mirror of
https://github.com/goharbor/harbor.git
synced 2024-11-24 11:15:24 +01:00
3007 lines
90 KiB
YAML
3007 lines
90 KiB
YAML
swagger: '2.0'
|
|
info:
|
|
title: Harbor API
|
|
description: These APIs provide services for manipulating Harbor project.
|
|
version: 0.3.0
|
|
host: localhost
|
|
schemes:
|
|
- http
|
|
basePath: /api
|
|
produces:
|
|
- application/json
|
|
- text/plain
|
|
consumes:
|
|
- text/plain
|
|
- application/json
|
|
paths:
|
|
/search:
|
|
get:
|
|
summary: Search for projects and repositories
|
|
description: >
|
|
The Search endpoint returns information about the projects and
|
|
repositories
|
|
|
|
offered at public status or related to the current logged in user. The
|
|
|
|
response includes the project and repository list in a proper
|
|
|
|
display order.
|
|
parameters:
|
|
- name: q
|
|
in: query
|
|
description: Search parameter for project and repository name.
|
|
required: true
|
|
type: string
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: An array of search results
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/Search'
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/projects:
|
|
get:
|
|
summary: List projects
|
|
description: >
|
|
This endpoint returns all projects created by Harbor, and can be
|
|
filtered by project name.
|
|
parameters:
|
|
- name: name
|
|
in: query
|
|
description: The name of project.
|
|
required: false
|
|
type: string
|
|
- name: public
|
|
in: query
|
|
description: The project is public or private.
|
|
required: false
|
|
type: boolean
|
|
format: int32
|
|
- name: owner
|
|
in: query
|
|
description: The name of project owner.
|
|
required: false
|
|
type: string
|
|
- name: page
|
|
in: query
|
|
type: integer
|
|
format: int32
|
|
required: false
|
|
description: 'The page nubmer, default is 1.'
|
|
- name: page_size
|
|
in: query
|
|
type: integer
|
|
format: int32
|
|
required: false
|
|
description: 'The size of per page, default is 10, maximum is 100.'
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Return all matched projects.
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/Project'
|
|
headers:
|
|
X-Total-Count:
|
|
description: The total count of projects
|
|
type: integer
|
|
Link:
|
|
description: Link refers to the previous page and next page
|
|
type: string
|
|
'401':
|
|
description: User need to log in first.
|
|
'500':
|
|
description: Internal errors.
|
|
head:
|
|
summary: Check if the project name user provided already exists.
|
|
description: >
|
|
This endpoint is used to check if the project name user provided already
|
|
exist.
|
|
parameters:
|
|
- name: project_name
|
|
in: query
|
|
description: Project name for checking exists.
|
|
required: true
|
|
type: string
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Project name exists.
|
|
'401':
|
|
description: User need to log in first.
|
|
'404':
|
|
description: Project name does not exist.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
post:
|
|
summary: Create a new project.
|
|
description: |
|
|
This endpoint is for user to create a new project.
|
|
parameters:
|
|
- name: project
|
|
in: body
|
|
description: New created project.
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/ProjectReq'
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'201':
|
|
description: Project created successfully.
|
|
'400':
|
|
description: Unsatisfied with constraints of the project creation.
|
|
'401':
|
|
description: User need to log in first.
|
|
'409':
|
|
description: Project name already exists.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
'/projects/{project_id}':
|
|
get:
|
|
summary: Return specific project detail infomation
|
|
description: |
|
|
This endpoint returns specific project information by project ID.
|
|
parameters:
|
|
- name: project_id
|
|
in: path
|
|
description: Project ID for filtering results.
|
|
required: true
|
|
type: integer
|
|
format: int64
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Return matched project information.
|
|
schema:
|
|
$ref: '#/definitions/Project'
|
|
'401':
|
|
description: User need to log in first.
|
|
'500':
|
|
description: Internal errors.
|
|
put:
|
|
summary: Update properties for a selected project.
|
|
description: |
|
|
This endpoint is aimed to update the properties of a project.
|
|
parameters:
|
|
- name: project_id
|
|
in: path
|
|
type: integer
|
|
format: int64
|
|
required: true
|
|
description: Selected project ID.
|
|
- name: project
|
|
in: body
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/Project'
|
|
description: Updates of project.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Updated project properties successfully.
|
|
'400':
|
|
description: Illegal format of provided ID value.
|
|
'401':
|
|
description: User need to log in first.
|
|
'403':
|
|
description: User does not have permission to the project.
|
|
'404':
|
|
description: Project ID does not exist.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
delete:
|
|
summary: Delete project by projectID
|
|
description: |
|
|
This endpoint is aimed to delete project by project ID.
|
|
parameters:
|
|
- name: project_id
|
|
in: path
|
|
description: Project ID of project which will be deleted.
|
|
required: true
|
|
type: integer
|
|
format: int64
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Project is deleted successfully.
|
|
'400':
|
|
description: Invalid project id.
|
|
'403':
|
|
description: User need to log in first.
|
|
'404':
|
|
description: Project does not exist.
|
|
'412':
|
|
description: 'Project contains policies, can not be deleted.'
|
|
'500':
|
|
description: Internal errors.
|
|
'/projects/{project_id}/logs':
|
|
get:
|
|
summary: Get access logs accompany with a relevant project.
|
|
description: >
|
|
This endpoint let user search access logs filtered by operations and
|
|
date time ranges.
|
|
parameters:
|
|
- name: project_id
|
|
in: path
|
|
type: integer
|
|
format: int64
|
|
required: true
|
|
description: Relevant project ID
|
|
- name: username
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: Username of the operator.
|
|
- name: repository
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: The name of repository
|
|
- name: tag
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: The name of tag
|
|
- name: operation
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: The operation
|
|
- name: begin_timestamp
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: The begin timestamp
|
|
- name: end_timestamp
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: The end timestamp
|
|
- name: page
|
|
in: query
|
|
type: integer
|
|
format: int32
|
|
required: false
|
|
description: 'The page nubmer, default is 1.'
|
|
- name: page_size
|
|
in: query
|
|
type: integer
|
|
format: int32
|
|
required: false
|
|
description: 'The size of per page, default is 10, maximum is 100.'
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get access log successfully.
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/AccessLog'
|
|
headers:
|
|
X-Total-Count:
|
|
description: The total count of access logs
|
|
type: integer
|
|
Link:
|
|
description: Link refers to the previous page and next page
|
|
type: string
|
|
'400':
|
|
description: Illegal format of provided ID value.
|
|
'401':
|
|
description: User need to log in first.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
'/projects/{project_id}/metadatas':
|
|
get:
|
|
summary: Get project metadata.
|
|
description: |
|
|
This endpoint returns metadata of the project specified by project ID.
|
|
parameters:
|
|
- name: project_id
|
|
in: path
|
|
description: The ID of project.
|
|
required: true
|
|
type: integer
|
|
format: int64
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get metadata successfully.
|
|
schema:
|
|
$ref: '#/definitions/ProjectMetadata'
|
|
'401':
|
|
description: User need to login first.
|
|
'500':
|
|
description: Internal server errors.
|
|
post:
|
|
summary: Add metadata for the project.
|
|
description: |
|
|
This endpoint is aimed to add metadata of a project.
|
|
parameters:
|
|
- name: project_id
|
|
in: path
|
|
type: integer
|
|
format: int64
|
|
required: true
|
|
description: Selected project ID.
|
|
- name: metadata
|
|
in: body
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/ProjectMetadata'
|
|
description: The metadata of project.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Add metadata successfully.
|
|
'400':
|
|
description: Invalid request.
|
|
'401':
|
|
description: User need to log in first.
|
|
'403':
|
|
description: User does not have permission to the project.
|
|
'404':
|
|
description: Project ID does not exist.
|
|
'500':
|
|
description: Internal server errors.
|
|
'/projects/{project_id}/metadatas/{meta_name}':
|
|
get:
|
|
summary: Get project metadata
|
|
description: |
|
|
This endpoint returns specified metadata of a project.
|
|
parameters:
|
|
- name: project_id
|
|
in: path
|
|
description: Project ID for filtering results.
|
|
required: true
|
|
type: integer
|
|
format: int64
|
|
- name: meta_name
|
|
in: path
|
|
description: The name of metadat.
|
|
required: true
|
|
type: string
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get metadata successfully.
|
|
schema:
|
|
$ref: '#/definitions/ProjectMetadata'
|
|
'401':
|
|
description: User need to log in first.
|
|
'500':
|
|
description: Internal server errors.
|
|
put:
|
|
summary: Update metadata of a project.
|
|
description: |
|
|
This endpoint is aimed to update the metadata of a project.
|
|
parameters:
|
|
- name: project_id
|
|
in: path
|
|
type: integer
|
|
format: int64
|
|
required: true
|
|
description: The ID of project.
|
|
- name: meta_name
|
|
in: path
|
|
description: The name of metadat.
|
|
required: true
|
|
type: string
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Updated metadata successfully.
|
|
'400':
|
|
description: Invalid request.
|
|
'401':
|
|
description: User need to log in first.
|
|
'403':
|
|
description: User does not have permission to the project.
|
|
'404':
|
|
description: Project or metadata does not exist.
|
|
'500':
|
|
description: Internal server errors.
|
|
delete:
|
|
summary: Delete metadata of a project
|
|
description: |
|
|
This endpoint is aimed to delete metadata of a project.
|
|
parameters:
|
|
- name: project_id
|
|
in: path
|
|
description: The ID of project.
|
|
required: true
|
|
type: integer
|
|
format: int64
|
|
- name: meta_name
|
|
in: path
|
|
description: The name of metadat.
|
|
required: true
|
|
type: string
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Metadata is deleted successfully.
|
|
'400':
|
|
description: Invalid requst.
|
|
'403':
|
|
description: User need to log in first.
|
|
'404':
|
|
description: Project or metadata does not exist.
|
|
'500':
|
|
description: Internal server errors.
|
|
'/projects/{project_id}/members/':
|
|
get:
|
|
summary: Return a project's relevant role members.
|
|
description: >
|
|
This endpoint is for user to search a specified project's relevant role
|
|
members.
|
|
parameters:
|
|
- name: project_id
|
|
in: path
|
|
type: integer
|
|
format: int64
|
|
required: true
|
|
description: Relevant project ID.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get project's relevant role members successfully.
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/User'
|
|
'400':
|
|
description: Illegal format of provided ID value.
|
|
'401':
|
|
description: User need to log in first.
|
|
'403':
|
|
description: User in session does not have permission to the project.
|
|
'404':
|
|
description: Project ID does not exist.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
post:
|
|
summary: Add project role member accompany with relevant project and user.
|
|
description: >
|
|
This endpoint is for user to add project role member accompany with
|
|
relevant project and user.
|
|
parameters:
|
|
- name: project_id
|
|
in: path
|
|
type: integer
|
|
format: int64
|
|
required: true
|
|
description: Relevant project ID.
|
|
- name: roles
|
|
in: body
|
|
description: >-
|
|
Role members for adding to relevant project. Only one role is
|
|
supported in the role list.
|
|
schema:
|
|
$ref: '#/definitions/RoleParam'
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Role members added to relevant project successfully.
|
|
'400':
|
|
description: Illegal format of provided ID value.
|
|
'401':
|
|
description: User need to log in first.
|
|
'403':
|
|
description: User in session does not have permission to the project.
|
|
'404':
|
|
description: Project ID or username does not exist.
|
|
'409':
|
|
description: User has already added as a project role member.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
'/projects/{project_id}/members/{user_id}':
|
|
get:
|
|
summary: Return role members accompany with relevant project and user.
|
|
description: >
|
|
This endpoint is for user to get role members accompany with relevant
|
|
project and user.
|
|
parameters:
|
|
- name: project_id
|
|
in: path
|
|
type: integer
|
|
format: int64
|
|
required: true
|
|
description: Relevant project ID
|
|
- name: user_id
|
|
in: path
|
|
type: integer
|
|
format: int
|
|
required: true
|
|
description: Relevant user ID
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get project role members successfully.
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/Role'
|
|
'400':
|
|
description: Illegal format of provided ID value.
|
|
'401':
|
|
description: User need to log in first.
|
|
'403':
|
|
description: User in session does not have permission to the project.
|
|
'404':
|
|
description: Project ID does not exist.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
put:
|
|
summary: Update project role members accompany with relevant project and user.
|
|
description: >
|
|
This endpoint is for user to update current project role members
|
|
accompany with relevant project and user.
|
|
parameters:
|
|
- name: project_id
|
|
in: path
|
|
type: integer
|
|
format: int64
|
|
required: true
|
|
description: Relevant project ID.
|
|
- name: user_id
|
|
in: path
|
|
type: integer
|
|
format: int
|
|
required: true
|
|
description: Relevant user ID.
|
|
- name: roles
|
|
in: body
|
|
schema:
|
|
$ref: '#/definitions/RoleParam'
|
|
description: Updates for roles and username.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Project role members updated successfully.
|
|
'400':
|
|
description: Illegal format of provided ID value.
|
|
'401':
|
|
description: User need to log in first.
|
|
'403':
|
|
description: User in session does not have permission to the project.
|
|
'404':
|
|
description: Project ID does not exist.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
delete:
|
|
summary: Delete project role members accompany with relevant project and user.
|
|
description: >
|
|
This endpoint is aimed to remove project role members already added to
|
|
the relevant project and user.
|
|
parameters:
|
|
- name: project_id
|
|
in: path
|
|
type: integer
|
|
format: int64
|
|
required: true
|
|
description: Relevant project ID.
|
|
- name: user_id
|
|
in: path
|
|
type: integer
|
|
format: int
|
|
required: true
|
|
description: Relevant user ID.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Project role members deleted successfully.
|
|
'400':
|
|
description: Illegal format of provided ID value.
|
|
'401':
|
|
description: User need to log in first.
|
|
'403':
|
|
description: User in session does not have permission to the project.
|
|
'404':
|
|
description: Project ID does not exist.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/statistics:
|
|
get:
|
|
summary: Get projects number and repositories number relevant to the user
|
|
description: >
|
|
This endpoint is aimed to statistic all of the projects number and
|
|
repositories number relevant to the logined user, also the public
|
|
projects number and repositories number. If the user is admin, he can
|
|
also get total projects number and total repositories number.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: >-
|
|
Get the projects number and repositories number relevant to the user
|
|
successfully.
|
|
schema:
|
|
$ref: '#/definitions/StatisticMap'
|
|
'401':
|
|
description: User need to log in first.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/users:
|
|
get:
|
|
summary: Get registered users of Harbor.
|
|
description: >
|
|
This endpoint is for user to search registered users, support for
|
|
filtering results with username.Notice, by now this operation is only
|
|
for administrator.
|
|
parameters:
|
|
- name: username
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: Username for filtering results.
|
|
- name: email
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: Email for filtering results.
|
|
- name: page
|
|
in: query
|
|
type: integer
|
|
format: int32
|
|
required: false
|
|
description: 'The page nubmer, default is 1.'
|
|
- name: page_size
|
|
in: query
|
|
type: integer
|
|
format: int32
|
|
required: false
|
|
description: The size of per page.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Searched for users of Harbor successfully.
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/User'
|
|
'400':
|
|
description: Invalid user ID.
|
|
'401':
|
|
description: User need to log in first.
|
|
'403':
|
|
description: User does not have permission of admin role.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
post:
|
|
summary: Creates a new user account.
|
|
description: |
|
|
This endpoint is to create a user if the user does not already exist.
|
|
parameters:
|
|
- name: user
|
|
in: body
|
|
description: New created user.
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/User'
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'201':
|
|
description: User created successfully.
|
|
'400':
|
|
description: Unsatisfied with constraints of the user creation.
|
|
'403':
|
|
description: >-
|
|
User registration can only be used by admin role user when
|
|
self-registration is off.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/users/current:
|
|
get:
|
|
summary: Get current user info.
|
|
description: |
|
|
This endpoint is to get the current user infomation.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get current user information successfully.
|
|
schema:
|
|
$ref: '#/definitions/User'
|
|
'401':
|
|
description: User need to log in first.
|
|
'/users/{user_id}':
|
|
get:
|
|
summary: Get a user's profile.
|
|
description: |
|
|
Get user's profile with user id.
|
|
parameters:
|
|
- name: user_id
|
|
in: path
|
|
type: integer
|
|
format: int
|
|
required: true
|
|
description: Registered user ID
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get user's profile successfully.
|
|
'400':
|
|
description: Invalid user ID.
|
|
'401':
|
|
description: User need to log in first.
|
|
'403':
|
|
description: User does not have permission of admin role.
|
|
'404':
|
|
description: User ID does not exist.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
put:
|
|
summary: Update a registered user to change his profile.
|
|
description: |
|
|
This endpoint let a registered user change his profile.
|
|
parameters:
|
|
- name: user_id
|
|
in: path
|
|
type: integer
|
|
format: int
|
|
required: true
|
|
description: Registered user ID
|
|
- name: profile
|
|
in: body
|
|
description: 'Only email, realname and comment can be modified.'
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/UserProfile'
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Updated user's profile successfully.
|
|
'400':
|
|
description: Invalid user ID.
|
|
'401':
|
|
description: User need to log in first.
|
|
'403':
|
|
description: User does not have permission of admin role.
|
|
'404':
|
|
description: User ID does not exist.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
delete:
|
|
summary: Mark a registered user as be removed.
|
|
description: |
|
|
This endpoint let administrator of Harbor mark a registered user as
|
|
be removed.It actually won't be deleted from DB.
|
|
parameters:
|
|
- name: user_id
|
|
in: path
|
|
type: integer
|
|
format: int
|
|
required: true
|
|
description: User ID for marking as to be removed.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Marked user as be removed successfully.
|
|
'400':
|
|
description: Invalid user ID.
|
|
'401':
|
|
description: User need to log in first.
|
|
'403':
|
|
description: User does not have permission of admin role.
|
|
'404':
|
|
description: User ID does not exist.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
'/users/{user_id}/password':
|
|
put:
|
|
summary: Change the password on a user that already exists.
|
|
description: >
|
|
This endpoint is for user to update password. Users with the admin role
|
|
can change any user's password. Guest users can change only their own
|
|
password.
|
|
parameters:
|
|
- name: user_id
|
|
in: path
|
|
type: integer
|
|
format: int
|
|
required: true
|
|
description: Registered user ID.
|
|
- name: password
|
|
in: body
|
|
description: Password to be updated.
