chore: sync with upstream goharbor/harbor#121
Conversation
Remove the unused function MostMatchSorter, it should not be implemented in golang, should be implement in the db query. Remove the unused function onBoardCommonUserGroup() fixes goharbor#22573 Signed-off-by: stonezdj <stonezdj@gmail.com>
refine apitest Signed-off-by: my036811 <miner.yang@broadcom.com>
…bor#22535) * add per-endpoint CA certificate support for registry endpoints fixes goharbor#22203 Allowing Harbor to trust self-signed or private CA certificates for individual registry endpoints without modifying the system-level trust store. 1. Database schema changes, API updates with PEM validation. 2. HTTP transport layer modifications across all the registry adapters. 3. UI field to fill in the certificate. The feature is backward compatible - existing installations using system-level CA trust will continue to work without any changes. Signed-off-by: wang yan <yan-yw.wang@broadcom.com> * resolve lint failures Signed-off-by: wang yan <yan-yw.wang@broadcom.com> * add i18n changes Signed-off-by: wang yan <yan-yw.wang@broadcom.com> * resolve review comments Signed-off-by: wang yan <yan-yw.wang@broadcom.com> * make the input as non-required and updates i18n Signed-off-by: wang yan <yan-yw.wang@broadcom.com> * resolve comments Signed-off-by: wang yan <yan-yw.wang@broadcom.com> --------- Signed-off-by: wang yan <yan-yw.wang@broadcom.com> Co-authored-by: wang yan <yan-yw.wang@broadcom.com>
) * feat: implement keyless signing in release workflow - Move signing from build to release workflow - Use .sigstore.json naming convention (Sigstore standard) - update signature verification documentation and readme file - Update workflows to sign artifacts at release time only Signed-off-by: Aloui-Ikram <ikram@container-registry.com> * WIP: update release workflow and utils Signed-off-by: Aloui-Ikram <ikram@container-registry.com> * Add Cosign signing and fix accidental deletions - Add Cosign signing to releases for security - Revert to using getAssets function - Restore latest installer uploads - Restore pre-release comment Signed-off-by: Aloui-Ikram <ikram@container-registry.com> * Remove braces from variable names for consistency Signed-off-by: Aloui-Ikram <ikram@container-registry.com> * Remove unnecessary permissions from build-package.yml Signed-off-by: Aloui-Ikram <ikram@container-registry.com> --------- Signed-off-by: Aloui-Ikram <ikram@container-registry.com> Co-authored-by: Aloui-Ikram <ikram@container-registry.com> Co-authored-by: Daniel Jiang <daniel.jiang@broadcom.com>
…ngle group (goharbor#22723) Signed-off-by: Lars Francke <git@lars-francke.de>
Signed-off-by: liuyueyangxmu <liuyueyangxmu@outlook.com>
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
|
Important Review skippedBot user detected. To trigger a single review, invoke the You can disable this status message by setting the Comment |
This commit fixes the style issues introduced in 88b74ce according to the output from Gofumpt and Prettier. Details: container-registry/harbor-next#121
|
There was a problem hiding this comment.
4 issues found across 73 files
Prompt for AI agents (all issues)
Check if these issues are valid — if so, understand the root cause of each and fix them.
<file name="src/controller/event/handler/util/util.go">
<violation number="1" location="src/controller/event/handler/util/util.go:72">
P2: Handle the case where the repo name has no "/"; strings.Cut returns an empty string then, unlike the previous behavior which returned the full repo.</violation>
</file>
<file name="src/portal/src/i18n/lang/zh-cn-lang.json">
<violation number="1" location="src/portal/src/i18n/lang/zh-cn-lang.json:671">
P1: Missing comma after "PLACEHOLDER" breaks JSON syntax for this locale file.</violation>
<violation number="2" location="src/portal/src/i18n/lang/zh-cn-lang.json:672">
P1: Unescaped double quotes inside the tooltip string break JSON parsing.</violation>
</file>
<file name="src/server/v2.0/handler/user.go">
<violation number="1" location="src/server/v2.0/handler/user.go:281">
P2: SearchUsers no longer applies the requested page offset. SearchByName only limits the result size, so page>1 requests will return the same first page while the response links/total suggest pagination is honored.</violation>
</file>
Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.
| "CANNOT_EDIT": "当复制规则启用时目标无法修改。", | ||
| "PLACEHOLDER": "未发现任何复制目标!" | ||
| "CA_CERTIFICATE": "CA 证书", | ||
| "CA_CERTIFICATE_TOOLTIP": "提供 PEM 编码的 CA 证书以验证仓库的 TLS 证书。留空将使用系统 CA 池。此字段仅在启用"验证远程证书"时可用。", |
There was a problem hiding this comment.
P1: Unescaped double quotes inside the tooltip string break JSON parsing.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At src/portal/src/i18n/lang/zh-cn-lang.json, line 672:
<comment>Unescaped double quotes inside the tooltip string break JSON parsing.</comment>
<file context>
@@ -668,6 +668,9 @@
"CANNOT_EDIT": "当复制规则启用时目标无法修改。",
"PLACEHOLDER": "未发现任何复制目标!"
