Signed-off-by: He Weiwei <hweiwei@vmware.com>

Signed-off-by: He Weiwei <hweiwei@vmware.com>

Fixes #11885
This part will not by default be packaged into release.
A README.md will be added in another commit.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>

Signed-off-by: He Weiwei <hweiwei@vmware.com>

Signed-off-by: Ziming Zhang <zziming@vmware.com>

Signed-off-by: wang yan <wangyan@vmware.com>

The new version of the adapter service improves the Redis connection pool
management. In the previous versions a new connection pool was created for
each scan job, which might negatively impact the performance and resources
utilisation.

There is also a bug fix in Trivy v0.9.1 to properly handle the debug mode.
Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>

Fix #12259
Signed-off-by: Max Rosin <git@hackrid.de>

Signed-off-by: wang yan <wangyan@vmware.com>

This commit bumps up Trivy to resolve the following issues reported
in the aquasecurity/harbor-scanner-trivy repository:

- https://github.com/aquasecurity/harbor-scanner-trivy/issues/114
- https://github.com/aquasecurity/harbor-scanner-trivy/issues/108



Note that this adapter vendors in Trivy v0.9.0 which has changed
the algorithm for qualifying severities. Previous versions of Trivy
preferred NVD scores, whereas this version will use vendor score
whenever it's possible.

We believe it's more suitable approach for qualifying severities.
Even though this change might impact vulnerability summaries in
some cases, the total number of vulnerabilities should stay the
same.
Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>

This commit bumps up Trivy to 0.7.0 and Trivy adapter service to 0.10.0
in order to handle scratch and slim images, for which we cannot detect
the underlying operating system.

Resolves: #11964
Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>

1. Add replication schedule test;
2. Add some sleep after project creation before push image to avoid push image v2 error.
   It fixed issue# 12094: Scan image vmware/photon:1.0 return unsupported occasionally.
3. Add some sleep in test_user_view_logs.py, can't get operation logs sometimes.
Signed-off-by: danfengliu <danfengl@vmware.com>

Upgrade chartmuseum version 0.12.0
Signed-off-by: DQ <dengq@vmware.com>

This release adds ubuntu support for newer releases and fixes an issue where RHEL updaters bailed to quickly.

https://github.com/quay/clair/releases/tag/v2.1.3

Signed-off-by: Leo Le Bouter <leo.lebouter-ext@aphp.fr>

Signed-off-by: Ziming Zhang <zziming@vmware.com>

1. Enable `security` in the swagger.yaml.
2. Include `basic` auth in `security` to make the generated python
client by `swagger-codegen-cli` work with basic authorization.
3. Include `anonymous` auth in `security` to make APIs of v2.0 generated
by `goswagger` work with `security` middleware.

Closes #11771
Signed-off-by: He Weiwei <hweiwei@vmware.com>

Clair v2.1.2 has been released to fix the RHEL updater issue.
https://github.com/quay/clair/releases/tag/v2.1.2

Signed-off-by: wang yan <wangyan@vmware.com>

Signed-off-by: Ziming Zhang <zziming@vmware.com>

- Vendor the latest Trivy release 0.6.0
- Configure TLS 1.2 as min version when TLS is enabled
- Add more tracing to adapter config to facilitate troubleshooting

Resolves: #11544
Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>

Signed-off-by: He Weiwei <hweiwei@vmware.com>

In this version of Trivy we improved error handling
when Trivy cannot open the Trivy DB file. If it fails,
the  error is catched to retry the DB file download.

Resolves: #11373
Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>

Signed-off-by: Ziming Zhang <zziming@vmware.com>

Because migrator tool removed
Signed-off-by: DQ <dengq@vmware.com>

Add a seperated swagger file for chart API as these APIs have no version
Signed-off-by: Wenkai Yin <yinw@vmware.com>

Resolves: #11284
Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>

Resolves: #11090
Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>

Add trivy tls cert files
Add tivey tls env and config
enhance gencert
Signed-off-by: DQ <dengq@vmware.com>

Signed-off-by: DQ <dengq@vmware.com>

Allows configuring SCANNER_TRIVY_GITHUB_TOKEN environment variable,
which is passed to trivy executable binary when it starts scanning
a given artifact.

This is to increase GitHub requests rate limit from 60 per hours
(for anonymous requests) to 5000 when Trivy download its
vulnerabilities database.
Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>

Signed-off-by: Ziming Zhang <zziming@vmware.com>

The vesrion contains two security bug fix - CVE-2020-0601, CVE-2020-7919

More details, see the golang milestone:

https://github.com/golang/go/issues?q=milestone%3AGo1.13.8+label%3ACherryPickApproved

Signed-off-by: wang yan <wangyan@vmware.com>

Signed-off-by: Ziming Zhang <zziming@vmware.com>

Signed-off-by: Ziming Zhang <zziming@vmware.com>

Package trivy adapter image into offline image and ship dev to hub
Signed-off-by: wang yan <wangyan@vmware.com>

enhance go_check order to make it fail earlier
Signed-off-by: Ziming Zhang <zziming@vmware.com>

Signed-off-by: Ziming Zhang <zziming@vmware.com>

Enable _xsrf in cookies in swagger.yaml, so that scripts don't have to handle it.
Signed-off-by: danfengliu <danfengl@vmware.com>

1. Add middleware to record the accepted blob size for stream blob
upload.
2. Add middleware to create blob and associate it with project after blob upload
complete.
3. Add middleware to sync blobs, create blob for manifest and associate blobs
with the manifest after put manifest.
4. Add middleware to associate blob with project after mount blob.
5. Cleanup associations for the project when artifact deleted.
Signed-off-by: He Weiwei <hweiwei@vmware.com>

Add v2 swagger.yaml python library.
Signed-off-by: danfengliu <danfengl@vmware.com>

Bump up the version of legacy APIs to v2.0
Signed-off-by: Wenkai Yin <yinw@vmware.com>