upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor synced 2024-09-20 17:45:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

Adding TOC links to projects topics

Browse Source
This commit is contained in:
Stuart Clements 2020-01-13 16:18:01 +01:00
parent 4899d89660
commit f4310b470c
17 changed files with 124 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
docs/1.10/working_with_projects/access_project_logs.md
View File

@ -1,3 +1,7 @@
[Back to table of contents](../index.md)
----------
# Access and Search Project Logs
Harbor keeps a log of all of the operations that users perform in a project. You can apply filters to help you to search the logs.
@ -25,7 +29,6 @@ Log in to Harbor with a Harbor administrator, project administrator, master, dev
![Filter logs by date](../img/log_search_advanced_date.png)
## What to Do Next
TBD
----------
[Back to table of contents](../index.md)

8
docs/1.10/working_with_projects/add_users.md
View File

@ -1,3 +1,7 @@
[Back to table of contents](../index.md)
----------
# Assign Users to a Project
You can add individual users to an existing project and assign a role to them. You can add an LDAP/AD or OIDC user to the project members if you use LDAP/AD or OIDC authentication, or a user that you have already created if you use database authentication. If you use LDAP/AD or OIDC authentication, you can add groups to projects and assign a role to the group.
@ -51,6 +55,6 @@ To be able to add OIDC groups to projects, your OIDC provider and Harbor instanc
**NOTE**: Unlike with LDAP groups, Harbor cannot check whether OIDC groups exist when you add them to a project. If you mistype the group name, or if the group does not exist in your OIDC provider, Harbor still creates the group.
## What to Do Next
----------
TBD
[Back to table of contents](../index.md)

10
docs/1.10/working_with_projects/configure_project_whitelist.md
View File

@ -1,3 +1,7 @@
[Back to table of contents](../index.md)
----------
# Configure a Per-Project CVE Whitelist
When you run vulnerability scans, images that are subject to Common Vulnerabilities and Exposures (CVE) are identified. According to the severity of the CVE and your security settings, these images might not be permitted to run. You can create whitelists of CVEs to ignore during vulnerability scanning.
@ -20,4 +24,8 @@ After you have created a project whitelist, you can remove CVE IDs from the list
If CVEs are added to the system whitelist after you have created a project whitelist, click **Copy From System** to add the new entries from the system whitelist to the project whitelist.
**NOTE**: If CVEs are deleted from the system whitelist after you have created a project whitelist, and if you added the system whitelist to the project whitelist, you must manually remove the deleted CVEs from the project whitelist. If you click **Copy From System** after CVEs have been deleted from the system whitelist, the deleted CVEs are not automatically removed from the project whitelist.
**NOTE**: If CVEs are deleted from the system whitelist after you have created a project whitelist, and if you added the system whitelist to the project whitelist, you must manually remove the deleted CVEs from the project whitelist. If you click **Copy From System** after CVEs have been deleted from the system whitelist, the deleted CVEs are not automatically removed from the project whitelist.
----------
[Back to table of contents](../index.md)

10
docs/1.10/working_with_projects/configure_webhooks.md
View File

@ -1,3 +1,7 @@
[Back to table of contents](../index.md)
----------
# Configure Webhook Notifications
If you are a project administrator, you can configure a connection from a project in Harbor to a webhook endpoint. If you configure webhooks, Harbor notifies the webhook endpoint of certain events that occur in the project. Webhooks allow you to integrate Harbor with other tools to streamline continuous integration and development processes.
@ -87,4 +91,8 @@ As a Harbor system administrator, you can enable and disable webhook notificatio
1. Go to **Configuration** > **System Settings**.
1. Scroll down and check or uncheck the **Webhooks enabled** check box.
![Enable/disable webhooks](../img/webhooks4.png)
![Enable/disable webhooks](../img/webhooks4.png)
----------
[Back to table of contents](../index.md)

4
docs/1.10/working_with_projects/create_labels.md
View File

@ -1,3 +1,7 @@
[Back to table of contents](../index.md)
----------
# Managing Labels
Harbor provides two kinds of labels to isolate different kinds of resources:

4
docs/1.10/working_with_projects/create_projects.md
View File

@ -1,3 +1,7 @@
[Back to table of contents](../index.md)
----------
# Create a Project
In Harbor, you create different projects to which you assign users so that they can push and pull image repositories. You also configure project-specific settings. When you first deploy Harbor, a default public project named `library` is created.

