Date   

CfP for OpenSource Summit NA 2023, Vancouver,CA is open until Feb 5th 2023!

Orlin Vasilev
 

Hi all,

Open Source Summit NA just opened CfP and it will be open until Feb 5th 2023.
If you are willing to apply I would love to help you out or even we can apply together!


Orlix
Community Manager


Re: Harbor Community feedback needed - US friendly TZ community meeting

Roger Klorese
 

If there are other folks in the Americas I would love to join them. 


On Dec 12, 2022, at 1:38 AM, Orlin Vasilev via lists.cncf.io <orlin=orlix.org@...> wrote:


!! External Email
Hello all,

This issue: https://github.com/goharbor/community/issues/189 is hanging around for quite a while!
If you are from the US and you cannot attend our China/European friendly  TZ Community meetings.

Please drop a line there so we can try to  improve the process and make it more suitable for you!

Thank you!
Orlix
Harbor Community

!! External Email: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender.


Harbor Community feedback needed - US friendly TZ community meeting

Orlin Vasilev
 

Hello all,

This issue: https://github.com/goharbor/community/issues/189 is hanging around for quite a while!
If you are from the US and you cannot attend our China/European friendly  TZ Community meetings.

Please drop a line there so we can try to  improve the process and make it more suitable for you!

Thank you!
Orlix
Harbor Community


🎉 🎉 🎉 Introducing Marcel Mueller - the newest harbor-operator maintainer 🎉 🎉 🎉

Orlin Vasilev
 

Hello Community,

I'm super happy to inform you that Marcel Mueller from Giant Swarm 
joined our maintainers for harbor-operator: https://github.com/goharbor/harbor-operator/pull/990

Bio:
Marcel is an engineering manager at Giant Swarm where he has worked on kubernetes operators for 5 years now. He lives in Germany and has previously worked on open source projects such as Cluster-API and Kyverno.

🎉 Once again welcome to the community Marcel!🎉

Orlix
Harbor Community Manager


FOSDEM 2023 is open for CfP until Dec 15th

Orlin Vasilev
 

Hello community,

Frr those of you who are not aware about it,  FOSDEM it's the biggest open source , open culture  conference in Europe happening on the first weekend of February every year in Bruxelles , Belgium.(this year it will be 4 and 5th, geeking out, hacking, beers, waffles etc...)

If you consider applying for a talk there and if you need help with anything will be super happy to help you and join you on that enterprise :)

Orlix
Community Manager


Harbor 2.6 replication ACR failure

yuangeqingtian@...
 

My ACR name: testdev
ACR URL: https://testdev.azurecr.io
ACR level: Premium

I used acr admin username and password and tested connection in registry successful, so no privilege lacking.
Then I created replication rule without any filtering condition and always failed.
image
he error message points to 401 error and unauthorized
However, if I add some filter condition to mirror certain docker image/helm chart , the replication task can perform succeed.
image


List tag API and call catalog api for Azure container registry seems all ok
1: The account in Harbor that used to mirror ACR has ACR pull privilege granted and test connection succeed.
2: The issue happens for a specific ACR with 570 repository and over 20000+ docker image/helm chart counted with tags.
3: The account in Harbor for replication task succeed with multiple other ACRS with smaller storage size or smaller tags size.


Re: Redhat Advanced Cluster Security as a pluggable scanner in Harbor #security

daojunz
 

Stackrox is not supported


Redhat Advanced Cluster Security as a pluggable scanner in Harbor #security

reachanshulawasthi@...
 

Hi,

We want to use the Redhat Advanced Cluster Security Scanner(Stackrox) in Harbor and see the CVE data in the Harbor Portal.
Is there support for that?


