feat: upgrade golang-runtime from 1.19.3 to 1.21.4; upgrade golangci-lint version to v1.51.2; upgrade MOCKERY_VERSION to v2.22.1; fix mock issue
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
refactor: migrate the redis command keys to scan
Refine the cache interface, migrate the Keys to Scan, change the redis
underlying keys command to scan.
Signed-off-by: chlins <chenyuzh@vmware.com>
fix: improve the performance of list artifacts
1. Change the query for listing tasks of scan which can use the db
index.
2. Add the gin index for task.extra_attrs.report_uuids
Fixes: #18013
Signed-off-by: chlins <chenyuzh@vmware.com>
fix: resolve the oidc or ldap group user cannot export cve
Remove the project filter in the scan data export job as they have been
validated by API handler, fix the oidc or ldap group users cannot export
cve.
Fixes: #18112
Signed-off-by: chlins <chenyuzh@vmware.com>
Add queue manager and redis client
Update scheduler to add count and list
Signed-off-by: stonezdj <daojunz@vmware.com>
Signed-off-by: stonezdj <daojunz@vmware.com>
Add REST API to list job pool, worker, stop running task
Add jobservice handler to retrieve configuration
Add RBAC for jobservice monitoring dashboard
Add REST API to list pool, worker and stop running task
Signed-off-by: stonezdj <stonezdj@gmail.com>
Signed-off-by: stonezdj <stonezdj@gmail.com>
1. Add sql migration to alter replication policy table
2. Implement the PullBlobChunk and PushBlobChunk for the underlying v2 registry client
3. Update image transfer logic to support copy by chunk
4. Update the replication policy API handler
Signed-off-by: chlins <chenyuzh@vmware.com>
1. Refact the scan export FilterProcessor interface
2. Optmize the sql template for export cve report
3. Update the process of cve export job
Signed-off-by: chlins <chenyuzh@vmware.com>
fix: fix cache layer issues (#16995,#16997,#16996,#17038)
1. Load config and initialize cache layer in jobservice(for GC)
2. Cache artifact by digest the key should contains repository name
3. Repository cache cleanup error when update
4. Skip save cache when request ctx in transaction
Signed-off-by: chlins <chenyuzh@vmware.com>
Fixes#16269, exclude the admin account by default
Add excludeDefaultAdmin method -- exclude default admin by option
Update authModeCanBeModified method -- the user count should be 0 without admin
Signed-off-by: stonezdj <stonezdj@gmail.com>
Implement cache layer for resource manifest, it will read manifest
from cache instead of proxying to distribution if enabled.
Signed-off-by: chlins <chenyuzh@vmware.com>
Implement cache layer for resource artifact and define common
cache manager and workflow. Also add cache related options to
configuration yaml.
Signed-off-by: chlins <chenyuzh@vmware.com>
fixes#15332, for the dry run mode, gc job should not remove the untagged candidates.
To fix it, use the simulate untagged artifact deletion for dry-run.
Signed-off-by: Wang Yan <wangyan@vmware.com>
Define user.Email as sql.NullString to avoid unique constraint when email is empty in LDAP/OIDC
Separate the common/models/User with the pkg/user/dao/User
Fixes#10400
Signed-off-by: stonezdj <stonezdj@gmail.com>
1, for admin only, the system level robot should contains the project creation access.
2, for not admin only, the system level robot can create project.
3, for the project that created by system level robot, use the admin ID as the ownerID.
No path for project level robot to create project.
Signed-off-by: wang yan <wangyan@vmware.com>
The API is desiged for read-only gc job, as the read only gc has already deprecated, remove this api accordingly.
Signed-off-by: Wang Yan <wangyan@vmware.com>
The following information should cleanup before delete user:
Delete project member of this user.
Delete oidc_user when auth_mode is oidc_auth.
Fixes#8424
It also removes the deleted user from project member and the deleted condition in the project member query for consistency
Signed-off-by: stonezdj <stonezdj@gmail.com>
