What's Changed
Exciting New Features 🎉
- Update table scan_report and extract cvss_v3_score from vendor attribute by @stonezdj in #18854
- Add costomized banner message UI by @AllForNothing in #18827
- Add worker parameter for GC by @AllForNothing in #18882
- add notation support by @wy65701436 in #18909
- enable notary v2 policy checker by @wy65701436 in #18927
- Add vulnerability search API by @stonezdj in #18924
- Add Notation UI for deployment security by @AllForNothing in #18952
- Add Security Hub UI by @AllForNothing in #18942
- support nydus as a accessory by @wy65701436 in #18953
Enhancement 🚀
- Fix message prompt under the header by @AllForNothing in #18613
- fix: improve the performance of list artifacts by @chlins in #18610
- Improve repo_read_only header on the UI by @AllForNothing in #18729
- Add a text to explain the time window for GC by @AllForNothing in #18735
- add more details in gc history by @wy65701436 in #18779
- feat: Optimize quota checking when pushing images by @lengrongfu in #17392
- Add a tooltip for slack notification by @AllForNothing in #18787
- 【UT】add unit test for collector system info by @lengrongfu in #18717
- Add Details column for gc history by @AllForNothing in #18797
- Add Podman push command to the UI by @AllForNothing in #18810
- Add new client Podman to the pull command by @AllForNothing in #18857
- add multiple deletion of GC by @wy65701436 in #18855
- perf: introduce update quota by redis by @chlins in #18871
- Add security hub summary API by @stonezdj in #18872
- Create index in vulnerability_record table by @stonezdj in #18949
- feat: add the configuration for quota update provider by @chlins in #18928
Component updates ⬆️
- fix: fix error bitsize of jobservice reaper scan locks by @chlins in #18487
- bump golang 1.20.3 on main by @MinerYang in #18492
- feat: update TRIVYVERSION=v0.39.0 & TRIVYADAPTERVERSION=v0.30.10 by @zyyw in #18501
- Reword quota definitions based on user input by @OrlinVasilev in #18512
- Synchronize text modification of quota tooltip to all the i18n files by @AllForNothing in #18518
- GC: correctly handle manifest unknown (404) condition in v2DeleteManifest retry loop by @dkulchinsky in #18386
- Change the permissions of the *.go file from 0755 to 0644 by @Iceber in #17919
- feat: log with trace ID by @pgillich in #18181
- Fix typos in common.sh by @Maxi-Mega in #18151
- bump golang.org/x/net && helm.sh/helm/v3 on main by @MinerYang in #18545
- Update position to vertical-align for copy button by @AllForNothing in #18563
- Add missing i18n key-value for helm chart by @AllForNothing in #18578
- Allow redis password using safe special characters by @MinerYang in #18566
- add goheader linter settings by @MinerYang in #18503
- fix: link to Github's rate limiting documentation. by @perjahn in #18588
- fix: error log use wrong variable err by @dyf991645 in #18602
- Upgrade the internal PostgreSQL to 14 in 2.9.0 by @YangJiao0817 in #18612
- Improve zh-tw (Traditional Chinese) locale by @PeterDaveHello in #18608
- bump golang 1.20.4 on main by @MinerYang in #18647
- fix: sweep executions of image scan job by @chlins in #18649
- fix: cherry pick the migration sql by @chlins in #18644
- chore: replace
github.com/ghodss/yamlwithsigs.k8s.io/yamlby @Juneezee in #18606 - Bump kentaro-m/auto-assign-action from 1.2.4 to 1.2.5 by @dependabot in #18263
- Changed logic search projects in gitlab adapter by @lxShaDoWxl in #18529
- bump up github.com/distribution/distribution v2.8.2 by @MinerYang in #18687
- fix: add retry on the caller of v2DeleteManifest instead within v2DeleteManifest by @zyyw in #18662
- Fix the channel that never receives a value by @iAklis in #18139
- Use subtle.ConstantTimeCompare instead of compare directly by @stonezdj in #18697
- Upgrade Angular and Clarity to the latest version by @AllForNothing in #18709
- chore: bump registry release to 2.8.2 by @DavidSpek in #18685
- Add support for TLSv1.3 in nginx configurations by @malmor in #18659
- set tag pull time for proxy cache by @wy65701436 in #18731
- http2 enabled and ciphers changed to get an A+ rating instead of B fr… by @mcsage in #16990
- Return error when proxy cache get too many request error(429) by @stonezdj in #18728
- 【optimization】Use URL.Redacted method repleace redacted by @lengrongfu in #18716
- Fix syntax errors in comments by @lishaokai1995 in #18746
- add strong_ssl_ciphers for nginx https jinja template by @MinerYang in #18748
- fix: import optimization by @testwill in #18727
- fix invalid access action by @orblazer in #18188
- Fix: fix function name in comments by @cuishuang in #18726
- fix: clean up scan executions and reports after deleting artifact by @chlins in #18693
- Remove wrong format for boolean value in api definition by @sll552 in #18783
- fix: add checkpoint when enqueue scan tasks for scan all by @chlins in #18680
- Update/improve grafana dashboard by @mac-chaffee in #16661
- fix: optimize the mechanism of quota refresh by @chlins in #18795
- Update the text for the oidc cli secret tooltip by @AllForNothing in #18814
- jobservice: add DB to job logger config by @liubin in #18821
- jobservice: update readme by @liubin in #18849
- refactor: migrate the redis command keys to scan by @chlins in #18825
- Add unit test for hidden columns by @AllForNothing in #18873
- support OCI-Subject header by @wy65701436 in #18885
- Correct the hidden property for clrDgHideableColumn by @AllForNothing in #18890
- API: update ScannerRegistration.properties.url format by @liubin in #18799
- chore: upgrade golang-migrate to v4.16.2 by @chlins in #18879
- fix: add password/secret length check to be <= 128 by @zyyw in #18916
- update icons by @vndroid in #18767
- Log warning message when current user is freeze by @stonezdj in #18937
- fix: correct the operator in the webhook payload by @chlins in #18906
- Update the regex for policy name and the tooltip message by @AllForNothing in #18947
- fix: replication policy cron setting - the 1st field must be 0; the Minutes field cannot be ADOPTERS.md CHANGELOG.md CODEOWNERS CONTRIBUTING.md LICENSE Makefile OWNERS.md README.md RELEASES.md ROADMAP.md SECURITY.md VERSION api assets codecov.yml contrib docs gha-creds-d7c9fcbf98d3c67c.json harbor icons make src tests tools by @zyyw in #18923
- Update the parameter to search cosign by @AllForNothing in #18963
- refactor: remove duplicated artifact deletion handler by @chlins in #18959
- refactor: replace the gc redigo client to the standard cache by @chlins in #18965
- feat: add config for job_loggers by @zyyw in #18970
- fix: bump-up TRIVYVERSION=v0.43.0 and TRIVYADAPTERVERSION=v0.30.14 by @zyyw in #18993
- Fix wrong scanned artifact count when there are multiple report for an artifact by @stonezdj in #18975
- add migration script for 2.9 by @MinerYang in #18997
- Skip to run migrate script when data available by @stonezdj in #18976
- update installation hint by @MinerYang in #19024
- Conserve sentinel_master_set value between upgraded versions by @sixeela in #18875
- fix accessory import issue by @wy65701436 in #19053
- fix dry run creation time by @wy65701436 in #19060
- Update security hub ui by @AllForNothing in #19062
- Remove cache for project policy updating by @AllForNothing in #19068
- Update style for banner message ui by @AllForNothing in #19069
- Add validator for duration of banner message by @AllForNothing in #19057
- bump golang 1.20.6 on main by @MinerYang in #19066
- fix: bump up TRIVYVERSION=v0.44.0 and TRIVYADAPTERVERSION=v0.30.15 by @zyyw in #19087
- Merge cosign check and notation check by @AllForNothing in #19079
- Update ui for gc history and banner message by @AllForNothing in #19094
- Show banner message on log in page by @AllForNothing in #19078
- Update cron ui for add replicatipn rule page by @AllForNothing in #19083
- Convert the string �\ to number 0 by @AllForNothing in #19080
- fix: fix replication list projects with pure numberic name by @chlins in #19090
- Update style for add-replication-rule page by @AllForNothing in #19100
- Fix incorrect artifact and scanned artifact count issue by @stonezdj in #19106
- Add artifact digest to query condition by @stonezdj in #19102
- Sort most dangerous vulnerabilities by score and severity level by @stonezdj in #19103
- fix ScheduleObj.type in swagger by @wy65701436 in #19109
- fix: skip to delete scan reports if the digest still referenced by @chlins in #19110
- Update ui to fix some issues by @AllForNothing in #19101
- bump golang 1.20.7 on main by @MinerYang in #19111
- [Cherry-pick] fix: add storage_limit check (add ValidateQuotaLimit as a general met… by @zyyw in #19144
- [Cherry-pick] fix: cron string validation (the 1st field of a cron string must be 0… by @zyyw in #19145
- log: change log level to reduce the noise logs by @chlins in #19165
- [cherry-pick] chore: fix incorrect otel timeout in harbor yaml template by @chlins in #19123
- [Cherry-pick]ignore spaces for vulnerability filters by @AllForNothing in #19181
- [Cherry-pick]Update the max length for the filters by @AllForNothing in #19195
- [cherry-pick] fix: support customize cache db for business by @chlins in #19190
- (cherry-pick) Filter artifact without CVE from top 5 dangerous artifacts by @stonezdj in #19203
- (cherry-pick) Wrong artifact scanned count by @stonezdj in #19205
- fix gc dry run issue by @wy65701436 in #19210
- [Cherry-pick]Add new uri path to ShouldNotReuseRoute array by @AllForNothing in #19218
- (cherry-pick) Refine total artifact and scanned artifact by @stonezdj in #19229
- [Cherry-pick]Add a tooltip for the page title of security hub by @AllForNothing in #19232
- [Cherry-pick]Switch to a new chart library by @AllForNothing in #19263
Docs update 🗄️
- Specify proper language in CONTRIBUTING.md code blocks by @PeterDaveHello in #18605
- fix: non-ASCII chars in swagger.yaml by @liubin in #18642
Community update 🧑🏻🤝🧑🏾
- Update proposal process with steps and board by @OrlinVasilev in #18379
- Add Dynatrace as adopter and fix master to main by @OrlinVasilev in #18823
Deprecations ❌
- Remove notary test cases by @YangJiao0817 in #18620
- Remove notary UI by @AllForNothing in #18666
- remove the notary from backend by @wy65701436 in #18668
Other Changes
- Bump mheap/github-action-required-labels from 3 to 4 by @dependabot in #18472
- Update UI testcases by @YangJiao0817 in #18491
- bump base version by @wy65701436 in #18485
- Update nightly-trivy-scan.yml for the workflows by @AllForNothing in #18510
- Upgrade harbor-portal to v2.9.0 by @AllForNothing in #18525
- Add Job Service Dashboard Schedules testcase by @YangJiao0817 in #18555
- Handling skipped but required checks by @YangJiao0817 in #18564
- Fix Handling skipped but required checks by @YangJiao0817 in #18570
- Update Support Matrix by @YangJiao0817 in #18540
- Fix setup docker error by @YangJiao0817 in #18583
- Add Job Service Dashboard Workers testcase by @YangJiao0817 in #18580
- Replace python script with node script for portal Dockerfile by @AllForNothing in #18635
- Copy swagger.json to the dist folder by @AllForNothing in #18646
- Refresh the base images when building on main by @YangJiao0817 in #18661
- Fix build db base image symlink error by @YangJiao0817 in #18673
- Bump google-github-actions/setup-gcloud from 0 to 1 by @dependabot in #17772
- Fix setup-gcloud fails when building package by @YangJiao0817 in #18682
- Add Retain image last pull time API test case by @YangJiao0817 in #18689
- Add Retain image last pull time UI test case by @YangJiao0817 in #18695
- Update e2e engine image by @YangJiao0817 in #18747
- Add Referrers API testcase by @YangJiao0817 in #18775
- Add podman pull & push testcase by @YangJiao0817 in #18790
- chore(deps): bump mheap/github-action-required-labels from 4 to 5 by @dependabot in #18805
- Refactor the keyword in the testcase by @YangJiao0817 in #18898
- Add replication by chunk testcase by @YangJiao0817 in #18904
- Add CloudEvents format webhook testcase by @YangJiao0817 in #18908
- Add OIDC filter group testcase by @YangJiao0817 in #18914
- Add CVE Allowlist expires Test Cases by @YangJiao0817 in #18921
- Fix APITEST_DB_PROXY_CACHE x509 by @YangJiao0817 in #18977
- Update webhook and replication testcase by @YangJiao0817 in #18998
- Fix build harbor-db-base error by @YangJiao0817 in #19003
- Bump up photon version from 4.0 to 5.0 by @YangJiao0817 in #19006
- [cherry-pick]Bump up setup-gcloud to 430.0.0 by @YangJiao0817 in #19118
- Update the image version for trivy scan by @AllForNothing in #19265
New Contributors
- @pgillich made their first contribution in #18181
- @Maxi-Mega made their first contribution in #18151
- @yrs147 made their first contribution in #18282
- @perjahn made their first contribution in #18588
- @dyf991645 made their first contribution in #18602
- @iAklis made their first contribution in #18139
- @DavidSpek made their first contribution in #18685
- @malmor made their first contribution in #18659
- @mcsage made their first contribution in #16990
- @lishaokai1995 made their first contribution in #18746
- @orblazer made their first contribution in #18188
- @cuishuang made their first contribution in #18726
- @sll552 made their first contribution in #18783
- @vndroid made their first contribution in #18767
Full Changelog: v2.8.0...v2.9.0-rc3