Merge branch 'main' into uffizzi-integration

goharbor · Mar 28, 2023 · 3c85342 · 3c85342
2 parents 5fb94b7 + e5e61d4
commit 3c85342
Show file tree

Hide file tree

Showing 2,421 changed files with 75,193 additions and 357,727 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -13,7 +13,6 @@ updates:
       interval: "daily"
     labels:
       - "release-note/infra"
-      - "release-note/update"
     assignees:
       - "OrlinVasilev"
     reviewers:

diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml
@@ -33,16 +33,11 @@ jobs:
       - ubuntu-latest
     timeout-minutes: 100
     steps:
-      - name: Set up Go 1.19
+      - name: Set up Go 1.20
         uses: actions/setup-go@v1
         with:
-           go-version: 1.19.4
+           go-version: 1.20.1
         id: go
-      - name: setup Docker
-        uses: docker-practice/actions-setup-docker@1.0.11
-        with:
-          docker_version: 20.04
-          docker_channel: stable
       - uses: actions/checkout@v3
         with:
          path: src/github.com/goharbor/harbor
@@ -99,16 +94,11 @@ jobs:
       - ubuntu-latest
     timeout-minutes: 100
     steps:
-      - name: Set up Go 1.19
+      - name: Set up Go 1.20
         uses: actions/setup-go@v1
         with:
-          go-version: 1.19.4
+          go-version: 1.20.1
         id: go
-      - name: setup Docker
-        uses: docker-practice/actions-setup-docker@1.0.11
-        with:
-          docker_version: 18.09
-          docker_channel: stable
       - uses: actions/checkout@v3
         with:
           path: src/github.com/goharbor/harbor
@@ -159,16 +149,11 @@ jobs:
       - ubuntu-latest
     timeout-minutes: 100
     steps:
-      - name: Set up Go 1.19
+      - name: Set up Go 1.20
         uses: actions/setup-go@v1
         with:
-          go-version: 1.19.4
+          go-version: 1.20.1
         id: go
-      - name: setup Docker
-        uses: docker-practice/actions-setup-docker@1.0.11
-        with:
-          docker_version: 18.09
-          docker_channel: stable
       - uses: actions/checkout@v3
         with:
           path: src/github.com/goharbor/harbor
@@ -219,16 +204,11 @@ jobs:
       - ubuntu-latest
     timeout-minutes: 100
     steps:
-      - name: Set up Go 1.19
+      - name: Set up Go 1.20
         uses: actions/setup-go@v1
         with:
-          go-version: 1.19.4
+          go-version: 1.20.1
         id: go
-      - name: setup Docker
-        uses: docker-practice/actions-setup-docker@1.0.11
-        with:
-          docker_version: 18.09
-          docker_channel: stable
       - uses: actions/checkout@v3
         with:
           path: src/github.com/goharbor/harbor
@@ -277,16 +257,11 @@ jobs:
       - ubuntu-latest
     timeout-minutes: 100
     steps:
-      - name: Set up Go 1.19
+      - name: Set up Go 1.20
         uses: actions/setup-go@v1
         with:
-          go-version: 1.19.4
+          go-version: 1.20.1
         id: go
-      - name: setup Docker
-        uses: docker-practice/actions-setup-docker@1.0.11
-        with:
-          docker_version: 18.09
-          docker_channel: stable
       - uses: actions/checkout@v3
         with:
           path: src/github.com/goharbor/harbor
@@ -336,7 +311,7 @@ jobs:
     steps:
       - uses: actions/setup-node@v3
         with:
-          node-version: '16'
+          node-version: '18'
       - uses: actions/checkout@v3
         with:
           path: src/github.com/goharbor/harbor

