Releases: goharbor/harbor
Releases · goharbor/harbor
v2.10.0
Known issue
- known issue #19912 will affect nginx component of offline-installer when specify
strong_cipher.enabledinharbor.ymlbut not been rendered in config file properly. Impact version are v2.9.0, v2.9.1, v2.9.2, v2.10.0. Will fixed in v2.10.1. if you do need set strong_cipher, please refer to manually-add-strong-cipher
What's Changed
Exciting New Features 🎉
Robot Account Full Access
Delivers a user-friendly tutorial that walks you through the creation of a new robot. With a simple click, you can seamlessly customize permission sets at both system and project levels.
- Add full permissions for the robot account by @AllForNothing in #19507
- subject: fix missing media type recognition for nydus by @imeoer in #19453
Supporting OCI Distribution Spec v1.1.0-rc3
Harbor now supports OCI Distribution Spec v1.1.0-rc3
- change Referrers Content-Type to application/vnd.oci.image.index.v1+json by @MinerYang in #19212
- support accessory in either order by @wy65701436 in #19375
Additional Features
Quota Sorting
Enable storage sorting in the quota management page
- Add quota sorting to the project quotas list by @AllForNothing in #19576
Allow customization of the OIDC provider name
- Add oidc provider name to systeminfo API by @stonezdj in #19575
- Show OIDC provider name on the OIDC login button by @AllForNothing in #19581
Enable support for large-size blobs
Harbor now facilitates uploads of layers up to 128GB by default, with configurable options if required.
Ensure audit logs comply with GDPR regulations for data privacy.
Enhancement 🚀
- feat: enhance the replication webhook payload by @chlins in #19433
- fix: Accessibility - change color for WCAG AA by @SphinxKnight in #19472
- perf: optimize the trigger retention API by @chlins in #19533
- Add a placeholder to the cards for the security-hub by @AllForNothing in #19536
- perf: optimize the performance of accessory query by @chlins in #19557
Component updates ⬆️
- Add label's description as tooltip by @Nhqml in #19421
- fix: privileges member successfully typo by @testwill in #19091
- fix: add storage_limit check by @zyyw in #19095
- fix: cron string validation by @zyyw in #19071
- ignore spaces for vulnerability filters by @AllForNothing in #19180
- Update zh-tw (Traditional Chinese) locale by @PeterDaveHello in #19161
- chore: fix incorrect otel timeout in harbor yaml template by @chlins in #19120
- Update the max length for the filters by @AllForNothing in #19194
- Filter artifact without CVE from top 5 dangerous artifacts by @stonezdj in #19187
- log: change log level to reduce the noise logs by @chlins in #19146
- Wrong artifact scanned count by @stonezdj in #19198
- fix: support customize cache db for business by @chlins in #19182
- fix gc dry run issue by @wy65701436 in #19208
- Add new uri path to ShouldNotReuseRoute array by @AllForNothing in #19217
- Refine total artifact and scanned artifact by @stonezdj in #19228
- i18n: fix typo for CONFIRM_SECRET by @liubin in #19140
- Add a tooltip for the page title of security hub by @AllForNothing in #19231
- change JOB_ID to Task_ID by @lengrongfu in #19127
- fix typo in ROADMAP.md by @liubin in #19247
- Delete unused code by @liubin in #19061
- exporter: add field alias for count(*) func by @liubin in #18840
- Switch to a new chart library by @AllForNothing in #19262
- Remove job status track information from redis after stop by @stonezdj in #19227
- remove chart-museum related to logic by @lengrongfu in #18722
- fix storage.redirect.disable migrate template error by @MinerYang in #19335
- Upgrade UI packages by @AllForNothing in #19330
- Remove duplicated sort fields from order by clause by @liubin in #19347
- fix user resource by @wy65701436 in #19366
- update default processor for unknwon type config by @MinerYang in #19372
- Hide version property if the value is undefined by @AllForNothing in #19395
- feat(i18n): update french translations by @Nhqml in #19418
- bump golang to 1.20.10 by @MinerYang in #19430
- Change fixed_version to package_version in query dangerous CVE sql by @stonezdj in #19397
- fix issue 19392 by @wy65701436 in #19437
- fix: bump up TRIVYVERSION=v0.46.0 && TRIVYADAPTERVERSION=v0.30.17 by @zyyw in #19446
- Update the style for operation-component by @AllForNothing in #19445
- bump golang.org/x/net to v0.17.0 && go.opentelemetry.io/contrib by @MinerYang in #19461
- Use batch to list the job id in the job queue to avoid crash redis by @stonezdj in #19444
- Delete tag retention rule and tag immutable rule when deleting project by @stonezdj in #19390
- bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/m… by @MinerYang in #19477
