upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor synced 2024-09-21 06:45:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
9,966 Commits 51 Branches 310 Tags 355 MiB
e842042908
Commit Graph

9966 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Archer1A
e842042908 fix(jobservice): value out of range (#14634) 
value out of range when job count bigger than 256

Signed-off-by: vic <985695123@qq.com>
 2021-04-14 14:34:15 +08:00
Wang Yan
b39bb0db63
fix immutable issue (#14643) 
Fixes #14568

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2021-04-14 13:25:19 +08:00
Qian Deng
c67a5a6145
Merge pull request #14627 from ninjadq/fix_python_cve_2_1 
Fix python cve 2 1
 2021-04-14 10:36:04 +08:00
Steven Zou
c380e010d5
Merge pull request #14630 from steven-zou/fix/job_log_not_found_issue_2.1.5 
fix(js):job log not found issue
 2021-04-13 13:47:59 +08:00
Steven Zou
64da0737bd fix(js):job log not found issue 
- return 404 code when the job log is not found

Signed-off-by: Steven Zou <szou@vmware.com>
 2021-04-13 12:57:38 +08:00
dependabot[bot]
da07507675 Bump pyyaml from 4.2b1 to 5.4 in /make/photon/prepare 
Bumps [pyyaml](https://github.com/yaml/pyyaml) from 4.2b1 to 5.4.
- [Release notes](https://github.com/yaml/pyyaml/releases)
- [Changelog](https://github.com/yaml/pyyaml/blob/master/CHANGES)
- [Commits](https://github.com/yaml/pyyaml/commits/5.4)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-04-13 10:51:38 +08:00
dependabot[bot]
375ab54b6e Bump jinja2 from 2.11.1 to 2.11.3 in /make/photon/prepare 
Bumps [jinja2](https://github.com/pallets/jinja) from 2.11.1 to 2.11.3.
- [Release notes](https://github.com/pallets/jinja/releases)
- [Changelog](https://github.com/pallets/jinja/blob/master/CHANGES.rst)
- [Commits](https://github.com/pallets/jinja/compare/2.11.1...2.11.3)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-04-13 10:51:10 +08:00
Wenkai Yin(尹文开)
2c0a3f810d
Ignore the not found error when trying to delete scheduled policies (#14597) 
Ignore the not found error when trying to delete scheduled policies
fixes #14292
fixes #14548

Signed-off-by: Wenkai Yin <yinw@vmware.com>
 2021-04-12 10:43:59 +08:00
Steven Zou
845fef509a
Merge pull request #14601 from steven-zou/fix/cherry-hook-resending 
fix(js): webhook infinitely resending issue
 2021-04-09 18:44:21 +08:00
Steven Zou
1840b89993 fix(js): webhook infinitely resending issue 
- update the resending logic in the hook agent
- use backoff lib to generate backoff duration
- remove retry cache queue
- leverage reaper to restore the sending if direct retries are all failed
- remove useless funcs/codes

fix #14545

Signed-off-by: Steven Zou <szou@vmware.com>
 2021-04-09 17:30:03 +08:00
danfengliu
e010c51e1b
Merge pull request #14417 from danfengliu/clear-and-restart-containerd-in-e2e-container 
[Cherry-pick 2.1.0] Remove deploytment of python3.6 and set dns for docker v20 and fix quotas test issue in upgrade pipeline
 2021-03-25 19:38:10 +08:00
Wenkai Yin(尹文开)
e2426603fd
Merge pull request #14423 from ywk253100/210311_2.1.4 
Update the execution status of retention schedule
 2021-03-15 17:03:55 +08:00
Wenkai Yin
bf7aa33d7f Update the execution status of retention schedule 
Update the execution status of retention schedule

Signed-off-by: Wenkai Yin <yinw@vmware.com>
 2021-03-12 19:35:19 +08:00
danfengliu
4c9a06081d Fix quotas test issue in upgrade pipeline 
1. Change way for quotas verification in upgrade pipeline, prepare specific size of image, then it's an known value for verifcation;
2. Add notary key rotate test;
3. For issue brought by docker 20, clean containerd cache is the only effective way, so both dockerd and containerd should be cache cleard and restarted;
4. Upgrade E2E Dockerfile for importing readable file size package, and other issues;
5. Uncomment project level robot account test in nightly.
6. Get DNS from local setting, and set it into docker deamon config file;

Signed-off-by: danfengliu <danfengl@vmware.com>
 2021-03-12 10:22:38 +08:00
danfengliu
2ff9e2728d
Merge pull request #14399 from wy65701436/release-2.1.4 
bump version to v2.1.4
 2021-03-09 17:53:09 +08:00
Wang Yan
f6d14786c0 Merge branch 'release-2.1.0' of https://github.com/goharbor/harbor into release-2.1.4 2021-03-09 16:54:33 +08:00
danfengliu
e343f31ac2
Merge pull request #14396 from danfengliu/remove-deployment-of-python3.6 
Remove deployment of python3.6
 2021-03-09 16:39:36 +08:00
danfengliu
9bc2fcc467 Remove deployment of python3.6 
Signed-off-by: danfengliu <danfengl@vmware.com>
 2021-03-09 07:50:44 +00:00
Wang Yan
86e1d0f40a bump version to v2.1.4 
Signed-off-by: Wang Yan <wangyan@vmware.com>
 2021-03-09 12:13:00 +08:00
danfengliu
d54e5940f4
Merge pull request #14364 from danfengliu/cherry-pick-2.1-remove-python3.7-in-ci-installation 
[cherry-pick 2.1.0] Remove python3.7 deployment in CI installtion phase.
 2021-03-05 11:35:17 +08:00
danfengliu
5d9cda5de5 [cherry-pick 2.1] Remove python3.7 deployment in CI installtion phase. 
Git action work node OS had python3.8 deployed already, so won't necessary to install python3.7 in CI.

Signed-off-by: danfengliu <danfengl@vmware.com>
 2021-03-05 02:37:47 +00:00
Wang Yan
0d97691211
patch upstream fix for io reader (#14365) 
Fixes #12850
This patch can fix the GC failure in the NFS v3 env, see https://github.com/distribution/distribution/pull/3309#issuecomment-783606968

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2021-03-04 19:19:00 +08:00
Wenkai Yin(尹文开)
9c4b80faea
Merge pull request #14291 from heww/fix-issue-14242 
fix: handle project not found when creating token
 2021-03-04 11:24:03 +08:00
Wenkai Yin(尹文开)
215ba77188
Merge pull request #14296 from ywk253100/210224_sql 
[cherry-pick-2.1]Fix sql issue in artifact dao
 2021-03-03 21:56:12 +08:00
Wenkai Yin
033c45dc63 Fix sql issue in artifact dao 
Fix sql issue in artifact dao

Signed-off-by: Wenkai Yin <yinw@vmware.com>
 2021-03-03 16:32:32 +08:00
He Weiwei
1601c70278 fix: handle project not found when creating token 
Closes #14242

Signed-off-by: He Weiwei <hweiwei@vmware.com>
 2021-03-03 08:18:00 +00:00
Wang Yan
582476647c
update blob list query (#14195) (#14294) 
* update blob list query

Deprecate blob list parameters, and use the query for instead.

Signed-off-by: wang yan <wangyan@vmware.com>

* update per review comments

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2021-03-03 16:13:42 +08:00
Daniel Jiang
038a03b4f6
Add "*" to the claim set in the token for /v2 apis (#14342) 
The "*" is used by notary server for permission checking:
84287fd8df/server/server.go (L200)
Hence, we need to add this into the JWT token such that actions like key
rotation can be executed.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2021-03-03 14:17:39 +08:00
Wang Yan
2ecfbbb7bd
fix quota dao codeQL issue (#14295) 
Signed-off-by: Wang Yan <wangyan@vmware.com>
 2021-03-03 14:07:43 +08:00
danfengliu
13b5f37fe8
Merge pull request #14123 from danfengliu/cherry-pick-2.1.0-reschedule-docker-login-policy-in-build-base-image 
[Cherry-pick 2.1.0] Reschedule docker login policy in base image build process
 2021-02-25 14:05:04 +08:00
danfengliu
6517a10ce6 Reschedule docker login policy in base image build process 
Signed-off-by: danfengliu <danfengl@vmware.com>
 2021-02-25 12:01:06 +08:00
danfengliu
1231fa61db
Merge pull request #14100 from danfengliu/upgrade-docker-to-v20 
[Cherry-pick 2.1.0] Fix nightly issues caused by docker upgrade to 20
 2021-02-24 15:22:53 +08:00
danfengliu
08d9d286c8 Fix nightly issues caused by docker upgrade to 20 
1. Local image should be removed, otherwise docker 20 will not tigger
get manifest request to harbor;
2. E2E image Dockerfile update;
3. Fix nighlty test issue of tag retention, add execution refesh to get
result;
4. Fix nighlty test keyword 'Create An New Project And Go Into
Project' issue that waiting long enough time for list display;
5. Add nightly test case, in GUI, scan result will show if cve id exist in allow list configuration;
6. Move proxy cache test to schdule pipeline, it will save some time for
db pipeline.t p

Signed-off-by: danfengliu <danfengl@vmware.com>
 2021-01-28 16:34:20 +08:00
danfengliu
e034515a93
Merge pull request #14088 from danfengliu/cherry-pick-2.1.0-upgrade-to-python3-in-CI-host 
[Cherry-pick 2.1.0] Upgrade python to v3 in git action CI host
 2021-01-27 18:03:28 +08:00
danfengliu
af43659b2f Upgrade python to v3 in git action CI host 
The original python packaged: in git action host is V2, it should be upgraded to
V3.

Signed-off-by: danfengliu <danfengl@vmware.com>
 2021-01-26 21:11:26 +08:00
Wenkai Yin(尹文开)
cc1066f8a9
Merge pull request #14010 from reasonerjt/tokenreview-rm-header-2.1 
Remove raw token from header in token review reuqest - 2.1.x
 2021-01-14 18:30:36 +08:00
Daniel Jiang
dc95792ee0 Remove raw token from header in token review reuqest 
The server to handle token-review may have a limitation for the size of
the header.  When the token is huge the token review may fail.
This commit remove the necessary header to harden the flow.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2021-01-14 17:26:08 +08:00
Daniel Jiang
b6de84c571
Update the reg-exp to match v2/catalog api (#13943) 
A more strict check is applied such that all requests to
/v2/_catalog/...  will be verified.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2021-01-09 12:34:39 +08:00
Wang Yan
b0b19f52d0
update go version to 1.14.13 (#13938) 
1, update go version to v1.14.13
2, build binary per PR instead of fetching from storage

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2021-01-08 19:27:18 +08:00
danfengliu
de5445a894
Merge pull request #13908 from danfengliu/fix-issue-of-replication-list-row-locator 
Fix issue of wrong xpath for replicaiton row selector
 2021-01-08 14:04:55 +08:00
Danfeng Liu (c)
c2dfc23ab8 Fix issue of wrong xpath for replicaiton row selector 
Signed-off-by: Danfeng Liu (c) <danfengl@vmware.com>
 2021-01-06 16:52:58 +08:00
Daniel Jiang
17215ee505
Remove scanner-pull from system admin's permission (#13903) 
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2021-01-06 14:53:20 +08:00
Wang Yan
45f743bb73
bump version to v2.1.3 (#13893) 
Signed-off-by: Wang Yan <wangyan@vmware.com>
 2021-01-05 17:44:49 +08:00
Wenkai Yin(尹文开)
04e3322c9e
Merge pull request #13828 from stonezdj/2.1.3_add_content_type 
(cherry-pick) Add content type and length in header
 2021-01-05 16:15:02 +08:00
Daniel Jiang
c3c4ccf5d4
Merge pull request #13873 from reasonerjt/token-scope-2.1 
Refine the token scope generation - cherrypick to 2.1
 2021-01-05 15:14:13 +08:00
stonezdj
b87052ec55 Add content type and length in header 
Fixes #13740
Update ManifestExist to return Descriptor instead of digest
For docker 20.10 or containerd, it HEAD the manifest before pull, then
it GET the manifest with digest, add logic to handle this scenario and
correlate the tag between the digest in proxy cache

Signed-off-by: stonezdj <stonezdj@gmail.com>
 2021-01-04 17:37:09 +08:00
Daniel Jiang
5e8506831a Refine the token scope generation 
This commit directly maps the actoin permission in security context to
the scope generated by the token service in harbor-core.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
 2021-01-04 13:42:56 +08:00
Qian Deng
591d4eeab8
Merge pull request #13816 from ninjadq/cherry_pick_python_yaml_load_210 
Fix pythom yaml load to safe_load
 2021-01-04 10:51:17 +08:00
DQ
9f5a85b484 Fix pythom yaml load to safe_load 
Signed-off-by: DQ <dengq@vmware.com>
 2020-12-21 11:32:55 +08:00
danfengliu
ec2b83dcf3
Merge pull request #13725 from danfengliu/cherry-pick-2.1-image-sample-build-at-local 
Build image sample for test in local
 2020-12-15 17:19:05 +08:00