upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor synced 2025-04-26 02:16:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
12,324 Commits 58 Branches 324 Tags
Commit Graph

99 Commits

Author SHA1 Message Date
miner
3b8c18fd26
update tlsOptions for external redis (#21681) 
Signed-off-by: yminer <miner.yang@broadcom.com>
Co-authored-by: yminer <miner.yang@broadcom.com>
 2025-03-10 11:45:18 +00:00
miner
5c39e76ac4
prepare redis tls config (#21667) 
add prepare for redis tls config

Signed-off-by: yminer <miner.yang@broadcom.com>
 2025-02-27 17:38:08 +08:00
stonezdj(Daojun Zhang)
12382fa8ae
Update prepare to avoid error when max_job_duration_hours not configured (#21395) 
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2025-01-10 10:56:43 +08:00
stonezdj(Daojun Zhang)
8ca455eb76
Add config max_job_duration_hours for jobservice (#21390) 
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2025-01-08 17:15:37 +08:00
stonezdj(Daojun Zhang)
29cdc398e0
Check if the internal_tls_config is not null when get strong_ssl_ciph… (#20032) 
Check if the internal_tls_config is not null when get strong_ssl_cipher value

Signed-off-by: stonezdj <daojunz@vmware.com>
Co-authored-by: stonezdj <daojunz@vmware.com>
 2024-02-26 09:46:40 +00:00
stonezdj(Daojun Zhang)
2b6608fb52
Move strong_ssl_ciphers to top level in harbor.yaml (#19914) 
fixes #19912

Signed-off-by: stonezdj <stonezdj@gmail.com>
 2024-02-26 05:08:35 +00:00
Shengwen YU
bca9b14bbf
feat: enable configuration of skip_java_db_update (#19996) 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2024-02-21 10:13:52 +08:00
MinerYang
a3e1b1eb79
add ip_family config in harbor.yml (#19934) 
add ipFamily config in values.yaml

Signed-off-by: yminer <yminer@vmware.com>

update name

update prepare and migration

update comments

Signed-off-by: yminer <yminer@vmware.com>

remove print msg

update migrate template

update default value

update migrating template
 2024-02-02 18:15:25 +08:00
Chlins Zhang
c7e25295fe
fix: support customize cache db for business (#19182) 
Support to configure the customized redis db for cache layer and other
misc business for core, by default the behavior is same with
previous(stored in db 0).

Signed-off-by: chlins <chenyuzh@vmware.com>
 2023-08-18 11:04:16 +08:00
Shengwen YU
320c0d63ca
feat: add config for job_loggers (#18970) 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2023-07-24 22:10:36 +08:00
Chlins Zhang
8ff095d68f
feat: add the configuration for quota update provider (#18928) 
Add the related configurations for the quota update provider to the
harbor.yml.

Signed-off-by: chlins <chenyuzh@vmware.com>
 2023-07-24 16:28:19 +08:00
Wang Yan
bf7c82b9a8
remove the notary from backend (#18668) 
Since harbor deprecates notary since v2.9.0, this pull request targets to remove the code related with notary.

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2023-05-18 18:47:42 +08:00
MinerYang
2d98e8fe1e
Allow redis password using safe special characters (#18566) 
allow redis password safe special characters

Signed-off-by: yminer <yminer@vmware.com>

string and None type conversion
 2023-04-24 11:01:46 +08:00
Peter Jakubis
284d58453c
Change storage_service.redirect.disabled in harbor.yml.tmpl to storage_service.redirect.deactivate (#14615) 
* set to disable

Signed-off-by: Peter Jakubis <balonik32@gmail.com>

* move pr-14615 prepare migration version from 2.7.0 to 2.8.0

Signed-off-by: yminer <yminer@vmware.com>

---------

Signed-off-by: Peter Jakubis <balonik32@gmail.com>
Signed-off-by: yminer <yminer@vmware.com>
Co-authored-by: Peter Jakubis <peter.jakubis@piano.io>
Co-authored-by: Vadim Bauer <vb@container-registry.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
Co-authored-by: yminer <yminer@vmware.com>
 2023-03-22 13:55:22 +08:00
Chlins Zhang
67d3f9add8
feat: support configurate the http client timeout for webhook job (#18382) 
Signed-off-by: chlins <chenyuzh@vmware.com>
 2023-03-21 11:54:10 +08:00
Chlins Zhang
14df2b2b60
feat: support configrate the jobservice logger sweeper duration (#18365) 
Support configurate the jobservice logger sweeper duration from
harbor.yml.

