profile
viewpoint

steven-zou/registry-factory 5

Project chameleon is designed to provide a general artifact registry to support different kinds of package management technologies like npm, pip, rpm, gem and image etc.

denverdino/dockerclient 0

Docker client library in Go

reasonerjt/clair 0

Vulnerability Static Analysis for Containers

reasonerjt/community 0

Harbor community-related material

reasonerjt/distribution 0

The Docker toolset to pack, ship, store, and deliver content

reasonerjt/distribution-spec 0

OCI Distribution Specification

reasonerjt/docker-index 0

Open Source Docker Index (aka Docker Hub) written in Node.JS

reasonerjt/docker-registry 0

DEPRECATED! (see README) - previously was: "Registry server for Docker (hosting/delivering of repositories and images)"

PR opened goharbor/harbor

Artifact signature populate

This Commit add signature status into response of list artifact API.

Signed-off-by: Daniel Jiang jiangd@vmware.com

+254 -34

0 comment

21 changed files

pr created time in 2 hours

push eventreasonerjt/harbor

Daniel Jiang

commit sha 5a6e9331fd5e7a41126e14fc2b89c97efb6c58b3

Artifact signature populate (#7) * Populate signature status in artifact API This Commit add signature status into response of list artifact API. Signed-off-by: Daniel Jiang <jiangd@vmware.com>

view details

push time in 2 hours

create barnchreasonerjt/harbor

branch : artifact-signature-populate-v2

created branch time in 2 hours

push eventreasonerjt/harbor

Wenkai Yin

commit sha 93731eeb2eddc27a61a67c6fa144796f3878fe90

Support add/remove label to/from artifact This commit add supporting for adding/removing label to/from artifacts and populates labels when listing artifacts Signed-off-by: Wenkai Yin <yinw@vmware.com>

view details

AllForNothing

commit sha 036ae18b2557c9a50a2502ad4f3032692f953331

Improve swagger.yaml Signed-off-by: AllForNothing <sshijun@vmware.com>

view details

Wenkai Yin(尹文开)

commit sha e03e3e33547dda637caf1c0c2c5e5c7ff4d9d961

Merge pull request #10725 from AllForNothing/imp-swagger Improve swagger.yaml

view details

Wenkai Yin(尹文开)

commit sha d7903fcf1bbc2978bf149266051c0862c74325a5

Merge pull request #10682 from ywk253100/200126_label Support add/remove label to/from artifact

view details

wang yan

commit sha 8029f70ae51ec04334f4c3465a623a0cdcd84747

Get addition properties for chart 1, Get readme.md content into addition 2, Get dependency of chart 3, Get values of chart Signed-off-by: wang yan <wangyan@vmware.com>

view details

Wang Yan

commit sha e5eb7118271f73a91300d85e93342f85f686ec66

Merge pull request #10720 from wy65701436/chart-details Get addition properties for chart

view details

push time in 2 hours

create barnchreasonerjt/harbor

branch : artifact-signature-populate-new

created branch time in 2 hours

push eventreasonerjt/harbor

Daniel Jiang

commit sha 4887e26a45700132b15a0bb0c58e94846d2e063c

Fix go vet error Signed-off-by: Daniel Jiang <jiangd@vmware.com>

view details

Daniel Jiang

commit sha cffd9c8e8d8bd639ca46e03cebe907d195ff4848

Fix go vet error Signed-off-by: Daniel Jiang <jiangd@vmware.com>

view details

push time in 2 hours

push eventreasonerjt/harbor

Daniel Jiang

commit sha 325a5c8329f23404cccddcdedfde697abd03889c

Fix go vet error introduced by conflict Signed-off-by: Daniel Jiang <jiangd@vmware.com>

view details

push time in 3 hours

push eventreasonerjt/harbor

Daniel Jiang

commit sha febce0d036722e8ba46921988aebd78b503072cb

Resolve conflict Signed-off-by: Daniel Jiang <jiangd@vmware.com>

view details

push time in 3 hours

push eventreasonerjt/harbor

Wenkai Yin

commit sha 93731eeb2eddc27a61a67c6fa144796f3878fe90

Support add/remove label to/from artifact This commit add supporting for adding/removing label to/from artifacts and populates labels when listing artifacts Signed-off-by: Wenkai Yin <yinw@vmware.com>

view details

AllForNothing

commit sha 036ae18b2557c9a50a2502ad4f3032692f953331

Improve swagger.yaml Signed-off-by: AllForNothing <sshijun@vmware.com>

view details

Wenkai Yin(尹文开)

commit sha e03e3e33547dda637caf1c0c2c5e5c7ff4d9d961

Merge pull request #10725 from AllForNothing/imp-swagger Improve swagger.yaml

view details

Wenkai Yin(尹文开)

commit sha d7903fcf1bbc2978bf149266051c0862c74325a5

Merge pull request #10682 from ywk253100/200126_label Support add/remove label to/from artifact

view details

wang yan

commit sha 8029f70ae51ec04334f4c3465a623a0cdcd84747

Get addition properties for chart 1, Get readme.md content into addition 2, Get dependency of chart 3, Get values of chart Signed-off-by: wang yan <wangyan@vmware.com>

view details

Wang Yan

commit sha e5eb7118271f73a91300d85e93342f85f686ec66

Merge pull request #10720 from wy65701436/chart-details Get addition properties for chart

view details

Daniel Jiang

commit sha 8eb55f3d68f10fbe42ff27d65cb82cf6e7298559

Resolve conflict Signed-off-by: Daniel Jiang <jiangd@vmware.com>

view details

push time in 3 hours

push eventreasonerjt/harbor

Daniel Jiang

commit sha 88c966be36ff47334270f2f16aa6a3c3dfe06bc9

Populate signature status in artifact API This Commit add signature status into response of list artifact API. Signed-off-by: Daniel Jiang <jiangd@vmware.com>

view details

push time in 3 hours

issue openedgoharbor/harbor

Use signature manager to get signature status in contenttrust middleware.

In the 2.0 workflow we should leverage the manager to check signature rather than calling notary directly.

created time in 3 hours

issue commentgoharbor/harbor

Make sure replication works as expected after registry is switched to basic auth

Should be fixed in #10612 I'll verify and close it.

reasonerjt

comment created time in 4 hours

issue openedgoharbor/harbor

Refresh the test data for notary

The data in src/pkg/signature/notary/test should be updated.

