yixingj
f63588855f
Make Clair DB configurable
...
Make the HOST,PORT,USERNAME,DB configurable for
Clair
2017-12-20 18:29:50 +08:00
Tan Jiang
2ffc58a5d4
Refactor the configuraiton of UAA
...
Remove the attribute "uaa_ca_root" from harbor.cfg and introduce
"uaa_verify_cert". Similar to LDAP settings, this allow user to
explicitly turn of the cert verification against UAA server, such that
the code will work with self-signed certificate.
2017-12-19 14:42:07 +08:00
stonezdj
9393d26fdc
Fix ldap ping issue #3653
2017-12-15 14:47:54 +08:00
stonezdj
ec67974104
Refactor ldap
...
Changes include:
1. Use Session to manage the lifecycle of ldap connections
2. Abstract common AuthenticateHelper interface for db_auth, ldap_auth,
uaa_auth mode
2017-12-13 14:57:04 +08:00
Daniel Jiang
d13321f2b5
Support getting user info via token in UAA Client ( #3686 )
2017-11-27 18:13:36 +08:00
stonezdj
16243cfbbc
Add LDAP remote certifcate validation
...
push test
Add unit test for ldap verify cert
remove common.VerifyRemoteCert
Update code with PR review comments
Add change ldaps config and add UT testcase for TLS feature
add ldap verfiy cert checkbox about #3513
Draft harbor ova install guide
Search and import ldap user when add project members
Add unit test case for SearchAndImportUser
ova guide
Add ova install guide
Add ova install guide 2
Add ova install guide 3
Call ValidateLdapConf before search ldap
trim space in username
Remove leading space in openLdap username
Remove doc change in this branch
Update unit test for ldap search and import user
Add test case about ldap verify cert checkbox
Modify ldap testcase
2017-11-24 12:41:51 +08:00
reasonerjt
19a13e8575
Deprivilege harbor-ui harbor-jobservice harbor-adminserver
...
Use non-root user to run the service within these docker images, and provide HEALTHCHECK
mechanism.
2017-11-09 03:09:09 -08:00
Tan Jiang
512384722a
Make the internal URL of UI and JobService configurable
2017-11-03 20:43:25 +08:00
Daniel Jiang
d8634290e8
Merge pull request #3420 from reasonerjt/master
...
Add Unit test cases for Clair Client.
2017-10-23 12:18:05 +08:00
Tan Jiang
b925569767
Add Unit test cases for Clair Client.
2017-10-22 21:54:04 +08:00
Wenkai Yin
2156750b04
Move certificate verification to target level
...
The certificate verification is on system level before this commit. Moving it
to target level makes the configuration more flexible for different targets.
2017-10-20 15:36:56 +08:00
Wenkai Yin
66b2d0d3f3
Apply project level policies to standalone Harbor
...
The following features are only enabled in integration mode, this commit moves
these to standalone Harbor:
- Content trust policy: only signed images can be pulled
- Vulnerability policy: only images whose severity is below the threshold can be pulled
- Automatic scan policy: automatic scan pushed images
2017-10-19 17:33:28 +08:00
Tan Jiang
eab6b43d99
Make the root CA certificate of UAA should be configurable
2017-10-16 17:40:29 +08:00
Tan Jiang
51286d9baa
Provide UAA authenticator for password based authentication.
2017-10-07 00:16:53 +08:00
Wenkai Yin
e495357d98
implement the default project metadata manager
2017-09-28 16:17:51 +08:00
Wenkai Yin
e79334a445
Add interfaces to implement project level policy ( #3271 )
...
* add interfaces to implement project level policy
2017-09-26 16:41:08 +08:00
Wenkai Yin
923a8d65b1
expose insecure flag in api
2017-09-04 15:10:07 +08:00
Daniel Jiang
f41d2ff436
Merge pull request #3101 from ywk253100/170822_replica
...