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/Password'
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Updated password successfully.
|
|
'400':
|
|
description: Invalid user ID; Old password is blank; New password is blank.
|
|
'401':
|
|
description: Don't have authority to change password. Please check login status.
|
|
'403':
|
|
description: Old password is not correct.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
'/users/{user_id}/sysadmin':
|
|
put:
|
|
summary: Update a registered user to change to be an administrator of Harbor.
|
|
description: |
|
|
This endpoint let a registered user change to be an administrator
|
|
of Harbor.
|
|
parameters:
|
|
- name: user_id
|
|
in: path
|
|
type: integer
|
|
format: int
|
|
required: true
|
|
description: Registered user ID
|
|
- name: has_admin_role
|
|
in: body
|
|
description: Toggle a user to admin or not.
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/HasAdminRole'
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Updated user's admin role successfully.
|
|
'400':
|
|
description: Invalid user ID.
|
|
'401':
|
|
description: User need to log in first.
|
|
'403':
|
|
description: User does not have permission of admin role.
|
|
'404':
|
|
description: User ID does not exist.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/repositories:
|
|
get:
|
|
summary: Get repositories accompany with relevant project and repo name.
|
|
description: >
|
|
This endpoint let user search repositories accompanying with relevant
|
|
project ID and repo name.
|
|
parameters:
|
|
- name: project_id
|
|
in: query
|
|
type: integer
|
|
format: int32
|
|
required: true
|
|
description: Relevant project ID.
|
|
- name: q
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: Repo name for filtering results.
|
|
- name: page
|
|
in: query
|
|
type: integer
|
|
format: int32
|
|
required: false
|
|
description: 'The page nubmer, default is 1.'
|
|
- name: page_size
|
|
in: query
|
|
type: integer
|
|
format: int32
|
|
required: false
|
|
description: 'The size of per page, default is 10, maximum is 100.'
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get repositories successfully.
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/Repository'
|
|
headers:
|
|
X-Total-Count:
|
|
description: The total count of repositories
|
|
type: integer
|
|
Link:
|
|
description: Link refers to the previous page and next page
|
|
type: string
|
|
'400':
|
|
description: Invalid project ID.
|
|
'403':
|
|
description: >-
|
|
Project is not public or current user is irrelevant to the
|
|
repository.
|
|
'404':
|
|
description: Project ID does not exist.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
'/repositories/{repo_name}':
|
|
delete:
|
|
summary: Delete a repository.
|
|
description: |
|
|
This endpoint let user delete a repository with name.
|
|
parameters:
|
|
- name: repo_name
|
|
in: path
|
|
type: string
|
|
required: true
|
|
description: The name of repository which will be deleted.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Delete successfully.
|
|
'400':
|
|
description: Invalid repo_name.
|
|
'401':
|
|
description: Unauthorized.
|
|
'403':
|
|
description: Forbidden.
|
|
'404':
|
|
description: Repository not found.
|
|
'/repositories/{repo_name}/tags/{tag}':
|
|
get:
|
|
summary: Get the tag of the repository.
|
|
description: >
|
|
This endpoint aims to retrieve the tag of the repository. If deployed
|
|
with Notary, the signature property of response represents whether the
|
|
image is singed or not. If the property is null, the image is unsigned.
|
|
parameters:
|
|
- name: repo_name
|
|
in: path
|
|
type: string
|
|
required: true
|
|
description: Relevant repository name.
|
|
- name: tag
|
|
in: path
|
|
type: string
|
|
required: true
|
|
description: Tag of the repository.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get tag successfully.
|
|
schema:
|
|
$ref: '#/definitions/DetailedTag'
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
delete:
|
|
summary: Delete a tag in a repository.
|
|
description: |
|
|
This endpoint let user delete tags with repo name and tag.
|
|
parameters:
|
|
- name: repo_name
|
|
in: path
|
|
type: string
|
|
required: true
|
|
description: The name of repository which will be deleted.
|
|
- name: tag
|
|
in: path
|
|
type: string
|
|
required: true
|
|
description: Tag of a repository.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Delete tag successfully.
|
|
'400':
|
|
description: Invalid repo_name.
|
|
'401':
|
|
description: Unauthorized.
|
|
'403':
|
|
description: Forbidden.
|
|
'404':
|
|
description: Repository or tag not found.
|
|
'/repositories/{repo_name}/tags':
|
|
get:
|
|
summary: Get tags of a relevant repository.
|
|
description: >
|
|
This endpoint aims to retrieve tags from a relevant repository. If
|
|
deployed with Notary, the signature property of response represents
|
|
whether the image is singed or not. If the property is null, the image
|
|
is unsigned.
|
|
parameters:
|
|
- name: repo_name
|
|
in: path
|
|
type: string
|
|
required: true
|
|
description: Relevant repository name.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get tags successfully.
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/DetailedTag'
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
'/repositories/{repo_name}/tags/{tag}/manifest':
|
|
get:
|
|
summary: Get manifests of a relevant repository.
|
|
description: |
|
|
This endpoint aims to retreive manifests from a relevant repository.
|
|
parameters:
|
|
- name: repo_name
|
|
in: path
|
|
type: string
|
|
required: true
|
|
description: Repository name
|
|
- name: tag
|
|
in: path
|
|
type: string
|
|
required: true
|
|
description: Tag name
|
|
- name: version
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: >-
|
|
The version of manifest, valid value are "v1" and "v2", default is
|
|
"v2"
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Retrieved manifests from a relevant repository successfully.
|
|
schema:
|
|
$ref: '#/definitions/Manifest'
|
|
'404':
|
|
description: Retrieved manifests from a relevant repository not found.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
'/repositories/{repo_name}/tags/{tag}/scan':
|
|
post:
|
|
summary: Scan the image.
|
|
description: >
|
|
Trigger jobservice to call Clair API to scan the image identified by the
|
|
repo_name and tag. Only project admins have permission to scan images
|
|
under the project.
|
|
parameters:
|
|
- name: repo_name
|
|
in: path
|
|
type: string
|
|
required: true
|
|
description: Repository name
|
|
- name: tag
|
|
in: path
|
|
type: string
|
|
required: true
|
|
description: Tag name
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Successfully created the job to scan image.
|
|
'401':
|
|
description: User needs to login or call the API with correct credentials.
|
|
'403':
|
|
description: User doesn't have permission to perform the action.
|
|
'404':
|
|
description: The image does not exist in Harbor.
|
|
'503':
|
|
description: Harbor is not deployed with Clair.
|
|
/repositories/scanAll:
|
|
post:
|
|
summary: Scan all images of the registry.
|
|
description: >
|
|
The server will launch different jobs to scan each image on the
|
|
regsitry, so this is equivalent to calling the API to scan the image
|
|
one by one in background, so there's no way to track the overall status
|
|
of the "scan all" action. Only system adim has permission to call this
|
|
API.
|
|
parameters:
|
|
- name: project_id
|
|
in: query
|
|
type: integer
|
|
description: When this parm is set only the images under the project identified by the project_id will be scanned.
|
|
responses:
|
|
'202':
|
|
description: >-
|
|
The action is successully taken in the background. If some images
|
|
are failed to scan it will only be reflected in the job status.
|
|
'401':
|
|
description: User needs to login or call the API with correct credentials.
|
|
'403':
|
|
description: User doesn't have permission to perform the action.
|
|
'500':
|
|
description: Failed to initiate the action.
|
|
'503':
|
|
description: Harbor is not deployed with Clair.
|
|
'/repositories/{repo_name}/tags/{tag}/vulnerability/details':
|
|
get:
|
|
summary: Get vulnerability details of the image.
|
|
description: >
|
|
Call Clair API to get the vulnerability based on the previous successful
|
|
scan.
|
|
parameters:
|
|
- name: repo_name
|
|
in: path
|
|
type: string
|
|
required: true
|
|
description: Repository name
|
|
- name: tag
|
|
in: path
|
|
type: string
|
|
required: true
|
|
description: Tag name
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Successfully retrieved the vulnerabilities.
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#definitions/VulnerabilityItem'
|
|
'401':
|
|
description: User needs to login or call the API with correct credentials.
|
|
'403':
|
|
description: User doesn't have permission to perform the action.
|
|
'404':
|
|
description: The image does not exist in Harbor.
|
|
'503':
|
|
description: Harbor is not deployed with Clair.
|
|
'/repositories/{repo_name}/signatures':
|
|
get:
|
|
summary: Get signature information of a repository
|
|
description: >
|
|
This endpoint aims to retrieve signature information of a repository,
|
|
the data is
|
|
|
|
from the nested notary instance of Harbor.
|
|
|
|
If the repository does not have any signature information in notary,
|
|
this API will
|
|
|
|
return an empty list with response code 200, instead of 404
|
|
parameters:
|
|
- name: repo_name
|
|
in: path
|
|
type: string
|
|
required: true
|
|
description: repository name.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Retrieved signatures.
