Changelog

MSR 4.13.0 comprises the Harbor 2.13 upstream release. In addition, changes are included for the interceding upstream 2.11 and 2.12 releases, for which there was no MSR release.

Changes specific to MSR

  • [MSRH-162] LDAP Group Admin now supports nested groups in a search filter.

  • [MSRH-189] Docker Compose installation packages have been updated to reference msr instead of harbor.

  • [MSRH-194] The Helm chart has been updated to reference msr and Mirantis instead of harbor.

  • [MSRH-242] Mirantis now recommends the following operators for deploying PostgreSQL and Redis in high availability (HA) mode:

    • PostgreSQL: zalando/postgres-operator

    • Redis: OT-CONTAINER-KIT/redis-operator

Changes from upstream

The upstream pull requests detailed in the sections that follow are those that pertain to the MSR product. For the complete list of changes and pull requests upstream, refer to the:

What’s new
  • SBOM Generation and Management: Harbor supports generating Software Bill of Materials (SBOM) both manually and automatically. Users can view, download, and replicate SBOMs across multiple Harbor instances.

  • OCI Distribution Spec v1.1.0 Support: Harbor now fully supports OCI Distribution Spec v1.1.0.

  • VolcEngine Registry Integration: Users can replicate images to and from the VolcEngine registry, which enhances interoperability and flexibility.

  • Enhanced Robot Account Management: Improved robot account functionality in Harbor v2.12.0 strengthens access control and automates CI/CD processes.

  • Proxy Cache Speed Limit: Harbor now allows setting speed limits for proxy cache projects, which provides better bandwidth management.

  • Improved LDAP Onboarding: Enhanced LDAP onboarding in Harbor v2.12.0 accelerates user login and improves authentication performance.

  • ACR & ACR EE Registry Integration: Users can now replicate images to and from Azure Container Registry (ACR) and ACR Enterprise Edition.

  • Extended Audit Logging: Harbor now provides more granular audit logging, with detailed user action tracking, enhanced API logging, and improved query performance.

  • Enhanced OIDC Integration: Improved OpenID Connect (OIDC) support adds user session logout and Proof Key for Code Exchange (PKCE) functionality.

  • CloudNativeAI Integration: Harbor integrates with CloudNativeAI (CNAI), which enables seamless management, versioning, and retrieval of AI models.

  • Redis TLS Support: Secure Redis communication in Harbor with TLS, which protects data in transit between components.

  • Enhanced Dragonfly Preheating: Improved Dragonfly preheating supports new parameters, customizable scopes, and cluster ID targeting. This optimizes image distribution for large-scale deployments.

Deprecations
  • Remove robotV1 from code base (#20958) by @sgaist in #20991

Breaking changes
  • Update csrf key generation by @wy65701436 in #21154

  • Remove with_signature by @wy65701436 in #21420

Enhancements
  • Enable MAX_JOB_DURATION_SECONDS in the jobservice container by @stonezdj in #21232

  • Feat: extend the p2p preheat policy by @chlins in #21115

  • Fix: replication rule message in UI by @bupd in #21299

  • Feat: add execution_id and task_id to the replication webhook payload by @chlins in #21614

  • Support to audit logs by @xuelichao in #21377

  • Revamp Copy Pull Command by @bupd in #21155

  • Add PKCE support for OIDC authentication by @reasonerjt in #21702

  • Feat: Persistent Page Size UI by @bupd in #21627

  • Add list project artifacts API by @wy65701436 in #20803

  • Feature export Harbor statistics as Prometheus metric by @tpoxa in #18679

  • Refactor: p2p preheat dragonfly driver by @chlins in #20922

  • Make it possible to build the spectral image also on ARM by @Vad1mo in #20506

  • Enable MAX_JOB_DURATION_SECONDS in the jobservice container by @stonezdj in #21232

  • Feat: extend the p2p preheat policy by @chlins in #21115

  • Fix: replication rule message in UI by @bupd in #21299

  • Feat: add execution_id and task_id to the replication webhook payload by @chlins in #21614

  • Support to audit logs by @xuelichao in #21377

  • Revamp Copy Pull Command by @bupd in #21155

  • Add PKCE support for OIDC authentication by @reasonerjt in #21702

  • Feat: Persistent Page Size UI by @bupd in #21627