MinerYang
ea3cd06171
add prepare migration script for 2.11.0 ( #20315 )
...
Signed-off-by: yminer <yminer@vmware.com>
correct jaeger agent_host
update ip_family part
2024-04-22 16:34:08 +08:00
Shengwen YU
9b164f3fee
feat: add tc for limited guest of a project to get repository ( #20311 )
...
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2024-04-22 06:36:35 +00:00
Lichao Xue
e7fce62723
Wrong values shown for the columns of support_sbom and support_vulnerability in scanner list ( #20308 )
...
Fix wrong value shown for the columns of support_sbom and support_vulnerability in scanner list
Signed-off-by: xuelichao <xuel@vmware.com>
2024-04-22 13:29:48 +08:00
stonezdj(Daojun Zhang)
d759429831
Set default capability for old scanners ( #20306 )
...
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
2024-04-20 10:37:30 +08:00
stonezdj(Daojun Zhang)
0d9dc4b4a4
Add enableCapabilities to extraAttrs for stop ( #20299 )
...
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
2024-04-19 07:36:56 +00:00
Lichao Xue
b3dc183f47
Fixed an issue where the scan stop button can only be clicked once ( #20302 )
...
Signed-off-by: xuelichao <xuel@vmware.com>
2024-04-19 13:01:54 +08:00
stonezdj(Daojun Zhang)
9c3fc28250
Allow generate sbom in proxy cache project ( #20298 )
...
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
2024-04-19 02:14:28 +00:00
Lichao Xue
e8907a47ab
SBOM UI feature implementation ( #19946 )
...
* draft: sbom UI feature implementation
Signed-off-by: xuelichao <xuel@vmware.com>
* refactor based on swagger yaml changes
Signed-off-by: xuelichao <xuel@vmware.com>
* update scan type for scan and stop sbom request
Signed-off-by: xuelichao <xuel@vmware.com>
---------
Signed-off-by: xuelichao <xuel@vmware.com>
2024-04-18 08:22:11 +00:00
Ikko Eltociear Ashimine
4fd11ce072
refactor: update controller.go ( #20297 )
...
minor fix
Signed-off-by: Ikko Eltociear Ashimine <eltociear@gmail.com>
Co-authored-by: MinerYang <yminer@vmware.com>
2024-04-18 14:26:03 +08:00
stonezdj(Daojun Zhang)
2ea7d09412
skip to log scan sbom accessory for sbom accessory ( #20290 )
...
Avoid to log the generate SBOM failure message when the artifact is SBOM in webhook event
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
2024-04-17 14:51:11 +00:00
stonezdj(Daojun Zhang)
fb2e0042d0
Rename scan request type ( #20288 )
...
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
2024-04-17 09:52:50 +00:00
Shengwen YU
6709c789fb
feat: add test case for customizing OIDC provider name ( #20287 )
...
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2024-04-17 15:52:58 +08:00
stonezdj(Daojun Zhang)
654aa8edcf
Add generate SBOM feature ( #20251 )
...
* Add SBOM scan feature
Add scan handler for sbom
Delete previous sbom accessory before the job service
Signed-off-by: stonezdj <daojunz@vmware.com>
* fix issue
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
---------
Signed-off-by: stonezdj <daojunz@vmware.com>
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
Co-authored-by: stonezdj <daojunz@vmware.com>
2024-04-16 13:34:19 +00:00
Shengwen YU
67c03ddc4f
fix: update TRIVYVERSION=v0.50.1 && TRIVYADAPTERVERSION=v0.31.0 ( #20285 )
...
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2024-04-16 18:37:16 +08:00
Wang Yan
550bf1d750
fix issue 20269 ( #20274 )
...
By default, use the nvd score as the primary score, and if it is unavailable, fallback to the redhat score.
fix #20269
Signed-off-by: wang yan <wangyan@vmware.com>
2024-04-16 16:49:52 +08:00
Shengwen YU
91efec1e2a
fix: update the image reference format for audit log when pulling image ( #20278 )
...
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2024-04-16 11:11:59 +08:00
dependabot[bot]
938c804513
Bump go.uber.org/ratelimit from 0.2.0 to 0.3.1 in /src ( #20204 )
...
Bumps [go.uber.org/ratelimit](https://github.com/uber-go/ratelimit ) from 0.2.0 to 0.3.1.
