This commit fixes#22254
It updates the "GetReport" function, such that when the scanner is
unhealthy, and we can't know the the artifact is supported, we will
still try to return the report stored in DB.
Signed-off-by: Daniel Jiang <daniel.jiang@broadcom.com>
1, downgrade the base version to 2.14, and update it whenever we have the release-2.14.0 branch.
2, refresh the base images bses on the latest code.
Signed-off-by: wy65701436 <wangyan@vmware.com>
feat(replication): add Single Active Replication per policy
* Added single_active_replication field to schema & DB table
* Updated API, controller & handler to enforce single execution per policy
* Added checkbox in UI to enable/disable single_active_replication for a
policy
* Implemented necessary backend & frontend tests
* Prevents parallel runs per policy if single_active_replication is enabled
Signed-off-by: bupd <bupdprasanth@gmail.com>
According to PR #22198, some inactive adapters have been removed from the default adapter list.
This pull request updates PERMITTED_REGISTRY_TYPES_FOR_PROXY_CACHE accordingly, since the list of proxy cache adapters should be a subset of the replication adapters.
Signed-off-by: wy65701436 <wangyan@vmware.com>
remove extra build_base=false && pull_base_from_dockerhub=false logic
we do not block the case using local chached image(docker build --pull=false) while build_base=false
However we need gurantee always pull latest image while build package
And when there's some rate limit issue in the CICD situation we could set pull_base_from_dockerhub=false
Signed-off-by: my036811 <miner.yang@broadcom.com>
to extend the enhancement from https://github.com/goharbor/harbor/pull/21924 to fuzzy and range match. After the enhance, the orm.ExerSep is not supported in any sort of query keywords.
Signed-off-by: wy65701436 <wangyan@vmware.com>
Build Package Workflow / BUILD_PACKAGE (push) Has been cancelledDetails
Code scanning - action / CodeQL-Build (push) Has been cancelledDetails
Trivy Nightly Scan / Trivy Scan nightly (harbor-core, dev) (push) Has been cancelledDetails
Trivy Nightly Scan / Trivy Scan nightly (harbor-core, v2.12.0-dev) (push) Has been cancelledDetails
Trivy Nightly Scan / Trivy Scan nightly (harbor-db, dev) (push) Has been cancelledDetails
Trivy Nightly Scan / Trivy Scan nightly (harbor-db, v2.12.0-dev) (push) Has been cancelledDetails
Trivy Nightly Scan / Trivy Scan nightly (harbor-exporter, dev) (push) Has been cancelledDetails
Trivy Nightly Scan / Trivy Scan nightly (harbor-exporter, v2.12.0-dev) (push) Has been cancelledDetails
Trivy Nightly Scan / Trivy Scan nightly (harbor-jobservice, dev) (push) Has been cancelledDetails
Trivy Nightly Scan / Trivy Scan nightly (harbor-jobservice, v2.12.0-dev) (push) Has been cancelledDetails
Trivy Nightly Scan / Trivy Scan nightly (harbor-log, dev) (push) Has been cancelledDetails
Trivy Nightly Scan / Trivy Scan nightly (harbor-log, v2.12.0-dev) (push) Has been cancelledDetails
Trivy Nightly Scan / Trivy Scan nightly (harbor-portal, dev) (push) Has been cancelledDetails
Trivy Nightly Scan / Trivy Scan nightly (harbor-portal, v2.12.0-dev) (push) Has been cancelledDetails
Trivy Nightly Scan / Trivy Scan nightly (harbor-registryctl, dev) (push) Has been cancelledDetails
Trivy Nightly Scan / Trivy Scan nightly (harbor-registryctl, v2.12.0-dev) (push) Has been cancelledDetails
Trivy Nightly Scan / Trivy Scan nightly (prepare, dev) (push) Has been cancelledDetails
Trivy Nightly Scan / Trivy Scan nightly (prepare, v2.12.0-dev) (push) Has been cancelledDetails
CONFORMANCE_TEST / CONFORMANCE_TEST (push) Has been cancelledDetails
Housekeeping - Close stale issues and PRs / stale (push) Has been cancelledDetails
fixes#21925
According to https://github.com/goharbor/harbor/wiki/Harbor-Replicaiton-Adapter-Owner, some replication adapters are no longer actively maintained by the Harbor community. To address this, a whitelist environment variable is introduced to define the list of actively supported adapters, which will be used by the Harbor portal and API to display and allow usage.
If you still wish to view and use the unsupported or inactive adapters, you must manually update the whitelist and include the desired adapter names. For the list of adapter names, refer to https://github.com/goharbor/harbor/blob/main/src/pkg/reg/model/registry.go#L22
Signed-off-by: wang yan <wangyan@vmware.com>
Build Package Workflow / BUILD_PACKAGE (push) Waiting to runDetails
Code scanning - action / CodeQL-Build (push) Waiting to runDetails
fixes#22143
This commit makes update to the vulnerable policy middleware. So that
it will skip the sheck only when the artifact is not scannable AND it
does not have a scan report.
