Merge branch 'main' into dependabot/go_modules/src/golang.org/x/net-0…

….26.0
goharbor · Jun 21, 2024 · 7ae4c46 · 7ae4c46
2 parents 1f15f15 + bb2c62c
commit 7ae4c46
Show file tree

Hide file tree

Showing 12 changed files with 23 additions and 44 deletions.
diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml
@@ -5,7 +5,7 @@ env:
    POSTGRESQL_USR: postgres
    POSTGRESQL_PWD: root123
    POSTGRESQL_DATABASE: registry
-   DOCKER_COMPOSE_VERSION: 1.23.0
+   DOCKER_COMPOSE_VERSION: 2.27.1
    HARBOR_ADMIN: admin
    HARBOR_ADMIN_PASSWD: Harbor12345
    CORE_SECRET: tempString
@@ -66,7 +66,7 @@ jobs:
           env
           #sudo apt install -y xvfb
           #xvfb-run ls
-          curl -L https://github.com/docker/compose/releases/download/${DOCKER_COMPOSE_VERSION}/docker-compose-`uname -s`-`uname -m` > docker-compose
+          curl -L https://github.com/docker/compose/releases/download/v${DOCKER_COMPOSE_VERSION}/docker-compose-`uname -s`-`uname -m` > docker-compose
           chmod +x docker-compose
           sudo mv docker-compose /usr/local/bin
           IP=`hostname -I | awk '{print $1}'`
@@ -131,7 +131,7 @@ jobs:
           df -h
           #sudo apt install -y xvfb
           #xvfb-run ls
-          curl -L https://github.com/docker/compose/releases/download/${DOCKER_COMPOSE_VERSION}/docker-compose-`uname -s`-`uname -m` > docker-compose
+          curl -L https://github.com/docker/compose/releases/download/v${DOCKER_COMPOSE_VERSION}/docker-compose-`uname -s`-`uname -m` > docker-compose
           chmod +x docker-compose
           sudo mv docker-compose /usr/local/bin
       - name: install
@@ -186,7 +186,7 @@ jobs:
           df -h
           #sudo apt install -y xvfb
           #xvfb-run ls
-          curl -L https://github.com/docker/compose/releases/download/${DOCKER_COMPOSE_VERSION}/docker-compose-`uname -s`-`uname -m` > docker-compose
+          curl -L https://github.com/docker/compose/releases/download/v${DOCKER_COMPOSE_VERSION}/docker-compose-`uname -s`-`uname -m` > docker-compose
           chmod +x docker-compose
           sudo mv docker-compose /usr/local/bin
       - name: install
@@ -240,7 +240,7 @@ jobs:
           df -h
           #sudo apt install -y xvfb
           #xvfb-run ls
-          curl -L https://github.com/docker/compose/releases/download/${DOCKER_COMPOSE_VERSION}/docker-compose-`uname -s`-`uname -m` > docker-compose
+          curl -L https://github.com/docker/compose/releases/download/v${DOCKER_COMPOSE_VERSION}/docker-compose-`uname -s`-`uname -m` > docker-compose
           chmod +x docker-compose
           sudo mv docker-compose /usr/local/bin
       - name: install
@@ -292,7 +292,7 @@ jobs:
           df -h
           #sudo apt install -y xvfb
           #xvfb-run ls
-          curl -L https://github.com/docker/compose/releases/download/${DOCKER_COMPOSE_VERSION}/docker-compose-`uname -s`-`uname -m` > docker-compose
+          curl -L https://github.com/docker/compose/releases/download/v${DOCKER_COMPOSE_VERSION}/docker-compose-`uname -s`-`uname -m` > docker-compose
           chmod +x docker-compose
           sudo mv docker-compose /usr/local/bin
           IP=`hostname -I | awk '{print $1}'`

diff --git a/.github/workflows/nightly-trivy-scan.yml b/.github/workflows/nightly-trivy-scan.yml
@@ -12,7 +12,7 @@ jobs:
       matrix:
         # maintain the versions of harbor that need to be actively
         # security scanned
-        versions: [dev, v2.10.0-dev]
+        versions: [dev, v2.11.0-dev]
         # list of images that need to be scanned
         images: [harbor-core, harbor-db, harbor-exporter, harbor-jobservice, harbor-log, harbor-portal, harbor-registryctl, prepare]
     permissions:

diff --git a/src/controller/proxy/controller.go b/src/controller/proxy/controller.go
@@ -172,9 +172,6 @@ func (c *controller) UseLocalManifest(ctx context.Context, art lib.ArtifactInfo,
 		return false, nil, err
 	}
 	if !exist || desc == nil {
-		go func() {
-			c.local.DeleteManifest(remoteRepo, art.Tag)
-		}()
 		return false, nil, errors.NotFoundError(fmt.Errorf("repo %v, tag %v not found", art.Repository, art.Tag))
 	}
 
@@ -220,11 +217,6 @@ func (c *controller) ProxyManifest(ctx context.Context, art lib.ArtifactInfo, re
 	ref := getReference(art)
 	man, dig, err := remote.Manifest(remoteRepo, ref)
 	if err != nil {
-		if errors.IsNotFoundErr(err) {
-			go func() {
-				c.local.DeleteManifest(remoteRepo, art.Tag)
-			}()
-		}
 		return man, err
 	}
 	ct, _, err := man.Payload()

diff --git a/src/controller/task/sweep.go b/src/controller/task/sweep.go
@@ -41,8 +41,8 @@ const (
 	systemVendorID = -1
 
 	cronTypeCustom = "Custom"
-	// run for every hour
-	cronSpec = "0 0 * * * *"
+	// run for every day
+	cronSpec = "0 0 0 * * *"
 )
 
 func init() {

diff --git a/src/pkg/artifactrash/dao/dao.go b/src/pkg/artifactrash/dao/dao.go
@@ -102,10 +102,8 @@ func (d *dao) Flush(ctx context.Context, cutOff time.Time) (err error) {
 	if err != nil {
 		return err
 	}
+
 	sql := fmt.Sprintf(`DELETE FROM artifact_trash where creation_time <= TO_TIMESTAMP('%f')`, float64(cutOff.UnixNano())/float64((time.Second)))
-	if err != nil {
-		return err
-	}
 	_, err = ormer.Raw(sql).Exec()
 	if err != nil {
 		return err

diff --git a/src/pkg/scan/sbom/sbom.go b/src/pkg/scan/sbom/sbom.go
@@ -22,13 +22,11 @@ import (
 	"strings"
 	"time"
 
-	"github.com/goharbor/harbor/src/common"
 	"github.com/goharbor/harbor/src/common/rbac"
 	"github.com/goharbor/harbor/src/controller/artifact"
 	scanCtl "github.com/goharbor/harbor/src/controller/scan"
 	"github.com/goharbor/harbor/src/jobservice/job"
 	"github.com/goharbor/harbor/src/jobservice/logger"
-	"github.com/goharbor/harbor/src/lib/config"
 	"github.com/goharbor/harbor/src/lib/errors"
 	"github.com/goharbor/harbor/src/lib/log"
 	"github.com/goharbor/harbor/src/lib/orm"
@@ -54,7 +52,6 @@ const (
 func init() {
 	scan.RegisterScanHanlder(v1.ScanTypeSbom, &scanHandler{
 		GenAccessoryFunc:       scan.GenAccessoryArt,
-		RegistryServer:         registry,
 		SBOMMgrFunc:            func() Manager { return Mgr },
 		TaskMgrFunc:            func() task.Manager { return task.Mgr },
 		ArtifactControllerFunc: func() artifact.Controller { return artifact.Ctl },
@@ -67,7 +64,6 @@ func init() {
 // scanHandler defines the Handler to generate sbom
 type scanHandler struct {
 	GenAccessoryFunc       func(scanRep v1.ScanRequest, sbomContent []byte, labels map[string]string, mediaType string, robot *model.Robot) (string, error)
-	RegistryServer         func(ctx context.Context) (string, bool)
 	SBOMMgrFunc            func() Manager
 	TaskMgrFunc            func() task.Manager
 	ArtifactControllerFunc func() artifact.Controller
@@ -96,8 +92,10 @@ func (h *scanHandler) PostScan(ctx job.Context, sr *v1.ScanRequest, _ *scanModel
 		Registry: sr.Registry,
 		Artifact: sr.Artifact,
 	}
-	// the registry server url is core by default, need to replace it with real registry server url
-	scanReq.Registry.URL, scanReq.Registry.Insecure = h.RegistryServer(ctx.SystemContext())
+	scanReq.Registry.Insecure = strings.HasPrefix(scanReq.Registry.URL, "http://")
+	// the registry URL should not contain http:// or https:// prefix
+	scanReq.Registry.URL = strings.TrimPrefix(scanReq.Registry.URL, "http://")
+	scanReq.Registry.URL = strings.TrimPrefix(scanReq.Registry.URL, "https://")
 	if len(scanReq.Registry.URL) == 0 {
 		return "", fmt.Errorf("empty registry server")
 	}
@@ -170,19 +168,6 @@ func (h *scanHandler) Update(ctx context.Context, uuid string, report string) er
 	return nil
 }
 
-// extract server name from config, and remove the protocol prefix
-func registry(ctx context.Context) (string, bool) {
-	cfgMgr, ok := config.FromContext(ctx)
-	if ok {
-		extURL := cfgMgr.Get(context.Background(), common.ExtEndpoint).GetString()
-		insecure := strings.HasPrefix(extURL, "http://")
-		server := strings.TrimPrefix(extURL, "https://")
-		server = strings.TrimPrefix(server, "http://")
-		return server, insecure
-	}
-	return "", false
-}
-
 // retrieveSBOMContent retrieves the "sbom" field from the raw report
 func retrieveSBOMContent(rawReport string) ([]byte, *v1.Scanner, error) {
 	rpt := sbom.RawSBOMReport{}

diff --git a/src/pkg/scan/sbom/sbom_test.go b/src/pkg/scan/sbom/sbom_test.go
@@ -147,7 +147,6 @@ func (suite *SBOMTestSuite) SetupSuite() {
 
 	suite.handler = &scanHandler{
 		GenAccessoryFunc:       mockGenAccessory,
-		RegistryServer:         mockGetRegistry,
 		SBOMMgrFunc:            func() Manager { return suite.sbomManager },
 		TaskMgrFunc:            func() task.Manager { return suite.taskMgr },
 		ArtifactControllerFunc: func() artifact.Controller { return suite.artifactCtl },

diff --git a/src/pkg/task/dao/task.go b/src/pkg/task/dao/task.go
@@ -114,8 +114,8 @@ func (t *taskDAO) ListScanTasksByReportUUID(ctx context.Context, uuid string) ([
 	}
 
 	var tasks []*Task
-	param := fmt.Sprintf(`{"report_uuids":["%s"]}`, uuid)
-	sql := `SELECT * FROM task WHERE extra_attrs::jsonb @> cast( ? as jsonb )`
+	param := fmt.Sprintf(`"%s"`, uuid)
+	sql := `SELECT * FROM task WHERE extra_attrs::jsonb -> 'report_uuids' @> ?`
 	_, err = ormer.Raw(sql, param).QueryRows(&tasks)
 	if err != nil {
 		return nil, err

diff --git a/src/pkg/task/sweep_manager.go b/src/pkg/task/sweep_manager.go
@@ -176,7 +176,7 @@ func (sm *sweepManager) Clean(ctx context.Context, execIDs []int64) error {
 		return errors.Wrap(err, "failed to delete tasks")
 	}
 	// delete executions
-	sql = fmt.Sprintf("DELETE FROM execution WHERE id IN (%s)", orm.ParamPlaceholderForIn(len(params)))
+	sql = fmt.Sprintf("DELETE FROM execution WHERE id IN (%s) AND id NOT IN (SELECT DISTINCT execution_id FROM task)", orm.ParamPlaceholderForIn(len(params)))
 	_, err = ormer.Raw(sql, params...).Exec()
 	if err != nil {
 		return errors.Wrap(err, "failed to delete executions")

diff --git a/...ifact/artifact-list-page/artifact-list/artifact-list-tab/artifact-list-tab.component.html b/...ifact/artifact-list-page/artifact-list/artifact-list-tab/artifact-list-tab.component.html
@@ -15,6 +15,7 @@
             <clr-dg-action-bar class="action-bar">
                 <div>
                     <button
+                        *ngIf="hasEnabledScanner"
                         id="scan-btn"
                         [clrLoading]="scanBtnState"
                         type="button"
@@ -68,6 +69,7 @@
                             <button
                                 clrDropdownItem
                                 id="stop-scan"
+                                *ngIf="hasEnabledScanner"
                                 [clrLoading]="stopBtnState"
                                 type="button"
                                 class="btn btn-secondary scan-btn action-dropdown-item"
@@ -97,6 +99,7 @@
                                 <span>{{ 'SBOM.STOP' | translate }}</span>
                             </button>
                             <div
+                                *ngIf="hasEnabledScanner || hasEnabledSbom()"
                                 class="dropdown-divider"
                                 role="separator"
                                 aria-hidden="true"></div>

diff --git a/src/portal/src/app/shared/entities/shared.const.ts b/src/portal/src/app/shared/entities/shared.const.ts
@@ -14,6 +14,7 @@
 
 import locale_en from '@angular/common/locales/en';
 import locale_zh_CN from '@angular/common/locales/zh-Hans';
+import locale_kr from '@angular/common/locales/ko';
 import locale_zh_TW from '@angular/common/locales/zh-Hans-HK';
 import locale_es from '@angular/common/locales/es';
 import locale_fr from '@angular/common/locales/fr';
@@ -237,6 +238,7 @@ export const LANGUAGES = {
     'en-us': ['English', locale_en],
     'zh-cn': ['中文简体', locale_zh_CN],
     'zh-tw': ['中文繁體', locale_zh_TW],
+    'ko-kr': ['한국어', locale_kr],
     'es-es': ['Español', locale_es],
     'fr-fr': ['Français', locale_fr],
     'pt-br': ['Português do Brasil', locale_pt],

diff --git a/tests/resources/Harbor-Pages/Job_Service_Dashboard.robot b/tests/resources/Harbor-Pages/Job_Service_Dashboard.robot
@@ -141,7 +141,7 @@ Check Schedule List
     # Check log rotation schedule
     Retry Wait Until Page Contains Element  //clr-dg-row[.//clr-dg-cell[text()='PURGE_AUDIT_LOG'] and .//clr-dg-cell[text()='${schedule_cron}']]
     # Check execution sweep schedule
-    Retry Wait Until Page Contains Element  //clr-dg-row[.//clr-dg-cell[text()='EXECUTION_SWEEP'] and .//clr-dg-cell[text()='0 0 * * * *']]
+    Retry Wait Until Page Contains Element  //clr-dg-row[.//clr-dg-cell[text()='EXECUTION_SWEEP'] and .//clr-dg-cell[text()='0 0 0 * * *']]
     # Check system artifact cleanup schedule
     Retry Wait Until Page Contains Element  //clr-dg-row[.//clr-dg-cell[text()='SYSTEM_ARTIFACT_CLEANUP'] and .//clr-dg-cell[text()='0 0 0 * * *']]