It appears the data is going to expire soon:

time="2020-02-17T23:44:40+08:00" level=warning msg="targets metadata is nearing expiry, you should re-sign the role metadata"
time="2020-02-17T23:44:40+08:00" level=warning msg="snapshot is nearing expiry, you should re-sign the role metadata"

created time in 4 hours

push eventreasonerjt/harbor

Daniel Jiang

commit sha 886a51a97f53c38d69d9e8611a0e41e0f94edbb6

Populate signature status in artifact API This Commit add signature status into response of list artifact API. Signed-off-by: Daniel Jiang <jiangd@vmware.com>

view details

push time in 4 hours

issue openedgoharbor/harbor

Request ID is not usable

https://github.com/goharbor/harbor/blob/master/src/server/middleware/requestid/requestid.go

Currently the Request ID is added to the header of request, with this approach there's no way to propagate the ID to other request.

We should also consider to dump request ID in some log messages.
Currently I don't think the code really leverages this req id.

created time in 16 hours

push eventreasonerjt/harbor

Daniel Jiang

commit sha 8c75b18ed3cea75cc676a75b22c6e9b704b8af30

Populate signature status in artifact API This Commit add signature status into response of list artifact API. Signed-off-by: Daniel Jiang <jiangd@vmware.com>

view details

push time in a day

issue openedgoharbor/harbor

middleware package should not depends on api package

Instead middleware may propagate data that may be consumed by API, it sounds correct to me that api package should depends on API?

created time in a day

create barnchreasonerjt/harbor

branch : artifact-signature-populate

created branch time in a day

issue commentgoharbor/harbor

Docker login expires unexpectedly with OIDC ?

This is working as design because the user at the OIDC provider side may be removed or invalidated so the OIDC CLI secret has same life span as the id token.

But when docker login it will try to refresh the oidc if it expires, in your case it's possible the OIDC provider does not respond with refresh token, so when the id token expires the cli secret stop working.

When you login again you get the new id token to associate with the CLI secret so the docker login works again.

Eric-Fontana-Bose

comment created time in a day

push eventreasonerjt/harbor

Ziming Zhang

commit sha 6047a8102ac6d6ae015378ddf717261468112d32

fix(feat) fix prepare version in installer Signed-off-by: Ziming Zhang <zziming@vmware.com>

view details

Wang Yan

commit sha 4ac98687fa8ae10dc390c0f90c79c8b006c0b785

Merge pull request #10650 from bitsf/fix_prepare_version fix(feat) fix prepare version in installer

view details

Wenkai Yin

commit sha eceb9b2345dfd3a71fb6de1bb052b7a6382c07d3

Fix bugs when pushing image(with index) and CNAB 1. As "List" method of artifact DAO doesn't return the artifacts that referenced by other and without tag, so we introduce a new method "GetByDigest" to check the existence of artifact 2. The "Www-Authenticate" header is needed to be returned when the request is unauthorized. This is required in the OCI distribution spec and is needed when pushing CNAB Signed-off-by: Wenkai Yin <yinw@vmware.com>

view details

Wenkai Yin(尹文开)

commit sha c7ae8f5d2eeba00ce557822e179bdc29b8b6b5c0

Merge pull request #10714 from ywk253100/200212_cnab Fix bugs when pushing image(with index) and CNAB

view details

push time in a day

fork reasonerjt/trivy

A Simple and Comprehensive Vulnerability Scanner for Containers, Suitable for CI

fork in 4 days

push eventreasonerjt/harbor

sshijun

commit sha 3175d5f646e1ba6446813cd4977fe007e55d2b87

Fix postinstall script in Docker Signed-off-by: sshijun <sshijun@vmware.com>

view details

He Weiwei

commit sha 55df0539edb3d70ea4662ada07ef027edaa6116a

build(gen-apis): fail early for gen apis if build swagger img fail Signed-off-by: He Weiwei <hweiwei@vmware.com>

view details

lucperkins

commit sha 7beeba6889a9c8ba3a169c20c06cbc98addccb39

Begin restructuring Markdown and file names Signed-off-by: lucperkins <lucperkins@gmail.com>

view details

lucperkins

commit sha a3264b1001761199fb15aca6d5dc8996c35337be

Fix error in admonition names Signed-off-by: lucperkins <lucperkins@gmail.com>

view details

Daniel Jiang

commit sha 5f8acc38967b50df7b7fd611450bbc590b5ad27b

Add middlewares for permission checking for v2 API When the registry shifts from token auth to basic auth, we'll use the middleware to check permission. This commit add middlewares for populate the artifact info and check permission based on request to /v2/* api via security context Signed-off-by: Daniel Jiang <jiangd@vmware.com>

view details

Wang Yan

commit sha 9db84f28807470cea4574c41fa1a70f9250a632d

add Middleware policycheck into v2 handler 1, add content trust middleware in new v2 handler 2, add vulnable middlware in new v2 hanlder Signed-off-by: wang yan <wangyan@vmware.com>

view details

lucperkins

commit sha c50b8b9752ff12735092fe57d3b2135b22310bbe

Remove manual TOC from main docs page Signed-off-by: lucperkins <lucperkins@gmail.com>

view details

Daniel Jiang

commit sha 0b468dffb7c7a166e6c9b85ef88375f941c6e352

Merge pull request #10571 from reasonerjt/middlware-registry-basic-auth Add middlewares for permission checking for v2 API

view details

lucperkins

commit sha 37e1b7472408a3f25cb9e2e9757531418d6268f5

Fixes to links, images, code samples, etc. Signed-off-by: lucperkins <lucperkins@gmail.com>

view details

lucperkins

commit sha c2d9315bd4d7b61e2106f60f4f9ddb32b9c8e214

Merge remote-tracking branch 'upstream/master' into lperkins/docs-restructure

view details

Wenkai Yin

commit sha d0ac70d26cf743f5f88e0b36d529c0d38525f20a

Implement the get/delete handler for registry API Implement the get/delete handler for registry API Signed-off-by: Wenkai Yin <yinw@vmware.com>

view details

Wenkai Yin(尹文开)

commit sha dee70f7deb433047a54131a5dd96ed164c8831f0

Merge pull request #10561 from ywk253100/200120_artifact_controller Implement the get/delete handler for registry API

view details

Michael Michael

commit sha 79427e757df8ec834881281bf37550f4794369f2

Merge pull request #10572 from lucperkins/lperkins/docs-restructure Restructure docs directory to be Hugo-able

