Harbor 2.6 is about to land in the next days containing some long-awaited functionalities and two important deprecations.
With over 150 enhancements and bug fixes, this release further improves stability and reliability.
The deprecation hits Notary and ChartMuseum, which was used in Harbor to store Helm Chart Repositories.
While the deprecation of Notary isn’t a big thing for most of us, frankly nobody was using it. The deprecation of
ChartMuseum might impact users, especially those who won’t be able to switch to Helm’s capability to store Charts in OCI Registries.
If you are using the Helm CLI directly, it should be safe and straightforward for you to store Helm Charts in OCI Registries.
You can use the Harbor chart migration tool
to migrate your existing charts to OCI.
Pay attention if use Helm prior version 3.7 or when Helm is stuck in some GitOps or proprietary deployment tools that
can not be updated or switched over OCI. Start looking for alternatives or address this issue with the respective project/vendor.
Giving Harbor’s discontinuation process ,
then Notary and ChartMuseum could be removed as early as version 2.8, so about in 1 year.
Let us look at the new features and changes.
VIDEO
Stats Since the last release
280 Commits 28 Contributors 15 New Contributors 164 Enhancements Contributors Big thanks go out to all the 28 contributors for the Harbor release 2.6.
New Features Cache Layer π° Introduction and improvement of the existing caching mechanism to further improve the performance of pulling artifacts in high concurrency scenario.
Now Harbor is caching projects, repositories, manifest, which should improve the common pull, push and UI operations.
Corresponding PRs: (#16740 ), (#16741 ), (#16891 ),(#16459 )
CVE Export π£ The CVE export capability newly introduced in Harbor 2.6.0 is a crucial part for auditing and monitoring the CVE status of container images.
CVE export opens up opportunities to integrate CVE compliance checks to the software supply
chain and ensure that software is audited against vulnerabilities.
The CVE Export allows users with project admin, developers, or maintainer role to generate and download vulnerabilities reports as CSVs files.
An export can be generated via REST API or UI on a project basis.
Exporting CVEs in Harbor Filter on CVEs to export, based on tags, labels, repositories Corresponding PRs: #16678 ,
#16879 , #15998 ,
#16236
Audit Log π In Harbor audit logs are used to trace pull/push/delete operations on artifact and users, to create a auditable changelog of events.
With audit log rotation you can now periodically clean up audit logs. In addition, it is also possible start an on demand cleanup job. The second improvement regarding audit log is the possibility to forward audit logs in a Syslog message format %2C%20followed%20by%20a%20message.) to a remote server.
Corresponding PRs: #16833 ,
#16941 , #16865 ,
#16914 , #17054
WebAssembly πΈ Harbor now supports and displays WebAssembly Module artifact, when it is carrying the annotation module.wasm.image/variant=compat-smart
.
Corresponding PR: #16931
Additional Features π GDPR compliant deletion of Users. PR #16859 Add stop button for GC. PR #17037 Enhancement π Update docker building for UI by @AllForNothing in #16692 Add dotted line between the artifacts and their accessories by @AllForNothing in #16701 fixed typo in legacy_swagger.yaml file by @tibeer in #16723 Provide more useful error info by @AllForNothing in #16736 Fix some css style issues by @AllForNothing in #16709 Add release.yml to automate release notes #16633 by @OrlinVasilev in #16634 replace install httpd by installing htpasswd binary only by @MinerYang in #16771 Store default page size to local storage by @AllForNothing in #16753 Refactor portal language code by @SimonAlling in #16795 Fix lint errors in portal by @SimonAlling in #16799 Improve replication policy datagrid by @AllForNothing in #16806 fix: improve GC log message by @zyyw in #16790 Improve css for tags column by @AllForNothing in #16811 Allow all roles to see ’listed in CVE allowlist’ column by @AllForNothing in #16860 Improve css for accessories component by @AllForNothing in #16868 Add date/time format setting in portal by @SimonAlling in #16796 Remove message prompt clearing by @AllForNothing in #16894 Modify HarborDatetimePipe to pure pipe to improve performance by @AllForNothing in #16906 fix: add patch for registry layers larger than 10G with S3 backend by @franznemeth in #16322 feat: enabled Github GHCR as proxy cache by @wilmardo in #16834 Add NextScheduledTime