Commit Graph

12164 Commits

Author SHA1 Message Date
Vadim Bauer
b99feb0d58
Merge branch 'main' into reduce-image-size 2024-07-09 15:36:16 +02:00
stonezdj(Daojun Zhang)
f86f1cebc3
Change the log message when PostScan failed. (#20650)
fixes #20573
  remove s from additions/sboms in the link

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
2024-07-04 15:42:12 +08:00
Mohamed Awnallah
cc1acc3890
JobService: fix for missing log data in jobservice DB logging (#20684)
* 20548 MISSING CONDITION FOR RETURNING LOG DATA

As per bug 20548, if DB logging is enabled for jobservice and the parameter is also set for maximum log size
the log data is not being returned and 'Clean Up->Show GC Logs' shows a blank page

Signed-off-by: Mohamed Awnallah <mohamedmohey2352@gmail.com>
Co-authored-by: Nick Hindley <no-reply@example.com>

* db_getter_test.go: test fix for missing log data in jobservice DB logging

Signed-off-by: Mohamed Awnallah <mohamedmohey2352@gmail.com>

---------

Signed-off-by: Mohamed Awnallah <mohamedmohey2352@gmail.com>
Co-authored-by: Nick Hindley <no-reply@example.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-07-04 11:30:03 +08:00
dependabot[bot]
27e06ac609
chore(deps): bump github.com/google/go-containerregistry from 0.19.0 to 0.19.2 in /src (#20656)
chore(deps): bump github.com/google/go-containerregistry in /src

Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry) from 0.19.0 to 0.19.2.
- [Release notes](https://github.com/google/go-containerregistry/releases)
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml)
- [Commits](https://github.com/google/go-containerregistry/compare/v0.19.0...v0.19.2)

---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-07-02 17:01:50 +08:00
dependabot[bot]
707c35c76e
chore(deps): bump k8s.io/api from 0.30.0 to 0.30.2 in /src (#20655)
Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.30.0 to 0.30.2.
- [Commits](https://github.com/kubernetes/api/compare/v0.30.0...v0.30.2)

---
updated-dependencies:
- dependency-name: k8s.io/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-07-02 16:25:46 +08:00
dependabot[bot]
0eb7505326
chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp from 1.26.0 to 1.27.0 in /src (#20653)
chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp

Bumps [go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp](https://github.com/open-telemetry/opentelemetry-go) from 1.26.0 to 1.27.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.26.0...v1.27.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-07-02 15:46:45 +08:00
Chlins Zhang
7ffc3780e7
fix: correct the API data for the dependencies of the helm chart (#20676)
Fix the handle logic of the chart operator, correct the data for the
dependencies of the helm chart.

Signed-off-by: chlins <chlins.zhang@gmail.com>
2024-07-01 09:25:41 +08:00
MinerYang
562c01ea81
bump up beego to v2.2.1 (#20555)
bump up beego v2.2.1

Signed-off-by: yminer <yminer@vmware.com>
2024-06-27 14:38:18 +08:00
Florian Blampey
2332953c88
Add SBOM translation for fr_FR (#20625)
Add translation for fr_FR

Signed-off-by: Florian Blampey <flbla@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-06-26 13:08:22 +00:00
Chlins Zhang
35d1032ff7
fix: disable the scan related button when installation without scanner or scanner deactived (#20652)
Signed-off-by: chlins <chlins.zhang@gmail.com>
2024-06-25 14:24:38 +08:00
Shengwen YU
04b0cc0b08
fix: change coporate harbor to registry.goharbor.io (#20651)
fix: change coporate harbor to registry.goharbor.io and configurable

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2024-06-24 17:09:10 +08:00
stonezdj(Daojun Zhang)
ab13c6571b
Add translation for zh_CN (#20617)
add  sbom translation for zh_CN

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
2024-06-23 09:10:29 +08:00
dependabot[bot]
e175c898f3
chore(deps): bump helm.sh/helm/v3 from 3.14.4 to 3.15.2 in /src (#20609)
Bumps [helm.sh/helm/v3](https://github.com/helm/helm) from 3.14.4 to 3.15.2.
- [Release notes](https://github.com/helm/helm/releases)
- [Commits](https://github.com/helm/helm/compare/v3.14.4...v3.15.2)

