Commit Graph

23 Commits

Author SHA1 Message Date
root
6f335bdb1a Deprivilege harobr-log, harbor-db, registry image.
This change involves using non-root user to run the process of the
docker images.  Also made update in Dockerfile to make the containers
support "read-only" and introduce "HEALTHCHECK". Note the "read-only"
options are not enabled in docker-compose, to cover the very corner
case when user wants to update the container filesystem manually.

Remove read only option from docker-compose template by default
2017-11-02 23:35:06 -07:00
Wenkai Yin
0ddca31355 Add column id to table project_metadagta as the primary key 2017-10-30 17:37:25 +08:00
Tan Jiang
2cedfff4b3 Rebuild Harbor DB docker image on top of Maria DB
This change reworked the vmware/harbor-db image to build it on top of
vmware/mariadb-photon.
Also made minor change in the entrypoint script of mariadb image to
execute upgrade script during bootstrap, and fix a file permission
issue in the bootstrap scripts.
2017-10-26 12:27:09 +08:00
Wenkai Yin
2156750b04 Move certificate verification to target level
The certificate verification is on system level before this commit. Moving it
to target level makes the configuration more flexible for different targets.
2017-10-20 15:36:56 +08:00
Wenkai Yin
66b2d0d3f3 Apply project level policies to standalone Harbor
The following features are only enabled in integration mode, this commit moves
these to standalone Harbor:
 - Content trust policy: only signed images can be pulled
 - Vulnerability policy: only images whose severity is below the threshold can be pulled
 - Automatic scan policy: automatic scan pushed images
2017-10-19 17:33:28 +08:00
Wenkai Yin
e495357d98 implement the default project metadata manager 2017-09-28 16:17:51 +08:00
Wenkai Yin
7296bdc131 increase length of username in database to 256 2017-08-17 15:24:34 +08:00
Tan Jiang
e1e975096c add int id for scan overview and revoke the change in beego 2017-07-09 12:37:08 +08:00
Daniel Jiang
b96770b90a Merge pull request #2693 from reasonerjt/clair-notification
Clair notification handler
2017-07-05 20:18:34 +08:00
Yan
d849c36e3f Merge pull request #2570 from samifruit514/master
Allow 255 chars for Realname
2017-07-05 03:17:57 -07:00
Tan Jiang
8b31715b34 provide Clair notification handler
update the timestamp in DB, when handling the notification
2017-07-05 15:35:53 +08:00
wangyan
c986c33a6c 1.2.0 DB migration
update

update
2017-06-30 03:01:56 -07:00
Archambault, Samuel
18cea61121 Allow 255 chars for Realname 2017-06-19 13:54:21 -04:00
Tan Jiang
ae2d868fd4 handlers for image scan, store results overview in DB 2017-06-13 23:37:54 +08:00
Daniel Jiang
42984fe1c9 refactory for scan job service (#2459)
* refactory for scan job service and implement ScanJob.
2017-06-08 15:04:23 +08:00
Daniel Jiang
5892ef29c2 Merge pull request #2291 from reasonerjt/vulscan-job-refactory
add scan job table and dao functions
2017-05-12 02:45:55 -04:00
Tan Jiang
dcbfb4d309 add scan job table and dao functions 2017-05-11 21:41:57 +08:00
Wenkai Yin
1e28f01365 delete foreign key 2017-05-10 18:28:19 +08:00
Wenkai Yin
3be9cca0f5 delete column user_id from table accesslog 2017-05-03 14:18:07 +08:00
Wenkai Yin
4f9d9ed5d8 delete owner_id column from table repository 2017-05-02 14:57:07 +08:00
wy65701436
20458f88d2 fix mysql image to 5.6.35 2017-04-12 03:47:23 -07:00
Tan Jiang
0471c8ed2c escape mysql root password 2017-04-11 12:50:13 +08:00
yhua
311cf8da07 change code 20161019 2016-10-21 18:39:10 +08:00