* registryctl/api/registry/blob: fix dropped test error (#19721)
Signed-off-by: Lars Lehtonen <lars.lehtonen@gmail.com>
* Remove robot account update quota permission (#19819)
Signed-off-by: Yang Jiao <yang.jiao@broadcom.com>
Co-authored-by: Yang Jiao <yang.jiao@broadcom.com>
* Cache image list with digest key (#19801)
fixes#19429
Signed-off-by: stonezdj <daojunz@vmware.com>
Co-authored-by: stonezdj <daojunz@vmware.com>
* Add quota permissions testcase (#19822)
Signed-off-by: Yang Jiao <yang.jiao@broadcom.com>
Co-authored-by: Yang Jiao <yang.jiao@broadcom.com>
* deprecate gosec in makefile (#19828)
remove the unused the part from makefile
Signed-off-by: wang yan <wangyan@vmware.com>
* Add verification that robot account duration is not 0 (#19829)
Signed-off-by: Yang Jiao <yang.jiao@broadcom.com>
* fix artifact page bug (#19807)
* fix artifact page bug
* update testcase
* Upgrade to distribution (registry) v3 alpha
This includes all the benefits of the v3 distribution, but also all breaking changes.
Most notably, Image Manifest v2 Schema v1 support has been dropped, as well as the `oss` and `swift` storage drivers.
Currently, this still relies on v2's github.com/docker/distribution/registry/client/auth/challenge, because that code has been removed from the public API in v3.
Signed-off-by: Aaron Dewes <aaron.dewes@protonmail.com>
---------
Signed-off-by: Lars Lehtonen <lars.lehtonen@gmail.com>
Signed-off-by: Yang Jiao <yang.jiao@broadcom.com>
Signed-off-by: stonezdj <daojunz@vmware.com>
Signed-off-by: wang yan <wangyan@vmware.com>
Signed-off-by: Aaron Dewes <aaron.dewes@protonmail.com>
Co-authored-by: Lars Lehtonen <lars.lehtonen@gmail.com>
Co-authored-by: Yang Jiao <72076317+YangJiao0817@users.noreply.github.com>
Co-authored-by: Yang Jiao <yang.jiao@broadcom.com>
Co-authored-by: stonezdj(Daojun Zhang) <stonezdj@gmail.com>
Co-authored-by: stonezdj <daojunz@vmware.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
Co-authored-by: ShengqiWang <124650040+ShengqiWang@users.noreply.github.com>
1. Change some logs level to reduce the noise.
2. Wrap the go-redis.Nil error as ErrNotFound to avoid confusing
Signed-off-by: chlins <chenyuzh@vmware.com>
Since harbor deprecates notary since v2.9.0, this pull request targets to remove the code related with notary.
Signed-off-by: Wang Yan <wangyan@vmware.com>
1, add fitler artifactType to header when the api is called with filter
2, give an empty json body on non aritfact scenario
3, give an empty array on non accessory scenario
4, fix the artifact type filter issue
Signed-off-by: Wang Yan <wangyan@vmware.com>
As for the distribution spec 1.1, it supports client to push an manifest with subject field. By leverging this fidle, harbor could build up the linkage between the subject artifact and it's accessories.
Signed-off-by: wang yan <wangyan@vmware.com>
This commit replaces `os.Setenv` with `t.Setenv` in tests. The
environment variable is automatically restored to its original value
when the test and all its subtests complete.
Reference: https://pkg.go.dev/testing#T.Setenv
Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
Implement cache layer for resource manifest, it will read manifest
from cache instead of proxying to distribution if enabled.
Signed-off-by: chlins <chenyuzh@vmware.com>
* Refactor common http GetTransport function signature
* Remove redendent GetHTTPTransport and similar functions
* Update Authorized function signature to meet new HTTPTransport
* Add trace for default Transport
Signed-off-by: Qian Deng <dengq@vmware.com>
As from docker v20, the containerd leverages the cache when to pull a manifest, that leads to the
client doesn't send the get manifest request if the image exists in local.
The content trust and vul checker are only valid for get manifest request, the PR is to enable the checkers on
head manifest request to handle the containerd local cache scenario.
Signed-off-by: Wang Yan <wangyan@vmware.com>
Changes include:
1. Move core/config to controller/config
2. Change the job_service and gcreadonly to depends on lib/config instead of core/config
3. Move the config related dao, manager and driver to pkg/config
4. Adjust the invocation of the config API, most of then should provide a context parameter, when accessing system config, you can call it with background context, when accessing user config, the context should provide orm.Context
Signed-off-by: stonezdj <stonezdj@gmail.com>
1. Add operation id in ctx in baseapi before prepare
2. add operation id for registry proxy request
3. use url for other request
Signed-off-by: DQ <dengq@vmware.com>
Return 403 when trying to push artifacts into the proxy cache project to avoid the retrying in the docker client
fixes#12731
Signed-off-by: Wenkai Yin <yinw@vmware.com>
* move send error to source lib
Move the sendError into library in case the cycle dependency as regsitry and core are now the consumers.
Signed-off-by: wang yan <wangyan@vmware.com>
The v2 catalog API needs to filter out the empty repository and the repository which artifacts are all with no tags.
1,In v2.0.0, Harbor does not delete repository even there is no artifact, it's different with v1.10.0
2, Compares with docker distribution, it doesn't return the respository with untagged images.
Signed-off-by: wang yan <wangyan@vmware.com>