---
updated-dependencies:
- dependency-name: helm.sh/helm/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-06-21 18:25:40 +08:00
dependabot[bot]
76851493e9
chore(deps): bump golang.org/x/net from 0.25.0 to 0.26.0 in /src (#20567)
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.25.0 to 0.26.0.
- [Commits](https://github.com/golang/net/compare/v0.25.0...v0.26.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-06-21 17:37:11 +08:00
Mitsuru Kariya
02d042a6b9
Reduce image size
Do following actions to reduce the size of the generated images.

- Change `COPY` command + `chown`/`chmod` command to `COPY` command +
  `--chown`/`--chmod` option.
  To prevent both files before/after `chown`/`chmod` commands from being
  recorded on different layers.
- Put all `tdnf` commands in a single `RUN` command and move `tdnf clean all`
  command to the end.
  To prevent the `tdnf` cache from being recorded on a layer, and the `tdnf`
  database from being recorded on multiple layers.
- Add `--link` option to `COPY` command.
  This does not contribute to image size reduction, but makes image building
  more efficient.
- Move `chown /etc/pki/tls/certs` to the `Dockerfile.base`.
  This does not contribute to image size reduction, but is used in
  conjunction with `COPY --link` to make image building more efficient.

The target images and their sizes are as follows. (The sizes are the value
when built locally)

- harbor-core : 185MB -> 118MB
- harbor-db : 285MB -> 263MB
- harbor-exporter : 108MB -> 79.1MB
- harbor-jobservice : 159MB -> 105MB
- harbor-registryctl : 160MB -> 104MB
- redis-photon : 179MB -> 170 MB
- standalone-db-migrator : 328MB -> 284MB

Note that harbor-log, harbor-portal, and nginx-photon have almost no effect,
and prepare is not directly executed by the user, so they are not included.

Also, registry-photon and trivy-adapter-photon are not included, since
PR#20622 and PR#20623 include equivalent action for these two, respectively.

Signed-off-by: Mitsuru Kariya <mitsuru.kariya@nttdata.com>
2024-06-21 02:08:34 +09:00
Shengwen YU
bb2c62c4c5
fix: update the cron of execution sweep in test (#20636)
fix: update the cron of execution sweep in test per the change of this
PR: https://github.com/goharbor/harbor/pull/20601

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2024-06-20 14:43:19 +08:00
Chlins Zhang
c75d08fcc4
fix: hide the scan related button when installation without scanner (#20616)
Signed-off-by: chlins <chlins.zhang@gmail.com>
2024-06-20 13:30:02 +08:00
stonezdj(Daojun Zhang)
02b3561fff
Add menu item for ko_KR local (#20602)
fixes #20600

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-06-17 11:47:05 +00:00
Chlins Zhang
ac671617fb
fix: reduce the execution sweep job frequency from hourly to daily (#20601)
Signed-off-by: chlins <chlins.zhang@gmail.com>
2024-06-17 11:06:15 +00:00
Chlins Zhang
df4ab856c7
fix: update the execution sweep sql to resolve the exec deletion conflict (#20603)
fix: update the execution sweep sql to resolve the exec deleteion conflict

Resolve the execution deleteion conflict when there are tasks still
referenced by the execution, remained execs can wait for next sweep
cycle.

Signed-off-by: chlins <chlins.zhang@gmail.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
2024-06-17 18:29:43 +08:00
stonezdj(Daojun Zhang)
793dc54aec
Remove the delete local manifest when remote doesn't exist (#20597)
Previous impl it calls c.local.DeleteManifest(remoteRepo, art.Tag), because the remoteRepo is incorrect repository and it always delete nothing, to keep consistency with the previous version and code clarity, remove this go routine

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
2024-06-17 15:02:58 +08:00
stonezdj(Daojun Zhang)
e960711579
Use internal registry url to push artifact accessory (#20575)
fixes #20565