view details

Wenkai Yin(尹文开)

commit sha a1b25e1fec9a3fb132b57f42cd7ea47be2605c48

Switch to new registry API handlers (#10596) Switch to new registry API handlers Signed-off-by: Wenkai Yin <yinw@vmware.com>

view details

Daniel Jiang

commit sha 2064a1cd6d9b97fd2c7445885cdc4eb461455af9

Switch to basic authentication for registry 1. Add basic authorizer for registry which modify the request to add basic authorization header to request based on configuration. 2. Set basic auth header for proxy when accessing registry 3. Switche the registry to use basic auth by default and use the basic authorizer to access Harbor. 4. Make necessary change to test cases, particularly "test_robot_account.py" and "docker_api.py", because the error is changed after siwtched to basic auth from token auth. #10604 is opened to track the follow up work. Signed-off-by: Daniel Jiang <jiangd@vmware.com>

view details

Daniel Jiang

commit sha e75220ab38a3cab550f794891195854116505ccb

Merge pull request #10605 from reasonerjt/basic-authorizer-registry Switch to basic authentication for registry

view details

wang yan

commit sha 661f7a7902164e93eb6118a660ed364bed32a71d

resolve conflict with latest code Signed-off-by: wang yan <wangyan@vmware.com>

view details

sshijun

commit sha 89148b457a1fe14b2967980b72121ec7eb0bcd75

Add ut coverage report for every PR Signed-off-by: sshijun <sshijun@vmware.com>

view details

Ziming

commit sha 0f1c4b644c08428d6a30568a65314ffb989b6a1f

Merge pull request #10536 from AllForNothing/master Add ut coverage report

view details

Will Sun

commit sha acfcd2d17521da152b874ecf1b89c333ad69234e

Merge pull request #10489 from AllForNothing/postinstall Fix postinstall script in Docker

view details

push time in 5 days

Pull request review commentgoharbor/harbor

Fix bugs when pushing image(with index) and CNAB

 func (rc *reqChecker) check(req *http.Request) error { 	} else if len(middleware.V2CatalogURLRe.FindStringSubmatch(req.URL.Path)) == 1 && !securityCtx.IsSysAdmin() { 		return fmt.Errorf("unauthorized to list catalog") 	} else if req.URL.Path == "/v2/" && !securityCtx.IsAuthenticated() {-		ctx := context.WithValue(req.Context(), middleware.SkipInjectRegistryCredKey, true)

Could you explain why skip setting the basic auth header will drop the www-authenticate heander from response?

ywk253100

comment created time in 5 days

push eventgoharbor/harbor

Daniel Jiang

commit sha 9fb676c219418e98cea57853928e88863f705c39

Fix nilpointer issue in v2 auth middleware Signed-off-by: Daniel Jiang <jiangd@vmware.com>

view details

Daniel Jiang

commit sha 64f2bc76fdb511de855c1de842fa2fd7432ba058

Merge pull request #10700 from reasonerjt/fix-npe-v2auth Fix nilpointer issue in v2 auth middleware

view details

push time in 6 days

PR merged goharbor/harbor

Fix nilpointer issue in v2 auth middleware

Signed-off-by: Daniel Jiang jiangd@vmware.com

+17 -2

0 comment

2 changed files

reasonerjt

pr closed time in 6 days

PR opened goharbor/harbor

Fix nilpointer issue in v2 auth middleware

Signed-off-by: Daniel Jiang jiangd@vmware.com

+17 -2

0 comment

2 changed files

pr created time in 6 days

create barnchreasonerjt/harbor

branch : fix-npe-v2auth

created branch time in 6 days

pull request commentgoharbor/harbor

Bump up the version of legacy APIs to v2.0

I don't think it's appropriate to call it "legacy", b/c legacy api implies it's "outdated" and should not be called.

ywk253100

comment created time in 8 days

Pull request review commentgoharbor/harbor

Do enhancement for the registry authorizer

+// Copyright Project Harbor Authors+//+// Licensed under the Apache License, Version 2.0 (the "License");+// you may not use this file except in compliance with the License.+// You may obtain a copy of the License at+//+//    http://www.apache.org/licenses/LICENSE-2.0+//+// Unless required by applicable law or agreed to in writing, software+// distributed under the License is distributed on an "AS IS" BASIS,+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.+// See the License for the specific language governing permissions and+// limitations under the License.++package auth++import (+	"fmt"+	"github.com/docker/distribution/registry/client/auth/challenge"+	"github.com/goharbor/harbor/src/common/http/modifier"+	"net/http"+	"net/url"+	"strings"+)++// NewAuthorizer creates an authorizer that can handle different auth schemes+func NewAuthorizer(credential Credential, client ...*http.Client) modifier.Modifier {

Could you make sure this authorizer is not for concurrent use? Explicitly document it in the comment?

ywk253100

comment created time in 13 days

issue openedgoharbor/harbor-helm

liveness probe may be problematic in upgrade

Currently the liveness probe of core calls the ping api for checking the liveness. https://github.com/goharbor/harbor-helm/blob/master/templates/core/core-dpl.yaml#L38

Although the initial delay is configurable, the core may do migration work before serving the requests and the time is not easy to predict, it's easy to cause data in consistency.

We should consider other why for the probe.

created time in 14 days

issue closedgoharbor/harbor

Update registry package to make it support basic authentication

The registry pkg is the entrypoint for calling registry APIs.
Currently it only supports the JWT token. It has to be modified such that the request modifier can attach basic authentication header to the request.

After the OCI driver is done it's also necessary to make sure that the OCI driver can handle the authentication to registry in the same way.

closed time in 15 days

reasonerjt

issue commentgoharbor/harbor

Update registry package to make it support basic authentication

Fixed in #10605

reasonerjt

comment created time in 15 days

issue closedgoharbor/harbor

Add a middleware in V2 handler to handle basic auth for registry

The middleware should grab the username/password from the request and block the request if the user in request does not have permission to perform the operation (ping /v2, list catalog, CRUD to blob, repository,tags ) to the resource it returns 401. If the permission check passed, the request will be forwarded to the backed registry.

closed time in 15 days

reasonerjt

issue commentgoharbor/harbor

Add a middleware in V2 handler to handle basic auth for registry

Fixed in #10571

reasonerjt

comment created time in 15 days

issue commentgoharbor/harbor

New SSL Certs for AWS RDS

Thanks @KISStian

KISStian

comment created time in 15 days

pull request commentgoharbor/harbor

Do enhancement for the registry authorizer

You should also re-enable the test case.

ywk253100

comment created time in 15 days

Pull request review commentgoharbor/harbor

Do enhancement for the registry authorizer

+// Copyright Project Harbor Authors+//+// Licensed under the Apache License, Version 2.0 (the "License");+// you may not use this file except in compliance with the License.+// You may obtain a copy of the License at+//+//    http://www.apache.org/licenses/LICENSE-2.0+//+// Unless required by applicable law or agreed to in writing, software+// distributed under the License is distributed on an "AS IS" BASIS,+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.+// See the License for the specific language governing permissions and+// limitations under the License.++package auth++import (+	"fmt"+	"github.com/docker/distribution/registry/client/auth/challenge"+	"github.com/goharbor/harbor/src/common/http/modifier"+	"net/http"+	"net/url"+	"strings"+)++// NewAuthorizer creates an authorizer that can handle different auth schemes+func NewAuthorizer(credential Credential, client ...*http.Client) modifier.Modifier {
  1. Can we have a better name?
  2. The attribute "url" is a little tricky, why not just set the registry endpoint when creating this authorizer?
ywk253100

comment created time in 15 days

push eventgoharbor/harbor

Daniel Jiang

commit sha 2064a1cd6d9b97fd2c7445885cdc4eb461455af9

Switch to basic authentication for registry 1. Add basic authorizer for registry which modify the request to add basic authorization header to request based on configuration. 2. Set basic auth header for proxy when accessing registry 3. Switche the registry to use basic auth by default and use the basic authorizer to access Harbor. 4. Make necessary change to test cases, particularly "test_robot_account.py" and "docker_api.py", because the error is changed after siwtched to basic auth from token auth. #10604 is opened to track the follow up work. Signed-off-by: Daniel Jiang <jiangd@vmware.com>

view details

Daniel Jiang

commit sha e75220ab38a3cab550f794891195854116505ccb

Merge pull request #10605 from reasonerjt/basic-authorizer-registry Switch to basic authentication for registry

view details

push time in 16 days

PR merged goharbor/harbor

Switch to basic authentication for registry
  1. Add basic authorizer for registry which modify the request to add basic authorization header to request based on configuration.
  2. Set basic auth header for proxy when accessing registry
  3. Switche the registry to use basic auth by default and use the basic authorizer to access Harbor.
  4. Make necessary change to test cases, particularly "test_robot_account.py" and "docker_api.py", because the error is changed after siwtched to basic auth from token auth. #10604 is opened to track the follow up work.

Signed-off-by: Daniel Jiang jiangd@vmware.com

+223 -107

0 comment

19 changed files

reasonerjt

pr closed time in 16 days

Pull request review commentgoharbor/harbor

Switch to basic authentication for registry

 func getAction(req *http.Request) rbac.Action {  } -var checker = reqChecker{-	pm: config.GlobalProjectMgr,-}+var (+	once    sync.Once+	checker reqChecker+)  // Middleware checks the permission of the request to access the artifact func Middleware() func(http.Handler) http.Handler {+	once.Do(func() {+		if checker.pm == nil { // for UT, where pm has been set to a mock value+			checker = reqChecker{+				pm: config.GlobalProjectMgr,+			}+		}+	})

The problem is that config.GlobalProjectMgr is nil when checker is assigned. So when this middleware was added to the handler I found it didn't work.

reasonerjt

comment created time in 16 days

Pull request review commentgoharbor/harbor

Switch to basic authentication for registry

 func (rc *reqChecker) check(req *http.Request) error { 		} 	} else if len(middleware.V2CatalogURLRe.FindStringSubmatch(req.URL.Path)) == 1 && !securityCtx.IsSysAdmin() { 		return fmt.Errorf("unauthorized to list catalog")+	} else if req.URL.Path == "/v2/" && !securityCtx.IsAuthenticated() {+		ctx := context.WithValue(req.Context(), middleware.SkipInjectRegistryCredKey, true)+		*req = *(req.WithContext(ctx))

Good point, but IMO we may defer this, we can always make sure the registry setting is consistent with the auth setting as the communication between registry and docker or other container runtime is very well tested.

Opened #10610 but it's likely to be deferred to future.

reasonerjt

comment created time in 16 days

issue openedgoharbor/harbor

Generate challenge for GET /v2 in Harbor

Currently when CLI sends "ping /v2" request to Harbor, the request was proxied to registry, which will return a response recognizable by the CLI.

However, there may be scenario in future that the auth mode in Harbor is not the same as the setting in registry. Hence, ideally the challenge header should be generated in Harbor's middleware.

We may probably defer this to post 2.0 when the auth section is implemented in the distribution-spec.

created time in 16 days

issue commentgoharbor/harbor

Registry authorizer for local request.

This may be optional , because in 2.0 the repo/tag deletion and retag API will be reqworked.
There probably will not be any case that core sends request to $core/v2/xxxx

reasonerjt

comment created time in 17 days

push eventreasonerjt/harbor

Daniel Jiang

commit sha 2064a1cd6d9b97fd2c7445885cdc4eb461455af9

Switch to basic authentication for registry 1. Add basic authorizer for registry which modify the request to add basic authorization header to request based on configuration. 2. Set basic auth header for proxy when accessing registry 3. Switche the registry to use basic auth by default and use the basic authorizer to access Harbor. 4. Make necessary change to test cases, particularly "test_robot_account.py" and "docker_api.py", because the error is changed after siwtched to basic auth from token auth. #10604 is opened to track the follow up work. Signed-off-by: Daniel Jiang <jiangd@vmware.com>

view details

push time in 17 days

PR opened goharbor/harbor

Switch to basic authentication for registry
  1. Add basic authorizer for registry which modify the request to add basic authorization header to request based on configuration.
  2. Set basic auth header for proxy when accessing registry
  3. Switche the registry to use basic auth by default and use the basic authorizer to access Harbor.
  4. Make necessary change to test cases, particularly "test_robot_account.py" and "docker_api.py", because the error is changed after siwtched to basic auth from token auth. #10604 is opened to track the follow up work.

