Upstream
/
harbor
mirror of https://github.com/goharbor/harbor.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
11,871 Commits 42 Branches 302 Tags 356 MiB
Commit Graph

5749 Commits

Author SHA1 Message Date
Shengwen YU f65d2380ac
fix: update go.mod (vendor) & golangci-lint & mocks (#20070) 
* fix: update go.mod

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>

* fix: update vendor files

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>

* fix: update code to comply for golangci-lint

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>

* fix: update per "make mocks_check"

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>

---------

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2024-03-04 13:55:17 +08:00
stonezdj(Daojun Zhang) 9115b9f34f
[cherry-pick] Limit URL to local site (#20023) 
Limit url to local path

Signed-off-by: stonezdj <daojunz@vmware.com>
Co-authored-by: stonezdj <daojunz@vmware.com>
 2024-02-26 11:27:42 +08:00
Wang Yan 5d27ccf7bb
[cherry-pick] ] support accessory in either order (#19906) 
* remove the log for ScannerSkipUpdatePullTime

fixes #19795, remove the noise in the log

Signed-off-by: wang yan <wangyan@vmware.com>

* support accessor in either order

In certain cases, the OCI client may push the subject artifact and accessory in either order.
Therefore, it is necessary to handle situations where the client pushes the accessory ahead of the subject artifact.

Signed-off-by: wang yan <wangyan@vmware.com>

* fix issue 19392

Needs to set the repo when to handle the accessory before subject manifest.

Signed-off-by: wang yan <wangyan@vmware.com>

* fix the landing accessory data (#19661)

Fix the keywords when to list accessories belong to the subject manifest.

Signed-off-by: wang yan <wangyan@vmware.com>

---------

Signed-off-by: wang yan <wangyan@vmware.com>
 2024-01-25 12:54:05 +08:00
Yang Jiao 58892aeda2
[cherry-pick]fix label select bugs (#19850) (#19861) 
fix label select bugs (#19850)

Signed-off-by: shengqiw <shengqiw@vmware.com>
Co-authored-by: ShengqiWang <124650040+ShengqiWang@users.noreply.github.com>
 2024-01-19 07:46:32 +00:00
Wang Yan b54b373757
[cherry-pick]remove the log for ScannerSkipUpdatePullTime (#19847) 
remove the log for ScannerSkipUpdatePullTime

fixes #19795, remove the noise in the log

Signed-off-by: wang yan <wangyan@vmware.com>
 2024-01-16 09:36:22 +08:00
Maksym Trofimenko 8d0c8d4bec
[Cherry pick] add repository read permission to limitedGuest (#19815) 
add repository read permission to limitedGuest

Signed-off-by: Maksym Trofimenko <maksym@container-registry.com>
Co-authored-by: Maksym Trofimenko <maksym@container-registry.com>
 2024-01-15 16:28:46 +08:00
stonezdj(Daojun Zhang) 84d7f17b6f
[cherry-pick] Cache image list with digest key (#19837) 
Cache image list with digest key

  fixes #19429

Signed-off-by: stonezdj <daojunz@vmware.com>
Co-authored-by: stonezdj <daojunz@vmware.com>
 2024-01-15 13:45:30 +08:00
stonezdj(Daojun Zhang) d85ebd7f24
[cherry-pick] Allow POST method to request service/token in readonly mode (#19563) 
Allow POST method to request service/token in readonly mode

  fixes #18243

Signed-off-by: stonezdj <daojunz@vmware.com>
 2023-11-13 10:50:09 +08:00
MinerYang 5cbb1b010a
bump google.golang.org/grpc (#19513) 
* bump google.golang.org/grpc

Signed-off-by: yminer <yminer@vmware.com>

* bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp

Signed-off-by: yminer <yminer@vmware.com>

---------

Signed-off-by: yminer <yminer@vmware.com>
 2023-11-01 14:39:48 +08:00
MinerYang 6d817724e6
update ut mock anything (#19506) 
Signed-off-by: yminer <yminer@vmware.com>
 2023-10-31 02:56:31 +00:00
MinerYang 2103a15ca3
bump golang to 1.21.3 on release-2.9.0 (#19503) 
bump golang to 1.21.3

update 1.21 CI

update ut mock anything

Signed-off-by: yminer <yminer@vmware.com>
 2023-10-30 16:36:15 +00:00
MinerYang 4dd5ce2855
bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/m… (#19476) 
bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux

Signed-off-by: yminer <yminer@vmware.com>
 2023-10-24 08:15:27 +00:00
MinerYang 1171906c95
bump golang.org/x/net to v0.17.0 && go.opentelemetry.io/contrib on release-2.9.0 (#19460) 
bump golang.org/x/net to v0.17.0

Signed-off-by: yminer <yminer@vmware.com>

bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp to v0.45.0
 2023-10-18 14:34:33 +08:00
stonezdj(Daojun Zhang) 40f8217c26
[cherry-pick] Use batch to list the job id in the job queue to avoid crash redis (#19455) 
Use batch to list the job id in the job queue to avoid crash redis

  fixes: #19436

Signed-off-by: stonezdj <daojunz@vmware.com>
 2023-10-18 14:18:38 +08:00
stonezdj(Daojun Zhang) 82c24eee5a
(cherry-pick) Change fixed_version to package_version (#19432) 
Change fixed_version to package_version
  fixes #19391

Signed-off-by: stonezdj <daojunz@vmware.com>
 2023-10-11 03:14:02 +00:00
Shijun Sun 6f85d59c14
[Cherry-pick]Hide version property if the value is undefined (#19396) 
Hide version property if the value is undefined
1.Related issue #19391

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-09-28 10:58:51 +08:00
stonezdj(Daojun Zhang) 398078f164
(cherry-pick) Remove job status track information from redis after stop the job in the queue (#19307) 
Remove job status track information from redis after stop the job in the queue

  After stop in the queue:
  Remove key in {harbor_job_service_namespace}:job_track:inprogress
  Remove {harbor_job_service_namespace}:job_stats:<job_id>
  fixes #19211

Signed-off-by: stonezdj <daojunz@vmware.com>
 2023-09-05 12:08:51 +08:00
Shijun Sun 0f9839bf6e
[Cherry-pick]Switch to a new chart library (#19263) 
Switch to a new chart library

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-08-31 16:38:38 +08:00
Shijun Sun cdffb5e93b
[Cherry-pick]Add a tooltip for the page title of security hub (#19232) 
Add a tooltip for the page title of security hub
1. This tooltip explains the artifacts total count

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-08-24 18:21:50 +08:00
stonezdj(Daojun Zhang) 63668282db
(cherry-pick) Refine total artifact and scanned artifact (#19229) 
Refine total artifact and scanned artifact

  Artifact include all accessory, child artifact
  fixes #19215

Signed-off-by: stonezdj <daojunz@vmware.com>
 2023-08-22 16:03:47 +08:00
Shijun Sun 90e526e2b9
[Cherry-pick]Add new uri path to ShouldNotReuseRoute array (#19218) 
Add new uri path to ShouldNotReuseRoute array
1.Fixes #19216

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-08-21 18:54:52 +08:00
Wang Yan 0507655fda
fix gc dry run issue (#19210) 
In the dry run mode, the accessories should be considered when try to simulate delete the subject manifest.

Signed-off-by: wang yan <wangyan@vmware.com>
 2023-08-18 13:27:50 +08:00
stonezdj(Daojun Zhang) 62ed9fc947
(cherry-pick) Wrong artifact scanned count (#19205) 
Wrong artifact scanned count

 fixes #19197

Signed-off-by: stonezdj <daojunz@vmware.com>
 2023-08-17 11:15:15 +08:00
stonezdj(Daojun Zhang) 5306f6aebd
(cherry-pick) Filter artifact without CVE from top 5 dangerous artifacts (#19203) 
Filter artifact without CVE from top 5 dangerous artifacts

  Fixes #19186

Signed-off-by: stonezdj <daojunz@vmware.com>
 2023-08-17 11:15:01 +08:00
Chlins Zhang e1f95cade0
[cherry-pick] fix: support customize cache db for business (#19190) 
fix: support customize cache db for business

Support to configure the customized redis db for cache layer and other
misc business for core, by default the behavior is same with
previous(stored in db 0).

Signed-off-by: chlins <chenyuzh@vmware.com>
 2023-08-17 08:38:17 +08:00
Shijun Sun 8cd612a6ef
[Cherry-pick]Update the max length for the filters (#19195) 
Update the max length for the filters
1.Cherry-pick #19194

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-08-16 17:15:07 +08:00
Shijun Sun 05cb1d771b
[Cherry-pick]ignore spaces for vulnerability filters (#19181) 
ignore spaces for vulnerability filters
1.Fixes #19168

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-08-15 16:04:21 +08:00
Chlins Zhang 8ad19e785b
log: change log level to reduce the noise logs (#19165) 
1. Change some logs level to reduce the noise.
2. Wrap the go-redis.Nil error as ErrNotFound to avoid confusing

Signed-off-by: chlins <chenyuzh@vmware.com>
 2023-08-14 08:22:29 +02:00
Shengwen YU fbdc03bcab
[Cherry-pick] fix: cron string validation (the 1st field of a cron string must be 0… (#19145) 
fix: cron string validation (the 1st field of a cron string must be 0 when there are 6 fields)

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2023-08-11 08:31:13 +08:00
Shengwen YU 0a232ff1ef
[Cherry-pick] fix: add storage_limit check (add ValidateQuotaLimit as a general met… (#19144) 
fix: add storage_limit check (add ValidateQuotaLimit as a general method to validate quota limit value)

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2023-08-11 08:30:24 +08:00
Shijun Sun 958bed2ee0
Update ui to fix some issues (#19101) 
1. Add digest filter for vulnerability search, for #19023
2. Fixes #19104

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-08-07 14:49:50 +08:00
Chlins Zhang a036e4a7b0
fix: skip to delete scan reports if the digest still referenced (#19110) 
fix: skip to delete scan reports if the digest still referenced by other artifacts

Avoid to delete the scan reports in case the artifact deleted but still
referenced by the other artifacts.

Signed-off-by: chlins <chenyuzh@vmware.com>
 2023-08-07 14:00:26 +08:00
stonezdj(Daojun Zhang) 0e92eaea18
Sort most dangerous vulnerabilities by score and severity level (#19103) 
Check it is referred by a scan_report
  Add index to report_vulnerability_record to improve performance
  Fixes #19014 #19028

Signed-off-by: stonezdj <daojunz@vmware.com>
 2023-08-07 10:13:34 +08:00
stonezdj(Daojun Zhang) c62ec7daac
Add artifact digest to query condition (#19102) 
Fixes #19023

Signed-off-by: stonezdj <daojunz@vmware.com>
 2023-08-07 09:24:44 +08:00
stonezdj(Daojun Zhang) 3de778e9f1
Fix incorrect artifact and scanned artifact count issue (#19106) 
* Fix incorrect artifact and scanned artifact count issue

  fixes #19009 #19020 #19013

Signed-off-by: stonezdj <daojunz@vmware.com>

* fix issue

Signed-off-by: stonezdj <daojunz@vmware.com>

---------

Signed-off-by: stonezdj <daojunz@vmware.com>
 2023-08-07 08:40:26 +08:00
Shijun Sun f8cf772d86
Update style for add-replication-rule page (#19100) 
1. Fixes #19098

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-08-04 14:12:15 +08:00
Chlins Zhang 8c23bcdc54
fix: fix replication list projects with pure numberic name (#19090) 
Quote the project name when listing projects in the replication, resolve
the issue of pure number name of project.

Signed-off-by: chlins <chenyuzh@vmware.com>
 2023-08-04 09:29:51 +08:00
Shijun Sun 530b78285b
Convert the string "0" to number 0 (#19080) 
1. Fixes #19046

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-08-03 21:52:49 +08:00
Shijun Sun d34775296c
Update cron ui for add replicatipn rule page (#19083) 
1.Fixes #19072

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-08-03 18:18:54 +08:00
Shijun Sun 26b53ef343
Show banner message on log in page (#19078) 
1. Fixes #19076

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-08-03 17:24:09 +08:00
Shijun Sun 1d81b3d8ad
Update ui for gc history and banner message (#19094) 
1. Fixes #19031
2. Fixes #19049

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-08-03 14:36:20 +08:00
Shijun Sun cdd3f267b5
Merge cosign check and notation check (#19079) 
1.Merge cosign check and notaion check into one API call, related issue #19077

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-08-03 13:06:15 +08:00
Shijun Sun 39ec1e4b1f
Add validator for duration of banner message (#19057) 
1.Fixes #19049

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-08-01 18:31:32 +08:00
Shijun Sun b496edf304
Update style for banner message ui (#19069) 
1.Fixes #19021
2.Fixes #19022

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-08-01 17:24:28 +08:00
Shijun Sun 28e6a99eb9
Remove cache for project policy updating (#19068) 
1. Fixes #19065

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-08-01 15:31:32 +08:00
Shijun Sun 854e0295d1
Update security hub ui (#19062) 
1. Fixes #19010
2. Fixes #19011
3. Fixes #19012
4. Fixes #19015
5. Fixes #19025
6. Fixes #19026
7. Fixes #19034
8. Fixes #19037

Signed-off-by: AllForNothing <sshijun@vmware.com>
 2023-07-31 20:25:05 +08:00
Wang Yan d93f24a4dc
fix dry run creation time (#19060) 
fixes #19059
Give the mock time for dry run, otherwise, it will be zero.

Signed-off-by: wang yan <wangyan@vmware.com>
 2023-07-31 17:29:56 +08:00
Wang Yan bef4ccc782
fixes 19043 (#19054) 
fixes #19043
Skip the policy checking when to pull the notation signature

Signed-off-by: wang yan <wangyan@vmware.com>
 2023-07-31 15:11:21 +08:00
Wang Yan 638c26c41a
add details for gc dry-run (#19050) 
* add details for gc dry-run

fixes 19040
Gives the make details for the dry-run

Signed-off-by: wang yan <wangyan@vmware.com>

* Update details column for gc history (#164)

1.Fixes #19038

Signed-off-by: AllForNothing <sshijun@vmware.com>

---------

Signed-off-by: wang yan <wangyan@vmware.com>
Signed-off-by: AllForNothing <sshijun@vmware.com>
Co-authored-by: Shijun Sun <30999793+AllForNothing@users.noreply.github.com>
 2023-07-31 13:53:51 +08:00
Wang Yan ae33dbd801
fix accessory import issue (#19053) 
fixes #19041

The issuse was introduced by https://github.com/goharbor/harbor/pull/17087.
To move the import to main since the anonymous imports only allowed at main in go-cilint.

Fixes it:
To add the anonymous imports at the jobservice main since the gc job needs to remove accessory when to delete an artifact

Signed-off-by: wang yan <wangyan@vmware.com>
 2023-07-30 22:36:03 +08:00