Commit Graph

12219 Commits

Author SHA1 Message Date
Yang Jiao
52d2d5c303
Updating Permission Test Scripts (#19687)
Support for test cases that run multiple resources in a single run

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-12-08 06:10:19 +00:00
dependabot[bot]
8859f69668
Bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1 in /src (#19636)
Bumps [github.com/go-jose/go-jose/v3](https://github.com/go-jose/go-jose) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/go-jose/go-jose/releases)
- [Changelog](https://github.com/go-jose/go-jose/blob/v3/CHANGELOG.md)
- [Commits](https://github.com/go-jose/go-jose/compare/v3.0.0...v3.0.1)

---
updated-dependencies:
- dependency-name: github.com/go-jose/go-jose/v3
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2023-12-08 13:20:20 +08:00
dependabot[bot]
af4c6b6f0f
Bump github.com/gorilla/handlers from 1.5.1 to 1.5.2 in /src (#19632)
Bumps [github.com/gorilla/handlers](https://github.com/gorilla/handlers) from 1.5.1 to 1.5.2.
- [Release notes](https://github.com/gorilla/handlers/releases)
- [Commits](https://github.com/gorilla/handlers/compare/v1.5.1...v1.5.2)

---
updated-dependencies:
- dependency-name: github.com/gorilla/handlers
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2023-12-08 09:59:06 +08:00
dependabot[bot]
2984c2e04b
Bump github.com/robfig/cron/v3 from 3.0.0 to 3.0.1 in /src (#19633)
Bumps [github.com/robfig/cron/v3](https://github.com/robfig/cron) from 3.0.0 to 3.0.1.
- [Commits](https://github.com/robfig/cron/compare/v3.0.0...v3.0.1)

---
updated-dependencies:
- dependency-name: github.com/robfig/cron/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2023-12-07 17:49:21 +08:00
Shijun Sun
f99a619bc6
Add min-width to the permission column (#19675)
1. To avoid style confusion

Signed-off-by: AllForNothing <shijun.sun@broadcom.com>
2023-12-07 05:37:45 +00:00
Yang Jiao
ed0a69cf80
Add external scanner test case (#19682)
Fix #19279

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-12-07 11:20:11 +08:00
Shijun Sun
323e11fefb
Update the wording text for the system robot account (#19666)
Signed-off-by: AllForNothing <shijun.sun@broadcom.com>
2023-12-05 09:43:02 +00:00
Shijun Sun
469b6a495b
Update the style for the robot acccount ui (#19663)
1. Fixes #19614
2. Fixes #19617

Signed-off-by: AllForNothing <shijun.sun@broadcom.com>
2023-12-05 09:00:17 +00:00
Shengwen YU
1cbc901599
fix: upgrade google.golang.org/grpc (#19648)
fix: upgrade google.golang.org/grpc and go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2023-12-05 16:22:39 +08:00
MinerYang
3b127bc477
fix 2.10 prepare migration version (#19665)
fix 2.10 prepare migration

Signed-off-by: yminer <yminer@vmware.com>
2023-12-05 15:31:17 +08:00
Wang Yan
7b40dc6f46
fix the landing accessory data (#19661)
Fix the keywords when to list accessories belong to the subject manifest.

Signed-off-by: wang yan <wangyan@vmware.com>
2023-12-05 14:14:32 +08:00
Shijun Sun
7fee99b5fe
Update the name checking for the robot account (#19645)
1. Fixes #19612

Signed-off-by: AllForNothing <shijun.sun@broadcom.com>
2023-12-05 03:01:40 +00:00
Aaron Steinberg
3c56f2d1a0
[release-note/docs] swagger.yaml "repositoryName" parameter description update (#19651)
* swagger.yaml fix

Signed-off-by: Aaron Steinberg <asteinber-contractor@aurora.tech>

* Signed-off by: Aaron Steinberg <aaron@aa.codes>

Signed-off-by: Aaron Steinberg <asteinber-contractor@aurora.tech>

---------

Signed-off-by: Aaron Steinberg <asteinber-contractor@aurora.tech>
2023-11-30 09:17:05 +00:00
Yang Jiao
7cef4217b0
Add user API test case (#19638)
Fix #19280

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-11-29 10:25:02 +08:00
Shijun Sun
f26b9f52e9
Update the test script for the project permissions (#19623)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-11-28 02:16:02 +00:00
dependabot[bot]
bf251ef0aa
Bump github.com/coreos/go-oidc/v3 from 3.0.0 to 3.7.0 in /src (#19542)
Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc) from 3.0.0 to 3.7.0.
- [Release notes](https://github.com/coreos/go-oidc/releases)
- [Commits](https://github.com/coreos/go-oidc/compare/v3.0.0...v3.7.0)

---
updated-dependencies:
- dependency-name: github.com/coreos/go-oidc/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2023-11-28 09:31:16 +08:00
Shengwen YU
f14635a5d3
fix: update TRIVYVERSION=v0.47.0 && TRIVYADAPTERVERSION=v0.30.19 (#19624)
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2023-11-28 08:43:37 +08:00
Wang Yan
3f72604d57
fix robot account access issue (#19627)
fixes #19622
Resolve the 403 issue occurring when a robot account, equipped with both system and project scope, attempts to access project resources.

Signed-off-by: wang yan <wangyan@vmware.com>
2023-11-27 19:16:37 +08:00
Yang Jiao
4fbcf92da9
Add jump to CNAB Bundle index artifact list test case (#19629)
Fix #19278

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-11-27 18:26:06 +08:00
Yang Jiao
38ac8bf717
Add notation pull policy test case (#19625)
Fix #19547

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-11-27 09:44:20 +00:00
dependabot[bot]
e1df9b0a73
Bump golang.org/x/time from 0.0.0-20220210224613-90d013bbcef8 to 0.4.0 in /src (#19541)
Bump golang.org/x/time in /src

Bumps [golang.org/x/time](https://github.com/golang/time) from 0.0.0-20220210224613-90d013bbcef8 to 0.4.0.
- [Commits](https://github.com/golang/time/commits/v0.4.0)

---
updated-dependencies:
- dependency-name: golang.org/x/time
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2023-11-27 16:58:28 +08:00
dependabot[bot]
4fac10a97d
Bump actions/setup-node from 3 to 4 (#19478)
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 3 to 4.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Orlix <7236111+OrlinVasilev@users.noreply.github.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
2023-11-27 15:48:21 +08:00
Wang Yan
e6900301ce
fix system label resource (#19621)
Make sure robot can use rbac.Resource(label) to access system level label

Signed-off-by: wang yan <wangyan@vmware.com>
2023-11-27 13:34:17 +08:00
Yang Jiao
969dd1be66
Add notation accessory copy test case (#19605)
Fix #19546

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-11-22 18:13:44 +08:00
Yang Jiao
45b41d4443
Add API(scan,volumes,jobservice,scanner,label,securityhub,catalog) permission testcases (#19595)
Add scan,volumes,jobservice,scanner,label,securityhub,catalog permission testcases

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-11-22 09:08:27 +00:00
Shijun Sun
13ae233729
Add test cases for the project level permissions (#19593)
Add API test cases for project permission of a robot account

Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-11-22 08:13:04 +00:00
Shijun Sun
d967ac0fb6
Update the permission scope (#19603)
1. Update the permission scope
2. Sort the resources and actions by unicode

Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-11-22 06:37:31 +00:00
MinerYang
9875965837
add prepare migration script for 2.10 (#19600)
Signed-off-by: yminer <yminer@vmware.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
2023-11-22 13:58:45 +08:00
Wang Yan
062d144d22
add permission validation for robot creating and updating. (#19598)
* add permission validation for robot creating and updating.

It is not allowed to create an new robot with the access outside the predefined scope.

Signed-off-by: wang yan <wangyan@vmware.com>

* Fix robot testcase and update robot permission metadata (#167)

1. Fix robot testcase
2. update robot permission metadata

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
Signed-off-by: wang yan <wangyan@vmware.com>

---------

Signed-off-by: wang yan <wangyan@vmware.com>
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
Co-authored-by: Yang Jiao <72076317+YangJiao0817@users.noreply.github.com>
2023-11-22 12:51:03 +08:00
Chlins Zhang
43ccd2f09f
perf: optimize the performance of accessory query (#19557)
1. Add db index for subject_artifact_id in table artifact_accessory.
2. Optimize the SQL of excluding the accessory for artifact count.

Signed-off-by: chlins <chenyuzh@vmware.com>
2023-11-22 02:11:11 +00:00
MinerYang
17c17ffd8e
bump golang to 1.21.4 (#19601)
Signed-off-by: yminer <yminer@vmware.com>
2023-11-21 19:23:16 +08:00
Chlins Zhang
553c85eed0
fix: increase beego max memory and upload size (#19578)
1. Increase the default beego max memory and upload size from 32GB to
   128GB.
2. Support customize the two beego configs from env.

Signed-off-by: chlins <chenyuzh@vmware.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
2023-11-21 15:36:06 +08:00
Maksym Trofimenko
996e57b511
Feature: GDPR compliant audit logs (#17396) 2023-11-20 21:31:22 +01:00
stonezdj(Daojun Zhang)
307a3121aa
Return empty result when no scanner configured (#19577)
fixes #19534

Signed-off-by: stonezdj <daojunz@vmware.com>
2023-11-17 07:29:19 +00:00
Yang Jiao
08cb0803a8
Add API(audit-log,project,registry,replication) permission testcase (#19584)
Add audit-log,project,registry,replication API permission testcase

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-11-16 08:51:00 +00:00
Shijun Sun
95b4032201
Correct loop condition for replication tasks (#19570)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-11-15 09:50:06 +00:00
Shijun Sun
da9e263ca7
Avoid menu closure when filtering labels (#19561)
1. Fixes #19554

Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-11-15 17:12:55 +08:00
Shijun Sun
30730c6716
Add a placeholder to the cards for the security-hub (#19536)
1. Related issue #19249

Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-11-15 08:23:07 +00:00
Shijun Sun
7718134301
Add quota sorting to the project quotas list (#19576)
1. For #16517

Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-11-15 07:25:55 +00:00
Shijun Sun
6a6e29570c
Show OIDC provider name on the OIDC login button (#19581)
1. Related issue #13198

Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-11-15 05:23:57 +00:00
stonezdj(Daojun Zhang)
3f6c0298fe
Add oidc provider name to systeminfo API (#19575)
fixes #13198

Signed-off-by: stonezdj <daojunz@vmware.com>
2023-11-15 11:00:39 +08:00
Yang Jiao
04397fb6a2
Add API permission testcase (#19571)
usage example:
HARBOR_BASE_URL=https://{ip_or_domain}/api/v2.0 RESOURCE=preheat-instance  USER_NAME={username} PASSWORD={password}  python tests/apitests/python/test_permission.py

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-11-14 09:38:39 +08:00
Shengwen YU
e941f3272b
fix: sorting quota (#19538)
fix: sort Project Quotas

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2023-11-13 14:37:41 +08:00
jmichot-exotec
219e4ba48d
19559 cannot see full label easily (#19564)
* modified label css to allow hover on it

Signed-off-by: Julien Michot <julien.michot.ext@exotec.com>

* modified label css to allow hover on it

Signed-off-by: Julien Michot <julien.michot.ext@exotec.com>

* Update common.scss

Signed-off-by: jmichot-exotec <150228661+jmichot-exotec@users.noreply.github.com>

* used title way to show full label on hover

Signed-off-by: Julien Michot <julien.michot.ext@exotec.com>

---------

Signed-off-by: Julien Michot <julien.michot.ext@exotec.com>
Signed-off-by: jmichot-exotec <150228661+jmichot-exotec@users.noreply.github.com>
Co-authored-by: Julien Michot <julien.michot.ext@exotec.com>
2023-11-13 04:02:59 +00:00
stonezdj(Daojun Zhang)
3a9d68a32a
Allow POST method to request service/token in readonly mode (#19556)
fixes #18243

Signed-off-by: stonezdj <daojunz@vmware.com>
2023-11-10 05:08:31 +00:00
Chlins Zhang
f6d5bf2e0f
perf: optimize the trigger retention API (#19533)
Enhance the API for triggering retention by optimizing it from synchronous to asynchronous to solve the problem of slow response in the case of a large number of tasks.

Signed-off-by: chlins <chenyuzh@vmware.com>
2023-11-09 07:45:01 +00:00
Shijun Sun
b7116fff0f
Add full permissions for the robot account (#19507)
1.Fixes #19353

Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-11-09 03:18:07 +00:00
Wang Yan
5c02fd807e
add permission api (#19543)
The permission api targets to return the full set of permissons for robot to use.
And only system and project admin have the access

Signed-off-by: wang yan <wangyan@vmware.com>
2023-11-09 09:47:07 +08:00
stonezdj(Daojun Zhang)
da949bfc3f
Delete project member when delete project (#19523)
Signed-off-by: stonezdj <daojunz@vmware.com>
2023-11-08 20:51:21 +08:00
Shijun Sun
bfd44b9115
Update UI package to clear security alerts (#19553)
Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-11-08 15:30:08 +08:00