stonezdj(Daojun Zhang)
a0d40922c8
[cherry-pick] Check create when fire the artifact event ( #20838 )
...
Check create when fire the artifact event
fixes #20828
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
2024-08-12 14:07:54 +08:00
Shengwen YU
6095188ad5
Bump up version to v2.11.1 ( #20827 )
...
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2024-08-12 11:45:13 +08:00
Wang Yan
ff3e16a387
remove migrate patch ( #20834 )
...
cherry pick #20619
Signed-off-by: wang yan <wangyan@vmware.com>
2024-08-12 10:26:10 +08:00
Shengwen YU
a3ec51f628
Refresh base images ( #20826 )
...
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2024-08-09 13:59:52 +08:00
Wang Yan
a3c69a6ff9
cherry-pick #20603 ( #20824 )
...
Signed-off-by: wang yan <wangyan@vmware.com>
2024-08-08 19:47:01 +08:00
Lichao Xue
73736afd4f
cherry-pick: Fixes-20799 can't remove artifact labels ( #20817 )
...
Fixes-20799 can't remove artifact labels
Signed-off-by: xuelichao <xuel@vmware.com>
2024-08-07 14:52:02 +08:00
Wang Yan
dfcba09e7f
[cherry-pick ]Release 2.11.0 cp 20803 ( #20814 )
...
* add list project arifacts API
This API supports listing all artifacts belonging to a specified project. It also allows fetching the latest artifact
in each repositry, with the option to filter by either media_type or artifact_type.
Signed-off-by: wang yan <wangyan@vmware.com>
* resolve the comments
Signed-off-by: wang yan <wangyan@vmware.com>
* fix testing failures
Signed-off-by: wang yan <wangyan@vmware.com>
---------
Signed-off-by: wang yan <wangyan@vmware.com>
2024-08-07 13:57:32 +08:00
Shengwen YU
14f98c0d7e
[cherry-pick] fix: add quote to dockerhub cred ( #20694 )
...
fix: add quote to dockerhub cred in case it contains specical characters
which will be failed to run the publish release github action job
regarding publishImages
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2024-07-15 18:16:07 +08:00
stonezdj(Daojun Zhang)
3b49c97d74
[cherry-pick] Change the log message when PostScan failed. ( #20699 )
...
Change the log message when PostScan failed.
fixes #20573
remove s from additions/sboms in the link
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
2024-07-04 19:53:00 +08:00
Shengwen YU
82c9f9c88d
fix: update migrate tc ( #20678 )
...
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2024-07-01 13:44:10 +08:00
Chlins Zhang
04e360660b
[cherry-pick] fix: disable the scan related button when installation without scanner or scanner deactived ( #20661 )
...
fix: disable the scan related button when installation without scanner or scanner deactived
Signed-off-by: chlins <chlins.zhang@gmail.com>
2024-06-26 12:45:48 +08:00
stonezdj(Daojun Zhang)
08e5553536
[cherry-pick] Add translation for zh_CN ( #20634 )
...
Add translation for zh_CN
add sbom translation for zh_CN
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
2024-06-21 15:19:49 +08:00
stonezdj(Daojun Zhang)
434b1afb57
[cherry-pick] Add menu item for ko_KR local ( #20633 )
...
Add menu item for ko_KR local
fixes #20600
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
2024-06-20 15:50:34 +08:00
stonezdj(Daojun Zhang)
5a069939d4
[cherry-pick] Use internal registry url to push artifact accessory ( #20581 )
...
Use internal registry url to push artifact accessory
fixes #20565
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
2024-06-13 22:12:43 +08:00
stonezdj(Daojun Zhang)
70255684c5
[cherry-pick] Adjust the query by UUID sql so that it can use the idx_task_extra_at… ( #20546 )
...
Adjust the query by UUID sql so that it can use the idx_task_extra_attrs_report_uuids
fixes #20505
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
2024-06-04 18:29:53 +08:00
Lichao Xue
81fcc0a4eb
Fixes-20537 SBOM tab should not exist when the artifact is helm package ( #20539 )
...
Fixes-20537 SBOM tab should not exist when the artifact is helm package #20538
Signed-off-by: xuelichao <xuel@vmware.com>
2024-06-03 19:45:02 +08:00
stonezdj(Daojun Zhang)
2b271701b0
[cherry-pick] No sbom_overview when sbom is deleted ( #20534 )
...
No sbom_overview when sbom is deleted
fixes #20529
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
2024-06-03 13:38:23 +08:00
stonezdj(Daojun Zhang)
33de1ad805
[cherry-pick] Response an error message when there is incomplete sbom generate job ( #20527 )
...
Response an error message when there is incomplete sbom generate job
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
2024-05-31 16:23:06 +08:00
Wang Yan
eeec10387b
[cherry-pick] fix http client to push sbom accessory ( #20528 )
...
fix http client to push sbom accessory
Signed-off-by: wang yan <wangyan@vmware.com>
2024-05-31 16:19:39 +08:00
Wang Yan
99440599ea
[cherry-pick] fix 20518 ( #20522 )
...
fix 20518
fixes #20518
Since there is no report for the replicated artifact, update to use the artifact id to remove accessories.
Signed-off-by: wang yan <wangyan@vmware.com>
2024-05-30 19:38:59 +08:00
Lichao Xue
7c18987c39
Fix UI bugs - Pagination is missing on tag immutability rules ( #20520 )
...
Fix UI bugs - Pagination is missing on tag immutability rules #20501
Signed-off-by: xuelichao <xuel@vmware.com>
2024-05-30 18:18:38 +08:00
Wang Yan
614bf40a5d
tls support for pushing sbom ( #20515 )
...
Make it supports the tls configuration for the client for pushing sbom object
Signed-off-by: wang yan <wangyan@vmware.com>
2024-05-30 17:40:20 +08:00
Wang Yan
723abc6167
[cherry-pick] fix 20496 ( #20509 )
...
fix 20496
fixes #20496
Harbor will reserve one SBOM accessory artifact for each subject artifact. Ensure all existing SBOMs are removed before generating the next set.
Signed-off-by: wang yan <wangyan@vmware.com>
2024-05-29 17:44:50 +08:00
stonezdj(Daojun Zhang)
103eb42bd7
[cherry-pick] Fix tooltip issue related to SBOM.Details ( #20511 )
...
Fix tooltip issue related to SBOM.Details
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
2024-05-29 17:28:24 +08:00
stonezdj(Daojun Zhang)
26eb63b1b0
[cherry-pick] Separate the execution vendor type sbom from image_scan ( #20508 )
...
Separate the execution vendor type sbom from image_scan
Add vendor type SBOM for execution
fixes #20495
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
2024-05-29 15:45:33 +08:00
Shengwen YU
14f9af09c5
Bump up base image ( #20507 )
...
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2024-05-29 13:38:05 +08:00
stonezdj(Daojun Zhang)
e2826868ee
[cherry-pick] Add sbom_report table to store sbom related information ( #20482 )
...
Add sbom_report table to store sbom related information
fixes #20445
Refactor scan/base_controller.go
Move MakeReportPlaceholder, GetReportPlaceholder, GetSummary to vul and sbom scanHandler
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
2024-05-24 17:08:41 +08:00
Lichao Xue
a763d6b54c
Fix - 20469 sbom status and download issue ( #20475 )
...
Signed-off-by: xuelichao <xuel@vmware.com>
2024-05-23 13:15:56 +08:00
Shengwen YU
88fad92e9a
bump up trivy and trivy-adapter version ( #20468 )
...
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2024-05-22 17:24:48 +08:00
Lichao Xue
15e7a448f4
Fix-20459 Wrong sbom status displayed in UI ( #20464 )
...
* fix ui test failure (#20441 )
Signed-off-by: xuelichao <xuel@vmware.com>
* Fix-20459 Wrong sbom status displayed in UI
Signed-off-by: xuelichao <xuel@vmware.com>
---------
Signed-off-by: xuelichao <xuel@vmware.com>
Signed-off-by: Lichao Xue <68891670+xuelichao@users.noreply.github.com>
2024-05-21 17:55:50 +08:00
Lichao Xue
acb9e1738c
Cherry-pick 20441-fix ui test failure ( #20444 )
...
fix ui test failure
Signed-off-by: xuelichao <xuel@vmware.com>
2024-05-20 15:42:51 +08:00
Shengwen YU
3777877ab4
fresh base image ( #20438 )
...
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2024-05-16 20:55:10 +08:00
Lichao Xue
840d4085f0
Fix and Should to display Unsupported if no SBOM accessories found ( #20426 )
...
Should this be Unsupported either for SBOM
Signed-off-by: xuelichao <xuel@vmware.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-05-16 17:40:42 +08:00
stonezdj(Daojun Zhang)
8ccf98a2ac
Initialize execution Manager in Report Assembler ( #20437 )
...
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
2024-05-16 16:08:06 +08:00
MinerYang
2da4d5883f
bump golang 1.22.3 ( #20433 )
...
* bump golang 1.22.3
Signed-off-by: yminer <yminer@vmware.com>
* debug api_common_install.sh
Signed-off-by: yminer <yminer@vmware.com>
* remove set DNS for docker v20
Signed-off-by: yminer <yminer@vmware.com>
---------
Signed-off-by: yminer <yminer@vmware.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
2024-05-16 14:32:59 +08:00
stonezdj(Daojun Zhang)
2b4fe6ced7
Add additional link for sboms ( #20423 )
...
artifact object's addition_links has sboms item when it support to generate sbom
fixes #20346
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
2024-05-15 13:34:22 +00:00
stonezdj(Daojun Zhang)
df5b3618c7
Display status in sbom_overview for image index ( #20425 )
...
fixes #20418
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
2024-05-15 11:52:39 +00:00
Shengwen YU
bb6c7242a4
add membership=true back for gitlab replication adapter ( #20400 )
...
fix: add membership=true back for gitlab replication adapter
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2024-05-15 10:38:01 +00:00
dependabot[bot]
0fc87eaf35
chore(deps): bump github.com/go-openapi/strfmt from 0.22.0 to 0.23.0 in /src ( #20396 )
...
chore(deps): bump github.com/go-openapi/strfmt in /src
Bumps [github.com/go-openapi/strfmt](https://github.com/go-openapi/strfmt ) from 0.22.0 to 0.23.0.
