Commit Graph

10589 Commits

Author SHA1 Message Date
He Weiwei
3ba0d5a590 fix: make a new ctx when start scan all in async
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-01-28 09:45:17 +00:00
Qian Deng
30a89f2368
Merge pull request #14112 from ninjadq/internal_tls_fail_early_without_san
Add sen existed check for internal cert
2021-01-28 17:28:17 +08:00
Qian Deng
ebe05919be
Merge pull request #14078 from ninjadq/fix_self_registration_metric
Fix metric label related things
2021-01-28 17:27:53 +08:00
Qian Deng
6f3774ac8b
Merge pull request #14084 from ninjadq/support_multiple_artifact_type_in_metric
Support multiple artifact type in metric
2021-01-28 17:27:16 +08:00
DQ
051b5f289d Add sen existed check for internal cert
fali ealier when there is no san

Signed-off-by: DQ <dengq@vmware.com>
2021-01-28 08:22:07 +00:00
danfengliu
642bb26c39 Fix nightly issues caused by docker upgrade to 20
1. Local image should be removed, otherwise docker 20 will not tigger
get manifest request to harbor;
2. E2E image Dockerfile update;
3. Fix nighlty test issue of tag retention, add execution refesh to get
result;
4. Fix nighlty test keyword 'Create An New Project And Go Into
Project' issue that waiting long enough time for list display;
5. Add nightly test case, in GUI, scan result will show if cve id exist in allow list configuration;
6. Move proxy cache test to schdule pipeline, it will save some time for
db pipeline.

Signed-off-by: danfengliu <danfengl@vmware.com>
2021-01-28 11:44:32 +08:00
Abigail McCarthy
593ef8b882 update RELEASES.md to includee release checklist
Signed-off-by: Abigail McCarthy <mabigail@vmware.com>
2021-01-27 13:53:51 -05:00
danfengliu
5c9342a338
Merge pull request #14086 from danfengliu/upgrade-to-python3-in-CI-host
Upgrade python to v3 in git action CI host
2021-01-27 18:03:35 +08:00
Daniel Jiang
ea76594469 Improve the way config store transforms a value to string
This commit provide a better way to transform the value to string when
they are loaded from the driver.
Fixes #14074
However the way the config driver loaded config values and configstore
stores it back and forth seems repetitive and should be optimized.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-01-27 08:41:49 +00:00
Will Sun
fbfc943e8f
Fix UI bugs found in round 2 testing (#14098)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-01-27 15:38:17 +08:00
Wenkai Yin(尹文开)
50a1e85095
Make sure the revision of execution isn't null during the upgrade (#14085)
Make sure the revision of execution isn't null during the upgrade
Fixes #14075

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2021-01-27 10:10:36 +08:00
Josh Soref
d45ce5cbf1 Return instead of crashing when New() fails
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
2021-01-26 20:41:18 -05:00
Josh Soref
5be895cb39 Check return from token.DefaultTokenOptions()
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
2021-01-26 20:39:55 -05:00
Dirk Mueller
3ddc44e28b Update oras to 0.9.0 to fix "zip slip" vulnerability
See https://github.com/deislabs/oras/security/advisories/GHSA-g5v4-5x39-vwhx
for details

Signed-off-by: Dirk Mueller <dirk@dmllr.de>
Signed-off-by: Dirk Mueller <dmueller@suse.com>
2021-01-26 20:36:52 +01:00
danfengliu
54b6884853 Upgrade python to v3 in git action CI host
The original python packaged: in git action host is V2, it should be upgraded to
V3.

Signed-off-by: danfengliu <danfengl@vmware.com>
2021-01-26 21:30:03 +08:00
DQ
a7241c1eb6 Fix: Support multiple type for artifact metrics
artiact became a dict

Signed-off-by: DQ <dengq@vmware.com>
2021-01-26 09:05:57 +00:00
DQ
66fd4a9728 change label project id to project name
project_name is more accurate

Signed-off-by: DQ <dengq@vmware.com>
2021-01-26 16:15:04 +08:00
Qian Deng
9574f8c3c6
Merge pull request #14056 from ninjadq/reduce_the_number_of_metrics_in_core
Aggregate  metrics
2021-01-26 10:42:53 +08:00
DQ
23a02bd5a7 Fix sel registration in metric label
Original type is bool, should convert it to string

Signed-off-by: DQ <dengq@vmware.com>
2021-01-25 18:53:10 +08:00
DQ
25ea2b1c82 Use apt to install python in ci
To avoid upstream get_pip.py changes

Signed-off-by: DQ <dengq@vmware.com>
2021-01-25 16:54:09 +08:00
DQ
28ae77e5c6 Aggregate metrics
1. Add operation id in ctx in baseapi before prepare
2. add operation id for registry proxy request
3. use url for other request

Signed-off-by: DQ <dengq@vmware.com>
2021-01-25 09:59:10 +08:00
Daniel Jiang
7039e0d2fe
Merge pull request #14059 from heww/trivy-health-checker
feat: add health checker for trivy when it's enabled
2021-01-24 11:44:10 +08:00
He Weiwei
ff9b515630 feat: add health checker for trivy when it's enabled
Closes #14055

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-01-23 05:45:03 +00:00
Daniel Jiang
d3601e5a92
Merge pull request #14058 from reasonerjt/fix-oidc-helper-npe
Fix a potential nil pointer issue
2021-01-22 20:57:09 +08:00
He Weiwei
e0f7778027
fix: ignore tag in the scan webhook when it's empty (#14057)
Closes #13464

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-01-22 20:08:36 +08:00
Daniel Jiang
5ea43abc67 Fix a potential nil pointer issue
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-01-22 19:02:45 +08:00
Wang Yan
8e7a18dc80
fix robot v1 api update issue (#14050)
For the v1 api, it will not update the description of a robot account.

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-01-22 18:50:16 +08:00
Sven Haardiek
b2fe254974
Username from /userinfo (#14038)
This patch enabled Harbor to receive the username from the /userinfo endpoint
instead of only from the ID Token.

Closes #14037

Signed-off-by: Sven Haardiek <sven@haardiek.de>
2021-01-22 18:48:53 +08:00
Qian Deng
f013d88efc
Merge pull request #14013 from ninjadq/upgrade_script_for_2_2_0
Harbor upgrading for 2.2
2021-01-22 18:10:24 +08:00
Qian Deng
045e1d9abe
Merge pull request #14040 from ninjadq/metric_improvement
Metric improvement
2021-01-22 17:13:57 +08:00
Will Sun
51a541f1e2
Fix UI issue for success rate calculation (#14052)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-01-22 16:44:21 +08:00
DQ
489f31d8fe Add upgrade scirpt for 2.2
1. add metrics config item in config
2. upgrade version in template

Signed-off-by: DQ <dengq@vmware.com>
2021-01-22 16:15:06 +08:00
Wang Yan
dba229d0df
build third party binaries in CI (#14019)
Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-01-22 11:33:42 +08:00
He Weiwei
50b40445f4
feat: add BeforePrepare for operation of swagger API (#14048)
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-01-22 10:44:25 +08:00
Will Sun
19a72cf350
Improve add scanner and add robot page (#14042)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-01-21 10:41:57 +08:00
Will Sun
9a897af67e
Improve vulnerability list page (#14031)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-01-21 10:41:09 +08:00
Wenkai Yin(尹文开)
63831dfd08
Merge pull request #14027 from ywk253100/210116_status
Don't ignore the NotFoundErr when handling the status hook of tasks to avoid the status out of sync
2021-01-20 17:07:18 +08:00
Wenkai Yin
e55c7d05ff Don't ignore the NotFoundErr when handling the status hook of tasks to avoid the status out of sync
Don't ignore the NotFoundErr when handling the status hook of tasks to avoid the status out of sync
Fixes #14016

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2021-01-20 14:53:50 +08:00
Qian Deng
a8e4b09b39
Add exporter to offline and online (#14022)
Signed-off-by: DQ <dengq@vmware.com>
2021-01-20 14:49:06 +08:00
He Weiwei
6a16d9a914
fix: correct Authorize of basic and berer authorizer (#14036)
Closes #13734

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-01-20 14:33:28 +08:00
DQ
c59b437970 Remove empty label in harbor info
some infomation can not get with guest user. So remove them

Signed-off-by: DQ <dengq@vmware.com>
2021-01-20 10:53:55 +08:00
DQ
92cf728371 Add custom cert for exporter
* injecting custom certs related config to exporter

Signed-off-by: DQ <dengq@vmware.com>
2021-01-20 10:52:34 +08:00
danfengliu
d4b7888098
Merge pull request #13882 from danfengliu/fix-nightly-keyword-issues
Add tests and fix nightly issues
2021-01-19 17:28:52 +08:00
sluetze
cc0e2bdd73
updated german translation for 2.2. (#13801)
Signed-off-by: sluetze <13255307+sluetze@users.noreply.github.com>
2021-01-19 17:12:36 +08:00
Danfeng Liu (c)
ddf9d74135 Fix nightly keyword issues
1. Add retry for Get Statics Text keywords make this operation robust;
2. Replace image to one with slash in name for CNAB test, to cover more
condition;
3. Add replication rule deletion verfication in upgrade test;
4. Add non-admin user in pull operation for proxy cache test;
5. Add verification for quota display for upgrade test;
6. Add test for large size of image replication;
7. Add test checkpoint for system robot account py-test script;

Signed-off-by: Danfeng Liu (c) <danfengl@vmware.com>
2021-01-19 15:12:15 +08:00
Daniel Jiang
cccfa40526
Merge pull request #14028 from heww/fix-issue-14000
fix: always remove the robot after scan job finished
2021-01-19 14:33:21 +08:00
DQ
a61e9b0e2e Add san for notary upgrading
if san not exists then remove that cert, prepare will regenerate one

Signed-off-by: DQ <dengq@vmware.com>
2021-01-18 21:00:35 +08:00
He Weiwei
59a0e321ed fix: always remove the robot after scan job finished
1. Register task status change function for the scan job triggered by
scan all.
2. Always to delete the robot account for the scan job after the job is
finished because the job does not retry again when it's failed.

Closes #14000

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-01-18 07:37:09 +00:00
Steven Zou
42559479e6
Merge pull request #14023 from ywk253100/210115_scheduled
Fix the legacy scheduled job issue for GC/scan all
2021-01-18 14:01:01 +08:00
Wenkai Yin(尹文开)
c3b986cbcd
Merge pull request #14012 from ywk253100/210113_replication
Query executions with both vendor type and ID when sweep the execution records
2021-01-18 11:15:31 +08:00