Convert 500 error returned by Admiral to duplicate project error when creating duplicate project
2017-08-22 15:59:19 +08:00
Wenkai Yin
599d94be0c
update
2017-08-22 15:22:25 +08:00
Wenkai Yin
ffb2f4201b
update
2017-08-22 14:28:45 +08:00
Wenkai Yin
bb958a7f4b
convert 500 error returned by Admiral to duplicate project error when creating duplicate project
2017-08-22 13:34:06 +08:00
Tan Jiang
c1bbcb5bab
update the interval of clair updater to 12 hours, and update the interval for scan all to 2 hours
2017-08-21 13:45:23 +08:00
Tan Jiang
5b6c53a1bf
add the json file required by UT
2017-08-07 21:12:49 +08:00
Tan Jiang
8f41be471d
add tc for vulnerability transform
2017-08-07 17:14:51 +08:00
Daniel Jiang
6bd622196e
Merge pull request #2972 from reasonerjt/master
...
Fix perf issue and connection leak in Clair.
2017-08-04 19:48:26 +08:00
Tan Jiang
fa0cb8731c
Fix performance issue and connection leakage
2017-08-04 19:22:52 +08:00
Wenkai Yin
8963a15520
remove useless insecure flag
2017-07-31 13:45:49 +08:00
Wenkai Yin
a8dc75dd15
update
2017-07-28 13:10:26 +08:00
Wenkai Yin
1da9b8653b
update according to the comments
2017-07-27 18:23:55 +08:00
Wenkai Yin
0a74a0f1e4
update
2017-07-27 08:17:29 +08:00
Wenkai Yin
cc264f85e7
do not ping if using raw token authorizer
2017-07-26 18:41:36 +08:00
Steven Zou
8f921db588
Refine scheduler
2017-07-19 16:57:22 +08:00
Steven Zou
db58ca673d
Fix issue of detecting configuration changes
2017-07-17 17:39:41 +08:00
Tan Jiang
771e26a188
fix bug
2017-07-14 14:53:12 +08:00
Tan Jiang
72b3a020e3
provide default timestamp for all distros in system info api
2017-07-13 18:48:05 +08:00
Daniel Jiang
ca6bd3b585
Merge pull request #2741 from reasonerjt/fetch-timestamp-from-clairdb
...
read last update from clair db, return in system info
2017-07-12 17:16:30 +08:00
Tan Jiang
7fdb77f6d2
fix tc
2017-07-12 16:48:57 +08:00
Tan Jiang
436f0efab8
overall timestamp returns 0 when error happens, split check and mark into two func
2017-07-12 15:57:57 +08:00
Wenkai Yin
005d783463
Merge pull request #2732 from ywk253100/170710_bug_fix
...
Bug fix
2017-07-12 12:59:24 +08:00
Steven Zou
cbdf49c8e9
Merge remote-tracking branch 'upstream/master'
2017-07-11 15:44:32 +08:00
Steven Zou
7ee052b9dd
Update policy scheduler according to comments
2017-07-11 15:22:00 +08:00
Wenkai Yin
0de64ed139
bug fix
2017-07-10 18:38:21 +08:00
Daniel Jiang
6fa12cdb1e
Merge pull request #2730 from reasonerjt/scan-all-control
...
restrict scan all API, it should be called once every a period of time
2017-07-10 16:17:26 +08:00
Wenkai Yin
0b282039e9
Merge pull request #2725 from ywk253100/170707_status_code
...
Return real status code returned by admiral APIs
2017-07-10 10:12:50 +08:00
Tan Jiang
eb11cda596
restrict scan all API, it should be called once every a period of time
2017-07-09 22:06:13 +08:00
Steven Zou
ff889cedde
Fix conflict
2017-07-07 20:15:40 +08:00
Steven Zou
a0718385c1
Fix the import cycle issue
2017-07-07 20:12:01 +08:00
Wenkai Yin
d668730ffa
return real status code returned by admiral APIs
2017-07-07 18:40:57 +08:00
Tan Jiang
ca805759d9
update scan overview in notification handler, and return clair vuln timestamp in system info
2017-07-07 17:47:52 +08:00
Wenkai Yin
f7412b0c31
update auth context as Admiral's API changed
2017-07-06 18:32:22 +08:00