|
Accepted: [EXT] [harbor-users] Harbor Community Meeting - China/Europe Time zone
Ned Hanks
|
||||||||||||||||||||||||
|
|
||||||||||||||||||||||||
|
Harbor Community Meeting - China/Europe Time zone
Hello everyone,
This is a recurring calendar invite for the bi-weekly Harbor community meetings. There will be two meetings, one for China/Europe time zone, and one for Americas time zone Please pick the one that fits your schedule best. To attend, use the following Zoom link: https://zoom.us/j/734959521 Meeting notes, agenda, and recordings of past meetings and other details are located at https://github.com/goharbor/community/blob/master/MEETING_SCHEDULE.md and https://github.com/goharbor/community/tree/master/conf-calls
|
||||||||||||||||||||||||
|
|
||||||||||||||||||||||||
|
Harbor Community Meeting - China/Europe Time zone
Hello everyone,
This is a recurring calendar invite for the bi-weekly Harbor community meetings. There will be two meetings, one for China/Europe time zone, and one for Americas time zone Please pick the one that fits your schedule best. To attend, use the following Zoom link: https://zoom.us/j/734959521 Meeting notes, agenda, and recordings of past meetings and other details are located at https://github.com/goharbor/community/blob/master/MEETING_SCHEDULE.md and https://github.com/goharbor/community/tree/master/conf-calls
|
||||||||||||||||||||||||
|
|
||||||||||||||||||||||||
|
Harbor on EC2 vs EKS pricing
@Sumukha
Hello Community,
I am exploring different methods to host Harbor server. I came across hosting Harbor on an EC2 instance which is by following steps from the installer guide as well as provisioning Harbor on Kubernetes using Helm charts. For the Kubernetes option, I was thinking of Amazon EKS. While it might take some time to analyze the cost between these options, I am requesting this community's help for advice on which would be the better option in terms of better pricing and scaling (in future). Any thoughts / suggestions is much appreciated. Thanks and Regards, SKP
|
||||||||||||||||||||||||
|
|
||||||||||||||||||||||||
|
Re: Scanner support
Steven Zou
Hi Hiten,
The rest API spec for the scanner adapter is defined here: https://github.com/goharbor/pluggable-scanner-spec .
The cliar adapter implementation can be a good example for you: https://github.com/goharbor/harbor-scanner-clair
thanks®ards -- 邹佳 Steven Zou (he/him/his)
Engineer, MAP(Modern Application Platform), VMware R&D | Harbor Maintainer
Mail: szou@... GitHub: github.com/steven-zou Cell: +8618600021252 Addr: 9F Tower C, Raycom Info Tech Park, No. 2 Kexueyuan South Road Haidian District, Beijing 100738 China
From: <harbor-users@...> on behalf of "Hiten Shah via lists.cncf.io" <hitenps11=gmail.com@...>
Hello All,
I am looking for some developer guide for scanner adapters. What all things a scanner needs to implement, like endpoints, apis etc.
Any guide for the same would be really helpful.
Thanks & Regards, Hiten Shah
|
||||||||||||||||||||||||
|
|
||||||||||||||||||||||||
|
Scanner support
Hiten Shah
Hello All, I am looking for some developer guide for scanner adapters. What all things a scanner needs to implement, like endpoints, apis etc. Any guide for the same would be really helpful. Thanks & Regards, Hiten Shah
|
||||||||||||||||||||||||
|
|
||||||||||||||||||||||||
|
cancelling 12.30 community meeting
Alex Xu
Hey everyone,
We're cancelling the Harbor community meeting on 12.30 to take a break for the holidays. If you have anything urgent to discuss, please reach out here or in slack. Thanks!
|
||||||||||||||||||||||||
|
|
||||||||||||||||||||||||
|
Non-critical severity vulnerability in Harbor (CVE-2020-29662)
#security
Alex Xu
Attention Harbor users,A new Harbor security advisory has been published at https://github.com/goharbor/harbor/security/advisories/GHSA-38r5-34mr-mvm7The vulnerability has already been fixed in the newly released v2.1.2 and v2.0.5. Please upgrade to these versions as soon as possible. If you have any concerns about this timeline, please reach out to us.
|
||||||||||||||||||||||||
|
|
||||||||||||||||||||||||
|
Harbor API support to push helm charts and docker images
Nidhi Kalkur
Hi, I am new to harbor. I was able to upload helm charts to harbor via CLI i.e. https://goharbor.io/docs/1.10/working-with-projects/working-with-images/managing-helm-charts/ and was able to push docker images via docker login and docker push. I wanted to know whether a) We can upload helm charts to harbor via harbor API b) And can we upload docker images to harbor via harbor API. If possible any reference document would be of great help. Thanks and regards,
|
||||||||||||||||||||||||
|
|
||||||||||||||||||||||||
|
Harbor Office Hours info
Hi everyone!