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
2024-06-14 17:10:52 +08:00
Chlins Zhang
6a38ed3d77
style: delete duplicate error check in artifacttrash dao (#20557)
Signed-off-by: chlins <chlins.zhang@gmail.com>
2024-06-12 10:16:55 +00:00
Shengwen YU
1c9cb2e253
fix: update image tag for nightly-trivy-scan (#20574)
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2024-06-12 13:54:14 +08:00
stonezdj(Daojun Zhang)
b5f7a61e36
Adjust the query by UUID sql so that it can use the idx_task_extra_at… (#20545)
Adjust the query by UUID sql so that it can use the idx_task_extra_attrs_report_uuids

 fixes #20505

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
2024-06-11 06:37:53 +00:00
Shengwen YU
cea7ed0b04
fix: update VERSION to v2.12.0 (#20559)
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2024-06-07 10:58:45 +08:00
Shengwen YU
53d0122e2b
doc: update minor release support matrix with v2.11.x (#20558)
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2024-06-07 09:28:59 +08:00
dependabot[bot]
b3698d15c5
chore(deps): bump go.opentelemetry.io/otel from 1.26.0 to 1.27.0 in /src (#20488)
Bumps [go.opentelemetry.io/otel](https://github.com/open-telemetry/opentelemetry-go) from 1.26.0 to 1.27.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.26.0...v1.27.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-06-06 04:51:27 +00:00
dependabot[bot]
65bbe120d5
chore(deps): bump github.com/volcengine/volcengine-go-sdk from 1.0.97 to 1.0.138 in /src (#20541)
chore(deps): bump github.com/volcengine/volcengine-go-sdk in /src

Bumps [github.com/volcengine/volcengine-go-sdk](https://github.com/volcengine/volcengine-go-sdk) from 1.0.97 to 1.0.138.
- [Release notes](https://github.com/volcengine/volcengine-go-sdk/releases)
- [Commits](https://github.com/volcengine/volcengine-go-sdk/compare/v1.0.97...v1.0.138)

---
updated-dependencies:
- dependency-name: github.com/volcengine/volcengine-go-sdk
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-06-06 12:15:43 +08:00
dependabot[bot]
bd82ba7071
chore(deps): bump github.com/aws/aws-sdk-go from 1.50.24 to 1.53.14 in /src (#20542)
chore(deps): bump github.com/aws/aws-sdk-go in /src

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.50.24 to 1.53.14.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.50.24...v1.53.14)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-06-06 11:32:34 +08:00
dependabot[bot]
83c3c2bf26
chore(deps): bump github.com/go-asn1-ber/asn1-ber from 1.5.6 to 1.5.7 in /src (#20487)
chore(deps): bump github.com/go-asn1-ber/asn1-ber in /src

Bumps [github.com/go-asn1-ber/asn1-ber](https://github.com/go-asn1-ber/asn1-ber) from 1.5.6 to 1.5.7.
- [Release notes](https://github.com/go-asn1-ber/asn1-ber/releases)
- [Commits](https://github.com/go-asn1-ber/asn1-ber/compare/v1.5.6...v1.5.7)

---
updated-dependencies:
- dependency-name: github.com/go-asn1-ber/asn1-ber
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-06-06 10:32:52 +08:00
Lichao Xue
115827cac7
Fixes-20537 SBOM tab should not exist when the artifact is helm package (#20538)
Fixes-20537 SBOM tab should not exist when the artifact is oci-compliant helm-chart

Signed-off-by: xuelichao <xuel@vmware.com>
2024-06-03 19:44:38 +08:00
stonezdj(Daojun Zhang)
74f4a358f8
No sbom_overview when sbom is deleted (#20533)
fixes #20529

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
2024-06-03 13:38:30 +08:00
stonezdj(Daojun Zhang)
30767f6612
Response an error message when there is incomplete sbom generate job (#20526)
Response an error message when there is uncomplete sbom generate job

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
2024-05-31 17:20:53 +08:00
Wang Yan
7645ec7ccc
fix http client to push sbom accessory (#20525)
Signed-off-by: wang yan <wangyan@vmware.com>
2024-05-31 16:43:13 +08:00
Wang Yan
d8475906ba
fix 20518 (#20521)
fixes #20518
Since there is no report for the replicated artifact, update to use the artifact id to remove accessories.