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/RepoSignature'
|
|
'500':
|
|
description: Server side error.
|
|
/repositories/top:
|
|
get:
|
|
summary: Get public repositories which are accessed most.
|
|
description: |
|
|
This endpoint aims to let users see the most popular public repositories
|
|
parameters:
|
|
- name: count
|
|
in: query
|
|
type: integer
|
|
format: int32
|
|
required: false
|
|
description: >-
|
|
The number of the requested public repositories, default is 10 if
|
|
not provided.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get popular repositories successfully.
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/Repository'
|
|
'400':
|
|
description: Bad request because of invalid count.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/logs:
|
|
get:
|
|
summary: Get recent logs of the projects which the user is a member of
|
|
description: >
|
|
This endpoint let user see the recent operation logs of the projects
|
|
which he is member of
|
|
parameters:
|
|
- name: username
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: Username of the operator.
|
|
- name: repository
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: The name of repository
|
|
- name: tag
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: The name of tag
|
|
- name: operation
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: The operation
|
|
- name: begin_timestamp
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: The begin timestamp
|
|
- name: end_timestamp
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: The end timestamp
|
|
- name: page
|
|
in: query
|
|
type: integer
|
|
format: int32
|
|
required: false
|
|
description: 'The page nubmer, default is 1.'
|
|
- name: page_size
|
|
in: query
|
|
type: integer
|
|
format: int32
|
|
required: false
|
|
description: 'The size of per page, default is 10, maximum is 100.'
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get the required logs successfully.
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/AccessLog'
|
|
'400':
|
|
description: Bad request because of invalid parameters.
|
|
'401':
|
|
description: User need to login first.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/jobs/replication:
|
|
get:
|
|
summary: List filters jobs according to the policy and repository
|
|
description: >
|
|
This endpoint let user list filters jobs according to the policy and
|
|
repository. (if start_time and end_time are both null, list jobs of last
|
|
10 days)
|
|
tags:
|
|
- Products
|
|
parameters:
|
|
- name: policy_id
|
|
in: query
|
|
type: integer
|
|
format: int
|
|
required: true
|
|
description: The ID of the policy that triggered this job.
|
|
- name: num
|
|
in: query
|
|
type: integer
|
|
format: int32
|
|
required: false
|
|
description: The return list length number.
|
|
- name: end_time
|
|
in: query
|
|
type: integer
|
|
format: int64
|
|
required: false
|
|
description: The end time of jobs done. (Timestamp)
|
|
- name: start_time
|
|
in: query
|
|
type: integer
|
|
format: int64
|
|
required: false
|
|
description: The start time of jobs. (Timestamp)
|
|
- name: repository
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: The respond jobs list filter by repository name.
|
|
- name: status
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: The respond jobs list filter by status.
|
|
- name: page
|
|
in: query
|
|
type: integer
|
|
format: int32
|
|
required: false
|
|
description: 'The page nubmer, default is 1.'
|
|
- name: page_size
|
|
in: query
|
|
type: integer
|
|
format: int32
|
|
required: false
|
|
description: 'The size of per page, default is 10, maximum is 100.'
|
|
responses:
|
|
'200':
|
|
description: Get the required logs successfully.
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/JobStatus'
|
|
headers:
|
|
X-Total-Count:
|
|
description: The total count of jobs
|
|
type: integer
|
|
Link:
|
|
description: Link refers to the previous page and next page
|
|
type: string
|
|
'400':
|
|
description: Bad request because of invalid parameters.
|
|
'401':
|
|
description: User need to login first.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/jobs/replication/{id}:
|
|
delete:
|
|
summary: Delete specific ID job.
|
|
description: |
|
|
This endpoint is aimed to remove specific ID job from jobservice.
|
|
parameters:
|
|
- name: id
|
|
in: path
|
|
type: integer
|
|
format: int64
|
|
required: true
|
|
description: Delete job ID.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Job deleted successfully.
|
|
'400':
|
|
description: Job ID is invalid or can't remove this job.
|
|
'401':
|
|
description: Only admin has this authority.
|
|
'404':
|
|
description: Project ID does not exist.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/jobs/replication/{id}/log:
|
|
get:
|
|
summary: Get job logs.
|
|
description: |
|
|
This endpoint let user search job logs filtered by specific ID.
|
|
parameters:
|
|
- name: id
|
|
in: path
|
|
type: integer
|
|
format: int64
|
|
required: true
|
|
description: Relevant job ID
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get job log successfully.
|
|
'400':
|
|
description: Illegal format of provided ID value.
|
|
'401':
|
|
description: User need to log in first.
|
|
'404':
|
|
description: The specific repository ID's log does not exist.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/jobs/scan/{id}/log:
|
|
get:
|
|
summary: Get job logs.
|
|
description: |
|
|
This endpoint let user get scan job logs filtered by specific ID.
|
|
parameters:
|
|
- name: id
|
|
in: path
|
|
type: integer
|
|
format: int64
|
|
required: true
|
|
description: Relevant job ID
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get job log successfully.
|
|
'400':
|
|
description: Illegal format of provided ID value.
|
|
'401':
|
|
description: User need to log in first.
|
|
'404':
|
|
description: The specific repository ID's log does not exist.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
|
|
/policies/replication:
|
|
get:
|
|
summary: List filters policies by name and project_id
|
|
description: >
|
|
This endpoint let user list filters policies by name and project_id, if
|
|
name and project_id are nil, list returns all policies
|
|
parameters:
|
|
- name: name
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: The replication's policy name.
|
|
- name: project_id
|
|
in: query
|
|
type: integer
|
|
format: int64
|
|
required: false
|
|
description: Relevant project ID.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get policy successfully.
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/RepPolicy'
|
|
'400':
|
|
description: Invalid project ID.
|
|
'401':
|
|
description: User need to log in first.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
post:
|
|
summary: Post creates a policy
|
|
description: >
|
|
This endpoint let user creates a policy, and if it is enabled, the
|
|
replication will be triggered right now.
|
|
parameters:
|
|
- name: policyinfo
|
|
in: body
|
|
description: Create new policy.
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/RepPolicyPost'
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'201':
|
|
description: Create policy successfully.
|
|
'400':
|
|
description: Invalid project ID or target ID.
|
|
'401':
|
|
description: User need to log in first.
|
|
'409':
|
|
description: >-
|
|
Policy name already used or policy already exists with the same
|
|
project and target.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/policies/replication/{id}:
|
|
get:
|
|
summary: Get replication policy.
|
|
description: |
|
|
This endpoint let user search replication policy by specific ID.
|
|
parameters:
|
|
- name: id
|
|
in: path
|
|
type: integer
|
|
format: int64
|
|
required: true
|
|
description: policy ID
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get job policy successfully.
|
|
schema:
|
|
$ref: '#/definitions/RepPolicy'
|
|
'401':
|
|
description: User need to log in first.
|
|
'404':
|
|
description: The specific repository ID's policy does not exist.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
put:
|
|
summary: 'Put modifies name, description, target and enablement of policy.'
|
|
description: >
|
|
This endpoint let user update policy name, description, target and
|
|
enablement.
|
|
parameters:
|
|
- name: id
|
|
in: path
|
|
type: integer
|
|
format: int64
|
|
required: true
|
|
description: policy ID
|
|
- name: policyupdate
|
|
in: body
|
|
description: 'Update policy name, description, target and enablement.'
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/RepPolicyUpdate'
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Update job policy content successfully.
|
|
'400':
|
|
description: policy is enabled or target does not exist
|
|
'401':
|
|
description: User need to log in first.
|
|
'404':
|
|
description: The specific repository ID's policy does not exist.
|
|
'409':
|
|
description: >-
|
|
Policy name already used or policy already exists with the same
|
|
project and target.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/policies/replication/{id}/enablement:
|
|
put:
|
|
summary: Put modifies enablement of the policy.
|
|
description: |
|
|
This endpoint let user update policy enablement flag.
|
|
parameters:
|
|
- name: id
|
|
in: path
|
|
type: integer
|
|
format: int64
|
|
required: true
|
|
description: policy ID
|
|
- name: enabledflag
|
|
in: body
|
|
description: The policy enablement flag.
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/RepPolicyEnablementReq'
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Update job policy enablement successfully.
|
|
'400':
|
|
description: Invalid enabled value.
|
|
'401':
|
|
description: User need to log in first.
|
|
'404':
|
|
description: The specific repository ID's policy does not exist.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/targets:
|
|
get:
|
|
summary: List filters targets by name.
|
|
description: >
|
|
This endpoint let user list filters targets by name, if name is nil,
|
|
list returns all targets.
|
|
parameters:
|
|
- name: name
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: The replication's target name.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get policy successfully.
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/RepTarget'
|
|
'401':
|
|
description: User need to log in first.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
post:
|
|
summary: Create a new replication target.
|
|
description: |
|
|
This endpoint is for user to create a new replication target.
|
|
parameters:
|
|
- name: reptarget
|
|
in: body
|
|
description: New created replication target.