10
docs/1.10/working_with_projects/create_robot_accounts.md
View File

@ -1,3 +1,7 @@
[Back to table of contents](../index.md)
----------
# Create Robot Accounts
You can create robot accounts to run automated operations. Robot accounts have the following limitations:
@ -50,4 +54,8 @@ To use a robot account in an automated process, for example a script, use `docke
docker login <i>harbor_address</i>
Username: robot$<i>account_name</i>
Password: <i>robot_account_token</i>
</pre>
</pre>
----------
[Back to table of contents](../index.md)

10
docs/1.10/working_with_projects/create_tag_immutability_rules.md
View File

@ -1,3 +1,7 @@
[Back to table of contents](../index.md)
----------
# Tag Immutability Rules
By default, users can repeatedly push an image with the same tag to repositories in Harbor. This causes the previous image to effectively be overwritten with each push, in that the tag now points to a different image and the image that previously used the tag now becomes tagless. This is due to the Docker implementation, that does not enforce the mapping between an image tag and the image digest. This can be undesirable in certain cases, because the tag can no longer be trusted to identify the image version. The sha256 digest remains reliable and always points to the same build, but it is not rendered in a human-readable format.
@ -50,4 +54,8 @@ To make all tags for all repositories in the project immutable, set the followin
To allow the tags `rc`, `test`, and `nightly` to be overwritten but make all other tags immutable, set the following options:
- Set **For the respositories** to **matching** and enter `**`.
- Set **Tags** to **excluding** and enter `rc,test,nightly`.
- Set **Tags** to **excluding** and enter `rc,test,nightly`.
----------
[Back to table of contents](../index.md)

10
docs/1.10/working_with_projects/create_tag_retention_rules.md
View File

@ -1,3 +1,7 @@
[Back to table of contents](../index.md)
----------
# Create Tag Retention Rules
A repository can rapidly accumulate a large number of image tags, many of which might not be required after a given time or once they have been superseded by a subsequent image build. These excess tags can obviously consume large quantities of storage capacity. As a Harbor system administrator, you can define rules that govern how many tags of a given repository to retain, or for how long to retain certain tags.
@ -154,4 +158,8 @@ If you set a quota on a project, this quota cannot be exceeded. The quota is app
To modify an existing rule, use the **Action** drop-down menu next to a rule to disable, edit, or delete that rule.
![Modify tag retention rules](../img/tag-retention5.png)
![Modify tag retention rules](../img/tag-retention5.png)
----------
[Back to table of contents](../index.md)

10
docs/1.10/working_with_projects/implementing_content_trust.md
View File

@ -1,3 +1,7 @@
[Back to table of contents](../index.md)
----------
# Implementing Content Trust
**NOTE: Notary is an optional component, please make sure you have already installed it in your Harbor instance before you go through this section.**
@ -14,4 +18,8 @@ If you are using a self-signed cert, make sure to copy the CA cert into ```/etc/
**Note: Replace "10.117.169.182" with the IP address or domain name of your Harbor node. In order to use content trust, HTTPS must be enabled in Harbor.**
When an image is signed, it has a tick shown in UI; otherwise, a cross sign(X) is displayed instead.
![browse project](../img/content_trust.png)
![browse project](../img/content_trust.png)
----------
[Back to table of contents](../index.md)