- Not allow comma for the user name by @AllForNothing in #19501
- bump golang to 1.21.3 by @MinerYang in #19504
- Add a tooltip for the replication rule by @AllForNothing in #19509
- Replace comma in username to avoid casbin issue by @stonezdj in #19505
- Update the style for severity by @AllForNothing in #19525
- Remove vendor folder from harbor code base by @reasonerjt in #19508
- fix: bump up TRIVYVERSION=v0.46.1 && TRIVYADAPTERVERSION=v0.30.18 by @zyyw in #19500
- Skip to validate username when update user profile by @stonezdj in #19552
- Update UI package to clear security alerts by @AllForNothing in #19553
- Delete project member when delete project by @stonezdj in #19523
- add permission api by @wy65701436 in #19543
- Allow POST method to request service/token in readonly mode by @stonezdj in #19556
- 19559 cannot see full label easily by @jmichot-exotec in #19564
- fix: sorting quota by @zyyw in #19538
- Avoid menu closure when filtering labels by @AllForNothing in #19561
- Correct loop condition for replication tasks by @AllForNothing in #19570
- Return empty result when no scanner configured by @stonezdj in #19577
- bump golang to 1.21.4 by @MinerYang in #19601
- add permission validation for robot creating and updating. by @wy65701436 in #19598
- add prepare migration script for 2.10 by @MinerYang in #19600
- Update the permission scope by @AllForNothing in #19603
- fix system label resource by @wy65701436 in #19621
- Bump golang.org/x/time from 0.0.0-20220210224613-90d013bbcef8 to 0.4.0 in /src by @dependabot in #19541
- fix robot account access issue by @wy65701436 in #19627
- fix: update TRIVYVERSION=v0.47.0 && TRIVYADAPTERVERSION=v0.30.19 by @zyyw in #19624
- Bump github.com/coreos/go-oidc/v3 from 3.0.0 to 3...
Contributors
tpoxa, liubin, and 21 other contributors
Assets 7
v2.10.0-rc2
What's Changed
Exciting New Features 🎉
Robot Account Full Access
Delivers a user-friendly tutorial that walks you through the creation of a new robot. With a simple click, you can seamlessly customize permission sets at both system and project levels.
- Add full permissions for the robot account by @AllForNothing in #19507
- subject: fix missing media type recognition for nydus by @imeoer in #19453
Supporting OCI Distribution Spec v1.1.0-rc3
Harbor now supports OCI Distribution Spec v1.1.0-rc3
- change Referrers Content-Type to application/vnd.oci.image.index.v1+json by @MinerYang in #19212
- support accessory in either order by @wy65701436 in #19375
Additional Features
Quota Sorting
Enable storage sorting in the quota management page
- Add quota sorting to the project quotas list by @AllForNothing in #19576
Allow customization of the OIDC provider name
- Add oidc provider name to systeminfo API by @stonezdj in #19575
- Show OIDC provider name on the OIDC login button by @AllForNothing in #19581
Enable support for large-size blobs
Harbor now facilitates uploads of layers up to 128GB by default, with configurable options if required.
Ensure audit logs comply with GDPR regulations for data privacy.
Enhancement 🚀
- feat: enhance the replication webhook payload by @chlins in #19433
- fix: Accessibility - change color for WCAG AA by @SphinxKnight in #19472
- perf: optimize the trigger retention API by @chlins in #19533
- Add a placeholder to the cards for the security-hub by @AllForNothing in #19536
- perf: optimize the performance of accessory query by @chlins in #19557
Component updates ⬆️
- Add label's description as tooltip by @Nhqml in #19421
- fix: privileges member successfully typo by @testwill in #19091
- fix: add storage_limit check by @zyyw in #19095
- fix: cron string validation by @zyyw in #19071
- ignore spaces for vulnerability filters by @AllForNothing in #19180
- Update zh-tw (Traditional Chinese) locale by @PeterDaveHello in #19161
- chore: fix incorrect otel timeout in harbor yaml template by @chlins in #19120
- Update the max length for the filters by @AllForNothing in #19194
- Filter artifact without CVE from top 5 dangerous artifacts by @stonezdj in #19187
- log: change log level to reduce the noise logs by @chlins in #19146
- Wrong artifact scanned count by @stonezdj in #19198
- fix: support customize cache db for business by @chlins in #19182
- fix gc dry run issue by @wy65701436 in #19208
- Add new uri path to ShouldNotReuseRoute array by @AllForNothing in #19217
- Refine total artifact and scanned artifact by @stonezdj in #19228
- i18n: fix typo for CONFIRM_SECRET by @liubin in #19140
- Add a tooltip for the page title of security hub by @AllForNothing in #19231
- change JOB_ID to Task_ID by @lengrongfu in #19127
- fix typo in ROADMAP.md by @liubin in #19247
- Delete unused code by @liubin in #19061