diff --git a/.github/workflows/build-package.yml b/.github/workflows/build-package.yml
@@ -16,22 +16,22 @@ jobs:
       - ubuntu-20.04
     steps:
       - uses: actions/checkout@v3
-      - uses: 'google-github-actions/auth@v0'
+      - uses: 'google-github-actions/auth@v1'
         with:
           credentials_json: '${{ secrets.GCP_CREDENTIALS }}'
       - uses: google-github-actions/setup-gcloud@v0
         with:
           version: '285.0.0'
       - run: gcloud info
-      - name: Set up Go 1.19
+      - name: Set up Go 1.20
         uses: actions/setup-go@v1
         with:
-          go-version: 1.19.4
+          go-version: 1.20.1
         id: go
       - name: Setup Docker
         uses: docker-practice/actions-setup-docker@1.0.11
         with:
-          docker_version: 18.09
+          docker_version: 20.10
           docker_channel: stable
       - uses: actions/checkout@v3
       - uses: jitterbit/get-changed-files@v1
@@ -88,8 +88,8 @@ jobs:
           else
             build_base_params=" BUILD_BASE=true PUSHBASEIMAGE=true REGISTRYUSER=\"${{ secrets.DOCKER_HUB_USERNAME }}\" REGISTRYPASSWORD=\"${{ secrets.DOCKER_HUB_PASSWORD }}\""
           fi
-          sudo make package_offline GOBUILDTAGS="include_oss include_gcs" BASEIMAGETAG=${Harbor_Build_Base_Tag} VERSIONTAG=${Harbor_Assets_Version} PKGVERSIONTAG=${Harbor_Package_Version} NOTARYFLAG=true CHARTFLAG=true TRIVYFLAG=true HTTPPROXY= ${build_base_params}
-          sudo make package_online GOBUILDTAGS="include_oss include_gcs" BASEIMAGETAG=${Harbor_Build_Base_Tag} VERSIONTAG=${Harbor_Assets_Version} PKGVERSIONTAG=${Harbor_Package_Version} NOTARYFLAG=true CHARTFLAG=true TRIVYFLAG=true HTTPPROXY= ${build_base_params}
+          sudo make package_offline GOBUILDTAGS="include_oss include_gcs" BASEIMAGETAG=${Harbor_Build_Base_Tag} VERSIONTAG=${Harbor_Assets_Version} PKGVERSIONTAG=${Harbor_Package_Version} NOTARYFLAG=true TRIVYFLAG=true HTTPPROXY= ${build_base_params}
+          sudo make package_online GOBUILDTAGS="include_oss include_gcs" BASEIMAGETAG=${Harbor_Build_Base_Tag} VERSIONTAG=${Harbor_Assets_Version} PKGVERSIONTAG=${Harbor_Package_Version} NOTARYFLAG=true TRIVYFLAG=true HTTPPROXY= ${build_base_params}
           harbor_offline_build_bundle=$(basename harbor-offline-installer-*.tgz)
           harbor_online_build_bundle=$(basename harbor-online-installer-*.tgz)
           echo "Package name is: $harbor_offline_build_bundle"

diff --git a/.github/workflows/conformance_test.yml b/.github/workflows/conformance_test.yml
@@ -20,21 +20,16 @@ jobs:
       - uses: actions/checkout@v3
       - id: 'auth'
         name: 'Authenticate to Google Cloud'
-        uses: google-github-actions/auth@v0
+        uses: google-github-actions/auth@v1
         with:
           credentials_json: '${{ secrets.GCP_CREDENTIALS }}'
       - uses: google-github-actions/setup-gcloud@v0
       - run: gcloud info
-      - name: Set up Go 1.19
+      - name: Set up Go 1.20
         uses: actions/setup-go@v1
         with:
-          go-version: 1.19.4
+          go-version: 1.20.1
         id: go
-      - name: setup Docker
-        uses: docker-practice/actions-setup-docker@1.0.11
-        with:
-          docker_version: 18.09
-          docker_channel: stable
       - uses: actions/checkout@v3
         with:
           path: src/github.com/goharbor/harbor

diff --git a/.github/workflows/housekeeping-stale-issues-prs.yaml b/.github/workflows/housekeeping-stale-issues-prs.yaml
@@ -7,7 +7,7 @@ jobs:
   stale:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/stale@v6.0.1
+      - uses: actions/stale@v8.0.0
         with:
           stale-issue-message: 'This issue is being marked stale due to a period of inactivity. If this issue is still relevant, please comment or remove the stale label. Otherwise, this issue will close in 30 days.'
           stale-pr-message: 'This PR is being marked stale due to a period of inactivty. If this PR is still relevant, please comment or remove the stale label. Otherwise, this PR will close in 30 days.'

