Commit Graph

10782 Commits

Author SHA1 Message Date
Wenkai Yin(尹文开)
08ed886936
Merge pull request #14914 from ywk253100/210518_registry
Update the field name of registry model
2021-05-19 17:20:12 +08:00
Daniel Jiang
93fe178dc3 Fail with 401 for GET .../users/current/permissions
fixes #14862

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-05-19 16:28:39 +08:00
Will Sun
1896df2cfb
Improve css style (#14909)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-05-19 12:49:38 +08:00
Daniel Jiang
294ee52d7a
Merge pull request #14900 from reasonerjt/rm-common-dao-getuser-onboard
Remove GetUser and Onboard from common/dao
2021-05-19 11:21:00 +08:00
He Weiwei
c6bd7b2ec2
ci: lint the swagger file (#14916)
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-05-19 10:36:09 +08:00
Daniel Jiang
4492e47e89
Merge pull request #14910 from reasonerjt/fix-oidc-callback-nil-pointer
Check user in security context before getting the ID
2021-05-18 23:35:46 +08:00
Wenkai Yin
315f490d3c Update the field name of registry model
Update the field name of registry mode

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2021-05-18 17:26:20 +08:00
Wenkai Yin
5ebc8b4fdd Truncate the string when deletinng the resources when the length exceeds the limit
Truncate the string when deletinng the resources when the length exceeds the limit

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2021-05-18 17:17:41 +08:00
Daniel Jiang
c41d75fb31 Use system configuration resource for permission checking
This commit uses system configuration resource for permission check
against API to ping OIDC and update systen CVE allowlist.
Fixes #14386

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-05-18 16:06:58 +08:00
Daniel Jiang
6ebcc95582 Fix docker version in CI.yml
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-05-18 15:29:44 +08:00
Daniel Jiang
952644e23f Remove GetUser and Onboard from common/dao
Replaced by funcs in src/pkg/user and src/controller/user

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-05-18 15:28:41 +08:00
Daniel Jiang
ebe5733f27 Check user in security context before getting the ID
This commit fix a potential nil pointer issue when trying to read User
ID from security context

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-05-18 14:54:58 +08:00
He Weiwei
0c315d8aee
refactor: remove allowlist in GetSummary of scan controller (#14836)
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-05-18 14:01:59 +08:00
Vadim Bauer
1a3335edc5
Provide information about missing RBAC permissions in debug mode. (#14906)
Signed-off-by: Vadim Bauer <vb@container-registry.com>

Co-authored-by: Vadim Bauer <vb@container-registry.com>
2021-05-18 10:02:34 +08:00
Wenkai Yin(尹文开)
aaff28f6ff
Merge pull request #14843 from ninjadq/fix_webhook_parse_chartname
Fix webhook parse chartname panic
2021-05-18 09:30:22 +08:00
Will Sun
0a8ff4c1f9
Update project summary page (#14874)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-05-17 10:39:33 +08:00
Wenkai Yin(尹文开)
e553cbe795
Merge pull request #14887 from wy65701436/golang-15
bump up go to v1.15.12
2021-05-17 10:32:19 +08:00
He Weiwei
73045c55ce
fix: disable x-omitempty for repo_count and chart_count (#14895)
Closes #13664

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-05-17 10:22:51 +08:00
Will Sun
ba68f16b8d
Support searching quota by project name (#14881)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-05-17 09:46:24 +08:00
He Weiwei
7fb1bc538c
refactor: remove unused core/api/models pkg (#14882)
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-05-14 17:15:44 +08:00
Wang Yan
0fb520a33b bump up go to v1.15.12
Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-05-14 15:36:23 +08:00
He Weiwei
6f3607cebd
perf: cache the metadata of the scanner (#14879)
1. Cache the metadata of scanner 30s.
2. Change the scanner client request timeout to 5s.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-05-14 14:27:37 +08:00
Qian Deng
a19f6f8748
Add grafana example for metrics (#14504)
add json file for grafana

Signed-off-by: DQ <dengq@vmware.com>
2021-05-14 14:19:27 +08:00
Ziming
1665dbcbc8
fix(retention) add delete retention API (#14747)
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2021-05-14 14:15:42 +08:00
Daniel Jiang
35c9a98272
Merge pull request #14875 from heww/fix-scan-all
fix: using new ctx to scan artifact when scanAll
2021-05-14 12:56:10 +08:00
He Weiwei
eed91dab45
fix: requires authn for apis of project scanner (#14880)
Closes #14863

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-05-14 11:27:23 +08:00
Daniel Pacak
7e6235bd3b
chore(trivy): Bump up Trivy scanner adapter to v0.19.0 (#14797)
Trivy scanner adpater v0.19.0 comes with Trivy v0.17
which adds support for Java JAR/WAR/EAR archives and
Go binaries scanning.

