mirror of
https://github.com/goharbor/harbor.git
synced 2025-01-10 18:07:42 +01:00
2156750b04
The certificate verification is on system level before this commit. Moving it to target level makes the configuration more flexible for different targets.
2804 lines
85 KiB
YAML
2804 lines
85 KiB
YAML
swagger: '2.0'
|
|
info:
|
|
title: Harbor API
|
|
description: These APIs provide services for manipulating Harbor project.
|
|
version: 0.3.0
|
|
host: localhost
|
|
schemes:
|
|
- http
|
|
basePath: /api
|
|
produces:
|
|
- application/json
|
|
- text/plain
|
|
consumes:
|
|
- text/plain
|
|
- application/json
|
|
paths:
|
|
/search:
|
|
get:
|
|
summary: Search for projects and repositories
|
|
description: >
|
|
The Search endpoint returns information about the projects and
|
|
repositories
|
|
|
|
offered at public status or related to the current logged in user. The
|
|
|
|
response includes the project and repository list in a proper
|
|
|
|
display order.
|
|
parameters:
|
|
- name: q
|
|
in: query
|
|
description: Search parameter for project and repository name.
|
|
required: true
|
|
type: string
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: An array of search results
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/Search'
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/projects:
|
|
get:
|
|
summary: List projects
|
|
description: >
|
|
This endpoint returns all projects created by Harbor, and can be
|
|
filtered by project name.
|
|
parameters:
|
|
- name: name
|
|
in: query
|
|
description: The name of project.
|
|
required: false
|
|
type: string
|
|
- name: public
|
|
in: query
|
|
description: The project is public or private.
|
|
required: false
|
|
type: boolean
|
|
format: int32
|
|
- name: owner
|
|
in: query
|
|
description: The name of project owner.
|
|
required: false
|
|
type: string
|
|
- name: page
|
|
in: query
|
|
type: integer
|
|
format: int32
|
|
required: false
|
|
description: 'The page nubmer, default is 1.'
|
|
- name: page_size
|
|
in: query
|
|
type: integer
|
|
format: int32
|
|
required: false
|
|
description: 'The size of per page, default is 10, maximum is 100.'
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Return all matched projects.
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/Project'
|
|
headers:
|
|
X-Total-Count:
|
|
description: The total count of projects
|
|
type: integer
|
|
Link:
|
|
description: Link refers to the previous page and next page
|
|
type: string
|
|
'401':
|
|
description: User need to log in first.
|
|
'500':
|
|
description: Internal errors.
|
|
head:
|
|
summary: Check if the project name user provided already exists.
|
|
description: >
|
|
This endpoint is used to check if the project name user provided already
|
|
exist.
|
|
parameters:
|
|
- name: project_name
|
|
in: query
|
|
description: Project name for checking exists.
|
|
required: true
|
|
type: string
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Project name exists.
|
|
'401':
|
|
description: User need to log in first.
|
|
'404':
|
|
description: Project name does not exist.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
post:
|
|
summary: Create a new project.
|
|
description: |
|
|
This endpoint is for user to create a new project.
|
|
parameters:
|
|
- name: project
|
|
in: body
|
|
description: New created project.
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/ProjectReq'
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'201':
|
|
description: Project created successfully.
|
|
'400':
|
|
description: Unsatisfied with constraints of the project creation.
|
|
'401':
|
|
description: User need to log in first.
|
|
'409':
|
|
description: Project name already exists.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
'/projects/{project_id}':
|
|
get:
|
|
summary: Return specific project detail infomation
|
|
description: |
|
|
This endpoint returns specific project information by project ID.
|
|
parameters:
|
|
- name: project_id
|
|
in: path
|
|
description: Project ID for filtering results.
|
|
required: true
|
|
type: integer
|
|
format: int64
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Return matched project information.
|
|
schema:
|
|
$ref: '#/definitions/Project'
|
|
'401':
|
|
description: User need to log in first.
|
|
'500':
|
|
description: Internal errors.
|
|
put:
|
|
summary: Update properties for a selected project.
|
|
description: |
|
|
This endpoint is aimed to update the properties of a project.
|
|
parameters:
|
|
- name: project_id
|
|
in: path
|
|
type: integer
|
|
format: int64
|
|
required: true
|
|
description: Selected project ID.
|
|
- name: project
|
|
in: body
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/Project'
|
|
description: Updates of project.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Updated project properties successfully.
|
|
'400':
|
|
description: Illegal format of provided ID value.
|
|
'401':
|
|
description: User need to log in first.
|
|
'403':
|
|
description: User does not have permission to the project.
|
|
'404':
|
|
description: Project ID does not exist.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
delete:
|
|
summary: Delete project by projectID
|
|
description: |
|
|
This endpoint is aimed to delete project by project ID.
|
|
parameters:
|
|
- name: project_id
|
|
in: path
|
|
description: Project ID of project which will be deleted.
|
|
required: true
|
|
type: integer
|
|
format: int64
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Project is deleted successfully.
|
|
'400':
|
|
description: Invalid project id.
|
|
'403':
|
|
description: User need to log in first.
|
|
'404':
|
|
description: Project does not exist.
|
|
'412':
|
|
description: 'Project contains policies, can not be deleted.'
|
|
'500':
|
|
description: Internal errors.
|
|
'/projects/{project_id}/logs':
|
|
get:
|
|
summary: Get access logs accompany with a relevant project.
|
|
description: >
|
|
This endpoint let user search access logs filtered by operations and
|
|
date time ranges.
|
|
parameters:
|
|
- name: project_id
|
|
in: path
|
|
type: integer
|
|
format: int64
|
|
required: true
|
|
description: Relevant project ID
|
|
- name: username
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: Username of the operator.
|
|
- name: repository
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: The name of repository
|
|
- name: tag
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: The name of tag
|
|
- name: operation
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: The operation
|
|
- name: begin_timestamp
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: The begin timestamp
|
|
- name: end_timestamp
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: The end timestamp
|
|
- name: page
|
|
in: query
|
|
type: integer
|
|
format: int32
|
|
required: false
|
|
description: 'The page nubmer, default is 1.'
|
|
- name: page_size
|
|
in: query
|
|
type: integer
|
|
format: int32
|
|
required: false
|
|
description: 'The size of per page, default is 10, maximum is 100.'
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get access log successfully.
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/AccessLog'
|
|
headers:
|
|
X-Total-Count:
|
|
description: The total count of access logs
|
|
type: integer
|
|
Link:
|
|
description: Link refers to the previous page and next page
|
|
type: string
|
|
'400':
|
|
description: Illegal format of provided ID value.
|
|
'401':
|
|
description: User need to log in first.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
'/projects/{project_id}/members/':
|
|
get:
|
|
summary: Return a project's relevant role members.
|
|
description: >
|
|
This endpoint is for user to search a specified project's relevant role
|
|
members.
|
|
parameters:
|
|
- name: project_id
|
|
in: path
|
|
type: integer
|
|
format: int64
|
|
required: true
|
|
description: Relevant project ID.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get project's relevant role members successfully.
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/User'
|
|
'400':
|
|
description: Illegal format of provided ID value.
|
|
'401':
|
|
description: User need to log in first.
|
|
'403':
|
|
description: User in session does not have permission to the project.
|
|
'404':
|
|
description: Project ID does not exist.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
post:
|
|
summary: Add project role member accompany with relevant project and user.
|
|
description: >
|
|
This endpoint is for user to add project role member accompany with
|
|
relevant project and user.
|
|
parameters:
|
|
- name: project_id
|
|
in: path
|
|
type: integer
|
|
format: int64
|
|
required: true
|
|
description: Relevant project ID.
|
|
- name: roles
|
|
in: body
|
|
description: >-
|
|
Role members for adding to relevant project. Only one role is
|
|
supported in the role list.
|
|
schema:
|
|
$ref: '#/definitions/RoleParam'
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Role members added to relevant project successfully.
|
|
'400':
|
|
description: Illegal format of provided ID value.
|
|
'401':
|
|
description: User need to log in first.
|
|
'403':
|
|
description: User in session does not have permission to the project.
|
|
'404':
|
|
description: Project ID or username does not exist.
|
|
'409':
|
|
description: User has already added as a project role member.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
'/projects/{project_id}/members/{user_id}':
|
|
get:
|
|
summary: Return role members accompany with relevant project and user.
|
|
description: >
|
|
This endpoint is for user to get role members accompany with relevant
|
|
project and user.
|
|
parameters:
|
|
- name: project_id
|
|
in: path
|
|
type: integer
|
|
format: int64
|
|
required: true
|
|
description: Relevant project ID
|
|
- name: user_id
|
|
in: path
|
|
type: integer
|
|
format: int
|
|
required: true
|
|
description: Relevant user ID
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get project role members successfully.