Signed-off-by: wang yan <wangyan@vmware.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-05-30 19:50:03 +08:00
Lichao Xue
1a36a95a2b
Fix UI bugs - Pagination is missing on tag immutability rules (#20501)
Fix UI bugs- Pagination is missing on tag immutability rules

Signed-off-by: xuelichao <xuel@vmware.com>
2024-05-30 18:18:57 +08:00
Wang Yan
8bc76a6548
tls support for pushing sbom (#20514)
Make it supports the tls configuration for the client for pushing sbom object

Signed-off-by: wang yan <wangyan@vmware.com>
2024-05-30 13:40:37 +08:00
stonezdj(Daojun Zhang)
05c1c2825f
Fix tooltip issue related to SBOM.Details (#20510)
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
2024-05-30 03:35:04 +00:00
Wang Yan
7339bfa9b0
Fix multiple SBOM (#20503)
fix 20496

fixes #20496

Harbor will reserve one SBOM accessory artifact for each subject artifact. Ensure all existing SBOMs are removed before generating the next set.

Signed-off-by: wang yan <wangyan@vmware.com>
2024-05-29 18:25:26 +08:00
stonezdj(Daojun Zhang)
6d782ae695
Separate the execution vendor type sbom from image_scan (#20504)
Add vendor type SBOM for execution
  fixes #20495

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
2024-05-29 15:45:28 +08:00
stonezdj(Daojun Zhang)
1f0c8289a5
Add sbom_report table to store sbom related information (#20473)
fixes #20445
  Refactor scan/base_controller.go
  Move MakeReportPlaceholder, GetReportPlaceholder, GetSummary to vul and sbom scanHandler

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
2024-05-24 08:48:55 +00:00
dependabot[bot]
0a4c31682a
chore(deps): bump github.com/go-openapi/swag from 0.22.7 to 0.23.0 in /src (#20453)
chore(deps): bump github.com/go-openapi/swag in /src

Bumps [github.com/go-openapi/swag](https://github.com/go-openapi/swag) from 0.22.7 to 0.23.0.
- [Commits](https://github.com/go-openapi/swag/compare/v0.22.7...v0.23.0)

---
updated-dependencies:
- dependency-name: github.com/go-openapi/swag
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-05-23 16:07:20 +08:00
dependabot[bot]
8bb7586b0b
chore(deps): bump github.com/prometheus/client_golang from 1.17.0 to 1.19.1 in /src (#20451)
chore(deps): bump github.com/prometheus/client_golang in /src

Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.17.0 to 1.19.1.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prometheus/client_golang/compare/v1.17.0...v1.19.1)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-05-23 15:19:09 +08:00
dependabot[bot]
00b5725edd
chore(deps): bump golang.org/x/net from 0.24.0 to 0.25.0 in /src (#20455)
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.24.0 to 0.25.0.
- [Commits](https://github.com/golang/net/compare/v0.24.0...v0.25.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-05-23 14:38:43 +08:00
Lichao Xue
3352a72b7a
Fix - 20469 sbom status and download issue (#20471)
Fix sbom status and download issue

Signed-off-by: xuelichao <xuel@vmware.com>
2024-05-23 13:23:45 +08:00
Shengwen YU
2f4fa29537
Bump up trivy version to v0.51.2, trivyadapter to v0.31.2 (#20450)
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2024-05-21 18:37:06 +08:00
Lichao Xue
3875b1ac1d
Fix-20459 Wrong sbom status displayed in UI (#20460)
Signed-off-by: xuelichao <xuel@vmware.com>
2024-05-21 17:55:46 +08:00
Lichao Xue
be839e677c
fix ui test failure (#20441)
Signed-off-by: xuelichao <xuel@vmware.com>
2024-05-20 15:42:42 +08:00
Lichao Xue
840d4085f0
Fix and Should to display Unsupported if no SBOM accessories found (#20426)
Should this be Unsupported either for SBOM

Signed-off-by: xuelichao <xuel@vmware.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-05-16 17:40:42 +08:00