ui
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-04-15 11:06:17 +08:00
He Weiwei
f5487479dd feat(scanner): make Clair and Trivy as reserved name for scanners
Closes #11524

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-04-15 02:26:02 +00:00
Wang Yan
c6860ac35f
handle stop signal in GC job (#11612)
Stop GC job in the init if receives the stop signal

Signed-off-by: wang yan <wangyan@vmware.com>
2020-04-14 18:59:03 +08:00
Wenkai Yin(尹文开)
2d618370ae
Merge pull request #11588 from wy65701436/trace-error
update trace level to error
2020-04-14 18:30:21 +08:00
Qian Deng
95d7c9382b
Merge pull request #11592 from ninjadq/min_version_tls_to_12
Min version tls to 12
2020-04-14 18:12:55 +08:00
Will Sun
ad60bdddf8
Merge pull request #11591 from AllForNothing/nightly-untag
Add new nightly case for GC untagged images
2020-04-14 17:34:58 +08:00
Will Sun
faf554f642
Merge pull request #11587 from AllForNothing/sort-name
Fix repo list sorting and filtering bug
2020-04-14 17:34:39 +08:00
wang yan
ff2a6c7a01 add warning to registry binary name
Fixes #11606

As we DO NOT want to user to execute GC in the container, rename it and append the warning message.

Signed-off-by: wang yan <wangyan@vmware.com>
2020-04-14 15:16:50 +08:00
wang yan
7622c17817 update trace level to error
Use level error instead to log trace

Signed-off-by: wang yan <wangyan@vmware.com>
2020-04-14 15:01:52 +08:00
Steven Zou
adb305e4e1
feat(job):enable priority option (#11608)
- priority option is supported when doing job registration
- the priority is defined by a unique priority sampler
- the default priority is 1000 (max is 10000)

Signed-off-by: Steven Zou <szou@vmware.com>
2020-04-14 14:54:44 +08:00
jwangyangls
fb3da503ea
Merge pull request #11584 from jwangyangls/add-docker-pull-push-command
[feat] Add pull/push command in repo
2020-04-14 10:05:39 +08:00
AllForNothing
46320641b4 Add new nightly case for GC untagged images
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-04-14 09:25:06 +08:00
Wenkai Yin(尹文开)
f972f2989c
Close the reponse body after reading data (#11594)
Close the reponse body after reading data

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-04-14 01:19:40 +08:00
Wenkai Yin(尹文开)
4b4091b217
Merge pull request #11599 from wy65701436/revise-base-error
update internal error output format
2020-04-13 20:07:05 +08:00
wang yan
269d0b9f9d update internal error output format
1, remove the code from output
2, output format is same as pkg/errors, it's easy to migrate
3, add UT

Signed-off-by: wang yan <wangyan@vmware.com>
2020-04-13 19:29:55 +08:00
DQ
b3db293091 TLS update min version and cipher suits
min version set to tls 1.2
suit only use ecdhe and strenth above 256

Signed-off-by: DQ <dengq@vmware.com>
2020-04-13 18:13:30 +08:00
Steven Zou
3ad5b2ba06
fix(job currency):introduce max corrency of job (#11589)
- update Job interface to introdcue MaxCurrency method for declaring the max currency of the specified job
- change the downstream jobs to implement the new interface method
  - GC and sample jobs are set to 1
  - other jobs are set to 0 that means unlimited
- add max currency optiot when doing job registration
- resolve issue #11586
  - probably resolve issue #11281
  - resolve issue #11570

Signed-off-by: Steven Zou <szou@vmware.com>
2020-04-13 18:07:54 +08:00
Wenkai Yin
7553845b4d Remove the duplicated const definition
Remove the duplicated const definition for artifact type

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-04-13 17:02:23 +08:00
He Weiwei
49c9e4f696
Merge pull request #11585 from heww/cleanup-quota
refactor(quota): cleanup code for quota
2020-04-13 15:11:17 +08:00
Yogi_Wang
9e1bdc88e6 [feat] Add pull/push command in repo
1.add pull/push command in repo;
2.move annotations from artifact list to artifact summary

Signed-off-by: Yogi_Wang <yawang@vmware.com>
2020-04-13 13:11:33 +08:00
AllForNothing
e5e39c03c5 Fix repo list sorting and filtering bug
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-04-13 12:24:46 +08:00
Will Sun
009662a317
Merge pull request #11426 from AllForNothing/nightly-tag
Add new nightly cases for tag CRUD
2020-04-13 12:15:18 +08:00
He Weiwei
0b87eaf039
Merge pull request #11505 from heww/revert-registry-authorization-type-support
feat(scan): revert bearer token support for scanner
2020-04-13 11:19:02 +08:00
He Weiwei
c0349da812 refactor(quota): cleanup code for quota
1. Remove `common/quota` package.
2. Remove functions about quota in `common/dao` package.
3. Move `Quota` and `QuotaUsage` models from `common/models` to
`pkg/quota/dao`.
4. Add `Count` and `List` methods to `quota.Controller`.
5. Use `quota.Controller` to implement quota APIs.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-04-12 16:16:06 +00:00
Daniel Jiang
93f316ccfe
Merge pull request #11582 from heww/fix-issue-11564
fix(blob): delete project blob with project_id
2020-04-12 18:00:54 +08:00
He Weiwei
c585e22d18 fix(blob): delete project blob with project_id
Closes #11564

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-04-12 04:23:18 +00:00
Wang Yan
740b1e46b4
fix artifact trash filter issue (#11575)
fixes #11533

GC jobs will use the filter results to call registry API to delete manifest.

In the current imple, the filter function in some case does not return the deleted artifact as it's using digest as the filter condition.

Like: If one artifact is deleted, but there is another project/repo has a image with same digest with the deleted one, filter func will
not mark the deleted artifact as candidate. It results in, GC job does not call API to remove the manifest.

To fix it, update the filter to use both digest and repository name to filter candidate.

