Upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor.git synced 2024-09-12 14:08:23 +02:00
Code Issues Projects Releases Wiki Activity
11,343 Commits 46 Branches 310 Tags 352 MiB
edd870d8f6
Commit Graph

5424 Commits

Author SHA1 Message Date
sluetze
7dc25cc6dd
Updated translation for 2.5 (#16509) 
Signed-off-by: sluetze <13255307+sluetze@users.noreply.github.com>
 2022-03-15 09:33:54 +08:00
Wang Yan
ef991ae0c0
add transaction for artifact delete (#16506) 
Add transaction for artifact deletion, given API has the transaction when to call artifact controller but other object may not, for example jobservice job.
Here, force add the tx to ensure all the things can be rolled back.

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2022-03-11 14:40:55 +08:00
chlins
4f2cd939ee fix: check the existence of the tag before updating pull time 
Signed-off-by: chlins <chenyuzh@vmware.com>
 2022-03-11 09:40:53 +08:00
孙世军
38babc1c71
Improve style and correct typos (#16498) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2022-03-10 14:23:15 +08:00
孙世军
d05eb5ef4a
Add a new robot permission and sort permissions (#16487) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2022-03-10 10:16:42 +08:00
Lars Lehtonen
d3f7ddfe3a
lib/q: fix dropped test error 
Signed-off-by: Lars Lehtonen <lars.lehtonen@gmail.com>
 2022-03-09 10:03:48 -08:00
MinerYang
2260475d55
bump up github.com/containerd/containerd to v1.5.10 (#16469) 
Co-authored-by: yminer <yminer@vmmware.com>
 2022-03-04 14:12:47 +08:00
疯魔慕薇
1c4495361b
Fix & UT (#16279) 
1. Fix TCR Adapter namespcae check.
2. Add Chart UT.

Signed-off-by: 疯魔慕薇 <kfanjian@gmail.com>
 2022-03-04 14:09:25 +08:00
孙世军
3c9fc9fa5a
Fix inline alert issue (#16454) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2022-03-04 10:50:33 +08:00
MinerYang
4a9107af93
replace with github.com/distribution/distribution v2.8.0+incompatible (#16460) 
Signed-off-by: yminer <yminer@vmmware.com>

Co-authored-by: yminer <yminer@vmmware.com>
 2022-03-03 16:35:02 +08:00
stonezdj(Daojun Zhang)
1971e5a3ef
Merge pull request #16462 from stonezdj/22mar3_withnotary_jobservice 
The DB config manager is not init on jobservice call config.WithNotary
 2022-03-03 16:04:11 +08:00
stonezdj
5618f6d211 The DB config manager is not init on jobservice to call config.WithNotary 
Make func defaultMgr() public
  Set DefaultCfgManager to RestCfgManager and Load it in the jobservice main
  config.WithNotary call DefaultMgr(), it wil get the RestCfgManager
  Fixes #16418

Signed-off-by: stonezdj <stonezdj@gmail.com>
 2022-03-03 14:42:56 +08:00
孙世军
75bc82e5f3
Fix ui issues found on testing day (#16444) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2022-03-03 10:06:28 +08:00
孙世军
eca5f48adb
Upgrade swagger-ui to the latest version (#16443) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2022-03-02 14:47:36 +08:00
stonezdj(Daojun Zhang)
8c698325b5
Merge pull request #16424 from stonezdj/22feb24_trace_failure 
Add IP and agent in trace for failed login
 2022-03-02 11:46:32 +08:00
MinerYang
848efd067d
bump up github.com/docker/distribution to v2.8.0+incompatible (#16435) 
Signed-off-by: yminer <yminer@vmmware.com>

rgoo mod vendor

Signed-off-by: yminer <yminer@vmmware.com>

Co-authored-by: yminer <yminer@vmmware.com>
 2022-03-01 17:29:02 +08:00
stonezdj
7aed95eda9 Add IP and agent in trace for failed login 
Fixes #16423

Signed-off-by: stonezdj <stonezdj@gmail.com>
 2022-02-28 15:17:55 +08:00
He Weiwei
abd85284d2
feat: merge local and remote tags for repo of proxy cache project in list API (#16394) 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2022-02-24 10:27:45 +08:00
Wang Yan
6ef4874011
fix replicate reference accessory (#16401) 
fixes #16375

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2022-02-23 21:24:15 +08:00
Chenyu Zhang
490fe4e5b3
fix: ignore untagged artifact when perform immutable policy (#16386) 
Signed-off-by: chlins <chenyuzh@vmware.com>
 2022-02-22 15:18:29 +08:00
Wang Yan
8d05007eb5
fix accessory copy for index (#16378) 
When issue an copy, it has to copy the reference's accessory as well