+ "CA_CERTIFICATE": "CA 证书",
+ "CA_CERTIFICATE_TOOLTIP": "提供 PEM 编码的 CA 证书以验证仓库的 TLS 证书。留空将使用系统 CA 池。此字段仅在启用"验证远程证书"时可用。",
+ "CA_CERTIFICATE_HELPER": "可选。在此粘贴 PEM 编码的 CA 证书,以信任此端点的自签名或私有 CA 证书。如果留空,Harbor 将使用系统 CA 池。"
},
</file context>
| "CA_CERTIFICATE_TOOLTIP": "提供 PEM 编码的 CA 证书以验证仓库的 TLS 证书。留空将使用系统 CA 池。此字段仅在启用"验证远程证书"时可用。", | |
| "CA_CERTIFICATE_TOOLTIP": "提供 PEM 编码的 CA 证书以验证仓库的 TLS 证书。留空将使用系统 CA 池。此字段仅在启用\"验证远程证书\"时可用。", |
| "DELETED_FAILED": "删除目标失败。", | ||
| "CANNOT_EDIT": "当复制规则启用时目标无法修改。", | ||
| "PLACEHOLDER": "未发现任何复制目标!" | ||
| "CA_CERTIFICATE": "CA 证书", |
There was a problem hiding this comment.
P1: Missing comma after "PLACEHOLDER" breaks JSON syntax for this locale file.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At src/portal/src/i18n/lang/zh-cn-lang.json, line 671:
<comment>Missing comma after "PLACEHOLDER" breaks JSON syntax for this locale file.</comment>
<file context>
@@ -668,6 +668,9 @@
"DELETED_FAILED": "删除目标失败。",
"CANNOT_EDIT": "当复制规则启用时目标无法修改。",
"PLACEHOLDER": "未发现任何复制目标!"
+ "CA_CERTIFICATE": "CA 证书",
+ "CA_CERTIFICATE_TOOLTIP": "提供 PEM 编码的 CA 证书以验证仓库的 TLS 证书。留空将使用系统 CA 池。此字段仅在启用"验证远程证书"时可用。",
+ "CA_CERTIFICATE_HELPER": "可选。在此粘贴 PEM 编码的 CA 证书,以信任此端点的自签名或私有 CA 证书。如果留空,Harbor 将使用系统 CA 池。"
</file context>
| _, after, _ := strings.Cut(repo, "/") | ||
| return after |
There was a problem hiding this comment.
P2: Handle the case where the repo name has no "/"; strings.Cut returns an empty string then, unlike the previous behavior which returned the full repo.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At src/controller/event/handler/util/util.go, line 72:
<comment>Handle the case where the repo name has no "/"; strings.Cut returns an empty string then, unlike the previous behavior which returned the full repo.</comment>
<file context>
@@ -69,8 +69,8 @@ func SendHookWithPolicies(ctx context.Context, policies []*policy_model.Policy,
func GetNameFromImgRepoFullName(repo string) string {
- idx := strings.Index(repo, "/")
- return repo[idx+1:]
+ _, after, _ := strings.Cut(repo, "/")
+ return after
}
</file context>
| _, after, _ := strings.Cut(repo, "/") | |
| return after | |
| _, after, found := strings.Cut(repo, "/") | |
| if !found { | |
| return repo | |
| } | |
| return after |
| return operation.NewSearchUsersOK().WithXTotalCount(0).WithPayload([]*models.UserSearchRespItem{}) | ||
| } | ||
| l, err := u.ctl.List(ctx, query) | ||
| l, err := u.ctl.SearchByName(ctx, params.Username, int(*params.PageSize)) |
There was a problem hiding this comment.
P2: SearchUsers no longer applies the requested page offset. SearchByName only limits the result size, so page>1 requests will return the same first page while the response links/total suggest pagination is honored.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At src/server/v2.0/handler/user.go, line 281:
<comment>SearchUsers no longer applies the requested page offset. SearchByName only limits the result size, so page>1 requests will return the same first page while the response links/total suggest pagination is honored.</comment>
<file context>
@@ -279,7 +278,7 @@ func (u *usersAPI) SearchUsers(ctx context.Context, params operation.SearchUsers
return operation.NewSearchUsersOK().WithXTotalCount(0).WithPayload([]*models.UserSearchRespItem{})
}
- l, err := u.ctl.List(ctx, query)
+ l, err := u.ctl.SearchByName(ctx, params.Username, int(*params.PageSize))
if err != nil {
return u.SendError(ctx, err)
</file context>


Automated PR to sync 6 new commit(s) from upstream goharbor/harbor main branch.
Merge strategy: Our changes in
nextare preserved on conflicts (upstream changes are additive only).Note: The
.githubfolder is preserved and not synced from upstream.Summary by cubic
Syncs our branch with upstream Harbor to add per-endpoint CA certificate support, Cosign-based release signature verification, and improvements to user/group search and OIDC group handling. This strengthens registry connectivity and fixes search accuracy.
New Features
Bug Fixes
Written for commit 34e14a2. Summary will update on new commits.