- exporter: add field alias for count(*) func by @liubin in #18840
- Switch to a new chart library by @AllForNothing in #19262
- Remove job status track information from redis after stop by @stonezdj in #19227
- remove chart-museum related to logic by @lengrongfu in #18722
- fix storage.redirect.disable migrate template error by @MinerYang in #19335
- Upgrade UI packages by @AllForNothing in #19330
- Remove duplicated sort fields from order by clause by @liubin in #19347
- fix user resource by @wy65701436 in #19366
- update default processor for unknwon type config by @MinerYang in #19372
- Hide version property if the value is undefined by @AllForNothing in #19395
- feat(i18n): update french translations by @Nhqml in #19418
- bump golang to 1.20.10 by @MinerYang in #19430
- Change fixed_version to package_version in query dangerous CVE sql by @stonezdj in #19397
- fix issue 19392 by @wy65701436 in #19437
- fix: bump up TRIVYVERSION=v0.46.0 && TRIVYADAPTERVERSION=v0.30.17 by @zyyw in #19446
- Update the style for operation-component by @AllForNothing in #19445
- bump golang.org/x/net to v0.17.0 && go.opentelemetry.io/contrib by @MinerYang in #19461
- Use batch to list the job id in the job queue to avoid crash redis by @stonezdj in #19444
- Delete tag retention rule and tag immutable rule when deleting project by @stonezdj in #19390
- bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/m… by @MinerYang in #19477
- Not allow comma for the user name by @AllForNothing in #19501
- bump golang to 1.21.3 by @MinerYang in #19504
- Add a tooltip for the replication rule by @AllForNothing in #19509
- Replace comma in username to avoid casbin issue by @stonezdj in #19505
- Update the style for severity by @AllForNothing in #19525
- Remove vendor folder from harbor code base by @reasonerjt in #19508
- fix: bump up TRIVYVERSION=v0.46.1 && TRIVYADAPTERVERSION=v0.30.18 by @zyyw in #19500
- Skip to validate username when update user profile by @stonezdj in #19552
- Update UI package to clear security alerts by @AllForNothing in #19553
- Delete project member when delete project by @stonezdj in #19523
- add permission api by @wy65701436 in #19543
- Allow POST method to request service/token in readonly mode by @stonezdj in #19556
- 19559 cannot see full label easily by @jmichot-exotec in #19564
- fix: sorting quota by @zyyw in #19538
- Avoid menu closure when filtering labels by @AllForNothing in #19561
- Correct loop condition for replication tasks by @AllForNothing in #19570
- Return empty result when no scanner configured by @stonezdj in #19577
- bump golang to 1.21.4 by @MinerYang in #19601
- add permission validation for robot creating and updating. by @wy65701436 in #19598
- add prepare migration script for 2.10 by @MinerYang in #19600
- Update the permission scope by @AllForNothing in #19603
- fix system label resource by @wy65701436 in #19621
- Bump golang.org/x/time from 0.0.0-20220210224613-90d013bbcef8 to 0.4.0 in /src by @dependabot in #19541
- fix robot account access issue by @wy65701436 in #19627
- fix: update TRIVYVERSION=v0.47.0 && TRIVYADAPTERVERSION=v0.30.19 by @zyyw in #19624
- Bump github.com/coreos/go-oidc/v3 from 3.0.0 to 3.7.0 in /src by @dependabot in #19542
- Update the name checking for the robot account by @AllForNothing in #19645
- fix 2.10 prepare migration version by @MinerYang in #19665
- fix: upgrade google.golang.org/grpc by @zyyw in #19648
- Update the style for the robot acccount ui by @AllForNothing in https://...
Contributors
tpoxa, liubin, and 21 other contributors
Assets 5
v2.10.0-rc1
What's Changed
Exciting New Features 🎉
Robot Account Full Access
Delivers a user-friendly tutorial that walks you through the creation of a new robot. With a simple click, you can seamlessly customize permission sets at both system and project levels.
- Add full permissions for the robot account by @AllForNothing in #19507
- subject: fix missing media type recognition for nydus by @imeoer in #19453
Supporting OCI Distribution Spec v1.1.0-rc3
Harbor now supports OCI Distribution Spec v1.1.0-rc3
- change Referrers Content-Type to application/vnd.oci.image.index.v1+json by @MinerYang in #19212
- support accessory in either order by @wy65701436 in #19375
Additional Features
Quota Sorting
Enable storage sorting in the quota management page
- Add quota sorting to the project quotas list by @AllForNothing in #19576
Allow customization of the OIDC provider name
Enable support for large-size blobs
Harbor now facilitates uploads of layers up to 128GB by default, with configurable options if required.
- Show OIDC provider name on the OIDC login button by @AllForNothing in #19581
Ensure audit logs comply with GDPR regulations for data privacy.
Enhancement 🚀
- feat: enhance the replication webhook payload by @chlins in #19433
- fix: Accessibility - change color for WCAG AA by @SphinxKnight in #19472
- perf: optimize the trigger retention API by @chlins in #19533
- Add a placeholder to the cards for the security-hub by @AllForNothing in #19536
- perf: optimize the performance of accessory query by @chlins in #19557
Component updates ⬆️
- Add label's description as tooltip by @Nhqml in #19421
- fix: privileges member successfully typo by @testwill in #19091
- fix: add storage_limit check by @zyyw in #19095
- fix: cron string validation by @zyyw in #19071
- ignore spaces for vulnerability filters by @AllForNothing in #19180
- Update zh-tw (Traditional Chinese) locale by @PeterDaveHello in #19161
- chore: fix incorrect otel timeout in harbor yaml template by @chlins in #19120
- Update the max length for the filters by @AllForNothing in #19194
- Filter artifact without CVE from top 5 dangerous artifacts by @stonezdj in #19187
- log: change log level to reduce the noise logs by @chlins in #19146
- Wrong artifact scanned count by @stonezdj in #19198
- fix: support customize cache db for business by @chlins in #19182
- fix gc dry run issue by @wy65701436 in #19208
- Add new uri path to ShouldNotReuseRoute array by @AllForNothing in #19217
- Refine total artifact and scanned artifact by @stonezdj in #19228
- i18n: fix typo for CONFIRM_SECRET by @liubin in #19140
- Add a tooltip for the page title of security hub by @AllForNothing in #19231
- change JOB_ID to Task_ID by @lengrongfu in #19127
- fix typo in ROADMAP.md by @liubin in #19247
- Delete unused code by @liubin in #19061
- exporter: add field alias for count(*) func by @liubin in #18840
- Switch to a new chart library by @AllForNothing in #19262
- Remove job status track information from redis after stop by @stonezdj in #19227
- remove chart-museum related to logic by @lengrongfu in #18722
- fix storage.redirect.disable migrate template error by @MinerYang in #19335
- Upgrade UI packages by @AllForNothing in #19330
- Remove duplicated sort fields from order by clause by @liubin in #19347
- fix user resource by @wy65701436 in #19366
- update default processor for unknwon type config by @MinerYang in #19372
- Hide version property if the value is undefined by @AllForNothing in #19395
- feat(i18n): update french translations by @Nhqml in #19418
- bump golang to 1.20.10 by @MinerYang in #19430
- Change fixed_version to package_version in query dangerous CVE sql by @stonezdj in #19397
- fix issue 19392 by @wy65701436 in #19437
- fix: bump up TRIVYVERSION=v0.46.0 && TRIVYADAPTERVERSION=v0.30.17 by @zyyw in #19446
- Update the style for operation-component by @AllForNothing in #19445
- bump golang.org/x/net to v0.17.0 && go.opentelemetry.io/contrib by @MinerYang in #19461
- Use batch to list the job id in the job queue to avoid crash redis by @stonezdj in #19444
- Delete tag retention rule and tag immutable rule when deleting project by @stonezdj in #19390
- bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/m… by @MinerYang in #19477
- Not allow comma for the user name by @AllForNothing in #19501
- bump golang to 1.21.3 by @MinerYang in #19504
- Add a tooltip for the replication rule by @AllForNothing in #19509
- Replace comma in username to avoid casbin issue by @stonezdj in #19505
- Update the style for severity by @AllForNothing in #19525
- Remove vendor folder from harbor code base by @reasonerjt in #19508
- fix: bump up TRIVYVERSION=v0.46.1 && TRIVYADAPTERVERSION=v0.30.18 by @zyyw in #19500
- Skip to validate username when update user profile by @stonezdj in #19552
- Update UI package to clear security alerts by @AllForNothing in #19553
- Delete project member when delete project by @stonezdj in #19523
- add permission api by @wy65701436 in #19543
- Allow POST method to request service/token in readonly mode by @stonezdj in #19556
- 19559 cannot see full label easily by @jmichot-exotec in #19564
- fix: sorting quota by @zyyw in #19538
- Avoid menu closure when filtering labels by @AllForNothing in #19561
- Correct loop condition for replication tasks by @AllForNothing in #19570
- Return empty result when no scanner configured by @stonezdj in #19577
- bump golang to 1.21.4 by @MinerYang in #19601
- add permission validation for robot creating and updating. by @wy65701436 in #19598
- add prepare migration script for 2.10 by @MinerYang in #19600
- Update the permission scope by @AllForNothing in #19603
- fix system label resource by @wy65701436 in #19621
- Bump golang.org/x/time from 0.0.0-20220210224613-90d013bbcef8 to 0.4.0 in /src by @dependabot in #19541
- fix robot account access issue by @wy65701436 in #19627
- fix: update TRIVYVERSION=v0.47.0 && TRIVYADAPTERVERSION=v0.30.19 by @zyyw in #19624
- Bump github.com/coreos/go-oidc/v3 from 3.0.0 to 3.7.0 in /src by @dependabot in #19542
- Update the name checking for the robot account by @AllForNothing in #19645
- fix 2.10 prepare migration version by @MinerYang in #19665
- fix: upgrade google.golang.org/grpc by @zyyw in #19648
- Update the style for the robot acccount ui by @AllForNothing in https:...