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2022-02-17 12:43:09 +08:00
Chenyu Zhang
1e211db540
Merge pull request #16374 from chlins/fix/codeql-alerts-2 
fix: trim linebreaks for log parameters
 2022-02-17 09:56:46 +08:00
Chenyu Zhang
9d1e788f8f
Merge pull request #16352 from chlins/fix/exporter-cmd-typo 
fix: correct typo in exporter cmd
 2022-02-17 09:43:27 +08:00
chlins
3d7a5064e9 fix: trim linebreaks for log parameters 
Signed-off-by: chlins <chenyuzh@vmware.com>
 2022-02-16 10:52:58 +08:00
孙世军
fd92efe140
Upgrade karma and angular devkit (#16366) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2022-02-15 20:24:29 +08:00
Chenyu Zhang
7d10dac4bc
Merge pull request #16359 from chlins/fix/codeql-alerts 
fix: fix codeql alerts
 2022-02-15 18:54:16 +08:00
chlins
b37a987073 fix: fix codeql alerts 
Signed-off-by: chlins <chenyuzh@vmware.com>
 2022-02-15 17:25:02 +08:00
stonezdj(Daojun Zhang)
79edbf8f82
Merge pull request #16272 from stonezdj/22jan24_improve_upgrade_process 
Improve the migrate process
 2022-02-14 16:35:35 +08:00
stonezdj
478d21687b Improve the migrate process 
In order to separate the migrate process from core process, add parameter -mode for main function, it can be normal, migrate, skip_migrate.
Signed-off-by: stonezdj <stonezdj@gmail.com>
 2022-02-14 13:15:18 +08:00
chlins
d2124ce469 fix: correct typo in exporter cmd 
Signed-off-by: chlins <chenyuzh@vmware.com>
 2022-02-11 15:28:02 +08:00
stonezdj(Daojun Zhang)
02e13390e0
Remove noise in log (#16333) 
DB Config Manager could be registered twice if need to enable cache
  Get trace config only when the trace is enabled

Signed-off-by: stonezdj <stonezdj@gmail.com>
 2022-02-10 15:42:45 +08:00
Chenyu Zhang
4ef2d65451
Merge pull request #16286 from chlins/fix/skip-replication-for-proxy-cache 
fix: skip replication to proxy cache project
 2022-02-07 17:06:03 +08:00
Wang Yan
93c0e572a0
fix 16224 (#16307) 
fixes #16224, deny the request to scan an accessory.

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2022-01-30 03:03:39 +08:00
Wang Yan
cda127c27e
bump up containerd to 1.5.9 (#16316) 
Signed-off-by: Wang Yan <wangyan@vmware.com>
 2022-01-29 18:00:23 +08:00
孙世军
1cbdeb0b64
Improve UI style (#16314) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2022-01-29 14:16:46 +08:00
孙世军
88fd4feef5
Add list tag permission for robot account (#16311) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2022-01-28 14:22:37 +08:00
孙世军
45d9ece105
Modify CVSS3 column for cve datagrid (#16298) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2022-01-28 11:46:28 +08:00
Wang Yan
2275c6e969
fix accessory lost tags (#16304) 
It needs to copy tags for the accessories.

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2022-01-28 10:44:29 +08:00
孙世军
241391984b
Add delete repo permission for robot account (#16297) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2022-01-27 13:04:18 +08:00
He Weiwei
8554b7d7c5
refactor: replace lib/pq with jackc/pgx (#16267) 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2022-01-27 11:09:37 +08:00
Wang Yan
0a183feab6
add cosign support in replication (#16282) 
For the case Harbor-to-Harbor, the accessory can be replicated from source or to target.

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2022-01-26 21:35:17 +08:00
chlins
b1afd2efb0 fix: skip replication to proxy cache project 
Signed-off-by: chlins <chenyuzh@vmware.com>
 2022-01-26 17:24:39 +08:00
孙世军
c9af6c0c35
Improve tooltips for LDAP group config (#16280) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2022-01-25 15:43:21 +08:00
Daniel Jiang
60189f2cef
Merge pull request #16181 from JoooostB/16180-oidc-auto-onboard 
Store Username in auto-onboard flow (resolves #16180)
 2022-01-25 11:00:38 +08:00
stonezdj(Daojun Zhang)
307b8973ce
Merge pull request #16260 from stonezdj/22jan21_ldap_group_duplicate 
Group members lose access to push or see projects on Harbor
 2022-01-25 10:15:54 +08:00
Joost Buskermolen
c103a6e9ef
fix: Store Username in auto-onboard flow 
Signed-off-by: Joost Buskermolen <joost@buskervezel.nl>

fix: Remove conditional & elaborate comment on fix

Signed-off-by: Joost Buskermolen <joost@buskervezel.nl>

Add conditional to res.Username override

Signed-off-by: Joost Buskermolen <joost@buskervezel.nl>

test: Set Username based on configured UserClaim

Signed-off-by: Joost Buskermolen <joost@buskervezel.nl>

fix: Remove breaking conditional
Username may be set already if the token has a name claim.
Username is should always be set as the autoOnboard setting.

