Fix(CI): tests #22329
Closed
Fix(CI): tests #22329
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Describe whats different in next Signed-off-by: Vadim Bauer <[email protected]>
Signed-off-by: Vadim Bauer <[email protected]>
Signed-off-by: Vadim Bauer <[email protected]>
Describe whats different in next Signed-off-by: Vadim Bauer <[email protected]>
Signed-off-by: Vadim Bauer <[email protected]>
Signed-off-by: Prasanth Baskar <[email protected]>
Signed-off-by: bupd <[email protected]>
Signed-off-by: bupd <[email protected]>
Signed-off-by: bupd <[email protected]>
Signed-off-by: bupd <[email protected]>
…flows-conformance_test-yml-L31-1756651436
* Add 400 code response in swagger.yaml for updateRegistry updateReplicationPolicy and headProject (goharbor#22165) Signed-off-by: yuzhipeng <[email protected]> * Update FixVersion and ScoreV3 (goharbor#22007) Set Fix and CVE3Score in VulnerabilityRecord from VulnerabilityItem. Follow-up of goharbor#21915 Fixes goharbor#21463 Signed-off-by: Spyros Trigazis <[email protected]> * Add "status" of CVEs to artfact scan report (goharbor#22177) This commit adds the field "status" to the struct of a vulnerability and adds column "status" to vulnerability record table. It makes sure the statuses of CVEs returned by trivy scanner are persisted and can be returned via the vulnerabilities addition API of an artifact. Signed-off-by: Daniel Jiang <[email protected]> * Improve portal README.md formatting and clarity (goharbor#22173) improving the portal readme file Signed-off-by: rgcr <[email protected]> * chore: Updated RELEASE.md by updating Minor Release Support Map (goharbor#22145) Updated the Minor Release Support Matrix to include v2.13 Signed-off-by: Mooneeb Hussain <[email protected]> * Add status field to the API on secyurityHub (goharbor#22182) This commit makes change to the API GET /api/v2.0/vul to make it include "status" of CVEs in the response. It also makes update in the UI to add the "Status" column to the data grids in security hub and artifact details page. Signed-off-by: Daniel Jiang <[email protected]> * Set MAX_JOB_DURATION_SECONDS from jobservice config.yml (goharbor#22116) Signed-off-by: stonezdj <[email protected]> * clean up project metadata for tag retention policy after deletion (goharbor#22174) Signed-off-by: my036811 <[email protected]> * chore(deps): bump helm.sh/helm/v3 from 3.18.2 to 3.18.3 in /src (goharbor#22113) --- updated-dependencies: - dependency-name: helm.sh/helm/v3 dependency-version: 3.18.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: miner <[email protected]> * chore(deps): bump helm.sh/helm/v3 from 3.18.3 to 3.18.4 in /src (goharbor#22188) --- updated-dependencies: - dependency-name: helm.sh/helm/v3 dependency-version: 3.18.4 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Remove testcase Open Image Scanners doc page (goharbor#22180) Signed-off-by: stonezdj <[email protected]> * Don't always skip vuln check when artifact is not scannable (goharbor#22187) fixes goharbor#22143 This commit makes update to the vulnerable policy middleware. So that it will skip the sheck only when the artifact is not scannable AND it does not have a scan report. Signed-off-by: Daniel Jiang <[email protected]> * Display download url for BUILD_PACKAGE action (goharbor#22197) Signed-off-by: stonezdj <[email protected]> * add the replicaiton adapter whitelist (goharbor#22198) fixes goharbor#21925 According to https://github.com/goharbor/harbor/wiki/Harbor-Replicaiton-Adapter-Owner, some replication adapters are no longer actively maintained by the Harbor community. To address this, a whitelist environment variable is introduced to define the list of actively supported adapters, which will be used by the Harbor portal and API to display and allow usage. If you still wish to view and use the unsupported or inactive adapters, you must manually update the whitelist and include