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/Role'
|
|
'400':
|
|
description: Illegal format of provided ID value.
|
|
'401':
|
|
description: User need to log in first.
|
|
'403':
|
|
description: User in session does not have permission to the project.
|
|
'404':
|
|
description: Project ID does not exist.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
put:
|
|
summary: Update project role members accompany with relevant project and user.
|
|
description: >
|
|
This endpoint is for user to update current project role members
|
|
accompany with relevant project and user.
|
|
parameters:
|
|
- name: project_id
|
|
in: path
|
|
type: integer
|
|
format: int64
|
|
required: true
|
|
description: Relevant project ID.
|
|
- name: user_id
|
|
in: path
|
|
type: integer
|
|
format: int
|
|
required: true
|
|
description: Relevant user ID.
|
|
- name: roles
|
|
in: body
|
|
schema:
|
|
$ref: '#/definitions/RoleParam'
|
|
description: Updates for roles and username.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Project role members updated successfully.
|
|
'400':
|
|
description: Illegal format of provided ID value.
|
|
'401':
|
|
description: User need to log in first.
|
|
'403':
|
|
description: User in session does not have permission to the project.
|
|
'404':
|
|
description: Project ID does not exist.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
delete:
|
|
summary: Delete project role members accompany with relevant project and user.
|
|
description: >
|
|
This endpoint is aimed to remove project role members already added to
|
|
the relevant project and user.
|
|
parameters:
|
|
- name: project_id
|
|
in: path
|
|
type: integer
|
|
format: int64
|
|
required: true
|
|
description: Relevant project ID.
|
|
- name: user_id
|
|
in: path
|
|
type: integer
|
|
format: int
|
|
required: true
|
|
description: Relevant user ID.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Project role members deleted successfully.
|
|
'400':
|
|
description: Illegal format of provided ID value.
|
|
'401':
|
|
description: User need to log in first.
|
|
'403':
|
|
description: User in session does not have permission to the project.
|
|
'404':
|
|
description: Project ID does not exist.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/statistics:
|
|
get:
|
|
summary: Get projects number and repositories number relevant to the user
|
|
description: >
|
|
This endpoint is aimed to statistic all of the projects number and
|
|
repositories number relevant to the logined user, also the public
|
|
projects number and repositories number. If the user is admin, he can
|
|
also get total projects number and total repositories number.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: >-
|
|
Get the projects number and repositories number relevant to the user
|
|
successfully.
|
|
schema:
|
|
$ref: '#/definitions/StatisticMap'
|
|
'401':
|
|
description: User need to log in first.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/users:
|
|
get:
|
|
summary: Get registered users of Harbor.
|
|
description: >
|
|
This endpoint is for user to search registered users, support for
|
|
filtering results with username.Notice, by now this operation is only
|
|
for administrator.
|
|
parameters:
|
|
- name: username
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: Username for filtering results.
|
|
- name: email
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: Email for filtering results.
|
|
- name: page
|
|
in: query
|
|
type: integer
|
|
format: int32
|
|
required: false
|
|
description: 'The page nubmer, default is 1.'
|
|
- name: page_size
|
|
in: query
|
|
type: integer
|
|
format: int32
|
|
required: false
|
|
description: The size of per page.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Searched for users of Harbor successfully.
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/User'
|
|
'400':
|
|
description: Invalid user ID.
|
|
'401':
|
|
description: User need to log in first.
|
|
'403':
|
|
description: User does not have permission of admin role.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
post:
|
|
summary: Creates a new user account.
|
|
description: |
|
|
This endpoint is to create a user if the user does not already exist.
|
|
parameters:
|
|
- name: user
|
|
in: body
|
|
description: New created user.
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/User'
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'201':
|
|
description: User created successfully.
|
|
'400':
|
|
description: Unsatisfied with constraints of the user creation.
|
|
'403':
|
|
description: >-
|
|
User registration can only be used by admin role user when
|
|
self-registration is off.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/users/current:
|
|
get:
|
|
summary: Get current user info.
|
|
description: |
|
|
This endpoint is to get the current user infomation.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get current user information successfully.
|
|
schema:
|
|
$ref: '#/definitions/User'
|
|
'401':
|
|
description: User need to log in first.
|
|
'/users/{user_id}':
|
|
get:
|
|
summary: Get a user's profile.
|
|
description: |
|
|
Get user's profile with user id.
|
|
parameters:
|
|
- name: user_id
|
|
in: path
|
|
type: integer
|
|
format: int
|
|
required: true
|
|
description: Registered user ID
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get user's profile successfully.
|
|
'400':
|
|
description: Invalid user ID.
|
|
'401':
|
|
description: User need to log in first.
|
|
'403':
|
|
description: User does not have permission of admin role.
|
|
'404':
|
|
description: User ID does not exist.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
put:
|
|
summary: Update a registered user to change his profile.
|
|
description: |
|
|
This endpoint let a registered user change his profile.
|
|
parameters:
|
|
- name: user_id
|
|
in: path
|
|
type: integer
|
|
format: int
|
|
required: true
|
|
description: Registered user ID
|
|
- name: profile
|
|
in: body
|
|
description: 'Only email, realname and comment can be modified.'
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/UserProfile'
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Updated user's profile successfully.
|
|
'400':
|
|
description: Invalid user ID.
|
|
'401':
|
|
description: User need to log in first.
|
|
'403':
|
|
description: User does not have permission of admin role.
|
|
'404':
|
|
description: User ID does not exist.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
delete:
|
|
summary: Mark a registered user as be removed.
|
|
description: |
|
|
This endpoint let administrator of Harbor mark a registered user as
|
|
be removed.It actually won't be deleted from DB.
|
|
parameters:
|
|
- name: user_id
|
|
in: path
|
|
type: integer
|
|
format: int
|
|
required: true
|
|
description: User ID for marking as to be removed.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Marked user as be removed successfully.
|
|
'400':
|
|
description: Invalid user ID.
|
|
'401':
|
|
description: User need to log in first.
|
|
'403':
|
|
description: User does not have permission of admin role.
|
|
'404':
|
|
description: User ID does not exist.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
'/users/{user_id}/password':
|
|
put:
|
|
summary: Change the password on a user that already exists.
|
|
description: >
|
|
This endpoint is for user to update password. Users with the admin role
|
|
can change any user's password. Guest users can change only their own
|
|
password.
|
|
parameters:
|
|
- name: user_id
|
|
in: path
|
|
type: integer
|
|
format: int
|
|
required: true
|
|
description: Registered user ID.
|
|
- name: password
|
|
in: body
|
|
description: Password to be updated.
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/Password'
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Updated password successfully.
|
|
'400':
|
|
description: Invalid user ID; Old password is blank; New password is blank.
|
|
'401':
|
|
description: Don't have authority to change password. Please check login status.
|
|
'403':
|
|
description: Old password is not correct.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
'/users/{user_id}/sysadmin':
|
|
put:
|
|
summary: Update a registered user to change to be an administrator of Harbor.
|
|
description: |
|
|
This endpoint let a registered user change to be an administrator
|
|
of Harbor.
|
|
parameters:
|
|
- name: user_id
|
|
in: path
|
|
type: integer
|
|
format: int
|
|
required: true
|
|
description: Registered user ID
|
|
- name: has_admin_role
|
|
in: body
|
|
description: Toggle a user to admin or not.
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/HasAdminRole'
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Updated user's admin role successfully.
|
|
'400':
|
|
description: Invalid user ID.
|
|
'401':
|
|
description: User need to log in first.
|
|
'403':
|
|
description: User does not have permission of admin role.
|
|
'404':
|
|
description: User ID does not exist.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/repositories:
|
|
get:
|
|
summary: Get repositories accompany with relevant project and repo name.
|
|
description: >
|
|
This endpoint let user search repositories accompanying with relevant
|
|
project ID and repo name.
|
|
parameters:
|
|
- name: project_id
|
|
in: query
|
|
type: integer
|
|
format: int32
|
|
required: true
|
|
description: Relevant project ID.
|
|
- name: q
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: Repo name for filtering results.
|
|
- name: page
|
|
in: query
|
|
type: integer
|
|
format: int32
|
|
required: false
|
|
description: 'The page nubmer, default is 1.'
|
|
- name: page_size
|
|
in: query
|
|
type: integer
|
|
format: int32
|
|
required: false
|
|
description: 'The size of per page, default is 10, maximum is 100.'
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get repositories successfully.
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/Repository'
|
|
headers:
|
|
X-Total-Count:
|
|
description: The total count of repositories
|
|
type: integer
|
|
Link:
|
|
description: Link refers to the previous page and next page
|
|
type: string
|
|
'400':
|
|
description: Invalid project ID.
|
|
'403':
|
|
description: >-
|
|
Project is not public or current user is irrelevant to the
|
|
repository.
|
|
'404':
|
|
description: Project ID does not exist.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
'/repositories/{repo_name}':
|
|
delete:
|
|
summary: Delete a repository.
|
|
description: |
|
|
This endpoint let user delete a repository with name.
|
|
parameters:
|
|
- name: repo_name
|
|
in: path
|
|
type: string
|
|
required: true
|
|
description: The name of repository which will be deleted.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Delete successfully.
|
|
'400':
|
|
description: Invalid repo_name.
|
|
'401':
|
|
description: Unauthorized.
|
|
'403':
|
|
description: Forbidden.
|
|
'404':
|
|
description: Repository not found.
|
|
'/repositories/{repo_name}/tags/{tag}':
|
|
get:
|
|
summary: Get the tag of the repository.
|
|
description: >
|
|
This endpoint aims to retrieve the tag of the repository. If deployed
|
|
with Notary, the signature property of response represents whether the
|
|
image is singed or not. If the property is null, the image is unsigned.
|
|
parameters:
|
|
- name: repo_name
|
|
in: path
|
|
type: string
|
|
required: true
|
|
description: Relevant repository name.
|
|
- name: tag
|
|
in: path
|
|
type: string
|
|
required: true
|
|
description: Tag of the repository.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get tag successfully.
|
|
schema:
|
|
$ref: '#/definitions/DetailedTag'
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
delete:
|
|
summary: Delete a tag in a repository.
|
|
description: |
|
|
This endpoint let user delete tags with repo name and tag.
|
|
parameters:
|
|
- name: repo_name
|
|
in: path
|
|
type: string
|
|
required: true
|
|
description: The name of repository which will be deleted.
|
|
- name: tag
|
|
in: path
|
|
type: string
|
|
required: true
|
|
description: Tag of a repository.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Delete tag successfully.
|
|
'400':
|
|
description: Invalid repo_name.
|
|
'401':
|
|
description: Unauthorized.
|
|
'403':
|
|
description: Forbidden.
|
|
'404':
|
|
description: Repository or tag not found.
|
|
'/repositories/{repo_name}/tags':
|
|
get:
|
|
summary: Get tags of a relevant repository.
|
|
description: >
|
|
This endpoint aims to retrieve tags from a relevant repository. If
|
|
deployed with Notary, the signature property of response represents
|
|
whether the image is singed or not. If the property is null, the image
|
|
is unsigned.
|
|
parameters:
|
|
- name: repo_name
|
|
in: path
|
|
type: string
|
|
required: true
|
|
description: Relevant repository name.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get tags successfully.
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/DetailedTag'
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
'/repositories/{repo_name}/tags/{tag}/manifest':
|
|
get:
|
|
summary: Get manifests of a relevant repository.
|
|
description: |
|
|
This endpoint aims to retreive manifests from a relevant repository.
|
|
parameters:
|
|
- name: repo_name
|
|
in: path
|
|
type: string
|
|
required: true
|
|
description: Repository name
|
|
- name: tag
|
|
in: path
|
|
type: string
|
|
required: true
|
|
description: Tag name
|
|
- name: version
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: >-
|
|
The version of manifest, valid value are "v1" and "v2", default is
|
|
"v2"
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Retrieved manifests from a relevant repository successfully.
|
|
schema:
|
|
$ref: '#/definitions/Manifest'
|
|
'404':
|
|
description: Retrieved manifests from a relevant repository not found.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
'/repositories/{repo_name}/tags/{tag}/scan':
|
|
post:
|
|
summary: Scan the image.
|
|
description: >
|
|
Trigger jobservice to call Clair API to scan the image identified by the
|
|
repo_name and tag. Only project admins have permission to scan images
|
|
under the project.
|
|
parameters:
|
|
- name: repo_name
|
|
in: path
|
|
type: string
|
|
required: true
|
|
description: Repository name
|
|
- name: tag
|
|
in: path
|
|
type: string
|
|
required: true
|
|
description: Tag name
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Successfully created the job to scan image.
|
|
'401':
|
|
description: User needs to login or call the API with correct credentials.
|
|
'403':
|
|
description: User doesn't have permission to perform the action.
|
|
'404':
|
|
description: The image does not exist in Harbor.
|
|
'503':
|
|
description: Harbor is not deployed with Clair.
|
|
/repositories/scanAll:
|
|
post:
|
|
summary: Scan all images of the registry.
|
|
description: >
|
|
The server will launch different jobs to scan each image on the
|
|
regsitry, so this is equivalent to calling the API to scan the image
|
|
one by one in background, so there's no way to track the overall status
|
|
of the "scan all" action. Only system adim has permission to call this
|
|
API.
|
|
parameters:
|
|
- name: project_id
|
|
in: query
|
|
type: integer
|
|
description: When this parm is set only the images under the project identified by the project_id will be scanned.
|
|
responses:
|
|
'202':
|
|
description: >-
|
|
The action is successully taken in the background. If some images
|
|
are failed to scan it will only be reflected in the job status.
|
|
'401':
|
|
description: User needs to login or call the API with correct credentials.
|
|
'403':
|
|
description: User doesn't have permission to perform the action.
|
|
'500':
|
|
description: Failed to initiate the action.
|
|
'503':
|
|
description: Harbor is not deployed with Clair.
|
|
'/repositories/{repo_name}/tags/{tag}/vulnerability/details':
|
|
get:
|
|
summary: Get vulnerability details of the image.
|
|
description: >
|
|
Call Clair API to get the vulnerability based on the previous successful
|
|
scan.
|
|
parameters:
|
|
- name: repo_name
|
|
in: path
|
|
type: string
|
|
required: true
|
|
description: Repository name
|
|
- name: tag
|
|
in: path
|
|
type: string
|
|
required: true
|
|
description: Tag name
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Successfully retrieved the vulnerabilities.
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#definitions/VulnerabilityItem'
|
|
'401':
|
|
description: User needs to login or call the API with correct credentials.
|
|
'403':
|
|
description: User doesn't have permission to perform the action.
|
|
'404':
|
|
description: The image does not exist in Harbor.
|
|
'503':
|
|
description: Harbor is not deployed with Clair.
|
|
'/repositories/{repo_name}/signatures':
|
|
get:
|
|
summary: Get signature information of a repository
|
|
description: >
|
|
This endpoint aims to retrieve signature information of a repository,
|
|
the data is
|
|
|
|
from the nested notary instance of Harbor.
|
|
|
|
If the repository does not have any signature information in notary,
|
|
this API will
|
|
|
|
return an empty list with response code 200, instead of 404
|
|
parameters:
|
|
- name: repo_name
|
|
in: path
|
|
type: string
|
|
required: true
|
|
description: repository name.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Retrieved signatures.
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/RepoSignature'
|
|
'500':
|
|
description: Server side error.
|
|
/repositories/top:
|
|
get:
|
|
summary: Get public repositories which are accessed most.
|
|
description: |
|
|
This endpoint aims to let users see the most popular public repositories
|
|
parameters:
|
|
- name: count
|
|
in: query
|
|
type: integer
|
|
format: int32
|
|
required: false
|
|
description: >-
|
|
The number of the requested public repositories, default is 10 if
|
|
not provided.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get popular repositories successfully.
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/Repository'
|
|
'400':
|
|
description: Bad request because of invalid count.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/logs:
|
|
get:
|
|
summary: Get recent logs of the projects which the user is a member of
|
|
description: >
|
|
This endpoint let user see the recent operation logs of the projects
|
|
which he is member of
|
|
parameters:
|
|
- name: username
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: Username of the operator.
|
|
- name: repository
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: The name of repository
|
|
- name: tag
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: The name of tag
|
|
- name: operation
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: The operation
|
|
- name: begin_timestamp
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: The begin timestamp
|
|
- name: end_timestamp
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: The end timestamp
|
|
- name: page
|
|
in: query
|
|
type: integer
|
|
format: int32
|
|
required: false
|
|
description: 'The page nubmer, default is 1.'
|
|
- name: page_size
|
|
in: query
|
|
type: integer
|
|
format: int32
|
|
required: false
|
|
description: 'The size of per page, default is 10, maximum is 100.'
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get the required logs successfully.
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/AccessLog'
|
|
'400':
|
|
description: Bad request because of invalid parameters.
|
|
'401':
|
|
description: User need to login first.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/jobs/replication:
|
|
get:
|
|
summary: List filters jobs according to the policy and repository
|
|
description: >
|
|
This endpoint let user list filters jobs according to the policy and
|
|
repository. (if start_time and end_time are both null, list jobs of last
|
|
10 days)
|
|
tags:
|
|
- Products
|
|
parameters:
|
|
- name: policy_id
|
|
in: query
|
|
type: integer
|
|
format: int
|
|
required: true
|
|
description: The ID of the policy that triggered this job.
|
|
- name: num
|
|
in: query
|
|
type: integer
|
|
format: int32
|
|
required: false
|
|
description: The return list length number.
|
|
- name: end_time
|
|
in: query
|
|
type: integer
|
|
format: int64
|
|
required: false
|
|
description: The end time of jobs done. (Timestamp)
|
|
- name: start_time
|
|
in: query
|
|
type: integer
|
|
format: int64
|
|
required: false
|
|
description: The start time of jobs. (Timestamp)
|
|
- name: repository
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: The respond jobs list filter by repository name.
|
|
- name: status
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: The respond jobs list filter by status.
|
|
- name: page
|
|
in: query
|
|
type: integer
|
|
format: int32
|
|
required: false
|
|
description: 'The page nubmer, default is 1.'
|
|
- name: page_size
|
|
in: query
|
|
type: integer
|
|
format: int32
|
|
required: false
|
|
description: 'The size of per page, default is 10, maximum is 100.'
|
|
responses:
|
|
'200':
|
|
description: Get the required logs successfully.
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/JobStatus'
|
|
headers:
|
|
X-Total-Count:
|
|
description: The total count of jobs
|
|
type: integer
|
|
Link:
|
|
description: Link refers to the previous page and next page
|
|
type: string
|
|
'400':
|
|
description: Bad request because of invalid parameters.
|
|
'401':
|
|
description: User need to login first.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/jobs/replication/{id}:
|
|
delete:
|
|
summary: Delete specific ID job.
|
|
description: |
|
|
This endpoint is aimed to remove specific ID job from jobservice.
|
|
parameters:
|
|
- name: id
|
|
in: path
|
|
type: integer
|
|
format: int64
|
|
required: true
|
|
description: Delete job ID.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Job deleted successfully.
|
|
'400':
|
|
description: Job ID is invalid or can't remove this job.
|
|
'401':
|
|
description: Only admin has this authority.
|
|
'404':
|
|
description: Project ID does not exist.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/jobs/replication/{id}/log:
|
|
get:
|
|
summary: Get job logs.
|
|
description: |
|
|
This endpoint let user search job logs filtered by specific ID.
|
|
parameters:
|
|
- name: id
|
|
in: path
|
|
type: integer
|
|
format: int64
|
|
required: true
|
|
description: Relevant job ID
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get job log successfully.
|
|
'400':
|
|
description: Illegal format of provided ID value.
|
|
'401':
|
|
description: User need to log in first.
|
|
'404':
|
|
description: The specific repository ID's log does not exist.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/jobs/scan/{id}/log:
|
|
get:
|
|
summary: Get job logs.
|
|
description: |
|
|
This endpoint let user get scan job logs filtered by specific ID.
|
|
parameters:
|
|
- name: id
|
|
in: path
|
|
type: integer
|
|
format: int64
|
|
required: true
|
|
description: Relevant job ID
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get job log successfully.
|
|
'400':
|
|
description: Illegal format of provided ID value.
|
|
'401':
|
|
description: User need to log in first.
|
|
'404':
|
|
description: The specific repository ID's log does not exist.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
|
|
/policies/replication:
|
|
get:
|
|
summary: List filters policies by name and project_id
|
|
description: >
|
|
This endpoint let user list filters policies by name and project_id, if
|
|
name and project_id are nil, list returns all policies
|
|
parameters:
|
|
- name: name
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: The replication's policy name.
|
|
- name: project_id
|
|
in: query
|
|
type: integer
|
|
format: int64
|
|
required: false
|
|
description: Relevant project ID.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get policy successfully.
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/RepPolicy'
|
|
'400':
|
|
description: Invalid project ID.
|
|
'401':
|
|
description: User need to log in first.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
post:
|
|
summary: Post creates a policy
|
|
description: >
|
|
This endpoint let user creates a policy, and if it is enabled, the
|
|
replication will be triggered right now.
|
|
parameters:
|
|
- name: policyinfo
|
|
in: body
|
|
description: Create new policy.
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/RepPolicyPost'
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'201':
|
|
description: Create policy successfully.
|
|
'400':
|
|
description: Invalid project ID or target ID.
|
|
'401':
|
|
description: User need to log in first.
|
|
'409':
|
|
description: >-
|
|
Policy name already used or policy already exists with the same
|
|
project and target.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/policies/replication/{id}:
|
|
get:
|
|
summary: Get replication policy.
|
|
description: |
|
|
This endpoint let user search replication policy by specific ID.
|
|
parameters:
|
|
- name: id
|
|
in: path
|
|
type: integer
|
|
format: int64
|
|
required: true
|
|
description: policy ID
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get job policy successfully.
|
|
schema:
|
|
$ref: '#/definitions/RepPolicy'
|
|
'401':
|
|
description: User need to log in first.
|
|
'404':
|
|
description: The specific repository ID's policy does not exist.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
put:
|
|
summary: 'Put modifies name, description, target and enablement of policy.'
|
|
description: >
|
|
This endpoint let user update policy name, description, target and
|
|
enablement.
|
|
parameters:
|
|
- name: id
|
|
in: path
|
|
type: integer
|
|
format: int64
|
|
required: true
|
|
description: policy ID
|
|
- name: policyupdate
|
|
in: body
|
|
description: 'Update policy name, description, target and enablement.'
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/RepPolicyUpdate'
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Update job policy content successfully.
|
|
'400':
|
|
description: policy is enabled or target does not exist
|
|
'401':
|
|
description: User need to log in first.
|
|
'404':
|
|
description: The specific repository ID's policy does not exist.
|
|
'409':
|
|
description: >-
|
|
Policy name already used or policy already exists with the same
|
|
project and target.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/policies/replication/{id}/enablement:
|
|
put:
|
|
summary: Put modifies enablement of the policy.
|
|
description: |
|
|
This endpoint let user update policy enablement flag.
|
|
parameters:
|
|
- name: id
|
|
in: path
|
|
type: integer
|
|
format: int64
|
|
required: true
|
|
description: policy ID
|
|
- name: enabledflag
|
|
in: body
|
|
description: The policy enablement flag.
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/RepPolicyEnablementReq'
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Update job policy enablement successfully.
|
|
'400':
|
|
description: Invalid enabled value.
|
|
'401':
|
|
description: User need to log in first.
|
|
'404':
|
|
description: The specific repository ID's policy does not exist.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/targets:
|
|
get:
|
|
summary: List filters targets by name.
|
|
description: >
|
|
This endpoint let user list filters targets by name, if name is nil,
|
|
list returns all targets.
|
|
parameters:
|
|
- name: name
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: The replication's target name.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get policy successfully.
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/RepTarget'
|
|
'401':
|
|
description: User need to log in first.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
post:
|
|
summary: Create a new replication target.
|
|
description: |
|
|
This endpoint is for user to create a new replication target.
|
|
parameters:
|
|
- name: reptarget
|
|
in: body
|
|
description: New created replication target.
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/RepTargetPost'
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'201':
|
|
description: Replication target created successfully.
|
|
'400':
|
|
description: Unsatisfied with constraints of the target creation.
|
|
'401':
|
|
description: User need to log in first.
|
|
'409':
|
|
description: Replication target name already exists.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/targets/ping:
|
|
post:
|
|
summary: Ping validates target.
|
|
description: >
|
|
This endpoint is for ping validates whether the target is reachable and
|
|
whether the credential is valid.
|
|
parameters:
|
|
- name: target
|
|
in: body
|
|
description: The target object.
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/PingTarget'
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Ping target successfully.
|
|
'400':
|
|
description: >-
|
|
Target id is invalid/ endpoint is needed/ invaild URL/ network
|
|
issue.
|
|
'401':
|
|
description: >-
|
|
User need to log in first or wrong username/password for remote
|
|
target.
|
|
'404':
|
|
description: Target not found.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
'/targets/{id}/ping':
|
|
post:
|
|
summary: Ping target.
|
|
description: |
|
|
This endpoint is for ping target.
|
|
parameters:
|
|
- name: id
|
|
in: path
|
|
type: integer
|
|
format: int64
|
|
required: true
|
|
description: The replication's target ID.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Ping replication's target successfully.
|
|
'400':
|
|
description: Can not ping target.
|
|
'401':
|
|
description: User need to log in first.
|
|
'404':
|
|
description: Target ID does not exist.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
'/targets/{id}':
|
|
put:
|
|
summary: Update replication's target.
|
|
description: |
|
|
This endpoint is for update specific replication's target.
|
|
parameters:
|
|
- name: id
|
|
in: path
|
|
type: integer
|
|
format: int64
|
|
required: true
|
|
description: The replication's target ID.
|
|
- name: repo_target
|
|
in: body
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/PutTarget'
|
|
description: Updates of replication's target.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Updated replication's target successfully.
|
|
'400':
|
|
description: The target is associated with policy which is enabled.
|
|
'401':
|
|
description: User need to log in first.
|
|
'404':
|
|
description: Target ID does not exist.
|
|
'409':
|
|
description: Target name or endpoint is already used.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
get:
|
|
summary: Get replication's target.
|
|
description: This endpoint is for get specific replication's target.
|
|
tags:
|
|
- Products
|
|
parameters:
|
|
- name: id
|
|
in: path
|
|
type: integer
|
|
format: int64
|
|
required: true
|
|
description: The replication's target ID.
|
|
responses:
|
|
'200':
|
|
description: Get replication's target successfully.
|
|
schema:
|
|
$ref: '#/definitions/RepTarget'
|
|
'401':
|
|
description: User need to log in first.
|
|
'404':
|
|
description: Replication's target not found
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
delete:
|
|
summary: Delete specific replication's target.
|
|
description: |
|
|
This endpoint is for to delete specific replication's target.
|
|
parameters:
|
|
- name: id
|
|
in: path
|
|
type: integer
|
|
format: int64
|
|
required: true
|
|
description: The replication's target ID.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Replication's target deleted successfully.
|
|
'400':
|
|
description: >-
|
|
Replication's target ID is invalid or the target is used by
|
|
policies.
|
|
'401':
|
|
description: Only admin has this authority.
|
|
'404':
|
|
description: Replication's target does not exist.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
'/targets/{id}/policies/':
|
|
get:
|
|
summary: List the target relevant policies.
|
|
description: >
|
|
This endpoint list policies filter with specific replication's target
|
|
ID.
|
|
parameters:
|
|
- name: id
|
|
in: path
|
|
type: integer
|
|
format: int64
|
|
required: true
|
|
description: The replication's target ID.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get relevant policies successfully.
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/RepPolicy'
|
|
'401':
|
|
description: User need to log in first.
|
|
'404':
|
|
description: Replication's target not found
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/internal/syncregistry:
|
|
post:
|
|
summary: Sync repositories from registry to DB.
|
|
description: >
|
|
This endpoint is for syncing all repositories of registry with
|
|
database.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Sync repositories successfully.
|
|
'401':
|
|
description: User need to log in first.
|
|
'403':
|
|
description: User does not have permission of admin role.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/systeminfo:
|
|
get:
|
|
summary: Get general system info
|
|
description: >
|
|
This API is for retrieving general system info, this can be called by
|
|
anonymous request.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get general info successfully.
|
|
schema:
|
|
type: object
|
|
items:
|
|
$ref: '#/definitions/GeneralInfo'
|
|
'500':
|
|
description: Unexpected internal error.
|
|
/systeminfo/volumes:
|
|
get:
|
|
summary: Get system volume info (total/free size).
|
|
description: >
|
|
This endpoint is for retrieving system volume info that only provides
|
|
for admin user.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get system volumes successfully.
|
|
schema:
|
|
type: object
|
|
items:
|
|
$ref: '#/definitions/SystemInfo'
|
|
'401':
|
|
description: User need to log in first.
|
|
'403':
|
|
description: User does not have permission of admin role.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/systeminfo/getcert:
|
|
get:
|
|
summary: Get default root certificate under OVA deployment.
|
|
description: >
|
|
This endpoint is for downloading a default root certificate that only
|
|
provides for admin user under OVA deployment.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get default root certificate successfully.
|
|
'401':
|
|
description: User need to log in first.
|
|
'403':
|
|
description: User does not have permission of admin role.
|
|
'404':
|
|
description: Not found the default root certificate.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/ldap/ping:
|
|
post:
|
|
summary: Ping available ldap service.
|
|
description: >
|
|
This endpoint ping the available ldap service for test related
|
|
configuration parameters.
|
|
parameters:
|
|
- name: ldapconf
|
|
in: body
|
|
description: >-
|
|
ldap configuration. support input ldap service configuration. If
|
|
it's a empty request, will load current configuration from the
|
|
system.
|
|
required: false
|
|
schema:
|
|
$ref: '#/definitions/LdapConf'
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Ping ldap service successfully.
|
|
'400':
|
|
description: Inviald ldap configuration parameters.
|
|
'401':
|
|
description: User need to login first.
|
|
'403':
|
|
description: Only admin has this authority.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/ldap/users/search:
|
|
post:
|
|
summary: Search available ldap users.
|
|
description: >
|
|
This endpoint searches the available ldap users based on related
|
|
configuration parameters. Support searched by input ladp configuration,
|
|
load configuration from the system and specific filter.
|
|
parameters:
|
|
- name: username
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: Registered user ID
|
|
- name: ldap_conf
|
|
in: body
|
|
description: >-
|
|
ldap search configuration. ldapconf field can input ldap service
|
|
configuration. If this item are blank, will load default
|
|
configuration will load current configuration from the system.
|
|
required: false
|
|
schema:
|
|
$ref: '#/definitions/LdapConf'
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Search ldap users successfully.
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/LdapUsers'
|
|
'400':
|
|
description: Inviald ldap configuration parameters.
|
|
'401':
|
|
description: User need to login first.
|
|
'403':
|
|
description: Only admin has this authority.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/ldap/users/import:
|
|
post:
|
|
summary: Import selected available ldap users.
|
|
description: >
|
|
This endpoint adds the selected available ldap users to harbor based on
|
|
related configuration parameters from the system. System will try to
|
|
guess the user email address and realname, add to harbor user
|
|
information.
|
|
|
|
If have errors when import user, will return the list of importing
|
|
failed uid and the failed reason.
|
|
parameters:
|
|
- name: uid_list
|
|
in: body
|
|
description: >-
|
|
The uid listed for importing. This list will check users validity of
|
|
ldap service based on configuration from the system.
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/LdapImportUsers'
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Add ldap users successfully.
|
|
'401':
|
|
description: User need to login first.
|
|
'403':
|
|
description: Only admin has this authority.
|
|
'500':
|
|
description: Failed import some users.
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/LdapFailedImportUsers'
|
|
/configurations:
|
|
get:
|
|
summary: Get system configurations.
|
|
description: >
|
|
This endpoint is for retrieving system configurations that only provides
|
|
for admin user.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get system configurations successfully. The response body is a map.
|
|
schema:
|
|
$ref: '#/definitions/Configurations'
|
|
'401':
|
|
description: User need to log in first.
|
|
'403':
|
|
description: User does not have permission of admin role.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
put:
|
|
summary: Modify system configurations.
|
|
description: >
|
|
This endpoint is for modifying system configurations that only provides
|
|
for admin user.
|
|
tags:
|
|
- Products
|
|
parameters:
|
|
- name: configurations
|
|
in: body
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/Configurations'
|
|
description: The configuration map can contain a subset of the attributes of the schema, which are to be updated.
|
|
responses:
|
|
'200':
|
|
description: Modify system configurations successfully.
|
|
'401':
|
|
description: User need to log in first.
|
|
'403':
|
|
description: User does not have permission of admin role.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/configurations/reset:
|
|
post:
|
|
summary: Reset system configurations.
|
|
description: >
|
|
Reset system configurations from environment variables. Can only be
|
|
accessed by admin user.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Reset system configurations successfully.
|
|
'401':
|
|
description: User need to log in first.
|
|
'403':
|
|
description: User does not have permission of admin role.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/email/ping:
|
|
post:
|
|
summary: Test connection and authentication with email server.
|
|
description: |
|
|
Test connection and authentication with email server.
|
|
parameters:
|
|
- name: settings
|
|
in: body
|
|
description: >-
|
|
Email server settings, if some of the settings are not assigned,
|
|
they will be read from system configuration.
|
|
required: false
|
|
schema:
|
|
$ref: '#/definitions/EmailServerSetting'
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Ping email server successfully.
|
|
'400':
|
|
description: Inviald email server settings.
|
|
'401':
|
|
description: User need to login first.
|
|
'403':
|
|
description: Only admin has this authority.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
definitions:
|
|
Search:
|
|
type: object
|
|
properties:
|
|
projects:
|
|
description: Search results of the projects that matched the filter keywords.
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/Project'
|
|
repositories:
|
|
description: Search results of the repositories that matched the filter keywords.
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/SearchRepository'
|
|
SearchRepository:
|
|
type: object
|
|
properties:
|
|
project_id:
|
|
type: integer
|
|
description: The ID of the project that the repository belongs to
|
|
project_name:
|
|
type: string
|
|
description: The name of the project that the repository belongs to
|
|
project_public:
|
|
type: integer
|
|
description: >-
|
|
The flag to indicate the publicity of the project that the repository
|
|
belongs to (1 is public, 0 is not)
|
|
repository_name:
|
|
type: string
|
|
description: The name of the repository
|
|
pull_count:
|
|
type: integer
|
|
description: The count how many times the repository is pulled
|
|
tags_count:
|
|
type: integer
|
|
description: The count of tags in the repository
|
|
ProjectReq:
|
|
type: object
|
|
properties:
|
|
project_name:
|
|
type: string
|
|
description: The name of the project.
|
|
public:
|
|
type: integer
|
|
format: int
|
|
description: The public status of the project.
|
|
enable_content_trust:
|
|
type: boolean
|
|
description: >-
|
|
Whether content trust is enabled or not. If it is enabled, user cann't
|
|
pull unsigned images from this project.
|
|
prevent_vulnerable_images_from_running:
|
|
type: boolean
|
|
description: Whether prevent the vulnerable images from running.
|
|
prevent_vulnerable_images_from_running_severity:
|
|
type: string
|
|
description: >-
|
|
If the vulnerability is high than severity defined here, the images
|
|
cann't be pulled.
|
|
automatically_scan_images_on_push:
|
|
type: boolean
|
|
description: Whether scan images automatically when pushing.
|
|
Project:
|
|
type: object
|
|
properties:
|
|
project_id:
|
|
type: integer
|
|
format: int32
|
|
description: Project ID
|
|
owner_id:
|
|
type: integer
|
|
format: int32
|
|
description: The owner ID of the project always means the creator of the project.
|
|
name:
|
|
type: string
|
|
description: The name of the project.
|
|
creation_time:
|
|
type: string
|
|
description: The creation time of the project.
|
|
update_time:
|
|
type: string
|
|
description: The update time of the project.
|
|
deleted:
|
|
type: integer
|
|
format: int32
|
|
description: 'A deletion mark of the project (1 means it''s deleted, 0 is not)'
|
|
owner_name:
|
|
type: string
|
|
description: The owner name of the project.
|
|
Togglable:
|
|
type: boolean
|
|
description: >-
|
|
Correspond to the UI about whether the project's publicity is
|
|
updatable (for UI)
|
|
current_user_role_id:
|
|
type: integer
|
|
description: The role ID of the current user who triggered the API (for UI)
|
|
repo_count:
|
|
type: integer
|
|
description: The number of the repositories under this project.
|
|
metadata:
|
|
type: object
|
|
description: The metadata of the project.
|
|
items:
|
|
$ref: '#/definitions/ProjectMetadata'
|
|
ProjectMetadata:
|
|
type: object
|
|
properties:
|
|
public:
|
|
type: integer
|
|
format: int
|
|
description: The public status of the project.
|
|
enable_content_trust:
|
|
type: boolean
|
|
description: >-
|
|
Whether content trust is enabled or not. If it is enabled, user cann't
|
|
pull unsigned images from this project.
|
|
prevent_vulnerable_images_from_running:
|
|
type: boolean
|
|
description: Whether prevent the vulnerable images from running.
|
|
prevent_vulnerable_images_from_running_severity:
|
|
type: string
|
|
description: >-
|
|
If the vulnerability is high than severity defined here, the images
|
|
cann't be pulled.
|
|
automatically_scan_images_on_push:
|
|
type: boolean
|
|
description: Whether scan images automatically when pushing.
|
|
Manifest:
|
|
type: object
|
|
properties:
|
|
manifest:
|
|
type: object
|
|
description: The detail of manifest.
|
|
config:
|
|
type: string
|
|
description: The config of the repository.
|
|
User:
|
|
type: object
|
|
properties:
|
|
user_id:
|
|
type: integer
|
|
format: int
|
|
description: The ID of the user.
|
|
username:
|
|
type: string
|
|
email:
|
|
type: string
|
|
password:
|
|
type: string
|
|
realname:
|
|
type: string
|
|
comment:
|
|
type: string
|
|
deleted:
|
|
type: integer
|
|
format: int32
|
|
role_name:
|
|
type: string
|
|
role_id:
|
|
type: integer
|
|
format: int
|
|
has_admin_role:
|
|
type: integer
|
|
format: int
|
|
reset_uuid:
|
|
type: string
|
|
Salt:
|
|
type: string
|
|
creation_time:
|
|
type: string
|
|
update_time:
|
|
type: string
|
|
Password:
|
|
type: object
|
|
properties:
|
|
old_password:
|
|
type: string
|
|
description: The user's existing password.
|
|
new_password:
|
|
type: string
|
|
description: New password for marking as to be updated.
|
|
AccessLog:
|
|
type: object
|
|
properties:
|
|
log_id:
|
|
type: integer
|
|
description: The ID of the log entry.
|
|
username:
|
|
type: string
|
|
description: Username of the user in this log entry.
|
|
repo_name:
|
|
type: string
|
|
description: Name of the repository in this log entry.
|
|
repo_tag:
|
|
type: string
|
|
description: Tag of the repository in this log entry.
|
|
operation:
|
|
type: string
|
|
description: The operation against the repository in this log entry.
|
|
op_time:
|
|
type: string
|
|
description: The time when this operation is triggered.
|
|
Role:
|
|
type: object
|
|
properties:
|
|
role_id:
|
|
type: integer
|
|
format: int32
|
|
description: ID in table.
|
|
role_code:
|
|
type: string
|
|
description: Description of permissions for the role.
|
|
role_name:
|
|
type: string
|
|
description: Name the the role.
|
|
role_mask:
|
|
type: string
|
|
RoleParam:
|
|
type: object
|
|
properties:
|
|
roles:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
format: int32
|
|
description: Role ID for updating project role member.
|
|
username:
|
|
type: string
|
|
description: Username relevant to a project role member.
|
|
StatisticMap:
|
|
type: object
|
|
properties:
|
|
private_project_count:
|
|
type: integer
|
|
format: int32
|
|
description: The count of the private projects which the user is a member of.
|
|
private_repo_count:
|
|
type: integer
|
|
format: int32
|
|
description: >-
|
|
The count of the private repositories belonging to the projects which
|
|
the user is a member of.
|
|
public_project_count:
|
|
type: integer
|
|
format: int32
|
|
description: The count of the public projects.
|
|
public_repo_count:
|
|
type: integer
|
|
format: int32
|
|
description: >-
|
|
The count of the public repositories belonging to the public projects
|
|
which the user is a member of.
|
|
total_project_count:
|
|
type: integer
|
|
format: int32
|
|
description: 'The count of the total projects, only be seen when the is admin.'
|
|
total_repo_count:
|
|
type: integer
|
|
format: int32
|
|
description: >-
|
|
The count of the total repositories, only be seen when the user is
|
|
admin.
|
|
JobStatus:
|
|
type: object
|
|
properties:
|
|
id:
|
|
type: integer
|
|
format: int64
|
|
description: The job ID.
|
|
status:
|
|
type: string
|
|
description: The status of the job.
|
|
repository:
|
|
type: string
|
|
description: The repository handled by the job.
|
|
policy_id:
|
|
type: integer
|
|
format: int64
|
|
description: The ID of the policy that triggered this job.
|
|
operation:
|
|
type: string
|
|
description: The operation of the job.
|
|
tags:
|
|
type: array
|
|
description: The repository's used tag list.
|
|
items:
|
|
$ref: '#/definitions/Tags'
|
|
creation_time:
|
|
type: string
|
|
description: The creation time of the job.
|
|
update_time:
|
|
type: string
|
|
description: The update time of the job.
