Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

enable notary v2 policy checker #18927

Merged
merged 1 commit into from
Jul 14, 2023
Merged

Conversation

wy65701436
Copy link
Contributor

@wy65701436 wy65701436 commented Jul 13, 2023

add notary v2 pull policy, when it enables, the artifact cannot be pull without the notation signature.

Thank you for contributing to Harbor!

Comprehensive Summary of your change

Issue being fixed

Fixes #(issue)

Please indicate you've done the following:

  • Well Written Title and Summary of the PR
  • Label the PR as needed. "release-note/ignore-for-release, release-note/new-feature, release-note/update, release-note/enhancement, release-note/community, release-note/breaking-change, release-note/docs, release-note/infra, release-note/deprecation"
  • Accepted the DCO. Commits without the DCO will delay acceptance.
  • Made sure tests are passing and test coverage is added if needed.
  • Considered the docs impact and opened a new docs issue or PR with docs changes if needed in website repository.

@codecov
Copy link

codecov bot commented Jul 13, 2023

Codecov Report

Merging #18927 (ac6f07f) into main (5cce621) will increase coverage by 3.16%.
The diff coverage is 75.00%.

Impacted file tree graph

@@            Coverage Diff             @@
##             main   #18927      +/-   ##
==========================================
+ Coverage   67.40%   70.57%   +3.16%     
==========================================
  Files         986      750     -236     
  Lines      107983    94816   -13167     
  Branches     2698        0    -2698     
==========================================
- Hits        72786    66912    -5874     
+ Misses      31300    24299    -7001     
+ Partials     3897     3605     -292     
Flag Coverage Δ
unittests 70.57% <75.00%> (+3.16%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files Coverage Δ
src/server/registry/route.go 0.00% <0.00%> (ø)
src/server/middleware/contenttrust/contentrust.go 81.13% <76.47%> (ø)
src/server/middleware/util/util.go 92.85% <100.00%> (+0.35%) ⬆️

... and 239 files with indirect coverage changes

@wy65701436 wy65701436 force-pushed the notaryv2 branch 3 times, most recently from 958b985 to 7567e68 Compare July 13, 2023 09:17
@@ -44,42 +43,56 @@ func Cosign() func(http.Handler) http.Handler {
return err
}

// If cosign policy enabled, it has to at least have one cosign signature.
// If signature policy enabled, it has to at least have one cosign signature.
Copy link
Contributor

@zyyw zyyw Jul 14, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"If signature policy enabled, it has to at least have one cosign signature. "

The cosign signature statement here in the comment seems to be not correct/accurate.

add notary v2 pull policy, when it enables, the artifact cannot be pull without the notation signature.

Signed-off-by: wang yan <wangyan@vmware.com>
Copy link
Contributor

@zyyw zyyw left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

Copy link
Member

@chlins chlins left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@wy65701436 wy65701436 merged commit ff2b99d into goharbor:main Jul 14, 2023
AllForNothing pushed a commit to AllForNothing/harbor that referenced this pull request Jul 19, 2023
1. for goharbor#18927

Signed-off-by: AllForNothing <sshijun@vmware.com>
AllForNothing pushed a commit to AllForNothing/harbor that referenced this pull request Jul 19, 2023
1. for goharbor#18927

Signed-off-by: AllForNothing <sshijun@vmware.com>
AllForNothing pushed a commit to AllForNothing/harbor that referenced this pull request Jul 19, 2023
1. for goharbor#18927

Signed-off-by: AllForNothing <sshijun@vmware.com>
AllForNothing added a commit that referenced this pull request Jul 19, 2023
1. for #18927

Signed-off-by: AllForNothing <sshijun@vmware.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants