Commit Graph

11780 Commits

Author SHA1 Message Date
MinerYang
e1c1f5625d
bump golang 1.20.6 on main (#19066)
bump golang 1.20.6

Signed-off-by: yminer <yminer@vmware.com>
2023-08-02 11:01:32 +08:00
Shijun Sun
39ec1e4b1f
Add validator for duration of banner message (#19057)
1.Fixes #19049

Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-08-01 18:31:32 +08:00
Shijun Sun
b496edf304
Update style for banner message ui (#19069)
1.Fixes #19021
2.Fixes #19022

Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-08-01 17:24:28 +08:00
Shijun Sun
28e6a99eb9
Remove cache for project policy updating (#19068)
1. Fixes #19065

Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-08-01 15:31:32 +08:00
Yang Jiao
5e130bd06c
Bump up photon version from 4.0 to 5.0 (#19006)
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-08-01 11:52:33 +08:00
Shijun Sun
854e0295d1
Update security hub ui (#19062)
1. Fixes #19010
2. Fixes #19011
3. Fixes #19012
4. Fixes #19015
5. Fixes #19025
6. Fixes #19026
7. Fixes #19034
8. Fixes #19037

Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-07-31 20:25:05 +08:00
Wang Yan
d93f24a4dc
fix dry run creation time (#19060)
fixes #19059
Give the mock time for dry run, otherwise, it will be zero.

Signed-off-by: wang yan <wangyan@vmware.com>
2023-07-31 17:29:56 +08:00
Wang Yan
bef4ccc782
fixes 19043 (#19054)
fixes #19043
Skip the policy checking when to pull the notation signature

Signed-off-by: wang yan <wangyan@vmware.com>
2023-07-31 15:11:21 +08:00
Wang Yan
638c26c41a
add details for gc dry-run (#19050)
* add details for gc dry-run

fixes 19040
Gives the make details for the dry-run

Signed-off-by: wang yan <wangyan@vmware.com>

* Update details column for gc history (#164)

1.Fixes #19038

Signed-off-by: AllForNothing <sshijun@vmware.com>

---------

Signed-off-by: wang yan <wangyan@vmware.com>
Signed-off-by: AllForNothing <sshijun@vmware.com>
Co-authored-by: Shijun Sun <30999793+AllForNothing@users.noreply.github.com>
2023-07-31 13:53:51 +08:00
Wang Yan
ae33dbd801
fix accessory import issue (#19053)
fixes #19041

The issuse was introduced by https://github.com/goharbor/harbor/pull/17087.
To move the import to main since the anonymous imports only allowed at main in go-cilint.

Fixes it:
To add the anonymous imports at the jobservice main since the gc job needs to remove accessory when to delete an artifact

Signed-off-by: wang yan <wangyan@vmware.com>
2023-07-30 22:36:03 +08:00
Alexis Leroux
84a131773a
Conserve sentinel_master_set value between upgraded versions (#18875)
fix(migration): Conserve sentinel_master_set value between upgraded versions

Signed-off-by: Alexis Leroux <alexis.leroux@worldline.com>
Co-authored-by: Alexis Leroux <alexis.leroux@worldline.com>
Co-authored-by: MinerYang <yminer@vmware.com>
2023-07-27 18:35:01 +08:00
MinerYang
3af605eedc
update installation hint (#19024)
Signed-off-by: yminer <yminer@vmware.com>
2023-07-27 10:41:05 +08:00
Wang Yan
db82d6e082
fix signer name (#19001)
Append the signer name to the error message which will be returned by the client

Signed-off-by: wang yan <wangyan@vmware.com>
2023-07-25 21:30:32 +08:00
stonezdj(Daojun Zhang)
c25a7ca68d
Skip to run migrate script when data available (#18976) 2023-07-25 19:41:35 +08:00
MinerYang
8102304621
add migration script for 2.9 (#18997)
add miigration script for 2.9

Signed-off-by: yminer <yminer@vmware.com>

update quota_update_provider

update typo

update comment
2023-07-25 17:52:37 +08:00
Yang Jiao
70554fe4f1
Fix build harbor-db-base error (#19003)
Fix #19002

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-07-25 16:45:23 +08:00
Yang Jiao
7862870c45
Update webhook and replication testcase (#18998)
Sync test case updates because of changes to webhook and replication
1. #18923
2. #18906

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-07-25 15:06:04 +08:00
stonezdj(Daojun Zhang)
d92aca9d39
Fix wrong scanned artifact count when there are multiple report for an artifact (#18975)
Signed-off-by: stonezdj <daojunz@vmware.com>
2023-07-25 14:10:10 +08:00
Shengwen YU
d7ff8bf55e
fix: bump-up TRIVYVERSION=v0.43.0 and TRIVYADAPTERVERSION=v0.30.14 (#18993)
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2023-07-25 10:25:06 +08:00
Shengwen YU
320c0d63ca
feat: add config for job_loggers (#18970)
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2023-07-24 22:10:36 +08:00
Chlins Zhang
8ff095d68f
feat: add the configuration for quota update provider (#18928)
Add the related configurations for the quota update provider to the
harbor.yml.

Signed-off-by: chlins <chenyuzh@vmware.com>
2023-07-24 16:28:19 +08:00
Chlins Zhang
c030fd7863
refactor: replace the gc redigo client to the standard cache (#18965)
Refactor the clean redis logic in the GC job, replace the redigo client
to the lib cache interface which can simplify operations.

Signed-off-by: chlins <chenyuzh@vmware.com>
2023-07-24 14:30:25 +08:00
Chlins Zhang
94c76002a2
refactor: remove duplicated artifact deletion handler (#18959)
Remove the duplicated artifact deletion event handler and enhance the
internal artifact onDelete method.

Signed-off-by: chlins <chenyuzh@vmware.com>
2023-07-24 13:38:39 +08:00
Yang Jiao
26f6197230
Fix APITEST_DB_PROXY_CACHE x509 (#18977)
Fix APITEST_DB_PROXY_CACHE x509, Because cicd.harbor.vmwarecna uses a self-signed certificate.

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-07-24 10:52:54 +08:00
Shijun Sun
b380b7869b
Update the parameter to search cosign (#18963)
1.Fixes #18960

Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-07-21 01:07:22 +08:00
Shengwen YU
9091661539
fix: replication policy cron setting - the 1st field must be 0; the Minutes field cannot be * (#18923)
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2023-07-20 17:55:48 +08:00
Wang Yan
ce893635aa
support nydus as a accessory (#18953)
Recognize nydus image(with subject) as a kind of accessory and built the releationship with subject manifest

Signed-off-by: wang yan <wangyan@vmware.com>
2023-07-20 15:54:23 +08:00
stonezdj(Daojun Zhang)
5e4163b53b
Create index in vulnerability_record table (#18949)
add index for better query performance

Signed-off-by: stonezdj <daojunz@vmware.com>
2023-07-20 14:00:40 +08:00
Shijun Sun
73533d8f4f
Add Security Hub UI (#18942)
1.Fixes #18819
2.Add Security Hub page as a new tab for Interrogation Services

Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-07-20 10:54:07 +08:00
Shijun Sun
b08dce4805
Update the regex for policy name and the tooltip message (#18947)
1. Fixes task 6 for #18091

Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-07-19 20:04:12 +08:00
Shijun Sun
79e8c396bf
Add Notation UI for deployment security (#18952)
1. for #18927

Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-07-19 18:22:11 +08:00
Chlins Zhang
970bdab936
fix: correct the operator in the webhook payload (#18906)
Fix the incorrect or meaningless operator in the webhook payload.

Fixes: #18438

Signed-off-by: chlins <chenyuzh@vmware.com>
2023-07-19 15:40:29 +08:00
stonezdj(Daojun Zhang)
d4aa9b13c4
Add vulnerability search API (#18924)
use q.Query to pass all query conditions

Signed-off-by: stonezdj <daojunz@vmware.com>
2023-07-19 10:17:14 +08:00
stonezdj(Daojun Zhang)
82ee5295ea
Log warning message when current user is freeze (#18937)
Signed-off-by: stonezdj <daojunz@vmware.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
2023-07-18 15:34:28 +08:00
Wang Yan
d745ad9175
fix gc schedule issue (#18934)
fixes #18881

Save workers settings into the metadata of the garbage collection schedule

Signed-off-by: wang yan <wangyan@vmware.com>
2023-07-17 15:28:21 +08:00
Wang Yan
ff2b99d711
enable notary v2 policy checker (#18927)
add notary v2 pull policy, when it enables, the artifact cannot be pull without the notation signature.

Signed-off-by: wang yan <wangyan@vmware.com>
2023-07-14 13:35:56 +08:00
Wang Yan
5cce621471
add notation support (#18909)
Accept and recognize the signature of notation client

Signed-off-by: wang yan <wangyan@vmware.com>
2023-07-13 11:18:34 +08:00
Kane
06c4c1c076
update icons (#18767)
Signed-off-by: vndroid <diracsvip@gmail.com>
Co-authored-by: Vadim Bauer <vb@container-registry.com>
2023-07-12 17:35:14 +03:00
stonezdj(Daojun Zhang)
93e428d0d2
Add security hub summary API (#18872)
include WithCVE, WithArtifact option

Signed-off-by: stonezdj <daojunz@vmware.com>
2023-07-12 19:18:08 +08:00
Yang Jiao
90259f3c80
Add CVE Allowlist expires Test Cases (#18921)
Fix #18920

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-07-12 17:32:40 +08:00
Shengwen YU
df4dc3c00b
fix: add password/secret length check to be <= 128 (#18916)
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2023-07-12 17:04:50 +08:00
Yang Jiao
c707106ef7
Add OIDC filter group testcase (#18914)
Fix #17950

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-07-11 15:37:15 +08:00
Chlins Zhang
98f592f94f
chore: upgrade golang-migrate to v4.16.2 (#18879)
Signed-off-by: chlins <chenyuzh@vmware.com>
2023-07-11 10:21:12 +08:00
Yang Jiao
cbb211e670
Add CloudEvents format webhook testcase (#18908)
Fix #18616

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-07-10 15:05:56 +08:00
Chlins Zhang
78799ccb2f
perf: introduce update quota by redis (#18871)
Introduce the quota update provider, improve the performance of pushing
artifacts to same project with high concurrency by implementing
optimistic lock in redis. By default the function is disabled, open it
by set env 'QUOTA_UPDATE_PROVIDER=Redis' for the core container.

Fixes: #18440

Signed-off-by: chlins <chenyuzh@vmware.com>
2023-07-10 13:24:37 +08:00
Yang Jiao
adf80e921e
Add replication by chunk testcase (#18904)
Fix #17951

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-07-07 15:18:22 +08:00
Yang Jiao
fb52fdb3e0
Refactor the keyword in the testcase (#18898)
Fix #17952

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-07-06 13:47:00 +08:00
Bin Liu
c8120d5712
API: update ScannerRegistration.properties.url format (#18799)
The format of ScannerRegistration.properties.url should be
`uri` but not `url`.

Fixes: #18798

Signed-off-by: bin liu <liubin0329@gmail.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
2023-07-05 17:57:06 +08:00
Shijun Sun
1efe944a8d
Correct the hidden property for clrDgHideableColumn (#18890)
1.Fixes #18870

Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-07-05 14:31:35 +08:00
Wang Yan
dbaae9e64e
support OCI-Subject header (#18885)
fixes #18865
the response header OCI-Subject to indicate to the client that the registry processed the request's subject.

Signed-off-by: wang yan <wangyan@vmware.com>
Co-authored-by: System Administrator <root@wangyanCQFQY.vmware.com>
2023-07-05 11:25:19 +08:00