Signed-off-by: Joost Buskermolen <joost@buskervezel.nl>

Remove conditional altogether
autoOnboardUsername should always be the same as Username

Signed-off-by: Joost Buskermolen <joost@buskervezel.nl>
 2022-01-24 14:38:23 +01:00
stonezdj
20526c5c52 Group members lose access to push or see projects on Harbor 
Handle the case if there is duplicate user group name when onboard ldap user group
   Continue to attach groups when it fail on one item
   Fixes #16220

Signed-off-by: stonezdj <stonezdj@gmail.com>
 2022-01-22 15:07:34 +08:00
孙世军
feeb54e5f8
upgrade ngx-markdown to the latest version (#16251) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2022-01-20 15:37:33 +08:00
chlins
ed4d9a533e fix: add worker pool for execution sweep to limit workers 
Signed-off-by: chlins <chenyuzh@vmware.com>
 2022-01-20 10:45:00 +08:00
Wang Yan
cd8d48794a
update pull policy code (#16237) 
Reduce the DB call on pulling artifact with policy disabled

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2022-01-17 21:55:20 +08:00
Wang Yan
0b4f98074e
fix cosign conflict error on landing data (#16228) 
Cosign client will generate the same signature to the same manifest, ignore the conflict error in middleware

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2022-01-17 19:09:56 +08:00
Wang Yan
01c6f6084b
modify artifact copy api to support cosign (#16194) 
Signed-off-by: Wang Yan <wangyan@vmware.com>
 2022-01-17 15:52:14 +08:00
孙世军
8f77567589
Upgrade UI dependencies (#16233) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2022-01-17 14:20:20 +08:00
孙世军
cc1a204a6b
Encode repo name for deleting accessory (#16234) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2022-01-17 14:19:19 +08:00
孙世军
7ff0bf188a
Add "expires in" column for robot UI (#16227) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2022-01-14 15:42:02 +08:00
MinerYang
719155d595
bump up github.com/opencontainers/runc to v1.0.3 (#16202) 
Signed-off-by: yminer <yminer@vmmware.com>

Co-authored-by: yminer <yminer@vmmware.com>
 2022-01-14 14:19:31 +08:00
Shengwen Yu
b7af0f1529 feat: add current_time to the response of systeminfo api when user logged in 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2022-01-11 17:36:08 +08:00
孙世军
634f0139a0
Add co-sign checkbox for project policy (#16184) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2022-01-10 18:14:34 +08:00
Wang Yan
063991078a
Cosign policy checker (#16187) 
Enable policy checker for cosign, when it's enabled, user cannot pull artifact without cosign.

Signed-off-by: wang yan <wangyan@vmware.com>
 2022-01-10 17:44:01 +08:00
Shengwen Yu
d2ae0165c9 feat: add failure-tolerance for gc 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2022-01-10 11:34:10 +08:00
孙世军
2eda360d9d
Add co-sign UI (#16155) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2022-01-05 13:41:51 +08:00
Chenyu Zhang
b417e877b5
Merge pull request #16107 from chlins/feat/async-update-artifact-pull_count 
feat: async update artifact pull time and repository pull count
 2022-01-05 11:14:28 +08:00
Wang Yan
2111703d8d
Cosign artifact api 
1,update artifact list & delete api to support accessory
2, add list accesories api

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2022-01-05 11:13:40 +08:00
chlins
de7978e1b5 feat: async update artifact pull time and repository pull count 
Signed-off-by: chlins <chenyuzh@vmware.com>
 2021-12-24 11:17:44 +08:00
Julio H Morimoto
ce319a9eca
Improvements for Brazilian Portuguese (pt-br) translation. (#15921) 
Missing items and minor updates to improve the translation.

Signed-off-by: juliohm1978 <jhm@juliohm.com.br>
 2021-12-17 10:36:42 +08:00
孙世军
d9a4f34819
Fix overlapping for repo cardview (#16125) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-12-16 13:49:20 +08:00
chlins
adf866e629 fix: resolve the codeql alerts 
Signed-off-by: chlins <chenyuzh@vmware.com>
 2021-12-15 13:49:42 +08:00
孙世军
46507c2fa9
Add preventDefault for action button of repo card view (#16117) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-12-14 11:44:25 +08:00
孙世军
2a7d4ae4d3
Add share operator to icon observable (#16101) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-12-14 11:44:07 +08:00
孙世军
d711f02401
Add querry parameter for setting.json (#16081) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-12-14 11:20:34 +08:00
孙世军
eb8db3215c
Fix unescaped URL for repo links (#16092) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-12-09 10:15:21 +08:00
Wang Yan
76b981faec
add cosign middleware (#16078) 
The middleware is to land the cosign signature linkage with the subject artifact ID.

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2021-12-07 15:43:10 +08:00
rao yunkun
ce6bf73884 Merge remote-tracking branch 'upstream/main' 2021-12-05 16:34:04 +08:00
stonezdj(Daojun Zhang)
0c0489cbae
Merge pull request #15913 from stonezdj/21nov1_proxy_manifest_list_contenttype 
Cache content type for manifest list and image index in perspective
 2021-12-04 09:05:20 +08:00
Wang Yan
742e7ded00
add accessory dao service (#16045) 
Signed-off-by: wang yan <wangyan@vmware.com>
 2021-12-03 14:34:02 +08:00
stonezdj
6b77c11696 Cache content type for manifest list and image index in perspective 
manifest list: application/vnd.docker.distribution.manifest.list.v2+json
  image index: application/vnd.oci.image.index.v1+json
  fixes #15837

Signed-off-by: stonezdj <stonezdj@gmail.com>
 2021-12-03 14:14:01 +08:00
孙世军
846d690b85
Refactor config component (#16064) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-12-01 10:07:46 +08:00
Wang Yan
7608df4b5c
add pull update control env (#16051) 
These variables are temporary solution for issue: https://github.com/goharbor/harbor/issues/16039
When user disable the pull count/time/audit log, it will decrease the database access, especially in large concurrency pull scenarios.

