Daniel Jiang
d0152cb446
Merge pull request #13872 from reasonerjt/token-scope
...
Refine the token scope generation
2021-01-04 11:16:59 +08:00
Wang Yan
0271efd3f7
enable visible when to list/create robot ( #13840 )
...
1, enable the visible attribute when to create/list robots
2, rename package name from robot2 to robot
Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-01-04 10:24:31 +08:00
Daniel Jiang
eb75123638
Refine the token scope generation
...
This commit directly maps the actoin permission in security context to
the scope generated by the token service in harbor-core.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-01-03 23:12:04 +08:00
Daniel Pacak
bd46af691c
chore(trivy): Bump up Trivy scanner adapter to v0.17.0 ( #13639 )
...
The adapter implements Pluggable Scanners API v1.1
and ships with Trivy v0.14.0.
There's also a tiny change in the way Trivy settings
are displayed in the scanner metadata response, i.e.
instead of com.github.aquasecurity.trivy.debugMode
it prints env.SCANNER_TRIVY_DEBUG_MODE. It makes it
explicit which env is use to set this parameter.
Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
2020-12-25 15:34:00 +08:00
Wenkai Yin(尹文开)
19ad8ad68d
Merge pull request #13823 from reasonerjt/inst-cert-home-dir
...
Replace tilde in install_cert.sh
2020-12-25 10:25:51 +08:00
prahaladdarkin
a890b28e1e
Store vulnerability data from scanner into a relational format ( #13616 )
...
feat: Store vulnerability report from scanner into a relational format
Convert vulnerability report JSON obtained from scanner into a relational format describe in:https://github.com/goharbor/community/pull/145
Signed-off-by: prahaladdarkin <prahaladd@vmware.com>
2020-12-25 08:47:46 +08:00
Wang Yan
47841a04b9
fix quota cannot be updated after gc ( #13844 )
...
Signed-off-by: Wang Yan <wangyan@vmware.com>
2020-12-24 20:10:57 +08:00
Will Sun
75da08303a
Improve scan all page
...
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-12-24 17:36:03 +08:00
Wenkai Yin
923a538570
Provide the function to update extra attributes in the task manager
...
Provide the function to update extra attributes in the task manager
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-12-24 15:52:37 +08:00
He Weiwei
7b4c4b76e7
feat: add trigger to the metrics of the scan all job ( #13838 )
...
Add the trigger to the metrics of the scan all job so that the customer
can know who trigger the latest scan all job.
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-12-24 14:30:43 +08:00
Wang Yan
7a8a8fa104
upgrade go version to v1.15.6 ( #13836 )
...
Signed-off-by: wang yan <wangyan@vmware.com>
2020-12-23 18:53:09 +08:00
Wenkai Yin(尹文开)
d32a243508
Use the same transaction to remove the schedule to avoid dead lock in database ( #13820 )
...
Use the same transaction to remove the schedule to avoid dead lock in database
Fixes #13808
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-12-23 15:37:51 +08:00
Will Sun
28734d7ac4
Fix a save button bug on system setting page ( #13830 )
...
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-12-23 13:00:45 +08:00
Daniel Jiang
c660727877
Merge pull request #13800 from reasonerjt/authproxy-redirect
...
Add handler to handle redirect via authproxy
2020-12-23 03:00:18 +08:00
stonezdj(Daojun Zhang)
bc0b6b43ed
Merge pull request #13791 from reasonerjt/oidc-redirect-extra-parm
...
Add extra parms when forming redirect URI for OIDC
2020-12-22 21:45:53 +08:00
Daniel Jiang
7321e3547d
Add handler to handle redirect via authproxy
...
This commit add a handler to handle the request to
"/c/authproxy/redirect". Harbor is configured to authenticate against
an authproxy, if a request with query string `?token=xxxx`
is sent to this URI, the handler will do tokenreview according to the
setting of authproxy and simulate a `login` workflow based on the result
of token review.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-12-22 18:59:17 +08:00
He Weiwei
3831e82b20
refactor: remove code of admin job ( #13819 )
...
Remove code of admin job as it's not needed by scan all/gc now.
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-12-22 11:48:16 +08:00
He Weiwei
8fa03e3739
refactor: remove code of scan all job ( #13821 )
...
Remove code of scan all job as it's implemented by execution now.
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-12-22 11:39:18 +08:00
Daniel Jiang
9d99dfa82b
Replace tilde in install_cert.sh
...
This commit fixes #13287 to remove the usage of tilde as the $HOME is not available in some
cases. More details see #13287
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-12-21 20:39:34 +08:00
Wenkai Yin(尹文开)
53c8ad8228
Merge pull request #13813 from heww/scan-all-apis
...
refactor(api): move scan all apis to go-swagger
2020-12-21 16:40:09 +08:00
fanjiankong
1b93a9f4b0
Remove some TCR UT Case
...
Signed-off-by: fanjiankong <fanjiankong@tencent.com>
2020-12-21 16:24:46 +08:00
Qian Deng
31138f12b0
Merge pull request #13806 from ninjadq/fix_python_yaml_load
...
Fix pythom yaml load to safe_load
2020-12-21 16:04:12 +08:00
Will Sun
86e1732b16
Merge pull request #13817 from AllForNothing/filter
...
Fix filter bug for replication tasks page
2020-12-21 16:02:39 +08:00
Qian Deng
9197471e70
Add Scan for internal tls ( #13810 )
...