Contributors
tpoxa, liubin, and 21 other contributors
Assets 5
v2.7.4
Known issue
- Due to the change of querying for listing tasks of scan by this PR, vulnerability scan report that's done in v2.7.4 cannot be retrieved in v2.8.0, but it's still available in v2.8.1 (applied the same logic in this PR) and onwards. Please do not upgrade from v2.7.4 to v2.8.0, instead, directly upgrading to v2.8.1 or v2.9.0.
What's Changed
Component updates ⬆️
- feat: bump up golang-runtime from 1.19.3 to 1.21.4; upgrade MOCKERY_VERSION; upgrade golangci-lint; fix mock issue by @zyyw in #19608
- fix: bump TRIVYVERSION=v0.46.1 & TRIVYADAPTERVERSION=v0.30.18 by @zyyw in #19607
- fix: upgrade dependency library version and run \go mod vendor\ by @zyyw in #19613
- fix: upgrade github.com/gorilla/mux/otelmux to v0.44.0 by @zyyw in #19620
Other Changes
- Refresh base images on release-2.7.0 by @YangJiao0817 in #19644
Full Changelog: v2.7.3...v2.7.4
Contributors
zyyw and YangJiao0817
Assets 7
v2.7.4-rc1
What's Changed
Component updates ⬆️
- feat: bump up golang-runtime from 1.19.3 to 1.21.4; upgrade MOCKERY_VERSION; upgrade golangci-lint; fix mock issue by @zyyw in #19608
- fix: bump TRIVYVERSION=v0.46.1 & TRIVYADAPTERVERSION=v0.30.18 by @zyyw in #19607
- fix: upgrade dependency library version and run \go mod vendor\ by @zyyw in #19613
- fix: upgrade github.com/gorilla/mux/otelmux to v0.44.0 by @zyyw in #19620
Other Changes
- Refresh base images on release-2.7.0 by @YangJiao0817 in #19644
Full Changelog: v2.7.3...v2.7.4-rc1
Contributors
zyyw and YangJiao0817
Assets 5
v2.9.1
Known issue
- known issue #19912 will affect nginx component of offline-installer when specify
strong_cipher.enabledinharbor.ymlbut not been rendered in config file properly. Impact version are v2.9.0, v2.9.1, v2.9.2, v2.10.0. Will fixed in v2.10.1. if you do need set strong_cipher, please refer to manually-add-strong-cipher
What's Changed
Component updates ⬆️
- (cherry-pick) Remove job status track information from redis after stop the job in the queue by @stonezdj in #19307
- (cherry-pick) fix storage.redirect.disable migrate template error release-2.9.0 by @MinerYang in #19336
- [Cherry-pick]Hide version property if the value is undefined by @AllForNothing in #19396
- (cherry-pick) Change fixed_version to package_version by @stonezdj in #19432
- [cherry-pick]bump golang to 1.20.10 by @MinerYang in #19431
- fix: bump up TRIVYVERSION=v0.46.0 && TRIVYADAPTERVERSION=v0.30.17 by @zyyw in #19447
- [cherry-pick] Use batch to list the job id in the job queue to avoid crash redis by @stonezdj in #19455
- bump golang.org/x/net to v0.17.0 && go.opentelemetry.io/contrib on release-2.9.0 by @MinerYang in #19460
- bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/m… by @MinerYang in #19476
- bump golang to 1.21.3 on release-2.9.0 by @MinerYang in #19503
- fix: bump up TRIVYVERSION=v0.46.1 && TRIVYADAPTERVERSION=v0.30.18 by @zyyw in #19499
- update ut mock anything by @MinerYang in #19506
- bump google.golang.org/grpc by @MinerYang in #19513
Other Changes
- [cherry-pick]Refactor unstable test cases by @YangJiao0817 in #19351
- [cherry-pick]Add security hub API test case by @YangJiao0817 in #19377
- [cherry-pick]Add security hub UI test case by @YangJiao0817 in #19449
- Bump up version to v2.9.1 by @YangJiao0817 in #19451
- [cherry-pick]Add GC accessory API test case by @YangJiao0817 in #19463
- [cherry-pick]Add GC accessory UI test case by @YangJiao0817 in #19471
- Refresh base images on release-2.9.0 by @YangJiao0817 in #19475
- [cherry-pick]Add GC details and GC workers API test case by @YangJiao0817 in #19483
- [cherry-pick]Add GC details and GC workers UI test case by @YangJiao0817 in #19488
- [cherry-pick]Add banner message API test case by @YangJiao0817 in #19514
Full Changelog: v2.9.0...v2.9.1
Contributors
stonezdj, zyyw, and 3 other contributors
Assets 7
v2.9.1-rc1
What's Changed
Component updates ⬆️
- (cherry-pick) Remove job status track information from redis after stop the job in the queue by @stonezdj in #19307
- (cherry-pick) fix storage.redirect.disable migrate template error release-2.9.0 by @MinerYang in #19336
- [Cherry-pick]Hide version property if the value is undefined by @AllForNothing in #19396
