Upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor.git synced 2024-11-04 17:49:48 +01:00
Code Issues Projects Releases Wiki Activity
5df1542c22
harbor/docs/swagger.yaml
Yan 8d3946a0e2
Refactor scan all api (#7120) 
* Refactor scan all api

This commit is to let scan all api using admin job to handle schedule
management. After the PR, GC and scan all share unified code path.

Signed-off-by: wang yan <wangyan@vmware.com>

* update admin job api code according to review comments

Signed-off-by: wang yan <wangyan@vmware.com>

* Update test code and comments per review

Signed-off-by: wang yan <wangyan@vmware.com>
2019-03-22 17:52:21 +08:00

4879 lines
150 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

swagger: '2.0'
info:
title: Harbor API
description: These APIs provide services for manipulating Harbor project.
version: 1.7.0
host: localhost
schemes:
- http
- https
basePath: /api
produces:
- application/json
- text/plain
consumes:
- application/json
securityDefinitions:
basicAuth:
type: basic
security:
- basicAuth: []
paths:
/health:
get:
summary: 'Health check API'
description: |
The endpoint returns the health stauts of the system.
tags:
- Products
responses:
'200':
description: The system health status.
schema:
$ref: '#/definitions/OverallHealthStatus'
/search:
get:
summary: 'Search for projects, repositories and helm charts'
description: |
The Search endpoint returns information about the projects ,repositories and helm charts offered at public status or related to the current logged in user. The response includes the project, repository list and charts in a proper display order.
parameters:
- name: q
in: query
description: Search parameter for project and repository name.
required: true
type: string
tags:
- Products
responses:
'200':
description: An array of search results
schema:
type: array
items:
$ref: '#/definitions/Search'
'500':
description: Unexpected internal errors.
/projects:
get:
summary: List projects
description: |
This endpoint returns all projects created by Harbor, and can be filtered by project name.
parameters:
- name: name
in: query
description: The name of project.
required: false
type: string
- name: public
in: query
description: The project is public or private.
required: false
type: boolean
format: int32
- name: owner
in: query
description: The name of project owner.
required: false
type: string
- name: page
in: query
type: integer
format: int32
required: false
description: 'The page nubmer, default is 1.'
- name: page_size
in: query
type: integer
format: int32
required: false
description: 'The size of per page, default is 10, maximum is 100.'
tags:
- Products
responses:
'200':
description: Return all matched projects.
schema:
type: array
items:
$ref: '#/definitions/Project'
headers:
X-Total-Count:
description: The total count of projects
type: integer
Link:
description: Link refers to the previous page and next page
type: string
'401':
description: User need to log in first.
'500':
description: Internal errors.
head:
summary: Check if the project name user provided already exists.
description: |
This endpoint is used to check if the project name user provided already exist.
parameters:
- name: project_name
in: query
description: Project name for checking exists.
required: true
type: string
tags:
- Products
responses:
'200':
description: Project name exists.
'401':
description: User need to log in first.
'404':
description: Project name does not exist.
'500':
description: Unexpected internal errors.
post:
summary: Create a new project.
description: |
This endpoint is for user to create a new project.
parameters:
- name: project
in: body
description: New created project.
required: true
schema:
$ref: '#/definitions/ProjectReq'
tags:
- Products
responses:
'201':
description: Project created successfully.
'400':
description: Unsatisfied with constraints of the project creation.
'401':
description: User need to log in first.
'409':
description: Project name already exists.
'415':
$ref: '#/responses/UnsupportedMediaType'
'500':
description: Unexpected internal errors.
'/projects/{project_id}':
get:
summary: Return specific project detail information
description: |
This endpoint returns specific project information by project ID.
parameters:
- name: project_id
in: path
description: Project ID for filtering results.
required: true
type: integer
format: int64
tags:
- Products
responses:
'200':
description: Return matched project information.
schema:
$ref: '#/definitions/Project'
'401':
description: User need to log in first.
'500':
description: Internal errors.
put:
summary: Update properties for a selected project.
description: |
This endpoint is aimed to update the properties of a project.
parameters:
- name: project_id
in: path
type: integer
format: int64
required: true
description: Selected project ID.
- name: project
in: body
required: true
schema:
$ref: '#/definitions/ProjectReq'
description: Updates of project.
tags:
- Products
responses:
'200':
description: Updated project properties successfully.
'400':
description: Illegal format of provided ID value.
'401':
description: User need to log in first.
'403':
description: User does not have permission to the project.
'404':
description: Project ID does not exist.
'500':
description: Unexpected internal errors.
delete:
summary: Delete project by projectID
description: |
This endpoint is aimed to delete project by project ID.
parameters:
- name: project_id
in: path
description: Project ID of project which will be deleted.
required: true
type: integer
format: int64
tags:
- Products
responses:
'200':
description: Project is deleted successfully.
'400':
description: Invalid project id.
'403':
description: User need to log in first.
'404':
description: Project does not exist.
'412':
description: 'Project contains policies, can not be deleted.'
'500':
description: Internal errors.
'/projects/{project_id}/logs':
get:
summary: Get access logs accompany with a relevant project.
description: |
This endpoint let user search access logs filtered by operations and date time ranges.
parameters:
- name: project_id
in: path
type: integer
format: int64
required: true
description: Relevant project ID
- name: username
in: query
type: string
required: false
description: Username of the operator.
- name: repository
in: query
type: string
required: false
description: The name of repository
- name: tag
in: query
type: string
required: false
description: The name of tag
- name: operation
in: query
type: string
required: false
description: The operation
- name: begin_timestamp
in: query
type: string
required: false
description: The begin timestamp
- name: end_timestamp
in: query
type: string
required: false
description: The end timestamp
- name: page
in: query
type: integer
format: int32
required: false
description: 'The page nubmer, default is 1.'
- name: page_size
in: query
type: integer
format: int32
required: false
description: 'The size of per page, default is 10, maximum is 100.'
tags:
- Products
responses:
'200':
description: Get access log successfully.
schema:
type: array
items:
$ref: '#/definitions/AccessLog'
headers:
X-Total-Count:
description: The total count of access logs
type: integer
Link:
description: Link refers to the previous page and next page
type: string
'400':
description: Illegal format of provided ID value.
'401':
description: User need to log in first.
'500':
description: Unexpected internal errors.
'/projects/{project_id}/metadatas':
get:
summary: Get project metadata.
description: |
This endpoint returns metadata of the project specified by project ID.
parameters:
- name: project_id
in: path
description: The ID of project.
required: true
type: integer
format: int64
tags:
- Products
responses:
'200':
description: Get metadata successfully.
schema:
$ref: '#/definitions/ProjectMetadata'
'401':
description: User need to login first.
'500':
description: Internal server errors.
post:
summary: Add metadata for the project.
description: |
This endpoint is aimed to add metadata of a project.
parameters:
- name: project_id
in: path
type: integer
format: int64
required: true
description: Selected project ID.
- name: metadata
in: body
required: true
schema:
$ref: '#/definitions/ProjectMetadata'
description: The metadata of project.
tags:
- Products
responses:
'200':
description: Add metadata successfully.
'400':
description: Invalid request.
'401':
description: User need to log in first.
'403':
description: User does not have permission to the project.
'404':
description: Project ID does not exist.
'415':
$ref: '#/responses/UnsupportedMediaType'
'500':
description: Internal server errors.
'/projects/{project_id}/metadatas/{meta_name}':
get:
summary: Get project metadata
description: |
This endpoint returns specified metadata of a project.
parameters:
- name: project_id
in: path
description: Project ID for filtering results.
required: true
type: integer
format: int64
- name: meta_name
in: path
description: The name of metadat.
required: true
type: string
tags:
- Products
responses:
'200':
description: Get metadata successfully.
schema:
$ref: '#/definitions/ProjectMetadata'
'401':
description: User need to log in first.
'500':
description: Internal server errors.
put:
summary: Update metadata of a project.
description: |
This endpoint is aimed to update the metadata of a project.
parameters:
- name: project_id
in: path
type: integer
format: int64
required: true
description: The ID of project.
- name: meta_name
in: path
description: The name of metadat.
required: true
type: string
tags:
- Products
responses:
'200':
description: Updated metadata successfully.
'400':
description: Invalid request.
'401':
description: User need to log in first.
'403':
description: User does not have permission to the project.
'404':
description: Project or metadata does not exist.
'500':
description: Internal server errors.
delete:
summary: Delete metadata of a project
description: |
This endpoint is aimed to delete metadata of a project.
parameters:
- name: project_id
in: path
description: The ID of project.
required: true
type: integer
format: int64
- name: meta_name
in: path
description: The name of metadat.
required: true
type: string
tags:
- Products
responses:
'200':
description: Metadata is deleted successfully.
'400':
description: Invalid requst.
'403':
description: User need to log in first.
'404':
description: Project or metadata does not exist.
'500':
description: Internal server errors.
'/projects/{project_id}/members':
get:
summary: Get all project member information
description: Get all project member information
parameters:
- name: project_id
in: path
type: integer
format: int64
required: true
description: Relevant project ID.
- name: entityname
in: query
type: string
description: The entity name to search.
tags:
- Products
responses:
'200':
description: Get project members successfully.
schema:
type: array
items:
$ref: '#/definitions/ProjectMemberEntity'
'400':
description: The project id is invalid.
'401':
description: User need to log in first.
'403':
description: User in session does not have permission to the project.
'404':
description: Project ID does not exist.
'500':
description: Unexpected internal errors.
post:
summary: Create project member
description: 'Create project member relationship, the member can be one of the user_member and group_member, The user_member need to specify user_id or username. If the user already exist in harbor DB, specify the user_id, If does not exist in harbor DB, it will SearchAndOnBoard the user. The group_member need to specify id or ldap_group_dn. If the group already exist in harbor DB. specify the user group''s id, If does not exist, it will SearchAndOnBoard the group. '
tags:
- Products
parameters:
- name: project_id
in: path
type: integer
format: int64
required: true
description: Relevant project ID.
- name: project_member
in: body
schema:
$ref: '#/definitions/ProjectMember'
responses:
'201':
description: Project member created successfully.
'400':
description: 'Illegal format of project member or project id is invalid, or LDAP DN is invalid.'
'401':
description: User need to log in first.
'403':
description: User in session does not have permission to the project.
'404':
description: 'Project does not exist, or the username does not found, or the user group does not found.'
'409':
description: An LDAP user group with same DN already exist.
'500':
description: Unexpected internal errors.
'/projects/{project_id}/members/{mid}':
get:
summary: Get the project member information
description: Get the project member information
tags:
- Products
parameters:
- name: project_id
in: path
type: integer
format: int64
required: true
description: Relevant project ID.
- name: mid
in: path
type: integer
format: int64
required: true
description: The member ID
responses:
'200':
description: Project member retrieved successfully.
schema:
$ref: '#/definitions/ProjectMemberEntity'
'400':
description: 'Illegal format of project member or invalid project id, member id.'
'401':
description: User need to log in first.
'403':
description: User in session does not have permission to the project.
'404':
description: Project or projet member does not exist.
'500':
description: Unexpected internal errors.
put:
summary: Update project member
description: Update project member relationship
tags:
- Products
parameters:
- name: project_id
in: path
type: integer
format: int64
required: true
description: Relevant project ID.
- name: mid
in: path
type: integer
format: int64
required: true
description: Member ID.
- name: role
in: body
schema:
$ref: '#/definitions/RoleRequest'
responses:
'200':
description: Project member updated successfully.
'400':
description: 'Invalid role id, it should be 1,2 or 3, or invalid project id, or invalid member id.'
'401':
description: User need to log in first.
'403':
description: User in session does not have permission to the project.
'404':
description: project or project member does not exist.
'500':
description: Unexpected internal errors.
delete:
summary: Delete project member
tags:
- Products
parameters:
- name: project_id
in: path
type: integer
format: int64
required: true
description: Relevant project ID.
- name: mid
in: path
type: integer
format: int64
required: true
description: Member ID.
responses:
'200':
description: Project member deleted successfully.
'400':
description: The project id or project member id is invalid.
'401':
description: User need to log in first.
'403':
description: User in session does not have permission to the project.
'500':
description: Unexpected internal errors.