Signed-off-by: Daniel Jiang <daniel.jiang@broadcom.com>
Build Package Workflow / BUILD_PACKAGE (push) Waiting to runDetails
Code scanning - action / CodeQL-Build (push) Waiting to runDetails
This commit makes change to the API GET /api/v2.0/vul to make it include
"status" of CVEs in the response.
It also makes update in the UI to add the "Status" column to the data
grids in security hub and artifact details page.
Signed-off-by: Daniel Jiang <daniel.jiang@broadcom.com>
Build Package Workflow / BUILD_PACKAGE (push) Waiting to runDetails
Code scanning - action / CodeQL-Build (push) Waiting to runDetails
This commit adds the field "status" to the struct of a vulnerability and adds
column "status" to vulnerability record table. It makes sure the statuses
of CVEs returned by trivy scanner are persisted and can be returned via
the vulnerabilities addition API of an artifact.
Signed-off-by: Daniel Jiang <daniel.jiang@broadcom.com>
Build Package Workflow / BUILD_PACKAGE (push) Waiting to runDetails
Code scanning - action / CodeQL-Build (push) Waiting to runDetails
Set Fix and CVE3Score in VulnerabilityRecord from VulnerabilityItem.
Follow-up of #21915Fixes#21463
Signed-off-by: Spyros Trigazis <spyridon.trigazis@cern.ch>
Build Package Workflow / BUILD_PACKAGE (push) Has been cancelledDetails
Code scanning - action / CodeQL-Build (push) Has been cancelledDetails
fix: Audit Log Eventtype antipattern in System Settings
* update logic from disabled to enabled
* update i18n to reflect the change
Signed-off-by: bupd <bupdprasanth@gmail.com>
Build Package Workflow / BUILD_PACKAGE (push) Has been cancelledDetails
Code scanning - action / CodeQL-Build (push) Has been cancelledDetails
add BUILD_INSTALLER parameter to optionally build prepare and log container only when we need to build offline_installer
Signed-off-by: my036811 <miner.yang@broadcom.com>
Build Package Workflow / BUILD_PACKAGE (push) Has been cancelledDetails
Code scanning - action / CodeQL-Build (push) Has been cancelledDetails
Housekeeping - Close stale issues and PRs / stale (push) Has been cancelledDetails
Trivy Nightly Scan / Trivy Scan nightly (harbor-core, dev) (push) Has been cancelledDetails
Trivy Nightly Scan / Trivy Scan nightly (harbor-core, v2.12.0-dev) (push) Has been cancelledDetails
Trivy Nightly Scan / Trivy Scan nightly (harbor-db, dev) (push) Has been cancelledDetails
Trivy Nightly Scan / Trivy Scan nightly (harbor-db, v2.12.0-dev) (push) Has been cancelledDetails
Trivy Nightly Scan / Trivy Scan nightly (harbor-exporter, dev) (push) Has been cancelledDetails
Trivy Nightly Scan / Trivy Scan nightly (harbor-exporter, v2.12.0-dev) (push) Has been cancelledDetails
Trivy Nightly Scan / Trivy Scan nightly (harbor-jobservice, dev) (push) Has been cancelledDetails
Trivy Nightly Scan / Trivy Scan nightly (harbor-jobservice, v2.12.0-dev) (push) Has been cancelledDetails
Trivy Nightly Scan / Trivy Scan nightly (harbor-log, dev) (push) Has been cancelledDetails
Trivy Nightly Scan / Trivy Scan nightly (harbor-log, v2.12.0-dev) (push) Has been cancelledDetails
Trivy Nightly Scan / Trivy Scan nightly (harbor-portal, dev) (push) Has been cancelledDetails
Trivy Nightly Scan / Trivy Scan nightly (harbor-portal, v2.12.0-dev) (push) Has been cancelledDetails
Trivy Nightly Scan / Trivy Scan nightly (harbor-registryctl, dev) (push) Has been cancelledDetails
Trivy Nightly Scan / Trivy Scan nightly (harbor-registryctl, v2.12.0-dev) (push) Has been cancelledDetails
Trivy Nightly Scan / Trivy Scan nightly (prepare, dev) (push) Has been cancelledDetails
Trivy Nightly Scan / Trivy Scan nightly (prepare, v2.12.0-dev) (push) Has been cancelledDetails
CONFORMANCE_TEST / CONFORMANCE_TEST (push) Has been cancelledDetails
Change the pass-CI rules to exclude the resources and robot-cases folder
Pass HARBOR_ADMIN env to robot testcases
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
dependabot[bot]
stonezdj(Daojun Zhang)
Daniel Jiang
miner
Wang Yan
Prasanth Baskar
Chlins Zhang
Moon
Roger
Spyros Trigazis
yuzhipeng
miner
Sergey
Chethan