Re: help repo add error: is not a valid chart repository or cannot be reached

Ignazio Cassano
 

I am sorry, it works fine . The problem was the certificate.
Ignazio

Il giorno ven 7 ott 2022 alle ore 12:26 Ignazio Cassano via lists.cncf.io <ignaziocassano=gmail.com@...> ha scritto:

If I remember well it worked fine with local storage instead of s3, anycase I will test it again

Il Ven 7 Ott 2022, 12:00 Ignazio Cassano via lists.cncf.io <ignaziocassano=gmail.com@...> ha scritto:
Hello Everyone, I've just installed harbor with helm and I can push images with success but I cannot add any chart repo.
I have de default library project so I am training:

helm repo add myrepo --username=admin https://core.address.nip.io/chartrepo/library/

But I got:
https://..... is not a valid chart repository or cannot be reached
I am using S3 for storing images.
Any help, please
Ignazio


Re: help repo add error: is not a valid chart repository or cannot be reached

Ignazio Cassano
 

If I remember well it worked fine with local storage instead of s3, anycase I will test it again


Il Ven 7 Ott 2022, 12:00 Ignazio Cassano via lists.cncf.io <ignaziocassano=gmail.com@...> ha scritto:
Hello Everyone, I've just installed harbor with helm and I can push images with success but I cannot add any chart repo.
I have de default library project so I am training:

helm repo add myrepo --username=admin https://core.address.nip.io/chartrepo/library/

But I got:
https://..... is not a valid chart repository or cannot be reached
I am using S3 for storing images.
Any help, please
Ignazio


help repo add error: is not a valid chart repository or cannot be reached

Ignazio Cassano
 

Hello Everyone, I've just installed harbor with helm and I can push images with success but I cannot add any chart repo.
I have de default library project so I am training:

helm repo add myrepo --username=admin https://core.address.nip.io/chartrepo/library/

But I got:
https://..... is not a valid chart repository or cannot be reached
I am using S3 for storing images.
Any help, please
Ignazio


KubeCon Europe 2023 CfP is open until November 18

Orlin Vasilev
 

Hello Everyone,

Not sure if you are closely following but the CfP for KubeCon+CloudNative Con Europe 2023 is open: https://events.linuxfoundation.org/kubecon-cloudnativecon-europe/program/cfp/
image.png
If you think you will be submitting something about Harbor and you need some help from my side or even to join you on stage feel free to reach out to me, for the last 3 KubeCon editions I was part of the Program Committee(and co-chair for track 101) so maybe I can help you out with your CfP application :)

If you need input from any of the maintainers or someone else from the team behind Harbor drop a line and we can make this work!

Few perks if you are speaker at KubeCon:
- show everyone your great work
- free ticket
- special speakers swag
- KubeCon badge of achievement 
- speaker lounge(quiet place for rest at KubeCon - YES such place exists)
- speaker's party and breakfast :) 

I really hope we can have a few submissions this year as well including the maintainers track!

Waiting for your applications! :)

Orlix
Harbor Community Manager



Collect ideas for Harbor v2.8

Orlin Vasilev
 

Hello community, 

As we released v2.6 and v2.7 is more or less set in the roadmap.
It's time to collect ideas and folks willing to spend time working on Harbor project for the future releases

here is the new discussion for v2.8 https://github.com/goharbor/harbor/discussions/17621

Please check if you are missing something in v2.6 release or in the RoadMap for v2.7

Thank you for being an active member of the community!

Orlix
Harbor Community Manager!


Re: 🎉🎉Harbor Release v2.6.0 Highlights🎉🎉

Orlin Vasilev
 

Hi Márk, thanks for reporting that :) fixed in https://github.com/goharbor/website/pull/367

About the operator, I think Steven Zou can answer that :)

Orlix 

On Wed, Sep 28, 2022 at 7:05 PM Márk Sági-Kazár <mark.sagikazar@...> wrote:
Congrats to the team!

One thing I noticed in the blog post: under known limitations there is a number that I believe references an issue, but there is no link there (while in other cases issue references are links).

Looking forward to upgrading! (On that note: do you have an estimated timeline for supporting 2.6 in the operator?)

Cheers,
Mark

Orlin Vasilev <orlin@...> ezt írta (időpont: 2022. szept. 28., Sze, 16:17):
🎉 Hello Community,

In case you have missed the release of v2.6.0 you can find the highlights of it here: https://goharbor.io/blog/harbor-2.6/

You can find everything you need in the release notes.

Special HUGE thanks to all new contributors: 🎉🎉🎉
... and of course to everyone involved in that milestone!

If you have any questions or requests feel free to reach us in slack or over mail!

Orlix
Harbor Community Manager


Another Domain as configured in external_url for some project context

guenther.wagner@...
 

We are using harbor version 2.5.1, Real cool tool.

Actually we wanted shorten the url for some project context and access it with another domain. For general access we use the domain configured from the setting external_url, 

For the shorten url we put a reverse proxy in front of the harbor instance. 

Example:

Original URL: harbor.company.com/proxy/{docker image name}:{tag} , external_url setting is harbor.company.com
Desired Implementation: harborproxy.company.com/{docker image name}:{tag} -> reverse proxy -> harbor.company.com/proxy/v2

Unfortunately Harbor prompts for authentication although the project context /proxy is public --> unauthorized: authentication required

Is there a way to support this use case? 


Re: 🎉🎉Harbor Release v2.6.0 Highlights🎉🎉

Márk Sági-Kazár
 

Congrats to the team!

One thing I noticed in the blog post: under known limitations there is a number that I believe references an issue, but there is no link there (while in other cases issue references are links).

Looking forward to upgrading! (On that note: do you have an estimated timeline for supporting 2.6 in the operator?)

Cheers,
Mark

Orlin Vasilev <orlin@...> ezt írta (időpont: 2022. szept. 28., Sze, 16:17):

🎉 Hello Community,

In case you have missed the release of v2.6.0 you can find the highlights of it here: https://goharbor.io/blog/harbor-2.6/

You can find everything you need in the release notes.

Special HUGE thanks to all new contributors: 🎉🎉🎉
... and of course to everyone involved in that milestone!

If you have any questions or requests feel free to reach us in slack or over mail!

Orlix
Harbor Community Manager


🎉🎉Harbor Release v2.6.0 Highlights🎉🎉

Orlin Vasilev
 

🎉 Hello Community,

In case you have missed the release of v2.6.0 you can find the highlights of it here: https://goharbor.io/blog/harbor-2.6/

You can find everything you need in the release notes.

Special HUGE thanks to all new contributors: 🎉🎉🎉
... and of course to everyone involved in that milestone!

If you have any questions or requests feel free to reach us in slack or over mail!

Orlix
Harbor Community Manager


Disable Anonymous access setting in system settings not working at all (Urgent)

gandhi07naren@...
 

 

Hello,

 

We are currently facing a major issue in our Harbor deployment.


Disabling Anonymous User doesn't disable anonymous access and people who are not registered still can access images from public projects.

 

 

Our current version is Harbor v2.2.0

 

 

A quick response will be much appreciated and we will be thankful for.

 

 


Re: Amozon s3 for registry

Ignazio Cassano
 

Some updates:
if s3 is behind a proxy I have to add charmusem under Proxy Components.
This solves.
Ignazio

Il giorno gio 22 set 2022 alle ore 14:51 Ignazio Cassano via lists.cncf.io <ignaziocassano=gmail.com@...> ha scritto:

More updates:
seems something is not configured web because in chartmuseum log I get:
Get \"https://s3.eu-central-1.amazonaws.com/ignaharbor?prefix=igna\": dial tcp 52.219.168.115:443: i/o timeout","repo":"igna","reqID":"1bcc32aa-6e6c-43a7-a6a6-e3a2b63c2ec3"}

igna is the project I created on harbor gui where I can push images but I cannot browse via web interface.

Where are my mistakes ?
Ignazio

Il giorno gio 22 set 2022 alle ore 14:43 Ignazio Cassano via lists.cncf.io <ignaziocassano=gmail.com@...> ha scritto:
Hello, I do not understand what is rootdirectory.
I used the following setup in s3:region: eu-central-1
          bucket: ignaharbor
          accesskey: accesskey
          secretkey: secret
          regionendpoint: https://s3.eu-central-1.amazonaws.com

The result is I can push images but I cannot browse the project on the harbor web gui..
I can only browse the default "library" project"
Please, help me
Ignazio


