Date   

Upgrade from 2.0 to 2.1

patric@...
 

Hi,

I have an installation av Harbor 2.0 and want to upgrade to 2.1
I can't really find any information on what needs to be done to upgrade.

Can I just run "docker-compose down", then download 2.1, replace harbor.yml from my 2.0 folder and run ./prepare and "docker-compose up -d"?
Or are there any other steps or things I need to think about?


Skipping Community Meeting this week #cal-cancelled

Alex Xu
 

Hey everyone
 
We will not be holding the Harbor community meeting this week since the team is on national holiday. If there's anything urgent, please feel free to reach out on Slack.  We will also start our Office Hours very soon. 
 
Thanks,
The Harbor Team


Non-critical severity vulnerability in Harbor (CVE-2020-13794) #security

Alex Xu
 

Attention Harbor users,


A new Harbor security advisory has been published at https://github.com/goharbor/harbor/security/advisories/GHSA-q9p8-33wc-h432


The vulnerability has already been fixed in the newly released v2.1.0 and v2.0.3.  Please upgrade to these versions as soon as possible.   If you have any concerns about this timeline, please reach out to us.

Description

Dutch Government Security Team has discovered an enumeration vulnerability that lists all users with their respective user_IDs when doing authenticated API calls (basic auth) to "/api/users/search?username=_"


CURL example:


curl -X GET "https://harbor.diensten.test.REDACTED.nl/api/users/search?username=_" -H "accept: application/json" --user REDACTED@...


The vulnerability was immediately fixed by the Harbor team and all supported versions were patched.


Known Attack Vectors

Successful exploitation of this issue will lead to enumeration of users and their IDs


**Patches

This is already patched in the v2.1.0 released today but we will also make the fix available in the upcoming v2.0.3

https://github.com/goharbor/harbor/releases/tag/v2.1.0

https://github.com/goharbor/harbor/releases/tag/v2.0.3


For more information

View our security policy at https://github.com/goharbor/harbor/security/policy

If you have any questions or comments about this advisory, please contact cncf-harbor-security@...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13794


Harbor v2.1 now live!

Alex Xu
 

Hi all, we’re pleased to announce Harbor v2.1 GA is now live!  Key features include

  • Harbor functioning as Proxy Cache (super useful to mitigate against Dockerhub's recent announcement on strict rate-limiting)
  • Non-blocking Garbage Collection
  • P2P distribution capability through Dragonfly and Kraken
  • Sysdig Image Scanner Integration
  • expanded support for hosting AI/Machine Learning on Kubernetes data models
Thanks to the community and Sysdig for all the great work!  Please give it a try and looking forward to any feedback you may have

Best,
Alex Xu


Re: Notary howto doc, I will write if someone else will help me!

symgryph@...
 

I would be willing to work with you on that. I have a video server we could use if you’re interested.

Thomas J Munn


On Sep 1, 2020, at 07:44, stephankaps80 via lists.cncf.io <stephankaps80=googlemail.com@...> wrote:

I have got the same problem 
the links do not work (anymore)


Re: Notary howto doc, I will write if someone else will help me!

stephankaps80@...
 

I have got the same problem 
the links do not work (anymore)


Re: How to handle certificates for remote registry correctly #security

stephankaps80@...
 

maybe this is kind of the thing https://github.com/goharbor/harbor/issues/7176

but first of all it would be good to know, what needs to be done to make the "verify remote cert" work


How to handle certificates for remote registry correctly #security

stephankaps80@...
 
Edited

I want to configure a replication between harbor and a docker registry.
The docker registry is secured by self-signed certificates, which I copied to /etc/docker/certs.d/dockerregistry.mydomain/ (.cert , .crt files) on the harbor host.

But when I configure the registry in harbor with verify remote cert, the failure "failed to ping endpoint" occurs.

What is missing or what am I doing wrong? 

(I am using v2.0.1 and of course did a docker-compose down and up already)


please update to Harbor v2.0.1 to address vulnerabilities #security

Michael Michael <michmike@...>
 

Attention Harbor Users,
 
Please upgrade Harbor to release 2.0.1 (https://github.com/goharbor/harbor/releases/tag/v2.0.1). 
That is the release of Harbor that has been patched to address the security advisories listed below.
 
https://github.com/goharbor/harbor/security/advisories/GHSA-33p6-fx42-7rf5
https://github.com/goharbor/harbor/security/advisories/GHSA-q9x4-q76f-5h5j
 
Let us know if you have any questions or concerns.
 
-Harbor Maintainers


Harbor has reached the Graduated stage in CNCF

Michael Michael <michmike@...>
 

Our amazing community!!!! It is with incredible pride that we announce that Harbor has reached the Graduated stage. Hello CNCF from project #11. A huge Thank You to our contributors, users, and the maintainer team.
https://twitter.com/project_harbor/status/1275462128346923010


Re: About harbor multi authentication mode

daojunz
 

Muti auth mode is not supported

 

Best regards,

Stone (张道军)

Software Engineer, CNA, VMware R&D

 

-- 

 

 

From: <harbor-users@...> on behalf of "13287561406 via lists.cncf.io" <13287561406=163.com@...>
Reply-To: "harbor-users@..." <harbor-users@...>
Date: Friday, June 19, 2020 at 12:30 PM
To: "harbor-users@..." <harbor-users@...>
Subject: [harbor-users] About harbor multi authentication mode

 

I want to configure multi authentication mode, does any body has any idea about how to cofigure multi authentication mode


About harbor multi authentication mode

13287561406@...
 

I want to configure multi authentication mode, does any body has any idea about how to cofigure multi authentication mode


any idea about 500 Internal Server Error with minio s3 backend ?

kamedodji@...
 

Hello!

I install harbor v2.0 registry with helm v1.4.0 chart on my kubernetes (k3s.io) cluster.
It's work fine with "filesystem" backend but i got 500 Internal Server Error with minio s3 backend.

Any idea about that issue ?

Thanks
Kwame


NO USA community meeting today #cal-cancelled

Michael Michael <michmike@...>
 

Hey folks,
 
Let's take a break from meetings this week, if there's anything urgent, please feel free to reach out on Slack.
 
Thanks,
The Harbor Team


回复:[harbor-users] Harbor Graduation Vote

wangyijun@...
 

+1 nb

------------------------------------------------------------------
发件人:Michael Michael <michmike@...>
发送时间:2020年5月27日(星期三) 02:12
收件人:harbor-users <harbor-users@...>
主 题:[harbor-users] Harbor Graduation Vote

Users/Contributors/Friends of Harbor, thank you for your continued support for Harbor!

CNCF has called a vote for Harbor graduation. We would love to see your replies to https://lists.cncf.io/g/cncf-toc/topic/vote_harbor_graduation/74482463 to show your support! [First Register at https://lists.cncf.io/register, Join TOC at https://lists.cncf.io/g/cncf-toc]


Harbor Graduation Vote

Michael Michael <michmike@...>
 

Users/Contributors/Friends of Harbor, thank you for your continued support for Harbor!

CNCF has called a vote for Harbor graduation. We would love to see your replies to https://lists.cncf.io/g/cncf-toc/topic/vote_harbor_graduation/74482463 to show your support! [First Register at https://lists.cncf.io/register, Join TOC at https://lists.cncf.io/g/cncf-toc]


Re: harbor api for accessing "info" field in repo

Steven Zou
 

Could you try `GET http(s)://<harbor-hostname>/api/repositories/{repo_name}`?  The `description` field of the returned repository model is the `info` data you’re looking for.

 

thanks&regards

-- 

Steven Zou(邹佳)

 

Engineer, MAP(Modern Application Platform), VMware R&D | Harbor Maintainer

 

Mail: szou@...

GitHub: github.com/steven-zou

Cell: +8618600021252

Addr: 9F Tower C, Raycom Info Tech Park, No. 2 Kexueyuan South Road Haidian District, Beijing 100738 China

 

 

 

From: <harbor-users@...> on behalf of "vlakshmi70 via lists.cncf.io" <vlakshmi70=yahoo.com@...>
Reply-To: "harbor-users@..." <harbor-users@...>
Date: Tuesday, May 26, 2020 at 22:24
To: "harbor-users@..." <harbor-users@...>
Subject: Re: [harbor-users] harbor api for accessing "info" field in repo

 

Steven,
Yes I couldn't find one for GETTer API for "info" field in the repo APIs.
I am using v1.8 of harbor.
Not sure if this API for getting the "info" field has been added in a later revision??

Thanks


Re: harbor api for accessing "info" field in repo

vlakshmi70@...
 

Steven,
Yes I couldn't find one for GETTer API for "info" field in the repo APIs.
I am using v1.8 of harbor.
Not sure if this API for getting the "info" field has been added in a later revision??

Thanks


Re: harbor api for accessing "info" field in repo

Steven Ren
 

Hi Vlakshmi,

     If you installed Harbor, in Harbor UI, there is an API explorer page at the left bottom of the page,

You can see all the APIs at there. Hope this helps.

Best regards,

Steven

 

From: <harbor-users@...> on behalf of "vlakshmi70 via lists.cncf.io" <vlakshmi70=yahoo.com@...>
Reply-To: "harbor-users@..." <harbor-users@...>
Date: Tuesday, May 26, 2020 at 6:43 PM
To: "harbor-users@..." <harbor-users@...>
Subject: [harbor-users] harbor api for accessing "info" field in repo

 

Hi,
Is there an API to get the "info" field in repo similar to say getting the label or tag for a repo-name.
curl -X GET "https://harbor.com/api/ repositories/{repo_name}/info" -H "accept: application/json"

thanks.


harbor api for accessing "info" field in repo

vlakshmi70@...
 

Hi,
Is there an API to get the "info" field in repo similar to say getting the label or tag for a repo-name.
curl -X GET "https://harbor.com/api/ repositories/{repo_name}/info" -H "accept: application/json"

thanks.

81 - 100 of 264