Commit Graph

8850 Commits

Author SHA1 Message Date
He Weiwei
e3c5c37668
fix(scan): assign repository pull access policy to robot account when scan artifact (#11109)
The v2auth middleware will check whether the requestor  has the pull or
push permissions for the repository, and forbid the request when the
requestor does not have the permission.  We need to assign repository
pulling permission to the robot account for the scanner, otherwise
scanner will be failed to pull the artifact.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-03-17 19:30:21 +08:00
He Weiwei
f8983fe198
feat(log): track request id in the log message (#11095)
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-03-17 19:29:59 +08:00
Wenkai Yin
3aca33acde Clean up some TODO items
1. Remove blob fetcher and cache

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-17 19:01:38 +08:00
Wenkai Yin
e8935dd804 Filter the pulling manifest request from replication service
Filter the pulling manifest request from replication service so that the audit log will not record the pulling action

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-17 16:32:11 +08:00
Wenkai Yin(尹文开)
01ec93856b
Merge pull request #11091 from ywk253100/200316_test
Add create/delete tag API test case
2020-03-17 16:21:16 +08:00
stonezdj(Daojun Zhang)
ced78d0afc
Merge pull request #11078 from danielpacak/feature/issue_11032/trivy_http_proxy
chore(trivy): Allow configuring HTTP(S) proxy
2020-03-17 15:24:13 +08:00
Wang Yan
ce2257dc22
update project logs api to v2.0 (#11097)
use audit log api to get project logs

Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-17 11:58:43 +08:00
Will Sun
2b6fb4abcf
Merge pull request #11073 from AllForNothing/permission
Swith to new API for recent log page
2020-03-17 11:25:29 +08:00
Wenkai Yin(尹文开)
411c73bd79
Merge pull request #11046 from ywk253100/200312_replication
Replicate tag deletion between Harbor instances
2020-03-17 10:58:06 +08:00
jonasrosland
f0360824ee Remove docs folder from CI runs
Signed-off-by: jonasrosland <jrosland@vmware.com>
2020-03-17 10:46:27 +08:00
jwangyangls
89cdd7a9f9
Merge pull request #11089 from jwangyangls/clear-dead-code
[OCI] Remove dead code
2020-03-17 10:03:18 +08:00
jwangyangls
580b74035d
Merge pull request #11007 from jwangyangls/artifact-filter-changes
[OCI] Artifact filter params changes in ui
2020-03-17 10:02:50 +08:00
Wenkai Yin
5925e0862d Replicate tag deletion between Harbor instances
This commit introduces the tag deletion as a new capability for registry adapters, and currently only Harbor supports it

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-17 09:27:02 +08:00
Wenkai Yin
e33b2984ce Add create/delete tag API test case
Add create/delete tag API test case

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-16 21:32:34 +08:00
Daniel Pacak
9c13116963 chore(trivy): Allow configuring HTTP(S) proxy
Resolves: #11032

Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
2020-03-16 12:26:49 +01:00
Steven Zou
b27094e765
Merge pull request #11047 from danielpacak/bump_up_trivy_adapter_to_v0.4.0
chore: Bump up Trivy adapter to v0.4.0
2020-03-16 19:02:32 +08:00
danfengliu
f2f67686a2
Merge pull request #10966 from danfengliu/srcipt-cnab-bundle-api-test
Add script of push cnab bunlde API test
2020-03-16 18:23:39 +08:00
danfengliu
843b05c2d3 Add script of push cnab bunlde API test
Signed-off-by: danfengliu <danfengl@vmware.com>
2020-03-16 17:37:16 +08:00
Yogi_Wang
61fa461e91 [OCI] Remove dead code
1. remove tag service / tag model
2. remove retag service
3. remove artifact service some function
4. remove repository service / repository model  /repositoryItem model
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2020-03-16 17:24:21 +08:00
Wang Yan
fbb3226e85
move notification handles and events metadata into api (#11085)
1, enable audit logs for notifications
2, move the handler and meatadata into API
3, use the notification middleware to send out notification

Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-16 16:56:34 +08:00
Daniel Pacak
46fb43bc25 chore: Bump up Trivy adapter to v0.4.0
Allows configuring SCANNER_TRIVY_GITHUB_TOKEN environment variable,
which is passed to trivy executable binary when it starts scanning
a given artifact.

This is to increase GitHub requests rate limit from 60 per hours
(for anonymous requests) to 5000 when Trivy download its
vulnerabilities database.

Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
2020-03-16 09:53:16 +01:00
Wenkai Yin(尹文开)
a83c78c1a5
Merge pull request #11064 from ywk253100/200313_cached_token
Check expired or not when getting token from cache
2020-03-16 16:27:18 +08:00
Wenkai Yin(尹文开)
89eeeb29ca
Change tag count to artifact count in search result (#11068)
Change tag count to artifact count in search result

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-16 14:28:59 +08:00
Wenkai Yin(尹文开)
d250e6998e
Fix bug when reading the readme.md of helm chart (#11059)
Fix bug when reading the readme.md of helm chart

