Wenkai Yin(尹文开)
2747b53316
Merge pull request #15017 from reasonerjt/merge-slash-middleware-v2.1
...
[Cherrypick - v2.1] Add merge slash middleware
2021-06-01 09:15:16 +08:00
Wenkai Yin(尹文开)
31c637b10f
Merge pull request #15019 from reasonerjt/v2auth-enhancement-v2.1
...
[Cherrypick v2.1] Make v2auth more strict
2021-06-01 09:14:32 +08:00
Daniel Jiang
77c9a7da78
Merge pull request #14886 from stonezdj/2.1_fix_user_group_api
...
(cherry-pick) Check permission for user group api
2021-06-01 09:02:48 +08:00
Daniel Jiang
984e8097f1
Make v2auth more strict
...
This commit enhances the v2auth middleware, such that any
un-recognized request sent to /v2/ will be blocked.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-05-31 15:29:25 +08:00
Daniel Jiang
2ca4b66562
Add merge slash middleware
...
There are code in the core component to conditionally execute code based
on the pattern of url path, and different ingress controller or reverse
proxy may handle the dup slashes in the url path differently.
This commit merge dup slashes in the url paths to make things more
consistent.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-05-31 13:39:59 +08:00
Wenkai Yin(尹文开)
b4b27aec30
Merge pull request #14825 from kofj/fix/2.1.0-tcr-provider
...
Fix tencentcr adapter.
2021-05-18 09:29:06 +08:00
Wenkai Yin(尹文开)
c46a217771
Merge pull request #14871 from ywk253100/210513_replication
...
Fix replication filter bug in branch 2.1
2021-05-18 09:20:16 +08:00
stonezdj
a4eef465dc
Check permission for user group api
...
Check create/update permission on user group
Signed-off-by: stonezdj <stonezdj@gmail.com>
2021-05-14 16:42:20 +08:00
Wenkai Yin
ce1a1459fd
Fix replication filter bug in branch 2.1
...
This commit fixes the bug of replication filter, see #13593 for more detail
Fixes #13593
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2021-05-13 10:35:50 +08:00
Qian Deng
aa6f094fac
Add Scan for internal tls ( #14781 )
...
Signed-off-by: DQ <dengq@vmware.com>
2021-05-12 10:56:53 +08:00
fanjiankong
fafe5ebd79
Fix tencentcr adapter.
...
1. Limit API qps for the adapter.
2. Allow set qps via env.
3. Fix Tencnet SDK pagenation.
4. Fix resource filter.
Signed-off-by: fanjiankong <fanjiankong@tencent.com>
2021-05-10 00:00:06 +08:00
Qian Deng
919c9fd2c6
Move chage to base ( #14726 )
...
Solving the root password expiring issue when build image with early base
Signed-off-by: DQ <dengq@vmware.com>
2021-04-22 16:52:10 +08:00
danfengliu
e6e2137e3e
Add build base step to UT test in CI ( #14652 )
...
1. Add buid base step to UT test in CI, base image used by UI test
should be built before buiding harbor image;
2. In build package workflow, trigger build base image step in condition of changing both in
Dockerfile.base and VERSION
3. Add tag for setup nightly test
Signed-off-by: danfengliu <danfengl@vmware.com>
2021-04-21 14:25:18 +08:00
Qian Deng
cf4423be39
Merge pull request #14699 from ninjadq/move_python_flask_to_system
...
Fix: Move pyyaml to system package
2021-04-20 20:57:35 +08:00
DQ
f4eeea87e6
Fix: Move pyyaml to system package
...
pothon version of pyyaml will solve the cve
Signed-off-by: DQ <dengq@vmware.com>
2021-04-20 19:44:40 +08:00
danfengliu
351c92003a
Merge pull request #14663 from danfengliu/do-not-catch-exception-when-cleaning-docker-image
...
Remove local goharbor images after building
2021-04-15 18:36:49 +08:00
danfengliu
bdc2285cde
Remove local goharbor images after building
...
Local images should be removed since images have been pushed to
docker hub.
Signed-off-by: danfengliu <danfengl@vmware.com>
2021-04-15 16:51:01 +08:00
danfengliu
8bb3e1d084
Merge pull request #14660 from wy65701436/release-2.1.5
...
bump up base version to v2.1.5
2021-04-15 11:43:28 +08:00
Wang Yan
4776915cb4
bump up base version to v2.1.5
...
Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-04-15 10:56:13 +08:00
Steven Zou
696f3da304
Merge pull request #14646 from steven-zou/fix/value_out_of_range_2.1
...
CHERRY-PICK: fix(jobservice): value out of range (#14634 )
2021-04-14 18:53:55 +08:00
danfengliu
deb05380c4
Merge pull request #14648 from danfengliu/cherry-pick-2.1.0-add-build-base-image-in-git-action-workflow
...
Cherry-pick 2.1.0 add build base image step in build package git action workflow
2021-04-14 16:49:04 +08:00
danfengliu
bb3a236c7d
Cherry-pick 2.1.0 add build base image step in build package git action workflow
...
Signed-off-by: danfengliu <danfengl@vmware.com>
2021-04-14 15:24:00 +08:00
Archer1A
e842042908
fix(jobservice): value out of range ( #14634 )
...
value out of range when job count bigger than 256
Signed-off-by: vic <985695123@qq.com>
2021-04-14 14:34:15 +08:00
Wang Yan
b39bb0db63
fix immutable issue ( #14643 )
...
Fixes #14568
Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-04-14 13:25:19 +08:00
Qian Deng
c67a5a6145
Merge pull request #14627 from ninjadq/fix_python_cve_2_1
...
Fix python cve 2 1
2021-04-14 10:36:04 +08:00
Steven Zou
c380e010d5
Merge pull request #14630 from steven-zou/fix/job_log_not_found_issue_2.1.5
...
fix(js):job log not found issue
2021-04-13 13:47:59 +08:00
Steven Zou
64da0737bd
fix(js):job log not found issue
...
- return 404 code when the job log is not found
Signed-off-by: Steven Zou <szou@vmware.com>
2021-04-13 12:57:38 +08:00
dependabot[bot]
da07507675
Bump pyyaml from 4.2b1 to 5.4 in /make/photon/prepare
...
Bumps [pyyaml](https://github.com/yaml/pyyaml ) from 4.2b1 to 5.4.
- [Release notes](https://github.com/yaml/pyyaml/releases )
- [Changelog](https://github.com/yaml/pyyaml/blob/master/CHANGES )
- [Commits](https://github.com/yaml/pyyaml/commits/5.4 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-04-13 10:51:38 +08:00
dependabot[bot]
375ab54b6e
Bump jinja2 from 2.11.1 to 2.11.3 in /make/photon/prepare
...
Bumps [jinja2](https://github.com/pallets/jinja ) from 2.11.1 to 2.11.3.
- [Release notes](https://github.com/pallets/jinja/releases )
- [Changelog](https://github.com/pallets/jinja/blob/master/CHANGES.rst )
- [Commits](https://github.com/pallets/jinja/compare/2.11.1...2.11.3 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-04-13 10:51:10 +08:00
Wenkai Yin(尹文开)
2c0a3f810d
Ignore the not found error when trying to delete scheduled policies ( #14597 )
...
Ignore the not found error when trying to delete scheduled policies
fixes #14292
fixes #14548
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2021-04-12 10:43:59 +08:00
Steven Zou
845fef509a
Merge pull request #14601 from steven-zou/fix/cherry-hook-resending
...
fix(js): webhook infinitely resending issue
2021-04-09 18:44:21 +08:00
Steven Zou
1840b89993
fix(js): webhook infinitely resending issue
...
- update the resending logic in the hook agent
- use backoff lib to generate backoff duration
- remove retry cache queue
- leverage reaper to restore the sending if direct retries are all failed
- remove useless funcs/codes
fix #14545
Signed-off-by: Steven Zou <szou@vmware.com>
2021-04-09 17:30:03 +08:00
danfengliu
e010c51e1b
Merge pull request #14417 from danfengliu/clear-and-restart-containerd-in-e2e-container
...
[Cherry-pick 2.1.0] Remove deploytment of python3.6 and set dns for docker v20 and fix quotas test issue in upgrade pipeline
2021-03-25 19:38:10 +08:00
Wenkai Yin(尹文开)
e2426603fd
Merge pull request #14423 from ywk253100/210311_2.1.4
...
Update the execution status of retention schedule
2021-03-15 17:03:55 +08:00
Wenkai Yin
bf7aa33d7f
Update the execution status of retention schedule
...
Update the execution status of retention schedule
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2021-03-12 19:35:19 +08:00
danfengliu
4c9a06081d
Fix quotas test issue in upgrade pipeline
...
1. Change way for quotas verification in upgrade pipeline, prepare specific size of image, then it's an known value for verifcation;
2. Add notary key rotate test;
3. For issue brought by docker 20, clean containerd cache is the only effective way, so both dockerd and containerd should be cache cleard and restarted;
4. Upgrade E2E Dockerfile for importing readable file size package, and other issues;
5. Uncomment project level robot account test in nightly.
6. Get DNS from local setting, and set it into docker deamon config file;
Signed-off-by: danfengliu <danfengl@vmware.com>
2021-03-12 10:22:38 +08:00
danfengliu
2ff9e2728d
Merge pull request #14399 from wy65701436/release-2.1.4
...
bump version to v2.1.4
2021-03-09 17:53:09 +08:00
Wang Yan
f6d14786c0
Merge branch 'release-2.1.0' of https://github.com/goharbor/harbor into release-2.1.4
2021-03-09 16:54:33 +08:00
danfengliu
e343f31ac2
Merge pull request #14396 from danfengliu/remove-deployment-of-python3.6
...
Remove deployment of python3.6
2021-03-09 16:39:36 +08:00
danfengliu
9bc2fcc467
Remove deployment of python3.6
...
Signed-off-by: danfengliu <danfengl@vmware.com>
2021-03-09 07:50:44 +00:00
Wang Yan
86e1d0f40a
bump version to v2.1.4
...
Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-03-09 12:13:00 +08:00
danfengliu
d54e5940f4
Merge pull request #14364 from danfengliu/cherry-pick-2.1-remove-python3.7-in-ci-installation
...
[cherry-pick 2.1.0] Remove python3.7 deployment in CI installtion phase.
2021-03-05 11:35:17 +08:00
danfengliu
5d9cda5de5
[cherry-pick 2.1] Remove python3.7 deployment in CI installtion phase.
...
Git action work node OS had python3.8 deployed already, so won't necessary to install python3.7 in CI.
Signed-off-by: danfengliu <danfengl@vmware.com>
2021-03-05 02:37:47 +00:00
Wang Yan
0d97691211
patch upstream fix for io reader ( #14365 )
...
Fixes #12850
This patch can fix the GC failure in the NFS v3 env, see https://github.com/distribution/distribution/pull/3309#issuecomment-783606968
Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-03-04 19:19:00 +08:00
Wenkai Yin(尹文开)
9c4b80faea
Merge pull request #14291 from heww/fix-issue-14242
...
fix: handle project not found when creating token
2021-03-04 11:24:03 +08:00
Wenkai Yin(尹文开)
215ba77188
Merge pull request #14296 from ywk253100/210224_sql
...
[cherry-pick-2.1]Fix sql issue in artifact dao
2021-03-03 21:56:12 +08:00
Wenkai Yin
033c45dc63
Fix sql issue in artifact dao
...
Fix sql issue in artifact dao
Signed-off-by: Wenkai Yin <yinw@vmware.com>
2021-03-03 16:32:32 +08:00
He Weiwei
1601c70278
fix: handle project not found when creating token
...
Closes #14242
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2021-03-03 08:18:00 +00:00
Wang Yan
582476647c
update blob list query ( #14195 ) ( #14294 )
...
* update blob list query
Deprecate blob list parameters, and use the query for instead.
Signed-off-by: wang yan <wangyan@vmware.com>
* update per review comments
Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-03-03 16:13:42 +08:00
Daniel Jiang
038a03b4f6
Add "*" to the claim set in the token for /v2 apis ( #14342 )
...
The "*" is used by notary server for permission checking:
84287fd8df/server/server.go (L200)
Hence, we need to add this into the JWT token such that actions like key
rotation can be executed.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2021-03-03 14:17:39 +08:00