/statistics:
get:
summary: Get projects number and repositories number relevant to the user
description: |
This endpoint is aimed to statistic all of the projects number and repositories number relevant to the logined user, also the public projects number and repositories number. If the user is admin, he can also get total projects number and total repositories number.
tags:
- Products
responses:
'200':
description: Get the projects number and repositories number relevant to the user successfully.
schema:
$ref: '#/definitions/StatisticMap'
'401':
description: User need to log in first.
'500':
description: Unexpected internal errors.
/users:
get:
summary: Get registered users of Harbor.
description: |
This endpoint is for user to search registered users, support for filtering results with username.Notice, by now this operation is only for administrator.
parameters:
- name: username
in: query
type: string
required: false
description: Username for filtering results.
- name: email
in: query
type: string
required: false
description: Email for filtering results.
- name: page
in: query
type: integer
format: int32
required: false
description: 'The page nubmer, default is 1.'
- name: page_size
in: query
type: integer
format: int32
required: false
description: The size of per page.
tags:
- Products
responses:
'200':
description: Searched for users of Harbor successfully.
schema:
type: array
items:
$ref: '#/definitions/User'
'400':
description: Invalid user ID.
'401':
description: User need to log in first.
'403':
description: User does not have permission of admin role.
'500':
description: Unexpected internal errors.
post:
summary: Creates a new user account.
description: |
This endpoint is to create a user if the user does not already exist.
parameters:
- name: user
in: body
description: New created user.
required: true
schema:
$ref: '#/definitions/User'
tags:
- Products
responses:
'201':
description: User created successfully.
'400':
description: Unsatisfied with constraints of the user creation.
'403':
description: User registration can only be used by admin role user when self-registration is off.
'415':
$ref: '#/responses/UnsupportedMediaType'
'500':
description: Unexpected internal errors.
/users/current:
get:
summary: Get current user info.
description: |
This endpoint is to get the current user information.
tags:
- Products
responses:
'200':
description: Get current user information successfully.
schema:
$ref: '#/definitions/User'
'401':
description: User need to log in first.
/users/current/permissions:
get:
summary: Get current user permissions.
description: |
This endpoint is to get the current user permissions.
parameters:
- name: scope
in: query
type: string
required: false
description: Get permissions of the scope
- name: relative
in: query
type: boolean
required: false
description: |
If true, the resources in the response are relative to the scope,
eg for resource '/project/1/repository' if relative is 'true' then the resource in response will be 'repository'.
tags:
- Products
responses:
'200':
description: Get current user permission successfully.
schema:
type: array
items:
$ref: '#/definitions/Permission'
'401':
description: User need to log in first.
'500':
description: Internal errors.
/users/search:
get:
summary: Search users by username, email
description: |
This endpoint is to search the users by username, email.
parameters:
- name: username
in: query
type: string
required: false
description: Username for filtering results.
- name: email
in: query
type: string
required: false
description: Email for filtering results.
- name: page
in: query
type: integer
format: int32
required: false
description: 'The page nubmer, default is 1.'
- name: page_size
in: query
type: integer
format: int32
required: false
description: The size of per page.
tags:
- Products
responses:
'200':
description: Search users by username, email successfully.
schema:
type: array
items:
$ref: '#/definitions/UserSearch'
'500':
description: Unexpected internal errors.
'/users/{user_id}':
get:
summary: Get a user's profile.
description: |
Get user's profile with user id.
parameters:
- name: user_id
in: path
type: integer
format: int
required: true
description: Registered user ID
tags:
- Products
responses:
'200':
description: Get user's profile successfully.
schema:
$ref: '#/definitions/User'
'400':
description: Invalid user ID.
'401':
description: User need to log in first.
'403':
description: User does not have permission of admin role.
'404':
description: User ID does not exist.
'500':
description: Unexpected internal errors.
put:
summary: Update a registered user to change his profile.
description: |
This endpoint let a registered user change his profile.
parameters:
- name: user_id
in: path
type: integer
format: int
required: true
description: Registered user ID
- name: profile
in: body
description: 'Only email, realname and comment can be modified.'
required: true
schema:
$ref: '#/definitions/UserProfile'
tags:
- Products
responses:
'200':
description: Updated user's profile successfully.
'400':
description: Invalid user ID.
'401':
description: User need to log in first.
'403':
description: User does not have permission of admin role.
'404':
description: User ID does not exist.
'500':
description: Unexpected internal errors.
delete:
summary: Mark a registered user as be removed.
description: |
This endpoint let administrator of Harbor mark a registered user as
be removed.It actually won't be deleted from DB.
parameters:
- name: user_id
in: path
type: integer
format: int
required: true
description: User ID for marking as to be removed.
tags:
- Products
responses:
'200':
description: Marked user as be removed successfully.
'400':
description: Invalid user ID.
'401':
description: User need to log in first.
'403':
description: User does not have permission of admin role.
'404':
description: User ID does not exist.
'500':
description: Unexpected internal errors.
'/users/{user_id}/password':
put:
summary: Change the password on a user that already exists.
description: |
This endpoint is for user to update password. Users with the admin role can change any user's password. Guest users can change only their own password.
parameters:
- name: user_id
in: path
type: integer
format: int
required: true
description: Registered user ID.
- name: password
in: body
description: Password to be updated, the attribute 'old_password' is optional when the API is called by the system administrator.
required: true
schema:
$ref: '#/definitions/Password'
tags:
- Products
responses:
'200':
description: Updated password successfully.
'400':
description: Invalid user ID; Old password is blank; New password is blank.
'401':
description: Don't have authority to change password. Please check login status.
'403':
description: The caller does not have permission to update the password of the user with given ID, or the old password in request body is not correct.
'500':
description: Unexpected internal errors.
'/users/{user_id}/sysadmin':
put:
summary: Update a registered user to change to be an administrator of Harbor.
description: |
This endpoint let a registered user change to be an administrator
of Harbor.
parameters:
- name: user_id
in: path
type: integer
format: int
required: true
description: Registered user ID
- name: has_admin_role
in: body
description: Toggle a user to admin or not.
required: true
schema:
$ref: '#/definitions/HasAdminRole'
tags:
- Products
responses:
'200':
description: Updated user's admin role successfully.
'400':
description: Invalid user ID.
'401':
description: User need to log in first.
'403':
description: User does not have permission of admin role.
'404':
description: User ID does not exist.
'500':
description: Unexpected internal errors.
/repositories:
get:
summary: Get repositories accompany with relevant project and repo name.
description: |
This endpoint lets user search repositories accompanying with relevant project ID and repo name. Repositories can be sorted by repo name, creation_time, update_time in either ascending or descending order.
parameters:
- name: project_id
in: query
type: integer
format: int32
required: true
description: Relevant project ID.
- name: q
in: query
type: string
required: false
description: Repo name for filtering results.
- name: sort
in: query
type: string
required: false
description: |
Sort method, valid values include: 'name', '-name', 'creation_time', '-creation_time', 'update_time', '-update_time'. Here '-' stands for descending order.
- name: label_id
in: query
type: integer
required: false
description: The ID of label used to filter the result.
- name: page
in: query
type: integer
format: int32
required: false
description: 'The page nubmer, default is 1.'
- name: page_size
in: query
type: integer
format: int32
required: false
description: 'The size of per page, default is 10, maximum is 100.'
tags:
- Products
responses:
'200':
description: Get repositories successfully.
schema:
type: array
items:
$ref: '#/definitions/Repository'
headers:
X-Total-Count:
description: The total count of repositories
type: integer
Link:
description: Link refers to the previous page and next page
type: string
'400':
description: Invalid project ID.
'403':
description: Project is not public or current user is irrelevant to the repository.
'404':
description: Project ID does not exist.
'500':
description: Unexpected internal errors.
'/repositories/{repo_name}':
delete:
summary: Delete a repository.
description: |
This endpoint let user delete a repository with name.
parameters:
- name: repo_name
in: path
type: string
required: true
description: The name of repository which will be deleted.
tags:
- Products
responses:
'200':
description: Delete successfully.
'400':
description: Invalid repo_name.
'401':
description: Unauthorized.
'403':
description: Forbidden.
'404':
description: Repository not found.
put:
summary: Update description of the repository.
description: |
This endpoint is used to update description of the repository.
parameters:
- name: repo_name
in: path
type: string
required: true
description: The name of repository which will be deleted.
- name: description
in: body
description: The description of the repository.
required: true
schema:
$ref: '#/definitions/RepositoryDescription'
tags:
- Products
responses:
'200':
description: Update successfully.
'401':
description: Unauthorized.
'403':
description: Forbidden.
'404':
description: Repository not found.
'/repositories/{repo_name}/labels':
get:
summary: Get labels of a repository.
description: |
Get labels of a repository specified by the repo_name.
parameters:
- name: repo_name
in: path
type: string
required: true
description: The name of repository.
tags:
- Products
responses:
'200':
description: Successfully.
schema:
type: array
items:
$ref: '#/definitions/Label'
'401':
description: Unauthorized.
'403':
description: Forbidden. User should have read permisson for the repository to perform the action.
'404':
description: Repository not found.
post:
summary: Add a label to the repository.
description: |
Add a label to the repository.
parameters:
- name: repo_name
in: path
type: string
required: true
description: The name of repository.
- name: label
in: body
description: Only the ID property is required.
required: true
schema:
$ref: '#/definitions/Label'
tags:
- Products
responses:
'200':
description: Successfully.
'401':
description: Unauthorized.
'403':
description: Forbidden. User should have write permisson for the repository to perform the action.
'404':
description: Resource not found.
'/repositories/{repo_name}/labels/{label_id}':
delete:
summary: Delete label from the repository.
description: |
Delete the label from the repository specified by the repo_name.
parameters:
- name: repo_name
in: path
type: string
required: true
description: The name of repository.
- name: label_id
in: path
type: integer
required: true
description: The ID of label.
tags:
- Products
responses:
'200':
description: Successfully.
'401':
description: Unauthorized.
'403':
description: Forbidden. User should have write permisson for the repository to perform the action.
'404':
description: Resource not found.
'/repositories/{repo_name}/tags/{tag}':
get:
summary: Get the tag of the repository.
description: |
This endpoint aims to retrieve the tag of the repository. If deployed with Notary, the signature property of response represents whether the image is singed or not. If the property is null, the image is unsigned.
parameters:
- name: repo_name
in: path
type: string
required: true
description: Relevant repository name.
- name: tag
in: path
type: string
required: true
description: Tag of the repository.
tags:
- Products
responses:
'200':
description: Get tag successfully.
schema:
$ref: '#/definitions/DetailedTag'
'500':
description: Unexpected internal errors.
delete:
summary: Delete a tag in a repository.
description: |
This endpoint let user delete tags with repo name and tag.
parameters:
- name: repo_name
in: path
type: string
required: true
description: The name of repository which will be deleted.
- name: tag
in: path
type: string
required: true
description: Tag of a repository.
tags:
- Products
responses:
'200':
description: Delete tag successfully.
'400':
description: Invalid repo_name.
'401':
description: Unauthorized.
'403':
description: Forbidden.
'404':
description: Repository or tag not found.
'/repositories/{repo_name}/tags':
get:
summary: Get tags of a relevant repository.
description: |
This endpoint aims to retrieve tags from a relevant repository. If deployed with Notary, the signature property of response represents whether the image is singed or not. If the property is null, the image is unsigned.
parameters:
- name: repo_name
in: path
type: string
required: true
description: Relevant repository name.
- name: label_ids
in: query
type: string
required: false
description: A list of comma separated label IDs.
tags:
- Products
responses:
'200':
description: Get tags successfully.
schema:
type: array
items:
$ref: '#/definitions/DetailedTag'
'500':
description: Unexpected internal errors.
post:
summary: Retag an image
description: >
This endpoint tags an existing image with another tag in this repo, source images
can be in different repos or projects.
parameters:
- name: repo_name
in: path
type: string
required: true
description: Relevant repository name.
- name: request
in: body
description: Request to give source image and target tag.
required: true
schema:
$ref: '#/definitions/RetagReq'
tags:
- Products
responses:
'200':
description: Image retag successfully.
'400':
description: Invalid image values provided.
'401':
description: User has no permission to the source project or destination project.
'404':
description: Project or repository not found.
'409':
description: Target tag already exists.
'500':
description: Unexpected internal errors.
'/repositories/{repo_name}/tags/{tag}/labels':
get:
summary: Get labels of an image.
description: |
Get labels of an image specified by the repo_name and tag.
parameters:
- name: repo_name
in: path
type: string
required: true
description: The name of repository.