Signed-off-by: Daniel Jiang jiangd@vmware.com

+219 -106

0 comment

19 changed files

pr created time in 17 days

push eventreasonerjt/harbor

Daniel Jiang

commit sha ed9c2b8d0e6963ad11831faeb281b5b5871c19b5

Switch to basic authentication for registry 1. Add basic authorizer for registry which modify the request to add basic authorization header to request based on configuration. 2. Set basic auth header for proxy when accessing registry 3. Switche the registry to use basic auth by default and use the basic authorizer to access Harbor. 4. Make necessary change to test cases, particularly "test_robot_account.py" and "docker_api.py", because the error is changed after siwtched to basic auth from token auth. #10604 is opened to track the follow up work. Signed-off-by: Daniel Jiang <jiangd@vmware.com>

view details

push time in 17 days

issue openedgoharbor/harbor

Revisit errors from registry after switching to basic auth.

Some test cases had to be updated as the docker client prints different error messages.
Though the correct status code and response body is returned, we should double check how docker daemon handles errors to avoid unexpected breakage.

created time in 17 days

push eventreasonerjt/harbor

Daniel Jiang

commit sha 298a2fa8bfc30d92f20fe279b1d37090a4c2f754

Switch to basic authentication for registry 1. Add basic authorizer for registry which modify the request to add basic authorization header to request based on configuration. 2. Set basic auth header for proxy when accessing registry 3. Switche the registry to use basic auth by default and use the basic authorizer to access Harbor. Signed-off-by: Daniel Jiang <jiangd@vmware.com>

view details

push time in 17 days

push eventreasonerjt/harbor

Daniel Jiang

commit sha 4d133719cbf590a214b4f4571707d259eeca46c7

jt-3

view details

push time in 17 days

issue openedgoharbor/harbor

The code in test_robot_account.py does not match the steps in description.

In description the step 15 is:

Push image(ImageRA) to project(PA) by robot account(RA), it must be not successful;

In the code the step 15 is:

 print "#15. Delete robot account(RA), it must be not successful;"

created time in 17 days

push eventreasonerjt/harbor

Daniel Jiang

commit sha d5626e076fb1236fe58745bbfd96cbbf0fd6d54d

jt2

view details

push time in 17 days

push eventreasonerjt/harbor

Daniel Jiang

commit sha 89668a37a0bc885da3507b3ad53640ad610befa7

jt

view details

push time in 17 days

push eventreasonerjt/harbor

push time in 18 days

push eventreasonerjt/harbor

Daniel Jiang

commit sha cac2516d98b32a3c444ec2a277c1a83444accfb6

f

view details

push time in 18 days

push eventreasonerjt/harbor

Daniel Jiang

commit sha 4952ecee0027e96e447457ff60cb55bf6a687a58

f

view details

push time in 18 days

push eventreasonerjt/harbor

Daniel Jiang

commit sha 39ae1fbe9b8b135a56053ab55b750a0ef095eac5

f

view details

push time in 18 days

push eventreasonerjt/harbor

Daniel Jiang

commit sha 668c3440c74969c5ab688abcb732ff33a6c9c6d9

f

view details

push time in 18 days

push eventreasonerjt/harbor

Daniel Jiang

commit sha 9b79805d1e24047cd72e11a1ce2da45e778d4402

f

view details

push time in 18 days

push eventreasonerjt/harbor

Daniel Jiang

commit sha 40913a039083e889a41307822b2b50e316747ccb

Switch to basic authentication for registry 1. Add basic authorizer for registry which modify the request to add basic authorization header to request based on configuration. 2. Set basic auth header for proxy when accessing registry 3. Switche the registry to use basic auth by default and use the basic authorizer to access Harbor. Signed-off-by: Daniel Jiang <jiangd@vmware.com>

view details

push time in 18 days

push eventreasonerjt/harbor

Daniel Jiang

commit sha 64f04ab54fab9df02fcabab6e13106c54a877f14

f

view details

push time in 18 days

issue openedgoharbor/harbor

Registry authorizer for local request.

There are requests to "/v2/***" from core to core in some cases. (for example delete repositories).

Currently it uses the basic authorizer and v2auth middleware will bypass the security context checking for such requests.

We may consider implement a "local authorizer" for such requests so all the identity related information will be copied and v2 auth middleware uses security context as the single source of truth.

created time in 18 days

push eventreasonerjt/harbor

Daniel Jiang

commit sha 671fb3e7d1956058044e258b0a65e31e4d16c8bc

f

view details

push time in 18 days

push eventreasonerjt/harbor

Daniel Jiang

commit sha 4026b7aedc4978d65e5b8d9467dbdfd2a27b1e80

Switch to basic authentication for registry 1. Add basic authorizer for registry which modify the request to add basic authorization header to request based on configuration. 2. Set basic auth header for proxy when accessing registry 3. Switche the registry to use basic auth by default and use the basic authorizer to access Harbor. Signed-off-by: Daniel Jiang <jiangd@vmware.com>

view details

push time in 18 days

push eventreasonerjt/harbor

Daniel Jiang

commit sha 76495c5b82d7043f6c02894f122b492a6b0c78fa

Basic authorizer for registry This commit adds basic authorizer for registry which modify the request to add basic authorization header to request based on configuration. It switches the registry to use basic auth by default and use the basic authorizer to access Harbor. Signed-off-by: Daniel Jiang <jiangd@vmware.com>

view details

push time in 18 days

push eventreasonerjt/harbor

Daniel Jiang

commit sha b51f7cd8a0d50a559d840b16c3f727846540ac31

f

view details

push time in 18 days

push eventreasonerjt/harbor

Daniel Jiang

commit sha 8295e30eec306ec961a0305b867664b13727234d

f

view details

push time in 18 days

push eventreasonerjt/harbor

Daniel Jiang

commit sha c96120864d43d4b5ee12745e2dfeca3befc79565

f

view details

Daniel Jiang

commit sha dbc76b902a4fad41ca3d964353455640601adfb5

f

view details

push time in 18 days

push eventreasonerjt/harbor

Daniel Jiang

commit sha 54dd9acb1a09dd771d31621e112cafb67ab78657

Basic authorizer for registry This commit adds basic authorizer for registry which modify the request to add basic authorization header to request based on configuration. It switches the registry to use basic auth by default and use the basic authorizer to access Harbor. Signed-off-by: Daniel Jiang <jiangd@vmware.com>