Il giorno gio 22 set 2022 alle ore 01:13 daojunz via lists.cncf.io <daojunz=vmware.com@...> ha scritto:

You could refer this configure file

https://github.com/distribution/distribution/blob/main/docs/configuration.md

 

  s3:

    accesskey: awsaccesskey

    secretkey: awssecretkey

    region: us-west-1

    regionendpoint: http://myobjects.local

    forcepathstyle: true

    accelerate: false

    bucket: bucketname

    encrypt: true

    keyid: mykeyid

    secure: true

    v4auth: true

    chunksize: 5242880

    multipartcopychunksize: 33554432

    multipartcopymaxconcurrency: 100

    multipartcopythresholdsize: 33554432

    rootdirectory: /s3/object/name/prefix

    usedualstack: false

 

The option in red text is mandatory

 

Best regards,

Stone (张道军)

Software Engineer, CNA, VMware R&D

 

-- 

 

 

From: harbor-users@... <harbor-users@...> on behalf of Ignazio Cassano via lists.cncf.io <ignaziocassano=gmail.com@...>
Date: Wednesday, September 21, 2022 at 10:42 PM
To: harbor-users@... <harbor-users@...>
Subject: [harbor-users] Amozon s3 for registry

External Email

Hello,

I would like to use S3 for registry.

In values.yaml of harbor I wrote:

 

region: eu-central-1
          bucket: ignaharbor
          accesskey: myaccesskey
          secretkey: mysecret

 

Is this enough to work ?

 

Thanks

Ignazio

 


External Email: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender.


Re: Amozon s3 for registry

Ignazio Cassano
 

More updates:
seems something is not configured web because in chartmuseum log I get:
Get \"https://s3.eu-central-1.amazonaws.com/ignaharbor?prefix=igna\": dial tcp 52.219.168.115:443: i/o timeout","repo":"igna","reqID":"1bcc32aa-6e6c-43a7-a6a6-e3a2b63c2ec3"}

igna is the project I created on harbor gui where I can push images but I cannot browse via web interface.

Where are my mistakes ?
Ignazio

Il giorno gio 22 set 2022 alle ore 14:43 Ignazio Cassano via lists.cncf.io <ignaziocassano=gmail.com@...> ha scritto:

Hello, I do not understand what is rootdirectory.
I used the following setup in s3:region: eu-central-1
          bucket: ignaharbor
          accesskey: accesskey
          secretkey: secret
          regionendpoint: https://s3.eu-central-1.amazonaws.com

The result is I can push images but I cannot browse the project on the harbor web gui..
I can only browse the default "library" project"
Please, help me
Ignazio


Il giorno gio 22 set 2022 alle ore 01:13 daojunz via lists.cncf.io <daojunz=vmware.com@...> ha scritto:

You could refer this configure file

https://github.com/distribution/distribution/blob/main/docs/configuration.md

 

  s3:

    accesskey: awsaccesskey

    secretkey: awssecretkey

    region: us-west-1

    regionendpoint: http://myobjects.local

    forcepathstyle: true

    accelerate: false

    bucket: bucketname

    encrypt: true

    keyid: mykeyid

    secure: true

    v4auth: true

    chunksize: 5242880

    multipartcopychunksize: 33554432

    multipartcopymaxconcurrency: 100

    multipartcopythresholdsize: 33554432

    rootdirectory: /s3/object/name/prefix

    usedualstack: false

 

The option in red text is mandatory

 

Best regards,

Stone (张道军)

Software Engineer, CNA, VMware R&D

 

-- 

 

 

From: harbor-users@... <harbor-users@...> on behalf of Ignazio Cassano via lists.cncf.io <ignaziocassano=gmail.com@...>
Date: Wednesday, September 21, 2022 at 10:42 PM
To: harbor-users@... <harbor-users@...>
Subject: [harbor-users] Amozon s3 for registry

External Email

Hello,

I would like to use S3 for registry.

In values.yaml of harbor I wrote:

 

region: eu-central-1
          bucket: ignaharbor
          accesskey: myaccesskey
          secretkey: mysecret

 

Is this enough to work ?

 

Thanks

Ignazio

 


External Email: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender.