Commit Graph

5467 Commits

Author SHA1 Message Date
孙世军
634f0139a0
Add co-sign checkbox for project policy (#16184)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-01-10 18:14:34 +08:00
Wang Yan
063991078a
Cosign policy checker (#16187)
Enable policy checker for cosign, when it's enabled, user cannot pull artifact without cosign.

Signed-off-by: wang yan <wangyan@vmware.com>
2022-01-10 17:44:01 +08:00
Shengwen Yu
d2ae0165c9 feat: add failure-tolerance for gc
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2022-01-10 11:34:10 +08:00
孙世军
2eda360d9d
Add co-sign UI (#16155)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-01-05 13:41:51 +08:00
Chenyu Zhang
b417e877b5
Merge pull request #16107 from chlins/feat/async-update-artifact-pull_count
feat: async update artifact pull time and repository pull count
2022-01-05 11:14:28 +08:00
Wang Yan
2111703d8d
Cosign artifact api
1,update artifact list & delete api to support accessory
2, add list accesories api

Signed-off-by: Wang Yan <wangyan@vmware.com>
2022-01-05 11:13:40 +08:00
chlins
de7978e1b5 feat: async update artifact pull time and repository pull count
Signed-off-by: chlins <chenyuzh@vmware.com>
2021-12-24 11:17:44 +08:00
Julio H Morimoto
ce319a9eca
Improvements for Brazilian Portuguese (pt-br) translation. (#15921)
Missing items and minor updates to improve the translation.

Signed-off-by: juliohm1978 <jhm@juliohm.com.br>
2021-12-17 10:36:42 +08:00
孙世军
d9a4f34819
Fix overlapping for repo cardview (#16125)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-12-16 13:49:20 +08:00
chlins
adf866e629 fix: resolve the codeql alerts
Signed-off-by: chlins <chenyuzh@vmware.com>
2021-12-15 13:49:42 +08:00
孙世军
46507c2fa9
Add preventDefault for action button of repo card view (#16117)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-12-14 11:44:25 +08:00
孙世军
2a7d4ae4d3
Add share operator to icon observable (#16101)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-12-14 11:44:07 +08:00
孙世军
d711f02401
Add querry parameter for setting.json (#16081)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-12-14 11:20:34 +08:00
孙世军
eb8db3215c
Fix unescaped URL for repo links (#16092)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-12-09 10:15:21 +08:00
Wang Yan
76b981faec
add cosign middleware (#16078)
The middleware is to land the cosign signature linkage with the subject artifact ID.

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-12-07 15:43:10 +08:00
rao yunkun
ce6bf73884 Merge remote-tracking branch 'upstream/main' 2021-12-05 16:34:04 +08:00
stonezdj(Daojun Zhang)
0c0489cbae
Merge pull request #15913 from stonezdj/21nov1_proxy_manifest_list_contenttype
Cache content type for manifest list and image index in perspective
2021-12-04 09:05:20 +08:00
Wang Yan
742e7ded00
add accessory dao service (#16045)
Signed-off-by: wang yan <wangyan@vmware.com>
2021-12-03 14:34:02 +08:00
stonezdj
6b77c11696 Cache content type for manifest list and image index in perspective
manifest list: application/vnd.docker.distribution.manifest.list.v2+json
  image index: application/vnd.oci.image.index.v1+json
  fixes #15837

Signed-off-by: stonezdj <stonezdj@gmail.com>
2021-12-03 14:14:01 +08:00
孙世军
846d690b85
Refactor config component (#16064)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-12-01 10:07:46 +08:00
Wang Yan
7608df4b5c
add pull update control env (#16051)
These variables are temporary solution for issue: https://github.com/goharbor/harbor/issues/16039
When user disable the pull count/time/audit log, it will decrease the database access, especially in large concurrency pull scenarios.

1, PULL_TIME_UPDATE_DISABLE : The flag to indicate if pull time is disable for pull request.
2, PULL_COUNT_UPDATE_DISABLE : The flag to indicate if pull count is disable for pull request.
3, pull audit log will not create on disabling pull time.

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-11-26 18:13:23 +08:00
孙世军
cad78f6af4
Audit fixing for package-lock.json (#16043)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-11-23 15:56:09 +08:00
Wang Yan
91e406ba60
bump up dep versions (#16038)
1, upgrade containerd to v1.14.12
2. upgrade image-spec to v1.0.2

Signed-off-by: wy65701436 <wangyan@vmware.com>
2021-11-23 10:32:29 +08:00
孙世军
784cdabc61
Fix null point exception for chart version (#16006)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-11-22 10:48:42 +08:00
孙世军
21dfba7330
Redirect to sign-in page when user session timed out (#16005)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-11-22 10:47:49 +08:00
stonezdj(Daojun Zhang)
060341ba4e
Merge pull request #15949 from stonezdj/21nov4_cache_properties
Enable db config cache explicitly
2021-11-16 14:39:10 +08:00
Chenyu Zhang
d260e632d8
Merge pull request #15985 from chlins/fix/replication-rule-enhancement
fix(replication): enhance the replication rule validation
2021-11-12 11:12:41 +08:00
chlins
f880bc3361 fix(replication): enhance the replication rule validation
Signed-off-by: chlins <chenyuzh@vmware.com>
2021-11-12 09:53:11 +08:00
孙世军
ddd4cdb306
Not allow space in replication rule filters (#15984)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-11-11 12:23:26 +08:00
孙世军
ea16f1fb5e
Change base tag to "/" for index.html (#15965)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-11-08 17:42:07 +08:00
孙世军
d5a4f0b8bc
Add select-all and unselect-all for robot permissions (#15962)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-11-08 14:38:26 +08:00
孙世军
ab037c35cc
Fix ng-change-checking error for repos component (#15961)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-11-08 14:37:45 +08:00
孙世军
0413b8b6f7
Support right click to open a link in a new tab (#15935)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-11-08 14:37:27 +08:00
sluetze
3760375ba9 updated german translation for 2.4
Signed-off-by: sluetze <13255307+sluetze@users.noreply.github.com>
2021-11-08 11:15:55 +08:00
Chenyu Zhang
3aa698c7c9
fix(replication): list projects before replicate to reduce create duplicate project and requests to target registry (#15934)
Signed-off-by: chlins <chenyuzh@vmware.com>
2021-11-08 10:39:58 +08:00
He Weiwei
b2268dbf8e
fix: remove x-go-type in swagger.yaml (#15923)
Closes #15912

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-11-04 23:39:36 +08:00
stonezdj
21601f5e3c Enable db config cache explicitly
previous config is not cached because it is initialized when cache is not ready

Signed-off-by: stonezdj <stonezdj@gmail.com>
2021-11-04 16:01:25 +08:00
孙世军
71ee8b57c2
Remove loading for auto refreshing (#15914)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-11-03 14:29:54 +08:00
孙世军
264a320d38
Add pagination for user groups (#15932)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-11-03 14:29:24 +08:00
stonezdj(Daojun Zhang)
465240216a
Merge pull request #15864 from stonezdj/21oct25_fix_crash_missing_ldap_attribut
Check empty ldap attributes value
2021-11-02 08:56:33 +08:00
stonezdj
ec23ddabc3 Check empty ldap attributes value
fixes #11986

Signed-off-by: stonezdj <stonezdj@gmail.com>
2021-11-01 17:56:37 +08:00
孙世军
44f477e965
Change ng-swagger-gen to a stable version (#15903)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-10-29 18:44:20 +08:00
孙世军
fed84069a2
Fix css issue for chart label filter (#15891)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-10-29 10:38:52 +08:00
孙世军
ec1c8c9cd3
Upgrade Clarity and Angular to latest stable version (#15887)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-10-28 17:21:39 +08:00
Aaron Layfield
7b75a456d3
Robot Account CREATE / DELETE Label (#15815)
Signed-off-by: Aaron Layfield <aaron.layfield@gmail.com>
2021-10-27 14:24:07 +08:00
Wang Yan
a956758302
bump up go version to v1.17 (#15865)
* bump up go version to v1.17

Signed-off-by: Wang Yan <wangyan@vmware.com>

* gofmt fail

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-10-25 17:28:29 +08:00
stonezdj(Daojun Zhang)
adc2e8873f
Add hostname to trace span name (#15806)
Fixes #15726, unify the trace span name in all components

Signed-off-by: stonezdj <stonezdj@gmail.com>
2021-10-25 17:09:59 +08:00
孙世军
266f0c41da
Enlarge index artifact folder icon (#15860)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-10-25 13:46:32 +08:00
孙世军
528d028f1d
Add XAcceptVulnerabilities header when getting artifact scan overview (#15853)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-10-22 17:12:35 +08:00
Chenyu Zhang
be27792170
Merge pull request #15845 from chlins/fix/codeql-golang-security-issues
fix: handle codeql golang security issues
2021-10-22 13:27:07 +08:00
Alexis L
5fd6168c57
fix(scan): Add function to avoid writing creds in jobservice logs, switch to debug instead of info (#15747)
Signed-off-by: Alexis <60alexis@gmail.com>
2021-10-22 11:34:15 +08:00
chlins
9e8218f63b fix: handle codeql golang security issues
Signed-off-by: chlins <chenyuzh@vmware.com>
2021-10-22 10:51:26 +08:00
孙世军
3da8e573a0
Fix css issues for robot and replication (#15834)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-10-22 10:09:16 +08:00
stonezdj(Daojun Zhang)
bc6a7f65a6
Merge pull request #15677 from stonezdj/21sep27_remove_error_log
Change log level to debug
2021-10-21 09:25:18 +08:00
Wang Yan
6014646bcb
fixes gc dry run issue (#15804)
fixes #15332, for the dry run mode, gc job should not remove the untagged candidates.
To fix it, use the simulate untagged artifact deletion for dry-run.

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-10-19 07:42:54 +08:00
Steven Zou
22e99c78d1
Merge pull request #15777 from AllForNothing/remove-neg
Remove negligible and unknown severities and add none severity
2021-10-18 11:46:20 +08:00
stonezdj(Daojun Zhang)
2020bf383b
Merge pull request #15790 from stonezdj/21oct15_change_trace_name
Change the span name to <method>_<request uri>
2021-10-18 09:41:12 +08:00
Shatakshi Gupta
76733d72be
fixed S1008 bugbash error (#15781)
Signed-off-by: Shatakshi <shatakshi.gupta85@gmail.com>
2021-10-14 20:10:48 +08:00
Soumik Majumder
eb7329a471
Fix semgrep sprintf-host-port (#15782)
Signed-off-by: Soumik Majumder <soumikm@vmware.com>
2021-10-14 20:10:27 +08:00
Wang Yan
f9d1294b45
roll back the runner count (#15792)
It takes about 1 hour to perform data for 40000 repositories per performance testing.

Roll back the runner count to 100 could speed the data preparation time.
It's safe since it only takes 100 DB connection counts at most per execution per core.

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-10-14 19:05:30 +08:00
He Weiwei
b390112f5a
fix: convert severity from negligible to none before saving to db (#15791)
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-10-14 16:02:38 +08:00
stonezdj
3b2ac06639 Change the span name to <method>_<request uri>
Use the same trace option for HTTPTransport
  fixes #15726
Signed-off-by: stonezdj <stonezdj@gmail.com>
2021-10-14 14:33:16 +08:00
Soumik Majumder
2679b2427b
Fix semgrep use-of-weak-crypto error (#15784)
Signed-off-by: Soumik Majumder <soumikm@vmware.com>
2021-10-14 14:28:59 +08:00
Wang Yan
729d2e6590 fix replication DB connection issue
fixes #15736

For the current imple, the GetWorker() may hang when there is no worker available, and will not release the DB connection.
In this case, the DB connection could reach the up limit that leads to harbor core for service unavailable.

1, move GetWorker() in the goroutine, release the DB connection for API.
2, reduce the worker count per harbor-core from 1024 to 10.
3, reduce the runner count per worker to 30.

After above, the max connection per harbor-core should be 300.

Worker: To control how many replicaiton exectuions can have at most at the same time.
Runner: To control the speed to generate an jobservice replicaiton job.

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-10-14 11:31:33 +08:00
AllForNothing
b2775292ef Remove negligible and unknown severities and add none severity
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-10-13 16:45:16 +08:00
Shengwen YU
4d89c845d0
fix: webhook log (#15756)
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>

Co-authored-by: Shengwen Yu <yshengwen@vmware.com>
2021-10-13 15:46:04 +08:00
Wang Yan
5c92b2f308
bump up containerd version (#15752)
Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-10-11 17:45:21 +08:00
Wenkai Yin(尹文开)
dc8477bd7a
Merge pull request #15680 from antbreton/fix/15679
fix filename processing to support both URI and URL
2021-10-11 17:18:23 +08:00
Wang Yan
f57c426409
bump up jwt version (#15730)
Upgrade the jwt to github.com/golang-jwt/jwt/v4, and it's backwards compatible with v3.x.y.

Signed-off-by: wang yan <wangyan@vmware.com>
2021-10-08 16:09:00 +08:00
孙世军
96f5caa635
Add list artifact and list repo permissions to robot account (#15718)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-10-08 10:56:37 +08:00
stonezdj(Daojun Zhang)
32023891eb
Merge pull request #15675 from stonezdj/21sep22_email_nullable
Allow empty email attribute for ldap/oidc user
2021-10-02 10:33:38 +08:00
Wang Yan
4e984e8c6e
fix legacy robot edit issue (#15709)
fixes #15690, for the legacy robot, update is denied.

