Upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor.git synced 2024-11-24 11:15:24 +01:00
Code Issues Projects Releases Wiki Activity
8,800 Commits 48 Branches 317 Tags 353 MiB
f02c5570a7
Commit Graph

3849 Commits

Author SHA1 Message Date
Yogi_Wang
dccf125016 [feat] Upgrade clarity to 2.3.8 
Signed-off-by: Yogi_Wang <yawang@vmware.com>
 2020-03-11 15:41:33 +08:00
Wenkai Yin(尹文开)
d644d23b25
Merge pull request #10370 from kofj/fix/aliacr 
FIX: AliACR Provider.
 2020-03-11 15:36:34 +08:00
Ziming Zhang
7d53a61a92 feat(replication) sort the adapters shown on UI 
Signed-off-by: Ziming Zhang <zziming@vmware.com>
 2020-03-11 15:03:10 +08:00
Wenkai Yin(尹文开)
b02cab434f
Fire event when create/delete resources (#11010) 
1. Create/delete project
2. Create/delete repository
3. Push/pull/delete artifact
4. Create/delete tag

Signed-off-by: Wenkai Yin <yinw@vmware.com>
 2020-03-11 14:39:01 +08:00
He Weiwei
41edfaf3a6
fix(api): escape path paramters before APIs and unescape them in the Prepare of operations (#11013) 
1. Escape the path paramters before the APIs.
2. Unescape the path paramters in the Prepare stage of the swagger
operations.

Closes #10860

Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2020-03-11 12:18:40 +08:00
stonezdj(Daojun Zhang)
c7fd3bdfc5
Refactor event model (#10876) 
Move src/pkg/notification/model/const.go to src/pkg/notifier/model/const.go
Add auditlog handler to log project event, repo event, artifact event and tag event.

Signed-off-by: stonezdj <stonezdj@gmail.com>
 2020-03-11 11:51:28 +08:00
Yogi_Wang
fe047a2ad3 [OCI] Artifact filter params changes in ui 
Signed-off-by: Yogi_Wang <yawang@vmware.com>
 2020-03-11 11:21:08 +08:00
Ziming Zhang
5622a20058 feat(pkg) move artifactselector to src/internal 
Signed-off-by: Ziming Zhang <zziming@vmware.com>
 2020-03-10 17:01:25 +08:00
Ziming
890200ea19
feature(tag_retention) add webhook for deleted artifacts (#10982) 
Signed-off-by: Ziming Zhang <zziming@vmware.com>
 2020-03-10 10:46:58 +08:00
Will Sun
cb370f8dd9
Merge pull request #10980 from AllForNothing/scan-bug 
Fix  a bug for scanning
 2020-03-10 09:51:10 +08:00
Wenkai Yin(尹文开)
307dbc6fba
Accept the pagination information in the separated query string (#10991) 
Accept the pagination information in the separated query string

Signed-off-by: Wenkai Yin <yinw@vmware.com>
 2020-03-09 22:19:42 +08:00
AllForNothing
de009f49fb Add new parameter for GC page 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2020-03-09 17:51:00 +08:00
Yogi_Wang
a8a7975522 Csrf change to v2.0 in ui 
1.delete personal xsrf service
2.change to direactive get token
Signed-off-by: Yogi_Wang <yawang@vmware.com>
 2020-03-09 15:08:50 +08:00
Wenkai Yin(尹文开)
30896f3a10
Merge pull request #10968 from ywk253100/200306_artifact_query 
Add support for querying artifact by labels and tags
 2020-03-09 14:10:19 +08:00
Daniel Jiang
6d89553c4d
Merge pull request #10937 from reasonerjt/csrf-2.0 
Update CSRF mechanism
 2020-03-09 12:31:08 +08:00
Wang Yan
073d95b89f
add scanner pull check in policy checker middleware (#10971) 
Scanner uses the robot account to pull image and scan, the policy checker should bypass the
pull action even the policy enabled, otherwise the scan job will fail.