view details

push time in 18 days

push eventreasonerjt/harbor

Daniel Jiang

commit sha 757950aef8375e5a4d030f64eaf9d673c60d33e0

f

view details

push time in 18 days

push eventreasonerjt/harbor

Daniel Jiang

commit sha f36cc857bffd096bfce8de53c2038564f0588bf6

f

view details

push time in 18 days

push eventreasonerjt/harbor

Daniel Jiang

commit sha e609ab6bc99af8a7377b7f8b4065126ca504e097

f

view details

push time in 18 days

push eventreasonerjt/harbor

Daniel Jiang

commit sha 34319bed5a07ea0f05ad02e1dfb4adb33f2ae803

f

view details

push time in 18 days

push eventreasonerjt/harbor

Daniel Jiang

commit sha 5d7fb2ec36a65592aee7205b3147817f678c17b1

f

view details

Daniel Jiang

commit sha 726261eec95fa00b3640f159c0d7d101d2bf310e

f

view details

push time in 18 days

push eventreasonerjt/harbor

Daniel Jiang

commit sha ead88de30692192fdb5afcc3a065b062c2e73c36

f

view details

push time in 18 days

PR closed goharbor/harbor

Reviewers
[WIP]: Basic authorizer for registry

This commit adds basic authorizer for registry which modify the request to add basic authorization header to request based on configuration. It switches the registry to use basic auth by default and use the basic authorizer to access Harbor.

Signed-off-by: Daniel Jiang jiangd@vmware.com

+105 -88

0 comment

14 changed files

reasonerjt

pr closed time in 18 days

push eventreasonerjt/harbor

lucperkins

commit sha 7beeba6889a9c8ba3a169c20c06cbc98addccb39

Begin restructuring Markdown and file names Signed-off-by: lucperkins <lucperkins@gmail.com>

view details

lucperkins

commit sha a3264b1001761199fb15aca6d5dc8996c35337be

Fix error in admonition names Signed-off-by: lucperkins <lucperkins@gmail.com>

view details

lucperkins

commit sha c50b8b9752ff12735092fe57d3b2135b22310bbe

Remove manual TOC from main docs page Signed-off-by: lucperkins <lucperkins@gmail.com>

view details

lucperkins

commit sha 37e1b7472408a3f25cb9e2e9757531418d6268f5

Fixes to links, images, code samples, etc. Signed-off-by: lucperkins <lucperkins@gmail.com>

view details

lucperkins

commit sha c2d9315bd4d7b61e2106f60f4f9ddb32b9c8e214

Merge remote-tracking branch 'upstream/master' into lperkins/docs-restructure

view details

Wenkai Yin

commit sha d0ac70d26cf743f5f88e0b36d529c0d38525f20a

Implement the get/delete handler for registry API Implement the get/delete handler for registry API Signed-off-by: Wenkai Yin <yinw@vmware.com>

view details

Wenkai Yin(尹文开)

commit sha dee70f7deb433047a54131a5dd96ed164c8831f0

Merge pull request #10561 from ywk253100/200120_artifact_controller Implement the get/delete handler for registry API

view details

Michael Michael

commit sha 79427e757df8ec834881281bf37550f4794369f2

Merge pull request #10572 from lucperkins/lperkins/docs-restructure Restructure docs directory to be Hugo-able

view details

Wenkai Yin(尹文开)

commit sha a1b25e1fec9a3fb132b57f42cd7ea47be2605c48

Switch to new registry API handlers (#10596) Switch to new registry API handlers Signed-off-by: Wenkai Yin <yinw@vmware.com>

view details

Daniel Jiang

commit sha f722545f2520c7bffb40e7d3af54e56e65131c56

Basic authorizer for registry This commit adds basic authorizer for registry which modify the request to add basic authorization header to request based on configuration. It switches the registry to use basic auth by default and use the basic authorizer to access Harbor. Signed-off-by: Daniel Jiang <jiangd@vmware.com>

view details

push time in 18 days

issue openedgoharbor/harbor

Make sure replication works as expected after registry is switched to basic auth

Currently the harbor adapter depends on native adapter which is shared by other adapters.

Some changes will be needed to make sure replication still works.

created time in 18 days

push eventreasonerjt/harbor

Daniel Jiang

commit sha f344c9a31d1ff2d397d239b6dd2b57b89d5bacf9

Basic authorizer for registry This commit adds basic authorizer for registry which modify the request to add basic authorization header to request based on configuration. It switches the registry to use basic auth by default and use the basic authorizer to access Harbor. Signed-off-by: Daniel Jiang <jiangd@vmware.com>

view details

push time in 19 days

PR opened goharbor/harbor

Reviewers
[WIP]: Basic authorizer for registry

This commit adds basic authorizer for registry which modify the request to add basic authorization header to request based on configuration. It switches the registry to use basic auth by default and use the basic authorizer to access Harbor.

Signed-off-by: Daniel Jiang jiangd@vmware.com

+85 -89

0 comment

10 changed files

pr created time in 19 days

push eventreasonerjt/harbor

Daniel Jiang

commit sha 6193ef3a9450112f8f3ff9dd6974d22d62f1a5e3

Basic authorizer for registry This commit adds basic authorizer for registry which modify the request to add basic authorization header to request based on configuration. It switches the registry to use basic auth by default and use the basic authorizer to access Harbor. Signed-off-by: Daniel Jiang <jiangd@vmware.com>

view details

push time in 19 days

push eventreasonerjt/harbor

Daniel Jiang

commit sha f5031f8047582592850cd198915b329dcaf189ba

f

view details

push time in 19 days

push eventreasonerjt/harbor

Daniel Jiang

commit sha 5f8acc38967b50df7b7fd611450bbc590b5ad27b

Add middlewares for permission checking for v2 API When the registry shifts from token auth to basic auth, we'll use the middleware to check permission. This commit add middlewares for populate the artifact info and check permission based on request to /v2/* api via security context Signed-off-by: Daniel Jiang <jiangd@vmware.com>

view details

Daniel Jiang

commit sha 0b468dffb7c7a166e6c9b85ef88375f941c6e352

Merge pull request #10571 from reasonerjt/middlware-registry-basic-auth Add middlewares for permission checking for v2 API

view details

Daniel Jiang

commit sha 0b77fb2e4c411e980aa60de3f4817d7b0b738d44

Basic authorizer for registry This commit adds basic authorizer for registry which modify the request to add basic authorization header to request based on configuration. It switches the registry to use basic auth by default and use the basic authorizer to access Harbor. Signed-off-by: Daniel Jiang <jiangd@vmware.com>

view details

push time in 21 days

push eventreasonerjt/harbor

Daniel Jiang

commit sha e84d6b301e4ae9fd0e2a90a82c229c557638f939

Basic authorizer for registry This commit adds basic authorizer for registry which modify the request to add basic authorization header to request based on configuration. It switches the registry to use basic auth by default and use the basic authorizer to access Harbor. Signed-off-by: Daniel Jiang <jiangd@vmware.com>

view details

push time in 21 days

create barnchreasonerjt/harbor

branch : basic-authorizer-registry

created branch time in 21 days

push eventgoharbor/harbor

Daniel Jiang

commit sha 5f8acc38967b50df7b7fd611450bbc590b5ad27b

Add middlewares for permission checking for v2 API When the registry shifts from token auth to basic auth, we'll use the middleware to check permission. This commit add middlewares for populate the artifact info and check permission based on request to /v2/* api via security context Signed-off-by: Daniel Jiang <jiangd@vmware.com>

view details

Daniel Jiang

commit sha 0b468dffb7c7a166e6c9b85ef88375f941c6e352

Merge pull request #10571 from reasonerjt/middlware-registry-basic-auth Add middlewares for permission checking for v2 API

view details

push time in 21 days

PR merged goharbor/harbor

Reviewers
Add middlewares for permission checking for v2 API

When the registry shifts from token auth to basic auth, we'll use the middleware to check permission. This commit add middlewares for populate the artifact info and check permission based on request to /v2/* api via security context

The change in /src/core/xxx can be disregarded because in the end all middlewares will be moved to /src/server/middleware

+876 -45

2 comments

14 changed files

reasonerjt

pr closed time in 21 days

pull request commentgoharbor/harbor

Add middlewares for permission checking for v2 API

Yes, there will be.

reasonerjt

comment created time in 21 days

push eventreasonerjt/harbor

Daniel Jiang

commit sha 5f8acc38967b50df7b7fd611450bbc590b5ad27b

Add middlewares for permission checking for v2 API When the registry shifts from token auth to basic auth, we'll use the middleware to check permission. This commit add middlewares for populate the artifact info and check permission based on request to /v2/* api via security context Signed-off-by: Daniel Jiang <jiangd@vmware.com>

view details

push time in 22 days

push eventreasonerjt/harbor

Daniel Jiang

commit sha 9b38c9968cfa9de571e43412e3ca25cdf515b8e4

Add middlewares for permission checking for v2 API When the registry shifts from token auth to basic auth, we'll use the middleware to check permission. This commit add middlewares for populate the artifact info and check permission based on request to /v2/* api via security context Signed-off-by: Daniel Jiang <jiangd@vmware.com>

view details

push time in 22 days

push eventreasonerjt/harbor

Stuart Clements

commit sha cb7d6eca93eb2a3ab29e0a8ac9b5d4ca34c0706f

First wave of doc reorg

view details

Stuart Clements

commit sha 6645d02a4565be9b78116187423be3dca73eabec

More doc reorg

view details

Stuart Clements

commit sha 7d642c3d6059c49e49df19faba3e838808f93674

More reorg in Admin section

view details

Stuart Clements

commit sha 24c48af3058ebd3677b152d39941f79497ec4653

Lots more reorg

view details

Stuart Clements

commit sha 24aef6dda386cd477cd0f4db6488195191aaec22

Changed heading

view details

Stuart Clements

commit sha c20244b97f1453d1bd99d0c76a7e472a2a061c71

Reordering topics

view details

Stuart Clements

commit sha e041f1666219092a1ab72f1e29e81497a07db4d7

More reorg

view details

Stuart Clements

commit sha 4738d94c54dc3ccd3be12ac7a2d7752a4745b9cd

Fixed image paths

view details

Stuart Clements

commit sha d6c7fc185d1a42ddcb145310a1bfe4b3c9847dad

Adding CVE whitelists

view details

Stuart Clements

commit sha b3938e7fa00d05325a774c0f1b45480484814597

Splitting system and project cve lists

view details

Stuart Clements

commit sha f68d4d9955861dfb1e3c9a06a376f1a217dd18cd

Moved Configure HTTPS above the installation topic

view details

Stuart Clements

commit sha b14a89d5b9763be63a52b295e667d08b3c0ea336

Copying install and config rewrites into the right sections

view details

Stuart Clements

commit sha 3facec2f0345ec16e6beeb02ee1ab45552e37cf8

Updating demo server topic

view details

Stuart Clements

commit sha c0e6f8a5c51f3cffdc793d3fc4700c838f27c8d7

Updated demo topic

view details

Stuart Clements

commit sha 36eaabde16f2721fc6028576b3121d49d277f7e8

Added What to Do Next links in installation section

view details

Stuart Clements

commit sha 90fe09856853d2dab52a371425c3031c7cdd658a

Added TS link

view details

Stuart Clements

commit sha 0dd5357c3c549aa3e0038735626466a3b16f17d6

Removing old README

view details

Stuart Clements

commit sha da16f76ef38c965a213b0adee3ffcfefbedc307c

Fix link

view details

Stuart Clements

commit sha d9a8fa127513c3811f8a271baf5962c418b30a0a

Fix formatting

view details

Stuart Clements

commit sha 56c119b17a0cd4996b612f03d18daf71182712ad

Fleshing out working with projects

view details

push time in 22 days

push eventreasonerjt/harbor

Daniel Jiang

commit sha 2ccf56c536c92a9ecc12f35b7c3a769d72f5b646

Add middlewares for permission checking for v2 API When the registry shifts from token auth to basic auth, we'll use the middleware to check permission. This commit add middlewares for populate the artifact info and check permission based on request to /v2/* api via security context Signed-off-by: Daniel Jiang <jiangd@vmware.com>

view details

push time in 22 days

Pull request review commentgoharbor/harbor

Add middlewares for permission checking for v2 API

+// Copyright Project Harbor Authors+//+// Licensed under the Apache License, Version 2.0 (the "License");+// you may not use this file except in compliance with the License.+// You may obtain a copy of the License at+//+//    http://www.apache.org/licenses/LICENSE-2.0+//+// Unless required by applicable law or agreed to in writing, software+// distributed under the License is distributed on an "AS IS" BASIS,+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.+// See the License for the specific language governing permissions and+// limitations under the License++package artifactinfo++import (+	"context"+	"github.com/goharbor/harbor/src/core/middlewares/util"+	"github.com/goharbor/harbor/src/server/middleware"+	"github.com/stretchr/testify/assert"+	"net/http"+	"net/http/httptest"+	"os"+	"testing"+)++func TestMain(m *testing.M) {