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-16 14:26:50 +08:00
jwangyangls
46fe1182b7
Merge pull request #11043 from jwangyangls/add-OPENPOLICYAGENT
[OCI] Add the icon of openpolicyagent artifact
2020-03-16 13:39:10 +08:00
Daniel Jiang
2615339f4c
Merge pull request #11076 from reasonerjt/csrf-secure-flag
make Secure flag of CSRF cookie adapt to config
2020-03-16 11:47:51 +08:00
He Weiwei
60f8595034
refactor(quota): implement internal quota APIs by quota controller (#11058)
1. Use quota controller to implement the internal quota APIs.
2. The internal quota APIs can exceed the quota limitations.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-03-16 10:20:17 +08:00
danfengliu
42956c74bb
Merge pull request #11018 from danfengliu/add-verification-for-helm-api-test
Add verfication for helm API test
2020-03-16 10:17:37 +08:00
Wenkai Yin(尹文开)
1c647bd0cc
Merge pull request #11048 from danfengliu/add-doc-for-api-script-guide
Add doc for e2e API scripting guide
2020-03-16 09:34:35 +08:00
Daniel Jiang
cbd2619035 make Secure flag of CSRF cookie adapt to config
fixes #11074

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-03-16 04:03:49 +08:00
Wang Yan
9cc6e88a65
add notification middleware (#11072)
the notification is for send out the event after DB transaction complete.
It's safe to send hook as this middleware is after transaction in the response path.

Signed-off-by: wang yan <wangyan@vmware.com>
2020-03-14 22:34:36 +08:00
He Weiwei
ec31a87884
fix(blob,quota): process blobs already in registry no but associated with project (#11071)
1. Before put manifest request, ensure that the requested size resource
include the blobs which are referenced by the manifest but not
associated with project.
2. After put manifest request, associate the blobs which are referenced
by the manifest but not associated with project.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-03-14 21:39:44 +08:00
Wenkai Yin(尹文开)
901b615d78
Merge pull request #11070 from ywk253100/200313_unify_error_format
United error response format for management APIs (legacy and v2.0 APIs)
2020-03-13 22:29:25 +08:00
Wenkai Yin
c6940e8184 United error response format for management APIs (legacy and v2.0 APIs)
United error response format for management APIs (legacy and v2.0 APIs)

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-13 22:00:08 +08:00
AllForNothing
05431a149d Swith to new API for recent log page
Signed-off-by: AllForNothing <sshijun@vmware.com>
2020-03-13 19:56:44 +08:00
Wenkai Yin(尹文开)
4a97cd270d
Merge pull request #11038 from ywk253100/200312_upgrade
Repair the count usage during the upgrading
2020-03-13 16:19:12 +08:00
He Weiwei
37e6fa5c92
fix(transaction): change to use value in the ctx to decide whether commit tx (#11062)
Type assertion not work when the ctx in the request changed in the next
handler, so change to use value in the ctx to decide whether to commit
tx.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-03-13 15:19:13 +08:00
Wenkai Yin
05255a7ea7 Check expired or not when getting token from cache
Check expired or not when getting token from cache

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-13 14:57:30 +08:00
Wenkai Yin
a4a1913598 Repair the count usage during the upgrading
As the count quota is against artifact rather than tag in 2.0, the count usage should be recalculated

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2020-03-13 13:59:48 +08:00
Yogi_Wang
b32a8db114 [OCI] Add the icon of openpolicyagent artifact
1. add image
2. fix show ui clearly when dark
3. fix chinese words of replication name filter tooltip
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2020-03-13 12:01:00 +08:00
Daniel Jiang
2e7eb8872e
Move ArtifactInfo to internal package (#11055)
To avoid depedency loop, this commit moves the model of ArtifactInfo to
internal pacakge, so that a controller can it from context when needed.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-03-13 11:16:13 +08:00
He Weiwei
2a243ef7a2
refactor(rbac): refactor rbac impl to improve performance (#9988)
1. Introduce `Evaluator` interface which do the permission checking.
2. `admin`, `lazy`, `rbac`, `namespace` and `evaluartor` set are implemented the
`Evaluator` interface.
3. Move project rbac implemention from `project` to `rbac` pkg to reduce
the name  conflict with project instance of model.
4. Do permission checking in security context by `Evaluator`.
5. Cache the regexp in rbac evaluator for casbin.
6. Cache evaluator in namespace evaluator to improve performance.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-03-12 23:42:53 +08:00
Ziming Zhang
8ffa79801b feature(tag_retention) add checkbox for user to control whether remove untagged image
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2020-03-12 22:50:21 +08:00
Michael Michael
1d8389ab41
Merge pull request #11045 from goharbor/redirects
Updating the redirects in the old page stubs to point to new site.
2020-03-12 07:16:23 -05:00
He Weiwei
12f16c8cec
feat(scan): support to scan image index (#11001)
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-03-12 19:30:12 +08:00
Stuart Clements
88da8c327f Revised text 2020-03-12 12:10:53 +01:00
Daniel Jiang
6a25e6b2c6
Upodate stale.yml to for near future releases (#10996)
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-03-12 17:49:12 +08:00
danfengliu
81313d5f34 Add doc for e2e API scripting guide
Signed-off-by: danfengliu <danfengl@vmware.com>
2020-03-12 17:46:09 +08:00
Wenkai Yin(尹文开)
d6b32e19df
Merge pull request #11033 from ywk253100/200311_artifact
Restructure the packages of artifact
2020-03-12 16:30:04 +08:00
Stuart Clements
16228a842d Updating the redirects in the old page to point to new site. 2020-03-12 09:18:46 +01:00