the desired adapter names. For the list of adapter names, refer to https://github.com/goharbor/harbor/blob/main/src/pkg/reg/model/registry.go#L22 Signed-off-by: wang yan <[email protected]> * fix: correct the permission of project maintainer role for webhook policy (goharbor#22135) Signed-off-by: chlins <[email protected]> * update the orm filter func (goharbor#22208) to extend the enhancement from goharbor#21924 to fuzzy and range match. After the enhance, the orm.ExerSep is not supported in any sort of query keywords. Signed-off-by: wy65701436 <[email protected]> * bump golang version (goharbor#22205) to the latest golang version v1.24.5 from v1.24.3 Signed-off-by: wy65701436 <[email protected]> * Add HTTP 409 error when creating robot account (goharbor#22201) fixes goharbor#22107 Signed-off-by: stonezdj <[email protected]> * feat: support raw format for CNAI model (goharbor#22040) Signed-off-by: chlins <[email protected]> * The tag retention job failed with 403 error message (goharbor#22159) fixes goharbor#22141 Signed-off-by: stonezdj <[email protected]> * remove extra build_base=false && pull_base_from_dockerhub=false check logic (goharbor#22233) remove extra build_base=false && pull_base_from_dockerhub=false logic we do not block the case using local chached image(docker build --pull=false) while build_base=false However we need gurantee always pull latest image while build package And when there's some rate limit issue in the CICD situation we could set pull_base_from_dockerhub=false Signed-off-by: my036811 <[email protected]> * chore(deps): bump github.com/volcengine/volcengine-go-sdk from 1.1.19 to 1.1.25 in /src (goharbor#22225) chore(deps): bump github.com/volcengine/volcengine-go-sdk in /src Bumps [github.com/volcengine/volcengine-go-sdk](https://github.com/volcengine/volcengine-go-sdk) from 1.1.19 to 1.1.25. - [Release notes](https://github.com/volcengine/volcengine-go-sdk/releases) - [Commits](volcengine/volcengine-go-sdk@v1.1.19...v1.1.25) --- updated-dependencies: - dependency-name: github.com/volcengine/volcengine-go-sdk dependency-version: 1.1.25 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: miner <[email protected]> * Delete local cache if the artifact doesn't exist in upstream registry (goharbor#22175) fixes goharbor#20596 Signed-off-by: stonezdj <[email protected]> * update the support list of proxy cache (goharbor#22237) According to PR goharbor#22198, some inactive adapters have been removed from the default adapter list. This pull request updates PERMITTED_REGISTRY_TYPES_FOR_PROXY_CACHE accordingly, since the list of proxy cache adapters should be a subset of the replication adapters. Signed-off-by: wy65701436 <[email protected]> * bump go version (goharbor#22238) * feat: Single Active Replication (goharbor#21347) feat(replication): add Single Active Replication per policy * Added single_active_replication field to schema & DB table * Updated API, controller & handler to enforce single execution per policy * Added checkbox in UI to enable/disable single_active_replication for a policy * Implemented necessary backend & frontend tests * Prevents parallel runs per policy if single_active_replication is enabled Signed-off-by: bupd <[email protected]> * bump base verson for v2.15.0 (goharbor#22241) Signed-off-by: wy65701436 <[email protected]> * build base images (goharbor#22249) 1, downgrade the base version to 2.14, and update it whenever we have the release-2.14.0 branch. 2, refresh the base images bses on the latest code. Signed-off-by: wy65701436 <[email protected]> * Upload build logs to github artifact (goharbor#22223) Upload log files to github with 5 day retention Signed-off-by: stonezdj <[email protected]> * add prepare migration script for 2.14.0 (goharbor#22247) Signed-off-by: my036811 <[email protected]> * chore(deps): bump helm.sh/helm/v3 from 3.18.4 to 3.18.5 in /src (goharbor#22258) Bumps [helm.sh/helm/v3](https://github.com/helm/helm) from 3.18.4 to 3.18.5. - [Release notes](https://github.com/helm/helm/releases) - [Commits](helm/helm@v3.18.4...v3.18.5) --- updated-dependencies: - dependency-name: helm.sh/helm/v3 dependency-version: 3.18.5 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump actions/checkout from 3 to 5 (goharbor#22250) Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 5. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v3...v5) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump github.com/volcengine/volcengine-go-sdk from 1.1.25 to 1.1.26 in /src (goharbor#22244) chore(deps): bump github.com/volcengine/volcengine-go-sdk in /src Bumps [github.com/volcengine/volcengine-go-sdk](https://github.com/volcengine/volcengine-go-sdk) from 1.1.25 to 1.1.26. - [Release notes](https://github.com/volcengine/volcengine-go-sdk/releases) - [Commits](volcengine/volcengine-go-sdk@v1.1.25...v1.1.26) --- updated-dependencies: - dependency-name: github.com/volcengine/volcengine-go-sdk dependency-version: 1.1.26 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Return the Resport when the scanner is unhealthy (goharbor#22255) This commit fixes goharbor#22254 It updates the "GetReport" function, such that when the scanner is unhealthy, and we can't know the the artifact is supported, we will still try to return the report stored in DB. Signed-off-by: Daniel Jiang <[email protected]> * Refine the sql to query non empty repositories (goharbor#22269) use exists instead of in condition Signed-off-by: stonezdj <[email protected]> * chore(deps): bump github.com/beego/beego/v2 from 2.3.6 to 2.3.8 in /src (goharbor#22282) Bumps [github.com/beego/beego/v2](https://github.com/beego/beego) from 2.3.6 to 2.3.8. - [Release notes](https://github.com/beego/beego/releases) - [Changelog](https://github.com/beego/beego/blob/master/CHANGELOG.md) - [Commits](beego/beego@v2.3.6...v2.3.8) --- updated-dependencies: - dependency-name: github.com/beego/beego/v2 dependency-version: 2.3.8 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump github.com/prometheus/client_model from 0.6.1 to 0.6.2 in /src (goharbor#22283) chore(deps): bump github.com/prometheus/client_model in /src Bumps [github.com/prometheus/client_model](https://github.com/prometheus/client_model) from 0.6.1 to 0.6.2. - [Release notes](https://github.com/prometheus/client_model/releases) - [Commits](prometheus/client_model@v0.6.1...v0.6.2) --- updated-dependencies: - dependency-name: github.com/prometheus/client_model dependency-version: 0.6.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump github.com/cloudevents/sdk-go/v2 from 2.15.2 to 2.16.1 in /src (goharbor#22281) chore(deps): bump github.com/cloudevents/sdk-go/v2 in /src Bumps [github.com/cloudevents/sdk-go/v2](https://github.com/cloudevents/sdk-go) from 2.15.2 to 2.16.1. - [Release notes](https://github.com/cloudevents/sdk-go/releases) - [Commits](cloudevents/sdk-go@v2.15.2...v2.16.1) --- updated-dependencies: - dependency-name: github.com/cloudevents/sdk-go/v2 dependency-version: 2.16.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump github.com/go-openapi/swag from 0.23.0 to 0.23.1 in /src (goharbor#22243) chore(deps): bump github.com/go-openapi/swag in /src Bumps [github.com/go-openapi/swag](https://github.com/go-openapi/swag) from 0.23.0 to 0.23.1. - [Commits](go-openapi/swag@v0.23.0...v0.23.1) --- updated-dependencies: - dependency-name: github.com/go-openapi/swag dependency-version: 0.23.