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/RepTargetPost'
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'201':
|
|
description: Replication target created successfully.
|
|
'400':
|
|
description: Unsatisfied with constraints of the target creation.
|
|
'401':
|
|
description: User need to log in first.
|
|
'409':
|
|
description: Replication target name already exists.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/targets/ping:
|
|
post:
|
|
summary: Ping validates target.
|
|
description: >
|
|
This endpoint is for ping validates whether the target is reachable and
|
|
whether the credential is valid.
|
|
parameters:
|
|
- name: target
|
|
in: body
|
|
description: The target object.
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/PingTarget'
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Ping target successfully.
|
|
'400':
|
|
description: >-
|
|
Target id is invalid/ endpoint is needed/ invaild URL/ network
|
|
issue.
|
|
'401':
|
|
description: >-
|
|
User need to log in first or wrong username/password for remote
|
|
target.
|
|
'404':
|
|
description: Target not found.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
'/targets/{id}/ping':
|
|
post:
|
|
summary: Ping target.
|
|
description: |
|
|
This endpoint is for ping target.
|
|
parameters:
|
|
- name: id
|
|
in: path
|
|
type: integer
|
|
format: int64
|
|
required: true
|
|
description: The replication's target ID.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Ping replication's target successfully.
|
|
'400':
|
|
description: Can not ping target.
|
|
'401':
|
|
description: User need to log in first.
|
|
'404':
|
|
description: Target ID does not exist.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
'/targets/{id}':
|
|
put:
|
|
summary: Update replication's target.
|
|
description: |
|
|
This endpoint is for update specific replication's target.
|
|
parameters:
|
|
- name: id
|
|
in: path
|
|
type: integer
|
|
format: int64
|
|
required: true
|
|
description: The replication's target ID.
|
|
- name: repo_target
|
|
in: body
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/PutTarget'
|
|
description: Updates of replication's target.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Updated replication's target successfully.
|
|
'400':
|
|
description: The target is associated with policy which is enabled.
|
|
'401':
|
|
description: User need to log in first.
|
|
'404':
|
|
description: Target ID does not exist.
|
|
'409':
|
|
description: Target name or endpoint is already used.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
get:
|
|
summary: Get replication's target.
|
|
description: This endpoint is for get specific replication's target.
|
|
tags:
|
|
- Products
|
|
parameters:
|
|
- name: id
|
|
in: path
|
|
type: integer
|
|
format: int64
|
|
required: true
|
|
description: The replication's target ID.
|
|
responses:
|
|
'200':
|
|
description: Get replication's target successfully.
|
|
schema:
|
|
$ref: '#/definitions/RepTarget'
|
|
'401':
|
|
description: User need to log in first.
|
|
'404':
|
|
description: Replication's target not found
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
delete:
|
|
summary: Delete specific replication's target.
|
|
description: |
|
|
This endpoint is for to delete specific replication's target.
|
|
parameters:
|
|
- name: id
|
|
in: path
|
|
type: integer
|
|
format: int64
|
|
required: true
|
|
description: The replication's target ID.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Replication's target deleted successfully.
|
|
'400':
|
|
description: >-
|
|
Replication's target ID is invalid or the target is used by
|
|
policies.
|
|
'401':
|
|
description: Only admin has this authority.
|
|
'404':
|
|
description: Replication's target does not exist.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
'/targets/{id}/policies/':
|
|
get:
|
|
summary: List the target relevant policies.
|
|
description: >
|
|
This endpoint list policies filter with specific replication's target
|
|
ID.
|
|
parameters:
|
|
- name: id
|
|
in: path
|
|
type: integer
|
|
format: int64
|
|
required: true
|
|
description: The replication's target ID.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get relevant policies successfully.
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/RepPolicy'
|
|
'401':
|
|
description: User need to log in first.
|
|
'404':
|
|
description: Replication's target not found
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/internal/syncregistry:
|
|
post:
|
|
summary: Sync repositories from registry to DB.
|
|
description: >
|
|
This endpoint is for syncing all repositories of registry with
|
|
database.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Sync repositories successfully.
|
|
'401':
|
|
description: User need to log in first.
|
|
'403':
|
|
description: User does not have permission of admin role.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/systeminfo:
|
|
get:
|
|
summary: Get general system info
|
|
description: >
|
|
This API is for retrieving general system info, this can be called by
|
|
anonymous request.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get general info successfully.
|
|
schema:
|
|
type: object
|
|
items:
|
|
$ref: '#/definitions/GeneralInfo'
|
|
'500':
|
|
description: Unexpected internal error.
|
|
/systeminfo/volumes:
|
|
get:
|
|
summary: Get system volume info (total/free size).
|
|
description: >
|
|
This endpoint is for retrieving system volume info that only provides
|
|
for admin user.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get system volumes successfully.
|
|
schema:
|
|
type: object
|
|
items:
|
|
$ref: '#/definitions/SystemInfo'
|
|
'401':
|
|
description: User need to log in first.
|
|
'403':
|
|
description: User does not have permission of admin role.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/systeminfo/getcert:
|
|
get:
|
|
summary: Get default root certificate under OVA deployment.
|
|
description: >
|
|
This endpoint is for downloading a default root certificate that only
|
|
provides for admin user under OVA deployment.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get default root certificate successfully.
|
|
'401':
|
|
description: User need to log in first.
|
|
'403':
|
|
description: User does not have permission of admin role.
|
|
'404':
|
|
description: Not found the default root certificate.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/ldap/ping:
|
|
post:
|
|
summary: Ping available ldap service.
|
|
description: >
|
|
This endpoint ping the available ldap service for test related
|
|
configuration parameters.
|
|
parameters:
|
|
- name: ldapconf
|
|
in: body
|
|
description: >-
|
|
ldap configuration. support input ldap service configuration. If
|
|
it's a empty request, will load current configuration from the
|
|
system.
|
|
required: false
|
|
schema:
|
|
$ref: '#/definitions/LdapConf'
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Ping ldap service successfully.
|
|
'400':
|
|
description: Inviald ldap configuration parameters.
|
|
'401':
|
|
description: User need to login first.
|
|
'403':
|
|
description: Only admin has this authority.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/ldap/users/search:
|
|
post:
|
|
summary: Search available ldap users.
|
|
description: >
|
|
This endpoint searches the available ldap users based on related
|
|
configuration parameters. Support searched by input ladp configuration,
|
|
load configuration from the system and specific filter.
|
|
parameters:
|
|
- name: username
|
|
in: query
|
|
type: string
|
|
required: false
|
|
description: Registered user ID
|
|
- name: ldap_conf
|
|
in: body
|
|
description: >-
|
|
ldap search configuration. ldapconf field can input ldap service
|
|
configuration. If this item are blank, will load default
|
|
configuration will load current configuration from the system.
|
|
required: false
|
|
schema:
|
|
$ref: '#/definitions/LdapConf'
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Search ldap users successfully.
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/LdapUsers'
|
|
'400':
|
|
description: Inviald ldap configuration parameters.
|
|
'401':
|
|
description: User need to login first.
|
|
'403':
|
|
description: Only admin has this authority.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/ldap/users/import:
|
|
post:
|
|
summary: Import selected available ldap users.
|
|
description: >
|
|
This endpoint adds the selected available ldap users to harbor based on
|
|
related configuration parameters from the system. System will try to
|
|
guess the user email address and realname, add to harbor user
|
|
information.
|
|
|
|
If have errors when import user, will return the list of importing
|
|
failed uid and the failed reason.
|
|
parameters:
|
|
- name: uid_list
|
|
in: body
|
|
description: >-
|
|
The uid listed for importing. This list will check users validity of
|
|
ldap service based on configuration from the system.
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/LdapImportUsers'
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Add ldap users successfully.
|
|
'401':
|
|
description: User need to login first.
|
|
'403':
|
|
description: Only admin has this authority.
|
|
'500':
|
|
description: Failed import some users.
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/LdapFailedImportUsers'
|
|
/configurations:
|
|
get:
|
|
summary: Get system configurations.
|
|
description: >
|
|
This endpoint is for retrieving system configurations that only provides
|
|
for admin user.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Get system configurations successfully. The response body is a map.
|
|
schema:
|
|
$ref: '#/definitions/Configurations'
|
|
'401':
|
|
description: User need to log in first.
|
|
'403':
|
|
description: User does not have permission of admin role.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
put:
|
|
summary: Modify system configurations.
|
|
description: >
|
|
This endpoint is for modifying system configurations that only provides
|
|
for admin user.
|
|
tags:
|
|
- Products
|
|
parameters:
|
|
- name: configurations
|
|
in: body
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/Configurations'
|
|
description: The configuration map can contain a subset of the attributes of the schema, which are to be updated.
|
|
responses:
|
|
'200':
|
|
description: Modify system configurations successfully.
|
|
'401':
|
|
description: User need to log in first.
|
|
'403':
|
|
description: User does not have permission of admin role.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/configurations/reset:
|
|
post:
|
|
summary: Reset system configurations.
|
|
description: >
|
|
Reset system configurations from environment variables. Can only be
|
|
accessed by admin user.
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Reset system configurations successfully.
|
|
'401':
|
|
description: User need to log in first.
|
|
'403':
|
|
description: User does not have permission of admin role.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
/email/ping:
|
|
post:
|
|
summary: Test connection and authentication with email server.
|
|
description: |
|
|
Test connection and authentication with email server.
|
|
parameters:
|
|
- name: settings
|
|
in: body
|
|
description: >-
|
|
Email server settings, if some of the settings are not assigned,
|
|
they will be read from system configuration.
|
|
required: false
|
|
schema:
|
|
$ref: '#/definitions/EmailServerSetting'
|
|
tags:
|
|
- Products
|
|
responses:
|
|
'200':
|
|
description: Ping email server successfully.
|
|
'400':
|
|
description: Inviald email server settings.
|
|
'401':
|
|
description: User need to login first.
|
|
'403':
|
|
description: Only admin has this authority.
|
|
'500':
|
|
description: Unexpected internal errors.
|
|
definitions:
|
|
Search:
|
|
type: object
|
|
properties:
|
|
projects:
|
|
description: Search results of the projects that matched the filter keywords.
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/Project'
|
|
repositories:
|
|
description: Search results of the repositories that matched the filter keywords.
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/SearchRepository'
|
|
SearchRepository:
|
|
type: object
|
|
properties:
|
|
project_id:
|
|
type: integer
|
|
description: The ID of the project that the repository belongs to
|
|
project_name:
|
|
type: string
|
|
description: The name of the project that the repository belongs to
|
|
project_public:
|
|
type: integer
|
|
description: >-
|
|
The flag to indicate the publicity of the project that the repository
|
|
belongs to (1 is public, 0 is not)
|
|
repository_name:
|
|
type: string
|
|
description: The name of the repository
|
|
pull_count:
|
|
type: integer
|
|
description: The count how many times the repository is pulled
|
|
tags_count:
|
|
type: integer
|
|
description: The count of tags in the repository
|
|
ProjectReq:
|
|
type: object
|
|
properties:
|
|
project_name:
|
|
type: string
|
|
description: The name of the project.
|
|
public:
|
|
type: integer
|
|
format: int
|
|
description: The public status of the project.
|
|
enable_content_trust:
|
|
type: boolean
|
|
description: >-
|
|
Whether content trust is enabled or not. If it is enabled, user cann't
|
|
pull unsigned images from this project.
|
|
prevent_vulnerable_images_from_running:
|
|
type: boolean
|
|
description: Whether prevent the vulnerable images from running.
|
|
prevent_vulnerable_images_from_running_severity:
|
|
type: string
|
|
description: >-
|
|
If the vulnerability is high than severity defined here, the images
|
|
cann't be pulled.
|
|
automatically_scan_images_on_push:
|
|
type: boolean
|
|
description: Whether scan images automatically when pushing.
|
|
Project:
|
|
type: object
|
|
properties:
|
|
project_id:
|
|
type: integer
|
|
format: int32
|
|
description: Project ID
|
|
owner_id:
|
|
type: integer
|
|
format: int32
|
|
description: The owner ID of the project always means the creator of the project.
|
|
name:
|
|
type: string
|
|
description: The name of the project.
|
|
creation_time:
|
|
type: string
|
|
description: The creation time of the project.
|
|
update_time:
|
|
type: string
|
|
description: The update time of the project.
|
|
deleted:
|
|
type: integer
|
|
format: int32
|
|
description: 'A deletion mark of the project (1 means it''s deleted, 0 is not)'
|
|
owner_name:
|
|
type: string
|
|
description: The owner name of the project.
|
|
Togglable:
|
|
type: boolean
|
|
description: >-
|
|
Correspond to the UI about whether the project's publicity is
|
|
updatable (for UI)
|
|
current_user_role_id:
|
|
type: integer
|
|
description: The role ID of the current user who triggered the API (for UI)
|
|
repo_count:
|
|
type: integer
|
|
description: The number of the repositories under this project.
|
|
metadata:
|
|
type: object
|
|
description: The metadata of the project.
|
|
items:
|
|
$ref: '#/definitions/ProjectMetadata'
|
|
ProjectMetadata:
|
|
type: object
|
|
properties:
|
|
public:
|
|
type: integer
|
|
format: int
|
|
description: The public status of the project.
|
|
enable_content_trust:
|
|
type: boolean
|
|
description: >-
|
|
Whether content trust is enabled or not. If it is enabled, user cann't
|
|
pull unsigned images from this project.
|
|
prevent_vulnerable_images_from_running:
|
|
type: boolean
|
|
description: Whether prevent the vulnerable images from running.
|
|
prevent_vulnerable_images_from_running_severity:
|
|
type: string
|
|
description: >-
|
|
If the vulnerability is high than severity defined here, the images
|
|
cann't be pulled.
|
|
automatically_scan_images_on_push:
|
|
type: boolean
|
|
description: Whether scan images automatically when pushing.
|
|
Manifest:
|
|
type: object
|
|
properties:
|
|
manifest:
|
|
type: object
|
|
description: The detail of manifest.
|
|
config:
|
|
type: string
|
|
description: The config of the repository.
|
|
User:
|
|
type: object
|
|
properties:
|
|
user_id:
|
|
type: integer
|
|
format: int
|
|
description: The ID of the user.
|
|
username:
|
|
type: string
|
|
email:
|
|
type: string
|
|
password:
|
|
type: string
|
|
realname:
|
|
type: string
|
|
comment:
|
|
type: string
|
|
deleted:
|
|
type: integer
|
|
format: int32
|
|
role_name:
|
|
type: string
|
|
role_id:
|
|
type: integer
|
|
format: int
|
|
has_admin_role:
|
|
type: integer
|
|
format: int
|
|
reset_uuid:
|
|
type: string
|
|
Salt:
|
|
type: string
|
|
creation_time:
|
|
type: string
|
|
update_time:
|
|
type: string
|
|
Password:
|
|
type: object
|
|
properties:
|
|
old_password:
|
|
type: string
|
|
description: The user's existing password.
|
|
new_password:
|
|
type: string
|
|
description: New password for marking as to be updated.
|
|
AccessLog:
|
|
type: object
|
|
properties:
|
|
log_id:
|
|
type: integer
|
|
description: The ID of the log entry.
|
|
username:
|
|
type: string
|
|
description: Username of the user in this log entry.
|
|
repo_name:
|
|
type: string
|
|
description: Name of the repository in this log entry.
|
|
repo_tag:
|
|
type: string
|
|
description: Tag of the repository in this log entry.
|
|
operation:
|
|
type: string
|
|
description: The operation against the repository in this log entry.
|
|
op_time:
|
|
type: string
|
|
description: The time when this operation is triggered.
|
|
Role:
|
|
type: object
|
|
properties:
|
|
role_id:
|
|
type: integer
|
|
format: int32
|
|
description: ID in table.
|
|
role_code:
|
|
type: string
|
|
description: Description of permissions for the role.
|
|
role_name:
|
|
type: string
|
|
description: Name the the role.
|
|
role_mask:
|
|
type: string
|
|
RoleParam:
|
|
type: object
|
|
properties:
|
|
roles:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
format: int32
|
|
description: Role ID for updating project role member.
|
|
username:
|
|
type: string
|
|
description: Username relevant to a project role member.
|
|
StatisticMap:
|
|
type: object
|
|
properties:
|
|
private_project_count:
|
|
type: integer
|
|
format: int32
|
|
description: The count of the private projects which the user is a member of.
|
|
private_repo_count:
|
|
type: integer
|
|
format: int32
|
|
description: >-
|
|
The count of the private repositories belonging to the projects which
|
|
the user is a member of.
|
|
public_project_count:
|
|
type: integer
|
|
format: int32
|
|
description: The count of the public projects.
|
|
public_repo_count:
|
|
type: integer
|
|
format: int32
|
|
description: >-
|
|
The count of the public repositories belonging to the public projects
|
|
which the user is a member of.
|
|
total_project_count:
|
|
type: integer
|
|
format: int32
|
|
description: 'The count of the total projects, only be seen when the is admin.'
|
|
total_repo_count:
|
|
type: integer
|
|
format: int32
|
|
description: >-
|
|
The count of the total repositories, only be seen when the user is
|
|
admin.
|
|
JobStatus:
|
|
type: object
|
|
properties:
|
|
id:
|
|
type: integer
|
|
format: int64
|
|
description: The job ID.
|
|
status:
|
|
type: string
|
|
description: The status of the job.
|
|
repository:
|
|
type: string
|
|
description: The repository handled by the job.
|
|
policy_id:
|
|
type: integer
|
|
format: int64
|
|
description: The ID of the policy that triggered this job.
|
|
operation:
|
|
type: string
|
|
description: The operation of the job.
|
|
tags:
|
|
type: array
|
|
description: The repository's used tag list.
|
|
items:
|
|
$ref: '#/definitions/Tags'
|
|
creation_time:
|
|
type: string
|
|
description: The creation time of the job.
|
|
update_time:
|
|
type: string
|
|
description: The update time of the job.
|
|
Tags:
|
|
type: object
|
|
properties:
|
|
tag:
|
|
type: string
|
|
description: The repository's used tag.
|
|
RepPolicy:
|
|
type: object
|
|
properties:
|
|
id:
|
|
type: integer
|
|
format: int64
|
|
description: The policy ID.
|
|
project_id:
|
|
type: integer
|
|
format: int64
|
|
description: The project ID.
|
|
project_name:
|
|
type: string
|
|
description: The project name.
|
|
target_id:
|
|
type: integer
|
|
format: int64
|
|
description: The target ID.
|
|
name:
|
|
type: string
|
|
description: The policy name.
|
|
enabled:
|
|
type: integer
|
|
format: int
|
|
description: The policy's enabled status.
|
|
description:
|
|
type: string
|
|
description: The description of the policy.
|
|
trigger:
|
|
type: object
|
|
description: The trigger for schedule job.
|
|
items:
|
|
$ref: '#/definitions/RepTrigger'
|
|
filters:
|
|
type: array
|
|
description: The replication policy filter array.
|
|
items:
|
|
$ref: '#/definitions/RepFilter'
|
|
replicate_existing_image_now:
|
|
type: string
|
|
description: Whether to replicate the existing images now.
|
|
replicate_deletion:
|
|
type: string
|
|
description: Whether to replicate the deletion operation.
|
|
start_time:
|
|
type: string
|
|
description: The start time of the policy.
|
|
creation_time:
|
|
type: string
|
|
description: The create time of the policy.
|
|
update_time:
|
|
type: string
|
|
description: The update time of the policy.
|
|
error_job_count:
|
|
format: int
|
|
description: The error job count number for the policy.
|
|
deleted:
|
|
type: integer
|
|
RepPolicyPost:
|
|
type: object
|
|
properties:
|
|
project_id:
|
|
type: integer
|
|
format: int64
|
|
description: The project ID.
|
|
target_id:
|
|
type: integer
|
|
format: int64
|
|
description: The target ID.
|
|
name:
|
|
type: string
|
|
description: The policy name.
|
|
trigger:
|
|
type: object
|
|
description: The trigger for schedule job.
|
|
items:
|
|
$ref: '#/definitions/RepTrigger'
|
|
filters:
|
|
type: array
|
|
description: The replication policy filter array.
|
|
items:
|
|
$ref: '#/definitions/RepFilter'
|
|
replicate_existing_image_now:
|
|
type: string
|
|
description: Whether to replicate the existing images now.
|
|
replicate_deletion:
|
|
type: string
|
|
description: Whether replication deletion operation.
|
|
enabled:
|
|
type: integer
|
|
format: int
|
|
description: '1-enable, 0-disable'
|
|
RepPolicyUpdate:
|
|
type: object
|
|
properties:
|
|
target_id:
|
|
type: integer
|
|
format: int64
|
|
description: The target ID.
|
|
name:
|
|
type: string
|
|
description: The policy name.
|
|
enabled:
|
|
type: integer
|
|
format: int
|
|
description: The policy's enabled status.
|
|
description:
|
|
type: string
|
|
description: The description of the policy.
|
|
trigger:
|
|
type: object
|
|
description: The trigger for schedule job.
|
|
items:
|
|
$ref: '#/definitions/RepTrigger'
|
|
filters:
|
|
type: array
|
|
description: The replication policy filter array.
|
|
items:
|
|
$ref: '#/definitions/RepFilter'
|
|
replicate_existing_image_now:
|
|
type: string
|
|
description: Whether to replicate the existing images now.
|
|
replicate_deletion:
|
|
type: string
|
|
description: Whether replication deletion operation.
|
|
RepTrigger:
|
|
type: object
|
|
properties:
|
|
type:
|
|
type: string
|
|
description: The replication policy trigger type.
|
|
params:
|
|
type: object
|
|
description: The map is the replication policy trigger parameters.
|
|
RepFilter:
|
|
type: object
|
|
properties:
|
|
type:
|
|
type: string
|
|
description: The replication policy filter type.
|
|
value:
|
|
type: string
|
|
description: The replication policy filter value.
|
|
RepPolicyEnablementReq:
|
|
type: object
|
|
properties:
|
|
enabled:
|
|
type: integer
|
|
format: int
|
|
description: The policy enablement flag.
|
|
RepTarget:
|
|
type: object
|
|
properties:
|
|
id:
|
|
type: integer
|
|
format: int64
|
|
description: The target ID.
|
|
endpoint:
|
|
type: string
|
|
description: The target address URL string.
|
|
name:
|
|
type: string
|
|
description: The target name.
|
|
username:
|
|
type: string
|
|
description: The target server username.
|
|
password:
|
|
type: string
|
|
description: The target server password.
|
|
type:
|
|
type: integer
|
|
format: int
|
|
description: Reserved field.
|
|
insecure:
|
|
type: boolean
|
|
description: Whether or not the certificate will be verified when Harbor tries to access the server.
|
|
creation_time:
|
|
type: string
|
|
description: The create time of the policy.
|
|
update_time:
|
|
type: string
|
|
description: The update time of the policy.
|
|
RepTargetPost:
|
|
type: object
|
|
properties:
|
|
endpoint:
|
|
type: string
|
|
description: The target address URL string.
|
|
name:
|
|
type: string
|
|
description: The target name.
|
|
username:
|
|
type: string
|
|
description: The target server username.
|
|
password:
|
|
type: string
|
|
description: The target server password.
|
|
insecure:
|
|
type: boolean
|
|
description: Whether or not the certificate will be verified when Harbor tries to access the server.
|
|
PingTarget:
|
|
type: object
|
|
properties:
|
|
endpoint:
|
|
type: string
|
|
description: The target address URL string.
|
|
username:
|
|
type: string
|
|
description: The target server username.
|
|
password:
|
|
type: string
|
|
description: The target server password.
|
|
insecure:
|
|
type: boolean
|
|
description: Whether or not the certificate will be verified when Harbor tries to access the server.
|
|
PutTarget:
|
|
type: object
|
|
properties:
|
|
name:
|
|
type: string
|
|
description: The target name.
|
|
endpoint:
|
|
type: string
|
|
description: The target address URL string.
|
|
username:
|
|
type: string
|
|
description: The target server username.
|
|
password:
|
|
type: string
|
|
description: The target server password.
|
|
insecure:
|
|
type: boolean
|
|
description: Whether or not the certificate will be verified when Harbor tries to access the server.
|
|
HasAdminRole:
|
|
type: object
|
|
properties:
|
|
has_admin_role:
|
|
type: integer
|
|
description: '1-has admin, 0-not.'
|
|
UserProfile:
|
|
type: object
|
|
properties:
|
|
email:
|
|
type: string
|
|
description: The new email.
|
|
realname:
|
|
type: string
|
|
description: The new realname.
|
|
comment:
|
|
type: string
|
|
description: The new comment.
|
|
Storage:
|
|
type: object
|
|
properties:
|
|
total:
|
|
type: integer
|
|
format: int64
|
|
description: Total volume size.
|
|
free:
|
|
type: integer
|
|
format: int64
|
|
description: Free volume size.
|
|
GeneralInfo:
|
|
type: object
|
|
properties:
|
|
with_notary:
|
|
type: boolean
|
|
description: If the Harbor instance is deployed with nested notary.
|
|
with_clair:
|
|
type: boolean
|
|
description: If the Harbor instance is deployed with nested clair.
|
|
with_admiral:
|
|
type: boolean
|
|
description: If the Harbor instance is deployed with Admiral.
|
|
admiral_endpoint:
|
|
type: string
|
|
description: The url of the endpoint of admiral instance.
|
|
auth_mode:
|
|
type: string
|
|
description: The auth mode of current Harbor instance.
|
|
project_creation_restriction:
|
|
type: string
|
|
description: >-
|
|
Indicate who can create projects, it could be 'adminonly' or
|
|
'everyone'.
|
|
self_registration:
|
|
type: boolean
|
|
description: Indicate whether the Harbor instance enable user to register himself.
|
|
has_ca_root:
|
|
type: boolean
|
|
description: >-
|
|
Indicate whether there is a ca root cert file ready for download in
|
|
the file system.
|
|
harbor_version:
|
|
type: string
|
|
description: The build version of Harbor.
|
|
next_scan_all:
|
|
type: integer
|
|
description: >-
|
|
The UTC time in milliseconds, after which user can call scanAll API to
|
|
scan all images.
|
|
clair_vulnerability_status:
|
|
type: object
|
|
description: The status of vulnerability data of Clair.
|
|
properties:
|
|
overall_last_update:
|
|
type: integer
|
|
description: >-
|
|
The UTC timestamp in milliseconds of last successful update for
|
|
Clair vulnerability data, when all the updaters are successfully
|
|
executed.
|
|
details:
|
|
type: array
|
|
description: >-
|
|
Detail timestamp of different namespace. This is introduced to
|
|
handle the case when some updaters are executed successfully and
|
|
some not.
|
|
items:
|
|
$ref: '#/definitions/VulnNamespaceTimestamp'
|
|
VulnNamespaceTimestamp:
|
|
type: object
|
|
properties:
|
|
namespace:
|
|
type: string
|
|
description: The namespace of the Vulnerability
|
|
last_update:
|
|
type: integer
|
|
description: >-
|
|
The UTC timestamp in miliseconds of last successful update for
|
|
vulnerability data.
|
|
SystemInfo:
|
|
type: object
|
|
properties:
|
|
storage:
|
|
type: array
|
|
description: The storage of system.
|
|
items:
|
|
$ref: '#/definitions/Storage'
|
|
LdapConf:
|
|
type: object
|
|
properties:
|
|
ldap_url:
|
|
type: string
|
|
description: The url of ldap service.