- (cherry-pick) Change fixed_version to package_version by @stonezdj in #19432
- [cherry-pick]bump golang to 1.20.10 by @MinerYang in #19431
- fix: bump up TRIVYVERSION=v0.46.0 && TRIVYADAPTERVERSION=v0.30.17 by @zyyw in #19447
- [cherry-pick] Use batch to list the job id in the job queue to avoid crash redis by @stonezdj in #19455
- bump golang.org/x/net to v0.17.0 && go.opentelemetry.io/contrib on release-2.9.0 by @MinerYang in #19460
- bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/m… by @MinerYang in #19476
- bump golang to 1.21.3 on release-2.9.0 by @MinerYang in #19503
- fix: bump up TRIVYVERSION=v0.46.1 && TRIVYADAPTERVERSION=v0.30.18 by @zyyw in #19499
- update ut mock anything by @MinerYang in #19506
- bump google.golang.org/grpc by @MinerYang in #19513
Other Changes
- [cherry-pick]Refactor unstable test cases by @YangJiao0817 in #19351
- [cherry-pick]Add security hub API test case by @YangJiao0817 in #19377
- [cherry-pick]Add security hub UI test case by @YangJiao0817 in #19449
- Bump up version to v2.9.1 by @YangJiao0817 in #19451
- [cherry-pick]Add GC accessory API test case by @YangJiao0817 in #19463
- [cherry-pick]Add GC accessory UI test case by @YangJiao0817 in #19471
- Refresh base images on release-2.9.0 by @YangJiao0817 in #19475
- [cherry-pick]Add GC details and GC workers API test case by @YangJiao0817 in #19483
- [cherry-pick]Add GC details and GC workers UI test case by @YangJiao0817 in #19488
- [cherry-pick]Add banner message API test case by @YangJiao0817 in #19514
Full Changelog: v2.9.0...v2.9.1-rc1
Contributors
stonezdj, zyyw, and 3 other contributors
Assets 5
v2.7.3
Known issue
- Due to the change of querying for listing tasks of scan by this PR, vulnerability scan report that's done in v2.7.3 cannot be retrieved in v2.8.0, but it's still available in v2.8.1 (applied the same logic in this PR) and onwards. Please do not upgrade from v2.7.3 to v2.8.0, instead, directly upgrading to v2.8.1 or v2.9.0.
What's Changed
Component updates ⬆️
- [cherry-pick] fix: improve the performance of list artifacts by @chlins in #18632
- bump golang 1.19.9 on release-2.7.0 by @MinerYang in #18650
- (cherry-pick) Use subtle.ConstantTimeCompare instead of compare directly by @stonezdj in #18711
- set tag pull time for proxy cache by @wy65701436 in #18742
- (cherry-pick) Return error when proxy cache get too many request error(429) by @stonezdj in #18751
- Changed logic search projects in gitlab adapter for 2.7.0 by @lxShaDoWxl in #18784
- [cherry-pick][2.7] fix: add retry on the caller of v2DeleteManifest instead within v2DeleteManifest by @dkulchinsky in #18802
- [Cherry-pick] fix: bump-up TRIVYVERSION=v0.43.0 and TRIVYADAPTERVERSION=v0.30.14 by @zyyw in #18995
- [cherry-pick]fix accessory import issue by @wy65701436 in #19056
- fix: TRIVYVERSION=v0.44.0 && TRIVYADAPTERVERSION=v0.30.15 by @zyyw in #19089
- [Cherry-pick]Convert the string �\ to number 0 by @AllForNothing in #19082
- [cherry-pick] fix: fix replication list projects with pure numberic name by @chlins in #19093
- bump go1.19.12 on release-2.7.0 base on ph4 by @MinerYang in #19162
- [cherry-pick] refactor: migrate the redis command keys to scan by @chlins in #19148
- [cherry-pick] chore: fix incorrect otel timeout in harbor yaml template by @chlins in #19121
- [cherry-pick] fix: support customize cache db for business by @chlins in #19189
- (cherry-pick) Remove job status track information from redis after stop the job in the queue by @stonezdj in #19306
- bump goharbor/golang 1.19.13 on release-2.7.0 by @MinerYang in #19324
- fix: bump up TRIVYVERSION=v0.45.0 && TRIVYADAPTERVERSION=v0.30.16 by @zyyw in #19329
Other Changes
- [cherry-pick]Fix setup-gcloud fails when building package by @YangJiao0817 in #18684
- [cherry-pick]Fix APITEST_DB_PROXY_CACHE x509 by @YangJiao0817 in #18980
- [cherry-pick]Bump up setup-gcloud to 430.0.0 by @YangJiao0817 in #19119
- [Cherry-pick]Add new uri path to ShouldNotReuseRoute array by @AllForNothing in #19220
Full Changelog: v2.7.2...v2.7.3
Contributors
stonezdj, wy65701436, and 7 other contributors
Assets 7
v2.7.3-rc1
What's Changed
Component updates ⬆️
- [cherry-pick] fix: improve the performance of list artifacts by @chlins in #18632