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump github.com/volcengine/volcengine-go-sdk from 1.1.26 to 1.1.29 in /src (goharbor#22284) chore(deps): bump github.com/volcengine/volcengine-go-sdk in /src Bumps [github.com/volcengine/volcengine-go-sdk](https://github.com/volcengine/volcengine-go-sdk) from 1.1.26 to 1.1.29. - [Release notes](https://github.com/volcengine/volcengine-go-sdk/releases) - [Commits](volcengine/volcengine-go-sdk@v1.1.26...v1.1.29) --- updated-dependencies: - dependency-name: github.com/volcengine/volcengine-go-sdk dependency-version: 1.1.29 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update README.md (#48) Describe whats different in next Signed-off-by: Vadim Bauer <[email protected]> * Update README.md (#54) Signed-off-by: Vadim Bauer <[email protected]> * Correct conformance_test GitHub Actions workflow at line 31 (merges into #64) --------- Signed-off-by: yuzhipeng <[email protected]> Signed-off-by: Spyros Trigazis <[email protected]> Signed-off-by: Daniel Jiang <[email protected]> Signed-off-by: rgcr <[email protected]> Signed-off-by: Mooneeb Hussain <[email protected]> Signed-off-by: stonezdj <[email protected]> Signed-off-by: my036811 <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: wang yan <[email protected]> Signed-off-by: chlins <[email protected]> Signed-off-by: wy65701436 <[email protected]> Signed-off-by: stonezdj <[email protected]> Signed-off-by: bupd <[email protected]> Signed-off-by: Vadim Bauer <[email protected]> Signed-off-by: Prasanth Baskar <[email protected]> Co-authored-by: yuzhipeng <[email protected]> Co-authored-by: Spyros Trigazis <[email protected]> Co-authored-by: Daniel Jiang <[email protected]> Co-authored-by: Roger <[email protected]> Co-authored-by: Moon <[email protected]> Co-authored-by: stonezdj(Daojun Zhang) <[email protected]> Co-authored-by: miner <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: miner <[email protected]> Co-authored-by: Wang Yan <[email protected]> Co-authored-by: Chlins Zhang <[email protected]> Co-authored-by: Vadim Bauer <[email protected]> Co-authored-by: cubic Bot <[email protected]>
* Add 400 code response in swagger.yaml for updateRegistry updateReplicationPolicy and headProject (goharbor#22165) Signed-off-by: yuzhipeng <[email protected]> * Update FixVersion and ScoreV3 (goharbor#22007) Set Fix and CVE3Score in VulnerabilityRecord from VulnerabilityItem. Follow-up of goharbor#21915 Fixes goharbor#21463 Signed-off-by: Spyros Trigazis <[email protected]> * Add "status" of CVEs to artfact scan report (goharbor#22177) This commit adds the field "status" to the struct of a vulnerability and adds column "status" to vulnerability record table. It makes sure the statuses of CVEs returned by trivy scanner are persisted and can be returned via the vulnerabilities addition API of an artifact. Signed-off-by: Daniel Jiang <[email protected]> * Improve portal README.md formatting and clarity (goharbor#22173) improving the portal readme file Signed-off-by: rgcr <[email protected]> * chore: Updated RELEASE.md by updating Minor Release Support Map (goharbor#22145) Updated the Minor Release Support Matrix to include v2.13 Signed-off-by: Mooneeb Hussain <[email protected]> * Add status field to the API on secyurityHub (goharbor#22182) This commit makes change to the API GET /api/v2.0/vul to make it include "status" of CVEs in the response. It also makes update in the UI to add the "Status" column to the data grids in security hub and artifact details page. Signed-off-by: Daniel Jiang <[email protected]> * Set MAX_JOB_DURATION_SECONDS from jobservice config.yml (goharbor#22116) Signed-off-by: stonezdj <[email protected]> * clean up project metadata for tag retention policy after deletion (goharbor#22174) Signed-off-by: my036811 <[email protected]> * chore(deps): bump helm.sh/helm/v3 from 3.18.2 to 3.18.3 in /src (goharbor#22113) --- updated-dependencies: - dependency-name: helm.sh/helm/v3 dependency-version: 3.18.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: miner <[email protected]> * chore(deps): bump helm.sh/helm/v3 from 3.18.3 to 3.18.4 in /src (goharbor#22188) --- updated-dependencies: - dependency-name: helm.sh/helm/v3 dependency-version: 3.18.4 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Remove testcase Open Image Scanners doc page (goharbor#22180) Signed-off-by: stonezdj <[email protected]> * Don't always skip vuln check when artifact is not scannable (goharbor#22187) fixes goharbor#22143 This commit makes update to the vulnerable policy middleware. So that it will skip the sheck only when the artifact is not scannable AND it does not have a scan report. Signed-off-by: Daniel Jiang <[email protected]> * Display download url for BUILD_PACKAGE action (goharbor#22197) Signed-off-by: stonezdj <[email protected]> * add the replicaiton adapter whitelist (goharbor#22198) fixes goharbor#21925 According to https://github.com/goharbor/harbor/wiki/Harbor-Replicaiton-Adapter-Owner, some replication adapters are no longer actively maintained by the Harbor community. To address this, a whitelist environment variable is introduced to define the list of actively supported adapters, which will be used by the Harbor portal and API to display and allow usage. If you still wish to view and use the unsupported or inactive adapters, you must manually update the whitelist and include the desired adapter names. For the list of adapter names, refer to https://github.com/goharbor/harbor/blob/main/src/pkg/reg/model/registry.go#L22 Signed-off-by: wang yan <[email protected]> * fix: correct the permission of project maintainer role for webhook policy (goharbor#22135) Signed-off-by: chlins <[email protected]> * update the orm filter func (goharbor#22208) to extend the enhancement from goharbor#21924 to fuzzy and range match. After the enhance, the orm.ExerSep is not supported in any sort of query keywords. Signed-off-by: wy65701436 <[email protected]> * bump golang version (goharbor#22205) to the latest golang version v1.24.5 from v1.24.3 Signed-off-by: wy65701436 <[email protected]> * Add HTTP 409 error when creating robot account (goharbor#22201) fixes goharbor#22107 Signed-off-by: stonezdj <[email protected]> * feat: support raw format for CNAI model (goharbor#22040) Signed-off-by: chlins <[email protected]> * The tag retention job failed with 403 error message (goharbor#22159) fixes goharbor#22141 Signed-off-by: stonezdj <[email protected]> * remove extra build_base=false && pull_base_from_dockerhub=false check logic (goharbor#22233) remove extra build_base=false && pull_base_from_dockerhub=false logic we do not block the case using local chached image(docker build --pull=false) while build_base=false However we need gurantee always pull latest image while build package And when there's some rate limit issue in the CICD situation we could set pull_base_from_dockerhub=false Signed-off-by: my036811 <[email protected]> * chore(deps): bump github.com/volcengine/volcengine-go-sdk from 1.1.19 to 1.1.25 in /src (goharbor#22225) chore(deps): bump github.com/volcengine/volcengine-go-sdk in /src Bumps [github.com/volcengine/volcengine-go-sdk](https://github.com/volcengine/volcengine-go-sdk) from 1.1.19 to 1.1.25. - [Release notes](https://github.com/volcengine/volcengine-go-sdk/releases) - [Commits](volcengine/volcengine-go-sdk@v1.1.19...v1.1.25) --- updated-dependencies: - dependency-name: github.com/volcengine/volcengine-go-sdk dependency-version: 1.1.25 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: miner <[email protected]> * Delete local cache if the artifact doesn't exist in upstream registry (goharbor#22175) fixes goharbor#20596 Signed-off-by: stonezdj <[email protected]> * update the support list of proxy cache (goharbor#22237) According to PR goharbor#22198, some inactive adapters have been removed from the default adapter list. This pull request updates PERMITTED_REGISTRY_TYPES_FOR_PROXY_CACHE accordingly, since the list of proxy cache adapters should be a subset of the replication adapters. Signed-off-by: wy65701436 <[email protected]> * bump go version (goharbor#22238) * feat: Single Active Replication (goharbor#21347) feat(replication): add Single