- name: tag
in: path
type: string
required: true
description: The tag of the image.
tags:
- Products
responses:
'200':
description: Successfully.
schema:
type: array
items:
$ref: '#/definitions/Label'
'401':
description: Unauthorized.
'403':
description: Forbidden. User should have read permisson for the image to perform the action.
'404':
description: Resource not found.
post:
summary: Add a label to image.
description: |
Add a label to the image.
parameters:
- name: repo_name
in: path
type: string
required: true
description: The name of repository.
- name: tag
in: path
type: string
required: true
description: The tag of the image.
- name: label
in: body
description: Only the ID property is required.
required: true
schema:
$ref: '#/definitions/Label'
tags:
- Products
responses:
'200':
description: Successfully.
'401':
description: Unauthorized.
'403':
description: Forbidden. User should have write permisson for the image to perform the action.
'404':
description: Resource not found.
'/repositories/{repo_name}/tags/{tag}/labels/{label_id}':
delete:
summary: Delete label from the image.
description: |
Delete the label from the image specified by the repo_name and tag.
parameters:
- name: repo_name
in: path
type: string
required: true
description: The name of repository.
- name: tag
in: path
type: string
required: true
description: The tag of the image.
- name: label_id
in: path
type: integer
required: true
description: The ID of label.
tags:
- Products
responses:
'200':
description: Successfully.
'401':
description: Unauthorized.
'403':
description: Forbidden. User should have write permisson for the image to perform the action.
'404':
description: Resource not found.
'/repositories/{repo_name}/tags/{tag}/manifest':
get:
summary: Get manifests of a relevant repository.
description: |
This endpoint aims to retreive manifests from a relevant repository.
parameters:
- name: repo_name
in: path
type: string
required: true
description: Repository name
- name: tag
in: path
type: string
required: true
description: Tag name
- name: version
in: query
type: string
required: false
description: 'The version of manifest, valid value are "v1" and "v2", default is "v2"'
tags:
- Products
responses:
'200':
description: Retrieved manifests from a relevant repository successfully.
schema:
$ref: '#/definitions/Manifest'
'404':
description: Retrieved manifests from a relevant repository not found.
'500':
description: Unexpected internal errors.
'/repositories/{repo_name}/tags/{tag}/scan':
post:
summary: Scan the image.
description: |
Trigger jobservice to call Clair API to scan the image identified by the repo_name and tag. Only project admins have permission to scan images under the project.
parameters:
- name: repo_name
in: path
type: string
required: true
description: Repository name
- name: tag
in: path
type: string
required: true
description: Tag name
tags:
- Products
responses:
'200':
description: Successfully created the job to scan image.
'401':
description: User needs to login or call the API with correct credentials.
'403':
description: User doesn't have permission to perform the action.
'404':
description: The image does not exist in Harbor.
'415':
$ref: '#/responses/UnsupportedMediaType'
'503':
description: Harbor is not deployed with Clair.
'/repositories/{repo_name}/tags/{tag}/vulnerability/details':
get:
summary: Get vulnerability details of the image.
description: |
Call Clair API to get the vulnerability based on the previous successful scan.
parameters:
- name: repo_name
in: path
type: string
required: true
description: Repository name
- name: tag
in: path
type: string
required: true
description: Tag name
tags:
- Products
responses:
'200':
description: Successfully retrieved the vulnerabilities.
schema:
type: array
items:
$ref: '#/definitions/VulnerabilityItem'
'401':
description: User needs to login or call the API with correct credentials.
'403':
description: User doesn't have permission to perform the action.
'404':
description: The image does not exist in Harbor.
'503':
description: Harbor is not deployed with Clair.
'/repositories/{repo_name}/signatures':
get:
summary: Get signature information of a repository
description: |
This endpoint aims to retrieve signature information of a repository, the data is
from the nested notary instance of Harbor.
If the repository does not have any signature information in notary, this API will
return an empty list with response code 200, instead of 404
parameters:
- name: repo_name
in: path
type: string
required: true
description: repository name.
tags:
- Products
responses:
'200':
description: Retrieved signatures.
schema:
type: array
items:
$ref: '#/definitions/RepoSignature'
'500':
description: Server side error.
/repositories/top:
get:
summary: Get public repositories which are accessed most.
description: |
This endpoint aims to let users see the most popular public repositories
parameters:
- name: count
in: query
type: integer
format: int32
required: false
description: 'The number of the requested public repositories, default is 10 if not provided.'
tags:
- Products
responses:
'200':
description: Get popular repositories successfully.
schema:
type: array
items:
$ref: '#/definitions/Repository'
'400':
description: Bad request because of invalid count.
'500':
description: Unexpected internal errors.
/logs:
get:
summary: Get recent logs of the projects which the user is a member of
description: |
This endpoint let user see the recent operation logs of the projects which he is member of
parameters:
- name: username
in: query
type: string
required: false
description: Username of the operator.
- name: repository
in: query
type: string
required: false
description: The name of repository
- name: tag
in: query
type: string
required: false
description: The name of tag
- name: operation
in: query
type: string
required: false
description: The operation
- name: begin_timestamp
in: query
type: string
required: false
description: The begin timestamp
- name: end_timestamp
in: query
type: string
required: false
description: The end timestamp
- name: page
in: query
type: integer
format: int32
required: false
description: 'The page nubmer, default is 1.'
- name: page_size
in: query
type: integer
format: int32
required: false
description: 'The size of per page, default is 10, maximum is 100.'
tags:
- Products
responses:
'200':
description: Get the required logs successfully.
schema:
type: array
items:
$ref: '#/definitions/AccessLog'
'400':
description: Bad request because of invalid parameters.
'401':
description: User need to login first.
'500':
description: Unexpected internal errors.
/jobs/replication:
get:
summary: List filters jobs according to the policy and repository
description: |
This endpoint let user list filters jobs according to the policy and repository. (if start_time and end_time are both null, list jobs of last 10 days)
tags:
- Products
parameters:
- name: policy_id
in: query
type: integer
format: int
required: true
description: The ID of the policy that triggered this job.
- name: op_uuid
in: query
type: string
required: false
description: The UUID of one trigger of replication policy.
- name: num
in: query
type: integer
format: int32
required: false
description: The return list length number.
- name: end_time
in: query
type: integer
format: int64
required: false
description: The end time of jobs done. (Timestamp)
- name: start_time
in: query
type: integer
format: int64
required: false
description: The start time of jobs. (Timestamp)
- name: repository
in: query
type: string
required: false
description: The respond jobs list filter by repository name.
- name: status
in: query
type: string
required: false
description: The respond jobs list filter by status.
- name: page
in: query
type: integer
format: int32
required: false
description: 'The page nubmer, default is 1.'
- name: page_size
in: query
type: integer
format: int32
required: false
description: 'The size of per page, default is 10, maximum is 100.'
responses:
'200':
description: Get the required logs successfully.
schema:
type: array
items:
$ref: '#/definitions/JobStatus'
headers:
X-Total-Count:
description: The total count of jobs
type: integer
Link:
description: Link refers to the previous page and next page
type: string
'400':
description: Bad request because of invalid parameters.
'401':
description: User need to login first.
'500':
description: Unexpected internal errors.
put:
summary: Update status of jobs. Only stop is supported for now.
description: |
The endpoint is used to stop the replication jobs of a policy.
tags:
- Products
parameters:
- name: policyinfo
in: body
description: The policy ID and status.
required: true
schema:
$ref: '#/definitions/UpdateJobs'
responses:
'200':
description: Update the status successfully.
'400':
description: Bad request because of invalid parameters.
'401':
description: User need to login first.
'403':
description: User has no privilege for the operation.
'404':
description: Resource requested does not exist.
'500':
description: Unexpected internal errors.
'/jobs/replication/{id}':
delete:
summary: Delete specific ID job.
description: |
This endpoint is aimed to remove specific ID job from jobservice.
parameters:
- name: id
in: path
type: integer
format: int64
required: true
description: Delete job ID.
tags:
- Products
responses:
'200':
description: Job deleted successfully.
'400':
description: Job ID is invalid or can't remove this job.
'401':
description: Only admin has this authority.
'404':
description: Project ID does not exist.
'500':
description: Unexpected internal errors.
'/jobs/replication/{id}/log':
get:
summary: Get job logs.
description: |
This endpoint let user search job logs filtered by specific ID.
parameters:
- name: id
in: path
type: integer
format: int64
required: true
description: Relevant job ID
tags:
- Products
responses:
'200':
description: Get job log successfully.
'400':
description: Illegal format of provided ID value.
'401':
description: User need to log in first.
'404':
description: The specific repository ID's log does not exist.
'500':
description: Unexpected internal errors.
'/jobs/scan/{id}/log':
get:
summary: Get job logs.
description: |
This endpoint let user get scan job logs filtered by specific ID.
parameters:
- name: id
in: path
type: integer
format: int64
required: true
description: Relevant job ID
tags:
- Products
responses:
'200':
description: Get job log successfully.
'400':
description: Illegal format of provided ID value.
'401':
description: User need to log in first.
'404':
description: The specific repository ID's log does not exist.
'500':
description: Unexpected internal errors.
/policies/replication:
get:
summary: List filters policies by name and project_id
description: |
This endpoint let user list filters policies by name and project_id, if name and project_id are nil, list returns all policies
parameters:
- name: name
in: query
type: string
required: false
description: The replication's policy name.
- name: project_id
in: query
type: integer
format: int64
required: false
description: Relevant project ID.
- name: page
in: query
type: integer
format: int32
required: false
description: The page nubmer.
- name: page_size
in: query
type: integer
format: int32
required: false
description: The size of per page.
tags:
- Products
responses:
'200':
description: Get policy successfully.
schema:
type: array
items:
$ref: '#/definitions/RepPolicy'
'400':
description: Invalid project ID.
'401':
description: User need to log in first.
'500':
description: Unexpected internal errors.
post:
summary: Post creates a policy
description: |
This endpoint let user creates a policy, and if it is enabled, the replication will be triggered right now.
parameters:
- name: policyinfo
in: body
description: Create new policy.
required: true
schema:
$ref: '#/definitions/RepPolicy'
tags:
- Products
responses:
'201':
description: Create policy successfully.
'400':
description: Invalid project ID or target ID.
'401':
description: User need to log in first.
'409':
description: Policy name already used or policy already exists with the same project and target.
'415':
$ref: '#/responses/UnsupportedMediaType'
'500':
description: Unexpected internal errors.
'/policies/replication/{id}':
get:
summary: Get replication policy.
description: |
This endpoint let user search replication policy by specific ID.
parameters:
- name: id
in: path
type: integer
format: int64
required: true
description: policy ID
tags:
- Products
responses:
'200':
description: Get job policy successfully.
schema:
$ref: '#/definitions/RepPolicy'
'401':
description: User need to log in first.
'404':
description: The specific repository ID's policy does not exist.
'500':
description: Unexpected internal errors.
put:
summary: 'Put modifies name, description, target and enablement of policy.'
description: |
This endpoint let user update policy name, description, target and enablement.
parameters:
- name: id
in: path
type: integer
format: int64
required: true
description: policy ID
- name: policyupdate
in: body
description: Updated properties of the replication policy.
required: true
schema:
$ref: '#/definitions/RepPolicy'
tags:
- Products
responses:
'200':
description: Update job policy content successfully.
'400':
description: policy is enabled or target does not exist
'401':
description: User need to log in first.
'404':
description: The specific repository ID's policy does not exist.
'409':
description: Policy name already used or policy already exists with the same project and target.
'500':
description: Unexpected internal errors.
delete:
summary: Delete the replication policy specified by ID.
description: |
Delete the replication policy specified by ID.
parameters:
- name: id
in: path
type: integer
format: int64
required: true
description: Replication policy ID
tags:
- Products
responses:
'200':
description: Delete successfully.
'400':
description: Invalid parameters.
'401':
description: User need to log in first.
'404':
description: The resource does not exist.
'500':
description: Unexpected internal errors.
/labels:
get:
summary: List labels according to the query strings.
description: |
This endpoint let user list labels by name, scope and project_id
parameters:
- name: name
in: query
type: string
required: false
description: The label name.
- name: scope
in: query
type: string
required: true
description: The label scope. Valid values are g and p. g for global labels and p for project labels.
- name: project_id
in: query
type: integer
format: int64
required: false
description: 'Relevant project ID, required when scope is p.'
- name: page
in: query
type: integer
format: int32
required: false
description: The page nubmer.
- name: page_size
in: query
type: integer
format: int32
required: false
description: The size of per page.
tags:
- Products
responses:
'200':
description: Get successfully.
schema:
type: array
items:
$ref: '#/definitions/Label'
'400':
description: Invalid parameters.
'401':
description: User need to log in first.
'500':
description: Unexpected internal errors.
post:
summary: Post creates a label
description: |
This endpoint let user creates a label.
parameters:
- name: label
in: body
description: The json object of label.
required: true
schema:
$ref: '#/definitions/Label'
tags:
- Products
responses:
'201':
description: Create successfully.
'400':
description: Invalid parameters.
'401':
description: User need to log in first.
'409':
description: Label with the same name and same scope already exists.
'415':
$ref: '#/responses/UnsupportedMediaType'
'500':
description: Unexpected internal errors.
'/labels/{id}':
get:
summary: Get the label specified by ID.
description: |
This endpoint let user get the label by specific ID.
parameters:
- name: id
in: path
type: integer
format: int64
required: true
description: Label ID
tags:
- Products
responses:
'200':
description: Get successfully.
schema:
$ref: '#/definitions/Label'
'401':
description: User need to log in first.
'404':
description: The resource does not exist.
'500':
description: Unexpected internal errors.
put:
summary: Update the label properties.
description: |
This endpoint let user update label properties.
parameters:
- name: id
in: path
type: integer
format: int64
required: true
description: Label ID
- name: label
in: body
description: The updated label json object.
required: true
schema:
$ref: '#/definitions/Label'
tags:
- Products
responses:
'200':
description: Update successfully.
'400':
description: Invalid parameters.
'401':
description: User need to log in first.
'404':
description: The resource does not exist.
'409':
description: The label with the same name already exists.
'500':
description: Unexpected internal errors.
delete:
summary: Delete the label specified by ID.
description: |
Delete the label specified by ID.
parameters:
- name: id
in: path
type: integer
format: int64
required: true
description: Label ID
tags:
- Products
responses:
'200':
description: Delete successfully.
'400':
description: Invalid parameters.
'401':
description: User need to log in first.
'404':
description: The resource does not exist.
'500':
description: Unexpected internal errors.
'/labels/{id}/resources':
get:
summary: Get the resources that the label is referenced by.
description: |
This endpoint let user get the resources that the label is referenced by. Only the replication policies are returned for now.
parameters:
- name: id
in: path
type: integer
format: int64
required: true
description: Label ID
tags:
- Products
responses:
'200':
description: Get successfully.
schema:
$ref: '#/definitions/Resource'
'401':
description: User need to log in first.
'403':
description: Forbidden.
'404':
description: The resource does not exist.
'500':
description: Unexpected internal errors.
/replications:
post:
summary: Trigger the replication according to the specified policy.
description: |
This endpoint is used to trigger a replication.
parameters:
- name: policy ID
in: body
description: The ID of replication policy.
required: true
schema:
$ref: '#/definitions/Replication'
tags:
- Products
responses:
'200':
description: Trigger the replication successfully.
schema:
$ref: '#/definitions/ReplicationResponse'
'401':
description: User need to log in first.
'404':
description: The policy does not exist.
'415':
$ref: '#/responses/UnsupportedMediaType'
'500':
description: Unexpected internal errors.
/targets:
get:
summary: List filters targets by name.
description: |
This endpoint let user list filters targets by name, if name is nil, list returns all targets.
parameters:
- name: name
in: query
type: string
required: false
description: The replication's target name.
tags:
- Products
responses:
'200':
description: Get policy successfully.
schema:
type: array
items:
$ref: '#/definitions/RepTarget'
'401':
description: User need to log in first.
'500':
description: Unexpected internal errors.
post:
summary: Create a new replication target.
description: |
This endpoint is for user to create a new replication target.
parameters:
- name: reptarget
in: body
description: New created replication target.
required: true
schema:
$ref: '#/definitions/RepTargetPost'
tags:
- Products
responses:
'201':
description: Replication target created successfully.
'400':
description: Unsatisfied with constraints of the target creation.
'401':
description: User need to log in first.
'409':
description: Replication target name already exists.
'415':
$ref: '#/responses/UnsupportedMediaType'
'500':
description: Unexpected internal errors.
/targets/ping:
post:
summary: Ping validates target.
description: |
This endpoint is for ping validates whether the target is reachable and whether the credential is valid.
parameters:
- name: target
in: body
description: The target object.
required: true
schema:
$ref: '#/definitions/PingTarget'
tags:
- Products
responses:
'200':
description: Ping target successfully.
'400':
description: Target id is invalid/ endpoint is needed/ invaild URL/ network issue.
'401':
description: User need to log in first or wrong username/password for remote target.
'404':
description: Target not found.
'415':
$ref: '#/responses/UnsupportedMediaType'
'500':
description: Unexpected internal errors.
'/targets/{id}':
put:
summary: Update replication's target.
description: |
This endpoint is for update specific replication's target.
parameters:
- name: id
in: path
type: integer
format: int64
required: true
description: The replication's target ID.
- name: repo_target
in: body
required: true
schema:
$ref: '#/definitions/PutTarget'
description: Updates of replication's target.
tags:
- Products
responses:
'200':
description: Updated replication's target successfully.
'400':
description: The target is associated with policy which is enabled.
'401':
description: User need to log in first.
'404':
description: Target ID does not exist.
'409':
description: Target name or endpoint is already used.
'500':
description: Unexpected internal errors.
get:
summary: Get replication's target.
description: This endpoint is for get specific replication's target.
tags:
- Products
parameters:
- name: id
in: path
type: integer
format: int64
required: true
description: The replication's target ID.
responses:
'200':
description: Get replication's target successfully.
schema:
$ref: '#/definitions/RepTarget'
'401':
description: User need to log in first.
'404':
description: Replication's target not found
'500':
description: Unexpected internal errors.
delete:
summary: Delete specific replication's target.
description: |
This endpoint is for to delete specific replication's target.
parameters:
- name: id
in: path
type: integer
format: int64
required: true
description: The replication's target ID.
tags:
- Products
responses:
'200':
description: Replication's target deleted successfully.
'400':
description: Replication's target ID is invalid or the target is used by policies.
'401':
description: Only admin has this authority.
'404':
description: Replication's target does not exist.
'500':
description: Unexpected internal errors.
'/targets/{id}/policies/':
get:
summary: List the target relevant policies.
description: |
This endpoint list policies filter with specific replication's target ID.
parameters:
- name: id
in: path
type: integer
format: int64
required: true
description: The replication's target ID.
tags:
- Products
responses:
'200':
description: Get relevant policies successfully.
schema:
type: array
items:
$ref: '#/definitions/RepPolicy'
'401':
description: User need to log in first.
'404':
description: Replication's target not found
'500':
description: Unexpected internal errors.
/internal/syncregistry:
post:
summary: Sync repositories from registry to DB.
description: |
This endpoint is for syncing all repositories of registry with database.
tags:
- Products
responses:
'200':
description: Sync repositories successfully.
'401':
description: User need to log in first.
'403':
description: User does not have permission of admin role.
'415':
$ref: '#/responses/UnsupportedMediaType'
'500':
description: Unexpected internal errors.
/systeminfo:
get:
summary: Get general system info
description: |
This API is for retrieving general system info, this can be called by anonymous request.
tags:
- Products
responses:
'200':
description: Get general info successfully.
schema:
$ref: '#/definitions/GeneralInfo'
'500':
description: Unexpected internal error.
/systeminfo/volumes:
get:
summary: Get system volume info (total/free size).
description: |
This endpoint is for retrieving system volume info that only provides for admin user.
tags:
- Products
responses:
'200':
description: Get system volumes successfully.
schema:
$ref: '#/definitions/SystemInfo'
'401':
description: User need to log in first.
'403':
description: User does not have permission of admin role.
'500':
description: Unexpected internal errors.
/systeminfo/getcert:
get:
summary: Get default root certificate.
description: |
This endpoint is for downloading a default root certificate.
tags:
- Products
responses:
'200':
description: Get default root certificate successfully.
'404':
description: Not found the default root certificate.
'500':
description: Unexpected internal errors.
/ldap/ping:
post:
summary: Ping available ldap service.
description: |
This endpoint ping the available ldap service for test related configuration parameters.
parameters:
- name: ldapconf
in: body
description: 'ldap configuration. support input ldap service configuration. If it''s a empty request, will load current configuration from the system.'
required: false
schema:
$ref: '#/definitions/LdapConf'
tags:
- Products
responses:
'200':
description: Ping ldap service successfully.
'400':
description: Inviald ldap configuration parameters.
'401':
description: User need to login first.
'403':
description: Only admin has this authority.
'415':
$ref: '#/responses/UnsupportedMediaType'
'500':
description: Unexpected internal errors.
/ldap/groups/search:
get:
summary: Search available ldap groups.
description: |
This endpoint searches the available ldap groups based on related configuration parameters. support to search by groupname or groupdn.
parameters:
- name: groupname
in: query
type: string
required: false
description: Ldap group name
- name: groupdn
in: query
type: string
required: false
description: The LDAP group DN
tags:
- Products
responses:
'200':
description: Search ldap group successfully.
schema:
type: array
items:
$ref: '#/definitions/UserGroup'
'400':
description: The Ldap group DN is invalid.
'404':
description: No ldap group found.
'500':
description: Unexpected internal errors.
/ldap/users/search:
get:
summary: Search available ldap users.
description: |
This endpoint searches the available ldap users based on related configuration parameters. Support searched by input ladp configuration, load configuration from the system and specific filter.
parameters:
- name: username
in: query
type: string
required: false
description: Registered user ID
tags:
- Products
responses:
'200':
description: Search ldap users successfully.
schema:
type: array
items:
$ref: '#/definitions/LdapUsers'
'401':
description: User need to login first.
'403':
description: Only admin has this authority.
'500':
description: Unexpected internal errors.
/ldap/users/import:
post:
summary: Import selected available ldap users.
description: |
This endpoint adds the selected available ldap users to harbor based on related configuration parameters from the system. System will try to guess the user email address and realname, add to harbor user information.
If have errors when import user, will return the list of importing failed uid and the failed reason.
parameters:
- name: uid_list
in: body
description: The uid listed for importing. This list will check users validity of ldap service based on configuration from the system.
required: true
schema:
$ref: '#/definitions/LdapImportUsers'
tags:
- Products
responses:
'200':
description: Add ldap users successfully.
'401':
description: User need to login first.
'403':
description: Only admin has this authority.
'404':
description: Failed import some users.
schema:
type: array
items:
$ref: '#/definitions/LdapFailedImportUsers'
'415':
$ref: '#/responses/UnsupportedMediaType'
/usergroups:
get:
summary: Get all user groups information
description: Get all user groups information
tags:
- Products
responses:
'200':
description: Get user group successfully.
schema:
type: array
items:
$ref: '#/definitions/UserGroup'
'401':
description: User need to log in first.
'403':
description: User in session does not have permission to the user group.
'500':
description: Unexpected internal errors.
post:
summary: Create user group
description: Create user group information
tags:
- Products
parameters:
- name: usergroup
in: body
schema:
$ref: '#/definitions/UserGroup'
responses:
'201':
description: User group created successfully.
'400':
description: Invalid LDAP group DN.
'401':
description: User need to log in first.
'403':
description: User in session does not have permission to the user group.
'404':
description: The LDAP group is not found.
'409':
description: An LDAP user group with same DN already exist.
'500':
description: Unexpected internal errors.
'/usergroups/{group_id}':
get:
summary: Get user group information
description: Get user group information
tags:
- Products
parameters:
- name: group_id
in: path
type: integer
format: int64
required: true
description: Group ID
responses:
'200':
description: User group get successfully.
schema:
$ref: '#/definitions/UserGroup'
'400':
description: The user group id is invalid.
'401':
description: User need to log in first.
'403':
description: User in session does not have permission to the user group.
'404':
description: User group does not exist.