|
|
Tags:
|
|
type: object
|
|
properties:
|
|
tag:
|
|
type: string
|
|
description: The repository's used tag.
|
|
RepPolicy:
|
|
type: object
|
|
properties:
|
|
id:
|
|
type: integer
|
|
format: int64
|
|
description: The policy ID.
|
|
project_id:
|
|
type: integer
|
|
format: int64
|
|
description: The project ID.
|
|
project_name:
|
|
type: string
|
|
description: The project name.
|
|
target_id:
|
|
type: integer
|
|
format: int64
|
|
description: The target ID.
|
|
name:
|
|
type: string
|
|
description: The policy name.
|
|
enabled:
|
|
type: integer
|
|
format: int
|
|
description: The policy's enabled status.
|
|
description:
|
|
type: string
|
|
description: The description of the policy.
|
|
cron_str:
|
|
type: string
|
|
description: The cron string for schedule job.
|
|
start_time:
|
|
type: string
|
|
description: The start time of the policy.
|
|
creation_time:
|
|
type: string
|
|
description: The create time of the policy.
|
|
update_time:
|
|
type: string
|
|
description: The update time of the policy.
|
|
error_job_count:
|
|
format: int
|
|
description: The error job count number for the policy.
|
|
deleted:
|
|
type: integer
|
|
RepPolicyPost:
|
|
type: object
|
|
properties:
|
|
project_id:
|
|
type: integer
|
|
format: int64
|
|
description: The project ID.
|
|
target_id:
|
|
type: integer
|
|
format: int64
|
|
description: The target ID.
|
|
name:
|
|
type: string
|
|
description: The policy name.
|
|
enabled:
|
|
type: integer
|
|
format: int
|
|
description: '1-enable, 0-disable'
|
|
RepPolicyUpdate:
|
|
type: object
|
|
properties:
|
|
target_id:
|
|
type: integer
|
|
format: int64
|
|
description: The target ID.
|
|
name:
|
|
type: string
|
|
description: The policy name.
|
|
enabled:
|
|
type: integer
|
|
format: int
|
|
description: The policy's enabled status.
|
|
description:
|
|
type: string
|
|
description: The description of the policy.
|
|
cron_str:
|
|
type: string
|
|
description: The cron string for schedule job.
|
|
RepPolicyEnablementReq:
|
|
type: object
|
|
properties:
|
|
enabled:
|
|
type: integer
|
|
format: int
|
|
description: The policy enablement flag.
|
|
RepTarget:
|
|
type: object
|
|
properties:
|
|
id:
|
|
type: integer
|
|
format: int64
|
|
description: The target ID.
|
|
endpoint:
|
|
type: string
|
|
description: The target address URL string.
|
|
name:
|
|
type: string
|
|
description: The target name.
|
|
username:
|
|
type: string
|
|
description: The target server username.
|
|
password:
|
|
type: string
|
|
description: The target server password.
|
|
type:
|
|
type: integer
|
|
format: int
|
|
description: Reserved field.
|
|
insecure:
|
|
type: boolean
|
|
description: Whether or not the certificate will be verified when Harbor tries to access the server.
|
|
creation_time:
|
|
type: string
|
|
description: The create time of the policy.
|
|
update_time:
|
|
type: string
|
|
description: The update time of the policy.
|
|
RepTargetPost:
|
|
type: object
|
|
properties:
|
|
endpoint:
|
|
type: string
|
|
description: The target address URL string.
|
|
name:
|
|
type: string
|
|
description: The target name.
|
|
username:
|
|
type: string
|
|
description: The target server username.
|
|
password:
|
|
type: string
|
|
description: The target server password.
|
|
insecure:
|
|
type: boolean
|
|
description: Whether or not the certificate will be verified when Harbor tries to access the server.
|
|
PingTarget:
|
|
type: object
|
|
properties:
|
|
endpoint:
|
|
type: string
|
|
description: The target address URL string.
|
|
username:
|
|
type: string
|
|
description: The target server username.
|
|
password:
|
|
type: string
|
|
description: The target server password.
|
|
insecure:
|
|
type: boolean
|
|
description: Whether or not the certificate will be verified when Harbor tries to access the server.
|
|
PutTarget:
|
|
type: object
|
|
properties:
|
|
name:
|
|
type: string
|
|
description: The target name.
|
|
endpoint:
|
|
type: string
|
|
description: The target address URL string.
|
|
username:
|
|
type: string
|
|
description: The target server username.
|
|
password:
|
|
type: string
|
|
description: The target server password.
|
|
insecure:
|
|
type: boolean
|
|
description: Whether or not the certificate will be verified when Harbor tries to access the server.
|
|
HasAdminRole:
|
|
type: object
|
|
properties:
|
|
has_admin_role:
|
|
type: integer
|
|
description: '1-has admin, 0-not.'
|
|
UserProfile:
|
|
type: object
|
|
properties:
|
|
email:
|
|
type: string
|
|
description: The new email.
|
|
realname:
|
|
type: string
|
|
description: The new realname.
|
|
comment:
|
|
type: string
|
|
description: The new comment.
|
|
Storage:
|
|
type: object
|
|
properties:
|
|
total:
|
|
type: integer
|
|
format: int64
|
|
description: Total volume size.
|
|
free:
|
|
type: integer
|
|
format: int64
|
|
description: Free volume size.
|
|
GeneralInfo:
|
|
type: object
|
|
properties:
|
|
with_notary:
|
|
type: boolean
|
|
description: If the Harbor instance is deployed with nested notary.
|
|
with_clair:
|
|
type: boolean
|
|
description: If the Harbor instance is deployed with nested clair.
|
|
with_admiral:
|
|
type: boolean
|
|
description: If the Harbor instance is deployed with Admiral.
|
|
admiral_endpoint:
|
|
type: string
|
|
description: The url of the endpoint of admiral instance.
|
|
auth_mode:
|
|
type: string
|
|
description: The auth mode of current Harbor instance.
|
|
project_creation_restriction:
|
|
type: string
|
|
description: >-
|
|
Indicate who can create projects, it could be 'adminonly' or
|
|
'everyone'.
|
|
self_registration:
|
|
type: boolean
|
|
description: Indicate whether the Harbor instance enable user to register himself.
|
|
has_ca_root:
|
|
type: boolean
|
|
description: >-
|
|
Indicate whether there is a ca root cert file ready for download in
|
|
the file system.
|
|
harbor_version:
|
|
type: string
|
|
description: The build version of Harbor.
|
|
next_scan_all:
|
|
type: integer
|
|
description: >-
|
|
The UTC time in milliseconds, after which user can call scanAll API to
|
|
scan all images.
|
|
clair_vulnerability_status:
|
|
type: object
|
|
description: The status of vulnerability data of Clair.
|
|
properties:
|
|
overall_last_update:
|
|
type: integer
|
|
description: >-
|
|
The UTC timestamp in milliseconds of last successful update for
|
|
Clair vulnerability data, when all the updaters are successfully
|
|
executed.
|
|
details:
|
|
type: array
|
|
description: >-
|
|
Detail timestamp of different namespace. This is introduced to
|
|
handle the case when some updaters are executed successfully and
|
|
some not.
|
|
items:
|
|
$ref: '#/definitions/VulnNamespaceTimestamp'
|
|
VulnNamespaceTimestamp:
|
|
type: object
|
|
properties:
|
|
namespace:
|
|
type: string
|
|
description: The namespace of the Vulnerability
|
|
last_update:
|
|
type: integer
|
|
description: >-
|
|
The UTC timestamp in miliseconds of last successful update for
|
|
vulnerability data.
|
|
SystemInfo:
|
|
type: object
|
|
properties:
|
|
storage:
|
|
type: array
|
|
description: The storage of system.
|
|
items:
|
|
$ref: '#/definitions/Storage'
|
|
LdapConf:
|
|
type: object
|
|
properties:
|
|
ldap_url:
|
|
type: string
|
|
description: The url of ldap service.
|
|
ldap_search_dn:
|
|
type: string
|
|
description: The search dn of ldap service.
|
|
ldap_search_password:
|
|
type: string
|
|
description: The search password of ldap service.
|
|
ldap_base_dn:
|
|
type: string
|
|
description: The base dn of ldap service.
|
|
ldap_filter:
|
|
type: string
|
|
description: The serach filter of ldap service.
|
|
ldap_uid:
|
|
type: string
|
|
description: The serach uid from ldap service attributes.
|
|
ldap_scope:
|
|
type: integer
|
|
format: int64
|
|
description: The serach scope of ldap service.
