This commit revoke part of the change introduced in commit #1fc4142, by
calling chown to job log directory within the container when the job
service bootstraps. The reason is we are seeing permission issue in
helm-chart deployment, and we want to reduce effort to handle the
permission on different deployment approaches.
There are some code in `prepare` script to change the ownership of the
JOB_LOG directory, it will be left for now to avoid regression in VIC
integration.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
1. Update the nginx.conf
2. Update Makefile
3. Update docker-compose
4. Update image name
5. Rename folder ui to core
6. Change the harbor-ui's package name to core
7. Remove unused static file on harbor-core
8. Remove unused code for harbor-portal
Signed-off-by: Qian Deng <dengq@vmware.com>
The sslmode of the connection with postgresql is hardcoded as "disable" currently, this commit expose it as an environment variable so that users can configure it
Signed-off-by: Wenkai Yin <yinw@vmware.com>
The PR to fix the Alpine issue has been merged to Clair's release-2.0
branch, and released v2.0.5.
This commit updates Harbor to include that change and re-enable
Clair's updaters by default.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
Move the notary-server and notary signer into ./notary/release-${notaryversion} as this will not impact the
release branches, the binaries in ./notary are v0.5.1.
Signed-off-by: wang yan <wangyan@vmware.com>
Set the updater interval to "0" to mitigate the impact of Apline URL
change that cause clair keep polling vuln data.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
The VOLUME definition in Dockerfile of chart museum will mount a volume automatically by docker if no specific volume is provided.
Signed-off-by: Wenkai Yin <yinw@vmware.com>
In some user's environment, there's local object storage hosted with
self-signed certificate.
Because registry process runs in a photon container, it has to trust
the certificate in the photon level such that the registry can access
the storage service.
This commit updates the registry image to append custom cert to the root
bundle when the container is started. And make the customer cert
configurable in `harbor.cfg`
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
Add clean registry cache to gc job
To workaround the issue: https://github.com/docker/distribution/issues/2094
GC needs to clean cache before to call the docker reigstry api to delete blobs.
Otherwise, the following docker push will not be performed as docker registry
does not clean cache in GC, it thinks the image is still there, and the new
blobs will be uploaded.
After UI compilling should unlink harbor-ui.
Because it create a link with root user in container that will cause permission issues next time you want to aceess this file.
Root cause: Use default 'now'::timestamp will not generate timestamp for each transaction,
PG will convert now to a timestamp as soon as the constant is parsed. To fix it, update it
to defult CURRENT_TIMESTAMP, thie setting is the same as default now(), which returns the
start time of current transaction because ther are fuction calls, hey will give the desired
behavior of defaulting to the time of row insertion.
Reference: https://www.postgresql.org/docs/9.6/static/functions-datetime.html#FUNCTIONS-DATETIME-CURRENT
PG version: 9.6.9
In 1.6, there will be only one DB process in the default deployment.
The migrator will try to handle the setting by "guessing" whether Harbor
was pointed to external DB.
Verified 1.5->1.6 and 1.4->1.6 migration.
When proxy is set for Clair, there may be issue when Clair pulls image
from the registryif the `no_proxy` attribute is not updated. This
commit adds `registry` to the default setting.