'500':
description: Unexpected internal errors.
put:
summary: Update group information
description: Update user group information
tags:
- Products
parameters:
- name: group_id
in: path
type: integer
format: int64
required: true
description: Group ID
- name: usergroup
in: body
required: false
schema:
$ref: '#/definitions/UserGroup'
responses:
'200':
description: User group updated successfully.
'400':
description: The user group id is invalid.
'401':
description: User need to log in first.
'403':
description: Only admin has this authority.
'404':
description: User group does not exist.
'500':
description: Unexpected internal errors.
delete:
summary: Delete user group
description: Delete user group
tags:
- Products
parameters:
- name: group_id
type: integer
in: path
required: true
responses:
'200':
description: User group deleted successfully.
'400':
description: The user group id is invalid.
'401':
description: User need to log in first.
'403':
description: Only admin has this authority.
'500':
description: Unexpected internal errors.
/system/gc:
get:
summary: Get gc results.
description: This endpoint let user get latest ten gc results.
tags:
- Products
responses:
'200':
description: Get gc results successfully.
schema:
type: array
items:
$ref: '#/definitions/GCResult'
'401':
description: User need to log in first.
'403':
description: User does not have permission of admin role.
'500':
description: Unexpected internal errors.
'/system/gc/{id}':
get:
summary: Get gc status.
description: This endpoint let user get gc status filtered by specific ID.
parameters:
- name: id
in: path
type: integer
format: int64
required: true
description: Relevant job ID
tags:
- Products
responses:
'200':
description: Get gc results successfully.
schema:
$ref: '#/definitions/GCResult'
'401':
description: User need to log in first.
'403':
description: User does not have permission of admin role.
'500':
description: Unexpected internal errors.
'/system/gc/{id}/log':
get:
summary: Get gc job log.
description: This endpoint let user get gc job logs filtered by specific ID.
parameters:
- name: id
in: path
type: integer
format: int64
required: true
description: Relevant job ID
tags:
- Products
responses:
'200':
description: Get successfully.
schema:
type: string
'400':
description: Illegal format of provided ID value.
'401':
description: User need to log in first.
'403':
description: User does not have permission of admin role.
'404':
description: The specific gc ID's log does not exist.
'500':
description: Unexpected internal errors.
/system/gc/schedule:
get:
summary: Get gc's schedule.
description: This endpoint is for get schedule of gc job.
tags:
- Products
responses:
'200':
description: Get gc's schedule.
schema:
$ref: '#/definitions/AdminJobSchedule'
'401':
description: User need to log in first.
'403':
description: Only admin has this authority.
'500':
description: Unexpected internal errors.
put:
summary: Update gc's schedule.
description: |
This endpoint is for update gc schedule.
parameters:
- name: schedule
in: body
required: true
schema:
$ref: '#/definitions/AdminJobSchedule'
description: Updates of gc's schedule.
tags:
- Products
responses:
'200':
description: Updated gc's schedule successfully.
'400':
description: Invalid schedule type.
'401':
description: User need to log in first.
'403':
description: User does not have permission of admin role.
'500':
description: Unexpected internal errors.
post:
summary: Create a gc schedule.
description: |
This endpoint is for update gc schedule.
parameters:
- name: schedule
in: body
required: true
schema:
$ref: '#/definitions/AdminJobSchedule'
description: Updates of gc's schedule.
tags:
- Products
responses:
'200':
description: GC schedule successfully.
'400':
description: Invalid schedule type.
'401':
description: User need to log in first.
'403':
description: User does not have permission of admin role.
'409':
description: There is a "gc" job in progress, so the request cannot be served.
'500':
description: Unexpected internal errors.
/system/scanAll/schedule:
get:
summary: Get scan_all's schedule.
description: This endpoint is for getting a schedule for the scan all job, which scans all of images in Harbor.
tags:
- Products
responses:
'200':
description: Get a schedule for the scan all job, which scans all of images in Harbor.
schema:
$ref: '#/definitions/AdminJobSchedule'
'401':
description: User need to log in first.
'403':
description: Only admin has this authority.
'500':
description: Unexpected internal errors.
put:
summary: Update scan all's schedule.
description: |
This endpoint is for updating the schedule of scan all job, which scans all of images in Harbor.
parameters:
- name: schedule
in: body
required: true
schema:
$ref: '#/definitions/AdminJobSchedule'
description: Updates the schedule of scan all job, which scans all of images in Harbor.
tags:
- Products
responses:
'200':
description: Updated scan_all's schedule successfully.
'400':
description: Invalid schedule type.
'401':
description: User need to log in first.
'403':
description: User does not have permission of admin role.
'500':
description: Unexpected internal errors.
post:
summary: Create a schedule or a manual trigger for the scan all job.
description: |
This endpoint is for creating a schedule or a manual trigger for the scan all job, which scans all of images in Harbor.
parameters:
- name: schedule
in: body
required: true
schema:
$ref: '#/definitions/AdminJobSchedule'
description: Create a schedule or a manual trigger for the scan all job.
tags:
- Products
responses:
'200':
description: Updated scan_all's schedule successfully.
'400':
description: Invalid schedule type.
'401':
description: User need to log in first.
'403':
description: User does not have permission of admin role.
'409':
description: There is a "scanall" job in progress, so the request cannot be served.
'500':
description: Unexpected internal errors.
'503':
description: Harbor is not deployed with Clair.
/configurations:
get:
summary: Get system configurations.
description: |
This endpoint is for retrieving system configurations that only provides for admin user.
tags:
- Products
responses:
'200':
description: Get system configurations successfully. The response body is a map.
schema:
$ref: '#/definitions/ConfigurationsResponse'
'401':
description: User need to log in first.ß
'403':
description: User does not have permission of admin role.
'500':
description: Unexpected internal errors.
put:
summary: Modify system configurations.
description: |
This endpoint is for modifying system configurations that only provides for admin user.
tags:
- Products
parameters:
- name: configurations
in: body
required: true
schema:
$ref: '#/definitions/Configurations'
description: 'The configuration map can contain a subset of the attributes of the schema, which are to be updated.'
responses:
'200':
description: Modify system configurations successfully.
'401':
description: User need to log in first.
'403':
description: User does not have permission of admin role.
'500':
description: Unexpected internal errors.
/email/ping:
post:
summary: Test connection and authentication with email server.
description: |
Test connection and authentication with email server.
parameters:
- name: settings
in: body
description: 'Email server settings, if some of the settings are not assigned, they will be read from system configuration.'
required: false
schema:
$ref: '#/definitions/EmailServerSetting'
tags:
- Products
responses:
'200':
description: Ping email server successfully.
'400':
description: Inviald email server settings.
'401':
description: User need to login first.
'403':
description: Only admin has this authority.
'415':
$ref: '#/responses/UnsupportedMediaType'
'500':
description: Unexpected internal errors.
/chartrepo/health:
get:
summary: Check the health of chart repository service.
description: Check the health of chart repository service.
tags:
- Products
- Chart Repository
responses:
'200':
description: Health status of chart repository service is returned.
schema:
type: object
properties:
healthy:
type: boolean
'401':
$ref: '#/definitions/UnauthorizedChartAPIError'
'403':
$ref: '#/definitions/ForbiddenChartAPIError'
/chartrepo/{repo}/charts:
get:
summary: Get all the charts under the specified project
description: Get all the charts under the specified project
tags:
- Products
- Chart Repository
parameters:
- name: repo
in: path
type: string
required: true
description: The project name
responses:
'200':
description: Searched for charts of project in Harbor successfully.
schema:
type: array
items:
$ref: '#/definitions/ChartInfoEntry'
'401':
$ref: '#/definitions/UnauthorizedChartAPIError'
'403':
$ref: '#/definitions/ForbiddenChartAPIError'
'500':
$ref: '#/definitions/InternalChartAPIError'
post:
summary: Upload a chart file to the specified project.
description: 'Upload a chart file to the specified project. With this API, the corresponding provance file can be uploaded together with chart file at once.'
tags:
- Products
- Chart Repository
consumes:
- multipart/form-data
parameters:
- name: repo
in: path
type: string
required: true
description: The project name
- name: chart
in: formData
type: file
required: true
description: The chart file
- name: prov
in: formData
type: file
required: false
description: The provance file
responses:
'201':
description: The specified chart is successfully uploaded.
'401':
$ref: '#/definitions/UnauthorizedChartAPIError'
'403':
$ref: '#/definitions/ForbiddenChartAPIError'
'500':
$ref: '#/definitions/InternalChartAPIError'
'507':
$ref: '#/definitions/InsufficientStorageChartAPIError'
/chartrepo/{repo}/charts/{name}:
get:
summary: Get all the versions of the specified chart
description: Get all the versions of the specified chart
tags:
- Products
- Chart Repository
parameters:
- name: repo
in: path
type: string
required: true
description: The project name
- name: name
in: path
type: string
required: true
description: The chart name
responses:
'200':
$ref: '#/definitions/ChartVersions'
'401':
$ref: '#/definitions/UnauthorizedChartAPIError'
'403':
$ref: '#/definitions/ForbiddenChartAPIError'
'404':
$ref: '#/definitions/NotFoundChartAPIError'
'500':
$ref: '#/definitions/InternalChartAPIError'
delete:
summary: Delete all the versions of the specified chart
description: Delete all the versions of the specified chart
tags:
- Products
- Chart Repository
parameters:
- name: repo
in: path
type: string
required: true
description: The project name
- name: name
in: path
type: string
required: true
description: The chart name
responses:
'200':
description: The specified chart entry is successfully deleted.
'401':
$ref: '#/definitions/UnauthorizedChartAPIError'
'403':
$ref: '#/definitions/ForbiddenChartAPIError'
'500':
$ref: '#/definitions/InternalChartAPIError'
/chartrepo/{repo}/charts/{name}/{version}:
get:
summary: Get the specified chart version
description: Get the specified chart version
tags:
- Products
- Chart Repository
parameters:
- name: repo
in: path
type: string
required: true
description: The project name
- name: name
in: path
type: string
required: true
description: The chart name
- name: version
in: path
type: string
required: true
description: The chart version
responses:
'200':
$ref: '#/definitions/ChartVersionDetails'
'401':
$ref: '#/definitions/UnauthorizedChartAPIError'
'403':
$ref: '#/definitions/ForbiddenChartAPIError'
'404':
$ref: '#/definitions/NotFoundChartAPIError'
'500':
$ref: '#/definitions/InternalChartAPIError'
delete:
summary: Delete the specified chart version
description: Delete the specified chart version
tags:
- Products
- Chart Repository
parameters:
- name: repo
in: path
type: string
required: true
description: The project name
- name: name
in: path
type: string
required: true
description: The chart name
- name: version
in: path
type: string
required: true
description: The chart version
responses:
'200':
description: The specified chart entry is successfully deleted.
'401':
$ref: '#/definitions/UnauthorizedChartAPIError'
'403':
$ref: '#/definitions/ForbiddenChartAPIError'
'404':
$ref: '#/definitions/NotFoundChartAPIError'
'500':
$ref: '#/definitions/InternalChartAPIError'
/chartrepo/{repo}/prov:
post:
summary: Upload a provance file to the specified project.
description: Upload a provance file to the specified project. The provance file should be targeted for an existing chart file.
tags:
- Products
- Chart Repository
consumes:
- multipart/form-data
parameters:
- name: repo
in: path
type: string
required: true
description: The project name
- name: prov
in: formData
type: file
required: true
description: The provance file
responses:
'201':
description: The provance file is successfully uploaded.
'401':
$ref: '#/definitions/UnauthorizedChartAPIError'
'403':
$ref: '#/definitions/ForbiddenChartAPIError'
'500':
$ref: '#/definitions/InternalChartAPIError'
'507':
$ref: '#/definitions/InsufficientStorageChartAPIError'
/chartrepo/charts:
post:
summary: Upload a chart file to the defult 'library' project.
description: Upload a chart file to the default 'library' project. Uploading together with the prov file at the same time is also supported.
tags:
- Products
- Chart Repository
consumes:
- multipart/form-data
parameters:
- name: chart
in: formData
type: file
required: true
description: The chart file
- name: prov
in: formData
type: file
required: false
description: The provance file
responses:
'201':
description: The specified chart is successfully uploaded.
'401':
$ref: '#/definitions/UnauthorizedChartAPIError'
'403':
$ref: '#/definitions/ForbiddenChartAPIError'
'500':
$ref: '#/definitions/InternalChartAPIError'
'507':
$ref: '#/definitions/InsufficientStorageChartAPIError'
/chartrepo/{repo}/charts/{name}/{version}/labels:
get:
summary: Return the attahced labels of chart.
description: Return the attahced labels of the specified chart version.
tags:
- Products
- Chart Repository
- Label
parameters:
- name: repo
in: path
type: string
required: true
description: The project name
- name: name
in: path
type: string
required: true
description: The chart name
- name: version
in: path
type: string
required: true
description: The chart version
responses:
'200':
$ref: '#/definitions/Labels'
'401':
$ref: '#/definitions/UnauthorizedChartAPIError'
'403':
$ref: '#/definitions/ForbiddenChartAPIError'
'404':
$ref: '#/definitions/NotFoundChartAPIError'
'500':
$ref: '#/definitions/InternalChartAPIError'
post:
summary: Mark label to chart.
description: Mark label to the specified chart version.
tags:
- Products
- Chart Repository
- Label
parameters:
- name: repo
in: path
type: string
required: true
description: The project name
- name: name
in: path
type: string
required: true
description: The chart name
- name: version
in: path
type: string
required: true
description: The chart version
- name: label
in: body
required: true
schema:
$ref: '#/definitions/Label'
description: 'The label being marked to the chart version'
responses:
'200':
description: The label is successfully marked to the chart version.
'400':
$ref: '#/definitions/BadRequestFormatedError'
'401':
$ref: '#/definitions/UnauthorizedChartAPIError'
'403':
$ref: '#/definitions/ForbiddenChartAPIError'
'404':
$ref: '#/definitions/NotFoundChartAPIError'
'409':
$ref: '#/definitions/ConflictFormatedError'
'500':
$ref: '#/definitions/InternalChartAPIError'
/chartrepo/{repo}/charts/{name}/{version}/labels/{id}:
delete:
summary: Remove label from chart.
description: Remove label from the specified chart version.
tags:
- Products
- Chart Repository
- Label
parameters:
- name: repo
in: path
type: string
required: true
description: The project name
- name: name
in: path
type: string
required: true
description: The chart name
- name: version
in: path
type: string
required: true
description: The chart version
- name: id
in: path
type: integer
required: true
description: The label ID
responses:
'200':
description: The label is successfully unmarked from the chart version.
'400':
$ref: '#/definitions/BadRequestFormatedError'
'401':
$ref: '#/definitions/UnauthorizedChartAPIError'
'403':
$ref: '#/definitions/ForbiddenChartAPIError'
'404':
$ref: '#/definitions/NotFoundChartAPIError'
'500':
$ref: '#/definitions/InternalChartAPIError'
'/projects/{project_id}/robots':
get:
summary: Get all robot accounts of specified project
description: Get all robot accounts of specified project
parameters:
- name: project_id
in: path
type: integer
format: int64
required: true
description: Relevant project ID.
tags:
- Products
- Robot Account
responses:
'200':
description: Get project robot accounts successfully.
schema:
type: array
items:
$ref: '#/definitions/RobotAccount'
'400':
description: The project id is invalid.
'401':
description: User need to log in first.
'403':
description: User in session does not have permission to the project.
'404':
description: Project ID does not exist.
'500':
description: Unexpected internal errors.
post:
summary: Create a robot account for project
description: Create a robot account for project
tags:
- Products
- Robot Account
parameters:
- name: project_id
in: path
type: integer
format: int64
required: true
description: Relevant project ID.
- name: robot
in: body
description: Request body of creating a robot account.
required: true
schema:
$ref: '#/definitions/RobotAccountCreate'
responses:
'201':
description: Project member created successfully.
schema:
$ref: '#/definitions/RobotAccountPostRep'
'400':
description: Project id is not valid.
'401':
description: User need to log in first.
'403':
description: User in session does not have permission to the project.
'409':
description: An robot account with same name already exist in the project.
'500':
description: Unexpected internal errors.
'/projects/{project_id}/robots/{robot_id}':
get:
summary: Return the infor of the specified robot account.
description: Return the infor of the specified robot account.
tags:
- Products
- Robot Account
parameters:
- name: project_id
in: path
type: integer
format: int64
required: true
description: Relevant project ID.
- name: robot_id
in: path
type: integer
format: int64
required: true
description: The ID of robot account.
responses:
'200':
description: Robot account information.
schema:
$ref: '#/definitions/RobotAccount'
'401':
description: User need to log in first.
'403':
description: User in session does not have permission to the project.
'404':
description: The robot account is not found.
'500':
description: Unexpected internal errors.
put:
summary: Update status of robot account.
description: Used to disable/enable a specified robot account.
tags:
- Products
- Robot Account
parameters:
- name: project_id
in: path
type: integer
format: int64
required: true
description: Relevant project ID.
- name: robot_id
in: path
type: integer
format: int64
required: true
description: The ID of robot account.
- name: robot
in: body
description: Request body of enable/disable a robot account.
required: true
schema:
$ref: '#/definitions/RobotAccountUpdate'
responses:
'200':
description: Robot account has been modified success.
'500':
description: Unexpected internal errors.
delete:
summary: Delete the specified robot account
description: Delete the specified robot account
tags:
- Products
- Robot Account
parameters:
- name: project_id
in: path
type: integer
format: int64
required: true
description: Relevant project ID.
- name: robot_id
in: path
type: integer
format: int64
required: true
description: The ID of robot account.
responses:
'200':
description: The specified robot account is successfully deleted.
'401':
description: User need to log in first.
'403':
description: User in session does not have permission to the project.
'404':
description: The robot account is not found.
'500':
description: Unexpected internal errors.
responses:
UnsupportedMediaType:
description: 'The Media Type of the request is not supported, it has to be "application/json"'
definitions:
Search:
type: object
properties:
project:
description: Search results of the projects that matched the filter keywords.
type: array
items:
$ref: '#/definitions/Project'
repository:
description: Search results of the repositories that matched the filter keywords.
type: array
items:
$ref: '#/definitions/SearchRepository'
chart:
description: Search results of the charts that macthed the filter keywords.
type: array
items:
$ref: '#/definitions/SearchResult'
RetagReq:
type: object
properties:
tag:
description: new tag to be created
type: string
src_image:
description: Source image to be retagged, e.g. 'stage/app:v1.0'
type: string
override:
description: If target tag already exists, whether to override it
type: boolean
SearchRepository:
type: object
properties:
project_id:
type: integer
description: The ID of the project that the repository belongs to
project_name:
type: string
description: The name of the project that the repository belongs to
project_public:
type: boolean
description: 'The flag to indicate the publicity of the project that the repository belongs to (1 is public, 0 is not)'
repository_name:
type: string
description: The name of the repository
pull_count:
type: integer
description: The count how many times the repository is pulled
tags_count:
type: integer
description: The count of tags in the repository
ProjectReq:
type: object
properties:
project_name:
type: string
description: The name of the project.
metadata:
description: The metadata of the project.
$ref: '#/definitions/ProjectMetadata'
Project:
type: object
properties:
project_id:
type: integer
format: int32
description: Project ID
owner_id:
type: integer
format: int32
description: The owner ID of the project always means the creator of the project.
name:
type: string
description: The name of the project.
creation_time:
type: string
description: The creation time of the project.
update_time:
type: string
description: The update time of the project.
deleted:
type: boolean
description: A deletion mark of the project.
owner_name:
type: string
description: The owner name of the project.
togglable:
type: boolean
description: Correspond to the UI about whether the project's publicity is updatable (for UI)
current_user_role_id:
type: integer
description: The role ID of the current user who triggered the API (for UI)
repo_count:
type: integer
description: The number of the repositories under this project.
chart_count:
type: integer
description: The total number of charts under this project.
metadata:
description: The metadata of the project.
$ref: '#/definitions/ProjectMetadata'
ProjectMetadata:
type: object
properties:
public:
type: string
description: 'The public status of the project. The valid values are "true", "false".'
enable_content_trust:
type: string
description: 'Whether content trust is enabled or not. If it is enabled, user cann''t pull unsigned images from this project. The valid values are "true", "false".'
prevent_vul:
type: string
description: 'Whether prevent the vulnerable images from running. The valid values are "true", "false".'
severity:
type: string
description: 'If the vulnerability is high than severity defined here, the images cann''t be pulled. The valid values are "negligible", "low", "medium", "high", "critical".'
auto_scan:
type: string
description: 'Whether scan images automatically when pushing. The valid values are "true", "false".'
Manifest:
type: object
properties:
manifest:
type: object
description: The detail of manifest.
config:
type: string
description: The config of the repository.
User:
type: object
properties:
user_id:
type: integer
format: int
description: The ID of the user.
username:
type: string
email:
type: string
password:
type: string
realname:
type: string
comment:
type: string
deleted:
type: boolean
role_name:
type: string
role_id:
type: integer
format: int
has_admin_role:
type: boolean
reset_uuid:
type: string
Salt:
type: string
creation_time:
type: string
update_time:
type: string
UserSearch:
type: object
properties:
user_id:
type: integer
format: int
description: The ID of the user.
username:
type: string
Password:
type: object
properties:
old_password:
type: string
description: The user's existing password.
new_password:
type: string
description: New password for marking as to be updated.
AccessLog:
type: object
properties:
log_id:
type: integer
description: The ID of the log entry.
username:
type: string
description: Username of the user in this log entry.
repo_name:
type: string
description: Name of the repository in this log entry.
repo_tag:
type: string
description: Tag of the repository in this log entry.
operation:
type: string
description: The operation against the repository in this log entry.
op_time:
type: string
description: The time when this operation is triggered.
Role:
type: object
properties:
role_id:
type: integer
format: int32
description: ID in table.
role_code:
type: string
description: Description of permissions for the role.
role_name:
type: string
description: Name the the role.
role_mask:
type: string
RoleParam:
type: object
properties:
roles:
type: array
items:
type: integer
format: int32
description: Role ID for updating project role member.
username:
type: string
description: Username relevant to a project role member.
StatisticMap:
type: object
properties:
private_project_count:
type: integer
format: int32
description: The count of the private projects which the user is a member of.
private_repo_count:
type: integer
format: int32
description: The count of the private repositories belonging to the projects which the user is a member of.
public_project_count:
type: integer
format: int32
description: The count of the public projects.
public_repo_count:
type: integer
format: int32
description: The count of the public repositories belonging to the public projects which the user is a member of.
total_project_count:
type: integer
format: int32
description: 'The count of the total projects, only be seen when the is admin.'
total_repo_count:
type: integer
format: int32
description: 'The count of the total repositories, only be seen when the user is admin.'
JobStatus:
type: object
properties:
id:
type: integer
format: int64
description: The job ID.
status:
type: string
description: The status of the job.
repository:
type: string
description: The repository handled by the job.
policy_id:
type: integer
format: int64
description: The ID of the policy that triggered this job.
operation:
type: string
description: The operation of the job.
tags:
type: array
description: The repository's used tag list.
items:
$ref: '#/definitions/Tags'
creation_time:
type: string
description: The creation time of the job.
update_time:
type: string
description: The update time of the job.
Tags:
type: object
properties:
tag:
type: string
description: The repository's used tag.
RepPolicy:
type: object
properties:
id:
type: integer
format: int64
description: The policy ID.
name:
type: string
description: The policy name.
description:
type: string
description: The description of the policy.
projects:
type: array
description: The project list that the policy applys to.
items:
$ref: '#/definitions/Project'
targets:
type: array
description: The target list.
items:
$ref: '#/definitions/RepTarget'
trigger:
$ref: '#/definitions/RepTrigger'
filters:
type: array
description: The replication policy filter array.
items:
$ref: '#/definitions/RepFilter'
replicate_existing_image_now:
type: boolean
description: Whether to replicate the existing images now.
replicate_deletion:
type: boolean
description: Whether to replicate the deletion operation.
creation_time:
type: string
description: The create time of the policy.
update_time:
type: string
description: The update time of the policy.
error_job_count:
type: integer
description: The error job count number for the policy.
RepTrigger:
type: object
properties:
kind:
type: string
description: 'The replication policy trigger kind. The valid values are manual, immediate and schedule.'
schedule_param:
$ref: '#/definitions/ScheduleParam'
ScheduleParam:
type: object
properties:
type:
type: string
description: The schedule type. The valid values are daily and weekly.
weekday:
type: integer
format: int8
description: 'Optional, only used when the type is weedly. The valid values are 1-7.'
offtime:
type: integer
format: int64
description: 'The time offset with the UTC 00:00 in seconds.'