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-10-01 00:41:54 +08:00
孙世军
7345021800
Fix lagecy robot edit issue (#15716)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-09-30 15:01:19 +08:00
stonezdj
06715af303 Allow empty email attribute for ldap/oidc user
Define user.Email as sql.NullString to avoid unique constraint when email is empty in LDAP/OIDC
  Separate the common/models/User with the pkg/user/dao/User
  Fixes #10400
Signed-off-by: stonezdj <stonezdj@gmail.com>
2021-09-30 14:35:18 +08:00
孙世军
c1169d66be
Improve routing links (#15706)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-09-30 10:25:19 +08:00
stonezdj
a00a83df38 Fix all issues related to the noise in the logs
Change log level to debug when required
Signed-off-by: stonezdj <stonezdj@gmail.com>
2021-09-29 20:19:53 +08:00
antbreton
db2a6fb970 fix filename processing to support both URI and URL
Signed-off-by: antbreton <antoine.breton06@gmail.com>
2021-09-27 16:13:21 +02:00
孙世军
38e0910fc7
Auto-focus for filter component (#15672)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-09-27 18:46:27 +08:00
Alan
fc1db450b2
fix translation error in zh for cron (#15668)
Signed-off-by: alan <zg.zhu@daocloud.io>
2021-09-27 12:50:20 +08:00
孙世军
ad1a6d64d5
Improve css style for project detail and add webhook components (#15650)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-09-27 11:00:16 +08:00
yxxhero
63b8e6a9ce
add unittest for jobservice/common/utils package and fix a issue for IsValidURL (#15539)
add unittest for common utils package and fix a issue

Signed-off-by: yxxhero <aiopsclub@163.com>
2021-09-24 19:07:55 +08:00
Daniel Jiang
c3f92a748c
Merge pull request #15660 from reasonerjt/no-warning-groupclaim
Do not print warning message if group claim is empty
2021-09-24 18:23:05 +08:00
Daniel Jiang
5522ccbd93
Merge pull request #15521 from wy65701436/remove-quota-switch
remove the internal legacy API to switch quota
2021-09-24 18:21:53 +08:00
Daniel Jiang
fbcba772e9 Do not print warning message if group claim is empty
fixes #15616

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-09-24 15:43:54 +08:00
Wang Yan
0a2db1405a
update go dep version (#15648)
To fix the Dependabot alerts

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-09-23 17:37:38 +08:00
孙世军
37cd3ce98c
Improve style for add replication rule component (#15632)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-09-23 15:10:59 +08:00
孙世军
ce1cb0cb88
Remove push option for project access log component (#15629)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-09-23 11:19:43 +08:00
Qian Deng
da9faf0c6c Upgrade opentelemetry to 1.0.0
* upgrade from 1.0.0-RC3 to 1.0.0
* remove fork

Signed-off-by: Qian Deng <dengq@vmware.com>
2021-09-22 14:00:00 +00:00
stonezdj(Daojun Zhang)
972fa0880b
Merge pull request #15505 from ninjadq/add_distributed_tracing
Add distributed tracing
2021-09-22 14:16:19 +08:00
Qian Deng
354a2bd80d Enhance the trace related code
* Move request id to requestid middleware
* fix span pass to child ctx on orm
* fix typos
* remove unused code
* add operation name to Transaction

Signed-off-by: Qian Deng <dengq@vmware.com>
2021-09-22 04:14:43 +00:00
Daniel Jiang
36a17ed7a7
Merge pull request #15625 from reasonerjt/oidc-username-prty
Make sure auto-onboard username claim has higher priority
2021-09-22 11:53:43 +08:00
Daniel Jiang
91131098c3 Make sure auto-onboard username claim has higher priority
This commit adjust the priority when consolidating data from userinfo
endpoint and id token, making sure the auto-onboard username claim from
ID token has highest priority.

fixes #15504

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-09-22 08:59:59 +08:00
Daniel Jiang
884da19414 Do not check security context in Get of user controller
This commit make sure when security context is not found the `Get`
function in user controller should not return error.
Because this func will be called by security middleware, at which point
of time the security context is not generated.
Additionally, checking security context is not necessary because the
permission checking is already done in the API handler layer.

fixes #15535

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-09-21 16:40:16 +08:00
Qian Deng
31707dbf25 Using harbor lib config
using config manager to get env configs

Signed-off-by: Qian Deng <dengq@vmware.com>
2021-09-18 10:58:52 +00:00
Qian Deng
543d044f7a Update vendors
Update vendors for trace

Signed-off-by: Qian Deng <dengq@vmware.com>
2021-09-18 10:58:52 +00:00
Qian Deng
bad913cf6d Refactor trace code
* use lib trace helper function
* add gracefull shutdown
* Add commens for new added exposed function
* Add licence on top of new created files
* Update trace library
* Update configs
* Add attribute and namespance in config

Signed-off-by: Qian Deng <dengq@vmware.com>
2021-09-18 10:58:52 +00:00
Qian Deng
6fec5b2873 Add trace to jobservice
* Add trace init in main
* Add env template
* Add trace for router

Signed-off-by: Qian Deng <dengq@vmware.com>
2021-09-18 10:58:52 +00:00
Qian Deng
14095fb10b Add trace to registryctl
* Add trace init to main
* Add trace for http server
* Add trace for gc
* Add env template trace

Signed-off-by: Qian Deng <dengq@vmware.com>
2021-09-18 10:58:52 +00:00
Qian Deng
879eecc926 Refactor and Add trace to http Transport
* Refactor common http GetTransport function signature
* Remove redendent GetHTTPTransport and similar functions
* Update Authorized function signature to meet new HTTPTransport
* Add trace for default Transport

Signed-off-by: Qian Deng <dengq@vmware.com>
2021-09-18 10:58:52 +00:00
Qian Deng
a15983432c Add trace for core
* Add trace related lib
* Add trace middleware for core
* add rid for middleware

Signed-off-by: Qian Deng <dengq@vmware.com>
2021-09-18 10:58:52 +00:00
He Weiwei
ecc1a04c92
refactor: implement a lock free quota (#15399)
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-09-17 11:26:37 +08:00
He Weiwei
d9a0687461
refactor: using ctx from http request for credMaker of preheat enforcer (#15568)
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-09-16 18:40:02 +08:00
Steven Zou
0839028096
Merge pull request #15581 from bitsf/fix_gitlab_filters
fix(replication) gitlab filters may not work
2021-09-16 14:14:30 +08:00
孙世军
9e9c4a03bb
Add stop scan functionality (#15528)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-09-15 17:00:08 +08:00
孙世军
c5003f38ba
Add bandwidth input to adding replication rule (#15550)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-09-15 16:59:14 +08:00
Shengwen YU
ce9bea807e
fix: update context to "makeCtx func() context.Context" (#15584)
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>

Co-authored-by: Shengwen Yu <yshengwen@vmware.com>
2021-09-15 10:10:39 +08:00
Ziming Zhang
98cef43ead limit replication bandwidth
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2021-09-14 11:23:28 +08:00
孙世军
9fdf8e286d
Clear selected row after refreshing for replication task list component (#15549)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-09-14 11:21:16 +08:00
Junyoung, Sung
251feea1fd
Fix typo maxDeepth -> maxDepth (#15574)
Signed-off-by: Junyoung, Sung <junyoung.sung@naverlabs.com>
2021-09-13 21:23:31 +08:00
Wenkai Yin(尹文开)
8e1ffd022c
Merge pull request #15543 from steven-zou/feat/sync-schedules
feat(schedule):sync schedules in db to js datastore
2021-09-13 20:15:00 +08:00
Ziming Zhang
d62aaaa625 fix(replication) gitlab filters may not work
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2021-09-13 17:23:12 +08:00
Shengwen YU
9cb266a8a0
Merge pull request #15548 from zyyw/ISSUE-14831
Add stop scan a particular artifact & stop scan all
2021-09-13 15:07:49 +08:00
Shengwen Yu
e2e3bcca1c feat: add stop scan & stop scan-all feature
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2021-09-13 11:19:21 +08:00
He Weiwei
d00024ab36 refactor: initialize the remote helper using ctx from http request
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-09-09 11:13:53 +00:00
Steven Zou
6b5cd3a7a5 feat(schedule):sync schedules in db to js datastore
- add a sync worker to sync db schedules when js starting. add missing ones and clear dirty ones.
- update task model to contain status revision info
- update job lifecycle tracker save() method
- update job ACK model
- add UT cases
- update malformat comments