in schedule object by @stonezdj in #16925 Add style lint and add code lint to the pipeline by @AllForNothing in #16954 Fix some UI issues by @AllForNothing in #16979 Response the sign status to UI for the public project. by @wy65701436 in #16987 Support stop GC execution by @ywk253100 in #17004 Improve copy command component by @AllForNothing in #17068 Improve cron validator for replication rule by @AllForNothing in #17069 Enhance the read-only API to avoid deleting operations during the job running by @ywk253100 in #17055 Making stale bot a bit more active by @OrlinVasilev in #17115 Remove os.Kill in signal handling by @heylongdacoder in #16111 Return bad request if audit log retention hour > 240000 hour by @stonezdj in #17217 Component updates β¬οΈ pkg/scan: fix dropped error by @alrs in #16712 bump up astaxie/beego@v1.12.1 to beego/beego/@v1.12.7 by @MinerYang in #16770 fix: registry/redis.patch & registry/builder by @zyyw in #16780 Upgrade Angular to 13.3.4 by @AllForNothing in #16772 fix close response missing by @wy65701436 in #16820 add lint with golangci-lint by @MinerYang in #16821 fix staticcheck issues by @wy65701436 in #16828 fix: gc history update_time by @zyyw in #16841 fix artifact count issue by @wy65701436 in #16851 migrate tslint to eslint by @AllForNothing in #16856 Upgrade clarity to the latest version by @AllForNothing in #16840 fix accessory count issue by @wy65701436 in #16866 bump up beego from v1.12.7 to v1.12.9 by @MinerYang in #16904 fix 16883 by @wy65701436 in #16911 fix replcation issue on accessory by @wy65701436 in #16912 support docker compose v2 by @MinerYang in #16919 fix: golangci-lint errcheck by @zyyw in #16920 bump up golang version to v1.18.3 by @MinerYang in #16957 fix(swagger): append scan report version 1.1 to swagger docs by @chlins in #16965 fix(replication): azurecr replication with token (#16888) by @chlins in #16947 fix: update code for golangci-lint gosimple by @zyyw in #16974 fix: refactor code for golangci-lint whitespace by @zyyw in #17005 fix: update the jobservice hook retry concurrency by @chlins in #17024 Remove style-lint package and upgrade @angular-devkit/build-angular by @AllForNothing in #17009 migrate: add db index on artifact repository name by @chlins in #17035 update support for docker compose v2 by @MinerYang in #17039 Unify the process of job schedule/task retrieve and update by @stonezdj in #17012 fix: revise the process of policy update by @chlins in #17021 fix: fix the update of retention policy by @chlins in #17064 fix: bump trivy version to v0.29.2 and bump trivyadapter version to v0.30.0 by @zyyw in #17071 Support stop purge audit log job by @stonezdj in #17033 Fix scan log mismatch issue by @stonezdj in #17085 fix: update preheat api handler and DAO by @chlins in #17079 Upgrade pipenv to 2022.1.8 by @YangJiao0817 in #17093 fix: update code in compliance with golangci-lint revive by @zyyw in #17087 Create index on audit log, execution, artifact for performance by @stonezdj in #17022 Added group_type information for type 3 OIDC group by @Dannyx323 in #17118 fix: attach labels for replication event by @chlins in #17108 resolve copy failure for artifact with multiple accessories by @wy65701436 in #17123 Add options to the user.Count method by @stonezdj in #16285 fix: repair execution status when it inconsistent by @chlins in #17128 Added Tag Retention Permission to Developer by @DarthBlair in #16514 resolve robot authgen password format issue by @wy65701436 in #17134 Developer role should be able to view tag-retention rules by @AllForNothing in #17138 Hide pull command for Nydus by @AllForNothing in #17143 Fix to CVE Data Export functionality for images pushed by docker push
by @prahaladdarkin in #17182 fix: remove redundant check due to always false by @zyyw in #17206 Fix log rotation UI issues by @AllForNothing in #17220 Fix cve export UI issues by @AllForNothing in #17227 Disable Nydus middleware for v2.6 by @MinerYang in #17233 bumpup golang version to v1.18.4 by @MinerYang in #17257 Fix router issues for UI by @AllForNothing in #17235 Add permission check to CVE export by @AllForNothing in #17267 [Cherry-pick]Fix null pointer issue for creating reolication rule by @AllForNothing in #17276 upgrade: bump up beego to 1.12.11 by @chlins in #17278 Docs update ποΈ README.md: fix broken links to badges and Swagger editor by @koushik-ms in #16910 Add new template file for PRs by @OrlinVasilev in #16645 Add CODEOWNERS all maintainers by @OrlinVasilev in #16670 In SECURITY.md, fix broken link to RELEASES.md by @stefanlasiewski in #17019 Other Changes Bump TRIVYVERSION to v0.24.2 and bump TRIVYADAPTERVERSION to v0.26.0 by @YangJiao0817 in #16486 fix: resolve conformance test failed issue by @zyyw in #16478 bump up base version to v2.6 by @wy65701436 in #16481 Add a new robot permission and sort permissions by @AllForNothing in #16487 docs: Link to latest/edge docs instead of 2.0.0 by @SimonAlling in #14945 Improve style and correct typos by @AllForNothing in #16498 Add online latest installer package by @YangJiao0817 in #16148 Update readme by @AllForNothing in #16501 Add replication index testcase by @YangJiao0817 in #16502 Update trivy test case by @YangJiao0817 in #16493 add transaction for artifact delete by @wy65701436 in #16506 Updated translation for 2.5 by @sluetze in #16509 refactor: import go-redis to core as replacement of redigo by @chlins in #16492 fix: enable one skipped conformance test by @zyyw in #16521 Fix duplicate labels issue by @AllForNothing in #16527 add cosign signature icon by @wy65701436 in #16533 Add cosign icon by @AllForNothing in #16531 enhance health validataion by @wy65701436 in #16549 Update push and pull command for helm by @AllForNothing in #16552 lib/q: fix dropped test error by @alrs in #16494 Improve UI with more inclusive words by @AllForNothing in #16548 Add secret to download file when refreshing robot secret by @AllForNothing in #16564 update log with more inclusive language by @wy65701436 in #16569 update french translation by @bmfp in #16570 Modify setup-gcloud from master to v0 by @YangJiao0817 in #16571 feat: implement beego session provider by @chlins in #16546 Update webhook testcase xpath from disable to deactivate by @YangJiao0817 in #16579 Add python-dateutil module in api e2e image by @YangJiao0817 in #16588 Upgrade UI dependencies by @AllForNothing in #16586 Remove state restrictions for gc log button by @AllForNothing in #16585 migrations: correct project metadata public value by @chlins in #16597 fix: validate project metadata public value by @chlins in #16596 Delete unused files and functions by @stonezdj in #16599 fix: return BAD_REQUEST when validate project metadata by @chlins in #16605 Update usergroups API to support search by group_name by @stonezdj in #16580 Use list user groups API to search groups by @AllForNothing in #16610 Add main menu routing test case by @YangJiao0817 in #16622 Improve copy-artifact component by @AllForNothing in #16628 skip policy check on pull cosign signature by @wy65701436 in #16658 Improve user setting component by @AllForNothing in #16665 Add project tab routing test case by @YangJiao0817 in #16664 Clear some UI building warnings by @AllForNothing in #16684 Add retries to test cases by @YangJiao0817 in #16690 Add open more info page test case by @YangJiao0817 in #16708 fix: controller/blob: dropped test error by @alrs in #16608 fix: check the existence of the tag before updating pull time by @chlins in #16510 Add open cve details page test case by @YangJiao0817 in #16705 Add open image scanners documentation page test case by @YangJiao0817 in #16704 Add test case for Enable Deployment Security Policy replication by @YangJiao0817 in #16737 chore(deps): bump Trivy adapter from v0.26.0 to v0.28.0 by @danielpacak in #16729 feat: add cache layer for artifact by @chlins in #16593 CI: Replace stale.yaml with stale GH Actions by @OrlinVasilev in #16699 enable default to build bin by @wy65701436 in #16763 Add imgpkg copy test case by @YangJiao0817 in #16760 Update cosign test case by @YangJiao0817 in #16832 Use exec in registryctl so signals are passed properly by @mac-chaffee in #16642 fix deadcode lint & update golangci-lint.yaml by @MinerYang in #16896 Update header user xpath by @YangJiao0817 in #16917 Add Publish Release workflow by @YangJiao0817 in #16956 Add webhook functionality test case by @YangJiao0817 in #16944 Update Web Routing test case by @YangJiao0817 in #16981 Update CVE allowlist UI test case by @YangJiao0817 in #16980 Update GC UI Testcase by @YangJiao0817 in #16975 Update harbor-e2e-engine image by @YangJiao0817 in #17032 Add P2P Preheat Test case by @YangJiao0817 in #17089 Modify Build Package Workflow trigger condition by @YangJiao0817 in #17106 Update tag immutability xpath by @YangJiao0817 in #17149 Add retry to project quota GC test case by @YangJiao0817 in #17164 Update delete project test case by @YangJiao0817 in #17158 Harbor 2.6 at Container-Registry.com The 8gears container registry team is planning to upgrade our customer instances in the next few weeks to version 2.6.0 or 2.6.1.