RepFilter:
type: object
properties:
kind:
type: string
description: 'The replication policy filter kind. The valid values are project, repository and tag.'
value:
type: string
description: 'The value of replication policy filter. When creating repository and tag filter, filling it with the pattern as string. When creating label filter, filling it with label ID as integer.'
pattern:
type: string
description: 'Depraceted, use value instead. The replication policy filter pattern.'
metadata:
type: object
description: This map object is the replication policy filter metadata.
RepTarget:
type: object
properties:
id:
type: integer
format: int64
description: The target ID.
endpoint:
type: string
description: The target address URL string.
name:
type: string
description: The target name.
username:
type: string
description: The target server username.
password:
type: string
description: The target server password.
type:
type: integer
format: int
description: Reserved field.
insecure:
type: boolean
description: Whether or not the certificate will be verified when Harbor tries to access the server.
creation_time:
type: string
description: The create time of the policy.
update_time:
type: string
description: The update time of the policy.
RepTargetPost:
type: object
properties:
endpoint:
type: string
description: The target address URL string.
name:
type: string
description: The target name.
username:
type: string
description: The target server username.
password:
type: string
description: The target server password.
insecure:
type: boolean
description: Whether or not the certificate will be verified when Harbor tries to access the server.
PingTarget:
type: object
properties:
id:
type: integer
format: int
description: Target ID.
endpoint:
type: string
description: The target address URL string.
username:
type: string
description: The target server username.
password:
type: string
description: The target server password.
insecure:
type: boolean
description: Whether or not the certificate will be verified when Harbor tries to access the server.
PutTarget:
type: object
properties:
name:
type: string
description: The target name.
endpoint:
type: string
description: The target address URL string.
username:
type: string
description: The target server username.
password:
type: string
description: The target server password.
insecure:
type: boolean
description: Whether or not the certificate will be verified when Harbor tries to access the server.
HasAdminRole:
type: object
properties:
has_admin_role:
type: boolean
description: '1-has admin, 0-not.'
UserProfile:
type: object
properties:
email:
type: string
description: The new email.
realname:
type: string
description: The new realname.
comment:
type: string
description: The new comment.
Storage:
type: object
properties:
total:
type: integer
format: int64
description: Total volume size.
free:
type: integer
format: int64
description: Free volume size.
GeneralInfo:
type: object
properties:
with_notary:
type: boolean
description: If the Harbor instance is deployed with nested notary.
with_clair:
type: boolean
description: If the Harbor instance is deployed with nested clair.
with_admiral:
type: boolean
description: If the Harbor instance is deployed with Admiral.
admiral_endpoint:
type: string
description: The url of the endpoint of admiral instance.
auth_mode:
type: string
description: The auth mode of current Harbor instance.
project_creation_restriction:
type: string
description: 'Indicate who can create projects, it could be ''adminonly'' or ''everyone''.'
self_registration:
type: boolean
description: Indicate whether the Harbor instance enable user to register himself.
has_ca_root:
type: boolean
description: Indicate whether there is a ca root cert file ready for download in the file system.
harbor_version:
type: string
description: The build version of Harbor.
next_scan_all:
type: integer
description: 'The UTC time in milliseconds, after which user can call scanAll API to scan all images.'
clair_vulnerability_status:
type: object
description: The status of vulnerability data of Clair.
properties:
overall_last_update:
type: integer
description: 'The UTC timestamp in milliseconds of last successful update for Clair vulnerability data, when all the updaters are successfully executed.'
details:
type: array
description: Detail timestamp of different namespace. This is introduced to handle the case when some updaters are executed successfully and some not.
items:
$ref: '#/definitions/VulnNamespaceTimestamp'
VulnNamespaceTimestamp:
type: object
properties:
namespace:
type: string
description: The namespace of the Vulnerability
last_update:
type: integer
description: The UTC timestamp in miliseconds of last successful update for vulnerability data.
SystemInfo:
type: object
properties:
storage:
type: array
description: The storage of system.
items:
$ref: '#/definitions/Storage'
LdapConf:
type: object
properties:
ldap_url:
type: string
description: The url of ldap service.
ldap_search_dn:
type: string
description: The search dn of ldap service.
ldap_search_password:
type: string
description: The search password of ldap service.
ldap_base_dn:
type: string
description: The base dn of ldap service.
ldap_filter:
type: string
description: The serach filter of ldap service.
ldap_uid:
type: string
description: The serach uid from ldap service attributes.
ldap_scope:
type: integer
format: int64
description: The serach scope of ldap service.
ldap_connection_timeout:
type: integer
format: int64
description: The connect timeout of ldap service(second).
LdapUsers:
type: object
properties:
ldap_username:
type: string
description: search ldap user name based on ldapconf.
ldap_realname:
type: string
description: system will try to guess the user realname form "uid" or "cn" attribute.
ldap_email:
type: string
description: system will try to guess the user email address form "mail" or "email" attribute.
LdapImportUsers:
type: object
properties:
ldap_uid_list:
type: array
description: selected uid list
items:
type: string
LdapFailedImportUsers:
type: object
properties:
ldap_uid:
type: string
description: the uid can't add to system.
error:
type: string
description: fail reason.
EmailServerSetting:
type: object
properties:
email_host:
type: string
description: The host of email server.
email_port:
type: integer
description: The port of email server.
email_username:
type: string
description: The username of email server.
email_password:
type: string
description: The password of email server.
email_ssl:
type: boolean
description: Use ssl/tls or not.
email_identity:
type: string
description: The dentity of email server.
RepoSignature:
type: object
properties:
tag:
type: string
description: The tag of image.
hashes:
type: object
description: The JSON object of the hash of the image.
DetailedTag:
type: object
properties:
digest:
type: string
description: The digest of the tag.
name:
type: string
description: The name of the tag.
size:
type: integer
description: The size of the image.
architecture:
type: string
description: The architecture of the image.
os:
type: string
description: The os of the image.
docker_version:
type: string
description: The version of docker which builds the image.
author:
type: string
description: The author of the image.
created:
type: string
description: The build time of the image.
signature:
type: object
description: 'The signature of image, defined by RepoSignature. If it is null, the image is unsigned.'
scan_overview:
type: object
description: The overview of the scan result. This is an optional property.
properties:
digest:
type: string
description: The digest of the image.
scan_status:
type: string
description: 'The status of the scan job, it can be "pendnig", "running", "finished", "error".'
job_id:
type: integer
description: The ID of the job on jobservice to scan the image.
severity:
type: integer
description: '0-Not scanned, 1-Negligible, 2-Unknown, 3-Low, 4-Medium, 5-High'
details_key:
type: string
description: 'The top layer name of this image in Clair, this is for calling Clair API to get the vulnerability list of this image.'
components:
type: object
description: The components overview of the image.
properties:
total:
type: integer
description: Total number of the components in this image.
summary:
description: List of number of components of different severities.
type: array
items:
$ref: '#/definitions/ComponentOverviewEntry'
labels:
type: array
description: The label list.
items:
$ref: '#/definitions/Label'
ComponentOverviewEntry:
type: object
properties:
severity:
type: integer
description: '1-None/Negligible, 2-Unknown, 3-Low, 4-Medium, 5-High'
count:
type: integer
description: number of the components with certain severity.
Repository:
type: object
properties:
id:
type: integer
description: The ID of repository.
name:
type: string
description: The name of repository.
project_id:
type: integer
description: The project ID of repository.
description:
type: string
description: The description of repository.
pull_count:
type: integer
description: The pull count of repository.
star_count:
type: integer
description: The star count of repository.
tags_count:
type: integer
description: The tags count of repository.
labels:
type: array
description: The label list.
items:
$ref: '#/definitions/Label'
creation_time:
type: string
description: The creation time of repository.
update_time:
type: string
description: The update time of repository.
VulnerabilityItem:
type: object
properties:
id:
type: string
description: 'ID of the vulnerability, normally it is the CVE ID'
severity:
type: integer
description: '1-Negligible, 2-Unknown, 3-Low, 4-Medium, 5-High'
package:
type: string
description: The packge that introduces the vulnerability.
version:
type: string
description: The version of the package.
description:
type: string
description: The description of the vulnerability.
fixedVersion:
type: string
description: 'The version which the vulnerability is fixed, this is an optional property.'
Configurations:
type: object
properties:
auth_mode:
type: string
description: 'The auth mode of current system, such as "db_auth", "ldap_auth"'
email_from:
type: string
description: The sender name for Email notification.
email_host:
type: string
description: The hostname of SMTP server that sends Email notification.
email_port:
type: integer
description: The port of SMTP server.
email_identity:
type: string
description: By default it's empty so the email_username is picked.
email_username:
type: string
description: The username for authenticate against SMTP server.
email_ssl:
type: boolean
description: 'When it''s set to true the system will access Email server via TLS by default. If it''s set to false, it still will handle "STARTTLS" from server side.'
email_insecure:
type: boolean
description: Whether or not the certificate will be verified when Harbor tries to access the email server.
ldap_url:
type: string
description: The URL of LDAP server.
ldap_base_dn:
type: string
description: The Base DN for LDAP binding.
ldap_filter:
type: string
description: The filter for LDAP binding.
ldap_scope:
type: integer
description: '0-LDAP_SCOPE_BASE, 1-LDAP_SCOPE_ONELEVEL, 2-LDAP_SCOPE_SUBTREE'
ldap_uid:
type: string
description: 'The attribute which is used as identity for the LDAP binding, such as "CN" or "SAMAccountname"'
ldap_search_dn:
type: string
description: The DN of the user to do the search.
ldap_timeout:
type: integer
description: timeout in seconds for connection to LDAP server.
ldap_group_attribute_name:
type: string
description: 'The attribute which is used as identity of the LDAP group, default is cn.'
ldap_group_base_dn:
type: string
description: The base DN to search LDAP group.
ldap_group_search_filter:
type: string
description: The filter to search the ldap group.
ldap_group_search_scope:
type: integer
description: 'The scope to search ldap. ''0-LDAP_SCOPE_BASE, 1-LDAP_SCOPE_ONELEVEL, 2-LDAP_SCOPE_SUBTREE'''
ldap_group_admin_dn:
type: string
description: Specify the ldap group which have the same privilege with Harbor admin.
project_creation_restriction:
type: string
description: This attribute restricts what users have the permission to create project. It can be "everyone" or "adminonly".
read_only:
type: boolean
description: '''docker push'' is prohibited by Harbor if you set it to true. '
self_registration:
type: boolean
description: 'Whether the Harbor instance supports self-registration. If it''s set to false, admin need to add user to the instance.'
token_expiration:
type: integer
description: 'The expiration time of the token for internal Registry, in minutes.'
verify_remote_cert:
type: boolean
description: Whether or not the certificate will be verified when Harbor tries to access a remote Harbor instance for replication.
scan_all_policy:
type: object
properties:
type:
type: string
description: 'The type of scan all policy, currently the valid values are "none" and "daily"'
parameter:
type: object
properties:
daily_time:
type: integer
description: 'The offest in seconds of UTC 0 o''clock, only valid when the policy type is "daily"'
description: 'The parameters of the policy, the values are dependant on the type of the policy.'