|
|
ldap_connection_timeout:
|
|
type: integer
|
|
format: int64
|
|
description: The connect timeout of ldap service(second).
|
|
LdapUsers:
|
|
type: object
|
|
properties:
|
|
ldap_username:
|
|
type: string
|
|
description: search ldap user name based on ldapconf.
|
|
ldap_realname:
|
|
type: string
|
|
description: >-
|
|
system will try to guess the user realname form "uid" or "cn"
|
|
attribute.
|
|
ldap_email:
|
|
type: string
|
|
description: >-
|
|
system will try to guess the user email address form "mail" or "email"
|
|
attribute.
|
|
LdapImportUsers:
|
|
type: object
|
|
properties:
|
|
ldap_uid_list:
|
|
type: array
|
|
description: selected uid list
|
|
items:
|
|
type: string
|
|
LdapFailedImportUsers:
|
|
type: object
|
|
properties:
|
|
ldap_uid:
|
|
type: string
|
|
description: the uid can't add to system.
|
|
error:
|
|
type: string
|
|
description: fail reason.
|
|
EmailServerSetting:
|
|
type: object
|
|
properties:
|
|
email_host:
|
|
type: string
|
|
description: The host of email server.
|
|
email_port:
|
|
type: integer
|
|
description: The port of email server.
|
|
email_username:
|
|
type: string
|
|
description: The username of email server.
|
|
email_password:
|
|
type: string
|
|
description: The password of email server.
|
|
email_ssl:
|
|
type: boolean
|
|
description: Use ssl/tls or not.
|
|
email_identity:
|
|
type: string
|
|
description: The dentity of email server.
|
|
RepoSignature:
|
|
type: object
|
|
properties:
|
|
tag:
|
|
type: string
|
|
description: The tag of image.
|
|
hashes:
|
|
type: object
|
|
description: The JSON object of the hash of the image.
|
|
DetailedTag:
|
|
type: object
|
|
properties:
|
|
digest:
|
|
type: string
|
|
description: The digest of the tag.
|
|
name:
|
|
type: string
|
|
description: The name of the tag.
|
|
size:
|
|
type: integer
|
|
description: The size of the image.
|
|
architecture:
|
|
type: string
|
|
description: The architecture of the image.
|
|
os:
|
|
type: string
|
|
description: The os of the image.
|
|
docker_version:
|
|
type: string
|
|
description: The version of docker which builds the image.
|
|
author:
|
|
type: string
|
|
description: The author of the image.
|
|
created:
|
|
type: string
|
|
description: The build time of the image.
|
|
signature:
|
|
type: object
|
|
description: >-
|
|
The signature of image, defined by RepoSignature. If it is null, the
|
|
image is unsigned.
|
|
scan_overview:
|
|
type: object
|
|
description: The overview of the scan result. This is an optional property.
|
|
properties:
|
|
digest:
|
|
type: string
|
|
description: The digest of the image.
|
|
scan_status:
|
|
type: string
|
|
description: >-
|
|
The status of the scan job, it can be "pendnig", "running",
|
|
"finished", "error".
|
|
job_id:
|
|
type: integer
|
|
description: The ID of the job on jobservice to scan the image.
|
|
severity:
|
|
type: integer
|
|
description: '0-Not scanned, 1-Negligible, 2-Unknown, 3-Low, 4-Medium, 5-High'
|
|
details_key:
|
|
type: string
|
|
description: >-
|
|
The top layer name of this image in Clair, this is for calling
|
|
Clair API to get the vulnerability list of this image.
|
|
components:
|
|
type: object
|
|
description: The components overview of the image.
|
|
properties:
|
|
total:
|
|
type: integer
|
|
description: Total number of the components in this image.
|
|
summary:
|
|
description: List of number of components of different severities.
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/ComponentOverviewEntry'
|
|
ComponentOverviewEntry:
|
|
type: object
|
|
properties:
|
|
severity:
|
|
type: integer
|
|
description: '1-None/Negligible, 2-Unknown, 3-Low, 4-Medium, 5-High'
|
|
count:
|
|
type: integer
|
|
description: number of the components with certain severity.
|
|
Repository:
|
|
type: object
|
|
properties:
|
|
id:
|
|
type: integer
|
|
description: The ID of repository.
|
|
name:
|
|
type: string
|
|
description: The name of repository.
|
|
project_id:
|
|
type: integer
|
|
description: The project ID of repository.
|
|
description:
|
|
type: string
|
|
description: The description of repository.
|
|
pull_count:
|
|
type: integer
|
|
description: The pull count of repository.
|
|
star_count:
|
|
type: integer
|
|
description: The star count of repository.
|
|
tags_count:
|
|
type: integer
|
|
description: The tags count of repository.
|
|
creation_time:
|
|
type: string
|
|
description: The creation time of repository.
|
|
update_time:
|
|
type: string
|
|
description: The update time of repository.
|
|
VulnerabilityItem:
|
|
type: object
|
|
properties:
|
|
id:
|
|
type: string
|
|
description: 'ID of the vulnerability, normally it is the CVE ID'
|
|
severity:
|
|
type: integer
|
|
description: '1-Negligible, 2-Unknown, 3-Low, 4-Medium, 5-High'
|
|
package:
|
|
type: string
|
|
description: The packge that introduces the vulnerability.
|
|
version:
|
|
type: string
|
|
description: The version of the package.
|
|
description:
|
|
type: string
|
|
description: The description of the vulnerability.
|
|
fixedVersion:
|
|
type: string
|
|
description: >-
|
|
The version which the vulnerability is fixed, this is an optional
|
|
property.
|
|
Configurations:
|
|
type: object
|
|
properties:
|
|
auth_mode:
|
|
type: string
|
|
description: The auth mode of current system, such as "db_auth", "ldap_auth"
|
|
email_from:
|
|
type: string
|
|
description: The sender name for Email notification.
|
|
email_host:
|
|
type: string
|
|
description: The hostname of SMTP server that sends Email notification.
|
|
email_port:
|
|
type: integer
|
|
description: The port of SMTP server.
|
|
email_identity:
|
|
type: string
|
|
description: By default it's empty so the email_username is picked.
|
|
email_username:
|
|
type: string
|
|
description: The username for authenticate against SMTP server.
|
|
email_ssl:
|
|
type: boolean
|
|
description: When it's set to true the system will access Email server via TLS by default. If it's set to false, it still will handle "STARTTLS" from server side.
|
|
email_insecure:
|
|
type: boolean
|
|
description: Whether or not the certificate will be verified when Harbor tries to access the email server.
|
|
ldap_url:
|
|
type: string
|
|
description: The URL of LDAP server.
|
|
ldap_base_dn:
|
|
type: string
|
|
description: The Base DN for LDAP binding.
|
|
ldap_filter:
|
|
type: string
|
|
description: The filter for LDAP binding.
|
|
ldap_scope:
|
|
type: integer
|
|
description: 1-LDAP_SCOPE_BASE, 2-LDAP_SCOPE_ONELEVEL, 3-LDAP_SCOPE_SUBTREE
|
|
ldap_uid:
|
|
type: string
|
|
description: The attribute which is used as identity for the LDAP binding, such as "CN" or "SAMAccountname"
|
|
ldap_search_dn:
|
|
type: string
|
|
description: The DN of the user to do the search.
|
|
ldap_timeout:
|
|
type: integer
|
|
description: timeout in seconds for connection to LDAP server.
|
|
project_creation_restriction:
|
|
type: string
|
|
description: This attribute restricts what users have the permission to create project. It can be "everyone" or "adminonly".
|
|
self_registration:
|
|
type: boolean
|
|
description: Whether the Harbor instance supports self-registration. If it's set to false, admin need to add user to the instance.
|
|
token_expiration:
|
|
type: integer
|
|
description: The expiration time of the token for internal Registry, in minutes.
|
|
verify_remote_cert:
|
|
type: boolean
|
|
description: Whether or not the certificate will be verified when Harbor tries to access a remote Harbor instance for replication.
|
|
scan_all_policy:
|
|
type: object
|
|
properties:
|
|
type:
|
|
type: string
|
|
description: The type of scan all policy, currently the valid values are "none" and "daily"
|
|
parameter:
|
|
type: object
|
|
properties:
|
|
daily_time:
|
|
type: integer
|
|
description: The offest in seconds of UTC 0 o'clock, only valid when the policy type is "daily"
|
|
description: The parameters of the policy, the values are dependant on the type of the policy.
|
|
|
|
|
|
|