6
docs/1.10/working_with_projects/index.md
View File

@ -4,4 +4,8 @@ This section describes how users with the developer, master, and project adminis
- [Project Creation](project_overview.md)
- [Project Configuration](project_configuration.md)
- [Working with Images, Tags, and Helm Charts](working_with_images.md)
- [Working with Images, Tags, and Helm Charts](working_with_images.md)
----------
[Back to table of contents](../index.md)

10
docs/1.10/working_with_projects/managing_helm_charts.md
View File

@ -1,3 +1,7 @@
[Back to table of contents](../index.md)
----------
# Managing Helm Charts
[Helm](https://helm.sh) is a package manager for [Kubernetes](https://kubernetes.io). Helm uses a packaging format called [charts](https://docs.helm.sh/developing_charts). Since version 1.6.0 Harbor is now a composite cloud-native registry which supports both container image management and Helm charts management. Access to Helm charts in Harbor is controlled by [role-based access controls (RBAC)](https://en.wikipedia.org/wiki/Role-based_access_control) and is restricted by projects.
@ -119,4 +123,8 @@ Everything is ready, install the chart to your kubernetes:
helm install --ca-file=ca.crt --username=admin --password=Passw0rd --version 0.1.10 repo248/chart_repo/hello-helm
```
For other more helm commands like how to sign a chart, please refer to the [helm doc](https://docs.helm.sh/helm/#helm).
For other more helm commands like how to sign a chart, please refer to the [helm doc](https://docs.helm.sh/helm/#helm).
----------
[Back to table of contents](../index.md)

10
docs/1.10/working_with_projects/project_configuration.md
View File

@ -1,3 +1,7 @@
[Back to table of contents](../index.md)
----------
# Project Configuration
Project properties can be changed by clicking "Configuration".
@ -43,4 +47,8 @@ Build history makes it easy to see the contents of a container image, find the c
In Harbor portal, enter your project, select the repository, click on the link of tag name you'd like to see its build history, the detail page will be opened. Then switch to `Build History` tab, you can see the build history information.
![build_ history](../img/build_history.png)
![build_ history](../img/build_history.png)
----------
[Back to table of contents](../index.md)

5
docs/1.10/working_with_projects/project_overview.md
View File

@ -6,3 +6,8 @@ There are two types of project in Harbor:
* **Public**: Any user can pull images from this project. This is a convenient way for you to share repositories with others.
* **Private**: Only users who are members of the project can pull images
----------
[Back to table of contents](../index.md)

9
docs/1.10/working_with_projects/retagging_images.md
View File

@ -1,3 +1,7 @@
[Back to table of contents](../index.md)
----------
# Retagging Images
Images retag helps users to tag images in Harbor, images can be tagged to different repositories and projects, as long as the users have sufficient permissions. For example,
@ -13,3 +17,8 @@ In Harbor portal, select the image you'd like to retag, and click the enabled `R
![retag image](../img/retag_image.png)
In the retag dialog, project name, repository name and the new tag should be specified. On click the `CONFIRM` button, the new tag would be created instantly. You can check the new tag in the corresponding project.
----------
[Back to table of contents](../index.md)

9
docs/1.10/working_with_projects/using_api_explorer.md
View File

@ -1,3 +1,7 @@
[Back to table of contents](../index.md)
----------
# Using the API Explorer
Harbor integrated swagger UI from 1.8. That means all apis can be invoked through UI. Normally, user have 2 ways to navigate to API Explorer.
@ -8,3 +12,8 @@ Harbor integrated swagger UI from 1.8. That means all apis can be invoked throug
2. User can navigate to swagger page by ip address by router "devcenter". For example: https://10.192.111.118/devcenter. After go to the page, need to click "authorize" button to give basic authentication to all apis. All apis will be invoked with the authorized user authorization.
![authentication](../img/authorize.png)
----------
[Back to table of contents](../index.md)

4
docs/1.10/working_with_projects/working_with_images.md
View File

@ -1,3 +1,7 @@
# Working with Images and Tags
This section describes how to work with images and tags in Harbor.
----------
[Back to table of contents](../index.md)