- [Commits](https://github.com/go-openapi/strfmt/compare/v0.22.0...v0.23.0 )
---
updated-dependencies:
- dependency-name: github.com/go-openapi/strfmt
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-15 09:11:11 +00:00
dependabot[bot]
372102c824
chore(deps): bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux from 0.46.1 to 0.51.0 in /src ( #20394 )
...
chore(deps): bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux
Bumps [go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux](https://github.com/open-telemetry/opentelemetry-go-contrib ) from 0.46.1 to 0.51.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases )
- [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md )
- [Commits](https://github.com/open-telemetry/opentelemetry-go-contrib/compare/zpages/v0.46.1...zpages/v0.51.0 )
---
updated-dependencies:
- dependency-name: go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: MinerYang <yminer@vmware.com>
2024-05-15 08:33:53 +00:00
dependabot[bot]
34dfbfd6bd
chore(deps): bump github.com/golang-jwt/jwt/v5 from 5.2.0 to 5.2.1 in /src ( #20397 )
...
chore(deps): bump github.com/golang-jwt/jwt/v5 in /src
Bumps [github.com/golang-jwt/jwt/v5](https://github.com/golang-jwt/jwt ) from 5.2.0 to 5.2.1.
- [Release notes](https://github.com/golang-jwt/jwt/releases )
- [Changelog](https://github.com/golang-jwt/jwt/blob/main/VERSION_HISTORY.md )
- [Commits](https://github.com/golang-jwt/jwt/compare/v5.2.0...v5.2.1 )
---
updated-dependencies:
- dependency-name: github.com/golang-jwt/jwt/v5
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: MinerYang <yminer@vmware.com>
2024-05-15 15:57:04 +08:00
Wang Yan
2977fec006
fix issue 19928 ( #20409 )
...
* fix issue 19928
it needs to consider the user who is in any group that has been granted with the project admin role.
Signed-off-by: wang yan <wangyan@vmware.com>
2024-05-15 13:07:30 +08:00
stonezdj(Daojun Zhang)
232f9ba7ea
Skip scan in-toto sbom artifact ( #20415 )
...
fixes #20337
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
2024-05-13 17:12:04 +08:00
Wang Yan
65e266fecf
fix issue 20407 ( #20416 )
...
fixes #20407
It needs to specify the insecure option on parsing the reference
Signed-off-by: wang yan <wangyan@vmware.com>
2024-05-13 14:44:51 +08:00
MinerYang
068ae006fe
Update scan job request log for enabled_capabilities ( #20414 )
...
update scan job request log
Signed-off-by: yminer <yminer@vmware.com>
2024-05-10 17:17:47 +08:00
Shengwen YU
beb5f3f7cb
fix: enale stop_scan for ci ( #20378 )
...
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2024-05-06 17:35:40 +08:00
Shengwen YU
33966fbc79
fix update TRIVYVERSION=v0.50.4 & TRIVYADAPTERVERSION=v0.31.1 ( #20390 )
...
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2024-05-06 16:59:31 +08:00
dependabot[bot]
c4409c053b
Bump helm.sh/helm/v3 from 3.14.2 to 3.14.4 in /src ( #20373 )
...
Bumps [helm.sh/helm/v3](https://github.com/helm/helm ) from 3.14.2 to 3.14.4.
- [Release notes](https://github.com/helm/helm/releases )
- [Commits](https://github.com/helm/helm/compare/v3.14.2...v3.14.4 )
---
updated-dependencies:
- dependency-name: helm.sh/helm/v3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Shengwen YU <yshengwen@vmware.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-05-06 15:49:37 +08:00
dependabot[bot]
1ef61995b8
Bump github.com/go-asn1-ber/asn1-ber from 1.5.5 to 1.5.6 in /src ( #20372 )
...
Bumps [github.com/go-asn1-ber/asn1-ber](https://github.com/go-asn1-ber/asn1-ber ) from 1.5.5 to 1.5.6.
- [Release notes](https://github.com/go-asn1-ber/asn1-ber/releases )
- [Commits](https://github.com/go-asn1-ber/asn1-ber/compare/v1.5.5...v1.5.6 )
---
updated-dependencies:
- dependency-name: github.com/go-asn1-ber/asn1-ber
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-05-06 14:45:37 +08:00
dependabot[bot]
34cb462cd9
Bump github.com/gorilla/csrf from 1.6.2 to 1.7.2 in /src ( #20376 )
...
Bumps [github.com/gorilla/csrf](https://github.com/gorilla/csrf ) from 1.6.2 to 1.7.2.
- [Release notes](https://github.com/gorilla/csrf/releases )
- [Commits](https://github.com/gorilla/csrf/compare/v1.6.2...v1.7.2 )
---
updated-dependencies:
- dependency-name: github.com/gorilla/csrf
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Shengwen YU <yshengwen@vmware.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-05-06 14:08:10 +08:00