- [Changelog](https://github.com/uber-go/ratelimit/blob/main/CHANGELOG.md )
- [Commits](https://github.com/uber-go/ratelimit/compare/v0.2.0...v0.3.1 )
---
updated-dependencies:
- dependency-name: go.uber.org/ratelimit
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
2024-04-16 10:11:19 +08:00
Iceber Gu
a2507dc3fc
Sending signals by closing the channel ( #17917 )
...
Signed-off-by: Iceber Gu <wei.cai-nat@daocloud.io>
2024-04-15 12:37:59 +00:00
dependabot[bot]
79dbebd48d
Bump golang.org/x/oauth2 from 0.15.0 to 0.19.0 in /src ( #20247 )
...
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2 ) from 0.15.0 to 0.19.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.15.0...v0.19.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-04-15 19:04:22 +08:00
dependabot[bot]
b8392968ac
Bump github.com/coreos/go-oidc/v3 from 3.9.0 to 3.10.0 in /src ( #20202 )
...
Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc ) from 3.9.0 to 3.10.0.
- [Release notes](https://github.com/coreos/go-oidc/releases )
- [Commits](https://github.com/coreos/go-oidc/compare/v3.9.0...v3.10.0 )
---
updated-dependencies:
- dependency-name: github.com/coreos/go-oidc/v3
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-04-15 18:18:53 +08:00
dependabot[bot]
8bf26c0d1d
Bump k8s.io/api from 0.29.0 to 0.29.3 in /src ( #20205 )
...
Bumps [k8s.io/api](https://github.com/kubernetes/api ) from 0.29.0 to 0.29.3.
- [Commits](https://github.com/kubernetes/api/compare/v0.29.0...v0.29.3 )
---
updated-dependencies:
- dependency-name: k8s.io/api
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-04-15 16:47:55 +08:00
MinerYang
7465a29919
add SBOM icon ( #20270 )
...
Signed-off-by: yminer <yminer@vmware.com>
2024-04-12 20:12:46 +08:00
MinerYang
7e8032b144
bump golang to 1.22.2 ( #20256 )
...
Signed-off-by: yminer <yminer@vmware.com>
replace go get to go install
update go.mod
2024-04-12 13:46:29 +08:00
MinerYang
e9d2f50669
update mockery to v2.42.2 ( #20258 )
...
Signed-off-by: yminer <yminer@vmware.com>
2024-04-11 03:37:59 +00:00
Shengwen YU
643e84cdfe
feat: expose trivy.timeout
to configure the duration to wait for scan completion ( #20257 )
...
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2024-04-11 10:47:07 +08:00
Shengwen YU
4c9e84cae1
fix: update e2e test engine images ( #20223 )
...
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2024-04-11 10:05:05 +08:00
stonezdj(Daojun Zhang)
5d7c668028
Support list artifact with_sbom_overview option ( #20244 )
...
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
Co-authored-by: stonezdj <daojunz@vmware.com>
2024-04-10 14:47:45 +00:00
stonezdj(Daojun Zhang)
89995075a7
Update swagger API to display SBOM content in addition API ( #20234 )
...
complete task #20066
Signed-off-by: stonezdj <daojunz@vmware.com>
Co-authored-by: stonezdj <daojunz@vmware.com>
2024-04-10 12:39:25 +00:00
tostt
a858fb4f4d
Updated internationalisation : fr-fr ( #20179 )
...
* Update french translation
Signed-off-by: tostt <tostt@users.noreply.github.com>
* More updates french language
Signed-off-by: tostt <tostt@users.noreply.github.com>
* Corr. spelling
Signed-off-by: tostt <tostt@users.noreply.github.com>
* Update src/portal/src/i18n/lang/fr-fr-lang.json
Co-authored-by: Florian Blampey <flbla@users.noreply.github.com>
Signed-off-by: tostt <tostt@users.noreply.github.com>
* Update src/portal/src/i18n/lang/fr-fr-lang.json
Co-authored-by: Florian Blampey <flbla@users.noreply.github.com>
Signed-off-by: tostt <tostt@users.noreply.github.com>
* Update src/portal/src/i18n/lang/fr-fr-lang.json
Co-authored-by: Thomas Coudert <couderthomas@gmail.com>
Signed-off-by: tostt <tostt@users.noreply.github.com>
* Update src/portal/src/i18n/lang/fr-fr-lang.json
Co-authored-by: Thomas Coudert <couderthomas@gmail.com>
Signed-off-by: tostt <tostt@users.noreply.github.com>
* Update src/portal/src/i18n/lang/fr-fr-lang.json
Co-authored-by: Thomas Coudert <couderthomas@gmail.com>
Signed-off-by: tostt <tostt@users.noreply.github.com>
* Update src/portal/src/i18n/lang/fr-fr-lang.json
Co-authored-by: Thomas Coudert <couderthomas@gmail.com>
Signed-off-by: tostt <tostt@users.noreply.github.com>
* Update src/portal/src/i18n/lang/fr-fr-lang.json
Co-authored-by: Thomas Coudert <couderthomas@gmail.com>
Signed-off-by: tostt <tostt@users.noreply.github.com>
* Update src/portal/src/i18n/lang/fr-fr-lang.json
Co-authored-by: Thomas Coudert <couderthomas@gmail.com>
Signed-off-by: tostt <tostt@users.noreply.github.com>
* Update fr-fr-lang.json : further changes following thcdrt's review
Signed-off-by: tostt <tostt@users.noreply.github.com>
* Update src/portal/src/i18n/lang/fr-fr-lang.json
Co-authored-by: Thomas Coudert <couderthomas@gmail.com>
Signed-off-by: tostt <tostt@users.noreply.github.com>
* Update fr-fr-lang.json: translate Expand to Déplier
Signed-off-by: tostt <tostt@users.noreply.github.com>
* Update fr-fr-lang.json: Remove duplicate portion of text
Signed-off-by: tostt <tostt@users.noreply.github.com>
---------
Signed-off-by: tostt <tostt@users.noreply.github.com>
Co-authored-by: Vadim Bauer <vb@container-registry.com>
Co-authored-by: Florian Blampey <flbla@users.noreply.github.com>
Co-authored-by: Thomas Coudert <couderthomas@gmail.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
2024-04-10 15:17:30 +08:00
MinerYang
2bb5166c80
adopt cosign with oci-spec 1.1 ( #20245 )
...
Signed-off-by: yminer <yminer@vmware.com>
add comment for cosign middlware
2024-04-10 13:46:00 +08:00
stonezdj(Daojun Zhang)
2e7db335b3
Add auto generate SBOM on push feature ( #20250 )
...
Signed-off-by: stonezdj <daojunz@vmware.com>
Co-authored-by: stonezdj <daojunz@vmware.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
2024-04-09 09:30:53 +00:00
MinerYang
03d9575d84
update referrer manifest descriptor size ( #20207 )
...
cache manifest when first time pull if cacheEnabled
Signed-off-by: yminer <yminer@vmware.com>
2024-04-09 08:50:46 +00:00
Wang Yan
461a5fa50d
add stop sbom scanning API ( #20200 )
...
* add stop sbom scanning API
1. [UI] support to stop sbom scanning #20200
2. add type for stop scanning api, make it able to support both vulnerability and sbom.
3. refactor the db query to support multiple extra attributes.
Signed-off-by: wang yan <wangyan@vmware.com>
Signed-off-by: xuelichao <xuel@vmware.com>
Co-authored-by: xuelichao <xuel@vmware.com>
2024-04-09 16:07:47 +08:00
stonezdj(Daojun Zhang)
be648ea47f
Refactor scan job service make it easy to add new scan type ( #20177 )
...
Signed-off-by: stonezdj <daojunz@vmware.com>
Signed-off-by: stonezdj(Daojun Zhang) <stonezdj@gmail.com>
Co-authored-by: stonezdj <daojunz@vmware.com>
2024-04-09 16:05:30 +08:00
guangwu
ff1a5056d7
fix: close blob io ReadCloser ( #20225 )
...
Signed-off-by: guoguangwu <guoguangwug@gmail.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
2024-04-09 14:27:46 +08:00
stonezdj(Daojun Zhang)
96ba34a93c
Allow empty path in redirect_url ( #20238 )
...
fixes #20226
Signed-off-by: stonezdj <daojunz@vmware.com>
Co-authored-by: stonezdj <daojunz@vmware.com>
2024-04-09 02:24:57 +00:00
MinerYang
389a8c49f4
update artifact_type column alteration ( #20239 )
...
update column if is null
Signed-off-by: yminer <yminer@vmware.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
2024-04-08 14:25:19 +08:00
Shengwen YU
c8370faeeb
fix: test robot account permission ( #20240 )
...