fix #15323

Signed-off-by: Steven Zou <szou@vmware.com>
2021-09-07 08:33:01 +08:00
AllForNothing
a3883e41a9 Fix ui issue for add p2p policy component
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-09-03 10:45:10 +08:00
He Weiwei
06f2414d1c
fix: use ctx from http request for middlewares (#15523)
1. Use ctx from http request for the readonly middleware.
2. Refactor the AuthenticateHelper to let it get orm from ctx of the http request.
3. Change to use ctx from http request for oidc and authproxy http handlers.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-09-02 19:05:35 +08:00
孙世军
383635e970
Refactor add group component (#15518)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-09-02 15:30:43 +08:00
stonezdj(Daojun Zhang)
6b8c5c9edd
Add usergroup search API (#15483)
Fixes #15450
  Add paging function to usergroup list/search API
  Fix some 500 error when adding LDAP user/group to project member

Signed-off-by: stonezdj <stonezdj@gmail.com>
2021-09-02 09:04:33 +08:00
Wang Yan
581bb8833e remove the internal legacy API to switch quota
The init design of this API is to avoid the quota error leads to system disaster.
As quota has been refineded and redis lock has been removed, the API can be deprecated safely.

And this API is only call the DB to refresh quota data, user can call the SyncQuota API to handle this.

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-09-01 10:49:03 +08:00
Pei-Tang Huang
ff617950b7
Helm Chart should not be translated. (#15438)
And the existing translation is also not accurate to the meaning of Helm.

Signed-off-by: Pei-Tang Huang <tangtheone@gmail.com>
2021-08-31 15:43:30 +08:00
Julio H Morimoto
9799598f33
Fixes https://github.com/goharbor/harbor/issues/15454. (#15455)
Signed-off-by: Julio Morimoto <julio@morimoto.net.br>
2021-08-31 15:39:36 +08:00
Wang Yan
e0c4ebd84d
fix gc delete manifest log issue (#15495)
It needs to use the logger to print error log when timeout, otherwise, it will be dropped.

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-08-30 13:40:33 +08:00
He Weiwei
d482a0c323
fix: avoid panic in the RetryUntil (#15501)
1. Use jpillora/backoff to get the backoff to avoid the panic in RetryUntil.
2. Return with last err when retry timeout.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-08-27 17:28:33 +08:00
孙世军
b58158c30f
Fix some UI bugs (#15486)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-08-26 15:24:45 +08:00
孙世军
9aab74d382
Correct clrDgTotalItems for tag-retention-tasks component (#15492)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-08-26 15:24:22 +08:00
孙世军
4e998b7dce
Fix chart download issue (#15472)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-08-24 17:05:13 +08:00
孙世军
eca3d82d9c
Improve global search component (#15462)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-08-24 17:04:37 +08:00
Wang Yan
b9228096dc
enable robot to support create project (#15461)
1, for admin only, the system level robot should contains the project creation access.
2, for not admin only, the system level robot can create project.
3, for the project that created by system level robot, use the admin ID as the ownerID.

No path for project level robot to create project.

Signed-off-by: wang yan <wangyan@vmware.com>
2021-08-24 09:34:02 +08:00
孙世军
b73480ed0c
Improve css style for autofill input (#15457)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-08-20 12:08:39 +08:00
yunkunrao
246d863c59 Refactor ping method into util pkg
Signed-off-by: yunkunrao <yunkunrao@gmail.com>
2021-08-19 21:57:25 +08:00
孙世军
14c0a61d3d
Support excluding rule for adding a replication rule (#15368)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-08-19 14:54:09 +08:00
Steven Zou
f3a875abd7
Merge pull request #15344 from bitsf/replication_policy_exclude
feat(replication) add exclude decoration in policy
2021-08-19 14:26:17 +08:00
孙世军
2e8c3463ec
Disable add group button for LDAP project admin (#15448)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-08-18 19:48:02 +08:00
Daniel Jiang
cdb13f5191
Merge pull request #15291 from kschu91/bugfix/15290
if username is not available in remote, fall back to username from token
2021-08-17 16:58:46 +08:00
Wang Yan
14f7274989
support robot to list project (#15431)
1, add permission check for API of List Projects
2, add permission check for API of List Repositories
3, use the self defined query to handle both names and public query

Signed-off-by: wang yan <wangyan@vmware.com>
2021-08-17 16:35:36 +08:00
Ziming Zhang
62808bf014 feat(replication) refactor replication filter Validate()
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2021-08-17 14:19:14 +08:00
Ziming Zhang
698c336421 feat(replication) add exclude decoration in policy
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2021-08-17 14:19:13 +08:00
孙世军
eabff82366
Improve getChanges function for edit registries compoment (#15404)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-08-12 10:08:49 +08:00
Gustavo Stein
cd987c6b8a
Fixes bizarre translation for CLI in pt-br. (#15390)
Signed-off-by: Gustavo Raphael Stein <grstein.ramone@gmail.com>
2021-08-11 09:59:54 +08:00
Tianon Gravi
af18f5bd20
Adjust "flattening" tooltip quotes to be consistent (#15393)
This is a minor consistency issue, but it also turns into a minor rendering issue where something is converting "backtick + a" into "à"

Signed-off-by: Tianon Gravi <tianon@infosiftr.com>
2021-08-10 15:21:13 +08:00
stonezdj(Daojun Zhang)
d7c8c722f5
Merge pull request #15397 from stonezdj/21aug4_fix_ldap_ipv6
Support IPv6 when connecting to LDAP server
2021-08-09 12:47:20 +08:00
孙世军
9a10c6627b
Add docker build to deploy Harbor UI for testing (#15381)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-08-09 10:37:49 +08:00
stonezdj
409039b502 Support IPv6 when connecting to LDAP server
Use net.SplitHostPort instead of strings.Split
 Fixes #15354

Signed-off-by: stonezdj <stonezdj@gmail.com>
2021-08-04 12:54:44 +08:00
Wang Yan
9e11753949
upgrade helm v3 version (#15372)
1. update helm v3 to v3.6.1
2. update autorest to v14.2.0
3. update other related models

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-07-30 14:43:42 +08:00
Wang Yan
f7b1610476
replace jwt model (#15367)
update the jwt model to github.com/golang-jwt/jwt
Starting from v3.2.1, the import path has changed from github.com/dgrijalva/jwt-go to github.com/golang-jwt/jwt.

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-07-29 11:08:10 +08:00
孙世军
538266c51a
Handle invalid date for HarborDatePipe (#15359)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-07-27 08:18:20 +08:00
孙世军
f6801cea57
Improve event service (#15353)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-07-26 12:16:49 +08:00
Daniel Jiang
5984175a1f
Merge pull request #15288 from malacoss/patch-1
Fix OIDC connect button string - [French]
2021-07-26 11:31:00 +08:00
Vadim Bauer
13d5e4a7de
fixes the broken pipe connection error with postgres. Similar as PR: #4719 (#15211)
Signed-off-by: Vadim Bauer <vb@container-registry.com>

Co-authored-by: Vadim Bauer <vb@container-registry.com>
2021-07-23 14:56:54 +08:00
Wang Yan
e5a614967d
drop gc api of registryctl (#15325)
The API is desiged for read-only gc job, as the read only gc has already deprecated, remove this api accordingly.

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-07-23 14:15:02 +08:00
Shengwen Yu
766e953325 fix: update adapter ut (mock http requests)
Closes: #15318

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2021-07-22 19:45:36 +08:00
malacoss
f11a6f21e8 Fix OIDC connect button string - [French]
Signed-off-by: Mathieu Alorent <mathieu.alorent-externe@acoss.fr>
2021-07-19 10:53:14 +02:00
孙世军
8da8acde19
Fix style issue for oidc-onbord component (#15333)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-07-19 12:26:47 +08:00
Daniel Jiang
e46e9631fa
Merge pull request #15303 from reasonerjt/fix-15241
Remediate the empty subiss problem
2021-07-16 13:34:40 +08:00
Daniel Jiang
3e983b1747
Merge pull request #15242 from kschu91/bugfix/15241
Fix refreshing oidc access token breaks users subiss in database
2021-07-16 10:58:31 +08:00
Daniel Jiang
422894a0f5 Remediate the empty subiss problem
This commit include 2 changes to mitigate and remediate the problem
described in #15241

1. When the token is to be updated in the "oidc_user" table, make sure
   only the column "token" will be udpated.
2. Restore the subiss column for the record that has this column cleared
   by mistake, by decoding the persisted token.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-07-16 00:07:47 +08:00
stonezdj(Daojun Zhang)
2fa530eefa
Merge pull request #15247 from stonezdj/21jun30_remove_auth_user
Delete users under auth_mode other than db_auth
2021-07-14 13:25:43 +08:00
孙世军
8fb76689ab
Update UI to support deleting OIDC users (#15305)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-07-13 15:28:53 +08:00
Wang Yan
f7a4401dcb
deprecate version 1 robot account (#15296)
1, deprecate support for version 1 robot support, the robotv1 cannot be used anymore.
2, reserve the /project/{id_or_name}/robots api.

After the PR, user cannot use the robotv1 to login, and do any interaction with Harbor,
but still can view & delete them with UI or API.

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-07-13 13:39:44 +08:00
Daniel Jiang
3e502ec9a4
Merge pull request #15196 from sixeIa/fix-basedn-empty
Add SearchDN error, mark field as required in UI
2021-07-12 12:32:52 +08:00
stonezdj
c163bc8317 Delete users under auth_mode other than db_auth
The following information should cleanup before delete user:
  Delete project member of this user.
  Delete oidc_user when auth_mode is oidc_auth.
  Fixes #8424
  It also removes the deleted user from project member and the deleted condition in the project member query for consistency
Signed-off-by: stonezdj <stonezdj@gmail.com>
2021-07-12 11:31:40 +08:00
stonezdj(Daojun Zhang)
7b84f4e137
Merge pull request #15270 from stonezdj/21jun05_fix_rest_int_parse_fail
Fix invalid syntax errors when int value is convert to scientific notation
2021-07-11 21:00:06 +08:00
Alexis L
2ce814329b
Merge branch 'goharbor:master' into fix-basedn-empty 2021-07-09 22:32:35 +02:00
Alexis
d6283ee913
Add SearchDN error, mark field as required in UI
Signed-off-by: Alexis <60alexis@gmail.com>
2021-07-09 22:30:52 +02:00
ChenYu Zhang
304aff33db
Merge pull request #15280 from chlins/fix/p2p-task-time-format
fix(p2p): adjust task time format
2021-07-09 16:29:09 +08:00
Wang Yan
248be37c3e
clean code of common util (#15287)
Remove the useless code from the common util

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-07-09 15:35:05 +08:00
Kevin Schu
03b7b01f77 reverted unintentional committed change
Signed-off-by: Kevin Schu <kevin.schu@aoe.com>
2021-07-08 15:43:14 +02:00
Kevin Schu
0679f4701e if username is not available in remote, fall back to username from token
Signed-off-by: Kevin Schu <kevin.schu@aoe.com>
2021-07-08 15:36:18 +02:00
Wang Yan
494d74d32d
bump up go version to 1.16 (#15286)
Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-07-08 16:25:15 +08:00
chlins
f93fc2aa0b fix(p2p): adjust task time format
Signed-off-by: chlins <chlins.zhang@gmail.com>
2021-07-07 21:39:46 +08:00
Wang Yan
b158086642
fix conformance failure (#15261)
fixes #15252

Give 404 for invalid digest when to get/head manifest

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-07-06 15:11:13 +08:00
stonezdj
41968091a2 Fix invalid syntax errors when int value is convert to scientific notation
Add parseInt function to parse the scientific notation

Signed-off-by: stonezdj <stonezdj@gmail.com>
2021-07-05 22:20:00 +08:00
Jiaolin Yang
ddb6619769
Merge pull request #15245 from ilyee/typo
Fix commentline typos in src/pkg/repository/model/model.go
2021-07-05 16:38:11 +08:00
Steven Zou
4ddaecdc3f
Merge pull request #15238 from chlins/fix/create-p2p-policy-permission
fix(p2p): fix p2p create policy permission
2021-07-05 11:04:28 +08:00
elihe
426f7bc7bc Fix commentline typos in src/pkg/repository/model/model.go
Signed-off-by: elihe <elihe@tencent.com>
2021-07-02 10:12:15 +08:00
孙世军
bb57264f11
Improve login page for OIDC (#15214)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-07-02 09:42:04 +08:00
Kevin Schu
4147fbeba0 subiss needs to be part of selected fields, otherwise this attribute would be empty and will cause issues when working with the user object later on.
Signed-off-by: Kevin Schu <kevin.schu@aoe.com>
2021-07-01 15:12:28 +02:00
Wang Yan
29ccdff766
add retry for blob & manifest deletion in GC (#15235)
Fixes #15197

To handle the blob & manifest deletion error, add 1 minute retry.

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-07-01 18:49:40 +08:00
chlins
f1456558db fix(p2p): fix p2p create policy permission
Signed-off-by: chlins <chlins.zhang@gmail.com>
2021-07-01 16:14:26 +08:00
stonezdj(Daojun Zhang)
4e1f6633af
Merge pull request #15229 from stonezdj/21jun28_update_swagger_search_group
Add ldap_group_dn parameter to search group with ldap group dn
2021-06-30 14:04:21 +08:00
孙世军
91f4d412f0
Improve i18n service (#15215)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-06-30 10:22:48 +08:00
孙世军
f902db9d85
Change quota unit to Mebibyte (#15220)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-06-30 10:22:32 +08:00
stonezdj
fcd2fbcfe7 Add ldap_group_dn parameter to search group with ldap group dn
Fixes #15171
 Cannot use q.Query because ldap_group_dn contains comma(,) and equal(=), which are reserved characters in q.Query

Signed-off-by: stonezdj <stonezdj@gmail.com>
2021-06-29 20:20:47 +08:00
孙世军
ff11cbafa1
Improve event log component (#15191)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-06-29 18:15:17 +08:00
Steven Zou
2a3b91a11a
Merge pull request #15217 from wy65701436/joblog-ref
refactor job log
2021-06-29 17:44:17 +08:00
stonezdj(Daojun Zhang)
08d47f471a
Move genyaml to cmd/swagger (#15062)
Signed-off-by: stonezdj <stonezdj@gmail.com>
2021-06-29 14:29:03 +08:00
Wang Yan
1abe978e87 refactor job log
Move job service logger to new program model

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-06-29 13:37:45 +08:00
Alexis L
573d97f15b
Add TiB support for display, fix unit to correct one (#15201)
* Add TiB support for display, fix unit to correct one

Signed-off-by: Alexis <60alexis@gmail.com>

* Fix unit test

Signed-off-by: Alexis <60alexis@gmail.com>
2021-06-29 10:40:30 +08:00
孙世军
b789674ada
Fix css bug for disabled checkbox (#15181)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-06-23 17:13:41 +08:00
孙世军
33301ec65e
Enhance swagger UI (#15168)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-06-23 16:28:14 +08:00
孙世军
0464305bcc
Bump up UI version to v2.4.0 (#15174)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-06-23 16:27:40 +08:00
Will Sun
410c5bcd78
Undate Angular to the latest version (#15129)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-06-16 16:39:10 +08:00
Wenkai Yin(尹文开)
4997eea4c6
Merge pull request #15124 from ywk253100/210610_rep
Add validation for destination namespace when creating/updating replication policy
2021-06-15 09:46:09 +08:00
Will Sun
47b7457378
Add validator to destination namespace input (#15120)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-06-11 11:58:43 +08:00
Wenkai Yin
9ebd517c7e Add validation for destination namespace when creating/updating replication policy
Add validation for destination namespace when creating/updating replication policy

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2021-06-10 22:16:05 +08:00
Wenkai Yin
c26e45efab Fix the concurrent pushing the same image issue
The transaction will be aborted when get errors during the execution which causes the following sqls report error.
This commit moves the re-getting artifact logic out of the second transaction to avoid the concurrent pushing issue

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2021-06-10 21:16:05 +08:00
Wenkai Yin(尹文开)
df000bd7fe
Merge pull request #15090 from heww/tag-for-scanning
fix: supply the latest tag of artifact to scan request
2021-06-09 14:00:44 +08:00
Steven Zou
cdfbe7b92b
Merge pull request #15084 from ywk253100/210608_dest_ns
Flattening repository path components excepting the last one
2021-06-09 13:36:41 +08:00
Will Sun
e774976811
Fix UI issues found in round-2 testing day (#15093)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-06-09 12:50:33 +08:00
He Weiwei
1b955cd28e fix: supply the latest tag of artifact to scan request
Closes #14416 #14299

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-06-08 10:11:10 +00:00
Wenkai Yin
120be22988 Flattening repository path components excepting the last one
Flattening repository path components excepting the last one in replication

Fixes #15072

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2021-06-08 15:39:45 +08:00
Will Sun
706de334d3
Optimize UI imports (#15042)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-06-07 10:06:06 +08:00
Wang Yan
8a0cd99473
fixes 13976 (#15047)
Fixes #13976 for the quota exceed case, gc will print the untagged blobs for dry-run

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-06-04 15:56:53 +08:00
Wang Yan
ea35e7b9ec
enable policy checker for head manifest request (#15056)
As from docker v20, the containerd leverages the cache when to pull a manifest, that leads to the
client doesn't send the get manifest request if the image exists in local.

The content trust and vul checker are only valid for get manifest request, the PR is to enable the checkers on
head manifest request to handle the containerd local cache scenario.

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-06-03 16:54:04 +08:00
Jiaolin Yang
a2992327be
Merge pull request #14919 from yunkunrao/master
Fix dragonfly preheat error.
2021-06-03 13:36:15 +08:00
Will Sun
c4f4e6e7e1
Fix critical CVEs for ui packages (#15030)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-06-02 09:54:05 +08:00
yunkunrao
af814a2af2 Code clean
Signed-off-by: yunkunrao <yunkunrao@gmail.com>
2021-06-01 23:13:03 +08:00
Wang Yan
2a1c9ec96a
update the log level of robot v1 context (#15037)
The robotv1 context uses the robot$ as a hardcoded prefix to identify robot account, it will raise error
for a valid robotv2 account with this prefix.

Update the log level to avoid the redundant logs for the default installation.

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-06-01 18:30:40 +08:00
He Weiwei
fec9f59a43 test: use mockery generated artifact Manager in tests
Closes #14284

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-06-01 04:00:08 +00:00
Will Sun
50b44e13d2
Fix ui issues found in testing day (#15015)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-05-31 18:58:58 +08:00
Wenkai Yin(尹文开)
6e649ac39f
Merge pull request #15014 from heww/move-scan-report-to-job
refactor: convert scan report in scan job
2021-05-31 15:55:31 +08:00
Wenkai Yin(尹文开)
f0e1ba4e1b
Merge pull request #15005 from ywk253100/210528_ns
Declare the capability of supported repository path component for registries
2021-05-31 15:53:40 +08:00
Daniel Jiang
238bea2066
Merge pull request #15010 from reasonerjt/v2auth-enhancement
Make v2auth more strict
2021-05-31 13:10:31 +08:00
Daniel Jiang
486554caa1
Merge pull request #15011 from reasonerjt/merge-slash-middleware
Add merge slash middleware
2021-05-31 13:09:39 +08:00
Wenkai Yin(尹文开)
4ed5fee681
Merge pull request #14949 from stonezdj/21may22_fallback_localregistry
Fall back to local registry when upstream registry is not working
2021-05-31 11:00:43 +08:00
ChenYu Zhang
04cd5f86dd
Merge pull request #14999 from chlins/fix/p2p-preheat-executions-time-format
fix: format p2p preheat execution start_time and end_time to standard…
2021-05-30 13:07:16 +08:00
He Weiwei
f6a1c31f9f refactor: convert scan report in scan job
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-05-29 12:19:36 +00:00
Daniel Jiang
f4ac81b710 Add merge slash middleware
There are code in the core component to conditionally execute code based
on the pattern of url path, and different ingress controller or reverse
proxy may handle the dup slashes in the url path differently.
This commit merge dup slashes in the url paths to make things more
consistent.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-05-28 17:24:48 +08:00
He Weiwei
c7a4af3170
test: mock the API requests for the huawei registry (#15009)
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-05-28 17:09:48 +08:00
Daniel Jiang
d3b8c613fd Make v2auth more strict
This commit enhances the v2auth middleware, such that any un-recognized
request sent to /v2/ will be blocked.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-05-28 16:41:48 +08:00
chlins
5833f5498c fix: format p2p preheat execution start_time and end_time to standard time format
Signed-off-by: chlins <chlins.zhang@gmail.com>
2021-05-28 13:05:01 +08:00
Wenkai Yin
741793a553 Declare the capability of supported repository path component for registries
Declare the capability of supported repository path component for registries

fixes #14981
fixes #14980

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2021-05-28 10:42:16 +08:00
Ziming Zhang
77b44a62e7 fix aws adapter url
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2021-05-27 23:29:12 +08:00
yunkunrao
82fd606f8f Update Unit Test.
Signed-off-by: yunkunrao <yunkunrao@gmail.com>
2021-05-27 18:50:47 +08:00
Eike David Lenz
a3e27ebb87
fix nil map assignment in gc handler (#14918)
Signed-off-by: Eike David Lenz <e.lenz@mittwald.de>
2021-05-26 10:46:11 +08:00
Daniel Jiang
12420ae31d
Merge pull request #14957 from stonezdj/21may24_update_configure
Change configurations in swagger.yaml make it more readable
2021-05-25 23:58:40 +08:00
Wang Yan
42a9d0d905
remove common project code (#14939)
move project model from common to pkg

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-05-25 11:01:19 +08:00
Will Sun
d88dcffa03
Remove redundant sorting code for list projects (#14956)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-05-25 10:24:44 +08:00
stonezdj
fe830ac4d2 Change configurations in swagger.yaml make it more readable
Update the genyaml to generate the configurations type
Add toCfgMap in config handler

Signed-off-by: stonezdj <stonezdj@gmail.com>
2021-05-24 19:13:55 +08:00
Wenkai Yin(尹文开)
544fa806fa
Set null list when or list is nil in query (#14941)
Set null list when or list is nil in query

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2021-05-24 16:22:39 +08:00
stonezdj
d7d26c0966 Fall back to local registry when upstream registry is not working
Fixes #14822
When upstream registry not working, but status might stay healthy because the health check interval is 5 minutes, if a pull request comes before registry status turns to unhealthy, the proxy cache middleware might proxy the request to the upstream registry and get a 401 error and this 401 error might translate to a http 500 error to the client eventually.

To solve this issue, it fall back all error to local registry when proxying manifest except the NotFoundError from the local registry.

Signed-off-by: stonezdj <stonezdj@gmail.com>
2021-05-24 14:29:05 +08:00
fanjiankong
306e519dbe Fix tencentcr adapter.
1. Limit API qps for the adapter.
2. Allow set qps via env.
3. Fix Tencnet SDK pagenation.
4. Fix resource filter.

Signed-off-by: fanjiankong <fanjiankong@tencent.com>
2021-05-24 10:33:49 +08:00
He Weiwei
a1ac9b98df
fix: delete robots by project id using raw sql (#14951)
QuerySeter.Delete will call two queies in the orm of beego. First it
will query all primary keys of the model by the QuerySeter, and then the
orm will delete the models using the IN statement of these primary keys.
This will be failed in the postgres when the records more than 65535.
This commit changes to use the raw query to delete the robots of the
project.

Closes #14678

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-05-24 10:31:48 +08:00
yunkunrao
fa8a0d09d6 Fix dragonfly preheat error.
Signed-off-by: yunkunrao <yunkunrao@gmail.com>
2021-05-23 17:50:54 +08:00
Will Sun
bea27a7da1
Improve scan all page (#14940)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-05-21 17:55:57 +08:00
Daniel Jiang
dee6064e60
Merge pull request #14926 from reasonerjt/rm-common-dao-oidc-user-onboard
Remove the onboard and update funcs for OIDC user from common/dao
2021-05-20 19:34:59 +08:00
Daniel Jiang
66766a8f69 Remove the onboard and update funcs for OIDC user from common/dao
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-05-20 16:23:07 +08:00
ChenYu Zhang
a50f782beb
fix: change sql to improve the performance of catalog api (#14820)
Signed-off-by: chlins <chlins.zhang@gmail.com>
2021-05-20 15:52:53 +08:00
Daniel Jiang
8600b06975
Merge pull request #14925 from ywk253100/210520_perf
Improve the performance of artifact related APIs
2021-05-20 14:10:45 +08:00
Daniel Jiang
5be0c6d35a
Merge pull request #14911 from reasonerjt/fix-14386
Use system configuration resource for permission checking
2021-05-20 14:05:06 +08:00
Wenkai Yin(尹文开)
9afeb90646
Merge pull request #14923 from reasonerjt/fix-14862
Fail with 401 for GET .../users/current/permissions
2021-05-20 14:02:32 +08:00
Wenkai Yin(尹文开)
0fe551274d
Merge pull request #14921 from ywk253100/210519_db
Clean up tech debt codes
2021-05-20 13:44:10 +08:00
Wenkai Yin(尹文开)
36d76d8704
Merge pull request #14912 from ywk253100/210518_bug
Truncate the string when deletinng the resources when the length exceeds the limit
2021-05-20 12:09:36 +08:00
Wenkai Yin
998e392bb4 Clean up tech debt codes
Clean up tech debt codes

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2021-05-20 11:47:46 +08:00
Wenkai Yin
dc059a9a8f Improve the performance of artifact related APIs
Improve the performance of artifact related APIs by adding indexes and refactoring sql logic

Closes #13890 #14813 #14814

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2021-05-20 11:25:43 +08:00
Wenkai Yin(尹文开)
08ed886936
Merge pull request #14914 from ywk253100/210518_registry
Update the field name of registry model
2021-05-19 17:20:12 +08:00
Daniel Jiang
93fe178dc3 Fail with 401 for GET .../users/current/permissions
fixes #14862

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-05-19 16:28:39 +08:00
Will Sun
1896df2cfb
Improve css style (#14909)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-05-19 12:49:38 +08:00
Daniel Jiang
294ee52d7a
Merge pull request #14900 from reasonerjt/rm-common-dao-getuser-onboard
Remove GetUser and Onboard from common/dao
2021-05-19 11:21:00 +08:00
He Weiwei
c6bd7b2ec2
ci: lint the swagger file (#14916)
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-05-19 10:36:09 +08:00
Daniel Jiang
4492e47e89
Merge pull request #14910 from reasonerjt/fix-oidc-callback-nil-pointer
Check user in security context before getting the ID
2021-05-18 23:35:46 +08:00
Wenkai Yin
315f490d3c Update the field name of registry model
Update the field name of registry mode

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2021-05-18 17:26:20 +08:00
Wenkai Yin
5ebc8b4fdd Truncate the string when deletinng the resources when the length exceeds the limit
Truncate the string when deletinng the resources when the length exceeds the limit

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2021-05-18 17:17:41 +08:00
Daniel Jiang
c41d75fb31 Use system configuration resource for permission checking
This commit uses system configuration resource for permission check
against API to ping OIDC and update systen CVE allowlist.
Fixes #14386

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-05-18 16:06:58 +08:00
Daniel Jiang
952644e23f Remove GetUser and Onboard from common/dao
Replaced by funcs in src/pkg/user and src/controller/user

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-05-18 15:28:41 +08:00
Daniel Jiang
ebe5733f27 Check user in security context before getting the ID
This commit fix a potential nil pointer issue when trying to read User
ID from security context

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-05-18 14:54:58 +08:00
He Weiwei
0c315d8aee
refactor: remove allowlist in GetSummary of scan controller (#14836)
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-05-18 14:01:59 +08:00
Vadim Bauer
1a3335edc5
Provide information about missing RBAC permissions in debug mode. (#14906)
Signed-off-by: Vadim Bauer <vb@container-registry.com>

Co-authored-by: Vadim Bauer <vb@container-registry.com>
2021-05-18 10:02:34 +08:00
Wenkai Yin(尹文开)
aaff28f6ff
Merge pull request #14843 from ninjadq/fix_webhook_parse_chartname
Fix webhook parse chartname panic
2021-05-18 09:30:22 +08:00
Will Sun
0a8ff4c1f9
Update project summary page (#14874)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-05-17 10:39:33 +08:00
Wenkai Yin(尹文开)
e553cbe795
Merge pull request #14887 from wy65701436/golang-15
bump up go to v1.15.12
2021-05-17 10:32:19 +08:00
Will Sun
ba68f16b8d
Support searching quota by project name (#14881)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-05-17 09:46:24 +08:00
He Weiwei
7fb1bc538c
refactor: remove unused core/api/models pkg (#14882)
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-05-14 17:15:44 +08:00
Wang Yan
0fb520a33b bump up go to v1.15.12
Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-05-14 15:36:23 +08:00
He Weiwei
6f3607cebd
perf: cache the metadata of the scanner (#14879)
1. Cache the metadata of scanner 30s.
2. Change the scanner client request timeout to 5s.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-05-14 14:27:37 +08:00
Ziming
1665dbcbc8
fix(retention) add delete retention API (#14747)
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2021-05-14 14:15:42 +08:00
Daniel Jiang
35c9a98272
Merge pull request #14875 from heww/fix-scan-all
fix: using new ctx to scan artifact when scanAll
2021-05-14 12:56:10 +08:00
He Weiwei
eed91dab45
fix: requires authn for apis of project scanner (#14880)
Closes #14863

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-05-14 11:27:23 +08:00
He Weiwei
f800d531ec fix: using new ctx to scan artifact when scanAll
DB transaction failure may break the loop query of the artifacts, the
result is that not all artifacts are scanned in one scan all job. Using
a new DB connection to call the Scan method of the controller to avoid
this problem.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-05-13 12:33:10 +00:00
Daniel Jiang
fa46b0d736
Merge pull request #14095 from jsoref/tokens
Tokens
2021-05-13 13:25:58 +08:00
Wang Yan
ad9569da26
refactor preheat model (#14858)
Move the notification to preheat models

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-05-12 22:29:01 +08:00
DQ
2583107446 Fix panic issue when there are '--' in chart name
let webhook get name function consistent with chartmuseum

Signed-off-by: DQ <dengq@vmware.com>
2021-05-12 14:11:57 +00:00
Qian Deng
17dd48e5a3
Merge pull request #14854 from ninjadq/upgrade_helm_chart
Upgrade helm chart
2021-05-12 19:33:03 +08:00
stonezdj(Daojun Zhang)
0dfc801a50
Error string should not be capitalized (#14840)
Signed-off-by: stonezdj <stonezdj@gmail.com>
2021-05-12 16:53:37 +08:00
Wenkai Yin
c04f3a2aac Fix duplicate execution record issue
When the core service cannot response the checkin request in time, duplicated execution records may be created, this commit introduces the revision column to make sure there is only one record for one schedule trigger

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2021-05-12 15:40:52 +08:00
Moshe Immerman
d1b553fd3a
feat: add ORM_DEBUG env option (#14709)
Signed-off-by: Moshe Immerman <moshe@flanksource.com>
2021-05-12 10:56:30 +08:00
Daniel Jiang
bd9a1c6722
Merge pull request #14829 from reasonerjt/user-common-dao-cleanup
Move user related funcs from common/dao
2021-05-12 10:56:18 +08:00
Will Sun
eec3619df1
UI enhancement for replication namespace (#14818)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-05-12 10:11:04 +08:00
stonezdj(Daojun Zhang)
a6d92ca807
Merge pull request #14777 from stonezdj/21apr15_declarative_config
Implement declarative configure feature
2021-05-12 09:21:57 +08:00
Daniel Jiang
6d0e391740 Move user related funcs from common/dao
This commit moves more user related funcs, such as ChangePassword,
Login, ChangeUserProfile from common/dao to rely on /pkg/user and
pkg/oidc.
It also removes the code for resetting user's password as it's disabled.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-05-12 01:12:57 +08:00
Wang Yan
b714baae87
fixes immutable rule issue (#14849)
fixes #14568

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-05-11 23:28:03 +08:00
DQ
9a974d2b2c Upgrade Helm Client Version
From version 3.1.1 to 3.4.2

Signed-off-by: DQ <dengq@vmware.com>
2021-05-11 13:51:55 +00:00
stonezdj
3825220ca6 Implement declarative configure feature
Add env CONFIG_OVERWRITE_JSON for declarative config
Init config with the json in CONFIG_OVERWRITE_JSON in main.go

Signed-off-by: stonezdj <stonezdj@gmail.com>
2021-05-11 20:58:19 +08:00
He Weiwei
0d7250f83d
perf: skip db tx for get, head and options api requests (#14837)
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-05-11 10:54:15 +08:00
Wenkai Yin(尹文开)
e006f4bab5
Support specifying multiple fields for default sorting (#14788)
Support specifying multiple fields for default sorting
Fixes #14433

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2021-05-10 17:04:10 +08:00
Will Sun
3322716bc6
Update storage display (#14807)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-05-07 11:15:13 +08:00
Daniel Jiang
8fa45a5338 Bump up go-oidc to v3
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-05-06 16:07:16 +08:00
Daniel Jiang
a66809cf85
Remove register and userexists funcs from dao pkg (#14798)
This commit replaces them with funcs with user pkg

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-05-05 17:55:56 +08:00
Wenkai Yin(尹文开)
f8171cdf6e
Merge pull request #14783 from reasonerjt/clean-common-dao-user
Clean up user related funcs in common/dao
2021-04-30 14:10:38 +08:00
stonezdj(Daojun Zhang)
8f16831c75
Merge pull request #14717 from stonezdj/21pr16_verify_ldap_group_settings
Add the ldap group config validation
2021-04-30 10:19:43 +08:00
stonezdj
9010eeb832 Add the ldap group config validation
When ldap_group_search_filter is set, check other required fields
When ldap_group_search_filter is empty, skip to attach group

Signed-off-by: stonezdj <stonezdj@gmail.com>
2021-04-29 22:11:38 +08:00
Daniel Jiang
01858e3d71 Clean up user related funcs in common/dao
This commit remove some funcs from package `common/dao/user` that can be
covered by the manager in `pkg/user`.

Ideally all funcs should be replaced but the dependency relationships
are tricky for some of them I'll push other commit to clean them up.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-04-29 18:08:16 +08:00
Will Sun
7642519bf4
Use standard query to search projects by name (#14778)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2021-04-29 16:29:24 +08:00
Daniel Jiang
c2ab1769b3
Merge pull request #14768 from reasonerjt/fix-14711
Return 401 for GET request to /v2 API for public artifacts.
2021-04-29 15:23:45 +08:00
Wang Yan
1dd3b9fd82
add storage consumption support (#14772)
Return the total storage consumption in the statistic API

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-04-29 12:36:25 +08:00
Wang Yan
f3260fdad1
move blob models (#14776)
1, move project_blob into pkg
2, move artifact_blob into pkg

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-04-29 12:36:08 +08:00
Wenkai Yin(尹文开)
9bbffa06db
Merge pull request #14662 from ywk253100/210413_dest_ns
Refactor the replication policy destination namespace logic
2021-04-29 11:18:43 +08:00
Wenkai Yin(尹文开)
30664995c7
Merge pull request #14762 from ywk253100/210427_task_not_found_master
Read upstream job ID as ID when it isn't null
2021-04-29 10:58:48 +08:00
Wang Yan
a08709b50d
deprecate read only GC job (#14773)
After refactor GC, the way to trigger read only GC job has been deprecated, remove the code.

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-04-29 10:34:13 +08:00