Commit Graph

10165 Commits

Author SHA1 Message Date
prahaladdarkin
a890b28e1e
Store vulnerability data from scanner into a relational format (#13616)
feat: Store vulnerability report from scanner into a relational format

Convert vulnerability report JSON obtained  from scanner into a relational format describe in:https://github.com/goharbor/community/pull/145

Signed-off-by: prahaladdarkin <prahaladd@vmware.com>
2020-12-25 08:47:46 +08:00
Wang Yan
47841a04b9
fix quota cannot be updated after gc (#13844)
Signed-off-by: Wang Yan <wangyan@vmware.com>
2020-12-24 20:10:57 +08:00
Will Sun
75da08303a
Improve scan all page
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-12-24 17:36:03 +08:00
Wenkai Yin
923a538570 Provide the function to update extra attributes in the task manager
Provide the function to update extra attributes in the task manager

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-12-24 15:52:37 +08:00
He Weiwei
7b4c4b76e7
feat: add trigger to the metrics of the scan all job (#13838)
Add the trigger to the metrics of the scan all job so that the customer
can know who trigger the latest scan all job.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-12-24 14:30:43 +08:00
Wang Yan
7a8a8fa104
upgrade go version to v1.15.6 (#13836)
Signed-off-by: wang yan <wangyan@vmware.com>
2020-12-23 18:53:09 +08:00
Wenkai Yin(尹文开)
d32a243508
Use the same transaction to remove the schedule to avoid dead lock in database (#13820)
Use the same transaction to remove the schedule to avoid dead lock in database
Fixes #13808

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-12-23 15:37:51 +08:00
Will Sun
28734d7ac4
Fix a save button bug on system setting page (#13830)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-12-23 13:00:45 +08:00
Daniel Jiang
c660727877
Merge pull request #13800 from reasonerjt/authproxy-redirect
Add handler to handle redirect via authproxy
2020-12-23 03:00:18 +08:00
stonezdj(Daojun Zhang)
bc0b6b43ed
Merge pull request #13791 from reasonerjt/oidc-redirect-extra-parm
Add extra parms when forming redirect URI for OIDC
2020-12-22 21:45:53 +08:00
Daniel Jiang
7321e3547d Add handler to handle redirect via authproxy
This commit add a handler to handle the request to
"/c/authproxy/redirect".  Harbor is configured to authenticate against
an authproxy, if a request with query string `?token=xxxx`
is sent to this URI, the handler will do tokenreview according to the
setting of authproxy and simulate a `login` workflow based on the result
of token review.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-12-22 18:59:17 +08:00
He Weiwei
3831e82b20
refactor: remove code of admin job (#13819)
Remove code of admin job as it's not needed by scan all/gc now.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-12-22 11:48:16 +08:00
He Weiwei
8fa03e3739
refactor: remove code of scan all job (#13821)
Remove code of scan all job as it's implemented by execution now.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-12-22 11:39:18 +08:00
Wenkai Yin(尹文开)
53c8ad8228
Merge pull request #13813 from heww/scan-all-apis
refactor(api): move scan all apis to go-swagger
2020-12-21 16:40:09 +08:00
fanjiankong
1b93a9f4b0 Remove some TCR UT Case
Signed-off-by: fanjiankong <fanjiankong@tencent.com>
2020-12-21 16:24:46 +08:00
Qian Deng
31138f12b0
Merge pull request #13806 from ninjadq/fix_python_yaml_load
Fix pythom yaml load to safe_load
2020-12-21 16:04:12 +08:00
Will Sun
86e1732b16
Merge pull request #13817 from AllForNothing/filter
Fix filter bug for replication tasks page
2020-12-21 16:02:39 +08:00
Qian Deng
9197471e70
Add Scan for internal tls (#13810)
Signed-off-by: DQ <dengq@vmware.com>
2020-12-21 15:23:11 +08:00
AllForNothing
b749ba4e54 Fix filter bug for replication tasks page
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-12-21 15:11:35 +08:00
He Weiwei
ce6ed3eeb7 refactor(api): move scan all apis to go-swagger
Move scan all APIs from beego to go-swagger.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-12-21 02:17:02 +00:00
Wang Yan
9bc6f3cee4
fix robot account update issue (#13741)
* fix robot account update issue

enable the update method to support both v1 & v2 robot update

Signed-off-by: Wang Yan <wangyan@vmware.com>

* resolve review comments

Signed-off-by: Wang Yan <wangyan@vmware.com>
2020-12-18 20:01:26 +08:00
danfengliu
045f0aab45
Merge pull request #13750 from danfengliu/add-py-test-for-scan-manifest-list
Add py-test for scan manifest list and CNAB bundle
2020-12-18 17:34:41 +08:00
danfengliu
4f0842bd23 Add py-test for scan manifest list and CNAB bundle
Due to complicate logic of scan report in multi-level artifacts, should add scan tests
for into manifest list and CNAB bundle python test suit.

Signed-off-by: danfengliu <danfengl@vmware.com>
2020-12-18 16:37:53 +08:00
Wang Yan
6bc1047013
migration admin job data (#13766)
1, migrate gc and scan all schedule to schedule/task/exectuion
2, migrate gc history to task/execution

Signed-off-by: Wang Yan <wangyan@vmware.com>
2020-12-18 16:35:24 +08:00
Will Sun
4392a626f3
Merge pull request #13804 from AllForNothing/scan-all
Fix robot account UI issues
2020-12-18 15:48:26 +08:00
Wang Yan
e9797d7c16
fix gc log not found issue (#13790)
It needs to use the execution ID to get task firstly and then use the required task id to query GC log

Signed-off-by: Wang Yan <wangyan@vmware.com>
2020-12-18 14:50:50 +08:00
Qian Deng
64fcfeaa2f
Merge pull request #13754 from ninjadq/fix_loglevel_parsing_for_registry
Fix log level issue in registry
2020-12-18 14:47:15 +08:00
AllForNothing
b20cc474b3 Fix robot account UI issues
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-12-18 14:11:08 +08:00
stonezdj(Daojun Zhang)
98f3c5d452
Merge pull request #13803 from stonezdj/201212_revert_add_contenttype
Revert "Add content type and length in header"
2020-12-18 13:22:30 +08:00
stonezdj
3334defd92 Revert "fix issue"
This reverts commit e6f80259
This reverts commit 918fe125

Signed-off-by: stonezdj <stonezdj@gmail.com>

Revert "Add content type and length in header"

This reverts commit ca379111

Signed-off-by: stonezdj <stonezdj@gmail.com>
2020-12-18 12:35:39 +08:00
stonezdj(Daojun Zhang)
05f327cfbd
Merge pull request #13751 from stonezdj/201211_add_content_type_length
Add content type and length in header
2020-12-17 18:19:38 +08:00
Wang Yan
dfe678457f
fixes robot account list permission issue (#13792)
fixes #13786, do not add the removed project into the permission list of a system level robot account.

Signed-off-by: Wang Yan <wangyan@vmware.com>
2020-12-17 17:50:14 +08:00
He Weiwei
792dcc4ac3
fix(scan): returns 400 when artifact not support by scanner (#13785)
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-12-17 16:58:49 +08:00
stonezdj
e6f80259f7 fix issue
Signed-off-by: stonezdj <stonezdj@gmail.com>
2020-12-17 16:33:17 +08:00
He Weiwei
164acad24f
build: add cleanbaseimage target in Makefile (#13777)
Add cleanbaseimage target in Makefile, and append it to the dependencies
of the cleanall target.

Closes #13602

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-12-17 16:18:12 +08:00
stonezdj
918fe125b7 fix issue
Signed-off-by: stonezdj <stonezdj@gmail.com>
2020-12-17 16:17:56 +08:00
stonezdj
ca37911113 Add content type and length in header
Fixes #13740
Update ManifestExist to return Descriptor instead of digest

Signed-off-by: stonezdj <stonezdj@gmail.com>
2020-12-17 15:42:49 +08:00
Daniel Jiang
bc2a161f13
Merge pull request #13789 from heww/fix-codeql-errors
fix: fix errors detected by codeql
2020-12-17 15:16:51 +08:00
He Weiwei
18b850782e fix: fix errors detected by codeql
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-12-17 06:15:34 +00:00
Daniel Jiang
c1c55d0cee Add extra parms when forming redirect URI for OIDC
Fixes #13092

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-12-16 19:41:13 +08:00
DQ
234b29e170 Fix pythom yaml load to safe_load
Signed-off-by: DQ <dengq@vmware.com>
2020-12-16 14:59:06 +08:00
Daniel Jiang
b0c8cadad7
Add default CVE allowlist to project library (#13770)
fixes #12700

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-12-16 14:20:56 +08:00
Daniel Jiang
3b04d2f8f5
Escape the values to contains operator in dao packages (#13774)
fixes #13018

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-12-16 14:19:20 +08:00
Will Sun
488d802a2b
Merge pull request #13768 from AllForNothing/permission-list
Add new permissions to robot account
2020-12-16 13:30:24 +08:00
Wang Yan
01eb60c36b
add permission checking for gc operation (#13756)
Signed-off-by: Wang Yan <wangyan@vmware.com>
2020-12-15 23:27:12 +08:00
AllForNothing
055572df3d Add new permissions to robot account
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-12-15 18:34:37 +08:00
stonezdj(Daojun Zhang)
1eb0287ecb
Merge pull request #13709 from stonezdj/201209_dockerhub_limit2
Cache manifest list for proxy cache
2020-12-15 14:03:39 +08:00
Will Sun
6849cd03a9
Merge pull request #13719 from sluetze/13568-typofix
fixed small typos in variable names
2020-12-15 13:47:30 +08:00
stonezdj
670a94835b Cache manifest list for proxy cache
Fixes #13566: Quota of dockerhub is still used in v2.1.1 after the image is cached
Cache manifest list in redis cache.
Trade off between efficiency and data integrity, it might cause the proxy cache return the full content of a manifest list instead of the actual manifest list saved in the Harbor storage, which is a part of the manifest list. but this change doesn't break any /v2/ API, just caches full manifest list.

Signed-off-by: stonezdj <stonezdj@gmail.com>
2020-12-15 11:30:30 +08:00
He Weiwei
10e4350360
test(cache): increase sleep time to fix ut (#13761)
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-12-14 19:22:42 +08:00