- bump golang 1.19.9 on release-2.7.0 by @MinerYang in #18650
- (cherry-pick) Use subtle.ConstantTimeCompare instead of compare directly by @stonezdj in #18711
- set tag pull time for proxy cache by @wy65701436 in #18742
- (cherry-pick) Return error when proxy cache get too many request error(429) by @stonezdj in #18751
- Changed logic search projects in gitlab adapter for 2.7.0 by @lxShaDoWxl in #18784
- [cherry-pick][2.7] fix: add retry on the caller of v2DeleteManifest instead within v2DeleteManifest by @dkulchinsky in #18802
- [Cherry-pick] fix: bump-up TRIVYVERSION=v0.43.0 and TRIVYADAPTERVERSION=v0.30.14 by @zyyw in #18995
- [cherry-pick]fix accessory import issue by @wy65701436 in #19056
- fix: TRIVYVERSION=v0.44.0 && TRIVYADAPTERVERSION=v0.30.15 by @zyyw in #19089
- [Cherry-pick]Convert the string �\ to number 0 by @AllForNothing in #19082
- [cherry-pick] fix: fix replication list projects with pure numberic name by @chlins in #19093
- bump go1.19.12 on release-2.7.0 base on ph4 by @MinerYang in #19162
- [cherry-pick] refactor: migrate the redis command keys to scan by @chlins in #19148
- [cherry-pick] chore: fix incorrect otel timeout in harbor yaml template by @chlins in #19121
- [cherry-pick] fix: support customize cache db for business by @chlins in #19189
- (cherry-pick) Remove job status track information from redis after stop the job in the queue by @stonezdj in #19306
- bump goharbor/golang 1.19.13 on release-2.7.0 by @MinerYang in #19324
- fix: bump up TRIVYVERSION=v0.45.0 && TRIVYADAPTERVERSION=v0.30.16 by @zyyw in #19329
Other Changes
- [cherry-pick]Fix setup-gcloud fails when building package by @YangJiao0817 in #18684
- [cherry-pick]Fix APITEST_DB_PROXY_CACHE x509 by @YangJiao0817 in #18980
- [cherry-pick]Bump up setup-gcloud to 430.0.0 by @YangJiao0817 in #19119
- [Cherry-pick]Add new uri path to ShouldNotReuseRoute array by @AllForNothing in #19220
Full Changelog: v2.7.2...v2.7.3-rc1
Contributors
stonezdj, wy65701436, and 7 other contributors
Assets 5
v2.9.0
Known issue
- There's a known issue #19320 that occurs when running harbor.yml migrate script with the specific
storage_service.redirect.disableconfiguration. Impact version would be Harbor v2.8 and v2.9, for example migrate from v2.7.X to v2.8.Y or v2.7.X to v2.9.Z. Please refer to this comment as a workaround.
What's Changed
Exciting New Features 🎉
Security Hub
Admin users can now access valuable security insights, which include the number of scanned and unscanned artifacts, identification of dangerous artifacts and CVEs, and advanced search capabilities for vulnerabilities using multiple combined conditions.
- Add Security Hub UI by @AllForNothing in #18942
- Update table scan_report and extract cvss_v3_score from vendor attribute by @stonezdj in #18854
- Add vulnerability search API by @stonezdj in #18924
- Add security hub summary API by @stonezdj in #18872
- Create index in vulnerability_record table by @stonezdj in #18949
GC Enhancements
Improved visibility with detailed GC execution history and enable parallel deletion for faster GC triggers.
- Add worker parameter for GC by @AllForNothing in #18882
- Add more details in gc history by @wy65701436 in #18779
- Add multiple deletions of GC by @wy65701436 in #18855
Supporting OCI Distribution Spec v1.1.0-rc2
Harbor now supports OCI Distribution Spec v1.1.0-rc2 and added support for Notation signature and Nydus conversion as referrers.
- Support OCI-Subject header by @wy65701436 in #18885
- Add notation support by @wy65701436 in #18909
- Enable notary v2 policy checker by @wy65701436 in #18927
- Add Notation UI for deployment security by @AllForNothing in #18952
- Support nydus as an accessory by @wy65701436 in #18953
Additional Features
Customized banner message
Admins can now set a customized banner message displayed on top of Harbor web pages.
- Add customized banner message UI by @AllForNothing in #18827
Quota Update Provider
Introduced a new mechanism utilizing Redis for optimistic locking during quota updates when pushing images. Refer to the documentation at https://github.com/goharbor/perf/wiki/Quota-Update for instructions on enabling and utilizing this feature.