Closes: #10958

Signed-off-by: chlins <chenyuzh@vmware.com>
 2023-03-18 10:46:40 +08:00
MinerYang
e76aff6a0a
add external redis username config to support redis6 ACL (#18364) 
add external redis username o support redis6 ACL

Signed-off-by: yminer <yminer@vmware.com>
 2023-03-17 14:16:19 +08:00
Wang Yan
738fde7d3b
remove chartmuseum backend (#18191) 
Harbor deprecates chartmuseum as of v2.8.0

Epic: https://github.com/goharbor/harbor/issues/17958

Discussion: https://github.com/goharbor/harbor/discussions/15057

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2023-02-16 18:11:05 +08:00
Jianwei Guo
cb11540a14
add parameters for PostgreSQL (#16641) 
Signed-off-by: sayaoailun <guojianwei007@126.com>
 2022-11-30 19:08:08 +08:00
Shengwen YU
0acfbdc7a1
feat: bump TRIVYVERSION to v0.32.1 and bump TRIVYADAPTERVERSION to v0.30.2 (#17681) 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2022-10-25 14:26:53 +08:00
chlins
8c223135e7 feat: add cache layer for artifact (#16739) 
Implement cache layer for resource artifact and define common
cache manager and workflow. Also add cache related options to
configuration yaml.

Signed-off-by: chlins <chenyuzh@vmware.com>
 2022-04-25 18:01:45 +08:00
MinerYang
6c97d3f0c7
rollback to delete external redis username (#16353) 
Signed-off-by: yminer <yminer@vmmware.com>

Co-authored-by: yminer <yminer@vmmware.com>
 2022-02-11 17:28:10 +08:00
MinerYang
1a2dd256b5
Add external redis username for AUTH (#16336) 
* add external redis username for AUTH

* update harbor.yml.tmpl

* add external redis username for AUTH

update harbor.yml.tmpl

Co-authored-by: yminer <yminer@vmmware.com>
 2022-02-09 22:06:28 +08:00
Shengwen Yu
46f97ecf6c feat: bump TRIVYVERSION to v0.22.0 and bump TRIVYADAPTERVERSION to v0.25.0 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2022-01-21 09:14:07 +08:00
stonezdj
17d8b7b813 Add upload purge config to registry/config.yml 
Enable the uploadpurging by default
  Fixes #15641

Signed-off-by: stonezdj <stonezdj@gmail.com>
 2022-01-04 11:15:51 +08:00
Rolf Ahrenberg
5f3972f86d
Add configurable timeout for Trivy scans (#15796) 
Signed-off-by: Rolf Ahrenberg <Rolf.Ahrenberg@saunalahti.fi>
 2021-10-22 14:36:12 +08:00
Qian Deng
3c23926bdc Add validation for tracing 
* add  validation of tracing in validating process

Signed-off-by: Qian Deng <dengq@vmware.com>
 2021-09-27 13:10:55 +00:00
Qian Deng
bad913cf6d Refactor trace code 
* use lib trace helper function
* add gracefull shutdown
* Add commens for new added exposed function
* Add licence on top of new created files
* Update trace library
* Update configs
* Add attribute and namespance in config

Signed-off-by: Qian Deng <dengq@vmware.com>
 2021-09-18 10:58:52 +00:00
Qian Deng
b812a300be Add trace related configs 
* Update harbor config template
* Update python config parsing
* Update env template

Signed-off-by: Qian Deng <dengq@vmware.com>
 2021-09-18 10:58:52 +00:00
DQ
234b29e170 Fix pythom yaml load to safe_load 
Signed-off-by: DQ <dengq@vmware.com>
 2020-12-16 14:59:06 +08:00
DQ
0c9faea294 Clean up Clair in prepare script 
Signed-off-by: DQ <dengq@vmware.com>
 2020-11-10 11:39:18 +08:00
DQ
eb470501be Add metrics to Harbor Core 
1. Add configs in prepare
 2. Add models and config items in Core
 3. Encapdulate getting metric in commom package
 4. Add a middleware for global request to collect 3 metrics

