Tan Jiang
b6df6cf169
Add indexes to job tables and bump up schema version.
2018-03-28 16:15:54 +08:00
Tan Jiang
41ce0891ab
Trigger scan job from UI.
2018-03-26 18:07:21 +08:00
Tan Jiang
745b21abbc
Merge remote-tracking branch 'upstream/master' into scan-job-migrate
2018-03-26 15:39:42 +08:00
stone
203b1b52bb
Merge pull request #4415 from stonezdj/user_group_and_project_member
...
Add DAO for user group and project member
2018-03-26 15:21:20 +08:00
Daniel Jiang
93568854d9
Merge pull request #4474 from reasonerjt/job_uuid
...
Update SQL script to add uuid to job tables.
2018-03-26 15:17:53 +08:00
stonezdj
49d960b060
Add DAO for project member and user group
2018-03-26 14:38:32 +08:00
yixingj
cb64ad96ff
Make endpoint configurable
...
Move all the endpoint to harbor.cfg
2018-03-26 10:50:18 +08:00
Tan Jiang
381ecc3521
Merge with master
2018-03-26 10:37:17 +08:00
Tan Jiang
df69f7e410
Fix error in registry_sqlite.sql
2018-03-25 13:47:03 +08:00
Yan
cbcca015b0
add read only mode to stop docker push ( #4433 )
2018-03-23 03:16:08 -07:00
Jesse Hu
0b5e0aa041
Enhance registry docker file to make it work with NFS server ( #4466 )
2018-03-23 17:57:26 +08:00
yixingj
ee6a6af3c5
Add Redis docker file
...
Add the redis docker files
2018-03-23 17:46:43 +08:00
Tan Jiang
6f1c46624f
Update SQL script to add uuid to job tables.
...
We have to add the uuid/id mapping as new job service will only store uuid.
Further work is in feature branch for now, commit this change to
accelerate migration work.
2018-03-23 17:45:50 +08:00
Tan Jiang
7238efd9ae
Integrate new jobservice into docker-compose template
...
This commit doesn't integrate redis. No change to makefile b/c it
should work once the temporary jobservice_v2 folder is renamed to jobservice.
2018-03-22 19:48:22 +08:00
Daniel Jiang
f885de0913
Merge pull request #4449 from ywk253100/180314_filter_by_label
...
Add unique constraint to columns label_id, resource_id, resource_name and resource_type in table harbor_resource_label
2018-03-21 18:37:04 +08:00
Wenkai Yin
83cfe9814d
Add unique constraint to columns label_id, resource_id, resource_name and resource_type in table harbor_resource_label
2018-03-21 16:24:21 +08:00
Yan
5edbd00318
Revise harbor build version ( #4445 )
2018-03-21 13:03:49 +08:00
Wenkai Yin
838b439560
Implement filter repository and tags by label API
2018-03-21 10:51:06 +08:00
Daniel Jiang
62f25be709
Merge pull request #4423 from reasonerjt/config-migration
...
Provide migration scripts for harbor.cfg
2018-03-18 19:56:30 +08:00
Tan Jiang
c8265a8d53
Provide migration scripts for harbor.cfg
...
Default target version is 1.5.0
This is mainly for VIC-appliance upgrade, and should be considered
experimental for oss due to limited test.
Tested with 1.2 and 1.3 harbor.cfg from VIC appliance.
2018-03-16 14:38:50 +08:00
stonezdj
44fc373c6d
Add LDAP Group Search Configure Param
2018-03-15 06:16:47 +08:00
Wenkai Yin
bcf81224ad
Update according to the comments
2018-03-14 13:42:19 +08:00
Wenkai Yin
36b9c4e458
Implement adding/removing labels to/from repositories and images API
2018-03-12 19:30:05 +08:00
Wenkai Yin
379f113452
Implement label management API
2018-03-09 12:17:27 +08:00
Tan Jiang
f83c65bcc5
Reduce the output of build.
...
The following are done to avoid travis-ci failing due to too much log
size.
1) Update Makefile and scripts to make go build less verbose.
2) Make tdnf less verbose
2018-02-27 20:54:52 +08:00
stonezdj
f138067242
Refactor project member
2018-02-09 10:38:51 +08:00
Tan Jiang
07251181b9
Remove extra-hosts from docker-compose template
2018-02-05 00:02:37 +08:00
yixingj
6c8bb9c73f
Refactor DB configuration in harbor.cfg
...
Put harbor_db, clair_db configuration together
2018-02-02 17:14:52 +08:00
Wenkai Yin
2221e114fa
Add SELinux label for all volumes
2018-01-30 14:25:43 +08:00
yixingj
9c8706b0ce
Fix images tag issue.
...
move the image tag out
only remove the first : in the keypair.
2018-01-25 17:34:47 +08:00
Tan Jiang
5975e6b964
Add place holder for injecting UAA host
...
As this is for tile deployment only, so add a shortcut for tile/bosh
script to add entry in /etc/hosts inside the container.
Due to effort consideration I don't think we want to render
docker-compose in `prepare` script.
2018-01-25 13:22:43 +08:00
yixingjia
f676a71422
Merge pull request #4110 from yixingjia/updatekeepalived
...
Update keepalived config file
2018-01-24 12:24:44 +08:00
yixingj
44df82a82d
Update keepalived config file
...
Update the keepalived config file
2018-01-24 10:57:39 +08:00
Jesse Hu
8fe8c2b4ac
Add a space after ':' when generating registry storage yaml config
...
yaml requires 1 or more spaces between the key and value. This patch
is useful in case the user inputs 'key:value' instead of 'key: value'.
2018-01-22 20:14:33 +08:00
yixingjia
208cb02d5c
Merge pull request #4054 from yixingjia/HA_Monitor
...
Keepalived real server check script
2018-01-17 19:03:14 +08:00
yixingj
ffa69bb256
Enhance monitor script for HA
...
Add keepalived real server check script
2018-01-17 14:23:26 +08:00
Wenkai Yin
8cda2d8d65
Merge pull request #4036 from ywk253100/180116_s3
...
Propagate registry storage driver name to adminserver and return it in /api/systeminfo
2018-01-16 18:41:08 +08:00
Daniel Jiang
1595200d05
Merge pull request #4028 from jessehu/reload_config
...
[Issue 4015] Read reload_config option from harbor.cfg
2018-01-16 17:35:04 +08:00
Wenkai Yin
53d5a2256a
Propagate registry storage driver name to adminserver and return it in /api/systeminfo
2018-01-16 16:57:28 +08:00
Deng, Qian
b3e65ed71e
Update migration tool for v1.4
...
1. Update database meta file
2. Add migration file for 1.4
2018-01-16 15:38:51 +08:00
Jesse Hu
b995881cd2
[Issue 4015] Read reload_config option from harbor.cfg
...
If reload_config is true, Harbor will reload all configuration
in harbor.cfg when restarting. It's false by default.
2018-01-16 12:42:30 +08:00
stonezdj
aa4e36c61a
Change ldap scope after refactor
2018-01-08 16:59:15 +08:00
Daniel Jiang
64cc71ea12
Merge pull request #3941 from vmware/replication_enhancement
...
Replication enhancement
2018-01-08 10:56:39 +08:00
Jesse Hu
b1b316a97b
Add registry storage config in harbor.cfg ( #3918 )
...
Refer to https://docs.docker.com/registry/configuration/#storage
for all available configuration.
2018-01-07 17:23:18 +08:00
pfh
13308ce9d8
Merge remote-tracking branch 'upstream/master' into repEnhance
2018-01-05 14:09:03 +08:00
Jesse Hu
4fb947a155
Fix indentation in registry yaml files
2018-01-03 18:28:22 +08:00
Tan Jiang
e02de2068a
Enable configuring the CA Certificate for UAA
...
Enable configuring the path of root cert of UAA in harbor.cfg. It only
takes effects if the verify_cert is set to "true" If the file does not
exist, the configuration is skipped.
The intention for this commit is to support integration with nested UAA
in PAS or PKS, we don't expect user to manually configure this value,
though he can do it if he wants.
2018-01-03 16:21:29 +08:00
yixingjia
5340fed110
Merge pull request #3848 from yixingjia/ClairHA
...
Enable Clair in HA
2018-01-03 11:45:44 +08:00
Wenkai Yin
96a63c56b1
Merge remote-tracking branch 'upstream/master' into 180103_merge
2018-01-03 10:32:03 +08:00
stonezdj
b065f19f51
Add configure parameter ldap_verify_cert to harbor.cfg
2017-12-27 10:21:58 +08:00
Daniel Jiang
1c2d5e8036
Merge pull request #3638 from CMUH/k8s/bump-to-newer-resource
...
Bump many resources type to newer ones of Kubernetes
2017-12-26 11:44:29 +08:00
Deng, Qian
3187dcb5ae
Upgrade Clarity to 0.10.x and Angular To 4.3.0
2017-12-25 16:10:51 +08:00
yixingj
ecd0bbf2dd
Enable Clair in HA
...
Run clair with Core Harbor services
Add check logic for Clair DB
2017-12-21 23:23:35 +08:00
yixingj
f63588855f
Make Clair DB configurable
...
Make the HOST,PORT,USERNAME,DB configurable for
Clair
2017-12-20 18:29:50 +08:00
Daniel Jiang
068d6a35df
Merge pull request #3832 from wy65701436/master
...
Remove the workaroud for avoiding photon distro-sync error
2017-12-20 15:06:43 +08:00
wangyan
b560f6c061
Remove the workaroud for avoiding photon distro-sync error
2017-12-19 21:10:32 -08:00
Daniel Jiang
052521b92c
Merge pull request #3821 from reasonerjt/uaa-restriction
...
Refactor the configuraiton of UAA
2017-12-19 19:36:09 +08:00
Tan Jiang
2ffc58a5d4
Refactor the configuraiton of UAA
...
Remove the attribute "uaa_ca_root" from harbor.cfg and introduce
"uaa_verify_cert". Similar to LDAP settings, this allow user to
explicitly turn of the cert verification against UAA server, such that
the code will work with self-signed certificate.
2017-12-19 14:42:07 +08:00
wangyan
6b7df3636c
Temporary workaround for photon distro-sync error
2017-12-18 22:18:21 -08:00
wangyan
1e750a1ed4
Unify images tags and build process
2017-12-14 23:52:18 -08:00
Wenkai Yin
a54b7dd4c0
Merge remote-tracking branch 'upstream/master' into 171219_merge
2017-12-15 08:48:57 +08:00
Wenkai Yin
665a54edc3
Merge remote-tracking branch 'upstream/master' into 171213_merge
2017-12-13 13:40:24 +08:00
yixingjia
ec269047c7
Merge pull request #3736 from yixingjia/HA
...
HA installation script
2017-12-12 16:27:28 +08:00
yixingjia
f4d0fd4d23
Merge pull request #3640 from yixingjia/moveconftoDB
...
Add database driver for Harbor configurations
2017-12-11 10:42:05 +08:00
yixingj
d328e2586e
HA installation script
...
Add --ha options when install Harbor.
Currently it does nothing.
2017-12-07 22:56:57 +08:00
wangyan
8cd5ac5171
Update prepare chmod to support python3
2017-12-07 00:31:02 -08:00
yixingj
9b03c93afd
Add database driver for Harbor configurations
...
1>Add a new database driver for configurations
2> change the current default driver from json
to database
2017-12-06 13:06:54 +08:00
stone
30e536b18b
Merge pull request #3683 from stonezdj/local_ldap_enhance
...
Ldap enhancement
2017-11-27 14:36:20 +08:00
Wenkai Yin
6b0ee138e5
Implement immediate trigger and the methods of WatchList
2017-11-27 14:23:21 +08:00
A31882(Wu Yi Chung)
0ae6eccde4
Replace Nginx-Proxy with Ingress
2017-11-27 09:25:24 +08:00
A31882(Wu Yi Chung)
ae2b702ea5
Replace ReplicationController with Deployment
2017-11-24 16:50:09 +08:00
A31882(Wu Yi Chung)
ee8144b98a
change config path to fit with what defined in Dockerfile
2017-11-24 16:28:17 +08:00
stonezdj
16243cfbbc
Add LDAP remote certifcate validation
...
push test
Add unit test for ldap verify cert
remove common.VerifyRemoteCert
Update code with PR review comments
Add change ldaps config and add UT testcase for TLS feature
add ldap verfiy cert checkbox about #3513
Draft harbor ova install guide
Search and import ldap user when add project members
Add unit test case for SearchAndImportUser
ova guide
Add ova install guide
Add ova install guide 2
Add ova install guide 3
Call ValidateLdapConf before search ldap
trim space in username
Remove leading space in openLdap username
Remove doc change in this branch
Update unit test for ldap search and import user
Add test case about ldap verify cert checkbox
Modify ldap testcase
2017-11-24 12:41:51 +08:00
yixingj
0af4e3a41d
Fix clair permission issue
...
Clair will call bzr, without -H in sudo it will usr root user's
Home envrionment.
2017-11-23 20:03:57 +08:00
Daniel Jiang
a409cf8088
Merge pull request #3648 from reasonerjt/rebuild-images
...
[Upload Build]Bump up mariaDB's version
2017-11-21 23:47:45 +08:00
Yan
bef15d6180
Merge pull request #3655 from reasonerjt/scanjob-permission-fix
...
Fix permission issue in job_log directory
2017-11-21 23:28:39 +08:00
reasonerjt
074aa352ba
Bump up mariaDB's version
2017-11-21 06:42:41 -08:00
Tan Jiang
b3e0af2382
Fix permission issue in job_log directory
2017-11-21 19:31:15 +08:00
yixingj
ceba1fd629
Fix Clair config permission issue
...
Change config file own to clair
2017-11-21 17:48:48 +08:00
Tan Jiang
e60de3e39d
Update the log level of registry to info
2017-11-20 00:08:47 +08:00
reasonerjt
1f5a9cdee8
Fix issue in Docker files
...
1)Fix a syntax error in clair Dockerfile
2)Fix permission issue in database migrator image.
2017-11-16 01:15:59 -08:00
Ben Sebastian
ef14b1f308
Use dumb-init for Clair entrypoint ( #3361 )
2017-11-16 00:02:09 -06:00
yixingjia
effa92e7f0
Merge pull request #3605 from reasonerjt/dockerfile-refine
...
Refine the Dockerfile
2017-11-13 18:50:12 -08:00
Tan Jiang
6d7c028729
Refine the Dockerfile
...
Refine the Dockerfile to remove temporary workarounds.
Also fixes #3587 , to make sure the configuration files of rsyslog can be
read by uid 10000.
2017-11-13 18:04:17 +08:00
Yan
e91fa5f7a5
Merge pull request #3489 from Evalle/fix-notary-link
...
ISSUE-3460 - Fix link to Notary repo
2017-11-13 16:19:06 +08:00
Daniel Jiang
01493508c1
Merge pull request #3589 from yixingjia/noroot_notary
...
Run notary related images with user notary
2017-11-12 22:56:59 -06:00
Evgeny Shmarnev
6c07689d85
Fix link to Notary repo
2017-11-10 11:16:37 +01:00
yixingj
12abeb0a36
Run notary related images with user notary
...
1>Change the user from root to notary
2>Update the images.
2017-11-10 14:38:41 +08:00
reasonerjt
19a13e8575
Deprivilege harbor-ui harbor-jobservice harbor-adminserver
...
Use non-root user to run the service within these docker images, and provide HEALTHCHECK
mechanism.
2017-11-09 03:09:09 -08:00
Wenkai Yin
367c2b142f
Merge pull request #3571 from ywk253100/171107_log_rotate
...
Improve log rotation configurability
2017-11-09 15:19:18 +08:00
Wenkai Yin
66b9699ac2
Improve log rotation configurability
2017-11-09 14:33:05 +08:00
Daniel Jiang
b654a55e85
Merge pull request #3546 from yixingjia/noroot_clair
...
Run clair with limited user
2017-11-08 13:51:16 +08:00
yixingj
e9d1b89936
Run clair with limited user
...
1>creat user clair
2>run clair with user clair
2017-11-08 12:31:35 +08:00
Daniel Jiang
8dfe5f0bfc
Merge pull request #3536 from ywk253100/171102_fail_earlier
...
Fail earlier when found database schema dismatch
2017-11-07 15:01:14 +08:00
Wenkai Yin
5293a9287b
Fail earlier when found database schema dismatch
2017-11-07 13:07:56 +08:00
reasonerjt
9382cac934
Remove the Dockerfile of rsyslog image
2017-11-05 21:52:23 -08:00
Tan Jiang
512384722a
Make the internal URL of UI and JobService configurable
2017-11-03 20:43:25 +08:00
root
6f335bdb1a
Deprivilege harobr-log, harbor-db, registry image.
...
This change involves using non-root user to run the process of the
docker images. Also made update in Dockerfile to make the containers
support "read-only" and introduce "HEALTHCHECK". Note the "read-only"
options are not enabled in docker-compose, to cover the very corner
case when user wants to update the container filesystem manually.
Remove read only option from docker-compose template by default
2017-11-02 23:35:06 -07:00
Daniel Jiang
6a9dc8a133
Merge pull request #3495 from ywk253100/171031_config
...
Add email_insecure and delete verify_remote_cert configuration item from harbor.cfg
2017-11-02 17:47:48 +08:00
Wenkai Yin
51d5df0849
Update replication policy API to support trigger and filter
2017-11-02 14:59:26 +08:00
Daniel Jiang
f7967e22ab
Merge pull request #3482 from yixingjia/ossclairupdate
...
Update Clair base images
2017-11-02 14:23:33 +08:00
yixingjia
8908b75085
Merge pull request #3481 from yixingjia/ossnotaryupdate
...
Update Notary base images and oss package
2017-10-31 19:46:07 -07:00
Daniel Jiang
f7b4218022
Merge pull request #3476 from yixingjia/ossUpdateUI
...
Update UI image oss package to latest
2017-10-31 17:50:03 +08:00
yixingjia
5e54f793e1
Merge pull request #3477 from yixingjia/ossUpdateRegistry
...
Update registry image oss package to latest
2017-10-31 00:40:07 -07:00
Wenkai Yin
f3a4cecdcb
Add email_insecure and delete verify_remote_cert configuration item from harbor.cfg
2017-10-31 13:51:49 +08:00
Wenkai Yin
0ddca31355
Add column id to table project_metadagta as the primary key
2017-10-30 17:37:25 +08:00
yixingj
651cb81389
Update Clair base images
...
1>update clair base iamges to vmware/photon:1.0
2>update oss packages to latest
2017-10-30 17:04:14 +08:00
yixingj
2953ca9967
Update Notary base images and oss package
...
1> Update Notary server image to vmware/photon
2> Update NOtary signer image to vmware/photon
3> update oss package to latest
2017-10-30 14:46:33 +08:00
yixingj
d8919f4da9
Update Clair base images
...
1>update clair base iamges to vmware/photon:1.0
2>update oss packages to latest
2017-10-30 13:50:44 +08:00
yixingj
beefb40d0d
Update Notary base images and oss package
...
1> Update Notary server image to vmware/photon
2> Update NOtary signer image to vmware/photon
3> update oss package to latest
2017-10-30 13:12:47 +08:00
yixingj
d173fd7256
Update registry image oss package to latest
...
1>Change base image to vmware/photon
2>update oss pakcage and remove vim package.
2017-10-30 11:06:48 +08:00
yixingj
c4024f03a1
Update UI image oss package to latest
...
Update base image to photon
Remove vim from the image
2017-10-30 10:56:18 +08:00
Tan Jiang
5b12747761
Fix the bug to change permission of bootstrap scripts
2017-10-27 14:10:48 +08:00
Tan Jiang
2cedfff4b3
Rebuild Harbor DB docker image on top of Maria DB
...
This change reworked the vmware/harbor-db image to build it on top of
vmware/mariadb-photon.
Also made minor change in the entrypoint script of mariadb image to
execute upgrade script during bootstrap, and fix a file permission
issue in the bootstrap scripts.
2017-10-26 12:27:09 +08:00
Daniel Jiang
bda38bd72e
Merge pull request #3451 from reasonerjt/commit-message
...
Provide a template for git commit messages
2017-10-24 19:20:08 +08:00
Tan Jiang
aa84090587
Provide a template for git commit messages
...
Also removed some comment in the entrypoint script.
2017-10-24 17:54:06 +08:00
yixingjia
160c716d83
Merge pull request #3423 from yixingjia/ossrsyslog
...
Update OSS in rsyslog images
2017-10-23 21:11:51 -07:00
yixingjia
844d3a7893
Merge pull request #3424 from yixingjia/ossJobservice
...
Update OSS package in Jobservice
2017-10-23 21:11:37 -07:00
yixingj
20929350b1
Update OSS in rsyslog images
...
1> change to new photon base images
2> update OSS to latest
2017-10-23 16:37:28 +08:00
Daniel Jiang
cf5bcbebb9
Merge pull request #3415 from reasonerjt/mariadb-on-photon
...
Provide Dockerfile and artifacts for building mariadb on photon OS.
2017-10-23 12:19:04 +08:00
yixingj
535e7cadd5
Update OSS in rsyslog images
...
1> change to new photon base images
2> update OSS to latest
2017-10-23 12:02:22 +08:00
yixingj
83a5ab2818
Update OSS package in Jobservice
...
1>update OSS package in Job eservice images
2>use new photon base images
2017-10-23 10:49:27 +08:00
Wenkai Yin
2156750b04
Move certificate verification to target level
...
The certificate verification is on system level before this commit. Moving it
to target level makes the configuration more flexible for different targets.
2017-10-20 15:36:56 +08:00
Tan Jiang
1871011a5d
Provide Dockerfile and artifacts for building mariadb on photon OS.
...
Also update the docker-compose template such that the notary db instance
will be provisioned via the mariadb-photon image.
2017-10-20 14:41:36 +08:00
Wenkai Yin
66b2d0d3f3
Apply project level policies to standalone Harbor
...
The following features are only enabled in integration mode, this commit moves
these to standalone Harbor:
- Content trust policy: only signed images can be pulled
- Vulnerability policy: only images whose severity is below the threshold can be pulled
- Automatic scan policy: automatic scan pushed images
2017-10-19 17:33:28 +08:00
yixingjia
95743f9a81
Merge pull request #3373 from yixingjia/updatenginx
...
Update nginx images OSS to latest
2017-10-17 22:13:11 -07:00
yixingjia
98472237e5
Merge pull request #3389 from yixingjia/updateadminserver
...
Update OSS packages in adminserver images
2017-10-17 22:12:56 -07:00
yixingj
0f3380c3ef
user change image tag to 20170928
...
due to photon os images 1.0 has bugs.
fallback to 20170928, we shuld change this to 1.0
when the bug fixed.
2017-10-17 16:55:30 +08:00
yixingj
7cf47fafc4
Update docker file
2017-10-17 15:33:07 +08:00
yixingj
882b077d2f
Update OSS packages in adminserver images
...
remove unneeded packages
move to vmware/photon images base
2017-10-17 14:56:34 +08:00
Daniel Jiang
e6874cf9f1
Merge pull request #3383 from reasonerjt/uaa-integration
...
Make the root CA certificate of UAA configurable
2017-10-17 12:20:22 +08:00
Daniel Jiang
b5551af27f
Merge pull request #3382 from ywk253100/171013_rotate
...
Make log rotate days configurable
2017-10-17 11:22:46 +08:00
yixingj
4e9e6b2641
Update adminserver software images
2017-10-17 10:54:00 +08:00
Tan Jiang
eab6b43d99
Make the root CA certificate of UAA should be configurable
2017-10-16 17:40:29 +08:00
Wenkai Yin
bc3d859571
make log rotate days configurable
2017-10-16 17:09:28 +08:00
yixingj
28b60bd197
Update nginx images OSS to latest
...
1>update nginx images OSS to latest
2>Fix nginx version issue
2017-10-13 15:25:19 +08:00
yixingj
3dc0f65fb3
Update OSS in postgresql image
...
1> update OSS in postgresql image
2> update postgresql to 9.6.5
2017-10-12 17:08:47 +08:00
Tan Jiang
51286d9baa
Provide UAA authenticator for password based authentication.
2017-10-07 00:16:53 +08:00
Daniel Jiang
ddaad98526
Merge pull request #3307 from wy65701436/add-build-notary
...
build scripts for notary(signer/server) docker images based on photon 1.0
2017-09-29 17:23:19 +08:00
Daniel Jiang
1bc4db0ec8
Merge pull request #3340 from reasonerjt/k8s-deploy
...
Refine doc, rename script.
2017-09-29 16:42:08 +08:00
Wenkai Yin
b2420c035f
Merge pull request #3336 from ywk253100/170927_pro_policy
...
Implement the default project metadata manager
2017-09-28 17:21:43 +08:00
Tan Jiang
72b9c5f39e
Refine document to add limitation and clarify loading the image, also update the name of prepare script to k8s-prepare, to differentiate the default one.
2017-09-28 16:28:59 +08:00
Wenkai Yin
e495357d98
implement the default project metadata manager
2017-09-28 16:17:51 +08:00
Daniel Jiang
21c4e45cd3
Merge pull request #3302 from reasonerjt/k8s-deploy
...
Refine k8s deployment scripts and document
2017-09-28 13:02:08 +08:00
wangyan
c2e4e9aa1b
remove the binary files from commit, and get them from the private repo.
2017-09-26 17:52:34 +08:00
wangyan
0aac7832eb
automate scripts for notary(signer/server) docker images bases on photon 1.0, code is not based on 0.5.0
...
remove the binary temp folder, just keep on binary path.
2017-09-26 17:21:50 +08:00
Tan Jiang
0615f7ba9b
Refine k8s deployment scripts and document
2017-09-26 13:57:44 +08:00
yixingj
2a53c64c59
move database configuration to HA only seciton
2017-09-25 13:33:45 +08:00
yixingj
6df2623956
Merge branch 'makedatabgaseconfigurable' of github.com:yixingjia/harbor into makedatabgaseconfigurable
2017-09-25 13:31:35 +08:00
yixingj
357004fbf1
Make Harbor database configurable
2017-09-25 13:29:49 +08:00
yixingj
fb690a972f
Make Harbor database configurable
2017-09-22 11:23:08 +08:00
Daniel Jiang
9c6468f963
Merge pull request #3088 from m-masataka/k8s-deploy
...
k8s deployment
2017-09-19 15:22:34 +08:00
yixingj
026e8e7f95
disable nginx buffer
...
When host in low disk status, enable the buffer will cause upload error.
2017-09-01 18:44:13 +08:00
Yan
408c1b429b
update registry image ( #3135 )
...
update
update
2017-08-30 16:13:54 +08:00
yixingjia
8f34945d4b
Merge pull request #3112 from yixingjia/nginx_temp_path
...
Try to fix some wired permission error
2017-08-25 20:32:56 -07:00
yixingj
362bf1a83e
Try to fix some wired permission error
2017-08-24 15:42:20 +08:00
Daniel Jiang
0659edeebc
Merge pull request #2855 from wy65701436/build-registry
...
build registry
2017-08-23 13:58:24 +08:00
Wassim Dhif
70f2865500
use $REGISTRY instead of $4 ( #3103 )
2017-08-22 18:24:34 +08:00
Daniel Jiang
bf8aef8e7e
Merge pull request #3092 from reasonerjt/clair-conf-change
...
Clair conf change
2017-08-22 13:40:18 +08:00
yixingjia
549ad02ac7
Update postgresql to 9.6.4 ( #3093 )
2017-08-21 18:16:57 +08:00
Tan Jiang
c1bbcb5bab
update the interval of clair updater to 12 hours, and update the interval for scan all to 2 hours
2017-08-21 13:45:23 +08:00
root
f9480b92b5
k8s deployment
2017-08-18 18:11:15 +00:00
Wenkai Yin
7296bdc131
increase length of username in database to 256
2017-08-17 15:24:34 +08:00
Daniel Jiang
0b2d7ae6c2
Merge pull request #2973 from reasonerjt/master
...
Enable buffer on nginx
2017-08-07 12:48:24 +08:00
Tan Jiang
885ddfddd0
enable buffer on nginx
2017-08-04 21:22:22 +08:00
Wenkai Yin
232b9ca70c
update the psc token dir
2017-08-02 14:50:49 +08:00
yixingjia
af1b11df2f
Limit clair resource ( #2924 )
...
When run clair full scan it will take more than 60% percent of CPU if no limit
this change to limit clair to use at most 1.5cpu
We can this it to cpus when we move to docker compose3.0
2017-08-02 13:11:26 +08:00
wangyan
efc10127f3
update message
2017-07-26 02:22:03 -07:00
wangyan
c952db3c73
update
2017-07-24 18:32:50 -07:00
wangyan
3f831b2326
update per comments
2017-07-24 17:49:59 -07:00
wangyan
694bbef633
build registry
2017-07-24 03:21:38 -07:00
Yan
686b477775
update registry to 2.6.2 ( #2851 )
...
rm dockerfile
update
add comments
2017-07-24 02:19:32 -07:00
Daniel Jiang
5c8be3502c
Merge pull request #2697 from yixingjia/rsyslog
...
Prepare rsyslog docker based on photon
2017-07-19 18:08:05 +08:00
Wenkai Yin
7573d59624
update token file location
2017-07-19 13:46:10 +08:00
Tan Jiang
629cf29850
The password to access clair db can be configured in harbor.cfg, skip auto-scan if clair-db is not ready
2017-07-17 15:25:47 +08:00
Yan
7040e5ad5a
Clair photon ( #2721 )
...
* update
* update
* modify docker compose
* update tag
* update
2017-07-10 21:00:44 -07:00
Tan Jiang
e1e975096c
add int id for scan overview and revoke the change in beego
2017-07-09 12:37:08 +08:00
yixingjia
326b65ef23
Merge pull request #2700 from yixingjia/upgradeclair
...
Update Clair to 2.0.1
2017-07-06 11:02:56 +08:00
Daniel Jiang
b96770b90a
Merge pull request #2693 from reasonerjt/clair-notification
...
Clair notification handler
2017-07-05 20:18:34 +08:00
Yan
d849c36e3f
Merge pull request #2570 from samifruit514/master
...
Allow 255 chars for Realname
2017-07-05 03:17:57 -07:00
Tan Jiang
8b31715b34
provide Clair notification handler
...
update the timestamp in DB, when handling the notification
2017-07-05 15:35:53 +08:00
yixingj
3d5cd32ee8
Base dockerfile for rsyslog
2017-07-04 17:57:37 +08:00
yixingj
34c812243e
Update Clair to 2.0.1
...
fix the Debian mapping issue.
2017-07-04 17:44:10 +08:00
Yan
2638e3dc7d
Merge pull request #2682 from wy65701436/db-migrate
...
1.2.0 DB migrator
2017-07-03 22:51:31 -07:00
yixingj
2762eec4ed
Prepare rsyslog docker based on photon
2017-07-03 17:57:46 +08:00
Daniel Jiang
1ca1eddb0f
Merge pull request #2676 from yixingjia/nginxonphoton
...
Move nginx to photon OS
2017-07-01 00:08:08 +08:00
wangyan
c986c33a6c
1.2.0 DB migration
...
update
update
2017-06-30 03:01:56 -07:00
Wenkai Yin
bdbdb383ac
update
2017-06-30 16:21:55 +08:00
yixingj
fc50fd51d5
Move nginx to photon OS
2017-06-30 14:03:42 +08:00
Wenkai Yin
84b443e2b2
Merge remote-tracking branch 'upstream/master' into 170628_getpm
...
Conflicts:
src/ui/config/config.go
src/ui/proxy/interceptor_test.go
2017-06-30 00:14:45 +08:00
Wenkai Yin
d6b4330cc8
create a global project manager
2017-06-30 00:08:45 +08:00
yixingjia
b79b80c6ee
Merge pull request #2657 from yixingjia/clairofflinedata
...
Support include offline data on clair startup
2017-06-28 18:01:34 +08:00
yixingj
a23c6ee8c6
Support include offline data on clair startup
2017-06-28 15:45:16 +08:00
Steven Zou
c90dacb0ba
Merge pull request #2648 from steven-zou/master
...
Upgrade UI builder to 1.2.7
2017-06-27 19:26:57 +08:00
yixingjia
a64926231d
Merge pull request #2629 from yixingjia/postgresqlonphoton
...
Update clair postgresql to use photon os
2017-06-27 17:30:26 +08:00
Steven Zou
85db2ad892
fix issue of ui builder image entry command
2017-06-27 13:49:41 +08:00
yixingj
27670742b4
Change version fromat and add init db sql directory
2017-06-26 15:31:34 +08:00
yixingj
e0af9c036f
Update clair postgresql to use photon os
2017-06-26 10:56:29 +08:00
Steven Zou
7c68c1ca69
Enhance script in make/dev/nodeclarity/entrypoint.sh
2017-06-23 18:58:58 +08:00
Steven Zou
a12ec997cc
Fix tooltip cut issue
...
Change Dockerfile of UI builder
2017-06-23 18:58:43 +08:00
Steven Zou
7c0e79d10a
update ui builder to 1.2.6
2017-06-23 18:58:14 +08:00
Steven Zou
deeb37ac87
Update ui building process
2017-06-22 17:09:53 +08:00
Steven Zou
ed1263148f
Merge pull request #2562 from steven-zou/master
...
Refactor harnor portal with sharable components in harbor-ui lib
2017-06-21 16:51:46 +08:00
Archambault, Samuel
18cea61121
Allow 255 chars for Realname
2017-06-19 13:54:21 -04:00
Steven Zou
4d9eeac434
change angualr cli version to 1.2.0
2017-06-19 12:43:43 +08:00
Tan Jiang
15384317e0
add with_clair flag in systeminfo
2017-06-15 16:15:46 +08:00
Daniel Jiang
f61ba725c5
Merge pull request #2505 from wy65701436/master
...
clair integration
2017-06-14 21:02:16 +08:00
wangyan
b71584457f
udpate DB image version
2017-06-14 02:22:26 -07:00
Tan Jiang
ae2d868fd4
handlers for image scan, store results overview in DB
2017-06-13 23:37:54 +08:00
wangyan
02df58b4b6
clair integration
2017-06-13 02:13:24 -07:00
Daniel Jiang
42984fe1c9
refactory for scan job service ( #2459 )
...
* refactory for scan job service and implement ScanJob.
2017-06-08 15:04:23 +08:00
Daniel Jiang
32102c1523
Merge pull request #2332 from vmware/release-1.1.0
...
merge 1.1.0 to master
2017-05-19 07:19:46 -07:00
Daniel Jiang
0b02231093
Update registry img ( #2330 )
...
* update the registry image
* update other yml files and docs to reflect image update
2017-05-19 00:19:27 -07:00
Daniel Jiang
5892ef29c2
Merge pull request #2291 from reasonerjt/vulscan-job-refactory
...
add scan job table and dao functions
2017-05-12 02:45:55 -04:00
Tan Jiang
dcbfb4d309
add scan job table and dao functions
2017-05-11 21:41:57 +08:00
Wenkai Yin
1e28f01365
delete foreign key
2017-05-10 18:28:19 +08:00
Yan
8db1b2807e
Merge pull request #2197 from ywk253100/170502_change_userid
...
Delete column user_id from table access_log
2017-05-10 00:02:54 -07:00
Daniel Jiang
79903ca3f3
Merge pull request #2194 from reasonerjt/create-reverse-proxy
...
create reverse proxy
2017-05-03 15:09:11 +08:00
Wenkai Yin
3be9cca0f5
delete column user_id from table accesslog
2017-05-03 14:18:07 +08:00
Tan Jiang
785298e6b9
create reverseproxy
2017-05-02 20:27:45 +08:00
Wenkai Yin
4eca617916
Merge remote-tracking branch 'upstream/master' into 170427_delete_ownerid
2017-05-02 14:58:36 +08:00
Wenkai Yin
4f9d9ed5d8
delete owner_id column from table repository
2017-05-02 14:57:07 +08:00
kunw
5ed47c0316
Merge release-1.1.0
2017-05-02 13:27:06 +08:00
Tan Jiang
83b9196925
use docker-compose to deploy clair with harbor
2017-04-27 19:13:53 +08:00
Tan Jiang
c3c34ea7c3
set restart policy of notary to 'always'
2017-04-27 17:07:38 +08:00
kunw
eddde3c804
Update for harbor UI builder image.
2017-04-26 16:00:18 +08:00
kunw
ba49eb79f1
Update for ui image building.
2017-04-21 19:34:57 +08:00
wangyan
29845dbcca
add clarity support
2017-04-21 02:08:13 -07:00
Yan
c06abe9b8a
Merge pull request #2026 from wy65701436/1.1.0-document
...
update compile document
2017-04-17 22:16:15 -07:00
wangyan
f41fcdeeb4
update compile document
...
update makefile
update per comments
update document
2017-04-17 04:05:33 -07:00
Haining Henry Zhang
425106524f
update documents ( #2020 )
...
* update change log
* update documents
* update documents
* update AUTHORS
* update README
* update harbor.cfg
2017-04-17 13:46:39 +08:00
wy65701436
20458f88d2
fix mysql image to 5.6.35
2017-04-12 03:47:23 -07:00
Yan
a7d21baebc
Merge branch 'master' into master
2017-04-11 14:19:43 +08:00
wy65701436
91a86faa75
update
2017-04-10 22:33:39 -07:00
wy65701436
ec06bd2073
add crt 0600
2017-04-10 22:06:39 -07:00
Tan Jiang
0471c8ed2c
escape mysql root password
2017-04-11 12:50:13 +08:00
wy65701436
6b2b9cdc83
fix issue 1932
2017-04-09 05:16:52 -07:00
Wenkai Yin
2cdd2bb659
fix word mistake
2017-04-07 18:24:08 +08:00
Tan Jiang
965c7a5e70
reference the patched nginx image
2017-04-07 15:07:46 +08:00
Daniel Jiang
93f5c78b4b
Merge pull request #1948 from ywk253100/170406_secretkey
...
Mount config to another dir, fix #1939
2017-04-07 11:35:58 +08:00
Wenkai Yin
e60fd0530f
mount config to another dir, fix #1939
2017-04-07 09:14:41 +08:00
Tan Jiang
a2726b55a8
Merge remote-tracking branch 'upstream/master' into enable-gzip
2017-04-06 15:28:41 +08:00
Tan Jiang
d527a543bd
enable gzip by default
2017-04-06 14:47:41 +08:00
wy65701436
f6c4137af1
fix issue 1916
2017-04-05 22:53:09 -07:00
Daniel Jiang
7d6d641827
Merge branch 'master' into dev
2017-04-05 17:01:27 +08:00
wy65701436
b827fdd5a5
use gzip to save docker images.
2017-04-04 23:48:29 -07:00
Daniel Jiang
d49a307312
Merge pull request #1868 from reasonerjt/nginx-log-format
...
update nginx log format to include response time
2017-03-30 15:12:30 +08:00
Wenkai Yin
2528ad9c62
Merge pull request #1870 from ywk253100/170330_ca_download_dir
...
Mount ca dir to UI container
2017-03-30 13:52:27 +08:00
Wenkai Yin
ec27e2dc07
remove compress js flag
2017-03-30 12:59:47 +08:00
Wenkai Yin
ee2a6748c0
mount ca dir to container, fix #1829
2017-03-30 12:50:20 +08:00
Tan Jiang
7555dd9d48
update nginx log format to include response time
2017-03-30 12:46:13 +08:00
Tan Jiang
864e0f415e
prepare should remove the temp files generated for creating certificate
2017-03-29 17:08:28 +08:00
Tan Jiang
715d87dc80
fixes #1818
2017-03-28 10:11:13 +08:00
Tan Jiang
851f61032a
Do not generate new alias each time prepare runs
2017-03-24 20:05:13 +08:00
Tan Jiang
a33f4151e2
merge with dev branch
2017-03-24 14:40:34 +08:00
Yan
e2fe74598b
Merge pull request #1776 from wy65701436/dev
...
add -v to docker-compose down
2017-03-24 14:05:48 +08:00
wy65701436
02431de5a4
add -v to docker-compose down
2017-03-23 22:45:01 -07:00
Tan Jiang
3e8d71538f
generate cert for notary signer in prepare,
...
update the default certificates so the subject is formal.
2017-03-24 13:33:49 +08:00
Tan Jiang
90bc280ea1
add a 4443 ssl server to nginx config
2017-03-24 13:16:48 +08:00
Tan Jiang
402a482bc6
generate cert for notary signer in prepare
2017-03-23 21:00:53 +08:00
Tan Jiang
980101eab5
package vmware/registry into offline package
2017-03-23 12:36:36 +08:00
Daniel Jiang
6d013531a7
Merge pull request #1717 from reasonerjt/dev
...
restrict access to notary db
2017-03-23 11:01:01 +08:00
Tan Jiang
44cd3ec85b
update make file and docker compose template
2017-03-22 20:56:08 +08:00
Tan Jiang
f9180c0c96
rebuild registry image on photon
2017-03-22 20:27:15 +08:00
Tan Jiang
3c16d6c1a1
restrict access to notary db
2017-03-22 18:15:16 +08:00
wy65701436
c5633f7ce8
add version support
2017-03-21 04:56:59 -07:00
Daniel Jiang
7f099ebe50
Merge pull request #1703 from reasonerjt/dev
...
Use notary images based on photon, migrate db in notary's images
2017-03-21 19:35:27 +08:00
Tan Jiang
6e09ae89e3
Use notary images based on photon, migrate db in notary's images
2017-03-21 18:46:10 +08:00
Wenkai Yin
383997f785
read capacity from adminserver
2017-03-21 16:28:24 +08:00
Yan
038d7dd90c
Dev new ui ( #1 )
...
* Updates for verfied tags deletion.
* Remove old UI.
* Move i18n folder.
* Updates for latest UI codes.
* make travis with latest dev code.
* update test code
* add cat log
* cat nginx
* cat nginx
* fix template error
* remove --with-notary
* remove controller test
* fix controller test bug
* modify controller test
* debug controller test
* update controller test
* update index title to harbor, discussed with Kun.
* Update package.json
* Merge latest UI changes.
* remove git
2017-03-20 18:51:20 +08:00
Yan
43578a2a6f
Merge pull request #1656 from reasonerjt/dev
...
fix issue in location.conf
2017-03-17 20:03:47 +08:00
Tan Jiang
098d7d5765
fix issue in location.conf
2017-03-17 19:44:54 +08:00
Yan
92d9f8516f
Merge pull request #1626 from ywk253100/170315_registry_upgrade
...
Upgrade registry to 2.6.0
2017-03-17 18:25:22 +08:00
Tan Jiang
9d87279152
fix #1570 , #1628
2017-03-16 16:09:05 +08:00
Wenkai Yin
108aa21499
upgrade registry to 2.6.0
2017-03-16 13:44:16 +08:00
Wenkai Yin
c3626edd42
reset config
2017-03-16 11:27:45 +08:00
kunw
e80840c2d3
Merge remote-tracking branch 'upstream/dev' into dev-revised
2017-03-13 18:23:09 +08:00
Daniel Jiang
f9e8394be9
Merge pull request #1541 from wy65701436/dev
...
to support nortary
2017-03-13 10:45:53 +08:00
wy65701436
fd5a2824b6
update per review.
2017-03-10 02:57:10 -08:00
Tan Jiang
ef906c96d0
provide systeminfo API for UI
2017-03-10 18:53:11 +08:00
kunw
1c2fcc168f
Merge remote-tracking branch 'upstream/dev' into dev-revised
2017-03-10 15:27:35 +08:00
wy65701436
481ba06003
support notary
2017-03-09 03:02:44 -08:00
Tan Jiang
04a5eb6606
notary containers should use syslog as log driver
2017-03-08 17:24:32 +08:00
kunw
f2a1659d96
Merge remote-tracking branch 'upstream/dev' into dev-revised
2017-03-08 15:36:05 +08:00
Aron Parsons
8ab45d439b
label volumes for SELinux
...
allow Harbor to run when dockerd is running with --selinux-enabled
example AVC denials:
type=AVC msg=audit(1488384855.681:154671): avc: denied { read } for pid=454 comm="registry" name="config.yml" dev="dm-8" ino=12583048 scontext=system_u:system_r:svirt_lxc_net_t:s0:c298,c958 tcontext=system_u:object_r:default_t:s0 tclass=file
type=AVC msg=audit(1488384855.681:154671): avc: denied { open } for pid=454 comm="registry" path="/etc/registry/config.yml" dev="dm-8" ino=12583048 scontext=system_u:system_r:svirt_lxc_net_t:s0:c298,c958 tcontext=system_u:object_r:default_t:s0 tclass=file
type=AVC msg=audit(1488384855.687:154672): avc: denied { append } for pid=350 comm=72733A6D61696E20513A526567 name="registry.log" dev="dm-5" ino=4315920 scontext=system_u:system_r:svirt_lxc_net_t:s0:c599,c800 tcontext=system_u:object_r:default_t:s0 tclass=file
type=AVC msg=audit(1488384856.895:154702): avc: denied { remove_name } for pid=708 comm="mysqld" name="4691d4d62464.lower-test" dev="dm-12" ino=402656159 scontext=system_u:system_r:svirt_lxc_net_t:s0:c149,c797 tcontext=system_u:object_r:default_t:s0 tclass=dir
type=AVC msg=audit(1488384856.926:154703): avc: denied { lock } for pid=708 comm="mysqld" path="/var/lib/mysql/ibdata1" dev="dm-12" ino=402656097 scontext=system_u:system_r:svirt_lxc_net_t:s0:c149,c797 tcontext=system_u:object_r:default_t:s0 tclass=file
type=AVC msg=audit(1488384857.958:154736): avc: denied { open } for pid=924 comm="harbor_jobservi" path="/etc/jobservice/app.conf" dev="dm-8" ino=142 scontext=system_u:system_r:svirt_lxc_net_t:s0:c102,c158 tcontext=system_u:object_r:default_t:s0 tclass=file
type=AVC msg=audit(1488384858.089:154737): avc: denied { read } for pid=1017 comm="nginx" name="nginx.conf" dev="dm-8" ino=4194445 scontext=system_u:system_r:svirt_lxc_net_t:s0:c847,c996 tcontext=system_u:object_r:default_t:s0 tclass=file
type=AVC msg=audit(1488384858.089:154737): avc: denied { open } for pid=1017 comm="nginx" path="/etc/nginx/nginx.conf" dev="dm-8" ino=4194445 scontext=system_u:system_r:svirt_lxc_net_t:s0:c847,c996 tcontext=system_u:object_r:default_t:s0 tclass=file
2017-03-03 14:13:39 -05:00
Wenkai Yin
a4cb261df9
read some configs from env
2017-03-02 13:24:41 +08:00
kunw
dbce11ce42
Updates for node clarity build.
2017-03-01 17:14:09 +08:00
kunw
f517502193
Merge remote-tracking branch 'upstream/dev' into dev-revised
2017-02-28 12:17:34 +08:00
kunw
f01569c4dd
Updates for clarity docker-compose files.
2017-02-27 22:07:39 +08:00
Tan Jiang
6454ccfc3a
fix the 'v2' URL conflict issue, and remove the work around in token service code
2017-02-27 21:01:26 +08:00
Wenkai Yin
5b885a7ad6
Merge pull request #1469 from yhua123/dev
...
fix #1332
2017-02-27 19:21:25 +08:00
yhua
9f18c8458b
fix #1332
2017-02-27 18:52:22 +08:00
Steven Zou
2e20a65121
Merge pull request #1458 from wknet123/harbor-clarity-integration
...
Merge Harbor clarity integration to into Dev branch.
2017-02-27 16:20:22 +08:00
kunw
46cef020eb
Rename directory name.
2017-02-27 11:41:46 +08:00
Tan Jiang
7620cd3b86
refactor token service
2017-02-26 19:53:13 +08:00
kunw
23f0ff1ea5
Refactor Harbor Clarity integration code structure.
2017-02-24 17:54:50 +08:00
Wenkai Yin
9f3f48be59
add harbor network to adminserver
2017-02-24 14:35:11 +08:00
kunw
914255d6c2
Updates for docker-compose sources.
2017-02-24 14:12:45 +08:00
Wenkai Yin
414e8a8bcf
Merge remote-tracking branch 'upstream/dev' into 170224_merge_config
...
Conflicts:
make/docker-compose.tpl
src/ui/service/token/authutils.go
2017-02-24 13:52:19 +08:00
Wenkai Yin
a1858098c5
using different secret to mark himself when communicates with other components
2017-02-23 18:24:32 +08:00