Active Replication per policy * Added single_active_replication field to schema & DB table * Updated API, controller & handler to enforce single execution per policy * Added checkbox in UI to enable/disable single_active_replication for a policy * Implemented necessary backend & frontend tests * Prevents parallel runs per policy if single_active_replication is enabled Signed-off-by: bupd <[email protected]> * bump base verson for v2.15.0 (goharbor#22241) Signed-off-by: wy65701436 <[email protected]> * build base images (goharbor#22249) 1, downgrade the base version to 2.14, and update it whenever we have the release-2.14.0 branch. 2, refresh the base images bses on the latest code. Signed-off-by: wy65701436 <[email protected]> * Upload build logs to github artifact (goharbor#22223) Upload log files to github with 5 day retention Signed-off-by: stonezdj <[email protected]> * add prepare migration script for 2.14.0 (goharbor#22247) Signed-off-by: my036811 <[email protected]> * chore(deps): bump helm.sh/helm/v3 from 3.18.4 to 3.18.5 in /src (goharbor#22258) Bumps [helm.sh/helm/v3](https://github.com/helm/helm) from 3.18.4 to 3.18.5. - [Release notes](https://github.com/helm/helm/releases) - [Commits](helm/helm@v3.18.4...v3.18.5) --- updated-dependencies: - dependency-name: helm.sh/helm/v3 dependency-version: 3.18.5 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump actions/checkout from 3 to 5 (goharbor#22250) Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 5. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v3...v5) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump github.com/volcengine/volcengine-go-sdk from 1.1.25 to 1.1.26 in /src (goharbor#22244) chore(deps): bump github.com/volcengine/volcengine-go-sdk in /src Bumps [github.com/volcengine/volcengine-go-sdk](https://github.com/volcengine/volcengine-go-sdk) from 1.1.25 to 1.1.26. - [Release notes](https://github.com/volcengine/volcengine-go-sdk/releases) - [Commits](volcengine/volcengine-go-sdk@v1.1.25...v1.1.26) --- updated-dependencies: - dependency-name: github.com/volcengine/volcengine-go-sdk dependency-version: 1.1.26 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Return the Resport when the scanner is unhealthy (goharbor#22255) This commit fixes goharbor#22254 It updates the "GetReport" function, such that when the scanner is unhealthy, and we can't know the the artifact is supported, we will still try to return the report stored in DB. Signed-off-by: Daniel Jiang <[email protected]> * Refine the sql to query non empty repositories (goharbor#22269) use exists instead of in condition Signed-off-by: stonezdj <[email protected]> * chore(deps): bump github.com/beego/beego/v2 from 2.3.6 to 2.3.8 in /src (goharbor#22282) Bumps [github.com/beego/beego/v2](https://github.com/beego/beego) from 2.3.6 to 2.3.8. - [Release notes](https://github.com/beego/beego/releases) - [Changelog](https://github.com/beego/beego/blob/master/CHANGELOG.md) - [Commits](beego/beego@v2.3.6...v2.3.8) --- updated-dependencies: - dependency-name: github.com/beego/beego/v2 dependency-version: 2.3.8 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump github.com/prometheus/client_model from 0.6.1 to 0.6.2 in /src (goharbor#22283) chore(deps): bump github.com/prometheus/client_model in /src Bumps [github.com/prometheus/client_model](https://github.com/prometheus/client_model) from 0.6.1 to 0.6.2. - [Release notes](https://github.com/prometheus/client_model/releases) - [Commits](prometheus/client_model@v0.6.1...v0.6.2) --- updated-dependencies: - dependency-name: github.com/prometheus/client_model dependency-version: 0.6.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump github.com/cloudevents/sdk-go/v2 from 2.15.2 to 2.16.1 in /src (goharbor#22281) chore(deps): bump github.com/cloudevents/sdk-go/v2 in /src Bumps [github.com/cloudevents/sdk-go/v2](https://github.com/cloudevents/sdk-go) from 2.15.2 to 2.16.1. - [Release notes](https://github.com/cloudevents/sdk-go/releases) - [Commits](cloudevents/sdk-go@v2.15.2...v2.16.1) --- updated-dependencies: - dependency-name: github.com/cloudevents/sdk-go/v2 dependency-version: 2.16.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump github.com/go-openapi/swag from 0.23.0 to 0.23.1 in /src (goharbor#22243) chore(deps): bump github.com/go-openapi/swag in /src Bumps [github.com/go-openapi/swag](https://github.com/go-openapi/swag) from 0.23.0 to 0.23.1. - [Commits](go-openapi/swag@v0.23.0...v0.23.1) --- updated-dependencies: - dependency-name: github.com/go-openapi/swag dependency-version: 0.23.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump github.com/volcengine/volcengine-go-sdk from 1.1.26 to 1.1.29 in /src (goharbor#22284) chore(deps): bump github.com/volcengine/volcengine-go-sdk in /src Bumps [github.com/volcengine/volcengine-go-sdk](https://github.com/volcengine/volcengine-go-sdk) from 1.1.26 to 1.1.29. - [Release notes](https://github.com/volcengine/volcengine-go-sdk/releases) - [Commits](volcengine/volcengine-go-sdk@v1.1.26...v1.1.29) --- updated-dependencies: - dependency-name: github.com/volcengine/volcengine-go-sdk dependency-version: 1.1.29 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update README.md (#48) Describe whats different in next Signed-off-by: Vadim Bauer <[email protected]> * Update README.md (#54) Signed-off-by: Vadim Bauer <[email protected]> * feat: daggerize harbor Signed-off-by: bupd <[email protected]> * fix: dagger cmds Signed-off-by: bupd <[email protected]> * feat: add publish pipeline with dagger Signed-off-by: bupd <[email protected]> * fix: pipeline Signed-off-by: bupd <[email protected]> --------- Signed-off-by: yuzhipeng <[email protected]> Signed-off-by: Spyros Trigazis <[email protected]> Signed-off-by: Daniel Jiang <[email protected]> Signed-off-by: rgcr <[email protected]> Signed-off-by: Mooneeb Hussain <[email protected]> Signed-off-by: stonezdj <[email protected]> Signed-off-by: my036811 <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: wang yan <[email protected]> Signed-off-by: chlins <[email protected]> Signed-off-by: wy65701436 <[email protected]> Signed-off-by: stonezdj <[email protected]> Signed-off-by: bupd <[email protected]> Signed-off-by: Vadim Bauer <[email protected]> Signed-off-by: Prasanth Baskar <[email protected]> Co-authored-by: yuzhipeng <[email protected]> Co-authored-by: Spyros Trigazis <[email protected]> Co-authored-by: Daniel Jiang <[email protected]> Co-authored-by: Roger <[email protected]> Co-authored-by: Moon <[email protected]> Co-authored-by: stonezdj(Daojun Zhang) <[email protected]> Co-authored-by: miner <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: miner <[email protected]> Co-authored-by: Wang Yan <[email protected]> Co-authored-by: Chlins Zhang <[email protected]> Co-authored-by: Vadim Bauer <[email protected]>
Signed-off-by: bupd <[email protected]>
Signed-off-by: bupd <[email protected]>
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #22329 +/- ##
==========================================
+ Coverage 45.36% 46.61% +1.24%
==========================================
Files 244 252 +8
Lines 13333 14252 +919
Branches 2719 2927 +208
==========================================
+ Hits 6049 6643 +594
- Misses 6983 7253 +270
- Partials 301 356 +55
Flags with carried forward coverage won't be shown. Click here to find out more. 🚀 New features to boost your workflow:
|
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
Comment on lines
+21
to
+65
| runs-on: ubuntu-latest | ||
| outputs: | ||
| VERSIONTAG: ${{ steps.vars.outputs.VERSIONTAG }} | ||
| DEBUGTAG: ${{ steps.vars.outputs.DEBUGTAG }} | ||
| REGISTRY_USER: ${{ steps.vars.outputs.REGISTRY_USER }} | ||
| steps: | ||
| - name: Checkout | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| fetch-depth: 1 | ||
|
|
||
| - name: Dagger Version | ||
| uses: sagikazarmark/[email protected] | ||
|
|
||
| - name: Set Variables | ||
| id: vars | ||
| run: | | ||
| if [ "${{ github.event_name }}" = "pull_request" ]; then | ||
| # use PR number as version tag | ||
| VERSIONTAG="pr-${{ github.event.number }}" | ||
| else | ||
| VERSIONTAG=$(echo "${GITHUB_REF_NAME}" | tr '/' '-') | ||
| fi | ||
| DEBUGTAG=$VERSIONTAG-debug | ||
|
|
||
| echo "VERSIONTAG=$VERSIONTAG" >> $GITHUB_ENV | ||
| echo "DEBUGTAG=$DEBUGTAG" >> $GITHUB_ENV | ||
|
|
||
| # docker auth | ||
| mkdir -p $HOME/.docker | ||
| echo '${{ secrets.DOCKER_AUTH_CONFIG }}' > $HOME/.docker/config.json | ||
| REGISTRY_USER=$(jq -r '.auths["${{ env.REGISTRY_DOMAIN }}"].username' $HOME/.docker/config.json) | ||
| echo "REGISTRY_USER=$REGISTRY_USER" >> $GITHUB_ENV | ||
|
|
||
| # Export registry password | ||
| REGISTRY_PASS=$(jq -r '.auths["${{ env.REGISTRY_DOMAIN }}"].password' $HOME/.docker/config.json) | ||
| echo "REGISTRY_PASS=$REGISTRY_PASS" >> $GITHUB_ENV | ||
|
|
||
| - name: Verify Dagger | ||
| uses: dagger/dagger-for-github@v7 | ||
| with: | ||
| version: ${{ steps.dagger_version.outputs.version }} | ||
| verb: functions | ||
|
|
||
| publish: |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Comment on lines
+66
to
+144
| needs: setup | ||
| runs-on: ubuntu-latest | ||
| strategy: | ||
| matrix: | ||
| include: | ||
| - component: core | ||
| debug: false | ||
| - component: core | ||
| debug: true | ||
| - component: jobservice | ||
| debug: false | ||
| - component: jobservice | ||
| debug: true | ||
| - component: registryctl | ||
| debug: false | ||
| - component: registryctl | ||
| debug: true | ||
| - component: registry | ||
| debug: false | ||
| - component: portal | ||
| debug: false | ||
| - component: nginx | ||
| debug: false | ||
| - component: trivy-adapter | ||
| debug: false | ||
| - component: cmd/exporter | ||
| debug: false | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
|
|
||
| - name: Set component vars | ||
| id: comp | ||
| run: | | ||
| if [ "${{ matrix.debug }}" = "true" ]; then | ||
| export FINAL_IMAGE_TAG="${{ needs.setup.outputs.DEBUGTAG }}" | ||
| else | ||
| export FINAL_IMAGE_TAG="${{ needs.setup.outputs.VERSIONTAG }}" | ||
| fi | ||
| echo "FINAL_IMAGE_TAG=$FINAL_IMAGE_TAG" >> $GITHUB_ENV | ||
|
|
||
| - name: Verify Dagger | ||
| uses: dagger/dagger-for-github@v7 | ||
| with: | ||
| version: latest | ||
| verb: functions | ||
|
|
||
| - name: Publish and Sign | ||
| id: publish | ||
| uses: dagger/dagger-for-github@v7 | ||
| with: | ||
| version: latest | ||
| verb: call | ||
| args: | | ||
| publish-and-sign-image \ | ||
| --pkg ${{ matrix.component }} \ | ||
| --registry-username=${{ env.REGISTRY_USER }} \ | ||
| --registry=${{ env.REGISTRY_DOMAIN }} \ | ||
| --registry-password="${{ env.REGISTRY_PASS }}" \ | ||
| --image-tags ${{ steps.comp.outputs.FINAL_IMAGE_TAG }} \ | ||
| --project-name=${{ env.PROJECT_NAME }} \ | ||
| --debugbin=${{ matrix.debug }} | ||
| --github-token=env:GITHUB_TOKEN \ | ||
| --actions-id-token-request-url=$ACTIONS_ID_TOKEN_REQUEST_URL \ | ||
| --actions-id-token-request-token=env:ACTIONS_ID_TOKEN_REQUEST_TOKEN | ||
|
|
||
| - name: Validate Image Ref | ||
| run: | | ||
| OUTPUT="${{ steps.publish.outputs.stdout }}" | ||
|
|
||
| echo "--- Full Dagger Output ---" | ||
| echo "$OUTPUT" | ||
| echo "--------------------------" | ||
|
|
||
| if echo "$OUTPUT" | grep -qE "^${{ env.REGISTRY_DOMAIN }}/${{ env.PROJECT_NAME }}/[a-z0-9./-]+:${{ steps.comp.outputs.FINAL_IMAGE_TAG }}@sha256:[a-f0-9]{64}$"; then | ||
| echo "✅ Success: Published image reference for '${{ matrix.component }}' is valid." | ||
| else | ||
| echo "❌ Error: Invalid image ref for '${{ matrix.component }}'" | ||
| exit 1 | ||
| fi |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Comprehensive Summary of your change
Edit: sorry wrong repo.