Qian Deng
52b6a5333a
Add san for notary cert ( #13939 )
...
Signed-off-by: DQ <dengq@vmware.com>
2021-01-11 11:41:52 +08:00
Wang Yan
c6814f2bcc
move ci from travis to gitaction ( #13891 )
...
1, deprecate travis, and use the gitaction for instread.
2, upgrade golang version to v1.15.6
Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-01-06 15:30:54 +08:00
Daniel Jiang
4f5f8a3961
Update health check script for harbor-db ( #12103 )
...
This patch remove the trailing space of the hostname introduced by
`hostname -i`.
The trailing space will cause resolution error after this patch is
applied to glibc in photon:
https://github.com/vmware/photon/blob/2.0/SPECS/glibc/glibc-fix-CVE-2019-10739.patch
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-06-01 11:10:45 +08:00
stonezdj(Daojun Zhang)
aae70811f0
Merge pull request #12068 from ninjadq/add_timeout_in_nginx_config_1_10_0
...
Add timount on nginx configs
2020-05-27 16:57:39 +08:00
DQ
712ac4fb5b
Add timount on nginx configs
...
set timeout to 900
Signed-off-by: DQ <dengq@vmware.com>
2020-05-26 16:25:31 +08:00
DQ
f42a43e495
Enhance: Upgrade chartmuseum version
...
Upgrade chartmuseum version 0.12.0
Signed-off-by: DQ <dengq@vmware.com>
2020-05-26 15:24:53 +08:00
Daniel Jiang
d6cab4fb8e
fix: set root password never expire ( #11851 )
...
Signed-off-by: Yiyang Huang <huangyiyang@caicloud.io>
Co-authored-by: Yiyang Huang <huangyiyang@caicloud.io>
2020-05-08 11:35:35 +08:00
DQ
ac04806336
Fix: GCS storage gc issue
...
Mount gcs key to registryctl
Signed-off-by: DQ <dengq@vmware.com>
2020-04-29 15:21:50 +08:00
He Weiwei
d0189beddd
fix(prepare): not accpet items of false value in external_redis configurations ( #11405 )
...
Item in yaml without value will be as None in python, which will make
the password of redis as `None` in `get_redis_configs`. This fix will
not accept items of `false value` in `external_redis` configurations.
Closes #11367
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2020-04-03 11:39:25 +08:00
Daniel Jiang
9a8efdb8eb
Merge pull request #11345 from reasonerjt/rm-notary-signer-certs-1.10
...
Remove the certs of notary signer - 1.10
2020-04-01 08:50:43 +08:00
Daniel Jiang
a99609e375
Remove the certs of notary signer
...
Since `prepare` generates the certs as needed during installation, these
certs should not exist in the repo.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2020-03-27 19:27:51 +08:00
Ziming Zhang
bd2d3ecc81
feat(cicd) fix build_base_docker and prepare image
...
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2020-03-23 12:03:48 +08:00
DQ
4bbf391d3b
Fix: fix logrotate is dir issue
...
Change it to bind command
Signed-off-by: DQ <dengq@vmware.com>
2020-03-13 15:34:07 +08:00
Ziming Zhang
d80322c3b4
feat(cicd) use unified version as tag name, clean more
...
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2020-03-09 16:51:45 +08:00
Ziming Zhang
abfafc29f1
feat(cicd) use unified version as tag name
...
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2020-03-03 20:51:49 +08:00
Steven Zou
07dbbf1023
doc[api spec]:rename folder name to
...
Signed-off-by: Steven Zou <szou@vmware.com>
2019-12-10 14:20:54 +08:00
Wang Yan
6b84b62f75
Merge pull request #10155 from bitsf/upgrade_clair_1.10
...
[cherry-pick] upgrade clair to v2.1.1
2019-12-06 11:48:42 +08:00
He Weiwei
91af4f2413
chore(scanner): upgrade clair scanner to 1.0.1 ( #10148 )
...
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2019-12-05 17:52:16 +08:00
Ziming Zhang
2b378899df
upgrade clair to v2.1.1
...
Change-Id: Idb2ad0470a51666d75895d8c5e68d80a67e05276
Signed-off-by: Ziming Zhang <zziming@vmware.com>
2019-12-05 14:28:32 +08:00
Daniel Jiang
ae2d0f0588
Merge pull request #10026 from ninjadq/migrator_miss_component_no_proxy_110
...
Add default domainname for no_proxy
2019-12-03 10:51:12 +08:00
DQ
3aedae86b2
Fix ca bundle path join issue
...
CA bundle name start with '/' will break the os path join
Signed-off-by: DQ <dengq@vmware.com>
2019-11-27 18:48:23 +08:00
DQ
a8ac235fa1
Add default domainname for no_proxy
...
All internal service and known internal hostname shuold add to no_proxy by default
Signed-off-by: DQ <dengq@vmware.com>
2019-11-27 17:06:26 +08:00
He Weiwei
b8308f41a0
fix(prepaire,clair): disable clair updaters when its interval is 0
...
Closes #9961
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2019-11-22 03:31:20 +00:00
Daniel Jiang
2fcd174e4b
Merge pull request #9828 from wy65701436/cii-docker-base
...
add base images when to build harbor assets
2019-11-15 14:24:11 +08:00
He Weiwei
fe69a5df99
build(scanner-adapter): bump up clair adapter to v1.0.1-rc2
...
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2019-11-13 02:35:21 +00:00
wang yan
47793e77e3
update base file name ane pass base version to build file
...
Signed-off-by: wang yan <wangyan@vmware.com>
2019-11-12 19:12:49 +08:00
Wang Yan
544cc98971
add base images when to build harbor assets
...
* add base images when to build harbor assets
Signed-off-by: wang yan <wangyan@vmware.com>
2019-11-12 15:38:51 +08:00
Yogi_Wang
cddc1149f1
Modify the memory of nodejs used from 8192MB to 2048MB
...
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2019-11-11 17:05:42 +08:00
Wang Yan
6da183d576
Merge pull request #9800 from ninjadq/failure_earlier_of_ca_bundle_permission_check
...
Failure earlier of ca bundle permission check
2019-11-11 14:09:21 +08:00
Wang Yan
0b09bd14b1
Merge pull request #9756 from ninjadq/add_ignore_media_type
...
Add ignore mediatypes for registry
2019-11-08 18:34:13 +08:00
DQ
80c3e76b5a
check the permission of ca bundle file
...
CA bundle need check before use
Signed-off-by: DQ <dengq@vmware.com>
2019-11-08 15:34:17 +08:00
Daniel Jiang
06e4e124d8
Refine request handle process ( #9760 )
...
* Refine request handle process
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2019-11-07 13:02:17 +08:00
DQ
45868107aa
Add ignore mediatypes for registry
...
Add these mediatypes to reduce the amount of registry event
Signed-off-by: DQ <dengq@vmware.com>
2019-11-06 21:39:08 +08:00
Wang Yan
27cb25cc04
Merge pull request #9400 from ninjadq/inject_certs_to_non_root
...
Inject certs to non root
2019-11-05 14:49:08 +08:00
DQ
ece321a53a
Change certs's owner to 10000
...
Signed-off-by: DQ <dengq@vmware.com>
2019-11-04 17:38:41 +08:00
Wang Yan
3f39b0ba4f
Merge pull request #9550 from ninjadq/enable_https_by_default
...
Enable https by default
2019-11-04 16:51:33 +08:00
DQ
a0462f0baa
Change the clair container to non root user
...
Signed-off-by: DQ <dengq@vmware.com>
2019-11-04 11:36:39 +08:00
DQ
d0ed075b91
Change chartmuseum container to non-root
...
Signed-off-by: DQ <dengq@vmware.com>
2019-11-04 11:36:39 +08:00
DQ
1c76d52152
Add registryctl to non-root
...
And the install_cert.sh will changed for non-root too
Signed-off-by: DQ <dengq@vmware.com>
2019-11-04 11:36:39 +08:00
Qian Deng
336dbfd3e1
Merge pull request #9452 from ninjadq/add_certs_in_specific_dir
...
All certs in /harbor_cust_certs will appended to ca_bundle
2019-11-01 13:13:18 +08:00
Daniel Jiang
02dab35a43
Merge pull request #9683 from ninjadq/upgrade_python_rand_gen
...
Replance python ran lib to secrets
2019-10-31 21:51:38 +08:00
DQ
873d9f5b82
Enable https by default
...
1. Umcomment https related configs
2. Remove the https prepare related thing in ci
Signed-off-by: DQ <dengq@vmware.com>
2019-10-31 20:58:09 +08:00
DQ
2529f69fba
All certs in /harbor_cust_certs will appended to ca_bundle
...
Signed-off-by: DQ <dengq@vmware.com>
2019-10-31 20:51:08 +08:00
Daniel Jiang
bc65609a10
Merge pull request #9657 from wy65701436/quota-sync-switcher
...
add a switcher for quota sync on core launch
2019-10-31 19:22:23 +08:00
Wang Yan
fa784d7514
Merge pull request #9649 from wy65701436/fix-9081
...
add ldflags for harbor compiler and linker
2019-10-31 19:14:16 +08:00
DQ
6c01049d94
Replance python ran lib to secrets
...
Secrets is included in python 3.6, so just import and use it
Signed-off-by: DQ <dengq@vmware.com>
2019-10-31 17:23:19 +08:00
wang yan
c46d7e856a
add a switcher for quota sync on core launch
...
As the quota sync is default called by harbor-core on every launch, and it will break the launch process if any failure throwed.
1, The commit is to provide an switcher for the system admin to bypass the quota sync.
2, In case Harbor goes into the restarting cycle.
Harbor already provides an internal API to sync quota data, in the failure case,
system admin can launch harbor and call the /api/internal/syncquota to sync quota.
Signed-off-by: wang yan <wangyan@vmware.com>
2019-10-31 16:17:27 +08:00
Steven Zou
7b6e83090e
create API folder to keep API swagger files
...
- create API folder
- move harbor API swagger file to API/harbor
- add scanner adapter open API swagger file to API/scanner
- update protal build Dockerfile
- update swagger explorer build command in Makefile
Signed-off-by: Steven Zou <szou@vmware.com>
2019-10-30 21:41:03 +08:00
wang yan
253e87d186
inject ldflags for harbor compiler and linker
...
1, replace the UIVERSION file with ldflags, which is generarted by make to inject into the UI core.
2, inject additional ldflags for harbor compiler
Signed-off-by: wang yan <wangyan@vmware.com>
2019-10-30 18:31:42 +08:00
He Weiwei
b0f7404231
chore(log): log level support for clair adapter ( #9640 )
...
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2019-10-29 16:50:26 +08:00