ConfigurationsResponse:
type: object
properties:
auth_mode:
$ref: '#/definitions/StringConfigItem'
description: 'The auth mode of current system, such as "db_auth", "ldap_auth"'
email_from:
$ref: '#/definitions/StringConfigItem'
description: The sender name for Email notification.
email_host:
$ref: '#/definitions/StringConfigItem'
description: The hostname of SMTP server that sends Email notification.
email_port:
$ref: '#/definitions/IntegerConfigItem'
description: The port of SMTP server.
email_identity:
$ref: '#/definitions/StringConfigItem'
description: By default it's empty so the email_username is picked.
email_username:
$ref: '#/definitions/StringConfigItem'
description: The username for authenticate against SMTP server.
email_ssl:
$ref: '#/definitions/BoolConfigItem'
description: 'When it''s set to true the system will access Email server via TLS by default. If it''s set to false, it still will handle "STARTTLS" from server side.'
email_insecure:
$ref: '#/definitions/BoolConfigItem'
description: Whether or not the certificate will be verified when Harbor tries to access the email server.
ldap_url:
$ref: '#/definitions/StringConfigItem'
description: The URL of LDAP server.
ldap_base_dn:
$ref: '#/definitions/StringConfigItem'
description: The Base DN for LDAP binding.
ldap_filter:
$ref: '#/definitions/StringConfigItem'
description: The filter for LDAP binding.
ldap_scope:
type: integer
description: '0-LDAP_SCOPE_BASE, 1-LDAP_SCOPE_ONELEVEL, 2-LDAP_SCOPE_SUBTREE'
ldap_uid:
$ref: '#/definitions/StringConfigItem'
description: 'The attribute which is used as identity for the LDAP binding, such as "CN" or "SAMAccountname"'
ldap_search_dn:
type: string
description: The DN of the user to do the search.
ldap_timeout:
$ref: '#/definitions/IntegerConfigItem'
description: timeout in seconds for connection to LDAP server.
ldap_group_attribute_name:
$ref: '#/definitions/StringConfigItem'
description: 'The attribute which is used as identity of the LDAP group, default is cn.'
ldap_group_base_dn:
$ref: '#/definitions/StringConfigItem'
description: The base DN to search LDAP group.
ldap_group_search_filter:
$ref: '#/definitions/StringConfigItem'
description: The filter to search the ldap group.
ldap_group_search_scope:
$ref: '#/definitions/IntegerConfigItem'
description: 'The scope to search ldap. ''0-LDAP_SCOPE_BASE, 1-LDAP_SCOPE_ONELEVEL, 2-LDAP_SCOPE_SUBTREE'''
ldap_group_admin_dn:
$ref: '#/definitions/StringConfigItem'
description: Specify the ldap group which have the same privilege with Harbor admin.
project_creation_restriction:
$ref: '#/definitions/StringConfigItem'
description: This attribute restricts what users have the permission to create project. It can be "everyone" or "adminonly".
read_only:
$ref: '#/definitions/BoolConfigItem'
description: '''docker push'' is prohibited by Harbor if you set it to true. '
self_registration:
$ref: '#/definitions/BoolConfigItem'
description: 'Whether the Harbor instance supports self-registration. If it''s set to false, admin need to add user to the instance.'
token_expiration:
$ref: '#/definitions/IntegerConfigItem'
description: 'The expiration time of the token for internal Registry, in minutes.'
verify_remote_cert:
$ref: '#/definitions/BoolConfigItem'
description: Whether or not the certificate will be verified when Harbor tries to access a remote Harbor instance for replication.
scan_all_policy:
type: object
properties:
type:
type: string
description: 'The type of scan all policy, currently the valid values are "none" and "daily"'
parameter:
type: object
properties:
daily_time:
type: integer
description: 'The offest in seconds of UTC 0 o''clock, only valid when the policy type is "daily"'
description: 'The parameters of the policy, the values are dependant on the type of the policy.'
Replication:
type: object
properties:
policy_id:
type: integer
description: The ID of replication policy
ReplicationResponse:
type: object
properties:
uuid:
type: string
description: UUID of the replication
RepositoryDescription:
type: object
properties:
description:
type: string
description: The description of the repository.
UpdateJobs:
type: object
properties:
policy_id:
type: integer
description: The ID of replication policy
status:
type: string
description: The status of jobs. The only valid value is stop for now.
Label:
type: object
properties:
id:
type: integer
description: The ID of label.
name:
type: string
description: The name of label.
description:
type: string
description: The description of label.
color:
type: string
description: The color of label.
scope:
type: string
description: 'The scope of label, g for global labels and p for project labels.'
project_id:
type: integer
description: The project ID if the label is a project label.
creation_time:
type: string
description: The creation time of label.
update_time:
type: string
description: The update time of label.
deleted:
type: boolean
description: The label is deleted or not.
ProjectMemberEntity:
type: object
properties:
id:
type: integer
description: the project member id
project_id:
type: integer
description: the project id
entity_name:
type: string
description: the name of the group member.
role_name:
type: string
description: the name of the role
role_id:
type: integer
description: the role id
entity_id:
type: integer
description: 'the id of entity, if the member is an user, it is user_id in user table. if the member is an user group, it is the user group''s ID in user_group table.'
entity_type:
type: string
description: 'the entity''s type, u for user entity, g for group entity.'
ProjectMember:
type: object
properties:
role_id:
type: integer
description: 'The role id 1 for projectAdmin, 2 for developer, 3 for guest, 4 for master'
member_user:
$ref: '#/definitions/UserEntity'
member_group:
$ref: '#/definitions/UserGroup'
RoleRequest:
type: object
properties:
role_id:
type: integer
description: 'The role id 1 for projectAdmin, 2 for developer, 3 for guest, 4 for master'
UserEntity:
type: object
properties:
user_id:
type: integer
description: The ID of the user.
username:
type: string
description: The name of the user.
UserGroup:
type: object
properties:
id:
type: integer
description: The ID of the user group
group_name:
type: string
description: The name of the user group
group_type:
type: integer
description: 'The group type, 1 for LDAP group.'
ldap_group_dn:
type: string
description: The DN of the LDAP group if group type is 1 (LDAP group).
Resource:
type: object
properties:
replication_policies:
type: array
description: The replication policy list.
items:
$ref: '#/definitions/RepPolicy'
StringConfigItem:
type: object
properties:
value:
type: string
description: The string value of current config item
editable:
type: boolean
description: The configure item can be updated or not
BoolConfigItem:
type: object
properties:
value:
type: boolean
description: The boolean value of current config item
editable:
type: boolean
description: The configure item can be updated or not
IntegerConfigItem:
type: object
properties:
value:
type: integer
description: The integer value of current config item
editable:
type: boolean
description: The configure item can be updated or not
ChartAPIError:
description: The error object returned by chart repository API
type: object
required:
- error
properties:
error:
type: string
description: The error message returned by the chart API
UnauthorizedChartAPIError:
description: Unauthorized
type: object
allOf:
- $ref: '#/definitions/ChartAPIError'
ForbiddenChartAPIError:
description: Operation is forbidden
type: object
allOf:
- $ref: '#/definitions/ChartAPIError'
InternalChartAPIError:
description: Internal server error occurred
type: object
allOf:
- $ref: '#/definitions/ChartAPIError'
NotFoundChartAPIError:
description: Not found
type: object
allOf:
- $ref: '#/definitions/ChartAPIError'
InsufficientStorageChartAPIError:
description: Insufficient storage
type: object
allOf:
- $ref: '#/definitions/ChartAPIError'
BadRequestFormatedError:
description: Bad request
type: object
allOf:
- $ref: '#/definitions/ChartAPIError'
ConflictFormatedError:
description: Conflicts
type: object
allOf:
- $ref: '#/definitions/ChartAPIError'
ChartInfoEntry:
type: object
description: The object contains basic chart information
required:
- name
- total_versions
- created
properties:
name:
type: string
description: Name of chart
total_versions:
type: integer
description: Total count of chart versions
latest_version:
type: string
description: latest version of chart
created:
type: string
description: The created time of chart
updated:
type: string
description: The created time of chart
icon:
type: string
description: The icon path of chart
home:
type: string
description: The home website of chart
deprecated:
type: boolean
description: Flag to indicate if the chart is deprecated
ChartInfoList:
type: array
description: The chart list under the project
items:
$ref: '#/definitions/ChartInfoEntry'
ChartMetadata:
type: object
description: The metadata of chart version
required:
- name
- version
- engine
- icon
- apiVersion
- appVersion
properties:
name:
type: string
description: The name of the chart
home:
type: string
description: The URL to the relevant project page
sources:
type: array
description: The URL to the source code of chart
items:
type: string
version:
type: string
description: A SemVer 2 version of chart
description:
type: string
description: A one-sentence description of chart
keywords:
type: array
description: A list of string keywords
items:
type: string
engine:
type: string
description: The name of template engine
icon:
type: string
description: The URL to an icon file
apiVersion:
type: string
description: The API version of this chart
appVersion:
type: string
description: The version of the application enclosed in the chart
deprecated:
type: boolean
description: Whether or not this chart is deprecated
ChartVersion:
type: object
description: A specified chart entry
allOf:
- $ref: '#/definitions/ChartMetadata'
- type: object
properties:
created:
type: string
description: The created time of the chart entry
removed:
type: boolean
description: A flag to indicate if the chart entry is removed
digest:
type: string
description: The digest value of the chart entry
urls:
type: array
description: The urls of the chart entry
items:
type: string
properties:
labels:
$ref: '#/definitions/Labels'
ChartVersions:
type: array
description: A list of chart entry
items:
$ref: '#/definitions/ChartVersion'
DigitalSignature:
type: object
description: The signature of the chart
properties:
signed:
type: boolean
description: A flag to indicate if the chart is signed
prov_file:
type: string
description: The URL of the provance file
SecurityReport:
type: object
description: The security information of the chart
properties:
signature:
$ref: '#/definitions/DigitalSignature'
Dependency:
type: object
description: Another chart the chart depends on
required:
- name
- version
properties:
name:
type: string
description: The name of the chart denpendency
version:
type: string
description: The version of the chart dependency
repository:
type: string
description: The URL to the repository
ChartVersionDetails:
type: object
description: The detailed information of the chart entry
properties:
metadata:
$ref: '#/definitions/ChartVersion'
security:
$ref: '#/definitions/SecurityReport'
dependencies:
type: array
items:
$ref: '#/definitions/Dependency'
values:
type: object
additionalProperties:
type: object
files:
type: object
additionalProperties:
type: string
labels:
$ref: '#/definitions/Labels'
GCResult:
type: object
properties:
id:
type: integer
description: the id of gc job.
job_name:
type: string
description: the job name of gc job.
job_kind:
type: string
description: the job kind of gc job.
schedule:
$ref: '#/definitions/AdminJobScheduleObj'
job_status:
type: string
description: the status of gc job.
deleted:
type: boolean
description: if gc job was deleted.
creation_time:
type: string
description: the creation time of gc job.
update_time:
type: string
description: the update time of gc job.
AdminJobSchedule:
type: object
properties:
schedule:
$ref: '#/definitions/AdminJobScheduleObj'
AdminJobScheduleObj:
type: object
properties:
type:
type: string
description: The schedule type. The valid values are hourly, daily weekly, custom and None. 'None' means to cancel the schedule.
cron:
type: string
description: A cron expression, a time-based job scheduler.
SearchResult:
type: object
description: The chart search result item
properties:
name:
type: string
description: The chart name with repo name
score:
type: integer
description: The matched level
chart:
$ref: '#/definitions/ChartVersion'
Labels:
type: array
description: A list of label
items:
$ref: '#/definitions/Label'
OverallHealthStatus:
type: object
description: The system health status
properties:
status:
type: string
description: The overall health status. It is "healthy" only when all the components' status are "healthy"
components:
type: array
items:
$ref: '#/definitions/ComponentHealthStatus'
ComponentHealthStatus:
type: object
description: The health status of component
properties:
name:
type: string
description: The component name
status:
type: string
description: The health status of component
error:
type: string
description: (optional) The error message when the status is "unhealthy"
RobotAccount:
type: object
description: The object of robot account
properties:
id:
type: integer
description: The id of robot account
name:
type: string
description: The name of robot account
description:
type: string
description: The description of robot account
expires_at:
type: integer
description: The expiration of robot account (in seconds)
project_id:
type: integer
description: The project id of robot account
disabled:
type: boolean
description: The robot account is disable or enable
creation_time:
type: string
description: The creation time of the robot account
update_time:
type: string
description: The update time of the robot account
RobotAccountCreate:
type: object
properties:
name:
type: string
description: The name of robot account
description:
type: string
description: The description of robot account
access:
type: array
description: The permission of robot account
items:
$ref: '#/definitions/RobotAccountAccess'
RobotAccountPostRep:
type: object
properties:
name:
type: string
description: the name of robot account
token:
type: string
description: the token of robot account
RobotAccountAccess:
type: object
properties:
resource:
type: string
description: the resource of harbor
action:
type: string
description: the action to resource that perdefined in harbor rbac
RobotAccountUpdate:
type: object
properties:
disable:
type: boolean
description: The robot account is disable or enable
Permission:
type: object
description: The permission
properties:
resource:
type: string
description: The permission resoruce
action:
type: string
description: The permission action
Reference in New Issue View Git Blame Copy Permalink