|
|
ldap_search_dn:
|
|
type: string
|
|
description: The search dn of ldap service.
|
|
ldap_search_password:
|
|
type: string
|
|
description: The search password of ldap service.
|
|
ldap_base_dn:
|
|
type: string
|
|
description: The base dn of ldap service.
|
|
ldap_filter:
|
|
type: string
|
|
description: The serach filter of ldap service.
|
|
ldap_uid:
|
|
type: string
|
|
description: The serach uid from ldap service attributes.
|
|
ldap_scope:
|
|
type: integer
|
|
format: int64
|
|
description: The serach scope of ldap service.
|
|
ldap_connection_timeout:
|
|
type: integer
|
|
format: int64
|
|
description: The connect timeout of ldap service(second).
|
|
LdapUsers:
|
|
type: object
|
|
properties:
|
|
ldap_username:
|
|
type: string
|
|
description: search ldap user name based on ldapconf.
|
|
ldap_realname:
|
|
type: string
|
|
description: >-
|
|
system will try to guess the user realname form "uid" or "cn"
|
|
attribute.
|
|
ldap_email:
|
|
type: string
|
|
description: >-
|
|
system will try to guess the user email address form "mail" or "email"
|
|
attribute.
|
|
LdapImportUsers:
|
|
type: object
|
|
properties:
|
|
ldap_uid_list:
|
|
type: array
|
|
description: selected uid list
|
|
items:
|
|
type: string
|
|
LdapFailedImportUsers:
|
|
type: object
|
|
properties:
|
|
ldap_uid:
|
|
type: string
|
|
description: the uid can't add to system.
|
|
error:
|
|
type: string
|
|
description: fail reason.
|
|
EmailServerSetting:
|
|
type: object
|
|
properties:
|
|
email_host:
|
|
type: string
|
|
description: The host of email server.
|
|
email_port:
|
|
type: integer
|
|
description: The port of email server.
|
|
email_username:
|
|
type: string
|
|
description: The username of email server.
|
|
email_password:
|
|
type: string
|
|
description: The password of email server.
|
|
email_ssl:
|
|
type: boolean
|
|
description: Use ssl/tls or not.
|
|
email_identity:
|
|
type: string
|
|
description: The dentity of email server.
|
|
RepoSignature:
|
|
type: object
|
|
properties:
|
|
tag:
|
|
type: string
|
|
description: The tag of image.
|
|
hashes:
|
|
type: object
|
|
description: The JSON object of the hash of the image.
|
|
DetailedTag:
|
|
type: object
|
|
properties:
|
|
digest:
|
|
type: string
|
|
description: The digest of the tag.
|
|
name:
|
|
type: string
|
|
description: The name of the tag.
|
|
size:
|
|
type: integer
|
|
description: The size of the image.
|
|
architecture:
|
|
type: string
|
|
description: The architecture of the image.
|
|
os:
|
|
type: string
|
|
description: The os of the image.
|
|
docker_version:
|
|
type: string
|
|
description: The version of docker which builds the image.
|
|
author:
|
|
type: string
|
|
description: The author of the image.
|
|
created:
|
|
type: string
|
|
description: The build time of the image.
|
|
signature:
|
|
type: object
|
|
description: >-
|
|
The signature of image, defined by RepoSignature. If it is null, the
|
|
image is unsigned.
|
|
scan_overview:
|
|
type: object
|
|
description: The overview of the scan result. This is an optional property.
|
|
properties:
|
|
digest:
|
|
type: string
|
|
description: The digest of the image.
|
|
scan_status:
|
|
type: string
|
|
description: >-
|
|
The status of the scan job, it can be "pendnig", "running",
|
|
"finished", "error".
|
|
job_id:
|
|
type: integer
|
|
description: The ID of the job on jobservice to scan the image.
|
|
severity:
|
|
type: integer
|
|
description: '0-Not scanned, 1-Negligible, 2-Unknown, 3-Low, 4-Medium, 5-High'
|
|
details_key:
|
|
type: string
|
|
description: >-
|
|
The top layer name of this image in Clair, this is for calling
|
|
Clair API to get the vulnerability list of this image.
|
|
components:
|
|
type: object
|
|
description: The components overview of the image.
|
|
properties:
|
|
total:
|
|
type: integer
|
|
description: Total number of the components in this image.
|
|
summary:
|
|
description: List of number of components of different severities.
|
|
type: array
|
|
items:
|
|
$ref: '#/definitions/ComponentOverviewEntry'
|
|
ComponentOverviewEntry:
|
|
type: object
|
|
properties:
|
|
severity:
|
|
type: integer
|
|
description: '1-None/Negligible, 2-Unknown, 3-Low, 4-Medium, 5-High'
|
|
count:
|
|
type: integer
|
|
description: number of the components with certain severity.
|
|
Repository:
|
|
type: object
|
|
properties:
|
|
id:
|
|
type: integer
|
|
description: The ID of repository.
|
|
name:
|
|
type: string
|
|
description: The name of repository.
|
|
project_id:
|
|
type: integer
|
|
description: The project ID of repository.
|
|
description:
|
|
type: string
|
|
description: The description of repository.
|
|
pull_count:
|
|
type: integer
|
|
description: The pull count of repository.
|
|
star_count:
|
|
type: integer
|
|
description: The star count of repository.
|
|
tags_count:
|
|
type: integer
|
|
description: The tags count of repository.
|
|
creation_time:
|
|
type: string
|
|
description: The creation time of repository.
|
|
update_time:
|
|
type: string
|
|
description: The update time of repository.
|
|
VulnerabilityItem:
|
|
type: object
|
|
properties:
|
|
id:
|
|
type: string
|
|
description: 'ID of the vulnerability, normally it is the CVE ID'
|
|
severity:
|
|
type: integer
|
|
description: '1-Negligible, 2-Unknown, 3-Low, 4-Medium, 5-High'
|
|
package:
|
|
type: string
|
|
description: The packge that introduces the vulnerability.
|
|
version:
|
|
type: string
|
|
description: The version of the package.
|
|
description:
|
|
type: string
|
|
description: The description of the vulnerability.
|
|
fixedVersion:
|
|
type: string
|
|
description: >-
|
|
The version which the vulnerability is fixed, this is an optional
|
|
property.
|
|
Configurations:
|
|
type: object
|
|
properties:
|
|
auth_mode:
|
|
type: string
|
|
description: The auth mode of current system, such as "db_auth", "ldap_auth"
|
|
email_from:
|
|
type: string
|
|
description: The sender name for Email notification.
|
|
email_host:
|
|
type: string
|
|
description: The hostname of SMTP server that sends Email notification.
|
|
email_port:
|
|
type: integer
|
|
description: The port of SMTP server.
|
|
email_identity:
|
|
type: string
|
|
description: By default it's empty so the email_username is picked.
|
|
email_username:
|
|
type: string
|
|
description: The username for authenticate against SMTP server.
|
|
email_ssl:
|
|
type: boolean
|
|
description: When it's set to true the system will access Email server via TLS by default. If it's set to false, it still will handle "STARTTLS" from server side.
|
|
email_insecure:
|
|
type: boolean
|
|
description: Whether or not the certificate will be verified when Harbor tries to access the email server.
|
|
ldap_url:
|
|
type: string
|
|
description: The URL of LDAP server.
|
|
ldap_base_dn:
|
|
type: string
|
|
description: The Base DN for LDAP binding.
|
|
ldap_filter:
|
|
type: string
|
|
description: The filter for LDAP binding.
|
|
ldap_scope:
|
|
type: integer
|
|
description: 1-LDAP_SCOPE_BASE, 2-LDAP_SCOPE_ONELEVEL, 3-LDAP_SCOPE_SUBTREE
|
|
ldap_uid:
|
|
type: string
|
|
description: The attribute which is used as identity for the LDAP binding, such as "CN" or "SAMAccountname"
|
|
ldap_search_dn:
|
|
type: string
|
|
description: The DN of the user to do the search.
|
|
ldap_timeout:
|
|
type: integer
|
|
description: timeout in seconds for connection to LDAP server.
|
|
project_creation_restriction:
|
|
type: string
|
|
description: This attribute restricts what users have the permission to create project. It can be "everyone" or "adminonly".
|
|
self_registration:
|
|
type: boolean
|
|
description: Whether the Harbor instance supports self-registration. If it's set to false, admin need to add user to the instance.
|
|
token_expiration:
|
|
type: integer
|
|
description: The expiration time of the token for internal Registry, in minutes.
|
|
verify_remote_cert:
|
|
type: boolean
|
|
description: Whether or not the certificate will be verified when Harbor tries to access a remote Harbor instance for replication.
|
|
scan_all_policy:
|
|
type: object
|
|
properties:
|
|
type:
|
|
type: string
|
|
description: The type of scan all policy, currently the valid values are "none" and "daily"
|
|
parameter:
|
|
type: object
|
|
properties:
|
|
daily_time:
|
|
type: integer
|
|
description: The offest in seconds of UTC 0 o'clock, only valid when the policy type is "daily"
|
|
description: The parameters of the policy, the values are dependant on the type of the policy.
|
|
|
|
|
|
|