Commit Graph

11410 Commits

Author SHA1 Message Date
Shengwen YU
f1b9d798f4
fix: upgrade golang.org/x/net v0.7.0; go mod tidy & go mod vendor (#18230)
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2023-02-16 10:35:16 +08:00
Chlins Zhang
953ce9b782
[cherry-pick] fix: resolve the oidc or ldap group user cannot export cve (#18228)
fix: resolve the oidc or ldap group user cannot export cve

Remove the project filter in the scan data export job as they have been
validated by API handler, fix the oidc or ldap group users cannot export
cve.

Fixes: #18112

Signed-off-by: chlins <chenyuzh@vmware.com>
2023-02-16 10:34:50 +08:00
Shengwen YU
5c3465cd70
feat: upgrade golang-runtime to 1.19.4; NOT 1.19.5 (#18215)
feat: upgrade golang-runtime to 1.19.4, NOT 1.19.5

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2023-02-15 17:50:47 +08:00
Shengwen YU
2518b2d011
[Cherry-pick] feat: bump-up trivyVersion to v0.37.2, trivyAdapterVersion to v0.30.7 (#18217) (#18221)
feat: bump-up trivyVersion to v0.37.2, trivyAdapterVersion to v0.30.7 (#18217)

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2023-02-15 10:19:43 +08:00
Chlins Zhang
5d9a1b9744
[cherry-pick] fix: update the replication API handler (#18212)
fix: update the replication API handler

1. Check execution before stop replication execution.
2. Check execution before list replication tasks.

Signed-off-by: chlins <chenyuzh@vmware.com>
2023-02-14 09:35:33 +08:00
Shengwen YU
7db0e7506f
[Cherry-pick] fix: reset user password (#18207)
fix: reset user password

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2023-02-14 09:28:13 +08:00
Shengwen YU
d783bac4e4
[Cherry-pick] fix retention/immutable API issue (#18158) (#18178)
fix retention/immutable API issue (#18158)

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2023-02-06 17:28:21 +08:00
Yang Jiao
f04446efba
Bump up version to v2.6.4 (#18174)
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-02-06 15:36:36 +08:00
Chlins Zhang
6465673e76
fix: remove the scan exports volume (#18108)
1. Change the Export CVE temporary file directory to /tmp.
2. Remove the scan data export volume in Dockerfile and docker-compose
   yaml.

Fixes: #18067

Signed-off-by: chlins <chenyuzh@vmware.com>
2023-02-06 14:04:06 +08:00
Shijun Sun
609c5b3496
[Cherry-pick]Update CI for UI UT (#18160)
Update CI for UI UT
  1.Specify Chrome version for UI UT

Signed-off-by: AllForNothing <sshijun@vmware.com>
2023-02-03 19:06:23 +08:00
Shengwen YU
1297af6c3e
[Cherry-pick] Bump up TRIVYADAPTERVERSION to v0.30.6 (#18055)
Bump up TRIVYADAPTERVERSION to v0.30.6

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2023-01-04 14:33:07 +08:00
MinerYang
c52820eab1
bump up helm/v3/pkg to v3.10.3 on release-2.6.0 (#18048)
bump up helm/v3/pkg to v3.10.3

Signed-off-by: yminer <yminer@vmware.com>

Signed-off-by: yminer <yminer@vmware.com>
2023-01-04 14:32:14 +08:00
Yang Jiao
6356bbabfc
Bump up version to v2.6.3 (#18045)
Signed-off-by: Yang Jiao <jiaoya@vmware.com>

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-01-03 18:04:30 +08:00
Yang Jiao
d13a426c31
Refresh the base image on release-2.6.0 (#18040)
Signed-off-by: Yang Jiao <jiaoya@vmware.com>

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2023-01-03 16:20:36 +08:00
Shengwen YU
97f1ce5088
[Cherry-pick] fix: upgrade TRIVYADAPTERVERSION to v0.30.5 (#18004)
fix: upgrade TRIVYADAPTERVERSION to v0.30.5

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2022-12-16 10:38:47 +08:00
Shengwen YU
c7f24f7164
[cherry-pick] fix: upgrade trivy version to v0.35.0 and trivy-adapter version to v0.30.3 (#17978)
fix: upgrade trivy version to v0.35.0 and trivy-adapter version to v0.30.3

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2022-12-13 18:23:26 +08:00
Yang Jiao
4185edb9bd
[cherry-pick]Fix setup gcloud error (#17848)
Fix setup gcloud error

ubuntu-latest was upgraded from ubuntu-20.04 to ubuntu-22.04, the python version of ubuntu-22.04 is 3.10, but gcloud does not support python 3.10, so ubuntu is fixed to version 20.04

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-11-24 16:06:23 +08:00
stonezdj(Daojun Zhang)
785863ab86
(cherry-pick) Fix issue related to redhat registry proxy cache (#17824)
Fix issue related to redhat registry proxy cache

  fixes #16495

Signed-off-by: stonezdj <stonezdj@gmail.com>

Signed-off-by: stonezdj <stonezdj@gmail.com>
2022-11-21 14:42:42 +08:00
Chlins Zhang
498e7e21b2
[cherry-pick] feat: support customize registry http client timeout (#17770)
feat: support customize registry http client timeout

Support override the registry http client timeout from env `REGISTRY_HTTP_CLIENT_TIMEOUT` (in minutes), the timeout is 30 minutes by default.

Signed-off-by: chlins <chenyuzh@vmware.com>
2022-11-09 17:13:19 +08:00
Yang Jiao
d79bbc7ecb
Refresh base images (#17762)
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-11-08 11:34:04 +08:00
MinerYang
3b72fabe0f
bump up golang to 1.18.8 (#17750)
Signed-off-by: yminer <yminer@vmware.com>

Signed-off-by: yminer <yminer@vmware.com>
2022-11-04 16:16:19 +08:00
Shijun Sun
1c61b4eedf
[Cherry-pick]Update the way for refreshing cli-secret (#17745)
Update the way for refreshing cli-secret

Signed-off-by: AllForNothing <sshijun@vmware.com>

Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-11-04 10:49:42 +08:00
Wang Yan
1c689892bc
add cli randomly for empty update (#17743)
give an random cli secret when client gives empty update.

Signed-off-by: Wang Yan <wangyan@vmware.com>

Signed-off-by: Wang Yan <wangyan@vmware.com>
2022-11-04 10:06:59 +08:00
Shijun Sun
168069a95f
[Cherry-pick]Add triggers and filters check for target changing under push mode (#17732)
Add triggers and filters check for target changing under push mode

Signed-off-by: AllForNothing <sshijun@vmware.com>

Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-11-02 15:50:36 +08:00
Chlins Zhang
d810b571d9
[cherry-pick] fix: add human friendly message when export cve job failure (#17729)
fix: add human friendly message when export cve job failure

Add human friendly when export CVE in the condition of empty CSV file,
because this file will be stored as system artifact and pushed to
distribution, but it will leads to error when push empty blob to S3
storage driver.

Signed-off-by: chlins <chenyuzh@vmware.com>
2022-11-01 17:31:31 +08:00
Shijun Sun
62336fa0f5
[Cherry-pick]Add copy_by-chunk checkbox for replication rule (#17727)
Add copy_by-chunk checkbox for replication rule

Signed-off-by: AllForNothing <sshijun@vmware.com>

Signed-off-by: AllForNothing <sshijun@vmware.com>
2022-11-01 15:41:24 +08:00
Chlins Zhang
1af9fbfbfe
[cherry-pick] feat: introduce the copy by chunk for replication (#17728)
feat: introduce the copy by chunk for replication

1. Add sql migration to alter replication policy table
2. Implement the PullBlobChunk and PushBlobChunk for the underlying v2 registry client
3. Update image transfer logic to support copy by chunk
4. Update the replication policy API handler

Signed-off-by: chlins <chenyuzh@vmware.com>
2022-11-01 14:34:14 +08:00
stonezdj(Daojun Zhang)
4c54ff3d9d
(cherry-pick)Add check when adding project member (#17721)
Add check when adding project member

Signed-off-by: stonezdj <stonezdj@gmail.com>

Signed-off-by: stonezdj <stonezdj@gmail.com>
2022-10-31 13:01:32 +08:00
Yang Jiao
3583b0e5a9
Refresh base images (#17720)
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-10-31 11:50:52 +08:00
Yang Jiao
cd2a632c54
Bump up version to v2.6.2 (#17687)
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-10-27 14:29:54 +08:00
MinerYang
125c33f019
bump github.com/prometheus/client_golang to v1.13.0 (#17686)
Signed-off-by: yminer <yminer@vmware.com>

Signed-off-by: yminer <yminer@vmware.com>
2022-10-27 13:15:49 +08:00
MinerYang
95d8d86cfe
bump up golang.org/x/crypto to v0.1.0 (#17692)
Signed-off-by: yminer <yminer@vmware.com>

Signed-off-by: yminer <yminer@vmware.com>
2022-10-27 10:33:58 +08:00
MinerYang
e81329afe2
bump up golang to 1.18.7 (#17693)
bump up goolang to 1.18.7