Today we sent out invites for the new Harbor Office Hours. These will take the place of the previous Americas community meetings, so feel free to delete those from your calendar if you haven't already.
The Harbor Office Hours is a place where you can ask questions like "how does Harbor work?", "how do I do this in Harbor?", and "how do I get started contributing to Harbor?”.
We had some great discussions at the Harbor Office Hours last week, and we are looking forward to more lively discussions and questions from you all.
The invites sent are currently for the 2nd Wednesday of every month, and starting in January we will expand them to also be on the 4th Wednesday of every month.
See you all at the office hours next week!
Best,
— Jonas Rosland (he/him) Head of Community Management
Modern Applications Platform @ VMware
Phone: +1 (925) 335 6627 Twitter: @jonasrosland
|
||||||||||||||||||||||||
|
|
||||||||||||||||||||||||
|
Event: Harbor Office Hours - 2nd Wednesday
#cal-invite
harbor-users@lists.cncf.io Calendar <noreply@...>
Harbor Office Hours - 2nd Wednesday When: Where: An RSVP is requested. Click here to RSVP Description: Come join us for the Harbor Office Hours every 2nd and 4th Wednesday at 1pm ET / 10am PT. CNCF Harbor is inviting you to a scheduled Zoom meeting. Join Zoom Meeting https://zoom.us/j/98160556477?pwd=ZzhUa3VteFJQK2VXbWJxMHRQY0JmUT09
Meeting ID: 981 6055 6477 Passcode: 5313661231 One tap mobile +16465588656,,98160556477# US (New York) +13017158592,,98160556477# US (Washington D.C)
Dial by your location +1 646 558 8656 US (New York) +1 301 715 8592 US (Washington D.C) +1 312 626 6799 US (Chicago) +1 669 900 6833 US (San Jose) +1 253 215 8782 US (Tacoma) +1 346 248 7799 US (Houston) 877 369 0926 US Toll-free 855 880 1246 US Toll-free +1 778 907 2071 Canada +1 204 272 7920 Canada +1 438 809 7799 Canada +1 587 328 1099 Canada +1 647 374 4685 Canada +1 647 558 0588 Canada 855 703 8985 Canada Toll-free Meeting ID: 981 6055 6477 Find your local number: https://zoom.us/u/adyobhXLwo
|
||||||||||||||||||||||||
|
|
||||||||||||||||||||||||
|
Updated Event: Harbor Community Meeting (USA)
#cal-invite
harbor-users@lists.cncf.io Calendar <noreply@...>
Harbor Community Meeting (USA) When: Organizer: CNCF-Harbor 67c5de1sqt4d5t379oi0r1ruc4@... Description:
|
||||||||||||||||||||||||
|
|
||||||||||||||||||||||||
|
Updated Event: Harbor Community Meeting (USA)
#cal-invite
harbor-users@lists.cncf.io Calendar <noreply@...>
Harbor Community Meeting (USA) When: Organizer: CNCF-Harbor 67c5de1sqt4d5t379oi0r1ruc4@... Description:
|
||||||||||||||||||||||||
|
|
||||||||||||||||||||||||
|
Updated Event: Harbor Community Meeting (USA)
#cal-invite
harbor-users@lists.cncf.io Calendar <noreply@...>
Harbor Community Meeting (USA) When: Organizer: CNCF-Harbor 67c5de1sqt4d5t379oi0r1ruc4@... Description:
|
||||||||||||||||||||||||
|
|
||||||||||||||||||||||||
|
Updated Event: Harbor Community Meeting (USA)
#cal-invite
harbor-users@lists.cncf.io Calendar <noreply@...>
Harbor Community Meeting (USA) When: Organizer: CNCF-Harbor 67c5de1sqt4d5t379oi0r1ruc4@... Description:
|
||||||||||||||||||||||||
|
|
||||||||||||||||||||||||
|
Invitation: Harbor Community Meeting (USA) @ Every 4 weeks from 3pm to 3:30pm on Wednesday (CST) (harbor-users@lists.cncf.io)
|
||||||||||||||||||||||||
|
|
||||||||||||||||||||||||
|
Event: Harbor Office Hours! - Wednesday, 28 October 2020
#cal-invite
harbor-users@lists.cncf.io Calendar <noreply@...>
Harbor Office Hours! When: Where: Description: Come join the Harbor Office Hours, a place where you can ask questions like "how does Harbor work", “how do I do this in Harbor” and “why does Harbor do this thing this way?”