- feat: Optimize quota checking when pushing images by @lengrongfu in #17392
- perf: introduce update quota by redis by @chlins in #18871
- feat: add the configuration for quota update provider by @chlins in #18928
Deprecations ❌
Removal of Notary
Starting with version v2.9.0, Harbor no longer includes Notary in either the user interface or the backend. Please navigate to this page for details.
- Remove notary test cases by @YangJiao0817 in #18620
- Remove notary UI by @AllForNothing in #18666
- Remove the notary from the backend by @wy65701436 in #18668
Known issue
- Harbor v2.9.0 Online/Offline Installer and Docker Version Compatibility
If you install Harbor v2.9.0 using an online/offline installer with Docker version lower than 20.10.10, you may encounter an issue where the Harbor database container fails to start. This issue is being tracked at (#19141). For more detailed information about this specific problem, you can visit this page (timescale/timescaledb-docker-ha#260). To avoid this issue, we recommend ensuring that your Docker version is equal to or greater than 20.10.10 when using Harbor v2.9.0 with the online/offline installer.
Breaking Changes
- As of Harbor v2.9.0, only PostgreSQL >= 12 is supported for external databases. Before upgrading, you should make sure that your external databases are using a supported version of PostgreSQL.
- Different API behavior in Harbor version 2.9 vs. prior versions: Users with limited_guest role are not able to query the repository endpoint by id #19709
Enhancement 🚀
- Fix message prompt under the header by @AllForNothing in #18613
- fix: improve the performance of list artifacts by @chlins in #18610
- Improve repo_read_only header on the UI by @AllForNothing in #18729
- Add a text to explain the time window for GC by @AllForNothing in #18735
- Add a tooltip for slack notification by @AllForNothing in #18787
- 【UT】add unit test for collector system info by @lengrongfu in #18717
- Add Details column for gc history by @AllForNothing in #18797
- Add Podman push command to the UI by @AllForNothing in #18810
- Add new client Podman to the pull command by @AllForNothing in #18857
Component updates ⬆️
- fix: fix error bitsize of jobservice reaper scan locks by @chlins in #18487
- bump golang 1.20.3 on main by @MinerYang in #18492
- feat: update TRIVYVERSION=v0.39.0 & TRIVYADAPTERVERSION=v0.30.10 by @zyyw in #18501
- Rewords quota definitions based on user input by @OrlinVasilev in #18512
- Synchronize text modification of quota tooltip to all the i18n files by @AllForNothing in #18518
- GC: correctly handle manifest unknown (404) condition in v2DeleteManifest retry loop by @dkulchinsky in #18386
- Change the permissions of the *.go file from 0755 to 0644 by @Iceber in #17919
- feat: log with trace ID by @pgillich in #18181
- Fix typos in common.sh by @Maxi-Mega in #18151
- bump golang.org/x/net && helm.sh/helm/v3 on main by @MinerYang in #18545
- Update position to vertical-align for copy button by @AllForNothing in #18563
- Add missing i18n key-value for helm chart by @AllForNothing in #18578
- Allow redis password using safe special characters by @MinerYang in #18566
- add goheader linter settings by @MinerYang in #18503
- fix: link to Github's rate limiting documentation. by @perjahn in #18588
- fix: error log use wrong variable err by @dyf991645 in #18602
- Upgrade the internal PostgreSQL to 14 in 2.9.0 by @YangJiao0817 in #18612
- Improve zh-tw (Traditional Chinese) locale by @PeterDaveHello in #18608
- bump golang 1.20.4 on main by @MinerYang in #18647
- fix: sweep executions of image scan job by @chlins in #18649
- fix: cherry pick the migration sql by @chlins in #18644
- chore: replace
github.com/ghodss/yamlwithsigs.k8s.io/yamlby @Juneezee in #18606 - Bump kentaro-m/auto-assign-action from 1.2.4 to 1.2.5 by @dependabot in #18263
- Changed logic search projects in gitlab adapter by @lxShaDoWxl in #18529
- bump up github.com/distribution/distribution v2.8.2 by @MinerYang in #18687
- fix: add retry on the caller of v2DeleteManifest instead within v2DeleteManifest by @zyyw in #18662
- Fix the channel that never receives a value by @iAklis in #18139
- Use subtle.ConstantTimeCompare instead of compare directly by @stonezdj in #18697
- Upgrade Angular and Clarity to the latest version by @AllForNothing in #18709
- chore: bump registry release to 2.8.2 by @davidspek in #18685
- Add support for TLSv1.3 in nginx configurations by @malmor in #18659
- set tag pull time for proxy cache by @wy65701436 in #18731
- http2 enabled and ciphers changed to get an A+ rating instead of B fr… by @mcsage in #16990
- Return error when proxy cache get too many request error(429) by @stonezdj in #18728
- 【optimization】Use URL.Redacted method repleace redacted by @lengrongfu in https://gi...
Contributors
pgillich, liubin, and 31 other contributors