Commit Graph

12164 Commits

Author SHA1 Message Date
Yang Jiao
ed0a69cf80
Add external scanner test case (#19682)
Fix #19279

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-12-07 11:20:11 +08:00
Shijun Sun
323e11fefb
Update the wording text for the system robot account (#19666)
Signed-off-by: AllForNothing <shijun.sun@broadcom.com>
2023-12-05 09:43:02 +00:00
Shijun Sun
469b6a495b
Update the style for the robot acccount ui (#19663)
1. Fixes #19614
2. Fixes #19617

Signed-off-by: AllForNothing <shijun.sun@broadcom.com>
2023-12-05 09:00:17 +00:00
Shengwen YU
1cbc901599
fix: upgrade google.golang.org/grpc (#19648)
fix: upgrade google.golang.org/grpc and go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2023-12-05 16:22:39 +08:00
MinerYang
3b127bc477
fix 2.10 prepare migration version (#19665)
fix 2.10 prepare migration

Signed-off-by: yminer <yminer@vmware.com>
2023-12-05 15:31:17 +08:00
Wang Yan
7b40dc6f46
fix the landing accessory data (#19661)
Fix the keywords when to list accessories belong to the subject manifest.

Signed-off-by: wang yan <wangyan@vmware.com>
2023-12-05 14:14:32 +08:00
Shijun Sun
7fee99b5fe
Update the name checking for the robot account (#19645)
1. Fixes #19612

Signed-off-by: AllForNothing <shijun.sun@broadcom.com>
2023-12-05 03:01:40 +00:00
Aaron Steinberg
3c56f2d1a0
[release-note/docs] swagger.yaml "repositoryName" parameter description update (#19651)
* swagger.yaml fix

Signed-off-by: Aaron Steinberg <asteinber-contractor@aurora.tech>

* Signed-off by: Aaron Steinberg <aaron@aa.codes>

Signed-off-by: Aaron Steinberg <asteinber-contractor@aurora.tech>

---------

Signed-off-by: Aaron Steinberg <asteinber-contractor@aurora.tech>
2023-11-30 09:17:05 +00:00
Yang Jiao
7cef4217b0
Add user API test case (#19638)
Fix #19280

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-11-29 10:25:02 +08:00
Shijun Sun
f26b9f52e9
Update the test script for the project permissions (#19623)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-11-28 02:16:02 +00:00
dependabot[bot]
bf251ef0aa
Bump github.com/coreos/go-oidc/v3 from 3.0.0 to 3.7.0 in /src (#19542)
Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc) from 3.0.0 to 3.7.0.
- [Release notes](https://github.com/coreos/go-oidc/releases)
- [Commits](https://github.com/coreos/go-oidc/compare/v3.0.0...v3.7.0)

---
updated-dependencies:
- dependency-name: github.com/coreos/go-oidc/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2023-11-28 09:31:16 +08:00
Shengwen YU
f14635a5d3
fix: update TRIVYVERSION=v0.47.0 && TRIVYADAPTERVERSION=v0.30.19 (#19624)
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2023-11-28 08:43:37 +08:00
Wang Yan
3f72604d57
fix robot account access issue (#19627)
fixes #19622
Resolve the 403 issue occurring when a robot account, equipped with both system and project scope, attempts to access project resources.

Signed-off-by: wang yan <wangyan@vmware.com>
2023-11-27 19:16:37 +08:00
Yang Jiao
4fbcf92da9
Add jump to CNAB Bundle index artifact list test case (#19629)
Fix #19278

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-11-27 18:26:06 +08:00
Yang Jiao
38ac8bf717
Add notation pull policy test case (#19625)
Fix #19547

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-11-27 09:44:20 +00:00
dependabot[bot]
e1df9b0a73
Bump golang.org/x/time from 0.0.0-20220210224613-90d013bbcef8 to 0.4.0 in /src (#19541)
Bump golang.org/x/time in /src

Bumps [golang.org/x/time](https://github.com/golang/time) from 0.0.0-20220210224613-90d013bbcef8 to 0.4.0.
- [Commits](https://github.com/golang/time/commits/v0.4.0)

---
updated-dependencies:
- dependency-name: golang.org/x/time
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2023-11-27 16:58:28 +08:00
dependabot[bot]
4fac10a97d
Bump actions/setup-node from 3 to 4 (#19478)
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 3 to 4.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Orlix <7236111+OrlinVasilev@users.noreply.github.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
2023-11-27 15:48:21 +08:00
Wang Yan
e6900301ce
fix system label resource (#19621)
Make sure robot can use rbac.Resource(label) to access system level label

Signed-off-by: wang yan <wangyan@vmware.com>
2023-11-27 13:34:17 +08:00
Yang Jiao
969dd1be66
Add notation accessory copy test case (#19605)
Fix #19546

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-11-22 18:13:44 +08:00
Yang Jiao
45b41d4443
Add API(scan,volumes,jobservice,scanner,label,securityhub,catalog) permission testcases (#19595)
Add scan,volumes,jobservice,scanner,label,securityhub,catalog permission testcases

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-11-22 09:08:27 +00:00
Shijun Sun
13ae233729
Add test cases for the project level permissions (#19593)
Add API test cases for project permission of a robot account

Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-11-22 08:13:04 +00:00
Shijun Sun
d967ac0fb6
Update the permission scope (#19603)
1. Update the permission scope
2. Sort the resources and actions by unicode

Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-11-22 06:37:31 +00:00
MinerYang
9875965837
add prepare migration script for 2.10 (#19600)
Signed-off-by: yminer <yminer@vmware.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
2023-11-22 13:58:45 +08:00
Wang Yan
062d144d22
add permission validation for robot creating and updating. (#19598)
* add permission validation for robot creating and updating.

It is not allowed to create an new robot with the access outside the predefined scope.

Signed-off-by: wang yan <wangyan@vmware.com>

* Fix robot testcase and update robot permission metadata (#167)

1. Fix robot testcase
2. update robot permission metadata

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
Signed-off-by: wang yan <wangyan@vmware.com>

---------

Signed-off-by: wang yan <wangyan@vmware.com>
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
Co-authored-by: Yang Jiao <72076317+YangJiao0817@users.noreply.github.com>
2023-11-22 12:51:03 +08:00
Chlins Zhang
43ccd2f09f
perf: optimize the performance of accessory query (#19557)
1. Add db index for subject_artifact_id in table artifact_accessory.
2. Optimize the SQL of excluding the accessory for artifact count.

Signed-off-by: chlins <chenyuzh@vmware.com>
2023-11-22 02:11:11 +00:00
MinerYang
17c17ffd8e
bump golang to 1.21.4 (#19601)
Signed-off-by: yminer <yminer@vmware.com>
2023-11-21 19:23:16 +08:00
Chlins Zhang
553c85eed0
fix: increase beego max memory and upload size (#19578)
1. Increase the default beego max memory and upload size from 32GB to
   128GB.
2. Support customize the two beego configs from env.

Signed-off-by: chlins <chenyuzh@vmware.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
2023-11-21 15:36:06 +08:00
Maksym Trofimenko
996e57b511
Feature: GDPR compliant audit logs (#17396) 2023-11-20 21:31:22 +01:00
stonezdj(Daojun Zhang)
307a3121aa
Return empty result when no scanner configured (#19577)
fixes #19534

Signed-off-by: stonezdj <daojunz@vmware.com>
2023-11-17 07:29:19 +00:00
Yang Jiao
08cb0803a8
Add API(audit-log,project,registry,replication) permission testcase (#19584)
Add audit-log,project,registry,replication API permission testcase

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-11-16 08:51:00 +00:00
Shijun Sun
95b4032201
Correct loop condition for replication tasks (#19570)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-11-15 09:50:06 +00:00
Shijun Sun
da9e263ca7
Avoid menu closure when filtering labels (#19561)
1. Fixes #19554

Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-11-15 17:12:55 +08:00
Shijun Sun
30730c6716
Add a placeholder to the cards for the security-hub (#19536)
1. Related issue #19249

Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-11-15 08:23:07 +00:00
Shijun Sun
7718134301
Add quota sorting to the project quotas list (#19576)
1. For #16517

Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-11-15 07:25:55 +00:00
Shijun Sun
6a6e29570c
Show OIDC provider name on the OIDC login button (#19581)
1. Related issue #13198

Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-11-15 05:23:57 +00:00
stonezdj(Daojun Zhang)
3f6c0298fe
Add oidc provider name to systeminfo API (#19575)
fixes #13198

Signed-off-by: stonezdj <daojunz@vmware.com>
2023-11-15 11:00:39 +08:00
Yang Jiao
04397fb6a2
Add API permission testcase (#19571)
usage example:
HARBOR_BASE_URL=https://{ip_or_domain}/api/v2.0 RESOURCE=preheat-instance  USER_NAME={username} PASSWORD={password}  python tests/apitests/python/test_permission.py

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-11-14 09:38:39 +08:00
Shengwen YU
e941f3272b
fix: sorting quota (#19538)
fix: sort Project Quotas

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2023-11-13 14:37:41 +08:00
jmichot-exotec
219e4ba48d
19559 cannot see full label easily (#19564)
* modified label css to allow hover on it

Signed-off-by: Julien Michot <julien.michot.ext@exotec.com>

* modified label css to allow hover on it

Signed-off-by: Julien Michot <julien.michot.ext@exotec.com>

* Update common.scss

Signed-off-by: jmichot-exotec <150228661+jmichot-exotec@users.noreply.github.com>

* used title way to show full label on hover

Signed-off-by: Julien Michot <julien.michot.ext@exotec.com>

---------

Signed-off-by: Julien Michot <julien.michot.ext@exotec.com>
Signed-off-by: jmichot-exotec <150228661+jmichot-exotec@users.noreply.github.com>
Co-authored-by: Julien Michot <julien.michot.ext@exotec.com>
2023-11-13 04:02:59 +00:00
stonezdj(Daojun Zhang)
3a9d68a32a
Allow POST method to request service/token in readonly mode (#19556)
fixes #18243

Signed-off-by: stonezdj <daojunz@vmware.com>
2023-11-10 05:08:31 +00:00
Chlins Zhang
f6d5bf2e0f
perf: optimize the trigger retention API (#19533)
Enhance the API for triggering retention by optimizing it from synchronous to asynchronous to solve the problem of slow response in the case of a large number of tasks.

Signed-off-by: chlins <chenyuzh@vmware.com>
2023-11-09 07:45:01 +00:00
Shijun Sun
b7116fff0f
Add full permissions for the robot account (#19507)
1.Fixes #19353

Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-11-09 03:18:07 +00:00
Wang Yan
5c02fd807e
add permission api (#19543)
The permission api targets to return the full set of permissons for robot to use.
And only system and project admin have the access

Signed-off-by: wang yan <wangyan@vmware.com>
2023-11-09 09:47:07 +08:00
stonezdj(Daojun Zhang)
da949bfc3f
Delete project member when delete project (#19523)
Signed-off-by: stonezdj <daojunz@vmware.com>
2023-11-08 20:51:21 +08:00
Shijun Sun
bfd44b9115
Update UI package to clear security alerts (#19553)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-11-08 15:30:08 +08:00
stonezdj(Daojun Zhang)
c9214256e5
Skip to validate username when update user profile (#19552)
fixes #19528

Signed-off-by: stonezdj <daojunz@vmware.com>
2023-11-08 13:29:30 +08:00
Yang Jiao
35a605ec05
Add notation sign artifact API test case (#19549)
Fix #19545

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-11-07 08:39:37 +00:00
Yang Jiao
6d238f1948
Update E2E test engine images (#19544)
Fix #19283
1. Bump up chromedriver version to 119.0.6045.105
2. Bump up containerd version to 1.7.8
3. Bump up docker compose version to 2.23.0
4. Bump up helm version to 3.13.1
5. Bump up ORSA version to 1.1.0
6. Bump up imgpkg version to 0.39.0
7. Bump up cosign version to 2.2.0
8. Add install notation 1.0.0

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-11-07 11:05:29 +08:00
Shengwen YU
b8f65bb281
fix: bump up TRIVYVERSION=v0.46.1 && TRIVYADAPTERVERSION=v0.30.18 (#19500)
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2023-11-06 08:38:56 +00:00
Daniel Jiang
ebb2c40095
Use absolute path for the profile.cov (#19535)
There's a path change introduced by #19508 which may impact showing the
coverage on codecov.
This commit makes sure the profile.cov is referenced as absolute path in
`coverage4gotest.sh`

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2023-11-06 05:58:08 +00:00