Signed-off-by: wang yan <wangyan@vmware.com>
fix middlewares per review comments
1, add scheme1 and scheme2 check
2, change MustCompile to Compile
Signed-off-by: wang yan <wangyan@vmware.com>
This commit update the project API to support "reuse_sys_cve_whitelist"
setting in project metadata and "cve_whitelist" in project request.
Also modify the interceptor to support project level CVE whitelist if
the reuse flag is false.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
Interceptor will filter the vulnerability in whitelist while calculating
the serverity of an image and determine whether or not to block client
form pulling it.
It will use the system level whitelist in this commit, another commit
will switch to project level whitelist based on setting in a project.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
The health check for the registry was using "/v2" which returned an
unauthorized response and put additional errors in the logs. Switch
to using "/" which returns an OK response with reduced logging.
Signed-off-by: Mark Peek <markpeek@vmware.com>
This commit bumps up the version of Go to compile the code to v1.12.5,
and shifts to go.mod for managing depedency.
Some code from "harbor/tests" to "harbor/src/testing" to avoid depedency
loop of modules.
Note that in short term we will still vendor the dependency.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
This issue is regresssion that introduced by f92bc8076d (diff-42381e6df5f17ebd3d9165a325d5d8f4), the a.ensure() was removed from SearchUser(), which leads to the alwaysonboard cannot be updated.
Signed-off-by: wang yan <wangyan@vmware.com>
As the UI cannot handle 302, update the login controller to return 403
and put the redirection URL in a json response body.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
1, Throw the error of job service to UI when to create job schedule.
2, Return 200 when to save none without schedule.
Fixed#7675
Signed-off-by: wang yan <wangyan@vmware.com>
When the auth mode is OIDC, when a user login via Harbor's login form.
If the user does not exist or the user is onboarded via OIDC, he will be
redirected to the OIDC login page.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
* add scan all and gc schedule migration
Signed-off-by: wang yan <wangyan@vmware.com>
* Fix gofmt errors
Signed-off-by: wang yan <wangyan@vmware.com>
* Update code according to review comments
Signed-off-by: wang yan <wangyan@vmware.com>
* remove convertschedule return name just return value
Signed-off-by: wang yan <wangyan@vmware.com>
1. handle the public/private property when creating the projects
2. extend the length of access_secret
3. update the task status by using orm functions
Signed-off-by: Wenkai Yin <yinw@vmware.com>