1, PULL_TIME_UPDATE_DISABLE : The flag to indicate if pull time is disable for pull request.
2, PULL_COUNT_UPDATE_DISABLE : The flag to indicate if pull count is disable for pull request.
3, pull audit log will not create on disabling pull time.

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2021-11-26 18:13:23 +08:00
孙世军
cad78f6af4
Audit fixing for package-lock.json (#16043) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-11-23 15:56:09 +08:00
Wang Yan
91e406ba60
bump up dep versions (#16038) 
1, upgrade containerd to v1.14.12
2. upgrade image-spec to v1.0.2

Signed-off-by: wy65701436 <wangyan@vmware.com>
 2021-11-23 10:32:29 +08:00
孙世军
784cdabc61
Fix null point exception for chart version (#16006) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-11-22 10:48:42 +08:00
孙世军
21dfba7330
Redirect to sign-in page when user session timed out (#16005) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-11-22 10:47:49 +08:00
stonezdj(Daojun Zhang)
060341ba4e
Merge pull request #15949 from stonezdj/21nov4_cache_properties 
Enable db config cache explicitly
 2021-11-16 14:39:10 +08:00
Chenyu Zhang
d260e632d8
Merge pull request #15985 from chlins/fix/replication-rule-enhancement 
fix(replication): enhance the replication rule validation
 2021-11-12 11:12:41 +08:00
chlins
f880bc3361 fix(replication): enhance the replication rule validation 
Signed-off-by: chlins <chenyuzh@vmware.com>
 2021-11-12 09:53:11 +08:00
孙世军
ddd4cdb306
Not allow space in replication rule filters (#15984) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-11-11 12:23:26 +08:00
孙世军
ea16f1fb5e
Change base tag to "/" for index.html (#15965) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-11-08 17:42:07 +08:00
孙世军
d5a4f0b8bc
Add select-all and unselect-all for robot permissions (#15962) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-11-08 14:38:26 +08:00
孙世军
ab037c35cc
Fix ng-change-checking error for repos component (#15961) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-11-08 14:37:45 +08:00
孙世军
0413b8b6f7
Support right click to open a link in a new tab (#15935) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-11-08 14:37:27 +08:00
sluetze
3760375ba9 updated german translation for 2.4 
Signed-off-by: sluetze <13255307+sluetze@users.noreply.github.com>
 2021-11-08 11:15:55 +08:00
Chenyu Zhang
3aa698c7c9
fix(replication): list projects before replicate to reduce create duplicate project and requests to target registry (#15934) 
Signed-off-by: chlins <chenyuzh@vmware.com>
 2021-11-08 10:39:58 +08:00
He Weiwei
b2268dbf8e
fix: remove x-go-type in swagger.yaml (#15923) 
Closes #15912

Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2021-11-04 23:39:36 +08:00
stonezdj
21601f5e3c Enable db config cache explicitly 
previous config is not cached because it is initialized when cache is not ready

Signed-off-by: stonezdj <stonezdj@gmail.com>
 2021-11-04 16:01:25 +08:00
孙世军
71ee8b57c2
Remove loading for auto refreshing (#15914) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-11-03 14:29:54 +08:00
孙世军
264a320d38
Add pagination for user groups (#15932) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-11-03 14:29:24 +08:00
stonezdj(Daojun Zhang)
465240216a
Merge pull request #15864 from stonezdj/21oct25_fix_crash_missing_ldap_attribut 
Check empty ldap attributes value
 2021-11-02 08:56:33 +08:00
stonezdj
ec23ddabc3 Check empty ldap attributes value 
fixes #11986

Signed-off-by: stonezdj <stonezdj@gmail.com>
 2021-11-01 17:56:37 +08:00
孙世军
44f477e965
Change ng-swagger-gen to a stable version (#15903) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-10-29 18:44:20 +08:00
孙世军
fed84069a2
Fix css issue for chart label filter (#15891) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-10-29 10:38:52 +08:00
孙世军
ec1c8c9cd3
Upgrade Clarity and Angular to latest stable version (#15887) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-10-28 17:21:39 +08:00
Aaron Layfield
7b75a456d3
Robot Account CREATE / DELETE Label (#15815) 
Signed-off-by: Aaron Layfield <aaron.layfield@gmail.com>
 2021-10-27 14:24:07 +08:00
Wang Yan
a956758302
bump up go version to v1.17 (#15865) 
* bump up go version to v1.17

Signed-off-by: Wang Yan <wangyan@vmware.com>

* gofmt fail

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2021-10-25 17:28:29 +08:00
stonezdj(Daojun Zhang)
adc2e8873f
Add hostname to trace span name (#15806) 
Fixes #15726, unify the trace span name in all components