Signed-off-by: DQ <dengq@vmware.com>
 2020-11-03 14:33:10 +08:00
DQ
d3ab9d7c6b Add internal tls configs for portal 
add related file, config, command to enabled https for portal

Signed-off-by: DQ <dengq@vmware.com>
 2020-07-31 12:10:47 +08:00
Ziming Zhang
8857e89e40 feature(redis) support redis sentinel 
Signed-off-by: Ziming Zhang <zziming@vmware.com>
 2020-07-19 21:19:03 +08:00
DQ
026e37e777 Fix chart museum absolute url issue 
if absolute url is enabled return true else set it to false

Signed-off-by: DQ <dengq@vmware.com>
 2020-04-26 13:04:29 +08:00
DQ
599ca98c09 Hidden veriify client cert verfiy option 
Remove to avoid replication access core from external_url issue

Signed-off-by: DQ <dengq@vmware.com>
 2020-04-23 10:14:36 +08:00
Daniel Pacak
5c3abee135 chore(trivy): Bump up trivy adapter to 0.9.0 
- Vendor the latest Trivy release 0.6.0
- Configure TLS 1.2 as min version when TLS is enabled
- Add more tracing to adapter config to facilitate troubleshooting

Resolves: #11544

Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
 2020-04-16 08:40:27 +02:00
He Weiwei
77a8c3205f fix(prepare): not accpet items of false value in external_redis 
Item in yaml without value will be as None in python, which will make
the password of redis as `None` in `get_redis_configs`. This fix will
not accept items of `false value` in `external_redis` configurations.

Closes #11367

Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2020-04-03 04:09:26 +00:00
Steven Zou
2859cd8b69
Merge pull request #11134 from danielpacak/feat/issue_11090/trivy_skip_update_flag 
feat(trivy): Configure Trivy to skip database updates
 2020-03-19 18:13:08 +08:00
DQ
f18a546429 Fix: return error when internal_tls_not_provided 
When iinternal_tls is empty, prepare should works as usual

Signed-off-by: DQ <dengq@vmware.com>
 2020-03-19 10:37:58 +08:00
Daniel Pacak
7325105714 feat(trivy): Configure Trivy to skip database updates 
Resolves: #11090

Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
 2020-03-18 17:11:47 +01:00
DQ
6e8d44101f Enhance: User can generate cert by their own ca key pair 
User can put their ca key pair on internal cert dir and name them to `harbor_internal_ca.key` and `harbor_internal_ca.crt` we wil use them to generate other certs

Signed-off-by: DQ <dengq@vmware.com>
 2020-03-18 19:22:10 +08:00
DQ
b93092e012 Add tls for trivy 
Add trivy tls cert files
Add tivey tls env and config
enhance gencert

Signed-off-by: DQ <dengq@vmware.com>
 2020-03-18 19:22:10 +08:00
DQ
c5d73e6a0c Add switch to https 
use switch to make decision whether mTLS or server TLS

Signed-off-by: DQ <dengq@vmware.com>
 2020-03-18 19:22:10 +08:00
DQ
454382149f TLS update for chart, clairadapter, registry 
Remove trustca in chartmuseum
Remove trustca in registry
Add tls in clair-adapter

Signed-off-by: DQ <dengq@vmware.com>
 2020-03-18 19:22:10 +08:00
DQ
dcc6950af7 Feat: auto install ca in registry 
Signed-off-by: DQ <dengq@vmware.com>
 2020-03-18 19:22:09 +08:00
DQ
b852605193 Feat: enable mtls in harbor replication 
Signed-off-by: DQ <dengq@vmware.com>
 2020-03-18 19:22:09 +08:00
DQ
40e67f3b14 Feat: Enable mtls for registry 
Signed-off-by: DQ <dengq@vmware.com>
 2020-03-18 19:22:09 +08:00
DQ
da359f609f Feat: enable mtls in core 
add mtls related code in core

Signed-off-by: DQ <dengq@vmware.com>
 2020-03-18 19:22:09 +08:00
DQ
a4855cca36 Feat: update prepare to support tls 
update makefile
add model for prepare
update jinja template for prepare

Signed-off-by: DQ <dengq@vmware.com>
 2020-03-18 19:22:09 +08:00