This is meant as an informal meeting for both users and contributors where we answer your questions, help with configurations, and get you started contributing to Harbor. --- CNCF Harbor is inviting you to a scheduled Zoom meeting. Topic: Harbor Office Hours
Time: Oct 28, 2020 13:00 Eastern Time (US and Canada)
Join Zoom Meeting
https://zoom.us/j/99762357843
Meeting ID: 997 6235 7843
One tap mobile
+13017158592,,99762357843# US (Germantown)
+13126266799,,99762357843# US (Chicago)
Dial by your location
+1 301 715 8592 US (Germantown)
+1 312 626 6799 US (Chicago)
+1 646 558 8656 US (New York)
+1 253 215 8782 US (Tacoma)
+1 346 248 7799 US (Houston)
+1 669 900 6833 US (San Jose)
877 369 0926 US Toll-free
855 880 1246 US Toll-free
+1 647 374 4685 Canada
+1 647 558 0588 Canada
+1 778 907 2071 Canada
+1 204 272 7920 Canada
+1 438 809 7799 Canada
+1 587 328 1099 Canada
855 703 8985 Canada Toll-free
Meeting ID: 997 6235 7843
Find your local number: https://zoom.us/u/abQGnAtcND
|
||||||||||||||||||||||||
|
|
||||||||||||||||||||||||
|
Upgrade from 2.0 to 2.1
patric@...
Hi,
I have an installation av Harbor 2.0 and want to upgrade to 2.1 I can't really find any information on what needs to be done to upgrade. Can I just run "docker-compose down", then download 2.1, replace harbor.yml from my 2.0 folder and run ./prepare and "docker-compose up -d"? Or are there any other steps or things I need to think about?
|
||||||||||||||||||||||||
|
|
||||||||||||||||||||||||
|
Skipping Community Meeting this week
#cal-cancelled
Alex Xu
Hey everyone
We will not be holding the Harbor community meeting this week since the team is on national holiday. If there's anything urgent, please feel free to reach out on Slack. We will also start our Office Hours very soon.
Thanks,
The Harbor Team
|
||||||||||||||||||||||||
|
|
||||||||||||||||||||||||
|
Non-critical severity vulnerability in Harbor (CVE-2020-13794)
#security
Alex Xu
Attention Harbor users, A new Harbor security advisory has been published at https://github.com/goharbor/harbor/security/advisories/GHSA-q9p8-33wc-h432 The vulnerability has already been fixed in the newly released v2.1.0 and v2.0.3. Please upgrade to these versions as soon as possible. If you have any concerns about this timeline, please reach out to us. DescriptionDutch Government Security Team has discovered an enumeration vulnerability that lists all users with their respective user_IDs when doing authenticated API calls (basic auth) to "/api/users/search?username=_" CURL example: curl -X GET "https://harbor.diensten.test.REDACTED.nl/api/users/search?username=_" -H "accept: application/json" --user REDACTED@... The vulnerability was immediately fixed by the Harbor team and all supported versions were patched. Known Attack VectorsSuccessful exploitation of this issue will lead to enumeration of users and their IDs **PatchesThis is already patched in the v2.1.0 released today but we will also make the fix available in the upcoming v2.0.3 https://github.com/goharbor/harbor/releases/tag/v2.1.0 https://github.com/goharbor/harbor/releases/tag/v2.0.3 For more informationView our security policy at https://github.com/goharbor/harbor/security/policy If you have any questions or comments about this advisory, please contact cncf-harbor-security@... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13794
|
||||||||||||||||||||||||
|
|
Description
Javier Provecho, member of the TCCT (Telefonica Cloud & Cybersecurity Tech) SRE team discovered a vulnerability regarding Harbor’s v2 API.
The catalog’s registry v2 api is exposed on an unauthenticated path. The current catalog API path is served at the following path and it requires to be authenticated as an admin.
GET /v2/_catalog
However, the authorization can be bypassed by using the following path
GET /v2/_catalog/
Patches
If your product uses the affected releases of Harbor, update to either version v2.1.2 or v2.0.5 to fix this issue immediately
https://github.com/goharbor/harbor/releases/tag/v2.1.2
https://github.com/goharbor/harbor/releases/tag/v2.0.5
Workarounds
If you cannot access a patched release at this time, it can be mitigated by disabling that API. For example, redirecting it to a 404 sink hole in the ingress.
For more information
If you have any questions or comments about this advisory, contact cncf-harbor-security@...
View our security policy at https://github.com/goharbor/harbor/security/policy
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29662