Signed-off-by: stonezdj <stonezdj@gmail.com>
 2021-10-25 17:09:59 +08:00
孙世军
266f0c41da
Enlarge index artifact folder icon (#15860) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-10-25 13:46:32 +08:00
孙世军
528d028f1d
Add XAcceptVulnerabilities header when getting artifact scan overview (#15853) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-10-22 17:12:35 +08:00
Chenyu Zhang
be27792170
Merge pull request #15845 from chlins/fix/codeql-golang-security-issues 
fix: handle codeql golang security issues
 2021-10-22 13:27:07 +08:00
Alexis L
5fd6168c57
fix(scan): Add function to avoid writing creds in jobservice logs, switch to debug instead of info (#15747) 
Signed-off-by: Alexis <60alexis@gmail.com>
 2021-10-22 11:34:15 +08:00
chlins
9e8218f63b fix: handle codeql golang security issues 
Signed-off-by: chlins <chenyuzh@vmware.com>
 2021-10-22 10:51:26 +08:00
孙世军
3da8e573a0
Fix css issues for robot and replication (#15834) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-10-22 10:09:16 +08:00
stonezdj(Daojun Zhang)
bc6a7f65a6
Merge pull request #15677 from stonezdj/21sep27_remove_error_log 
Change log level to debug
 2021-10-21 09:25:18 +08:00
Wang Yan
6014646bcb
fixes gc dry run issue (#15804) 
fixes #15332, for the dry run mode, gc job should not remove the untagged candidates.
To fix it, use the simulate untagged artifact deletion for dry-run.

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2021-10-19 07:42:54 +08:00
Steven Zou
22e99c78d1
Merge pull request #15777 from AllForNothing/remove-neg 
Remove negligible and unknown severities and add none severity
 2021-10-18 11:46:20 +08:00
stonezdj(Daojun Zhang)
2020bf383b
Merge pull request #15790 from stonezdj/21oct15_change_trace_name 
Change the span name to <method>_<request uri>
 2021-10-18 09:41:12 +08:00
Shatakshi Gupta
76733d72be
fixed S1008 bugbash error (#15781) 
Signed-off-by: Shatakshi <shatakshi.gupta85@gmail.com>
 2021-10-14 20:10:48 +08:00
Soumik Majumder
eb7329a471
Fix semgrep sprintf-host-port (#15782) 
Signed-off-by: Soumik Majumder <soumikm@vmware.com>
 2021-10-14 20:10:27 +08:00
Wang Yan
f9d1294b45
roll back the runner count (#15792) 
It takes about 1 hour to perform data for 40000 repositories per performance testing.

Roll back the runner count to 100 could speed the data preparation time.
It's safe since it only takes 100 DB connection counts at most per execution per core.

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2021-10-14 19:05:30 +08:00
He Weiwei
b390112f5a
fix: convert severity from negligible to none before saving to db (#15791) 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2021-10-14 16:02:38 +08:00
stonezdj
3b2ac06639 Change the span name to <method>_<request uri> 
Use the same trace option for HTTPTransport
  fixes #15726
Signed-off-by: stonezdj <stonezdj@gmail.com>
 2021-10-14 14:33:16 +08:00
Soumik Majumder
2679b2427b
Fix semgrep use-of-weak-crypto error (#15784) 
Signed-off-by: Soumik Majumder <soumikm@vmware.com>
 2021-10-14 14:28:59 +08:00
Wang Yan
729d2e6590 fix replication DB connection issue 
fixes #15736

For the current imple, the GetWorker() may hang when there is no worker available, and will not release the DB connection.
In this case, the DB connection could reach the up limit that leads to harbor core for service unavailable.

1, move GetWorker() in the goroutine, release the DB connection for API.
2, reduce the worker count per harbor-core from 1024 to 10.
3, reduce the runner count per worker to 30.

After above, the max connection per harbor-core should be 300.

Worker: To control how many replicaiton exectuions can have at most at the same time.
Runner: To control the speed to generate an jobservice replicaiton job.

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2021-10-14 11:31:33 +08:00
AllForNothing
b2775292ef Remove negligible and unknown severities and add none severity 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-10-13 16:45:16 +08:00
Shengwen YU
4d89c845d0
fix: webhook log (#15756) 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>

Co-authored-by: Shengwen Yu <yshengwen@vmware.com>
 2021-10-13 15:46:04 +08:00
Wang Yan
5c92b2f308
bump up containerd version (#15752) 
Signed-off-by: Wang Yan <wangyan@vmware.com>
 2021-10-11 17:45:21 +08:00
Wenkai Yin(尹文开)
dc8477bd7a
Merge pull request #15680 from antbreton/fix/15679 
fix filename processing to support both URI and URL
 2021-10-11 17:18:23 +08:00
Wang Yan
f57c426409
bump up jwt version (#15730) 
Upgrade the jwt to github.com/golang-jwt/jwt/v4, and it's backwards compatible with v3.x.y.

