Upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor.git synced 2024-11-01 16:19:37 +01:00
Code Issues Projects Releases Wiki Activity
8,278 Commits 51 Branches 312 Tags 347 MiB
b7e792737e
Commit Graph

125 Commits

Author SHA1 Message Date
Qian Deng
b7e792737e Fix: using traditional PKCS#1 format RSA key 
The openssl 3.0.0 using newer `PKCS#8` format.
But it's not compatitable with harbor core
So using tradictional format instead

Signed-off-by: Qian Deng <dengq@vmware.com>
 2022-01-07 11:56:50 +08:00
Yang Jiao
7b91cf97ae Upgrade pipenv 
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
 2021-10-13 14:56:27 +08:00
DQ
11f7d69d7c Enhance: prepare package management issue 
replace some python packages to photon one

Signed-off-by: DQ <dengq@vmware.com>
 2021-06-25 15:43:24 +08:00
Qian Deng
52b6a5333a
Add san for notary cert (#13939) 
Signed-off-by: DQ <dengq@vmware.com>
 2021-01-11 11:41:52 +08:00
DQ
712ac4fb5b Add timount on nginx configs 
set timeout to 900

Signed-off-by: DQ <dengq@vmware.com>
 2020-05-26 16:25:31 +08:00
DQ
ac04806336 Fix: GCS storage gc issue 
Mount gcs key to registryctl

Signed-off-by: DQ <dengq@vmware.com>
 2020-04-29 15:21:50 +08:00
He Weiwei
d0189beddd
fix(prepare): not accpet items of false value in external_redis configurations (#11405) 
Item in yaml without value will be as None in python, which will make
the password of redis as `None` in `get_redis_configs`. This fix will
not accept items of `false value` in `external_redis` configurations.

Closes #11367

Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2020-04-03 11:39:25 +08:00
Daniel Jiang
9a8efdb8eb
Merge pull request #11345 from reasonerjt/rm-notary-signer-certs-1.10 
Remove the certs of notary signer - 1.10
 2020-04-01 08:50:43 +08:00
Daniel Jiang
a99609e375 Remove the certs of notary signer 
Since `prepare` generates the certs as needed during installation, these
certs should not exist in the repo.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2020-03-27 19:27:51 +08:00
Ziming Zhang
bd2d3ecc81 feat(cicd) fix build_base_docker and prepare image 
Signed-off-by: Ziming Zhang <zziming@vmware.com>
 2020-03-23 12:03:48 +08:00
DQ
4bbf391d3b Fix: fix logrotate is dir issue 
Change it to bind command

Signed-off-by: DQ <dengq@vmware.com>
 2020-03-13 15:34:07 +08:00
Ziming Zhang
d80322c3b4 feat(cicd) use unified version as tag name, clean more 
Signed-off-by: Ziming Zhang <zziming@vmware.com>
 2020-03-09 16:51:45 +08:00
Ziming Zhang
abfafc29f1 feat(cicd) use unified version as tag name 
Signed-off-by: Ziming Zhang <zziming@vmware.com>
 2020-03-03 20:51:49 +08:00
Daniel Jiang
ae2d0f0588
Merge pull request #10026 from ninjadq/migrator_miss_component_no_proxy_110 
Add default domainname for no_proxy
 2019-12-03 10:51:12 +08:00
DQ
3aedae86b2 Fix ca bundle path join issue 
CA bundle name start with '/' will break the os path join

Signed-off-by: DQ <dengq@vmware.com>
 2019-11-27 18:48:23 +08:00
DQ
a8ac235fa1 Add default domainname for no_proxy 
All internal service and known internal hostname shuold add to no_proxy by default

Signed-off-by: DQ <dengq@vmware.com>
 2019-11-27 17:06:26 +08:00
He Weiwei
b8308f41a0 fix(prepaire,clair): disable clair updaters when its interval is 0 
Closes #9961

Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2019-11-22 03:31:20 +00:00
Daniel Jiang
2fcd174e4b
Merge pull request #9828 from wy65701436/cii-docker-base 
add base images when to build harbor assets
 2019-11-15 14:24:11 +08:00
He Weiwei
fe69a5df99 build(scanner-adapter): bump up clair adapter to v1.0.1-rc2 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2019-11-13 02:35:21 +00:00
wang yan
47793e77e3 update base file name ane pass base version to build file 
Signed-off-by: wang yan <wangyan@vmware.com>
 2019-11-12 19:12:49 +08:00
Wang Yan
544cc98971 add base images when to build harbor assets 
* add base images when to build harbor assets

Signed-off-by: wang yan <wangyan@vmware.com>
 2019-11-12 15:38:51 +08:00
Wang Yan
6da183d576
Merge pull request #9800 from ninjadq/failure_earlier_of_ca_bundle_permission_check 
Failure earlier of ca bundle permission check
 2019-11-11 14:09:21 +08:00
Wang Yan
0b09bd14b1
Merge pull request #9756 from ninjadq/add_ignore_media_type 
Add ignore mediatypes for registry
 2019-11-08 18:34:13 +08:00
DQ
80c3e76b5a check the permission of ca bundle file 
CA bundle need check before use

Signed-off-by: DQ <dengq@vmware.com>
 2019-11-08 15:34:17 +08:00
Daniel Jiang
06e4e124d8
Refine request handle process (#9760) 
* Refine request handle process

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2019-11-07 13:02:17 +08:00
DQ
45868107aa Add ignore mediatypes for registry 
Add these mediatypes to reduce the amount of registry event

Signed-off-by: DQ <dengq@vmware.com>
 2019-11-06 21:39:08 +08:00
Wang Yan
27cb25cc04
Merge pull request #9400 from ninjadq/inject_certs_to_non_root 
Inject certs to non root
 2019-11-05 14:49:08 +08:00
DQ
ece321a53a Change certs's owner to 10000 
Signed-off-by: DQ <dengq@vmware.com>
 2019-11-04 17:38:41 +08:00
Wang Yan
3f39b0ba4f
Merge pull request #9550 from ninjadq/enable_https_by_default 
Enable https by default
 2019-11-04 16:51:33 +08:00
Daniel Jiang
02dab35a43
Merge pull request #9683 from ninjadq/upgrade_python_rand_gen 
Replance python ran lib to secrets
 2019-10-31 21:51:38 +08:00
DQ
873d9f5b82 Enable https by default 
1. Umcomment https related configs
2. Remove the https prepare related thing in ci

Signed-off-by: DQ <dengq@vmware.com>
 2019-10-31 20:58:09 +08:00
DQ
6c01049d94 Replance python ran lib to secrets 
Secrets is included in python 3.6, so just import and use it

Signed-off-by: DQ <dengq@vmware.com>
 2019-10-31 17:23:19 +08:00
wang yan
c46d7e856a add a switcher for quota sync on core launch 
As the quota sync is default called by harbor-core on every launch, and it will break the launch process if any failure throwed.

1, The commit is to provide an switcher for the system admin to bypass the quota sync.
2, In case Harbor goes into the restarting cycle.

Harbor already provides an internal API to sync quota data, in the failure case,
system admin can launch harbor and call the /api/internal/syncquota to sync quota.

Signed-off-by: wang yan <wangyan@vmware.com>
 2019-10-31 16:17:27 +08:00
He Weiwei
b0f7404231
chore(log): log level support for clair adapter (#9640) 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2019-10-29 16:50:26 +08:00
He Weiwei
28e0c0693b Upgrade clair adapter to v1.0.0 
1. Upgrade clair adapter to v1.0.0.
2. Make the clair adapter which installed by harbor immutable and using internal registry address.
3. Add support to build clair adapter image from binary.
4. Switch to ScannerPull action when make authorization for the scan request.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2019-10-26 17:25:36 +00:00
He Weiwei
8964a8697a build(clair): internal clair adapter when install with clair 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2019-10-17 12:00:51 +08:00
stonezdj(Daojun Zhang)
0fa4934679
Merge pull request #8596 from JakubOnderka/patch-4 
nginx: Remove TLSv1.1 support
 2019-10-16 11:39:55 +08:00
Qian Deng
578adaa064
Merge pull request #9240 from ninjadq/add_extra_headers_in_nginx 
Add headers in nginx config file
 2019-09-26 10:27:08 +08:00
DQ
e7394041ab Add headers in nginx config file 
extra headered added in https and http config

Signed-off-by: DQ <dengq@vmware.com>
 2019-09-24 17:50:40 +08:00
Daniel Jiang
3e5973fc6e Add Secure flag to cookie 
This commit modifies nginx configuration file to make sure the secure
flag is added to "Set-Cookie" header when Harbor is serving https

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2019-09-19 21:04:37 +08:00
stonezdj(Daojun Zhang)
ca97c85279
Merge pull request #8927 from ninjadq/fix_config_with_components 
Add logic to read clair and notary config
 2019-09-09 15:50:09 +08:00
DQ
495a257ab5 Add logic to read clair and notary config 
Signed-off-by: DQ <dengq@vmware.com>
 2019-09-05 12:49:32 +08:00
Qian Deng
97c40df40f
Merge pull request #8593 from ninjadq/fix_wording_in_doc 
Update config file names
 2019-09-03 10:53:23 +08:00
DQ
377739204b Update config file names 
Signed-off-by: DQ <dengq@vmware.com>
 2019-09-02 18:19:06 +08:00
stonezdj(Daojun Zhang)
469018ae9e
Merge pull request #8891 from ninjadq/fix_prepare_file_permission 
Fix: prepare permission issue
 2019-09-02 18:07:14 +08:00
Qian Deng
86f2bb26a3 Fix docker-compose file permmission 
non-root user can see the content

Signed-off-by: Qian Deng <dengq@vmware.com>
 2019-09-02 13:57:18 +08:00
DQ
6ed3d52615 Fix: prepare permission issue 
1. recursivele change ownership for all prepare dir
2. database file permission fix

Signed-off-by: DQ <dengq@vmware.com>
 2019-09-02 10:04:38 +08:00
Wang Yan
6e462baa0d
Merge pull request #8837 from ninjadq/disable_redis_n_db_container_if_use_exeternal 
Disable redis and db containers if external db enabled
 2019-09-01 17:47:28 +08:00
He Weiwei
e2a19d8ab9
fix(build): max idle and open conn settings for external db (#8854) 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2019-08-29 15:04:10 +08:00
DQ
fe3c71094b Disable redis and db containers if external db enabled 
If depend on external redis or pg. local db and redis should not start. Therefore can save some resources.

Signed-off-by: DQ <dengq@vmware.com>
 2019-08-26 17:59:13 +08:00