We don't. I'll remove.

reasonerjt

comment created time in 22 days

Pull request review commentgoharbor/harbor

Add middlewares for permission checking for v2 API

+// Copyright Project Harbor Authors+//+// Licensed under the Apache License, Version 2.0 (the "License");+// you may not use this file except in compliance with the License.+// You may obtain a copy of the License at+//+//    http://www.apache.org/licenses/LICENSE-2.0+//+// Unless required by applicable law or agreed to in writing, software+// distributed under the License is distributed on an "AS IS" BASIS,+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.+// See the License for the specific language governing permissions and+// limitations under the License.++package authz++import (+	"fmt"+	"github.com/goharbor/harbor/src/common/rbac"+	"github.com/goharbor/harbor/src/common/utils/log"+	"github.com/goharbor/harbor/src/core/config"+	"github.com/goharbor/harbor/src/core/filter"+	"github.com/goharbor/harbor/src/core/promgr"+	ierror "github.com/goharbor/harbor/src/internal/error"+	"github.com/goharbor/harbor/src/server/middleware"+	reg_err "github.com/goharbor/harbor/src/server/registry/error"+	"net/http"+)+

Yep, thanks.

reasonerjt

comment created time in 22 days

Pull request review commentgoharbor/harbor

Add middlewares for permission checking for v2 API

+// Copyright Project Harbor Authors+//+// Licensed under the Apache License, Version 2.0 (the "License");+// you may not use this file except in compliance with the License.+// You may obtain a copy of the License at+//+//    http://www.apache.org/licenses/LICENSE-2.0+//+// Unless required by applicable law or agreed to in writing, software+// distributed under the License is distributed on an "AS IS" BASIS,+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.+// See the License for the specific language governing permissions and+// limitations under the License.++package authz++import (+	"fmt"+	"github.com/goharbor/harbor/src/common/rbac"+	"github.com/goharbor/harbor/src/common/utils/log"+	"github.com/goharbor/harbor/src/core/config"+	"github.com/goharbor/harbor/src/core/filter"+	"github.com/goharbor/harbor/src/core/promgr"+	ierror "github.com/goharbor/harbor/src/internal/error"+	"github.com/goharbor/harbor/src/server/middleware"+	reg_err "github.com/goharbor/harbor/src/server/registry/error"+	"net/http"+)++type reqChecker struct {+	pm promgr.ProjectManager+}++func (rc *reqChecker) check(req *http.Request) error {+	securityCtx, err := filter.GetSecurityContext(req)+	if err != nil {+		return err+	}+	if a, ok := middleware.ArtifactInfoFromContext(req.Context()); ok {+		action := getAction(req)+		if action == "" {+			return nil+		}+		log.Debugf("action: %s, repository: %s", action, a.Repository)+		p, err := rc.pm.Get(a.ProjectName)

Thanks I was thinking the pm will return an error if project is not found.

reasonerjt

comment created time in 22 days

Pull request review commentgoharbor/harbor

Add middlewares for permission checking for v2 API

+// Copyright Project Harbor Authors+//+// Licensed under the Apache License, Version 2.0 (the "License");+// you may not use this file except in compliance with the License.+// You may obtain a copy of the License at+//+//    http://www.apache.org/licenses/LICENSE-2.0+//+// Unless required by applicable law or agreed to in writing, software+// distributed under the License is distributed on an "AS IS" BASIS,+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.+// See the License for the specific language governing permissions and+// limitations under the License.++package authz++import (+	"fmt"+	"github.com/goharbor/harbor/src/common/rbac"+	"github.com/goharbor/harbor/src/common/utils/log"+	"github.com/goharbor/harbor/src/core/config"+	"github.com/goharbor/harbor/src/core/filter"+	"github.com/goharbor/harbor/src/core/promgr"+	ierror "github.com/goharbor/harbor/src/internal/error"+	"github.com/goharbor/harbor/src/server/middleware"+	reg_err "github.com/goharbor/harbor/src/server/registry/error"+	"net/http"+)++type reqChecker struct {+	pm promgr.ProjectManager+}++func (rc *reqChecker) check(req *http.Request) error {+	securityCtx, err := filter.GetSecurityContext(req)+	if err != nil {+		return err+	}+	if a, ok := middleware.ArtifactInfoFromContext(req.Context()); ok {+		action := getAction(req)+		if action == "" {+			return nil+		}+		log.Debugf("action: %s, repository: %s", action, a.Repository)+		p, err := rc.pm.Get(a.ProjectName)

If it's not found it will return an error

reasonerjt

comment created time in 22 days

Pull request review commentgoharbor/harbor

Add middlewares for permission checking for v2 API

+// Copyright Project Harbor Authors+//+// Licensed under the Apache License, Version 2.0 (the "License");+// you may not use this file except in compliance with the License.+// You may obtain a copy of the License at+//+//    http://www.apache.org/licenses/LICENSE-2.0+//+// Unless required by applicable law or agreed to in writing, software+// distributed under the License is distributed on an "AS IS" BASIS,+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.+// See the License for the specific language governing permissions and+// limitations under the License.++package artifactinfo++import (+	"context"+	"fmt"+	"net/http"+	"regexp"+	"strings"++	"github.com/goharbor/harbor/src/common/utils/log"+	ierror "github.com/goharbor/harbor/src/internal/error"+	"github.com/goharbor/harbor/src/server/middleware"+	reg_err "github.com/goharbor/harbor/src/server/registry/error"+	"github.com/opencontainers/go-digest"+)++var (+	urlPatterns = []*regexp.Regexp{+		middleware.V2ManifestURLRe, middleware.V2TagListURLRe, middleware.V2BlobUploadURLRe, middleware.V2BlobURLRe,+	}+)++// Middleware gets the information of artifact via url of the request and inject it into the context+func Middleware() func(http.Handler) http.Handler {

Yes, but they are a little different, I opened #10574 and will sync with Yan to merge them.

reasonerjt

comment created time in 23 days

issue openedgoharbor/harbor

manifestInfo and artifactInfo middlewares should be merged into one.

Currently in master branch there are a lot duplication between manifestInfo and ArtifactInfo middleware.

There should be only one middleware to parse the request and populate information for subsequent handlers.

created time in 23 days

more