Signed-off-by: wang yan <wangyan@vmware.com>
 2021-10-08 16:09:00 +08:00
孙世军
96f5caa635
Add list artifact and list repo permissions to robot account (#15718) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-10-08 10:56:37 +08:00
stonezdj(Daojun Zhang)
32023891eb
Merge pull request #15675 from stonezdj/21sep22_email_nullable 
Allow empty email attribute for ldap/oidc user
 2021-10-02 10:33:38 +08:00
Wang Yan
4e984e8c6e
fix legacy robot edit issue (#15709) 
fixes #15690, for the legacy robot, update is denied.

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2021-10-01 00:41:54 +08:00
孙世军
7345021800
Fix lagecy robot edit issue (#15716) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-09-30 15:01:19 +08:00
stonezdj
06715af303 Allow empty email attribute for ldap/oidc user 
Define user.Email as sql.NullString to avoid unique constraint when email is empty in LDAP/OIDC
  Separate the common/models/User with the pkg/user/dao/User
  Fixes #10400
Signed-off-by: stonezdj <stonezdj@gmail.com>
 2021-09-30 14:35:18 +08:00
孙世军
c1169d66be
Improve routing links (#15706) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-09-30 10:25:19 +08:00
stonezdj
a00a83df38 Fix all issues related to the noise in the logs 
Change log level to debug when required
Signed-off-by: stonezdj <stonezdj@gmail.com>
 2021-09-29 20:19:53 +08:00
antbreton
db2a6fb970 fix filename processing to support both URI and URL 
Signed-off-by: antbreton <antoine.breton06@gmail.com>
 2021-09-27 16:13:21 +02:00
孙世军
38e0910fc7
Auto-focus for filter component (#15672) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-09-27 18:46:27 +08:00
Alan
fc1db450b2
fix translation error in zh for cron (#15668) 
Signed-off-by: alan <zg.zhu@daocloud.io>
 2021-09-27 12:50:20 +08:00
孙世军
ad1a6d64d5
Improve css style for project detail and add webhook components (#15650) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-09-27 11:00:16 +08:00
yxxhero
63b8e6a9ce
add unittest for jobservice/common/utils package and fix a issue for IsValidURL (#15539) 
add unittest for common utils package and fix a issue

Signed-off-by: yxxhero <aiopsclub@163.com>
 2021-09-24 19:07:55 +08:00
Daniel Jiang
c3f92a748c
Merge pull request #15660 from reasonerjt/no-warning-groupclaim 
Do not print warning message if group claim is empty
 2021-09-24 18:23:05 +08:00
Daniel Jiang
5522ccbd93
Merge pull request #15521 from wy65701436/remove-quota-switch 
remove the internal legacy API to switch quota
 2021-09-24 18:21:53 +08:00
Daniel Jiang
fbcba772e9 Do not print warning message if group claim is empty 
fixes #15616

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2021-09-24 15:43:54 +08:00
Wang Yan
0a2db1405a
update go dep version (#15648) 
To fix the Dependabot alerts

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2021-09-23 17:37:38 +08:00
孙世军
37cd3ce98c
Improve style for add replication rule component (#15632) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-09-23 15:10:59 +08:00
孙世军
ce1cb0cb88
Remove push option for project access log component (#15629) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-09-23 11:19:43 +08:00
Qian Deng
da9faf0c6c Upgrade opentelemetry to 1.0.0 
* upgrade from 1.0.0-RC3 to 1.0.0
* remove fork

Signed-off-by: Qian Deng <dengq@vmware.com>
 2021-09-22 14:00:00 +00:00
stonezdj(Daojun Zhang)
972fa0880b
Merge pull request #15505 from ninjadq/add_distributed_tracing 
Add distributed tracing
 2021-09-22 14:16:19 +08:00
Qian Deng
354a2bd80d Enhance the trace related code 
* Move request id to requestid middleware
* fix span pass to child ctx on orm
* fix typos
* remove unused code
* add operation name to Transaction

Signed-off-by: Qian Deng <dengq@vmware.com>
 2021-09-22 04:14:43 +00:00
Daniel Jiang
36a17ed7a7
Merge pull request #15625 from reasonerjt/oidc-username-prty 
Make sure auto-onboard username claim has higher priority
 2021-09-22 11:53:43 +08:00
Daniel Jiang
91131098c3 Make sure auto-onboard username claim has higher priority 
This commit adjust the priority when consolidating data from userinfo
endpoint and id token, making sure the auto-onboard username claim from
ID token has highest priority.

fixes #15504

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2021-09-22 08:59:59 +08:00
Daniel Jiang
884da19414 Do not check security context in Get of user controller 
This commit make sure when security context is not found the `Get`
function in user controller should not return error.
Because this func will be called by security middleware, at which point
of time the security context is not generated.
Additionally, checking security context is not necessary because the
permission checking is already done in the API handler layer.

fixes #15535

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2021-09-21 16:40:16 +08:00
Qian Deng
31707dbf25 Using harbor lib config 
using config manager to get env configs

Signed-off-by: Qian Deng <dengq@vmware.com>
 2021-09-18 10:58:52 +00:00
Qian Deng
543d044f7a Update vendors 
Update vendors for trace