diff --git a/.github/workflows/label_check.yaml b/.github/workflows/label_check.yaml
@@ -16,7 +16,7 @@ jobs:
     name: Check release-note label set
     runs-on: ubuntu-latest
     steps:
-      - uses: mheap/github-action-required-labels@v2
+      - uses: mheap/github-action-required-labels@v3
         with:
           mode: minimum
           count: 1

diff --git a/.github/workflows/nightly-trivy-scan.yml b/.github/workflows/nightly-trivy-scan.yml
@@ -13,7 +13,7 @@ jobs:
         # maintain the versions of harbor that need to be actively
         # security scanned
         # TODO have to add 2.7 version also once it is released
-        versions: [dev]
+        versions: [dev, v2.7.0-dev]
         # list of images that need to be scanned
         images: [harbor-core, harbor-db, harbor-exporter, harbor-jobservice, harbor-log, harbor-portal, harbor-registryctl, prepare]
     permissions:

diff --git a/.github/workflows/publish_release.yml b/.github/workflows/publish_release.yml
@@ -19,7 +19,7 @@ jobs:
           echo "PRE_TAG=$(echo $release | jq -r '.body' | jq -r '.preTag')" >> $GITHUB_ENV
           echo "BRANCH=$(echo $release | jq -r '.target_commitish')" >> $GITHUB_ENV
           echo "PRERELEASE=$(echo $release | jq -r '.prerelease')" >> $GITHUB_ENV
-      - uses: 'google-github-actions/auth@v0'
+      - uses: 'google-github-actions/auth@v1'
         with:
           credentials_json: '${{ secrets.GCP_CREDENTIALS }}'
       - uses: google-github-actions/setup-gcloud@v0
@@ -52,13 +52,16 @@ jobs:
       - name: Setup Docker
         uses: docker-practice/actions-setup-docker@1.0.11
         with:
-          docker_version: 18.09
+          docker_version: 20.10
           docker_channel: stable
       - name: Publish Images
         run: |
           tar -zxf ${{ env.OFFLINE_PACKAGE_PATH }}
           docker load -i ./harbor/harbor.${{ env.BASE_TAG }}.tar.gz
-          source tools/release/release_utils.sh && publishImages ${{ env.CUR_TAG }} ${{ env.BASE_TAG }} ${{ secrets.DOCKER_HUB_USERNAME }} ${{ secrets.DOCKER_HUB_PASSWORD }}
+          images="$(docker images --format "{{.Repository}}" --filter=reference='goharbor/*:${{ env.BASE_TAG }}' | xargs)"
+          source tools/release/release_utils.sh
+          publishImages ${{ env.CUR_TAG }} ${{ env.BASE_TAG }} ${{ secrets.DOCKER_HUB_USERNAME }} ${{ secrets.DOCKER_HUB_PASSWORD }} $images
+          publishPackages ${{ env.CUR_TAG }} ${{ env.BASE_TAG }} ${{ github.actor }} ${{ secrets.GITHUB_TOKEN }} $images
       - name: Generate release notes
         run: |
           release_notes_path=$(pwd)/release-notes.txt
@@ -83,4 +86,4 @@ jobs:
             ${{ env.OFFLINE_PACKAGE_PATH }}.asc
             ${{ env.ONLINE_PACKAGE_PATH }}
             ${{ env.ONLINE_PACKAGE_PATH }}.asc
-            ${{ env.MD5SUM_PATH }}
+            ${{ env.MD5SUM_PATH }}
diff --git a/.gitignore b/.gitignore
@@ -33,7 +33,7 @@ src/portal/typings/
 .vscode/
 **/node_modules
 **/ssl/
-**/proxy.config.json
+**/proxy.config.mjs
 
 src/portal/src/**/*.js
 src/portal/src/**/*.js.map

diff --git a/ADOPTERS.md b/ADOPTERS.md
@@ -75,7 +75,7 @@ and manages more than 3,000 images.
 CI/CD pipeline for more than a year housing hundreds of images for various
 environments.
 
-**AWN:** Utilizes Harbor as a secure image repository for all of internal
+**AWN:** Utilizes Harbor as a secure image repository for all internal
 container-based workloads. Harbor provides developers and sysadmins a secure
 and easy-to-use repository. AWN leverages the image vulnerability scanning
 feature within Harbor before deploying images into production.

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -11,7 +11,7 @@ Contributors are encouraged to collaborate using the following resources in addi
 
 * [Bi-weekly public community meetings][community-meetings]
   * Catch up with [past meetings on YouTube][past-meetings]
-* Chat with us on the CNCF Slack ([get an invite here][cncf-slack] )
+* Chat with us on the CNCF Slack ([get an invitation here][cncf-slack] )
   * [#harbor][users-slack] for end-user discussions
   * [#harbor-dev][dev-slack] for development of Harbor
 * Want long-form communication instead of Slack? We have two distributions lists:
@@ -31,7 +31,7 @@ export GOPATH=$HOME/go
 mkdir -p $GOPATH/src/github.com/goharbor
 
 #Get code
-go get github.com/goharbor/harbor
+git clone git@github.com:goharbor/harbor.git
 cd $GOPATH/src/github.com/goharbor/harbor
 
 #Track repository under your personal account
@@ -47,7 +47,7 @@ To build the project, please refer the [build](https://goharbor.io/docs/edge/bui
 
 ### Repository Structure
 
-Here is the basic structure of the harbor code base. Some of the key folders / files are commented for your references.
+Here is the basic structure of the harbor code base. Some key folders / files are commented for your references.
 ```
 .
 ...
@@ -192,15 +192,15 @@ Harbor web UI is built based on [Clarity](https://vmware.github.io/clarity/) and
 |   2.3    |      10.1.2        |       4.0.2        |
 |   2.4    |      12.0.3        |       5.3.0        |
 
-To run the Web UI code, please refer to the UI [start](https://github.com/goharbor/harbor/blob/master/src/portal/README.md) guideline.
+To run the Web UI code, please refer to the UI [start](https://github.com/goharbor/harbor/tree/main/src/portal) guideline.
 
 To run the code, please refer to the [build](https://goharbor.io/docs/edge/build-customize-contribute/compile-guide/) guideline.
 
 ## Contribute Workflow
 
 PR are always welcome, even if they only contain small fixes like typos or a few lines of code. If there will be a significant effort, please document it as an issue and get a discussion going before starting to work on it.
 
-Please submit a PR broken down into small changes bit by bit. A PR consisting of a lot features and code changes may be hard to review. It is recommended to submit PRs in an incremental fashion.
+Please submit a PR broken down into small changes bit by bit. A PR consisting of a lot of features and code changes may be hard to review. It is recommended to submit PRs in an incremental fashion.
 
 Note: If you split your pull request to small changes, please make sure any of the changes goes to `main` will not break anything. Otherwise, it can not be merged until this feature complete.
 
@@ -293,7 +293,7 @@ Please use `fetch / rebase` (as shown above) instead of `git pull`. `git pull` d
 
 ### Commit
 
-As Harbor has integrated the [DCO (Developer Certificate of Origin)](https://probot.github.io/apps/dco/) check tool, contributors are required to sign-off that they adhere to those requirements by adding a `Signed-off-by` line to the commit messages. Git has even provided a `-s` command line option to append that automatically to your commit messages, please use it when you commit your changes.
+As Harbor has integrated the [DCO (Developer Certificate of Origin)](https://probot.github.io/apps/dco/) check tool, contributors are required to sign off that they adhere to those requirements by adding a `Signed-off-by` line to the commit messages. Git has even provided a `-s` command line option to append that automatically to your commit messages, please use it when you commit your changes.
 
 ```bash
 $ git commit -s -m 'This is my commit message'
@@ -316,7 +316,7 @@ curl https://cdn.rawgit.com/tommarshall/git-good-commit/v0.6.1/hook.sh > .git/ho
 
 ### Automated Testing
 Once your pull request has been opened, harbor will run two CI pipelines against it.
-1. In the travis CI, your source code will be checked via `golint`, `go vet` and `go race` that makes sure the code is readable, safe and correct. Also all of unit tests will be triggered via `go test` against the pull request. What you need to pay attention to is the travis result and the coverage report.
+1. In the travis CI, your source code will be checked via `golint`, `go vet` and `go race` that makes sure the code is readable, safe and correct. Also, all of unit tests will be triggered via `go test` against the pull request. What you need to pay attention to is the travis result and the coverage report.
 * If any failure in travis, you need to figure out whether it is introduced by your commits.
 * If the coverage dramatic decline, you need to commit unit test to coverage your code.
 2. In the drone CI, the E2E test will be triggered against the pull request. Also, the source code will be checked via `gosec`, and the result is stored in google storage for later analysis. The pipeline is about to build and install harbor from source code, then to run four very basic E2E tests to validate the basic functionalities of harbor, like: