|
Upgrade from 2.0 to 2.1
patric@...
Hi,
I have an installation av Harbor 2.0 and want to upgrade to 2.1 I can't really find any information on what needs to be done to upgrade. Can I just run "docker-compose down", then download 2.1, replace harbor.yml from my 2.0 folder and run ./prepare and "docker-compose up -d"? Or are there any other steps or things I need to think about?
|
|
|
|
Skipping Community Meeting this week
#cal-cancelled
Alex Xu
Hey everyone
We will not be holding the Harbor community meeting this week since the team is on national holiday. If there's anything urgent, please feel free to reach out on Slack. We will also start our Office Hours very soon.
Thanks,
The Harbor Team
|
|
|
|
Non-critical severity vulnerability in Harbor (CVE-2020-13794)
#security
Alex Xu
Attention Harbor users, A new Harbor security advisory has been published at https://github.com/goharbor/harbor/security/advisories/GHSA-q9p8-33wc-h432 The vulnerability has already been fixed in the newly released v2.1.0 and v2.0.3. Please upgrade to these versions as soon as possible. If you have any concerns about this timeline, please reach out to us. DescriptionDutch Government Security Team has discovered an enumeration vulnerability that lists all users with their respective user_IDs when doing authenticated API calls (basic auth) to "/api/users/search?username=_" CURL example: curl -X GET "https://harbor.diensten.test.REDACTED.nl/api/users/search?username=_" -H "accept: application/json" --user REDACTED@... The vulnerability was immediately fixed by the Harbor team and all supported versions were patched. Known Attack VectorsSuccessful exploitation of this issue will lead to enumeration of users and their IDs **PatchesThis is already patched in the v2.1.0 released today but we will also make the fix available in the upcoming v2.0.3 https://github.com/goharbor/harbor/releases/tag/v2.1.0 https://github.com/goharbor/harbor/releases/tag/v2.0.3 For more informationView our security policy at https://github.com/goharbor/harbor/security/policy If you have any questions or comments about this advisory, please contact cncf-harbor-security@... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13794
|
|
|
|
Harbor v2.1 now live!
Alex Xu
Hi all, we’re pleased to announce Harbor v2.1 GA is now live! Key features include
Best, Alex Xu
|
|
|
|
Re: Notary howto doc, I will write if someone else will help me!
symgryph@...
I would be willing to work with you on that. I have a video server we could use if you’re interested.
toggle quoted messageShow quoted text
Thomas J Munn
On Sep 1, 2020, at 07:44, stephankaps80 via lists.cncf.io <stephankaps80=googlemail.com@...> wrote:
|
|
|
|
Re: Notary howto doc, I will write if someone else will help me!
stephankaps80@...
I have got the same problem
the links do not work (anymore)
|
|
|
|
Re: How to handle certificates for remote registry correctly
#security
stephankaps80@...
maybe this is kind of the thing https://github.com/goharbor/harbor/issues/7176
but first of all it would be good to know, what needs to be done to make the "verify remote cert" work
|
|
|
|
How to handle certificates for remote registry correctly
#security
I want to configure a replication between harbor and a docker registry.
The docker registry is secured by self-signed certificates, which I copied to /etc/docker/certs.d/dockerregistry.mydomain/ (.cert , .crt files) on the harbor host. But when I configure the registry in harbor with verify remote cert, the failure "failed to ping endpoint" occurs. What is missing or what am I doing wrong? (I am using v2.0.1 and of course did a docker-compose down and up already)
|
|
|
|
please update to Harbor v2.0.1 to address vulnerabilities
#security
Michael Michael <michmike@...>
Attention Harbor Users,
Please upgrade Harbor to release 2.0.1 (https://github.com/goharbor/harbor/releases/tag/v2.0.1).
That is the release of Harbor that has been patched to address the security advisories listed below.
https://github.com/goharbor/harbor/security/advisories/GHSA-33p6-fx42-7rf5
https://github.com/goharbor/harbor/security/advisories/GHSA-q9x4-q76f-5h5j
Let us know if you have any questions or concerns.
-Harbor Maintainers
|
|
|
|
Harbor has reached the Graduated stage in CNCF
Michael Michael <michmike@...>
Our amazing community!!!! It is with incredible pride that we announce that Harbor has reached the Graduated stage. Hello CNCF from project #11. A huge Thank You to our contributors, users, and the maintainer team.
https://twitter.com/project_harbor/status/1275462128346923010
|
|
|
|
Re: About harbor multi authentication mode
daojunz
Muti auth mode is not supported
Best regards, Stone (张道军) Software Engineer, CNA, VMware R&D
--
From: <harbor-users@...> on behalf of "13287561406 via lists.cncf.io" <13287561406=163.com@...>
I want to configure multi authentication mode, does any body has any idea about how to cofigure multi authentication mode
|
|
|
|
About harbor multi authentication mode
13287561406@...
I want to configure multi authentication mode, does any body has any idea about how to cofigure multi authentication mode
|
|
|
|
any idea about 500 Internal Server Error with minio s3 backend ?
kamedodji@...
Hello!
I install harbor v2.0 registry with helm v1.4.0 chart on my kubernetes (k3s.io) cluster. It's work fine with "filesystem" backend but i got 500 Internal Server Error with minio s3 backend. Any idea about that issue ? Thanks Kwame
|
|
|
|
NO USA community meeting today
#cal-cancelled
Michael Michael <michmike@...>
Hey folks,
Let's take a break from meetings this week, if there's anything urgent, please feel free to reach out on Slack.
Thanks,
The Harbor Team
|
|
|
|
回复:[harbor-users] Harbor Graduation Vote
wangyijun@...
+1 nb
|
|
|
|
Harbor Graduation Vote
Michael Michael <michmike@...>
Users/Contributors/Friends of Harbor, thank you for your continued support for Harbor!
CNCF has called a vote for Harbor graduation. We would love to see your replies to https://lists.cncf.io/g/cncf-toc/topic/vote_harbor_graduation/74482463 to show your support! [First Register at https://lists.cncf.io/register, Join TOC at https://lists.cncf.io/g/cncf-toc]
|
|
|
|
Re: harbor api for accessing "info" field in repo
Steven Zou
Could you try `GET http(s)://<harbor-hostname>/api/repositories/{repo_name}`? The `description` field of the returned repository model is the `info` data you’re looking for.
thanks®ards -- Steven Zou(邹佳)
Engineer, MAP(Modern Application Platform), VMware R&D | Harbor Maintainer
Mail: szou@... GitHub: github.com/steven-zou Cell: +8618600021252 Addr: 9F Tower C, Raycom Info Tech Park, No. 2 Kexueyuan South Road Haidian District, Beijing 100738 China
From: <harbor-users@...> on behalf of "vlakshmi70 via lists.cncf.io" <vlakshmi70=yahoo.com@...>
Steven,
|
|
|
|
Re: harbor api for accessing "info" field in repo
vlakshmi70@...
Steven,
Yes I couldn't find one for GETTer API for "info" field in the repo APIs. I am using v1.8 of harbor. Not sure if this API for getting the "info" field has been added in a later revision?? Thanks
|
|
|
|
Re: harbor api for accessing "info" field in repo
Steven Ren
Hi Vlakshmi, If you installed Harbor, in Harbor UI, there is an API explorer page at the left bottom of the page, You can see all the APIs at there. Hope this helps. Best regards, Steven
From: <harbor-users@...> on behalf of "vlakshmi70 via lists.cncf.io" <vlakshmi70=yahoo.com@...>
Hi,
|
|
|
|
harbor api for accessing "info" field in repo
vlakshmi70@...
Hi,
Is there an API to get the "info" field in repo similar to say getting the label or tag for a repo-name. curl -X GET "https://harbor.com/api/ repositories/{repo_name}/info" -H "accept: application/json" thanks.
|
|
|