Signed-off-by: wang yan <wangyan@vmware.com>
 2020-03-09 12:11:54 +08:00
Daniel Jiang
7897fd752b
Merge pull request #10969 from reasonerjt/rm-travis 
Remove dependency on travis-ci
 2020-03-09 12:06:57 +08:00
Wenkai Yin(尹文开)
c0542776e0
Merge pull request #10961 from ywk253100/200306_replication 
Make replication work with new artifact(phase 2)
 2020-03-09 11:58:26 +08:00
Wenkai Yin(尹文开)
52c6d354d1
Merge pull request #10967 from ywk253100/200307_auth_header 
Only set "Www-Authenticate" header for registry API
 2020-03-09 11:58:09 +08:00
Wang Yan
7b8aca6cd2
Merge pull request #10973 from wy65701436/inlimited-robot 
add no expriation limited robot account
 2020-03-09 11:30:21 +08:00
Wang Yan
4c167b7a33
Merge pull request #10972 from wy65701436/conformance-fix 
fix Conformance testing failure
 2020-03-09 11:28:45 +08:00
Wenkai Yin
8bd632316c Only set "Www-Authenticate" header for registry API 
If "Www-Authenticate" header is set for Harbor management API, the browser will show a basic auth dialog when get 401 error, this commit moves the header to the registry APIs

Signed-off-by: Wenkai Yin <yinw@vmware.com>
 2020-03-09 10:57:42 +08:00
AllForNothing
c5e7e51b60 Fix a bug for scanning 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2020-03-09 10:52:25 +08:00
wang yan
18bd2f162c fix Conformance testing failure 
1, Return DIGEST_INVALID error in delete manifest instead of NOT_FOUND
2, Disable return 500 in immutable middleware
3, Return empty array in catalog and tags API instead of null

Signed-off-by: wang yan <wangyan@vmware.com>
 2020-03-09 10:29:10 +08:00
Wenkai Yin(尹文开)
e4bee937ff
Merge pull request #10970 from wy65701436/remove-regtoken 
remove middleware regtoken
 2020-03-09 09:41:46 +08:00
Daniel Jiang
0f0e27179b Remove dependency on travis-ci 
Github actions work fine, we no longer needs travi-ci to trigger the
tests.
This commit removes it.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2020-03-09 01:30:38 +08:00
Daniel Jiang
ae5ffce83a Update CSRF mechanism 
This commit replaces beego's CSRF mechanism with gorilla's csrf library.
The criteria for requests to skip the csrf check remain the same.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2020-03-09 01:15:54 +08:00
wang yan
b23111063d add no expriation limited robot account 
"-1" means the robot account is a permanent account, no expiration time set.
The ExpiresAt claim is optional, so if it's not set, it will still be considered a valid claim

Signed-off-by: wang yan <wangyan@vmware.com>
 2020-03-08 16:47:40 +08:00
Wang Yan
e86d3a728c
Merge pull request #10899 from steven-zou/fix/failure_js_ut_cases 
fix[js]:fix ut case faulure
 2020-03-07 19:10:02 +08:00
wang yan
ddc0f83ccd remove middleware regtoken 
Remove it since we don's use bearer token as the registry token and the skipper of scanner pull will
be covered in the robot account access scope.

Signed-off-by: wang yan <wangyan@vmware.com>
 2020-03-07 19:06:30 +08:00
Wenkai Yin
b14762ee17 Add support for querying artifact by labels and tags 
Add support for querying artifact by labels and tags

Signed-off-by: Wenkai Yin <yinw@vmware.com>
 2020-03-07 11:32:15 +08:00
Wenkai Yin
e237a686c4 Make replication work with new artifact(phase 2) 
Provide the resource type filter for users to choose when replicating from harbor to other registries

Signed-off-by: Wenkai Yin <yinw@vmware.com>
 2020-03-06 18:26:37 +08:00
Wang Yan
50e9d1a56e
Merge pull request #10951 from wy65701436/readonly-filter 
skip configuration update in readonly mode
 2020-03-06 16:22:14 +08:00
Wang Yan
ea45fee3fe
Merge pull request #10954 from wy65701436/fix-gc-job 
Fix gc issue on clean the artifact trash
 2020-03-06 14:47:05 +08:00
Wenkai Yin(尹文开)
63cf1041f7
Merge pull request #10941 from ywk253100/200304_query_label 
Implement query string builder
 2020-03-06 13:18:10 +08:00
wang yan
2b0b7576b2 Fix gc issue on clean the artifact trash 
1, enable dao test for artifact trash
2, set default flush trash table to false
3, hanlder empty parameter in API call
4, add registry auth info into jobservice container

Signed-off-by: wang yan <wangyan@vmware.com>
 2020-03-06 03:11:31 +08:00
wang yan
8b4211717e skip configuration update in readonly mode 
Admin must have a way to switch off the readonly by call configuration api,
either internal or external.