Signed-off-by: Qian Deng <dengq@vmware.com>
 2021-09-18 10:58:52 +00:00
Qian Deng
bad913cf6d Refactor trace code 
* use lib trace helper function
* add gracefull shutdown
* Add commens for new added exposed function
* Add licence on top of new created files
* Update trace library
* Update configs
* Add attribute and namespance in config

Signed-off-by: Qian Deng <dengq@vmware.com>
 2021-09-18 10:58:52 +00:00
Qian Deng
6fec5b2873 Add trace to jobservice 
* Add trace init in main
* Add env template
* Add trace for router

Signed-off-by: Qian Deng <dengq@vmware.com>
 2021-09-18 10:58:52 +00:00
Qian Deng
14095fb10b Add trace to registryctl 
* Add trace init to main
* Add trace for http server
* Add trace for gc
* Add env template trace

Signed-off-by: Qian Deng <dengq@vmware.com>
 2021-09-18 10:58:52 +00:00
Qian Deng
879eecc926 Refactor and Add trace to http Transport 
* Refactor common http GetTransport function signature
* Remove redendent GetHTTPTransport and similar functions
* Update Authorized function signature to meet new HTTPTransport
* Add trace for default Transport

Signed-off-by: Qian Deng <dengq@vmware.com>
 2021-09-18 10:58:52 +00:00
Qian Deng
a15983432c Add trace for core 
* Add trace related lib
* Add trace middleware for core
* add rid for middleware

Signed-off-by: Qian Deng <dengq@vmware.com>
 2021-09-18 10:58:52 +00:00
He Weiwei
ecc1a04c92
refactor: implement a lock free quota (#15399) 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2021-09-17 11:26:37 +08:00
He Weiwei
d9a0687461
refactor: using ctx from http request for credMaker of preheat enforcer (#15568) 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2021-09-16 18:40:02 +08:00
Steven Zou
0839028096
Merge pull request #15581 from bitsf/fix_gitlab_filters 
fix(replication) gitlab filters may not work
 2021-09-16 14:14:30 +08:00
孙世军
9e9c4a03bb
Add stop scan functionality (#15528) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-09-15 17:00:08 +08:00
孙世军
c5003f38ba
Add bandwidth input to adding replication rule (#15550) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-09-15 16:59:14 +08:00
Shengwen YU
ce9bea807e
fix: update context to "makeCtx func() context.Context" (#15584) 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>

Co-authored-by: Shengwen Yu <yshengwen@vmware.com>
 2021-09-15 10:10:39 +08:00
Ziming Zhang
98cef43ead limit replication bandwidth 
Signed-off-by: Ziming Zhang <zziming@vmware.com>
 2021-09-14 11:23:28 +08:00
孙世军
9fdf8e286d
Clear selected row after refreshing for replication task list component (#15549) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-09-14 11:21:16 +08:00
Junyoung, Sung
251feea1fd
Fix typo maxDeepth -> maxDepth (#15574) 
Signed-off-by: Junyoung, Sung <junyoung.sung@naverlabs.com>
 2021-09-13 21:23:31 +08:00
Wenkai Yin(尹文开)
8e1ffd022c
Merge pull request #15543 from steven-zou/feat/sync-schedules 
feat(schedule):sync schedules in db to js datastore
 2021-09-13 20:15:00 +08:00
Ziming Zhang
d62aaaa625 fix(replication) gitlab filters may not work 
Signed-off-by: Ziming Zhang <zziming@vmware.com>
 2021-09-13 17:23:12 +08:00
Shengwen YU
9cb266a8a0
Merge pull request #15548 from zyyw/ISSUE-14831 
Add stop scan a particular artifact & stop scan all
 2021-09-13 15:07:49 +08:00
Shengwen Yu
e2e3bcca1c feat: add stop scan & stop scan-all feature 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2021-09-13 11:19:21 +08:00
He Weiwei
d00024ab36 refactor: initialize the remote helper using ctx from http request 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2021-09-09 11:13:53 +00:00
Steven Zou
6b5cd3a7a5 feat(schedule):sync schedules in db to js datastore 
- add a sync worker to sync db schedules when js starting. add missing ones and clear dirty ones.
- update task model to contain status revision info
- update job lifecycle tracker save() method
- update job ACK model
- add UT cases
- update malformat comments

fix #15323

Signed-off-by: Steven Zou <szou@vmware.com>
 2021-09-07 08:33:01 +08:00
AllForNothing
a3883e41a9 Fix ui issue for add p2p policy component 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-09-03 10:45:10 +08:00
He Weiwei
06f2414d1c
fix: use ctx from http request for middlewares (#15523) 
1. Use ctx from http request for the readonly middleware.
2. Refactor the AuthenticateHelper to let it get orm from ctx of the http request.
3. Change to use ctx from http request for oidc and authproxy http handlers.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2021-09-02 19:05:35 +08:00
孙世军
383635e970
Refactor add group component (#15518) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-09-02 15:30:43 +08:00
stonezdj(Daojun Zhang)
6b8c5c9edd
Add usergroup search API (#15483) 
Fixes #15450
  Add paging function to usergroup list/search API
  Fix some 500 error when adding LDAP user/group to project member

Signed-off-by: stonezdj <stonezdj@gmail.com>
 2021-09-02 09:04:33 +08:00
Wang Yan
581bb8833e remove the internal legacy API to switch quota 
The init design of this API is to avoid the quota error leads to system disaster.
As quota has been refineded and redis lock has been removed, the API can be deprecated safely.

