* add stop sbom scanning API
1. [UI] support to stop sbom scanning #20200
2. add type for stop scanning api, make it able to support both vulnerability and sbom.
3. refactor the db query to support multiple extra attributes.
Signed-off-by: wang yan <wangyan@vmware.com>
Signed-off-by: xuelichao <xuel@vmware.com>
Co-authored-by: xuelichao <xuel@vmware.com>
* add permission validation for robot creating and updating.
It is not allowed to create an new robot with the access outside the predefined scope.
Signed-off-by: wang yan <wangyan@vmware.com>
* Fix robot testcase and update robot permission metadata (#167)
1. Fix robot testcase
2. update robot permission metadata
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
Signed-off-by: wang yan <wangyan@vmware.com>
---------
Signed-off-by: wang yan <wangyan@vmware.com>
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
Co-authored-by: Yang Jiao <72076317+YangJiao0817@users.noreply.github.com>
1. Update containerd version to 1.7.1
2. Update docker compose version to 2.18.1
3. Update helm version to 3.12.0
4. Update ORAS version to 1.0.0
5. Update CNAB version to 0.4.0
6. Update imgpkg version to 0.36.2
7. Update cosign version to 2.0.2
8. Update docker version to 24.0.2
9. Update chromedriver version to 114.0.5735.16
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
Refactor the logic for updating the status of execution when receiving
the hook from jobservice, avoid the optimistic lock due to the multiple
tasks update one execution by refreshing the status asynchronously. But
still retain the old way by specifying the flag from ENV.
Fixes: #17584
Signed-off-by: chlins <chenyuzh@vmware.com>
refactor: refactor the old goroutine execution sweep to global execution sweep job
1. Delete the old goroutine execution sweeper when create execution.(in the case of high concurrency can cause goroutine backlogs, affect the performance of core)
2. Introduce the new way to sweep executions, a global scheduled job will take the work.
Signed-off-by: chlins <chenyuzh@vmware.com>
Fixes#18121
Refactor job name with VendorType prefix, make sure job queue name and vendor type in execution and task are identical
Signed-off-by: stonezdj <daojunz@vmware.com>
Added test cases for the following APIs:
1. GET /jobservice/pools/{pool_id}/workers Get workers
2. PUT /jobservice/jobs/{job_id} Stop running jc
3. PUT /jobservice/queues/{job_type} stop and clean, pause, resume pending jobs in the queue
4. GET /jobservice/queues list job queues
5. GET /jobservice/pools Get worker pools
6. GET /schedules List schedules
7. GET /schedules/{job_type}/paused Get scheduler paused status
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
1. Skip to push system artifact to the distribution when the exported CSV file is empty.
2. Add status message for cve export execution.
Signed-off-by: chlins <chenyuzh@vmware.com>
1. Update ubuntu version to 20.04
2. Update containerd version to 1.6.9
3. Update docker-compose version to 2.12.2
4. Update helm version to 3.10.1
5. Update ORAS version to 0.16.0
6. Update CNAB version to 0.3.7
7. Update imgpkg version to 0.33.0
8. Update cosign version to 1.13.1
9. Remove singularity
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
1. Add export scan data API test case
2. Add get scan data export execution list test case
3. Add get scan data export execution test case
4. Add download scan data test case
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
Signed-off-by: Yang Jiao <jiaoya@vmware.com>