Signed-off-by: DQ <dengq@vmware.com>
2020-12-21 15:23:11 +08:00
AllForNothing
b749ba4e54
Fix filter bug for replication tasks page
...
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-12-21 15:11:35 +08:00
He Weiwei
ce6ed3eeb7
refactor(api): move scan all apis to go-swagger
...
Move scan all APIs from beego to go-swagger.
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-12-21 02:17:02 +00:00
Wang Yan
9bc6f3cee4
fix robot account update issue ( #13741 )
...
* fix robot account update issue
enable the update method to support both v1 & v2 robot update
Signed-off-by: Wang Yan <wangyan@vmware.com>
* resolve review comments
Signed-off-by: Wang Yan <wangyan@vmware.com>
2020-12-18 20:01:26 +08:00
danfengliu
045f0aab45
Merge pull request #13750 from danfengliu/add-py-test-for-scan-manifest-list
...
Add py-test for scan manifest list and CNAB bundle
2020-12-18 17:34:41 +08:00
danfengliu
4f0842bd23
Add py-test for scan manifest list and CNAB bundle
...
Due to complicate logic of scan report in multi-level artifacts, should add scan tests
for into manifest list and CNAB bundle python test suit.
Signed-off-by: danfengliu <danfengl@vmware.com>
2020-12-18 16:37:53 +08:00
Wang Yan
6bc1047013
migration admin job data ( #13766 )
...
1, migrate gc and scan all schedule to schedule/task/exectuion
2, migrate gc history to task/execution
Signed-off-by: Wang Yan <wangyan@vmware.com>
2020-12-18 16:35:24 +08:00
Will Sun
4392a626f3
Merge pull request #13804 from AllForNothing/scan-all
...
Fix robot account UI issues
2020-12-18 15:48:26 +08:00
Wang Yan
e9797d7c16
fix gc log not found issue ( #13790 )
...
It needs to use the execution ID to get task firstly and then use the required task id to query GC log
Signed-off-by: Wang Yan <wangyan@vmware.com>
2020-12-18 14:50:50 +08:00
Qian Deng
64fcfeaa2f
Merge pull request #13754 from ninjadq/fix_loglevel_parsing_for_registry
...
Fix log level issue in registry
2020-12-18 14:47:15 +08:00
AllForNothing
b20cc474b3
Fix robot account UI issues
...
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-12-18 14:11:08 +08:00
stonezdj(Daojun Zhang)
98f3c5d452
Merge pull request #13803 from stonezdj/201212_revert_add_contenttype
...
Revert "Add content type and length in header"
2020-12-18 13:22:30 +08:00
stonezdj
3334defd92
Revert "fix issue"
...
This reverts commit e6f80259
This reverts commit 918fe125
Signed-off-by: stonezdj <stonezdj@gmail.com>
Revert "Add content type and length in header"
This reverts commit ca379111
Signed-off-by: stonezdj <stonezdj@gmail.com>
2020-12-18 12:35:39 +08:00
stonezdj(Daojun Zhang)
05f327cfbd
Merge pull request #13751 from stonezdj/201211_add_content_type_length
...
Add content type and length in header
2020-12-17 18:19:38 +08:00
Wang Yan
dfe678457f
fixes robot account list permission issue ( #13792 )
...
fixes #13786 , do not add the removed project into the permission list of a system level robot account.
Signed-off-by: Wang Yan <wangyan@vmware.com>
2020-12-17 17:50:14 +08:00
He Weiwei
792dcc4ac3
fix(scan): returns 400 when artifact not support by scanner ( #13785 )
...
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-12-17 16:58:49 +08:00
stonezdj
e6f80259f7
fix issue
...
Signed-off-by: stonezdj <stonezdj@gmail.com>
2020-12-17 16:33:17 +08:00
He Weiwei
164acad24f
build: add cleanbaseimage target in Makefile ( #13777 )
...
Add cleanbaseimage target in Makefile, and append it to the dependencies
of the cleanall target.
Closes #13602
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-12-17 16:18:12 +08:00
stonezdj
918fe125b7
fix issue
...
Signed-off-by: stonezdj <stonezdj@gmail.com>
2020-12-17 16:17:56 +08:00
stonezdj
ca37911113
Add content type and length in header
...
Fixes #13740
Update ManifestExist to return Descriptor instead of digest
Signed-off-by: stonezdj <stonezdj@gmail.com>
2020-12-17 15:42:49 +08:00
Daniel Jiang
bc2a161f13
Merge pull request #13789 from heww/fix-codeql-errors
...
fix: fix errors detected by codeql
2020-12-17 15:16:51 +08:00
He Weiwei
18b850782e
fix: fix errors detected by codeql
...
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-12-17 06:15:34 +00:00
Daniel Jiang
c1c55d0cee
Add extra parms when forming redirect URI for OIDC
...
Fixes #13092
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-12-16 19:41:13 +08:00
DQ
234b29e170
Fix pythom yaml load to safe_load
...
Signed-off-by: DQ <dengq@vmware.com>
2020-12-16 14:59:06 +08:00
Daniel Jiang
b0c8cadad7
Add default CVE allowlist to project library ( #13770 )
...
fixes #12700
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-12-16 14:20:56 +08:00
Daniel Jiang
3b04d2f8f5
Escape the values to contains
operator in dao packages ( #13774 )
...
fixes #13018
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-12-16 14:19:20 +08:00
Will Sun
488d802a2b
Merge pull request #13768 from AllForNothing/permission-list
...
Add new permissions to robot account
2020-12-16 13:30:24 +08:00