Signed-off-by: wang yan <wangyan@vmware.com>
 2020-03-06 00:34:26 +08:00
He Weiwei
c8ca6a5ccf
Remove the readonly filter (#10944) 
Remove the readonly filter as we have introduced readonly middleware

Signed-off-by: Wenkai Yin <yinw@vmware.com>
 2020-03-05 18:59:35 +08:00
He Weiwei
d21318dfcf
Use project controller rather than the manager in API handlers (#10946) 
Use project controller rather than the manager in API handlers

Signed-off-by: Wenkai Yin <yinw@vmware.com>
 2020-03-05 18:58:47 +08:00
Wenkai Yin(尹文开)
84bd30c570
Merge pull request #10923 from ywk253100/200301_replication 
Make sure replication work with OCI artifacts(phase 1)
 2020-03-05 17:48:56 +08:00
Wenkai Yin
8abb630b4c Implement query string builder 
This commit defines the API query string format and provides the builders to build query string to query model

Signed-off-by: Wenkai Yin <yinw@vmware.com>
 2020-03-05 17:46:11 +08:00
stonezdj(Daojun Zhang)
49619e1907
Merge pull request #10939 from wy65701436/access-log-mgr 
add audit logs API
 2020-03-05 16:24:21 +08:00
AllForNothing
5b440082dc Add new status "scan unsupported" for artifact list 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2020-03-05 15:33:28 +08:00
Wang Yan
e79f4fd270
Merge pull request #10908 from wy65701436/middleware-blocker 
add delete manifest middleware
 2020-03-05 12:00:43 +08:00
wang yan
df237a5b17 add audit logs API 
1, add API entry for get audit logs
2. add audit log manager to hanlder CRUD

Use the new format of audit log to cover differernt resource, artifact/tag/repostory/project

Signed-off-by: wang yan <wangyan@vmware.com>
 2020-03-05 11:40:51 +08:00
Wenkai Yin
76c04b0219 Persistent the URLs and annotations of artifact references in database 
Persistent the URLs and annotations of artifact references in database

Signed-off-by: Wenkai Yin <yinw@vmware.com>
 2020-03-05 10:54:45 +08:00
Will Sun
a5d9a3b65d
Merge pull request #10863 from AllForNothing/api-center 
Fix Api cennter
 2020-03-05 10:00:15 +08:00
wang yan
3bb574db35 use delete manifest to handle immutable and signature 
1, Use signature manager to get signature
2, Check the immutable and signature status when deleting.
3, Remove the immutable middleware for delelte manifest

Signed-off-by: wang yan <wangyan@vmware.com>
 2020-03-04 18:03:34 +08:00
AllForNothing
f46a61e522 Improve scan funciton 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2020-03-04 16:09:27 +08:00
jwangyangls
3a6b675dbd
Merge pull request #10887 from jwangyangls/filter-artifact-mutiple 
Filter artifact by type/tag  and change error setting
 2020-03-04 11:50:30 +08:00
Wenkai Yin
e45eaeec74 Fix transaction issue 
More detail: // https://www.postgresql.org/message-id/002e01c04da9%24a8f95c20%2425efe6c1%40lasting.ro

Signed-off-by: Wenkai Yin <yinw@vmware.com>
 2020-03-04 08:01:11 +08:00
Wenkai Yin
d4ba023457 Make sure replication work with OCI artifacts(phase 1) 
This commit updates the definition of replicated resource(artifacts replace the vtags) and refactor the filter part

Signed-off-by: Wenkai Yin <yinw@vmware.com>
 2020-03-03 17:50:51 +08:00
He Weiwei
69119b6410
feat(addition-link): only set vuls addition link when artifact scanable (#10892) 
1. Add Checker to check the scannable status of the artifact.
2. Only set vulnerabilities addition link when the artifact scanable in the
project.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2020-03-03 16:41:54 +08:00
Yogi_Wang
4d3aa26853 Filter artifact by type/tag and change error setting 
Signed-off-by: Yogi_Wang <yawang@vmware.com>
 2020-03-03 16:16:17 +08:00
jwangyangls
0d45308fbc
Merge pull request #10902 from jwangyangls/fix-xsrf-422 
Fix xsrf error status bug when after beego update
 2020-03-03 15:38:07 +08:00
Ziming
70dcca6579
Merge pull request #10857 from bitsf/remove_pkg_art 
feat(oci) remove dead code pkg/art
 2020-03-03 11:50:15 +08:00
Steven Zou
bd0e401cae fix[js]:fix ut case faulure 
- refactor default context creation to avoid data race
- refactor the timer interval in c_worker UT cases to avoid receieving signals at the same time

Signed-off-by: Steven Zou <szou@vmware.com>
 2020-03-03 11:47:41 +08:00
Wang Yan
54227f1ba2 update chart sdk to support helm v3 
Signed-off-by: wang yan <wangyan@vmware.com>
 2020-03-02 11:39:09 +08:00
Ziming Zhang
aee2c672e7 feat(oci) remove pkg/art dead code for OCI 
Signed-off-by: Ziming Zhang <zziming@vmware.com>
 2020-03-02 10:34:34 +08:00
Yogi_Wang
2bbb37e6b5 Fix xsrf error status bug when after beego update 
Signed-off-by: Yogi_Wang <yawang@vmware.com>
 2020-03-02 10:10:01 +08:00
Wenkai Yin(尹文开)
8de3fab3c5
Merge pull request #10841 from ywk253100/200223_upgrade 
Migrate artifact data in 2.0
 2020-02-28 18:36:40 +08:00
Wenkai Yin(尹文开)
bd0a8e9f8f
Merge pull request #10864 from ywk253100/200227_response 
Set the "Link" and "location" header
 2020-02-28 18:25:02 +08:00
Wenkai Yin
4c9b59c904 Migrate artifact data in 2.0 
Abstract extra attributes and annotations for artifacts stored in database

Signed-off-by: Wenkai Yin <yinw@vmware.com>
 2020-02-28 18:09:02 +08:00
He Weiwei
0f5a115a65
feat(artifact): add Walk method to artifact controller (#10881) 
1. Add Walk method to artifact controller.
2. Only query references when artifact is image index.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2020-02-28 17:19:36 +08:00
Wenkai Yin
e3bbcb66d1 Set the "Link" and "location" header 
Set the "Link" and "location" header

Signed-off-by: Wenkai Yin <yinw@vmware.com>
 2020-02-28 17:09:18 +08:00
Wenkai Yin(尹文开)
3d336bfac3
Merge pull request #10882 from wy65701436/tag-controller 
add tag controller
 2020-02-28 16:39:58 +08:00
wang yan
2d4fc0c4da move out the tags methods of artifact ctl 
1, move the tag methods out of artifact ctl, let api to call tag ctr
2, update the ensure sequence for existing tag

Signed-off-by: wang yan <wangyan@vmware.com>
 2020-02-28 15:49:39 +08:00
Wang Yan
48163f2666
Merge pull request #10879 from reasonerjt/oidc-filter-update-v2 
CLI Secret should handle /v2/* API
 2020-02-28 11:58:58 +08:00
wang yan
79cf21f82f add tag controller 
use the tag controller to handle CRUD of tags, especially the delete scenario, it could validate
the immutable and signature. And move the code of tag handling from artifact controller to tag controller

Signed-off-by: wang yan <wangyan@vmware.com>
 2020-02-28 11:42:10 +08:00
Daniel Jiang
de9cd1f964 CLI Secret should handle /v2/* API 
As we swtich to basic auth for /v2/* API
The CLI secret should handle /v2/* API so that OIDC user can use the
secret to do push/pull
This commit makes such change.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2020-02-28 02:07:10 +08:00
Wenkai Yin
40890d2635 Add "Docker-Distribution-Api-Version" header for the 401 response of registry API 
This is needed for "docker manifest" commands: https://github.com/docker/cli/issues/989

Signed-off-by: Wenkai Yin <yinw@vmware.com>
 2020-02-27 17:32:14 +08:00
AllForNothing
d41c5496a2 Fix Api cennter 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2020-02-27 15:55:20 +08:00
Wenkai Yin(尹文开)
e3f73a3efd
Merge pull request #10792 from ninjadq/fix_chart_api_for_v2_0 
Fix URL issue introduced by api version
 2020-02-27 08:01:50 +08:00
AllForNothing
a8f9de7a7f Fix scanning function 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2020-02-26 18:14:35 +08:00
DQ
bc4c25181f Fix chart api for oci registry introduece api version 
currently api version part is added in url. This pr is to solve the break of chart related api

Signed-off-by: DQ <dengq@vmware.com>
 2020-02-26 17:05:02 +08:00
DQ
ff0c8b382c Refactor the version to variable 
Signed-off-by: DQ <dengq@vmware.com>
 2020-02-26 16:24:49 +08:00
Yogi_Wang
f1ed010d9c Improve artifact 
Signed-off-by: Yogi_Wang <yawang@vmware.com>
 2020-02-26 15:23:57 +08:00
Wang Yan
e9d09c705e
Merge pull request #10844 from ywk253100/200225_artifact 
Use the repository name of artifact model
 2020-02-26 14:29:45 +08:00
Wenkai Yin
02c2647e1e Use the repository name of artifact model 
As we store the repository name in the artifact table, we can use it direclty in the code to reduce the database query

