Commit Graph

11134 Commits

Author SHA1 Message Date
孙世军
45d9ece105
Modify CVSS3 column for cve datagrid (#16298)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-01-28 11:46:28 +08:00
Wang Yan
2275c6e969
fix accessory lost tags (#16304)
It needs to copy tags for the accessories.

Signed-off-by: Wang Yan <wangyan@vmware.com>
2022-01-28 10:44:29 +08:00
Yang Jiao
984348e567
Merge pull request #16302 from YangJiao0817/specify-pg-version-13
Specify postgresql version to 13
2022-01-27 17:02:05 +08:00
Yang Jiao
709a154724 Specify postgresql version to 13
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-01-27 06:46:15 +00:00
孙世军
241391984b
Add delete repo permission for robot account (#16297)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-01-27 13:04:18 +08:00
He Weiwei
8554b7d7c5
refactor: replace lib/pq with jackc/pgx (#16267)
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2022-01-27 11:09:37 +08:00
Wang Yan
0a183feab6
add cosign support in replication (#16282)
For the case Harbor-to-Harbor, the accessory can be replicated from source or to target.

Signed-off-by: Wang Yan <wangyan@vmware.com>
2022-01-26 21:35:17 +08:00
MinerYang
158ce0499e
update harbor codacy badge in README.md (#16277)
Signed-off-by: yminer <yminer@vmmware.com>

Co-authored-by: yminer <yminer@vmmware.com>
2022-01-26 18:10:25 +08:00
chlins
b1afd2efb0 fix: skip replication to proxy cache project
Signed-off-by: chlins <chenyuzh@vmware.com>
2022-01-26 17:24:39 +08:00
孙世军
c9af6c0c35
Improve tooltips for LDAP group config (#16280)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-01-25 15:43:21 +08:00
Daniel Jiang
60189f2cef
Merge pull request #16181 from JoooostB/16180-oidc-auto-onboard
Store Username in auto-onboard flow (resolves #16180)
2022-01-25 11:00:38 +08:00
stonezdj(Daojun Zhang)
307b8973ce
Merge pull request #16260 from stonezdj/22jan21_ldap_group_duplicate
Group members lose access to push or see projects on Harbor
2022-01-25 10:15:54 +08:00
Joost Buskermolen
c103a6e9ef
fix: Store Username in auto-onboard flow
Signed-off-by: Joost Buskermolen <joost@buskervezel.nl>

fix: Remove conditional & elaborate comment on fix

Signed-off-by: Joost Buskermolen <joost@buskervezel.nl>

Add conditional to res.Username override

Signed-off-by: Joost Buskermolen <joost@buskervezel.nl>

test: Set Username based on configured UserClaim

Signed-off-by: Joost Buskermolen <joost@buskervezel.nl>

fix: Remove breaking conditional
Username may be set already if the token has a name claim.
Username is should always be set as the autoOnboard setting.

Signed-off-by: Joost Buskermolen <joost@buskervezel.nl>

Remove conditional altogether
autoOnboardUsername should always be the same as Username

Signed-off-by: Joost Buskermolen <joost@buskervezel.nl>
2022-01-24 14:38:23 +01:00
He Weiwei
0b089a16be
Bump up spectral to v6.1.0 (#16263)
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2022-01-24 14:05:37 +08:00
He Weiwei
89fe7b0819
Move removing old version scan reports of trivy to 2.4.2 (#16261)
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2022-01-24 14:05:24 +08:00
Yang Jiao
7100e893f1
Merge pull request #16257 from YangJiao0817/add-copy-cosign-accessory-testcase
Add copy accessory test case
2022-01-24 10:57:39 +08:00
stonezdj
20526c5c52 Group members lose access to push or see projects on Harbor
Handle the case if there is duplicate user group name when onboard ldap user group
   Continue to attach groups when it fail on one item
   Fixes #16220

Signed-off-by: stonezdj <stonezdj@gmail.com>
2022-01-22 15:07:34 +08:00
Shengwen YU
70155172ad
Merge pull request #16246 from zyyw/bump-trivy-v0.22.0
feat: bump TRIVYVERSION to v0.22.0 and bump TRIVYADAPTERVERSION to v0.25.0
2022-01-21 16:59:44 +08:00
Shengwen Yu
46f97ecf6c feat: bump TRIVYVERSION to v0.22.0 and bump TRIVYADAPTERVERSION to v0.25.0
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2022-01-21 09:14:07 +08:00
Yang Jiao
4882def74f Add copy accessory test case
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-01-20 09:26:05 +00:00
Yang Jiao
9afe596403
Merge pull request #16247 from YangJiao0817/add-cosign-api-testcase
Add cosign Artifact API test case
2022-01-20 16:01:20 +08:00
孙世军
feeb54e5f8
upgrade ngx-markdown to the latest version (#16251)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-01-20 15:37:33 +08:00
Morlay
9ad68aa526
Updates goharbor to var IMAGENAMESPACE in Makefiles to make injectable (#15218)
Signed-off-by: Morlay <morlay.null@gmail.com>
2022-01-20 12:14:29 +08:00
Chenyu Zhang
80acbd4966
Merge pull request #16250 from chlins/fix/limit-task-execution-sweep-workers
fix: add worker pool for execution sweep to limit workers
2022-01-20 11:38:04 +08:00
Yang Jiao
5f7f6c7d59 Add cosign Artifact API test case
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-01-20 02:48:56 +00:00
chlins
ed4d9a533e fix: add worker pool for execution sweep to limit workers
Signed-off-by: chlins <chenyuzh@vmware.com>
2022-01-20 10:45:00 +08:00
Yang Jiao
cc26d75b56
Merge pull request #16238 from YangJiao0817/add-cosign-ui-case
Add cosign UI test case
2022-01-18 11:29:17 +08:00
MinerYang
6abc505060
Merge pull request #16239 from MinerYang/bump_up/go_v1.17.6
bump up go version to v1.17.6
2022-01-18 10:32:09 +08:00
Yang Jiao
6e93089845 Add cosign UI test case
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-01-18 02:05:31 +00:00
yminer
9acf3d21ce bump up go version to v1.17.6
Signed-off-by: yminer <yminer@vmmware.com>
2022-01-17 17:45:22 +00:00
Wang Yan
cd8d48794a
update pull policy code (#16237)
Reduce the DB call on pulling artifact with policy disabled

Signed-off-by: Wang Yan <wangyan@vmware.com>
2022-01-17 21:55:20 +08:00
Wang Yan
0b4f98074e
fix cosign conflict error on landing data (#16228)
Cosign client will generate the same signature to the same manifest, ignore the conflict error in middleware

Signed-off-by: Wang Yan <wangyan@vmware.com>
2022-01-17 19:09:56 +08:00
Wang Yan
01c6f6084b
modify artifact copy api to support cosign (#16194)
Signed-off-by: Wang Yan <wangyan@vmware.com>
2022-01-17 15:52:14 +08:00
孙世军
8f77567589
Upgrade UI dependencies (#16233)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-01-17 14:20:20 +08:00
孙世军
cc1a204a6b
Encode repo name for deleting accessory (#16234)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-01-17 14:19:19 +08:00
He Weiwei
097efb201b
fix: Clean old version scan reports of trivy (#16235)
From harbor 2.4, the trivy does not support scan report v1.0, we need to remove the old version scan reports from the DB.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2022-01-17 13:59:28 +08:00
孙世军
7ff0bf188a
Add "expires in" column for robot UI (#16227)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-01-14 15:42:02 +08:00
Yang Jiao
67bf1638d6
Merge pull request #16225 from YangJiao0817/refresh-base-tomain-0114
Refresh base image
2022-01-14 14:45:11 +08:00
MinerYang
719155d595
bump up github.com/opencontainers/runc to v1.0.3 (#16202)
Signed-off-by: yminer <yminer@vmmware.com>

Co-authored-by: yminer <yminer@vmmware.com>
2022-01-14 14:19:31 +08:00
Yang Jiao
029fea1c8a Refresh base image
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-01-14 13:55:31 +08:00
Yang Jiao
3c10fd0db4
Merge pull request #16208 from YangJiao0817/specify-pgsqlversion13
Specify postgresql version to 13
2022-01-14 13:32:10 +08:00
Yang Jiao
07ae331830
Merge pull request #16219 from YangJiao0817/update-deployment-security-case
Update Deployment security Notary xpath
2022-01-13 22:10:17 +08:00
Yang Jiao
cefdfad35a Update Deployment security Notary xpath
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-01-13 07:24:00 +00:00
Shengwen YU
61a0d41532
Merge pull request #16205 from zyyw/current_time_systeminfo
feat: add current_time to the response of systeminfo api when user logged in
2022-01-12 18:35:38 +08:00
Yang Jiao
b4de95941b Specify postgresql version to 13
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-01-12 08:55:42 +00:00
Shengwen Yu
b7af0f1529 feat: add current_time to the response of systeminfo api when user logged in
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2022-01-11 17:36:08 +08:00
孙世军
634f0139a0
Add co-sign checkbox for project policy (#16184)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-01-10 18:14:34 +08:00
Wang Yan
063991078a
Cosign policy checker (#16187)
Enable policy checker for cosign, when it's enabled, user cannot pull artifact without cosign.

Signed-off-by: wang yan <wangyan@vmware.com>
2022-01-10 17:44:01 +08:00
Shengwen YU
c0b496391c
Merge pull request #16094 from zyyw/gc-failure-tolerance
feat: add failure-tolerance for gc
2022-01-10 14:24:54 +08:00
Shengwen Yu
d2ae0165c9 feat: add failure-tolerance for gc
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2022-01-10 11:34:10 +08:00