And this API is only call the DB to refresh quota data, user can call the SyncQuota API to handle this.

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2021-09-01 10:49:03 +08:00
Pei-Tang Huang
ff617950b7
Helm Chart should not be translated. (#15438) 
And the existing translation is also not accurate to the meaning of Helm.

Signed-off-by: Pei-Tang Huang <tangtheone@gmail.com>
 2021-08-31 15:43:30 +08:00
Julio H Morimoto
9799598f33
Fixes https://github.com/goharbor/harbor/issues/15454. (#15455) 
Signed-off-by: Julio Morimoto <julio@morimoto.net.br>
 2021-08-31 15:39:36 +08:00
Wang Yan
e0c4ebd84d
fix gc delete manifest log issue (#15495) 
It needs to use the logger to print error log when timeout, otherwise, it will be dropped.

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2021-08-30 13:40:33 +08:00
He Weiwei
d482a0c323
fix: avoid panic in the RetryUntil (#15501) 
1. Use jpillora/backoff to get the backoff to avoid the panic in RetryUntil.
2. Return with last err when retry timeout.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2021-08-27 17:28:33 +08:00
孙世军
b58158c30f
Fix some UI bugs (#15486) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-08-26 15:24:45 +08:00
孙世军
9aab74d382
Correct clrDgTotalItems for tag-retention-tasks component (#15492) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-08-26 15:24:22 +08:00
孙世军
4e998b7dce
Fix chart download issue (#15472) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-08-24 17:05:13 +08:00
孙世军
eca3d82d9c
Improve global search component (#15462) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-08-24 17:04:37 +08:00
Wang Yan
b9228096dc
enable robot to support create project (#15461) 
1, for admin only, the system level robot should contains the project creation access.
2, for not admin only, the system level robot can create project.
3, for the project that created by system level robot, use the admin ID as the ownerID.

No path for project level robot to create project.

Signed-off-by: wang yan <wangyan@vmware.com>
 2021-08-24 09:34:02 +08:00
孙世军
b73480ed0c
Improve css style for autofill input (#15457) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-08-20 12:08:39 +08:00
yunkunrao
246d863c59 Refactor ping method into util pkg 
Signed-off-by: yunkunrao <yunkunrao@gmail.com>
 2021-08-19 21:57:25 +08:00
孙世军
14c0a61d3d
Support excluding rule for adding a replication rule (#15368) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-08-19 14:54:09 +08:00
Steven Zou
f3a875abd7
Merge pull request #15344 from bitsf/replication_policy_exclude 
feat(replication) add exclude decoration in policy
 2021-08-19 14:26:17 +08:00
孙世军
2e8c3463ec
Disable add group button for LDAP project admin (#15448) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-08-18 19:48:02 +08:00
Daniel Jiang
cdb13f5191
Merge pull request #15291 from kschu91/bugfix/15290 
if username is not available in remote, fall back to username from token
 2021-08-17 16:58:46 +08:00
Wang Yan
14f7274989
support robot to list project (#15431) 
1, add permission check for API of List Projects
2, add permission check for API of List Repositories
3, use the self defined query to handle both names and public query

Signed-off-by: wang yan <wangyan@vmware.com>
 2021-08-17 16:35:36 +08:00
Ziming Zhang
62808bf014 feat(replication) refactor replication filter Validate() 
Signed-off-by: Ziming Zhang <zziming@vmware.com>
 2021-08-17 14:19:14 +08:00
Ziming Zhang
698c336421 feat(replication) add exclude decoration in policy 
Signed-off-by: Ziming Zhang <zziming@vmware.com>
 2021-08-17 14:19:13 +08:00
孙世军
eabff82366
Improve getChanges function for edit registries compoment (#15404) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-08-12 10:08:49 +08:00
Gustavo Stein
cd987c6b8a
Fixes bizarre translation for CLI in pt-br. (#15390) 
Signed-off-by: Gustavo Raphael Stein <grstein.ramone@gmail.com>
 2021-08-11 09:59:54 +08:00
Tianon Gravi
af18f5bd20
Adjust "flattening" tooltip quotes to be consistent (#15393) 
This is a minor consistency issue, but it also turns into a minor rendering issue where something is converting "backtick + a" into "à"

Signed-off-by: Tianon Gravi <tianon@infosiftr.com>
 2021-08-10 15:21:13 +08:00
stonezdj(Daojun Zhang)
d7c8c722f5
Merge pull request #15397 from stonezdj/21aug4_fix_ldap_ipv6 
Support IPv6 when connecting to LDAP server
 2021-08-09 12:47:20 +08:00
孙世军
9a10c6627b
Add docker build to deploy Harbor UI for testing (#15381) 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2021-08-09 10:37:49 +08:00