Signed-off-by: Wenkai Yin <yinw@vmware.com>
 2020-02-26 13:37:09 +08:00
Yogi_Wang
7dc27ab4eb Fix some detail function 
1.change common property to Extra Attributes;
2.fix delete repo bug
3.disable index artifact action(nothing changed when refactoring the route completely)
4.annotations show in artifact list
5.add validation in  add tag
Signed-off-by: Yogi_Wang <yawang@vmware.com>
 2020-02-26 12:51:42 +08:00
AllForNothing
41dd5656e6 Upgrade api level to v2 
Signed-off-by: AllForNothing <sshijun@vmware.com>
 2020-02-26 10:13:34 +08:00
Wenkai Yin(尹文开)
b156c74f6a
Merge pull request #10831 from wy65701436/readonly-global 
add readonly to beego middleware
 2020-02-25 16:10:55 +08:00
wang yan
b336875ebf add readonly to beego middleware 
Signed-off-by: wang yan <wangyan@vmware.com>
 2020-02-25 15:00:39 +08:00
Wenkai Yin(尹文开)
5f9c976e95
Merge pull request #10837 from heww/scan-api 
feat(scan): add scan API in v2.0
 2020-02-25 14:45:19 +08:00
Wenkai Yin(尹文开)
90d1c9f287
Merge pull request #10834 from ywk253100/200225_repo 
Implement the API to get the specified repository
 2020-02-25 14:39:52 +08:00
He Weiwei
55a21cd444 feat(scan): add scan API in v2.0 
Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2020-02-25 06:01:37 +00:00
jwangyangls
3174734473
Merge pull request #10819 from jwangyangls/add-ut-oci 
Add copy artifact and update repo info and add ut
 2020-02-25 12:43:04 +08:00
Wenkai Yin
bb3ff0d752 Implement the API to get the specified repository 
Implement the API to get the specified repository

Signed-off-by: Wenkai Yin <yinw@vmware.com>
 2020-02-25 12:02:50 +08:00
Yogi_Wang
92f84f2aee Add copy artifact and update repo info and add ut 
Signed-off-by: Yogi_Wang <yawang@vmware.com>
 2020-02-25 10:39:03 +08:00
Wenkai Yin(尹文开)
bf4d141a77
Merge pull request #10827 from reasonerjt/refresh-notary-test-data 
Refresh notary test data
 2020-02-25 08:08:27 +08:00
Daniel Jiang
340726f7d3 Refresh notary test data 
Refresh the valid signature data before it's expired

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2020-02-24 19:46:17 +08:00
Wang Yan
948d45604c Revise the GC job flow, 
1, set harbor to readonly
2, select the candidate artifacts from Harbor DB.
3, call registry API(--delete-untagged=false) to delete manifest bases on the results of #2
4, clean keys of redis DB of registry, clean artifact trash and untagged from DB.
5, roll back readonly.

Signed-off-by: wang yan <wangyan@vmware.com>
 2020-02-24 18:29:55 +08:00
Wenkai Yin
528f598268 Reimplement the registry client 
This commit reimplements the registry client under directory src/pkg/registry and removes the useless code

Signed-off-by: Wenkai Yin <yinw@vmware.com>
 2020-02-24 14:36:26 +08:00
stonezdj(Daojun Zhang)
c2a77c2825
Merge pull request #10751 from ywk253100/200213_delete_useless 
Remove dead code
 2020-02-24 10:22:58 +08:00
Will Sun
ca871d0eb5
Merge pull request #10790 from AllForNothing/routing-modify 
Improve routing and UI for artifact pages
 2020-02-24 09:39:36 +08:00
Wenkai Yin(尹文开)
c446774d23
Merge pull request #10816 from reasonerjt/merge-art-mani-middleware 
Merge artifactInfo and ManifestInfo
 2020-02-24 08:10:32 +08:00
Daniel Jiang
46c72ae372 Merge artifactInfo and ManifestInfo 
This commit gets rid of middleware info middleware, and make artifact
info the single source of truth in terms of the artifact a request
handles.  Fixes #10574

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2020-02-23 18:07:19 +08:00
Wenkai Yin
bd204464f3 Remove dead code 
Remove dead code

Signed-off-by: Wenkai Yin <yinw@vmware.com>
 2020-02-23 17:11:46 +08:00
Wenkai Yin
ab3aad4d50 Implement the resolver for CNAB 
This commit introduces a new resolver to resolver metadata for CNAB

Signed-off-by: Wenkai Yin <yinw@vmware.com>
 2020-02-23 07:23:22 +08:00
He Weiwei
f36152a560
feat(vulnerability): assemble vulnerabilities info for artifact (#10800) 
1. Assemble scan overview to artifact when scanner enabled in the
project of the artifact.
2. Set addition link for vulnerabilities to artifact when scanner
enabled in the project of the artifact.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2020-02-22 13:29:58 +08:00