The release notes are published on
https://github.com/aquasecurity/trivy/releases/tag/v0.17.0

Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
2021-05-14 10:30:17 +08:00
He Weiwei
f800d531ec fix: using new ctx to scan artifact when scanAll
DB transaction failure may break the loop query of the artifacts, the
result is that not all artifacts are scanned in one scan all job. Using
a new DB connection to call the Scan method of the controller to avoid
this problem.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-05-13 12:33:10 +00:00
Daniel Jiang
fa46b0d736
Merge pull request #14095 from jsoref/tokens
Tokens
2021-05-13 13:25:58 +08:00
Daniel Jiang
25c9b9dcb8
Merge pull request #14325 from a-mccarthy/update-2.2
Update support matrix to include 2.2
2021-05-13 11:47:20 +08:00
Wang Yan
ad9569da26
refactor preheat model (#14858)
Move the notification to preheat models

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-05-12 22:29:01 +08:00
DQ
2583107446 Fix panic issue when there are '--' in chart name
let webhook get name function consistent with chartmuseum

Signed-off-by: DQ <dengq@vmware.com>
2021-05-12 14:11:57 +00:00
Qian Deng
17dd48e5a3
Merge pull request #14854 from ninjadq/upgrade_helm_chart
Upgrade helm chart
2021-05-12 19:33:03 +08:00
xiaorunkun
eab4a6161f word correct 2021-05-12 17:08:20 +08:00
stonezdj(Daojun Zhang)
0dfc801a50
Error string should not be capitalized (#14840)
Signed-off-by: stonezdj <stonezdj@gmail.com>
2021-05-12 16:53:37 +08:00
Wenkai Yin(尹文开)
c1f9b14a22
Merge pull request #14860 from ywk253100/210512_dup_task
[cherry-pick]Fix duplicate execution record issue
2021-05-12 16:50:37 +08:00
Wenkai Yin
c04f3a2aac Fix duplicate execution record issue
When the core service cannot response the checkin request in time, duplicated execution records may be created, this commit introduces the revision column to make sure there is only one record for one schedule trigger

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2021-05-12 15:40:52 +08:00
Moshe Immerman
d1b553fd3a
feat: add ORM_DEBUG env option (#14709)
Signed-off-by: Moshe Immerman <moshe@flanksource.com>
2021-05-12 10:56:30 +08:00
Daniel Jiang
bd9a1c6722
Merge pull request #14829 from reasonerjt/user-common-dao-cleanup
Move user related funcs from common/dao
2021-05-12 10:56:18 +08:00
Will Sun
eec3619df1
UI enhancement for replication namespace (#14818)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-05-12 10:11:04 +08:00
stonezdj(Daojun Zhang)
a6d92ca807
Merge pull request #14777 from stonezdj/21apr15_declarative_config
Implement declarative configure feature
2021-05-12 09:21:57 +08:00
Daniel Jiang
6d0e391740 Move user related funcs from common/dao
This commit moves more user related funcs, such as ChangePassword,
Login, ChangeUserProfile from common/dao to rely on /pkg/user and
pkg/oidc.
It also removes the code for resetting user's password as it's disabled.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-05-12 01:12:57 +08:00
Wang Yan
b714baae87
fixes immutable rule issue (#14849)
fixes #14568

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-05-11 23:28:03 +08:00
DQ
04ba4a4033 Upgrade chartmuseum version
from 1.12.0 to 1.13.1

Signed-off-by: DQ <dengq@vmware.com>
2021-05-11 13:51:55 +00:00
DQ
9a974d2b2c Upgrade Helm Client Version
From version 3.1.1 to 3.4.2

Signed-off-by: DQ <dengq@vmware.com>
2021-05-11 13:51:55 +00:00
stonezdj
3825220ca6 Implement declarative configure feature
Add env CONFIG_OVERWRITE_JSON for declarative config
Init config with the json in CONFIG_OVERWRITE_JSON in main.go

Signed-off-by: stonezdj <stonezdj@gmail.com>
2021-05-11 20:58:19 +08:00
Wenkai Yin(尹文开)
5cd7594a6a
Merge pull request #14841 from heww/fix-artifact-size-migration
fix: change art_size to bigint in migrations
2021-05-11 13:26:31 +08:00
He Weiwei
476732df89 fix: change art_size to bigint in migrations
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-05-11 04:01:02 +00:00
Wenkai Yin(尹文开)
48fa2d4d7f
Merge pull request #14834 from danfengliu/fix-ca-import-location-issue-and-statistics-test-issue
Fix ca import location issue and statistics test issue
2021-05-11 11:37:47 +08:00
He Weiwei
0d7250f83d
perf: skip db tx for get, head and options api requests (#14837)
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-05-11 10:54:15 +08:00