Signed-off-by: yminer <yminer@vmware.com>

Signed-off-by: yminer <yminer@vmware.com>
2022-10-26 20:27:24 +08:00
MinerYang
c737d2e482
bump up golang.org/x/text to v0.4.0 (#17690)
bump up golang.org/x/text tp v0.4.0

Signed-off-by: yminer <yminer@vmware.com>

Signed-off-by: yminer <yminer@vmware.com>
2022-10-26 20:24:31 +08:00
MinerYang
bc88aa4dc3
bump helm.sh/helm/v3 to bump up github.com/docker/cli (#17697)
Signed-off-by: yminer <yminer@vmware.com>

Signed-off-by: yminer <yminer@vmware.com>
2022-10-26 16:43:44 +08:00
Shengwen YU
9f6c1c56da
[cherry-pick] feat: bump TRIVYVERSION to v0.32.1 and bump TRIVYADAPTERVERSION to v0.30.2 (#17681) (#17685)
feat: bump TRIVYVERSION to v0.32.1 and bump TRIVYADAPTERVERSION to v0.30.2 (#17681)

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2022-10-25 21:23:30 +08:00
Yang Jiao
585fe6dc83
[cherry-pick]Add export CVE UI testcase (#17675)
Add export CVE UI testcase

1 Add CVE function verification
2 Add content validation of exported CSV file

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-10-21 18:41:54 +08:00
Yang Jiao
058e84c73f
[cherry-pick] Remove singularity testcase (#17665)
Singularity has been renamed to Apptainer

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-10-20 10:17:52 +08:00
Yang Jiao
2903d5934c
Refresh base images (#17635)
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-10-10 11:01:26 +08:00
Yang Jiao
16eed9f91e
[cherry-pick]Add scan data export API test case (#17604)
Add scan data export API test case

1. Add export scan data API test case
2. Add get scan data export execution list test case
3. Add get scan data export execution test case
4. Add download scan data test case

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-09-30 11:51:59 +08:00
Yang Jiao
7bb86fb7e1
[cherry-pick]Remove the log in testcase (#17601)
Remove logs that do not need to be printed

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-09-27 13:51:48 +08:00
Yang Jiao
2004154893
[cherry-pick]Add audit log forward UI testcase (#17592)
Add audit log forward UI testcase

Verify that the audit log forward function is correct.

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-09-27 10:46:44 +08:00
Yang Jiao
f33ba83d84
[cherry-pick]Add audit log forword API test case (#17590)
Add audit log forword API test case

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-09-27 10:45:18 +08:00
Yang Jiao
9c4d7297a6
Bump up version to v2.6.1 (#17598)
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-09-26 11:57:29 +08:00
MinerYang
66a45943d6
bumpup golang to v1.18.6 on release-2.6.0 (#17593)
Signed-off-by: yminer <yminer@vmware.com>

Signed-off-by: yminer <yminer@vmware.com>
2022-09-22 17:37:04 +08:00
stonezdj(Daojun Zhang)
16306a15d5
(cherry-pick) Add check on the audit log forward and skip audit log database (#17576)
Add check on the audit log forward and skip audit log database

  fixes #17524
Signed-off-by: stonezdj <stonezdj@gmail.com>
2022-09-21 16:30:11 +08:00
Chlins Zhang
8266bbe456
[cherry-pick] fix: handle the break change for parse external sentinel redis url (#17509)
fix: handle the break change for parse external sentinel redis url

Handle the ParseSentinelURL to resolve an incompatible modification that does not recognize the default redis database.

Closes: #17483

Signed-off-by: chlins <chenyuzh@vmware.com>

Signed-off-by: chlins <chenyuzh@vmware.com>
2022-09-07 13:40:54 +08:00
Yang Jiao
8979cb7fe2
[cherry-pick]Add audit log and log rotation test cases (#17466)
* Add audit log and log rotation test cases

1. Add audit log test case
2. Add log rotation test case
3. Add log rotation schedule test case

Signed-off-by: Yang Jiao <jiaoya@vmware.com>

* Refresh base images

Signed-off-by: Yang Jiao <jiaoya@vmware.com>

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-08-30 11:27:13 +08:00
Yang Jiao
b035ca7cd9
Refresh base images (#17471)
Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-08-28 11:58:24 +08:00
Yang Jiao
520a5b8156
[cherry-pick]Update portal-base and nginx-base Dockerfile.base (#17445)
Update portal-base and nginx-base Dockerfile.base

Installing nginx 1.22 creates the nginx group and nginx user, so instead
of creating them again, modify them.

Signed-off-by: Yang Jiao <jiaoya@vmware.com>
2022-08-24 15:28:46 +08:00