Signed-off-by: wang yan <wangyan@vmware.com>
2020-04-12 03:11:49 +08:00
Daniel Jiang
8822e6cdba
Merge pull request #11572 from ywk253100/200410_replication_insecure
Use insecure transport when creating the adapter for local instance in replication
2020-04-12 00:34:14 +08:00
He Weiwei
1ce0a76bd1
Merge pull request #11555 from reasonerjt/exclude-deleted-projects
Exclude deleted groups when counting groups associated with group ID
2020-04-11 16:52:35 +08:00
He Weiwei
4623cec1e5 feat(scan): revert bearer token support for scanner
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-04-11 08:45:29 +00:00
Daniel Jiang
32ae0a6fa6 Exclude deleted projects when counting projects associated with group ID
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-04-10 19:07:08 +08:00
Wenkai Yin(尹文开)
81a4e7d468
Merge pull request #11569 from ywk253100/200410_replication
Add "delete" into the action map if the action in token is "*"
2020-04-10 18:06:47 +08:00
jwangyangls
e28b5811f7
Merge pull request #11176 from jwangyangls/change-helm-version
Separate swagger to get v2.0 swagger and chart swagger
2020-04-10 17:12:00 +08:00
jwangyangls
5d76f1ea4b
Merge pull request #11530 from jwangyangls/200408-fix-bug-round2
[Fixed] fix part issue of round2
2020-04-10 17:11:43 +08:00
Wenkai Yin
df1f52dba4 Use insecure transport when creating the adapter for local instance in replication
Use insecure transport when creating the adapter for local instance in replication

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-04-10 16:45:57 +08:00
Yogi_Wang
33ed4fb67e Separate swagger to get v2.0 swagger and chart swagger
1. Partial helm api version number clear
2. Separate swagger to get v2.0 swagger and chart swagger
3. router add chart swagger

Signed-off-by: Yogi_Wang <yawang@vmware.com>
2020-04-10 16:25:30 +08:00
Yogi_Wang
3c771670ca [Fix] Fix part issue of round2
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2020-04-10 16:15:42 +08:00
Wenkai Yin
847a513cea Add "delete" into the action map if the action in token is "*"
Fixes #11563, add "delete" into the action map if the action in token is "*"

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-04-10 16:11:44 +08:00
He Weiwei
f4821e96b3
Merge pull request #11527 from heww/refresh-quota-ignore-limitation
feat(quota): ignore limitation support for quota RefreshMiddleware
2020-04-10 15:29:41 +08:00
Daniel Jiang
56b404bfb7
Get digest in content trust middleware (#11554)
This commit removes the EnsureArtifactDigest as its implementation is
problematic: the artifactinfo in context is immutable.
When the content trust middleware needs the digest it will retrieve it
via artifact controller.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-04-10 14:11:56 +08:00
Steven Zou
6986af6e74
Merge pull request #11558 from danielpacak/fix/issue_11310/preserve_default_scanner
fix(scanner): Do not override the default scanner on init
2020-04-10 12:42:39 +08:00
Steven Zou
5661ff937b
Merge pull request #11493 from steven-zou/fix/js_ut_case_failure
fix(js UT cases):fix the cron spec bug
2020-04-10 10:16:05 +08:00
Daniel Pacak
dcbf0726e5 fix(scanner): Do not override the default scanner on init
Resolves: #11310

Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
2020-04-09 17:56:07 +02:00
Wenkai Yin(尹文开)
340027a882
Merge pull request #11484 from ywk253100/200407_replication_hairpin
Fix replication failure in kubernetes with hairpin mode disabled
2020-04-09 16:50:46 +08:00
Wenkai Yin
8ee3421176 Fix replication failure in kubernetes with hairpin mode disabled
Fixes #11480
Fixes #11461
Fix replication failure in kubernetes with hairpin mode disabled

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-04-09 15:10:25 +08:00
Will Sun
71821a1c9a
Merge pull request #11497 from AllForNothing/css
Fix css bugs of label 'target2.0'
2020-04-09 14:20:30 +08:00
Wenkai Yin(尹文开)
8fb46d4bc7
Just log the signature not found error in debug mode (#11529)
Fixes #11510, just log the signature not found error in debug mode when deleting artifacts

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-04-09 14:17:40 +08:00
AllForNothing
a411879196 Fix css bugs of label 'target2.0'
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-04-09 10:32:07 +08:00
He Weiwei
0b26b36737 feat(quota): ignore limitation support for quota RefreshMiddleware
1. Ignore limitation when refresh quota for project.
2. Return 403 when quota errors occurred.
3. Add test for Refresh method of quota controller.

Closes #11512

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-04-08 19:17:41 +00:00
He Weiwei
20115b92c7 fix(vulnerable): fix the wrong count of vulnerabilities in message
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-04-08 09:06:31 +00:00
Steven Zou
59f14dff98 fix(js UT cases):fix the cron spec bug
- eliminate the time of cron spec  overflow issue in the UT case

Signed-off-by: Steven Zou <szou@vmware.com>
2020-04-08 15:59:05 +08:00
Daniel Jiang
6ad855f0ee
Merge pull request #11475 from reasonerjt/rm-token-claims-registry
Remove the registry claim pacakge
2020-04-08 12:19:56 +08:00
AllForNothing
e342b4ef0b Add new nightly cases for tag CRUD
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-04-08 09:56:27 +08:00
Steven Zou
76625eab54
Merge pull request #11473 from steven-zou/fix/issue_#11466
fix[jobservice]:enqueue job with UTC
2020-04-08 08:44:43 +08:00
Wenkai Yin(尹文开)
e1ba985b7c
Merge pull request #11436 from ywk253100/200404_repo_encode
Update APIs to only accept encoded repository name that contains slash
2020-04-07 23:14:44 +08:00
Wenkai Yin(尹文开)
bf6c4ff1f1
Merge pull request #11479 from ywk253100/200407_replication
Fix replication bug
2020-04-07 22:41:19 +08:00
Yogi_Wang
3775509ce5 Update APIs to only accept encoded repository name
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2020-04-07 22:40:39 +08:00
Wenkai Yin
2171634000 Fix replication bug
Remove the URL replacing logic temporarily to make replication work and will introduce a new solution for the hairpin issue

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-04-07 21:27:06 +08:00
Wenkai Yin
7188e01569 Update APIs to only accept encoded repository name that contains slash
Update APIs to only accept encoded repository name that contains slash

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-04-07 20:57:50 +08:00
Wenkai Yin
0a372a85eb Remove "GetMyProjects" and "GetProjectRoles" in the interface "security.Context"
Fixes #11125, remove "GetMyProjects" and "GetProjectRoles" in the interface "security.Context"

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-04-07 19:53:38 +08:00
Steven Zou
0fc7629865 fix[jobservice]:enqueue job with UTC
- schedule the periodical jobs following the UTC timezone
  - e.g: 5 10 10 * * * means run jobs at UTC time 10:10:05 everyday
- fix issue #11466

Signed-off-by: Steven Zou <szou@vmware.com>
2020-04-07 17:10:19 +08:00
He Weiwei
3f567514b5
Merge pull request #11468 from wy65701436/remove-count-quota-code
remove the chart handling in quota
2020-04-07 16:51:07 +08:00
Daniel Jiang
c303dcf617 Remove the registry claim pacakge
This commit removes `src/pkg/token/claims/registry` that is not referenced by other
packages.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-04-07 16:43:28 +08:00
Wenkai Yin(尹文开)
88ae9c458c
Update tags related APIs (#11435)
* Update tags related APIs

1. Remove API for listing tags of repository
2. Add API for listing tags of artifact
3. Support filter artifact by tag name

Signed-off-by: Wenkai Yin <yinw@vmware.com>

* [OCI] modify artifact tag name check
1. switch api get tag list
2. modify artifact tag name check
Signed-off-by: Yogi_Wang <yawang@vmware.com>

Co-authored-by: Yogi_Wang <yawang@vmware.com>
2020-04-07 16:28:51 +08:00
wang yan
a96d2f3746 remove the chart handling in quota
1, remove the chartmuseum controller
2, doesn't handle chartrepo url in v2 middleware

Signed-off-by: wang yan <wangyan@vmware.com>
2020-04-07 15:26:34 +08:00
He Weiwei
dd95866e6a
Merge pull request #11467 from heww/fix-issue-11131
fix(scan): dump nil slice of vulnerabilities as empty slice in report
2020-04-07 15:01:17 +08:00
Wenkai Yin(尹文开)
5d55bd1d0c
Merge pull request #11463 from ywk253100/200407_copy
Update the logic of copy artifact
2020-04-07 14:36:27 +08:00
He Weiwei
e1ab30dadf fix(scan): dump nil slice of vulnerabilities as empty slice in report
Closes #11131

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-04-07 06:20:25 +00:00
He Weiwei
8ddfe2d0a5
Merge pull request #11460 from heww/merge-scan-report
feat(scan): merge reports for image index
2020-04-07 13:07:52 +08:00
He Weiwei
43df7b2577
Merge pull request #11459 from heww/scan-cleanup
refactor: cleanup unused code about scan
2020-04-07 12:00:48 +08:00
Wenkai Yin
9bfabff4d2 Update the logic of copy artifact
1. Copy artifact will not return 409 anymore.
2. Make sure the tags of source artifact exist in the target artifact

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-04-07 10:55:55 +08:00
He Weiwei
6b066bade5 feat(scan): merge reports for image index
1. Merge the scanning reports of referenced artifacts for image index.
2. Add artifact info for report.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-04-07 02:54:01 +00:00
Wenkai Yin(尹文开)
b819e7ae83
Merge pull request #11438 from ywk253100/200402_replication
Support replication between Harbor 2.0 and 1.x
2020-04-07 10:24:59 +08:00
Daniel Jiang
db10720e80
Merge pull request #11406 from reasonerjt/reenable-token-auth-for-cli-new
Reenable token auth for cli
2020-04-07 08:55:25 +08:00
He Weiwei
69ca7a0dae refactor: cleanup unused code about scan
1. Cleanup unused code about clair.
2. Cleanup unused definitions in legacy_swagger.yaml about scan.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-04-06 17:34:25 +00:00
He Weiwei
80027c3b86
Merge pull request #11397 from ywk253100/200402_chart_api
Add a seperated swagger file for chart API
2020-04-07 00:05:49 +08:00
Wenkai Yin(尹文开)
e6f96e2a8b
Merge pull request #11427 from wy65701436/fixes-11280
Add trace information into internal error
2020-04-06 17:51:40 +08:00
wang yan
44825e819e deprecate quota count on artifact
Fixes #11241

1, remove count quota from quota manager
2, remove count in DB scheme
3, remove UI relates on quota
4, update UT, API test and UI UT.

Signed-off-by: wang yan <wangyan@vmware.com>
2020-04-06 16:56:11 +08:00
Wenkai Yin
8f8b4d5e8d Add a seperated swagger file for chart API
Add a seperated swagger file for chart API as these APIs have no version

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-04-06 16:30:26 +08:00
Daniel Jiang
e8f98259dd Make sure middleware handle scanner-pull claim for v2token
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-04-05 01:10:45 +08:00
Wenkai Yin
8f11cb7ff0 Support replication between Harbor 2.0 and 1.x
Fixes #11374, fixes #11302, support replication between Harbor 2.0 and 1.x by providing versioning adapter

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-04-04 22:08:11 +08:00
Wenkai Yin(尹文开)
9ca87b85a5
Merge pull request #11389 from wy65701436/fix-dao-ut
fix artifact dao UT issue
2020-04-04 10:32:03 +08:00
wang yan
8bd2dc6394 Add trace information into internal error
Fixes #10839
Add a StackTrace func in to Error, and log it when Harbor gets a internal

Signed-off-by: wang yan <wangyan@vmware.com>
2020-04-04 01:38:36 +08:00
He Weiwei
bd6c2f8870
fix(vulnerable,middleware): improve vulnerable middleware (#11407)
1. Prevent the pull action when scan report status is not successfuly.
2. Bypass the checking when no vulnerabilities not found.
3. Improve the returned message when prevented the pull action.

Closes #11202

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-04-04 00:54:57 +08:00
Daniel Jiang
08f9ffa000 Reenable token auth for cli
Docker CLI fails if it's not logged in upon seeing "basic" realm challenging while pinging the "/v2" endpoint. (#11266)
Some CLI will send HEAD to artifact endpoint before pushing (#11188)(#11271)

To fix such problems, this commit re-introduce the token auth flow to the CLIs.

For a HEAD request to "/v2/xxx" with no "Authoirzation" header, the v2_auth middleware populates the
"Www-Authenticate" header to redirect it to token endpoint with proper
requested scope.

It also adds security context to based on the content of the JWT which has the claims of the registry.
So a request from CLI carrying a token signed by the "/service/token" will have proper permissions.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-04-04 00:05:58 +08:00
danfengliu
616c2d9e0f
Merge pull request #11408 from jwangyangls/nightly-case-trivy-3
[Test Case] Add nightly case for CVE
2020-04-03 19:23:26 +08:00
Yogi_Wang
2610fe530f [Test Case] Add nightly case for CVE
1. add nightly case for cve
2. change translate words
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2020-04-03 16:59:45 +08:00
He Weiwei
e9543a1e3c
Fix merge scan summary (#11392)
* fix(scan): fix ScanStatus when merge NativeReportSummary

1. Running and success status is high priority when merge ScanStatus of
NativeReportSummary, otherwise chose the bigger status.
2. Merge scan logs of referenced artifacts when get the scan logs of
image index.

Closes #11265

Signed-off-by: He Weiwei <hweiwei@vmware.com>

* fix(portal): fix the annotation for the scan completed percent in scan overview

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-04-03 16:21:36 +08:00
Wenkai Yin(尹文开)
2783fd0950
Merge pull request #11276 from mmpei/offical-webhook-slack-fix
fix webhook slack test error
2020-04-03 10:37:21 +08:00
He Weiwei
c0246e2130
Merge pull request #11400 from heww/fix-issue-11391
fix(log): correct file and line when use logger
2020-04-02 22:23:15 +08:00
peimingming
5924658092 fix webhook slack test error
Signed-off-by: peimingming <peimingming@corp.netease.com>
2020-04-02 20:02:27 +08:00
He Weiwei
207463e91e fix(log): correct file and line when use logger
1. When use the helper functions of log pkg, the depth is 4 to get the
correct file and line.
2. Whe use the default logger of log pkg, the depth is 3 to get the
correct file and line.

Closes #11391

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-04-02 10:49:38 +00:00
Will Sun
2c3552904d
Merge pull request #11393 from AllForNothing/improve-webhook
Improve webhook UI according to the UX
2020-04-02 17:51:13 +08:00
wang yan
7104461716 fix artifact dao UT issue
The update column should be PullTime instead of PushTime

Signed-off-by: wang yan <wangyan@vmware.com>
2020-04-02 14:45:43 +08:00
AllForNothing
ba5fd67b08 Improve webhook UI according to the UX
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-04-02 14:30:21 +08:00
wang yan
a11a70d941 move logger from common to lib
The logger is the fundamental library, so move it into lib folder
Signed-off-by: wang yan <wangyan@vmware.com>
2020-04-02 14:09:03 +08:00
jwangyangls
4ea7b13215
Merge pull request #11385 from jwangyangls/nightly-case-trivy-2
[Nightly] Project Level Image Serverity Policy
2020-04-02 11:14:21 +08:00
Yogi_Wang
01f8291bb7 [Nightly] Project Level Image Serverity Policy
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2020-04-02 10:16:57 +08:00
danfengliu
f11e713ada
Merge pull request #11380 from jwangyangls/nightly-case-trivy-1
[Nightly] add case about trivy
2020-04-01 22:45:40 +08:00
Steven Zou
1f6301267c
Merge pull request #11369 from steven-zou/fix/issue_#11361
fix[lua_scripts]:add default values for tonumber
2020-04-01 19:01:02 +08:00
Qian Deng
b1284da96b
Merge pull request #11360 from ninjadq/rever_chart_api_change
Rever chart api change
2020-04-01 18:58:57 +08:00
Wenkai Yin(尹文开)
d187a8e69e
Merge pull request #11333 from ywk253100/200325_copy
Update the existence checking logic when copying artifact
2020-04-01 18:09:20 +08:00
Wang Yan
4594d58ba8
add clean untagged blobs in gc job (#11248)
Fixes #11190, delete all of non-referenced blobs of each project in GC job, thun the quota
can be released.

Signed-off-by: wang yan <wangyan@vmware.com>
2020-04-01 18:01:46 +08:00
Will Sun
b0d0b292cd
Merge pull request #11288 from AllForNothing/nightly-webhook
Fix nightly cases for webhook
2020-04-01 17:37:11 +08:00
Wenkai Yin(尹文开)
9f4f3be00d
Merge pull request #11364 from ywk253100/200331_replication
Some tiny improvement for replication
2020-04-01 17:29:08 +08:00
Wenkai Yin
e4d42deb75 Make sure the tag filter have the same behavior for empty value and *
Fixes #11233, make sure the tag filter have the same behavior for empty value and *

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-04-01 17:15:23 +08:00
Yogi_Wang
24b57715ab [Night] add case about trivy
`
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2020-04-01 17:06:34 +08:00
AllForNothing
e6e3f0a6af Fix nightly cases for webhook
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-04-01 16:27:40 +08:00
DQ
6216073d2a Add ui change
using api/chartreport for ui

Signed-off-by: DQ <dengq@vmware.com>
2020-04-01 11:55:22 +08:00
DQ
9ff7d46e8f Rever chart version to original
Because chart version should consistent with previous version

Signed-off-by: DQ <dengq@vmware.com>
2020-04-01 11:55:22 +08:00
Wang Yan
f6c0608e22
fix GC jobs upgrade issue (#11365)
Fixes #11313
Fixes #11275

1, Add more details log in GC job
2, Add type assertion for the upgrading case, the delete_untagged parameter is introduced from v2.0
3, Add UT

Signed-off-by: wang yan <wangyan@vmware.com>
2020-04-01 11:53:41 +08:00
Wenkai Yin(尹文开)
c2c9fa28eb
Merge pull request #11368 from heww/fix-ongoing-of-metrics
fix(scan): ongoing is true for schedule scan all only when job is running
2020-03-31 20:10:40 +08:00
He Weiwei
1a7cad3a14
Merge pull request #11370 from heww/fix-issue-11198
fix(scan): add scanner name as prefix for name of the robot when submit scan job
2020-03-31 19:23:28 +08:00
Steven Zou
b5fceae734 fix[lua_scripts]:add default values for tonumber
- add default values for the integer vars converted by tonumber()

Signed-off-by: Steven Zou <szou@vmware.com>
2020-03-31 18:20:52 +08:00
Wang Yan
d6261d9456
Does not throw err in the notification job (#11363)
Fixes #11280, no error return but just log.

Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-31 18:12:12 +08:00
He Weiwei
120be36fec fix(scan): ongoing is true for schedule scan all only when job is running
Closes #11289

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-03-31 10:08:22 +00:00
AllForNothing
0275108cb2 Fix bugs for round 1 testing
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-03-31 16:21:37 +08:00
jwangyangls
ceded08507
Merge pull request #11362 from jwangyangls/refact-artifact-tag
[OCI] Refact artifact tag
2020-03-31 15:46:45 +08:00
Yogi_Wang
a6e986df62 [OCI] Refact artifact tag
1.get artifact tag from another api
2.add refresh button  in artifact tag
3.fix permission change
4.some ui style
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2020-03-31 14:57:39 +08:00
Wenkai Yin
d9a5c71289 Some tiny improvement for replication
1. Add timeout when transter artifacts
2. Check 404 error when unschedule the policy
3. Add line to mark the job failure in job log

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-31 14:50:37 +08:00
Wang Yan
34d05dae58
fix content trust middleware bypass scanner pull (#11321)
Fixes #11206
1, fix middleware doesn't work for docker pull without auth
2, fix middleware doesn't bypass scanner pull

Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-31 11:12:21 +08:00
jwangyangls
3c6f5cce54
Merge pull request #11352 from jwangyangls/fix-bug-2.0-2
[Fix] some harbor 2.0 UI bug
2020-03-31 11:02:06 +08:00
He Weiwei
86d446ce81
fix(log): change log level from warning to debug when unescape path params (#11359)
Closes #11186

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-03-31 10:33:18 +08:00
Daniel Jiang
fdb82ae4fa
Merge pull request #11349 from reasonerjt/fix-10602
Not checking for registry credentials in v2auth
2020-03-31 10:26:33 +08:00
Daniel Jiang
37f9d650bd Not checking for registry credentials in v2auth
That was added to support core process sending request to `/v2/xxx`.
It's no longer needed after reworking the flow.
This commit removes this.

Fixes #10602, as it's not a case we need to support for now.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-03-31 01:08:37 +08:00
He Weiwei
f4d96d85f8 fix(scan): add scanner name as prefix for name of the robot when submit scan job
Closes #11198

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-03-30 16:52:04 +00:00
Steven Zou
3d6c65f53b
fix[UT]:improve the UT cases of enqueuer (#11358)
- change the test cron spec
- use cretaed timer for timeout

Signed-off-by: Steven Zou <szou@vmware.com>
2020-03-31 00:09:20 +08:00
Steven Zou
f2beed577f
fix[logger]:update log ID validation logic (#11351)
Signed-off-by: Steven Zou <szou@vmware.com>
2020-03-31 00:08:55 +08:00
Yogi_Wang
661867240d [Fix] 2.0 UI bug
1.fix #11312
2.fix #11235
3.fix #11230
4.fix #11209
5.fix #11199
6.fix #11034
7.fix #9926
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2020-03-30 17:49:42 +08:00
Wenkai Yin(尹文开)
4faff18b2d
Merge pull request #11339 from ywk253100/200328_limit_offset
Add "order by" clause to avoid the duplicat rows
2020-03-30 17:14:44 +08:00
Wenkai Yin
fb975d902c Add "order by" clause to avoid the duplicat rows
Add "order by" clause to avoid the duplicat rows: https://www.postgresql.org/docs/9.6/queries-limit.html

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-30 16:42:43 +08:00
Wenkai Yin(尹文开)
6815e8dc4d
Merge pull request #11348 from ywk253100/200330_tag_filter
Make sure the tag filter have the same behavior for empty value and *
2020-03-30 14:02:37 +08:00
He Weiwei
fbae9f0c25
Merge pull request #11347 from heww/refactor-errors
Refactor errors
2020-03-30 13:06:07 +08:00
Wenkai Yin
7ec5595bd8 Make sure the tag filter have the same behavior for empty value and *
Fixes #11233, make sure the tag filter have the same behavior for empty value and *

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-30 10:10:12 +08:00
Will Sun
9a205ddbc3
Merge pull request #11332 from AllForNothing/scan-result-modify
Modify UI for scanning result
2020-03-30 09:47:45 +08:00
He Weiwei
1bf142c33b refactor: use lib/errors to instead of scan/errs
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-03-29 05:19:06 +00:00
He Weiwei
9c06c79ff4 refactor(errors): rename pkglib/error to lib/errors
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-03-29 05:19:05 +00:00
Wenkai Yin(尹文开)
98759642b7
Add API to list tags under the specific repository (#11336)
Add API to list tags under the specific repository

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-29 12:19:54 +08:00
Steven Zou
1bbd3585e5
Merge pull request #11296 from ywk253100/200326_replication
Support replicate images with media type application/vnd.docker.distribution.manifest.v1+json
2020-03-27 18:12:12 +08:00
Steven Zou
36552ba18b
Merge pull request #11318 from ywk253100/200326_remove_pagination_default
Iterate the link header when listing artifact
2020-03-27 18:07:03 +08:00
Wang Yan
eccb8aa708
append pull permission for push policy (#11303)
Fixes #11225
As registry changes to basic auth, the push action lost the pull permission.
Add it in the robot security context.

Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-27 17:10:04 +08:00
AllForNothing
3c51e37702 Modify UI for scanning result
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-03-27 16:41:38 +08:00
He Weiwei
033d6dac6b
fix(quota): allowed to put blob which size is zero (#11314)
Closes #11239

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-03-27 14:39:25 +08:00
Wenkai Yin(尹文开)
f4ad0fbf00
Use the same logic to parse the registry URL (#11320)
Use the same logic to parse the registry URL to fix #11274

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-27 10:33:20 +08:00
Wenkai Yin(尹文开)
e8cc84738a
Merge pull request #11309 from ywk253100/200326_error
Fix bugs of replication
2020-03-27 10:31:03 +08:00
Wang Yan
a5c1eae81a
give the username to anonymous when to pull public resource without authN (#11306)
For pull a public resource, there is no need to login, give the access name to anonymous in the audit logs

Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-27 10:24:59 +08:00
Wenkai Yin
9a92b9e725 Fix bugs of replication
1. Bump up the version of API used in replicatoin scheduler job
2. Check the error message to determine whether the job exists or not in jobservice when unschedule a job

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-26 23:12:02 +08:00
Wenkai Yin
afdfedcb49 Iterate the link header when listing artifact
Fixes #11315
When specify no pagination in listing artifact request, the go-swagger will set the default value for them, so we need to iterate the link header to get all of artifacts

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-26 21:26:09 +08:00
Daniel Pacak
48df949c30
feat(trivy): Return Trivy DB update timestamp in /api/v1/metadata response (#11285)
Resolves: #11284

Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
2020-03-26 19:22:28 +08:00
Wenkai Yin
64e4651b3f Support replicate images with media type application/vnd.docker.distribution.manifest.v1+json
Fixes #11272, support replicate images with media type application/vnd.docker.distribution.manifest.v1+json

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-26 19:09:48 +08:00
Wenkai Yin
213c534e8a Return 404 rather than 500 error when getting registry info
In Harbor 2.0, the replication isn't supported between instances with different versions, this commit returns the 404 error when trying to get the registry info whose version is different with the current one

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-26 18:07:11 +08:00
He Weiwei
73f3a305ce
refactor: rename testing/api to testing/controller (#11295)
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-03-26 14:00:11 +08:00
jwangyangls
96572c3c86
Merge pull request #11254 from jwangyangls/nightly-case-3
[Fix]   Fix issue 2.0
2020-03-26 12:14:37 +08:00
Yogi_Wang
cba4490a5a [Fixed] Fix bug for 2.0 and add case for trivy
Signed-off-by: Yogi_Wang <yawang@vmware.com>
1.add case for trivy
2.vunerbility refresh bug
3.scan mutiple artifact
4.fix global search bug
5.disable delete tag btn when remove immutable tag
6.cancel selectRow when add label or remove label;fix #11195
7.fix cron tootip
2020-03-26 11:39:57 +08:00
qinshaoxuan
df9c2bdc46 Fix bug when scanner is unhealthy
The function GetRegistrationByProject should not return err when Ping
return err.  The return value 'registration' has 'Health' field which
shows the scanner health status.

Resolves: #11051
See also: #9788, #9807

Signed-off-by: qinshaoxuan <qinshaoxuan@baidu.com>
2020-03-26 11:25:47 +08:00
Wang Yan
da8902da53
Handle empty orlist in orm query (#11270)
Fixes #11267
When caller parse an empty orlist to orm lib, it will parse the empty vaule to beego orm.
But beego will panic if the query string is empty.

Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-26 11:23:20 +08:00
Wenkai Yin(尹文开)
d05817c8a2
Update the URL checking logic of auth proxy security generator (#11180)
As we don't support bearer token in Harbor 2.0, the URL checking logic in auth proxy security generator should be updated

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-25 01:19:11 +08:00
Wenkai Yin(尹文开)
8984979bd2
Relocate/rename some packages (#11183)
Fixes #11016
1. src/pkg/q->src/internal/q
2. src/internal->src/lib (internal is a reserved package name of golang)
3. src/api->src/controller

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-24 20:45:45 +08:00
Ted Guan
e49a247d3d
Replication webhook support (#11179)
* replication webhook support

Signed-off-by: guanxiatao <guanxiatao@corp.netease.com>

* replication webhook support with ut fixed

Signed-off-by: guanxiatao <guanxiatao@corp.netease.com>
2020-03-23 18:45:58 +08:00
Wang Yan
168637a743
Add permission check for audit logs API (#11154)
add a base method to require system admin permission

Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-23 16:59:10 +08:00
Wang Yan
15d2a93aa2
Fix orm query setter issue (#11177)
For the Andlist, the query setter should ignore it

Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-23 16:05:20 +08:00
Wenkai Yin(尹文开)
1762bfae69
Merge pull request #11158 from ywk253100/200320_repository_api
Add "_self" suffix for repository API to avoid conflict
2020-03-23 14:45:52 +08:00
Wenkai Yin(尹文开)
c4af6ff824
Fix bug when deleting the repository (#11121)
Fixes #10997 by looping the artifact candidates until all of them are deleted

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-23 10:38:47 +08:00
Wenkai Yin(尹文开)
8688f78cd2
Merge pull request #11144 from ywk253100/200319_security_middleware
Rewrite the filters with middleware mechinism
2020-03-23 10:12:48 +08:00
Will Sun
b740903314
Merge pull request #11143 from AllForNothing/resolver
Add routing-resolvers
2020-03-23 10:12:17 +08:00
Wenkai Yin
0453709b74 Rewrite the filters with middleware mechinism
Fixes 10532,rewrite the filters with middleware mechinism

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-23 09:26:20 +08:00
jwangyangls
61d7eaa405
Merge pull request #11160 from jwangyangls/repo-pagination
[fix] fix repo pagination
2020-03-20 19:46:02 +08:00
Wenkai Yin(尹文开)
5f982bfee1
Merge pull request #11163 from heww/gc-refresh-quotas
feat(gc,quota): refersh quotas for projects after gc
2020-03-20 19:23:36 +08:00
Wenkai Yin(尹文开)
bf3b185357
Merge pull request #11162 from reasonerjt/rm-reset-pwd
Remove route entry to reset password
2020-03-20 19:17:53 +08:00
Yogi_Wang
2786a3347c [fix] fix repo pagination
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2020-03-20 17:22:28 +08:00
He Weiwei
5641ae49df feat(gc,quota): refersh quotas for projects after gc
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-03-20 09:13:50 +00:00
Wenkai Yin
dca06b6ede Add "_self" suffix for repository API to avoid conflict
Add "_self" suffix for repository API to avoid conflict

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-20 17:08:08 +08:00
danfengliu
b51076ffa8
Merge pull request #11151 from jwangyangls/oci-nightly-change-2
[OCI] Change nightly case and change delete artifact words
2020-03-20 16:32:03 +08:00
Yogi_Wang
13ae4482ab [OCI] Change nightly case and change delete artifact words
1.nightly: fix tag retention and immutable tag case xpath
2.nightly: fix the part of delete repo button xpath
3.nightly: fix the api version when GC
4.nightly: fix add label of artifact xpath
5.text:   change delete artifact show words
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2020-03-20 15:59:16 +08:00
Daniel Jiang
9b750f60df Remove route entry to reset password
fixes #10712
The functions in CommonController are kept as a reference.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-03-20 14:05:21 +08:00
Wang Yan
63cf1fce7f
Unescape tags query when to list artifact (#11148)
The query string is encoded by UI, and we have to unescape the "=" in "q=tag=nil",
otherwise, the query doesn't work, and returns 400

Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-20 10:07:34 +08:00
Steven Zou
e8d5ba9491
Merge pull request #11004 from steven-zou/fix/update_js_ut_case
fix[js_ut]:update stop job case of js
2020-03-19 15:49:08 +08:00
Wang Yan
dc6eec8a73
Enable API logs test case (#11142)
1, enable user view log api test case
2, update project logs api permission check
3, use project ctl instead in permission check base method

Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-19 14:56:37 +08:00
AllForNothing
887d693fa4 Add routing-resolvers
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-03-19 14:45:04 +08:00
He Weiwei
21349e30af
feat(middleware,vulnerable): add image index checking for vulnerability prevention (#11084)
1. Skip vulnerability prevention checking when artifact is not
scannable.
2. Skip vulnerability prevention checking when artifact is image index
and its type is `IMAGE` or `CNAB`.
3. Skip vulnerability prevention checking when the artifact is pulling
by the scanner.
4. Change `hasCapability` from blacklist to whitelist.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-03-19 10:48:19 +08:00
Wang Yan
9e4fdc571a
update internal common error (#10994)
1, New support construct with string or err
2, Add Wrap/Errorf method

Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-19 10:46:07 +08:00
Qian Deng
cf90ec27f2
Merge pull request #10706 from ninjadq/enable_tls_on_all_components
Enable tls on all components
2020-03-18 21:25:40 +08:00
Wenkai Yin(尹文开)
dbedcf960c
Merge pull request #11128 from wy65701436/perf-list-artifact
simplify query string when to list artifact
2020-03-18 21:00:19 +08:00
Wenkai Yin(尹文开)
c505c82d57
Merge pull request #11126 from ywk253100/200318_label_resource
Remove the API to listing the resources that added with the specific label
2020-03-18 20:58:28 +08:00
He Weiwei
fe39bb6a2a
feat(quota,notification): notification for quota exceeded and warning (#11123)
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-03-18 20:24:23 +08:00
DQ
4c30995858 Refator tls config
use default Httptransport instead of empty one
remove unused code

Signed-off-by: DQ <dengq@vmware.com>
2020-03-18 19:22:10 +08:00
DQ
b93092e012 Add tls for trivy
Add trivy tls cert files
Add tivey tls env and config
enhance gencert

Signed-off-by: DQ <dengq@vmware.com>
2020-03-18 19:22:10 +08:00
DQ
c954969bcd Add mTLS configs
mTLS only enabled in jobservice and registryctl

Signed-off-by: DQ <dengq@vmware.com>
2020-03-18 19:22:10 +08:00
DQ
454382149f TLS update for chart, clairadapter, registry
Remove trustca in chartmuseum
Remove trustca in registry
Add tls in clair-adapter

Signed-off-by: DQ <dengq@vmware.com>
2020-03-18 19:22:10 +08:00
DQ
03e11c63c7 Fix docker file with secure tls change
Signed-off-by: DQ <dengq@vmware.com>
2020-03-18 19:22:10 +08:00
DQ
115185894f Merge internal Transport and Secure Transport
Signed-off-by: DQ <dengq@vmware.com>
2020-03-18 19:22:09 +08:00
DQ
02dea3ad2c Add: mTLS configuration on CI
Add internal_tls on ci
generate certs for ci

Signed-off-by: DQ <dengq@vmware.com>
2020-03-18 19:22:09 +08:00
DQ
dcc6950af7 Feat: auto install ca in registry
Signed-off-by: DQ <dengq@vmware.com>
2020-03-18 19:22:09 +08:00
DQ
b852605193 Feat: enable mtls in harbor replication
Signed-off-by: DQ <dengq@vmware.com>
2020-03-18 19:22:09 +08:00
DQ
40e67f3b14 Feat: Enable mtls for registry
Signed-off-by: DQ <dengq@vmware.com>
2020-03-18 19:22:09 +08:00
DQ
07a1d51693 Feat: enable tls in registryctlAdd tls related code in registryctl
Signed-off-by: DQ <dengq@vmware.com>
2020-03-18 19:22:09 +08:00
DQ
10753caf90 Feat: enable tls in chart
add tls related code in chart server

Signed-off-by: DQ <dengq@vmware.com>
2020-03-18 19:22:09 +08:00
DQ
e6bb3b0977 Feat: enable tls related thing to jobservice
Add tls related code in jobservice

Signed-off-by: DQ <dengq@vmware.com>
2020-03-18 19:22:09 +08:00
DQ
da359f609f Feat: enable mtls in core
add mtls related code in core

Signed-off-by: DQ <dengq@vmware.com>
2020-03-18 19:22:09 +08:00
Wang Yan
b4e941e961
drop table access log in migration (#11118)
Use the audit log instead, the access log table should be dropped after migration

Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-18 19:04:38 +08:00
wang yan
3deef8a7d4 simplify query string when to list artifac
To improve the performance of loading repository page, make the query set thinner.

Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-18 18:53:33 +08:00
Wenkai Yin
c92d9e4034 Remove the API to listing the resources that added with the specific label
As we introduce a new table to record the relationship between the artifacts and labels, the current way to list label's resources doesn't work anymore, and the API isn't needed by any features, remove it in 2.0

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-18 18:47:44 +08:00
Wang Yan
0422721490
Enable pull time on getting manifest (#11110)
Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-18 18:38:37 +08:00
Wenkai Yin
256796ea9b Remove the project manager from context
Remove the project manager introduced when integrated with Admiral from the context

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-18 15:28:02 +08:00
Wenkai Yin(尹文开)
eb2af6095e
Merge pull request #11107 from ywk253100/filter_replication_pull
Filter the pulling manifest request from replication service
2020-03-18 14:36:29 +08:00
Wenkai Yin(尹文开)
798dda8604
Escapse the repository name in the link header returned in response (#11037)
Escapse the repository name in the link header returned in response

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-18 14:29:15 +08:00
He Weiwei
7d20154db5
fix: remove old artifact model (#11112)
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-03-18 14:20:06 +08:00
jwangyangls
2f7ce0da1c
Merge pull request #11096 from jwangyangls/fix-some-issue-oci
[OCI] changes some show words
2020-03-18 14:00:13 +08:00
Wang Yan
050967f95f
Use new query model to get audit logs (#11113)
* Use new query model to get audit logs

leverage the query builder to build query, remove the old style query string

Signed-off-by: wang yan <wangyan@vmware.com>

* Switch to new API  for  project log page

Signed-off-by: AllForNothing <sshijun@vmware.com>

Co-authored-by: AllForNothing <sshijun@vmware.com>
2020-03-18 13:46:49 +08:00
Yogi_Wang
891ef80e46 [OCI] changes some show words
1. search result show artifact count
2. replication shows changes both to all
3. fix delete bug when delete some artifact
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2020-03-18 12:17:30 +08:00
Wang Yan
7af0bd5ed7
Fix delete scan report on deleting artifact (#11102)
Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-17 21:25:06 +08:00
Wenkai Yin(尹文开)
f02c5570a7
Merge pull request #11111 from ywk253100/200317_clean_todo
Clean up some TODO items
2020-03-17 20:17:22 +08:00
He Weiwei
e3c5c37668
fix(scan): assign repository pull access policy to robot account when scan artifact (#11109)
The v2auth middleware will check whether the requestor  has the pull or
push permissions for the repository, and forbid the request when the
requestor does not have the permission.  We need to assign repository
pulling permission to the robot account for the scanner, otherwise
scanner will be failed to pull the artifact.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-03-17 19:30:21 +08:00
He Weiwei
f8983fe198
feat(log): track request id in the log message (#11095)
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-03-17 19:29:59 +08:00
Wenkai Yin
3aca33acde Clean up some TODO items
1. Remove blob fetcher and cache

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-17 19:01:38 +08:00
Wenkai Yin
e8935dd804 Filter the pulling manifest request from replication service
Filter the pulling manifest request from replication service so that the audit log will not record the pulling action

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-17 16:32:11 +08:00
Wang Yan
ce2257dc22
update project logs api to v2.0 (#11097)
use audit log api to get project logs

Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-17 11:58:43 +08:00
Will Sun
2b6fb4abcf
Merge pull request #11073 from AllForNothing/permission
Swith to new API for recent log page
2020-03-17 11:25:29 +08:00
Wenkai Yin(尹文开)
411c73bd79
Merge pull request #11046 from ywk253100/200312_replication
Replicate tag deletion between Harbor instances
2020-03-17 10:58:06 +08:00
jwangyangls
89cdd7a9f9
Merge pull request #11089 from jwangyangls/clear-dead-code
[OCI] Remove dead code
2020-03-17 10:03:18 +08:00
jwangyangls
580b74035d
Merge pull request #11007 from jwangyangls/artifact-filter-changes
[OCI] Artifact filter params changes in ui
2020-03-17 10:02:50 +08:00
Wenkai Yin
5925e0862d Replicate tag deletion between Harbor instances
This commit introduces the tag deletion as a new capability for registry adapters, and currently only Harbor supports it

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-17 09:27:02 +08:00
Yogi_Wang
61fa461e91 [OCI] Remove dead code
1. remove tag service / tag model
2. remove retag service
3. remove artifact service some function
4. remove repository service / repository model  /repositoryItem model
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2020-03-16 17:24:21 +08:00
Wang Yan
fbb3226e85
move notification handles and events metadata into api (#11085)
1, enable audit logs for notifications
2, move the handler and meatadata into API
3, use the notification middleware to send out notification

Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-16 16:56:34 +08:00
Wenkai Yin(尹文开)
a83c78c1a5
Merge pull request #11064 from ywk253100/200313_cached_token
Check expired or not when getting token from cache
2020-03-16 16:27:18 +08:00
Wenkai Yin(尹文开)
89eeeb29ca
Change tag count to artifact count in search result (#11068)
Change tag count to artifact count in search result

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-16 14:28:59 +08:00
Wenkai Yin(尹文开)
d250e6998e
Fix bug when reading the readme.md of helm chart (#11059)
Fix bug when reading the readme.md of helm chart

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-16 14:26:50 +08:00
jwangyangls
46fe1182b7
Merge pull request #11043 from jwangyangls/add-OPENPOLICYAGENT
[OCI] Add the icon of openpolicyagent artifact
2020-03-16 13:39:10 +08:00
Daniel Jiang
2615339f4c
Merge pull request #11076 from reasonerjt/csrf-secure-flag
make Secure flag of CSRF cookie adapt to config
2020-03-16 11:47:51 +08:00
He Weiwei
60f8595034
refactor(quota): implement internal quota APIs by quota controller (#11058)
1. Use quota controller to implement the internal quota APIs.
2. The internal quota APIs can exceed the quota limitations.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-03-16 10:20:17 +08:00
Daniel Jiang
cbd2619035 make Secure flag of CSRF cookie adapt to config
fixes #11074

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-03-16 04:03:49 +08:00
Wang Yan
9cc6e88a65
add notification middleware (#11072)
the notification is for send out the event after DB transaction complete.
It's safe to send hook as this middleware is after transaction in the response path.

Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-14 22:34:36 +08:00
He Weiwei
ec31a87884
fix(blob,quota): process blobs already in registry no but associated with project (#11071)
1. Before put manifest request, ensure that the requested size resource
include the blobs which are referenced by the manifest but not
associated with project.
2. After put manifest request, associate the blobs which are referenced
by the manifest but not associated with project.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-03-14 21:39:44 +08:00
Wenkai Yin
c6940e8184 United error response format for management APIs (legacy and v2.0 APIs)
United error response format for management APIs (legacy and v2.0 APIs)

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-13 22:00:08 +08:00
AllForNothing
05431a149d Swith to new API for recent log page
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-03-13 19:56:44 +08:00
Wenkai Yin(尹文开)
4a97cd270d
Merge pull request #11038 from ywk253100/200312_upgrade
Repair the count usage during the upgrading
2020-03-13 16:19:12 +08:00
He Weiwei
37e6fa5c92
fix(transaction): change to use value in the ctx to decide whether commit tx (#11062)
Type assertion not work when the ctx in the request changed in the next
handler, so change to use value in the ctx to decide whether to commit
tx.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-03-13 15:19:13 +08:00
Wenkai Yin
05255a7ea7 Check expired or not when getting token from cache
Check expired or not when getting token from cache

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-13 14:57:30 +08:00
Wenkai Yin
a4a1913598 Repair the count usage during the upgrading
As the count quota is against artifact rather than tag in 2.0, the count usage should be recalculated

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-13 13:59:48 +08:00
Yogi_Wang
b32a8db114 [OCI] Add the icon of openpolicyagent artifact
1. add image
2. fix show ui clearly when dark
3. fix chinese words of replication name filter tooltip
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2020-03-13 12:01:00 +08:00
Daniel Jiang
2e7eb8872e
Move ArtifactInfo to internal package (#11055)
To avoid depedency loop, this commit moves the model of ArtifactInfo to
internal pacakge, so that a controller can it from context when needed.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-03-13 11:16:13 +08:00
He Weiwei
2a243ef7a2
refactor(rbac): refactor rbac impl to improve performance (#9988)
1. Introduce `Evaluator` interface which do the permission checking.
2. `admin`, `lazy`, `rbac`, `namespace` and `evaluartor` set are implemented the
`Evaluator` interface.
3. Move project rbac implemention from `project` to `rbac` pkg to reduce
the name  conflict with project instance of model.
4. Do permission checking in security context by `Evaluator`.
5. Cache the regexp in rbac evaluator for casbin.
6. Cache evaluator in namespace evaluator to improve performance.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-03-12 23:42:53 +08:00
Ziming Zhang
8ffa79801b feature(tag_retention) add checkbox for user to control whether remove untagged image
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2020-03-12 22:50:21 +08:00
He Weiwei
12f16c8cec
feat(scan): support to scan image index (#11001)
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-03-12 19:30:12 +08:00
Wenkai Yin
289f04d301 Restructure the packages of artifact
1. Introduce a new interface Processor to replace Abstractor and Descriptor
2. Provide the base processors for manifest and index to reduce the duplicate code
3. Move the child artifacts checking out of processor

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-12 16:03:13 +08:00
Ziming Zhang
25b5c3796b enhance(replication) update healthy status immediately
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2020-03-12 14:55:50 +08:00
Steven Zou
b546d9167a
Merge pull request #11019 from bitsf/replication_adapter_sort
feat(replication) sort the adapters shown on UI
2020-03-12 14:53:34 +08:00
Ziming
b597d9d59a
feat(ci) enhance govet check performance (#11008)
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2020-03-12 11:03:24 +08:00
Wenkai Yin(尹文开)
dcaccbc757
Merge pull request #10945 from ywk253100/200305_swagger_model
Remove the "x-go-type" for artifact definition in swagger
2020-03-12 10:47:00 +08:00
Wenkai Yin
4ccc3da99b Remove the "x-go-type" for artifact definition in swagger
Using "x-go-type" may cause the inconsistence between the swagger definition and the real data model

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-12 10:06:22 +08:00
Will Sun
1831aeb45c
Merge pull request #11023 from AllForNothing/robot
Improve UI for add robot page
2020-03-12 09:46:20 +08:00
Will Sun
878c004d9e
Merge pull request #11025 from jwangyangls/upgrade-clr
[feat] Upgrade clarity to 2.3.8
2020-03-12 09:45:42 +08:00
He Weiwei
89dfe24f19
feat(quota): add Request and Refresh middlewares for APIs (#10907)
1. Introduce ReqquestMiddleware and RefereshMiddleware.
2. Add request middlware to copy artifact, mount blob, put blob upload,
put manifest, upload chart verson APIs.
3. Add refresh project middleware to delete manifest, delete artifact,
delete chart version, delete repository APIs.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-03-11 22:25:40 +08:00
Will Sun
aa73f16a20
Merge pull request #11027 from AllForNothing/webhook
Improve Webhook UI
2020-03-11 18:35:29 +08:00
Wenkai Yin(尹文开)
c2826d0368
Merge pull request #11030 from mmpei/webhook-dev-slack
add support slack in webhook
2020-03-11 18:20:58 +08:00
Ted Guan
4ac31c6d46
Add API for query supported event types and notify types; Return policy name in last trigger info; Remove project_id unique constraint in table notification_policy (#11029)
Signed-off-by: guanxiatao <guanxiatao@corp.netease.com>
2020-03-11 18:06:58 +08:00
Ziming Zhang
d1d0601841 feat(replication) sort the adapters shown on UI
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2020-03-11 18:06:29 +08:00
peimingming
3a6d1d75d0 add support slack in webhook
Signed-off-by: peimingming <peimingming@corp.netease.com>
2020-03-11 17:19:38 +08:00
AllForNothing
a19900e96e Improve webhook UI
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-03-11 16:51:21 +08:00