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2024-04-08 12:57:38 +08:00
Shengwen YU
c12064df4e
feat: add api test case for quota sorting ( #20209 )
...
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2024-04-07 13:47:49 +08:00
Prima Adi Pradana
7b8a322a88
delete membership=0 in getProjectsByName ( #20153 )
...
delete membership=0 in getProjectsByName but lets getProjects still using membership=1 for reserve if getProjectsByName not found any
Signed-off-by: prima <prima101112@gmail.com>
2024-04-05 15:29:07 +00:00
stonezdj(Daojun Zhang)
dd76fe47ce
Add SBOM scan REST API ( #20215 )
...
Update swagger API for generate SBOM
Signed-off-by: stonezdj <daojunz@vmware.com>
Co-authored-by: stonezdj <daojunz@vmware.com>
2024-04-03 08:38:09 +00:00
stonezdj(Daojun Zhang)
b6366e03e9
Update GenAccessoryArt API to generate valid accessory for SBOM ( #20214 )
...
Signed-off-by: stonezdj <daojunz@vmware.com>
Co-authored-by: stonezdj <daojunz@vmware.com>
2024-04-03 07:59:15 +00:00
guangwu
9778176ff1
fix: close file ( #20189 )
...
Signed-off-by: guoguangwu <guoguangwug@gmail.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
2024-04-03 11:45:59 +08:00
stonezdj(Daojun Zhang)
cea47c7db3
Add accessory type for sbom ( #20208 )
...
Signed-off-by: stonezdj <daojunz@vmware.com>
Co-authored-by: stonezdj <daojunz@vmware.com>
2024-04-02 18:11:27 +08:00
MinerYang
680a6a828b
bump golang 1.21.8 on main ( #20197 )
...
bump golang 1.21.8
Signed-off-by: yminer <yminer@vmware.com>
2024-04-02 10:22:03 +08:00
guangwu
b66d14d9f3
fix: typo ( #20190 )
...
Signed-off-by: guoguangwu <guoguangwug@gmail.com>
2024-04-01 10:03:24 +08:00
Taras Katkov
da3c85be5a
fix image name extraction ( #18992 )
...
* Update replication.go
It also could be 'library/bitnami/fluentd:1.13.3-debian-10-r0' so we need to split resource to only 2 parts - possible namespace and image name which may include slashes for example -
namespace: library, image: bitnami/fluentd:1.13.3-debian-10-r0
Signed-off-by: Taras Katkov <tkatkov@gmail.com>
* Update replication_test.go
Adding namespace and resource extraction tests.
Signed-off-by: Taras Katkov <tkatkov@gmail.com>
* Reformat only
Signed-off-by: Taras Katkov <tkatkov@gmail.com>
---------
Signed-off-by: Taras Katkov <tkatkov@gmail.com>
2024-03-30 13:41:50 +00:00
dependabot[bot]
7c2158bdf9
Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp from 1.21.0 to 1.24.0 in /src ( #20037 )
...
Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp
Bumps [go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp](https://github.com/open-telemetry/opentelemetry-go ) from 1.21.0 to 1.24.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases )
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.21.0...v1.24.0 )
---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Shengwen YU <yshengwen@vmware.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-03-29 18:08:06 +08:00
dependabot[bot]
6c2cafe7ba
Bump github.com/docker/docker from 24.0.7+incompatible to 24.0.9+incompatible in /src ( #20147 )
...
Bump github.com/docker/docker in /src
Bumps [github.com/docker/docker](https://github.com/docker/docker ) from 24.0.7+incompatible to 24.0.9+incompatible.
- [Release notes](https://github.com/docker/docker/releases )
- [Commits](https://github.com/docker/docker/compare/v24.0.7...v24.0.9 )
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-03-29 17:29:09 +08:00
dependabot[bot]
290b22cf17
Bump google.golang.org/protobuf from 1.31.0 to 1.33.0 in /src ( #20124 )
...
Bumps google.golang.org/protobuf from 1.31.0 to 1.33.0.
---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-03-29 16:51:51 +08:00